add use_antispam_mechanism_for_not_logged_users config option
This commit is contained in:
parent
7d1fb3c04e
commit
01c10bad0e
|
@ -341,6 +341,7 @@ void Config::AssignValues()
|
||||||
check_proxy_ip_header = Bool(L"check_proxy_ip_header", false);
|
check_proxy_ip_header = Bool(L"check_proxy_ip_header", false);
|
||||||
proxy_ip_header = Text(L"proxy_ip_header", L"X_Real_IP");
|
proxy_ip_header = Text(L"proxy_ip_header", L"X_Real_IP");
|
||||||
|
|
||||||
|
use_antispam_mechanism_for_not_logged_users = Bool(L"use_antispam_mechanism_for_not_logged_users", true);
|
||||||
antispam_list_max_size = Size(L"antispam_list_max_size", 10);
|
antispam_list_max_size = Size(L"antispam_list_max_size", 10);
|
||||||
add_header_cache_no_store_in_htmx_request = Bool(L"add_header_cache_no_store_in_htmx_request", true);
|
add_header_cache_no_store_in_htmx_request = Bool(L"add_header_cache_no_store_in_htmx_request", true);
|
||||||
}
|
}
|
||||||
|
|
|
@ -934,7 +934,12 @@ public:
|
||||||
// default: X_Real_IP
|
// default: X_Real_IP
|
||||||
std::wstring proxy_ip_header;
|
std::wstring proxy_ip_header;
|
||||||
|
|
||||||
// antispam mechanizm
|
// use an antismap mechanism for not logged users
|
||||||
|
// when they try to add a new item
|
||||||
|
// default: true
|
||||||
|
bool use_antispam_mechanism_for_not_logged_users;
|
||||||
|
|
||||||
|
// antispam mechanism
|
||||||
// size of an list for map: form_id to counter_id for anonymous users (each session has such an map)
|
// size of an list for map: form_id to counter_id for anonymous users (each session has such an map)
|
||||||
// this value allowes you to open the same or different html form in the browser more than once
|
// this value allowes you to open the same or different html form in the browser more than once
|
||||||
// and each form has its own form_id and counter_id
|
// and each form has its own form_id and counter_id
|
||||||
|
|
|
@ -499,19 +499,19 @@ void Functions::MakeFunction()
|
||||||
|
|
||||||
void Functions::CheckGetPostTimes(time_t difference)
|
void Functions::CheckGetPostTimes(time_t difference)
|
||||||
{
|
{
|
||||||
time_t now = std::time(0);
|
if( !cur->session->puser && config->use_antispam_mechanism_for_not_logged_users )
|
||||||
|
{
|
||||||
|
time_t now = std::time(0);
|
||||||
|
|
||||||
if( cur->session->puser )
|
if( cur->request->method != Request::post )
|
||||||
return;
|
return;
|
||||||
|
|
||||||
|
if( now - cur->session->last_time_get >= (time_t)difference )
|
||||||
|
return;
|
||||||
|
|
||||||
if( cur->request->method != Request::post )
|
cur->session->spam_score += 1;
|
||||||
return;
|
log << log1 << "Functions: spam +1: POST after GET sent too fast" << logend;
|
||||||
|
}
|
||||||
if( now - cur->session->last_time_get >= (time_t)difference )
|
|
||||||
return;
|
|
||||||
|
|
||||||
cur->session->spam_score += 1;
|
|
||||||
log << log1 << "Functions: spam +1: POST after GET sent too fast" << logend;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -519,7 +519,7 @@ void Functions::CheckGetPostTimes(time_t difference)
|
||||||
|
|
||||||
bool Functions::CheckAntispamCounter()
|
bool Functions::CheckAntispamCounter()
|
||||||
{
|
{
|
||||||
if( !cur->session->puser )
|
if( !cur->session->puser && config->use_antispam_mechanism_for_not_logged_users )
|
||||||
{
|
{
|
||||||
long form_id = Tol(cur->request->PostVar(L"winix_form_id"));
|
long form_id = Tol(cur->request->PostVar(L"winix_form_id"));
|
||||||
long counter_id = Tol(cur->request->PostVar(L"winix_form_counter"));
|
long counter_id = Tol(cur->request->PostVar(L"winix_form_counter"));
|
||||||
|
|
|
@ -193,19 +193,22 @@ void Upload::UploadFile(Item & item, const std::wstring & tmp_filename)
|
||||||
|
|
||||||
bool Upload::FunUploadCheckAbuse()
|
bool Upload::FunUploadCheckAbuse()
|
||||||
{
|
{
|
||||||
if( !system->rebus.CheckRebus() )
|
if( config->use_antispam_mechanism_for_not_logged_users )
|
||||||
{
|
{
|
||||||
cur->request->status = WINIX_ERR_INCORRECT_REBUS;
|
if( !system->rebus.CheckRebus() )
|
||||||
return false;
|
{
|
||||||
}
|
cur->request->status = WINIX_ERR_INCORRECT_REBUS;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
functions->CheckGetPostTimes(4);
|
functions->CheckGetPostTimes(4);
|
||||||
|
|
||||||
if( cur->session->spam_score > 0 )
|
if( cur->session->spam_score > 0 )
|
||||||
{
|
{
|
||||||
cur->request->status = WINIX_ERR_SPAM;
|
cur->request->status = WINIX_ERR_SPAM;
|
||||||
log << log1 << "Content: ignoring due to suspected spamming" << logend;
|
log << log1 << "Content: ignoring due to suspected spamming" << logend;
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
Loading…
Reference in New Issue