added: antispam mechanism

each html form has a hidden form_id and counter_id
counter_id on the client side is generated through javascript code
on the server the form_id and counter_id is stored in the session
after sending the html form the server checks the form_id and counter_id




git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1116 e52654a7-88a9-db11-a3e9-0013d4bc506e

winixd/templates/Makefile.dep

@@ -85,6 +85,94 @@ adduser.o: ../../../winix/winixd/core/sessionidmanager.h
 adduser.o: ../../../tito/src/base64.h ../../../tito/src/aes.h
 adduser.o: ../../../winix/winixd/core/htmlfilter.h
 adduser.o: ../../../winix/winixd/core/request.h
+antispam.o: templates.h ../../../ezc/src/ezc.h ../../../ezc/src/generator.h
+antispam.o: ../../../ezc/src/blocks.h ../../../ezc/src/item.h
+antispam.o: ../../../ezc/src/cache.h ../../../ezc/src/functions.h
+antispam.o: ../../../pikotools/utf8/utf8.h ../../../ezc/src/funinfo.h
+antispam.o: ../../../ezc/src/objects.h ../../../ezc/src/pattern.h
+antispam.o: ../../../ezc/src/outstreams.h ../../../ezc/src/patternparser.h
+antispam.o: misc.h localefilter.h locale.h
+antispam.o: ../../../pikotools/space/spaceparser.h
+antispam.o: ../../../pikotools/space/space.h
+antispam.o: ../../../pikotools/textstream/types.h
+antispam.o: ../../../pikotools/textstream/textstream.h
+antispam.o: ../../../pikotools/space/space.h ../../../pikotools/date/date.h
+antispam.o: ../../../pikotools/convert/convert.h
+antispam.o: ../../../pikotools/convert/inttostr.h
+antispam.o: ../../../pikotools/convert/strtoint.h
+antispam.o: ../../../pikotools/convert/text.h
+antispam.o: ../../../pikotools/membuffer/membuffer.h
+antispam.o: ../../../pikotools/textstream/types.h htmltextstream.h
+antispam.o: ../../../winix/winixd/core/textstream.h patterncacher.h
+antispam.o: ../../../winix/winixd/core/item.h indexpatterns.h patterns.h
+antispam.o: changepatterns.h ../../../winix/winixd/core/config.h
+antispam.o: ../../../winix/winixd/core/htmlfilter.h
+antispam.o: ../../../winix/winixd/core/cur.h
+antispam.o: ../../../winix/winixd/core/request.h
+antispam.o: ../../../winix/winixd/core/requesttypes.h
+antispam.o: ../../../winix/winixd/core/error.h
+antispam.o: ../../../winix/winixd/core/config.h
+antispam.o: ../../../winix/winixd/core/textstream.h
+antispam.o: ../../../winix/winixd/templates/htmltextstream.h
+antispam.o: ../../../pikotools/space/spacetojson.h
+antispam.o: ../../../winix/winixd/core/session.h
+antispam.o: ../../../winix/winixd/core/user.h
+antispam.o: ../../../winix/winixd/core/plugindata.h
+antispam.o: ../../../winix/winixd/core/rebus.h
+antispam.o: ../../../winix/winixd/core/ipban.h
+antispam.o: ../../../winix/winixd/core/mount.h
+antispam.o: ../../../winix/winixd/core/system.h
+antispam.o: ../../../winix/winixd/core/job.h
+antispam.o: ../../../winix/winixd/core/basethread.h
+antispam.o: ../../../winix/winixd/core/synchro.h
+antispam.o: ../../../winix/winixd/core/dirs.h
+antispam.o: ../../../winix/winixd/core/dircontainer.h
+antispam.o: ../../../winix/winixd/db/db.h ../../../winix/winixd/db/dbbase.h
+antispam.o: ../../../winix/winixd/db/dbconn.h
+antispam.o: ../../../winix/winixd/db/dbtextstream.h
+antispam.o: ../../../winix/winixd/core/error.h
+antispam.o: ../../../winix/winixd/db/dbitemquery.h
+antispam.o: ../../../winix/winixd/db/dbitemcolumns.h
+antispam.o: ../../../winix/winixd/core/user.h
+antispam.o: ../../../winix/winixd/core/group.h
+antispam.o: ../../../winix/winixd/core/dircontainer.h
+antispam.o: ../../../winix/winixd/core/ugcontainer.h
+antispam.o: ../../../winix/winixd/core/log.h
+antispam.o: ../../../winix/winixd/core/logmanipulators.h
+antispam.o: ../../../winix/winixd/core/slog.h
+antispam.o: ../../../winix/winixd/core/cur.h
+antispam.o: ../../../winix/winixd/templates/locale.h
+antispam.o: ../../../winix/winixd/notify/notify.h
+antispam.o: ../../../winix/winixd/notify/notifypool.h
+antispam.o: ../../../winix/winixd/templates/patterns.h
+antispam.o: ../../../winix/winixd/notify/notifythread.h
+antispam.o: ../../../winix/winixd/core/basethread.h
+antispam.o: ../../../winix/winixd/notify/templatesnotify.h
+antispam.o: ../../../winix/winixd/core/users.h
+antispam.o: ../../../winix/winixd/core/ugcontainer.h
+antispam.o: ../../../winix/winixd/core/lastcontainer.h
+antispam.o: ../../../winix/winixd/core/mounts.h
+antispam.o: ../../../winix/winixd/core/mountparser.h
+antispam.o: ../../../winix/winixd/core/crypt.h
+antispam.o: ../../../winix/winixd/core/run.h
+antispam.o: ../../../winix/winixd/core/users.h
+antispam.o: ../../../winix/winixd/core/groups.h
+antispam.o: ../../../winix/winixd/core/group.h
+antispam.o: ../../../winix/winixd/core/loadavg.h
+antispam.o: ../../../winix/winixd/core/image.h
+antispam.o: ../../../winix/winixd/core/threadmanager.h
+antispam.o: ../../../winix/winixd/core/timezones.h
+antispam.o: ../../../winix/winixd/core/timezone.h
+antispam.o: ../../../winix/winixd/core/sessionmanager.h
+antispam.o: ../../../winix/winixd/core/sessioncontainer.h
+antispam.o: ../../../winix/winixd/core/ipbancontainer.h
+antispam.o: ../../../winix/winixd/core/system.h
+antispam.o: ../../../winix/winixd/core/sessionidmanager.h
+antispam.o: ../../../tito/src/base64.h ../../../tito/src/aes.h
+antispam.o: ../../../winix/winixd/core/htmlfilter.h
+antispam.o: ../../../winix/winixd/core/request.h
+antispam.o: ../../../winix/winixd/core/misc.h
+antispam.o: ../../../winix/winixd/core/winix_const.h
 changepatterns.o: changepatterns.h patterns.h locale.h
 changepatterns.o: ../../../pikotools/space/spaceparser.h
 changepatterns.o: ../../../pikotools/space/space.h

winixd/templates/Makefile.o.dep

@@ -1 +1 @@
-o = adduser.o changepatterns.o config.o currentdate.o dir.o doc.o env.o filters.o generic.o htmltextstream.o indexpatterns.o insert.o ipban.o item.o last.o locale.o localefilter.o login.o ls.o man.o misc.o miscspace.o mount.o passwd.o patterncacher.o patterns.o priv.o rebus.o server.o slog.o stat.o sys.o template.o templates.o textextstream.o upload.o uptime.o user.o who.o winix.o 
+o = adduser.o antispam.o changepatterns.o config.o currentdate.o dir.o doc.o env.o filters.o generic.o htmltextstream.o indexpatterns.o insert.o ipban.o item.o last.o locale.o localefilter.o login.o ls.o man.o misc.o miscspace.o mount.o passwd.o patterncacher.o patterns.o priv.o rebus.o server.o slog.o stat.o sys.o template.o templates.o textextstream.o upload.o uptime.o user.o who.o winix.o 

winixd/templates/antispam.cpp

@@ -0,0 +1,125 @@
+/*
+ * This file is a part of Winix
+ * and is distributed under the 2-Clause BSD licence.
+ * Author: Tomasz Sowa <t.sowa@ttmath.org>
+ */
+
+/* 
+ * Copyright (c) 2018, Tomasz Sowa
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * 
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ * 
+ */
+ 
+#include "templates.h"
+#include "core/request.h"
+#include "core/misc.h"
+
+namespace Winix
+{
+namespace TemplatesFunctions
+{
+
+static const int ANTISPAM_OPERATOR_PLUS = 0;
+static const int ANTISPAM_OPERATOR_MINUS = 1;
+
+static int last_operator = 0;
+static size_t last_form_id;
+
+
+void antispam_create_new_form_id_for_this_session(Info & i)
+{
+	if( cur->session->id != 0 )
+	{
+		if( cur->session->antispan.size() > config->antispam_list_max_size )
+		{
+			log << log2 << "AS: antispam table exceeds size limit, clearing the whole list" << logend;
+			cur->session->antispan.clear();
+		}
+
+		last_form_id = cur->session->antispan.size();
+		i.out << last_form_id;
+		cur->session->antispan[last_form_id] = 0;
+	}
+}
+
+
+void antispam_loop(Info & i)
+{
+	if( i.res == 0 )
+	{
+		last_operator = 0;
+	}
+
+	i.res = i.iter < 10;
+}
+
+
+void antispam_loop_operator(Info & i)
+{
+	last_operator = rand() % 2;
+
+	switch( last_operator )
+	{
+		case ANTISPAM_OPERATOR_PLUS:
+			i.out << "+=";
+			break;
+
+		case ANTISPAM_OPERATOR_MINUS:
+			i.out << "-=";
+			break;
+	}
+}
+
+
+
+void antispam_counter(Info & i)
+{
+	if( !cur->session->antispan.empty() )
+	{
+		int val = rand() % 200;
+
+		switch( last_operator )
+		{
+			case ANTISPAM_OPERATOR_PLUS:
+				cur->session->antispan[last_form_id] += val;
+				break;
+
+			case ANTISPAM_OPERATOR_MINUS:
+				cur->session->antispan[last_form_id] -= val;
+				break;
+		}
+
+		i.out << val;
+	}
+}
+
+
+
+
+} // namespace TemplatesFunctions
+} // namespace Winix
+
+
+

winixd/templates/templates.cpp

@@ -208,6 +208,14 @@ void Templates::CreateFunctions()
 	ezc_functions.Insert("adduser_last_email", adduser_last_email);
 
 
+	/*
+		antispam
+	*/
+	ezc_functions.Insert("antispam_create_new_form_id_for_this_session", antispam_create_new_form_id_for_this_session);
+	ezc_functions.Insert("antispam_loop", 					antispam_loop);
+	ezc_functions.Insert("antispam_loop_operator", 			antispam_loop_operator);
+	ezc_functions.Insert("antispam_counter", 				antispam_counter);
+
 	/*
 		config
 	*/

winixd/templates/templates.h

@@ -100,6 +100,15 @@ namespace TemplatesFunctions
 	void adduser_last_email(Info & i);
 
 
+	/*
+		antispam
+	*/
+	void antispam_create_new_form_id_for_this_session(Info & i);
+	void antispam_loop(Info & i);
+	void antispam_loop_operator(Info & i);
+	void antispam_counter(Info & i);
+
+
 	/*
 		config
 	*/