* added: class HTMLFilter

files: htmlfilter.h htmlfilter.cpp
         this is an html filter used to make the html output looking better
         this is a very lightweight filter
         (without using any dynamic memory - some memory is allocated only at the beginning - in ctors)
         this filter has O(n) complexity over the whole html string
* added: antyspamming method
         if the POST request is sent too fast after the GET
         it is treated as a spam
         only for no logged users and only in 'emacs' and 'createthread' functions
       


git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@534 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
2009-12-09 00:42:40 +00:00
parent 9241fddb1e
commit 717eb526fb
32 changed files with 1356 additions and 198 deletions

View File

@@ -189,6 +189,10 @@ void Content::MakePost()
switch( request.pfunction->code )
{
case FUN_RUN:
PostFunRun();
break;
case FUN_EMACS:
PostFunEmacs();
break;
@@ -215,7 +219,6 @@ void Content::MakePost()
default:
log << log1 << "Content: unknown post function" << logend;
// !! moze daj tutaj tez access denied?
break;
}
}
@@ -235,20 +238,19 @@ void Content::Make()
{
if( DirsHaveReadExecPerm() )
{
if( request.method == Request::post )
MakePost();
if( !request.redirect_to.empty() )
return;
if( request.status == Error::ok )
if( request.redirect_to.empty() && request.status == Error::ok )
MakeStandardFunction();
}
else
request.status = Error::permision_denied;
}
if( request.session->spam_score > 0 )
log << log1 << "Content: spam score: " << request.session->spam_score << logend;
if( !request.redirect_to.empty() )
return;
@@ -375,6 +377,10 @@ bool Content::CheckRebus()
// logged user don't have to use the rebus
return true;
if( request.session->rebus_checked )
return true;
request.session->rebus_checked = true;
if( !request.session->rebus_item )
{
@@ -394,8 +400,10 @@ bool Content::CheckRebus()
}
log << log1 << "Content: rebus has an incorrect answer" << logend;
// don't add request.session->spam_score when the rebus has incorrect answer
// a user could have made a mistake
return false;
return false;
}
@@ -412,3 +420,26 @@ void Content::SetUser(Item & item)
request.PostVar("guestname", item.guest_name);
}
}
void Content::CheckGetPostTimes(time_t difference)
{
time_t now = std::time(0);
if( request.session->puser )
return;
if( request.method != Request::post )
return;
if( now - request.session->last_time_get >= (time_t)difference )
return;
if( request.AllPostVarEmpty() )
return;
request.session->spam_score += 1;
log << log1 << "Content: spam +1: POST after GET sent too fast" << logend;
}