* added: class HTMLFilter
files: htmlfilter.h htmlfilter.cpp this is an html filter used to make the html output looking better this is a very lightweight filter (without using any dynamic memory - some memory is allocated only at the beginning - in ctors) this filter has O(n) complexity over the whole html string * added: antyspamming method if the POST request is sent too fast after the GET it is treated as a spam only for no logged users and only in 'emacs' and 'createthread' functions git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@534 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
@@ -189,6 +189,10 @@ void Content::MakePost()
|
||||
|
||||
switch( request.pfunction->code )
|
||||
{
|
||||
case FUN_RUN:
|
||||
PostFunRun();
|
||||
break;
|
||||
|
||||
case FUN_EMACS:
|
||||
PostFunEmacs();
|
||||
break;
|
||||
@@ -215,7 +219,6 @@ void Content::MakePost()
|
||||
|
||||
default:
|
||||
log << log1 << "Content: unknown post function" << logend;
|
||||
// !! moze daj tutaj tez access denied?
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -235,20 +238,19 @@ void Content::Make()
|
||||
{
|
||||
if( DirsHaveReadExecPerm() )
|
||||
{
|
||||
|
||||
if( request.method == Request::post )
|
||||
MakePost();
|
||||
|
||||
if( !request.redirect_to.empty() )
|
||||
return;
|
||||
|
||||
if( request.status == Error::ok )
|
||||
if( request.redirect_to.empty() && request.status == Error::ok )
|
||||
MakeStandardFunction();
|
||||
}
|
||||
else
|
||||
request.status = Error::permision_denied;
|
||||
}
|
||||
|
||||
if( request.session->spam_score > 0 )
|
||||
log << log1 << "Content: spam score: " << request.session->spam_score << logend;
|
||||
|
||||
if( !request.redirect_to.empty() )
|
||||
return;
|
||||
|
||||
@@ -375,6 +377,10 @@ bool Content::CheckRebus()
|
||||
// logged user don't have to use the rebus
|
||||
return true;
|
||||
|
||||
if( request.session->rebus_checked )
|
||||
return true;
|
||||
|
||||
request.session->rebus_checked = true;
|
||||
|
||||
if( !request.session->rebus_item )
|
||||
{
|
||||
@@ -394,8 +400,10 @@ bool Content::CheckRebus()
|
||||
}
|
||||
|
||||
log << log1 << "Content: rebus has an incorrect answer" << logend;
|
||||
// don't add request.session->spam_score when the rebus has incorrect answer
|
||||
// a user could have made a mistake
|
||||
|
||||
return false;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -412,3 +420,26 @@ void Content::SetUser(Item & item)
|
||||
request.PostVar("guestname", item.guest_name);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
void Content::CheckGetPostTimes(time_t difference)
|
||||
{
|
||||
time_t now = std::time(0);
|
||||
|
||||
if( request.session->puser )
|
||||
return;
|
||||
|
||||
if( request.method != Request::post )
|
||||
return;
|
||||
|
||||
if( now - request.session->last_time_get >= (time_t)difference )
|
||||
return;
|
||||
|
||||
if( request.AllPostVarEmpty() )
|
||||
return;
|
||||
|
||||
request.session->spam_score += 1;
|
||||
log << log1 << "Content: spam +1: POST after GET sent too fast" << logend;
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user