class SFW in Anti Spam by CleanTalk 8.4
Same name and namespace in other branches
- 9.1.x src/lib/Cleantalk/Common/Firewall/Modules/SFW.php \Cleantalk\Common\Firewall\Modules\SFW
Hierarchy
- class \Cleantalk\Common\Firewall\FirewallModule
- class \Cleantalk\Common\Firewall\Modules\SFW
Expanded class hierarchy of SFW
2 files declare their use of SFW
- BootSubscriber.php in src/
EventSubscriber/ BootSubscriber.php - CleantalkFuncs.php in src/
CleantalkFuncs.php
File
- src/
lib/ Cleantalk/ Common/ Firewall/ Modules/ SFW.php, line 10
Namespace
Cleantalk\Common\Firewall\ModulesView source
class SFW extends FirewallModule {
public $module_name = 'SFW';
// Additional params
private $sfw_counter = false;
private $set_cookies = false;
private $cookie_domain = false;
/**
* FireWall_module constructor.
* Use this method to prepare any data for the module working.
*
* @param string $data_table
* @param array $params
*/
public function __construct($data_table, $params = array()) {
$this->db_data_table_name = $data_table ?: null;
foreach ($params as $param_name => $param) {
$this->{$param_name} = isset($this->{$param_name}) ? $param : false;
}
}
/**
* Use this method to execute main logic of the module.
*
* @return array Array of the check results
*/
public function check() {
$results = array();
$status = 0;
// Skip by cookie
foreach ($this->ip_array as $current_ip) {
if (substr(CleantalkFuncs::apbct_getcookie('ct_sfw_pass_key'), 0, 32) == md5($current_ip . $this->api_key)) {
if (CleantalkFuncs::apbct_getcookie('ct_sfw_passed')) {
if (!headers_sent()) {
CleantalkFuncs::apbct_setcookie('ct_sfw_passed', '0');
}
else {
$results[] = array(
'ip' => $current_ip,
'is_personal' => false,
'status' => 'PASS_SFW__BY_COOKIE',
);
}
// Do logging an one passed request
$this
->update_log($current_ip, 'PASS_SFW');
if ($this->sfw_counter) {
// @ToDo have to implement the logic of incrementing and saving count of all handled requests.
}
}
if (strlen(CleantalkFuncs::apbct_getcookie('ct_sfw_pass_key')) > 32) {
$status = substr(CleantalkFuncs::apbct_getcookie('ct_sfw_pass_key'), -1);
}
if ($status) {
$results[] = array(
'ip' => $current_ip,
'is_personal' => false,
'status' => 'PASS_SFW__BY_WHITELIST',
);
}
return $results;
}
}
// Common check
foreach ($this->ip_array as $origin => $current_ip) {
$result_entry = array(
'ip' => $current_ip,
);
$current_ip_v4 = sprintf("%u", ip2long($current_ip));
for ($needles = array(), $m = 6; $m <= 32; $m++) {
$mask = str_repeat('1', $m);
$mask = str_pad($mask, 32, '0');
$needles[] = sprintf("%u", bindec($mask & base_convert($current_ip_v4, 10, 2)));
}
$needles = array_unique($needles);
$db_results = $this->db
->fetch_all("SELECT\n\t\t\t\tnetwork, mask, status, source\n\t\t\t\tFROM " . $this->db_data_table_name . "\n\t\t\t\tWHERE network IN (" . implode(',', $needles) . ")\n\t\t\t\tAND\tnetwork = " . $current_ip_v4 . " & mask\n\t\t\t\tAND " . rand(1, 100000) . " <> 0\n\t\t\t\tORDER BY status DESC");
if (!empty($db_results)) {
foreach ($db_results as $db_result) {
$result_entry['network'] = Helper::ip__long2ip($db_result['network']) . '/' . Helper::ip__mask__long_to_number($db_result['mask']);
$result_entry['is_personal'] = $db_result['source'];
if ((int) $db_result['status'] === 1) {
$result_entry['status'] = 'PASS_SFW__BY_WHITELIST';
break;
}
if ((int) $db_result['status'] === 0) {
$result_entry['status'] = 'DENY_SFW';
}
}
}
else {
$result_entry['is_personal'] = null;
$result_entry['status'] = 'PASS_SFW';
}
$results[] = $result_entry;
}
return $results;
}
/**
* Add entry to SFW log.
* Writes to database.
*
* @param string $ip
* @param string $status
* @param string $network
* @param string $source
*/
public function update_log($ip, $status, $network = null, $source = null) {
$id = md5($ip . $this->module_name);
$time = time();
if (!$source) {
$source = 'NULL';
}
if (!$network) {
$network = 'NULL';
}
$query = "INSERT INTO `{$this->db_log_table_name}`\n\t\tSET\n\t\t\t`id` = '{$id}',\n\t\t\t`ip` = '{$ip}',\n\t\t\t`status` = '{$status}',\n\t\t\t`all_entries` = 1,\n\t\t\t`blocked_entries` = " . (strpos($status, 'DENY') !== false ? 1 : 0) . ",\n\t\t\t`entries_timestamp` = '{$time}',\n\t\t\t`ua_name` = '" . Server::get('HTTP_USER_AGENT') . "',\n\t\t\t`source` = {$source},\n\t\t\t`network` = '{$network}',\n `first_url` = '" . substr(Server::get('HTTP_HOST') . Server::get('REQUEST_URI'), 0, 100) . "',\n `last_url` = '" . substr(Server::get('HTTP_HOST') . Server::get('REQUEST_URI'), 0, 100) . "'\n\t\tON DUPLICATE KEY\n\t\tUPDATE\n\t\t\t`status` = '{$status}',\n\t\t\t`source` = {$source},\n\t\t\t`all_entries` = `all_entries` + 1,\n\t\t\t`blocked_entries` = `blocked_entries`" . (strpos($status, 'DENY') !== false ? ' + 1' : '') . ",\n\t\t\t`entries_timestamp` = '{$time}',\n\t\t\t`ua_name` = '" . Server::get('HTTP_USER_AGENT') . "',\n\t\t\t`network` = '{$network}',\n `last_url` = '" . substr(Server::get('HTTP_HOST') . Server::get('REQUEST_URI'), 0, 100) . "'";
$this->db
->execute(str_replace(';', '', $query));
}
/**
* @inheritdoc
*/
public function actionsForDenied($result) {
if ($this->sfw_counter) {
// @ToDo have to implement the logic of incrementing and saving count of blocked requests.
}
}
/**
* @inheritdoc
*/
public function actionsForPassed($result) {
if ($this->set_cookies && !headers_sent()) {
$status = $result['status'] === 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
$cookie_val = md5($result['ip'] . $this->api_key) . $status;
CleantalkFuncs::apbct_setcookie('ct_sfw_pass_key', $cookie_val);
}
}
/**
* @inheritdoc
*/
public function _die($result) {
parent::_die($result);
// Statistics
if (!empty($this->blocked_ips)) {
reset($this->blocked_ips);
// @ToDo have to implement the logic of saving last_sfw_block info.
/*
$this->apbct->stats['last_sfw_block']['time'] = time();
$this->apbct->stats['last_sfw_block']['ip'] = $result['ip'];
$this->apbct->save('stats');
*/
}
// File exists?
if (file_exists(__DIR__ . "/die_page_sfw.html")) {
$sfw_die_page = file_get_contents(__DIR__ . "/die_page_sfw.html");
$net_count = $this->db
->fetch('SELECT COUNT(*) as net_count FROM ' . $this->db_data_table_name)['net_count'];
$status = $result['status'] === 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
$cookie_val = md5($result['ip'] . $this->api_key) . $status;
// Translation
$replaces = array(
'{SFW_DIE_NOTICE_IP}' => $this
->__('SpamFireWall is activated for your IP ', 'cleantalk-spam-protect'),
'{SFW_DIE_MAKE_SURE_JS_ENABLED}' => $this
->__('To continue working with the web site, please make sure that you have enabled JavaScript.', 'cleantalk-spam-protect'),
'{SFW_DIE_CLICK_TO_PASS}' => $this
->__('Please click the link below to pass the protection,', 'cleantalk-spam-protect'),
'{SFW_DIE_YOU_WILL_BE_REDIRECTED}' => sprintf($this
->__('Or you will be automatically redirected to the requested page after %d seconds.', 'cleantalk-spam-protect'), 3),
'{CLEANTALK_TITLE}' => $this->test ? $this
->__('This is the testing page for SpamFireWall', 'cleantalk-spam-protect') : '',
'{REMOTE_ADDRESS}' => $result['ip'],
'{SERVICE_ID}' => $net_count,
'{HOST}' => '',
'{GENERATED}' => '<p>The page was generated at ' . date('D, d M Y H:i:s') . "</p>",
'{REQUEST_URI}' => Server::get('REQUEST_URI'),
'{USE_ALT_COOKIES}' => \Drupal::config('cleantalk.settings')
->get('cleantalk_alternative_cookies_session') ? 1 : 0,
// Cookie
'{COOKIE_PREFIX}' => '',
'{COOKIE_DOMAIN}' => $this->cookie_domain,
'{COOKIE_SFW}' => $this->test ? $this->test_ip : $cookie_val,
// Test
'{TEST_TITLE}' => '',
'{REAL_IP__HEADER}' => '',
'{TEST_IP__HEADER}' => '',
'{TEST_IP}' => '',
'{REAL_IP}' => '',
);
// Test
if ($this->test) {
$replaces['{TEST_TITLE}'] = $this
->__('This is the testing page for SpamFireWall', 'cleantalk-spam-protect');
$replaces['{REAL_IP__HEADER}'] = 'Real IP:';
$replaces['{TEST_IP__HEADER}'] = 'Test IP:';
$replaces['{TEST_IP}'] = $this->test_ip;
$replaces['{REAL_IP}'] = $this->real_ip;
}
// Debug
if ($this->debug) {
$debug = '<h1>Headers</h1>' . var_export(apache_request_headers(), true) . '<h1>REMOTE_ADDR</h1>' . Server::get('REMOTE_ADDR') . '<h1>SERVER_ADDR</h1>' . Server::get('REMOTE_ADDR') . '<h1>IP_ARRAY</h1>' . var_export($this->ip_array, true) . '<h1>ADDITIONAL</h1>' . var_export($this->debug_data, true);
}
$replaces['{DEBUG}'] = isset($debug) ? $debug : '';
foreach ($replaces as $place_holder => $replace) {
$sfw_die_page = str_replace($place_holder, $replace, $sfw_die_page);
}
die($sfw_die_page);
}
die("IP BLACKLISTED. Blocked by SFW " . $result['ip']);
}
}
Members
Name![]() |
Modifiers | Type | Description | Overrides |
---|---|---|---|---|
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | ||
FirewallModule:: |
protected | property | * | |
FirewallModule:: |
protected | property | * | |
FirewallModule:: |
protected | property | * | |
FirewallModule:: |
public | function | Configure and set additional properties: real_ip, test_ip, test | |
FirewallModule:: |
public | function | Set API KEY | |
FirewallModule:: |
public | function | Set specify CMS based DB instance | |
FirewallModule:: |
public | function | Set specify CMS based Helper instance | |
FirewallModule:: |
public | function | Set visitor's IP | |
FirewallModule:: |
public | function | Set is debug property. | |
FirewallModule:: |
public | function | Set Log Table name | |
FirewallModule:: |
public | function | This is a placeholder for WP translation function. For compatibility with any CMS. | |
SFW:: |
private | property | ||
SFW:: |
public | property |
Overrides FirewallModule:: |
|
SFW:: |
private | property | ||
SFW:: |
private | property | ||
SFW:: |
public | function |
@inheritdoc Overrides FirewallModule:: |
|
SFW:: |
public | function |
@inheritdoc Overrides FirewallModule:: |
|
SFW:: |
public | function |
* Use this method to execute main logic of the module.
*
* Overrides FirewallModule:: |
|
SFW:: |
public | function | * Add entry to SFW log. * Writes to database. * * | |
SFW:: |
public | function |
@inheritdoc Overrides FirewallModule:: |
|
SFW:: |
public | function |
FireWall_module constructor.
Use this method to prepare any data for the module working. Overrides FirewallModule:: |