spambot.module in Spambot 7
Same filename and directory in other branches
Main module file.
Anti-spam module that uses data from www.stopforumspam.com to protect the user registration form against known spammers and spambots.
File
spambot.moduleView source
<?php
/**
* @file
* Main module file.
*
* Anti-spam module that uses data from www.stopforumspam.com
* to protect the user registration form against known spammers and spambots.
*/
define('SPAMBOT_ACTION_NONE', 0);
define('SPAMBOT_ACTION_BLOCK', 1);
define('SPAMBOT_ACTION_DELETE', 2);
define('SPAMBOT_DEFAULT_CRITERIA_EMAIL', 1);
define('SPAMBOT_DEFAULT_CRITERIA_USERNAME', 0);
define('SPAMBOT_DEFAULT_CRITERIA_IP', 20);
define('SPAMBOT_DEFAULT_DELAY', 0);
define('SPAMBOT_DEFAULT_CRON_USER_LIMIT', 0);
define('SPAMBOT_DEFAULT_BLOCKED_MESSAGE', 'Your email address or username or IP address is blacklisted.');
define('SPAMBOT_MAX_EVIDENCE_LENGTH', 1024);
define('SPAMBOT_CONTENT_ACTION_UNPUBLISH', 'unpublish_content');
define('SPAMBOT_CONTENT_ACTION_DELETE', 'delete_content');
/**
* Implements hook_menu().
*/
function spambot_menu() {
$items['admin/config/system/spambot'] = array(
'title' => 'Spambot',
'description' => 'Configure the spambot module',
'page callback' => 'drupal_get_form',
'page arguments' => array(
'spambot_settings_form',
),
'access arguments' => array(
'administer site configuration',
),
'file' => 'spambot.admin.inc',
);
$items['user/%user/spambot'] = array(
'title' => 'Spam',
'page callback' => 'spambot_user_spam',
'page arguments' => array(
1,
),
'access arguments' => array(
'administer users',
),
'type' => MENU_LOCAL_TASK,
'file' => 'spambot.pages.inc',
);
return $items;
}
/**
* Implements hook_permission().
*/
function spambot_permission() {
return array(
'protected from spambot scans' => array(
'title' => t('Protected from spambot scans'),
'description' => t('Roles with this access permission would not be checked for spammer'),
),
);
}
/**
* Implements hook_admin_paths().
*/
function spambot_admin_paths() {
$paths = array(
'user/*/spambot' => TRUE,
);
return $paths;
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function spambot_form_user_register_form_alter(&$form, &$form_state) {
if (variable_get('spambot_user_register_protect', TRUE)) {
spambot_add_form_protection($form, array(
'mail' => 'mail',
'name' => 'name',
'ip' => TRUE,
));
}
}
/**
* Implements hook_form_FORM_ID_alter().
*/
function spambot_form_user_admin_account_alter(&$form, &$form_state, $form_id) {
foreach ($form['accounts']['#options'] as $uid => $user_options) {
// Change $form['accounts']['#options'][$uid]['operations']['data']
// into a multi-item render array so we can append to it.
$form['accounts']['#options'][$uid]['operations']['data'] = array(
'edit' => $form['accounts']['#options'][$uid]['operations']['data'],
);
$form['accounts']['#options'][$uid]['operations']['data']['spam'] = array(
'#type' => 'link',
'#title' => t('spam'),
'#href' => "user/{$uid}/spambot",
// Ugly hack to insert a space.
'#prefix' => ' ',
);
}
}
/**
* Implements hook_node_insert().
*/
function spambot_node_insert($node) {
db_insert('node_spambot')
->fields(array(
'nid' => $node->nid,
'uid' => $node->uid,
'hostname' => ip_address(),
))
->execute();
}
/**
* Implements hook_node_delete().
*/
function spambot_node_delete($node) {
db_delete('node_spambot')
->condition('nid', $node->nid)
->execute();
}
/**
* Implements hook_cron().
*/
function spambot_cron() {
if ($limit = variable_get('spambot_cron_user_limit', SPAMBOT_DEFAULT_CRON_USER_LIMIT)) {
$last_uid = variable_get('spambot_last_checked_uid', 0);
if ($last_uid < 1) {
// Skip scanning the anonymous and superadmin users.
$last_uid = 1;
}
$query = db_select('users')
->fields('users', array(
'uid',
))
->condition('uid', $last_uid, '>')
->orderBy('uid')
->range(0, $limit);
if (!variable_get('spambot_check_blocked_accounts', FALSE)) {
$query
->condition('status', 1);
}
$uids = $query
->execute()
->fetchCol();
if ($uids) {
$action = variable_get('spambot_spam_account_action', SPAMBOT_ACTION_NONE);
$action_nodes = variable_get('spambot_spam_account_nodes_action', SPAMBOT_ACTION_NONE);
$accounts = user_load_multiple($uids);
foreach ($accounts as $account) {
$result = spambot_account_is_spammer($account);
if ($result > 0) {
$link = l(t('spammer'), 'user/' . $account->uid);
switch (user_access('protected from spambot scans', $account) ? SPAMBOT_ACTION_NONE : $action) {
case SPAMBOT_ACTION_BLOCK:
if ($account->status) {
// Block spammer's account.
$account->status = 0;
user_save($account);
watchdog('spambot', 'Blocked spam account: @name <@email> (uid @uid)', array(
'@name' => $account->name,
'@email' => $account->mail,
'@uid' => $account->uid,
), WATCHDOG_NOTICE, $link);
}
else {
// Don't block an already blocked account.
watchdog('spambot', 'Spam account already blocked: @name <@email> (uid @uid)', array(
'@name' => $account->name,
'@email' => $account->mail,
'@uid' => $account->uid,
), WATCHDOG_NOTICE, $link);
}
break;
case SPAMBOT_ACTION_DELETE:
user_delete($account->uid);
watchdog('spambot', 'Deleted spam account: @name <@email> (uid @uid)', array(
'@name' => $account->name,
'@email' => $account->mail,
'@uid' => $account->uid,
), WATCHDOG_NOTICE);
break;
default:
watchdog('spambot', 'Found spam account: @name <@email> (uid @uid)', array(
'@name' => $account->name,
'@email' => $account->mail,
'@uid' => $account->uid,
), WATCHDOG_NOTICE, $link);
break;
}
spambot_delete_nodes_and_comments($account->uid, $action_nodes);
// Mark this uid as successfully checked.
variable_set('spambot_last_checked_uid', $account->uid);
}
elseif ($result == 0) {
// Mark this uid as successfully checked.
variable_set('spambot_last_checked_uid', $account->uid);
}
elseif ($result < 0) {
// Error contacting service, so pause processing.
break;
}
}
}
}
}
/**
* Implements hook_flush_caches().
*/
function spambot_flush_caches() {
return array(
'cache_spambot',
);
}
/**
* Validate callback for user_register form.
*/
function spambot_user_register_form_validate(&$form, &$form_state) {
$validation_field_names = $form['#spambot_validation'];
$values = $form_state['values'];
$form_errors = form_get_errors();
$email_threshold = variable_get('spambot_criteria_email', SPAMBOT_DEFAULT_CRITERIA_EMAIL);
$username_threshold = variable_get('spambot_criteria_username', SPAMBOT_DEFAULT_CRITERIA_USERNAME);
$ip_threshold = variable_get('spambot_criteria_ip', SPAMBOT_DEFAULT_CRITERIA_IP);
// Build request parameters according to the criteria to use.
$request = array();
if (!empty($values[$validation_field_names['mail']]) && $email_threshold > 0 && !spambot_check_whitelist('email', $values[$validation_field_names['mail']])) {
$request['email'] = $values[$validation_field_names['mail']];
}
if (!empty($values[$validation_field_names['name']]) && $username_threshold > 0 && !spambot_check_whitelist('username', $values[$validation_field_names['name']])) {
$request['username'] = $values[$validation_field_names['name']];
}
$ip = ip_address();
if ($ip_threshold > 0 && $ip != '127.0.0.1' && $validation_field_names['ip'] && !spambot_check_whitelist('ip', $ip)) {
// Make sure we have a valid IPv4 address (API doesn't support IPv6 yet).
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6) === FALSE) {
watchdog('spambot', 'Invalid IP address on registration: @ip. Spambot will not rely on it.', array(
'@ip' => $ip,
));
}
else {
$request['ip'] = $ip;
}
}
// Only do a remote API request if there is anything to check.
if ($request && !$form_errors) {
$data = array();
if (spambot_sfs_request($request, $data)) {
$substitutions = array(
'@email' => $values[$validation_field_names['mail']],
'%email' => $values[$validation_field_names['mail']],
'@username' => $values[$validation_field_names['name']],
'%username' => $values[$validation_field_names['name']],
'@ip' => $ip,
'%ip' => $ip,
);
$reasons = array();
if ($email_threshold > 0 && !empty($data['email']['appears']) && $data['email']['frequency'] >= $email_threshold) {
form_set_error('mail', format_string(variable_get('spambot_blocked_message_email', SPAMBOT_DEFAULT_BLOCKED_MESSAGE), $substitutions));
$reasons[] = t('email=@value', array(
'@value' => $request['email'],
));
}
if ($username_threshold > 0 && !empty($data['username']['appears']) && $data['username']['frequency'] >= $username_threshold) {
form_set_error('name', format_string(variable_get('spambot_blocked_message_username', SPAMBOT_DEFAULT_BLOCKED_MESSAGE), $substitutions));
$reasons[] = t('username=@value', array(
'@value' => $request['username'],
));
}
if ($ip_threshold > 0 && !empty($data['ip']['appears']) && $data['ip']['frequency'] >= $ip_threshold) {
form_set_error('', format_string(variable_get('spambot_blocked_message_ip', SPAMBOT_DEFAULT_BLOCKED_MESSAGE), $substitutions));
$reasons[] = t('ip=@value', array(
'@value' => $request['ip'],
));
}
if ($reasons) {
if (variable_get('spambot_log_blocked_registration', TRUE)) {
watchdog('spambot', 'Blocked registration: @reasons', array(
'@reasons' => implode(',', $reasons),
));
$hook_args = array(
'request' => $request,
'reasons' => $reasons,
);
module_invoke_all('spambot_registration_blocked', $hook_args);
}
// Slow them down if configured.
if ($delay = variable_get('spambot_blacklisted_delay', SPAMBOT_DEFAULT_DELAY)) {
sleep($delay);
}
}
}
}
}
/**
* Invoke www.stopforumspam.com's api.
*
* @param array $query
* A keyed array of url parameters ie. array('email' => 'blah@blah.com').
* @param array $data
* An array that will be filled with the data from www.stopforumspam.com.
*
* @return bool
* TRUE on successful request (and $data will contain the data)
* FALSE otherwise.
*/
function spambot_sfs_request(array $query, array &$data) {
// An empty request results in no match.
if (empty($query)) {
return FALSE;
}
// Attempt to return a response from the cache bins if cache is enabled.
$cache_enabled = variable_get('spambot_enable_cache', TRUE);
if ($cache_enabled) {
if (isset($query['email'])) {
$query['email'] = is_array($query['email']) ? $query['email'] : array(
$query['email'],
);
foreach ($query['email'] as $query_email) {
$cache_email = cache_get("email:{$query_email}", 'cache_spambot');
if ($cache_email !== FALSE) {
$data['email'] = $cache_email->data;
unset($query_email);
}
}
}
if (isset($query['username'])) {
$cache_username = cache_get("username:{$query['username']}", 'cache_spambot');
if ($cache_username !== FALSE) {
$data['username'] = $cache_username->data;
unset($query['username']);
}
}
if (isset($query['ip'])) {
$cache_ip = cache_get("ip:{$query['ip']}", 'cache_spambot');
if ($cache_ip !== FALSE) {
$data['ip'] = $cache_ip->data;
unset($query['ip']);
}
}
// Serve only a cached response if one exists.
if (!empty($data)) {
$data['success'] = TRUE;
return TRUE;
}
}
// Use php serialisation format.
$query['f'] = 'serial';
$url = 'http://www.stopforumspam.com/api?' . http_build_query($query, '', '&');
$result = drupal_http_request($url);
if (!empty($result->code) && $result->code == 200 && empty($result->error) && !empty($result->data)) {
$data = unserialize($result->data);
// Store responses to the cache for fast lookups.
if ($cache_enabled) {
$expire = variable_get('spambot_cache_expire', CACHE_PERMANENT);
$expire = $expire != CACHE_PERMANENT ? time() + $expire : CACHE_PERMANENT;
$expire_false = variable_get('spambot_cache_expire_false', 300);
$expire_false = $expire_false != CACHE_PERMANENT ? time() + $expire_false : CACHE_PERMANENT;
if (!empty($data['email'])) {
foreach ($data['email'] as $data_email) {
$expire_email = $data_email['appears'] ? $expire : $expire_false;
cache_set("email:{$data_email['value']}", $data_email, 'cache_spambot', $expire_email);
}
}
if (!empty($data['username'])) {
foreach ($data['username'] as $data_username) {
$expire_username = $data_username['appears'] ? $expire : $expire_false;
cache_set("username:{$query['username']}", $data_username, 'cache_spambot', $expire_username);
}
}
if (!empty($data['ip'])) {
$expire_ip = $data['ip']['appears'] ? $expire : $expire_false;
cache_set("ip:{$query['ip']}", $data['ip'], 'cache_spambot', $expire_ip);
}
}
if (!empty($data['success'])) {
return TRUE;
}
else {
watchdog('spambot', "Request unsuccessful: %url <pre>\n@dump</pre>", array(
'%url' => $url,
'@dump' => print_r($data, TRUE),
));
}
}
else {
watchdog('spambot', "Error contacting service: %url <pre>\n@dump</pre>", array(
'%url' => $url,
'@dump' => print_r($result, TRUE),
));
}
return FALSE;
}
/**
* Checks an account to see if it's a spammer.
*
* This one uses configurable automated criteria checking
* of email and username only.
*
* @param object $account
* User account.
*
* @return int
* Positive if spammer, 0 if not spammer, negative if error.
*/
function spambot_account_is_spammer($account) {
$email_threshold = variable_get('spambot_criteria_email', SPAMBOT_DEFAULT_CRITERIA_EMAIL);
$username_threshold = variable_get('spambot_criteria_username', SPAMBOT_DEFAULT_CRITERIA_USERNAME);
$ip_threshold = variable_get('spambot_criteria_ip', SPAMBOT_DEFAULT_CRITERIA_IP);
// Build request parameters according to the criteria to use.
$request = array();
if ($email_threshold > 0) {
foreach (array(
'init',
'mail',
) as $_email_property) {
if (!empty($account->{$_email_property}) && !spambot_check_whitelist('email', $account->{$_email_property})) {
$request['email'][] = $account->{$_email_property};
}
}
}
if (!empty($account->name) && $username_threshold > 0 && !spambot_check_whitelist('username', $account->name)) {
$request['username'] = $account->name;
}
// Only do a remote API request if there is anything to check.
if ($request) {
$data = array();
if (spambot_sfs_request($request, $data)) {
$email_condition = FALSE;
if ($email_threshold > 0) {
foreach ($data['email'] as $_email) {
if (!empty($_email['appears']) && $_email['frequency'] >= $email_threshold) {
$email_condition = TRUE;
break;
}
}
}
$username_condition = $username_threshold > 0 && !empty($data['username']['appears']) && $data['username']['frequency'] >= $username_threshold;
if ($email_condition || $username_condition) {
return 1;
}
}
else {
// Return error.
return -1;
}
}
// Now check IP's
// If any IP matches the threshold, then flag as a spammer.
if ($ip_threshold > 0) {
$ips = spambot_account_ip_addresses($account);
foreach ($ips as $ip) {
// Skip the loopback interface.
if ($ip == '127.0.0.1') {
continue;
}
elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6) === FALSE) {
$link = l(t('user'), 'user/' . $account->uid);
watchdog('spambot', 'Invalid IP address: %ip (uid=%uid, name=%name, email=%email). Spambot will not rely on it.', array(
'%ip' => $ip,
'%name' => $account->name,
'%email' => $account->mail,
'%uid' => $account->uid,
), WATCHDOG_NOTICE, $link);
continue;
}
$request = array(
'ip' => $ip,
);
$data = array();
if (spambot_sfs_request($request, $data)) {
if (!empty($data['ip']['appears']) && $data['ip']['frequency'] >= $ip_threshold) {
return 1;
}
}
else {
// Abort on error.
return -1;
}
}
}
// Return no match.
return 0;
}
/**
* Retrieves a list of IP addresses for an account.
*
* @param object $account
* Account to retrieve IP addresses for.
*
* @return array
* An array of IP addresses, or an empty array if none found
*/
function spambot_account_ip_addresses($account) {
$hostnames = array();
// Retrieve IPs from node_spambot table.
$items = db_select('node_spambot')
->distinct()
->fields('node_spambot', array(
'hostname',
))
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$hostnames = array_merge($hostnames, $items);
// Retrieve IPs from any sessions which may still exist.
$items = db_select('sessions')
->distinct()
->fields('sessions', array(
'hostname',
))
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$hostnames = array_merge($hostnames, $items);
// Retrieve IPs from comments.
if (module_exists('comment')) {
$items = db_select('comment')
->distinct()
->fields('comment', array(
'hostname',
))
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$hostnames = array_merge($hostnames, $items);
}
// Retrieve IPs from statistics.
if (module_exists('statistics')) {
$items = db_select('accesslog')
->distinct()
->fields('accesslog', array(
'hostname',
))
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$hostnames = array_merge($hostnames, $items);
}
// Retrieve IPs from user stats.
if (module_exists('user_stats')) {
$items = db_select('user_stats_ips')
->distinct()
->fields('user_stats_ips', array(
'ip_address',
))
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$hostnames = array_merge($hostnames, $items);
}
// Retrieve IPs from IP address manager.
if (module_exists('ip')) {
$items = db_select('ip_tracker')
->distinct()
->fields('ip_tracker', [
'ip',
])
->condition('uid', $account->uid, '=')
->execute()
->fetchCol();
$rows = array();
foreach ($items as $row) {
if (isset($row->ip)) {
$row->ip = long2ip($row->ip);
$rows[] = $row;
}
}
$hostnames = array_merge($hostnames, $rows);
}
$hostnames = array_unique($hostnames);
return $hostnames;
}
/**
* Reports an account as a spammer.
*
* Requires ip address and evidence of a single incident.
*
* @param object $account
* Account to report.
* @param string $ip
* IP address to report.
* @param string $evidence
* Evidence to report.
*
* @return bool
* TRUE if successful, FALSE if error
*/
function spambot_report_account($account, $ip, $evidence) {
$success = FALSE;
if ($key = variable_get('spambot_sfs_api_key', FALSE)) {
$query['api_key'] = $key;
$query['email'] = $account->mail;
$query['username'] = $account->name;
$query['ip_addr'] = $ip;
$query['evidence'] = truncate_utf8($evidence, SPAMBOT_MAX_EVIDENCE_LENGTH);
$url = 'http://www.stopforumspam.com/add.php';
$options = array(
'headers' => array(
'Content-type' => 'application/x-www-form-urlencoded',
),
'method' => 'POST',
'data' => http_build_query($query, '', '&'),
);
$result = drupal_http_request($url, $options);
if (!empty($result->code) && $result->code == 200 && !empty($result->data) && stripos($result->data, 'data submitted successfully') !== FALSE) {
$success = TRUE;
}
elseif (stripos($result->data, 'duplicate') !== FALSE) {
// www.stopforumspam.com can return a 503 code
// with data = '<p>recent duplicate entry</p>'
// which we will treat as successful.
$success = TRUE;
}
else {
watchdog('spambot', "Error reporting account: %url <pre>\n@dump</pre>", array(
'%url' => $url,
'@dump' => print_r($result, TRUE),
));
}
}
return $success;
}
/**
* Check if current data $type is whitelisted.
*
* @param string $type
* Type can be one of these three values: 'ip', 'email' or 'username'.
* @param string $value
* Value to be checked.
*
* @return bool
* TRUE if data is whitelisted, FALSE otherwise.
*/
function spambot_check_whitelist($type, $value) {
switch ($type) {
case 'ip':
$whitelist_ips = variable_get('spambot_whitelist_ip', '');
$result = strpos($whitelist_ips, $value) !== FALSE;
break;
case 'email':
$whitelist_usernames = variable_get('spambot_whitelist_email', '');
$result = strpos($whitelist_usernames, $value) !== FALSE;
break;
case 'username':
$whitelist_emails = variable_get('spambot_whitelist_username', '');
$result = strpos($whitelist_emails, $value) !== FALSE;
break;
default:
$result = FALSE;
break;
}
return $result;
}
/**
* Form builder function to add spambot validations.
*
* @param array $form
* Form array on which will be added spambot validation.
* @param array $options
* Array of options to be added to form.
*/
function spambot_add_form_protection(array &$form, array $options = array()) {
// Don't add any protections if the user can bypass the Spambot.
if (!user_access('protected from spambot scans')) {
// Allow other modules to alter the protections applied to this form.
drupal_alter('spambot_form_protections', $options, $form);
$form['#spambot_validation']['name'] = !empty($options['name']) ? $options['name'] : '';
$form['#spambot_validation']['mail'] = !empty($options['mail']) ? $options['mail'] : '';
$form['#spambot_validation']['ip'] = isset($options['ip']) && is_bool($options['ip']) ? $options['ip'] : TRUE;
$form['#validate'][] = 'spambot_user_register_form_validate';
}
}
/**
* Delete nodes and comments for user accounts which are found to be spammers.
*
* @param int $uid
* User account ID.
* @param string $action
* Action to take with nodes and comments: 'unpublish_content', 'delete_content'.
*/
function spambot_delete_nodes_and_comments($uid, $action) {
if ($action) {
$comments_enabled = module_exists('comment');
// Prepare some data.
$nodes = db_select('node')
->fields('node', array(
'nid',
))
->condition('uid', $uid, '=')
->orderBy('nid')
->execute()
->fetchCol();
$comments = array();
if ($comments_enabled) {
$comments = db_select('comment')
->fields('comment', array(
'cid',
))
->condition('uid', $uid, '=')
->orderBy('cid')
->execute()
->fetchCol();
}
switch ($action) {
case 'unpublish_content':
// Unpublish nodes and content.
if ($nodes) {
module_load_include('inc', 'node', 'node.admin');
node_mass_update($nodes, array(
'status' => 0,
));
}
if ($comments) {
db_update('comment')
->fields(array(
'status' => COMMENT_NOT_PUBLISHED,
))
->condition('uid', $uid)
->execute();
}
drupal_set_message(t('Nodes and comments have been unpublished.'));
break;
case 'delete_content':
// Delete nodes and content.
node_delete_multiple($nodes);
if ($comments) {
comment_delete_multiple($comments);
}
drupal_set_message(t('Nodes and comments have been deleted.'));
break;
}
}
}