NoSpam 0.1 patch

Index: include/spam.php
===================================================================
--- include/spam.php    (revision 0)
+++ include/spam.php    (revision 0)
 -0,0 +1,113 @@
+<?php
+
+define('NOSPAM_VERSION', '0.1');
+
+// Load the spam.php language file
+if (file_exists(PUN_ROOT.'lang/'.$pun_user['language'].'/spam.php'))
+   require PUN_ROOT.'lang/'.$pun_user['language'].'/spam.php';
+else
+   require PUN_ROOT.'lang/English/spam.php';
+
+//
+// Check if a given comment is spam or not
+//
+function spam_check($ip, $username, $email, $message = null)
+{
+   global $pun_config;
+
+   if (!array_key_exists('o_enable_nospam', $pun_config) || $pun_config['o_enable_nospam'] == '0')
+       return false;
+
+   return spam_check_dnsbls($ip) || ($pun_config['o_akismet_key'] != '' && spam_check_akismet($ip, $username, $email, $message));
+}
+
+//
+// Check entry against various DNSBLS
+//
+function spam_check_dnsbls($ip)
+{
+   $dnsbls = array('opm.tornevall.org', 'dnsbl-2.uceprotect.net');
+
+   $rip = implode('.', array_reverse(explode('.', $ip)));
+   foreach ($dnsbls as $dnsbl)
+   {
+       $host = $rip.'.'.$dnsbl;
+       if (gethostbyname($host) != $host)
+           return true;
+   }
+
+   return false;
+}
+
+//
+// Check entry against Akismet
+//
+function spam_check_akismet($ip, $username, $email, $message)
+{
+   global $pun_config;
+
+   $params = array(
+       'blog='.urlencode($pun_config['o_base_url']),
+       'user_ip='.$ip,
+       'comment_author='.urlencode($username),
+   );
+
+   if ($email != '')
+       $params[] = 'comment_author_email='.urlencode($email);
+
+   if ($message !== null)
+       $params[] = 'comment_content='.urlencode($message);
+
+   if (array_key_exists('HTTP_USER_AGENT', $_SERVER))
+       $params[] = 'user_agent='.urlencode($_SERVER['HTTP_USER_AGENT']);
+
+   if (array_key_exists('HTTP_REFERER', $_SERVER))
+       $params[] = 'referrer='.urlencode($_SERVER['HTTP_REFERER']);
+
+   $result = post_akismet('http://'.$pun_config['o_akismet_key'].'.rest.akismet.com/1.1/comment-check', implode('&', $params));
+   if ($result === false)
+       return false;
+
+   return $result == 'true';
+}
+
+//
+// Checks if the given akismet key is valid
+//
+function check_akismet_key($key)
+{
+   global $pun_config;
+
+   $params = array(
+       'blog='.urlencode($pun_config['o_base_url']),
+       'key='.$key,
+   );
+
+   $result = post_akismet('http://rest.akismet.com/1.1/verify-key', implode('&', $params));
+   if ($result === false)
+       return false;
+
+   return $result == 'valid';
+}
+
+//
+// Sent a request to akismet
+//
+function post_akismet($url, $request)
+{
+   global $pun_config;
+
+   $context = stream_context_create(array(
+       'http'  =>  array(
+           'method'    =>  'POST',
+           'header'    =>  'User-Agent: FluxBB/'.$pun_config['o_board_version'].' | NoSpam/'.NOSPAM_VERSION."\r\n",
+           'content'   =>  $request,
+       )
+   ));
+
+   $result = @file_get_contents($url, FILE_TEXT, $context);
+   if ($result === false)
+       return false;
+
+   return trim($result);
+}
Index: lang/English/spam.php
===================================================================
--- lang/English/spam.php   (revision 0)
+++ lang/English/spam.php   (revision 0)
 -0,0 +1,17 @@
+<?php
+
+$lang_spam = array(
+'Spam error'           =>  'Sorry, our anti-spam system appears to have decided you are a spammer! If you feel this is incorrect please contact the board admin at <a href="mailto:%s.',
+'Invalid API key'      =>  'You entered an invalid API key.',
+'Settings updated'     =>  'Settings updated. Redirecting …',
+'NoSpam head'          =>  'NoSpam',
+'NoSpam subhead'       =>  'Settings',
+'NoSpam instructions'  =>  'The NoSpam plugin will check new registrations, posts and signatures against multiple DNS blacklists and if enabled, Akismet. If flagged as spam the action is blocked and the user notified why. Users who have an action flagged as spam will have their admin note changed to %s.',
+'Akismet API key'      =>  'Akismet API key',
+'Akismet API key help' =>  'Enter your Akismet API key. If you do not have one you can obtain one for free from %s. Leave blank to disable Akismet.',
+'Enable NoSpam'            =>  'Enable NoSpam',
+'Enable NoSpam help'   =>  'Check submissions using NoSpam.',
+'Install'              =>  'Install',
+'Install help'         =>  'To continue please click "Install".',
+'Install redirect'     =>  'NoSpam installed. Redirecting …',
+);
Index: plugins/AP_NoSpam.php
===================================================================
--- plugins/AP_NoSpam.php   (revision 0)
+++ plugins/AP_NoSpam.php   (revision 0)
 -0,0 +1,119 @@
+<?php
+
+/*---
+
+   Copyright (C) 2008-2010 FluxBB.org
+   based on code copyright (C) 2002-2005 Rickard Andersson
+   License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
+
+---*/
+
+
+// Make sure no one attempts to run this script "directly"
+if (!defined('PUN'))
+   exit;
+
+// Tell admin_loader.php that this is indeed a plugin and that it is loaded
+define('PUN_PLUGIN_LOADED', 1);
+
+require PUN_ROOT.'include/spam.php';
+
+if (!array_key_exists('o_enable_nospam', $pun_config))
+{
+   if (isset($_POST['install']))
+   {
+       $db->query('INSERT INTO '.$db->prefix.'config(conf_name, conf_value) VALUES(\'o_enable_nospam\', \'1\')') or error('Unable to insert settings', __FILE__, __LINE__, $db->error());
+       $db->query('INSERT INTO '.$db->prefix.'config(conf_name, conf_value) VALUES(\'o_akismet_key\', \'\')') or error('Unable to insert settings', __FILE__, __LINE__, $db->error());
+
+       // Regenerate the config cache
+       if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+           require PUN_ROOT.'include/cache.php';
+
+       generate_config_cache();
+
+       redirect($_SERVER['REQUEST_URI'], $lang_spam['Install redirect']);
+   }
+
+   // Display the admin navigation menu
+   generate_admin_menu($plugin);
+
+?>
+   <div class="blockform">
+       <h2><span><?php echo $lang_spam['NoSpam head'] ?></span></h2>
+       <div class="box">
+           <form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
+               <div class="inform">
+                   <p><span><?php echo $lang_spam['Install help'] ?></span></p>
+               </div>
+               <p class="submitend"><input type="submit" name="install" value="<?php echo $lang_spam['Install'] ?>" /></p>
+           </form>
+       </div>
+   </div>
+<?php
+
+}
+else
+{
+   if (isset($_POST['form_sent']))
+   {
+       $enable = isset($_POST['enable']) ? intval($_POST['enable']) : 0;
+       $api_key = trim($_POST['api_key']);
+
+       if (!empty($api_key) && (!preg_match('%^[a-z0-9]+$%i', $api_key) || !check_akismet_key($api_key)))
+           message($lang_spam['Invalid API key']);
+
+       if ($enable != $pun_config['o_enable_nospam'])
+           $db->query('UPDATE '.$db->prefix.'config SET conf_value=\''.$enable.'\' WHERE conf_name=\'o_enable_nospam\'') or error('Unable to update settings', __FILE__, __LINE__, $db->error());
+
+       if ($api_key != $pun_config['o_akismet_key'])
+           $db->query('UPDATE '.$db->prefix.'config SET conf_value=\''.$api_key.'\' WHERE conf_name=\'o_akismet_key\'') or error('Unable to update settings', __FILE__, __LINE__, $db->error());
+
+       // Regenerate the config cache
+       if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+           require PUN_ROOT.'include/cache.php';
+
+       generate_config_cache();
+
+       redirect($_SERVER['REQUEST_URI'], $lang_spam['Settings updated']);
+   }
+
+   // Display the admin navigation menu
+   generate_admin_menu($plugin);
+
+?>
+   <div class="blockform">
+       <h2><span><?php echo $lang_spam['NoSpam head'] ?></span></h2>
+       <div class="box">
+           <form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
+               <div class="inform">
+                   <p><?php printf($lang_spam['NoSpam instructions'], '<strong>Suspected spammer</strong>') ?></p>
+                   <input type="hidden" name="form_sent" value="1" />
+                   <fieldset>
+                       <legend><?php echo $lang_spam['NoSpam subhead'] ?></legend>
+                       <div class="infldset">
+                           <table class="aligntop" cellspacing="0">
+                               <tr>
+                                   <th scope="row"><?php echo $lang_spam['Enable NoSpam'] ?></th>
+                                   <td>
+                                       <input type="radio" name="enable" value="1"<?php if ($pun_config['o_enable_nospam'] == '1') echo ' checked="checked"' ?> />&nbsp;<strong><?php echo $lang_admin_common['Yes'] ?></strong>&nbsp;&nbsp;&nbsp;<input type="radio" name="enable" value="0"<?php if ($pun_config['o_enable_nospam'] == '0') echo ' checked="checked"' ?> />&nbsp;<strong><?php echo $lang_admin_common['No'] ?></strong>
+                                       <span><?php echo $lang_spam['Enable NoSpam help'] ?></span>
+                                   </td>
+                               </tr>
+                               <tr>
+                                   <th scope="row"><?php echo $lang_spam['Akismet API key'] ?></th>
+                                   <td>
+                                       <input type="text" name="api_key" size="15" value="<?php echo $pun_config['o_akismet_key'] ?>" />
+                                       <span><?php printf($lang_spam['Akismet API key help'], '<a href="http://akismet.com">http://akismet.com</a>') ?></span>
+                                   </td>
+                               </tr>
+                           </table>
+                       </div>
+                   </fieldset>
+               </div>
+               <p class="submitend"><input type="submit" name="save" value="<?php echo $lang_admin_common['Save changes'] ?>" /></p>
+           </form>
+       </div>
+   </div>
+<?php
+
+}
Index: post.php
===================================================================
--- post.php    (revision 1388)
+++ post.php    (working copy)
 -152,6 +152,17 @@
    else if ($pun_config['p_message_all_caps'] == '0' && is_all_uppercase($message) && !$pun_user['is_admmod'])
        $errors[] = $lang_post['All caps message'];

+   // Check if it is spam
+   require PUN_ROOT.'include/spam.php';
+
+   if (!$pun_user['is_admmod'] && spam_check(get_remote_address(), $username, $email, $message))
+   {
+       if (!$pun_user['is_guest'])
+           $db->query('UPDATE users SET admin_note=\'Suspected spammer\' WHERE id='.$pun_user['id'].' AND admin_note IS NULL') or error('Unable to mark spammer', __FILE__, __LINE__, $db->error());
+
+       $errors[] = sprintf($lang_spam['Spam error'], '<a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>');
+   }
+
    // Validate BBCode syntax
    if ($pun_config['p_message_bbcode'] == '1')
    {
Index: profile.php
===================================================================
--- profile.php (revision 1388)
+++ profile.php (working copy)
 -646,11 +646,11 @@
 else if (isset($_POST['form_sent']))
 {
    // Fetch the user group of the user we are editing
-   $result = $db->query('SELECT u.group_id, g.g_moderator FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+   $result = $db->query('SELECT u.group_id, g.g_moderator, u.username, u.email FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON (g.g_id=u.group_id) WHERE u.id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    if (!$db->num_rows($result))
        message($lang_common['Bad request']);

-   list($group_id, $is_moderator) = $db->fetch_row($result);
+   list($group_id, $is_moderator, $username, $email) = $db->fetch_row($result);

    if ($pun_user['id'] != $id &&
        (!$pun_user['is_admmod'] ||
 -801,6 +801,15 @@
                else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && is_all_uppercase($form['signature']) && !$pun_user['is_admmod'])
                    $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));

+               require PUN_ROOT.'include/spam.php';
+
+               // Check if it is spam (only if the person editing isnt an admin/mod)
+               if (!$pun_user['is_admmod'] && spam_check(get_remote_address(), $username, $email, $form['signature']))
+               {
+                   $db->query('UPDATE users SET admin_note=\'Suspected spammer\' WHERE id='.$id.' AND admin_note IS NULL') or error('Unable to mark spammer', __FILE__, __LINE__, $db->error());
+                   message(sprintf($lang_spam['Spam error'], '<a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>'));
+               }
+
                // Validate BBCode syntax
                if ($pun_config['p_sig_bbcode'] == '1')
                {
Index: register.php
===================================================================
--- register.php    (revision 1388)
+++ register.php    (working copy)
 -170,6 +170,12 @@
            $dupe_list[] = $cur_dupe['username'];
    }

+   // Check if it is spam
+   require PUN_ROOT.'include/spam.php';
+
+   if (spam_check(get_remote_address(), $username, $email1))
+       $errors[] = sprintf($lang_spam['Spam error'], '<a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>');
+
    // Make sure we got a valid language string
    if (isset($_POST['language']))
    {