Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Script: Pligg Random Registration File Name
- * Author: Eric Heikkinen
- * Description: The goal of this script is to block automatic user registration via spam bots. Place this file in the root of your Pligg site and run it from time to time.
- * Notes:
- * - This file is meant to be run via a cron job, or to be included in a registration template file.
- * - This type of feature will break direct links (and bookmarks) to the previous registration page
- * - It will also break the EVB submission features.
- * - If more than 1 user registers during the cron time period, it is possible that they will get a 404 error if the name change happens while they are filling it out.
- * - To prevent users from changing the register file name on their own, name this file something original
- */
- ///////////////////////////////////////// SETUP //////////////////////////////////////////
- // Report all PHP errors
- ini_set('display_errors',1);
- error_reporting(E_ALL);
- // Set errors to none, used for error reporting
- $errors = "";
- $str = "";
- // Establish a connection to the database
- include_once './libs/dbconnect.php';
- mysql_connect(EZSQL_DB_HOST,EZSQL_DB_USER,EZSQL_DB_PASSWORD);
- mysql_select_db(EZSQL_DB_NAME) or die ('MySQL Error: ' . mysql_error());
- /////////////////////////////////////// FUNCTIONS ////////////////////////////////////////
- // Function for generating a random string
- function rand_string( $length ) {
- $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
- $str = "";
- $size = strlen( $chars );
- for( $i = 0; $i < $length; $i++ ) {
- $str .= $chars[ rand( 0, $size - 1 ) ];
- }
- return $str;
- }
- /////////////////////////////////////////////////////////////////////////////////////////
- // We're now going to count how many users are in the database, and compare that number to one stored during the last rename.
- // If the number is higher, then we will run the script again.
- // Count the users table to see if there are any new members
- $sql = "SELECT COUNT(*) FROM pligg_users ";
- $result = mysql_query($sql) or die( mysql_error() );
- $user_count = mysql_result($result, 0);
- // Get the existing registration renamer user count
- $sql = "SELECT * FROM pligg_misc_data WHERE name='register_user_count' ";
- $result = mysql_query($sql) or die( mysql_error() );
- $row = mysql_fetch_assoc($result);
- // Check if this is your first time running the script
- if(isset($row['data'])) {
- // Assign existing database value for the registration rename user counter
- $user_count_old = $row['data'];
- $first_run = 'no';
- // echo 'Reading existing register_user_count: '.$row['data'].'<br />';
- } else {
- $user_count_old = $user_count;
- $first_run = 'yes';
- // No user count value found, so let's insert it for the first time
- $sql = " INSERT INTO pligg_misc_data (name, data) VALUES ('register_user_count', $user_count)";
- mysql_query($sql) or die( mysql_error() );
- echo 'Added new register_user_count database field<br />';
- }
- echo "old count: $user_count_old <br />new count: $user_count<br />";
- // If the old user count is less than the one last recorded
- if ($user_count_old < $user_count || $first_run == 'yes'){
- // Get the new register file name
- $register_new = rand_string( 6 );
- // Get the existing register file value
- $sql = "SELECT * FROM pligg_misc_data WHERE name='register_name' ";
- $result = mysql_query($sql) or die( mysql_error() );
- $row = mysql_fetch_assoc($result);
- // Check if this is your first time running the script
- if(isset($row['data'])) {
- // Assign existing database value as the old registration name
- $register_old = $row['data'];
- // echo 'reading existing name: '.$row['data'].'<br />';
- } else {
- $register_old = 'register';
- // No value found, so lets insert it for the first time
- $sql = " INSERT INTO pligg_misc_data (name, data) VALUES ('register_name', 'register')";
- mysql_query($sql) or die( mysql_error() );
- echo 'Added new database field<br />';
- }
- // current directory (useful for Windows servers)
- $cwd = dirname(__FILE__);
- // Check if the file exists
- if (file_exists($cwd."/".$register_old.".php")) {
- // echo "The file $cwd/$register_old.php exists <br />";
- //chmod($register_old.".php",0777);
- // Try to rename files or return an error if it doesn't work
- if(@rename ($cwd."/".$register_old.".php", $cwd."/".$register_new.".php")===true) {
- echo 'Renamed register file<br />';
- } else {
- $errors .= "Failed to rename register file<br />";
- }
- //chmod($register_new.".php",0644);
- } else {
- $errors .= "The file $cwd/$register_old.php does not exist<br />";
- }
- if ($errors != ''){
- print $errors;
- } else {
- // Write the database config value
- // Set the new register value
- $sql = " UPDATE pligg_misc_data SET data='$register_new' WHERE name='register_name' ";
- mysql_query($sql) or die( mysql_error() );
- //echo "Modified database field<br />old: $register_old<br/>new: $register_new<br />";
- // Modify the /libs/html1.php file
- $html1_file = $cwd."/libs/html1.php";
- if (is_writable($html1_file)) {
- $read_file = file_get_contents($html1_file);
- file_put_contents($html1_file, str_replace(array($register_old.'.php', "/$register_old/"), array($register_new.'.php', "/$register_new/"),$read_file));
- } else {
- $errors .= 'The /libs/html1.php file is not writable. Please CHMOD it to 0777, along with the /libs/ directory.<br />';
- }
- // Modify htaccess files
- $htaccess_file = '.htaccess';
- $htaccess_default_file = 'htaccess.default';
- if (is_writable($html1_file)) {
- if (file_exists($cwd."/".$htaccess_file)) {
- // Modify the .htaccess file
- $read_file = file_get_contents($htaccess_file);
- file_put_contents($htaccess_file, str_replace(array($register_old.'.php', "^$register_old/?"), array($register_new.'.php', "^$register_new/?"),$read_file));
- }
- } else {
- $errors .= 'The .htaccess file is not writable. Please CHMOD it to 0777, along with the root directory of your site.<br />';
- }
- if (is_writable($html1_file)) {
- if (file_exists($cwd."/".$htaccess_default_file)) {
- // In case they are using the default the .htaccess file
- $read_file = file_get_contents($htaccess_default_file);
- file_put_contents($htaccess_default_file, str_replace(array($register_old.'.php', "^$register_old/?"), array($register_new.'.php', "^$register_new/?"),$read_file));
- }
- } else {
- $errors .= 'The htaccess.default file is not writable. Please CHMOD it to 0777, along with the root directory of your site.<br />';
- }
- if ($errors != ''){
- print $errors;
- echo 'We were unable to write changes to your files. Please manually update the file(s) or correct the CHMOD errors.<br />';
- } else {
- // Set the new user count value
- $sql = " UPDATE pligg_misc_data SET data='$user_count' WHERE name='register_user_count' ";
- mysql_query($sql) or die( mysql_error() );
- echo 'Finished editing files.<br />';
- }
- }
- } else {
- // The user count is the same as last time, so let's leave things be
- }
- ?>
Add Comment
Please, Sign In to add comment