API tools faq
paste
Guest User

Untitled

a guest
Dec 14th, 2018
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 7.01 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3.   * Script: Pligg Random Registration File Name
  4.   * Author: Eric Heikkinen
  5.   * Description: The goal of this script is to block automatic user registration via spam bots. Place this file in the root of your Pligg site and run it from time to time.
  6.   * Notes:
  7.   *     - This file is meant to be run via a cron job, or to be included in a registration template file.
  8.   *     - This type of feature will break direct links (and bookmarks) to the previous registration page
  9.   *     - It will also break the EVB submission features.
  10.   *     - If more than 1 user registers during the cron time period, it is possible that they will get a 404 error if the name change happens while they are filling it out.
  11.   *     - To prevent users from changing the register file name on their own, name this file something original
  12. */
  13.  
  14. ///////////////////////////////////////// SETUP //////////////////////////////////////////
  15.  
  16. // Report all PHP errors
  17. ini_set('display_errors',1);
  18. error_reporting(E_ALL);
  19.  
  20. // Set errors to none, used for error reporting
  21. $errors = "";
  22. $str = "";
  23.  
  24. // Establish a connection to the database
  25. include_once './libs/dbconnect.php';
  26. mysql_connect(EZSQL_DB_HOST,EZSQL_DB_USER,EZSQL_DB_PASSWORD);
  27. mysql_select_db(EZSQL_DB_NAME) or die ('MySQL Error: ' . mysql_error());
  28.  
  29. /////////////////////////////////////// FUNCTIONS ////////////////////////////////////////
  30.  
  31. // Function for generating a random string
  32. function rand_string( $length ) {
  33.     $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; 
  34.     $str = "";
  35.     $size = strlen( $chars );
  36.     for( $i = 0; $i < $length; $i++ ) {
  37.         $str .= $chars[ rand( 0, $size - 1 ) ];
  38.     }
  39.     return $str;
  40. }
  41.  
  42. /////////////////////////////////////////////////////////////////////////////////////////
  43.  
  44. // We're now going to count how many users are in the database, and compare that number to one stored during the last rename.
  45. // If the number is higher, then we will run the script again.
  46.  
  47. // Count the users table to see if there are any new members
  48. $sql = "SELECT COUNT(*) FROM pligg_users ";
  49. $result = mysql_query($sql) or die( mysql_error() );
  50. $user_count = mysql_result($result, 0);
  51.  
  52. // Get the existing registration renamer user count
  53. $sql = "SELECT * FROM pligg_misc_data WHERE name='register_user_count' ";
  54. $result = mysql_query($sql) or die( mysql_error() );
  55. $row = mysql_fetch_assoc($result);
  56.  
  57. // Check if this is your first time running the script
  58. if(isset($row['data'])) {
  59.     // Assign existing database value for the registration rename user counter
  60.     $user_count_old = $row['data'];
  61.     $first_run = 'no';
  62.     // echo 'Reading existing register_user_count: '.$row['data'].'<br />';
  63. } else {
  64.     $user_count_old = $user_count;
  65.     $first_run = 'yes';
  66.     // No user count value found, so let's insert it for the first time
  67.     $sql = " INSERT INTO pligg_misc_data (name, data) VALUES ('register_user_count', $user_count)";
  68.     mysql_query($sql) or die( mysql_error() );
  69.     echo 'Added new register_user_count database field<br />';
  70. }
  71.  
  72. echo "old count: $user_count_old <br />new count: $user_count<br />";
  73.  
  74. //  If the old user count is less than the one last recorded
  75. if ($user_count_old < $user_count || $first_run == 'yes'){
  76.  
  77.     // Get the new register file name
  78.     $register_new = rand_string( 6 );
  79.  
  80.     // Get the existing register file value
  81.     $sql = "SELECT * FROM pligg_misc_data WHERE name='register_name' ";
  82.     $result = mysql_query($sql) or die( mysql_error() );
  83.     $row = mysql_fetch_assoc($result);
  84.  
  85.     // Check if this is your first time running the script
  86.     if(isset($row['data'])) {
  87.         // Assign existing database value as the old registration name
  88.         $register_old = $row['data'];
  89.         // echo 'reading existing name: '.$row['data'].'<br />';
  90.     } else {
  91.         $register_old = 'register';
  92.         // No value found, so lets insert it for the first time
  93.         $sql = " INSERT INTO pligg_misc_data (name, data) VALUES ('register_name', 'register')";
  94.         mysql_query($sql) or die( mysql_error() );
  95.         echo 'Added new database field<br />';
  96.     }
  97.  
  98.     // current directory (useful for Windows servers)
  99.     $cwd = dirname(__FILE__);
  100.  
  101.     // Check if the file exists
  102.     if (file_exists($cwd."/".$register_old.".php")) {
  103.         // echo "The file $cwd/$register_old.php exists <br />";
  104.        
  105.         //chmod($register_old.".php",0777);
  106.        
  107.         // Try to rename files or return an error if it doesn't work       
  108.         if(@rename ($cwd."/".$register_old.".php", $cwd."/".$register_new.".php")===true) {
  109.             echo 'Renamed register file<br />';
  110.         } else {
  111.             $errors .= "Failed to rename register file<br />";
  112.         }
  113.        
  114.         //chmod($register_new.".php",0644);
  115.  
  116.     } else {
  117.         $errors .= "The file $cwd/$register_old.php does not exist<br />";
  118.     }
  119.  
  120.     if ($errors != ''){
  121.         print $errors;
  122.     } else {
  123.         // Write the database config value
  124.         // Set the new register value
  125.         $sql = " UPDATE pligg_misc_data SET data='$register_new' WHERE name='register_name' ";
  126.         mysql_query($sql) or die( mysql_error() );
  127.         //echo "Modified database field<br />old: $register_old<br/>new: $register_new<br />";
  128.        
  129.         // Modify the /libs/html1.php file
  130.         $html1_file = $cwd."/libs/html1.php";
  131.         if (is_writable($html1_file)) {
  132.             $read_file = file_get_contents($html1_file);
  133.             file_put_contents($html1_file, str_replace(array($register_old.'.php', "/$register_old/"), array($register_new.'.php', "/$register_new/"),$read_file));
  134.         } else {
  135.             $errors .= 'The /libs/html1.php file is not writable. Please CHMOD it to 0777, along with the /libs/ directory.<br />';
  136.         }
  137.         // Modify htaccess files
  138.         $htaccess_file = '.htaccess';
  139.         $htaccess_default_file = 'htaccess.default';
  140.         if (is_writable($html1_file)) {
  141.             if (file_exists($cwd."/".$htaccess_file)) {
  142.                 // Modify the .htaccess file
  143.                 $read_file = file_get_contents($htaccess_file);
  144.                 file_put_contents($htaccess_file, str_replace(array($register_old.'.php', "^$register_old/?"), array($register_new.'.php', "^$register_new/?"),$read_file));
  145.             }
  146.         } else {
  147.             $errors .= 'The .htaccess file is not writable. Please CHMOD it to 0777, along with the root directory of your site.<br />';
  148.         }
  149.         if (is_writable($html1_file)) {
  150.             if (file_exists($cwd."/".$htaccess_default_file)) {
  151.                 // In case they are using the default the .htaccess file
  152.                 $read_file = file_get_contents($htaccess_default_file);
  153.                 file_put_contents($htaccess_default_file, str_replace(array($register_old.'.php', "^$register_old/?"), array($register_new.'.php', "^$register_new/?"),$read_file));
  154.             }
  155.         } else {
  156.             $errors .= 'The htaccess.default file is not writable. Please CHMOD it to 0777, along with the root directory of your site.<br />';
  157.         }
  158.        
  159.         if ($errors != ''){
  160.             print $errors;
  161.             echo 'We were unable to write changes to your files. Please manually update the file(s) or correct the CHMOD errors.<br />';
  162.         } else {
  163.             // Set the new user count value
  164.             $sql = " UPDATE pligg_misc_data SET data='$user_count' WHERE name='register_user_count' ";
  165.             mysql_query($sql) or die( mysql_error() );
  166.            
  167.             echo 'Finished editing files.<br />';
  168.         }
  169.     }
  170. } else {
  171.     // The user count is the same as last time, so let's leave things be
  172. }
  173.  
  174. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!