From cd30f3b0b90a79930aa39f8d68da5cc247dfadc3 Mon Sep 17 00:00:00 2001 From: Michael Save Date: Fri, 20 Jan 2012 02:37:53 +1100 Subject: [PATCH] prohibit using same anti-bot hashes across different boards/threads --- .../Twig/Extensions/Extension/Tinyboard.php | 3 ++- inc/functions.php | 24 ++++++++++++++++------ mod.php | 1 - post.php | 16 +++++++-------- templates/post_form.html | 2 +- 5 files changed, 29 insertions(+), 17 deletions(-) diff --git a/inc/contrib/Twig/Extensions/Extension/Tinyboard.php b/inc/contrib/Twig/Extensions/Extension/Tinyboard.php index 5748c0d3..5c6621f6 100644 --- a/inc/contrib/Twig/Extensions/Extension/Tinyboard.php +++ b/inc/contrib/Twig/Extensions/Extension/Tinyboard.php @@ -33,7 +33,8 @@ class Twig_Extensions_Extension_Tinyboard extends Twig_Extension public function getFunctions() { return Array( - 'time' => new Twig_Filter_Function('time', array('needs_environment' => false)) + 'time' => new Twig_Filter_Function('time', array('needs_environment' => false)), + 'createHiddenInputs' => new Twig_Filter_Function('createHiddenInputs', array('needs_environment' => false)) ); } diff --git a/inc/functions.php b/inc/functions.php index 7412f49f..c968ff69 100644 --- a/inc/functions.php +++ b/inc/functions.php @@ -1048,9 +1048,16 @@ } } - function createHiddenInputs() { + function createHiddenInputs($extra_salt = Array()) { global $config; + if(!empty($extra_salt)) { + // create a salted hash of the "extra salt" + $extra_salt = implode(':', $extra_salt); + } else { + $extra_salt = ''; + } + $inputs = Array(); shuffle($config['spam']['hidden_input_names']); @@ -1139,7 +1146,7 @@ $hash .= $config['cookies']['salt']; // Use SHA1 for the hash - $hash = sha1($hash); + $hash = sha1($hash . $extra_salt); // Append it to the HTML $content .= ''; @@ -1147,7 +1154,7 @@ return $content; } - function checkSpam() { + function checkSpam($extra_salt = Array()) { global $config; if(!isset($_POST['hash'])) @@ -1155,6 +1162,13 @@ $hash = $_POST['hash']; + if(!empty($extra_salt)) { + // create a salted hash of the "extra salt" + $extra_salt = implode(':', $extra_salt); + } else { + $extra_salt = ''; + } + // Reconsturct the $inputs array $inputs = Array(); @@ -1179,7 +1193,7 @@ $_hash .= $config['cookies']['salt']; // Use SHA1 for the hash - $_hash = sha1($_hash); + $_hash = sha1($_hash . $extra_salt); return $hash != $_hash; } @@ -1197,7 +1211,6 @@ $content['pages'] = $pages; $content['pages'][$page-1]['selected'] = true; $content['btn'] = getPageButtons($content['pages']); - $content['hidden_inputs'] = createHiddenInputs(); file_write($filename, Element('index.html', $content)); if(isset($md5) && $md5 == md5_file($filename)) { @@ -1460,7 +1473,6 @@ 'id' => $id, 'mod' => $mod, 'boardlist' => createBoardlist($mod), - 'hidden_inputs' => $content['hidden_inputs'] = createHiddenInputs(), 'return' => ($mod ? '?' . $board['url'] . $config['file_index'] : $config['root'] . $board['uri'] . '/' . $config['file_index']) )); diff --git a/mod.php b/mod.php index 9aedf0d2..0bf144ed 100644 --- a/mod.php +++ b/mod.php @@ -1954,7 +1954,6 @@ $page['pages'] = getPages(true); $page['pages'][$page_no-1]['selected'] = true; $page['btn'] = getPageButtons($page['pages'], true); - $page['hidden_inputs'] = createHiddenInputs(); $page['mod'] = true; echo Element('index.html', $page); diff --git a/post.php b/post.php index 04df089d..596e8938 100644 --- a/post.php +++ b/post.php @@ -197,7 +197,7 @@ } } - if(checkSpam()) + if(checkSpam(Array($board['uri'], isset($post['thread']) ? $post['thread'] : null))) error($config['error']['spam']); if($config['robot_enable'] && $config['robot_mute']) { @@ -250,7 +250,7 @@ error($config['error']['noimage']); } - $post['name'] = (!empty($_POST['name'])?$_POST['name']:$config['anonymous']); + $post['name'] = !empty($_POST['name']) ? $_POST['name'] : $config['anonymous']; $post['subject'] = $_POST['subject']; $post['email'] = utf8tohtml($_POST['email']); $post['body'] = $_POST['body']; @@ -306,7 +306,7 @@ if($mod && $mod['type'] >= MOD && preg_match('/^((.+) )?## (.+)$/', $post['name'], $match)) { if(($mod['type'] == MOD && $match[3] == 'Mod') || $mod['type'] >= ADMIN) { $post['capcode'] = utf8tohtml($match[3]); - $post['name'] = !empty($match[2])?$match[2]:$config['anonymous']; + $post['name'] = !empty($match[2]) ? $match[2] : $config['anonymous']; } } else { $post['capcode'] = false; @@ -314,7 +314,7 @@ $trip = generate_tripcode($post['name']); $post['name'] = $trip[0]; - $post['trip'] = (isset($trip[1])?$trip[1]:''); + $post['trip'] = isset($trip[1]) ? $trip[1] : ''; if(strtolower($post['email']) == 'noko') { $noko = true; @@ -583,7 +583,7 @@ } } - buildThread(($OP?$id:$post['thread'])); + buildThread($OP ? $id : $post['thread']); if(!$OP && strtolower($post['email']) != 'sage' && !$thread['sage'] && ($config['reply_limit'] == 0 || numPosts($post['thread']) < $config['reply_limit'])) { bumpThread($post['thread']); @@ -603,20 +603,20 @@ // Tell it to delete the cached post for referer $js->{$_SERVER['HTTP_REFERER']} = true; // Encode and set cookie - setcookie($config['cookies']['js'], json_encode($js), 0, $config['cookies']['jail']?$config['cookies']['path']:'/', null, false, false); + setcookie($config['cookies']['js'], json_encode($js), 0, $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, false); } $root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root']; if($config['always_noko'] || $noko) { - $redirect = $root . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $OP?$id:$post['thread']) . (!$OP?'#'.$id:''); + $redirect = $root . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $OP ? $id:$post['thread']) . (!$OP ? '#' . $id : ''); } else { $redirect = $root . $board['dir'] . $config['file_index']; } if($config['syslog']) - _syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $OP?$id:$post['thread']) . (!$OP?'#'.$id:'')); + _syslog(LOG_INFO, 'New post: /' . $board['dir'] . $config['dir']['res'] . sprintf($config['file_page'], $OP?$id:$post['thread']) . (!$OP ? '#' . $id : '')); rebuildThemes('post'); header('Location: ' . $redirect, true, $config['redirect_http']); diff --git a/templates/post_form.html b/templates/post_form.html index d60039ba..d4dca20c 100644 --- a/templates/post_form.html +++ b/templates/post_form.html @@ -1,5 +1,5 @@
-{{ hidden_inputs }} +{{ createHiddenInputs([board.uri, id]) }} {% if id %}{% endif %} {% if mod %}{% endif %}