lainchan/inc/anti-bot.php

<?php

/*
 *  Copyright (c) 2010-2013 Tinyboard Development Group
 */

defined('TINYBOARD') or exit;

$hidden_inputs_twig = array();

class AntiBot {
	public $salt, $inputs = array(), $index = 0;
	
	public static function randomString($length, $uppercase = false, $special_chars = false, $unicode_chars = false) {
		$chars = 'abcdefghijklmnopqrstuvwxyz0123456789';
		if ($uppercase)
			$chars .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
		if ($special_chars)
			$chars .= ' ~!@#$%^&*()_+,./;\'[]\\{}|:<>?=-` ';
		if ($unicode_chars) {
			$len = strlen($chars) / 10;
			for ($n = 0; $n < $len; $n++)
				$chars .= mb_convert_encoding('&#' . mt_rand(0x2600, 0x26FF) . ';', 'UTF-8', 'HTML-ENTITIES');
		}
		
		$chars = preg_split('//u', $chars, -1, PREG_SPLIT_NO_EMPTY);
		
		$ch = array();
		
		// fill up $ch until we reach $length
		while (count($ch) < $length) {
			$n = $length - count($ch);
			$keys = array_rand($chars, $n > count($chars) ? count($chars) : $n);
			if ($n == 1) {
				$ch[] = $chars[$keys];
				break;
			}
			shuffle($keys);
			foreach ($keys as $key)
				$ch[] = $chars[$key];
		}
		
		$chars = $ch;
		
		return implode('', $chars);
	}
	
	public static function make_confusing($string) {
		$chars = preg_split('//u', $string, -1, PREG_SPLIT_NO_EMPTY);
		
		foreach ($chars as &$c) {
			if (mt_rand(0, 3) != 0)
				$c = utf8tohtml($c);
			else
				$c = mb_encode_numericentity($c, array(0, 0xffff, 0, 0xffff), 'UTF-8');
		}
		
		return implode('', $chars);
	}
	
	public function __construct(array $salt = array()) {
		global $config;
		
		if (!empty($salt)) {
			// create a salted hash of the "extra salt"
			$this->salt = implode(':', $salt);
		} else { 
			$this->salt = '';
		}
		
		shuffle($config['spam']['hidden_input_names']);
		
		$input_count = mt_rand($config['spam']['hidden_inputs_min'], $config['spam']['hidden_inputs_max']);
		$hidden_input_names_x = 0;
		
		for ($x = 0; $x < $input_count ; $x++) {
			if ($hidden_input_names_x === false || mt_rand(0, 2) == 0) {
				// Use an obscure name
				$name = $this->randomString(mt_rand(10, 40), false, false, $config['spam']['unicode']);
			} else {
				// Use a pre-defined confusing name
				$name = $config['spam']['hidden_input_names'][$hidden_input_names_x++];
				if ($hidden_input_names_x >= count($config['spam']['hidden_input_names']))
					$hidden_input_names_x = false;
			}
			
			if (mt_rand(0, 2) == 0) {
				// Value must be null
				$this->inputs[$name] = '';
			} elseif (mt_rand(0, 4) == 0) {
				// Numeric value
				$this->inputs[$name] = (string)mt_rand(0, 100000);
			} else {
				// Obscure value
				$this->inputs[$name] = $this->randomString(mt_rand(5, 100), true, true, $config['spam']['unicode']);
			}
		}
	}
	
	public static function space() {
		if (mt_rand(0, 3) != 0)
			return ' ';
		return str_repeat(' ', mt_rand(1, 3));
	}
	
	public function html($count = false) {
		global $config;
		
		$elements = array(
			'<input type="hidden" name="%name%" value="%value%">',
			'<input type="hidden" value="%value%" name="%name%">',
			'<input name="%name%" value="%value%" type="hidden">',
			'<input value="%value%" name="%name%" type="hidden">',
			'<input style="display:none" type="text" name="%name%" value="%value%">',
			'<input style="display:none" type="text" value="%value%" name="%name%">',
			'<span style="display:none"><input type="text" name="%name%" value="%value%"></span>',
			'<div style="display:none"><input type="text" name="%name%" value="%value%"></div>',
			'<div style="display:none"><input type="text" name="%name%" value="%value%"></div>',
			'<textarea style="display:none" name="%name%">%value%</textarea>',
			'<textarea name="%name%" style="display:none">%value%</textarea>'
		);
		
		$html = '';
		
		if ($count === false) {
			$count = mt_rand(1, abs(count($this->inputs) / 15) + 1);
		}
		
		if ($count === true) {
			// all elements
			$inputs = array_slice($this->inputs, $this->index);
		} else {
			$inputs = array_slice($this->inputs, $this->index, $count);
		}
		$this->index += count($inputs);
		
		foreach ($inputs as $name => $value) {
			$element = false;
			while (!$element) {
				$element = $elements[array_rand($elements)];
				$element = str_replace(' ', self::space(), $element);
				if (mt_rand(0, 5) == 0)
					$element = str_replace('>', self::space() . '>', $element);
				if (strpos($element, 'textarea') !== false && $value == '') {
					// There have been some issues with mobile web browsers and empty <textarea>'s.
					$element = false;
				}
			}
			
			$element = str_replace('%name%', utf8tohtml($name), $element);
			
			if (mt_rand(0, 2) == 0)
				$value = $this->make_confusing($value);
			else
				$value = utf8tohtml($value);
			
			if (strpos($element, 'textarea') === false)
				$value = str_replace('"', '&quot;', $value);
			
			$element = str_replace('%value%', $value, $element);
			
			$html .= $element;
		}
		
		return $html;
	}
	
	public function reset() {
		$this->index = 0;
	}
	
	public function hash() {
		global $config;
		
		// This is the tricky part: create a hash to validate it after
		// First, sort the keys in alphabetical order (A-Z)
		$inputs = $this->inputs;
		ksort($inputs);
		
		$hash = '';
		// Iterate through each input
		foreach ($inputs as $name => $value) {
			$hash .= $name . '=' . $value;
		}
		// Add a salt to the hash
		$hash .= $config['cookies']['salt'];
		
		// Use SHA1 for the hash
		return sha1($hash . $this->salt);
	}
}

function _create_antibot($board, $thread) {
	global $config, $purged_old_antispam;
	
	$antibot = new AntiBot(array($board, $thread));
	
	if (!isset($purged_old_antispam)) {
		$purged_old_antispam = true;
		query('DELETE FROM ``antispam`` WHERE `expires` < UNIX_TIMESTAMP()') or error(db_error());
	}
	
	if ($thread)
		$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` = :thread AND `expires` IS NULL');
	else
		$query = prepare('UPDATE ``antispam`` SET `expires` = UNIX_TIMESTAMP() + :expires WHERE `board` = :board AND `thread` IS NULL AND `expires` IS NULL');
	
	$query->bindValue(':board', $board);
	if ($thread)
		$query->bindValue(':thread', $thread);
	$query->bindValue(':expires', $config['spam']['hidden_inputs_expire']);
	$query->execute() or error(db_error($query));
	
	$query = prepare('INSERT INTO ``antispam`` VALUES (:board, :thread, :hash, UNIX_TIMESTAMP(), NULL, 0)');
	$query->bindValue(':board', $board);
	$query->bindValue(':thread', $thread);
	$query->bindValue(':hash', $antibot->hash());
	$query->execute() or error(db_error($query));
	
	return $antibot;
}

function checkSpam(array $extra_salt = array()) {
	global $config, $pdo;

	if (!isset($_POST['hash']))
		return true;

	$hash = $_POST['hash'];

	if (!empty($extra_salt)) {
		// create a salted hash of the "extra salt"
		$extra_salt = implode(':', $extra_salt);
	} else { 
		$extra_salt = '';
	}

	// Reconsturct the $inputs array
	$inputs = array();

	foreach ($_POST as $name => $value) {
		if (in_array($name, $config['spam']['valid_inputs']))
			continue;

		$inputs[$name] = $value;
	}

	// Sort the inputs in alphabetical order (A-Z)
	ksort($inputs);

	$_hash = '';

	// Iterate through each input
	foreach ($inputs as $name => $value) {
		$_hash .= $name . '=' . $value;
	}

	// Add a salt to the hash
	$_hash .= $config['cookies']['salt'];

	// Use SHA1 for the hash
	$_hash = sha1($_hash . $extra_salt);

	if ($hash != $_hash)
		return true;

	$query = prepare('SELECT `passed` FROM ``antispam`` WHERE `hash` = :hash');
	$query->bindValue(':hash', $hash);
	$query->execute() or error(db_error($query));
	if ((($passed = $query->fetchColumn(0)) === false) || ($passed > $config['spam']['hidden_inputs_max_pass'])) {
		// there was no database entry for this hash. most likely expired.
		return true;
	}

	return $hash;
}

function incrementSpamHash($hash) {
	$query = prepare('UPDATE ``antispam`` SET `passed` = `passed` + 1 WHERE `hash` = :hash');
	$query->bindValue(':hash', $hash);
	$query->execute() or error(db_error($query));
}