<?php
// does the opposite of PHP's nl2br()
function br2nl($string) {
$string = preg_replace("/(\r\n|\n|\r)/", "", $string);
$string = preg_replace("/<br *\/?>/i", "\n", $string);
return $string;
}
// generate a pseudo-word random password
function makePassword($length=8)
{
$password = "";
$vowels = "aeiouy";
$consonants = "bcdfghjklmnprst";
$cn = strlen($consonants)-1;
$vn = strlen($vowels)-1;
// Start on cons or vowel
$alt = mt_rand(0, 1);
// How many numbers
$len = mt_rand($length-3,$length);
//add the letters
for ($i = 0; $i < $len; $i++)
{
if ($alt == 1) {
$password .= $consonants[ mt_rand(0,$cn) ];
$alt = 0;
}
else {
$password .= $vowels[ mt_rand(0,$vn) ];
$alt = 1;
}
}
//add the numbers
for ($i = 0; $i < $length-$len; $i++)
{
$password .= mt_rand(0,9);
}
return $password;
}
$revision = "unknown";
function startElement($parser, $name, $attrs)
{
global $revision;
if($name=="ENTRY" && $attrs['NAME']=="") {
$revision = $attrs['REVISION'];
}
}
function endElement($parser, $name){}
function getSVNRevision()
{
global $revision;
$xml_parser = xml_parser_create();
xml_set_element_handler($xml_parser, "startElement", "endElement");
if (!($fp = fopen(".svn/entries", "r"))) {
return "unknown - couldn't open SVN XML file.";
}
while(($data = fread($fp, 1024)) && $revision=="unknown") {
if (!xml_parse($xml_parser, $data, feof($fp))) {
return "unknown - couldn't parse SVN XML file";
}
}
xml_parser_free($xml_parser);
return $revision;
}
/*
*
* Spam Checks
*
*/
//Check the Spam URI Realtime Blocklist
function checkSpamURLs($text) {
$spam = false;
//find urls, ugly but works
while (ereg("http://[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}",$text,$match)) {
$matches[] = $match[0];
$text = ereg_replace($match[0],"",$text);
}
//pull in list of two level tlds, make an array from them. from http://spamcheck.freeapp.net/two-level-tlds
$twoLevelTLD = file("/var/www/blog/two-level-tlds");
foreach($twoLevelTLD as $TLD) {
$two_level_tlds[trim($TLD)] = true;
}
if (!$matches)
return;
//for each url
foreach ($matches as $url) {
//break it down
$urlBits = explode(".",substr($url, 7));
//reverse the oder
$bitsURL = array_reverse($urlBits);
//if its a two level tld, we want the first 3 bits of the url.. if not just the first 2
if ($two_level_tlds[($bitsURL[1].".".$bitsURL[0])]) {
$URLstoTest[] = ($bitsURL[2].".".$bitsURL[1].".".$bitsURL[0]);
} else {
$URLstoTest[] = ($bitsURL[1].".".$bitsURL[0]);
}
}
if (!$URLstoTest)
return;
//actualy test each of he domains against the surbl
foreach($URLstoTest as $url) {
$result = gethostbyname($url.'.multi.surbl.org');
if ($result != $url.'.multi.surbl.org') {
$spam = true;
}
elseif ($url == "blogspot.com") {
$spam = true;
}
}
return $spam;
}
//feeds a message body though LinkSleeve (http://www.linksleeve.org/) which at the time of testing seems quite good.
function checkSpamLinkSleeve ($text) {
// Include the Pear XML-RPC Client Package
require_once 'XML/RPC.php';
// Build the XML-RPC message
$params = array(new XML_RPC_Value($text, 'string'));
$msg = new XML_RPC_Message('slv', $params);
//Send the XML-RPC message
$cli = new XML_RPC_Client('/slv.php', 'http://www.linksleeve.org');
$resp = $cli->send($msg);
//Check for a responce
if (!$resp) {
echo 'Communication error: ' . $cli->errstr;
return false;
}
//spam?
if (!$resp->faultCode()) {
$val = $resp->value();
if($val->scalarval()=='1') {
$spam = false;
}
else {
$spam = true;
}
}
//Handle Errors
else {
echo 'Fault Code: ' . $resp->faultCode() . "\n";
echo 'Fault Reason: ' . $resp->faultString() . "\n";
}
return $spam;
}
//checks an ip in several blacklists returns true if its present
function checkSpamIP($ip) {
$spam = false;
//reverse the ip
$ip = implode('.',array_reverse(explode('.',$ip)));
//look up in various rbls
$rbl = gethostbyname($ip.'.rbl-plus.mail-abuse.ja.net');
$scbl = gethostbynamel($ip.'.bl.spamcop.net');
$sorbs = gethostbynamel($ip.'.dnsbl.sorbs.net');
$sbl = gethostbynamel($ip.'.sbl.spamhaus.org');
$njabl = gethostbynamel($ip.'.dnsbl.njabl.org');
$opm = gethostbyname($ip.'.opm.blitzed.org');
$cbl = gethostbynamel($ip.'.cbl.abuseat.org');
//CBL
if ($cbl) {
$spam = true;
}
//OPM
if ($opm != $ip.".opm.blitzed.org") {
//this bl uses a decimal to represent one catagory of spam source
$code = decbin(ip2long($opm));
//check for WinGate
if ($code[30])
$spam = true;
//check for SOCKS
if ($code[29])
$spam = true;
//check for HTTP CONNECT
if ($code[28])
$spam = true;
//check for Router
if ($code[27])
$spam = true;
//check for HTTP POST
if ($code[26])
$spam = true;
}
//RBL+
if ($rbl != $ip.".rbl-plus.mail-abuse.ja.net") {
$code = decbin(ip2long($rbl));
//check for rbl
if ($code[30])
$spam = true;
//check for dul
if ($code[29])
//we dont care about dul
//check for rss
if ($code[28])
$spam = true;
//check for ops
if ($code[27])
$spam = true;
}
//SpamCop
if ($scbl) {
$spam = true;
}
//SORBS
if ($sorbs) {
foreach($sorbs as $result) {
$result = explode('.',$result);
//check for http
if ($result[3] == 2)
$spam = true;
//check for socks
if ($result[3] == 3)
$spam = true;
//check for misc
if ($result[3] == 4)
$spam = true;
//check for smtp
if ($result[3] == 5)
$spam = true;
//check for spam
if ($result[3] == 6)
$spam = true;
//check for web
if ($result[3] == 7)
$spam = true;
//check for block
if ($result[3] == 8)
$spam = true;
//check for zombie
if ($result[3] == 9)
$spam = true;
//check for dul
if ($result[3] == 10)
//dont care about dul
//check for badconf
if ($result[3] == 11)
$spam = true;
//check for nomail
if ($result[3] == 12)
$spam = true;
}
}
//NJABL
if ($njabl) {
foreach($njabl as $result) {
$result = explode('.',$result);
//check for relay
if ($result[3] == 2)
$spam = true;
//check for dul
if ($result[3] == 3) {
//dont care about dul
}
//check for spam
if ($result[3] == 4)
$spam = true;
//check for relay
if ($result[3] == 5)
$spam = true;
//check for web
if ($result[3] == 8)
$spam = true;
//check for proxy
if ($result[3] == 9)
$spam = true;
}
}
//SBL
if($sbl) {
$spam = true;
}
return $spam;
}
# General spam function combining all checks
function checkSpam($ip, $text) {
//Check LinkSleeve first, its a collaborative statistical thing, and will benefit from seeing all messages, spam or not
if (checkSpamLinkSleeve($text)) {
$spam = true;
//Check any URL's the Spam URL Black List
} elseif (checkSpamURLs($text)) {
$spam = true;
//If all else fails lookup the posting IP in all the normal IP Black Lists
} elseif (checkSpamIP($ip)) {
$spam = true;
//Decide its probably not spam
} else {
$spam = false;
}
return $spam;
}