123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410 |
- <?php
- /**
- * @file
- * Anti-spam module that uses data from www.stopforumspam.com to protect the user registration form against known spammers and spambots.
- *
- */
- define('SPAMBOT_ACTION_NONE', 0);
- define('SPAMBOT_ACTION_BLOCK', 1);
- define('SPAMBOT_ACTION_DELETE', 2);
- define('SPAMBOT_DEFAULT_BLOCKED_MESSAGE', 'Your email address or username or IP address is blacklisted.');
- /**
- * Implements hook_permission()
- */
- function spambot_permission() {
- return array(
- 'protected from spambot scans' => array(
- 'title' => t('Protected from spambot scans')
- ),
- );
- }
- /**
- * Implements hook_menu().
- */
- function spambot_menu() {
- $items = array();
- $items['admin/config/system/spambot'] = array(
- 'title' => 'Spambot',
- 'description' => 'Configure the spambot module',
- 'page callback' => 'drupal_get_form',
- 'page arguments' => array('spambot_settings_form'),
- 'access arguments' => array('administer site configuration'),
- 'file' => 'spambot.admin.inc',
- );
- $items['user/%user/spambot'] = array(
- 'title' => 'Spam',
- 'page callback' => 'drupal_get_form',
- 'page arguments' => array('spambot_user_spam_admin_form', 1),
- 'access arguments' => array('administer users'),
- 'type' => MENU_LOCAL_TASK,
- 'file' => 'spambot.pages.inc',
- );
- return $items;
- }
- /**
- * Implementation of hook_form_FORM_ID_alter()
- */
- function spambot_form_user_register_form_alter(&$form, &$form_state, $form_id) {
- if (variable_get('spambot_user_register_protect', TRUE) && !user_access('administer users')) {
- $form['#validate'][] = 'spambot_user_register_validate';
- }
- }
- /**
- * Validate the user_register form
- */
- function spambot_user_register_validate($form, &$form_state) {
- $email_threshold = variable_get('spambot_criteria_email', 1);
- $username_threshold = variable_get('spambot_criteria_username', 0);
- $ip_threshold = variable_get('spambot_criteria_ip', 20);
- // Build request parameters according to the criteria to use
- $request = array();
- if (!empty($form_state['values']['mail']) && $email_threshold > 0) {
- $request['email'] = $form_state['values']['mail'];
- }
- if (!empty($form_state['values']['name']) && $username_threshold > 0) {
- $request['username'] = $form_state['values']['name'];
- }
- if ($ip_threshold > 0) {
- $ip = ip_address();
- // Don't check the loopback interface
- if ($ip != '127.0.0.1') {
- $request['ip'] = $ip;
- }
- }
- // Only do a remote API request if there is anything to check
- if (count($request)) {
- $data = array();
- if (spambot_sfs_request($request, $data)) {
- $substitutions = array(
- '@email' => $form_state['values']['mail'], '%email' => $form_state['values']['mail'],
- '@username' => $form_state['values']['name'], '%username' => $form_state['values']['name'],
- '@ip' => ip_address(), '%ip' => ip_address(),
- );
- $reasons = array();
- if ($email_threshold > 0 && !empty($data['email']['appears']) && $data['email']['frequency'] >= $email_threshold) {
- form_set_error('mail', t(variable_get('spambot_blocked_message_email', t(SPAMBOT_DEFAULT_BLOCKED_MESSAGE)), $substitutions));
- $reasons[] = t('email=@value', array('@value' => $request['email']));
- }
- if ($username_threshold > 0 && !empty($data['username']['appears']) && $data['username']['frequency'] >= $username_threshold) {
- form_set_error('name', t(variable_get('spambot_blocked_message_username', t(SPAMBOT_DEFAULT_BLOCKED_MESSAGE)), $substitutions));
- $reasons[] = t('username=@value', array('@value' => $request['username']));
- }
- if ($ip_threshold > 0 && !empty($data['ip']['appears']) && $data['ip']['frequency'] >= $ip_threshold) {
- form_set_error('', t(variable_get('spambot_blocked_message_ip', t(SPAMBOT_DEFAULT_BLOCKED_MESSAGE)), $substitutions));
- $reasons[] = t('ip=@value', array('@value' => $request['ip']));
- }
- if (count($reasons)) {
- watchdog('spambot', 'Blocked registration: @reasons', array('@reasons' => join(',', $reasons)));
- // Slow them down if configured
- $delay = variable_get('spambot_blacklisted_delay', 0);
- if ($delay) {
- sleep($delay);
- }
- }
- }
- }
- }
- /**
- * Implementation of hook_node_insert
- *
- * Keeps table node_spambot up to date
- */
- function spambot_node_insert($node) {
- db_insert('node_spambot')->fields(array('nid' => $node->nid, 'uid' => $node->uid, 'hostname' => ip_address()))->execute();
- }
- /**
- * Implementation of hook_node_delete
- *
- * Keeps table node_spambot up to date
- */
- function spambot_node_delete($node) {
- db_delete('node_spambot')->condition('nid', $node->nid)->execute();
- }
- /**
- * Implementation of hook_cron
- */
- function spambot_cron() {
- $limit = variable_get('spambot_cron_user_limit', 0);
- if ($limit) {
- $last_uid = variable_get('spambot_last_checked_uid', 0);
- if ($last_uid < 1) {
- // Skip scanning the first account
- $last_uid = 1;
- }
- $uids = db_select('users')->fields('users', array('uid'))
- ->condition('uid', $last_uid, '>')->orderBy('uid')
- ->range(0, $limit)->execute()->fetchCol();
- $action = variable_get('spambot_spam_account_action', SPAMBOT_ACTION_NONE);
- foreach ($uids as $uid) {
- $account = user_load($uid);
-
- if ($account->status || variable_get('spambot_check_blocked_accounts', FALSE)) {
- $result = spambot_account_is_spammer($account);
- if ($result > 0) {
- $link = l(t('spammer'), 'user/' . $account->uid);
- switch (user_access('protected from spambot scans', $account) ? SPAMBOT_ACTION_NONE : $action) {
- case SPAMBOT_ACTION_BLOCK:
- if ($account->status) {
- user_save($account, array('status' => 0));
- watchdog('spambot', 'Blocked spam account: @name <@email> (uid @uid)', array('@name' => $account->name, '@email' => $account->mail, '@uid' => $account->uid), WATCHDOG_NOTICE, $link);
- }
- else {
- // Don't block an already blocked account
- watchdog('spambot', t('Spam account already blocked: @name <@email> (uid @uid)', array('@name' => $account->name, '@email' => $account->mail, '@uid' => $account->uid)), array(), WATCHDOG_NOTICE, $link);
- }
- break;
- case SPAMBOT_ACTION_DELETE:
- user_delete($account->uid);
- watchdog('spambot', 'Deleted spam account: @name <@email> (uid @uid)', array('@name' => $account->name, '@email' => $account->mail, '@uid' => $account->uid), WATCHDOG_NOTICE, $link);
- break;
- default:
- watchdog('spambot', 'Found spam account: @name <@email> (uid @uid)', array('@name' => $account->name, '@email' => $account->mail, '@uid' => $account->uid), WATCHDOG_NOTICE, $link);
- break;
- }
- // Mark this uid as successfully checked
- variable_set('spambot_last_checked_uid', $uid);
- }
- else if ($result == 0) {
- // Mark this uid as successfully checked
- variable_set('spambot_last_checked_uid', $uid);
- }
- else if ($result < 0) {
- // Error contacting service, so pause processing
- break;
- }
- }
- }
- }
- }
- /**
- * Invoke www.stopforumspam.com's api
- *
- * @param $query
- * A keyed array of url parameters ie. array('email' => 'blah@blah.com')
- * @param $data
- * An array that will be filled with the data from www.stopforumspam.com.
- *
- * @return
- * TRUE on successful request (and $data will contain the data), FALSE if error
- *
- * $data should be an array of the following form:
- * Array
- * (
- * [success] => 1
- * [email] => Array
- * (
- * [lastseen] => 2010-01-10 08:41:26
- * [frequency] => 2
- * [appears] => 1
- * )
- *
- * [username] => Array
- * (
- * [frequency] => 0
- * [appears] => 0
- * )
- * )
- *
- */
- function spambot_sfs_request($query, &$data) {
- // An empty request results in no match
- if (empty($query)) {
- return FALSE;
- }
- // Use php serialisation format
- $query['f'] = 'serial';
- $url = 'http://www.stopforumspam.com/api?' . http_build_query($query, '', '&');
- $result = drupal_http_request($url);
- if (!empty($result->code) && $result->code == 200 && empty($result->error) && !empty($result->data)) {
- $data = unserialize($result->data);
- if (!empty($data['success'])) {
- return TRUE;
- }
- else {
- watchdog('spambot', "Request unsuccessful: @url <pre>\n@dump</pre>", array('@url' => $url, '@dump' => print_r($data, TRUE)));
- }
- }
- else {
- watchdog('spambot', "Error contacting service: @url <pre>\n@dump</pre>", array('@url' => $url, '@dump' => print_r($result, TRUE)));
- }
- return FALSE;
- }
- /**
- * Checks an account to see if it's a spammer.
- * This one uses configurable automated criteria checking of email and username only
- *
- * @return
- * positive if spammer, 0 if not spammer, negative if error
- */
- function spambot_account_is_spammer($account) {
- $email_threshold = variable_get('spambot_criteria_email', 1);
- $username_threshold = variable_get('spambot_criteria_username', 0);
- $ip_threshold = variable_get('spambot_criteria_ip', 20);
-
- // Build request parameters according to the criteria to use
- $request = array();
- if (!empty($account->mail) && $email_threshold > 0) {
- $request['email'] = $account->mail;
- }
- if (!empty($account->name) && $username_threshold > 0) {
- $request['username'] = $account->name;
- }
- // Only do a remote API request if there is anything to check
- if (count($request)) {
- $data = array();
- if (spambot_sfs_request($request, $data)) {
- if (($email_threshold > 0 && !empty($data['email']['appears']) && $data['email']['frequency'] >= $email_threshold) ||
- ($username_threshold > 0 && !empty($data['username']['appears']) && $data['username']['frequency'] >= $username_threshold)) {
- return 1;
- }
- }
- else {
- // Return error
- return -1;
- }
- }
- // Now check IP's
- // If any IP matches the threshold, then flag as a spammer
- if ($ip_threshold > 0) {
- $ips = spambot_account_ip_addresses($account);
- foreach ($ips as $ip) {
- // Skip the loopback interface
- if ($ip == '127.0.0.1') {
- continue;
- }
-
- $request = array('ip' => $ip);
- $data = array();
- if (spambot_sfs_request($request, $data)) {
- if (!empty($data['ip']['appears']) && $data['ip']['frequency'] >= $ip_threshold) {
- return 1;
- }
- }
- else {
- // Abort on error
- return -1;
- }
- }
- }
-
- // Return no match
- return 0;
- }
- /**
- * Retrieves a list of IP addresses for an account
- *
- * @param $account
- * Account to retrieve IP addresses for
- *
- * @return
- * An array of IP addresses, or an empty array if none found
- */
- function spambot_account_ip_addresses($account) {
- $hostnames = array();
- // Retrieve IPs from node_spambot table
- $items = db_select('node_spambot')->fields('node_spambot', array('hostname'))
- ->condition('uid', $account->uid, '=')->distinct()->execute()->fetchCol();
- $hostnames = array_merge($hostnames, $items);
- // Retrieve IPs from any sessions which may still exist
- $items = db_select('sessions')->fields('sessions', array('hostname'))
- ->condition('uid', $account->uid, '=')->distinct()->execute()->fetchCol();
- $hostnames = array_merge($hostnames, $items);
- // Retrieve IPs from comments
- if (module_exists('comment')) {
- $items = db_select('comment')->fields('comment', array('hostname'))
- ->condition('uid', $account->uid, '=')->distinct()->execute()->fetchCol();
- $hostnames = array_merge($hostnames, $items);
- }
- // Retrieve IPs from statistics
- if (module_exists('statistics')) {
- $items = db_select('accesslog')->fields('accesslog', array('hostname'))
- ->condition('uid', $account->uid, '=')->distinct()->execute()->fetchCol();
- $hostnames = array_merge($hostnames, $items);
- }
- // Retrieve IPs from user stats
- if (module_exists('user_stats')) {
- $items = db_select('user_stats_ips')->fields('user_stats_ips', array('ip_address'))
- ->condition('uid', $account->uid, '=')->distinct()->execute()->fetchCol();
- $hostnames = array_merge($hostnames, $items);
- }
- $hostnames = array_unique($hostnames);
- return $hostnames;
- }
- /**
- * Reports an account as a spammer. Requires ip address and evidence of a single incident
- *
- * @param $account
- * Account to report
- * @param $ip
- * IP address to report
- * @param $evidence
- * Evidence to report
- *
- * @return
- * TRUE if successful, FALSE if error
- */
- function spambot_report_account($account, $ip, $evidence) {
- $success = FALSE;
- $key = variable_get('spambot_sfs_api_key', FALSE);
- if ($key) {
- $query['api_key'] = $key;
- $query['email'] = $account->mail;
- $query['username'] = $account->name;
- $query['ip_addr'] = $ip;
- $query['evidence'] = $evidence;
- $url = 'http://www.stopforumspam.com/add.php?' . http_build_query($query, '', '&');
- $result = drupal_http_request($url);
- if (!empty($result->code) && $result->code == 200 && !empty($result->data) && stripos($result->data, 'data submitted successfully') !== FALSE) {
- $success = TRUE;
- }
- else if (stripos($result->data, 'duplicate') !== FALSE) {
- // www.stopforumspam.com can return a 503 code with data = '<p>recent duplicate entry</p>'
- // which we will treat as successful.
- $success = TRUE;
- }
- else {
- watchdog('spambot', "Error reporting account: @url <pre>\n@dump</pre>", array('@url' => $url, '@dump' => print_r($result, TRUE)));
- }
- }
- return $success;
- }
|