1: | <?php
|
2: |
|
3: | |
4: | |
5: |
|
6: | class Protector_postcommon_register_insert_js_check extends ProtectorFilterAbstract
|
7: | {
|
8: | |
9: | |
10: |
|
11: | public function execute()
|
12: | {
|
13: | ob_start(array($this, 'ob_filter'));
|
14: |
|
15: | if (!empty($_POST)) {
|
16: | if (!$this->checkValidate()) {
|
17: | die(_MD_PROTECTOR_TURNJAVASCRIPTON);
|
18: | }
|
19: | }
|
20: |
|
21: | return true;
|
22: | }
|
23: |
|
24: |
|
25: | |
26: | |
27: | |
28: | |
29: |
|
30: | public function ob_filter($s)
|
31: | {
|
32: | $antispam_htmls = $this->getHtml4Assign();
|
33: |
|
34: | return preg_replace('/<form[^>]*action=["\'](|#|register.php)["\'][^>]+>/i', '$0' . "\n" . $antispam_htmls['html_in_form'] . "\n" . $antispam_htmls['js_global'], $s, 1);
|
35: | }
|
36: |
|
37: |
|
38: | |
39: | |
40: | |
41: | |
42: |
|
43: | public function getMd5($time = null)
|
44: | {
|
45: | if (empty($time)) {
|
46: | $time = time();
|
47: | }
|
48: |
|
49: | return md5(gmdate('YmdH', $time) . XOOPS_DB_PREFIX . XOOPS_DB_NAME);
|
50: | }
|
51: |
|
52: | |
53: | |
54: |
|
55: | public function getHtml4Assign()
|
56: | {
|
57: | $as_md5 = $this->getMd5();
|
58: | $as_md5array = preg_split('//', $as_md5, -1, PREG_SPLIT_NO_EMPTY);
|
59: | $as_md5shuffle = array();
|
60: | foreach ($as_md5array as $key => $val) {
|
61: | $as_md5shuffle[] = array('key' => $key, 'val' => $val);
|
62: | }
|
63: | shuffle($as_md5shuffle);
|
64: |
|
65: |
|
66: |
|
67: |
|
68: |
|
69: |
|
70: | $js_in_validate_function = "antispam_md5s=new Array(32);\n";
|
71: | foreach ($as_md5shuffle as $item) {
|
72: | $key = $item['key'];
|
73: | $val = $item['val'];
|
74: | $js_in_validate_function .= "antispam_md5s[$key]='$val';\n";
|
75: | }
|
76: | $js_in_validate_function .= "
|
77: | antispam_md5 = '' ;
|
78: | for (i = 0 ; i < 32 ; i ++) {
|
79: | antispam_md5 += antispam_md5s[i] ;
|
80: | }
|
81: | xoopsGetElementById('antispam_md5').value = antispam_md5 ;
|
82: | ";
|
83: |
|
84: | return array(
|
85: | 'html_in_form' => '<input type="hidden" name="antispam_md5" id="antispam_md5" value="" />',
|
86: | 'js_global' => '<script type="text/javascript"><!--//' . "\n" . $js_in_validate_function . "\n" . '//--></script><noscript><div class="errorMsg">' . _MD_PROTECTOR_TURNJAVASCRIPTON . '</div></noscript>');
|
87: | }
|
88: |
|
89: | |
90: | |
91: |
|
92: | public function checkValidate()
|
93: | {
|
94: | $user_md5 = isset($_POST['antispam_md5']) ? trim($_POST['antispam_md5']) : '';
|
95: |
|
96: |
|
97: | if ($user_md5 != $this->getMd5() && $user_md5 != $this->getMd5(time() - 3600) && $user_md5 != $this->getMd5(time() - 7200)) {
|
98: | $this->errors[] = _MD_PROTECTOR_TURNJAVASCRIPTON;
|
99: |
|
100: | return false;
|
101: | }
|
102: |
|
103: | return true;
|
104: | }
|
105: | }
|
106: | |