block connection/friend request spam
This commit is contained in:
parent
2632c23130
commit
878067101f
7 changed files with 53 additions and 9 deletions
2
boot.php
2
boot.php
|
@ -2,7 +2,7 @@
|
|||
|
||||
set_time_limit(0);
|
||||
|
||||
define ( 'BUILD_ID', 1025 );
|
||||
define ( 'BUILD_ID', 1026 );
|
||||
define ( 'DFRN_PROTOCOL_VERSION', '2.0' );
|
||||
|
||||
define ( 'EOL', "<br />\r\n" );
|
||||
|
|
|
@ -372,6 +372,7 @@ CREATE TABLE IF NOT EXISTS `user` (
|
|||
`notify-flags` int(11) unsigned NOT NULL DEFAULT '65535',
|
||||
`page-flags` int(11) unsigned NOT NULL DEFAULT '0',
|
||||
`pwdreset` char(255) NOT NULL,
|
||||
`maxreq` int(11) NOT NULL DEFAULT '10',
|
||||
`allow_cid` mediumtext NOT NULL,
|
||||
`allow_gid` mediumtext NOT NULL,
|
||||
`deny_cid` mediumtext NOT NULL,
|
||||
|
|
|
@ -220,7 +220,7 @@ function dfrn_request_post(&$a) {
|
|||
$nickname = $a->profile['nickname'];
|
||||
$notify_flags = $a->profile['notify-flags'];
|
||||
$uid = $a->profile['uid'];
|
||||
|
||||
$maxreq = intval($a->profile['maxreq']);
|
||||
$contact_record = null;
|
||||
$failed = false;
|
||||
$parms = null;
|
||||
|
@ -228,6 +228,23 @@ function dfrn_request_post(&$a) {
|
|||
|
||||
if( x($_POST,'dfrn_url')) {
|
||||
|
||||
/**
|
||||
* Block friend request spam
|
||||
*/
|
||||
|
||||
if($maxreq) {
|
||||
$r = q("SELECT * FROM `intro` WHERE `datetime` > '%s' AND `uid` = %d",
|
||||
dbesc(datetime_convert('UTC','UTC','now - 24 hours')),
|
||||
intval($uid)
|
||||
);
|
||||
if(count($r) > $maxreq) {
|
||||
notice( $a->profile['name'] . t(' has received too many connection requests today.') . EOL);
|
||||
notice( t('Spam protection measures have been invoked.') . EOL);
|
||||
notice( t('Friends are advised to please try again in 24 hours.') . EOL);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
$url = trim($_POST['dfrn_url']);
|
||||
if(! strlen($url)) {
|
||||
notice( t("Invalid locator") . EOL );
|
||||
|
|
|
@ -53,6 +53,7 @@ function settings_post(&$a) {
|
|||
$timezone = ((x($_POST,'timezone')) ? notags(trim($_POST['timezone'])) : '');
|
||||
$defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : '');
|
||||
$openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
|
||||
$maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0);
|
||||
|
||||
$allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
|
||||
$publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
|
||||
|
@ -105,7 +106,7 @@ function settings_post(&$a) {
|
|||
$str_group_deny = perms2str($_POST['group_deny']);
|
||||
$str_contact_deny = perms2str($_POST['contact_deny']);
|
||||
|
||||
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s' WHERE `uid` = %d LIMIT 1",
|
||||
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d WHERE `uid` = %d LIMIT 1",
|
||||
dbesc($username),
|
||||
dbesc($email),
|
||||
dbesc($openid),
|
||||
|
@ -119,6 +120,7 @@ function settings_post(&$a) {
|
|||
dbesc($defloc),
|
||||
intval($allow_location),
|
||||
dbesc($theme),
|
||||
intval($maxreq),
|
||||
intval(local_user())
|
||||
);
|
||||
if($r)
|
||||
|
@ -179,6 +181,7 @@ function settings_content(&$a) {
|
|||
$notify = $a->user['notify-flags'];
|
||||
$defloc = $a->user['default-location'];
|
||||
$openid = $a->user['openid'];
|
||||
$maxreq = $a->user['maxreq'];
|
||||
|
||||
if(! strlen($a->user['timezone']))
|
||||
$timezone = date_default_timezone_get();
|
||||
|
@ -290,6 +293,7 @@ function settings_content(&$a) {
|
|||
'$sel_notify3' => (($notify & NOTIFY_WALL) ? ' checked="checked" ' : ''),
|
||||
'$sel_notify4' => (($notify & NOTIFY_COMMENT) ? ' checked="checked" ' : ''),
|
||||
'$sel_notify5' => (($notify & NOTIFY_MAIL) ? ' checked="checked" ' : ''),
|
||||
'$maxreq' => $maxreq,
|
||||
'$theme' => $theme_selector,
|
||||
'$pagetype' => $pagetype
|
||||
));
|
||||
|
|
|
@ -247,3 +247,7 @@ function update_1024() {
|
|||
q("ALTER TABLE `profile` ADD `keywords` TEXT NOT NULL AFTER `religion` ");
|
||||
}
|
||||
|
||||
function update_1025() {
|
||||
q("ALTER TABLE `user` ADD `maxreq` int(11) NOT NULL DEFAULT '10' AFTER `pwdreset` ");
|
||||
}
|
||||
|
||||
|
|
|
@ -59,10 +59,22 @@ $theme
|
|||
|
||||
<input type="hidden" name="visibility" value="$visibility" />
|
||||
|
||||
<div id="settings-maxreq-wrapper">
|
||||
<label id="settings-maxreq-label" for="settings-maxreq" >Maximum Friend Requests/Day</label>
|
||||
<input id="settings-maxreq" name="maxreq" value="$maxreq" />
|
||||
<div id="settings-maxreq-desc">(to prevent spam abuse)</div>
|
||||
</div>
|
||||
<div id="settings-maxreq-end"></div>
|
||||
|
||||
|
||||
|
||||
|
||||
$profile_in_dir
|
||||
|
||||
$profile_in_net_dir
|
||||
|
||||
|
||||
|
||||
<div id="settings-default-perms" class="settings-default-perms" >
|
||||
<div id="settings-default-perms-menu" class="fakelink" onClick="openClose('settings-default-perms-select');" >$permissions</div>
|
||||
<div id="settings-default-perms-menu-end"></div>
|
||||
|
|
|
@ -496,6 +496,7 @@ input#dfrn-url {
|
|||
#settings-password-end,
|
||||
#settings-confirm-end,
|
||||
#settings-openid-end,
|
||||
#settings-maxreq-end,
|
||||
#notify1-end,
|
||||
#notify2-end,
|
||||
#notify3-end,
|
||||
|
@ -515,6 +516,7 @@ input#dfrn-url {
|
|||
#settings-password-label,
|
||||
#settings-confirm-label,
|
||||
#settings-openid-label,
|
||||
#settings-maxreq-label,
|
||||
#settings-label-notify1,
|
||||
#settings-label-notify2,
|
||||
#settings-label-notify3,
|
||||
|
@ -533,6 +535,7 @@ input#dfrn-url {
|
|||
#theme-select,
|
||||
#settings-password,
|
||||
#settings-confirm,
|
||||
#settings-maxreq,
|
||||
#notify1,
|
||||
#notify2,
|
||||
#notify3,
|
||||
|
@ -548,7 +551,10 @@ input#dfrn-url {
|
|||
width: 127px;
|
||||
}
|
||||
|
||||
|
||||
#settings-maxreq-desc {
|
||||
float: left;
|
||||
margin-left: 20px;
|
||||
}
|
||||
|
||||
#settings-theme-label,
|
||||
#settings-defloc-label {
|
||||
|
|
Loading…
Reference in a new issue