Hello reader.
My tiny coppermine 1.3 was hit by an human made spam.
The comment-spammer wrote many nasty comments in few minutes.
I would like to have time limits for comments to avoid human and robot made spam.
I mean 1 comment for IP+HOST in a minute (time should be configureable).
For now I have the following code which is working in my other app.:
This code makes the ID = $id of sender. File name id.php, which ment to be a class-file
<?php
function ip() //should return an IP
{
if(getenv("HTTP_X_FORWARDED_FOR")) return getenv("HTTP_X_FORWARDED_FOR");
elseif(getenv("HTTP_CLIENT_IP")) return getenv("HTTP_CLIENT_IP");
elseif(getenv("REMOTE_ADDR")) return getenv("REMOTE_ADDR");
else return 0;
}
$ip=ip();
$host=getenv("REMOTE_HOST");
$id=$ip.$host;
$id=md5($id); //md5 is not the best solution I guess, but it makes IDs even if there are no IP or HOST
return $id;
?>
This code is for checking IDs and manage them. File name idlog-class.php, which ment to be a class-file
<?php
//-Input $logfile, $duration, $id
class idlog{
var $exists = 0; //var for the existense of ID in a log
function idcheck($logfile, $duration, $id){
if(!is_writable($logfile)) die("Logfile not ready"); //file-check
$idarray = file($logfile);
$idarray2 = array();
//-ID-check, clean-up = managment
foreach($idarray as $line)
{
$idpart = explode(":", $line);
if(($idpart[0]+$duration)>time())
{
if(trim($idpart[1])==$id) $exists = 1; //-ID-check
$idarray2[]=trim($line)."\n";
}
}
//-makes a new clean id.log-file with fresh ID
$ramfile = fopen($logfile, "w");
if(!$exists) fwrite($ramfile, time().":".$id."\n");
foreach($idarray2 as $line) {fwrite($ramfile, trim($line)."\n");}
fclose($ramfile); //Save the new id.log-file
return $exists;
}
}
?>
This code is in the main file. It combines all the previous code and runs it. File name e.g. comment.php for saving comments
//
//violence check
ini_set('include_path', dirname(__FILE__));
$id=require_once("id.php"); $id or die("could not make the id");
require_once("idlog-class.php");
if(idlog::idcheck("/tmp/id.log", 60, $id)) die("Nothing send, wait 60 Seconds");
//
//-if the ID was new or fresh the code would go on.
//
ATTENTION: this code might contain bugs, because I just translated it from my native language.
NOTE: it was clean and working before translation.
I don't know where to implement this code or if it would work in coppermine 1.3.
Give me some advice or at least your oppinion about POST-limits for comments in coppermine.
NOTE: This is also feature request.