<?php
/**
* @name Rex
* @version 1.1
* @author David Sopas Ferreira <coder at davidsopas dot com>
* @copyright 2008
*
* Changelog:
*
* v1.1
* - Proxy port scan can be disabled (in some cases, it blocks users that have port 80 open in their router configuration)
* - Added checkspamcop() that checks if a user IP is registered as spammer on Spamcop.net (can be enabled/diabled)
* - Function filtraxss() renamed to checkxss() because it really checks the presence of malicious xss doesn't filter anything
* - Function checkxss() only accepts arrays
* - Added filterxss() that removes or disables tags
* - Added checksize_db_data() that can be used to check for data size before inserting in database
* - Added filtersql() that escapes special characters in a string for use in a SQL statement
* - Portuguese variables renamed to english for better understanding the code to a larger community
*
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
class Rex
{
// Set the values to your needs (fit your needs)
private $logfile = "rexlog.txt"; // The log file, I recommend to put it on a protected directory
private $timeout = 5; // Timeout for the IP verification
private $lockscan = 1; // 0 - enable proxy port scan | 1 - disable proxy port scan
private $lockspamcop = 0; // 0 - enable spamcop check | 1 - disable spamcop check
// -------------------------------------------------------------------------------------------------
// Function that checks if the IP is listed on any spam blacklist on spamcop.net
public function checkspamcop($ip)
{
if ($this->lockspamcop == 0)
{
$handle = @fopen("http://www.spamcop.net/w3m?action=checkblock&ip=$ip", "rb");
stream_set_timeout($handle, $timeout);
$contents = "";
while (!feof($handle))
{
$contents .= @fread($handle, 8192);
}
fclose($handle);
if (preg_match("/$ip listed in [\w]*\.spamcop\.net/", $contents))
{
return true;
} else
{
return false;
}
}
}
// Function that checks if the IP is possibly a PROXY
public function checkip($ip)
{
if ($this->lockscan == 0)
{
// Array with the proxy ports, you can add more if you want
$ports = array(80, 3128, 8080);
// Flag to be returned: 0 safe - 1 open and unsafe
$flag = 0;
foreach ($ports as $port)
{
@$fp = fsockopen($ip, $port, $errno, $errstr, $this->timeout);
// Check if fp return something
if (!empty($fp))
{
$flag = 1;
fclose($fp);
}
}
return $flag;
}
}
// Function that checks $_GET , $_POST , $_SESSION , $_COOKIE or any other arrays for XSS malicious code
public function checkxss($filter)
{
if (is_array($filter))
{
foreach ($filter as $check_array)
{
if ((eregi("<[^>]*script*\"?[^>]*>", $check_array)) || (eregi("<[^>]*object*\"?[^>]*>",
$check_array)) || (eregi("<[^>]*iframe*\"?[^>]*>", $check_array)) || (eregi("<[^>]*applet*\"?[^>]*>",
$check_array)) || (eregi("<[^>]*meta*\"?[^>]*>", $check_array)) || (eregi("<[^>]*style*\"?[^>]*>",
$check_array)) || (eregi("<[^>]*form*\"?[^>]*>", $check_array)) || (eregi("\([^>]*\"?[^)]*\)",
$check_array)) || (eregi("\"", $check_array)))
{
return true;
} else
{
return false;
}
}
unset($check_array);
} else
{
echo "ERROR: function checkxss() only can treat arrays.";
}
}
// Function that filters tags, preventing HTML injections or XSS attacks on variables
// Option: 0- removes tags 1- disables html
public function filterxss($filter, $option)
{
if ($option == 0)
{
$filtered = strip_tags($filter);
return $filtered;
} elseif ($option == 1)
{
$filtered = htmlspecialchars($filter);
return $filtered;
} else
{
return "ERROR: function filterxss() doesn't have that option available.";
}
}
// Function that checks for the right size of data that will be inserted in the database
public function checksize_db_data($data, $minsize, $maxsize)
{
if (strlen($data) < $minsize || strlen($data) > $maxsize)
{
return false;
} else
{
return true;
}
}
// Function that escapes special characters in a string for use in a SQL statement
public function filtersql($data)
{
// Strips whitespaces or other characters from the beginning and end of $data
$filtered = trim($data);
$filtered = mysql_real_escape_string($filtered);
return $filtered;
}
// Function that records all the data in a log file
public function recordlog($ip, $error)
{
if (is_writable($this->logfile))
{
if ($this->lockscan == 0)
{
if ($this->checkip("$ip") == 1)
{
$proxy = "Possible PROXY";
} else
{
$proxy = "";
}
}
if ($this->lockspamcop == 0)
{
if ($this->checkspamcop("$ip") == true)
{
$spamcop = "(IP is listed as spammer on Spamcop.net)";
} else
{
$spamcop = "";
}
}
$fp = fopen($this->logfile, 'a+');
// Data that will be stored in the log file
$information = "[IP]: " . $ip . " $proxy " . $spamcop;
$information .= " [Date and time]: " . date("Y/m/d - H:i:s");
$information .= " [Error]: " . $error . "\n\n";
fwrite($fp, $information);
fclose($fp);
} else
{
echo "ERROR: Log file don't have write permissions, please fix it (eg: CHMOD 777 filename.txt).";
}
}
}
?>
|