Subversion Repositories php_antispam

Compare Revisions

No changes between revisions

Ignore whitespace Rev 5 → Rev 6

/trunk/examples/antispam-example.php
11,7 → 11,7
 
<?php
 
echo '<form action="'.$PHP_SELF.'">
echo '<form action="'.$_SERVER['PHP_SELF'].'">
E-Mail-Adresse: <input name="email" value="'.$_GET['email'].'"><br>
Linktext: <input name="linktext" value="'.$_GET['linktext'].'"><br>
Linktext verschlüsseln: <input type="checkbox" name="crypt_linktext" checked><br>
/trunk/examples/autofilter-example1.inc.php
4,6 → 4,8
// for ViaThinkSoft Sigma as filter plugin (modified $content)
// Use it for your website!
 
include __DIR__ . '/../v3.inc.php'; // AntiSpam v3
 
// CONFIGURATION
 
define('CFG_MAKE_MAIL_ADDRESSES_CLICKABLE', true);
10,21 → 12,18
 
// CODE
 
function secure_email_triv($email)
function alas_js_crypt($text)
{
if (!function_exists('alas_js_crypt'))
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
{
function alas_js_crypt($text)
{
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
{
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
}
return $tmp;
}
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
}
return $tmp;
}
 
function secure_email_triv($email)
{
$aus = '';
if ($email != '')
{
35,52 → 34,6
return $aus;
}
 
// PHP-AntiSpam-Funktion "secure_email", Version 3.02
// von Daniel Marschall [www.daniel-marschall.de]
 
function secure_email($email, $linktext, $crypt_linktext)
{
// No new lines to avoid a JavaScript error!
$linktext = str_replace("\r", ' ', $linktext);
$linktext = str_replace("\n", ' ', $linktext);
 
if (!function_exists('alas_js_crypt'))
{
function alas_js_crypt($text)
{
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
{
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
}
return $tmp;
}
}
 
if (!function_exists('alas_js_write'))
{
function alas_js_write($text)
{
$text = str_replace('\\', '\\\\', $text);
$text = str_replace('"', '\"', $text);
$text = str_replace('/', '\/', $text); // W3C Validation </a> -> <\/a>
return 'document.write("'.$text.'");';
}
}
 
$aus = '';
if ($email != '')
{
$aus .= '<script language="JavaScript" type="text/javascript"><!--'."\n";
$aus .= alas_js_write('<a href="');
$aus .= alas_js_crypt('mailto:'.$email);
$aus .= alas_js_write('">');
$aus .= $crypt_linktext ? alas_js_crypt($linktext) : alas_js_write($linktext);
$aus .= alas_js_write('</a>').'// --></script>';
}
return $aus;
}
 
function getAddrSpec() {
// Ref: http://www.iamcal.com/publish/articles/php/parsing_email/
 
111,21 → 64,17
 
// Step 1: Parse links and make them secure
 
if (!function_exists('link_cb_1')) {
function link_cb_1($a) {
$content = preg_replace_callback("/<a(.+?)mailto:($addr_spec)(.+?)>(.+?)<\/a>/sm",
function($a) {
$mailaddr = $a[2];
$linktext = $a[14]; // Letztes
 
return secure_email($mailaddr, $linktext, is_valid_email_address($linktext));
}
}
}, $content); // TODO! Kann Greedy werden!
 
$content = preg_replace_callback("/<a(.+?)mailto:($addr_spec)(.+?)>(.+?)<\/a>/sm", 'link_cb_1', $content); // TODO! Kann Greedy werden!
 
// Step 2: Find all further mail addresses, make then clickable and prevent spam bots
 
if (!function_exists('link_cb_2')) {
function link_cb_2($a) {
$content = preg_replace_callback("/($addr_spec)/sm", function($a) {
$mailaddr = $a[1]; // Letztes
 
if (CFG_MAKE_MAIL_ADDRESSES_CLICKABLE) {
133,14 → 82,13
} else {
return secure_email_triv($mailaddr);
}
}
}
}, $content);
 
$content = preg_replace_callback("/($addr_spec)/sm", 'link_cb_2', $content);
 
// Output
 
return $content;
}
 
$content = auto_secure_mail_addresses($content);
if (isset($content)) {
$content = auto_secure_mail_addresses($content);
}
/trunk/examples/autofilter-example2.inc.php
12,21 → 12,18
 
// SOURCE: SIGMA 3.0 ANTISPAM FILTER
 
function secure_email_triv($email)
function alas_js_crypt($text)
{
if (!function_exists('alas_js_crypt'))
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
{
function alas_js_crypt($text)
{
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
{
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
}
return $tmp;
}
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
}
return $tmp;
}
 
function secure_email_triv($email)
{
$aus = '';
if ($email != '')
{
85,16 → 82,6
}
}
 
function link_cb_2($a) {
$mailaddr = $a[1]; // Letztes
 
if (CFG_MAKE_MAIL_ADDRESSES_CLICKABLE) {
return secure_email($mailaddr, $mailaddr, true, CFG_DEFAULT_CLASS);
} else {
return secure_email_triv($mailaddr);
}
}
 
function protect_mail_address_urls($content, $correct_missing_mailto = true) {
$t = new MailLinkProtector;
$t->correct_missing_mailto = $correct_missing_mailto;
122,8 → 109,16
$exclude_mail_chars_beginning = '\^°!"§$%&/()=\?´`}\]\[{\+*~\'#-_\.:,;';
$exclude_mail_chars_ending = $exclude_mail_chars_beginning;
 
$content = preg_replace_callback("@(?![$exclude_mail_chars_beginning])($addr_spec)(?<![$exclude_mail_chars_ending])@sm", 'link_cb_2', $content);
$content = preg_replace_callback("@(?![$exclude_mail_chars_beginning])($addr_spec)(?<![$exclude_mail_chars_ending])@sm", function($a) {
$mailaddr = $a[1]; // Letztes
 
if (CFG_MAKE_MAIL_ADDRESSES_CLICKABLE) {
return secure_email($mailaddr, $mailaddr, true, CFG_DEFAULT_CLASS);
} else {
return secure_email_triv($mailaddr);
}
}, $content);
 
// Output
 
return $content;
310,4 → 305,4
// USAGE:
// $content = auto_secure_mail_addresses($content);
 
// ========================================================================
// ========================================================================
/trunk/phpstan.neon.dist
0,0 → 1,15
parameters:
level: 5
fileExtensions:
- php
- phps
paths:
- .
excludePaths:
analyseAndScan:
- .phpstan.tmp
tmpDir: .phpstan.tmp
ignoreErrors:
- '#is always (true|false)\.#'
#- '#Call to function assert\(\) with false will always evaluate to false\.#'
#- '#with no typehint specified\.#'
/trunk/v3.inc.php
1,12 → 1,12
<?php
 
// PHP-AntiSpam-Funktion "secure_email", Version 3.06 of 2022-01-09
// PHP-AntiSpam-Funktion "secure_email", Version 3.1 of 2022-01-09
// by Daniel Marschall [www.daniel-marschall.de], ViaThinkSoft
// License: Apache 2.0 License
 
if (!function_exists('alas_js_crypt'))
{
function alas_js_crypt($text)
class VtsAntiSpam3 {
 
private function alas_js_crypt($text)
{
$tmp = '';
for ($i=0; $i<strlen($text); $i++)
15,11 → 15,8
}
return $tmp;
}
}
 
if (!function_exists('alas_js_write'))
{
function alas_js_write($text)
private function alas_js_write($text)
{
$text = str_replace('\\', '\\\\', $text);
$text = str_replace('"', '\"', $text);
26,26 → 23,36
$text = str_replace('/', '\/', $text); // W3C Validation </a> -> <\/a>
return 'document.write("'.$text.'");';
}
}
 
function secure_email($email, $linktext, $crypt_linktext, $css_class='')
{
// No new lines to avoid a JavaScript error!
$linktext = str_replace("\r", ' ', $linktext);
$linktext = str_replace("\n", ' ', $linktext);
public function secure_email($email, $linktext, $crypt_linktext, $css_class='')
{
// No new lines to avoid a JavaScript error!
$linktext = str_replace("\r", ' ', $linktext);
$linktext = str_replace("\n", ' ', $linktext);
 
$aus = '';
if ($email != '')
{
$aus .= '<script><!--'."\n"; // type="text/javascript" is not necessary in HTML5
$aus .= alas_js_write('<a ');
if ($css_class != '') $aus .= alas_js_write('class="'.$css_class.'" ');
$aus .= alas_js_write('href="');
$aus .= alas_js_crypt('mailto:'.$email);
$aus .= alas_js_write('">');
$aus .= $crypt_linktext ? alas_js_crypt($linktext) : alas_js_write($linktext);
$aus .= alas_js_write('</a>').'// --></script>';
$aus = '';
if ($email != '')
{
$aus .= '<script><!--'."\n"; // type="text/javascript" is not necessary in HTML5
$aus .= $this->alas_js_write('<a ');
if ($css_class != '') $aus .= $this->alas_js_write('class="'.$css_class.'" ');
$aus .= $this->alas_js_write('href="');
$aus .= $this->alas_js_crypt('mailto:'.$email);
$aus .= $this->alas_js_write('">');
$aus .= $crypt_linktext ? $this->alas_js_crypt($linktext) : $this->alas_js_write($linktext);
$aus .= $this->alas_js_write('</a>').'// --></script>';
}
 
return $aus.'<noscript>Please enable JavaScript to display this email address.</noscript>';
}
 
return $aus.'<noscript>Please enable JavaScript to display this email address.</noscript>';
}
}
 
# ------------------------------------------------------------------------------
 
function secure_email($email, $linktext, $crypt_linktext, $css_class='') {
$antispam = new VtsAntiSpam3();
$res = $antispam->secure_email($email, $linktext, $crypt_linktext);
return $res;
}
 
/trunk/v4.inc.php
2,131 → 2,161
 
/*
* ViaThinkSoft Anti-Spam Script for PHP
* (C) 2009-2013 ViaThinkSoft
* Revision: 2013-03-04 (Version 4.01)
* (C) 2009-2022 ViaThinkSoft
* Revision: 2022-01-09 (Version 4.1)
* License: Apache 2.0 License
*/
 
function secure_email($email, $linktext, $crypt_linktext)
{
// No new lines to avoid a JavaScript error!
$linktext = str_replace("\r", ' ', $linktext);
$linktext = str_replace("\n", ' ', $linktext);
class VtsAntiSpam4 {
 
if (!defined('ALAS_INCLUDED')) {
// Anfagswert über aktuelle Mikrosekunde setzen
public $garbageLength = 5;
 
public function __construct() {
self::randomize();
}
 
private static function randomize() {
// Anfagswert über aktuelle Mikrosekunde setzen
// http://de2.php.net/manual/de/function.srand.php
function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}
srand(make_seed());
list($usec, $sec) = explode(' ', microtime());
$seed = (int)($sec + ((float)$usec * 100000));
srand($seed);
}
 
define('ALAS_GARBARGE_LENGTH', 5);
 
private function RandomString($len) {
// http://www.jonasjohn.de/snippets/php/rand-str.htm
function RandomString($len) {
$randstr = '';
srand((double)microtime()*1000000);
for($i=0;$i<$len;$i++) {
$randstr = '';
//srand((double)microtime()*1000000);
for($i=0;$i<$len;$i++) {
$n = rand(48,120);
while (($n >= 58 && $n <= 64) || ($n >= 91 && $n <= 96)) {
$n = rand(48,120);
while (($n >= 58 && $n <= 64) || ($n >= 91 && $n <= 96)) {
$n = rand(48,120);
}
$randstr .= chr($n);
}
return $randstr;
$randstr .= chr($n);
}
return $randstr;
}
 
function js_randombreaks() {
$len = rand(0, ALAS_GARBARGE_LENGTH);
$r = '';
$one_line_comment = false;
for($i=0;$i<$len;$i++) {
$m = rand(0, 3);
if ($m == 0) {
$r .= ' ';
} else if ($m == 1) {
$r .= '//';
$r .= RandomString($i);
$one_line_comment = true;
} else if ($m == 2) {
$r .= "\r\n";
$one_line_comment = false;
} else {
$r .= "\t";
}
private function js_randombreaks() {
$len = rand(0, $this->garbageLength);
$r = '';
$one_line_comment = false;
for($i=0;$i<$len;$i++) {
$m = rand(0, 3);
if ($m == 0) {
$r .= ' ';
} else if ($m == 1) {
$r .= '//';
$r .= $this->RandomString($i);
$one_line_comment = true;
} else if ($m == 2) {
$r .= "\r\n";
$one_line_comment = false;
} else {
$r .= "\t";
}
if ($one_line_comment) $r .= "\r\n";
return $r;
}
if ($one_line_comment) $r .= "\r\n";
return $r;
}
 
function alas_js_crypt($text) {
$tmp = '';
for ($i=0; $i<strlen($text); $i++) {
$tmp .= js_randombreaks();
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
$tmp .= js_randombreaks();
}
$tmp = js_randombreaks().$tmp.js_randombreaks();
return $tmp;
private function alas_js_crypt($text) {
$tmp = '';
for ($i=0; $i<strlen($text); $i++) {
$tmp .= $this->js_randombreaks();
$tmp .= 'document.write("&#'.ord(substr($text, $i, 1)).';");';
$tmp .= $this->js_randombreaks();
}
$tmp = $this->js_randombreaks().$tmp.$this->js_randombreaks();
return $tmp;
}
 
function alas_noscript_crypt($text){
$tmp = '';
for ($i=0; $i<strlen($text); $i++) {
$tmp .= '<span style="display:inline;">&#'.ord(substr($text, $i, 1)).';</span>';
$tmp .= '<!--'.js_randombreaks().'-->';
$tmp .= '<span style="display:none;">'.RandomString(rand(0, ALAS_GARBARGE_LENGTH)).'</span>';
}
return $tmp;
private function alas_noscript_crypt($text){
$tmp = '';
for ($i=0; $i<strlen($text); $i++) {
$tmp .= '<span style="display:inline;">&#'.ord(substr($text, $i, 1)).';</span>';
$tmp .= '<!--'.$this->js_randombreaks().'-->';
$tmp .= '<span style="display:none;">'.$this->RandomString(rand(0, $this->garbageLength)).'</span>';
}
return $tmp;
}
 
function alas_js_write($text) {
$text = str_replace('\\', '\\\\', $text);
$text = str_replace('"', '\"', $text);
$text = str_replace('/', '\/', $text); // W3C Validation </a> -> <\/a>
private function alas_js_write($text) {
$text = str_replace('\\', '\\\\', $text);
$text = str_replace('"', '\"', $text);
$text = str_replace('/', '\/', $text); // W3C Validation </a> -> <\/a>
 
$ret = '';
$ret .= js_randombreaks();
$ret .= 'document.write("'.$text.'");';
$ret .= js_randombreaks();
$ret = '';
$ret .= $this->js_randombreaks();
$ret .= 'document.write("'.$text.'");';
$ret .= $this->js_randombreaks();
 
return $ret;
return $ret;
}
 
public function secure_email($email, $linktext, $crypt_linktext)
{
// No new lines to avoid a JavaScript error!
$linktext = str_replace("\r", ' ', $linktext);
$linktext = str_replace("\n", ' ', $linktext);
 
$aus = '';
if ($email != '') {
$zid = 'ALAS-4.0-'.DecHex(crc32($email)).'-'.DecHex(crc32($linktext)).'-'.($crypt_linktext ? 'S' : 'L');
$title = 'ViaThinkSoft "ALAS" Anti-Spam';
 
$aus .= "<!-- BEGIN $title [ID $zid] -->\r\n";
$aus .= '<script language="JavaScript" type="text/javascript"><!--'."\n";
$aus .= $this->alas_js_write('<a href="');
$aus .= $this->alas_js_crypt('mailto:'.$email);
$aus .= $this->alas_js_write('">');
$aus .= $crypt_linktext ? $this->alas_js_crypt($linktext) : $this->alas_js_write($linktext);
$aus .= $this->alas_js_write('</a>').'// --></script>';
 
$aus .= '<noscript>';
if ($linktext != $email) $aus .= ($crypt_linktext ? $this->alas_noscript_crypt($linktext) : $linktext).' ';
$aus .= $this->alas_noscript_crypt("[ $email ]");
$aus .= '</noscript>';
$aus .= "\r\n<!-- END $title [ID $zid] -->\r\n";
}
 
define('ALAS_INCLUDED', true);
return $aus;
}
 
$aus = '';
if ($email != '') {
$zid = 'ALAS-4.0-'.DecHex(crc32($email)).'-'.DecHex(crc32($linktext)).'-'.($crypt_linktext ? 'S' : 'L');
$title = 'ViaThinkSoft "ALAS" Anti-Spam';
public function secure_email_autodetect($email, $linktext) {
// Automatisch erkennen, ob der $linktext für Spambots interessant ist oder nicht
$pos = strpos($linktext, '@');
 
$aus .= "<!-- BEGIN $title [ID $zid] -->\r\n";
$aus .= '<script language="JavaScript" type="text/javascript"><!--'."\n";
$aus .= alas_js_write('<a href="');
$aus .= alas_js_crypt('mailto:'.$email);
$aus .= alas_js_write('">');
$aus .= $crypt_linktext ? alas_js_crypt($linktext) : alas_js_write($linktext);
$aus .= alas_js_write('</a>').'// --></script>';
return $this->secure_email($email, $linktext, $pos !== false);
}
 
$aus .= '<noscript>';
if ($linktext != $email) $aus .= ($crypt_linktext ? alas_noscript_crypt($linktext) : $linktext).' ';
$aus .= alas_noscript_crypt("[ $email ]");
$aus .= '</noscript>';
$aus .= "\r\n<!-- END $title [ID $zid] -->\r\n";
public function secure_email_identical_text($email) {
return $this->secure_email_autodetect($email, $email);
}
 
return $aus;
}
 
function secure_email_autodetect($email, $linktext) {
// Automatisch erkennen, ob der $linktext für Spambots interessant ist oder nicht
$pos = strpos($linktext, '@');
# ------------------------------------------------------------------------------
 
return secure_email($email, $linktext, $pos !== false);
function secure_email($email, $linktext, $crypt_linktext, $css_class='') {
if (!empty($css_class)) {
// TODO
throw new Exception("CSSClass is not yet implemented in AntiSpam v4");
}
 
$antispam = new VtsAntiSpam4();
$res = $antispam->secure_email($email, $linktext, $crypt_linktext);
return $res;
}
 
function secure_email_autodetect($email, $linktext) {
$antispam = new VtsAntiSpam4();
$res = $antispam->secure_email_autodetect($email, $linktext);
return $res;
}
 
function secure_email_identical_text($email) {
return secure_email_autodetect($email, $email);
}
$antispam = new VtsAntiSpam4();
$res = $antispam->secure_email_identical_text($email);
return $res;
}
/trunk
Property changes:
Added: svn:ignore
+.phpstan.tmp
+phpstan.neon
+