getCloudAppStatus('security'); self::$securityService = Cloud::loadClass('Service_Security'); } public function common() { global $_G; if (self::$securityStatus != TRUE) { return false; } if ($_G['uid']) { $lastCookieReportTime = $this->_decodeReportTime($_G['cookie']['security_cookiereport']); if ($lastCookieReportTime < strtotime('today')) { $this->_reportLoginUser(array('uid' => $_G['uid'])); } } if ($_G['adminid'] > 0) { self::$isAdminGroup = 1; } return true; } public function global_footer() { global $_G, $_GET; if (self::$securityStatus != TRUE) { return false; } $ajaxReportScript = ''; $formhash = formhash(); if($_G['member']['allowadmincp'] == 1) { $processName = 'securityOperate'; if (self::$isAdminGroup && !discuz_process::islocked($processName, 30)) { $ajaxReportScript .= << var url = SITEURL + '/plugin.php?id=security:sitemaster'; var x = new Ajax(); x.post(url, 'formhash=$formhash', function(s){}); EOF; } $processName = 'securityNotice'; if (self::$isAdminGroup && !discuz_process::islocked($processName, 30)) { $ajaxReportScript .= << EOF; } } $processName = 'securityRetry'; $time = 10; if (!discuz_process::islocked($processName, $time)) { if (C::t('#security#security_failedlog')->count()) { $ajaxRetryScript = << var urlRetry = SITEURL + '/plugin.php?id=security:job'; var ajaxRetry = new Ajax(); ajaxRetry.post(urlRetry, 'formhash=$formhash', function(s){}); EOF; } } return $ajaxReportScript . $ajaxRetryScript; } function global_footerlink() { return '

'; } public function deletepost($param) { global $_G, $_POST; if (self::$securityStatus != TRUE) { return false; } $step = $param['step']; $param = $param['param']; $ids = $param[0]; $idType = $param[1]; $recycle = $param[4]; if ($step == 'check' && $idType == 'pid') { self::$securityService->updatePostOperate($ids, 'delete'); if ($_POST['module'] == 'security' && $_POST['method'] == 'setEvilPost') { return true; } self::$securityService->logDeletePost($ids, $_POST['reason']); } return true; } public function deletethread($param) { global $_G, $_POST; if (self::$securityStatus != TRUE) { return false; } $step = $param['step']; $param = $param['param']; $ids = $param[0]; if ($step == 'check') { self::$securityService->updateThreadOperate($ids, 'delete'); if ($_POST['module'] == 'security' && $_POST['method'] == 'setEvilPost') { return true; } self::$securityService->logDeleteThread($ids, $_POST['reason']); } return true; } public function savebanlog($param) { global $_G, $_POST; if (self::$securityStatus != TRUE) { return false; } $param = $param['param']; $username = $param[0]; $oldGid = $param[1]; $newGid = $param[2]; $reason = $param[4]; if ($_POST['formhash'] && $newGid >= 4 && $newGid < 10) { self::$securityService->logBannedMember($username, $reason); } else { self::$securityService->updateMemberRecover($username); } } public function undeletethreads($param) { $tids = $param['param'][0]; if ($tids && is_array($tids)) { self::$securityService->updateThreadOperate($tids, 'recover'); } } public function recyclebinpostundelete ($param) { $pids = $param['param'][0]; if ($pids && is_array($pids)) { self::$securityService->updatePostOperate($pids, 'recover'); } } public function deletemember($param) { $uids = $param['param'][0]; $step = $param['step']; if ($step == 'check' && $uids && is_array($uids)) { self::$securityService->updateMemberOperate($uids, 'delete'); } } protected function _decodeReportTime($time) { if (!$time) { return 0; } return authcode($time); } protected function _encodeReportTime($time) { if (!$time) { return 0; } return authcode($time, 'ENCODE'); } protected function _reportRegisterUser($param) { global $_G; if (!$param['uid'] && !$_G['uid']) { return false; } else { $param['uid'] = $_G['uid']; } $this->secLog('USERREG-UID', $param['uid']); self::$securityService->reportRegister($param['uid']); $this->_retryReport(); } protected function _reportLoginUser($param) { global $_G; if (!$param['uid'] && !$_G['uid']) { return false; } else { $param['uid'] = $_G['uid']; } $this->secLog('USERLOG-UID', $param['uid']); self::$securityService->reportLogin($param['uid']); $this->_retryReport(); $cookieTime = 43200; dsetcookie('security_cookiereport', $this->_encodeReportTime($_G['timestamp']), $cookieTime, 1); return true; } protected function _reportMobileLoginUser($param) { if (!$param['username']) { return false; } $username = $param['username']; $result = C::t('common_member')->fetch_by_username($username); return $this->_reportLoginUser($result); } protected function _reportNewThread($param) { global $_G; if (!$param['pid'] || !$param['tid']) { return false; } $this->secLog('NEWTHREAD-TID', $param['tid']); $tid = $param['tid']; $pid = $param['pid']; self::$securityService->reportPost('new', $tid, $pid, $extra, $param['isFollow']); $this->_retryReport(); return true; } protected function _reportNewPost($param) { global $_G; if (!$param['pid'] || !$param['tid']) { return false; } $this->secLog('NEWPOST-PID', $param['pid']); $tid = $param['tid']; $pid = $param['pid']; self::$securityService->reportPost('new', $tid, $pid, $extra, $param['isFollow']); $this->_retryReport(); return true; } protected function _reportEditPost($param) { global $_G; if (!$param['pid'] || !$param['tid']) { return false; } $this->secLog('EDITPOST-PID', $param['pid']); $tid = $param['tid']; $pid = $param['pid']; self::$securityService->reportPost('edit', $tid, $pid, $extra, $param['isFollow']); $this->_retryReport(); return true; } protected function _retryReport() { return self::$securityService->retryReportData(); } public function secLog($type, $data) { global $_G; if (self::$securityStatus != TRUE) { return false; } if (!self::DEBUG) { return false; } } public function getMergeAction() { return array_merge(self::$postReportAction, self::$userReportAction); } } class plugin_security_forum extends plugin_security { public function post_security(){ return true; } public function post_report_message($param) { global $_G, $extra, $redirecturl; if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; if (in_array($param['message'], self::$postReportAction)) { switch ($param['message']) { case 'post_newthread_succeed': case 'post_newthread_mod_succeed': $this->_reportNewThread($param['values']); break; case 'post_edit_succeed': case 'edit_reply_mod_succeed': case 'edit_newthread_mod_succeed': $this->_reportEditPost($param['values']); break; case 'post_reply_succeed': case 'post_reply_mod_succeed': $this->_reportNewPost($param['values']); default:break; } } } } class plugin_security_group extends plugin_security_forum {} class plugin_security_home extends plugin_security_forum { public function spacecp_follow_report_message($param) { global $_G, $extra, $redirecturl; if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; $param['values']['isFollow'] = 1; if (in_array($param['message'], self::$postReportAction)) { switch ($param['message']) { case 'post_newthread_succeed': case 'post_newthread_mod_succeed': $this->_reportNewThread($param['values']); break; case 'post_edit_succeed': case 'edit_reply_mod_succeed': case 'edit_newthread_mod_succeed': $this->_reportEditPost($param['values']); break; case 'post_reply_succeed': case 'post_reply_mod_succeed': $this->_reportNewPost($param['values']); default:break; } } } } class plugin_security_member extends plugin_security { public function logging_report_message($param) { global $_G; if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; if (in_array($param['message'], self::$userReportAction)) { if (!$param['values']['uid']) { $this->_reportLoginUser($param['values']); } else { $this->_reportMobileLoginUser($param['values']); } } } public function register_report_message($param) { if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; if (in_array($param['message'], self::$userReportAction)) { $this->_reportRegisterUser($param['values']); } } public function connect_report_message($param) { global $_G; if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; if (($_POST['regsubmit'] || $_POST['loginsubmit']) && $_POST['formhash']) { if ($_POST['loginsubmit']) { $this->_reportLoginUser($_G['member']); } else { $this->_reportRegisterUser($param['values']); } } } } class mobileplugin_security extends plugin_security {} class mobileplugin_security_forum extends plugin_security_forum {} class mobileplugin_security_member extends plugin_security_member {} class plugin_security_connect extends plugin_security_member { public function login_report_message($param) { if (self::$securityStatus != TRUE) { return false; } $param['message'] = $param['param'][0]; $param['values'] = $param['param'][2]; if (in_array($param['message'], self::$userReportAction)) { switch ($param['message']) { case login_succeed: case location_login_succeed: case location_login_succeed_mobile: $this->_reportMobileLoginUser($param['values']); default:break; } } } }