iSharkFly-Open
/
DiscuzX
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
DiscuzX/upload/source/plugin/security/security.class.php

444 lines
12 KiB
PHP
Raw Blame History

<?php
/**
* [Discuz! X] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: security.class.php 33945 2013-09-05 01:48:02Z nemohou $
*/
if(!defined('IN_DISCUZ')) {
exit('Access Denied');
}
class plugin_security {
const DEBUG = 0;
protected static $postReportAction = array('post_newthread_succeed', 'post_edit_succeed', 'post_reply_succeed',
'post_newthread_mod_succeed', 'post_newthread_mod_succeed', 'post_reply_mod_succeed',
'edit_reply_mod_succeed', 'edit_newthread_mod_succeed');
protected static $userReportAction = array('login_succeed', 'register_succeed', 'location_login_succeed_mobile',
'location_login_succeed', 'register_succeed_location', 'register_email_verify',
'register_manual_verify', 'login_succeed_inactive_member');
protected static $hookMoudle = array('post', 'logging', 'register');
protected static $isAdminGroup = 0;
protected static $cloudAppService;
protected static $securityService;
protected static $securityStatus;
public function __construct() {
self::$cloudAppService = Cloud::loadClass('Service_App');
self::$securityStatus = self::$cloudAppService->getCloudAppStatus('security');
self::$securityService = Cloud::loadClass('Service_Security');
}
public function common() {
global $_G;
if (self::$securityStatus != TRUE) {
return false;
}
if ($_G['uid']) {
$lastCookieReportTime = $this->_decodeReportTime($_G['cookie']['security_cookiereport']);
if ($lastCookieReportTime < strtotime('today')) {
$this->_reportLoginUser(array('uid' => $_G['uid']));
}
}
if ($_G['adminid'] > 0) {
self::$isAdminGroup = 1;
}
return true;
}
public function global_footer() {
global $_G, $_GET;
if (self::$securityStatus != TRUE) {
return false;
}
$ajaxReportScript = '';
$formhash = formhash();
if($_G['member']['allowadmincp'] == 1) {
$processName = 'securityOperate';
if (self::$isAdminGroup && !discuz_process::islocked($processName, 30)) {
$ajaxReportScript .= <<<EOF
<script type='text/javascript'>
var url = SITEURL + '/plugin.php?id=security:sitemaster';
var x = new Ajax();
x.post(url, 'formhash=$formhash', function(s){});
</script>
EOF;
}
$processName = 'securityNotice';
if (self::$isAdminGroup && !discuz_process::islocked($processName, 30)) {
$ajaxReportScript .= <<<EOF
<div class="focus plugin" id="evil_notice"></div>
<script type='text/javascript'>
var url = SITEURL + '/plugin.php?id=security:evilnotice&formhash=$formhash';
ajaxget(url, 'evil_notice', '');
</script>
EOF;
}
}
$processName = 'securityRetry';
$time = 10;
if (!discuz_process::islocked($processName, $time)) {
if (C::t('#security#security_failedlog')->count()) {
$ajaxRetryScript = <<<EOF
<script type='text/javascript'>
var urlRetry = SITEURL + '/plugin.php?id=security:job';
var ajaxRetry = new Ajax();
ajaxRetry.post(urlRetry, 'formhash=$formhash', function(s){});
</script>
EOF;
}
}
return $ajaxReportScript . $ajaxRetryScript;
}
function global_footerlink() {
return '&nbsp;<a href="http://discuz.qq.com/service/security" target="_blank" title="'.lang('plugin/security', 'title').'"><img src="static/image/common/security.png"></a>';
}
public function deletepost($param) {
global $_G, $_POST;
if (self::$securityStatus != TRUE) {
return false;
}
$step = $param['step'];
$param = $param['param'];
$ids = $param[0];
$idType = $param[1];
$recycle = $param[4];
if ($step == 'check' && $idType == 'pid') {
self::$securityService->updatePostOperate($ids, 'delete');
if ($_POST['module'] == 'security' && $_POST['method'] == 'setEvilPost') {
return true;
}
self::$securityService->logDeletePost($ids, $_POST['reason']);
}
return true;
}
public function deletethread($param) {
global $_G, $_POST;
if (self::$securityStatus != TRUE) {
return false;
}
$step = $param['step'];
$param = $param['param'];
$ids = $param[0];
if ($step == 'check') {
self::$securityService->updateThreadOperate($ids, 'delete');
if ($_POST['module'] == 'security' && $_POST['method'] == 'setEvilPost') {
return true;
}
self::$securityService->logDeleteThread($ids, $_POST['reason']);
}
return true;
}
public function savebanlog($param) {
global $_G, $_POST;
if (self::$securityStatus != TRUE) {
return false;
}
$param = $param['param'];
$username = $param[0];
$oldGid = $param[1];
$newGid = $param[2];
$reason = $param[4];
if ($_POST['formhash'] && $newGid >= 4 && $newGid < 10) {
self::$securityService->logBannedMember($username, $reason);
} else {
self::$securityService->updateMemberRecover($username);
}
}
public function undeletethreads($param) {
$tids = $param['param'][0];
if ($tids && is_array($tids)) {
self::$securityService->updateThreadOperate($tids, 'recover');
}
}
public function recyclebinpostundelete ($param) {
$pids = $param['param'][0];
if ($pids && is_array($pids)) {
self::$securityService->updatePostOperate($pids, 'recover');
}
}
public function deletemember($param) {
$uids = $param['param'][0];
$step = $param['step'];
if ($step == 'check' && $uids && is_array($uids)) {
self::$securityService->updateMemberOperate($uids, 'delete');
}
}
protected function _decodeReportTime($time) {
if (!$time) {
return 0;
}
return authcode($time);
}
protected function _encodeReportTime($time) {
if (!$time) {
return 0;
}
return authcode($time, 'ENCODE');
}
protected function _reportRegisterUser($param) {
global $_G;
if (!$param['uid'] && !$_G['uid']) {
return false;
} else {
$param['uid'] = $_G['uid'];
}
$this->secLog('USERREG-UID', $param['uid']);
self::$securityService->reportRegister($param['uid']);
$this->_retryReport();
}
protected function _reportLoginUser($param) {
global $_G;
if (!$param['uid'] && !$_G['uid']) {
return false;
} else {
$param['uid'] = $_G['uid'];
}
$this->secLog('USERLOG-UID', $param['uid']);
self::$securityService->reportLogin($param['uid']);
$this->_retryReport();
$cookieTime = 43200;
dsetcookie('security_cookiereport', $this->_encodeReportTime($_G['timestamp']), $cookieTime, 1);
return true;
}
protected function _reportMobileLoginUser($param) {
if (!$param['username']) {
return false;
}
$username = $param['username'];
$result = C::t('common_member')->fetch_by_username($username);
return $this->_reportLoginUser($result);
}
protected function _reportNewThread($param) {
global $_G;
if (!$param['pid'] || !$param['tid']) {
return false;
}
$this->secLog('NEWTHREAD-TID', $param['tid']);
$tid = $param['tid'];
$pid = $param['pid'];
self::$securityService->reportPost('new', $tid, $pid, $extra, $param['isFollow']);
$this->_retryReport();
return true;
}
protected function _reportNewPost($param) {
global $_G;
if (!$param['pid'] || !$param['tid']) {
return false;
}
$this->secLog('NEWPOST-PID', $param['pid']);
$tid = $param['tid'];
$pid = $param['pid'];
self::$securityService->reportPost('new', $tid, $pid, $extra, $param['isFollow']);
$this->_retryReport();
return true;
}
protected function _reportEditPost($param) {
global $_G;
if (!$param['pid'] || !$param['tid']) {
return false;
}
$this->secLog('EDITPOST-PID', $param['pid']);
$tid = $param['tid'];
$pid = $param['pid'];
self::$securityService->reportPost('edit', $tid, $pid, $extra, $param['isFollow']);
$this->_retryReport();
return true;
}
protected function _retryReport() {
return self::$securityService->retryReportData();
}
public function secLog($type, $data) {
global $_G;
if (self::$securityStatus != TRUE) {
return false;
}
if (!self::DEBUG) {
return false;
}
}
public function getMergeAction() {
return array_merge(self::$postReportAction, self::$userReportAction);
}
}
class plugin_security_forum extends plugin_security {
public function post_security(){
return true;
}
public function post_report_message($param) {
global $_G, $extra, $redirecturl;
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
if (in_array($param['message'], self::$postReportAction)) {
switch ($param['message']) {
case 'post_newthread_succeed':
case 'post_newthread_mod_succeed':
$this->_reportNewThread($param['values']);
break;
case 'post_edit_succeed':
case 'edit_reply_mod_succeed':
case 'edit_newthread_mod_succeed':
$this->_reportEditPost($param['values']);
break;
case 'post_reply_succeed':
case 'post_reply_mod_succeed':
$this->_reportNewPost($param['values']);
default:break;
}
}
}
}
class plugin_security_group extends plugin_security_forum {}
class plugin_security_home extends plugin_security_forum {
public function spacecp_follow_report_message($param) {
global $_G, $extra, $redirecturl;
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
$param['values']['isFollow'] = 1;
if (in_array($param['message'], self::$postReportAction)) {
switch ($param['message']) {
case 'post_newthread_succeed':
case 'post_newthread_mod_succeed':
$this->_reportNewThread($param['values']);
break;
case 'post_edit_succeed':
case 'edit_reply_mod_succeed':
case 'edit_newthread_mod_succeed':
$this->_reportEditPost($param['values']);
break;
case 'post_reply_succeed':
case 'post_reply_mod_succeed':
$this->_reportNewPost($param['values']);
default:break;
}
}
}
}
class plugin_security_member extends plugin_security {
public function logging_report_message($param) {
global $_G;
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
if (in_array($param['message'], self::$userReportAction)) {
if (!$param['values']['uid']) {
$this->_reportLoginUser($param['values']);
} else {
$this->_reportMobileLoginUser($param['values']);
}
}
}
public function register_report_message($param) {
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
if (in_array($param['message'], self::$userReportAction)) {
$this->_reportRegisterUser($param['values']);
}
}
public function connect_report_message($param) {
global $_G;
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
if (($_POST['regsubmit'] || $_POST['loginsubmit']) && $_POST['formhash']) {
if ($_POST['loginsubmit']) {
$this->_reportLoginUser($_G['member']);
} else {
$this->_reportRegisterUser($param['values']);
}
}
}
}
class mobileplugin_security extends plugin_security {}
class mobileplugin_security_forum extends plugin_security_forum {}
class mobileplugin_security_member extends plugin_security_member {}
class plugin_security_connect extends plugin_security_member {
public function login_report_message($param) {
if (self::$securityStatus != TRUE) {
return false;
}
$param['message'] = $param['param'][0];
$param['values'] = $param['param'][2];
if (in_array($param['message'], self::$userReportAction)) {
switch ($param['message']) {
case login_succeed:
case location_login_succeed:
case location_login_succeed_mobile:
$this->_reportMobileLoginUser($param['values']);
default:break;
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink