OSDN > Find Software > Communications > Nucleus日本語版 > SCM > git > nucleus-plugins > Commit

Nucleus日本語版
Fork
nucleus-next
nucleus-jp-ancient
nucleus-plugins

R/O
HTTP
SSH
HTTPS

nucleus-plugins: Commit

Nucleus CMS日本語版用プラグインのうち、日本語版開発者がサポートしているもの

Commit MetaInfo

Revision	4b9800b35c33fae6aa561909e87cc7d027cea372 (tree)
Time	2006-10-18 00:37:58
Author	hsur <hsur@1ca2...>
Commiter	hsur

Log Message

Ticket処理を追加

git-svn-id: https://svn.sourceforge.jp/svnroot/nucleus-jp/plugin@457 1ca29b6e-896d-4ea0-84a5-967f57386b96

Change Summary

modified: trunk/NP_Blacklist/NP_Blacklist.php (diff)
modified: trunk/NP_Blacklist/blacklist/blacklist_lib.php (diff)
modified: trunk/NP_Blacklist/blacklist/cache_eaccelerator.php (diff)
modified: trunk/NP_Blacklist/blacklist/help.html (diff)
modified: trunk/NP_Blacklist/blacklist/index.php (diff)

Incremental Difference

--- a/trunk/NP_Blacklist/NP_Blacklist.php

+++ b/trunk/NP_Blacklist/NP_Blacklist.php

		@@ -110,10 +110,7 @@ class NP_Blacklist extends NucleusPlugin {
110	110
111	111	function getEventList() {
112	112	$this->_initSettings();
113		-// cles::blog
114		- //return array('QuickMenu','PreAddComment','PreSkinParse','ValidateForm', 'SpamCheck');
115		- return array('QuickMenu', 'SpamCheck', 'PreSkinParse');
116		-// cles::blog
	113	+ return array('QuickMenu','PreAddComment','PreSkinParse','ValidateForm', 'SpamCheck');
117	114	}
118	115
119	116	function hasAdminArea() {

--- a/trunk/NP_Blacklist/blacklist/blacklist_lib.php

+++ b/trunk/NP_Blacklist/blacklist/blacklist_lib.php

		@@ -199,21 +199,22 @@ function is_domain($stheDomain) {
199	199
200	200
201	201	function pbl_nucmenu() {
	202	+ global $manager;
202	203	echo "<h2>Blacklist menu</h2>\n";
203	204	echo "<ul>\n";
204		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=blacklist\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Blacklist Editor</a></li>\n";
205		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=log\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_log.gif\" /> Blacklist Log</a></li>\n";
206		- echo "<li><a href=\"".dirname(serverVar('PHP_SELF'))."/../../index.php?action=pluginoptions&plugid=".getPlugid()."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_prefs.gif\" /> Blacklist options</a></li>\n";
207		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=testpage\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Test Blacklist</a></li>\n";
208		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=showipblock\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_log.gif\" /> Show blocked ip addresses</a></li>\n";
209		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=htaccess\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Generate .htaccess snippets</a></li>\n";
210		- echo "<li><a href=\"".serverVar('PHP_SELF')."?page=spamsubmission\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Spam submission (Bulkfeeds)</a></li>\n";
	205	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=blacklist"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Blacklist Editor</a></li>\n";
	206	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=log"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_log.gif\" /> Blacklist Log</a></li>\n";
	207	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(dirname(serverVar('PHP_SELF'))."/../../index.php?action=pluginoptions&plugid=".getPlugid()),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_prefs.gif\" /> Blacklist options</a></li>\n";
	208	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=testpage"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Test Blacklist</a></li>\n";
	209	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=showipblock"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_log.gif\" /> Show blocked ip addresses</a></li>\n";
	210	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=htaccess"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Generate .htaccess snippets</a></li>\n";
	211	+ echo "<li><a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=spamsubmission"),ENT_QUOTES)."\"><img src=\"".dirname(serverVar('PHP_SELF'))."/icons/i_edit.gif\" /> Spam submission (Bulkfeeds)</a></li>\n";
211	212	echo "</ul>\n";
212	213	}
213	214
214	215	function pbl_blacklisteditor() {
215	216
216		- global $pblmessage;
	217	+ global $pblmessage, $manager;
217	218
218	219	if(strlen($pblmessage) > 0) {
219	220	echo "<div class=\"pblmessage\">$pblmessage</div>\n";

		@@ -255,7 +256,9 @@ function pbl_blacklisteditor() {
255	256	echo "</div>\n";
256	257	echo "<div class=\"pbform\">\n";
257	258	echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"get\">\n";
258		- echo "<input type=\"hidden\" name=\"page\" value=\"addpersonal\" />\n";
	259	+ $manager->addTicketHidden();
	260	+
	261	+ echo "<input type=\"hidden\" name=\"action\" value=\"addpersonal\" />\n";
259	262	echo "<table class=\"pblform\">\n";
260	263	echo "<tr>\n";
261	264	echo "<td>expression</td>\n";

		@@ -295,7 +298,7 @@ function pbl_blacklisteditor() {
295	298	echo "<td>".htmlspecialchars($key,ENT_QUOTES)."</td>\n";
296	299	echo "<td>".htmlspecialchars($value,ENT_QUOTES)."</td>\n";
297	300	echo "<td>";
298		- echo "<a href=\"".serverVar('PHP_SELF')."?page=deleteexpression&line=".$line."\">delete</a>";
	301	+ echo "<a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=deleteexpression&line=".$line),ENT_QUOTES)."\">delete</a>";
299	302	echo "</td>";
300	303	echo "</tr>\n";
301	304	}

		@@ -335,6 +338,7 @@ function pbl_addexpression($expression, $comment) {
335	338	}
336	339	fwrite($handle, $expression."\n");
337	340	fclose($handle);
	341	+
338	342	}
339	343	}
340	344

		@@ -419,6 +423,7 @@ function pbl_log($text) {
419	423
420	424
421	425	function pbl_logtable() {
	426	+ global $manager;
422	427	if (file_exists(__WEBLOG_ROOT.__EXT."/settings/blacklist.log")) {
423	428	$handle = fopen(__WEBLOG_ROOT.__EXT."/settings/blacklist.log", "r");
424	429	$logrows = "";

		@@ -452,8 +457,10 @@ function pbl_logtable() {
452	457	}
453	458	echo "<div class=\"pbform\" style=\"margin-left:10px;\">\n";
454	459	echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"get\">\n";
455		- echo "<input type=\"hidden\" name=\"page\" value=\"resetlog\" />\n";
	460	+ echo "<input type=\"hidden\" name=\"action\" value=\"resetlog\" />\n";
456	461	echo "<input type=\"submit\" value=\"Reset log\" />\n";
	462	+ $manager->addTicketHidden();
	463	+
457	464	echo "</form>\n";
458	465	echo "</div>\n";
459	466	}

		@@ -628,13 +635,15 @@ function pbl_suspectIP($threshold, $remote_ip = '') {
628	635	}
629	636
630	637	function pbl_showipblock() {
631		- global $pblmessage;
	638	+ global $pblmessage, $manager;
632	639	$filename = __WEBLOG_ROOT.__EXT."/settings/blockip.pbl";
633	640	$line = 0;
634	641	$fp = fopen($filename,'r');
635	642	echo "<div class=\"pbform\">\n";
636	643	echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"get\">\n";
637		- echo "<input type=\"hidden\" name=\"page\" value=\"addip\" />\n";
	644	+ echo "<input type=\"hidden\" name=\"action\" value=\"addip\" />\n";
	645	+ $manager->addTicketHidden();
	646	+
638	647	echo "Add IP to block: ";
639	648	echo "<input class=\"pbltextinput\" type=\"text\" name=\"ipaddress\" />\n";
640	649	echo "<input type=\"submit\" value=\"Add\" />\n";

		@@ -652,7 +661,8 @@ function pbl_showipblock() {
652	661	echo "<tr><td>".$ip."</td><td>[".gethostbyaddr(rtrim($ip))."]</td><td>";
653	662	else
654	663	echo "<tr><td>".$ip."</td><td>[<em>skipped</em>]</td><td>";
655		- echo "<a href=\"".serverVar('PHP_SELF')."?page=deleteipblock&line=".$line."\">delete</a>";
	664	+ // TODO: aaa
	665	+ echo "<a href=\"".htmlspecialchars($manager->addTicketToUrl(serverVar('PHP_SELF')."?action=deleteipblock&line=".$line),ENT_QUOTES)."\">delete</a>";
656	666	echo "</td></tr>";
657	667	}
658	668	echo "</table>";

		@@ -725,7 +735,7 @@ function pbl_htaccess($type) {
725	735	}
726	736
727	737	function pbl_htaccesspage() {
728		- global $pblmessage;
	738	+ global $pblmessage, $manager;
729	739	if(strlen($pblmessage) > 0) {
730	740	echo "<div class=\"pblmessage\">$pblmessage</div>\n";
731	741	}

		@@ -739,11 +749,13 @@ function pbl_htaccesspage() {
739	749	}
740	750	echo "<div class=\"pbform\" style=\"margin-left:10px;\">\n";
741	751	echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"post\">\n";
	752	+ $manager->addTicketHidden();
	753	+
742	754	echo "<input type=\"submit\" label=\"ip\" value=\"Generate blocked IP's\" name=\"type\" />\n";
743	755	echo "<input type=\"submit\" label=\"ip\" value=\"Generate rewrite rules\" name=\"type\" />\n";
744	756	echo "<br />";
745	757	echo "<br />";
746		- echo "<input type=\"hidden\" name=\"page\" value=\"htaccess\" />\n";
	758	+ echo "<input type=\"hidden\" name=\"action\" value=\"htaccess\" />\n";
747	759	echo "<textarea class=\"pbltextinput\" cols=\"60\" rows=\"15\" name=\"snippet\" >". pbl_htaccess($type)."</textarea><br />";
748	760	echo "<br />";
749	761	echo "<input title=\"this will clean your block IP addresses file\" type=\"submit\" label=\"ip\" value=\"Reset blocked IP's\" name=\"type\" />\n";

		@@ -795,6 +807,8 @@ function pbl_test () {
795	807	}
796	808
797	809	function pbl_testpage () {
	810	+ global $manager;
	811	+
798	812	// shows user testpage ...
799	813	global $pblmessage;
800	814	if(strlen($pblmessage) > 0) {

		@@ -802,7 +816,9 @@ function pbl_testpage () {
802	816	}
803	817	echo "<div class=\"pbform\" style=\"margin-left:10px;\">\n";
804	818	echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"get\">\n";
805		- echo "<input type=\"hidden\" name=\"page\" value=\"test\" />\n";
	819	+ echo "<input type=\"hidden\" name=\"action\" value=\"test\" />\n";
	820	+ $manager->addTicketHidden();
	821	+
806	822	echo "<textarea class=\"pbltextinput\" cols=\"60\" rows=\"6\" name=\"expression\" ></textarea><br />";
807	823	echo "<input type=\"submit\" value=\"Test this\" />\n";
808	824	echo "</form>\n";

		@@ -810,8 +826,13 @@ function pbl_testpage () {
810	826	}
811	827
812	828	function pbl_spamsubmission_form() {
	829	+ global $manager;
	830	+
813	831	// form
814		- echo "<form action=\"".serverVar('PHP_SELF')."?page=spamsubmission&action=send\" method=\"post\">\n";
	832	+ echo "<form action=\"".serverVar('PHP_SELF')."\" method=\"post\">\n";
	833	+ echo "<input type=\"hidden\" name=\"action\" value=\"spamsubmission\" />\n";
	834	+ echo "<input type=\"hidden\" name=\"type\" value=\"send\" />\n";
	835	+ $manager->addTicketHidden();
815	836
816	837	// table
817	838	echo "<table>\n";

--- a/trunk/NP_Blacklist/blacklist/cache_eaccelerator.php

+++ b/trunk/NP_Blacklist/blacklist/cache_eaccelerator.php

		@@ -1,10 +1,10 @@
1	1	<?php
2	2
3	3	/**
4		-* cache_eaccelerator.php ($Revision: 1.2 $)
	4	+* cache_eaccelerator.php ($Revision: 1.3 $)
5	5	*
6	6	* by hsur ( http://blog.cles.jp/np_cles )
7		-* $Id: cache_eaccelerator.php,v 1.2 2006-09-30 11:46:18 hsur Exp $
	7	+* $Id: cache_eaccelerator.php,v 1.3 2006-10-17 15:37:58 hsur Exp $
8	8	*/
9	9
10	10	function pbl_ipcache_write(){

		@@ -43,4 +43,4 @@ function pbl_ipcache_gc(){
43	43
44	44	return $lastGc;
45	45	}
46		-?>
		\ No newline at end of file
	46	+?>

--- a/trunk/NP_Blacklist/blacklist/help.html

+++ b/trunk/NP_Blacklist/blacklist/help.html

		@@ -3,6 +3,7 @@
3	3	<ul>
4	4	<li>Version 0.98 jp9: (2006//)</li>
5	5	<li>　[Changed] 正規表現に/m修飾子を追加</li>
	6	+ <li>　[Added] Ticket処理を追加(CSRF対策)</li>
6	7	</ul>
7	8
8	9	<ul>

--- a/trunk/NP_Blacklist/blacklist/index.php

+++ b/trunk/NP_Blacklist/blacklist/index.php

		@@ -21,10 +21,14 @@
21	21	$oPluginAdmin->end();
22	22	exit;
23	23	}
24		-
25		-
26		- if (isset($_GET['page'])) {$action = $_GET['page'];}
27		- if (isset($_POST['page'])) {$action = $_POST['page'];}
	24	+
	25	+ $action = requestVar('action');
	26	+ $aActionsNotToCheck = array(
	27	+ '',
	28	+ );
	29	+ if (!in_array($action, $aActionsNotToCheck)) {
	30	+ if (!$manager->checkTicket()) doError(_ERROR_BADTICKET);
	31	+ }
28	32
29	33	// Okay; we are allowed. let's go
30	34	// create the admin area page

		@@ -100,13 +104,13 @@
100	104	echo "<h2>Here you can generate .htaccess snippets</h2>";
101	105	pbl_htaccesspage();
102	106	} elseif ($action == 'spamsubmission') {
103		- if( $_REQUEST['action'] == 'send' && !empty($_REQUEST['url']) ){
104		- $result = $oPluginAdmin->plugin->submitSpamToBulkfeeds($_REQUEST['url']);
	107	+ $url = requestVar('url');
	108	+ if( requestVar('type') == 'send' && ! empty($url) ){
	109	+ $result = $oPluginAdmin->plugin->submitSpamToBulkfeeds( $url );
105	110
106	111	echo "<h2>Spam submission</h2>";
107	112	echo "<h3>result</h3>";
108		- echo "<pre>" . htmlspecialchars($result) . "</pre>";
109		-
	113	+ echo "<pre>" . htmlspecialchars($result, ENT_QUOTES) . "</pre>";
110	114	} else {
111	115	echo "<h2>Spam submission</h2>";
112	116	pbl_spamsubmission_form();

Show on old repository browser