/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wp-hashcash-js.php |
---|
New file |
0,0 → 1,94 |
<?php |
ob_start("ob_gzhandler"); |
require_once(realpath(dirname(__FILE__) . '/') . '/secret/wp-hashcash.lib'); |
$field_id = hashcash_random_string(rand(6,18)); |
$fn_enable_name = hashcash_random_string(rand(6,18)); |
?> |
addLoadEvent(<?php echo $fn_enable_name; ?>); |
function createHiddenField(){ |
var inp = document.createElement('input'); |
inp.setAttribute('type', 'hidden'); |
inp.setAttribute('id', '<?php echo $field_id; ?>'); |
inp.setAttribute('name', 'hashcash_value'); |
inp.setAttribute('value', '-1'); |
var e = document.getElementById('<?php echo HASHCASH_FORM_ID; ?>'); |
e.appendChild(inp); |
} |
function addVerbage(){ |
var e = getElementsByClass('<?php echo HASHCASH_FORM_CLASS; ?>'); |
var p = document.createElement('p'); |
p.innerHTML = '<?php echo str_replace("'", "\'", hashcash_verbage()); ?>'; |
e[0].appendChild(p); |
} |
function <?php echo $fn_enable_name;?>(){ |
createHiddenField(); |
addVerbage(); |
loadHashCashKey('<?php |
echo $_GET['siteurl']; ?>/tools/hashcash/wp-hashcash-getkey.php', '<?php echo $field_id; ?>'); |
} |
function loadHashCashKey(fragment_url, e_id) { |
var xmlhttp=createXMLHttp(); |
var element = document.getElementById(e_id); |
xmlhttp.open("GET", fragment_url, true); |
xmlhttp.onreadystatechange = function() { |
if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { |
element.value = eval(xmlhttp.responseText); |
} |
} |
xmlhttp.send(null); |
} |
function getElementsByClass(searchClass,node,tag) { |
var classElements = new Array(); |
if ( node == null ) |
node = document; |
if ( tag == null ) |
tag = '*'; |
var els = node.getElementsByTagName(tag); |
var elsLen = els.length; |
var pattern = new RegExp("(^|\\s)"+searchClass+"(\\s|$)"); |
for (i = 0, j = 0; i < elsLen; i++) { |
if ( pattern.test(els[i].className) ) { |
classElements[j] = els[i]; |
j++; |
} |
} |
return classElements; |
} |
function createXMLHttp() { |
if (typeof XMLHttpRequest != "undefined") |
return new XMLHttpRequest(); |
var xhrVersion = [ "MSXML2.XMLHttp.5.0", "MSXML2.XMLHttp.4.0","MSXML2.XMLHttp.3.0", "MSXML2.XMLHttp","Microsoft.XMLHttp" ]; |
for (var i = 0; i < xhrVersion.length; i++) { |
try { |
var xhrObj = new ActiveXObject(xhrVersion[i]); |
return xhrObj; |
} catch (e) { } |
} |
return null; |
} |
function addLoadEvent(func) { |
var oldonload = window.onload; |
if (typeof window.onload != 'function') { |
window.onload = func; |
} else { |
window.onload = function() { |
func(); |
oldonload(); |
} |
} |
} |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wiki.php |
---|
New file |
0,0 → 1,23 |
<?php |
// Partie publique |
if (!defined("WIKINI_VERSION")) |
{ |
die ("accès direct interdit"); |
} |
$wikiClasses [] = 'Hashcash'; |
$wikiClassesContent [] = ' |
function FormOpen($method = "", $tag = "", $formMethod = "post") { |
if (ereg("edit$", $this->href($method, $tag))) { |
$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n"; |
} else { |
$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n"; |
} |
if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"wiki\" value=\"".$this->MiniHref($method, $tag)."\" />\n"; |
return $result; |
} |
'; |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/desc.xml |
---|
New file |
0,0 → 1,6 |
<?xml version="1.0" encoding="ISO-8859-1"?> |
<plugin name="wkhasshcash" version="0.1" active="1"> |
<author>David</author> |
<label>Hashcash adaptation pour wikini</label> |
<desc>Hashcash adaptation pour wikini</desc> |
</plugin> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/index.php |
---|
New file |
0,0 → 1,12 |
<?php |
// index.php |
// Administration de l'extension : initialisations (tables, fichier de configuration) , information etc. : toutes |
// opérations réservées à l'administrateur technique de Wikini. |
// Vérification de sécurité |
if (!defined("TOOLS_MANAGER")) |
{ |
die ("accès direct interdit"); |
} |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/__edit.php |
---|
New file |
0,0 → 1,22 |
<?php |
/* |
*/ |
if (!defined("WIKINI_VERSION")) |
{ |
die ("accès direct interdit"); |
} |
if ($this->HasAccess("write") && $this->HasAccess("read")) |
{ |
if ($_POST["submit"] == 'Sauver') { |
require_once('tools/hashcash/secret/wp-hashcash.lib'); |
if($_POST["hashcash_value"] != hashcash_field_value()) { |
$this->SetMessage("Cette page n\'a pas été enregistrée car ce wiki pense que vous etes un robot !"); |
$this->Redirect($this->href()); |
} |
} |
} |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/edit__.php |
---|
New file |
0,0 → 1,56 |
<?php |
/* |
*/ |
if (!defined("WIKINI_VERSION")) |
{ |
die ("accès direct interdit"); |
} |
if ($this->HasAccess("write") && $this->HasAccess("read")) |
{ |
// Edition |
if ($_POST["submit"] != 'Aperçu' && $_POST["submit"] != 'Sauver') { |
require_once('tools/hashcash/secret/wp-hashcash.lib'); |
// UPDATE RANDOM SECRET |
$curr = @file_get_contents(HASHCASH_SECRET_FILE); |
if(empty($curr) || (time() - @filemtime(HASHCASH_SECRET_FILE)) > HASHCASH_REFRESH){ |
// update our secret |
$fp = fopen(HASHCASH_SECRET_FILE, 'w'); |
if(@flock($fp, LOCK_EX)){ |
fwrite($fp, rand(21474836, 2126008810)); |
@flock($fp, LOCK_UN); |
} |
fclose($fp); |
} |
if (substr($this->config['base_url'],0,4)!="http") { // Wakka.config mal configure |
$base_url="http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "?wiki=" : ""); |
$a = parse_url($base_url); |
} |
else { |
$a = parse_url($this->config['base_url']); |
} |
$siteurl = ($a['scheme'].'://'.$a['host'].dirname($a['path'])); |
$ChampsHashcash = |
'<script type="text/javascript" src="' . $siteurl . '/tools/hashcash/wp-hashcash-js.php?siteurl='.$siteurl.'"></script>'; |
$plugin_output_new=preg_replace ('/\<input name=\"submit\" type=\"submit\" value=\"Sauver\"/', |
$ChampsHashcash.'<input name="submit" type="submit" value="Sauver"', $plugin_output_new); |
} |
} |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/__addcomment.php |
---|
New file |
0,0 → 1,11 |
<?php |
if (!defined("WIKINI_VERSION")) |
{ |
die ("accès direct interdit"); |
} |
$this->SetMessage("Commentaires desactives"); |
$this->Redirect($this->href()); |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wp-hashcash-getkey.php |
---|
New file |
0,0 → 1,149 |
<?php |
require_once(realpath(dirname(__FILE__) . '/') . '/secret/wp-hashcash.lib'); |
header("Pragma: no-cache"); |
header("Expires: 0"); |
header("Cache-Control: no-store, no-cache, must-revalidate"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
$expired = array(); |
$function_name = hashcash_random_string(rand(6,18)); |
$expired [] = $function_name; |
$js = "function $function_name (){"; |
$type = rand(0, 3) * 0; |
switch($type){ |
/* Addition of n times of field value / n, + modulus: |
Time guarantee: 100 iterations or less */ |
case 0: |
$eax = hashcash_random_string(rand(8,10), $expired); |
$expired [] = $eax; |
$val = hashcash_field_value(); |
$inc = rand($val / 100, $val - 1); |
$n = floor($val / $inc); |
$r = $val % $inc; |
$js .= "var $eax = $inc; "; |
for($i = 0; $i < $n - 1; $i++){ |
$js .= "$eax += $inc; "; |
} |
$js .= "$eax += $r; "; |
$js .= "return $eax; "; |
break; |
/* Conversion from binary: |
Time guarantee: log(n) iterations or less */ |
case 1: |
$eax = hashcash_random_string(rand(8,10), $expired); |
$expired [] = $eax; |
$ebx = hashcash_random_string(rand(8,10), $expired); |
$expired [] = $ebx; |
$ecx = hashcash_random_string(rand(8,10), $expired); |
$expired [] = $ecx; |
$val = hashcash_field_value(); |
$binval = strrev(base_convert($val, 10, 2)); |
$js .= "var $eax = \"$binval\"; "; |
$js .= "var $ebx = 0; "; |
$js .= "var $ecx = 0; "; |
$js .= "while($ecx < $eax.length){ "; |
$js .= "if($eax.charAt($ecx) == \"1\") { "; |
$js .= "$ebx += Math.pow(2, $ecx); "; |
$js .= "} "; |
$js .= "$ecx++; "; |
$js .= "} "; |
$js .= "return $ebx; "; |
break; |
/* Multiplication of square roots: |
Time guarantee: constant time */ |
case 2: |
$val = hashcash_field_value(); |
$sqrt = floor(sqrt($val)); |
$r = $val - ($sqrt * $sqrt); |
$js .= "return $sqrt * $sqrt + $r; "; |
break; |
/* Sum of random numbers to the final value: |
Time guarantee: log(n) expected value */ |
case 3: |
$val = hashcash_field_value(); |
$js .= "return "; |
$i = 0; |
while($val > 0){ |
if($i++ > 0) |
$js .= "+"; |
$temp = rand(1, $val); |
$val -= $temp; |
$js .= $temp; |
} |
$js .= ";"; |
break; |
} |
$js .= "} $function_name ();"; |
// pack bytes |
function strToLongs($s) { |
$l = array(); |
// pad $s to some multiple of 4 |
$s = preg_split('//', $s, -1, PREG_SPLIT_NO_EMPTY); |
while(count($s) % 4 != 0){ |
$s [] = ' '; |
} |
for ($i = 0; $i < ceil(count($s)/4); $i++) { |
$l[$i] = ord($s[$i*4]) + (ord($s[$i*4+1]) << 8) + (ord($s[$i*4+2]) << 16) + (ord($s[$i*4+3]) << 24); |
} |
return $l; |
} |
// xor all the bytes with a random key |
$key = rand(21474836, 2126008810); |
$js = strToLongs($js); |
for($i = 0; $i < count($js); $i++){ |
$js[$i] = $js[$i] ^ $key; |
} |
// libs function encapsulation |
$libs_name = hashcash_random_string(rand(6,18), $expired); |
$expired [] = $libs_name; |
$libs = "function $libs_name(){"; |
// write bytes to javascript, xor with key |
$data_name = hashcash_random_string(rand(6,18), $expired); |
$expired [] = $data_name; |
$libs .= "var $data_name = new Array(" . count($js) . "); "; |
for($i = 0; $i < count($js); $i++){ |
$libs .= $data_name . '[' . $i . '] = ' . $js[$i] . ' ^ ' . $key .'; '; |
} |
// convert bytes back to string |
$libs .= " var a = new Array($data_name.length); "; |
$libs .= "for (var i=0; i<" . $data_name . ".length; i++) { "; |
$libs .= 'a[i] = String.fromCharCode(' . $data_name .'[i] & 0xFF, ' . $data_name . '[i]>>>8 & 0xFF, '; |
$libs .= $data_name . '[i]>>>16 & 0xFF, ' . $data_name . '[i]>>>24 & 0xFF); } '; |
$libs .= "return eval(a.join('')); "; |
// call libs function |
$libs .= "} $libs_name();"; |
// return code |
echo $libs; |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/wp-hashcash.key |
---|
New file |
0,0 → 1,0 |
1600348414 |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/.htaccess |
---|
New file |
0,0 → 1,0 |
deny from all |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/wp-hashcash.lib |
---|
New file |
0,0 → 1,49 |
<?php |
define('HASHCASH_FORM_ACTION', 'wp-comments-post.php'); |
define('HASHCASH_SECRET_FILE', realpath(dirname(__FILE__) . '/') . '/wp-hashcash.key'); |
define('HASHCASH_FORM_ID', 'ACEditor'); |
define('HASHCASH_FORM_CLASS', 'page'); |
define('HASHCASH_REFRESH', 60*60*4); |
define('HASHCASH_IP_EXPIRE', 60*60*24*7); |
define('HASHCASH_VERSION', 3.2); |
// Produce random unique strings |
function hashcash_random_string($l, $exclude = array()) { |
// Sanity check |
if($l < 1){ |
return ''; |
} |
$str = ''; |
while(in_array($str, $exclude) || strlen($str) < $l){ |
$str = ''; |
while(strlen($str) < $l){ |
$str .= chr(rand(65, 90) + rand(0, 1) * 32); |
} |
} |
return $str; |
} |
// looks up the secret key |
function hashcash_field_value(){ |
if(function_exists('file_get_contents')){ |
return file_get_contents(HASHCASH_SECRET_FILE); |
} else { |
$fp = fopen(HASHCASH_SECRET_FILE, 'r'); |
$data = fread($fp, @filesize(HASHCASH_SECRET_FILE)); |
fclose($fp); |
return $data; |
} |
} |
// Returns a phrase representing the product |
function hashcash_verbage(){ |
$phrase = 'Protection anti-spam active'; |
return $phrase; |
} |
?> |
Property changes: |
Added: svn:executable |
+* |
\ No newline at end of property |