Subversion Repositories Sites.tela-botanica.org

Compare Revisions

No changes between revisions

Ignore whitespace Rev 420 → Rev 609

/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/desc.xml
New file
0,0 → 1,6
<?xml version="1.0" encoding="ISO-8859-1"?>
<plugin name="wkhasshcash" version="0.1" active="1">
<author>David</author>
<label>Hashcash adaptation pour wikini</label>
<desc>Hashcash adaptation pour wikini</desc>
</plugin>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/index.php
New file
0,0 → 1,12
<?php
// index.php
// Administration de l'extension : initialisations (tables, fichier de configuration) , information etc. : toutes
// opérations réservées à l'administrateur technique de Wikini.
 
// Vérification de sécurité
if (!defined("TOOLS_MANAGER"))
{
die ("acc&egrave;s direct interdit");
}
 
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/__addcomment.php
New file
0,0 → 1,11
<?php
 
if (!defined("WIKINI_VERSION"))
{
die ("acc&egrave;s direct interdit");
}
 
$this->SetMessage("Commentaires desactives");
$this->Redirect($this->href());
 
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/__edit.php
New file
0,0 → 1,22
<?php
/*
*/
if (!defined("WIKINI_VERSION"))
{
die ("acc&egrave;s direct interdit");
}
 
 
if ($this->HasAccess("write") && $this->HasAccess("read"))
{
if ($_POST["submit"] == 'Sauver') {
require_once('tools/hashcash/secret/wp-hashcash.lib');
if($_POST["hashcash_value"] != hashcash_field_value()) {
$this->SetMessage("Cette page n\'a pas &eacute;t&eacute; enregistr&eacute;e car ce wiki pense que vous etes un robot !");
$this->Redirect($this->href());
}
}
}
 
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/handlers/page/edit__.php
New file
0,0 → 1,56
<?php
/*
*/
if (!defined("WIKINI_VERSION"))
{
die ("acc&egrave;s direct interdit");
}
 
 
if ($this->HasAccess("write") && $this->HasAccess("read"))
{
// Edition
if ($_POST["submit"] != 'Aperçu' && $_POST["submit"] != 'Sauver') {
require_once('tools/hashcash/secret/wp-hashcash.lib');
 
// UPDATE RANDOM SECRET
$curr = @file_get_contents(HASHCASH_SECRET_FILE);
if(empty($curr) || (time() - @filemtime(HASHCASH_SECRET_FILE)) > HASHCASH_REFRESH){
// update our secret
$fp = fopen(HASHCASH_SECRET_FILE, 'w');
 
if(@flock($fp, LOCK_EX)){
fwrite($fp, rand(21474836, 2126008810));
@flock($fp, LOCK_UN);
}
 
fclose($fp);
}
if (substr($this->config['base_url'],0,4)!="http") { // Wakka.config mal configure
$base_url="http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "?wiki=" : "");
$a = parse_url($base_url);
}
else {
$a = parse_url($this->config['base_url']);
}
$siteurl = ($a['scheme'].'://'.$a['host'].dirname($a['path']));
 
 
$ChampsHashcash =
'<script type="text/javascript" src="' . $siteurl . '/tools/hashcash/wp-hashcash-js.php?siteurl='.$siteurl.'"></script>';
$plugin_output_new=preg_replace ('/\<input name=\"submit\" type=\"submit\" value=\"Sauver\"/',
$ChampsHashcash.'<input name="submit" type="submit" value="Sauver"', $plugin_output_new);
}
 
}
 
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wp-hashcash-getkey.php
New file
0,0 → 1,149
<?php
 
require_once(realpath(dirname(__FILE__) . '/') . '/secret/wp-hashcash.lib');
 
header("Pragma: no-cache");
header("Expires: 0");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
$expired = array();
 
$function_name = hashcash_random_string(rand(6,18));
$expired [] = $function_name;
 
$js = "function $function_name (){";
 
$type = rand(0, 3) * 0;
switch($type){
/* Addition of n times of field value / n, + modulus:
Time guarantee: 100 iterations or less */
case 0:
$eax = hashcash_random_string(rand(8,10), $expired);
$expired [] = $eax;
$val = hashcash_field_value();
$inc = rand($val / 100, $val - 1);
$n = floor($val / $inc);
$r = $val % $inc;
$js .= "var $eax = $inc; ";
for($i = 0; $i < $n - 1; $i++){
$js .= "$eax += $inc; ";
}
$js .= "$eax += $r; ";
$js .= "return $eax; ";
break;
/* Conversion from binary:
Time guarantee: log(n) iterations or less */
case 1:
$eax = hashcash_random_string(rand(8,10), $expired);
$expired [] = $eax;
$ebx = hashcash_random_string(rand(8,10), $expired);
$expired [] = $ebx;
$ecx = hashcash_random_string(rand(8,10), $expired);
$expired [] = $ecx;
$val = hashcash_field_value();
$binval = strrev(base_convert($val, 10, 2));
$js .= "var $eax = \"$binval\"; ";
$js .= "var $ebx = 0; ";
$js .= "var $ecx = 0; ";
$js .= "while($ecx < $eax.length){ ";
$js .= "if($eax.charAt($ecx) == \"1\") { ";
$js .= "$ebx += Math.pow(2, $ecx); ";
$js .= "} ";
$js .= "$ecx++; ";
$js .= "} ";
$js .= "return $ebx; ";
break;
/* Multiplication of square roots:
Time guarantee: constant time */
case 2:
$val = hashcash_field_value();
$sqrt = floor(sqrt($val));
$r = $val - ($sqrt * $sqrt);
$js .= "return $sqrt * $sqrt + $r; ";
break;
/* Sum of random numbers to the final value:
Time guarantee: log(n) expected value */
case 3:
$val = hashcash_field_value();
$js .= "return ";
 
$i = 0;
while($val > 0){
if($i++ > 0)
$js .= "+";
$temp = rand(1, $val);
$val -= $temp;
$js .= $temp;
}
 
$js .= ";";
break;
}
$js .= "} $function_name ();";
 
// pack bytes
function strToLongs($s) {
$l = array();
// pad $s to some multiple of 4
$s = preg_split('//', $s, -1, PREG_SPLIT_NO_EMPTY);
while(count($s) % 4 != 0){
$s [] = ' ';
}
 
for ($i = 0; $i < ceil(count($s)/4); $i++) {
$l[$i] = ord($s[$i*4]) + (ord($s[$i*4+1]) << 8) + (ord($s[$i*4+2]) << 16) + (ord($s[$i*4+3]) << 24);
}
 
return $l;
}
 
// xor all the bytes with a random key
$key = rand(21474836, 2126008810);
$js = strToLongs($js);
 
for($i = 0; $i < count($js); $i++){
$js[$i] = $js[$i] ^ $key;
}
 
// libs function encapsulation
$libs_name = hashcash_random_string(rand(6,18), $expired);
$expired [] = $libs_name;
 
$libs = "function $libs_name(){";
 
// write bytes to javascript, xor with key
$data_name = hashcash_random_string(rand(6,18), $expired);
$expired [] = $data_name;
 
$libs .= "var $data_name = new Array(" . count($js) . "); ";
for($i = 0; $i < count($js); $i++){
$libs .= $data_name . '[' . $i . '] = ' . $js[$i] . ' ^ ' . $key .'; ';
}
 
// convert bytes back to string
$libs .= " var a = new Array($data_name.length); ";
$libs .= "for (var i=0; i<" . $data_name . ".length; i++) { ";
$libs .= 'a[i] = String.fromCharCode(' . $data_name .'[i] & 0xFF, ' . $data_name . '[i]>>>8 & 0xFF, ';
$libs .= $data_name . '[i]>>>16 & 0xFF, ' . $data_name . '[i]>>>24 & 0xFF); } ';
$libs .= "return eval(a.join('')); ";
 
// call libs function
$libs .= "} $libs_name();";
 
// return code
echo $libs;
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/.htaccess
New file
0,0 → 1,0
deny from all
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/wp-hashcash.lib
New file
0,0 → 1,49
<?php
 
define('HASHCASH_FORM_ACTION', 'wp-comments-post.php');
define('HASHCASH_SECRET_FILE', realpath(dirname(__FILE__) . '/') . '/wp-hashcash.key');
define('HASHCASH_FORM_ID', 'ACEditor');
define('HASHCASH_FORM_CLASS', 'page');
define('HASHCASH_REFRESH', 60*60*4);
define('HASHCASH_IP_EXPIRE', 60*60*24*7);
define('HASHCASH_VERSION', 3.2);
 
// Produce random unique strings
function hashcash_random_string($l, $exclude = array()) {
// Sanity check
if($l < 1){
return '';
}
$str = '';
while(in_array($str, $exclude) || strlen($str) < $l){
$str = '';
while(strlen($str) < $l){
$str .= chr(rand(65, 90) + rand(0, 1) * 32);
}
}
return $str;
}
 
// looks up the secret key
function hashcash_field_value(){
if(function_exists('file_get_contents')){
return file_get_contents(HASHCASH_SECRET_FILE);
} else {
$fp = fopen(HASHCASH_SECRET_FILE, 'r');
$data = fread($fp, @filesize(HASHCASH_SECRET_FILE));
fclose($fp);
return $data;
}
}
 
// Returns a phrase representing the product
function hashcash_verbage(){
 
$phrase = 'Protection anti-spam active';
 
return $phrase;
}
 
?>
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/secret/wp-hashcash.key
New file
0,0 → 1,0
1600348414
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wp-hashcash-js.php
New file
0,0 → 1,94
<?php
ob_start("ob_gzhandler");
require_once(realpath(dirname(__FILE__) . '/') . '/secret/wp-hashcash.lib');
$field_id = hashcash_random_string(rand(6,18));
$fn_enable_name = hashcash_random_string(rand(6,18));
?>
 
addLoadEvent(<?php echo $fn_enable_name; ?>);
 
function createHiddenField(){
var inp = document.createElement('input');
inp.setAttribute('type', 'hidden');
inp.setAttribute('id', '<?php echo $field_id; ?>');
inp.setAttribute('name', 'hashcash_value');
inp.setAttribute('value', '-1');
var e = document.getElementById('<?php echo HASHCASH_FORM_ID; ?>');
e.appendChild(inp);
}
 
function addVerbage(){
var e = getElementsByClass('<?php echo HASHCASH_FORM_CLASS; ?>');
var p = document.createElement('p');
p.innerHTML = '<?php echo str_replace("'", "\'", hashcash_verbage()); ?>';
e[0].appendChild(p);
}
 
function <?php echo $fn_enable_name;?>(){
createHiddenField();
addVerbage();
loadHashCashKey('<?php
echo $_GET['siteurl']; ?>/tools/hashcash/wp-hashcash-getkey.php', '<?php echo $field_id; ?>');
}
 
function loadHashCashKey(fragment_url, e_id) {
var xmlhttp=createXMLHttp();
var element = document.getElementById(e_id);
 
xmlhttp.open("GET", fragment_url, true);
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
element.value = eval(xmlhttp.responseText);
}
}
 
xmlhttp.send(null);
}
 
function getElementsByClass(searchClass,node,tag) {
var classElements = new Array();
if ( node == null )
node = document;
if ( tag == null )
tag = '*';
var els = node.getElementsByTagName(tag);
var elsLen = els.length;
var pattern = new RegExp("(^|\\s)"+searchClass+"(\\s|$)");
for (i = 0, j = 0; i < elsLen; i++) {
if ( pattern.test(els[i].className) ) {
classElements[j] = els[i];
j++;
}
}
return classElements;
}
 
function createXMLHttp() {
if (typeof XMLHttpRequest != "undefined")
return new XMLHttpRequest();
var xhrVersion = [ "MSXML2.XMLHttp.5.0", "MSXML2.XMLHttp.4.0","MSXML2.XMLHttp.3.0", "MSXML2.XMLHttp","Microsoft.XMLHttp" ];
for (var i = 0; i < xhrVersion.length; i++) {
try {
var xhrObj = new ActiveXObject(xhrVersion[i]);
return xhrObj;
} catch (e) { }
}
return null;
}
 
function addLoadEvent(func) {
var oldonload = window.onload;
if (typeof window.onload != 'function') {
window.onload = func;
} else {
window.onload = function() {
func();
oldonload();
}
}
}
Property changes:
Added: svn:executable
+*
\ No newline at end of property
/branches/v4.0-livraison/wikini/maj_wikini/tools/hashcash/wiki.php
New file
0,0 → 1,23
<?php
// Partie publique
 
if (!defined("WIKINI_VERSION"))
{
die ("acc&egrave;s direct interdit");
}
 
$wikiClasses [] = 'Hashcash';
$wikiClassesContent [] = '
 
function FormOpen($method = "", $tag = "", $formMethod = "post") {
 
if (ereg("edit$", $this->href($method, $tag))) {
$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
} else {
$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
}
 
if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"wiki\" value=\"".$this->MiniHref($method, $tag)."\" />\n";
return $result;
}
';
Property changes:
Added: svn:executable
+*
\ No newline at end of property