summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/bot_protection.php (renamed from lib/captcha_gen.php)145
-rw-r--r--lib/classic.pngbin358 -> 0 bytes
-rw-r--r--lib/frontend.php13
-rw-r--r--lib/fuckhtml.php25
4 files changed, 72 insertions, 111 deletions
diff --git a/lib/captcha_gen.php b/lib/bot_protection.php
index abcab7a..82de54c 100644
--- a/lib/captcha_gen.php
+++ b/lib/bot_protection.php
@@ -1,6 +1,6 @@
<?php
-class captcha{
+class bot_protection{
public function __construct($frontend, $get, $filters, $page, $output){
@@ -26,7 +26,7 @@ class captcha{
if(
// check if key is not malformed
preg_match(
- '/^c[0-9]+\.[A-Za-z0-9]{20}$/',
+ '/^k[0-9]+\.[A-Za-z0-9_]{20}$/',
$_COOKIE["pass"]
) &&
// does key exist
@@ -39,7 +39,7 @@ class captcha{
// we start counting from 1
// when it has been incremented to 102, it has reached
// 100 reqs
- if($inc >= 102){
+ if($inc >= config::MAX_SEARCHES + 2){
// reached limit, delete and give captcha
apcu_delete($_COOKIE["pass"]);
@@ -62,7 +62,7 @@ class captcha{
if($output === false){
- http_response_code(429); // too many reqs
+ http_response_code(401); // forbidden
echo json_encode([
"status" => "The \"pass\" token in your cookies is missing or has expired!!"
]);
@@ -104,10 +104,13 @@ class captcha{
!isset($regex[0][1])
){
- // check if its k
+ // check if its the v key
if(
- $line[0] == "k" &&
- strpos($line[1], "c.") === 0
+ $line[0] == "v" &&
+ preg_match(
+ '/^c[0-9]+\.[A-Za-z0-9_]{20}$/',
+ $line[1]
+ )
){
$key = apcu_fetch($line[1]);
@@ -129,27 +132,21 @@ class captcha{
$answers[] = $regex;
}
-
+
if(
!$invalid &&
- $key !== false
+ $key !== false // has captcha been gen'd?
){
- $check = $key[1];
+ $check = count($key);
// validate answer
- for($i=0; $i<count($key[0]); $i++){
-
- if(!in_array($i, $answers)){
-
- continue;
- }
+ for($i=0; $i<count($answers); $i++){
- if($key[0][$i][0] == $key[2]){
+ if(in_array($answers[$i], $key)){
$check--;
}else{
- // got a wrong answer
$check = -1;
break;
}
@@ -160,21 +157,8 @@ class captcha{
// we passed the captcha
// set cookie
$inc = apcu_inc("cookie");
- $chars =
- array_merge(
- range("A", "Z"),
- range("a", "z"),
- range(0, 9)
- );
-
- $c = count($chars) - 1;
- $key = "c" . $inc . ".";
-
- for($i=0; $i<20; $i++){
-
- $key .= $chars[random_int(0, $c)];
- }
+ $key = "k" . $inc . "." . $this->randomchars();
apcu_inc($key, 1, $stupid, 86400);
@@ -203,84 +187,23 @@ class captcha{
}
}
- // get the positions for the answers
- // will return between 3 and 6 answer positions
- $range = range(0, 15);
- $answer_pos = [];
-
- array_splice($range, 0, 1);
-
- for($i=0; $i<random_int(3, 6); $i++){
-
- $answer_pos_tmp =
- array_splice(
- $range,
- random_int(
- 0,
- 14 - $i
- ),
- 1
- );
-
- $answer_pos[] = $answer_pos_tmp[0];
- }
-
- // choose a dataset
- $c = count(config::CAPTCHA_DATASET);
- $choosen = config::CAPTCHA_DATASET[random_int(0, $c - 1)];
- $choices = [];
-
- for($i=0; $i<$c; $i++){
-
- if(config::CAPTCHA_DATASET[$i][0] == $choosen[0]){
-
- continue;
- }
-
- $choices[] = config::CAPTCHA_DATASET[$i];
- }
-
- // generate grid data
- $grid = [];
-
- for($i=0; $i<16; $i++){
-
- if(in_array($i, $answer_pos)){
-
- $grid[] = $choosen;
- }else{
-
- $grid[] = $choices[random_int(0, count($choices) - 1)];
- }
- }
-
- $key = "c." . apcu_inc("captcha_gen", 1) . "." . random_int(0, 100000000);
-
- apcu_store(
- $key,
- [
- $grid,
- count($answer_pos),
- $choosen[0],
- false // has captcha been generated?
- ],
- 120 // we give user 2 minutes to get captcha, in case of network error
- );
+ $key = "c" . apcu_inc("captcha_gen", 1) . "." . $this->randomchars();
$payload = [
+ "timetaken" => microtime(true),
"class" => "",
"right-left" => "",
"right-right" => "",
"left" =>
'<div class="infobox">' .
'<h1>IQ test</h1>' .
- 'Due to getting hit with 20,000 bot requests per day, I had to put this up. Sorry.<br><br>' .
- 'Solving this captcha will allow you to make 100 searches today. I will add a way for legit users to bypass the captcha later. Sorry /g/tards!!' .
+ 'IQ test has been enabled due to bot abuse on the network.<br>' .
+ 'Solving this IQ test will let you make 100 searches today. I will add an invite system to bypass this soon...' .
$error .
'<form method="POST" enctype="text/plain" autocomplete="off">' .
'<div class="captcha-wrapper">' .
'<div class="captcha">' .
- '<img src="captcha?k=' . $key . '" alt="Captcha image">' .
+ '<img src="captcha.php?v=' . $key . '" alt="Captcha image">' .
'<div class="captcha-controls">' .
'<input type="checkbox" name="c[0]" id="c0">' .
'<label for="c0"></label>' .
@@ -317,13 +240,12 @@ class captcha{
'</div>' .
'</div>' .
'</div>' .
- '<input type="hidden" name="k" value="' . $key . '">' .
+ '<input type="hidden" name="v" value="' . $key . '">' .
'<input type="submit" value="Check IQ" class="captcha-submit">' .
'</form>' .
'</div>'
];
- http_response_code(429); // too many reqs
$frontend->loadheader(
$get,
$filters,
@@ -333,4 +255,27 @@ class captcha{
echo $frontend->load("search.html", $payload);
die();
}
+
+ private function randomchars(){
+
+ $chars =
+ array_merge(
+ range("A", "Z"),
+ range("a", "z"),
+ range(0, 9)
+ );
+
+ $chars[] = "_";
+
+ $c = count($chars) - 1;
+
+ $key = "";
+
+ for($i=0; $i<20; $i++){
+
+ $key .= $chars[random_int(0, $c)];
+ }
+
+ return $key;
+ }
}
diff --git a/lib/classic.png b/lib/classic.png
deleted file mode 100644
index d2c9609..0000000
--- a/lib/classic.png
+++ /dev/null
Binary files differ
diff --git a/lib/frontend.php b/lib/frontend.php
index b002ee9..738ad83 100644
--- a/lib/frontend.php
+++ b/lib/frontend.php
@@ -39,6 +39,14 @@ class frontend{
$replacements["ac"] = '';
}
+ if(
+ isset($replacements["timetaken"]) &&
+ $replacements["timetaken"] !== null
+ ){
+
+ $replacements["timetaken"] = '<div class="timetaken">Took ' . substr(microtime(true) - $replacements["timetaken"], 0, 4) . 's</div>';
+ }
+
$handle = fopen("template/{$template}", "r");
$data = fread($handle, filesize("template/{$template}"));
fclose($handle);
@@ -68,7 +76,7 @@ class frontend{
echo
$this->load("header.html", [
- "title" => trim($get["s"] . " ({$page})"),
+ "title" => trim(htmlspecialchars($get["s"]) . " ({$page})"),
"description" => ucfirst($page) . ' search results for &quot;' . htmlspecialchars($get["s"]) . '&quot;',
"index" => "no",
"search" => htmlspecialchars($get["s"]),
@@ -88,7 +96,7 @@ class frontend{
$this->drawerror(
"Tshh, blocked!",
- 'You were blocked from viewing this page. If you wish to scrape data from 4get, please consider running <a href="https://git.lolcat.ca/lolcat/4get" rel="noreferrer nofollow">your own 4get instance</a> or using <a href="/api.txt">the API</a>.',
+ 'You were blocked from viewing this page. If you wish to scrape data from 4get, please consider running <a href="https://git.lolcat.ca/lolcat/4get" rel="noreferrer nofollow">your own 4get instance</a>.',
);
die();
}
@@ -98,6 +106,7 @@ class frontend{
echo
$this->load("search.html", [
+ "timetaken" => null,
"class" => "",
"right-left" => "",
"right-right" => "",
diff --git a/lib/fuckhtml.php b/lib/fuckhtml.php
index 2f9d3aa..ed1252c 100644
--- a/lib/fuckhtml.php
+++ b/lib/fuckhtml.php
@@ -466,19 +466,26 @@ class fuckhtml{
return
preg_replace_callback(
- '/\\\u[A-Fa-f0-9]{4}|\\\x[A-Fa-f0-9]{2}/',
+ '/\\\u[A-Fa-f0-9]{4}|\\\x[A-Fa-f0-9]{2}|\\\n|\\\r/',
function($match){
- if($match[0][1] == "u"){
+ switch($match[0][1]){
- return json_decode('"' . $match[0] . '"');
- }else{
+ case "u":
+ return json_decode('"' . $match[0] . '"');
+ break;
- return mb_convert_encoding(
- stripcslashes($match[0]),
- "utf-8",
- "windows-1252"
- );
+ case "x":
+ return mb_convert_encoding(
+ stripcslashes($match[0]),
+ "utf-8",
+ "windows-1252"
+ );
+ break;
+
+ default:
+ return " ";
+ break;
}
},
$string