Continued:

- changed all <?php print foo; ?> to <?= foo; ?>
- added hidden anti-spam field as I'm done with these spammers
  abusing my well-intended email form
- also included a message to those spammers

Signed-off-by: Roland Häder <roland@mxchange.org>

diff --git a/libs/language/.php b/libs/language/.php
index ad89265656a2fd250cfceefa853c350612e6b5b5..545a39b3445bfa32fc8817d436501ce638ec2184 100644 (file)
--- a/libs/language/.php
+++ b/libs/language/.php
@@ -24,6 +24,3 @@
 
 // Add localized messages here
 $GLOBALS['ctracker_localized']['foo_bar'] = 'Some foo-bar string';
-
-// [EOF]
-?>

diff --git a/libs/language/de.php b/libs/language/de.php
index 6cf785979d25049c834391f580c101c134ff20a1..2d072898431cc238e1dade7f8b605c24aa92880f 100644 (file)
--- a/libs/language/de.php
+++ b/libs/language/de.php
@@ -28,6 +28,3 @@ $GLOBALS['ctracker_localized']['user_add_ticket_subject'] = 'Ihr ausgefüllt
 $GLOBALS['ctracker_localized']['webmaster_add_ticket_subject'] = 'Ausgefülltes Support-Ticket erhalten';
 $GLOBALS['ctracker_localized']['add_ticket_name_missing'] = 'Sie haben keinen Namen eingegeben.';
 $GLOBALS['ctracker_localized']['add_ticket_email_missing'] = 'Sie haben keine Email-Adresse eingegeben.';
-
-// [EOF]
-?>

diff --git a/libs/language/en.php b/libs/language/en.php
index deedfac34b5f6cc2086d68d4fb3b4ec7168c9885..f5ff6c7deb54dd66332a00197e4bc20023e9e6e0 100644 (file)
--- a/libs/language/en.php
+++ b/libs/language/en.php
@@ -28,6 +28,3 @@ $GLOBALS['ctracker_localized']['user_add_ticket_subject'] = 'Your filled-out sup
 $GLOBALS['ctracker_localized']['webmaster_add_ticket_subject'] = 'Filled-out support ticket received';
 $GLOBALS['ctracker_localized']['add_ticket_name_missing'] = 'You have entered no name.';
 $GLOBALS['ctracker_localized']['add_ticket_email_missing'] = 'You have entered no email address.';
-
-// [EOF]
-?>

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 7dc5c477d748689e003a53a8f94b6cef7ed2b311..862c7387435e263dadf7a7ffb42a79648ad28a46 100644 (file)
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -443,7 +443,10 @@ function crackerTrackerAlertCurrentUser () {
        // Is there some data?
        if (isset($GLOBALS['ctracker_last_suspicious_entry'])) {
                // Does the user have a ticket?
-               if (ifCrackerTrackerIpHasTicket()) {
+               if (ifCtrackerTrackerAntiSpamFieldGiven()) {
+                       // Spam-bot filled out anti-spam field
+                       ctrackerTrackerLoadTemplate('bot_captured');
+               } elseif (ifCrackerTrackerIpHasTicket()) {
                        // Load "Thank you" template
                        crackerTrackerLoadTemplate('add_ticket_thanks');
                } elseif ((isset($_POST['ctracker_add_ticket'])) && (!empty($_POST['name'])) && (!empty($_POST['email']))) {

diff --git a/libs/lib_general.php b/libs/lib_general.php
index e20fa236a6355a754c8465122fa069aa97a43e3c..0b1a8fdac0ff9db489d66780b02850be517f34c7 100644 (file)
--- a/libs/lib_general.php
+++ b/libs/lib_general.php
@@ -596,3 +596,41 @@ function crackerTrackerSanitize ($str) {
 function crackerTrackerIsConsole () {
        return (php_sapi_name() == 'cli');
 }
+
+function ctrackerAntiSpamField () {
+       // Get all fields
+       $fields = ctrackerGetAntiSpamFields();
+
+       // Choose random
+       $fieldName = $fields[mt_rand(0, count($fields) - 1)];
+
+       // Return it
+       return $fieldName;
+}
+
+function ctrackerGetAntiSpamFields () {
+       return [
+               'ctracker_url',
+               'ctracker_aol',
+               'ctracker_yahoo',
+               'ctracker_icq',
+               'ctracker_jabber',
+       ];
+}
+
+function ifCtrackerTrackerAntiSpamFieldGiven () {
+       // Is request method POST?
+       if (crackerTrackerRequestMethod() != 'POST') {
+               // Cannot be given
+               return FALSE;
+       }
+
+       // Walk through all fields
+       foreach (ctrackerGetAntiSpamFields() as $fieldName) {
+               // Is one found?
+               if (in_array($fieldName, $_POST) && !empty($_POST[$fieldName])) {
+                       // Filled out!
+                       return TRUE;
+               }
+       }
+}

diff --git a/libs/templates/add_ticket.tpl.php b/libs/templates/add_ticket.tpl.php
index 04d8f2a16710312b6e610379e29ec99b6f9184c9..a46354f3d39d0a9620497f0588f0915529a65b4a 100644 (file)
--- a/libs/templates/add_ticket.tpl.php
+++ b/libs/templates/add_ticket.tpl.php
@@ -36,6 +36,3 @@ crackerTrackerLoadLocalizedTemplate('add_ticket_form');
 
 // Load footer
 crackerTrackerLoadTemplate('page_footer');
-
-// [EOF]
-?>

diff --git a/libs/templates/add_ticket_thanks.tpl.php b/libs/templates/add_ticket_thanks.tpl.php
index 6cf4ff04c56470e359fe169a55c72d18f1dc2c03..a14fd813be4465cebbc667d9d2f01928e6d389f0 100644 (file)
--- a/libs/templates/add_ticket_thanks.tpl.php
+++ b/libs/templates/add_ticket_thanks.tpl.php
@@ -30,6 +30,3 @@ crackerTrackerLoadLocalizedTemplate('add_ticket_success');
 
 // Load footer
 crackerTrackerLoadTemplate('page_footer');
-
-// [EOF]
-?>

diff --git a/libs/templates/bot_captured.tpl.php b/libs/templates/bot_captured.tpl.php
new file mode 100644 (file)
index 0000000..65462dd
--- /dev/null
+++ b/libs/templates/bot_captured.tpl.php
@@ -0,0 +1,32 @@
+<?php
+/**
+ * Template file "Bot captured"
+ *
+ * @author             Roland Haeder <webmaster@shipsimu.org>
+ * @version            3.0.0
+ * @copyright  Copyright (c) 2009 - 2017 Cracker Tracker Team
+ * @license            GNU GPL 3.0 or any newer version
+ * @link               http://www.shipsimu.org
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+// Load header
+crackerTrackerLoadTemplate('page_header');
+
+// Load form
+crackerTrackerLoadLocalizedTemplate('bot_captured');
+
+// Load footer
+crackerTrackerLoadTemplate('page_footer');

diff --git a/libs/templates/de/add_ticket_form.tpl.php b/libs/templates/de/add_ticket_form.tpl.php
index baec1d42da34662e7bc6ae91b1e0322e03ef37d0..33af81083d07c7c683aecf32d030983674160b74 100644 (file)
--- a/libs/templates/de/add_ticket_form.tpl.php
+++ b/libs/templates/de/add_ticket_form.tpl.php
@@ -1,5 +1,5 @@
 <?php /* Required for my editor... :-( */ ?>
-<form accept-charset="utf-8" action="<?php print crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
+<form accept-charset="utf-8" action="<?= crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
 
 <div class="ctracker_add_ticket_header">
        Bitte f&uuml;llen Sie ein Support-Ticket aus:
@@ -27,7 +27,8 @@
 </div>
 
 <div class="ctracker_form_footer">
-       Ihre IP-Adresse lautet: <span class="ctracker_data"><?php print determineCrackerTrackerRealRemoteAddress(); ?></span>
+       Ihre IP-Adresse lautet: <span class="ctracker_data"><?= determineCrackerTrackerRealRemoteAddress(); ?></span>
 </div>
 
+<input type="hidden" name="<?= ctrackerAntiSpamField(); ?>" value="" />
 </form>

diff --git a/libs/templates/de/add_ticket_success.tpl.php b/libs/templates/de/add_ticket_success.tpl.php
index 7a651f26faef36647e5cd27a1a2dc626afbbd13c..5ce6ca5156c896c6bc4d6b1574fdc072dd1e3a90 100644 (file)
--- a/libs/templates/de/add_ticket_success.tpl.php
+++ b/libs/templates/de/add_ticket_success.tpl.php
@@ -1,11 +1,11 @@
 <?php /* Required for my editor... :-( */ ?>
 <div>
-       Ihr Ticket wurde mit der ID-Nummer <span class="ctracker_data"><?php print getCrackerTrackerTicketId(); ?></span>
+       Ihr Ticket wurde mit der ID-Nummer <span class="ctracker_data"><?= getCrackerTrackerTicketId(); ?></span>
        erstellt. Sie k&ouml;nnen nun fortfahren:
 </div>
 
 <div>
-       <form accept-charset="utf-8" action="<?php print crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
+       <form accept-charset="utf-8" action="<?= crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
                <input type="submit" class="submit" name="ctracker_continue" value="Weiter zur eigentlichen Webseite" />
        </form>
 </div>

diff --git a/libs/templates/de/body_header.tpl.php b/libs/templates/de/body_header.tpl.php
index 4234ae7e32dd0ac5228d5928dd6c6401aba10586..1e557a29de9d9a202da54cc79fe4be20313fd29e 100644 (file)
--- a/libs/templates/de/body_header.tpl.php
+++ b/libs/templates/de/body_header.tpl.php
@@ -7,7 +7,7 @@
        Die auf diesem Server installierte Sicherheitssoftware "Cracker Tracker
        Stand-Alone" hat kurz zuvor bösartigen oder eben nur
        verdächtigen Traffic ausgehend von Ihrer IP-Adresse
-       <span class="ctracker_data"><?php print determineCrackerTrackerRealRemoteAddress(); ?></span>
+       <span class="ctracker_data"><?= determineCrackerTrackerRealRemoteAddress(); ?></span>
        erkannt. Bitte installieren oder aktualisieren Sie nun einen freien
        Virenscanner Ihrer Wahl lassen Sie einen kompletten Scan Ihres Computers
        durchf&uuml;hren. Es ist sehr wahrscheinlich dass die Sicherheit Ihres

diff --git a/libs/templates/de/bot_captured.tpl.php b/libs/templates/de/bot_captured.tpl.php
new file mode 100644 (file)
index 0000000..9c190d8
--- /dev/null
+++ b/libs/templates/de/bot_captured.tpl.php
@@ -0,0 +1,15 @@
+<?php /* Required for my editor... :-( */ ?>
+<h3>
+       Spam-Bot erkannt
+</h3>
+
+<div>
+       Ihr Bot hat ein verdecktes Feld ausgef&uuml;llt, das dazu gedacht ist,
+       automatisierte Software zu fangen, da dieses Formular dazu missbraucht
+       wurde, um Emails an unschuldige Internetbenutzer zu versenden.
+</div>
+
+<div>
+       Bitte fangen Sie ein echtes Leben an und suchen Sie sich echte Arbeit.
+       Werden Sie erwachsen!
+</div>

diff --git a/libs/templates/en/add_ticket_form.tpl.php b/libs/templates/en/add_ticket_form.tpl.php
index f325e5dc06691b735615c0fdc555c85771d4a2a2..cebc3c64d33951b59e877a6e6f12a849ea6791d8 100644 (file)
--- a/libs/templates/en/add_ticket_form.tpl.php
+++ b/libs/templates/en/add_ticket_form.tpl.php
@@ -1,5 +1,5 @@
 <?php /* Required for my editor... :-( */ ?>
-<form accept-charset="utf-8" action="<?php print crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
+<form accept-charset="utf-8" action="<?= crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
 
 <div class="ctracker_form_header">
        Please fill-in a support ticket:
@@ -27,7 +27,8 @@
 </div>
 
 <div class="ctracker_form_footer">
-       Your IP is: <span class="ctracker_data"><?php print determineCrackerTrackerRealRemoteAddress(); ?></span>
+       Your IP is: <span class="ctracker_data"><?= determineCrackerTrackerRealRemoteAddress(); ?></span>
 </div>
 
+<input type="hidden" name="<?= ctrackerAntiSpamField(); ?>" value="" />
 </form>

diff --git a/libs/templates/en/add_ticket_success.tpl.php b/libs/templates/en/add_ticket_success.tpl.php
index d24f02dfb14332178d2a24d1299c41769433f931..5b8e2f7d3190cde2ea1b443ec65b80ca798bb6da 100644 (file)
--- a/libs/templates/en/add_ticket_success.tpl.php
+++ b/libs/templates/en/add_ticket_success.tpl.php
@@ -1,11 +1,11 @@
 <?php /* Required for my editor... :-( */ ?>
 <div>
-       Your ticket with the id number <span class="ctracker_data"><?php print getCrackerTrackerTicketId(); ?></span>
+       Your ticket with the id number <span class="ctracker_data"><?= getCrackerTrackerTicketId(); ?></span>
        was just been created. You may continue now:
 </div>
 
 <div>
-       <form accept-charset="utf-8" action="<?php print crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
+       <form accept-charset="utf-8" action="<?= crackerTrackerScriptName() . '?' . crackerTrackerQueryString() . '"'; ?> method="post">
                <input type="submit" class="submit" name="ctracker_continue" value="Continue to the origin website" />
        </form>
 </div>

diff --git a/libs/templates/en/body_header.tpl.php b/libs/templates/en/body_header.tpl.php
index 26dd6499521d5fc064a391e590ab20b3a3b83aa2..e26148a782147a3678204bf5c5099cb5a4a0ef68 100644 (file)
--- a/libs/templates/en/body_header.tpl.php
+++ b/libs/templates/en/body_header.tpl.php
@@ -7,7 +7,7 @@
        The security software "Cracker Tracker Stand-Alone" installed on
        this server has recently detected some malicious or even suspicious traffic
        originating from your IP address <span class="ctracker_data">
-       <?php print determineCrackerTrackerRealRemoteAddress(); ?></span>. Please now
+       <?= determineCrackerTrackerRealRemoteAddress(); ?></span>. Please now
        install or update a free virus scanner (of your choice) and run a full scan
        on your computer. There is a high possibility that your computer&#39;s
        security is compromised and a trojan horse or virus has infected your

diff --git a/libs/templates/en/bot_captured.tpl.php b/libs/templates/en/bot_captured.tpl.php
new file mode 100644 (file)
index 0000000..471b170
--- /dev/null
+++ b/libs/templates/en/bot_captured.tpl.php
@@ -0,0 +1,14 @@
+<?php /* Required for my editor... :-( */ ?>
+<h3>
+       Spam-bot detected
+</h3>
+
+<div>
+       Your bot has filled a hidden field that is intended to capture automated
+       software as this form has been abused for sending out emails to innocent
+       Internet users.
+</div>
+
+<div>
+       Please get yourself a real life and find a real job. Grow up!
+</div>

diff --git a/libs/templates/page_header.tpl.php b/libs/templates/page_header.tpl.php
index 025d7a364cb8cb3729713aa020e1af7ab3919fe1..327ebbdad6ee5060b58c2c9248aa0ca76e9da7ab 100644 (file)
--- a/libs/templates/page_header.tpl.php
+++ b/libs/templates/page_header.tpl.php
@@ -1,5 +1,5 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php print $GLOBALS['ctracker_language']; ?>" lang="<?php print $GLOBALS['ctracker_language']; ?>">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?= $GLOBALS['ctracker_language']; ?>" lang="<?= $GLOBALS['ctracker_language']; ?>">
 <head>
        <title>
                Cracker Tracker Stand-Alone - Extended Edition: <?php crackerTrackerOutputLocalized('ctracker_page_header'); ?>
@@ -7,7 +7,7 @@
        <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
        <meta http-equiv="content-style-type" content="text/css" />
        <meta http-equiv="content-script-type" content="text/javascript" />
-       <meta http-equiv="language" content="<?php print $GLOBALS['ctracker_language']; ?>" />
+       <meta http-equiv="language" content="<?= $GLOBALS['ctracker_language']; ?>" />
 </head>
 
 <body>