plugin/botmon/action.php

6980370bSSascha Leib<?php
6980370bSSascha Leib
6980370bSSascha Leibuse dokuwiki\Extension\EventHandler;
6980370bSSascha Leibuse dokuwiki\Extension\Event;
5fbe88f7SSascha Leibuse dokuwiki\Logger;
6980370bSSascha Leib
6980370bSSascha Leib/**
7bd08c30SSascha Leib * Action Component for the Bot Monitoring Plugin
6980370bSSascha Leib *
6980370bSSascha Leib * @license	GPL 3 (http://www.gnu.org/licenses/gpl.html)
6980370bSSascha Leib * @author	 Sascha Leib <sascha.leib(at)kolmio.com>
6980370bSSascha Leib */
6980370bSSascha Leib
7bd08c30SSascha Leibclass action_plugin_botmon extends DokuWiki_Action_Plugin {
6980370bSSascha Leib
19b69b64SSascha Leib	public function __construct() {
19b69b64SSascha Leib
19b69b64SSascha Leib		// determine if a captcha should be loaded:
ad279a21SSascha Leib		$this->showCaptcha = 'Z'; // Captcha unknown
19b69b64SSascha Leib
19b69b64SSascha Leib		$useCaptcha = $this->getConf('useCaptcha'); // should we show a captcha?
19b69b64SSascha Leib
19b69b64SSascha Leib		if ($useCaptcha !== 'disabled') {
19b69b64SSascha Leib			if ($_SERVER['REQUEST_METHOD'] == 'HEAD') {
19b69b64SSascha Leib				$this->showCaptcha = 'H'; // Method is HEAD, no need for captcha
19b69b64SSascha Leib			} elseif ($this->captchaWhitelisted()) {
19b69b64SSascha Leib				$this->showCaptcha = 'W'; // IP is whitelisted, no captcha
19b69b64SSascha Leib			} elseif ($this->hasCaptchaCookie()) {
19b69b64SSascha Leib				$this->showCaptcha = 'N'; // No, user already has a cookie, don't show the captcha
19b69b64SSascha Leib			} else {
19b69b64SSascha Leib				$this->showCaptcha = 'Y'; // Yes, show the captcha
19b69b64SSascha Leib			}
19b69b64SSascha Leib		}
19b69b64SSascha Leib	}
19b69b64SSascha Leib
6980370bSSascha Leib	/**
6980370bSSascha Leib	 * Registers a callback functions
6980370bSSascha Leib	 *
6980370bSSascha Leib	 * @param EventHandler $controller DokuWiki's event controller object
6980370bSSascha Leib	 * @return void
6980370bSSascha Leib	 */
6980370bSSascha Leib	public function register(EventHandler $controller) {
5f2c1759SSascha Leib
e56d7b71SSascha Leib		global $ACT;
e56d7b71SSascha Leib
447b8b4fSSascha Leib		// populate the session id and type:
447b8b4fSSascha Leib		$this->setSessionInfo();
d49ab213SSascha Leib
5f2c1759SSascha Leib		// insert header data into the page:
d49ab213SSascha Leib		if ($ACT == 'show' || $ACT == 'edit' || $ACT == 'media') {
6980370bSSascha Leib			$controller->register_hook('TPL_METAHEADER_OUTPUT', 'BEFORE', $this, 'insertHeader');
d49ab213SSascha Leib
d49ab213SSascha Leib			// Override the page rendering, if a captcha needs to be displayed:
393de67cSSascha Leib			$controller->register_hook('TPL_ACT_RENDER', 'BEFORE', $this, 'insertCaptchaCode');
d49ab213SSascha Leib
e56d7b71SSascha Leib		} else if ($ACT == 'admin' && isset($_REQUEST['page']) && $_REQUEST['page'] == 'botmon') {
e56d7b71SSascha Leib			$controller->register_hook('TPL_METAHEADER_OUTPUT', 'BEFORE', $this, 'insertAdminHeader');
e56d7b71SSascha Leib		}
5f2c1759SSascha Leib
d49ab213SSascha Leib		// also show a captcha before the image preview
d49ab213SSascha Leib		$controller->register_hook('TPL_IMG_DISPLAY', 'BEFORE', $this, 'showImageCaptcha');
f5f4ca13SSascha Leib
5f2c1759SSascha Leib		// write to the log after the page content was displayed:
5f2c1759SSascha Leib		$controller->register_hook('TPL_CONTENT_DISPLAY', 'AFTER', $this, 'writeServerLog');
5f2c1759SSascha Leib
6980370bSSascha Leib	}
6980370bSSascha Leib
b148c85eSSascha Leib	/* session information */
f6a7ebc1SSascha Leib	private $sessionId = null;
f6a7ebc1SSascha Leib	private $sessionType = '';
393de67cSSascha Leib	private $showCaptcha = 'X';
b148c85eSSascha Leib
6980370bSSascha Leib	/**
6980370bSSascha Leib	 * Inserts tracking code to the page header
e56d7b71SSascha Leib	 * (only called on 'show' actions)
6980370bSSascha Leib	 *
6980370bSSascha Leib	 * @param Event $event event object by reference
6980370bSSascha Leib	 * @return void
6980370bSSascha Leib	 */
6980370bSSascha Leib	public function insertHeader(Event $event, $param) {
6980370bSSascha Leib
6980370bSSascha Leib		global $INFO;
6980370bSSascha Leib
b148c85eSSascha Leib
6980370bSSascha Leib		// build the tracker code:
d49ab213SSascha Leib		$code = $this->getBMHeader();
6980370bSSascha Leib
5f2c1759SSascha Leib		// add the deferred script loader::
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . "addEventListener('DOMContentLoaded', function(){" . NL;
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . DOKU_TAB . "const e=document.createElement('script');" . NL;
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . DOKU_TAB . "e.async=true;e.defer=true;" . NL;
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . DOKU_TAB . "e.src='".DOKU_BASE."lib/plugins/botmon/client.js';" . NL;
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . DOKU_TAB . "document.getElementsByTagName('head')[0].appendChild(e);" . NL;
e56d7b71SSascha Leib		$code .= DOKU_TAB . DOKU_TAB . "});";
5f2c1759SSascha Leib		$event->data['script'][] = ['_data' => $code];
451abfadSSascha Leib	}
451abfadSSascha Leib
d49ab213SSascha Leib	/* create the BM object code for insertion into a script element: */
d49ab213SSascha Leib	private function getBMHeader() {
d49ab213SSascha Leib
d49ab213SSascha Leib		// build the tracker code:
d49ab213SSascha Leib		$code = DOKU_TAB . DOKU_TAB . "document._botmon = {t0: Date.now(), session: " . json_encode($this->sessionId) . ", seed: " . json_encode($this->getConf('captchaSeed')) . ", ip: " . json_encode($_SERVER['REMOTE_ADDR']) . "};" . NL;
d49ab213SSascha Leib
d49ab213SSascha Leib		// is there a user logged in?
d49ab213SSascha Leib		$username = ( !empty($INFO['userinfo']) && !empty($INFO['userinfo']['name']) ?  $INFO['userinfo']['name'] : '');
d49ab213SSascha Leib		if ($username) {
d49ab213SSascha Leib			$code .= DOKU_TAB . DOKU_TAB . 'document._botmon.user = "' . $username . '";'. NL;
d49ab213SSascha Leib		}
d49ab213SSascha Leib
d49ab213SSascha Leib		return $code;
d49ab213SSascha Leib
d49ab213SSascha Leib	}
d49ab213SSascha Leib
451abfadSSascha Leib	/**
e56d7b71SSascha Leib	 * Inserts tracking code to the page header
e56d7b71SSascha Leib	 * (only called on 'show' actions)
e56d7b71SSascha Leib	 *
e56d7b71SSascha Leib	 * @param Event $event event object by reference
e56d7b71SSascha Leib	 * @return void
e56d7b71SSascha Leib	 */
e56d7b71SSascha Leib	public function insertAdminHeader(Event $event, $param) {
e56d7b71SSascha Leib
e56d7b71SSascha Leib		$event->data['link'][] = ['rel' => 'stylesheet', 'href' => DOKU_BASE.'lib/plugins/botmon/admin.css', 'defer' => 'defer'];
0edf1a56SSascha Leib		$event->data['script'][] = ['src' => DOKU_BASE.'lib/plugins/botmon/admin.js', 'defer' => 'defer', '_data' => ''];
e56d7b71SSascha Leib	}
e56d7b71SSascha Leib
e56d7b71SSascha Leib	/**
451abfadSSascha Leib	 * Writes data to the server log.
451abfadSSascha Leib	 *
451abfadSSascha Leib	 * @return void
451abfadSSascha Leib	 */
5f2c1759SSascha Leib	public function writeServerLog(Event $event, $param) {
451abfadSSascha Leib
451abfadSSascha Leib		global $conf;
451abfadSSascha Leib		global $INFO;
091b5998SSascha Leib
5f2c1759SSascha Leib		// is there a user logged in?
5f2c1759SSascha Leib		$username = ( !empty($INFO['userinfo']) && !empty($INFO['userinfo']['name'])
5f2c1759SSascha Leib					?  $INFO['userinfo']['name'] : '');
5f2c1759SSascha Leib
b2e3bd8bSSascha Leib		// clean the page ID
b2e3bd8bSSascha Leib		$pageId = preg_replace('/[\x00-\x1F]/', "\u{FFFD}", $INFO['id'] ?? '');
b2e3bd8bSSascha Leib
*e0f06f2dSSascha Leib		// get accepted languages:
*e0f06f2dSSascha Leib		$acceptedLanguages = ( $_SERVER['HTTP_ACCEPT_LANGUAGE'] ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : '' );
*e0f06f2dSSascha Leib
451abfadSSascha Leib		// create the log array:
cf9f7fe8SSascha Leib		$logArr = Array(
f5f4ca13SSascha Leib			$_SERVER['REMOTE_ADDR'], /* remote IP */
b2e3bd8bSSascha Leib			$pageId, /* page ID */
b148c85eSSascha Leib			$this->sessionId, /* Session ID */
b148c85eSSascha Leib			$this->sessionType, /* session ID type */
5f2c1759SSascha Leib			$username, /* user name */
2f2bc93aSSascha Leib			$_SERVER['HTTP_USER_AGENT'] ?? '', /* User agent */
451abfadSSascha Leib			$_SERVER['HTTP_REFERER'] ?? '', /* HTTP Referrer */
451abfadSSascha Leib			substr($conf['lang'],0,2), /* page language */
*e0f06f2dSSascha Leib			implode(',', array_unique(array_map( function($it) { return substr(trim($it),0,2); }, explode(',',trim($acceptedLanguages, " \t;,*"))))), /* accepted client languages */
2c641262SSascha Leib			$this->getCountryCode(), /* GeoIP country code */
ad279a21SSascha Leib			$this->showCaptcha, /* show captcha? */
ad279a21SSascha Leib			$_SERVER['REQUEST_METHOD'] ?? '' /* request method */
d49ab213SSascha Leib		);
cf9f7fe8SSascha Leib
cf9f7fe8SSascha Leib		//* create the log line */
4cddc661SSascha Leib		$filename = __DIR__ .'/logs/' . gmdate('Y-m-d') . '.srv.txt'; /* use GMT date for filename */
cf9f7fe8SSascha Leib		$logline = gmdate('Y-m-d H:i:s'); /* use GMT time for log entries */
cf9f7fe8SSascha Leib		foreach ($logArr as $tab) {
cf9f7fe8SSascha Leib			$logline .= "\t" . $tab;
cf9f7fe8SSascha Leib		};
cf9f7fe8SSascha Leib
cf9f7fe8SSascha Leib		/* write the log line to the file */
cf9f7fe8SSascha Leib		$logfile = fopen($filename, 'a');
cf9f7fe8SSascha Leib		if (!$logfile) die();
cf9f7fe8SSascha Leib		if (fwrite($logfile, $logline . "\n") === false) {
cf9f7fe8SSascha Leib			fclose($logfile);
cf9f7fe8SSascha Leib			die();
6980370bSSascha Leib		}
cf9f7fe8SSascha Leib
cf9f7fe8SSascha Leib		/* Done */
cf9f7fe8SSascha Leib		fclose($logfile);
cf9f7fe8SSascha Leib	}
b148c85eSSascha Leib
5f2c1759SSascha Leib	private function getCountryCode() {
5f2c1759SSascha Leib
f5f4ca13SSascha Leib		$country = ( $_SERVER['REMOTE_ADDR'] == '127.0.0.1' ? 'local' : 'ZZ' ); // default if no geoip is available!
5f2c1759SSascha Leib
69b73efaSSascha Leib		$lib = $this->getConf('geoiplib'); /* which library to use? (possible values are: disabled, phpgeoip or cloudflare) */
5f2c1759SSascha Leib
5f2c1759SSascha Leib		try {
5f2c1759SSascha Leib
69b73efaSSascha Leib			switch($lib) {
69b73efaSSascha Leib
69b73efaSSascha Leib			case 'phpgeoip':
69b73efaSSascha Leib				if (extension_loaded('geoip') && geoip_db_avail(GEOIP_COUNTRY_EDITION)) { // PHP GeoIP module available?
5f2c1759SSascha Leib					$result = geoip_country_code_by_name($_SERVER['REMOTE_ADDR']);
5f2c1759SSascha Leib					$country = ($result ? $result : $country);
5f2c1759SSascha Leib				}
69b73efaSSascha Leib				break;
69b73efaSSascha Leib
69b73efaSSascha Leib			case 'cloudflare':
69b73efaSSascha Leib				$result = $_SERVER['HTTP_CF_IPCOUNTRY'] ?? null;
69b73efaSSascha Leib				$country = ( $result == 'XX' || $result === null ? 'ZZ' : $result ); // Cloudflare returns 'XX' for unknown countries, we want 'ZZ' in that case
69b73efaSSascha Leib				break;
69b73efaSSascha Leib
69b73efaSSascha Leib			}
69b73efaSSascha Leib
69b73efaSSascha Leib
5f2c1759SSascha Leib		} catch (Exception $e) {
5f2c1759SSascha Leib			Logger::error('BotMon Plugin: GeoIP Error', $e->getMessage());
5f2c1759SSascha Leib		}
5f2c1759SSascha Leib
5f2c1759SSascha Leib		return $country;
5f2c1759SSascha Leib	}
5f2c1759SSascha Leib
447b8b4fSSascha Leib	private function setSessionInfo() {
b148c85eSSascha Leib
b148c85eSSascha Leib		// what is the session identifier?
b148c85eSSascha Leib		if (isset($_SESSION)) {
b148c85eSSascha Leib			$sesKeys = array_keys($_SESSION); /* DokuWiki Session ID preferred */
b148c85eSSascha Leib			foreach ($sesKeys as $key) {
b148c85eSSascha Leib				if (substr($key, 0, 2) == 'DW') {
b148c85eSSascha Leib					$this->sessionId = $key;
b148c85eSSascha Leib					$this->sessionType = 'dw';
b148c85eSSascha Leib					return;
b148c85eSSascha Leib				}
b148c85eSSascha Leib			}
b148c85eSSascha Leib		}
f6a7ebc1SSascha Leib		if (!$this->sessionId) { /* no DokuWiki Session ID, try PHP session ID */
b148c85eSSascha Leib			$this->sessionId = session_id();
b148c85eSSascha Leib			$this->sessionType = 'php';
b148c85eSSascha Leib		}
f5f4ca13SSascha Leib		if (!$this->sessionId) { /* no PHP session ID, try IP address */
f5f4ca13SSascha Leib			$this->sessionId = $_SERVER['REMOTE_ADDR'];
b148c85eSSascha Leib			$this->sessionType = 'ip';
b148c85eSSascha Leib		}
447b8b4fSSascha Leib
447b8b4fSSascha Leib		if (!$this->sessionId) { /* if all fails, use random data */
447b8b4fSSascha Leib			$this->sessionId = rand(100000000, 999999999);
447b8b4fSSascha Leib			$this->sessionType = 'rnd';
447b8b4fSSascha Leib		}
447b8b4fSSascha Leib
b148c85eSSascha Leib	}
f5f4ca13SSascha Leib
393de67cSSascha Leib	public function insertCaptchaCode(Event $event) {
f5f4ca13SSascha Leib
19b69b64SSascha Leib		$useCaptcha = $this->getConf('useCaptcha'); // which background to show?
f5f4ca13SSascha Leib
19b69b64SSascha Leib		// only if we previously determined that we need a captcha:
19b69b64SSascha Leib		if ($this->showCaptcha == 'Y') {
2c641262SSascha Leib
12993035SSascha Leib			echo '<h1 class="sectionedit1">'; tpl_pagetitle(); echo "</h1>\n"; // always show the original page title
f5f4ca13SSascha Leib			$event->preventDefault(); // don't show normal content
12993035SSascha Leib			switch ($useCaptcha) {
393de67cSSascha Leib				case 'loremipsum':
393de67cSSascha Leib					$this->insertLoremIpsum();  // show dada filler instead of text
12993035SSascha Leib					break;
12993035SSascha Leib				case 'dada':
12993035SSascha Leib					$this->insertDadaFiller();  // show dada filler instead of text
12993035SSascha Leib					break;
12993035SSascha Leib			}
d49ab213SSascha Leib
19b69b64SSascha Leib			// insert the captcha loader code:
19b69b64SSascha Leib			echo '<script>' . NL;
19b69b64SSascha Leib
19b69b64SSascha Leib			// add the deferred script loader::
19b69b64SSascha Leib			echo  DOKU_TAB . "addEventListener('DOMContentLoaded', function(){" . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . "const cj=document.createElement('script');" . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . "cj.async=true;cj.defer=true;cj.type='text/javascript';" . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . "cj.src='".DOKU_BASE."lib/plugins/botmon/captcha.js';" . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . "document.getElementsByTagName('head')[0].appendChild(cj);" . NL;
6b6cd387SSascha Leib			echo  DOKU_TAB . "});" . NL;
19b69b64SSascha Leib
19b69b64SSascha Leib			// add the translated strings for the captcha:
19b69b64SSascha Leib			echo  DOKU_TAB . '$BMLocales = {' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgTitle": ' . json_encode($this->getLang('bm_dlgTitle')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgSubtitle": ' . json_encode($this->getLang('bm_dlgSubtitle')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgConfirm": ' . json_encode($this->getLang('bm_dlgConfirm')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgChecking": ' . json_encode($this->getLang('bm_dlgChecking')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgLoading": ' . json_encode($this->getLang('bm_dlgLoading')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"dlgError": ' . json_encode($this->getLang('bm_dlgError')) . ',' . NL;
19b69b64SSascha Leib			echo  DOKU_TAB . '};' . NL;
19b69b64SSascha Leib
fb281ca1SSascha Leib			// captcha configuration options
fb281ca1SSascha Leib			echo  DOKU_TAB . '$BMConfig = {' . NL;
7dae1c4dSSascha Leib			echo  DOKU_TAB . DOKU_TAB . '"captchaOptions": ' . json_encode($this->getConf('captchaOptions')) . NL;
fb281ca1SSascha Leib			echo  DOKU_TAB . '};' . NL;
fb281ca1SSascha Leib
19b69b64SSascha Leib			echo '</script>' . NL;
cb916979SSascha Leib
cb916979SSascha Leib			// insert a warning message for users without JavaScript:
cb916979SSascha Leib			echo '<dialog open closedby="any" id="BM__NoJSWarning"><p>' . $this->getLang('bm_noJsWarning') . '</p></dialog>' . NL;
cb916979SSascha Leib
19b69b64SSascha Leib		}
d49ab213SSascha Leib	}
f5f4ca13SSascha Leib
d49ab213SSascha Leib	public function showImageCaptcha(Event $event, $param) {
d49ab213SSascha Leib
d49ab213SSascha Leib		$useCaptcha = $this->getConf('useCaptcha');
d49ab213SSascha Leib
d49ab213SSascha Leib		echo '<script>' . $this->getBMHeader($event, $param) . '</script>';
d49ab213SSascha Leib
d49ab213SSascha Leib		$cCode = '-';
d49ab213SSascha Leib		if ($useCaptcha !== 'disabled') {
d49ab213SSascha Leib			if ($this->captchaWhitelisted()) {
d49ab213SSascha Leib				$cCode = 'W'; // whitelisted
d49ab213SSascha Leib			}
d49ab213SSascha Leib			elseif ($this->hasCaptchaCookie()) {
d49ab213SSascha Leib				$cCode  = 'N'; // user already has a cookie
d49ab213SSascha Leib			}
d49ab213SSascha Leib			else {
d49ab213SSascha Leib				$cCode  = 'Y'; // show the captcha
d49ab213SSascha Leib
d49ab213SSascha Leib				echo '<svg width="100%" height="100%" viewBox="0 0 800 400" version="1.1" xmlns="http://www.w3.org/2000/svg"><path d="M1,1l798,398" style="fill:none;stroke:#f00;stroke-width:1px;"/><path d="M1,399l798,-398" style="fill:none;stroke:#f00;stroke-width:1px;"/><rect x="1" y="1" width="798" height="398" style="fill:none;stroke:#000;stroke-width:1px;"/></svg>'; // placeholder image
d49ab213SSascha Leib				$event->preventDefault(); // don't show normal content
d49ab213SSascha Leib
d49ab213SSascha Leib				// TODO Insert dummy image
d49ab213SSascha Leib				$this->insertCaptchaLoader(); // and load the captcha
d49ab213SSascha Leib			}
d49ab213SSascha Leib		};
d49ab213SSascha Leib
d49ab213SSascha Leib		$this->showCaptcha = $cCode; // store the captcha code for the logfile
d49ab213SSascha Leib	}
d49ab213SSascha Leib
6728cfa6SSascha Leib	/**
6728cfa6SSascha Leib	 * Checks if the user has a valid captcha cookie.
6728cfa6SSascha Leib	 *
6728cfa6SSascha Leib	 * @return boolean
6728cfa6SSascha Leib	 * @access private
6728cfa6SSascha Leib	 *
6728cfa6SSascha Leib	 **/
d49ab213SSascha Leib	private function hasCaptchaCookie() {
f5f4ca13SSascha Leib
cdc02cd4SSascha Leib		$cookieVal = isset($_COOKIE['DWConfirm']) ? $_COOKIE['DWConfirm'] : null;
f5f4ca13SSascha Leib
7dae1c4dSSascha Leib		// bypass cookie checking, of config option is set:
7dae1c4dSSascha Leib		$captchaOptions = explode(',', $this->getConf('captchaOptions'));
ac328188SSascha Leib		if (in_array('anyval', $captchaOptions) && strlen($cookieVal) == 64) {
ac328188SSascha Leib			//$this->writeCaptchaLog($_SERVER['REMOTE_ADDR'], $cookieVal, $_SERVER['SERVER_NAME'], "BYPASSED:" . strlen($cookieVal)); // Debug only
7dae1c4dSSascha Leib			return true;
7dae1c4dSSascha Leib		}
12993035SSascha Leib
7dae1c4dSSascha Leib		//  calculate the expected cookie value:
7dae1c4dSSascha Leib		$today = substr((new DateTime())->format('c'), 0, 10);
871c97bfSSascha Leib		$raw = $this->getConf('captchaSeed') . ';' . $_SERVER['SERVER_NAME'] . ';' . $_SERVER['REMOTE_ADDR'] . ';' . $today;
871c97bfSSascha Leib		$expected = hash('sha256', $raw);
12993035SSascha Leib
6728cfa6SSascha Leib		// for debugging: write captcha data to the log:
7dae1c4dSSascha Leib		//$this->writeCaptchaLog($_SERVER['REMOTE_ADDR'], $cookieVal, $_SERVER['SERVER_NAME'], $expected);
cdc02cd4SSascha Leib
d49ab213SSascha Leib		return $cookieVal == $expected;
f5f4ca13SSascha Leib	}
f5f4ca13SSascha Leib
6728cfa6SSascha Leib	/**
6728cfa6SSascha Leib	 * Writes data to the captcha log.
6728cfa6SSascha Leib	 *
6728cfa6SSascha Leib	 * @return void
6728cfa6SSascha Leib	 */
6728cfa6SSascha Leib	private function writeCaptchaLog($remote_addr, $cookieVal, $serverName, $expected) {
6728cfa6SSascha Leib
4ab56ef9SSascha Leib		global $INFO;
4ab56ef9SSascha Leib
6728cfa6SSascha Leib		$logArr = Array(
6728cfa6SSascha Leib			$remote_addr, /* remote IP */
6728cfa6SSascha Leib			$cookieVal, /* cookie value */
6728cfa6SSascha Leib			$this->getConf('captchaSeed'), /* seed */
6728cfa6SSascha Leib			$serverName, /* server name */
6728cfa6SSascha Leib			$expected, /* expected cookie value */
4ab56ef9SSascha Leib			($cookieVal == $expected ? 'MATCH' : 'WRONG'), /* cookie matches expected value? */
4ab56ef9SSascha Leib			$_SERVER['REQUEST_URI'] /* request URI */
6728cfa6SSascha Leib		);
6728cfa6SSascha Leib
6728cfa6SSascha Leib		//* create the log line */
6728cfa6SSascha Leib		$filename = __DIR__ .'/logs/' . gmdate('Y-m-d') . '.captcha.txt'; /* use GMT date for filename */
6728cfa6SSascha Leib		$logline = gmdate('Y-m-d H:i:s'); /* use GMT time for log entries */
6728cfa6SSascha Leib		foreach ($logArr as $tab) {
6728cfa6SSascha Leib			$logline .= "\t" . $tab;
6728cfa6SSascha Leib		};
6728cfa6SSascha Leib
6728cfa6SSascha Leib		/* write the log line to the file */
6728cfa6SSascha Leib		$logfile = fopen($filename, 'a');
6728cfa6SSascha Leib		if (!$logfile) die();
6728cfa6SSascha Leib		if (fwrite($logfile, $logline . "\n") === false) {
6728cfa6SSascha Leib			fclose($logfile);
6728cfa6SSascha Leib			die();
6728cfa6SSascha Leib		}
6728cfa6SSascha Leib
9b2115f1SSascha Leib		// in case of errors, write the cookie data to the log:
9b2115f1SSascha Leib		if (!$cookieVal) {
0cfc0c5dSSascha Leib			$logline =  print_r($_COOKIE, true);
9b2115f1SSascha Leib			if (fwrite($logfile, $logline . "\n") === false) {
9b2115f1SSascha Leib				fclose($logfile);
9b2115f1SSascha Leib				die();
9b2115f1SSascha Leib			}
9b2115f1SSascha Leib		}
9b2115f1SSascha Leib
9b2115f1SSascha Leib		/* Done. close the file. */
6728cfa6SSascha Leib		fclose($logfile);
6728cfa6SSascha Leib	}
6728cfa6SSascha Leib
2c641262SSascha Leib	// check if the visitor's IP is on a whitelist:
2c641262SSascha Leib	private function captchaWhitelisted() {
2c641262SSascha Leib
2c641262SSascha Leib		// normalise IP address:
2c641262SSascha Leib		$ip = inet_pton($_SERVER['REMOTE_ADDR']);
2c641262SSascha Leib
2c641262SSascha Leib		// find which file to open:
2c641262SSascha Leib		$prefixes = ['user', 'default'];
2c641262SSascha Leib		foreach ($prefixes as $pre) {
2c641262SSascha Leib			$filename = __DIR__ .'/config/' . $pre . '-whitelist.txt';
2c641262SSascha Leib			if (file_exists($filename)) {
2c641262SSascha Leib				break;
2c641262SSascha Leib			}
2c641262SSascha Leib		}
2c641262SSascha Leib
2c641262SSascha Leib		if (file_exists($filename)) {
2c641262SSascha Leib			$lines = file($filename, FILE_SKIP_EMPTY_LINES);
2c641262SSascha Leib			foreach ($lines as $line) {
2c641262SSascha Leib				if (trim($line) !== '' && !str_starts_with($line, '#')) {
2c641262SSascha Leib					$col = explode("\t", $line);
2c641262SSascha Leib					if (count($col) >= 2) {
2c641262SSascha Leib						$from = inet_pton($col[0]);
2c641262SSascha Leib						$to = inet_pton($col[1]);
2c641262SSascha Leib
2c641262SSascha Leib						if ($ip >= $from && $ip <= $to) {
d49ab213SSascha Leib							return true; /* IP whitelisted */
2c641262SSascha Leib						}
2c641262SSascha Leib					}
2c641262SSascha Leib				}
2c641262SSascha Leib			}
2c641262SSascha Leib		}
d49ab213SSascha Leib		return false; /* IP not found in whitelist */
2c641262SSascha Leib	}
2c641262SSascha Leib
7dae1c4dSSascha Leib	// inserts a static text content in place of the actual page content:
393de67cSSascha Leib	private function insertLoremIpsum() {
12993035SSascha Leib
393de67cSSascha Leib		echo '<div class="level1">' . NL;
393de67cSSascha Leib		echo '<p>' . NL . 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.'. NL . '</p>' . NL;
393de67cSSascha Leib		echo '<p>' . NL . 'At vero eos et accusamus et iusto odio dignissimos ducimus, qui blanditiis praesentium voluptatum deleniti atque corrupti, quos dolores et quas molestias excepturi sint, obcaecati cupiditate non provident, similique sunt in culpa, qui officia deserunt mollitia animi, id est laborum et dolorum fuga.'. NL . '</p>' . NL;
393de67cSSascha Leib		echo '</div>' . NL;
393de67cSSascha Leib
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	/* Generates a few paragraphs of Dada text to show instead of the article content */
f5f4ca13SSascha Leib	private function insertDadaFiller() {
f5f4ca13SSascha Leib
12993035SSascha Leib		global $conf;
12993035SSascha Leib		global $TOC;
12993035SSascha Leib		global $ID;
f5f4ca13SSascha Leib
12993035SSascha Leib		// list of languages to search for the wordlist
12993035SSascha Leib		$langs = array_unique([$conf['lang'], 'la']);
f5f4ca13SSascha Leib
12993035SSascha Leib		// find path to the first available wordlist:
12993035SSascha Leib		foreach ($langs as $lang) {
12993035SSascha Leib			$filename = __DIR__ .'/lang/' . $lang . '/wordlist.txt'; /* language-specific wordlist */
12993035SSascha Leib			if (file_exists($filename)) {
12993035SSascha Leib				break;
12993035SSascha Leib			}
12993035SSascha Leib		}
f5f4ca13SSascha Leib
12993035SSascha Leib		// load the wordlist file:
12993035SSascha Leib		if (file_exists($filename)) {
12993035SSascha Leib			$words = array();
12993035SSascha Leib			$totalWeight = 0;
12993035SSascha Leib			$lines = file($filename, FILE_SKIP_EMPTY_LINES);
12993035SSascha Leib			foreach ($lines as $line) {
12993035SSascha Leib				$arr = explode("\t", $line);
12993035SSascha Leib				$arr[1] = ( count($arr) > 1 ? (int) trim($arr[1]) : 1 );
12993035SSascha Leib				$totalWeight += (int) $arr[1];
12993035SSascha Leib				array_push($words, $arr);
12993035SSascha Leib			}
12993035SSascha Leib		} else {
12993035SSascha Leib			echo '<script> console.log("Can’t generate filler text: wordlist file not found!"); </script>';
12993035SSascha Leib			return;
12993035SSascha Leib		}
f5f4ca13SSascha Leib
12993035SSascha Leib		// If a TOC exists, use it for the headlines:
12993035SSascha Leib		if(is_array($TOC)) {
12993035SSascha Leib			$toc = $TOC;
12993035SSascha Leib		} else {
12993035SSascha Leib			$meta = p_get_metadata($ID, '', METADATA_RENDER_USING_CACHE);
12993035SSascha Leib			//$tocok = (isset($meta['internal']['toc']) ? $meta['internal']['toc'] : $tocok = true);
12993035SSascha Leib			$toc = isset($meta['description']['tableofcontents']) ? $meta['description']['tableofcontents'] : null;
12993035SSascha Leib		}
12993035SSascha Leib		if (!$toc) { // no TOC, generate my own:
12993035SSascha Leib			$hlCount = mt_rand(0, (int) $conf['tocminheads']);
12993035SSascha Leib			$toc = array();
12993035SSascha Leib			for ($i=0; $i<$hlCount; $i++) {
12993035SSascha Leib				array_push($toc, $this->dadaMakeHeadline($words, $totalWeight)); // $toc
12993035SSascha Leib			}
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		// if H1 heading is not in the TOC, add a chappeau section:
12993035SSascha Leib		$chapeauCount = mt_rand(1, 3);
12993035SSascha Leib		if ((int) $conf['toptoclevel'] > 1) {
12993035SSascha Leib			echo "<div class=\"level1\">\n";
12993035SSascha Leib			for ($i=0; $i<$chapeauCount; $i++) {
12993035SSascha Leib				echo $this->dadaMakeParagraph($words, $totalWeight);
12993035SSascha Leib			}
12993035SSascha Leib			echo "</div>\n";
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		//  text sections for each sub-headline:
12993035SSascha Leib		foreach ($toc as $hl) {
12993035SSascha Leib			echo $this->dadaMakeSection($words, $totalWeight, $hl);
12993035SSascha Leib		}
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	private function dadaMakeSection($words, $totalWeight, $hl) {
12993035SSascha Leib
12993035SSascha Leib		global $conf;
12993035SSascha Leib
12993035SSascha Leib		// how many paragraphs?
12993035SSascha Leib		$paragraphCount = mt_rand(1, 4);
12993035SSascha Leib
12993035SSascha Leib		// section level
12993035SSascha Leib		$topTocLevel = (int) $conf['toptoclevel'];
12993035SSascha Leib		$secLevel = $hl['level'] + 1;;
12993035SSascha Leib
12993035SSascha Leib		// return value:
12993035SSascha Leib		$sec = "";
12993035SSascha Leib
12993035SSascha Leib		// make a headline:
12993035SSascha Leib		if ($topTocLevel > 1 || $secLevel > 1) {
12993035SSascha Leib			$sec .= "<h{$secLevel} id=\"{$hl['hid']}\">{$hl['title']}</h{$secLevel}>\n";
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		// add the paragraphs:
12993035SSascha Leib		$sec .= "<div class=\"level{$secLevel}\">\n";
12993035SSascha Leib		for ($i=0; $i<$paragraphCount; $i++) {
12993035SSascha Leib			$sec .= $this->dadaMakeParagraph($words, $totalWeight);
12993035SSascha Leib		}
12993035SSascha Leib		$sec .= "</div>\n";
12993035SSascha Leib
12993035SSascha Leib		return $sec;
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	private function dadaMakeHeadline($words, $totalWeight) {
12993035SSascha Leib
12993035SSascha Leib		// how many words to generate?
12993035SSascha Leib		$wordCount = mt_rand(2, 5);
12993035SSascha Leib
12993035SSascha Leib		// function returns an array:
12993035SSascha Leib		$r = Array();
12993035SSascha Leib
12993035SSascha Leib		// generate the headline:
12993035SSascha Leib		$hlArr = array();
12993035SSascha Leib		for ($i=0; $i<$wordCount; $i++) {
12993035SSascha Leib			array_push($hlArr, $this->dadaSelectRandomWord($words, $totalWeight));
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		$r['title'] =  ucfirst(implode(' ', $hlArr));
12993035SSascha Leib
12993035SSascha Leib		$r['hid'] = preg_replace('/[^\w\d\-]+/i', '_', strtolower($r['title']));
12993035SSascha Leib		$r['type'] = 'ul'; // always ul!
12993035SSascha Leib		$r['level'] = 1; // always level 1 for now
12993035SSascha Leib
12993035SSascha Leib		return $r;
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	private function dadaMakeParagraph($words, $totalWeight) {
12993035SSascha Leib
12993035SSascha Leib		// how many words to generate?
12993035SSascha Leib		$sentenceCount = mt_rand(2, 5);
12993035SSascha Leib
12993035SSascha Leib		$paragraph = array();
12993035SSascha Leib		for ($i=0; $i<$sentenceCount; $i++) {
12993035SSascha Leib			array_push($paragraph, $this->dadaMakeSentence($words, $totalWeight));
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		return "<p>\n" . implode(' ', $paragraph) . "\n</p>\n";
12993035SSascha Leib
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	private function dadaMakeSentence($words, $totalWeight) {
12993035SSascha Leib
12993035SSascha Leib		// how many words to generate?
12993035SSascha Leib		$wordCount = mt_rand(4, 20);
12993035SSascha Leib
12993035SSascha Leib		// generate the sentence:
12993035SSascha Leib		$sentence = array();
12993035SSascha Leib		for ($i=0; $i<$wordCount; $i++) {
12993035SSascha Leib			array_push($sentence, $this->dadaSelectRandomWord($words, $totalWeight));
12993035SSascha Leib		}
12993035SSascha Leib
12993035SSascha Leib		return ucfirst(implode(' ', $sentence)) . '.';
12993035SSascha Leib
12993035SSascha Leib	}
12993035SSascha Leib
12993035SSascha Leib	private function dadaSelectRandomWord($list, $totalWeight) {
12993035SSascha Leib
12993035SSascha Leib		// get a random selection:
12993035SSascha Leib		$rand = mt_rand(0, $totalWeight);
12993035SSascha Leib
12993035SSascha Leib		// match the selection to the weighted list:
12993035SSascha Leib		$cumulativeWeight = 0;
12993035SSascha Leib		for ($i=0; $i<count($list); $i++) {
12993035SSascha Leib			$cumulativeWeight += $list[$i][1];
12993035SSascha Leib			if ($cumulativeWeight >= $rand) {
12993035SSascha Leib				return $list[$i][0];
12993035SSascha Leib			}
12993035SSascha Leib		}
12993035SSascha Leib		return '***';
f5f4ca13SSascha Leib	}
f5f4ca13SSascha Leib
6980370bSSascha Leib}