基于Discuz security.inc.php代码的深入分析

代码如下所示:
复制代码 代码如下:

/*
[Discuz!] (C)2001-2009 Comsenz Inc.
This is NOT a freeware, use is subject to license terms

$Id: security.inc.php 16688 2008-11-14 06:41:07Z cnteacher $
*/

//如果没有设定 IN_DISCUZ ,则访问出错 if(!defined(‘IN_DISCUZ’)) {
exit(‘Access Denied’);
}

// 使用位移  $attackevasive 来设定 论坛防御级别 ,如果是 1 或者是 4
的话, 1=cookie 刷新限制 , 4=二次请求
// 读取上次时间到当前存放cookies数组,并将现在时间放置cookies
// 将$_DCOOKIE[‘lastrequest’] 不断加密 存放last访问时间到
lastrequest_cookies
if($attackevasive & 1 || $attackevasive & 4) {
$_DCOOKIE[‘lastrequest’] = authcode($_DCOOKIE[‘lastrequest’],
‘DECODE’);
dsetcookie(‘lastrequest’, authcode($timestamp, ‘ENCODE’), $timestamp +
816400, 1, true);
}

//如果确认被攻击,则展示提示语 1 if($attackevasive & 1) {
if($timestamp – $_DCOOKIE[‘lastrequest’] < 1) {
securitymessage(‘attachsave_1_subject’, ‘attachsave_1_message’);
}
}

 
//如检查到 HTTP_X_FORWARDED_FOR 有以下 参数 ,将提示 使用代理 if(($attackevasive & 2) && ($_SERVER[‘HTTP_X_FORWARDED_FOR’]
||
$_SERVER[‘HTTP_VIA’] || $_SERVER[‘HTTP_PROXY_CONNECTION’] ||
$_SERVER[‘HTTP_USER_AGENT_VIA’] ||
$_SERVER[‘HTTP_CACHE_INFO’] ||
$_SERVER[‘HTTP_PROXY_CONNECTION’])) {
securitymessage(‘attachsave_2_subject’, ‘attachsave_2_message’,
FALSE);
}

//如果在限定的时间内访问多次,将判断为二次请求 if($attackevasive & 4) {
if(empty($_DCOOKIE[‘lastrequest’]) || $timestamp –
$_DCOOKIE[‘lastrequest’] > 300) {
securitymessage(‘attachsave_4_subject’, ‘attachsave_4_message’);
}
}

 
//如果需要回答问题,则判断为8 if($attackevasive & 8) {
list($questionkey, $questionanswer, $questiontime) = explode(‘|’,
authcode($_DCOOKIE[‘secqcode’], ‘DECODE’));
include_once DISCUZ_ROOT.’./forumdata/cache/cache_secqaa.php’;
if(!$questionanswer || !$questiontime ||
$_DCACHE[‘secqaa’][$questionkey][‘answer’] != $questionanswer)
{

if(empty($_POST[‘secqsubmit’]) || (!empty($_POST[‘secqsubmit’]) &&
$_DCACHE[‘secqaa’][$questionkey][‘answer’] 澳门新葡亰手机版,!=
md5($_POST[‘answer’]))) {
$questionkey = array_rand($_DCACHE[‘secqaa’]);
dsetcookie(‘secqcode’, authcode($questionkey.’||’.$timestamp, ‘ENCODE’),
$timestamp + 816400, 1, true);
securitymessage($_DCACHE[‘secqaa’][$questionkey][‘question’], ”,
FALSE, TRUE);
} else {
dsetcookie(‘secqcode’,
authcode($questionkey.’|’.$_DCACHE[‘secqaa’][$questionkey][‘answer’].’|’.$timestamp,
‘ENCODE’), $timestamp + 816400, 1, true);
}
}

}

/**
 * 输出被攻击提示语言,如果是ajax,展示一個错误層, 如果是請求,
則展示错误頁面
 * @param $subject
 * @param $message
 * @param $reload
 * @param $form
 * @return unknown_type
 */
function securitymessage($subject, $message, $reload = TRUE, $form =
FALSE) {

$scuritylang = array(
‘attachsave_1_subject’ => ‘频繁刷新限制’,
‘attachsave_1_message’ =>
‘您访问本站速度过快或者刷新间隔时间小于两秒!请等待页面自动跳转 …’,
‘attachsave_2_subject’ => ‘代理服务器访问限制’,
‘attachsave_2_message’ =>
‘本站现在限制使用代理服务器访问,请去除您的代理设置,直接访问本站。’,
‘attachsave_4_subject’ => ‘页面重载开启’,
‘attachsave_4_message’ => ‘欢迎光临本站,页面正在重新载入,请稍候
…’
);

$subject = $scuritylang[$subject] ? $scuritylang[$subject] :
$subject;
$message = $scuritylang[$message] ? $scuritylang[$message] :
$message;
if($_GET[‘inajax’]) {
ajaxshowheader();
echo ‘‘.$subject.’

‘.$message.'<>’;
ajaxshowfooter();
} else {
echo ”;
echo ‘

‘;
echo ‘

‘.$subject.’

‘;
echo ”;
echo ”;
if($reload) {
echo ‘

‘;
}
if($form) {
echo ‘

‘;
}
echo ‘

‘;
echo ‘ 

‘;
echo ‘   

‘;
echo ‘   

‘;
echo ‘   

‘;
echo ‘     

‘;
echo ‘    

‘.$subject.’

‘;
echo $message;
echo ‘       

‘;
echo ‘     

‘;
echo ‘   

‘;
echo ‘   

‘;
echo ‘   

‘;
echo ‘ 

‘;
echo ‘

‘;
if($form) {
echo ‘

‘;
}
echo ”;
echo ”;
}
exit();
}

 
function ajaxshowheader() {
global $charset, $inajax;
ob_end_clean();
@header(“Expires: -1”);
@header(“Cache-Control: no-store, private, post-check=0, pre-check=0,
max-age=0”, FALSE);
@header(“Pragma: no-cache”);
header(“Content-type: application/xml”);
echo “

/n}

function ajaxshowfooter() {
echo ‘]]>’;
}

?>