Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
open-source
MetaGer
Commits
01d4aa60
Commit
01d4aa60
authored
Aug 08, 2017
by
Karl Hasselbring
Browse files
Noaccess und bot protection entfernt
parent
429ef4ea
Changes
4
Hide whitespace changes
Inline
Side-by-side
app/Http/Controllers/MetaGerSearch.php
View file @
01d4aa60
...
...
@@ -30,11 +30,6 @@ class MetaGerSearch extends Controller
# Mit gelieferte Formulardaten parsen und abspeichern:
$metager
->
parseFormData
(
$request
);
# Ein Schutz gegen bestimmte Bot-Angriffe, die uns passiert sind.
if
(
$metager
->
doBotProtection
(
$request
->
input
(
'bot'
,
""
)))
{
return
redirect
(
LaravelLocalization
::
getLocalizedURL
(
LaravelLocalization
::
getCurrentLocale
(),
url
(
"/noaccess"
,
[
'redirect'
=>
base64_encode
(
url
()
->
full
())])));
}
# Nach Spezialsuchen überprüfen:
$metager
->
checkSpecialSearches
(
$request
);
...
...
app/MetaGer.php
View file @
01d4aa60
...
...
@@ -346,35 +346,6 @@ class MetaGer
}
}
/**
* Diese Funktion überprüft, ob wir einen erweiterten Check auf Bots machen müssen.
* Z.B.: Wurden wir von einem Bot (dessen Anfragen aus dem Tor-Netzwerk kamen) mit tausenden
* Anfragen zu Telefonnummern überschwemmt. Bei diesen werden wir nun eine erweiterte Überprüfung
* durchführen.
* Für den Anfang werden wir alle Anfragen, die unter diese Kriterien fallen, nur noch beantworten, wenn
* JavaScript ausgeführt wird. (Mal schauen ob und wie lange dies ausreicht)
*/
public
function
doBotProtection
(
$bot
)
{
$hash
=
md5
(
date
(
'YmdHi'
));
$shouldCheck
=
false
;
foreach
(
$this
->
request
->
all
()
as
$key
=>
$value
)
{
if
(
strpos
(
$key
,
"amp;"
)
!==
false
)
{
$shouldCheck
=
true
;
break
;
}
}
if
((
preg_match
(
"/^\d+$/s"
,
$this
->
getEingabe
())
||
$shouldCheck
)
&&
$bot
!==
$hash
)
{
return
true
;
}
else
{
return
false
;
}
}
public
function
combineResults
(
$engines
)
{
foreach
(
$engines
as
$engine
)
{
...
...
resources/views/botProtection.blade.php
deleted
100644 → 0
View file @
429ef4ea
<!DOCTYPE html>
<html>
<head>
<title>
Access Denied
</title>
<link
href=
"/favicon.ico"
rel=
"icon"
type=
"image/x-icon"
/>
<link
href=
"/favicon.ico"
rel=
"shortcut icon"
type=
"image/x-icon"
/>
<meta
content=
"width=device-width, initial-scale=1.0, user-scalable=no"
name=
"viewport"
/>
<meta
content=
"{{ getmypid() }}"
name=
"p"
/>
<meta
content=
"#wknekjnbweignipwep=="
name=
"q"
/>
<meta
content=
"{{ $hash }}"
name=
"pq"
/>
<meta
content=
"{{ $r }}"
name=
"pqr"
/>
<meta
http-equiv=
"Content-Type"
content=
"text/html; charset=utf-8"
/>
<link
type=
"text/css"
rel=
"stylesheet"
href=
"/css/themes/{{ app('request')->input('theme', 'default') }}.css"
/>
</head>
<body>
<h1
class=
"hidden"
>
Your Access to this site has been denied. Please contact
<a
href=
"mailto:office@suma-ev.de"
>
office@suma-ev.de
</a>
if this is not correct
</h1>
<script
type=
"text/javascript"
src=
"{{ elixir('js/lib.js') }}"
></script>
<script
type=
"text/javascript"
src=
"{{ elixir('js/scriptResultPage.js') }}"
></script>
</body>
</html>
routes/web.php
View file @
01d4aa60
...
...
@@ -146,7 +146,6 @@ Route::group(
Route
::
get
(
'settings'
,
'StartpageController@loadSettings'
);
Route
::
match
([
'get'
,
'post'
],
'meta/meta.ger3'
,
'MetaGerSearch@search'
);
Route
::
get
(
'noaccess/{redirect}'
,
'MetaGerSearch@botProtection'
);
Route
::
get
(
'meta/picture'
,
'Pictureproxy@get'
);
Route
::
get
(
'clickstats'
,
'LogController@clicklog'
);
Route
::
get
(
'pluginClose'
,
'LogController@pluginClose'
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment