Chat antispam and more replacements.

1 files changed, 26 insertions, 4 deletions

diff --git a/ajax/chat.ajax.php b/ajax/chat.ajax.php
index ac682a7..36ac16a 100644
--- a/ajax/chat.ajax.php
+++ b/ajax/chat.ajax.php
@@ -1,13 +1,36 @@
 <?

 session_start();

+if (strtotime('now') - $_SESSION['chatLastReset'] > 6) {

+	$_SESSION['chatSendCount'] = 0;

+	$_SESSION['chatLastReset'] = strtotime('now');

+}

+if ($_REQUEST['messages']) {

+	$_SESSION['chatSendCount']++;

+	if ($_SESSION['chatSendCount'] > 4) {

+		$r[0]['error'] = 'Spam';

+		$r[0]['serverMessage'] = 'true';

+		$r[0]['message'] = "You're talking too fast - or your internet is being too slow. *OR ARE YOU SPAMMING ON PURPOSE?! JERK!*";

+		$r[0]['secondsSince'] = 0;

+		$r[0]['displayName'] = 'SERVER';

+		$r[0]['userID'] = -1;

+		echo json_encode($r);

+		exit;

+	}

+}

+//Don't lockout requests by holding the session file open!

 session_write_close();

-//Just doing this as evidence that $_SESSION as read-only is still available.

 $userID = $_SESSION['userID'];

 

 $chatLockDown = false;

 // STOP CHAT?

 //$chatLockDown = true;

 

+if (true) {

+	if ($_SESSION['accepted'] !== 1) {

+		exit;

+	}

+}

+

 require('../includes/chats.php');

 

 $sent = false;

@@ -52,11 +75,10 @@ if ($_REQUEST['messages']) {
 			//javascript based commands:

 			if ($command == 'spoiler' OR $command == 'me') {

 				$insertID = addchat($userID, $message);

-			}

-			//For anyone

+			}	

 			if ($command == 'help') {

 				$r[0]['serverMessage'] = 'true';

-				$r[0]['message'] = "Commands: /help /time /spoiler /me. - Chat by Pathery.com";

+				$r[0]['message'] = "Commands: /help /time /spoiler /me. Surround text with ** for bold * for italics and ~~ for strikethrough. Chat by Pathery.com";

 				$r[0]['secondsSince'] = 0;

 				$r[0]['userID'] = -1;

 				echo json_encode($r);