From ebe504695f6027dde6914a5eed4aa6d243b911f9 Mon Sep 17 00:00:00 2001 From: Patrick Davison Date: Sun, 3 Mar 2013 20:11:52 -0800 Subject: Chat antispam and more replacements. --- ajax/chat.ajax.php | 30 ++++++++++++++++++++++++++---- pages/chat.php | 25 +++++++++++++++++-------- 2 files changed, 43 insertions(+), 12 deletions(-) diff --git a/ajax/chat.ajax.php b/ajax/chat.ajax.php index ac682a7..36ac16a 100644 --- a/ajax/chat.ajax.php +++ b/ajax/chat.ajax.php @@ -1,13 +1,36 @@ 6) { + $_SESSION['chatSendCount'] = 0; + $_SESSION['chatLastReset'] = strtotime('now'); +} +if ($_REQUEST['messages']) { + $_SESSION['chatSendCount']++; + if ($_SESSION['chatSendCount'] > 4) { + $r[0]['error'] = 'Spam'; + $r[0]['serverMessage'] = 'true'; + $r[0]['message'] = "You're talking too fast - or your internet is being too slow. *OR ARE YOU SPAMMING ON PURPOSE?! JERK!*"; + $r[0]['secondsSince'] = 0; + $r[0]['displayName'] = 'SERVER'; + $r[0]['userID'] = -1; + echo json_encode($r); + exit; + } +} +//Don't lockout requests by holding the session file open! session_write_close(); -//Just doing this as evidence that $_SESSION as read-only is still available. $userID = $_SESSION['userID']; $chatLockDown = false; // STOP CHAT? //$chatLockDown = true; +if (true) { + if ($_SESSION['accepted'] !== 1) { + exit; + } +} + require('../includes/chats.php'); $sent = false; @@ -52,11 +75,10 @@ if ($_REQUEST['messages']) { //javascript based commands: if ($command == 'spoiler' OR $command == 'me') { $insertID = addchat($userID, $message); - } - //For anyone + } if ($command == 'help') { $r[0]['serverMessage'] = 'true'; - $r[0]['message'] = "Commands: /help /time /spoiler /me. - Chat by Pathery.com"; + $r[0]['message'] = "Commands: /help /time /spoiler /me. Surround text with ** for bold * for italics and ~~ for strikethrough. Chat by Pathery.com"; $r[0]['secondsSince'] = 0; $r[0]['userID'] = -1; echo json_encode($r); diff --git a/pages/chat.php b/pages/chat.php index f68db7e..41b07fb 100644 --- a/pages/chat.php +++ b/pages/chat.php @@ -65,6 +65,7 @@ function getChatDone(data) { //var timestamp = postDate.format("ddd h:MM TT"); //var timestamp = postDate.format("h:MM:ss"); var timestamp = postDate.format("hh:MM:ss"); + var timestampDetails = postDate.format("ddd h:MM TT"); var strClass = ''; if (chat.userID == userObj.ID) { @@ -75,23 +76,23 @@ function getChatDone(data) { chat.displayName = 'SERVER' } - var isSpoiler = false; - if (chat.message.indexOf("/spoiler ") == 0) { - chat.message = chat.message.substring(9); - isSpoiler = true; - } - var usernameClass = ''; if (chat.message.indexOf("/me ") == 0) { chat.message = chat.message.substring(4); usernameClass = ' me'; } + var isSpoiler = false; + if (chat.message.indexOf("/spoiler ") == 0) { + chat.message = chat.message.substring(9); + isSpoiler = true; + } + //console.log("INSIDE BUILD START"); p = ''; p = p+ "
"; - p = p+ " ["+timestamp+"]"; + p = p+ " ["+timestamp+"]"; p = p+ "
"; p = p+ "
"; p = p+ "
"; @@ -143,10 +144,18 @@ function getChatDone(data) { function chatReplaceAndEncode(chat) { chat = htmlEncode(chat); - chat = chat.replace(/\*(\S(.*?\S)?)\*/gm, "$1"); + chat = chat.replace(/\*\*(\S(.*?\S)?)\*\*/gm, "$1"); + chat = chat.replace(/\~\~(\S(.*?\S)?)\~\~/gm, "$1"); + chat = chat.replace(/\*(\S(.*?\S)?)\*/gm, "$1"); + //TODO: For Blue: + // I want the # in the to=$1 to turn into %23; but not anywhere else. var URLexp = /(\b(https?|ftp|file):\/\/[-A-Z0-9+&@#\/%?=~_|!:,.;]*[-A-Z0-9+&@#\/%=~_|])/ig; chat = chat.replace(URLexp, "$1"); + //Here's to hoping no one puts a hash infront of a URL... + chat = chat.replace(/\#/, "%23"); + //Here's for when someone does that and goes "wth?" + //chat = chat.replace(/\#/g, "%23"); return chat; } -- cgit v1.2.3