From ebe504695f6027dde6914a5eed4aa6d243b911f9 Mon Sep 17 00:00:00 2001 From: Patrick Davison Date: Sun, 3 Mar 2013 20:11:52 -0800 Subject: Chat antispam and more replacements. --- ajax/chat.ajax.php | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) (limited to 'ajax') diff --git a/ajax/chat.ajax.php b/ajax/chat.ajax.php index ac682a7..36ac16a 100644 --- a/ajax/chat.ajax.php +++ b/ajax/chat.ajax.php @@ -1,13 +1,36 @@ 6) { + $_SESSION['chatSendCount'] = 0; + $_SESSION['chatLastReset'] = strtotime('now'); +} +if ($_REQUEST['messages']) { + $_SESSION['chatSendCount']++; + if ($_SESSION['chatSendCount'] > 4) { + $r[0]['error'] = 'Spam'; + $r[0]['serverMessage'] = 'true'; + $r[0]['message'] = "You're talking too fast - or your internet is being too slow. *OR ARE YOU SPAMMING ON PURPOSE?! JERK!*"; + $r[0]['secondsSince'] = 0; + $r[0]['displayName'] = 'SERVER'; + $r[0]['userID'] = -1; + echo json_encode($r); + exit; + } +} +//Don't lockout requests by holding the session file open! session_write_close(); -//Just doing this as evidence that $_SESSION as read-only is still available. $userID = $_SESSION['userID']; $chatLockDown = false; // STOP CHAT? //$chatLockDown = true; +if (true) { + if ($_SESSION['accepted'] !== 1) { + exit; + } +} + require('../includes/chats.php'); $sent = false; @@ -52,11 +75,10 @@ if ($_REQUEST['messages']) { //javascript based commands: if ($command == 'spoiler' OR $command == 'me') { $insertID = addchat($userID, $message); - } - //For anyone + } if ($command == 'help') { $r[0]['serverMessage'] = 'true'; - $r[0]['message'] = "Commands: /help /time /spoiler /me. - Chat by Pathery.com"; + $r[0]['message'] = "Commands: /help /time /spoiler /me. Surround text with ** for bold * for italics and ~~ for strikethrough. Chat by Pathery.com"; $r[0]['secondsSince'] = 0; $r[0]['userID'] = -1; echo json_encode($r); -- cgit v1.2.3