@@ 2,10 2,127 @@
// CheckSpam v1.0 - Submit user to StopForumSpam
+$CS_stopforumspan_apikey = '';
+$CS_process_usergroup = 2;
+
require_once('./global.php');
-require_once(DIR . '/includes/adminfunctions.php');
+require_once(DIR . '/includes/adminfunctions_profilefield.php');
+require_once(DIR . '/includes/adminfunctions_user.php');
+
+if (!can_administer('canadminusers'))
+{
+ print_cp_no_permission();
+}
+
+print_cp_header('Checkspam - Submit user to StopForumSpam');
-if (isset($_REQUEST['do']) && ($_REQUEST['do'] == 'cs-sfs-confirm'))
+if (isset($_REQUEST['do']) && ($_REQUEST['do'] == 'confirm'))
{
- print_confirmation('Are you sure?', 'checkspam.php', 'cs-sfs-submit');
-}
No newline at end of file
+ $userid = intval($_REQUEST['u']);
+ $sql = 'SELECT '.TABLE_PREFIX.'user.userid, '.TABLE_PREFIX.'user.usergroupid, '.TABLE_PREFIX.'user.username, '.TABLE_PREFIX.'user.email, '.TABLE_PREFIX.'user.ipaddress, '
+ .TABLE_PREFIX.'user.homepage, '.TABLE_PREFIX.'user.birthday, '.TABLE_PREFIX.'userfield.field1 AS biography, '.TABLE_PREFIX.'userfield.field2 AS location, '
+ .TABLE_PREFIX.'userfield.field3 AS interests, '.TABLE_PREFIX.'userfield.field4 AS occupation, '.TABLE_PREFIX.'userfield.field8 AS gender, '.TABLE_PREFIX.'usertextfield.signature '
+ .'FROM '.TABLE_PREFIX.'user '
+ .'INNER JOIN '.TABLE_PREFIX.'userfield ON ('.TABLE_PREFIX.'userfield.userid = '.TABLE_PREFIX.'user.userid) '
+ .'INNER JOIN '.TABLE_PREFIX.'usertextfield ON ('.TABLE_PREFIX.'usertextfield.userid = '.TABLE_PREFIX.'user.userid) '
+ .'WHERE '.TABLE_PREFIX.'user.userid='.$userid;
+ $result = $vbulletin->db->query($sql);
+ if ($vbulletin->db->num_rows($result) > 0)
+ {
+ $row = $vbulletin->db->fetch_array($result);
+ if ($row['usergroupid'] != $CS_process_usergroup)
+ print_cp_message('<b>Error:</b> user is not in valid usergroup', 'user.php', 3);
+ if (empty(trim($row['homepage'])))
+ print_cp_message('<b>Error:</b> user has no homepage set', 'user.php', 3);
+ else
+ {
+ if (!empty($row['birthday']))
+ {
+ try {
+ $tz = new DateTimeZone('UTC');
+ $row['birthday'] .= ' ('.DateTime::createFromFormat('m-d-Y', $row['birthday'], $tz)->diff(new DateTime('now', $tz))->y.'yo)';
+ } catch (Exception $e) {
+ }
+ }
+ $row['country'] = geoip_country_code_by_name($row['ipaddress']).' ('.geoip_country_name_by_name($row['ipaddress']).')';
+ $row['hostname'] = gethostbyaddr($row['ipaddress']);
+ $p = explode('.', $row['ipaddress']);
+ $result = dns_get_record($p[3].'.'.$p[2].'.'.$p[1].'.'.$p[0].'.origin.asn.cymru.com', DNS_TXT);
+ if (is_array($result) && (count($result) > 0))
+ {
+ $p = preg_split('/[\s]+/', $result[0]['txt']);
+ $asn = intval($p[0]);
+ $row['network'] = 'AS'.$asn;
+ $result = dns_get_record('AS'.$asn.'.asn.cymru.com', DNS_TXT);
+ if (is_array($result) && (count($result) > 0))
+ {
+ $p = explode('|', $result[0]['txt']);
+ $row['network'] .= ' - '.trim($p[4]);
+ }
+ }
+ $data = array();
+ $data[] = 'IP address: '.$row['ipaddress'];
+ $data[] = 'Username: '.$row['username'];
+ $data[] = 'Email: '.$row['email'];
+ $evidence = array();
+ $evidence[] = '*** Suspected profile spammer - manually submitted to StopForumSpam through vBulletin Admin CP *** ';
+ $evidence[] = '';
+ $evidence[] = 'Homepage: '.$row['homepage'];
+ $evidence[] = '';
+ if (!empty($row['signature']))
+ {
+ $evidence[] = 'Signature: '.str_replace("\n", "\n ", $row['signature']);
+ $evidence[] = '';
+ }
+ $evidence[] = 'Country: '.$row['country'];
+ $evidence[] = 'Hostname: '.$row['hostname'];
+ if (isset($row['network']))
+ $evidence[] = 'Network: '.$row['network'];
+ if (!empty($row['biography']) || !empty($row['interests']))
+ {
+ $evidence[] = '';
+ $evidence[] = 'Birthday: '.$row['birthday'];
+ $evidence[] = 'Biography: '.str_replace("\n", "\n ", $row['biography']);
+ $evidence[] = 'Location: '.$row['location'];
+ $evidence[] = 'Interests: '.$row['interests'];
+ $evidence[] = 'Occupation: '.$row['occupation'];
+ $evidence[] = 'Gender: '.$row['gender'];
+ $evidence[] = '';
+ $evidence[] = '(profile fields provided to illustrate likelihood user is a spambot)';
+ }
+ $fields = array();
+ $fields['userid'] = $row['userid'];
+ $fields['ipaddress'] = $row['ipaddress'];
+ $fields['username'] = $row['username'];
+ $fields['email'] = $row['email'];
+ $fields['evidence'] = implode("\n", $evidence);
+ print_confirmation('Are you sure you want to report user as a profile spammer? The following evidence will be provided to <b>StopForumSpam</b>: <pre>'.implode("\n", $data)."\n\n".implode("\n", $evidence).'</pre>', 'checkspam', 'submit', $fields);
+ }
+ }
+ else
+ print_cp_message('<b>Error:</b> user not found', 'user.php', 3);
+}
+elseif (isset($_REQUEST['do']) && ($_REQUEST['do'] == 'submit'))
+{
+ $fields = array();
+ $fields['username'] = utf8_encode($_REQUEST['username']);
+ $fields['ip_addr'] = utf8_encode($_REQUEST['ipaddress']);
+ $fields['email'] = utf8_encode($_REQUEST['email']);
+ $fields['api_key'] = utf8_encode($CS_stopforumspan_apikey);
+ $fields['evidence'] = utf8_encode($_REQUEST['evidence']);
+ $postfields = http_build_query($fields);
+ $c = curl_init();
+ curl_setopt($c, CURLOPT_URL, 'https://www.stopforumspam.com/add.php');
+ curl_setopt($c, CURLOPT_POST, 1);
+ curl_setopt($c, CURLOPT_POSTFIELDS, $postfields);
+ curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($c, CURLOPT_SSL_VERIFYHOST, false);
+ curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
+ $result = curl_exec ($c);
+ curl_close ($c);
+ if (stristr($result,'success') === false)
+ exit($result);
+ print_cp_redirect("user.php?" . $vbulletin->session->vars['sessionurl'] . "do=remove&u=" . intval($_REQUEST['userid']), 1);
+}
+
+print_cp_footer();
No newline at end of file