fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-05 09:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

엮인글 주소에 key값을 부여하여 프로프램방식으로 무작위 주소 생성하여 발송하는 것을 원천 차단

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@3280 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
zero 2007-12-10 04:52:03 +00:00
parent f5f0be0135
commit c95a9bd93a
5 changed files with 35 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.htaccess
View file

@ -25,6 +25,9 @@ RewriteRule ^([[:digit:]]+)$ ./index.php?document_srl=$1 [L]
# document + act link
RewriteRule ^([[:digit:]]+)/([a-zA-Z0-9_]+)$ ./index.php?document_srl=$1&act=$2 [L]
# document + key + act link
RewriteRule ^([[:digit:]]+)/([a-zA-Z0-9_]+)/([a-zA-Z0-9_]+)$ ./index.php?document_srl=$1&act=$3&key=$2 [L]
# mid + document link
RewriteRule ^([a-zA-Z0-9_]+)/([[:digit:]]+)$ ./index.php?mid=$1&document_srl=$2 [L]

4
classes/context/Context.class.php
View file

@ -566,7 +566,9 @@
} elseif($var_count == 3) {
asort($var_keys);
$target = implode('.',$var_keys);
if($target=='category.mid.page') {
if($target=='act.document_srl.key') {
return sprintf('%s%s/%s/%s',$this->path,$get_vars['document_srl'],$get_vars['key'],$get_vars['act']);
} elseif($target=='category.mid.page') {
return sprintf('%s%s/category/%s/page/%s',$this->path,$get_vars['mid'],$get_vars['category'],$get_vars['page']);
} elseif($target=='mid.search_keyword.search_target' && $get_vars['search_target']=='tag') {
return sprintf('%s%s/tag/%s',$this->path,$get_vars['mid'],str_replace(' ','-',$get_vars['search_keyword']));

4
modules/document/document.item.php
View file

@ -288,7 +288,9 @@
}
function getTrackbackUrl() {
return getUrl('','document_srl',$this->document_srl,'act','trackback');
// 스팸을 막기 위한 key 생성
$oTrackbackModel = &getModel('trackback');
return $oTrackbackModel->getTrackbackUrl($this->document_srl);
}
function updateReadedCount() {

6
modules/trackback/trackback.controller.php
View file

@ -96,6 +96,12 @@
$obj = Context::gets('document_srl','blog_name','url','title','excerpt');
if(!$obj->document_srl || !$obj->url || !$obj->title || !$obj->excerpt) return $this->stop('fail');
// 올바른 trackback url인지 검사
$given_key = Context::get('key');
$oTrackbackModel = &getModel('trackback');
$key = $oTrackbackModel->getTrackbackKey($obj->document_srl);
if($key != $given_key) return $this->stop('fail');
// 엮인글 모듈의 기본 설정을 받음
$oModuleModel = &getModel('module');
$config = $oModuleModel->getModuleConfig('trackback');

20
modules/trackback/trackback.model.php
View file

@ -111,5 +111,25 @@
$output = executeQuery('trackback.getRegistedTrackback', $obj);
return $output->data->count;
}
/**
* @brief trackback url을 생성하여 return
* trackback url에 key값을 추가함.
**/
function getTrackbackUrl($document_srl) {
return getUrl('','document_srl',$document_srl,'act','trackback','key',$this->getTrackbackKey($document_srl));
}
/**
* @brief 키값을 생성하여 return
* key값은 db 비번 정보 + 10 단위의 시간값을 합쳐서 hash결과를 이용함
* url이 너무 길어져서 1, 10, 20 자리수의 글자 하나씩만을 조합해서 return
**/
function getTrackbackKey($document_srl) {
$time = (int) (time()/(60*10));
$db_info = Context::getDBInfo();
$key = md5($document_srl.$db_info->db_password.$time);
return sprintf("%s%s%s",substr($key,1,1),substr($key,10,1),substr($key,20,1));
}
}
?>