0

phpBB3: hook_cf_country_admin

phpbb01_k0nsl

Can somebody please try this, and leave a comment if it works? I have not tested it

2

WordPress: CloudFlare-Country-Login

cloudflare01_k0nsl

This snippet allows us to tap into the CF_IPCountry [1] header and determine if this country is allowed to login. We put allowed countries into the array situated in the cf_country_login() function.
Put this snippet into your theme’s functions.php and you’re all done, but don’t forget to first edit $urel and the default array of allowed countries.

<?php
// Allow only logins from specified countries (requires CloudFlare IP Geolocation to be enabled)
add_action( 'wp_authenticate', 'cf_country_login', 1);
function cf_country_login()
{
  if ( !isset($_SERVER["HTTP_CF_IPCOUNTRY"]) )
  	return;

	if ( !in_array($_SERVER["HTTP_CF_IPCOUNTRY"], array('DK')) )
	{
                $urel = 'http://k0nsl.org';
                echo 'Sorry, but you cannot login at this time.';
                header("Refresh: 5; url='.$urlel.'");
		exit;
	}
}
?>

Available also @ GitHub:
https://github.com/k0nsl/k0nsl-misc/blob/master/CloudFlare-Country-Login

Notes

1. What does CloudFlare IP Geolocation do?

1

phpBB3: k0nsl URL Shortener

phpbb01_k0nsl

I needed a simple way to shorten URLs for a client, when using phpBB3, so I looked at already available modifications and found this relatively old modification written by trkodlama. So I forked it, did some minor changes to it, but nothing major — yet.
phpbb01_k0nsl
His/her modification can be found here:
[RC] Togl URL Shortener

Now for getting this to work (oh, and by the way; it uses “knsl.net” by default, but one can easily modify it):

Open ./includes/functions.php

Add this function at the very end of the file just before the PHP closing tag:

/* MOD: k0nsl Start */
function curl_get_url($url) {
    $ch = curl_init();
    $timeout = 5;
    curl_setopt($ch,CURLOPT_URL,$url);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
    curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout);
    $data = curl_exec($ch);
    curl_close($ch);
    return $data;
}
/* MOD: k0nsl End */

Open ./includes/message_parser.php and find:

			// Is this a link to somewhere inside this board? If so then remove the session id from the url
			if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false)
			{
				$url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}&amp;/', '\1', $url);
				$url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}$/', '', $url);
				$url = append_sid($url);
         }

(should be around line 984 or something like that)

Add this on a new line after the curly bracket:

         /* MOD: k0nsl Start */
				else if (strpos($url, "YOUR-DOMAIN-HERE")===FALSE && strpos($url, "knsl.net")===FALSE && strpos($url, "knsl.org")===FALSE)
				{
				do{
					$knsl_api=""; // If you have an api code, please enter
                    $url=urlencode($url);
					if(trim($knsl_api)==""){
						$url = @curl_get_url("http://knsl.net/api.php?url=".$url);
					}
					else{
						$url = @curl_get_url("http://knsl.net/api.php?url=".$knsl_api."&url=".$url);
					}
				}while(!$url);
				if($url=="Please provide a valid URL."){
                    $url=generate_board_url();
                }
			}
		   /* MOD: k0nsl End */

Open ./includes/functions_content.php and find:

$url	= htmlspecialchars($url);

(should be on line 626, or close to that)

Add this code below (on a new line):

         /* MOD: k0nsl Start */
				if (strpos($url, "YOUR-DOMAIN-HERE")===FALSE && strpos($url, "knsl.net")===FALSE && strpos($url, "knsl.org")===FALSE)
				{
				do{
					$knsl_api=""; // If you have an api code, please enter
                    $url=urlencode($url);
					if(trim($knsl_api)==""){
						$url = @curl_get_url("http://knsl.net/api.php?url=".$url);
					}
					else{
						$url = @curl_get_url("http://knsl.net/api.php?url=".$knsl_api."&url=".$url);
					}
				}while(!$url);
				if($url=="Please provide a valid URL."){
                    $url=generate_board_url();
                }
			}
         /* MOD: k0nsl End */

That’s all. I’m going to trim it down a bit later on.

2

phpBB Incapsula hook

Incapsula01_k0nsl

Somebody called Yoav1987 on the Incapsula support forums asked me about integrating phpBB3 with Incapsula, so I quickly wrapped up the following hook for him. All in seven minutes, including creating the repo and pushing the commits

phpbb3-incapsula-integration01_k0nsl

 
hook_incapsula.php

<?php
/**
 * Copyright (C) 2013 by k0nsl (http://k0nsl.org/blog)
*/

/**
 * @ignore
 */
if (!defined('IN_PHPBB'))
{
   exit;
}

define('HEADER_NAME','HTTP_INCAP_CLIENT_IP');

/**
 * Our one and only hook
 */
function hook_incapsula(&$hook)
{
try {

	//stop process if there is no header
	if (empty($_SERVER[HEADER_NAME])) throw new Exception('No header defined', 1);

	//validate header value
	if (function_exists('filter_var')) {
		$ip = filter_var($_SERVER[HEADER_NAME], FILTER_VALIDATE_IP);
		if (false === $ip) throw new Exception('The value is not a valid IP address', 2);
	}
	else {
		$ip = trim($_SERVER[HEADER_NAME]);
		if (false === preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $ip)) throw new Exception('The value is not a valid IP address', 2);
	}

	//At this point the initial IP value is exist and validated
	$_SERVER['REMOTE_ADDR'] = $ip;
} catch (Exception $e) {}
}

/**
 * Initialize our hook
 */

$phpbb_hook->register(array('template', 'display'), 'hook_incapsula');

Also located at GitHub for convenience:
https://github.com/k0nsl/phpbb3-incapsula-hook

1

phpBB Stop Forum Spam

phpbb01_k0nsl

I had very little to-do so I crafted a basic, simple hook for phpBB3 which queries the API of StopForumSpam and checks if the IP address is located there, if the result is possitive, a message is displayed and the application exits. Simple, yet effective.

Credit to Maurice Randall for base of the code; I merely wrapped it together, did some minor changes, and wrote the hook for it.

 

 

It’s also available here:
https://github.com/k0nsl/phpBB-SFS-hook

Update
  • replaced file_get_contents with cURL.

  • 0

    PHP: Trim away ?ver= from WordPress header

     /* remove version from css and js for proper caching */
     function _remove_script_version( $src ){
     $parts = explode( '?', $src );
     return $parts[0];
     }
     add_filter( 'script_loader_src', '_remove_script_version', 15, 1 );