dépôts
/
ptitvelo
/
web
/
www.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
[SPIP] ~version 3.0.7-->3.0.10
[ptitvelo/web/www.git]
/
www
/
config
/
ecran_securite.php
diff --git
a/www/config/ecran_securite.php
b/www/config/ecran_securite.php
index
51e48df
..
63ee299
100644
(file)
--- a/
www/config/ecran_securite.php
+++ b/
www/config/ecran_securite.php
@@
-5,7
+5,7
@@
* ------------------
*/
* ------------------
*/
-define('_ECRAN_SECURITE', '1.1.
5'); // 8 mars
2013
+define('_ECRAN_SECURITE', '1.1.
7'); // 24 mai
2013
/*
* Documentation : http://www.spip.net/fr_article4200.html
/*
* Documentation : http://www.spip.net/fr_article4200.html
@@
-23,8
+23,12
@@
if (isset($_GET['test_ecran_securite']))
if (!defined('_IS_BOT'))
define('_IS_BOT',
isset($_SERVER['HTTP_USER_AGENT'])
if (!defined('_IS_BOT'))
define('_IS_BOT',
isset($_SERVER['HTTP_USER_AGENT'])
- AND preg_match(',bot|slurp|crawler|spider|webvac|yandex|INA dlweb|EC2LinkFinder|80legs,i',
- (string) $_SERVER['HTTP_USER_AGENT'])
+ AND preg_match(
+ // mots generiques
+ ',bot|slurp|crawler|spider|webvac|yandex|'
+ // UA plus cibles
+ . '80legs|accoona|AltaVista|ASPSeek|Baidu|Charlotte|EC2LinkFinder|eStyle|Google|INA dlweb|Java VM|LiteFinder|Lycos|Rambler|Scooter|ScrubbyBloglines|Yahoo|Yeti'
+ . ',i',(string) $_SERVER['HTTP_USER_AGENT'])
);
/*
);
/*
@@
-66,6
+70,14
@@
if (preg_match(',^(.*/)?spip_acces_doc\.,', (string)$_SERVER['REQUEST_URI'])) {
$file = addslashes((string)$_GET['file']);
}
$file = addslashes((string)$_GET['file']);
}
+/*
+ * Pas d'inscription abusive
+ */
+if (isset($_REQUEST['mode']) AND isset($_REQUEST['page'])
+AND !in_array($_REQUEST['mode'],array("6forum","1comite"))
+AND $_REQUEST['page'] == "identifiants")
+ $ecran_securite_raison = "identifiants";
+
/*
* Agenda joue à l'injection php
*/
/*
* Agenda joue à l'injection php
*/
@@
-304,4
+316,4
@@
if (
}
}
-?>
+?>
\ No newline at end of file