$conditions = new PreparedStatementConditionBuilder(true, 'OR');
if (BLACKLIST_SFS_USERNAME) {
- $conditions->add('(type = ? AND hash = ?)', ['username', hash('sha256', $username)]);
+ $conditions->add('(type = ? AND hash = ?)', ['username', self::getHash($username)]);
}
if (BLACKLIST_SFS_EMAIL_ADDRESS) {
- $conditions->add('(type = ? AND hash = ?)', ['email', hash('sha256', $email)]);
+ $conditions->add('(type = ? AND hash = ?)', ['email', self::getHash($email)]);
}
if (BLACKLIST_SFS_IP_ADDRESS) {
UserUtil::convertIPv6To4($ipAddress);
if ($ipAddress) {
if (filter_var($ipAddress, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false) {
- $conditions->add('(type = ? AND hash = ?)', ['ipv4', hash('sha256', $ipAddress)]);
+ $conditions->add('(type = ? AND hash = ?)', ['ipv4', self::getHash($ipAddress)]);
}
else {
$parts = explode(':', $ipAddress);
// StopForumSpam uses the first two to four segments of an IPv6 address.
- $ipv6TwoParts = hash('sha256', "{$parts[0]}:{$parts[1]}::");
- $ipv6ThreeParts = hash('sha256', "{$parts[0]}:{$parts[1]}:{$parts[2]}::");
- $ipv6FourParts = hash('sha256', "{$parts[0]}:{$parts[1]}:{$parts[2]}:{$parts[3]}::");
+ $ipv6TwoParts = self::getHash("{$parts[0]}:{$parts[1]}::");
+ $ipv6ThreeParts = self::getHash("{$parts[0]}:{$parts[1]}:{$parts[2]}::");
+ $ipv6FourParts = self::getHash("{$parts[0]}:{$parts[1]}:{$parts[2]}:{$parts[3]}::");
$conditions->add('(type = ? AND hash IN (?))', ['ipv6', [$ipv6TwoParts, $ipv6ThreeParts, $ipv6FourParts]]);
}
return false;
}
+ protected static function getHash($string) {
+ return hex2bin(hash('sha256', $string));
+ }
+
protected static function isMatch($type, $occurrences) {
$setting = [
'email' => BLACKLIST_SFS_EMAIL_ADDRESS,
DROP TABLE IF EXISTS wcf1_blacklist_entry;
CREATE TABLE wcf1_blacklist_entry (
type ENUM('email', 'ipv4','ipv6','username'),
- hash CHAR(64),
+ hash BINARY(32),
lastSeen DATETIME NOT NULL,
occurrences SMALLINT(5) NOT NULL,
- UNIQUE KEY entry (type, hash)
+ UNIQUE KEY entry (type, hash),
+ KEY numberOfReports (type, occurrences)
);
DROP TABLE IF EXISTS wcf1_box;