sebastian-fahrenkrog · January 29, 2022 10:29
diff --git a/submit.php b/submit.php
 <?php

 /*
 * @copyright   2014 Mautic Contributors. All rights reserved
 * @author      Mautic
 *
 * @link        http://mautic.org
 *
 * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
 */
 define('MAUTIC_ROOT_DIR', __DIR__);

 // Fix for hosts that do not have date.timezone set, it will be reset based on users settings
 date_default_timezone_set('UTC');

 use Mautic\CoreBundle\ErrorHandler\ErrorHandler;
 use Mautic\Middleware\MiddlewareBuilder;
 use function Stack\run;

 $loader = require_once __DIR__.'/app/autoload.php';

 function isTor() {
    $ipServeur = $_SERVER['SERVER_ADDR'];
    $ipUser = $_SERVER['REMOTE_ADDR'];

    // $output contains the output string
    $output = file_get_contents(__DIR__.'/var/cache/torbulkexitlist');

    $tor = false;
    if(strlen($output) != 0){

        if(strpos($output, $ipUser)){
            $tor = true ;
        }
    }
    return $tor;
 }

 function logRequest($targetFile)
 {
    $headerList = [];
    foreach ($_SERVER as $name => $value) {
        if (preg_match('/^HTTP_/', $name)) {
            // convert HTTP_HEADER_NAME to Header-Name 
            $name = strtr(substr($name, 5), '_', ' ');
            $name = ucwords(strtolower($name));
            $name = strtr($name, ' ', '-');
            $headerList[$name] = $value;
        }
    }
    $data = sprintf("%s %s %s\n", $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $_SERVER['SERVER_PROTOCOL']);
    foreach ($headerList as $name => $value) {
        $data .= $name . ': ' . $value . "\n";
    }
    $data .= "\n";
    file_put_contents($targetFile, $data . file_get_contents('php://input') . "\n". print_r($_REQUEST,true) );
 }

 if( empty($_COOKIE) || isTor() )
 {
 	logRequest(MAUTIC_ROOT_DIR."/logs/spam-post-" . time() . ".log");
 	http_response_code(200);
 	exit();
 } else {
 	logRequest(MAUTIC_ROOT_DIR."/logs/post-" . time() . ".log");
 }

 ErrorHandler::register('prod');

 run((new MiddlewareBuilder(new AppKernel('prod', false)))->resolve());
	<?php

	/*
	* @copyright 2014 Mautic Contributors. All rights reserved
	* @author Mautic
	*
	* @link http://mautic.org
	*
	* @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
	*/
	define('MAUTIC_ROOT_DIR', __DIR__);

	// Fix for hosts that do not have date.timezone set, it will be reset based on users settings
	date_default_timezone_set('UTC');

	use Mautic\CoreBundle\ErrorHandler\ErrorHandler;
	use Mautic\Middleware\MiddlewareBuilder;
	use function Stack\run;

	$loader = require_once __DIR__.'/app/autoload.php';

	function isTor() {
	$ipServeur = $_SERVER['SERVER_ADDR'];
	$ipUser = $_SERVER['REMOTE_ADDR'];

	// $output contains the output string
	$output = file_get_contents(__DIR__.'/var/cache/torbulkexitlist');

	$tor = false;
	if(strlen($output) != 0){

	if(strpos($output, $ipUser)){
	$tor = true ;
	}
	}
	return $tor;
	}

	function logRequest($targetFile)
	{
	$headerList = [];
	foreach ($_SERVER as $name => $value) {
	if (preg_match('/^HTTP_/', $name)) {
	// convert HTTP_HEADER_NAME to Header-Name
	$name = strtr(substr($name, 5), '_', ' ');
	$name = ucwords(strtolower($name));
	$name = strtr($name, ' ', '-');
	$headerList[$name] = $value;
	}
	}
	$data = sprintf("%s %s %s\n", $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'], $_SERVER['SERVER_PROTOCOL']);
	foreach ($headerList as $name => $value) {
	$data .= $name . ': ' . $value . "\n";
	}
	$data .= "\n";
	file_put_contents($targetFile, $data . file_get_contents('php://input') . "\n". print_r($_REQUEST,true) );
	}

	if( empty($_COOKIE) \|\| isTor() )
	{
	logRequest(MAUTIC_ROOT_DIR."/logs/spam-post-" . time() . ".log");
	http_response_code(200);
	exit();
	} else {
	logRequest(MAUTIC_ROOT_DIR."/logs/post-" . time() . ".log");
	}

	ErrorHandler::register('prod');

	run((new MiddlewareBuilder(new AppKernel('prod', false)))->resolve());