Added an option for blocking registration by client IP blacklist look…

…ups.

README.md

@@ -7,11 +7,12 @@ This plugin was originally created by [Amiya Sahu][1].
 ## Features
 
 * Block some user names from being registerd on the site (e.g. xxx, owner, spammer, virus, ...).
-* Block undesired email domains (e.g. example.org, foo.example.com, ...) and/or all of their subdomains (e.g. .example.org, .foo.example.com, ...). Note that .foo.example.com (with a leading dot) blocks all subdomains of foo.example.com (like bar.foo.example.com and some.other.sub.foo.example.com), but not foo.example.com itself, whereas foo.example.com (without a leading dot) blocks only the domain itself, but none of its subdomains.  
+* Block undesired email domains (e.g. example.org, foo.example.com, ...) and/or all of their subdomains (e.g. .example.org, .foo.example.com, ...). Note that .foo.example.com (with a leading dot) blocks all subdomains of foo.example.com (like bar.foo.example.com and some.other.sub.foo.example.com), but not foo.example.com itself, whereas foo.example.com (without a leading dot) blocks only the domain itself, but none of its subdomains.
   Note that this list is limited to 12000 characters. If you're hitting that limit (which I did) you may want to consider using a URI (DNS) blacklist (see below) for regular domain blocking and leave only subdomain blocking entries in this list.
 * Domain blocking can be configured for either blacklist mode (allow all domains/subdomains except the ones listed) or whitelist mode (allow only listed domains/subdomains). Default is blacklist mode.
 * Block undesired email addresses by regular expression match (e.g. Gmail addresses with more than 3 dots in their localpart: `(\..*){4,}@gmail\.com$`).
 * Block undesired email addresses by URI blacklist lookup (e.g. black.uribl.com). If you're familiar with operating a DNS server I recommend running your own URI blacklist. If you're using a third party service it's recommended to have the local DNS resolver on your Q2A server cache lookup results, so that the blacklist service doesn't get flooded.
+* Block registration from undesired client IP addresses by IP blacklist lookup (e.g. bl.blocklist.de). If you're familiar with operating a DNS server I recommend running your own blacklist. If you're using a third party service it's recommended to have the local DNS resolver on your Q2A server cache lookup results, so that the blacklist service doesn't get flooded.
 * Prevent users from changing their email address.
 * prevent users from changing their username.
 

ip-check.php

@@ -0,0 +1,43 @@
+<?php
+/*
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  More about this license: http://www.question2answer.org/license.php
+*/
+
+// don't allow this page to be requested directly from browser
+if (!defined('QA_VERSION')) {
+  header('Location: ../../');
+  exit;
+}
+
+/*
+override qa_is_ip_blocked() to include IP RBL checks
+
+NOTE: This check runs with relatively high frequency, so make sure DNS queries
+			go either against a caching resolver (to take the load off remote RBL
+			servers) or against a locally hosted RBL.
+*/
+function qa_is_ip_blocked() {
+  $qas_ubl_ip_is_blocked = qa_is_ip_blocked_base();
+  if (!$qas_ubl_ip_is_blocked) {
+  	$client_ip   = qa_remote_ip_address();
+  	$ip_reversed = implode('.', array_reverse(explode('.', $client_ip)));
+    $ipbl        = array_filter(explode("\n", qa_opt(qas_ubl_opt::IPBL)), function($val) {return !is_null($val) and $val != '';});
+    foreach ($ipbl as $bl) {
+      if (preg_match('/^127\.0\.0\.[0-9]+$/', gethostbyname("${ip_reversed}.${bl}"))) {
+        $qas_ubl_ip_is_blocked = true;
+				break;
+      }
+    }
+	}
+	return $qas_ubl_ip_is_blocked;
+}

metadata.json

@@ -1,7 +1,7 @@
 {
 	"name": "Registration Blocker",
 	"description": "Blocks registration for provided usernames and email domains.",
-	"version": "1.6.0",
+	"version": "1.8.0",
 	"date": "2020-10-01",
 	"author": "Amiya Sahu",
 	"author": "Ansgar Wiechers",

qa-plugin.php

@@ -26,4 +26,5 @@
 require_once QAS_U_BLOCKER_PLUGIN_DIR . '/qa-registration-blocker-options.php';
 
 qa_register_plugin_module('filter', 'qa-registration-blocker.php', 'qas_registration_blocker', 'QA Registration Blocker');
+qa_register_plugin_overrides('ip-check.php');
 qa_register_plugin_phrases('qa-registration-blocker-lang-*.php', 'qas_regb');

qa-registration-blocker-lang-default.php

@@ -41,4 +41,6 @@
   'not_allowed_to_change_username' => 'You are not allowed to change your username',
   'uribl'                          => 'URI Blacklists',
   'uribl_note'                     => 'Validate e-mail domain against these URI blacklists (eg black.uribl.com, one per line)',
+  'ipbl'                           => 'IP Blacklists',
+  'ipbl_note'                      => 'Validate client IP address against these IP blacklists (eg bl.blocklist.de, one per line)',
 );

qa-registration-blocker-options.php

@@ -34,6 +34,7 @@ class qas_ubl_opt {
   const BANNED_EMAIL_REGEX          = 'qas_ubl_banned_email_regex';
   const WHITELIST_MODE              = 'qas_ubl_whitelist_mode';
   const URIBL                       = 'qas_ubl_uribl';
+  const IPBL                        = 'qas_ubl_ipbl';
   const DONT_ALLOW_TO_CHANGE_EMAIL  = 'qas_ubl_dont_allow_ch_email';
   const DONT_ALLOW_TO_CHANGE_HANDLE = 'qas_ubl_dont_allow_ch_handle';
 }

qa-registration-blocker.php

@@ -41,6 +41,7 @@ public function admin_form(&$qa_content) {
       qa_opt(qas_ubl_opt::BANNED_EMAIL_ADDRESSES, qa_post_text(qas_ubl_opt::BANNED_EMAIL_ADDRESSES));
       qa_opt(qas_ubl_opt::BANNED_EMAIL_REGEX, qa_post_text(qas_ubl_opt::BANNED_EMAIL_REGEX));
       qa_opt(qas_ubl_opt::URIBL, qa_post_text(qas_ubl_opt::URIBL));
+      qa_opt(qas_ubl_opt::IPBL, qa_post_text(qas_ubl_opt::IPBL));
       qa_opt(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL, (int) qa_post_text(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL));
       qa_opt(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE, (int) qa_post_text(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE));
       $saved = true;
@@ -53,6 +54,7 @@ public function admin_form(&$qa_content) {
       qas_ubl_opt::BANNED_EMAIL_ADDRESSES      => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::BANNED_EMAIL_REGEX          => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::URIBL                       => qas_ubl_opt::PLUGIN_ACTIVE,
+      qas_ubl_opt::IPBL                        => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL  => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE => qas_ubl_opt::PLUGIN_ACTIVE,
     ));
@@ -65,6 +67,7 @@ public function admin_form(&$qa_content) {
       $this->get_banned_email_address_field(),
       $this->get_banned_email_regex_field(),
       $this->get_uribl_field(),
+      $this->get_ipbl_field(),
       $this->get_dont_allow_email_field_change(),
       $this->get_dont_allow_handle_field_change()
     );
@@ -270,6 +273,18 @@ private function get_uribl_field() {
     ));
   }
 
+  private function get_ipbl_field() {
+    return array(array(
+      'id'    => qas_ubl_opt::IPBL,
+      'label' => $this->translate('ipbl'),
+      'note'  => $this->translate('ipbl_note'),
+      'tags'  => 'name="' . qas_ubl_opt::IPBL . '"',
+      'value' => qa_opt(qas_ubl_opt::IPBL),
+      'type'  => 'textarea',
+      'rows'  => 5,
+    ));
+  }
+
   private function ends_with_any($str, $matches) {
     foreach ($matches as $match) {
       $length = strlen($match);