<?php
/*
Script Name: Simple PHP http:BL implementation
Script URI: http://planetozh.com/blog/my-projects/honey-pot-httpbl-simple-php-script/
Description: Simple script to check an IP against Project Honey Pot's database and let only legitimate users access your script
Author: Ozh
Version: 1.0
Author URI: http://planetozh.com/
*/

/*** EDIT LINE 22 WITH YOUR OWN HTTP:BL ACCESS KEY ! ***/

if ($_COOKIE['notabot']) {
    ozh_httpbl_logme(false,    $_SERVER['REMOTE_ADDR']);
} else {
    ozh_httpbl_check();
}


function ozh_httpbl_check() {    
    // your http:BL key 
    $apikey = 'abcdefghijkl';
    
    // IP to test
    $ip = $_SERVER['REMOTE_ADDR'];
    
    // build the lookup DNS query
    // Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
    $lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';
    
    // check query response
    $result = explode( '.', gethostbyname($lookup));
    
    if ($result[0] == 127) {
        // query successful !
        $activity = $result[1];
        $threat = $result[2];
        $type = $result[3];
        
        if ($type & 0) $typemeaning .= 'Search Engine, ';
        if ($type & 1) $typemeaning .= 'Suspicious, ';
        if ($type & 2) $typemeaning .= 'Harvester, ';
        if ($type & 4) $typemeaning .= 'Comment Spammer, ';
        $typemeaning = trim($typemeaning,', ');
        
        // echo "$type : $typemeaning of level $threat ";
        
        // Now determine some blocking policy
        if (
        ($type >= 4 && $threat > 0) // Comment spammer with any threat level
            ||
        ($type < 4 && $threat > 20) // Other types, with threat level greater than 20
        ) {
            $block = true;
        }
        
        if ($block) {
            ozh_httpbl_logme($block,$ip,$type,$threat,$activity);
            ozh_httpbl_blockme();
            die();
        }
    
    }
}


function ozh_httpbl_logme($block = false, $ip='', $type='',$threat='',$activity='') {
    $log = fopen('./block.log','a');
    $stamp = date('Y-m-d :: H-i-s');
    
    // Some stuff you could log for further analysis
    $page = $_SERVER['REQUEST_URI'];
    $ua = $_SERVER["HTTP_USER_AGENT"];
        
    if ($block) {
        fputs($log,"$stamp :: BLOCKED $ip :: $type :: $threat :: $activity :: $page :: $ua\n");
    } else {
        fputs($log,"$stamp :: UNBLCKD $ip :: $page :: $ua\n");
    }
    fclose($log);
}


function ozh_httpbl_blockme() {
    header('HTTP/1.0 403 Forbidden');
    echo <<<HTML
    <script type="text/javascript">
    function setcookie( name, value, expires, path, domain, secure ) {
        // set time, it's in milliseconds
        var today = new Date();
        today.setTime( today.getTime() );
    
        if ( expires ) {
            expires = expires * 1000 * 60 * 60 * 24;
        }
        var expires_date = new Date( today.getTime() + (expires) );
    
        document.cookie = name + "=" +escape( value ) +
        ( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) + 
        ( ( path ) ? ";path=" + path : "" ) + 
        ( ( domain ) ? ";domain=" + domain : "" ) +
        ( ( secure ) ? ";secure" : "" );
    }    
    function letmein() {
        setcookie('notabot','true',1,'/', '', '');
        location.reload(true);
    }
    </script>
    <h1>Forbidden</h1>
    <p>Sorry. You are using a suspicious IP.</p>
    <p>If you <strong>ARE NOT</strong> a bot of any kind, please <a href="javascript:letmein()">click here</a> to access the page. Sorry for this !</p>
    <p>Otherwise, please have fun with <a href="http://planetozh.com/smelly.php">this page</a></p>
HTML;
}


?>