Lanmikeman/openvk
Lanmikeman/openvk
1
1
Fork 0
mirror of https://github.com/openvk/openvk synced 2025-07-07 00:09:48 +03:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: Lanmikeman:36b882589184ed90b9498f1032b2a8e36f103b7f
Branches Tags
Lanmikeman:master
Lanmikeman:phpstan-lvl-1
Lanmikeman:midnight-fixes
Lanmikeman:fix-links
Lanmikeman:plural-locale
Lanmikeman:revert-1125-patch-7
Lanmikeman:sbtlocalization
Lanmikeman:lrc-format
Lanmikeman:ignored-sources
Lanmikeman:reject-request
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/node-fetch-and-react-and-react-dom--removed
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/babel/traverse-7.23.5
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/ua-parser-js-0.7.37
Lanmikeman:posts-edit
Lanmikeman:likes-reposts-counters
Lanmikeman:ajax-navigation
Lanmikeman:logs-del-content
Lanmikeman:logs
Lanmikeman:service-account-notifies
Lanmikeman:geotag
Lanmikeman:tickets-from-support-agents
Lanmikeman:notes-images-proxy
Lanmikeman:geodb
Lanmikeman:cfg-editor
Lanmikeman:translation
Lanmikeman:support-templates
Lanmikeman:faq-in-helpdesk
Lanmikeman:anon-comments
Lanmikeman:tretdm-patch-1
Lanmikeman:links
Lanmikeman:tanathon30
Lanmikeman:other-gender-options
Lanmikeman:polls
Lanmikeman:post-closure
Lanmikeman:REL_PP-4
Lanmikeman:seo
Lanmikeman:celestora-patch-2
Lanmikeman:celestora-patch-1
Lanmikeman:similartovk
Lanmikeman:fediverse
Lanmikeman:REL_PP-3
Lanmikeman:wikipages
Lanmikeman:group-contacts-archived
Lanmikeman:REL_PP-1
Lanmikeman:REL_PP-0
Lanmikeman:public_preview_4
Lanmikeman:public_preview_3
Lanmikeman:public_preview_2
Lanmikeman:public_preview_1
...
compare: Lanmikeman:332c986ece3bf6f00d5243e4fa0895f31a06e9a7
Branches Tags
Lanmikeman:master
Lanmikeman:phpstan-lvl-1
Lanmikeman:midnight-fixes
Lanmikeman:fix-links
Lanmikeman:plural-locale
Lanmikeman:revert-1125-patch-7
Lanmikeman:sbtlocalization
Lanmikeman:lrc-format
Lanmikeman:ignored-sources
Lanmikeman:reject-request
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/node-fetch-and-react-and-react-dom--removed
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/babel/traverse-7.23.5
Lanmikeman:dependabot/npm_and_yarn/Web/static/js/ua-parser-js-0.7.37
Lanmikeman:posts-edit
Lanmikeman:likes-reposts-counters
Lanmikeman:ajax-navigation
Lanmikeman:logs-del-content
Lanmikeman:logs
Lanmikeman:service-account-notifies
Lanmikeman:geotag
Lanmikeman:tickets-from-support-agents
Lanmikeman:notes-images-proxy
Lanmikeman:geodb
Lanmikeman:cfg-editor
Lanmikeman:translation
Lanmikeman:support-templates
Lanmikeman:faq-in-helpdesk
Lanmikeman:anon-comments
Lanmikeman:tretdm-patch-1
Lanmikeman:links
Lanmikeman:tanathon30
Lanmikeman:other-gender-options
Lanmikeman:polls
Lanmikeman:post-closure
Lanmikeman:REL_PP-4
Lanmikeman:seo
Lanmikeman:celestora-patch-2
Lanmikeman:celestora-patch-1
Lanmikeman:similartovk
Lanmikeman:fediverse
Lanmikeman:REL_PP-3
Lanmikeman:wikipages
Lanmikeman:group-contacts-archived
Lanmikeman:REL_PP-1
Lanmikeman:REL_PP-0
Lanmikeman:public_preview_4
Lanmikeman:public_preview_3
Lanmikeman:public_preview_2
Lanmikeman:public_preview_1

5 commits
36b8825891 ... 332c986ece

Author SHA1 Message Date
koke228666
332c986ece
Merge 60ed57a7f6 into c8a97f8b8d 2025-07-05 16:18:32 +03:00
ZAZiOs
c8a97f8b8d
fix(API): users bdate field, can edit/delete comments (#1359) 
И парочка фиксов или фич которые позволяют работать OpenVK Native так
как надо.

1. add openvk native support - Просто добавил определение натива как
android/ios клиент
2. Добавил /.well-known/assetlinks.json - По этому адресу автоматически
стучится андроид чтобы проверить что приложению можно открывать ссылки с
этого адреса по умолчанию.
3. Добавил поле bdate в users
4. Добавил инфу о том может ли редачить или удалять комментарий
пользователь.
 2025-06-29 17:12:55 +03:00
mr❤️🤢
93b1202a13
feat(rate_limits) (#1353) 
Добавляет возможность ограничить такие действия как отправка подарка,
заявка в друзья, джойн в группу, создание группы на время, чтобы можно
было создать только 5 групп за день итд. Находится в ветке конфига
preferences>security>rateLimits>eventsLimit. На момент написания этого
текста регулирование постинга и отправки заявки в друзья не было
продублировано в презентеры, мб так и оставить.
 2025-06-29 17:11:33 +03:00
koke228666
60ed57a7f6 поправил табы 2025-05-22 12:47:40 +03:00
koke228666
cafd8d2718 make creating avatar better 2025-05-22 12:47:40 +03:00
27 changed files with 296 additions and 20 deletions
Show stats Expand all files Collapse all files

4
VKAPI/Handlers/Friends.php
View file

@ -98,6 +98,10 @@ final class Friends extends VKAPIRequestHandler
switch ($user->getSubscriptionStatus($this->getUser())) { switch ($user->getSubscriptionStatus($this->getUser())) {
case 0: case 0:
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->getUser(), "friends.outgoing_sub")) {
$this->failTooOften();
}
$user->toggleSubscription($this->getUser()); $user->toggleSubscription($this->getUser());
return 1; return 1;

4
VKAPI/Handlers/Gifts.php
View file

@ -61,6 +61,10 @@ final class Gifts extends VKAPIRequestHandler
$this->fail(-105, "Commerce is disabled on this instance"); $this->fail(-105, "Commerce is disabled on this instance");
} }
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->getUser(), "gifts.send", false)) {
$this->failTooOften();
}
$user = (new UsersRepo())->get((int) $user_ids); # FAKE прогноз погоды (в данном случае user_ids) $user = (new UsersRepo())->get((int) $user_ids); # FAKE прогноз погоды (в данном случае user_ids)
if (!$user || $user->isDeleted()) { if (!$user || $user->isDeleted()) {

4
VKAPI/Handlers/Groups.php
View file

@ -312,6 +312,10 @@ final class Groups extends VKAPIRequestHandler
$isMember = !is_null($this->getUser()) ? (int) $club->getSubscriptionStatus($this->getUser()) : 0; $isMember = !is_null($this->getUser()) ? (int) $club->getSubscriptionStatus($this->getUser()) : 0;
if ($isMember == 0) { if ($isMember == 0) {
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->getUser(), "groups.sub")) {
$this->failTooOften();
}
$club->toggleSubscription($this->getUser()); $club->toggleSubscription($this->getUser());
} }

26
VKAPI/Handlers/Users.php
View file

@ -317,6 +317,32 @@ final class Users extends VKAPIRequestHandler
$response[$i]->custom_fields = $append_array; $response[$i]->custom_fields = $append_array;
break; break;
case "bdate":
if (!$canView) {
$response[$i]->bdate = "01.01.1970";
break;
}
$visibility = $usr->getBirthdayPrivacy();
$response[$i]->bdate_visibility = $visibility;
$birthday = $usr->getBirthday();
if ($birthday) {
switch ($visibility) {
case 1:
$response[$i]->bdate = $birthday->format('%d.%m');
break;
case 2:
$response[$i]->bdate = $birthday->format('%d.%m.%Y');
break;
case 0:
default:
$response[$i]->bdate = null;
break;
}
} else {
$response[$i]->bdate = null;
}
break;
} }
} }

5
VKAPI/Handlers/VKAPIRequestHandler.php
View file

@ -25,6 +25,11 @@ abstract class VKAPIRequestHandler
throw new APIErrorException($message, $code); throw new APIErrorException($message, $code);
} }
protected function failTooOften(): never
{
$this->fail(9, "Rate limited");
}
protected function getUser(): ?User protected function getUser(): ?User
{ {
return $this->user; return $this->user;

8
VKAPI/Handlers/Wall.php
View file

@ -713,6 +713,10 @@ final class Wall extends VKAPIRequestHandler
$post->setSuggested(1); $post->setSuggested(1);
} }
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->getUser(), "wall.post")) {
$this->failTooOften();
}
$post->save(); $post->save();
} catch (\LogicException $ex) { } catch (\LogicException $ex) {
$this->fail(100, "One of the parameters specified was missing or invalid"); $this->fail(100, "One of the parameters specified was missing or invalid");
@ -723,7 +727,7 @@ final class Wall extends VKAPIRequestHandler
} }
if ($owner_id > 0 && $owner_id !== $this->getUser()->getId()) { if ($owner_id > 0 && $owner_id !== $this->getUser()->getId()) {
(new WallPostNotification($wallOwner, $post, $this->user->identity))->emit(); (new WallPostNotification($wallOwner, $post, $this->getUser()))->emit();
} }
return (object) ["post_id" => $post->getVirtualId()]; return (object) ["post_id" => $post->getVirtualId()];
@ -873,6 +877,8 @@ final class Wall extends VKAPIRequestHandler
"id" => $comment->getId(), "id" => $comment->getId(),
"from_id" => $oid, "from_id" => $oid,
"date" => $comment->getPublicationTime()->timestamp(), "date" => $comment->getPublicationTime()->timestamp(),
"can_edit" => $post->canBeEditedBy($this->getUser()),
"can_delete" => $post->canBeDeletedBy($this->getUser()),
"text" => $comment->getText(false), "text" => $comment->getText(false),
"post_id" => $post->getVirtualId(), "post_id" => $post->getVirtualId(),
"owner_id" => method_exists($post, 'isPostedOnBehalfOfGroup') && $post->isPostedOnBehalfOfGroup() ? $post->getOwner()->getId() * -1 : $post->getOwner()->getId(), "owner_id" => method_exists($post, 'isPostedOnBehalfOfGroup') && $post->isPostedOnBehalfOfGroup() ? $post->getOwner()->getId() * -1 : $post->getOwner()->getId(),

2
Web/Models/Entities/Post.php
View file

@ -176,11 +176,13 @@ class Post extends Postable
$platform = $this->getRecord()->api_source_name; $platform = $this->getRecord()->api_source_name;
if ($forAPI) { if ($forAPI) {
switch ($platform) { switch ($platform) {
case 'openvk_native':
case 'openvk_refresh_android': case 'openvk_refresh_android':
case 'openvk_legacy_android': case 'openvk_legacy_android':
return 'android'; return 'android';
break; break;
case 'openvk_native_ios':
case 'openvk_ios': case 'openvk_ios':
case 'openvk_legacy_ios': case 'openvk_legacy_ios':
return 'iphone'; return 'iphone';

2
Web/Models/Entities/Traits/TSubscribable.php
View file

@ -34,9 +34,9 @@ trait TSubscribable
"target" => $this->getId(), "target" => $this->getId(),
]; ];
$sub = $ctx->table("subscriptions")->where($data); $sub = $ctx->table("subscriptions")->where($data);
if (!($sub->fetch())) { if (!($sub->fetch())) {
$ctx->table("subscriptions")->insert($data); $ctx->table("subscriptions")->insert($data);
return true; return true;
} }

50
Web/Models/Entities/User.php
View file

@ -971,11 +971,13 @@ class User extends RowModel
$platform = $this->getRecord()->client_name; $platform = $this->getRecord()->client_name;
if ($forAPI) { if ($forAPI) {
switch ($platform) { switch ($platform) {
case 'openvk_native':
case 'openvk_refresh_android': case 'openvk_refresh_android':
case 'openvk_legacy_android': case 'openvk_legacy_android':
return 'android'; return 'android';
break; break;
case 'openvk_native_ios':
case 'openvk_ios': case 'openvk_ios':
case 'openvk_legacy_ios': case 'openvk_legacy_ios':
return 'iphone'; return 'iphone';
@ -1738,4 +1740,52 @@ class User extends RowModel
{ {
return DatabaseConnection::i()->getContext()->table("blacklist_relations")->where("author", $this->getId())->count(); return DatabaseConnection::i()->getContext()->table("blacklist_relations")->where("author", $this->getId())->count();
} }
public function getEventCounters(array $list): array
{
$count_of_keys = sizeof(array_keys($list));
$ev_str = $this->getRecord()->events_counters;
$counters = [];
if (!$ev_str) {
for ($i = 0; $i < sizeof(array_keys($list)); $i++) {
$counters[] = 0;
}
} else {
$counters = unpack("S" . $count_of_keys, base64_decode($ev_str, true));
}
return [
'counters' => array_combine(array_keys($list), $counters),
'refresh_time' => $this->getRecord()->events_refresh_time,
];
}
public function stateEvents(array $state_list): void
{
$pack_str = "";
foreach ($state_list as $item => $id) {
$pack_str .= "S";
}
$this->stateChanges("events_counters", base64_encode(pack($pack_str, ...array_values($state_list))));
if (!$this->getRecord()->events_refresh_time) {
$this->stateChanges("events_refresh_time", time());
}
}
public function resetEvents(array $list): void
{
$values = [];
foreach ($list as $key => $val) {
$values[$key] = 0;
}
$this->stateEvents($values);
$this->stateChanges("events_refresh_time", time());
$this->save();
}
} }

23
Web/Presenters/AboutPresenter.php
View file

@ -147,6 +147,29 @@ final class AboutPresenter extends OpenVKPresenter
$this->redirect("https://github.com/openvk/openvk#readme"); $this->redirect("https://github.com/openvk/openvk#readme");
} }
public function renderAssetLinksJSON(): void
{
# Необходимо любому андроид приложению для автоматического разрешения принимать ссылки с этого сайта.
# Не шарю как писать норм на php поэтому тут чутка на вайбкодил - искренне ваш, ZAZiOs.
header("Content-Type: application/json");
$data = [
[
"relation" => ["delegate_permission/common.handle_all_urls"],
"target" => [
"namespace" => "android_app",
"package_name" => "oss.OpenVK.Native",
"sha256_cert_fingerprints" => [
"79:67:14:23:DC:6E:FA:49:64:1F:F1:81:0E:B0:A3:AE:6E:88:AB:0D:CF:BC:02:96:F3:6D:76:6B:82:94:D6:9C",
],
],
],
];
echo json_encode($data, JSON_UNESCAPED_SLASHES);
exit;
}
public function renderDev(): void public function renderDev(): void
{ {
$this->redirect("https://docs.ovk.to/"); $this->redirect("https://docs.ovk.to/");

4
Web/Presenters/GiftsPresenter.php
View file

@ -106,6 +106,10 @@ final class GiftsPresenter extends OpenVKPresenter
return; return;
} }
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->user->identity, "gifts.send")) {
$this->flashFail("err", tr("error"), tr("limit_exceed_exception"));
}
$comment = empty($c = $this->postParam("comment")) ? null : $c; $comment = empty($c = $this->postParam("comment")) ? null : $c;
$notification = new GiftNotification($user, $this->user->identity, $gift, $comment); $notification = new GiftNotification($user, $this->user->identity, $gift, $comment);
$notification->emit(); $notification->emit();

11
Web/Presenters/GroupPresenter.php
View file

@ -68,6 +68,10 @@ final class GroupPresenter extends OpenVKPresenter
$club->setAbout(empty($this->postParam("about")) ? null : $this->postParam("about")); $club->setAbout(empty($this->postParam("about")) ? null : $this->postParam("about"));
$club->setOwner($this->user->id); $club->setOwner($this->user->id);
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->user->identity, "groups.create")) {
$this->flashFail("err", tr("error"), tr("limit_exceed_exception"));
}
try { try {
$club->save(); $club->save();
} catch (\PDOException $ex) { } catch (\PDOException $ex) {
@ -79,6 +83,7 @@ final class GroupPresenter extends OpenVKPresenter
} }
$club->toggleSubscription($this->user->identity); $club->toggleSubscription($this->user->identity);
$this->redirect("/club" . $club->getId()); $this->redirect("/club" . $club->getId());
} else { } else {
$this->flashFail("err", tr("error"), tr("error_no_group_name")); $this->flashFail("err", tr("error"), tr("error_no_group_name"));
@ -103,6 +108,12 @@ final class GroupPresenter extends OpenVKPresenter
$this->flashFail("err", tr("error"), tr("forbidden")); $this->flashFail("err", tr("error"), tr("forbidden"));
} }
if (!$club->getSubscriptionStatus($this->user->identity)) {
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->user->identity, "groups.sub")) {
$this->flashFail("err", tr("error"), tr("limit_exceed_exception"));
}
}
$club->toggleSubscription($this->user->identity); $club->toggleSubscription($this->user->identity);
$this->redirect($club->getURL()); $this->redirect($club->getURL());

4
Web/Presenters/ReportPresenter.php
View file

@ -103,6 +103,10 @@ final class ReportPresenter extends OpenVKPresenter
exit(json_encode([ "error" => "You can't report yourself" ])); exit(json_encode([ "error" => "You can't report yourself" ]));
} }
if ($this->user->identity->isBannedInSupport()) {
exit(json_encode([ "reason" => $this->queryParam("reason") ]));
}
if (in_array($this->queryParam("type"), ["post", "photo", "video", "group", "comment", "note", "app", "user", "audio", "doc"])) { if (in_array($this->queryParam("type"), ["post", "photo", "video", "group", "comment", "note", "app", "user", "audio", "doc"])) {
if (count(iterator_to_array($this->reports->getDuplicates($this->queryParam("type"), $id, null, $this->user->id))) <= 0) { if (count(iterator_to_array($this->reports->getDuplicates($this->queryParam("type"), $id, null, $this->user->id))) <= 0) {
$report = new Report(); $report = new Report();

6
Web/Presenters/UserPresenter.php
View file

@ -418,6 +418,12 @@ final class UserPresenter extends OpenVKPresenter
if ($this->postParam("act") == "rej") { if ($this->postParam("act") == "rej") {
$user->changeFlags($this->user->identity, 0b10000000, true); $user->changeFlags($this->user->identity, 0b10000000, true);
} else { } else {
if ($user->getSubscriptionStatus($this->user->identity) == \openvk\Web\Models\Entities\User::SUBSCRIPTION_ABSENT) {
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->user->identity, "friends.outgoing_sub")) {
$this->flashFail("err", tr("error"), tr("limit_exceed_exception"));
}
}
$user->toggleSubscription($this->user->identity); $user->toggleSubscription($this->user->identity);
} }

4
Web/Presenters/WallPresenter.php
View file

@ -356,6 +356,10 @@ final class WallPresenter extends OpenVKPresenter
$this->flashFail("err", tr("failed_to_publish_post"), tr("post_is_empty_or_too_big")); $this->flashFail("err", tr("failed_to_publish_post"), tr("post_is_empty_or_too_big"));
} }
if (\openvk\Web\Util\EventRateLimiter::i()->tryToLimit($this->user->identity, "wall.post")) {
$this->flashFail("err", tr("error"), tr("limit_exceed_exception"));
}
$should_be_suggested = $wall < 0 && !$wallOwner->canBeModifiedBy($this->user->identity) && $wallOwner->getWallType() == 2; $should_be_suggested = $wall < 0 && !$wallOwner->canBeModifiedBy($this->user->identity) && $wallOwner->getWallType() == 2;
try { try {
$post = new Post(); $post = new Post();

14
Web/Presenters/templates/Group/View.xml
View file

@ -129,13 +129,15 @@
{var $avatarLink = ((is_null($avatarPhoto) ? FALSE : $avatarPhoto->isAnonymous()) ? "/photo" . ("s/" . base_convert((string) $avatarPhoto->getId(), 10, 32)) : $club->getAvatarLink())} {var $avatarLink = ((is_null($avatarPhoto) ? FALSE : $avatarPhoto->isAnonymous()) ? "/photo" . ("s/" . base_convert((string) $avatarPhoto->getId(), 10, 32)) : $club->getAvatarLink())}
<div class="avatar_block" style="position:relative;" data-club="{$club->getId()}"> <div class="avatar_block" style="position:relative;" data-club="{$club->getId()}">
{if $thisUser && $club->canBeModifiedBy($thisUser)} {if $thisUser && $club->canBeModifiedBy($thisUser)}
<a {if $avatarPhoto}style="display:none"{/if} class="add_image_text" id="add_image">{_add_image}</a> <div class="avatar_controls">
<div {if !$avatarPhoto}style="display:none"{/if} class="avatar_controls"> <div {if !$hasAvatar}style="display:none"{/if} class="avatarDelete hoverable"></div>
<div class="avatarDelete hoverable"></div> <div class="avatar_variants">
<div class="avatar_variants"> <a {if $hasAvatar}style="display:none"{/if} class="_add_image hoverable upload_image" id="add_image">
<a class="_add_image hoverable" id="add_image"><span>{_upload_new_picture}</span></a> <span>{_add_image}</span></a>
</div> <a {if !$hasAvatar}style="display:none"{/if} class="_add_image hoverable set_image" id="add_image">
<span>{_upload_new_picture}</span></a>
</div> </div>
</div>
{/if} {/if}
<a href="{$avatarLink|nocheck}"> <a href="{$avatarLink|nocheck}">

2
Web/Presenters/templates/Report/Tabs.xml
View file

@ -67,7 +67,7 @@
}, },
success: (response) => { success: (response) => {
if (response?.reports?.length != _content) { if (response?.reports?.length != _content) {
NewNotification("Обратите внимание", "В списке появились новые жалобы. Работа ждёт :)"); // NewNotification("Обратите внимание", "В списке появились новые жалобы. Работа ждёт :)");
} }
if (response.reports.length > 0) { if (response.reports.length > 0) {

10
Web/Presenters/templates/User/View.xml
View file

@ -73,11 +73,13 @@
{var $hasAvatar = !str_contains($user->getAvatarUrl('miniscule'), "/assets/packages/static/openvk/img/camera_200.png")} {var $hasAvatar = !str_contains($user->getAvatarUrl('miniscule'), "/assets/packages/static/openvk/img/camera_200.png")}
{if $thisUser && $user->getId() == $thisUser->getId()} {if $thisUser && $user->getId() == $thisUser->getId()}
<a {if $hasAvatar}style="display:none"{/if} class="add_image_text" id="add_image">{_add_image}</a> <div class="avatar_controls">
<div {if !$hasAvatar}style="display:none"{/if} class="avatar_controls"> <div {if !$hasAvatar}style="display:none"{/if} class="avatarDelete hoverable"></div>
<div class="avatarDelete hoverable"></div>
<div class="avatar_variants"> <div class="avatar_variants">
<a class="_add_image hoverable" id="add_image"><span>{_upload_new_picture}</span></a> <a {if $hasAvatar}style="display:none"{/if} class="_add_image hoverable upload_image" id="add_image">
<span>{_add_image}</span></a>
<a {if !$hasAvatar}style="display:none"{/if} class="_add_image hoverable set_image" id="add_image">
<span>{_upload_new_picture}</span></a>
</div> </div>
</div> </div>
{/if} {/if}

95
Web/Util/EventRateLimiter.php Normal file
View file

@ -0,0 +1,95 @@
<?php
declare(strict_types=1);
namespace openvk\Web\Util;
use openvk\Web\Models\Entities\User;
use openvk\Web\Models\RowModel;
use Chandler\Patterns\TSimpleSingleton;
class EventRateLimiter
{
use TSimpleSingleton;
private $config;
public function __construct()
{
$this->config = OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["rateLimits"]["eventsLimit"];
}
public function tryToLimit(?User $user, string $event_type, bool $is_update = true): bool
{
/*
Checks count of actions for last x seconds
Uses OPENVK_ROOT_CONF["openvk"]["preferences"]["security"]["rateLimits"]["eventsLimit"]
This check should be peformed only after checking other conditions cuz by default it increments counter
Returns:
true limit has exceed and the action must be restricted
false the action can be performed
Also returns "true" if this option is disabled
*/
$isEnabled = $this->config['enable'];
$isIgnoreForAdmins = $this->config['ignoreForAdmins'];
$restrictionTime = $this->config['restrictionTime'];
$eventsList = $this->config['list'];
if (!$isEnabled) {
return false;
}
if ($isIgnoreForAdmins && $user->isAdmin()) {
return false;
}
$eventsStats = $user->getEventCounters($eventsList);
$limitForThatEvent = $eventsList[$event_type];
$counters = $eventsStats["counters"];
$refresh_time = $eventsStats["refresh_time"];
$is_restrict_over = $refresh_time < (time() - $restrictionTime);
$event_counter = $counters[$event_type];
if ($refresh_time && $is_restrict_over) {
$user->resetEvents($eventsList);
return false;
}
$is_limit_exceed = $event_counter >= $limitForThatEvent;
if (!$is_limit_exceed && $is_update) {
$this->incrementEvent($counters, $event_type, $user);
}
return $is_limit_exceed;
}
public function incrementEvent(array $old_values, string $event_type, User $initiator): bool
{
/*
Updates counter for user
*/
$isEnabled = $this->config['enable'];
$eventsList = $this->config['list'];
if (!$isEnabled) {
return false;
}
$old_values[$event_type] += 1;
$initiator->stateEvents($old_values);
$initiator->save();
return true;
}
}

2
Web/routes.yml
View file

@ -407,6 +407,8 @@ routes:
handler: "About->robotsTxt" handler: "About->robotsTxt"
- url: "/humans.txt" - url: "/humans.txt"
handler: "About->humansTxt" handler: "About->humansTxt"
- url: "/.well-known/assetlinks.json"
handler: "About->AssetLinksJSON"
- url: "/dev" - url: "/dev"
handler: "About->dev" handler: "About->dev"
- url: "/iapi/getPhotosFromPost/{num}_{num}" - url: "/iapi/getPhotosFromPost/{num}_{num}"

BIN
Web/static/img/app_icons/openvk_native.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 37 KiB

9
Web/static/js/al_wall.js
View file

@ -2207,8 +2207,10 @@ $(document).on("click", "#add_image", (e) => {
document.querySelector("#bigAvatar").src = response.url document.querySelector("#bigAvatar").src = response.url
document.querySelector("#bigAvatar").parentNode.href = "/photo" + response.new_photo document.querySelector("#bigAvatar").parentNode.href = "/photo" + response.new_photo
document.querySelector(".add_image_text").style.display = "none"
document.querySelector(".avatar_controls").style.display = "block" document.querySelector(".avatar_controls").style.display = "block"
document.querySelector(".avatar_controls .set_image").style.display = "block"
document.querySelector(".avatar_controls .avatarDelete").style.display = "block"
document.querySelector(".avatar_controls .upload_image").style.display = "none"
} }
}) })
}) })
@ -2341,8 +2343,9 @@ $(document).on("click", ".avatarDelete", (e) => {
document.querySelector("#bigAvatar").parentNode.href = response.new_photo ? ("/photo" + response.new_photo) : "javascript:void(0)" document.querySelector("#bigAvatar").parentNode.href = response.new_photo ? ("/photo" + response.new_photo) : "javascript:void(0)"
if(!response.has_new_photo) { if(!response.has_new_photo) {
document.querySelector(".avatar_controls").style.display = "none" document.querySelector(".avatar_controls .set_image").style.display = "none"
document.querySelector(".add_image_text").style.display = "block" document.querySelector(".avatar_controls .avatarDelete").style.display = "none"
document.querySelector(".avatar_controls .upload_image").style.display = "block"
} }
} }
}) })

2
data/clients.xml
View file

@ -3,4 +3,6 @@
<Client tag="vk4me" name="VK4ME" url="http://vk4me.crx.moe/" img="/assets/packages/static/openvk/img/app_icons/vk4me.png" /> <Client tag="vk4me" name="VK4ME" url="http://vk4me.crx.moe/" img="/assets/packages/static/openvk/img/app_icons/vk4me.png" />
<Client tag="openvk_legacy_android" name="OpenVK Legacy" url="https://f-droid.org/packages/uk.openvk.android.legacy/" img="/assets/packages/static/openvk/img/app_icons/openvk_legacy.png" /> <Client tag="openvk_legacy_android" name="OpenVK Legacy" url="https://f-droid.org/packages/uk.openvk.android.legacy/" img="/assets/packages/static/openvk/img/app_icons/openvk_legacy.png" />
<Client tag="openvk_refresh_android" name="OpenVK Refresh" url="https://github.com/openvk/mobile-android-refresh" img="/assets/packages/static/openvk/img/app_icons/openvk_refresh.png" /> <Client tag="openvk_refresh_android" name="OpenVK Refresh" url="https://github.com/openvk/mobile-android-refresh" img="/assets/packages/static/openvk/img/app_icons/openvk_refresh.png" />
<Client tag="openvk_native" name="OpenVK Native" url="https://ovk.to/club9628" img="/assets/packages/static/openvk/img/app_icons/openvk_native.png" />
<Client tag="openvk_native_ios" name="OpenVK Native" url="https://ovk.to/club9628" img="/assets/packages/static/openvk/img/app_icons/openvk_native.png" />
</Clients> </Clients>

3
install/sqls/00057-event-limiting.sql Normal file
View file

@ -0,0 +1,3 @@
ALTER TABLE `profiles`
ADD `events_counters` VARCHAR(299) NULL DEFAULT NULL AFTER `audio_broadcast_enabled`,
ADD `events_refresh_time` BIGINT(20) UNSIGNED NULL DEFAULT NULL AFTER `events_counters`;

2
locales/en.strings
View file

@ -1657,6 +1657,8 @@
"error_geolocation" = "Error while trying to pin geolocation"; "error_geolocation" = "Error while trying to pin geolocation";
"error_no_geotag" = "There is no geo-tag pinned in this post"; "error_no_geotag" = "There is no geo-tag pinned in this post";
"limit_exceed_exception" = "You're doing this action too often. Try again later.";
/* Admin actions */ /* Admin actions */
"login_as" = "Login as $1"; "login_as" = "Login as $1";

2
locales/ru.strings
View file

@ -1561,6 +1561,8 @@
"error_geolocation" = "Ошибка при прикреплении геометки"; "error_geolocation" = "Ошибка при прикреплении геометки";
"error_no_geotag" = "У поста не указана гео-метка"; "error_no_geotag" = "У поста не указана гео-метка";
"limit_exceed_exception" = "Вы совершаете это действие слишком часто. Повторите позже.";
/* Admin actions */ /* Admin actions */
"login_as" = "Войти как $1"; "login_as" = "Войти как $1";

10
openvk-example.yml
View file

@ -41,6 +41,16 @@ openvk:
maxViolations: 50 maxViolations: 50
maxViolationsAge: 120 maxViolationsAge: 120
autoban: true autoban: true
eventsLimit:
enable: true
ignoreForAdmins: true
restrictionTime: 86400
list:
groups.create: 5
groups.sub: 50
friends.outgoing_sub: 25
wall.post: 5000
gifts.send: 30
blacklists: blacklists:
limit: 100 limit: 100
applyToAdmins: true applyToAdmins: true