补 丁 名: 防御垃圾引用补丁,附修改方法。
适用版本: PJblog 2.6
演示地址:http://blog.dngz.net/
下载地址:[color=Red]点击下载该文件
插件简介: 能有效防止垃圾引用。加密递交地址,KEY验证,并每小时自动更换一次key。
[color=Red]此修改不涉及数据库,只修改了4个文件,并支持静态页模式!
效果
引用通告地址: trackback.asp?tbID=JNQSERL8&key=JOKNPMOOQNJMLNL8
具体安装方法如下:
======================================================
文件trackback.asp
查找
tbID = CheckStr(Request.QueryString(“tbID”))
替换成
[color=Red]tbID = Decrypt(CheckStr(Request.QueryString(“tbID”)))
查找
If Not (IsInteger(Request.QueryString(“tbID”)) AND IsInteger(Request.QueryString(“logID”))) Then
替换成
[color=Red]If Not IsInteger(Decrypt(Request.QueryString(“tbID”))) AND IsInteger(Request.QueryString(“logID”)) Then
查找
Where blog_ID=”&logID&” AND tb_ID=”&CheckStr(Request.QueryString(“tbID”))
替换成
[color=Red]Where blog_ID=”&logID&” AND tb_ID=”&Decrypt(CheckStr(Request.QueryString(“tbID”)))
注意:有2处
查找
'==================================
' 引用通告处理页面
' 更新时间: 2006-6-1
'==================================
在下面加入
[color=Red]dim keys,keys1
keys=Request.QueryString(“key”)
keys1=Encrypt((year(now))&(Month(now))&(day(now))&hour(now()))
if keys<>keys1 then
Response.contentType=”text/xml”
Response.write “
%>
1您递交的信息已过期.请检查…
<%elsedim strget strget=trim(Request.QueryString("tbID")) if len(strget) > 8 then
Response.contentType=”text/xml”
Response.write “
%>
1您递交的信息有错误.请检查…
<%else dim tbIDs tbIDs = Decrypt(CheckStr(Request.QueryString("tbID"))) if tbIDs < 1 then Response.contentType="text/xml" Response.write "
%>
1您递交的信息有错误.请检查…
<% else

查找
'Trackback response function上面加入
[color=Red]end if
end if
end if

********可以不换***********
查找
Response.Redirect(“search.asp?searchType=trackback”)
替换成
[color=Red]Response.contentType=”text/xml”
Response.write “
%>
1日志ID错误.请检查……
<%
查找
1日志没有被引用.
替换成
[color=Red]1日志(ID=<% Response.write tbID %>)没有被引用.
********可以不换***********

===========================================================
文件class\cls_article.asp
查找
引用通告地址:” target=”_blank”><%=(SiteURL&"trackback.asp?tbID="&Encrypt(id)&"&key="&Encrypt((year(now))&(Month(now))&(day(now))&hour(now())))%>
查找
Sub ShowComm(LogID,comDesc,DisComment)
在下面添加
[color=Red]dim k1
k1=Encrypt((year(now))&(Month(now))&(day(now))&hour(now()))
查找
href=””trackback.asp?action=deltb&tbID=”&commArr(6,Pcount)&”&logID=”&LogID&”””
替换成
[color=Red]href=””trackback.asp?action=deltb&tbID=”&Encrypt(commArr(6,Pcount))&”&logID=”&LogID&”&key=”&k1&”””

查找
TempArticle=Replace(TempArticle,”<"&"%ST(A)%"&">“,””)
替换成
[color=Red]dim k1
k1=Encrypt((year(now))&(Month(now))&(day(now))&hour(now()))
TempArticle=Replace(TempArticle,”<"&"%ST(A)%"&">“,””)
TempArticle=Replace(TempArticle,”<"&"%ST(KEY)%"&">“,k1)===========================================================
文件class\cls_logAction.asp
查找
Temp1=Replace(Temp1,”<$trackback$>“,SiteURL&”trackback.asp?tbID=”&LogID)
替换成
[color=Red]Temp1=Replace(Temp1,”<$trackback$>“,SiteURL&”trackback.asp?tbID=”&Encrypt(LogID)&”&key=”&”<"&"%ST(KEY)%"&">“)===========================================================
文件common\function.asp
在文件最后,%>的上面添加

[color=Red]Function Encrypt(theNumber)
On Error Resume Next
Dim n, szEnc, t, HiN, LoN, i
n = CDbl((theNumber + 1570) ^ 2 – 7 * (theNumber + 1570) – 450)
If n < 0 Then szEnc = "R" Else szEnc = "J"n = CStr(abs(n))For i = 1 To Len(n) step 2 t = Mid(n, i, 2) If Len(t) = 1 Then szEnc = szEnc & t Exit For End If HiN = (CInt(t) And 240) / 16 LoN = CInt(t) And 15 szEnc = szEnc & Chr(Asc("M") + HiN) & Chr(Asc("C") + LoN)NextEncrypt = szEncEnd FunctionFunction Decrypt(theNumber)On Error Resume NextDim e, n, sign, t, HiN, LoN, NewN, ie = theNumberIf Left(e, 1) = "R" Then sign = -1 Else sign = 1e = Mid(e, 2)NewN = ""For i = 1 To Len(e) step 2 t = Mid(e, i, 2) If Asc(t) >= Asc(“0”) And Asc(t) <= Asc("9") Then NewN = NewN & t Exit For End If HiN = Mid(t, 1, 1) LoN = Mid(t, 2, 1) HiN = (Asc(HiN) - Asc("M")) * 16 LoN = Asc(LoN) - Asc("C") t = CStr(HiN or LoN) If Len(t) = 1 Then t = "0" & t NewN = NewN & tNexte = CDbl(NewN) * signDecrypt = CLng((7 + sqr(49 - 4 * (-450 - e))) / 2 - 1570)End Function
================================================
演示看我的BLOG
没有修改过这4个文件的用户可以下载下面的覆盖即可。
================================================
使用静态页的需要到后台重新生成所有日记。

测试:我引用一下《新年第一天换新电脑啦!》,看效果如何。

http://blog.dngz.net/149.htm

我想发表对此文的评论 ...(没有弹出错误信息则说明评论成功,需要等待审核.)