Changeset 3707:3a350757c847 for plugins/antispam/filters
- Timestamp:
- 02/17/18 18:03:29 (8 years ago)
- Branch:
- default
- Location:
- plugins/antispam/filters
- Files:
-
- 2 edited
-
class.dc.filter.ip.php (modified) (1 diff)
-
class.dc.filter.words.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
plugins/antispam/filters/class.dc.filter.ip.php
r3047 r3707 10 10 # 11 11 # -- END LICENSE BLOCK ----------------------------------------- 12 if (!defined('DC_RC_PATH')) { return;}12 if (!defined('DC_RC_PATH')) {return;} 13 13 14 14 class dcFilterIP extends dcSpamFilter 15 15 { 16 public $name = 'IP Filter'; 17 public $has_gui = true; 18 public $help = 'ip-filter'; 19 20 private $con; 21 private $table; 22 23 public function __construct($core) 24 { 25 parent::__construct($core); 26 $this->con =& $core->con; 27 $this->table = $core->prefix.'spamrule'; 28 } 29 30 protected function setInfo() 31 { 32 $this->description = __('IP Blacklist / Whitelist Filter'); 33 } 34 35 public function getStatusMessage($status,$comment_id) 36 { 37 return sprintf(__('Filtered by %1$s with rule %2$s.'),$this->guiLink(),$status); 38 } 39 40 public function isSpam($type,$author,$email,$site,$ip,$content,$post_id,&$status) 41 { 42 if (!$ip) { 43 return; 44 } 45 46 # White list check 47 if ($this->checkIP($ip,'white') !== false) { 48 return false; 49 } 50 51 # Black list check 52 if (($s = $this->checkIP($ip,'black')) !== false) { 53 $status = $s; 54 return true; 55 } 56 } 57 58 public function gui($url) 59 { 60 global $default_tab; 61 $core =& $this->core; 62 63 # Set current type and tab 64 $ip_type = 'black'; 65 if (!empty($_REQUEST['ip_type']) && $_REQUEST['ip_type'] == 'white') { 66 $ip_type = 'white'; 67 } 68 $default_tab = 'tab_'.$ip_type; 69 70 # Add IP to list 71 if (!empty($_POST['addip'])) 72 { 73 try 74 { 75 $global = !empty($_POST['globalip']) && $core->auth->isSuperAdmin(); 76 77 $this->addIP($ip_type,$_POST['addip'],$global); 78 dcPage::addSuccessNotice(__('IP address has been successfully added.')); 79 http::redirect($url.'&ip_type='.$ip_type); 80 } 81 catch (Exception $e) 82 { 83 $core->error->add($e->getMessage()); 84 } 85 } 86 87 # Remove IP from list 88 if (!empty($_POST['delip']) && is_array($_POST['delip'])) 89 { 90 try { 91 $this->removeRule($_POST['delip']); 92 dcPage::addSuccessNotice(__('IP addresses have been successfully removed.')); 93 http::redirect($url.'&ip_type='.$ip_type); 94 } catch (Exception $e) { 95 $core->error->add($e->getMessage()); 96 } 97 } 98 99 /* DISPLAY 100 ---------------------------------------------- */ 101 $res = dcPage::notices(); 102 103 $res .= 104 $this->displayForms($url,'black',__('Blacklist')). 105 $this->displayForms($url,'white',__('Whitelist')); 106 107 return $res; 108 } 109 110 private function displayForms($url,$type,$title) 111 { 112 $core =& $this->core; 113 114 $res = 115 '<div class="multi-part" id="tab_'.$type.'" title="'.$title.'">'. 116 117 '<form action="'.html::escapeURL($url).'" method="post" class="fieldset">'. 118 119 '<p>'. 120 form::hidden(array('ip_type'),$type). 121 '<label class="classic" for="addip_'.$type.'">'.__('Add an IP address: ').'</label> '. 122 form::field(array('addip', 'addip_'.$type),18,255); 123 if ($core->auth->isSuperAdmin()) { 124 $res .= '<label class="classic" for="globalip_'.$type.'">'.form::checkbox(array('globalip', 'globalip_'.$type),1).' '. 125 __('Global IP (used for all blogs)').'</label> '; 126 } 127 128 $res .= 129 $core->formNonce(). 130 '</p>'. 131 '<p><input type="submit" value="'.__('Add').'"/></p>'. 132 '</form>'; 133 134 $rs = $this->getRules($type); 135 136 if ($rs->isEmpty()) 137 { 138 $res .= '<p><strong>'.__('No IP address in list.').'</strong></p>'; 139 } 140 else 141 { 142 $res .= 143 '<form action="'.html::escapeURL($url).'" method="post">'. 144 '<h3>' . __('IP list') . '</h3>'. 145 '<div class="antispam">'; 146 147 $res_global = ''; 148 $res_local = ''; 149 while ($rs->fetch()) 150 { 151 $bits = explode(':',$rs->rule_content); 152 $pattern = $bits[0]; 153 $ip = $bits[1]; 154 $bitmask = $bits[2]; 155 156 $disabled_ip = false; 157 $p_style = ''; 158 if (!$rs->blog_id) { 159 $disabled_ip = !$core->auth->isSuperAdmin(); 160 $p_style .= ' global'; 161 } 162 163 $item = 164 '<p class="'.$p_style.'"><label class="classic" for="'.$type.'-ip-'.$rs->rule_id.'">'. 165 form::checkbox(array('delip[]',$type.'-ip-'.$rs->rule_id),$rs->rule_id,false,'','',$disabled_ip).' '. 166 html::escapeHTML($pattern). 167 '</label></p>'; 168 169 if ($rs->blog_id) { 170 // local list 171 if ($res_local == '') { 172 $res_local = '<h4>'.__('Local IPs (used only for this blog)').'</h4>'; 173 } 174 $res_local .= $item; 175 } else { 176 // global list 177 if ($res_global == '') { 178 $res_global = '<h4>'.__('Global IPs (used for all blogs)').'</h4>'; 179 } 180 $res_global .= $item; 181 } 182 } 183 $res .= $res_local.$res_global; 184 185 $res .= 186 '</div>'. 187 '<p><input class="submit delete" type="submit" value="'.__('Delete').'"/>'. 188 $core->formNonce(). 189 form::hidden(array('ip_type'),$type). 190 '</p>'. 191 '</form>'; 192 } 193 194 $res .= '</div>'; 195 196 return $res; 197 } 198 199 private function ipmask($pattern,&$ip,&$mask) 200 { 201 $bits = explode('/',$pattern); 202 203 # Set IP 204 $bits[0] .= str_repeat(".0", 3 - substr_count($bits[0], ".")); 205 $ip = ip2long($bits[0]); 206 207 if (!$ip || $ip == -1) { 208 throw new Exception('Invalid IP address'); 209 } 210 211 # Set mask 212 if (!isset($bits[1])) { 213 $mask = -1; 214 } elseif (strpos($bits[1],'.')) { 215 $mask = ip2long($bits[1]); 216 if (!$mask) { 217 $mask = -1; 218 } 219 } else { 220 $mask = ~((1 << (32 - $bits[1])) - 1); 221 } 222 } 223 224 public function addIP($type,$pattern,$global) 225 { 226 $this->ipmask($pattern,$ip,$mask); 227 $pattern = long2ip($ip).($mask != -1 ? '/'.long2ip($mask) : ''); 228 $content = $pattern.':'.$ip.':'.$mask; 229 230 $old = $this->getRuleCIDR($type,$global,$ip,$mask); 231 $cur = $this->con->openCursor($this->table); 232 233 if ($old->isEmpty()) 234 { 235 $id = $this->con->select('SELECT MAX(rule_id) FROM '.$this->table)->f(0) + 1; 236 237 $cur->rule_id = $id; 238 $cur->rule_type = (string) $type; 239 $cur->rule_content = (string) $content; 240 241 if ($global && $this->core->auth->isSuperAdmin()) { 242 $cur->blog_id = null; 243 } else { 244 $cur->blog_id = $this->core->blog->id; 245 } 246 247 $cur->insert(); 248 } 249 else 250 { 251 $cur->rule_type = (string) $type; 252 $cur->rule_content = (string) $content; 253 $cur->update('WHERE rule_id = '.(integer) $old->rule_id); 254 } 255 } 256 257 private function getRules($type='all') 258 { 259 $strReq = 260 'SELECT rule_id, rule_type, blog_id, rule_content '. 261 'FROM '.$this->table.' '. 262 "WHERE rule_type = '".$this->con->escape($type)."' ". 263 "AND (blog_id = '".$this->core->blog->id."' OR blog_id IS NULL) ". 264 'ORDER BY blog_id ASC, rule_content ASC '; 265 266 return $this->con->select($strReq); 267 } 268 269 private function getRuleCIDR($type,$global,$ip,$mask) 270 { 271 $strReq = 272 'SELECT * FROM '.$this->table.' '. 273 "WHERE rule_type = '".$this->con->escape($type)."' ". 274 "AND rule_content LIKE '%:".(integer) $ip.":".(integer) $mask."' ". 275 'AND blog_id '.($global ? 'IS NULL ' : "= '".$this->core->blog->id."' "); 276 277 return $this->con->select($strReq); 278 } 279 280 private function checkIP($cip,$type) 281 { 282 $core =& $this->core; 283 284 $strReq = 285 'SELECT DISTINCT(rule_content) '. 286 'FROM '.$this->table.' '. 287 "WHERE rule_type = '".$this->con->escape($type)."' ". 288 "AND (blog_id = '".$this->core->blog->id."' OR blog_id IS NULL) ". 289 'ORDER BY rule_content ASC '; 290 291 $rs = $this->con->select($strReq); 292 while ($rs->fetch()) 293 { 294 list($pattern,$ip,$mask) = explode(':',$rs->rule_content); 295 if ((ip2long($cip) & (integer) $mask) == ((integer) $ip & (integer) $mask)) { 296 return $pattern; 297 } 298 } 299 return false; 300 } 301 302 private function removeRule($ids) 303 { 304 $strReq = 'DELETE FROM '.$this->table.' '; 305 306 if (is_array($ids)) { 307 foreach ($ids as $i => $v) { 308 $ids[$i] = (integer) $v; 309 } 310 $strReq .= 'WHERE rule_id IN ('.implode(',',$ids).') '; 311 } else { 312 $ids = (integer) $ids; 313 $strReq .= 'WHERE rule_id = '.$ids.' '; 314 } 315 316 if (!$this->core->auth->isSuperAdmin()) { 317 $strReq .= "AND blog_id = '".$this->core->blog->id."' "; 318 } 319 320 $this->con->execute($strReq); 321 } 16 public $name = 'IP Filter'; 17 public $has_gui = true; 18 public $help = 'ip-filter'; 19 20 private $con; 21 private $table; 22 23 public function __construct($core) 24 { 25 parent::__construct($core); 26 $this->con = &$core->con; 27 $this->table = $core->prefix . 'spamrule'; 28 } 29 30 protected function setInfo() 31 { 32 $this->description = __('IP Blacklist / Whitelist Filter'); 33 } 34 35 public function getStatusMessage($status, $comment_id) 36 { 37 return sprintf(__('Filtered by %1$s with rule %2$s.'), $this->guiLink(), $status); 38 } 39 40 public function isSpam($type, $author, $email, $site, $ip, $content, $post_id, &$status) 41 { 42 if (!$ip) { 43 return; 44 } 45 46 # White list check 47 if ($this->checkIP($ip, 'white') !== false) { 48 return false; 49 } 50 51 # Black list check 52 if (($s = $this->checkIP($ip, 'black')) !== false) { 53 $status = $s; 54 return true; 55 } 56 } 57 58 public function gui($url) 59 { 60 global $default_tab; 61 $core = &$this->core; 62 63 # Set current type and tab 64 $ip_type = 'black'; 65 if (!empty($_REQUEST['ip_type']) && $_REQUEST['ip_type'] == 'white') { 66 $ip_type = 'white'; 67 } 68 $default_tab = 'tab_' . $ip_type; 69 70 # Add IP to list 71 if (!empty($_POST['addip'])) { 72 try 73 { 74 $global = !empty($_POST['globalip']) && $core->auth->isSuperAdmin(); 75 76 $this->addIP($ip_type, $_POST['addip'], $global); 77 dcPage::addSuccessNotice(__('IP address has been successfully added.')); 78 http::redirect($url . '&ip_type=' . $ip_type); 79 } catch (Exception $e) { 80 $core->error->add($e->getMessage()); 81 } 82 } 83 84 # Remove IP from list 85 if (!empty($_POST['delip']) && is_array($_POST['delip'])) { 86 try { 87 $this->removeRule($_POST['delip']); 88 dcPage::addSuccessNotice(__('IP addresses have been successfully removed.')); 89 http::redirect($url . '&ip_type=' . $ip_type); 90 } catch (Exception $e) { 91 $core->error->add($e->getMessage()); 92 } 93 } 94 95 /* DISPLAY 96 ---------------------------------------------- */ 97 $res = dcPage::notices(); 98 99 $res .= 100 $this->displayForms($url, 'black', __('Blacklist')) . 101 $this->displayForms($url, 'white', __('Whitelist')); 102 103 return $res; 104 } 105 106 private function displayForms($url, $type, $title) 107 { 108 $core = &$this->core; 109 110 $res = 111 '<div class="multi-part" id="tab_' . $type . '" title="' . $title . '">' . 112 113 '<form action="' . html::escapeURL($url) . '" method="post" class="fieldset">' . 114 115 '<p>' . 116 form::hidden(array('ip_type'), $type) . 117 '<label class="classic" for="addip_' . $type . '">' . __('Add an IP address: ') . '</label> ' . 118 form::field(array('addip', 'addip_' . $type), 18, 255); 119 if ($core->auth->isSuperAdmin()) { 120 $res .= '<label class="classic" for="globalip_' . $type . '">' . form::checkbox(array('globalip', 'globalip_' . $type), 1) . ' ' . 121 __('Global IP (used for all blogs)') . '</label> '; 122 } 123 124 $res .= 125 $core->formNonce() . 126 '</p>' . 127 '<p><input type="submit" value="' . __('Add') . '"/></p>' . 128 '</form>'; 129 130 $rs = $this->getRules($type); 131 132 if ($rs->isEmpty()) { 133 $res .= '<p><strong>' . __('No IP address in list.') . '</strong></p>'; 134 } else { 135 $res .= 136 '<form action="' . html::escapeURL($url) . '" method="post">' . 137 '<h3>' . __('IP list') . '</h3>' . 138 '<div class="antispam">'; 139 140 $res_global = ''; 141 $res_local = ''; 142 while ($rs->fetch()) { 143 $bits = explode(':', $rs->rule_content); 144 $pattern = $bits[0]; 145 $ip = $bits[1]; 146 $bitmask = $bits[2]; 147 148 $disabled_ip = false; 149 $p_style = ''; 150 if (!$rs->blog_id) { 151 $disabled_ip = !$core->auth->isSuperAdmin(); 152 $p_style .= ' global'; 153 } 154 155 $item = 156 '<p class="' . $p_style . '"><label class="classic" for="' . $type . '-ip-' . $rs->rule_id . '">' . 157 form::checkbox(array('delip[]', $type . '-ip-' . $rs->rule_id), $rs->rule_id, 158 array( 159 'disabled' => $disabled_ip 160 ) 161 ) . ' ' . 162 html::escapeHTML($pattern) . 163 '</label></p>'; 164 165 if ($rs->blog_id) { 166 // local list 167 if ($res_local == '') { 168 $res_local = '<h4>' . __('Local IPs (used only for this blog)') . '</h4>'; 169 } 170 $res_local .= $item; 171 } else { 172 // global list 173 if ($res_global == '') { 174 $res_global = '<h4>' . __('Global IPs (used for all blogs)') . '</h4>'; 175 } 176 $res_global .= $item; 177 } 178 } 179 $res .= $res_local . $res_global; 180 181 $res .= 182 '</div>' . 183 '<p><input class="submit delete" type="submit" value="' . __('Delete') . '"/>' . 184 $core->formNonce() . 185 form::hidden(array('ip_type'), $type) . 186 '</p>' . 187 '</form>'; 188 } 189 190 $res .= '</div>'; 191 192 return $res; 193 } 194 195 private function ipmask($pattern, &$ip, &$mask) 196 { 197 $bits = explode('/', $pattern); 198 199 # Set IP 200 $bits[0] .= str_repeat(".0", 3 - substr_count($bits[0], ".")); 201 $ip = ip2long($bits[0]); 202 203 if (!$ip || $ip == -1) { 204 throw new Exception('Invalid IP address'); 205 } 206 207 # Set mask 208 if (!isset($bits[1])) { 209 $mask = -1; 210 } elseif (strpos($bits[1], '.')) { 211 $mask = ip2long($bits[1]); 212 if (!$mask) { 213 $mask = -1; 214 } 215 } else { 216 $mask = ~((1 << (32 - $bits[1])) - 1); 217 } 218 } 219 220 public function addIP($type, $pattern, $global) 221 { 222 $this->ipmask($pattern, $ip, $mask); 223 $pattern = long2ip($ip) . ($mask != -1 ? '/' . long2ip($mask) : ''); 224 $content = $pattern . ':' . $ip . ':' . $mask; 225 226 $old = $this->getRuleCIDR($type, $global, $ip, $mask); 227 $cur = $this->con->openCursor($this->table); 228 229 if ($old->isEmpty()) { 230 $id = $this->con->select('SELECT MAX(rule_id) FROM ' . $this->table)->f(0) + 1; 231 232 $cur->rule_id = $id; 233 $cur->rule_type = (string) $type; 234 $cur->rule_content = (string) $content; 235 236 if ($global && $this->core->auth->isSuperAdmin()) { 237 $cur->blog_id = null; 238 } else { 239 $cur->blog_id = $this->core->blog->id; 240 } 241 242 $cur->insert(); 243 } else { 244 $cur->rule_type = (string) $type; 245 $cur->rule_content = (string) $content; 246 $cur->update('WHERE rule_id = ' . (integer) $old->rule_id); 247 } 248 } 249 250 private function getRules($type = 'all') 251 { 252 $strReq = 253 'SELECT rule_id, rule_type, blog_id, rule_content ' . 254 'FROM ' . $this->table . ' ' . 255 "WHERE rule_type = '" . $this->con->escape($type) . "' " . 256 "AND (blog_id = '" . $this->core->blog->id . "' OR blog_id IS NULL) " . 257 'ORDER BY blog_id ASC, rule_content ASC '; 258 259 return $this->con->select($strReq); 260 } 261 262 private function getRuleCIDR($type, $global, $ip, $mask) 263 { 264 $strReq = 265 'SELECT * FROM ' . $this->table . ' ' . 266 "WHERE rule_type = '" . $this->con->escape($type) . "' " . 267 "AND rule_content LIKE '%:" . (integer) $ip . ":" . (integer) $mask . "' " . 268 'AND blog_id ' . ($global ? 'IS NULL ' : "= '" . $this->core->blog->id . "' "); 269 270 return $this->con->select($strReq); 271 } 272 273 private function checkIP($cip, $type) 274 { 275 $core = &$this->core; 276 277 $strReq = 278 'SELECT DISTINCT(rule_content) ' . 279 'FROM ' . $this->table . ' ' . 280 "WHERE rule_type = '" . $this->con->escape($type) . "' " . 281 "AND (blog_id = '" . $this->core->blog->id . "' OR blog_id IS NULL) " . 282 'ORDER BY rule_content ASC '; 283 284 $rs = $this->con->select($strReq); 285 while ($rs->fetch()) { 286 list($pattern, $ip, $mask) = explode(':', $rs->rule_content); 287 if ((ip2long($cip) & (integer) $mask) == ((integer) $ip & (integer) $mask)) { 288 return $pattern; 289 } 290 } 291 return false; 292 } 293 294 private function removeRule($ids) 295 { 296 $strReq = 'DELETE FROM ' . $this->table . ' '; 297 298 if (is_array($ids)) { 299 foreach ($ids as $i => $v) { 300 $ids[$i] = (integer) $v; 301 } 302 $strReq .= 'WHERE rule_id IN (' . implode(',', $ids) . ') '; 303 } else { 304 $ids = (integer) $ids; 305 $strReq .= 'WHERE rule_id = ' . $ids . ' '; 306 } 307 308 if (!$this->core->auth->isSuperAdmin()) { 309 $strReq .= "AND blog_id = '" . $this->core->blog->id . "' "; 310 } 311 312 $this->con->execute($strReq); 313 } 322 314 } -
plugins/antispam/filters/class.dc.filter.words.php
r3002 r3707 10 10 # 11 11 # -- END LICENSE BLOCK ----------------------------------------- 12 if (!defined('DC_RC_PATH')) { return;}12 if (!defined('DC_RC_PATH')) {return;} 13 13 14 14 class dcFilterWords extends dcSpamFilter 15 15 { 16 public $has_gui = true; 17 public $name = 'Bad Words'; 18 public $help = 'words-filter'; 19 20 private $con; 21 private $table; 22 23 public function __construct($core) 24 { 25 parent::__construct($core); 26 $this->con =& $core->con; 27 $this->table = $core->prefix.'spamrule'; 28 } 29 30 protected function setInfo() 31 { 32 $this->description = __('Words Blacklist'); 33 } 34 35 public function getStatusMessage($status,$comment_id) 36 { 37 return sprintf(__('Filtered by %1$s with word %2$s.'),$this->guiLink(),'<em>'.$status.'</em>'); 38 } 39 40 public function isSpam($type,$author,$email,$site,$ip,$content,$post_id,&$status) 41 { 42 $str = $author.' '.$email.' '.$site.' '.$content; 43 44 $rs = $this->getRules(); 45 46 while ($rs->fetch()) 47 { 48 $word = $rs->rule_content; 49 50 if (substr($word,0,1) == '/' && substr($word,-1,1) == '/') { 51 $reg = substr(substr($word,1),0,-1); 52 } else { 53 $reg = preg_quote($word, '/'); 54 $reg = '(^|\s+|>|<)'.$reg.'(>|<|\s+|\.|$)'; 55 } 56 57 if (preg_match('/'.$reg.'/msiu',$str)) { 58 $status = $word; 59 return true; 60 } 61 } 62 } 63 64 public function gui($url) 65 { 66 $core =& $this->core; 67 68 # Create list 69 if (!empty($_POST['createlist'])) 70 { 71 try { 72 $this->defaultWordsList(); 73 dcPage::addSuccessNotice(__('Words have been successfully added.')); 74 http::redirect($url); 75 } catch (Exception $e) { 76 $core->error->add($e->getMessage()); 77 } 78 } 79 80 # Adding a word 81 if (!empty($_POST['swa'])) 82 { 83 $globalsw = !empty($_POST['globalsw']) && $core->auth->isSuperAdmin(); 84 85 try { 86 $this->addRule($_POST['swa'],$globalsw); 87 dcPage::addSuccessNotice(__('Word has been successfully added.')); 88 http::redirect($url); 89 } catch (Exception $e) { 90 $core->error->add($e->getMessage()); 91 } 92 } 93 94 # Removing spamwords 95 if (!empty($_POST['swd']) && is_array($_POST['swd'])) 96 { 97 try { 98 $this->removeRule($_POST['swd']); 99 dcPage::addSuccessNotice(__('Words have been successfully removed.')); 100 http::redirect($url); 101 } catch (Exception $e) { 102 $core->error->add($e->getMessage()); 103 } 104 } 105 106 /* DISPLAY 107 ---------------------------------------------- */ 108 $res = dcPage::notices(); 109 110 $res .= 111 '<form action="'.html::escapeURL($url).'" method="post" class="fieldset">'. 112 '<p><label class="classic" for="swa">'.__('Add a word ').'</label> '.form::field('swa',20,128); 113 114 if ($core->auth->isSuperAdmin()) { 115 $res .= '<label class="classic" for="globalsw">'.form::checkbox('globalsw',1). 116 __('Global word (used for all blogs)').'</label> '; 117 } 118 119 $res .= 120 $core->formNonce(). 121 '</p>'. 122 '<p><input type="submit" value="'.__('Add').'"/></p>'. 123 '</form>'; 124 125 $rs = $this->getRules(); 126 if ($rs->isEmpty()) 127 { 128 $res .= '<p><strong>'.__('No word in list.').'</strong></p>'; 129 } 130 else 131 { 132 $res .= 133 '<form action="'.html::escapeURL($url).'" method="post" class="fieldset">'. 134 '<h3>' . __('List of bad words') . '</h3>'. 135 '<div class="antispam">'; 136 137 $res_global = ''; 138 $res_local = ''; 139 while ($rs->fetch()) 140 { 141 $disabled_word = false; 142 143 $p_style = ''; 144 145 if (!$rs->blog_id) { 146 $disabled_word = !$core->auth->isSuperAdmin(); 147 $p_style .= ' global'; 148 } 149 150 $item = '<p class="'.$p_style.'"><label class="classic" for="word-'.$rs->rule_id.'">'. 151 form::checkbox(array('swd[]', 'word-'.$rs->rule_id),$rs->rule_id,false,'','',$disabled_word).' '. 152 html::escapeHTML($rs->rule_content). 153 '</label></p>'; 154 155 if ($rs->blog_id) { 156 // local list 157 if ($res_local == '') { 158 $res_local = '<h4>'.__('Local words (used only for this blog)').'</h4>'; 159 } 160 $res_local .= $item; 161 } else { 162 // global list 163 if ($res_global == '') { 164 $res_global = '<h4>'.__('Global words (used for all blogs)').'</h4>'; 165 } 166 $res_global .= $item; 167 } 168 } 169 $res .= '<div class="local">'.$res_local.'</div>'; 170 $res .= '<div class="global">'.$res_global.'</div>'; 171 172 $res .= 173 '</div>'. 174 '<p>'.form::hidden(array('spamwords'),1). 175 $core->formNonce(). 176 '<input class="submit delete" type="submit" value="' . __('Delete selected words') . '"/></p>'. 177 '</form>'; 178 } 179 180 if ($core->auth->isSuperAdmin()) 181 { 182 $res .= 183 '<form action="'.html::escapeURL($url).'" method="post">'. 184 '<p><input type="submit" value="'.__('Create default wordlist').'" />'. 185 form::hidden(array('spamwords'),1). 186 form::hidden(array('createlist'),1). 187 $core->formNonce().'</p>'. 188 '</form>'; 189 } 190 191 return $res; 192 } 193 194 private function getRules() 195 { 196 $strReq = 'SELECT rule_id, blog_id, rule_content '. 197 'FROM '.$this->table.' '. 198 "WHERE rule_type = 'word' ". 199 "AND ( blog_id = '".$this->con->escape($this->core->blog->id)."' ". 200 "OR blog_id IS NULL ) ". 201 'ORDER BY blog_id ASC, rule_content ASC '; 202 203 return $this->con->select($strReq); 204 } 205 206 private function addRule($content,$general=false) 207 { 208 $strReq = 'SELECT rule_id FROM '.$this->table.' '. 209 "WHERE rule_type = 'word' ". 210 "AND rule_content = '".$this->con->escape($content)."' "; 211 if (!$general) { 212 $strReq .= ' AND blog_id = \''.$this->core->blog->id.'\''; 213 } 214 $rs = $this->con->select($strReq); 215 216 if (!$rs->isEmpty() && !$general) { 217 throw new Exception(__('This word exists')); 218 } 219 220 $cur = $this->con->openCursor($this->table); 221 $cur->rule_type = 'word'; 222 $cur->rule_content = (string) $content; 223 224 if ($general && $this->core->auth->isSuperAdmin()) { 225 $cur->blog_id = null; 226 } else { 227 $cur->blog_id = $this->core->blog->id; 228 } 229 230 if (!$rs->isEmpty() && $general) { 231 $cur->update('WHERE rule_id = '.$rs->rule_id); 232 } else { 233 $rs_max = $this->con->select('SELECT MAX(rule_id) FROM '.$this->table); 234 $cur->rule_id = (integer) $rs_max->f(0) + 1; 235 $cur->insert(); 236 } 237 } 238 239 private function removeRule($ids) 240 { 241 $strReq = 'DELETE FROM '.$this->table.' '; 242 243 if (is_array($ids)) { 244 foreach ($ids as &$v) { 245 $v = (integer) $v; 246 } 247 $strReq .= 'WHERE rule_id IN ('.implode(',',$ids).') '; 248 } else { 249 $ids = (integer) $ids; 250 $strReq .= 'WHERE rule_id = '.$ids.' '; 251 } 252 253 if (!$this->core->auth->isSuperAdmin()) { 254 $strReq .= "AND blog_id = '".$this->con->escape($this->core->blog->id)."' "; 255 } 256 257 $this->con->execute($strReq); 258 } 259 260 public function defaultWordsList() 261 { 262 $words = array( 263 '/-credit(\s+|$)/', 264 '/-digest(\s+|$)/', 265 '/-loan(\s+|$)/', 266 '/-online(\s+|$)/', 267 '4u', 268 'adipex', 269 'advicer', 270 'ambien', 271 'baccarat', 272 'baccarrat', 273 'blackjack', 274 'bllogspot', 275 'bolobomb', 276 'booker', 277 'byob', 278 'car-rental-e-site', 279 'car-rentals-e-site', 280 'carisoprodol', 281 'cash', 282 'casino', 283 'casinos', 284 'chatroom', 285 'cialis', 286 'craps', 287 'credit-card', 288 'credit-report-4u', 289 'cwas', 290 'cyclen', 291 'cyclobenzaprine', 292 'dating-e-site', 293 'day-trading', 294 'debt', 295 'digest-', 296 'discount', 297 'discreetordering', 298 'duty-free', 299 'dutyfree', 300 'estate', 301 'favourits', 302 'fioricet', 303 'flowers-leading-site', 304 'freenet', 305 'freenet-shopping', 306 'gambling', 307 'gamias', 308 'health-insurancedeals-4u', 309 'holdem', 310 'holdempoker', 311 'holdemsoftware', 312 'holdemtexasturbowilson', 313 'hotel-dealse-site', 314 'hotele-site', 315 'hotelse-site', 316 'incest', 317 'insurance-quotesdeals-4u', 318 'insurancedeals-4u', 319 'jrcreations', 320 'levitra', 321 'macinstruct', 322 'mortgage', 323 'online-gambling', 324 'onlinegambling-4u', 325 'ottawavalleyag', 326 'ownsthis', 327 'palm-texas-holdem-game', 328 'paxil', 329 'pharmacy', 330 'phentermine', 331 'pills', 332 'poker', 333 'poker-chip', 334 'poze', 335 'prescription', 336 'rarehomes', 337 'refund', 338 'rental-car-e-site', 339 'roulette', 340 'shemale', 341 'slot', 342 'slot-machine', 343 'soma', 344 'taboo', 345 'tamiflu', 346 'texas-holdem', 347 'thorcarlson', 348 'top-e-site', 349 'top-site', 350 'tramadol', 351 'trim-spa', 352 'ultram', 353 'v1h', 354 'vacuum', 355 'valeofglamorganconservatives', 356 'viagra', 357 'vicodin', 358 'vioxx', 359 'xanax', 360 'zolus' 361 ); 362 363 foreach ($words as $w) { 364 try { 365 $this->addRule($w,true); 366 } catch (Exception $e) {} 367 } 368 } 16 public $has_gui = true; 17 public $name = 'Bad Words'; 18 public $help = 'words-filter'; 19 20 private $con; 21 private $table; 22 23 public function __construct($core) 24 { 25 parent::__construct($core); 26 $this->con = &$core->con; 27 $this->table = $core->prefix . 'spamrule'; 28 } 29 30 protected function setInfo() 31 { 32 $this->description = __('Words Blacklist'); 33 } 34 35 public function getStatusMessage($status, $comment_id) 36 { 37 return sprintf(__('Filtered by %1$s with word %2$s.'), $this->guiLink(), '<em>' . $status . '</em>'); 38 } 39 40 public function isSpam($type, $author, $email, $site, $ip, $content, $post_id, &$status) 41 { 42 $str = $author . ' ' . $email . ' ' . $site . ' ' . $content; 43 44 $rs = $this->getRules(); 45 46 while ($rs->fetch()) { 47 $word = $rs->rule_content; 48 49 if (substr($word, 0, 1) == '/' && substr($word, -1, 1) == '/') { 50 $reg = substr(substr($word, 1), 0, -1); 51 } else { 52 $reg = preg_quote($word, '/'); 53 $reg = '(^|\s+|>|<)' . $reg . '(>|<|\s+|\.|$)'; 54 } 55 56 if (preg_match('/' . $reg . '/msiu', $str)) { 57 $status = $word; 58 return true; 59 } 60 } 61 } 62 63 public function gui($url) 64 { 65 $core = &$this->core; 66 67 # Create list 68 if (!empty($_POST['createlist'])) { 69 try { 70 $this->defaultWordsList(); 71 dcPage::addSuccessNotice(__('Words have been successfully added.')); 72 http::redirect($url); 73 } catch (Exception $e) { 74 $core->error->add($e->getMessage()); 75 } 76 } 77 78 # Adding a word 79 if (!empty($_POST['swa'])) { 80 $globalsw = !empty($_POST['globalsw']) && $core->auth->isSuperAdmin(); 81 82 try { 83 $this->addRule($_POST['swa'], $globalsw); 84 dcPage::addSuccessNotice(__('Word has been successfully added.')); 85 http::redirect($url); 86 } catch (Exception $e) { 87 $core->error->add($e->getMessage()); 88 } 89 } 90 91 # Removing spamwords 92 if (!empty($_POST['swd']) && is_array($_POST['swd'])) { 93 try { 94 $this->removeRule($_POST['swd']); 95 dcPage::addSuccessNotice(__('Words have been successfully removed.')); 96 http::redirect($url); 97 } catch (Exception $e) { 98 $core->error->add($e->getMessage()); 99 } 100 } 101 102 /* DISPLAY 103 ---------------------------------------------- */ 104 $res = dcPage::notices(); 105 106 $res .= 107 '<form action="' . html::escapeURL($url) . '" method="post" class="fieldset">' . 108 '<p><label class="classic" for="swa">' . __('Add a word ') . '</label> ' . form::field('swa', 20, 128); 109 110 if ($core->auth->isSuperAdmin()) { 111 $res .= '<label class="classic" for="globalsw">' . form::checkbox('globalsw', 1) . 112 __('Global word (used for all blogs)') . '</label> '; 113 } 114 115 $res .= 116 $core->formNonce() . 117 '</p>' . 118 '<p><input type="submit" value="' . __('Add') . '"/></p>' . 119 '</form>'; 120 121 $rs = $this->getRules(); 122 if ($rs->isEmpty()) { 123 $res .= '<p><strong>' . __('No word in list.') . '</strong></p>'; 124 } else { 125 $res .= 126 '<form action="' . html::escapeURL($url) . '" method="post" class="fieldset">' . 127 '<h3>' . __('List of bad words') . '</h3>' . 128 '<div class="antispam">'; 129 130 $res_global = ''; 131 $res_local = ''; 132 while ($rs->fetch()) { 133 $disabled_word = false; 134 135 $p_style = ''; 136 137 if (!$rs->blog_id) { 138 $disabled_word = !$core->auth->isSuperAdmin(); 139 $p_style .= ' global'; 140 } 141 142 $item = '<p class="' . $p_style . '"><label class="classic" for="word-' . $rs->rule_id . '">' . 143 form::checkbox(array('swd[]', 'word-' . $rs->rule_id), $rs->rule_id, 144 array( 145 'disabled' => $disabled_word 146 ) 147 ) . ' ' . 148 html::escapeHTML($rs->rule_content) . 149 '</label></p>'; 150 151 if ($rs->blog_id) { 152 // local list 153 if ($res_local == '') { 154 $res_local = '<h4>' . __('Local words (used only for this blog)') . '</h4>'; 155 } 156 $res_local .= $item; 157 } else { 158 // global list 159 if ($res_global == '') { 160 $res_global = '<h4>' . __('Global words (used for all blogs)') . '</h4>'; 161 } 162 $res_global .= $item; 163 } 164 } 165 $res .= '<div class="local">' . $res_local . '</div>'; 166 $res .= '<div class="global">' . $res_global . '</div>'; 167 168 $res .= 169 '</div>' . 170 '<p>' . form::hidden(array('spamwords'), 1) . 171 $core->formNonce() . 172 '<input class="submit delete" type="submit" value="' . __('Delete selected words') . '"/></p>' . 173 '</form>'; 174 } 175 176 if ($core->auth->isSuperAdmin()) { 177 $res .= 178 '<form action="' . html::escapeURL($url) . '" method="post">' . 179 '<p><input type="submit" value="' . __('Create default wordlist') . '" />' . 180 form::hidden(array('spamwords'), 1) . 181 form::hidden(array('createlist'), 1) . 182 $core->formNonce() . '</p>' . 183 '</form>'; 184 } 185 186 return $res; 187 } 188 189 private function getRules() 190 { 191 $strReq = 'SELECT rule_id, blog_id, rule_content ' . 192 'FROM ' . $this->table . ' ' . 193 "WHERE rule_type = 'word' " . 194 "AND ( blog_id = '" . $this->con->escape($this->core->blog->id) . "' " . 195 "OR blog_id IS NULL ) " . 196 'ORDER BY blog_id ASC, rule_content ASC '; 197 198 return $this->con->select($strReq); 199 } 200 201 private function addRule($content, $general = false) 202 { 203 $strReq = 'SELECT rule_id FROM ' . $this->table . ' ' . 204 "WHERE rule_type = 'word' " . 205 "AND rule_content = '" . $this->con->escape($content) . "' "; 206 if (!$general) { 207 $strReq .= ' AND blog_id = \'' . $this->core->blog->id . '\''; 208 } 209 $rs = $this->con->select($strReq); 210 211 if (!$rs->isEmpty() && !$general) { 212 throw new Exception(__('This word exists')); 213 } 214 215 $cur = $this->con->openCursor($this->table); 216 $cur->rule_type = 'word'; 217 $cur->rule_content = (string) $content; 218 219 if ($general && $this->core->auth->isSuperAdmin()) { 220 $cur->blog_id = null; 221 } else { 222 $cur->blog_id = $this->core->blog->id; 223 } 224 225 if (!$rs->isEmpty() && $general) { 226 $cur->update('WHERE rule_id = ' . $rs->rule_id); 227 } else { 228 $rs_max = $this->con->select('SELECT MAX(rule_id) FROM ' . $this->table); 229 $cur->rule_id = (integer) $rs_max->f(0) + 1; 230 $cur->insert(); 231 } 232 } 233 234 private function removeRule($ids) 235 { 236 $strReq = 'DELETE FROM ' . $this->table . ' '; 237 238 if (is_array($ids)) { 239 foreach ($ids as &$v) { 240 $v = (integer) $v; 241 } 242 $strReq .= 'WHERE rule_id IN (' . implode(',', $ids) . ') '; 243 } else { 244 $ids = (integer) $ids; 245 $strReq .= 'WHERE rule_id = ' . $ids . ' '; 246 } 247 248 if (!$this->core->auth->isSuperAdmin()) { 249 $strReq .= "AND blog_id = '" . $this->con->escape($this->core->blog->id) . "' "; 250 } 251 252 $this->con->execute($strReq); 253 } 254 255 public function defaultWordsList() 256 { 257 $words = array( 258 '/-credit(\s+|$)/', 259 '/-digest(\s+|$)/', 260 '/-loan(\s+|$)/', 261 '/-online(\s+|$)/', 262 '4u', 263 'adipex', 264 'advicer', 265 'ambien', 266 'baccarat', 267 'baccarrat', 268 'blackjack', 269 'bllogspot', 270 'bolobomb', 271 'booker', 272 'byob', 273 'car-rental-e-site', 274 'car-rentals-e-site', 275 'carisoprodol', 276 'cash', 277 'casino', 278 'casinos', 279 'chatroom', 280 'cialis', 281 'craps', 282 'credit-card', 283 'credit-report-4u', 284 'cwas', 285 'cyclen', 286 'cyclobenzaprine', 287 'dating-e-site', 288 'day-trading', 289 'debt', 290 'digest-', 291 'discount', 292 'discreetordering', 293 'duty-free', 294 'dutyfree', 295 'estate', 296 'favourits', 297 'fioricet', 298 'flowers-leading-site', 299 'freenet', 300 'freenet-shopping', 301 'gambling', 302 'gamias', 303 'health-insurancedeals-4u', 304 'holdem', 305 'holdempoker', 306 'holdemsoftware', 307 'holdemtexasturbowilson', 308 'hotel-dealse-site', 309 'hotele-site', 310 'hotelse-site', 311 'incest', 312 'insurance-quotesdeals-4u', 313 'insurancedeals-4u', 314 'jrcreations', 315 'levitra', 316 'macinstruct', 317 'mortgage', 318 'online-gambling', 319 'onlinegambling-4u', 320 'ottawavalleyag', 321 'ownsthis', 322 'palm-texas-holdem-game', 323 'paxil', 324 'pharmacy', 325 'phentermine', 326 'pills', 327 'poker', 328 'poker-chip', 329 'poze', 330 'prescription', 331 'rarehomes', 332 'refund', 333 'rental-car-e-site', 334 'roulette', 335 'shemale', 336 'slot', 337 'slot-machine', 338 'soma', 339 'taboo', 340 'tamiflu', 341 'texas-holdem', 342 'thorcarlson', 343 'top-e-site', 344 'top-site', 345 'tramadol', 346 'trim-spa', 347 'ultram', 348 'v1h', 349 'vacuum', 350 'valeofglamorganconservatives', 351 'viagra', 352 'vicodin', 353 'vioxx', 354 'xanax', 355 'zolus' 356 ); 357 358 foreach ($words as $w) { 359 try { 360 $this->addRule($w, true); 361 } catch (Exception $e) {} 362 } 363 } 369 364 }
Note: See TracChangeset
for help on using the changeset viewer.