MDL-18223 XHTML strrrict
[moodle.git] / admin / report / spamcleaner / index.php
CommitLineData
2e3f66d7 1<?php
2
3/**
4 * Spam Cleaner
5 *
6 * Helps an admin to clean up spam in Moodle
7 *
8 * @version $Id$
9 * @authors Dongsheng Cai, Martin Dougiamas, Amr Hourani
10 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
11 */
12
13// Configuration
14
15// List of known spammy keywords, please add more here
16
17$autokeywords = array(
18 "<img",
19 "fuck",
20 "casino",
21 "porn",
22 "xxx",
23 "cialis",
24 "viagra",
25 "poker",
26 "warcraft"
27 );
28
29
30/////////////////////////////////////////////////////////////////////////////////
31
32require_once('../../../config.php');
33require_once($CFG->libdir.'/adminlib.php');
34
35require_js(array('yui_dom-event', 'yui_connection', 'yui_json'));
36
37$keyword = optional_param('keyword', '', PARAM_RAW);
38$autodetect = optional_param('autodetect', '', PARAM_RAW);
39$del = optional_param('del', '', PARAM_RAW);
40$delall = optional_param('delall', '', PARAM_RAW);
41$ignore = optional_param('ignore', '', PARAM_RAW);
42$reset = optional_param('reset', '', PARAM_RAW);
43$id = optional_param('id', '', PARAM_INT);
44
45require_login();
46admin_externalpage_setup('reportspamcleaner');
47
48// Implement some AJAX calls
49
50// Delete one user
51if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
52 if (isset($SESSION->users_result[$id])) {
53 $user = $SESSION->users_result[$id];
54 if (delete_user($user)) {
55 unset($SESSION->users_result[$id]);
56 echo json_encode(true);
57 } else {
58 echo json_encode(false);
59 }
60 } else {
61 echo json_encode(false);
62 }
63 exit;
64}
65
66// Delete lots of users
67if (!empty($delall) && confirm_sesskey()) {
68 if (!empty($SESSION->users_result)) {
69 foreach ($SESSION->users_result as $userid => $user) {
70 if ($userid != $USER->id) {
71 if (delete_user($user)) {
72 unset($SESSION->users_result[$userid]);
73 }
74 }
75 }
76 }
77 echo json_encode(true);
78 exit;
79}
80
81if (!empty($ignore)) {
82 unset($SESSION->users_result[$id]);
83 echo json_encode(true);
84 exit;
85}
86
87
88admin_externalpage_print_header();
89
90// Print headers and things
91
92print_spamcleaner_javascript();
93
94print_box(get_string('spamcleanerintro', 'report_spamcleaner'));
95
96print_box_start(); // The forms section at the top
97
98?>
99
100<div class="mdl-align">
101
6acb6a3d 102<form method="post" action="index.php">
103 <div>
2e3f66d7 104 <input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
105 <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
106 <input type="submit" value="<?php echo get_string('spamsearch', 'report_spamcleaner')?>" />
6acb6a3d 107 </div>
2e3f66d7 108</form>
109<p><?php echo get_string('spameg', 'report_spamcleaner');?></p>
110
111<hr />
112
6acb6a3d 113<form method="post" action="index.php">
114 <div>
2e3f66d7 115 <input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'report_spamcleaner');?>" />
6acb6a3d 116 </div>
2e3f66d7 117</form>
118
119
120</div>
121
122<?php
123print_box_end();
124
125echo '<div id="result" class="mdl-align">';
126
127// Print list of resulting profiles
128
129if (!empty($keyword)) { // Use the keyword(s) supplied by the user
130 $keywords = explode(',', $keyword);
131 foreach ($keywords as $key => $keyword) {
132 $keywords[$key] = trim($keyword);
133 }
134 search_spammers($keywords);
135
136} else if (!empty($autodetect)) { // Use the inbuilt keyword list to detect users
137 search_spammers($autokeywords);
138}
139
140echo '</div>';
141
142/////////////////////////////////////////////////////////////////////////////////
143
144
145/// Functions
146
147
148function search_spammers($keywords) {
149
150 global $CFG, $USER, $DB;
151
152 if (!is_array($keywords)) {
153 $keywords = array($keywords); // Make it into an array
154 }
155
156 $like = $DB->sql_ilike();
157
158 $keywordfull = array();
159 foreach ($keywords as $keyword) {
160 $keyword = addslashes($keyword); // Just to be safe
161 $keywordfull[] = " description $like '%$keyword%' ";
162 $keywordfull2[] = " p.summary $like '%$keyword%' ";
163 }
164 $conditions = '( '.implode(' OR ', $keywordfull).' )';
165 $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
166
167 $sql = "SELECT * FROM {user} WHERE deleted = 0 AND id <> {$USER->id} AND $conditions"; // Exclude oneself
168 $sql2= "SELECT u.*, p.summary FROM {user} AS u, {post} AS p WHERE $conditions2 AND u.deleted = 0 AND u.id=p.userid AND u.id <> {$USER->id}";
169 $spamusers_desc = $DB->get_recordset_sql($sql);
170 $spamusers_blog = $DB->get_recordset_sql($sql2);
171
172 $keywordlist = implode(', ', $keywords);
173 print_box(get_string('spamresult', 'report_spamcleaner').s($keywordlist)).' ...';
174
175 print_user_list(array($spamusers_desc, $spamusers_blog), $keywords);
176
177}
178
179
180
181function print_user_list($users_rs, $keywords) {
182 global $CFG, $SESSION;
183
184 // reset session everytime this function is called
185 $SESSION->users_result = array();
186 $count = 0;
187
188 foreach ($users_rs as $rs){
189 foreach ($rs as $user) {
190 if (!$count) {
191 echo '<table border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'report_spamcleaner').'</th><th>'.get_string('spamoperation', 'report_spamcleaner').'</th></tr>';
192 }
193 $count++;
194 filter_user($user, $keywords, $count);
195 }
196 }
197
198 if (!$count) {
199 echo get_string('spamcannotfinduser', 'report_spamcleaner');
200
201 } else {
202 echo '</table>';
203 echo '<div class="mld-align">
204 <button id="removeall_btn">'.get_string('spamdeleteall', 'report_spamcleaner').'</button>
205 </div>';
206 }
207}
208function filter_user($user, $keywords, $count) {
209 global $CFG;
210 $image_search = false;
211 if (in_array('<img', $keywords)) {
212 $image_search = true;
213 }
214 if (isset($user->summary)) {
215 $user->description = '<h3>'.get_string('spamfromblog', 'report_spamcleaner').'</h3>'.$user->summary;
216 unset($user->summary);
217 }
218 if (preg_match('#<img.*src=[\"\']('.$CFG->pixpath.')#', $user->description, $matches)
219 && $image_search) {
220 $result = false;
221 foreach ($keywords as $keyword) {
222 if (preg_match('#'.$keyword.'#', $user->description)
223 && ($keyword != '<img')) {
224 $result = true;
225 }
226 }
227 if ($result) {
228 echo print_user_entry($user, $keywords, $count);
229 } else {
230 unset($user);
231 }
232 } else {
233 echo print_user_entry($user, $keywords, $count);
234 }
235}
236
237
238function print_user_entry($user, $keywords, $count) {
239
240 global $SESSION, $CFG;
241
242 $smalluserobject = new object; // All we need to delete them later
243 $smalluserobject->id = $user->id;
244 $smalluserobject->email = $user->email;
245 $smalluserobject->auth = $user->auth;
246 $smalluserobject->firstname = $user->firstname;
247 $smalluserobject->lastname = $user->lastname;
248
249 if (empty($SESSION->users_result[$user->id])) {
250 $SESSION->users_result[$user->id] = $smalluserobject;
251 $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
252 $html .= '<td width="10">'.$count.'</td>';
209c122b 253 $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
2e3f66d7 254
255 $html .= "<ul>";
256 $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
257 foreach ($profile_set as $key=>$value) {
258 if (isset($user->$key)){
259 $html .= '<li>'.$user->$key.'</li>';
260 }
261 }
262 $html .= "</ul>";
263 $html .= '</td>';
264
265 foreach ($keywords as $keyword) {
266 $user->description = format_text(highlight($keyword, $user->description), FORMAT_MOODLE);
267 }
268
269 $html .= '<td align="left">'.$user->description.'</td>';
270 $html .= '<td width="100px" align="center">';
271 $html .= '<button onclick="del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
272 $html .= '<button onclick="ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
273 $html .= '</td>';
274 $html .= '</tr>';
275 return $html;
276 } else {
277 return null;
278 }
279
280
281}
282
283function print_spamcleaner_javascript() {
284
285$sesskey = sesskey();
286
287?>
288
289<script type="text/javascript">
6acb6a3d 290//<![CDATA[
2e3f66d7 291var row = null;
292var delall_cb = {
293 success: function(o){
294 try {
295 var resp = YAHOO.lang.JSON.parse(o.responseText);
296 } catch(e) {
297 alert('<?php echo get_string('spaminvalidresult', 'report_spamcleaner');?>');
298 return;
299 }
300 if(resp == true){
301 window.location.href=window.location.href;
302 }
303 }
304}
305function init() {
306 YAHOO.util.Event.addListener("removeall_btn", "click", function(){
307 var yes = confirm('<?php echo get_string('spamdeleteallconfirm', 'report_spamcleaner');?>');
308 if(yes){
309 var cObj = YAHOO.util.Connect.asyncRequest('POST', '<?php echo me();?>?delall=yes&sesskey=<?php echo $sesskey;?>', delall_cb);
310 }
311 });
312}
313var del_cb = {
314 success: function(o) {
315 try {
316 var resp = YAHOO.lang.JSON.parse(o.responseText);
317 } catch(e) {
318 alert('<?php echo get_string('spaminvalidresult', 'report_spamcleaner');?>');
319 return;
320 }
321 if(row) {
322 if(resp == true){
323 while(row.tagName != 'TR') {
324 row = row.parentNode;
325 }
326 row.parentNode.removeChild(row);
327 row = null;
328 } else {
329 alert('<?php echo get_string('spamcannotdelete', 'report_spamcleaner');?>');
330 }
331 }
332 }
333}
334var ignore_cb = {
335 success: function(o){
336 try {
337 var resp = YAHOO.lang.JSON.parse(o.responseText);
338 } catch(e) {
339 alert('<?php echo get_string('spaminvalidresult', 'report_spamcleaner');?>');
340 return;
341 }
342 if(row) {
343 if(resp == true){
344 while(row.tagName != 'TR') {
345 row = row.parentNode;
346 }
347 row.parentNode.removeChild(row);
348 row = null;
349 }
350 }
351 }
352}
353function del_user(obj, id) {
354 var yes = confirm('<?php echo get_string('spamdeleteconfirm', 'report_spamcleaner');?>');
355 if(yes){
356 row = obj;
357 var cObj = YAHOO.util.Connect.asyncRequest('POST', '<?php echo me();?>?del=yes&sesskey=<?php echo $sesskey;?>&id='+id, del_cb);
358 }
359}
360function ignore_user(obj, id) {
361 row = obj;
362 var cObj = YAHOO.util.Connect.asyncRequest('POST', '<?php echo me();?>?ignore=yes&sesskey=<?php echo $sesskey;?>&id='+id, ignore_cb);
363}
364YAHOO.util.Event.onDOMReady(init);
6acb6a3d 365//]]>
2e3f66d7 366</script>
367
368<?php
369}
370
371admin_externalpage_print_footer();
372
373?>