[moodle.git] / admin / report / spamcleaner / index.php

<?php

/**
 * Spam Cleaner
 *
 * Helps an admin to clean up spam in Moodle
 *
 * @authors Dongsheng Cai, Martin Dougiamas, Amr Hourani
 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
 */

// List of known spammy keywords, please add more here

/////////////////////////////////////////////////////////////////////////////////

require_once('../../../config.php');
require_once($CFG->libdir.'/adminlib.php');


// Configuration

$autokeywords = array(
                    "<img",
                    "fuck",
                    "casino",
                    "porn",
                    "xxx",
                    "cialis",
                    "viagra",
                    "poker",
                    "warcraft"
                );

$keyword = optional_param('keyword', '', PARAM_RAW);
$autodetect = optional_param('autodetect', '', PARAM_RAW);
$del = optional_param('del', '', PARAM_RAW);
$delall = optional_param('delall', '', PARAM_RAW);
$ignore = optional_param('ignore', '', PARAM_RAW);
$reset = optional_param('reset', '', PARAM_RAW);
$id = optional_param('id', '', PARAM_INT);

require_login();
admin_externalpage_setup('reportspamcleaner');

// Delete one user
if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
    if (isset($SESSION->users_result[$id])) {
        $user = $SESSION->users_result[$id];
        if (delete_user($user)) {
            unset($SESSION->users_result[$id]);
            echo json_encode(true);
        } else {
            echo json_encode(false);
        }
    } else {
        echo json_encode(false);
    }
    exit;
}

// Delete lots of users
if (!empty($delall) && confirm_sesskey()) {
    if (!empty($SESSION->users_result)) {
        foreach ($SESSION->users_result as $userid => $user) {
            if ($userid != $USER->id) {
                if (delete_user($user)) {
                    unset($SESSION->users_result[$userid]);
                }
            }
        }
    }
    echo json_encode(true);
    exit;
}

if (!empty($ignore)) {
    unset($SESSION->users_result[$id]);
    echo json_encode(true);
    exit;
}

$PAGE->requires->js_init_call('M.report_spamcleaner.init', array(me()), true);
$strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
$PAGE->requires->strings_for_js($strings, 'report_spamcleaner');

echo $OUTPUT->header();

// Print headers and things
echo $OUTPUT->box(get_string('spamcleanerintro', 'report_spamcleaner'));

echo $OUTPUT->box_start();     // The forms section at the top

?>

<div class="mdl-align">

<form method="post" action="index.php">
  <div>
    <input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
    <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
    <input type="submit" value="<?php echo get_string('spamsearch', 'report_spamcleaner')?>" />
  </div>
</form>
<p><?php echo get_string('spameg', 'report_spamcleaner');?></p>

<hr />

<form method="post"  action="index.php">
  <div>
    <input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'report_spamcleaner');?>" />
  </div>
</form>


</div>

<?php
echo $OUTPUT->box_end();

echo '<div id="result" class="mdl-align">';

// Print list of resulting profiles

if (!empty($keyword)) {               // Use the keyword(s) supplied by the user
    $keywords = explode(',', $keyword);
    foreach ($keywords as $key => $keyword) {
        $keywords[$key] = trim($keyword);
    }
    search_spammers($keywords);

} else if (!empty($autodetect)) {     // Use the inbuilt keyword list to detect users
    search_spammers($autokeywords);
}

echo '</div>';

/////////////////////////////////////////////////////////////////////////////////


///  Functions


function search_spammers($keywords) {

    global $CFG, $USER, $DB, $OUTPUT;

    if (!is_array($keywords)) {
        $keywords = array($keywords);    // Make it into an array
    }

     $like = $DB->sql_ilike();

    $keywordfull = array();
    foreach ($keywords as $keyword) {
        $keyword = addslashes($keyword);   // Just to be safe
        $keywordfull[] = " description $like '%$keyword%' ";
        $keywordfull2[] = " p.summary $like '%$keyword%' ";
    }
    $conditions = '( '.implode(' OR ', $keywordfull).' )';
    $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';

    $sql = "SELECT * FROM {user} WHERE deleted = 0 AND id <> {$USER->id} AND $conditions";  // Exclude oneself
    $sql2= "SELECT u.*, p.summary FROM {user} AS u, {post} AS p WHERE $conditions2 AND u.deleted = 0 AND u.id=p.userid AND u.id <> {$USER->id}";
    $spamusers_desc = $DB->get_recordset_sql($sql);
    $spamusers_blog = $DB->get_recordset_sql($sql2);

    $keywordlist = implode(', ', $keywords);
    echo $OUTPUT->box(get_string('spamresult', 'report_spamcleaner').s($keywordlist)).' ...';

    print_user_list(array($spamusers_desc, $spamusers_blog), $keywords);

}


function print_user_list($users_rs, $keywords) {
    global $CFG, $SESSION;

    // reset session everytime this function is called
    $SESSION->users_result = array();
    $count = 0;

    foreach ($users_rs as $rs){
        foreach ($rs as $user) {
            if (!$count) {
                echo '<table border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'report_spamcleaner').'</th><th>'.get_string('spamoperation', 'report_spamcleaner').'</th></tr>';
            }
            $count++;
            filter_user($user, $keywords, $count);
        }
    }

    if (!$count) {
        echo get_string('spamcannotfinduser', 'report_spamcleaner');

    } else {
        echo '</table>';
        echo '<div class="mld-align">
              <button id="removeall_btn">'.get_string('spamdeleteall', 'report_spamcleaner').'</button>
              </div>';
    }
}
function filter_user($user, $keywords, $count) {
    global $CFG;
    $image_search = false;
    if (in_array('<img', $keywords)) {
        $image_search = true;
    }
    if (isset($user->summary)) {
        $user->description = '<h3>'.get_string('spamfromblog', 'report_spamcleaner').'</h3>'.$user->summary;
        unset($user->summary);
    }
    if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
        && $image_search) {
        $result = false;
        foreach ($keywords as $keyword) {
            if (preg_match('#'.$keyword.'#', $user->description)
                && ($keyword != '<img')) {
                $result = true;
            }
        }
        if ($result) {
            echo print_user_entry($user, $keywords, $count);
        } else {
            unset($user);
        }
    } else {
        echo print_user_entry($user, $keywords, $count);
    }
}


function print_user_entry($user, $keywords, $count) {

    global $SESSION, $CFG;

    $smalluserobject = new object;      // All we need to delete them later
    $smalluserobject->id = $user->id;
    $smalluserobject->email = $user->email;
    $smalluserobject->auth = $user->auth;
    $smalluserobject->firstname = $user->firstname;
    $smalluserobject->lastname = $user->lastname;
    $smalluserobject->username = $user->username;

    if (empty($SESSION->users_result[$user->id])) {
        $SESSION->users_result[$user->id] = $smalluserobject;
        $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
        $html .= '<td width="10">'.$count.'</td>';
        $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';

        $html .= "<ul>";
        $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
        foreach ($profile_set as $key=>$value) {
            if (isset($user->$key)){
                $html .= '<li>'.$user->$key.'</li>';
            }
        }
        $html .= "</ul>";
        $html .= '</td>';

        foreach ($keywords as $keyword) {
            $user->description = highlight($keyword, $user->description);
        }

        if (!isset($user->descriptionformat)) {
            $user->descriptionformat = FORMAT_MOODLE;
        }

        $html .= '<td align="left">'.format_text($user->description, $user->descriptionformat).'</td>';
        $html .= '<td width="100px" align="center">';
        $html .= '<button onclick="M.report_spamcleaner.del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
        $html .= '<button onclick="M.report_spamcleaner.ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
        $html .= '</td>';
        $html .= '</tr>';
        return $html;
    } else {
        return null;
    }


}

echo $OUTPUT->footer();
Commit	Line	Data
2e3f66d7	1	<?php
	2
	3	/**
	4	* Spam Cleaner
	5	*
	6	* Helps an admin to clean up spam in Moodle
	7	*
2e3f66d7	8	* @authors Dongsheng Cai, Martin Dougiamas, Amr Hourani
	9	* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
	10	*/
	11
2e3f66d7	12	// List of known spammy keywords, please add more here
2e3f66d7	13
9edea336 PS	14	/////////////////////////////////////////////////////////////////////////////////
	15
	16	require_once('../../../config.php');
	17	require_once($CFG->libdir.'/adminlib.php');
	18
	19
	20	// Configuration
	21
2e3f66d7	22	$autokeywords = array(
	23	"<img",
	24	"fuck",
	25	"casino",
	26	"porn",
	27	"xxx",
	28	"cialis",
	29	"viagra",
	30	"poker",
	31	"warcraft"
	32	);
	33
2e3f66d7	34	$keyword = optional_param('keyword', '', PARAM_RAW);
	35	$autodetect = optional_param('autodetect', '', PARAM_RAW);
	36	$del = optional_param('del', '', PARAM_RAW);
	37	$delall = optional_param('delall', '', PARAM_RAW);
	38	$ignore = optional_param('ignore', '', PARAM_RAW);
	39	$reset = optional_param('reset', '', PARAM_RAW);
	40	$id = optional_param('id', '', PARAM_INT);
	41
	42	require_login();
	43	admin_externalpage_setup('reportspamcleaner');
2e3f66d7	44
	45	// Delete one user
	46	if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
	47	if (isset($SESSION->users_result[$id])) {
	48	$user = $SESSION->users_result[$id];
	49	if (delete_user($user)) {
	50	unset($SESSION->users_result[$id]);
	51	echo json_encode(true);
	52	} else {
	53	echo json_encode(false);
	54	}
	55	} else {
	56	echo json_encode(false);
	57	}
	58	exit;
	59	}
	60
	61	// Delete lots of users
	62	if (!empty($delall) && confirm_sesskey()) {
	63	if (!empty($SESSION->users_result)) {
	64	foreach ($SESSION->users_result as $userid => $user) {
	65	if ($userid != $USER->id) {
	66	if (delete_user($user)) {
	67	unset($SESSION->users_result[$userid]);
	68	}
	69	}
	70	}
	71	}
	72	echo json_encode(true);
	73	exit;
	74	}
	75
	76	if (!empty($ignore)) {
	77	unset($SESSION->users_result[$id]);
	78	echo json_encode(true);
	79	exit;
	80	}
	81
2b8c3f8c	82	$PAGE->requires->js_init_call('M.report_spamcleaner.init', array(me()), true);
9edea336 PS	83	$strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
9edea336 PS	84	$PAGE->requires->strings_for_js($strings, 'report_spamcleaner');
2e3f66d7	85
61ef8f9f	86	echo $OUTPUT->header();
2e3f66d7	87
2e3f66d7	88	// Print headers and things
20486a5a	89	echo $OUTPUT->box(get_string('spamcleanerintro', 'report_spamcleaner'));
2e3f66d7	90
20486a5a	91	echo $OUTPUT->box_start(); // The forms section at the top
2e3f66d7	92
	93	?>
	94
	95	<div class="mdl-align">
	96
6acb6a3d	97	<form method="post" action="index.php">
6acb6a3d	98	<div>
20486a5a	99	<input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
2e3f66d7	100	<input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
2e3f66d7	101	<input type="submit" value="<?php echo get_string('spamsearch', 'report_spamcleaner')?>" />
6acb6a3d	102	</div>
2e3f66d7	103	</form>
	104	<p><?php echo get_string('spameg', 'report_spamcleaner');?></p>
	105
	106	<hr />
	107
6acb6a3d	108	<form method="post" action="index.php">
6acb6a3d	109	<div>
2e3f66d7	110	<input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'report_spamcleaner');?>" />
6acb6a3d	111	</div>
2e3f66d7	112	</form>
	113
	114
	115	</div>
	116
	117	<?php
20486a5a	118	echo $OUTPUT->box_end();
2e3f66d7	119
	120	echo '<div id="result" class="mdl-align">';
	121
	122	// Print list of resulting profiles
	123
	124	if (!empty($keyword)) { // Use the keyword(s) supplied by the user
	125	$keywords = explode(',', $keyword);
	126	foreach ($keywords as $key => $keyword) {
	127	$keywords[$key] = trim($keyword);
	128	}
	129	search_spammers($keywords);
	130
	131	} else if (!empty($autodetect)) { // Use the inbuilt keyword list to detect users
	132	search_spammers($autokeywords);
	133	}
	134
	135	echo '</div>';
	136
	137	/////////////////////////////////////////////////////////////////////////////////
	138
	139
20486a5a	140	/// Functions
2e3f66d7	141
	142
	143	function search_spammers($keywords) {
	144
20486a5a	145	global $CFG, $USER, $DB, $OUTPUT;
2e3f66d7	146
	147	if (!is_array($keywords)) {
	148	$keywords = array($keywords); // Make it into an array
	149	}
	150
	151	$like = $DB->sql_ilike();
	152
	153	$keywordfull = array();
	154	foreach ($keywords as $keyword) {
	155	$keyword = addslashes($keyword); // Just to be safe
	156	$keywordfull[] = " description $like '%$keyword%' ";
	157	$keywordfull2[] = " p.summary $like '%$keyword%' ";
	158	}
	159	$conditions = '( '.implode(' OR ', $keywordfull).' )';
	160	$conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
	161
	162	$sql = "SELECT * FROM {user} WHERE deleted = 0 AND id <> {$USER->id} AND $conditions"; // Exclude oneself
	163	$sql2= "SELECT u.*, p.summary FROM {user} AS u, {post} AS p WHERE $conditions2 AND u.deleted = 0 AND u.id=p.userid AND u.id <> {$USER->id}";
	164	$spamusers_desc = $DB->get_recordset_sql($sql);
	165	$spamusers_blog = $DB->get_recordset_sql($sql2);
	166
	167	$keywordlist = implode(', ', $keywords);
20486a5a	168	echo $OUTPUT->box(get_string('spamresult', 'report_spamcleaner').s($keywordlist)).' ...';
2e3f66d7	169
	170	print_user_list(array($spamusers_desc, $spamusers_blog), $keywords);
	171
	172	}
	173
	174
	175
	176	function print_user_list($users_rs, $keywords) {
	177	global $CFG, $SESSION;
	178
	179	// reset session everytime this function is called
	180	$SESSION->users_result = array();
	181	$count = 0;
	182
	183	foreach ($users_rs as $rs){
	184	foreach ($rs as $user) {
	185	if (!$count) {
	186	echo '<table border="1" width="100%" id="data-grid"><tr><th> </th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'report_spamcleaner').'</th><th>'.get_string('spamoperation', 'report_spamcleaner').'</th></tr>';
	187	}
	188	$count++;
	189	filter_user($user, $keywords, $count);
	190	}
	191	}
	192
	193	if (!$count) {
	194	echo get_string('spamcannotfinduser', 'report_spamcleaner');
	195
	196	} else {
	197	echo '</table>';
	198	echo '<div class="mld-align">
	199	<button id="removeall_btn">'.get_string('spamdeleteall', 'report_spamcleaner').'</button>
	200	</div>';
	201	}
	202	}
	203	function filter_user($user, $keywords, $count) {
	204	global $CFG;
	205	$image_search = false;
	206	if (in_array('<img', $keywords)) {
	207	$image_search = true;
	208	}
	209	if (isset($user->summary)) {
	210	$user->description = '<h3>'.get_string('spamfromblog', 'report_spamcleaner').'</h3>'.$user->summary;
	211	unset($user->summary);
	212	}
5d3b9994	213	if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
2e3f66d7	214	&& $image_search) {
	215	$result = false;
	216	foreach ($keywords as $keyword) {
	217	if (preg_match('#'.$keyword.'#', $user->description)
	218	&& ($keyword != '<img')) {
	219	$result = true;
	220	}
	221	}
	222	if ($result) {
	223	echo print_user_entry($user, $keywords, $count);
	224	} else {
	225	unset($user);
	226	}
	227	} else {
	228	echo print_user_entry($user, $keywords, $count);
	229	}
	230	}
	231
	232
	233	function print_user_entry($user, $keywords, $count) {
	234
	235	global $SESSION, $CFG;
	236
	237	$smalluserobject = new object; // All we need to delete them later
	238	$smalluserobject->id = $user->id;
	239	$smalluserobject->email = $user->email;
	240	$smalluserobject->auth = $user->auth;
	241	$smalluserobject->firstname = $user->firstname;
	242	$smalluserobject->lastname = $user->lastname;
9edea336	243	$smalluserobject->username = $user->username;
2e3f66d7	244
	245	if (empty($SESSION->users_result[$user->id])) {
	246	$SESSION->users_result[$user->id] = $smalluserobject;
	247	$html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
	248	$html .= '<td width="10">'.$count.'</td>';
209c122b	249	$html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
2e3f66d7	250
	251	$html .= "<ul>";
	252	$profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
	253	foreach ($profile_set as $key=>$value) {
	254	if (isset($user->$key)){
	255	$html .= '<li>'.$user->$key.'</li>';
	256	}
	257	}
	258	$html .= "</ul>";
	259	$html .= '</td>';
	260
	261	foreach ($keywords as $keyword) {
1e12b912	262	$user->description = highlight($keyword, $user->description);
2e3f66d7	263	}
2e3f66d7	264
8bdc9cac SH	265	if (!isset($user->descriptionformat)) {
	266	$user->descriptionformat = FORMAT_MOODLE;
	267	}
	268
	269	$html .= '<td align="left">'.format_text($user->description, $user->descriptionformat).'</td>';
2e3f66d7	270	$html .= '<td width="100px" align="center">';
9edea336 PS	271	$html .= '<button onclick="M.report_spamcleaner.del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
9edea336 PS	272	$html .= '<button onclick="M.report_spamcleaner.ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
2e3f66d7	273	$html .= '</td>';
	274	$html .= '</tr>';
	275	return $html;
	276	} else {
	277	return null;
	278	}
	279
	280
	281	}
	282
73d6f52f	283	echo $OUTPUT->footer();