MDL-64506 templates: replace spans where and col-x appears
[moodle.git] / admin / tool / spamcleaner / index.php
CommitLineData
2e3f66d7 1<?php
2
3/**
4 * Spam Cleaner
5 *
6 * Helps an admin to clean up spam in Moodle
7 *
2ef8ff9e
SH
8 * @author Dongsheng Cai
9 * @author Martin Dougiamas
10 * @author Amr Hourani
2e3f66d7 11 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
12 */
13
2e3f66d7 14// List of known spammy keywords, please add more here
15
9edea336
PS
16/////////////////////////////////////////////////////////////////////////////////
17
18require_once('../../../config.php');
19require_once($CFG->libdir.'/adminlib.php');
20
21
22// Configuration
23
2e3f66d7 24$autokeywords = array(
25 "<img",
26 "fuck",
27 "casino",
28 "porn",
29 "xxx",
30 "cialis",
31 "viagra",
32 "poker",
33 "warcraft"
34 );
35
2e3f66d7 36$keyword = optional_param('keyword', '', PARAM_RAW);
37$autodetect = optional_param('autodetect', '', PARAM_RAW);
38$del = optional_param('del', '', PARAM_RAW);
39$delall = optional_param('delall', '', PARAM_RAW);
40$ignore = optional_param('ignore', '', PARAM_RAW);
41$reset = optional_param('reset', '', PARAM_RAW);
42$id = optional_param('id', '', PARAM_INT);
43
17a14fbd 44admin_externalpage_setup('toolspamcleaner');
2e3f66d7 45
46// Delete one user
47if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
48 if (isset($SESSION->users_result[$id])) {
49 $user = $SESSION->users_result[$id];
50 if (delete_user($user)) {
51 unset($SESSION->users_result[$id]);
52 echo json_encode(true);
53 } else {
54 echo json_encode(false);
55 }
56 } else {
57 echo json_encode(false);
58 }
59 exit;
60}
61
62// Delete lots of users
63if (!empty($delall) && confirm_sesskey()) {
64 if (!empty($SESSION->users_result)) {
65 foreach ($SESSION->users_result as $userid => $user) {
66 if ($userid != $USER->id) {
67 if (delete_user($user)) {
68 unset($SESSION->users_result[$userid]);
69 }
70 }
71 }
72 }
73 echo json_encode(true);
74 exit;
75}
76
78299973 77if (!empty($ignore) && confirm_sesskey()) {
2e3f66d7 78 unset($SESSION->users_result[$id]);
79 echo json_encode(true);
80 exit;
81}
82
17a14fbd 83$PAGE->requires->js_init_call('M.tool_spamcleaner.init', array(me()), true);
9edea336 84$strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
17a14fbd 85$PAGE->requires->strings_for_js($strings, 'tool_spamcleaner');
2e3f66d7 86
61ef8f9f 87echo $OUTPUT->header();
2e3f66d7 88
89// Print headers and things
17a14fbd 90echo $OUTPUT->box(get_string('spamcleanerintro', 'tool_spamcleaner'));
2e3f66d7 91
20486a5a 92echo $OUTPUT->box_start(); // The forms section at the top
2e3f66d7 93
94?>
95
96<div class="mdl-align">
97
270b2e44 98<form method="post" action="index.php" class="form-inline spamcleanerform">
6acb6a3d 99 <div>
aa414527 100 <label class="accesshide" for="keyword_el"><?php print_string('spamkeyword', 'tool_spamcleaner') ?></label>
270b2e44 101 <input type="text" class="form-control" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
2e3f66d7 102 <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
270b2e44 103 <input type="submit" class="btn btn-primary" value="<?php echo get_string('spamsearch', 'tool_spamcleaner')?>" />
6acb6a3d 104 </div>
2e3f66d7 105</form>
17a14fbd 106<p><?php echo get_string('spameg', 'tool_spamcleaner');?></p>
2e3f66d7 107
108<hr />
109
6acb6a3d 110<form method="post" action="index.php">
111 <div>
270b2e44
SL
112 <input type="submit" class="btn btn-primary" name="autodetect"
113 value="<?php echo get_string('spamauto', 'tool_spamcleaner');?>" />
6acb6a3d 114 </div>
2e3f66d7 115</form>
116
117
118</div>
119
120<?php
20486a5a 121echo $OUTPUT->box_end();
2e3f66d7 122
123echo '<div id="result" class="mdl-align">';
124
125// Print list of resulting profiles
126
127if (!empty($keyword)) { // Use the keyword(s) supplied by the user
128 $keywords = explode(',', $keyword);
129 foreach ($keywords as $key => $keyword) {
130 $keywords[$key] = trim($keyword);
131 }
132 search_spammers($keywords);
133
134} else if (!empty($autodetect)) { // Use the inbuilt keyword list to detect users
135 search_spammers($autokeywords);
136}
137
138echo '</div>';
139
140/////////////////////////////////////////////////////////////////////////////////
141
142
20486a5a 143/// Functions
2e3f66d7 144
145
146function search_spammers($keywords) {
147
20486a5a 148 global $CFG, $USER, $DB, $OUTPUT;
2e3f66d7 149
150 if (!is_array($keywords)) {
151 $keywords = array($keywords); // Make it into an array
152 }
153
4287c1c2 154 $params = array('userid'=>$USER->id);
2e3f66d7 155
156 $keywordfull = array();
d38f419d 157 $i = 0;
2e3f66d7 158 foreach ($keywords as $keyword) {
d38f419d
PS
159 $keywordfull[] = $DB->sql_like('description', ':descpat'.$i, false);
160 $params['descpat'.$i] = "%$keyword%";
161 $keywordfull2[] = $DB->sql_like('p.summary', ':sumpat'.$i, false);
162 $params['sumpat'.$i] = "%$keyword%";
e45b444e
RT
163 $keywordfull3[] = $DB->sql_like('p.subject', ':subpat'.$i, false);
164 $params['subpat'.$i] = "%$keyword%";
165 $keywordfull4[] = $DB->sql_like('c.content', ':contpat'.$i, false);
166 $params['contpat'.$i] = "%$keyword%";
167 $keywordfull5[] = $DB->sql_like('m.fullmessage', ':msgpat'.$i, false);
168 $params['msgpat'.$i] = "%$keyword%";
169 $keywordfull6[] = $DB->sql_like('fp.message', ':forumpostpat'.$i, false);
170 $params['forumpostpat'.$i] = "%$keyword%";
171 $keywordfull7[] = $DB->sql_like('fp.subject', ':forumpostsubpat'.$i, false);
172 $params['forumpostsubpat'.$i] = "%$keyword%";
d38f419d 173 $i++;
2e3f66d7 174 }
175 $conditions = '( '.implode(' OR ', $keywordfull).' )';
176 $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
e45b444e
RT
177 $conditions3 = '( '.implode(' OR ', $keywordfull3).' )';
178 $conditions4 = '( '.implode(' OR ', $keywordfull4).' )';
179 $conditions5 = '( '.implode(' OR ', $keywordfull5).' )';
180 $conditions6 = '( '.implode(' OR ', $keywordfull6).' )';
181 $conditions7 = '( '.implode(' OR ', $keywordfull7).' )';
2e3f66d7 182
7e1da23d
AA
183 $sql = "SELECT *
184 FROM {user}
185 WHERE deleted = 0
186 AND id <> :userid
187 AND $conditions"; // Exclude oneself
188 $sql2 = "SELECT u.*, p.summary
189 FROM {user} u, {post} p
190 WHERE $conditions2
191 AND u.deleted = 0
192 AND u.id=p.userid
193 AND u.id <> :userid";
194 $sql3 = "SELECT u.*, p.subject AS postsubject
195 FROM {user} u, {post} p
196 WHERE $conditions3
197 AND u.deleted = 0
198 AND u.id=p.userid
199 AND u.id <> :userid";
200 $sql4 = "SELECT u.*, c.content
201 FROM {user} u, {comments} c
202 WHERE $conditions4
203 AND u.deleted = 0
204 AND u.id=c.userid
205 AND u.id <> :userid";
206 $sql5 = "SELECT u.*, m.fullmessage
207 FROM {user} u, {message} m
208 WHERE $conditions5
209 AND u.deleted = 0
210 AND u.id=m.useridfrom
211 AND u.id <> :userid";
212 $sql6 = "SELECT u.*, fp.message
213 FROM {user} u, {forum_posts} fp
214 WHERE $conditions6
215 AND u.deleted = 0
216 AND u.id=fp.userid
217 AND u.id <> :userid";
218 $sql7 = "SELECT u.*, fp.subject
219 FROM {user} u, {forum_posts} fp
220 WHERE $conditions7
221 AND u.deleted = 0
222 AND u.id=fp.userid
223 AND u.id <> :userid";
e45b444e 224
d38f419d
PS
225 $spamusers_desc = $DB->get_recordset_sql($sql, $params);
226 $spamusers_blog = $DB->get_recordset_sql($sql2, $params);
e45b444e
RT
227 $spamusers_blogsub = $DB->get_recordset_sql($sql3, $params);
228 $spamusers_comment = $DB->get_recordset_sql($sql4, $params);
229 $spamusers_message = $DB->get_recordset_sql($sql5, $params);
230 $spamusers_forumpost = $DB->get_recordset_sql($sql6, $params);
231 $spamusers_forumpostsub = $DB->get_recordset_sql($sql7, $params);
2e3f66d7 232
233 $keywordlist = implode(', ', $keywords);
17a14fbd 234 echo $OUTPUT->box(get_string('spamresult', 'tool_spamcleaner').s($keywordlist)).' ...';
2e3f66d7 235
a938e409 236 $recordsets = [
237 $spamusers_desc,
238 $spamusers_blog,
239 $spamusers_blogsub,
240 $spamusers_comment,
241 $spamusers_message,
242 $spamusers_forumpost,
243 $spamusers_forumpostsub
244 ];
245 print_user_list($recordsets, $keywords);
246 foreach ($recordsets as $rs) {
247 $rs->close();
248 }
2e3f66d7 249}
250
251
252
253function print_user_list($users_rs, $keywords) {
254 global $CFG, $SESSION;
255
256 // reset session everytime this function is called
257 $SESSION->users_result = array();
258 $count = 0;
259
260 foreach ($users_rs as $rs){
261 foreach ($rs as $user) {
262 if (!$count) {
270b2e44
SL
263 echo '<table class="table table-bordered" border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th>
264 <th>'.get_string('user', 'admin').'</th><th>'.get_string('spamdesc', 'tool_spamcleaner').'</th>
265 <th>'.get_string('spamoperation', 'tool_spamcleaner').'</th></tr>';
2e3f66d7 266 }
267 $count++;
268 filter_user($user, $keywords, $count);
269 }
270 }
271
272 if (!$count) {
17a14fbd 273 echo get_string('spamcannotfinduser', 'tool_spamcleaner');
2e3f66d7 274
275 } else {
276 echo '</table>';
277 echo '<div class="mld-align">
270b2e44 278 <button id="removeall_btn" class="btn btn-secondary">'.get_string('spamdeleteall', 'tool_spamcleaner').'</button>
2e3f66d7 279 </div>';
280 }
281}
282function filter_user($user, $keywords, $count) {
283 global $CFG;
284 $image_search = false;
285 if (in_array('<img', $keywords)) {
286 $image_search = true;
287 }
288 if (isset($user->summary)) {
17a14fbd 289 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->summary;
2e3f66d7 290 unset($user->summary);
e45b444e
RT
291 } else if (isset($user->postsubject)) {
292 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->postsubject;
293 unset($user->postsubject);
294 } else if (isset($user->content)) {
295 $user->description = '<h3>'.get_string('spamfromcomments', 'tool_spamcleaner').'</h3>'.$user->content;
296 unset($user->content);
297 } else if (isset($user->fullmessage)) {
298 $user->description = '<h3>'.get_string('spamfrommessages', 'tool_spamcleaner').'</h3>'.$user->fullmessage;
299 unset($user->fullmessage);
300 } else if (isset($user->message)) {
301 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->message;
302 unset($user->message);
303 } else if (isset($user->subject)) {
304 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->subject;
305 unset($user->subject);
2e3f66d7 306 }
e45b444e 307
5d3b9994 308 if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
2e3f66d7 309 && $image_search) {
310 $result = false;
311 foreach ($keywords as $keyword) {
312 if (preg_match('#'.$keyword.'#', $user->description)
313 && ($keyword != '<img')) {
314 $result = true;
315 }
316 }
317 if ($result) {
318 echo print_user_entry($user, $keywords, $count);
319 } else {
320 unset($user);
321 }
322 } else {
323 echo print_user_entry($user, $keywords, $count);
324 }
325}
326
327
328function print_user_entry($user, $keywords, $count) {
329
330 global $SESSION, $CFG;
331
a226a972 332 $smalluserobject = new stdClass(); // All we need to delete them later
2e3f66d7 333 $smalluserobject->id = $user->id;
334 $smalluserobject->email = $user->email;
335 $smalluserobject->auth = $user->auth;
336 $smalluserobject->firstname = $user->firstname;
337 $smalluserobject->lastname = $user->lastname;
9edea336 338 $smalluserobject->username = $user->username;
2e3f66d7 339
340 if (empty($SESSION->users_result[$user->id])) {
341 $SESSION->users_result[$user->id] = $smalluserobject;
342 $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
343 $html .= '<td width="10">'.$count.'</td>';
209c122b 344 $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
2e3f66d7 345
346 $html .= "<ul>";
347 $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
348 foreach ($profile_set as $key=>$value) {
349 if (isset($user->$key)){
350 $html .= '<li>'.$user->$key.'</li>';
351 }
352 }
353 $html .= "</ul>";
354 $html .= '</td>';
355
356 foreach ($keywords as $keyword) {
1e12b912 357 $user->description = highlight($keyword, $user->description);
2e3f66d7 358 }
359
8bdc9cac
SH
360 if (!isset($user->descriptionformat)) {
361 $user->descriptionformat = FORMAT_MOODLE;
362 }
363
367a75fa 364 $html .= '<td align="left">'.format_text($user->description, $user->descriptionformat, array('overflowdiv'=>true)).'</td>';
2e3f66d7 365 $html .= '<td width="100px" align="center">';
270b2e44
SL
366 $html .= '<button class="btn btn-primary" onclick="M.tool_spamcleaner.del_user(this,'.$user->id.')">'.
367 get_string('deleteuser', 'admin').'</button><br />';
368 $html .= '<button class="btn btn-secondary" onclick="M.tool_spamcleaner.ignore_user(this,'.$user->id.')">'.
369 get_string('ignore', 'admin').'</button>';
2e3f66d7 370 $html .= '</td>';
371 $html .= '</tr>';
372 return $html;
373 } else {
374 return null;
375 }
376
377
378}
379
73d6f52f 380echo $OUTPUT->footer();