MDL-53139 admin: case diff issue with email
[moodle.git] / admin / tool / spamcleaner / index.php
CommitLineData
2e3f66d7 1<?php
2
3/**
4 * Spam Cleaner
5 *
6 * Helps an admin to clean up spam in Moodle
7 *
2ef8ff9e
SH
8 * @author Dongsheng Cai
9 * @author Martin Dougiamas
10 * @author Amr Hourani
2e3f66d7 11 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
12 */
13
2e3f66d7 14// List of known spammy keywords, please add more here
15
9edea336
PS
16/////////////////////////////////////////////////////////////////////////////////
17
18require_once('../../../config.php');
19require_once($CFG->libdir.'/adminlib.php');
20
21
22// Configuration
23
2e3f66d7 24$autokeywords = array(
25 "<img",
26 "fuck",
27 "casino",
28 "porn",
29 "xxx",
30 "cialis",
31 "viagra",
32 "poker",
33 "warcraft"
34 );
35
2e3f66d7 36$keyword = optional_param('keyword', '', PARAM_RAW);
37$autodetect = optional_param('autodetect', '', PARAM_RAW);
38$del = optional_param('del', '', PARAM_RAW);
39$delall = optional_param('delall', '', PARAM_RAW);
40$ignore = optional_param('ignore', '', PARAM_RAW);
41$reset = optional_param('reset', '', PARAM_RAW);
42$id = optional_param('id', '', PARAM_INT);
43
44require_login();
17a14fbd 45admin_externalpage_setup('toolspamcleaner');
2e3f66d7 46
47// Delete one user
48if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
49 if (isset($SESSION->users_result[$id])) {
50 $user = $SESSION->users_result[$id];
51 if (delete_user($user)) {
52 unset($SESSION->users_result[$id]);
53 echo json_encode(true);
54 } else {
55 echo json_encode(false);
56 }
57 } else {
58 echo json_encode(false);
59 }
60 exit;
61}
62
63// Delete lots of users
64if (!empty($delall) && confirm_sesskey()) {
65 if (!empty($SESSION->users_result)) {
66 foreach ($SESSION->users_result as $userid => $user) {
67 if ($userid != $USER->id) {
68 if (delete_user($user)) {
69 unset($SESSION->users_result[$userid]);
70 }
71 }
72 }
73 }
74 echo json_encode(true);
75 exit;
76}
77
78if (!empty($ignore)) {
79 unset($SESSION->users_result[$id]);
80 echo json_encode(true);
81 exit;
82}
83
17a14fbd 84$PAGE->requires->js_init_call('M.tool_spamcleaner.init', array(me()), true);
9edea336 85$strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
17a14fbd 86$PAGE->requires->strings_for_js($strings, 'tool_spamcleaner');
2e3f66d7 87
61ef8f9f 88echo $OUTPUT->header();
2e3f66d7 89
90// Print headers and things
17a14fbd 91echo $OUTPUT->box(get_string('spamcleanerintro', 'tool_spamcleaner'));
2e3f66d7 92
20486a5a 93echo $OUTPUT->box_start(); // The forms section at the top
2e3f66d7 94
95?>
96
97<div class="mdl-align">
98
6acb6a3d 99<form method="post" action="index.php">
100 <div>
aa414527 101 <label class="accesshide" for="keyword_el"><?php print_string('spamkeyword', 'tool_spamcleaner') ?></label>
20486a5a 102 <input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
2e3f66d7 103 <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
17a14fbd 104 <input type="submit" value="<?php echo get_string('spamsearch', 'tool_spamcleaner')?>" />
6acb6a3d 105 </div>
2e3f66d7 106</form>
17a14fbd 107<p><?php echo get_string('spameg', 'tool_spamcleaner');?></p>
2e3f66d7 108
109<hr />
110
6acb6a3d 111<form method="post" action="index.php">
112 <div>
17a14fbd 113 <input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'tool_spamcleaner');?>" />
6acb6a3d 114 </div>
2e3f66d7 115</form>
116
117
118</div>
119
120<?php
20486a5a 121echo $OUTPUT->box_end();
2e3f66d7 122
123echo '<div id="result" class="mdl-align">';
124
125// Print list of resulting profiles
126
127if (!empty($keyword)) { // Use the keyword(s) supplied by the user
128 $keywords = explode(',', $keyword);
129 foreach ($keywords as $key => $keyword) {
130 $keywords[$key] = trim($keyword);
131 }
132 search_spammers($keywords);
133
134} else if (!empty($autodetect)) { // Use the inbuilt keyword list to detect users
135 search_spammers($autokeywords);
136}
137
138echo '</div>';
139
140/////////////////////////////////////////////////////////////////////////////////
141
142
20486a5a 143/// Functions
2e3f66d7 144
145
146function search_spammers($keywords) {
147
20486a5a 148 global $CFG, $USER, $DB, $OUTPUT;
2e3f66d7 149
150 if (!is_array($keywords)) {
151 $keywords = array($keywords); // Make it into an array
152 }
153
4287c1c2 154 $params = array('userid'=>$USER->id);
2e3f66d7 155
156 $keywordfull = array();
d38f419d 157 $i = 0;
2e3f66d7 158 foreach ($keywords as $keyword) {
d38f419d
PS
159 $keywordfull[] = $DB->sql_like('description', ':descpat'.$i, false);
160 $params['descpat'.$i] = "%$keyword%";
161 $keywordfull2[] = $DB->sql_like('p.summary', ':sumpat'.$i, false);
162 $params['sumpat'.$i] = "%$keyword%";
e45b444e
RT
163 $keywordfull3[] = $DB->sql_like('p.subject', ':subpat'.$i, false);
164 $params['subpat'.$i] = "%$keyword%";
165 $keywordfull4[] = $DB->sql_like('c.content', ':contpat'.$i, false);
166 $params['contpat'.$i] = "%$keyword%";
167 $keywordfull5[] = $DB->sql_like('m.fullmessage', ':msgpat'.$i, false);
168 $params['msgpat'.$i] = "%$keyword%";
169 $keywordfull6[] = $DB->sql_like('fp.message', ':forumpostpat'.$i, false);
170 $params['forumpostpat'.$i] = "%$keyword%";
171 $keywordfull7[] = $DB->sql_like('fp.subject', ':forumpostsubpat'.$i, false);
172 $params['forumpostsubpat'.$i] = "%$keyword%";
d38f419d 173 $i++;
2e3f66d7 174 }
175 $conditions = '( '.implode(' OR ', $keywordfull).' )';
176 $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
e45b444e
RT
177 $conditions3 = '( '.implode(' OR ', $keywordfull3).' )';
178 $conditions4 = '( '.implode(' OR ', $keywordfull4).' )';
179 $conditions5 = '( '.implode(' OR ', $keywordfull5).' )';
180 $conditions6 = '( '.implode(' OR ', $keywordfull6).' )';
181 $conditions7 = '( '.implode(' OR ', $keywordfull7).' )';
2e3f66d7 182
7e1da23d
AA
183 $sql = "SELECT *
184 FROM {user}
185 WHERE deleted = 0
186 AND id <> :userid
187 AND $conditions"; // Exclude oneself
188 $sql2 = "SELECT u.*, p.summary
189 FROM {user} u, {post} p
190 WHERE $conditions2
191 AND u.deleted = 0
192 AND u.id=p.userid
193 AND u.id <> :userid";
194 $sql3 = "SELECT u.*, p.subject AS postsubject
195 FROM {user} u, {post} p
196 WHERE $conditions3
197 AND u.deleted = 0
198 AND u.id=p.userid
199 AND u.id <> :userid";
200 $sql4 = "SELECT u.*, c.content
201 FROM {user} u, {comments} c
202 WHERE $conditions4
203 AND u.deleted = 0
204 AND u.id=c.userid
205 AND u.id <> :userid";
206 $sql5 = "SELECT u.*, m.fullmessage
207 FROM {user} u, {message} m
208 WHERE $conditions5
209 AND u.deleted = 0
210 AND u.id=m.useridfrom
211 AND u.id <> :userid";
212 $sql6 = "SELECT u.*, fp.message
213 FROM {user} u, {forum_posts} fp
214 WHERE $conditions6
215 AND u.deleted = 0
216 AND u.id=fp.userid
217 AND u.id <> :userid";
218 $sql7 = "SELECT u.*, fp.subject
219 FROM {user} u, {forum_posts} fp
220 WHERE $conditions7
221 AND u.deleted = 0
222 AND u.id=fp.userid
223 AND u.id <> :userid";
e45b444e 224
d38f419d
PS
225 $spamusers_desc = $DB->get_recordset_sql($sql, $params);
226 $spamusers_blog = $DB->get_recordset_sql($sql2, $params);
e45b444e
RT
227 $spamusers_blogsub = $DB->get_recordset_sql($sql3, $params);
228 $spamusers_comment = $DB->get_recordset_sql($sql4, $params);
229 $spamusers_message = $DB->get_recordset_sql($sql5, $params);
230 $spamusers_forumpost = $DB->get_recordset_sql($sql6, $params);
231 $spamusers_forumpostsub = $DB->get_recordset_sql($sql7, $params);
2e3f66d7 232
233 $keywordlist = implode(', ', $keywords);
17a14fbd 234 echo $OUTPUT->box(get_string('spamresult', 'tool_spamcleaner').s($keywordlist)).' ...';
2e3f66d7 235
e45b444e
RT
236 print_user_list(array($spamusers_desc,
237 $spamusers_blog,
238 $spamusers_blogsub,
239 $spamusers_comment,
240 $spamusers_message,
241 $spamusers_forumpost,
242 $spamusers_forumpostsub
243 ),
244 $keywords);
2e3f66d7 245}
246
247
248
249function print_user_list($users_rs, $keywords) {
250 global $CFG, $SESSION;
251
252 // reset session everytime this function is called
253 $SESSION->users_result = array();
254 $count = 0;
255
256 foreach ($users_rs as $rs){
257 foreach ($rs as $user) {
258 if (!$count) {
17a14fbd 259 echo '<table border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'tool_spamcleaner').'</th><th>'.get_string('spamoperation', 'tool_spamcleaner').'</th></tr>';
2e3f66d7 260 }
261 $count++;
262 filter_user($user, $keywords, $count);
263 }
264 }
265
266 if (!$count) {
17a14fbd 267 echo get_string('spamcannotfinduser', 'tool_spamcleaner');
2e3f66d7 268
269 } else {
270 echo '</table>';
271 echo '<div class="mld-align">
17a14fbd 272 <button id="removeall_btn">'.get_string('spamdeleteall', 'tool_spamcleaner').'</button>
2e3f66d7 273 </div>';
274 }
275}
276function filter_user($user, $keywords, $count) {
277 global $CFG;
278 $image_search = false;
279 if (in_array('<img', $keywords)) {
280 $image_search = true;
281 }
282 if (isset($user->summary)) {
17a14fbd 283 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->summary;
2e3f66d7 284 unset($user->summary);
e45b444e
RT
285 } else if (isset($user->postsubject)) {
286 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->postsubject;
287 unset($user->postsubject);
288 } else if (isset($user->content)) {
289 $user->description = '<h3>'.get_string('spamfromcomments', 'tool_spamcleaner').'</h3>'.$user->content;
290 unset($user->content);
291 } else if (isset($user->fullmessage)) {
292 $user->description = '<h3>'.get_string('spamfrommessages', 'tool_spamcleaner').'</h3>'.$user->fullmessage;
293 unset($user->fullmessage);
294 } else if (isset($user->message)) {
295 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->message;
296 unset($user->message);
297 } else if (isset($user->subject)) {
298 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->subject;
299 unset($user->subject);
2e3f66d7 300 }
e45b444e 301
5d3b9994 302 if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
2e3f66d7 303 && $image_search) {
304 $result = false;
305 foreach ($keywords as $keyword) {
306 if (preg_match('#'.$keyword.'#', $user->description)
307 && ($keyword != '<img')) {
308 $result = true;
309 }
310 }
311 if ($result) {
312 echo print_user_entry($user, $keywords, $count);
313 } else {
314 unset($user);
315 }
316 } else {
317 echo print_user_entry($user, $keywords, $count);
318 }
319}
320
321
322function print_user_entry($user, $keywords, $count) {
323
324 global $SESSION, $CFG;
325
a226a972 326 $smalluserobject = new stdClass(); // All we need to delete them later
2e3f66d7 327 $smalluserobject->id = $user->id;
328 $smalluserobject->email = $user->email;
329 $smalluserobject->auth = $user->auth;
330 $smalluserobject->firstname = $user->firstname;
331 $smalluserobject->lastname = $user->lastname;
9edea336 332 $smalluserobject->username = $user->username;
2e3f66d7 333
334 if (empty($SESSION->users_result[$user->id])) {
335 $SESSION->users_result[$user->id] = $smalluserobject;
336 $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
337 $html .= '<td width="10">'.$count.'</td>';
209c122b 338 $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
2e3f66d7 339
340 $html .= "<ul>";
341 $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
342 foreach ($profile_set as $key=>$value) {
343 if (isset($user->$key)){
344 $html .= '<li>'.$user->$key.'</li>';
345 }
346 }
347 $html .= "</ul>";
348 $html .= '</td>';
349
350 foreach ($keywords as $keyword) {
1e12b912 351 $user->description = highlight($keyword, $user->description);
2e3f66d7 352 }
353
8bdc9cac
SH
354 if (!isset($user->descriptionformat)) {
355 $user->descriptionformat = FORMAT_MOODLE;
356 }
357
367a75fa 358 $html .= '<td align="left">'.format_text($user->description, $user->descriptionformat, array('overflowdiv'=>true)).'</td>';
2e3f66d7 359 $html .= '<td width="100px" align="center">';
17a14fbd
PS
360 $html .= '<button onclick="M.tool_spamcleaner.del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
361 $html .= '<button onclick="M.tool_spamcleaner.ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
2e3f66d7 362 $html .= '</td>';
363 $html .= '</tr>';
364 return $html;
365 } else {
366 return null;
367 }
368
369
370}
371
73d6f52f 372echo $OUTPUT->footer();