on-demand release 2.6beta+
[moodle.git] / admin / tool / spamcleaner / index.php
CommitLineData
2e3f66d7 1<?php
2
3/**
4 * Spam Cleaner
5 *
6 * Helps an admin to clean up spam in Moodle
7 *
2e3f66d7 8 * @authors Dongsheng Cai, Martin Dougiamas, Amr Hourani
9 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
10 */
11
2e3f66d7 12// List of known spammy keywords, please add more here
13
9edea336
PS
14/////////////////////////////////////////////////////////////////////////////////
15
16require_once('../../../config.php');
17require_once($CFG->libdir.'/adminlib.php');
18
19
20// Configuration
21
2e3f66d7 22$autokeywords = array(
23 "<img",
24 "fuck",
25 "casino",
26 "porn",
27 "xxx",
28 "cialis",
29 "viagra",
30 "poker",
31 "warcraft"
32 );
33
2e3f66d7 34$keyword = optional_param('keyword', '', PARAM_RAW);
35$autodetect = optional_param('autodetect', '', PARAM_RAW);
36$del = optional_param('del', '', PARAM_RAW);
37$delall = optional_param('delall', '', PARAM_RAW);
38$ignore = optional_param('ignore', '', PARAM_RAW);
39$reset = optional_param('reset', '', PARAM_RAW);
40$id = optional_param('id', '', PARAM_INT);
41
42require_login();
17a14fbd 43admin_externalpage_setup('toolspamcleaner');
2e3f66d7 44
45// Delete one user
46if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
47 if (isset($SESSION->users_result[$id])) {
48 $user = $SESSION->users_result[$id];
49 if (delete_user($user)) {
50 unset($SESSION->users_result[$id]);
51 echo json_encode(true);
52 } else {
53 echo json_encode(false);
54 }
55 } else {
56 echo json_encode(false);
57 }
58 exit;
59}
60
61// Delete lots of users
62if (!empty($delall) && confirm_sesskey()) {
63 if (!empty($SESSION->users_result)) {
64 foreach ($SESSION->users_result as $userid => $user) {
65 if ($userid != $USER->id) {
66 if (delete_user($user)) {
67 unset($SESSION->users_result[$userid]);
68 }
69 }
70 }
71 }
72 echo json_encode(true);
73 exit;
74}
75
76if (!empty($ignore)) {
77 unset($SESSION->users_result[$id]);
78 echo json_encode(true);
79 exit;
80}
81
17a14fbd 82$PAGE->requires->js_init_call('M.tool_spamcleaner.init', array(me()), true);
9edea336 83$strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
17a14fbd 84$PAGE->requires->strings_for_js($strings, 'tool_spamcleaner');
2e3f66d7 85
61ef8f9f 86echo $OUTPUT->header();
2e3f66d7 87
88// Print headers and things
17a14fbd 89echo $OUTPUT->box(get_string('spamcleanerintro', 'tool_spamcleaner'));
2e3f66d7 90
20486a5a 91echo $OUTPUT->box_start(); // The forms section at the top
2e3f66d7 92
93?>
94
95<div class="mdl-align">
96
6acb6a3d 97<form method="post" action="index.php">
98 <div>
aa414527 99 <label class="accesshide" for="keyword_el"><?php print_string('spamkeyword', 'tool_spamcleaner') ?></label>
20486a5a 100 <input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
2e3f66d7 101 <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
17a14fbd 102 <input type="submit" value="<?php echo get_string('spamsearch', 'tool_spamcleaner')?>" />
6acb6a3d 103 </div>
2e3f66d7 104</form>
17a14fbd 105<p><?php echo get_string('spameg', 'tool_spamcleaner');?></p>
2e3f66d7 106
107<hr />
108
6acb6a3d 109<form method="post" action="index.php">
110 <div>
17a14fbd 111 <input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'tool_spamcleaner');?>" />
6acb6a3d 112 </div>
2e3f66d7 113</form>
114
115
116</div>
117
118<?php
20486a5a 119echo $OUTPUT->box_end();
2e3f66d7 120
121echo '<div id="result" class="mdl-align">';
122
123// Print list of resulting profiles
124
125if (!empty($keyword)) { // Use the keyword(s) supplied by the user
126 $keywords = explode(',', $keyword);
127 foreach ($keywords as $key => $keyword) {
128 $keywords[$key] = trim($keyword);
129 }
130 search_spammers($keywords);
131
132} else if (!empty($autodetect)) { // Use the inbuilt keyword list to detect users
133 search_spammers($autokeywords);
134}
135
136echo '</div>';
137
138/////////////////////////////////////////////////////////////////////////////////
139
140
20486a5a 141/// Functions
2e3f66d7 142
143
144function search_spammers($keywords) {
145
20486a5a 146 global $CFG, $USER, $DB, $OUTPUT;
2e3f66d7 147
148 if (!is_array($keywords)) {
149 $keywords = array($keywords); // Make it into an array
150 }
151
4287c1c2 152 $params = array('userid'=>$USER->id);
2e3f66d7 153
154 $keywordfull = array();
d38f419d 155 $i = 0;
2e3f66d7 156 foreach ($keywords as $keyword) {
d38f419d
PS
157 $keywordfull[] = $DB->sql_like('description', ':descpat'.$i, false);
158 $params['descpat'.$i] = "%$keyword%";
159 $keywordfull2[] = $DB->sql_like('p.summary', ':sumpat'.$i, false);
160 $params['sumpat'.$i] = "%$keyword%";
e45b444e
RT
161 $keywordfull3[] = $DB->sql_like('p.subject', ':subpat'.$i, false);
162 $params['subpat'.$i] = "%$keyword%";
163 $keywordfull4[] = $DB->sql_like('c.content', ':contpat'.$i, false);
164 $params['contpat'.$i] = "%$keyword%";
165 $keywordfull5[] = $DB->sql_like('m.fullmessage', ':msgpat'.$i, false);
166 $params['msgpat'.$i] = "%$keyword%";
167 $keywordfull6[] = $DB->sql_like('fp.message', ':forumpostpat'.$i, false);
168 $params['forumpostpat'.$i] = "%$keyword%";
169 $keywordfull7[] = $DB->sql_like('fp.subject', ':forumpostsubpat'.$i, false);
170 $params['forumpostsubpat'.$i] = "%$keyword%";
d38f419d 171 $i++;
2e3f66d7 172 }
173 $conditions = '( '.implode(' OR ', $keywordfull).' )';
174 $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
e45b444e
RT
175 $conditions3 = '( '.implode(' OR ', $keywordfull3).' )';
176 $conditions4 = '( '.implode(' OR ', $keywordfull4).' )';
177 $conditions5 = '( '.implode(' OR ', $keywordfull5).' )';
178 $conditions6 = '( '.implode(' OR ', $keywordfull6).' )';
179 $conditions7 = '( '.implode(' OR ', $keywordfull7).' )';
2e3f66d7 180
4287c1c2
PS
181 $sql = "SELECT * FROM {user} WHERE deleted = 0 AND id <> :userid AND $conditions"; // Exclude oneself
182 $sql2 = "SELECT u.*, p.summary FROM {user} AS u, {post} AS p WHERE $conditions2 AND u.deleted = 0 AND u.id=p.userid AND u.id <> :userid";
e45b444e
RT
183 $sql3 = "SELECT u.*, p.subject as postsubject FROM {user} AS u, {post} AS p WHERE $conditions3 AND u.deleted = 0 AND u.id=p.userid AND u.id <> :userid";
184 $sql4 = "SELECT u.*, c.content FROM {user} AS u, {comments} AS c WHERE $conditions4 AND u.deleted = 0 AND u.id=c.userid AND u.id <> :userid";
185 $sql5 = "SELECT u.*, m.fullmessage FROM {user} AS u, {message} AS m WHERE $conditions5 AND u.deleted = 0 AND u.id=m.useridfrom AND u.id <> :userid";
186 $sql6 = "SELECT u.*, fp.message FROM {user} AS u, {forum_posts} AS fp WHERE $conditions6 AND u.deleted = 0 AND u.id=fp.userid AND u.id <> :userid";
187 $sql7 = "SELECT u.*, fp.subject FROM {user} AS u, {forum_posts} AS fp WHERE $conditions7 AND u.deleted = 0 AND u.id=fp.userid AND u.id <> :userid";
188
d38f419d
PS
189 $spamusers_desc = $DB->get_recordset_sql($sql, $params);
190 $spamusers_blog = $DB->get_recordset_sql($sql2, $params);
e45b444e
RT
191 $spamusers_blogsub = $DB->get_recordset_sql($sql3, $params);
192 $spamusers_comment = $DB->get_recordset_sql($sql4, $params);
193 $spamusers_message = $DB->get_recordset_sql($sql5, $params);
194 $spamusers_forumpost = $DB->get_recordset_sql($sql6, $params);
195 $spamusers_forumpostsub = $DB->get_recordset_sql($sql7, $params);
2e3f66d7 196
197 $keywordlist = implode(', ', $keywords);
17a14fbd 198 echo $OUTPUT->box(get_string('spamresult', 'tool_spamcleaner').s($keywordlist)).' ...';
2e3f66d7 199
e45b444e
RT
200 print_user_list(array($spamusers_desc,
201 $spamusers_blog,
202 $spamusers_blogsub,
203 $spamusers_comment,
204 $spamusers_message,
205 $spamusers_forumpost,
206 $spamusers_forumpostsub
207 ),
208 $keywords);
2e3f66d7 209}
210
211
212
213function print_user_list($users_rs, $keywords) {
214 global $CFG, $SESSION;
215
216 // reset session everytime this function is called
217 $SESSION->users_result = array();
218 $count = 0;
219
220 foreach ($users_rs as $rs){
221 foreach ($rs as $user) {
222 if (!$count) {
17a14fbd 223 echo '<table border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'tool_spamcleaner').'</th><th>'.get_string('spamoperation', 'tool_spamcleaner').'</th></tr>';
2e3f66d7 224 }
225 $count++;
226 filter_user($user, $keywords, $count);
227 }
228 }
229
230 if (!$count) {
17a14fbd 231 echo get_string('spamcannotfinduser', 'tool_spamcleaner');
2e3f66d7 232
233 } else {
234 echo '</table>';
235 echo '<div class="mld-align">
17a14fbd 236 <button id="removeall_btn">'.get_string('spamdeleteall', 'tool_spamcleaner').'</button>
2e3f66d7 237 </div>';
238 }
239}
240function filter_user($user, $keywords, $count) {
241 global $CFG;
242 $image_search = false;
243 if (in_array('<img', $keywords)) {
244 $image_search = true;
245 }
246 if (isset($user->summary)) {
17a14fbd 247 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->summary;
2e3f66d7 248 unset($user->summary);
e45b444e
RT
249 } else if (isset($user->postsubject)) {
250 $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->postsubject;
251 unset($user->postsubject);
252 } else if (isset($user->content)) {
253 $user->description = '<h3>'.get_string('spamfromcomments', 'tool_spamcleaner').'</h3>'.$user->content;
254 unset($user->content);
255 } else if (isset($user->fullmessage)) {
256 $user->description = '<h3>'.get_string('spamfrommessages', 'tool_spamcleaner').'</h3>'.$user->fullmessage;
257 unset($user->fullmessage);
258 } else if (isset($user->message)) {
259 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->message;
260 unset($user->message);
261 } else if (isset($user->subject)) {
262 $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->subject;
263 unset($user->subject);
2e3f66d7 264 }
e45b444e 265
5d3b9994 266 if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
2e3f66d7 267 && $image_search) {
268 $result = false;
269 foreach ($keywords as $keyword) {
270 if (preg_match('#'.$keyword.'#', $user->description)
271 && ($keyword != '<img')) {
272 $result = true;
273 }
274 }
275 if ($result) {
276 echo print_user_entry($user, $keywords, $count);
277 } else {
278 unset($user);
279 }
280 } else {
281 echo print_user_entry($user, $keywords, $count);
282 }
283}
284
285
286function print_user_entry($user, $keywords, $count) {
287
288 global $SESSION, $CFG;
289
a226a972 290 $smalluserobject = new stdClass(); // All we need to delete them later
2e3f66d7 291 $smalluserobject->id = $user->id;
292 $smalluserobject->email = $user->email;
293 $smalluserobject->auth = $user->auth;
294 $smalluserobject->firstname = $user->firstname;
295 $smalluserobject->lastname = $user->lastname;
9edea336 296 $smalluserobject->username = $user->username;
2e3f66d7 297
298 if (empty($SESSION->users_result[$user->id])) {
299 $SESSION->users_result[$user->id] = $smalluserobject;
300 $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
301 $html .= '<td width="10">'.$count.'</td>';
209c122b 302 $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
2e3f66d7 303
304 $html .= "<ul>";
305 $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
306 foreach ($profile_set as $key=>$value) {
307 if (isset($user->$key)){
308 $html .= '<li>'.$user->$key.'</li>';
309 }
310 }
311 $html .= "</ul>";
312 $html .= '</td>';
313
314 foreach ($keywords as $keyword) {
1e12b912 315 $user->description = highlight($keyword, $user->description);
2e3f66d7 316 }
317
8bdc9cac
SH
318 if (!isset($user->descriptionformat)) {
319 $user->descriptionformat = FORMAT_MOODLE;
320 }
321
367a75fa 322 $html .= '<td align="left">'.format_text($user->description, $user->descriptionformat, array('overflowdiv'=>true)).'</td>';
2e3f66d7 323 $html .= '<td width="100px" align="center">';
17a14fbd
PS
324 $html .= '<button onclick="M.tool_spamcleaner.del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
325 $html .= '<button onclick="M.tool_spamcleaner.ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
2e3f66d7 326 $html .= '</td>';
327 $html .= '</tr>';
328 return $html;
329 } else {
330 return null;
331 }
332
333
334}
335
73d6f52f 336echo $OUTPUT->footer();