MDL-53139 admin: case diff issue with email
[moodle.git] / admin / tool / spamcleaner / index.php
1 <?php
3 /**
4  * Spam Cleaner
5  *
6  * Helps an admin to clean up spam in Moodle
7  *
8  * @author Dongsheng Cai
9  * @author Martin Dougiamas
10  * @author Amr Hourani
11  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
12  */
14 // List of known spammy keywords, please add more here
16 /////////////////////////////////////////////////////////////////////////////////
18 require_once('../../../config.php');
19 require_once($CFG->libdir.'/adminlib.php');
22 // Configuration
24 $autokeywords = array(
25                     "<img",
26                     "fuck",
27                     "casino",
28                     "porn",
29                     "xxx",
30                     "cialis",
31                     "viagra",
32                     "poker",
33                     "warcraft"
34                 );
36 $keyword = optional_param('keyword', '', PARAM_RAW);
37 $autodetect = optional_param('autodetect', '', PARAM_RAW);
38 $del = optional_param('del', '', PARAM_RAW);
39 $delall = optional_param('delall', '', PARAM_RAW);
40 $ignore = optional_param('ignore', '', PARAM_RAW);
41 $reset = optional_param('reset', '', PARAM_RAW);
42 $id = optional_param('id', '', PARAM_INT);
44 require_login();
45 admin_externalpage_setup('toolspamcleaner');
47 // Delete one user
48 if (!empty($del) && confirm_sesskey() && ($id != $USER->id)) {
49     if (isset($SESSION->users_result[$id])) {
50         $user = $SESSION->users_result[$id];
51         if (delete_user($user)) {
52             unset($SESSION->users_result[$id]);
53             echo json_encode(true);
54         } else {
55             echo json_encode(false);
56         }
57     } else {
58         echo json_encode(false);
59     }
60     exit;
61 }
63 // Delete lots of users
64 if (!empty($delall) && confirm_sesskey()) {
65     if (!empty($SESSION->users_result)) {
66         foreach ($SESSION->users_result as $userid => $user) {
67             if ($userid != $USER->id) {
68                 if (delete_user($user)) {
69                     unset($SESSION->users_result[$userid]);
70                 }
71             }
72         }
73     }
74     echo json_encode(true);
75     exit;
76 }
78 if (!empty($ignore)) {
79     unset($SESSION->users_result[$id]);
80     echo json_encode(true);
81     exit;
82 }
84 $PAGE->requires->js_init_call('M.tool_spamcleaner.init', array(me()), true);
85 $strings = Array('spaminvalidresult','spamdeleteallconfirm','spamcannotdelete','spamdeleteconfirm');
86 $PAGE->requires->strings_for_js($strings, 'tool_spamcleaner');
88 echo $OUTPUT->header();
90 // Print headers and things
91 echo $OUTPUT->box(get_string('spamcleanerintro', 'tool_spamcleaner'));
93 echo $OUTPUT->box_start();     // The forms section at the top
95 ?>
97 <div class="mdl-align">
99 <form method="post" action="index.php">
100   <div>
101     <label class="accesshide" for="keyword_el"><?php print_string('spamkeyword', 'tool_spamcleaner') ?></label>
102     <input type="text" name="keyword" id="keyword_el" value="<?php p($keyword) ?>" />
103     <input type="hidden" name="sesskey" value="<?php echo sesskey();?>" />
104     <input type="submit" value="<?php echo get_string('spamsearch', 'tool_spamcleaner')?>" />
105   </div>
106 </form>
107 <p><?php echo get_string('spameg', 'tool_spamcleaner');?></p>
109 <hr />
111 <form method="post"  action="index.php">
112   <div>
113     <input type="submit" name="autodetect" value="<?php echo get_string('spamauto', 'tool_spamcleaner');?>" />
114   </div>
115 </form>
118 </div>
120 <?php
121 echo $OUTPUT->box_end();
123 echo '<div id="result" class="mdl-align">';
125 // Print list of resulting profiles
127 if (!empty($keyword)) {               // Use the keyword(s) supplied by the user
128     $keywords = explode(',', $keyword);
129     foreach ($keywords as $key => $keyword) {
130         $keywords[$key] = trim($keyword);
131     }
132     search_spammers($keywords);
134 } else if (!empty($autodetect)) {     // Use the inbuilt keyword list to detect users
135     search_spammers($autokeywords);
138 echo '</div>';
140 /////////////////////////////////////////////////////////////////////////////////
143 ///  Functions
146 function search_spammers($keywords) {
148     global $CFG, $USER, $DB, $OUTPUT;
150     if (!is_array($keywords)) {
151         $keywords = array($keywords);    // Make it into an array
152     }
154     $params = array('userid'=>$USER->id);
156     $keywordfull = array();
157     $i = 0;
158     foreach ($keywords as $keyword) {
159         $keywordfull[] = $DB->sql_like('description', ':descpat'.$i, false);
160         $params['descpat'.$i] = "%$keyword%";
161         $keywordfull2[] = $DB->sql_like('p.summary', ':sumpat'.$i, false);
162         $params['sumpat'.$i] = "%$keyword%";
163         $keywordfull3[] = $DB->sql_like('p.subject', ':subpat'.$i, false);
164         $params['subpat'.$i] = "%$keyword%";
165         $keywordfull4[] = $DB->sql_like('c.content', ':contpat'.$i, false);
166         $params['contpat'.$i] = "%$keyword%";
167         $keywordfull5[] = $DB->sql_like('m.fullmessage', ':msgpat'.$i, false);
168         $params['msgpat'.$i] = "%$keyword%";
169         $keywordfull6[] = $DB->sql_like('fp.message', ':forumpostpat'.$i, false);
170         $params['forumpostpat'.$i] = "%$keyword%";
171         $keywordfull7[] = $DB->sql_like('fp.subject', ':forumpostsubpat'.$i, false);
172         $params['forumpostsubpat'.$i] = "%$keyword%";
173         $i++;
174     }
175     $conditions = '( '.implode(' OR ', $keywordfull).' )';
176     $conditions2 = '( '.implode(' OR ', $keywordfull2).' )';
177     $conditions3 = '( '.implode(' OR ', $keywordfull3).' )';
178     $conditions4 = '( '.implode(' OR ', $keywordfull4).' )';
179     $conditions5 = '( '.implode(' OR ', $keywordfull5).' )';
180     $conditions6 = '( '.implode(' OR ', $keywordfull6).' )';
181     $conditions7 = '( '.implode(' OR ', $keywordfull7).' )';
183     $sql  = "SELECT *
184                FROM {user}
185               WHERE deleted = 0
186                     AND id <> :userid
187                     AND $conditions";  // Exclude oneself
188     $sql2 = "SELECT u.*, p.summary
189                FROM {user} u, {post} p
190               WHERE $conditions2
191                     AND u.deleted = 0
192                     AND u.id=p.userid
193                     AND u.id <> :userid";
194     $sql3 = "SELECT u.*, p.subject AS postsubject
195                FROM {user} u, {post} p
196               WHERE $conditions3
197                     AND u.deleted = 0
198                     AND u.id=p.userid
199                     AND u.id <> :userid";
200     $sql4 = "SELECT u.*, c.content
201                FROM {user} u, {comments} c
202                WHERE $conditions4
203                     AND u.deleted = 0
204                     AND u.id=c.userid
205                     AND u.id <> :userid";
206     $sql5 = "SELECT u.*, m.fullmessage
207                FROM {user} u, {message} m
208               WHERE $conditions5
209                     AND u.deleted = 0
210                     AND u.id=m.useridfrom
211                     AND u.id <> :userid";
212     $sql6 = "SELECT u.*, fp.message
213                FROM {user} u, {forum_posts} fp
214               WHERE $conditions6
215                     AND u.deleted = 0
216                     AND u.id=fp.userid
217                     AND u.id <> :userid";
218     $sql7 = "SELECT u.*, fp.subject
219                FROM {user} u, {forum_posts} fp
220               WHERE $conditions7
221                     AND u.deleted = 0
222                     AND u.id=fp.userid
223                     AND u.id <> :userid";
225     $spamusers_desc = $DB->get_recordset_sql($sql, $params);
226     $spamusers_blog = $DB->get_recordset_sql($sql2, $params);
227     $spamusers_blogsub = $DB->get_recordset_sql($sql3, $params);
228     $spamusers_comment = $DB->get_recordset_sql($sql4, $params);
229     $spamusers_message = $DB->get_recordset_sql($sql5, $params);
230     $spamusers_forumpost = $DB->get_recordset_sql($sql6, $params);
231     $spamusers_forumpostsub = $DB->get_recordset_sql($sql7, $params);
233     $keywordlist = implode(', ', $keywords);
234     echo $OUTPUT->box(get_string('spamresult', 'tool_spamcleaner').s($keywordlist)).' ...';
236     print_user_list(array($spamusers_desc,
237                           $spamusers_blog,
238                           $spamusers_blogsub,
239                           $spamusers_comment,
240                           $spamusers_message,
241                           $spamusers_forumpost,
242                           $spamusers_forumpostsub
243                          ),
244                          $keywords);
249 function print_user_list($users_rs, $keywords) {
250     global $CFG, $SESSION;
252     // reset session everytime this function is called
253     $SESSION->users_result = array();
254     $count = 0;
256     foreach ($users_rs as $rs){
257         foreach ($rs as $user) {
258             if (!$count) {
259                 echo '<table border="1" width="100%" id="data-grid"><tr><th>&nbsp;</th><th>'.get_string('user','admin').'</th><th>'.get_string('spamdesc', 'tool_spamcleaner').'</th><th>'.get_string('spamoperation', 'tool_spamcleaner').'</th></tr>';
260             }
261             $count++;
262             filter_user($user, $keywords, $count);
263         }
264     }
266     if (!$count) {
267         echo get_string('spamcannotfinduser', 'tool_spamcleaner');
269     } else {
270         echo '</table>';
271         echo '<div class="mld-align">
272               <button id="removeall_btn">'.get_string('spamdeleteall', 'tool_spamcleaner').'</button>
273               </div>';
274     }
276 function filter_user($user, $keywords, $count) {
277     global $CFG;
278     $image_search = false;
279     if (in_array('<img', $keywords)) {
280         $image_search = true;
281     }
282     if (isset($user->summary)) {
283         $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->summary;
284         unset($user->summary);
285     } else if (isset($user->postsubject)) {
286         $user->description = '<h3>'.get_string('spamfromblog', 'tool_spamcleaner').'</h3>'.$user->postsubject;
287         unset($user->postsubject);
288     } else if (isset($user->content)) {
289         $user->description = '<h3>'.get_string('spamfromcomments', 'tool_spamcleaner').'</h3>'.$user->content;
290         unset($user->content);
291     } else if (isset($user->fullmessage)) {
292         $user->description = '<h3>'.get_string('spamfrommessages', 'tool_spamcleaner').'</h3>'.$user->fullmessage;
293         unset($user->fullmessage);
294     } else if (isset($user->message)) {
295         $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->message;
296         unset($user->message);
297     } else if (isset($user->subject)) {
298         $user->description = '<h3>'.get_string('spamfromforumpost', 'tool_spamcleaner').'</h3>'.$user->subject;
299         unset($user->subject);
300     }
302     if (preg_match('#<img.*src=[\"\']('.$CFG->wwwroot.')#', $user->description, $matches)
303         && $image_search) {
304         $result = false;
305         foreach ($keywords as $keyword) {
306             if (preg_match('#'.$keyword.'#', $user->description)
307                 && ($keyword != '<img')) {
308                 $result = true;
309             }
310         }
311         if ($result) {
312             echo print_user_entry($user, $keywords, $count);
313         } else {
314             unset($user);
315         }
316     } else {
317         echo print_user_entry($user, $keywords, $count);
318     }
322 function print_user_entry($user, $keywords, $count) {
324     global $SESSION, $CFG;
326     $smalluserobject = new stdClass();      // All we need to delete them later
327     $smalluserobject->id = $user->id;
328     $smalluserobject->email = $user->email;
329     $smalluserobject->auth = $user->auth;
330     $smalluserobject->firstname = $user->firstname;
331     $smalluserobject->lastname = $user->lastname;
332     $smalluserobject->username = $user->username;
334     if (empty($SESSION->users_result[$user->id])) {
335         $SESSION->users_result[$user->id] = $smalluserobject;
336         $html = '<tr valign="top" id="row-'.$user->id.'" class="result-row">';
337         $html .= '<td width="10">'.$count.'</td>';
338         $html .= '<td width="30%" align="left"><a href="'.$CFG->wwwroot."/user/view.php?course=1&amp;id=".$user->id.'" title="'.s($user->username).'">'.fullname($user).'</a>';
340         $html .= "<ul>";
341         $profile_set = array('city'=>true, 'country'=>true, 'email'=>true);
342         foreach ($profile_set as $key=>$value) {
343             if (isset($user->$key)){
344                 $html .= '<li>'.$user->$key.'</li>';
345             }
346         }
347         $html .= "</ul>";
348         $html .= '</td>';
350         foreach ($keywords as $keyword) {
351             $user->description = highlight($keyword, $user->description);
352         }
354         if (!isset($user->descriptionformat)) {
355             $user->descriptionformat = FORMAT_MOODLE;
356         }
358         $html .= '<td align="left">'.format_text($user->description, $user->descriptionformat, array('overflowdiv'=>true)).'</td>';
359         $html .= '<td width="100px" align="center">';
360         $html .= '<button onclick="M.tool_spamcleaner.del_user(this,'.$user->id.')">'.get_string('deleteuser', 'admin').'</button><br />';
361         $html .= '<button onclick="M.tool_spamcleaner.ignore_user(this,'.$user->id.')">'.get_string('ignore', 'admin').'</button>';
362         $html .= '</td>';
363         $html .= '</tr>';
364         return $html;
365     } else {
366         return null;
367     }
372 echo $OUTPUT->footer();