static function merge()
{
$newHolder = new AbuseFilterVariableHolder();
foreach (func_get_args() as $addHolder) {
$newHolder->addHolder($addHolder);
}
return $newHolder;
}
public function execute()
{
$params = $this->extractRequestParams();
$this->requireOnlyOneParameter($params, 'vars', 'rcid', 'logid');
// "Anti-DoS"
if (!$this->getUser()->isAllowed('abusefilter-modify')) {
$this->dieUsage('You don\'t have permission to test abuse filters', 'permissiondenied');
}
$vars = null;
if ($params['vars']) {
$vars = new AbuseFilterVariableHolder();
$pairs = FormatJson::decode($params['vars'], true);
foreach ($pairs as $name => $value) {
$vars->setVar($name, $value);
}
} elseif ($params['rcid']) {
$dbr = wfGetDB(DB_SLAVE);
$row = $dbr->selectRow('recentchanges', '*', array('rc_id' => $params['rcid']), __METHOD__);
if (!$row) {
$this->dieUsageMsg(array('nosuchrcid', $params['rcid']));
}
$vars = AbuseFilter::getVarsFromRCRow($row);
} elseif ($params['logid']) {
$dbr = wfGetDB(DB_SLAVE);
$row = $dbr->selectRow('abuse_filter_log', '*', array('afl_id' => $params['logid']), __METHOD__);
if (!$row) {
$this->dieUsage("There is no abuselog entry with the id ``{$params['logid']}''", 'nosuchlogid');
}
$vars = AbuseFilter::loadVarDump($row->afl_var_dump);
}
if (AbuseFilter::checkSyntax($params['filter']) !== true) {
$this->dieUsage('The filter has invalid syntax', 'badsyntax');
}
$result = AbuseFilter::checkConditions($params['filter'], $vars);
$this->getResult()->addValue(null, $this->getModuleName(), array('result' => $result));
}
/**
* AbuseFilter-GenerateUserVars hook handler that adds a user_mobile variable.
* Altering the variables generated for a specific user
*
* @see hooks.txt in AbuseFilter extension
* @param AbuseFilterVariableHolder $vars object to add vars to
* @param User $user object
* @return bool
*/
public static function onAbuseFilterGenerateUserVars($vars, $user)
{
$context = MobileContext::singleton();
if ($context->shouldDisplayMobileView()) {
$vars->setVar('user_mobile', true);
} else {
$vars->setVar('user_mobile', false);
}
return true;
}
/**
* @param Title $title
* @param null|Page $page
* @return AbuseFilterVariableHolder
*/
public static function getEditVars($title, Page $page = null)
{
$vars = new AbuseFilterVariableHolder();
// NOTE: $page may end up remaining null, e.g. if $title points to a special page.
if (!$page && $title instanceof Title && $title->canExist()) {
$page = WikiPage::factory($title);
}
$vars->setLazyLoadVar('edit_diff', 'diff', array('oldtext-var' => 'old_wikitext', 'newtext-var' => 'new_wikitext'));
$vars->setLazyLoadVar('edit_diff_pst', 'diff', array('oldtext-var' => 'old_wikitext', 'newtext-var' => 'new_pst'));
$vars->setLazyLoadVar('new_size', 'length', array('length-var' => 'new_wikitext'));
$vars->setLazyLoadVar('old_size', 'length', array('length-var' => 'old_wikitext'));
$vars->setLazyLoadVar('edit_delta', 'subtract', array('val1-var' => 'new_size', 'val2-var' => 'old_size'));
// Some more specific/useful details about the changes.
$vars->setLazyLoadVar('added_lines', 'diff-split', array('diff-var' => 'edit_diff', 'line-prefix' => '+'));
$vars->setLazyLoadVar('removed_lines', 'diff-split', array('diff-var' => 'edit_diff', 'line-prefix' => '-'));
$vars->setLazyLoadVar('added_lines_pst', 'diff-split', array('diff-var' => 'edit_diff_pst', 'line-prefix' => '+'));
// Links
$vars->setLazyLoadVar('added_links', 'link-diff-added', array('oldlink-var' => 'old_links', 'newlink-var' => 'all_links'));
$vars->setLazyLoadVar('removed_links', 'link-diff-removed', array('oldlink-var' => 'old_links', 'newlink-var' => 'all_links'));
$vars->setLazyLoadVar('new_text', 'strip-html', array('html-var' => 'new_html'));
$vars->setLazyLoadVar('old_text', 'strip-html', array('html-var' => 'old_html'));
if ($title instanceof Title) {
$vars->setLazyLoadVar('all_links', 'links-from-wikitext', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'text-var' => 'new_wikitext', 'article' => $page));
$vars->setLazyLoadVar('old_links', 'links-from-wikitext-or-database', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'text-var' => 'old_wikitext'));
$vars->setLazyLoadVar('new_pst', 'parse-wikitext', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'wikitext-var' => 'new_wikitext', 'article' => $page, 'pst' => true));
$vars->setLazyLoadVar('new_html', 'parse-wikitext', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'wikitext-var' => 'new_wikitext', 'article' => $page));
$vars->setLazyLoadVar('old_html', 'parse-wikitext-nonedit', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'wikitext-var' => 'old_wikitext'));
}
return $vars;
}
/**
* Handler for the UploadVerifyFile hook
*
* @param $upload UploadBase
* @param $mime
* @param $error array
*
* @return bool
*/
public static function onUploadVerifyFile($upload, $mime, &$error)
{
global $wgUser, $wgVersion;
$vars = new AbuseFilterVariableHolder();
$title = $upload->getTitle();
if (!$title) {
// If there's no valid title assigned to the upload
// it wont proceed anyway, so no point in filtering it.
return true;
}
$vars->addHolders(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE'));
$vars->setVar('ACTION', 'upload');
// We us the hexadecimal version of the file sha1
if (version_compare($wgVersion, '1.21', '>=')) {
// Use UploadBase::getTempFileSha1Base36 so that we don't have to calculate the sha1 sum again
$sha1 = wfBaseConvert($upload->getTempFileSha1Base36(), 36, 16, 40);
} else {
// UploadBase::getTempFileSha1Base36 wasn't public until 1.21
$sha1 = sha1_file($upload->getTempPath());
}
$vars->setVar('file_sha1', $sha1);
$filter_result = AbuseFilter::filterAction($vars, $title);
if (!$filter_result->isOK()) {
$error = $filter_result->getErrorsArray();
$error = $error[0];
}
return $filter_result->isOK();
}
/**
* Load our global_user_groups variable
* @param AbuseFilterVariableHolder $vars
* @param User $user
* @return bool
*/
static function abuseFilterGenerateUserVars($vars, $user)
{
$vars->setLazyLoadVar('global_user_groups', 'global-user-groups', array('user' => $user));
return true;
}
/**
* @static
* @param $title Title
* @return AbuseFilterVariableHolder
*/
public static function getEditVars($title)
{
$vars = new AbuseFilterVariableHolder();
$vars->setLazyLoadVar('edit_diff', 'diff', array('oldtext-var' => 'old_wikitext', 'newtext-var' => 'new_wikitext'));
$vars->setLazyLoadVar('new_size', 'length', array('length-var' => 'new_wikitext'));
$vars->setLazyLoadVar('old_size', 'length', array('length-var' => 'old_wikitext'));
$vars->setLazyLoadVar('edit_delta', 'subtract', array('val1-var' => 'new_size', 'val2-var' => 'old_size'));
// Some more specific/useful details about the changes.
$vars->setLazyLoadVar('added_lines', 'diff-split', array('diff-var' => 'edit_diff', 'line-prefix' => '+'));
$vars->setLazyLoadVar('removed_lines', 'diff-split', array('diff-var' => 'edit_diff', 'line-prefix' => '-'));
// Links
$vars->setLazyLoadVar('all_links', 'links-from-wikitext', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'text-var' => 'new_wikitext'));
$vars->setLazyLoadVar('old_links', 'links-from-wikitext-or-database', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'text-var' => 'old_wikitext'));
$vars->setLazyLoadVar('added_links', 'link-diff-added', array('oldlink-var' => 'old_links', 'newlink-var' => 'all_links'));
$vars->setLazyLoadVar('removed_links', 'link-diff-removed', array('oldlink-var' => 'old_links', 'newlink-var' => 'all_links'));
$vars->setLazyLoadVar('new_html', 'parse-wikitext', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'wikitext-var' => 'new_wikitext'));
$vars->setLazyLoadVar('new_text', 'strip-html', array('html-var' => 'new_html'));
$vars->setLazyLoadVar('old_html', 'parse-wikitext-nonedit', array('namespace' => $title->getNamespace(), 'title' => $title->getText(), 'wikitext-var' => 'old_wikitext'));
$vars->setLazyLoadVar('old_text', 'strip-html', array('html-var' => 'old_html'));
return $vars;
}
public static function onUploadVerification($saveName, $tempName, &$error)
{
$vars = new AbuseFilterVariableHolder();
global $wgUser;
$title = Title::makeTitle(NS_FILE, $saveName);
$vars->addHolder(AbuseFilterVariableHolder::merge(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE')));
$vars->setVar('ACTION', 'upload');
$vars->setVar('file_sha1', sha1_file($tempName));
// TODO share with save
$filter_result = AbuseFilter::filterAction($vars, $title);
if (is_string($filter_result)) {
$error = $filter_result;
}
return $filter_result == '' || $filter_result === true;
}
/**
* Check for abusive or spammy content
*
* Check the following in sequence (cheapest processing to most expensive,
* returning if we get a hit):
* 1) Respect $wgSpamRegex
* 2) Check SpamBlacklist
* 3) Check AbuseFilter
*
* @param $value string the text to check
* @param $pageId int the page ID
*/
private function findAbuse(&$value, $pageId)
{
// Respect $wgSpamRegex
global $wgSpamRegex;
if (is_array($wgSpamRegex) && count($wgSpamRegex) > 0 || is_string($wgSpamRegex) && strlen($wgSpamRegex) > 0) {
// In older versions, $wgSpamRegex may be a single string rather than
// an array of regexes, so make it compatible.
$regexes = (array) $wgSpamRegex;
foreach ($regexes as $regex) {
if (preg_match($regex, $value)) {
return true;
}
}
}
// Create a fake title so we can pretend this is an article edit
$title = Title::newFromText('__article_feedback_5__');
// Check SpamBlacklist, if installed
if (function_exists('wfSpamBlacklistObject')) {
$spam = wfSpamBlacklistObject();
$ret = $spam->filter($title, $value, '');
if ($ret !== false) {
return true;
}
}
// Check AbuseFilter, if installed
if (class_exists('AbuseFilter')) {
global $wgUser;
$vars = new AbuseFilterVariableHolder();
$vars->addHolder(AbuseFilter::generateUserVars($wgUser));
$vars->addHolder(AbuseFilter::generateTitleVars($title, 'FEEDBACK'));
$vars->setVar('SUMMARY', 'Article Feedback 5');
$vars->setVar('ACTION', 'feedback');
$vars->setVar('old_wikitext', '');
$vars->setVar('new_wikitext', $value);
$vars->addHolder(AbuseFilter::getEditVars($title));
$filter_result = AbuseFilter::filterAction($vars, $title);
return $filter_result != '' && $filter_result !== true;
}
return false;
}
/**
* @param $name
* @param $value
* @throws AFPUserVisibleException
*/
protected function setUserVariable($name, $value)
{
$builderValues = AbuseFilter::getBuilderValues();
if (array_key_exists($name, $builderValues['vars'])) {
throw new AFPUserVisibleException('overridebuiltin', $this->mCur->pos, array($name));
}
$this->mVars->setVar($name, $value);
}
