function get_first_blacklisted_domain($text)
{
    $spamtrap = new_spam_trap(array());
    if ($baddomain = $spamtrap->has_blacklisted_urls($text)) {
        return $baddomain;
    }
}
function contactus_validate(Pieform $form, $values)
{
    global $SESSION;
    $spamtrap = new_spam_trap(array(array('type' => 'name', 'value' => $values['name']), array('type' => 'email', 'value' => $values['email']), array('type' => 'subject', 'value' => $values['subject']), array('type' => 'body', 'value' => $values['message'])));
    if ($form->spam_error() || $spamtrap->is_spam()) {
        $msg = get_string('formerror');
        $emailcontact = get_config('emailcontact');
        if (!empty($emailcontact)) {
            $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
        }
        $form->set_error(null, $msg);
    }
}
/**
 * @todo add note: because the form select thing will eventually enforce
 * that the result for $values['institution'] was in the original lot,
 * and because that only allows authmethods that use 'internal' auth, we
 * can guarantee that the auth method is internal
 */
function auth_register_validate(Pieform $form, $values)
{
    global $SESSION;
    $registerterms = get_config('registerterms');
    $spamtrap = new_spam_trap(array(array('type' => 'name', 'value' => $values['firstname']), array('type' => 'name', 'value' => $values['lastname']), array('type' => 'email', 'value' => $values['email'])));
    if ($form->spam_error() || $spamtrap->is_spam()) {
        $msg = get_string('formerror');
        $emailcontact = get_config('emailcontact');
        if (!empty($emailcontact)) {
            $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
        }
        $form->set_error(null, $msg);
        return;
    }
    $institution = $values['institution'];
    safe_require('auth', 'internal');
    // First name and last name must contain at least one non whitespace
    // character, so that there's something to read
    if (!$form->get_error('firstname') && !preg_match('/\\S/', $values['firstname'])) {
        $form->set_error('firstname', $form->i18n('required'));
    }
    if (!$form->get_error('lastname') && !preg_match('/\\S/', $values['lastname'])) {
        $form->set_error('lastname', $form->i18n('required'));
    }
    // The e-mail address cannot already be in the system
    if (!$form->get_error('email') && (record_exists('usr', 'email', $values['email']) || record_exists('artefact_internal_profile_email', 'email', $values['email']))) {
        $form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
    }
    // If the user hasn't agreed to the terms and conditions, don't bother
    if ($registerterms && $values['tandc'] != 'yes') {
        $form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'), false);
    }
    $institution = get_record_sql('
        SELECT
            i.name, i.maxuseraccounts, i.registerallowed, COUNT(u.id) AS count
        FROM {institution} i
            LEFT OUTER JOIN {usr_institution} ui ON ui.institution = i.name
            LEFT OUTER JOIN {usr} u ON (ui.usr = u.id AND u.deleted = 0)
        WHERE
            i.name = ?
        GROUP BY
            i.name, i.maxuseraccounts, i.registerallowed', array($institution));
    if (!empty($institution->maxuseraccounts) && $institution->count >= $institution->maxuseraccounts) {
        // the institution is full so we need to alert the admins of the institution to this fact so
        // they can either increase the maxusers or turn off the public registration.
        require_once get_config('docroot') . 'lib/institution.php';
        $institutionobj = new Institution($institution->name);
        $institutionobj->send_admin_institution_is_full_message();
        $form->set_error('institution', get_string('institutionfull'));
    }
    if (!$institution || !$institution->registerallowed) {
        $form->set_error('institution', get_string('registrationnotallowed'));
    }
}
Exemple #4
0
function add_annotation_feedback_form_validate(Pieform $form, $values)
{
    require_once get_config('libroot') . 'antispam.php';
    if ($form->get_property('spam')) {
        $spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
        if ($form->spam_error() || $spamtrap->is_spam()) {
            $msg = get_string('formerror');
            $emailcontact = get_config('emailcontact');
            if (!empty($emailcontact)) {
                $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
            }
            $form->set_error('message', $msg);
        }
    }
    // Make sure that the user has not manipulated the ids.
    if (empty($values['artefactid']) && empty($values['viewid'])) {
        // One of them must have data.
        $form->set_error('message', get_string('invalidannotationfeedbacklinkerror', 'artefact.annotation'));
    }
    if (empty($values['annotationid'])) {
        $form->set_error('message', get_string('annotationinformationerror', 'artefact.annotation'));
    }
    if (!empty($values['viewid']) && !can_view_view($values['viewid'])) {
        // The user does not access to this view.
        $form->set_error('message', get_string('noaccesstoview', 'view'));
    }
    if (!empty($values['viewid']) && !artefact_in_view($values['annotationid'], $values['viewid'])) {
        // The annotation is not on the view.
        $form->set_error('message', get_string('accessdenied', 'error'));
    }
    if (!empty($values['artefactid']) && !empty($values['viewid']) && !artefact_in_view($values['artefactid'], $values['viewid'])) {
        // The artefact is not on the view.
        $form->set_error('message', get_string('accessdenied', 'error'));
    }
    if (empty($values['message'])) {
        $form->set_error('message', get_string('annotationfeedbackempty', 'artefact.annotation'));
    }
    $result = probation_validate_content($values['message']);
    if ($result !== true) {
        $form->set_error('message', get_string('newuserscantpostlinksorimages'));
    }
}
function add_feedback_form_validate(Pieform $form, $values)
{
    require_once get_config('libroot') . 'antispam.php';
    if ($form->get_property('spam')) {
        $spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
        if ($form->spam_error() || $spamtrap->is_spam()) {
            $msg = get_string('formerror');
            $emailcontact = get_config('emailcontact');
            if (!empty($emailcontact)) {
                $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
            }
            $form->set_error('message', $msg);
        }
    }
    if (empty($values['attachments']) && empty($values['message'])) {
        $form->set_error('message', get_string('messageempty', 'artefact.comment'));
    }
    $result = probation_validate_content($values['message']);
    if ($result !== true) {
        $form->set_error('message', get_string('newuserscantpostlinksorimages'));
    }
}
Exemple #6
0
function add_feedback_form_validate(Pieform $form, $values)
{
    global $USER, $view, $artefact;
    require_once get_config('libroot') . 'antispam.php';
    if ($form->get_property('spam')) {
        $spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
        if ($form->spam_error() || $spamtrap->is_spam()) {
            $msg = get_string('formerror');
            $emailcontact = get_config('emailcontact');
            if (!empty($emailcontact)) {
                $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
            }
            $form->set_error('message', $msg);
        }
    }
    if (empty($values['attachments']) && empty($values['message'])) {
        $form->set_error('message', get_string('messageempty', 'artefact.comment'));
    }
    $result = probation_validate_content($values['message']);
    if ($result !== true) {
        $form->set_error('message', get_string('newuserscantpostlinksorimages'));
    }
    if ($values['replyto']) {
        $parent = get_record_sql('SELECT
                a.id,
                acc.private,
                a.author,
                p.author as grandparentauthor,
                acc.deletedby
            FROM
                {artefact} a
                INNER JOIN {artefact_comment_comment} acc
                    ON a.id = acc.artefact
                LEFT OUTER JOIN {artefact} p
                    ON a.parent = p.id
            WHERE
                a.id = ?
            ', array($values['replyto']));
        // Parent ID doesn't match an actual comment
        if (!$parent) {
            $form->set_error('message', get_string('replytonoaccess', 'artefact.comment'));
        }
        // Can't reply to a deleted comment
        if ($parent->deletedby) {
            $form->set_error('message', get_string('replytodeletednotallowed', 'artefact.comment'));
        }
        // Validate that you're allowed to reply to this comment
        if (!empty($artefact)) {
            $canedit = $USER->can_edit_artefact($artefact);
        } else {
            $canedit = $USER->can_moderate_view($view);
        }
        // You can reply to a comment if you can see the comment. Which means if:
        // 1. You are the page owner
        // 2. OR the comment is public
        // 3. OR the comment is a direct reply to one of your comments
        if (!($canedit || !$parent->private || $parent->grandparentauthor == $USER->get('id'))) {
            $form->set_error('message', get_string('replytonoaccess', 'artefact.comment'));
        }
        // Validate the public/private setting of this comment
        if ($values['ispublic']) {
            if (!ArtefactTypeComment::can_public_reply_to_comment($parent->private, $parent->deletedby)) {
                $form->set_error('message', get_string('replytonopublicreplyallowed', 'artefact.comment'));
            }
        } else {
            // You are only allowed to post a private reply if you are the page owner, or the parent comment
            // is a direct reply to one of your comments
            // You also cannot post a private reply to one of your own comments.
            if (!ArtefactTypeComment::can_private_reply_to_comment($parent->private, $parent->deletedby, $USER->get('id'), $parent->author, $parent->grandparentauthor, $artefact, $view)) {
                $form->set_error('message', get_string('replytonoprivatereplyallowed', 'artefact.comment'));
            }
        }
    }
}