public function execute() { $params = $this->extractRequestParams(); $this->requireOnlyOneParameter($params, 'vars', 'rcid', 'logid'); // "Anti-DoS" if (!$this->getUser()->isAllowed('abusefilter-modify')) { $this->dieUsage('You don\'t have permission to test abuse filters', 'permissiondenied'); } $vars = null; if ($params['vars']) { $vars = new AbuseFilterVariableHolder(); $pairs = FormatJson::decode($params['vars'], true); foreach ($pairs as $name => $value) { $vars->setVar($name, $value); } } elseif ($params['rcid']) { $dbr = wfGetDB(DB_SLAVE); $row = $dbr->selectRow('recentchanges', '*', array('rc_id' => $params['rcid']), __METHOD__); if (!$row) { $this->dieUsageMsg(array('nosuchrcid', $params['rcid'])); } $vars = AbuseFilter::getVarsFromRCRow($row); } elseif ($params['logid']) { $dbr = wfGetDB(DB_SLAVE); $row = $dbr->selectRow('abuse_filter_log', '*', array('afl_id' => $params['logid']), __METHOD__); if (!$row) { $this->dieUsage("There is no abuselog entry with the id ``{$params['logid']}''", 'nosuchlogid'); } $vars = AbuseFilter::loadVarDump($row->afl_var_dump); } if (AbuseFilter::checkSyntax($params['filter']) !== true) { $this->dieUsage('The filter has invalid syntax', 'badsyntax'); } $result = AbuseFilter::checkConditions($params['filter'], $vars); $this->getResult()->addValue(null, $this->getModuleName(), array('result' => $result)); }
/** * AbuseFilter-GenerateUserVars hook handler that adds a user_mobile variable. * Altering the variables generated for a specific user * * @see hooks.txt in AbuseFilter extension * @param AbuseFilterVariableHolder $vars object to add vars to * @param User $user object * @return bool */ public static function onAbuseFilterGenerateUserVars($vars, $user) { $context = MobileContext::singleton(); if ($context->shouldDisplayMobileView()) { $vars->setVar('user_mobile', true); } else { $vars->setVar('user_mobile', false); } return true; }
/** * @param $row * @return AbuseFilterVariableHolder */ public static function getEditVarsFromRCRow($row) { $vars = new AbuseFilterVariableHolder(); $title = Title::makeTitle($row->rc_namespace, $row->rc_title); if ($row->rc_user) { $user = User::newFromName($row->rc_user_text); } else { $user = new User(); $user->setName($row->rc_user_text); } $vars->addHolders(self::generateUserVars($user), self::generateTitleVars($title, 'ARTICLE')); $vars->setVar('ACTION', 'edit'); $vars->setVar('SUMMARY', $row->rc_comment); $vars->setVar('minor_edit', $row->rc_minor); $vars->setLazyLoadVar('new_wikitext', 'revision-text-by-id', array('revid' => $row->rc_this_oldid)); if ($row->rc_last_oldid) { $vars->setLazyLoadVar('old_wikitext', 'revision-text-by-id', array('revid' => $row->rc_last_oldid)); } else { $vars->setVar('old_wikitext', ''); } $vars->addHolders(self::getEditVars($title)); return $vars; }
/** * Handler for the UploadVerifyFile hook * * @param $upload UploadBase * @param $mime * @param $error array * * @return bool */ public static function onUploadVerifyFile($upload, $mime, &$error) { global $wgUser, $wgVersion; $vars = new AbuseFilterVariableHolder(); $title = $upload->getTitle(); if (!$title) { // If there's no valid title assigned to the upload // it wont proceed anyway, so no point in filtering it. return true; } $vars->addHolders(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE')); $vars->setVar('ACTION', 'upload'); // We us the hexadecimal version of the file sha1 if (version_compare($wgVersion, '1.21', '>=')) { // Use UploadBase::getTempFileSha1Base36 so that we don't have to calculate the sha1 sum again $sha1 = wfBaseConvert($upload->getTempFileSha1Base36(), 36, 16, 40); } else { // UploadBase::getTempFileSha1Base36 wasn't public until 1.21 $sha1 = sha1_file($upload->getTempPath()); } $vars->setVar('file_sha1', $sha1); $filter_result = AbuseFilter::filterAction($vars, $title); if (!$filter_result->isOK()) { $error = $filter_result->getErrorsArray(); $error = $error[0]; } return $filter_result->isOK(); }
public static function onUploadVerification($saveName, $tempName, &$error) { $vars = new AbuseFilterVariableHolder(); global $wgUser; $title = Title::makeTitle(NS_FILE, $saveName); $vars->addHolder(AbuseFilterVariableHolder::merge(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE'))); $vars->setVar('ACTION', 'upload'); $vars->setVar('file_sha1', sha1_file($tempName)); // TODO share with save $filter_result = AbuseFilter::filterAction($vars, $title); if (is_string($filter_result)) { $error = $filter_result; } return $filter_result == '' || $filter_result === true; }
/** * Check for abusive or spammy content * * Check the following in sequence (cheapest processing to most expensive, * returning if we get a hit): * 1) Respect $wgSpamRegex * 2) Check SpamBlacklist * 3) Check AbuseFilter * * @param $value string the text to check * @param $pageId int the page ID */ private function findAbuse(&$value, $pageId) { // Respect $wgSpamRegex global $wgSpamRegex; if (is_array($wgSpamRegex) && count($wgSpamRegex) > 0 || is_string($wgSpamRegex) && strlen($wgSpamRegex) > 0) { // In older versions, $wgSpamRegex may be a single string rather than // an array of regexes, so make it compatible. $regexes = (array) $wgSpamRegex; foreach ($regexes as $regex) { if (preg_match($regex, $value)) { return true; } } } // Create a fake title so we can pretend this is an article edit $title = Title::newFromText('__article_feedback_5__'); // Check SpamBlacklist, if installed if (function_exists('wfSpamBlacklistObject')) { $spam = wfSpamBlacklistObject(); $ret = $spam->filter($title, $value, ''); if ($ret !== false) { return true; } } // Check AbuseFilter, if installed if (class_exists('AbuseFilter')) { global $wgUser; $vars = new AbuseFilterVariableHolder(); $vars->addHolder(AbuseFilter::generateUserVars($wgUser)); $vars->addHolder(AbuseFilter::generateTitleVars($title, 'FEEDBACK')); $vars->setVar('SUMMARY', 'Article Feedback 5'); $vars->setVar('ACTION', 'feedback'); $vars->setVar('old_wikitext', ''); $vars->setVar('new_wikitext', $value); $vars->addHolder(AbuseFilter::getEditVars($title)); $filter_result = AbuseFilter::filterAction($vars, $title); return $filter_result != '' && $filter_result !== true; } return false; }
/** * @param $name * @param $value * @throws AFPUserVisibleException */ protected function setUserVariable($name, $value) { $builderValues = AbuseFilter::getBuilderValues(); if (array_key_exists($name, $builderValues['vars'])) { throw new AFPUserVisibleException('overridebuiltin', $this->mCur->pos, array($name)); } $this->mVars->setVar($name, $value); }