/** * Check if the given message and/or user is banned from posting. * * NOTE: This function could probably be optimized by doing most of the * work in the MySQL database instead of in PHP. In other words, * do the work that isBanned() is doing in a database query, something * like: * * $sql = "SELECT type FROM {$PHORUM['banlist_table']} " * ." WHERE pcre=0 " * ." AND (type=".PHORUM_BAD_IPS." AND string='$p_ip')" * ." OR (type=".PHORUM_BAD_EMAILS." AND string='".$p_email"')" * ." OR (type=".PHORUM_BAD_NAMES." AND string='$p_name')"; * * @param Phorum_message $p_phorumMessage * @param Phorum_user $p_phorumUser * @param int $p_forumId * @return boolean */ public static function IsPostBanned($p_phorumMessage, $p_phorumUser = null, $p_forumId = null) { global $PHORUM; static $bans; // Fetch the settings and pretend they were returned to // us instead of setting a global variable. phorum_db_load_settings(); $settings = $PHORUM['SETTINGS']; // Cache the ban list. if (!isset($bans)) { // get the bans $bans = Phorum_ban_item::GetBanItems($p_forumId); } // Check if any of them match $banned = array(); foreach ($bans as $ban) { switch ($ban->getType()) { case PHORUM_BAD_NAMES: if ($ban->isBanned($p_phorumMessage->getAuthor())) { $banned[PHORUM_BAD_NAMES] = PHORUM_BAD_NAMES; } if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getUserName())) { $banned[PHORUM_BAD_NAMES] = PHORUM_BAD_NAMES; } break; case PHORUM_BAD_EMAILS: if ($ban->isBanned($p_phorumMessage->getEmail())) { $banned[PHORUM_BAD_EMAILS] = PHORUM_BAD_EMAILS; } if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getEmail())) { $banned[PHORUM_BAD_EMAILS] = PHORUM_BAD_EMAILS; } break; case PHORUM_BAD_USERID: if (!is_null($p_phorumUser) && $ban->isBanned($p_phorumUser->getUserId())) { $banned[PHORUM_BAD_USERID] = PHORUM_BAD_USERID; } break; case PHORUM_BAD_IPS: if ($ban->isBanned($p_phorumMessage->getIpAddress())) { $banned[PHORUM_BAD_IPS] = PHORUM_BAD_IPS; } break; case PHORUM_BAD_SPAM_WORDS: if ($ban->isBanned($p_phorumMessage->getSubject()) || $ban->isBanned($p_phorumMessage->getBody())){ $banned[PHORUM_BAD_SPAM_WORDS] = PHORUM_BAD_SPAM_WORDS; } break; } } if (count($banned) > 0) { return $banned; } else { return false; } } // fn IsPostBanned
?> <tr> <td align="right" valign="top" nowrap><?php putGS('From'); ?>:</td> <td><?php p(htmlspecialchars($comment->getAuthor())); ?> <<?php p(htmlspecialchars($comment->getEmail())); ?>> (<?php p($comment->getIpAddress()); ?>)</td> </tr> <tr> <td align="right" valign="top" nowrap><?php putGS('Date'); ?>:</td> <td><?php p(date('Y-m-d H:i:s', $comment->getCreationDate())); ?></td> </tr> <tr> <td align="right" valign="top" nowrap><?php putGS('Subject'); ?>:</td> <td><?php p(htmlspecialchars($comment->getSubject())); ?></td> </tr> <tr> <td align="right" valign="top" nowrap><?php putGS('Comment'); ?>:</td> <td><?php p(htmlspecialchars($comment->getBody())); ?></td> </tr> </table> <p> <form action="/<?php p($ADMIN); ?>/articles/comments/do_add_comment.php" method="GET"> <?php echo SecurityToken::FormParameter(); ?> <input type="hidden" name="f_language_id" value="<?php p($f_language_id); ?>"> <input type="hidden" name="f_article_number" value="<?php p($f_article_number); ?>"> <input type="hidden" name="f_language_selected" value="<?php p($f_language_selected); ?>"> <input type="hidden" name="f_comment_id" value="<?php p($f_comment_id); ?>"> <table border="0" cellspacing="0" cellpadding="0" class="box_table"> <tr> <td colspan="2" style="padding-left: 5px;"> <b><?php putGS('Reply to comment'); ?></b> <hr noshade size="1" color="black" /> </td>