public function execute()
{
$params = $this->extractRequestParams();
$this->requireOnlyOneParameter($params, 'vars', 'rcid', 'logid');
// "Anti-DoS"
if (!$this->getUser()->isAllowed('abusefilter-modify')) {
$this->dieUsage('You don\'t have permission to test abuse filters', 'permissiondenied');
}
$vars = null;
if ($params['vars']) {
$vars = new AbuseFilterVariableHolder();
$pairs = FormatJson::decode($params['vars'], true);
foreach ($pairs as $name => $value) {
$vars->setVar($name, $value);
}
} elseif ($params['rcid']) {
$dbr = wfGetDB(DB_SLAVE);
$row = $dbr->selectRow('recentchanges', '*', array('rc_id' => $params['rcid']), __METHOD__);
if (!$row) {
$this->dieUsageMsg(array('nosuchrcid', $params['rcid']));
}
$vars = AbuseFilter::getVarsFromRCRow($row);
} elseif ($params['logid']) {
$dbr = wfGetDB(DB_SLAVE);
$row = $dbr->selectRow('abuse_filter_log', '*', array('afl_id' => $params['logid']), __METHOD__);
if (!$row) {
$this->dieUsage("There is no abuselog entry with the id ``{$params['logid']}''", 'nosuchlogid');
}
$vars = AbuseFilter::loadVarDump($row->afl_var_dump);
}
if (AbuseFilter::checkSyntax($params['filter']) !== true) {
$this->dieUsage('The filter has invalid syntax', 'badsyntax');
}
$result = AbuseFilter::checkConditions($params['filter'], $vars);
$this->getResult()->addValue(null, $this->getModuleName(), array('result' => $result));
}
/**
* AbuseFilter-GenerateUserVars hook handler that adds a user_mobile variable.
* Altering the variables generated for a specific user
*
* @see hooks.txt in AbuseFilter extension
* @param AbuseFilterVariableHolder $vars object to add vars to
* @param User $user object
* @return bool
*/
public static function onAbuseFilterGenerateUserVars($vars, $user)
{
$context = MobileContext::singleton();
if ($context->shouldDisplayMobileView()) {
$vars->setVar('user_mobile', true);
} else {
$vars->setVar('user_mobile', false);
}
return true;
}
/**
* @param $row
* @return AbuseFilterVariableHolder
*/
public static function getEditVarsFromRCRow($row)
{
$vars = new AbuseFilterVariableHolder();
$title = Title::makeTitle($row->rc_namespace, $row->rc_title);
if ($row->rc_user) {
$user = User::newFromName($row->rc_user_text);
} else {
$user = new User();
$user->setName($row->rc_user_text);
}
$vars->addHolders(self::generateUserVars($user), self::generateTitleVars($title, 'ARTICLE'));
$vars->setVar('ACTION', 'edit');
$vars->setVar('SUMMARY', $row->rc_comment);
$vars->setVar('minor_edit', $row->rc_minor);
$vars->setLazyLoadVar('new_wikitext', 'revision-text-by-id', array('revid' => $row->rc_this_oldid));
if ($row->rc_last_oldid) {
$vars->setLazyLoadVar('old_wikitext', 'revision-text-by-id', array('revid' => $row->rc_last_oldid));
} else {
$vars->setVar('old_wikitext', '');
}
$vars->addHolders(self::getEditVars($title));
return $vars;
}
/**
* Handler for the UploadVerifyFile hook
*
* @param $upload UploadBase
* @param $mime
* @param $error array
*
* @return bool
*/
public static function onUploadVerifyFile($upload, $mime, &$error)
{
global $wgUser, $wgVersion;
$vars = new AbuseFilterVariableHolder();
$title = $upload->getTitle();
if (!$title) {
// If there's no valid title assigned to the upload
// it wont proceed anyway, so no point in filtering it.
return true;
}
$vars->addHolders(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE'));
$vars->setVar('ACTION', 'upload');
// We us the hexadecimal version of the file sha1
if (version_compare($wgVersion, '1.21', '>=')) {
// Use UploadBase::getTempFileSha1Base36 so that we don't have to calculate the sha1 sum again
$sha1 = wfBaseConvert($upload->getTempFileSha1Base36(), 36, 16, 40);
} else {
// UploadBase::getTempFileSha1Base36 wasn't public until 1.21
$sha1 = sha1_file($upload->getTempPath());
}
$vars->setVar('file_sha1', $sha1);
$filter_result = AbuseFilter::filterAction($vars, $title);
if (!$filter_result->isOK()) {
$error = $filter_result->getErrorsArray();
$error = $error[0];
}
return $filter_result->isOK();
}
public static function onUploadVerification($saveName, $tempName, &$error)
{
$vars = new AbuseFilterVariableHolder();
global $wgUser;
$title = Title::makeTitle(NS_FILE, $saveName);
$vars->addHolder(AbuseFilterVariableHolder::merge(AbuseFilter::generateUserVars($wgUser), AbuseFilter::generateTitleVars($title, 'FILE')));
$vars->setVar('ACTION', 'upload');
$vars->setVar('file_sha1', sha1_file($tempName));
// TODO share with save
$filter_result = AbuseFilter::filterAction($vars, $title);
if (is_string($filter_result)) {
$error = $filter_result;
}
return $filter_result == '' || $filter_result === true;
}
/**
* Check for abusive or spammy content
*
* Check the following in sequence (cheapest processing to most expensive,
* returning if we get a hit):
* 1) Respect $wgSpamRegex
* 2) Check SpamBlacklist
* 3) Check AbuseFilter
*
* @param $value string the text to check
* @param $pageId int the page ID
*/
private function findAbuse(&$value, $pageId)
{
// Respect $wgSpamRegex
global $wgSpamRegex;
if (is_array($wgSpamRegex) && count($wgSpamRegex) > 0 || is_string($wgSpamRegex) && strlen($wgSpamRegex) > 0) {
// In older versions, $wgSpamRegex may be a single string rather than
// an array of regexes, so make it compatible.
$regexes = (array) $wgSpamRegex;
foreach ($regexes as $regex) {
if (preg_match($regex, $value)) {
return true;
}
}
}
// Create a fake title so we can pretend this is an article edit
$title = Title::newFromText('__article_feedback_5__');
// Check SpamBlacklist, if installed
if (function_exists('wfSpamBlacklistObject')) {
$spam = wfSpamBlacklistObject();
$ret = $spam->filter($title, $value, '');
if ($ret !== false) {
return true;
}
}
// Check AbuseFilter, if installed
if (class_exists('AbuseFilter')) {
global $wgUser;
$vars = new AbuseFilterVariableHolder();
$vars->addHolder(AbuseFilter::generateUserVars($wgUser));
$vars->addHolder(AbuseFilter::generateTitleVars($title, 'FEEDBACK'));
$vars->setVar('SUMMARY', 'Article Feedback 5');
$vars->setVar('ACTION', 'feedback');
$vars->setVar('old_wikitext', '');
$vars->setVar('new_wikitext', $value);
$vars->addHolder(AbuseFilter::getEditVars($title));
$filter_result = AbuseFilter::filterAction($vars, $title);
return $filter_result != '' && $filter_result !== true;
}
return false;
}
/**
* @param $name
* @param $value
* @throws AFPUserVisibleException
*/
protected function setUserVariable($name, $value)
{
$builderValues = AbuseFilter::getBuilderValues();
if (array_key_exists($name, $builderValues['vars'])) {
throw new AFPUserVisibleException('overridebuiltin', $this->mCur->pos, array($name));
}
$this->mVars->setVar($name, $value);
}
