/**
* Compile the search and replace arguments that have to be used
* to handle censor word replacements.
*
* This is implemented as a separate call, so formatting code
* can load the compiled arguments, to call preg_replace() on
* data on its own. This saves a lot of function calls, which
* improves the overall speed.
*
* @return array
* An array containing two elements:
* - an array of regular expressions that is used for searching for
* bad words. If no bad words have been configured, then NULL is returned.
* - The string to replace bad words with.
* This is the PHORUM_BAD_WORDS constant. We pushed it in here, in
* case we want to make this variable in the future.
*/
function phorum_api_format_censor_compile()
{
static $search = '';
// Load the badwords and compile the replacement regexp.
if ($search === '') {
$words = phorum_api_ban_list(PHORUM_BAD_WORDS);
if (!empty($words)) {
$search = array();
foreach ($words as $word) {
$search[] = "/\\b" . preg_quote($word['string'], '/') . "(ing|ed|s|er|es)*\\b/i";
}
} else {
$search = NULL;
}
}
return array($search, PHORUM_BADWORD_REPLACE);
}
/**
* Evaluate a value against the ban list for the current forum
* to see if there is a match.
*
* The id of the current forum is taken from $PHORUM['forum_id'].
*
* @param mixed $value
* The value to check.
* In case a check is run against the {@link PHORUM_BAD_IPS} type,
* then this parameter can be NULL. This funciton will then
* automatically use the IP address of the remote host.
*
* @param integer $type
* The type of banlist to check against. This is one of:
* - {@link PHORUM_BAD_NAMES}
* - {@link PHORUM_BAD_EMAILS}
* - {@link PHORUM_BAD_USERID}
* - {@link PHORUM_BAD_IPS}
* - {@link PHORUM_BAD_SPAM_WORDS}
*
* @return bool
* An error message in case the value matches the banlist, NULL otherwise.
*/
function phorum_api_ban_check($value, $type)
{
global $PHORUM;
$values = array($value);
// Retrieve the ban list for the requisted type of ban.
$list = phorum_api_ban_list($type);
if (empty($list)) {
return NULL;
}
// For IP bans, a value of NULL is allowed for checking. In that
// case, we will use the IP address of the remote host automatically.
if ($value === NULL && $type == PHORUM_BAD_IPS) {
if (isset($_SERVER['REMOTE_ADDR'])) {
$value = $_SERVER['REMOTE_ADDR'];
$values = array($value);
} else {
return NULL;
}
}
// If the value is empty, then the decision is easy.
$value = trim($value);
if ($value == '') {
return NULL;
}
// When an IP-address is used for a PHORUM_BAD_IPS check, then we
// do a hostname lookup. The host or domain name might be blacklisted too.
if (!empty($PHORUM['dns_lookup']) && $type == PHORUM_BAD_IPS && preg_match('/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/', $value)) {
$resolved = @gethostbyaddr($value);
if (!empty($resolved) && $resolved != $value) {
$values[] = $resolved;
}
}
// Check if we can find a matching ban list item.
$match = NULL;
foreach ($list as $item) {
foreach ($values as $value) {
if ($item['string'] == '') {
continue;
}
// Handle regular expression matching.
if ($item['pcre']) {
if (@preg_match('/\\b' . $item['string'] . '\\b/i', $value)) {
$match = $value;
break 2;
}
} elseif ($type == PHORUM_BAD_USERID) {
if ($value == $item['string']) {
$match = $value;
break 2;
}
} else {
if (stristr($value, $item['string'])) {
$match = $value;
break 2;
}
}
}
}
if (!$match) {
return NULL;
}
$langkey = $PHORUM['API']['ban']['type2error'][$type];
$message = $PHORUM['DATA']['LANG'][$langkey];
$message = str_replace('%name%', htmlspecialchars($match), $message);
return $message;
}
