function spamalyser_checks(&$ph, $newthread = false) { // check exclusions before loading full core - for the typical forum, this should give a performance boost $settings =& $GLOBALS['mybb']->settings; $user =& $GLOBALS['mybb']->user; $data =& $ph->data; $postuid = (int) $data['uid']; if (!$newthread) { $newpost = $ph->method == 'insert'; } else { $newpost = true; } $pid = (int) $data['pid']; $tid = (int) $data['tid']; $fid = (int) $data['fid']; if (!$newpost && $pid) { $post = get_post($pid); // cached fetch if (!$postuid) { $postuid = $post['uid']; } } if (!$fid) { // this needs to be set... if ($tid) { $thread = get_thread($tid); $fid = $thread['fid']; } elseif ($pid) { $post = get_post($pid); $fid = $post['fid']; } } // if this is a moderator edit, bail if ($user['uid'] != $postuid) { return; } // or a moderator... if (is_moderator($fid, '', $user['uid'])) { return; } // updating post and message not sent - don't need to check anything if (!$newpost && !$data['message']) { return; } // saving draft, don't bother calculating spam weighting if ($data['savedraft']) { return; } $postcount_incr = false; if ($newpost && $tid) { $forum = get_forum($tid); if ($forum['usepostcounts'] != 0) { $postcount_incr = true; } } if (spamalyser_check_user_thresh($user, $postcount_incr)) { return; } $postcount = max($user['postnum'], 0) + ($postcount_incr ? 1 : 0); // if there's errors and post won't go through, don't bother with calculation if (!empty($ph->errors)) { return; } // go on and calculate weightings require_once MYBB_ROOT . 'inc/plugins/spamalyser/sp_main.php'; spamalyser_run($ph, $newthread, $newpost, $fid, $postcount); }
function &spamalyser_grab_quote_links(&$msg, $pid = 0) { $ret = array(); $opt = $GLOBALS['mybb']->settings['spamalyser_ignore_quotelinks']; if ($opt != 'safe' && $opt != 'any') { $opt = 'off'; } if (!$msg || $opt == 'off') { return $ret; } // read quoted pids from post $pids = array(); preg_match_all('~\\[quote\\=(?:[^\\]"<>]+?|"[^"]+")[^\\]]*? pid\\=(["\'])?(\\d+)\\1[^\\]]*?\\]~i', $msg, $matches); if (!empty($matches[2])) { foreach ($matches[2] as $mpid) { $pids[(int) $mpid] = 1; } } if (function_exists('vbquote_info')) { // vB Quote plugin preg_match_all('~\\[quote\\=(?:[^\\]"<>]+?|"[^"]+");(\\d+)\\]~i', $msg, $matches); if (!empty($matches[1])) { foreach ($matches[1] as $mpid) { $pids[(int) $mpid] = 1; } } } if ($pid) { unset($pids[$pid]); } // if quoting own post... // grab referred posts - we won't consider permissions since user can't actually extract useful info this way (well, feasibly at least) if (empty($pids)) { return $ret; } $pids = array_keys($pids); if (count($pids) > 50) { $pids = array_slice($pids, 0, 50); } // hard limit global $db; if ($opt == 'any') { $query = $db->simple_select('posts', 'uid,message', 'pid IN (' . implode(',', $pids) . ')'); } else { $query = $db->query(' SELECT p.uid, p.message, u.timeonline, u.regdate, u.totalpms, u.postnum, u.usergroup FROM ' . TABLE_PREFIX . 'posts p LEFT JOIN ' . TABLE_PREFIX . 'users u ON p.uid=u.uid WHERE p.pid IN (' . implode(',', $pids) . ') '); } while ($post = $db->fetch_array($query)) { if ($opt == 'safe' && !spamalyser_check_user_thresh($post)) { continue; } // skip "unsafe" quotes if option enabled // note that we don't need to remove matched links because this doesn't mind dupes // scan for links in posts preg_match_all('~\\[url\\]([^\\r\\n"<]+?)\\[/url\\]~is', $post['message'], $links); if (!empty($links)) { foreach ($links[1] as &$link) { $ret[$link] = 1; } } unset($link, $links); preg_match_all('~\\[url=([^\\r\\n"<&\\(\\)]+?|[a-z]+?\\://[^\\r\\n"<]+?)\\].+?\\[/url\\]~is', $post['message'], $links); if (!empty($links)) { foreach ($links[1] as &$link) { $ret[$link] = 1; } } unset($link, $links); preg_match_all('~(?:[\\>\\s\\(\\)])((https?\\://[^\\/"\\s\\<\\[\\.]+|www|ftp)\\.([^\\/"\\s\\<\\[\\.]+\\.)*[\\w]+(\\:[0-9]+)?(/[^"\\s<\\[]*)?)~i', ' ' . $post['message'], $links); if (!empty($links)) { foreach ($links[1] as &$link) { $ret[$link] = 1; } } unset($link, $links); } $db->free_result($query); return $ret; }