Exemplo n.º 1
0
/**
 * Checks topics and replies against the discussion blacklist of blocked keys
 *
 * @since 2.0.0 bbPress (r3446)
 *
 * @param array $anonymous_data Anonymous user data
 * @param int $author_id Topic or reply author ID
 * @param string $title The title of the content
 * @param string $content The content being posted
 * @uses bbp_is_user_keymaster() Allow keymasters to bypass blacklist
 * @uses bbp_current_author_ip() To get current user IP address
 * @uses bbp_current_author_ua() To get current user agent
 * @return bool True if test is passed, false if fail
 */
function bbp_check_for_blacklist($anonymous_data = false, $author_id = 0, $title = '', $content = '')
{
    // Allow for blacklist check to be skipped
    if (apply_filters('bbp_bypass_check_for_blacklist', false, $anonymous_data, $author_id, $title, $content)) {
        return true;
    }
    // Bail if keymaster is author
    if (!empty($author_id) && bbp_is_user_keymaster($author_id)) {
        return true;
    }
    /** Blacklist *************************************************************/
    /**
     * Filters the bbPress blacklist keys.
     *
     * @since 2.6.0 bbPress (r6050)
     *
     * @param string $blacklist List of blacklist keys. One per new line.
     */
    $blacklist = apply_filters('bbp_blacklist_keys', trim(get_option('blacklist_keys')));
    // Bail if blacklist is empty
    if (empty($blacklist)) {
        return true;
    }
    /** User Data *************************************************************/
    // Define local variable
    $_post = array();
    // Map anonymous user data
    if (!empty($anonymous_data)) {
        $_post['author'] = $anonymous_data['bbp_anonymous_name'];
        $_post['email'] = $anonymous_data['bbp_anonymous_email'];
        $_post['url'] = $anonymous_data['bbp_anonymous_website'];
        // Map current user data
    } elseif (!empty($author_id)) {
        // Get author data
        $user = get_userdata($author_id);
        // If data exists, map it
        if (!empty($user)) {
            $_post['author'] = $user->display_name;
            $_post['email'] = $user->user_email;
            $_post['url'] = $user->user_url;
        }
    }
    // Current user IP and user agent
    $_post['user_ip'] = bbp_current_author_ip();
    $_post['user_ua'] = bbp_current_author_ua();
    // Post title and content
    $_post['title'] = $title;
    $_post['content'] = $content;
    // Ensure HTML tags are not being used to bypass the blacklist.
    $_post['comment_without_html'] = wp_strip_all_tags($content);
    /** Words *****************************************************************/
    // Get words separated by new lines
    $words = explode("\n", $blacklist);
    // Loop through words
    foreach ((array) $words as $word) {
        // Trim the whitespace from the word
        $word = trim($word);
        // Skip empty lines
        if (empty($word)) {
            continue;
        }
        // Do some escaping magic so that '#' chars in the
        // spam words don't break things:
        $word = preg_quote($word, '#');
        $pattern = "#{$word}#i";
        // Loop through post data
        foreach ($_post as $post_data) {
            // Check each user data for current word
            if (preg_match($pattern, $post_data)) {
                // Post does not pass
                return false;
            }
        }
    }
    // Check passed successfully
    return true;
}
Exemplo n.º 2
0
/**
 * Checks topics and replies against the discussion blacklist of blocked keys
 *
 * @since bbPress (r3446)
 *
 * @param array $anonymous_data Anonymous user data
 * @param int $author_id Topic or reply author ID
 * @param string $title The title of the content
 * @param string $content The content being posted
 * @uses is_super_admin() Allow super admins to bypass blacklist
 * @uses bbp_current_author_ip() To get current user IP address
 * @uses bbp_current_author_ua() To get current user agent
 * @return bool True if test is passed, false if fail
 */
function bbp_check_for_blacklist($anonymous_data = false, $author_id = 0, $title = '', $content = '')
{
    // Bail if super admin is author
    if (is_super_admin($author_id)) {
        return true;
    }
    // Define local variable
    $_post = array();
    /** Blacklist *************************************************************/
    // Get the moderation keys
    $blacklist = trim(get_option('blacklist_keys'));
    // Bail if blacklist is empty
    if (empty($blacklist)) {
        return true;
    }
    /** User Data *************************************************************/
    // Map anonymous user data
    if (!empty($anonymous_data)) {
        $_post['author'] = $anonymous_data['bbp_anonymous_name'];
        $_post['email'] = $anonymous_data['bbp_anonymous_email'];
        $_post['url'] = $anonymous_data['bbp_anonymous_website'];
        // Map current user data
    } elseif (!empty($author_id)) {
        // Get author data
        $user = get_userdata($author_id);
        // If data exists, map it
        if (!empty($user)) {
            $_post['author'] = $user->display_name;
            $_post['email'] = $user->user_email;
            $_post['url'] = $user->user_url;
        }
    }
    // Current user IP and user agent
    $_post['user_ip'] = bbp_current_author_ip();
    $_post['user_ua'] = bbp_current_author_ua();
    // Post title and content
    $_post['title'] = $title;
    $_post['content'] = $content;
    /** Words *****************************************************************/
    // Get words separated by new lines
    $words = explode("\n", $blacklist);
    // Loop through words
    foreach ((array) $words as $word) {
        // Trim the whitespace from the word
        $word = trim($word);
        // Skip empty lines
        if (empty($word)) {
            continue;
        }
        // Do some escaping magic so that '#' chars in the
        // spam words don't break things:
        $word = preg_quote($word, '#');
        $pattern = "#{$word}#i";
        // Loop through post data
        foreach ($_post as $post_data) {
            // Check each user data for current word
            if (preg_match($pattern, $post_data)) {
                // Post does not pass
                return false;
            }
        }
    }
    // Check passed successfully
    return true;
}