function get_first_blacklisted_domain($text)
{
$spamtrap = new_spam_trap(array());
if ($baddomain = $spamtrap->has_blacklisted_urls($text)) {
return $baddomain;
}
}
function contactus_validate(Pieform $form, $values)
{
global $SESSION;
$spamtrap = new_spam_trap(array(array('type' => 'name', 'value' => $values['name']), array('type' => 'email', 'value' => $values['email']), array('type' => 'subject', 'value' => $values['subject']), array('type' => 'body', 'value' => $values['message'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error(null, $msg);
}
}
/**
* @todo add note: because the form select thing will eventually enforce
* that the result for $values['institution'] was in the original lot,
* and because that only allows authmethods that use 'internal' auth, we
* can guarantee that the auth method is internal
*/
function auth_register_validate(Pieform $form, $values)
{
global $SESSION;
$registerterms = get_config('registerterms');
$spamtrap = new_spam_trap(array(array('type' => 'name', 'value' => $values['firstname']), array('type' => 'name', 'value' => $values['lastname']), array('type' => 'email', 'value' => $values['email'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error(null, $msg);
return;
}
$institution = $values['institution'];
safe_require('auth', 'internal');
// First name and last name must contain at least one non whitespace
// character, so that there's something to read
if (!$form->get_error('firstname') && !preg_match('/\\S/', $values['firstname'])) {
$form->set_error('firstname', $form->i18n('required'));
}
if (!$form->get_error('lastname') && !preg_match('/\\S/', $values['lastname'])) {
$form->set_error('lastname', $form->i18n('required'));
}
// The e-mail address cannot already be in the system
if (!$form->get_error('email') && (record_exists('usr', 'email', $values['email']) || record_exists('artefact_internal_profile_email', 'email', $values['email']))) {
$form->set_error('email', get_string('emailalreadytaken', 'auth.internal'));
}
// If the user hasn't agreed to the terms and conditions, don't bother
if ($registerterms && $values['tandc'] != 'yes') {
$form->set_error('tandc', get_string('youmaynotregisterwithouttandc', 'auth.internal'), false);
}
$institution = get_record_sql('
SELECT
i.name, i.maxuseraccounts, i.registerallowed, COUNT(u.id) AS count
FROM {institution} i
LEFT OUTER JOIN {usr_institution} ui ON ui.institution = i.name
LEFT OUTER JOIN {usr} u ON (ui.usr = u.id AND u.deleted = 0)
WHERE
i.name = ?
GROUP BY
i.name, i.maxuseraccounts, i.registerallowed', array($institution));
if (!empty($institution->maxuseraccounts) && $institution->count >= $institution->maxuseraccounts) {
// the institution is full so we need to alert the admins of the institution to this fact so
// they can either increase the maxusers or turn off the public registration.
require_once get_config('docroot') . 'lib/institution.php';
$institutionobj = new Institution($institution->name);
$institutionobj->send_admin_institution_is_full_message();
$form->set_error('institution', get_string('institutionfull'));
}
if (!$institution || !$institution->registerallowed) {
$form->set_error('institution', get_string('registrationnotallowed'));
}
}
function add_annotation_feedback_form_validate(Pieform $form, $values)
{
require_once get_config('libroot') . 'antispam.php';
if ($form->get_property('spam')) {
$spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error('message', $msg);
}
}
// Make sure that the user has not manipulated the ids.
if (empty($values['artefactid']) && empty($values['viewid'])) {
// One of them must have data.
$form->set_error('message', get_string('invalidannotationfeedbacklinkerror', 'artefact.annotation'));
}
if (empty($values['annotationid'])) {
$form->set_error('message', get_string('annotationinformationerror', 'artefact.annotation'));
}
if (!empty($values['viewid']) && !can_view_view($values['viewid'])) {
// The user does not access to this view.
$form->set_error('message', get_string('noaccesstoview', 'view'));
}
if (!empty($values['viewid']) && !artefact_in_view($values['annotationid'], $values['viewid'])) {
// The annotation is not on the view.
$form->set_error('message', get_string('accessdenied', 'error'));
}
if (!empty($values['artefactid']) && !empty($values['viewid']) && !artefact_in_view($values['artefactid'], $values['viewid'])) {
// The artefact is not on the view.
$form->set_error('message', get_string('accessdenied', 'error'));
}
if (empty($values['message'])) {
$form->set_error('message', get_string('annotationfeedbackempty', 'artefact.annotation'));
}
$result = probation_validate_content($values['message']);
if ($result !== true) {
$form->set_error('message', get_string('newuserscantpostlinksorimages'));
}
}
function add_feedback_form_validate(Pieform $form, $values)
{
require_once get_config('libroot') . 'antispam.php';
if ($form->get_property('spam')) {
$spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error('message', $msg);
}
}
if (empty($values['attachments']) && empty($values['message'])) {
$form->set_error('message', get_string('messageempty', 'artefact.comment'));
}
$result = probation_validate_content($values['message']);
if ($result !== true) {
$form->set_error('message', get_string('newuserscantpostlinksorimages'));
}
}
function add_feedback_form_validate(Pieform $form, $values)
{
global $USER, $view, $artefact;
require_once get_config('libroot') . 'antispam.php';
if ($form->get_property('spam')) {
$spamtrap = new_spam_trap(array(array('type' => 'body', 'value' => $values['message'])));
if ($form->spam_error() || $spamtrap->is_spam()) {
$msg = get_string('formerror');
$emailcontact = get_config('emailcontact');
if (!empty($emailcontact)) {
$msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
}
$form->set_error('message', $msg);
}
}
if (empty($values['attachments']) && empty($values['message'])) {
$form->set_error('message', get_string('messageempty', 'artefact.comment'));
}
$result = probation_validate_content($values['message']);
if ($result !== true) {
$form->set_error('message', get_string('newuserscantpostlinksorimages'));
}
if ($values['replyto']) {
$parent = get_record_sql('SELECT
a.id,
acc.private,
a.author,
p.author as grandparentauthor,
acc.deletedby
FROM
{artefact} a
INNER JOIN {artefact_comment_comment} acc
ON a.id = acc.artefact
LEFT OUTER JOIN {artefact} p
ON a.parent = p.id
WHERE
a.id = ?
', array($values['replyto']));
// Parent ID doesn't match an actual comment
if (!$parent) {
$form->set_error('message', get_string('replytonoaccess', 'artefact.comment'));
}
// Can't reply to a deleted comment
if ($parent->deletedby) {
$form->set_error('message', get_string('replytodeletednotallowed', 'artefact.comment'));
}
// Validate that you're allowed to reply to this comment
if (!empty($artefact)) {
$canedit = $USER->can_edit_artefact($artefact);
} else {
$canedit = $USER->can_moderate_view($view);
}
// You can reply to a comment if you can see the comment. Which means if:
// 1. You are the page owner
// 2. OR the comment is public
// 3. OR the comment is a direct reply to one of your comments
if (!($canedit || !$parent->private || $parent->grandparentauthor == $USER->get('id'))) {
$form->set_error('message', get_string('replytonoaccess', 'artefact.comment'));
}
// Validate the public/private setting of this comment
if ($values['ispublic']) {
if (!ArtefactTypeComment::can_public_reply_to_comment($parent->private, $parent->deletedby)) {
$form->set_error('message', get_string('replytonopublicreplyallowed', 'artefact.comment'));
}
} else {
// You are only allowed to post a private reply if you are the page owner, or the parent comment
// is a direct reply to one of your comments
// You also cannot post a private reply to one of your own comments.
if (!ArtefactTypeComment::can_private_reply_to_comment($parent->private, $parent->deletedby, $USER->get('id'), $parent->author, $parent->grandparentauthor, $artefact, $view)) {
$form->set_error('message', get_string('replytonoprivatereplyallowed', 'artefact.comment'));
}
}
}
}