search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / LinkFilter.php
blobd552c69615fcca62fcd149bf981a96679f01b134
1 <?php
2 /**
3 * Functions to help implement an external link filter for spam control.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * Some functions to help implement an external link filter for spam control.
25 *
26 * @todo implement the filter. Currently these are just some functions to help
27 * maintenance/cleanupSpam.php remove links to a single specified domain. The
28 * next thing is to implement functions for checking a given page against a big
29 * list of domains.
30 *
31 * Another cool thing to do would be a web interface for fast spam removal.
32 */
33 class LinkFilter {
34
35 /**
36 * Check whether $content contains a link to $filterEntry
37 *
38 * @param $content Content: content to check
39 * @param string $filterEntry domainparts, see makeRegex() for more details
40 * @return Integer: 0 if no match or 1 if there's at least one match
41 */
42 static function matchEntry( Content $content, $filterEntry ) {
43 if ( !( $content instanceof TextContent ) ) {
44 //TODO: handle other types of content too.
45 // Maybe create ContentHandler::matchFilter( LinkFilter ).
46 // Think about a common base class for LinkFilter and MagicWord.
47 return 0;
48 }
49
50 $text = $content->getNativeData();
51
52 $regex = LinkFilter::makeRegex( $filterEntry );
53 return preg_match( $regex, $text );
54 }
55
56 /**
57 * Builds a regex pattern for $filterEntry.
58 *
59 * @param string $filterEntry URL, if it begins with "*.", it'll be
60 * replaced to match any subdomain
61 * @return String: regex pattern, for preg_match()
62 */
63 private static function makeRegex( $filterEntry ) {
64 $regex = '!http://';
65 if ( substr( $filterEntry, 0, 2 ) == '*.' ) {
66 $regex .= '(?:[A-Za-z0-9.-]+\.|)';
67 $filterEntry = substr( $filterEntry, 2 );
68 }
69 $regex .= preg_quote( $filterEntry, '!' ) . '!Si';
70 return $regex;
71 }
72
73 /**
74 * Make an array to be used for calls to DatabaseBase::buildLike(), which
75 * will match the specified string. There are several kinds of filter entry:
76 * *.domain.com - Produces http://com.domain.%, matches domain.com
77 * and www.domain.com
78 * domain.com - Produces http://com.domain./%, matches domain.com
79 * or domain.com/ but not www.domain.com
80 * *.domain.com/x - Produces http://com.domain.%/x%, matches
81 * www.domain.com/xy
82 * domain.com/x - Produces http://com.domain./x%, matches
83 * domain.com/xy but not www.domain.com/xy
84 *
85 * Asterisks in any other location are considered invalid.
86 *
87 * @param string $filterEntry domainparts
88 * @param $prot String: protocol
89 * @return Array to be passed to DatabaseBase::buildLike() or false on error
90 */
91 public static function makeLikeArray( $filterEntry, $prot = 'http://' ) {
92 $db = wfGetDB( DB_MASTER );
93 if ( substr( $filterEntry, 0, 2 ) == '*.' ) {
94 $subdomains = true;
95 $filterEntry = substr( $filterEntry, 2 );
96 if ( $filterEntry == '' ) {
97 // We don't want to make a clause that will match everything,
98 // that could be dangerous
99 return false;
100 }
101 } else {
102 $subdomains = false;
103 }
104 // No stray asterisks, that could cause confusion
105 // It's not simple or efficient to handle it properly so we don't
106 // handle it at all.
107 if ( strpos( $filterEntry, '*' ) !== false ) {
108 return false;
109 }
110 $slash = strpos( $filterEntry, '/' );
111 if ( $slash !== false ) {
112 $path = substr( $filterEntry, $slash );
113 $host = substr( $filterEntry, 0, $slash );
114 } else {
115 $path = '/';
116 $host = $filterEntry;
117 }
118 // Reverse the labels in the hostname, convert to lower case
119 // For emails reverse domainpart only
120 if ( $prot == 'mailto:' && strpos( $host, '@' ) ) {
121 // complete email address
122 $mailparts = explode( '@', $host );
123 $domainpart = strtolower( implode( '.', array_reverse( explode( '.', $mailparts[1] ) ) ) );
124 $host = $domainpart . '@' . $mailparts[0];
125 $like = array( "$prot$host", $db->anyString() );
126 } elseif ( $prot == 'mailto:' ) {
127 // domainpart of email address only. do not add '.'
128 $host = strtolower( implode( '.', array_reverse( explode( '.', $host ) ) ) );
129 $like = array( "$prot$host", $db->anyString() );
130 } else {
131 $host = strtolower( implode( '.', array_reverse( explode( '.', $host ) ) ) );
132 if ( substr( $host, -1, 1 ) !== '.' ) {
133 $host .= '.';
134 }
135 $like = array( "$prot$host" );
136
137 if ( $subdomains ) {
138 $like[] = $db->anyString();
139 }
140 if ( !$subdomains || $path !== '/' ) {
141 $like[] = $path;
142 $like[] = $db->anyString();
143 }
144 }
145 return $like;
146 }
147
148 /**
149 * Filters an array returned by makeLikeArray(), removing everything past first pattern placeholder.
150 *
151 * @param array $arr array to filter
152 * @return array filtered array
153 */
154 public static function keepOneWildcard( $arr ) {
155 if ( !is_array( $arr ) ) {
156 return $arr;
157 }
158
159 foreach ( $arr as $key => $value ) {
160 if ( $value instanceof LikeMatch ) {
161 return array_slice( $arr, 0, $key + 1 );
162 }
163 }
164
165 return $arr;
166 }
167 }
MediaWiki Core