Fix for r47482: put the RELEASE-NOTES entry in the "bug fixes" section and not the...
[mediawiki.git] / includes / LinkFilter.php
blobdc4c1256464295443e8db9640cddfc8e3bc5f179
1 <?php
3 /**
4 * Some functions to help implement an external link filter for spam control.
5 *
6 * TODO: implement the filter. Currently these are just some functions to help
7 * maintenance/cleanupSpam.php remove links to a single specified domain. The
8 * next thing is to implement functions for checking a given page against a big
9 * list of domains.
11 * Another cool thing to do would be a web interface for fast spam removal.
13 class LinkFilter {
14 /**
15 * @static
17 static function matchEntry( $text, $filterEntry ) {
18 $regex = LinkFilter::makeRegex( $filterEntry );
19 return preg_match( $regex, $text );
22 /**
23 * @static
25 private static function makeRegex( $filterEntry ) {
26 $regex = '!http://';
27 if ( substr( $filterEntry, 0, 2 ) == '*.' ) {
28 $regex .= '(?:[A-Za-z0-9.-]+\.|)';
29 $filterEntry = substr( $filterEntry, 2 );
31 $regex .= preg_quote( $filterEntry, '!' ) . '!Si';
32 return $regex;
35 /**
36 * Make a string to go after an SQL LIKE, which will match the specified
37 * string. There are several kinds of filter entry:
38 * *.domain.com - Produces http://com.domain.%, matches domain.com
39 * and www.domain.com
40 * domain.com - Produces http://com.domain./%, matches domain.com
41 * or domain.com/ but not www.domain.com
42 * *.domain.com/x - Produces http://com.domain.%/x%, matches
43 * www.domain.com/xy
44 * domain.com/x - Produces http://com.domain./x%, matches
45 * domain.com/xy but not www.domain.com/xy
47 * Asterisks in any other location are considered invalid.
49 * @static
50 * @param $filterEntry String: domainparts
51 * @param $prot String: protocol
53 public static function makeLike( $filterEntry , $prot = 'http://' ) {
54 $db = wfGetDB( DB_MASTER );
55 if ( substr( $filterEntry, 0, 2 ) == '*.' ) {
56 $subdomains = true;
57 $filterEntry = substr( $filterEntry, 2 );
58 if ( $filterEntry == '' ) {
59 // We don't want to make a clause that will match everything,
60 // that could be dangerous
61 return false;
63 } else {
64 $subdomains = false;
66 // No stray asterisks, that could cause confusion
67 // It's not simple or efficient to handle it properly so we don't
68 // handle it at all.
69 if ( strpos( $filterEntry, '*' ) !== false ) {
70 return false;
72 $slash = strpos( $filterEntry, '/' );
73 if ( $slash !== false ) {
74 $path = substr( $filterEntry, $slash );
75 $host = substr( $filterEntry, 0, $slash );
76 } else {
77 $path = '/';
78 $host = $filterEntry;
80 // Reverse the labels in the hostname, convert to lower case
81 // For emails reverse domainpart only
82 if ( $prot == 'mailto:' && strpos($host, '@') ) {
83 // complete email adress
84 $mailparts = explode( '@', $host );
85 $domainpart = strtolower( implode( '.', array_reverse( explode( '.', $mailparts[1] ) ) ) );
86 $host = $domainpart . '@' . $mailparts[0];
87 $like = $db->escapeLike( "$prot$host" ) . "%";
88 } elseif ( $prot == 'mailto:' ) {
89 // domainpart of email adress only. do not add '.'
90 $host = strtolower( implode( '.', array_reverse( explode( '.', $host ) ) ) );
91 $like = $db->escapeLike( "$prot$host" ) . "%";
92 } else {
93 $host = strtolower( implode( '.', array_reverse( explode( '.', $host ) ) ) );
94 if ( substr( $host, -1, 1 ) !== '.' ) {
95 $host .= '.';
97 $like = $db->escapeLike( "$prot$host" );
99 if ( $subdomains ) {
100 $like .= '%';
102 if ( !$subdomains || $path !== '/' ) {
103 $like .= $db->escapeLike( $path ) . '%';
106 return $like;