[ Index ]

PHP Cross Reference of BuddyPress

title

Body

[close]

/src/bp-core/ -> bp-core-moderation.php (source)

   1  <?php
   2  /**
   3   * BuddyPress Moderation Functions.
   4   *
   5   * @package BuddyPress
   6   * @subpackage Core
   7   * @since 1.6.0
   8   */
   9  
  10  // Exit if accessed directly.
  11  defined( 'ABSPATH' ) || exit;
  12  
  13  /** Moderation ****************************************************************/
  14  
  15  /**
  16   * Check for flooding.
  17   *
  18   * Check to make sure that a user is not making too many posts in a short amount
  19   * of time.
  20   *
  21   * @since 1.6.0
  22   *
  23   * @param int $user_id User id to check for flood.
  24   * @return bool True if there is no flooding, false if there is.
  25   */
  26  function bp_core_check_for_flood( $user_id = 0 ) {
  27  
  28      // Option disabled. No flood checks.
  29      if ( !$throttle_time = bp_get_option( '_bp_throttle_time' ) ) {
  30          return true;
  31      }
  32  
  33      // Bail if no user ID passed.
  34      if ( empty( $user_id ) ) {
  35          return false;
  36      }
  37  
  38      $last_posted = get_user_meta( $user_id, '_bp_last_posted', true );
  39      if ( isset( $last_posted ) && ( time() < ( $last_posted + $throttle_time ) ) && !current_user_can( 'throttle' ) ) {
  40          return false;
  41      }
  42  
  43      return true;
  44  }
  45  
  46  /**
  47   * Check for moderation keys and too many links.
  48   *
  49   * @since 1.6.0
  50   * @since 2.6.0 Added $error_type parameter.
  51   *
  52   * @param int    $user_id    User ID.
  53   * @param string $title      The title of the content.
  54   * @param string $content    The content being posted.
  55   * @param string $error_type The error type to return. Either 'bool' or 'wp_error'.
  56   * @return bool|WP_Error True if test is passed, false if fail.
  57   */
  58  function bp_core_check_for_moderation( $user_id = 0, $title = '', $content = '', $error_type = 'bool' ) {
  59  
  60      /**
  61       * Filters whether or not to bypass checking for moderation keys and too many links.
  62       *
  63       * @since 2.2.0
  64       *
  65       * @param bool   $value   Whether or not to bypass checking. Default false.
  66       * @param int    $user_id Topic of reply author ID.
  67       * @param string $title   The title of the content.
  68       * @param string $content $the content being posted.
  69       */
  70      if ( apply_filters( 'bp_bypass_check_for_moderation', false, $user_id, $title, $content ) ) {
  71          return true;
  72      }
  73  
  74      // Bail if super admin is author.
  75      if ( is_super_admin( $user_id ) ) {
  76          return true;
  77      }
  78  
  79      // Define local variable(s).
  80      $_post     = array();
  81      $match_out = '';
  82  
  83      /** User Data ************************************************************
  84       */
  85  
  86      if ( ! empty( $user_id ) ) {
  87  
  88          // Get author data.
  89          $user = get_userdata( $user_id );
  90  
  91          // If data exists, map it.
  92          if ( ! empty( $user ) ) {
  93              $_post['author'] = $user->display_name;
  94              $_post['email']  = $user->user_email;
  95              $_post['url']    = $user->user_url;
  96          }
  97      }
  98  
  99      // Current user IP and user agent.
 100      $_post['user_ip'] = bp_core_current_user_ip();
 101      $_post['user_ua'] = bp_core_current_user_ua();
 102  
 103      // Post title and content.
 104      $_post['title']   = $title;
 105      $_post['content'] = $content;
 106  
 107      /** Max Links ************************************************************
 108       */
 109  
 110      $max_links = get_option( 'comment_max_links' );
 111      if ( ! empty( $max_links ) ) {
 112  
 113          // How many links?
 114          $num_links = preg_match_all( '/(http|ftp|https):\/\//i', $content, $match_out );
 115  
 116          // Allow for bumping the max to include the user's URL.
 117          if ( ! empty( $_post['url'] ) ) {
 118  
 119              /**
 120               * Filters the maximum amount of links allowed to include the user's URL.
 121               *
 122               * @since 1.6.0
 123               *
 124               * @param string $num_links How many links found.
 125               * @param string $value     User's url.
 126               */
 127              $num_links = apply_filters( 'comment_max_links_url', $num_links, $_post['url'] );
 128          }
 129  
 130          // Das ist zu viele links!
 131          if ( $num_links >= $max_links ) {
 132              if ( 'bool' === $error_type ) {
 133                  return false;
 134              } else {
 135                  return new WP_Error( 'bp_moderation_too_many_links', __( 'You have posted too many links', 'buddypress' ) );
 136              }
 137          }
 138      }
 139  
 140      /** Blacklist ************************************************************
 141       */
 142  
 143      // Get the moderation keys.
 144      $blacklist = trim( get_option( 'moderation_keys' ) );
 145  
 146      // Bail if blacklist is empty.
 147      if ( ! empty( $blacklist ) ) {
 148  
 149          // Get words separated by new lines.
 150          $words = explode( "\n", $blacklist );
 151  
 152          // Loop through words.
 153          foreach ( (array) $words as $word ) {
 154  
 155              // Trim the whitespace from the word.
 156              $word = trim( $word );
 157  
 158              // Skip empty lines.
 159              if ( empty( $word ) ) {
 160                  continue;
 161              }
 162  
 163              // Do some escaping magic so that '#' chars in the
 164              // spam words don't break things.
 165              $word    = preg_quote( $word, '#' );
 166              $pattern = "#$word#i";
 167  
 168              // Loop through post data.
 169              foreach ( $_post as $post_data ) {
 170  
 171                  // Check each user data for current word.
 172                  if ( preg_match( $pattern, $post_data ) ) {
 173                      if ( 'bool' === $error_type ) {
 174                          return false;
 175                      } else {
 176                          return new WP_Error( 'bp_moderation_word_match', _x( 'You have posted an inappropriate word.', 'Comment moderation', 'buddypress' ) );
 177                      }
 178                  }
 179              }
 180          }
 181      }
 182  
 183      // Check passed successfully.
 184      return true;
 185  }
 186  
 187  /**
 188   * Check for blocked keys.
 189   *
 190   * @since 1.6.0
 191   * @since 2.6.0 Added $error_type parameter.
 192   *
 193   * @todo Why don't we use wp_blacklist_check() for this?
 194   *
 195   * @param int    $user_id    User ID.
 196   * @param string $title      The title of the content.
 197   * @param string $content    The content being posted.
 198   * @param string $error_type The error type to return. Either 'bool' or 'wp_error'.
 199   * @return bool|WP_Error True if test is passed, false if fail.
 200   */
 201  function bp_core_check_for_blacklist( $user_id = 0, $title = '', $content = '', $error_type = 'bool' ) {
 202  
 203      /**
 204       * Filters whether or not to bypass checking for blocked keys.
 205       *
 206       * @since 2.2.0
 207       *
 208       * @param bool   $value   Whether or not to bypass checking. Default false.
 209       * @param int    $user_id Topic of reply author ID.
 210       * @param string $title   The title of the content.
 211       * @param string $content $the content being posted.
 212       */
 213      if ( apply_filters( 'bp_bypass_check_for_blacklist', false, $user_id, $title, $content ) ) {
 214          return true;
 215      }
 216  
 217      // Bail if super admin is author.
 218      if ( is_super_admin( $user_id ) ) {
 219          return true;
 220      }
 221  
 222      // Define local variable.
 223      $_post = array();
 224  
 225      /** Blacklist ************************************************************
 226       */
 227  
 228      // Get the moderation keys.
 229      $blacklist = trim( get_option( 'blacklist_keys' ) );
 230  
 231      // Bail if blacklist is empty.
 232      if ( empty( $blacklist ) ) {
 233          return true;
 234      }
 235  
 236      /** User Data ************************************************************
 237       */
 238  
 239      // Map current user data.
 240      if ( ! empty( $user_id ) ) {
 241  
 242          // Get author data.
 243          $user = get_userdata( $user_id );
 244  
 245          // If data exists, map it.
 246          if ( ! empty( $user ) ) {
 247              $_post['author'] = $user->display_name;
 248              $_post['email']  = $user->user_email;
 249              $_post['url']    = $user->user_url;
 250          }
 251      }
 252  
 253      // Current user IP and user agent.
 254      $_post['user_ip'] = bp_core_current_user_ip();
 255      $_post['user_ua'] = bp_core_current_user_ua();
 256  
 257      // Post title and content.
 258      $_post['title']   = $title;
 259      $_post['content'] = $content;
 260  
 261      /** Words ****************************************************************
 262       */
 263  
 264      // Get words separated by new lines.
 265      $words = explode( "\n", $blacklist );
 266  
 267      // Loop through words.
 268      foreach ( (array) $words as $word ) {
 269  
 270          // Trim the whitespace from the word.
 271          $word = trim( $word );
 272  
 273          // Skip empty lines.
 274          if ( empty( $word ) ) { continue; }
 275  
 276          // Do some escaping magic so that '#' chars in the
 277          // spam words don't break things.
 278          $word    = preg_quote( $word, '#' );
 279          $pattern = "#$word#i";
 280  
 281          // Loop through post data.
 282          foreach( $_post as $post_data ) {
 283  
 284              // Check each user data for current word.
 285              if ( preg_match( $pattern, $post_data ) ) {
 286                  if ( 'bool' === $error_type ) {
 287                      return false;
 288                  } else {
 289                      return new WP_Error( 'bp_moderation_blacklist_match', _x( 'You have posted an inappropriate word.', 'Comment blacklist', 'buddypress' ) );
 290                  }
 291              }
 292          }
 293      }
 294  
 295      // Check passed successfully.
 296      return true;
 297  }
 298  
 299  /**
 300   * Get the current user's IP address.
 301   *
 302   * @since 1.6.0
 303   *
 304   * @return string IP address.
 305   */
 306  function bp_core_current_user_ip() {
 307      $retval = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
 308  
 309      /**
 310       * Filters the current user's IP address.
 311       *
 312       * @since 1.6.0
 313       *
 314       * @param string $retval Current user's IP Address.
 315       */
 316      return apply_filters( 'bp_core_current_user_ip', $retval );
 317  }
 318  
 319  /**
 320   * Get the current user's user-agent.
 321   *
 322   * @since 1.6.0
 323   *
 324   * @return string User agent string.
 325   */
 326  function bp_core_current_user_ua() {
 327  
 328      // Sanity check the user agent.
 329      if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
 330          $retval = substr( $_SERVER['HTTP_USER_AGENT'], 0, 254 );
 331      } else {
 332          $retval = '';
 333      }
 334  
 335      /**
 336       * Filters the current user's user-agent.
 337       *
 338       * @since 1.6.0
 339       *
 340       * @param string $retval Current user's user-agent.
 341       */
 342      return apply_filters( 'bp_core_current_user_ua', $retval );
 343  }


Generated: Mon Jul 22 01:01:43 2019 Cross-referenced by PHPXref 0.7.1