1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-27 17:00:52 +01:00

Merge pull request #678 from Zankaria/format-filter

Format filter
This commit is contained in:
Lorenzo Yario 2024-02-23 09:15:13 -08:00 committed by GitHub
commit 3d05ba0247
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -10,54 +10,63 @@ class Filter {
public $flood_check; public $flood_check;
private $condition; private $condition;
private $post; private $post;
public function __construct(array $arr) { public function __construct(array $arr) {
foreach ($arr as $key => $value) foreach ($arr as $key => $value) {
$this->$key = $value; $this->$key = $value;
}
} }
public function match($condition, $match) { public function match($condition, $match) {
$condition = strtolower($condition); $condition = strtolower($condition);
$post = &$this->post; $post = &$this->post;
switch($condition) { switch($condition) {
case 'custom': case 'custom':
if (!is_callable($match)) if (!is_callable($match)) {
error('Custom condition for filter is not callable!'); error('Custom condition for filter is not callable!');
}
return $match($post); return $match($post);
case 'flood-match': case 'flood-match':
if (!is_array($match)) if (!is_array($match)) {
error('Filter condition "flood-match" must be an array.'); error('Filter condition "flood-match" must be an array.');
}
// Filter out "flood" table entries which do not match this filter. // Filter out "flood" table entries which do not match this filter.
$flood_check_matched = array(); $flood_check_matched = array();
foreach ($this->flood_check as $flood_post) { foreach ($this->flood_check as $flood_post) {
foreach ($match as $flood_match_arg) { foreach ($match as $flood_match_arg) {
switch ($flood_match_arg) { switch ($flood_match_arg) {
case 'ip': case 'ip':
if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR']) if ($flood_post['ip'] != $_SERVER['REMOTE_ADDR']) {
continue 3; continue 3;
}
break; break;
case 'body': case 'body':
if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup'])) if ($flood_post['posthash'] != make_comment_hex($post['body_nomarkup'])) {
continue 3; continue 3;
}
break; break;
case 'file': case 'file':
if (!isset($post['filehash'])) if (!isset($post['filehash'])) {
return false; return false;
if ($flood_post['filehash'] != $post['filehash']) }
if ($flood_post['filehash'] != $post['filehash']) {
continue 3; continue 3;
}
break; break;
case 'board': case 'board':
if ($flood_post['board'] != $post['board']) if ($flood_post['board'] != $post['board']) {
continue 3; continue 3;
}
break; break;
case 'isreply': case 'isreply':
if ($flood_post['isreply'] == $post['op']) if ($flood_post['isreply'] == $post['op']) {
continue 3; continue 3;
}
break; break;
default: default:
error('Invalid filter flood condition: ' . $flood_match_arg); error('Invalid filter flood condition: ' . $flood_match_arg);
@ -65,9 +74,8 @@ class Filter {
} }
$flood_check_matched[] = $flood_post; $flood_check_matched[] = $flood_post;
} }
$this->flood_check = $flood_check_matched; $this->flood_check = $flood_check_matched;
return !empty($this->flood_check); return !empty($this->flood_check);
case 'flood-time': case 'flood-time':
foreach ($this->flood_check as $flood_post) { foreach ($this->flood_check as $flood_post) {
@ -97,8 +105,9 @@ class Filter {
case 'filehash': case 'filehash':
return $match === $post['filehash']; return $match === $post['filehash'];
case 'filename': case 'filename':
if (!$post['files']) if (!$post['files']) {
return false; return false;
}
foreach ($post['files'] as $file) { foreach ($post['files'] as $file) {
if (preg_match($match, $file['filename'])) { if (preg_match($match, $file['filename'])) {
@ -107,8 +116,9 @@ class Filter {
} }
return false; return false;
case 'extension': case 'extension':
if (!$post['files']) if (!$post['files']) {
return false; return false;
}
foreach ($post['files'] as $file) { foreach ($post['files'] as $file) {
if (preg_match($match, $file['extension'])) { if (preg_match($match, $file['extension'])) {
@ -130,56 +140,63 @@ class Filter {
error('Unknown filter condition: ' . $condition); error('Unknown filter condition: ' . $condition);
} }
} }
public function action() { public function action() {
global $board; global $board;
$this->add_note = isset($this->add_note) ? $this->add_note : false; $this->add_note = isset($this->add_note) ? $this->add_note : false;
if ($this->add_note) { if ($this->add_note) {
$query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)'); $query = prepare('INSERT INTO ``ip_notes`` VALUES (NULL, :ip, :mod, :time, :body)');
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']); $query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':mod', -1); $query->bindValue(':mod', -1);
$query->bindValue(':time', time()); $query->bindValue(':time', time());
$query->bindValue(':body', "Autoban message: ".$this->post['body']); $query->bindValue(':body', "Autoban message: ".$this->post['body']);
$query->execute() or error(db_error($query)); $query->execute() or error(db_error($query));
} }
if (isset ($this->action)) switch($this->action) { if (isset($this->action)) {
case 'reject': switch($this->action) {
error(isset($this->message) ? $this->message : 'Posting throttled by filter.'); case 'reject':
case 'ban': error(isset($this->message) ? $this->message : 'Posting throttled by filter.');
if (!isset($this->reason)) case 'ban':
error('The ban action requires a reason.'); if (!isset($this->reason)) {
error('The ban action requires a reason.');
$this->expires = isset($this->expires) ? $this->expires : false; }
$this->reject = isset($this->reject) ? $this->reject : true;
$this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
if ($this->reject) { $this->expires = isset($this->expires) ? $this->expires : false;
if (isset($this->message)) $this->reject = isset($this->reject) ? $this->reject : true;
error($message); $this->all_boards = isset($this->all_boards) ? $this->all_boards : false;
checkBan($board['uri']); Bans::new_ban($_SERVER['REMOTE_ADDR'], $this->reason, $this->expires, $this->all_boards ? false : $board['uri'], -1);
exit;
} if ($this->reject) {
if (isset($this->message)) {
break; error($message);
default: }
error('Unknown filter action: ' . $this->action);
checkBan($board['uri']);
exit;
}
break;
default:
error('Unknown filter action: ' . $this->action);
}
} }
} }
public function check(array $post) { public function check(array $post) {
$this->post = $post; $this->post = $post;
foreach ($this->condition as $condition => $value) { foreach ($this->condition as $condition => $value) {
if ($condition[0] == '!') { if ($condition[0] == '!') {
$NOT = true; $NOT = true;
$condition = substr($condition, 1); $condition = substr($condition, 1);
} else $NOT = false; } else {
$NOT = false;
if ($this->match($condition, $value) == $NOT) }
if ($this->match($condition, $value) == $NOT) {
return false; return false;
}
} }
return true; return true;
} }
@ -187,39 +204,41 @@ class Filter {
function purge_flood_table() { function purge_flood_table() {
global $config; global $config;
// Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not // Determine how long we need to keep a cache of posts for flood prevention. Unfortunately, it is not
// aware of flood filters in other board configurations. You can solve this problem by settings the // aware of flood filters in other board configurations. You can solve this problem by settings the
// config variable $config['flood_cache'] (seconds). // config variable $config['flood_cache'] (seconds).
if ($config['flood_cache'] != -1) { if ($config['flood_cache'] != -1) {
$max_time = &$config['flood_cache']; $max_time = &$config['flood_cache'];
} else { } else {
$max_time = 0; $max_time = 0;
foreach ($config['filters'] as $filter) { foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-time'])) if (isset($filter['condition']['flood-time'])) {
$max_time = max($max_time, $filter['condition']['flood-time']); $max_time = max($max_time, $filter['condition']['flood-time']);
}
} }
} }
$time = time() - $max_time; $time = time() - $max_time;
query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error()); query("DELETE FROM ``flood`` WHERE `time` < $time") or error(db_error());
} }
function do_filters(array $post) { function do_filters(array $post) {
global $config; global $config;
if (!isset($config['filters']) || empty($config['filters'])) if (!isset($config['filters']) || empty($config['filters'])) {
return; return;
}
foreach ($config['filters'] as $filter) { foreach ($config['filters'] as $filter) {
if (isset($filter['condition']['flood-match'])) { if (isset($filter['condition']['flood-match'])) {
$has_flood = true; $has_flood = true;
break; break;
} }
} }
if (isset($has_flood)) { if (isset($has_flood)) {
if ($post['has_file']) { if ($post['has_file']) {
$query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash"); $query = prepare("SELECT * FROM ``flood`` WHERE `ip` = :ip OR `posthash` = :posthash OR `filehash` = :filehash");
@ -236,14 +255,14 @@ function do_filters(array $post) {
} else { } else {
$flood_check = false; $flood_check = false;
} }
foreach ($config['filters'] as $filter_array) { foreach ($config['filters'] as $filter_array) {
$filter = new Filter($filter_array); $filter = new Filter($filter_array);
$filter->flood_check = $flood_check; $filter->flood_check = $flood_check;
if ($filter->check($post)) if ($filter->check($post)) {
$filter->action(); $filter->action();
}
} }
purge_flood_table(); purge_flood_table();
} }