3 * StatusNet, the distributed open-source microblogging tool
5 * Plugin to prevent use of nicknames or URLs on a blacklist
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2010 StatusNet Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * Plugin to prevent use of nicknames or URLs on a blacklist
39 * @author Evan Prodromou <evan@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
44 class BlacklistPlugin extends Plugin
46 const VERSION = STATUSNET_VERSION;
48 public $nicknames = array();
49 public $urls = array();
50 public $canAdmin = true;
52 function _getNicknamePatterns()
54 $confNicknames = $this->_configArray('blacklist', 'nicknames');
56 $dbNicknames = Nickname_blacklist::getPatterns();
58 return array_merge($this->nicknames,
63 function _getUrlPatterns()
65 $confURLs = $this->_configArray('blacklist', 'urls');
67 $dbURLs = Homepage_blacklist::getPatterns();
69 return array_merge($this->urls,
75 * Database schema setup
77 * @return boolean hook value
80 function onCheckSchema()
82 $schema = Schema::get();
84 // For storing blacklist patterns for nicknames
86 $schema->ensureTable('nickname_blacklist',
87 array(new ColumnDef('pattern',
92 new ColumnDef('created',
97 $schema->ensureTable('homepage_blacklist',
98 array(new ColumnDef('pattern',
103 new ColumnDef('created',
112 * Retrieve an array from configuration
114 * Carefully checks a section.
116 * @param string $section Configuration section
117 * @param string $setting Configuration setting
119 * @return array configuration values
122 function _configArray($section, $setting)
124 $config = common_config($section, $setting);
126 if (empty($config)) {
128 } else if (is_array($config)) {
130 } else if (is_string($config)) {
131 return explode("\r\n", $config);
133 throw new Exception("Unknown data type for config $section + $setting");
138 * Hook registration to prevent blacklisted homepages or nicknames
140 * Throws an exception if there's a blacklisted homepage or nickname.
142 * @param Action $action Action being called (usually register)
144 * @return boolean hook value
147 function onStartRegistrationTry($action)
149 $homepage = strtolower($action->trimmed('homepage'));
151 if (!empty($homepage)) {
152 if (!$this->_checkUrl($homepage)) {
153 $msg = sprintf(_m("You may not register with homepage '%s'"),
155 throw new ClientException($msg);
159 $nickname = strtolower($action->trimmed('nickname'));
161 if (!empty($nickname)) {
162 if (!$this->_checkNickname($nickname)) {
163 $msg = sprintf(_m("You may not register with nickname '%s'"),
165 throw new ClientException($msg);
173 * Hook profile update to prevent blacklisted homepages or nicknames
175 * Throws an exception if there's a blacklisted homepage or nickname.
177 * @param Action $action Action being called (usually register)
179 * @return boolean hook value
182 function onStartProfileSaveForm($action)
184 $homepage = strtolower($action->trimmed('homepage'));
186 if (!empty($homepage)) {
187 if (!$this->_checkUrl($homepage)) {
188 $msg = sprintf(_m("You may not use homepage '%s'"),
190 throw new ClientException($msg);
194 $nickname = strtolower($action->trimmed('nickname'));
196 if (!empty($nickname)) {
197 if (!$this->_checkNickname($nickname)) {
198 $msg = sprintf(_m("You may not use nickname '%s'"),
200 throw new ClientException($msg);
208 * Hook notice save to prevent blacklisted urls
210 * Throws an exception if there's a blacklisted url in the content.
212 * @param Notice &$notice Notice being saved
214 * @return boolean hook value
217 function onStartNoticeSave(&$notice)
219 common_replace_urls_callback($notice->content,
220 array($this, 'checkNoticeUrl'));
225 * Helper callback for notice save
227 * Throws an exception if there's a blacklisted url in the content.
229 * @param string $url URL in the notice content
231 * @return boolean hook value
234 function checkNoticeUrl($url)
236 // It comes in special'd, so we unspecial it
237 // before comparing against patterns
239 $url = htmlspecialchars_decode($url);
241 if (!$this->_checkUrl($url)) {
242 $msg = sprintf(_m("You may not use url '%s' in notices"),
244 throw new ClientException($msg);
251 * Helper for checking URLs
253 * Checks an URL against our patterns for a match.
255 * @param string $url URL to check
257 * @return boolean true means it's OK, false means it's bad
260 private function _checkUrl($url)
262 $patterns = $this->_getUrlPatterns();
264 foreach ($patterns as $pattern) {
265 if (preg_match("/$pattern/", $url)) {
274 * Helper for checking nicknames
276 * Checks a nickname against our patterns for a match.
278 * @param string $nickname nickname to check
280 * @return boolean true means it's OK, false means it's bad
283 private function _checkNickname($nickname)
285 $patterns = $this->_getNicknamePatterns();
287 foreach ($patterns as $pattern) {
288 if (preg_match("/$pattern/", $nickname)) {
297 * Add our actions to the URL router
299 * @param Net_URL_Mapper $m URL mapper for this hit
301 * @return boolean hook return
304 function onRouterInitialized($m)
306 $m->connect('admin/blacklist', array('action' => 'blacklistadminpanel'));
311 * Auto-load our classes if called
313 * @param string $cls Class to load
315 * @return boolean hook return
318 function onAutoload($cls)
320 switch (strtolower($cls))
322 case 'nickname_blacklist':
323 case 'homepage_blacklist':
324 include_once INSTALLDIR.'/plugins/Blacklist/'.ucfirst($cls).'.php';
326 case 'blacklistadminpanelaction':
327 $base = strtolower(mb_substr($cls, 0, -6));
328 include_once INSTALLDIR.'/plugins/Blacklist/'.$base.'.php';
336 * Plugin version data
338 * @param array &$versions array of version blocks
340 * @return boolean hook value
343 function onPluginVersion(&$versions)
345 $versions[] = array('name' => 'Blacklist',
346 'version' => self::VERSION,
347 'author' => 'Evan Prodromou',
349 'http://status.net/wiki/Plugin:Blacklist',
351 _m('Keep a blacklist of forbidden nickname '.
352 'and URL patterns.'));
357 * Determines if our admin panel can be shown
359 * @param string $name name of the admin panel
360 * @param boolean &$isOK result
362 * @return boolean hook value
365 function onAdminPanelCheck($name, &$isOK)
367 if ($name == 'blacklist') {
368 $isOK = $this->canAdmin;
376 * Add our tab to the admin panel
378 * @param Widget $nav Admin panel nav
380 * @return boolean hook value
383 function onEndAdminPanelNav($nav)
385 if (AdminPanelAction::canAdmin('blacklist')) {
387 $action_name = $nav->action->trimmed('action');
389 $nav->out->menuItem(common_local_url('blacklistadminpanel'),
391 _('Blacklist configuration'),
392 $action_name == 'blacklistadminpanel',
393 'nav_blacklist_admin_panel');
399 function onEndDeleteUserForm($action, $user)
401 $cur = common_current_user();
403 if (empty($cur) || !$cur->hasRight(Right::CONFIGURESITE)) {
407 $profile = $user->getProfile();
409 if (empty($profile)) {
413 $action->elementStart('ul', 'form_data');
414 $action->elementStart('li');
415 $this->checkboxAndText($action,
417 _('Add this nickname pattern to blacklist'),
418 'blacklistnicknamepattern',
419 $this->patternizeNickname($user->nickname));
420 $action->elementEnd('li');
422 if (!empty($profile->homepage)) {
423 $action->elementStart('li');
424 $this->checkboxAndText($action,
426 _('Add this homepage pattern to blacklist'),
427 'blacklisthomepagepattern',
428 $this->patternizeHomepage($profile->homepage));
429 $action->elementEnd('li');
432 $action->elementEnd('ul');
435 function onEndDeleteUser($action, $user)
437 if ($action->boolean('blacklisthomepage')) {
438 $pattern = $action->trimmed('blacklisthomepagepattern');
439 Homepage_blacklist::ensurePattern($pattern);
442 if ($action->boolean('blacklistnickname')) {
443 $pattern = $action->trimmed('blacklistnicknamepattern');
444 Nickname_blacklist::ensurePattern($pattern);
450 function checkboxAndText($action, $checkID, $label, $textID, $value)
452 $action->element('input', array('name' => $checkID,
453 'type' => 'checkbox',
454 'class' => 'checkbox',
459 $action->element('label', array('class' => 'checkbox',
465 $action->element('input', array('name' => $textID,
471 function patternizeNickname($nickname)
476 function patternizeHomepage($homepage)
478 $hostname = parse_url($homepage, PHP_URL_HOST);