3 * StatusNet, the distributed open-source microblogging tool
5 * Plugin to prevent use of nicknames or URLs on a blacklist
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Evan Prodromou <evan@status.net>
25 * @copyright 2010 StatusNet Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET')) {
35 * Plugin to prevent use of nicknames or URLs on a blacklist
39 * @author Evan Prodromou <evan@status.net>
40 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
41 * @link http://status.net/
44 class BlacklistPlugin extends Plugin
46 const VERSION = STATUSNET_VERSION;
48 public $nicknames = array();
49 public $urls = array();
50 public $canAdmin = true;
52 private $_nicknamePatterns = array();
53 private $_urlPatterns = array();
56 * Initialize the plugin
63 $confNicknames = $this->_configArray('blacklist', 'nicknames');
65 $dbNicknames = Nickname_blacklist::getPatterns();
67 $this->_nicknamePatterns = array_merge($this->nicknames,
71 $confURLs = $this->_configArray('blacklist', 'urls');
73 $dbURLs = Homepage_blacklist::getPatterns();
75 $this->_urlPatterns = array_merge($this->urls,
81 * Database schema setup
83 * @return boolean hook value
86 function onCheckSchema()
88 $schema = Schema::get();
90 // For storing blacklist patterns for nicknames
92 $schema->ensureTable('nickname_blacklist',
93 array(new ColumnDef('pattern',
98 new ColumnDef('created',
103 $schema->ensureTable('homepage_blacklist',
104 array(new ColumnDef('pattern',
109 new ColumnDef('created',
118 * Retrieve an array from configuration
120 * Carefully checks a section.
122 * @param string $section Configuration section
123 * @param string $setting Configuration setting
125 * @return array configuration values
128 function _configArray($section, $setting)
130 $config = common_config($section, $setting);
132 if (empty($config)) {
134 } else if (is_array($config)) {
136 } else if (is_string($config)) {
137 return explode("\r\n", $config);
139 throw new Exception("Unknown data type for config $section + $setting");
144 * Hook registration to prevent blacklisted homepages or nicknames
146 * Throws an exception if there's a blacklisted homepage or nickname.
148 * @param Action $action Action being called (usually register)
150 * @return boolean hook value
153 function onStartRegistrationTry($action)
155 $homepage = strtolower($action->trimmed('homepage'));
157 if (!empty($homepage)) {
158 if (!$this->_checkUrl($homepage)) {
159 $msg = sprintf(_m("You may not register with homepage '%s'"),
161 throw new ClientException($msg);
165 $nickname = strtolower($action->trimmed('nickname'));
167 if (!empty($nickname)) {
168 if (!$this->_checkNickname($nickname)) {
169 $msg = sprintf(_m("You may not register with nickname '%s'"),
171 throw new ClientException($msg);
179 * Hook profile update to prevent blacklisted homepages or nicknames
181 * Throws an exception if there's a blacklisted homepage or nickname.
183 * @param Action $action Action being called (usually register)
185 * @return boolean hook value
188 function onStartProfileSaveForm($action)
190 $homepage = strtolower($action->trimmed('homepage'));
192 if (!empty($homepage)) {
193 if (!$this->_checkUrl($homepage)) {
194 $msg = sprintf(_m("You may not use homepage '%s'"),
196 throw new ClientException($msg);
200 $nickname = strtolower($action->trimmed('nickname'));
202 if (!empty($nickname)) {
203 if (!$this->_checkNickname($nickname)) {
204 $msg = sprintf(_m("You may not use nickname '%s'"),
206 throw new ClientException($msg);
214 * Hook notice save to prevent blacklisted urls
216 * Throws an exception if there's a blacklisted url in the content.
218 * @param Notice &$notice Notice being saved
220 * @return boolean hook value
223 function onStartNoticeSave(&$notice)
225 common_replace_urls_callback($notice->content,
226 array($this, 'checkNoticeUrl'));
231 * Helper callback for notice save
233 * Throws an exception if there's a blacklisted url in the content.
235 * @param string $url URL in the notice content
237 * @return boolean hook value
240 function checkNoticeUrl($url)
242 // It comes in special'd, so we unspecial it
243 // before comparing against patterns
245 $url = htmlspecialchars_decode($url);
247 if (!$this->_checkUrl($url)) {
248 $msg = sprintf(_m("You may not use url '%s' in notices"),
250 throw new ClientException($msg);
257 * Helper for checking URLs
259 * Checks an URL against our patterns for a match.
261 * @param string $url URL to check
263 * @return boolean true means it's OK, false means it's bad
266 private function _checkUrl($url)
268 foreach ($this->_urlPatterns as $pattern) {
269 if (preg_match("/$pattern/", $url)) {
278 * Helper for checking nicknames
280 * Checks a nickname against our patterns for a match.
282 * @param string $nickname nickname to check
284 * @return boolean true means it's OK, false means it's bad
287 private function _checkNickname($nickname)
289 foreach ($this->_nicknamePatterns as $pattern) {
290 if (preg_match("/$pattern/", $nickname)) {
299 * Add our actions to the URL router
301 * @param Net_URL_Mapper $m URL mapper for this hit
303 * @return boolean hook return
306 function onRouterInitialized($m)
308 $m->connect('admin/blacklist', array('action' => 'blacklistadminpanel'));
313 * Auto-load our classes if called
315 * @param string $cls Class to load
317 * @return boolean hook return
320 function onAutoload($cls)
322 switch (strtolower($cls))
324 case 'nickname_blacklist':
325 case 'homepage_blacklist':
326 include_once INSTALLDIR.'/plugins/Blacklist/'.ucfirst($cls).'.php';
328 case 'blacklistadminpanelaction':
329 $base = strtolower(mb_substr($cls, 0, -6));
330 include_once INSTALLDIR.'/plugins/Blacklist/'.$base.'.php';
338 * Plugin version data
340 * @param array &$versions array of version blocks
342 * @return boolean hook value
345 function onPluginVersion(&$versions)
347 $versions[] = array('name' => 'Blacklist',
348 'version' => self::VERSION,
349 'author' => 'Evan Prodromou',
351 'http://status.net/wiki/Plugin:Blacklist',
353 _m('Keep a blacklist of forbidden nickname '.
354 'and URL patterns.'));
359 * Determines if our admin panel can be shown
361 * @param string $name name of the admin panel
362 * @param boolean &$isOK result
364 * @return boolean hook value
367 function onAdminPanelCheck($name, &$isOK)
369 if ($name == 'blacklist') {
370 $isOK = $this->canAdmin;
378 * Add our tab to the admin panel
380 * @param Widget $nav Admin panel nav
382 * @return boolean hook value
385 function onEndAdminPanelNav($nav)
387 if (AdminPanelAction::canAdmin('blacklist')) {
389 $action_name = $nav->action->trimmed('action');
391 $nav->out->menuItem(common_local_url('blacklistadminpanel'),
393 _('Blacklist configuration'),
394 $action_name == 'blacklistadminpanel',
395 'nav_blacklist_admin_panel');
401 function onEndDeleteUserForm($action, $user)
403 $cur = common_current_user();
405 if (empty($cur) || !$cur->hasRight(Right::CONFIGURESITE)) {
409 $profile = $user->getProfile();
411 if (empty($profile)) {
415 $action->elementStart('ul', 'form_data');
416 $action->elementStart('li');
417 $this->checkboxAndText($action,
419 _('Add this nickname pattern to blacklist'),
420 'blacklistnicknamepattern',
421 $this->patternizeNickname($user->nickname));
422 $action->elementEnd('li');
424 if (!empty($profile->homepage)) {
425 $action->elementStart('li');
426 $this->checkboxAndText($action,
428 _('Add this homepage pattern to blacklist'),
429 'blacklisthomepagepattern',
430 $this->patternizeHomepage($profile->homepage));
431 $action->elementEnd('li');
434 $action->elementEnd('ul');
437 function onEndDeleteUser($action, $user)
439 if ($action->boolean('blacklisthomepage')) {
440 $pattern = $action->trimmed('blacklisthomepagepattern');
441 Homepage_blacklist::ensurePattern($pattern);
444 if ($action->boolean('blacklistnickname')) {
445 $pattern = $action->trimmed('blacklistnicknamepattern');
446 Nickname_blacklist::ensurePattern($pattern);
452 function checkboxAndText($action, $checkID, $label, $textID, $value)
454 $action->element('input', array('name' => $checkID,
455 'type' => 'checkbox',
456 'class' => 'checkbox',
461 $action->element('label', array('class' => 'checkbox',
467 $action->element('input', array('name' => $textID,
473 function patternizeNickname($nickname)
478 function patternizeHomepage($homepage)
480 $hostname = parse_url($homepage, PHP_URL_HOST);