Skip to:
Content

bbPress.org

Changeset 6855


Ignore:
Timestamp:
08/22/2018 03:11:02 PM (10 months ago)
Author:
johnjamesjacoby
Message:

Moderation: remove references to blacklist/whitelist verbiage.

This change combines 2 functions into 1, merging _blacklist() checks into _moderation() checks. A new $strict parameter is added, when set to true will continue to check against the WordPress blacklist_keys option name.

  • Tests updated
  • bbp_check_for_blacklist() deprecated
  • Error response keys renamed (non breaking - nothing relies on them)
  • Some docs updates

Fixes #3215. For 2.6.

Location:
trunk
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/includes/common/functions.php

    r6848 r6855  
    766766 * @return bool True if test is passed, false if fail
    767767 */
    768 function bbp_check_for_moderation( $anonymous_data = array(), $author_id = 0, $title = '', $content = '' ) {
     768function bbp_check_for_moderation( $anonymous_data = array(), $author_id = 0, $title = '', $content = '', $strict = false ) {
     769
     770    // Strict mode uses WordPress "blacklist" settings
     771    if ( true === $strict ) {
     772        $hook_name   = 'blacklist';
     773        $option_name = 'blacklist_keys';
     774
     775    // Non-strict uses WordPress "moderation" settings
     776    } else {
     777        $hook_name   = 'moderation';
     778        $option_name = 'moderation_keys';
     779    }
    769780
    770781    // Allow for moderation check to be skipped
    771     if ( apply_filters( 'bbp_bypass_check_for_moderation', false, $anonymous_data, $author_id, $title, $content ) ) {
     782    if ( apply_filters( "bbp_bypass_check_for_{$hook_name}", false, $anonymous_data, $author_id, $title, $content, $strict ) ) {
    772783        return true;
    773784    }
     
    785796    /** Max Links *************************************************************/
    786797
    787     $max_links = get_option( 'comment_max_links' );
    788     if ( ! empty( $max_links ) ) {
    789 
    790         // How many links?
    791         $num_links = preg_match_all( '/(http|ftp|https):\/\//i', $content, $match_out );
    792 
    793         // Allow for bumping the max to include the user's URL
    794         if ( ! empty( $_post['url'] ) ) {
    795             $num_links = apply_filters( 'comment_max_links_url', $num_links, $_post['url'], $content );
    796         }
    797 
    798         // Das ist zu viele links!
    799         if ( $num_links >= $max_links ) {
    800             return false;
     798    // Only check max_lisnks when not being strict
     799    if ( false === $strict ) {
     800        $max_links = get_option( 'comment_max_links' );
     801        if ( ! empty( $max_links ) ) {
     802
     803            // How many links?
     804            $num_links = preg_match_all( '/(http|ftp|https):\/\//i', $content, $match_out );
     805
     806            // Allow for bumping the max to include the user's URL
     807            if ( ! empty( $_post['url'] ) ) {
     808                $num_links = apply_filters( 'comment_max_links_url', $num_links, $_post['url'], $content );
     809            }
     810
     811            // Das ist zu viele links!
     812            if ( $num_links >= $max_links ) {
     813                return false;
     814            }
    801815        }
    802816    }
     
    811825     * @param string $moderation List of moderation keys. One per new line.
    812826     */
    813     $moderation = apply_filters( 'bbp_moderation_keys', trim( get_option( 'moderation_keys' ) ) );
    814 
    815     // Bail if blacklist is empty
     827    $moderation = apply_filters( "bbp_{$hook_name}_keys", trim( get_option( $option_name ) ) );
     828
     829    // Bail if no words to look for
    816830    if ( empty( $moderation ) ) {
    817831        return true;
     
    870884        // spam words don't break things:
    871885        $word    = preg_quote( $word, '#' );
    872         $pattern = "#$word#i";
     886        $pattern = "#{$word}#i";
    873887
    874888        // Loop through post data
     
    889903
    890904/**
    891  * Checks topics and replies against the discussion blacklist of blocked keys
     905 * Deprecated version of bbp_check_for_blocklist()
    892906 *
    893907 * @since 2.0.0 bbPress (r3446)
    894  *
    895  * @param array $anonymous_data Optional - if it's an anonymous post. Do not
    896  *                              supply if supplying $author_id. Should be
    897  *                              sanitized (see {@link bbp_filter_anonymous_post_data()}
    898  * @param int $author_id Topic or reply author ID
    899  * @param string $title The title of the content
    900  * @param string $content The content being posted
    901  * @return bool True if test is passed, false if fail
     908 * @since 2.6.0 bbPress (r6854)
     909 * @deprecated 2.6.0 Use bbp_check_for_blocklist()
    902910 */
    903911function bbp_check_for_blacklist( $anonymous_data = array(), $author_id = 0, $title = '', $content = '' ) {
    904 
    905     // Allow for blacklist check to be skipped
    906     if ( apply_filters( 'bbp_bypass_check_for_blacklist', false, $anonymous_data, $author_id, $title, $content ) ) {
    907         return true;
    908     }
    909 
    910     // Bail if keymaster is author
    911     if ( ! empty( $author_id ) && bbp_is_user_keymaster( $author_id ) ) {
    912         return true;
    913     }
    914 
    915     /** Blacklist *************************************************************/
    916 
    917     /**
    918      * Filters the bbPress blacklist keys.
    919      *
    920      * @since 2.6.0 bbPress (r6050)
    921      *
    922      * @param string $blacklist List of blacklist keys. One per new line.
    923      */
    924     $blacklist = apply_filters( 'bbp_blacklist_keys', trim( get_option( 'blacklist_keys' ) ) );
    925 
    926     // Bail if blacklist is empty
    927     if ( empty( $blacklist ) ) {
    928         return true;
    929     }
    930 
    931     /** User Data *************************************************************/
    932 
    933     // Define local variable
    934     $_post = array();
    935 
    936     // Map anonymous user data
    937     if ( ! empty( $anonymous_data ) ) {
    938         $_post['author'] = $anonymous_data['bbp_anonymous_name'];
    939         $_post['email']  = $anonymous_data['bbp_anonymous_email'];
    940         $_post['url']    = $anonymous_data['bbp_anonymous_website'];
    941 
    942     // Map current user data
    943     } elseif ( ! empty( $author_id ) ) {
    944 
    945         // Get author data
    946         $user = get_userdata( $author_id );
    947 
    948         // If data exists, map it
    949         if ( ! empty( $user ) ) {
    950             $_post['author'] = $user->display_name;
    951             $_post['email']  = $user->user_email;
    952             $_post['url']    = $user->user_url;
    953         }
    954     }
    955 
    956     // Current user IP and user agent
    957     $_post['user_ip'] = bbp_current_author_ip();
    958     $_post['user_ua'] = bbp_current_author_ua();
    959 
    960     // Post title and content
    961     $_post['title']   = $title;
    962     $_post['content'] = $content;
    963 
    964     // Ensure HTML tags are not being used to bypass the blacklist.
    965     $_post['comment_without_html'] = wp_strip_all_tags( $content );
    966 
    967     /** Words *****************************************************************/
    968 
    969     // Get words separated by new lines
    970     $words = explode( "\n", $blacklist );
    971 
    972     // Loop through words
    973     foreach ( (array) $words as $word ) {
    974 
    975         // Trim the whitespace from the word
    976         $word = trim( $word );
    977 
    978         // Skip empty lines
    979         if ( empty( $word ) ) { continue; }
    980 
    981         // Do some escaping magic so that '#' chars in the
    982         // spam words don't break things:
    983         $word    = preg_quote( $word, '#' );
    984         $pattern = "#$word#i";
    985 
    986         // Loop through post data
    987         foreach ( $_post as $post_data ) {
    988 
    989             // Check each user data for current word
    990             if ( preg_match( $pattern, $post_data ) ) {
    991 
    992                 // Post does not pass
    993                 return false;
    994             }
    995         }
    996     }
    997 
    998     // Check passed successfully
    999     return true;
     912    return bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, false );
    1000913}
    1001914
  • trunk/src/includes/extend/akismet.php

    r6774 r6855  
    407407        $ignore = array( 'HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW' );
    408408
    409         // Loop through _SERVER args and remove whitelisted keys
     409        // Loop through _SERVER args and remove allowed keys
    410410        foreach ( $_SERVER as $key => $value ) {
    411411
     
    509509                    // If post_status is the spam status, which isn't expected, leave a note
    510510                    if ( bbp_get_spam_status_id() === $_post->post_status ) {
    511 
    512                         // @todo Use wp_blacklist_check()
    513 
    514511                        $this->update_post_history( $post_id, sprintf( esc_html__( 'Post status was changed to %s', 'bbpress' ), $_post->post_status ), 'status-changed-' . $_post->post_status );
    515512                    }
  • trunk/src/includes/forums/functions.php

    r6848 r6855  
    235235    }
    236236
    237     /** Forum Blacklist *******************************************************/
    238 
    239     if ( ! bbp_check_for_blacklist( $anonymous_data, $forum_author, $forum_title, $forum_content ) ) {
    240         bbp_add_error( 'bbp_forum_blacklist', __( '<strong>ERROR</strong>: Your forum cannot be created at this time.', 'bbpress' ) );
     237    /** Forum Bad Words *******************************************************/
     238
     239    if ( ! bbp_check_for_moderation( $anonymous_data, $forum_author, $forum_title, $forum_content, true ) ) {
     240        bbp_add_error( 'bbp_forum_moderation', __( '<strong>ERROR</strong>: Your forum cannot be created at this time.', 'bbpress' ) );
    241241    }
    242242
     
    474474    }
    475475
    476     /** Forum Blacklist *******************************************************/
    477 
    478     if ( ! bbp_check_for_blacklist( $anonymous_data, bbp_get_forum_author_id( $forum_id ), $forum_title, $forum_content ) ) {
    479         bbp_add_error( 'bbp_forum_blacklist', __( '<strong>ERROR</strong>: Your forum cannot be edited at this time.', 'bbpress' ) );
     476    /** Forum Bad Words *******************************************************/
     477
     478    if ( ! bbp_check_for_moderation( $anonymous_data, bbp_get_forum_author_id( $forum_id ), $forum_title, $forum_content, true ) ) {
     479        bbp_add_error( 'bbp_forum_moderation', __( '<strong>ERROR</strong>: Your forum cannot be edited at this time.', 'bbpress' ) );
    480480    }
    481481
  • trunk/src/includes/replies/functions.php

    r6850 r6855  
    306306    }
    307307
    308     /** Reply Blacklist *******************************************************/
    309 
    310     if ( ! bbp_check_for_blacklist( $anonymous_data, $reply_author, $reply_title, $reply_content ) ) {
    311         bbp_add_error( 'bbp_reply_blacklist', __( '<strong>ERROR</strong>: Your reply cannot be created at this time.', 'bbpress' ) );
     308    /** Reply Bad Words *******************************************************/
     309
     310    if ( ! bbp_check_for_moderation( $anonymous_data, $reply_author, $reply_title, $reply_content, true ) ) {
     311        bbp_add_error( 'bbp_reply_moderation', __( '<strong>ERROR</strong>: Your reply cannot be created at this time.', 'bbpress' ) );
    312312    }
    313313
     
    611611    }
    612612
    613     /** Reply Blacklist *******************************************************/
    614 
    615     if ( ! bbp_check_for_blacklist( $anonymous_data, $reply_author, $reply_title, $reply_content ) ) {
    616         bbp_add_error( 'bbp_reply_blacklist', __( '<strong>ERROR</strong>: Your reply cannot be edited at this time.', 'bbpress' ) );
     613    /** Reply Bad Words *******************************************************/
     614
     615    if ( ! bbp_check_for_moderation( $anonymous_data, $reply_author, $reply_title, $reply_content, true ) ) {
     616        bbp_add_error( 'bbp_reply_moderation', __( '<strong>ERROR</strong>: Your reply cannot be edited at this time.', 'bbpress' ) );
    617617    }
    618618
  • trunk/src/includes/topics/functions.php

    r6850 r6855  
    254254    }
    255255
    256     /** Topic Blacklist *******************************************************/
    257 
    258     if ( ! bbp_check_for_blacklist( $anonymous_data, $topic_author, $topic_title, $topic_content ) ) {
    259         bbp_add_error( 'bbp_topic_blacklist', __( '<strong>ERROR</strong>: Your topic cannot be created at this time.', 'bbpress' ) );
     256    /** Topic Bad Words *******************************************************/
     257
     258    if ( ! bbp_check_for_moderation( $anonymous_data, $topic_author, $topic_title, $topic_content, true ) ) {
     259        bbp_add_error( 'bbp_topic_moderation', __( '<strong>ERROR</strong>: Your topic cannot be created at this time.', 'bbpress' ) );
    260260    }
    261261
     
    269269        $topic_status = bbp_get_pending_status_id();
    270270
    271     // Check a whitelist of possible topic status ID's
     271    // Check possible topic status ID's
    272272    } elseif ( ! empty( $_POST['bbp_topic_status'] ) && in_array( $_POST['bbp_topic_status'], array_keys( $topic_statuses ), true ) ) {
    273273        $topic_status = sanitize_key( $_POST['bbp_topic_status'] );
     
    550550    }
    551551
    552     /** Topic Blacklist *******************************************************/
    553 
    554     if ( ! bbp_check_for_blacklist( $anonymous_data, $topic_author, $topic_title, $topic_content ) ) {
    555         bbp_add_error( 'bbp_topic_blacklist', __( '<strong>ERROR</strong>: Your topic cannot be edited at this time.', 'bbpress' ) );
     552    /** Topic Bad Words *******************************************************/
     553
     554    if ( ! bbp_check_for_moderation( $anonymous_data, $topic_author, $topic_title, $topic_content, true ) ) {
     555        bbp_add_error( 'bbp_topic_moderation', __( '<strong>ERROR</strong>: Your topic cannot be edited at this time.', 'bbpress' ) );
    556556    }
    557557
     
    569569        }
    570570
    571     // Check a whitelist of possible topic status ID's
     571    // Check possible topic status ID's
    572572    } elseif ( ! empty( $_POST['bbp_topic_status'] ) && in_array( $_POST['bbp_topic_status'], array_keys( $topic_statuses ), true ) ) {
    573573        $topic_status = sanitize_key( $_POST['bbp_topic_status'] );
  • trunk/src/readme.txt

    r6839 r6855  
    5656
    5757= 2.6.0 =
    58 * Released on August 6, 2018
     58* Released on September 4, 2018
    5959
    6060= 2.5.14 =
     
    320320* Audit usage of get strings for moderator level and above users
    321321* Normalize theme, shortcodes, and template parts
    322 * Added blacklist_keys support
     322* Added strict moderation support
    323323* Added actions to topic/reply forms
    324324* Added Forum Participant role for multisite use
  • trunk/tests/phpunit/testcases/common/functions.php

    r6085 r6855  
    887887
    888888    /**
    889      * @covers ::bbp_check_for_blacklist
    890      */
    891     public function test_bbp_check_for_blacklist() {
     889     * @covers ::bbp_check_for_moderation
     890     */
     891    public function test_bbp_check_for_moderation_strict() {
    892892        $anonymous_data = false;
    893893        $author_id      = 0;
     
    897897        update_option( 'blacklist_keys',"hibernating\nfoo" );
    898898
    899         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     899        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    900900
    901901        $this->assertFalse( $result );
     
    903903        update_option( 'blacklist_keys',"foo\nbar" );
    904904
    905         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     905        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    906906
    907907        $this->assertTrue( $result );
     
    909909
    910910    /**
    911      * @covers ::bbp_check_for_blacklist
    912      */
    913     public function test_should_return_false_for_user_url_blacklist_check() {
     911     * @covers ::bbp_check_for_moderation
     912     */
     913    public function test_should_return_false_for_user_url_strict_moderation_check() {
    914914        $u = $this->factory->user->create( array(
    915915            'user_url'   => 'http://example.net/banned',
     
    929929        update_option( 'blacklist_keys',"http://example.net/banned\nfoo" );
    930930
    931         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     931        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    932932
    933933        $this->assertFalse( $result );
     
    935935
    936936    /**
    937      * @covers ::bbp_check_for_blacklist
    938      */
    939     public function test_should_return_false_for_user_email_blacklist_check() {
     937     * @covers ::bbp_check_for_moderation
     938     */
     939    public function test_should_return_false_for_user_email_strict_moderation_check() {
    940940        $u = $this->factory->user->create( array(
    941941            'user_email' => 'banned@example.net',
     
    955955        update_option( 'blacklist_keys',"banned@example.net\nfoo" );
    956956
    957         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     957        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    958958
    959959        $this->assertFalse( $result );
     
    961961
    962962    /**
    963      * @covers ::bbp_check_for_blacklist
    964      */
    965     public function test_should_return_false_for_user_ip_blacklist_check() {
     963     * @covers ::bbp_check_for_moderation
     964     */
     965    public function test_should_return_false_for_user_ip_strict_moderation_check() {
    966966        $u = $this->factory->user->create();
    967967
     
    979979        update_option( 'blacklist_keys',"127.0.0.1\nfoo" );
    980980
    981         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     981        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    982982
    983983        $this->assertFalse( $result );
     
    985985
    986986    /**
    987      * @covers ::bbp_check_for_blacklist
    988      */
    989     public function test_should_return_false_for_moderators_to_bypass_blacklist_check() {
     987     * @covers ::bbp_check_for_moderation
     988     */
     989    public function test_should_return_false_for_moderators_to_bypass_strict_moderation_check() {
    990990        // Create a moderator user.
    991991        $old_current_user = 0;
     
    10081008        update_option( 'blacklist_keys',"hibernating\nfoo" );
    10091009
    1010         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     1010        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    10111011
    10121012        $this->assertFalse( $result );
     
    10171017
    10181018    /**
    1019      * @covers ::bbp_check_for_blacklist
    1020      */
    1021     public function test_should_return_true_for_keymasterss_to_bypass_blacklist_check() {
     1019     * @covers ::bbp_check_for_moderation
     1020     */
     1021    public function test_should_return_true_for_keymasterss_to_bypass_strict_moderation_check() {
    10221022        // Create a keymaster user.
    10231023        $old_current_user = 0;
     
    10401040        update_option( 'blacklist_keys',"hibernating\nfoo" );
    10411041
    1042         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     1042        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    10431043
    10441044        $this->assertTrue( $result );
     
    10491049
    10501050    /**
    1051      * @covers ::bbp_check_for_blacklist
    1052      */
    1053     public function test_should_return_false_when_link_matches_blacklist_keys() {
     1051     * @covers ::bbp_check_for_moderation
     1052     */
     1053    public function test_should_return_false_when_link_matches_strict_moderation_keys() {
    10541054        $anonymous_data = false;
    10551055        $author_id      = 0;
     
    10591059        update_option( 'blacklist_keys',"hibernating\nfoo" );
    10601060
    1061         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     1061        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    10621062
    10631063        $this->assertFalse( $result );
     
    10651065
    10661066    /**
    1067      * @covers ::bbp_check_for_blacklist
    1068      */
    1069     public function test_should_return_false_when_html_wrapped_content_matches_blacklist_keys() {
     1067     * @covers ::bbp_check_for_moderation
     1068     */
     1069    public function test_should_return_false_when_html_wrapped_content_matches_strict_moderation_keys() {
    10701070        $u = $this->factory->user->create();
    10711071
     
    10831083        update_option( 'blacklist_keys',"hibernating\nfoo" );
    10841084
    1085         $result = bbp_check_for_blacklist( $anonymous_data, $author_id, $title, $content );
     1085        $result = bbp_check_for_moderation( $anonymous_data, $author_id, $title, $content, true );
    10861086
    10871087        $this->assertFalse( $result );
Note: See TracChangeset for help on using the changeset viewer.