[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * MyBB 1.6
   4   * Copyright 2010 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://mybb.com
   7   * License: http://mybb.com/about/license
   8   *
   9   * $Id: badwords.php 5796 2012-04-19 14:38:15Z Tomm $
  10   */
  11  
  12  // Disallow direct access to this file for security reasons
  13  if(!defined("IN_MYBB"))
  14  {
  15      die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
  16  }
  17  
  18  $page->add_breadcrumb_item($lang->bad_words, "index.php?module=config-badwords");
  19  
  20  $plugins->run_hooks("admin_config_badwords_begin");
  21  
  22  if($mybb->input['action'] == "add" && $mybb->request_method == "post")
  23  {
  24      $plugins->run_hooks("admin_config_badwords_add");
  25      
  26      if(!trim($mybb->input['badword']))
  27      {
  28          $errors[] = $lang->error_missing_bad_word;
  29      }
  30  
  31      if(strlen(trim($mybb->input['badword'])) > 100)
  32      {
  33          $errors[] = $lang->bad_word_max;
  34      }
  35  
  36      if(strlen($mybb->input['replacement']) > 100)
  37      {
  38          $errors[] = $lang->replacement_word_max;
  39      }
  40  
  41      if(!$errors)
  42      {
  43          $query = $db->simple_select("badwords", "bid", "badword = '".$db->escape_string($mybb->input['badword'])."'");
  44  
  45          if($db->num_rows($query))
  46          {
  47              $errors[] = $lang->error_bad_word_filtered;
  48          }
  49      }
  50  
  51      $badword = str_replace('\*', '([a-zA-Z0-9_]{1})', preg_quote($mybb->input['badword'], "#"));
  52      
  53      // Don't allow certain badword replacements to be added if it would cause an infinite recursive loop.
  54      if(strlen($mybb->input['badword']) == strlen($mybb->input['replacement']) && preg_match("#(^|\W)".$badword."(\W|$)#i", $mybb->input['replacement']))
  55      {
  56          $errors[] = $lang->error_replacement_word_invalid;
  57      }
  58  
  59      if(!$errors)
  60      {
  61          $new_badword = array(
  62              "badword" => $db->escape_string($mybb->input['badword']),
  63              "replacement" => $db->escape_string($mybb->input['replacement'])
  64          );
  65  
  66          $bid = $db->insert_query("badwords", $new_badword);
  67          
  68          $plugins->run_hooks("admin_config_badwords_add_commit");
  69  
  70          // Log admin action
  71          log_admin_action($bid, $mybb->input['badword']);
  72  
  73          $cache->update_badwords();
  74          flash_message($lang->success_added_bad_word, 'success');
  75          admin_redirect("index.php?module=config-badwords");
  76      }
  77      else
  78      {
  79          $mybb->input['action'] = '';
  80      }
  81  }
  82  
  83  if($mybb->input['action'] == "delete")
  84  {
  85      $plugins->run_hooks("admin_config_badwords_delete");
  86      
  87      $query = $db->simple_select("badwords", "*", "bid='".intval($mybb->input['bid'])."'");
  88      $badword = $db->fetch_array($query);
  89      
  90      // Does the bad word not exist?
  91      if(!$badword['bid'])
  92      {
  93          flash_message($lang->error_invalid_bid, 'error');
  94          admin_redirect("index.php?module=config-badwords");
  95      }
  96  
  97      // User clicked no
  98      if($mybb->input['no'])
  99      {
 100          admin_redirect("index.php?module=config-badwords");
 101      }
 102  
 103      if($mybb->request_method == "post")
 104      {
 105          // Delete the bad word
 106          $db->delete_query("badwords", "bid='{$badword['bid']}'");
 107          
 108          $plugins->run_hooks("admin_config_badwords_delete_commit");
 109  
 110          // Log admin action
 111          log_admin_action($badword['bid'], $badword['badword']);
 112  
 113          $cache->update_badwords();
 114  
 115          flash_message($lang->success_deleted_bad_word, 'success');
 116          admin_redirect("index.php?module=config-badwords");
 117      }
 118      else
 119      {
 120          $page->output_confirm_action("index.php?module=config-badwords&action=delete&bid={$badword['bid']}", $lang->confirm_bad_word_deletion);
 121      }
 122  }
 123  
 124  if($mybb->input['action'] == "edit")
 125  {
 126      $plugins->run_hooks("admin_config_badwords_edit");
 127      
 128      $query = $db->simple_select("badwords", "*", "bid='".intval($mybb->input['bid'])."'");
 129      $badword = $db->fetch_array($query);
 130      
 131      // Does the bad word not exist?
 132      if(!$badword['bid'])
 133      {
 134          flash_message($lang->error_invalid_bid, 'error');
 135          admin_redirect("index.php?module=config-badwords");
 136      }
 137  
 138      if($mybb->request_method == "post")
 139      {
 140          if(!trim($mybb->input['badword']))
 141          {
 142              $errors[] = $lang->error_missing_bad_word;
 143          }
 144  
 145          if(strlen(trim($mybb->input['badword'])) > 100)
 146          {
 147              $errors[] = $lang->bad_word_max;
 148          }
 149  
 150          if(strlen($mybb->input['replacement']) > 100)
 151          {
 152              $errors[] = $lang->replacement_word_max;
 153          }
 154  
 155          if(!$errors)
 156          {
 157              $updated_badword = array(
 158                  "badword" => $db->escape_string($mybb->input['badword']),
 159                  "replacement" => $db->escape_string($mybb->input['replacement'])
 160              );
 161  
 162              $db->update_query("badwords", $updated_badword, "bid='{$badword['bid']}'");
 163              
 164              $plugins->run_hooks("admin_config_badwords_edit_commit");
 165  
 166              // Log admin action
 167              log_admin_action($badword['bid'], $mybb->input['badword']);
 168  
 169              $cache->update_badwords();
 170  
 171              flash_message($lang->success_updated_bad_word, 'success');
 172              admin_redirect("index.php?module=config-badwords");
 173          }
 174      }
 175  
 176      $page->add_breadcrumb_item($lang->edit_bad_word);
 177      $page->output_header($lang->bad_words." - ".$lang->edit_bad_word);
 178  
 179      $sub_tabs['editbadword'] = array(
 180          'title' => $lang->edit_bad_word,
 181          'description' => $lang->edit_bad_word_desc,
 182          'link' => "index.php?module=config-badwords"
 183      );
 184  
 185      $page->output_nav_tabs($sub_tabs, "editbadword");
 186  
 187      $form = new Form("index.php?module=config-badwords&amp;action=edit&amp;bid={$badword['bid']}", "post");
 188  
 189      if($errors)
 190      {
 191          $page->output_inline_error($errors);
 192          $badword_data = $mybb->input;
 193      }
 194      else
 195      {
 196          $badword_data = $badword;
 197      }
 198  
 199      $form_container = new FormContainer($lang->edit_bad_word);
 200      $form_container->output_row($lang->bad_word." <em>*</em>", $lang->bad_word_desc, $form->generate_text_box('badword', $badword_data['badword'], array('id' => 'badword')), 'badword');
 201      $form_container->output_row($lang->replacement, $lang->replacement_desc, $form->generate_text_box('replacement', $badword_data['replacement'], array('id' => 'replacement')), 'replacement');
 202      $form_container->end();
 203      $buttons[] = $form->generate_submit_button($lang->save_bad_word);
 204      $form->output_submit_wrapper($buttons);
 205      $form->end();
 206      
 207      $page->output_footer();
 208  }
 209  
 210  if(!$mybb->input['action'])
 211  {
 212      $plugins->run_hooks("admin_config_badwords_start");
 213      
 214      $page->output_header($lang->bad_words);
 215  
 216      $sub_tabs['badwords'] = array(
 217          'title' => $lang->bad_word_filters,
 218          'description' => $lang->bad_word_filters_desc,
 219          'link' => "index.php?module=config-badwords"
 220      );
 221  
 222      $page->output_nav_tabs($sub_tabs, "badwords");
 223  
 224      if($errors)
 225      {
 226          $page->output_inline_error($errors);
 227      }
 228  
 229      $table = new Table;
 230      $table->construct_header($lang->bad_word);
 231      $table->construct_header($lang->replacement, array("width" => "50%"));
 232      $table->construct_header($lang->controls, array("class" => "align_center", "width" => 150, "colspan" => 2));
 233  
 234      $query = $db->simple_select("badwords", "*", "", array("order_by" => "badword", "order_dir" => "asc"));
 235      while($badword = $db->fetch_array($query))
 236      {
 237          $badword['badword'] = htmlspecialchars_uni($badword['badword']);
 238          $badword['replacement'] = htmlspecialchars_uni($badword['replacement']);
 239          if(!$badword['replacement'])
 240          {
 241              $badword['replacement'] = '*****';
 242          }
 243          $table->construct_cell($badword['badword']);
 244          $table->construct_cell($badword['replacement']);
 245          $table->construct_cell("<a href=\"index.php?module=config-badwords&amp;action=edit&amp;bid={$badword['bid']}\">{$lang->edit}</a>", array("class" => "align_center"));
 246          $table->construct_cell("<a href=\"index.php?module=config-badwords&amp;action=delete&amp;bid={$badword['bid']}&amp;my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_bad_word_deletion}');\">{$lang->delete}</a>", array("class" => "align_center"));
 247          $table->construct_row();
 248      }
 249      
 250      if($table->num_rows() == 0)
 251      {
 252          $table->construct_cell($lang->no_bad_words, array("colspan" => 4));
 253          $table->construct_row();
 254      }
 255      
 256      $table->output($lang->bad_word_filters);
 257  
 258      $form = new Form("index.php?module=config-badwords&amp;action=add", "post", "add");
 259  
 260      $form_container = new FormContainer($lang->add_bad_word);
 261      $form_container->output_row($lang->bad_word." <em>*</em>", $lang->bad_word_desc, $form->generate_text_box('badword', $mybb->input['badword'], array('id' => 'badword')), 'badword');
 262      $form_container->output_row($lang->replacement, $lang->replacement_desc, $form->generate_text_box('replacement', $mybb->input['replacement'], array('id' => 'replacement')), 'replacement');
 263      $form_container->end();
 264      $buttons[] = $form->generate_submit_button($lang->save_bad_word);
 265      $form->output_submit_wrapper($buttons);
 266      $form->end();
 267  
 268      $page->output_footer();
 269  }
 270  
 271  ?>