API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 3rd, 2016
151
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.52 KB | None | 0 0
raw download clone embed print report
  1. public function parseBadWords( $text='', $stripUrls = TRUE )
  2. {
  3. /* @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/report-center-bypass-word-filter-r40719 */
  4. if( self::$Perms['memberData']['member_group_id'] AND !self::$Perms['memberData']['g_id'] )
  5. {
  6. self::$Perms['memberData'] = array_merge( self::$Perms['memberData'], $this->caches['group_cache'][ self::$Perms['memberData']['member_group_id'] ] );
  7.  
  8. if( self::$Perms['memberData']['mgroup_others'] )
  9. {
  10. self::$Perms['memberData'] = ips_MemberRegistry::setUpSecondaryGroups( self::$Perms['memberData'] );
  11. }
  12. }
  13.  
  14. /* Empty text or bypass? */
  15. if ( $text == '' || self::$Perms['memberData']['g_bypass_badwords'] )
  16. {
  17. return $text;
  18. }
  19.  
  20. $badwords = $this->cache->getCache('badwords');
  21. $temp_text = $text;
  22. $urls = array();
  23.  
  24. /* Got any naughty words? */
  25. if ( ! is_array( $badwords ) OR ! count( $badwords ) )
  26. {
  27. return $text;
  28. }
  29.  
  30. /* strip out URLs so replacements aren't made */
  31. if ( $stripUrls )
  32. {
  33. preg_match_all( '#((http|https|news|ftp)://(?:[^<>\)\[\"\s]+|[a-zA-Z0-9/\._\-!&\#;,%\+\?:=]+))#is', $text, $matches );
  34.  
  35. foreach( $matches[0] as $m )
  36. {
  37. $c = count( $urls );
  38. $urls[ $c ] = $m;
  39.  
  40. $text = str_replace( $m, '<!--url{' . $c . '}-->', $text );
  41. }
  42. }
  43.  
  44. //-----------------------------------------
  45. // Convert back entities
  46. //-----------------------------------------
  47.  
  48. for( $i = 65; $i <= 90; $i++ )
  49. {
  50. $text = str_replace( "&#" . $i . ";", chr($i), $text );
  51. }
  52.  
  53. for( $i = 97; $i <= 122; $i++ )
  54. {
  55. $text = str_replace( "&#" . $i . ";", chr($i), $text );
  56. }
  57.  
  58. /* IPSText::isUTF8() is horribly inefficient on large content with a lot of badwords - do that here so we don't have too every time. We can safely assume any adjustments during replacement are UTF8. */
  59. $isUTF8 = IPSText::isUTF8( $text );
  60.  
  61. //-----------------------------------------
  62. // Go all loopy
  63. //-----------------------------------------
  64.  
  65. foreach( $badwords as $r )
  66. {
  67. $r['type'] = str_replace( '&', '&amp;', IPSText::UNhtmlspecialchars( $r['type'] ) );
  68.  
  69. if ( $this->parseType != 'topics' )
  70. {
  71. $r['swop'] = strip_tags( $r['swop'] );
  72. }
  73.  
  74. $replace = $r['swop'] ? $r['swop'] : '######';
  75.  
  76. if ( $r['m_exact'] )
  77. {
  78. $r['type'] = preg_quote( $r['type'], "/" );
  79.  
  80. /* Link */
  81. // if ( IPS_DOC_CHAR_SET == 'UTF-8' && $isUTF8 )
  82. // {
  83. // $text = preg_replace( '/(^|\p{L}|\s)' . $r['type'] . '(\p{L}|!|\?|\.|,|$)/i', "\\1{$replace}\\2", $text );
  84. // }
  85. // else
  86. // {
  87. // \b does not work well because it matches word boundary, which is technically a \w to \W shift
  88. // @see http://stackoverflow.com/questions/6531724/how-exactly-do-regular-expression-word-boundaries-work-in-php
  89. // What we really want to look for is a non-word character on either side, so this works
  90. // Bad word filter for $!^& becomes $!^&amp;. Submitted in a post that is <p>$!^&amp;</p> and </ is not a shift from non-word to word character
  91. if ( IPS_DOC_CHAR_SET == 'UTF-8' && $isUTF8 )
  92. {
  93. $text = preg_replace( '/(^|\W)' . $r['type'] . '(\W|$)/iu', "\\1" . $replace . "\\2", $text );
  94. }
  95. else
  96. {
  97. $text = preg_replace( '/(^|\W)' . $r['type'] . '(\W|$)/i', "\\1" . $replace . "\\2", $text );
  98. }
  99.  
  100. /* I'd retest that for a dollar! */
  101. if ( strstr( $r['type'], '$' ) )
  102. {
  103. $test = preg_replace( '#(\\\\)?\$#', '$', $r['type'] );
  104.  
  105. if ( DOC_IPS_CHAR_SET == 'UTF-8' && $isUTF8 )
  106. {
  107. $text = preg_replace( '/(^|\W)' . preg_quote( $test ) . '(\W|$)/iu', "\\1" . $replace . "\\2", $text );
  108. }
  109. else
  110. {
  111. $text = preg_replace( '/(^|\W)' . preg_quote( $test ) . '(\W|$)/i', "\\1" . $replace . "\\2", $text );
  112. }
  113. }
  114.  
  115. // }
  116. }
  117. else
  118. {
  119. //----------------------------
  120. // 'ass' in 'class' kills css
  121. //----------------------------
  122.  
  123. if( strtolower( $r['type'] ) == 'ass' )
  124. {
  125. $text = preg_replace( "/(?<!cl)" . $r['type'] . "/i", $replace, $text );
  126. }
  127. else
  128. {
  129. $text = str_ireplace( $r['type'], $replace, $text );
  130. }
  131. }
  132. }
  133.  
  134. /* replace urls */
  135. if ( count( $urls ) )
  136. {
  137. preg_match_all( '#\<\!--url\{(\d+?)\}--\>#is', $text, $matches );
  138.  
  139. for ( $i = 0; $i < count($matches[0]); $i++ )
  140. {
  141. if ( isset( $matches[1][$i] ) )
  142. {
  143. $text = str_replace( $matches[0][$i], $urls[ $matches[1][$i] ], $text );
  144. }
  145. }
  146. }
  147.  
  148. return $text ? $text : $temp_text;
  149. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!