-
-
Notifications
You must be signed in to change notification settings - Fork 577
/
Ban.class.php
executable file
路162 lines (129 loc) 路 4.13 KB
/
Ban.class.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
<?php
/**
* @author Pierre-Henry Soria <hello@ph7builder.com>
* @copyright (c) 2012-2022, Pierre-Henry Soria. All Rights Reserved.
* @license MIT License; See LICENSE.md and COPYRIGHT.md in the root directory.
* @package PH7 / Framework / Security / Ban
* @version 2.0
*/
declare(strict_types=1);
namespace PH7\Framework\Security\Ban;
defined('PH7') or exit('Restricted access');
use PH7\Framework\Mvc\Model\DbConfig;
use PH7\Framework\Pattern\Statik;
class Ban
{
public const DIR = 'banned/';
public const EXT = '.txt';
public const USERNAME_FILE = 'username.txt';
public const EMAIL_FILE = 'email.txt';
public const WORD_FILE = 'word.txt';
public const BANK_ACCOUNT_FILE = 'bank_account.txt';
public const IP_FILE = 'ip.txt';
private const COMMENT_SIGN = '#';
private static string $sFile;
private static string $sVal;
private static bool $bIsEmail = false;
/**
* Import the trait to set the class static.
* The trait sets constructor/clone private to prevent instantiation.
*/
use Statik;
/**
* Checks if the username is not a banned username.
*/
public static function isUsername(string $sVal): bool
{
self::$sFile = static::USERNAME_FILE;
self::$sVal = $sVal;
return self::is();
}
public static function isEmail(string $sVal): bool
{
self::$sFile = static::EMAIL_FILE;
self::$sVal = $sVal;
self::$bIsEmail = true;
return self::is();
}
public static function isBankAccount(string $sVal): bool
{
self::$sFile = static::BANK_ACCOUNT_FILE;
self::$sVal = $sVal;
self::$bIsEmail = true;
return self::is();
}
public static function isIp(string $sVal): bool
{
self::$sFile = static::IP_FILE;
self::$sVal = $sVal;
return self::is();
}
public static function filterWord(string $sVal, bool $bWordReplace = true): string
{
self::$sFile = static::WORD_FILE;
self::$sVal = $sVal;
return self::replace($bWordReplace);
}
/**
* Generic method that checks if a keyword has been banned.
*
* @return bool Returns TRUE if the text is banned, FALSE otherwise.
*/
private static function is(): bool
{
self::setCaseInsensitive();
if (self::$bIsEmail) {
$mEmailDomain = strrchr(self::$sVal, '@');
if ($mEmailDomain === false) {
return false;
}
if (self::check($mEmailDomain)) {
return true;
}
}
return self::check(self::$sVal);
}
/**
* Generic method to replace forbidden words.
*
* @param bool $bWordReplace TRUE = Replace the ban word by an other word. FALSE = Replace the ban word by an empty string.
*
* @return string|null The clean text.
*/
private static function replace(bool $bWordReplace): ?string
{
$aBannedContents = self::readFile();
foreach ($aBannedContents as $sBan) {
$sBan = trim($sBan);
if (empty($sBan) || self::isCommentFound($sBan)) {
// Skip comments
continue;
}
$sWordReplace = $bWordReplace ? DbConfig::getSetting('banWordReplace') : '';
self::$sVal = str_ireplace($sBan, $sWordReplace, self::$sVal);
}
return self::$sVal;
}
/**
* @param string $sVal
*
* @return bool Returns TRUE if the value is banned, FALSE otherwise.
*/
private static function check(string $sVal): bool
{
$aBannedContents = self::readFile();
return in_array($sVal, array_map('trim', $aBannedContents), true);
}
private static function setCaseInsensitive(): void
{
self::$sVal = strtolower(self::$sVal);
}
private static function isCommentFound($sBan): bool
{
return strpos($sBan, self::COMMENT_SIGN) === 0;
}
private static function readFile(): array
{
return (array)file(PH7_PATH_APP_CONFIG . static::DIR . self::$sFile, FILE_SKIP_EMPTY_LINES);
}
}