Go to the documentation of this file.
3 if ( !defined(
'MEDIAWIKI' ) ) {
37 $text = str_replace(
'.',
'.', $text );
55 $statsd = MediaWikiServices::getInstance()->getStatsdDataFactory();
73 sha1( implode(
"\n", $links ) ),
77 $knownNonMatchAsOf =
$cache->get( $key );
78 if ( $mode ===
'check' ) {
79 if ( $knownNonMatchAsOf ) {
80 $statsd->increment(
'spamblacklist.check-stash.hit' );
84 $statsd->increment(
'spamblacklist.check-stash.miss' );
86 } elseif ( $mode ===
'stash' ) {
87 if ( $knownNonMatchAsOf && ( time() - $knownNonMatchAsOf ) < self::STASH_AGE_DYING ) {
95 if (
count( $blacklists ) ) {
97 $newLinks = array_map( [ $this,
'antiSpoof' ], $links );
102 $addedLinks = array_diff( $newLinks, $oldLinks );
105 $addedLinks = $newLinks;
108 wfDebugLog(
'SpamBlacklist',
"Old URLs: " . implode(
', ', $oldLinks ) );
109 wfDebugLog(
'SpamBlacklist',
"New URLs: " . implode(
', ', $newLinks ) );
110 wfDebugLog(
'SpamBlacklist',
"Added URLs: " . implode(
', ', $addedLinks ) );
112 if ( !$preventLog ) {
116 $links = implode(
"\n", $addedLinks );
118 # Strip whitelisted URLs from the match
119 if ( is_array( $whitelists ) ) {
120 wfDebugLog(
'SpamBlacklist',
"Excluding whitelisted URLs from " .
count( $whitelists ) .
121 " regexes: " . implode(
', ', $whitelists ) .
"\n" );
122 foreach ( $whitelists
as $regex ) {
124 $newLinks = preg_replace( $regex,
'', $links );
126 if ( is_string( $newLinks ) ) {
134 wfDebugLog(
'SpamBlacklist',
"Checking text against " .
count( $blacklists ) .
135 " regexes: " . implode(
', ', $blacklists ) .
"\n" );
137 foreach ( $blacklists
as $regex ) {
140 $check = ( preg_match_all( $regex, $links,
$matches ) > 0 );
147 $fullLineRegex = substr( $regex, 0, strrpos( $regex,
'/' ) ) .
'.*/Sim';
148 preg_match_all( $fullLineRegex, $links, $fullUrls );
149 $imploded = implode(
' ', $fullUrls[0] );
150 wfDebugLog(
'SpamBlacklistHit',
"$ip caught submitting spam: $imploded\n" );
151 if ( !$preventLog ) {
154 if ( $retVal ===
false ) {
157 $retVal = array_merge( $retVal, $fullUrls[1] );
160 if ( is_array( $retVal ) ) {
161 $retVal = array_unique( $retVal );
167 if ( $retVal ===
false ) {
169 $cache->set( $key, time(), self::STASH_TTL );
170 if ( $mode ===
'stash' ) {
171 $statsd->increment(
'spamblacklist.check-stash.store' );
179 global $wgSpamBlacklistEventLogging;
180 return $wgSpamBlacklistEventLogging && class_exists(
'EventLogging' );
195 $removedLinks = array_diff( $oldLinks, $newLinks );
196 foreach ( $addedLinks
as $url ) {
200 foreach ( $removedLinks
as $url ) {
219 'pageId' =>
$title->getArticleID(),
220 'pageNamespace' =>
$title->getNamespace(),
221 'userId' =>
$user->getId(),
222 'userText' =>
$user->getName(),
226 $this->urlChangeLog = [];
229 foreach ( $changes
as $change ) {
230 EventLogging::logEvent(
231 'ExternalLinksChange',
247 if ( !isset( $parsed[
'host'] ) ) {
248 wfDebugLog(
'SpamBlacklist',
"Unable to parse $url" );
253 'protocol' => $parsed[
'scheme'],
254 'domain' => $parsed[
'host'],
255 'path' => isset( $parsed[
'path'] ) ? $parsed[
'path'] :
'',
256 'query' => isset( $parsed[
'query'] ) ? $parsed[
'query'] :
'',
257 'fragment' => isset( $parsed[
'fragment'] ) ? $parsed[
'fragment'] :
'',
260 $this->urlChangeLog[] = $info;
273 return $cache->getWithSetCallback(
275 $cache->makeKey(
'external-link-list',
$title->getLatestRevID() ),
279 $setOpts += Database::getCacheSetOptions(
$dbr );
281 return $dbr->selectFieldValues(
284 [
'el_from' =>
$title->getArticleID() ],
301 return '/(?:https?:)?\/\/+[a-z0-9_\-.]*(';
311 return ')' . parent::getRegexEnd( $batchSize );
322 if ( $wgLogSpamBlacklistHits ) {
324 $logEntry->setPerformer(
$wgUser );
325 $logEntry->setTarget(
$title );
326 $logEntry->setParameters( [
329 $logid = $logEntry->insert();
330 $log =
new LogPage(
'spamblacklist' );
331 if ( $log->isRestricted() ) {
335 && class_exists(
'CheckUserHooks' )
337 $rc = $logEntry->getRecentChange( $logid );
338 CheckUserHooks::updateCheckUserData( $rc );
343 $logEntry->publish( $logid,
"rc" );
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a account $user
logUrlChange( $url, $action)
Queue log data about change for a url addition or removal.
getRegexStart()
Returns the start of the regex for matches.
static getLocalClusterInstance()
Get the main cluster-local cache object.
getBlacklists()
Fetch local and (possibly cached) remote blacklists.
as see the revision history and available at free of to any person obtaining a copy of this software and associated documentation to deal in the Software without including without limitation the rights to use
wfSuppressWarnings( $end=false)
Reference-counted warning suppression.
getCurrentLinks(Title $title)
Look up the links currently in the article, so we can ignore them on a second run.
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
getRegexEnd( $batchSize)
Returns the end of the regex for matches.
static addCallableUpdate( $callable, $stage=self::POSTSEND, IDatabase $dbw=null)
Add a callable update.
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
logFilterHit( $title, $url)
Logs the filter hit to Special:Log if $wgLogSpamBlacklistHits is enabled.
namespace and then decline to actually register it file or subcat img or subcat $title
wfGetDB( $db, $groups=[], $wiki=false)
Get a Database object.
Base class for different kinds of blacklists.
Class to simplify the use of log pages.
warmCachesForFilter(Title $title, array $entries)
when a variable name is used in a it is silently declared as a new masking the global
array[] $urlChangeLog
Changes to external links, for logging purposes.
logUrlChanges( $oldLinks, $newLinks, $addedLinks)
Diff added/removed urls and generate events for them.
filter(array $links, Title $title=null, $preventLog=false, $mode='check')
Represents a title within MediaWiki.
static getMainWANInstance()
Get the main WAN cache object.
getBlacklistType()
Returns the code for the blacklist implementation.
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Class for creating log entries manually, to inject them into the database.
if(! $wgDBerrorLogTZ) $wgRequest
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency MediaWikiServices
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
getWhitelists()
Returns the (local) whitelist.
antiSpoof( $text)
Apply some basic anti-spoofing to the links before they get filtered, see.
doLogging(User $user, Title $title, $revId)
Actually push the url change events post-save.
the array() calling protocol came about after MediaWiki 1.4rc1.