From 041d1964bde2693df05726690877835ddae4e83e Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 26 Sep 2006 21:24:20 +0200
Subject: wordblock enhancement

The default wordblock.conf provided by the guys at chonqed.org matches agaist
URLS beginning with http. But DokuWiki also links simple www.example.com links.
Spammers used this method to place blacklisted URLs in the Wiki.

This patch constructs full URLs from these shortcut-URLs before applying the
blacklist regexp.

The patch also fixes a problem with the toolbar not appearing when the blacklist
hit and denied saving.

darcs-hash:20060926192420-7ad00-519df90a5953b690428bfa0928de37b3053031b0.gz
---
 inc/common.php   | 5 ++++-
 inc/template.php | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

(limited to 'inc')

diff --git a/inc/common.php b/inc/common.php
index c2a6903ab..f42ddb1e5 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -412,6 +412,9 @@ function checkwordblock(){
 
   if(!$conf['usewordblock']) return false;
 
+  // we prepare the text a tiny bit to prevent spammers circumventing URL checks
+  $text = preg_replace('!(\b)(www\.[\w.:?\-;,]+?\.[\w.:?\-;,]+?[\w/\#~:.?+=&%@\!\-.:?\-;,]+?)([.:?\-;,]*[^\w/\#~:.?+=&%@\!\-.:?\-;,])!i','\1http://\2 \2\3',$TEXT);
+
   $wordblocks = getWordblocks();
   //how many lines to read at once (to work around some PCRE limits)
   if(version_compare(phpversion(),'4.3.0','<')){
@@ -433,7 +436,7 @@ function checkwordblock(){
       if(empty($block)) continue;
       $re[]  = $block;
     }
-    if(preg_match('#('.join('|',$re).')#si',$TEXT, $match=array())) {
+    if(preg_match('#('.join('|',$re).')#si',$text, $match=array())) {
       return true;
     }
   }
diff --git a/inc/template.php b/inc/template.php
index bcfbff8ea..850580773 100644
--- a/inc/template.php
+++ b/inc/template.php
@@ -237,7 +237,7 @@ function tpl_metaheaders($alt=true){
                           'href'=>DOKU_BASE.'lib/exe/css.php?print=1');
 
   // load javascript
-  $js_edit  = ($ACT=='edit' || $ACT=='preview' || $ACT=='recover') ? 1 : 0;
+  $js_edit  = ($ACT=='edit' || $ACT=='preview' || $ACT=='recover' || $ACT=='wordblock' ) ? 1 : 0;
   $js_write = ($INFO['writable']) ? 1 : 0;
   if(defined('DOKU_MEDIAMANAGER')){
     $js_edit  = 1;
-- 
cgit v1.2.3