mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git
synced 2024-12-18 08:30:52 +00:00
69ad23da98
As explained on phab, it's not worth the effort of keeping this feature. Bug: T229947 Change-Id: Ic6067cab8e1ede98545e704888c99e2ed9a004e4
1694 lines
43 KiB
PHP
1694 lines
43 KiB
PHP
<?php
|
|
|
|
use Wikimedia\Equivset\Equivset;
|
|
use MediaWiki\Logger\LoggerFactory;
|
|
use MediaWiki\MediaWikiServices;
|
|
|
|
class AbuseFilterParser {
|
|
/**
|
|
* @var array Contains the AFPTokens for the code being parsed
|
|
*/
|
|
public $mTokens;
|
|
/**
|
|
* @var int The position of the current token
|
|
*/
|
|
public $mPos;
|
|
/**
|
|
* @var bool Are we inside a short circuit evaluation?
|
|
*/
|
|
public $mShortCircuit;
|
|
/**
|
|
* @var bool Are we allowed to use short-circuit evaluation?
|
|
*/
|
|
public $mAllowShort;
|
|
/**
|
|
* @var AFPToken The current token
|
|
*/
|
|
public $mCur;
|
|
/**
|
|
* @var AbuseFilterVariableHolder
|
|
*/
|
|
public $mVariables;
|
|
|
|
/**
|
|
* @var int The current amount of conditions being consumed
|
|
*/
|
|
protected $mCondCount;
|
|
|
|
/**
|
|
* @var bool Whether the condition limit is enabled.
|
|
*/
|
|
protected $condLimitEnabled = true;
|
|
|
|
public static $mFunctions = [
|
|
'lcase' => 'funcLc',
|
|
'ucase' => 'funcUc',
|
|
'length' => 'funcLen',
|
|
'string' => 'castString',
|
|
'int' => 'castInt',
|
|
'float' => 'castFloat',
|
|
'bool' => 'castBool',
|
|
'norm' => 'funcNorm',
|
|
'ccnorm' => 'funcCCNorm',
|
|
'ccnorm_contains_any' => 'funcCCNormContainsAny',
|
|
'ccnorm_contains_all' => 'funcCCNormContainsAll',
|
|
'specialratio' => 'funcSpecialRatio',
|
|
'rmspecials' => 'funcRMSpecials',
|
|
'rmdoubles' => 'funcRMDoubles',
|
|
'rmwhitespace' => 'funcRMWhitespace',
|
|
'count' => 'funcCount',
|
|
'rcount' => 'funcRCount',
|
|
'get_matches' => 'funcGetMatches',
|
|
'ip_in_range' => 'funcIPInRange',
|
|
'contains_any' => 'funcContainsAny',
|
|
'contains_all' => 'funcContainsAll',
|
|
'equals_to_any' => 'funcEqualsToAny',
|
|
'substr' => 'funcSubstr',
|
|
'strlen' => 'funcLen',
|
|
'strpos' => 'funcStrPos',
|
|
'str_replace' => 'funcStrReplace',
|
|
'rescape' => 'funcStrRegexEscape',
|
|
'set' => 'funcSetVar',
|
|
'set_var' => 'funcSetVar',
|
|
'sanitize' => 'funcSanitize',
|
|
];
|
|
|
|
// Functions that affect parser state, and shouldn't be cached.
|
|
public static $ActiveFunctions = [
|
|
'funcSetVar',
|
|
];
|
|
|
|
public static $mKeywords = [
|
|
'in' => 'keywordIn',
|
|
'like' => 'keywordLike',
|
|
'matches' => 'keywordLike',
|
|
'contains' => 'keywordContains',
|
|
'rlike' => 'keywordRegex',
|
|
'irlike' => 'keywordRegexInsensitive',
|
|
'regex' => 'keywordRegex',
|
|
];
|
|
|
|
/**
|
|
* @var array Cached results of functions
|
|
*/
|
|
protected $funcCache = [];
|
|
|
|
/**
|
|
* @var Equivset
|
|
*/
|
|
protected static $equivset;
|
|
|
|
/**
|
|
* Create a new instance
|
|
*
|
|
* @param AbuseFilterVariableHolder|null $vars
|
|
*/
|
|
public function __construct( AbuseFilterVariableHolder $vars = null ) {
|
|
$this->resetState();
|
|
if ( $vars ) {
|
|
$this->mVariables = $vars;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @return int
|
|
*/
|
|
public function getCondCount() {
|
|
return $this->mCondCount;
|
|
}
|
|
|
|
/**
|
|
* Reset the conditions counter
|
|
*/
|
|
public function resetCondCount() {
|
|
$this->mCondCount = 0;
|
|
}
|
|
|
|
/**
|
|
* For use in batch scripts and the like
|
|
*
|
|
* @param bool $enable True to enable the limit, false to disable it
|
|
* @codeCoverageIgnore
|
|
*/
|
|
public function toggleConditionLimit( $enable ) {
|
|
$this->condLimitEnabled = $enable;
|
|
}
|
|
|
|
/**
|
|
* @param int $val The amount to increase the conditions count of.
|
|
* @throws MWException
|
|
*/
|
|
protected function raiseCondCount( $val = 1 ) {
|
|
global $wgAbuseFilterConditionLimit;
|
|
|
|
$this->mCondCount += $val;
|
|
|
|
if ( $this->condLimitEnabled && $this->mCondCount > $wgAbuseFilterConditionLimit ) {
|
|
throw new MWException( 'Condition limit reached.' );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Resets the state of the parser.
|
|
*/
|
|
public function resetState() {
|
|
$this->mTokens = [];
|
|
$this->mVariables = new AbuseFilterVariableHolder;
|
|
$this->mPos = 0;
|
|
$this->mShortCircuit = false;
|
|
$this->mAllowShort = true;
|
|
$this->mCondCount = 0;
|
|
}
|
|
|
|
/**
|
|
* Clears the array of cached function results
|
|
*/
|
|
public function clearFuncCache() {
|
|
$this->funcCache = [];
|
|
}
|
|
|
|
/**
|
|
* @param AbuseFilterVariableHolder $vars
|
|
*/
|
|
public function setVariables( AbuseFilterVariableHolder $vars ) {
|
|
$this->mVariables = $vars;
|
|
}
|
|
|
|
/**
|
|
* @param string $filter
|
|
* @return true|array True when successful, otherwise a two-element array with exception message
|
|
* and character position of the syntax error
|
|
*/
|
|
public function checkSyntax( $filter ) {
|
|
$origAS = $this->mAllowShort;
|
|
try {
|
|
$this->mAllowShort = false;
|
|
$this->intEval( $filter );
|
|
} catch ( AFPUserVisibleException $excep ) {
|
|
$this->mAllowShort = $origAS;
|
|
|
|
return [ $excep->getMessageObj()->text(), $excep->mPosition ];
|
|
}
|
|
$this->mAllowShort = $origAS;
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Move to the next token
|
|
*/
|
|
protected function move() {
|
|
list( $this->mCur, $this->mPos ) = $this->mTokens[$this->mPos];
|
|
}
|
|
|
|
/**
|
|
* Get the next token. This is similar to move() but doesn't change class members,
|
|
* allowing to look ahead without rolling back the state.
|
|
*
|
|
* @return AFPToken
|
|
*/
|
|
protected function getNextToken() {
|
|
return $this->mTokens[$this->mPos][0];
|
|
}
|
|
|
|
/**
|
|
* getState() function allows parser state to be rollbacked to several tokens back
|
|
* @return AFPParserState
|
|
*/
|
|
protected function getState() {
|
|
return new AFPParserState( $this->mCur, $this->mPos );
|
|
}
|
|
|
|
/**
|
|
* setState() function allows parser state to be rollbacked to several tokens back
|
|
* @param AFPParserState $state
|
|
*/
|
|
protected function setState( AFPParserState $state ) {
|
|
$this->mCur = $state->token;
|
|
$this->mPos = $state->pos;
|
|
}
|
|
|
|
/**
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function skipOverBraces() {
|
|
$braces = 1;
|
|
while ( $this->mCur->type !== AFPToken::TNONE && $braces > 0 ) {
|
|
$this->move();
|
|
if ( $this->mCur->type === AFPToken::TBRACE ) {
|
|
if ( $this->mCur->value === '(' ) {
|
|
$braces++;
|
|
} elseif ( $this->mCur->value === ')' ) {
|
|
$braces--;
|
|
}
|
|
} elseif ( $this->mCur->type === AFPToken::TID ) {
|
|
// T214674, define variables
|
|
$next = $this->getNextToken();
|
|
if (
|
|
in_array( $this->mCur->value, [ 'set', 'set_var' ] ) &&
|
|
$next->type === AFPToken::TBRACE && $next->value === '('
|
|
) {
|
|
// This is for setter functions.
|
|
$this->move();
|
|
$braces++;
|
|
$next = $this->getNextToken();
|
|
if ( $next->type === AFPToken::TSTRING ) {
|
|
$this->setUserVariable( $next->value, new AFPData( AFPData::DUNDEFINED ) );
|
|
}
|
|
} else {
|
|
// Simple assignment with :=
|
|
$varname = $this->mCur->value;
|
|
$next = $this->getNextToken();
|
|
if ( $next->type === AFPToken::TOP && $next->value === ':=' ) {
|
|
$this->setUserVariable( $varname, new AFPData( AFPData::DUNDEFINED ) );
|
|
} elseif ( $next->type === AFPToken::TSQUAREBRACKET && $next->value === '[' ) {
|
|
if ( !$this->mVariables->varIsSet( $varname ) ) {
|
|
throw new AFPUserVisibleException( 'unrecognisedvar',
|
|
$next->pos,
|
|
[ $varname ]
|
|
);
|
|
}
|
|
$this->setUserVariable( $varname, new AFPData( AFPData::DUNDEFINED ) );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if ( !( $this->mCur->type === AFPToken::TBRACE && $this->mCur->value === ')' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound', $this->mCur->pos, [ ')' ] );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @param string $code
|
|
* @return bool
|
|
*/
|
|
public function parse( $code ) {
|
|
return $this->intEval( $code )->toBool();
|
|
}
|
|
|
|
/**
|
|
* @param string $filter
|
|
* @return string
|
|
*/
|
|
public function evaluateExpression( $filter ) {
|
|
return $this->intEval( $filter )->toString();
|
|
}
|
|
|
|
/**
|
|
* @param string $code
|
|
* @return AFPData
|
|
*/
|
|
public function intEval( $code ) {
|
|
// Reset all class members to their default value
|
|
$this->mTokens = AbuseFilterTokenizer::getTokens( $code );
|
|
$this->mPos = 0;
|
|
$this->mShortCircuit = false;
|
|
|
|
$result = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelEntry( $result );
|
|
|
|
return $result;
|
|
}
|
|
|
|
/* Levels */
|
|
|
|
/**
|
|
* Handles unexpected characters after the expression
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelEntry( &$result ) {
|
|
$this->doLevelSemicolon( $result );
|
|
|
|
if ( $this->mCur->type !== AFPToken::TNONE ) {
|
|
throw new AFPUserVisibleException(
|
|
'unexpectedatend',
|
|
$this->mCur->pos, [ $this->mCur->type ]
|
|
);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles multiple expressions delimited by a semicolon
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelSemicolon( &$result ) {
|
|
do {
|
|
$this->move();
|
|
if ( $this->mCur->type !== AFPToken::TSTATEMENTSEPARATOR ) {
|
|
$this->doLevelSet( $result );
|
|
}
|
|
} while ( $this->mCur->type === AFPToken::TSTATEMENTSEPARATOR );
|
|
}
|
|
|
|
/**
|
|
* Handles assignments (:=)
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelSet( &$result ) {
|
|
if ( $this->mCur->type === AFPToken::TID ) {
|
|
$varname = $this->mCur->value;
|
|
$prev = $this->getState();
|
|
$this->move();
|
|
|
|
if ( $this->mCur->type === AFPToken::TOP && $this->mCur->value === ':=' ) {
|
|
$this->move();
|
|
$this->doLevelSet( $result );
|
|
$this->setUserVariable( $varname, $result );
|
|
|
|
return;
|
|
} elseif ( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === '[' ) {
|
|
// We allow builtin variables to both check for override (e.g. added_lines[] :='x')
|
|
// and for T198531
|
|
if ( !$this->varExists( $varname ) ) {
|
|
throw new AFPUserVisibleException( 'unrecognisedvar',
|
|
$this->mCur->pos,
|
|
[ $varname ]
|
|
);
|
|
}
|
|
$array = $this->mVariables->getVar( $varname );
|
|
if ( $array->getType() !== AFPData::DARRAY && $array->getType() !== AFPData::DUNDEFINED ) {
|
|
throw new AFPUserVisibleException( 'notarray', $this->mCur->pos, [] );
|
|
}
|
|
|
|
$this->move();
|
|
if ( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === ']' ) {
|
|
$idx = 'new';
|
|
} else {
|
|
$this->setState( $prev );
|
|
$this->move();
|
|
$idx = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelSemicolon( $idx );
|
|
$idx = $idx->toInt();
|
|
if ( !( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === ']' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound', $this->mCur->pos,
|
|
[ ']', $this->mCur->type, $this->mCur->value ] );
|
|
}
|
|
if ( $array->getType() === AFPData::DARRAY ) {
|
|
if ( count( $array->toArray() ) <= $idx ) {
|
|
throw new AFPUserVisibleException( 'outofbounds', $this->mCur->pos,
|
|
[ $idx, count( $result->getData() ) ] );
|
|
}
|
|
}
|
|
}
|
|
$this->move();
|
|
if ( $this->mCur->type === AFPToken::TOP && $this->mCur->value === ':=' ) {
|
|
if ( $this->isBuiltinVar( $varname ) ) {
|
|
// Ideally we should've aborted before trying to parse the index
|
|
throw new AFPUserVisibleException( 'overridebuiltin', $this->mCur->pos, [ $varname ] );
|
|
}
|
|
$this->move();
|
|
$this->doLevelSet( $result );
|
|
if ( $array->getType() === AFPData::DARRAY ) {
|
|
// If it's a DUNDEFINED, leave it as is
|
|
$array = $array->toArray();
|
|
if ( $idx === 'new' ) {
|
|
$array[] = $result;
|
|
} else {
|
|
$array[$idx] = $result;
|
|
}
|
|
$this->setUserVariable( $varname, new AFPData( AFPData::DARRAY, $array ) );
|
|
}
|
|
|
|
return;
|
|
} else {
|
|
$this->setState( $prev );
|
|
}
|
|
} else {
|
|
$this->setState( $prev );
|
|
}
|
|
}
|
|
$this->doLevelConditions( $result );
|
|
}
|
|
|
|
/**
|
|
* Handles conditionals: if-then-else and ternary operator
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelConditions( &$result ) {
|
|
if ( $this->mCur->type === AFPToken::TKEYWORD && $this->mCur->value === 'if' ) {
|
|
$this->move();
|
|
$this->doLevelBoolOps( $result );
|
|
|
|
if ( !( $this->mCur->type === AFPToken::TKEYWORD && $this->mCur->value === 'then' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
'then',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
|
|
$r1 = new AFPData( AFPData::DEMPTY );
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
|
|
$isTrue = $result->toBool();
|
|
|
|
if ( !$isTrue ) {
|
|
$scOrig = $this->mShortCircuit;
|
|
$this->mShortCircuit = $this->mAllowShort;
|
|
}
|
|
$this->doLevelConditions( $r1 );
|
|
if ( !$isTrue ) {
|
|
$this->mShortCircuit = $scOrig;
|
|
}
|
|
|
|
if ( !( $this->mCur->type === AFPToken::TKEYWORD && $this->mCur->value === 'else' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
'else',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
|
|
if ( $isTrue ) {
|
|
$scOrig = $this->mShortCircuit;
|
|
$this->mShortCircuit = $this->mAllowShort;
|
|
}
|
|
$this->doLevelConditions( $r2 );
|
|
if ( $isTrue ) {
|
|
$this->mShortCircuit = $scOrig;
|
|
}
|
|
|
|
if ( !( $this->mCur->type === AFPToken::TKEYWORD && $this->mCur->value === 'end' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
'end',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
|
|
if ( $result->toBool() ) {
|
|
$result = $r1;
|
|
} else {
|
|
$result = $r2;
|
|
}
|
|
} else {
|
|
$this->doLevelBoolOps( $result );
|
|
if ( $this->mCur->type === AFPToken::TOP && $this->mCur->value === '?' ) {
|
|
$this->move();
|
|
$r1 = new AFPData( AFPData::DEMPTY );
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
|
|
$isTrue = $result->toBool();
|
|
|
|
if ( !$isTrue ) {
|
|
$scOrig = $this->mShortCircuit;
|
|
$this->mShortCircuit = $this->mAllowShort;
|
|
}
|
|
$this->doLevelConditions( $r1 );
|
|
if ( !$isTrue ) {
|
|
$this->mShortCircuit = $scOrig;
|
|
}
|
|
|
|
if ( !( $this->mCur->type === AFPToken::TOP && $this->mCur->value === ':' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
':',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
|
|
if ( $isTrue ) {
|
|
$scOrig = $this->mShortCircuit;
|
|
$this->mShortCircuit = $this->mAllowShort;
|
|
}
|
|
$this->doLevelConditions( $r2 );
|
|
if ( $isTrue ) {
|
|
$this->mShortCircuit = $scOrig;
|
|
}
|
|
|
|
if ( $isTrue ) {
|
|
$result = $r1;
|
|
} else {
|
|
$result = $r2;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles boolean operators (&, |, ^)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelBoolOps( &$result ) {
|
|
$this->doLevelCompares( $result );
|
|
$ops = [ '&', '|', '^' ];
|
|
while ( $this->mCur->type === AFPToken::TOP && in_array( $this->mCur->value, $ops ) ) {
|
|
$op = $this->mCur->value;
|
|
$this->move();
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
|
|
// We can go on quickly as either one statement with | is true or one with & is false
|
|
if ( ( $op === '&' && !$result->toBool() ) || ( $op === '|' && $result->toBool() ) ) {
|
|
$orig = $this->mShortCircuit;
|
|
$this->mShortCircuit = $this->mAllowShort;
|
|
$this->doLevelCompares( $r2 );
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'bool operand', __METHOD__ );
|
|
}
|
|
$this->mShortCircuit = $orig;
|
|
$result = new AFPData( AFPData::DBOOL, $result->toBool() );
|
|
continue;
|
|
}
|
|
|
|
$this->doLevelCompares( $r2 );
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'bool operand', __METHOD__ );
|
|
}
|
|
$result = AFPData::boolOp( $result, $r2, $op );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles comparison operators
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelCompares( &$result ) {
|
|
$this->doLevelSumRels( $result );
|
|
$equalityOps = [ '==', '===', '!=', '!==', '=' ];
|
|
$orderOps = [ '<', '>', '<=', '>=' ];
|
|
// Only allow either a single operation, or a combination of a single equalityOps and a single
|
|
// orderOps. This resembles what PHP does, and allows `a < b == c` while rejecting `a < b < c`
|
|
$allowedOps = array_merge( $equalityOps, $orderOps );
|
|
while ( $this->mCur->type === AFPToken::TOP && in_array( $this->mCur->value, $allowedOps ) ) {
|
|
$allowedOps = in_array( $this->mCur->value, $equalityOps ) ?
|
|
array_diff( $allowedOps, $equalityOps ) :
|
|
array_diff( $allowedOps, $orderOps );
|
|
$op = $this->mCur->value;
|
|
$this->move();
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelSumRels( $r2 );
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'compare operand', __METHOD__ );
|
|
}
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
continue;
|
|
}
|
|
$this->raiseCondCount();
|
|
$result = AFPData::compareOp( $result, $r2, $op );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles sum-related operations (+ and -)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelSumRels( &$result ) {
|
|
$this->doLevelMulRels( $result );
|
|
$ops = [ '+', '-' ];
|
|
while ( $this->mCur->type === AFPToken::TOP && in_array( $this->mCur->value, $ops ) ) {
|
|
$op = $this->mCur->value;
|
|
$this->move();
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelMulRels( $r2 );
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'sum operand', __METHOD__ );
|
|
}
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
continue;
|
|
}
|
|
if ( $op === '+' ) {
|
|
$result = AFPData::sum( $result, $r2 );
|
|
}
|
|
if ( $op === '-' ) {
|
|
$result = AFPData::sub( $result, $r2 );
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles multiplication-related operations (*, / and %)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelMulRels( &$result ) {
|
|
$this->doLevelPow( $result );
|
|
$ops = [ '*', '/', '%' ];
|
|
while ( $this->mCur->type === AFPToken::TOP && in_array( $this->mCur->value, $ops ) ) {
|
|
$op = $this->mCur->value;
|
|
$this->move();
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelPow( $r2 );
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'multiplication operand', __METHOD__ );
|
|
}
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
continue;
|
|
}
|
|
$result = AFPData::mulRel( $result, $r2, $op, $this->mCur->pos );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles powers (**)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelPow( &$result ) {
|
|
$this->doLevelBoolInvert( $result );
|
|
while ( $this->mCur->type === AFPToken::TOP && $this->mCur->value === '**' ) {
|
|
$this->move();
|
|
$expanent = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelBoolInvert( $expanent );
|
|
if ( $expanent->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'power operand', __METHOD__ );
|
|
}
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
continue;
|
|
}
|
|
$result = AFPData::pow( $result, $expanent );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles boolean inversion (!)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelBoolInvert( &$result ) {
|
|
if ( $this->mCur->type === AFPToken::TOP && $this->mCur->value === '!' ) {
|
|
$this->move();
|
|
$this->doLevelSpecialWords( $result );
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
return;
|
|
}
|
|
$result = AFPData::boolInvert( $result );
|
|
} else {
|
|
$this->doLevelSpecialWords( $result );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles keywords (in, like, rlike, contains, ...)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelSpecialWords( &$result ) {
|
|
$this->doLevelUnarys( $result );
|
|
$keyword = strtolower( $this->mCur->value );
|
|
if ( $this->mCur->type === AFPToken::TKEYWORD
|
|
&& isset( self::$mKeywords[$keyword] )
|
|
) {
|
|
$func = self::$mKeywords[$keyword];
|
|
$this->move();
|
|
$r2 = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelUnarys( $r2 );
|
|
|
|
if ( $r2->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'keyword operand', __METHOD__ );
|
|
}
|
|
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
return;
|
|
}
|
|
|
|
if ( $result->getType() === AFPData::DUNDEFINED || $r2->getType() === AFPData::DUNDEFINED ) {
|
|
$result = new AFPData( AFPData::DUNDEFINED );
|
|
} else {
|
|
$this->raiseCondCount();
|
|
|
|
// @phan-suppress-next-line PhanParamTooMany Not every function needs the position
|
|
$result = AFPData::$func( $result, $r2, $this->mCur->pos );
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles unary plus and minus, like in -5 or -(2 * +2)
|
|
*
|
|
* @param AFPData &$result
|
|
*/
|
|
protected function doLevelUnarys( &$result ) {
|
|
$op = $this->mCur->value;
|
|
if ( $this->mCur->type === AFPToken::TOP && ( $op === "+" || $op === "-" ) ) {
|
|
$this->move();
|
|
$this->doLevelArrayElements( $result );
|
|
if ( $this->mShortCircuit ) {
|
|
// The result doesn't matter.
|
|
return;
|
|
}
|
|
if ( $op === '-' ) {
|
|
$result = AFPData::unaryMinus( $result );
|
|
}
|
|
} else {
|
|
$this->doLevelArrayElements( $result );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles array elements, parsing expressions like array[number]
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelArrayElements( &$result ) {
|
|
$this->doLevelBraces( $result );
|
|
while ( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === '[' ) {
|
|
$idx = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelSemicolon( $idx );
|
|
if ( !( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === ']' ) ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound', $this->mCur->pos,
|
|
[ ']', $this->mCur->type, $this->mCur->value ] );
|
|
}
|
|
$idx = $idx->toInt();
|
|
if ( $result->getType() === AFPData::DARRAY ) {
|
|
if ( count( $result->getData() ) <= $idx ) {
|
|
throw new AFPUserVisibleException( 'outofbounds', $this->mCur->pos,
|
|
[ $idx, count( $result->getData() ) ] );
|
|
}
|
|
$result = $result->getData()[$idx];
|
|
} elseif ( $result->getType() === AFPData::DUNDEFINED ) {
|
|
$result = new AFPData( AFPData::DUNDEFINED );
|
|
} else {
|
|
throw new AFPUserVisibleException( 'notarray', $this->mCur->pos, [] );
|
|
}
|
|
$this->move();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles brackets, only ( and )
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelBraces( &$result ) {
|
|
if ( $this->mCur->type === AFPToken::TBRACE && $this->mCur->value === '(' ) {
|
|
if ( $this->mShortCircuit ) {
|
|
$result = new AFPData( AFPData::DUNDEFINED );
|
|
$this->skipOverBraces();
|
|
} else {
|
|
$this->doLevelSemicolon( $result );
|
|
}
|
|
if ( !( $this->mCur->type === AFPToken::TBRACE && $this->mCur->value === ')' ) ) {
|
|
throw new AFPUserVisibleException(
|
|
'expectednotfound',
|
|
$this->mCur->pos,
|
|
[ ')', $this->mCur->type, $this->mCur->value ]
|
|
);
|
|
}
|
|
$this->move();
|
|
} else {
|
|
$this->doLevelFunction( $result );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles functions
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelFunction( &$result ) {
|
|
if ( $this->mCur->type === AFPToken::TID && isset( self::$mFunctions[$this->mCur->value] ) ) {
|
|
$fname = $this->mCur->value;
|
|
$func = self::$mFunctions[$fname];
|
|
$this->move();
|
|
if ( $this->mCur->type !== AFPToken::TBRACE || $this->mCur->value !== '(' ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
'(',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
|
|
if ( $this->mShortCircuit ) {
|
|
$result = new AFPData( AFPData::DUNDEFINED );
|
|
$this->skipOverBraces();
|
|
$this->move();
|
|
|
|
// The result doesn't matter.
|
|
return;
|
|
}
|
|
|
|
$args = [];
|
|
$next = $this->getNextToken();
|
|
if ( $next->type !== AFPToken::TBRACE || $next->value !== ')' ) {
|
|
if ( ( $fname === 'set' || $fname === 'set_var' ) ) {
|
|
$state = $this->getState();
|
|
$this->move();
|
|
$next = $this->getNextToken();
|
|
if (
|
|
$this->mCur->type !== AFPToken::TSTRING ||
|
|
(
|
|
$next->type !== AFPToken::TCOMMA &&
|
|
// Let this fail later, when checking parameters count
|
|
!( $next->type === AFPToken::TBRACE && $next->value === ')' )
|
|
)
|
|
) {
|
|
throw new AFPUserVisibleException( 'variablevariable', $this->mCur->pos, [] );
|
|
} else {
|
|
$this->setState( $state );
|
|
}
|
|
}
|
|
do {
|
|
$r = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelSemicolon( $r );
|
|
if ( $r->getType() === AFPData::DEMPTY ) {
|
|
$this->logEmptyOperand( 'function argument', __METHOD__ );
|
|
}
|
|
$args[] = $r;
|
|
} while ( $this->mCur->type === AFPToken::TCOMMA );
|
|
} else {
|
|
$this->move();
|
|
}
|
|
|
|
if ( $this->mCur->type !== AFPToken::TBRACE || $this->mCur->value !== ')' ) {
|
|
throw new AFPUserVisibleException( 'expectednotfound',
|
|
$this->mCur->pos,
|
|
[
|
|
')',
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
|
|
$funcHash = md5( $func . serialize( $args ) );
|
|
|
|
if ( isset( $this->funcCache[$funcHash] ) &&
|
|
!in_array( $func, self::$ActiveFunctions )
|
|
) {
|
|
$result = $this->funcCache[$funcHash];
|
|
} else {
|
|
$this->raiseCondCount();
|
|
$hasUndefinedArg = false;
|
|
foreach ( $args as $arg ) {
|
|
if ( $arg->type === AFPData::DUNDEFINED ) {
|
|
$hasUndefinedArg = true;
|
|
break;
|
|
}
|
|
}
|
|
$result = $this->funcCache[$funcHash] = $hasUndefinedArg
|
|
? new AFPData( AFPData::DUNDEFINED )
|
|
: $this->$func( $args );
|
|
}
|
|
|
|
if ( count( $this->funcCache ) > 1000 ) {
|
|
// @codeCoverageIgnoreStart
|
|
$this->clearFuncCache();
|
|
// @codeCoverageIgnoreEnd
|
|
}
|
|
} else {
|
|
$this->doLevelAtom( $result );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handles the return value
|
|
*
|
|
* @param AFPData &$result
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function doLevelAtom( &$result ) {
|
|
$tok = $this->mCur->value;
|
|
switch ( $this->mCur->type ) {
|
|
case AFPToken::TID:
|
|
if ( $this->mShortCircuit ) {
|
|
$result = new AFPData( AFPData::DUNDEFINED );
|
|
} else {
|
|
$var = strtolower( $tok );
|
|
$result = $this->getVarValue( $var );
|
|
}
|
|
break;
|
|
case AFPToken::TSTRING:
|
|
$result = new AFPData( AFPData::DSTRING, $tok );
|
|
break;
|
|
case AFPToken::TFLOAT:
|
|
$result = new AFPData( AFPData::DFLOAT, $tok );
|
|
break;
|
|
case AFPToken::TINT:
|
|
$result = new AFPData( AFPData::DINT, $tok );
|
|
break;
|
|
case AFPToken::TKEYWORD:
|
|
if ( $tok === "true" ) {
|
|
$result = new AFPData( AFPData::DBOOL, true );
|
|
} elseif ( $tok === "false" ) {
|
|
$result = new AFPData( AFPData::DBOOL, false );
|
|
} elseif ( $tok === "null" ) {
|
|
$result = new AFPData( AFPData::DNULL );
|
|
} else {
|
|
throw new AFPUserVisibleException(
|
|
'unrecognisedkeyword',
|
|
$this->mCur->pos,
|
|
[ $tok ]
|
|
);
|
|
}
|
|
break;
|
|
case AFPToken::TNONE:
|
|
// Handled at entry level
|
|
return;
|
|
case AFPToken::TBRACE:
|
|
if ( $this->mCur->value === ')' ) {
|
|
// Handled at the entry level
|
|
return;
|
|
}
|
|
case AFPToken::TSQUAREBRACKET:
|
|
if ( $this->mCur->value === '[' ) {
|
|
$array = [];
|
|
while ( true ) {
|
|
$this->move();
|
|
if ( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === ']' ) {
|
|
break;
|
|
}
|
|
$item = new AFPData( AFPData::DEMPTY );
|
|
$this->doLevelSet( $item );
|
|
$array[] = $item;
|
|
if ( $this->mCur->type === AFPToken::TSQUAREBRACKET && $this->mCur->value === ']' ) {
|
|
break;
|
|
}
|
|
if ( $this->mCur->type !== AFPToken::TCOMMA ) {
|
|
throw new AFPUserVisibleException(
|
|
'expectednotfound',
|
|
$this->mCur->pos,
|
|
[ ', or ]', $this->mCur->type, $this->mCur->value ]
|
|
);
|
|
}
|
|
}
|
|
$result = new AFPData( AFPData::DARRAY, $array );
|
|
break;
|
|
}
|
|
default:
|
|
throw new AFPUserVisibleException(
|
|
'unexpectedtoken',
|
|
$this->mCur->pos,
|
|
[
|
|
$this->mCur->type,
|
|
$this->mCur->value
|
|
]
|
|
);
|
|
}
|
|
$this->move();
|
|
}
|
|
|
|
/* End of levels */
|
|
|
|
/**
|
|
* Check whether a variable exists, being either built-in or user-defined
|
|
*
|
|
* @param string $varname
|
|
* @return bool
|
|
*/
|
|
protected function varExists( $varname ) {
|
|
$builderValues = AbuseFilter::getBuilderValues();
|
|
|
|
return array_key_exists( $varname, $builderValues['vars'] ) ||
|
|
$this->mVariables->varIsSet( $varname );
|
|
}
|
|
|
|
/**
|
|
* @param string $var
|
|
* @return AFPData
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function getVarValue( $var ) {
|
|
$var = strtolower( $var );
|
|
$deprecatedVars = AbuseFilter::getDeprecatedVariables();
|
|
|
|
if ( array_key_exists( $var, $deprecatedVars ) ) {
|
|
$logger = LoggerFactory::getInstance( 'AbuseFilter' );
|
|
$logger->debug( "AbuseFilter: deprecated variable $var used." );
|
|
$var = $deprecatedVars[$var];
|
|
}
|
|
if ( !$this->varExists( $var ) ) {
|
|
$msg = array_key_exists( $var, AbuseFilter::$disabledVars ) ?
|
|
'disabledvar' :
|
|
'unrecognisedvar';
|
|
// If the variable is invalid, throw an exception
|
|
throw new AFPUserVisibleException(
|
|
// Coverage bug
|
|
// @codeCoverageIgnoreStart
|
|
$msg,
|
|
// @codeCoverageIgnoreEnd
|
|
$this->mCur->pos,
|
|
[ $var ]
|
|
);
|
|
} else {
|
|
return $this->mVariables->getVar( $var );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Check whether the given name refers to a built-in variable, including
|
|
* deprecated and disabled variables.
|
|
*
|
|
* @param string $varname
|
|
* @return bool
|
|
*/
|
|
protected function isBuiltinVar( $varname ) {
|
|
$builderValues = AbuseFilter::getBuilderValues();
|
|
$deprecatedVars = AbuseFilter::getDeprecatedVariables();
|
|
|
|
return array_key_exists( $varname, $builderValues['vars'] ) ||
|
|
array_key_exists( $varname, AbuseFilter::$disabledVars ) ||
|
|
array_key_exists( $varname, $deprecatedVars );
|
|
}
|
|
|
|
/**
|
|
* @param string $name
|
|
* @param mixed $value
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function setUserVariable( $name, $value ) {
|
|
if ( $this->isBuiltinVar( $name ) ) {
|
|
throw new AFPUserVisibleException( 'overridebuiltin', $this->mCur->pos, [ $name ] );
|
|
}
|
|
$this->mVariables->setVar( $name, $value );
|
|
}
|
|
|
|
/**
|
|
* Check that a built-in function has been provided enough arguments
|
|
*
|
|
* @param array $args The arguments supplied to the function
|
|
* @param string $func The function name
|
|
* @param int $count The amount of needed arguments. If this is 1, then the 'noparams' message
|
|
* is used. Otherwise, the message is 'notenoughargs'.
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function checkEnoughArguments( $args, $func, $count ) {
|
|
if ( count( $args ) < $count ) {
|
|
throw new AFPUserVisibleException(
|
|
$count === 1 ? 'noparams' : 'notenoughargs',
|
|
$this->mCur->pos,
|
|
[ $func, $count, count( $args ) ]
|
|
);
|
|
}
|
|
}
|
|
|
|
// Built-in functions
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcLc( $args ) {
|
|
$contLang = MediaWikiServices::getInstance()->getContentLanguage();
|
|
$this->checkEnoughArguments( $args, 'lc', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, $contLang->lc( $s ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcUc( $args ) {
|
|
$contLang = MediaWikiServices::getInstance()->getContentLanguage();
|
|
$this->checkEnoughArguments( $args, 'uc', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, $contLang->uc( $s ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcLen( $args ) {
|
|
$this->checkEnoughArguments( $args, 'len', 1 );
|
|
|
|
if ( $args[0]->type === AFPData::DARRAY ) {
|
|
// Don't use toString on arrays, but count
|
|
$val = count( $args[0]->data );
|
|
} else {
|
|
$val = mb_strlen( $args[0]->toString(), 'utf-8' );
|
|
}
|
|
|
|
return new AFPData( AFPData::DINT, $val );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcSpecialRatio( $args ) {
|
|
$this->checkEnoughArguments( $args, 'specialratio', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
if ( !strlen( $s ) ) {
|
|
return new AFPData( AFPData::DFLOAT, 0 );
|
|
}
|
|
|
|
$nospecials = $this->rmspecials( $s );
|
|
|
|
$val = 1. - ( ( mb_strlen( $nospecials ) / mb_strlen( $s ) ) );
|
|
|
|
return new AFPData( AFPData::DFLOAT, $val );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcCount( $args ) {
|
|
$this->checkEnoughArguments( $args, 'count', 1 );
|
|
|
|
if ( $args[0]->type === AFPData::DARRAY && count( $args ) === 1 ) {
|
|
return new AFPData( AFPData::DINT, count( $args[0]->data ) );
|
|
}
|
|
|
|
if ( count( $args ) === 1 ) {
|
|
$count = count( explode( ',', $args[0]->toString() ) );
|
|
} else {
|
|
$needle = $args[0]->toString();
|
|
$haystack = $args[1]->toString();
|
|
|
|
// T62203: Keep empty parameters from causing PHP warnings
|
|
if ( $needle === '' ) {
|
|
$count = 0;
|
|
} else {
|
|
$count = substr_count( $haystack, $needle );
|
|
}
|
|
}
|
|
|
|
return new AFPData( AFPData::DINT, $count );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function funcRCount( $args ) {
|
|
$this->checkEnoughArguments( $args, 'rcount', 1 );
|
|
|
|
if ( count( $args ) === 1 ) {
|
|
$count = count( explode( ',', $args[0]->toString() ) );
|
|
} else {
|
|
$needle = $args[0]->toString();
|
|
$haystack = $args[1]->toString();
|
|
|
|
// Munge the regex
|
|
$needle = preg_replace( '!(\\\\\\\\)*(\\\\)?/!', '$1\/', $needle );
|
|
$needle = "/$needle/u";
|
|
|
|
// Suppress and restore needed per T177744
|
|
Wikimedia\suppressWarnings();
|
|
$count = preg_match_all( $needle, $haystack );
|
|
Wikimedia\restoreWarnings();
|
|
|
|
if ( $count === false ) {
|
|
throw new AFPUserVisibleException(
|
|
'regexfailure',
|
|
$this->mCur->pos,
|
|
[ $needle ]
|
|
);
|
|
}
|
|
}
|
|
|
|
return new AFPData( AFPData::DINT, $count );
|
|
}
|
|
|
|
/**
|
|
* Returns an array of matches of needle in the haystack, the first one for the whole regex,
|
|
* the other ones for every capturing group.
|
|
*
|
|
* @param array $args
|
|
* @return AFPData An array of matches.
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function funcGetMatches( $args ) {
|
|
$this->checkEnoughArguments( $args, 'get_matches', 2 );
|
|
|
|
$needle = $args[0]->toString();
|
|
$haystack = $args[1]->toString();
|
|
|
|
// Count the amount of capturing groups in the submitted pattern.
|
|
// This way we can return a fixed-dimension array, much easier to manage.
|
|
// ToDo: Find a better way to do this.
|
|
// First, strip away escaped parentheses
|
|
$sanitized = preg_replace( '/(\\\\\\\\)*\\\\\(/', '', $needle );
|
|
// Then strip starting parentheses of non-capturing groups, including
|
|
// atomics, lookaheads and so on, even if not every of them is supported.
|
|
$sanitized = str_replace( '(?', '', $sanitized );
|
|
// And also strip "(*", used with backtracking verbs like (*FAIL)
|
|
$sanitized = str_replace( '(*', '', $sanitized );
|
|
// Finally create an array of falses with dimension = # of capturing groups
|
|
$groupscount = substr_count( $sanitized, '(' ) + 1;
|
|
$falsy = array_fill( 0, $groupscount, false );
|
|
|
|
// Munge the regex by escaping slashes
|
|
$needle = preg_replace( '!(\\\\\\\\)*(\\\\)?/!', '$1\/', $needle );
|
|
$needle = "/$needle/u";
|
|
|
|
// Suppress and restore are here for the same reason as T177744
|
|
Wikimedia\suppressWarnings();
|
|
$check = preg_match( $needle, $haystack, $matches );
|
|
Wikimedia\restoreWarnings();
|
|
|
|
if ( $check === false ) {
|
|
throw new AFPUserVisibleException(
|
|
'regexfailure',
|
|
$this->mCur->pos,
|
|
[ $needle ]
|
|
);
|
|
}
|
|
|
|
// Returned array has non-empty positions identical to the ones returned
|
|
// by the third parameter of a standard preg_match call ($matches in this case).
|
|
// We want an union with falsy to return a fixed-dimension array.
|
|
return AFPData::newFromPHPVar( $matches + $falsy );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
* @throws AFPUserVisibleException
|
|
*/
|
|
protected function funcIPInRange( $args ) {
|
|
$this->checkEnoughArguments( $args, 'ip_in_range', 2 );
|
|
|
|
$ip = $args[0]->toString();
|
|
$range = $args[1]->toString();
|
|
|
|
if ( !IP::isValidRange( $range ) ) {
|
|
throw new AFPUserVisibleException(
|
|
'invalidiprange',
|
|
$this->mCur->pos,
|
|
[ $range ]
|
|
);
|
|
}
|
|
|
|
$result = IP::isInRange( $ip, $range );
|
|
|
|
return new AFPData( AFPData::DBOOL, $result );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcCCNorm( $args ) {
|
|
$this->checkEnoughArguments( $args, 'ccnorm', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
$s = html_entity_decode( $s, ENT_QUOTES, 'UTF-8' );
|
|
$s = $this->ccnorm( $s );
|
|
|
|
return new AFPData( AFPData::DSTRING, $s );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcSanitize( $args ) {
|
|
$this->checkEnoughArguments( $args, 'sanitize', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
$s = html_entity_decode( $s, ENT_QUOTES, 'UTF-8' );
|
|
$s = Sanitizer::decodeCharReferences( $s );
|
|
|
|
return new AFPData( AFPData::DSTRING, $s );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcContainsAny( $args ) {
|
|
$this->checkEnoughArguments( $args, 'contains_any', 2 );
|
|
|
|
$s = array_shift( $args );
|
|
|
|
return new AFPData( AFPData::DBOOL, self::contains( $s, $args, true ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcContainsAll( $args ) {
|
|
$this->checkEnoughArguments( $args, 'contains_all', 2 );
|
|
|
|
$s = array_shift( $args );
|
|
|
|
return new AFPData( AFPData::DBOOL, self::contains( $s, $args, false, false ) );
|
|
}
|
|
|
|
/**
|
|
* Normalize and search a string for multiple substrings in OR mode
|
|
*
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcCCNormContainsAny( $args ) {
|
|
$this->checkEnoughArguments( $args, 'ccnorm_contains_any', 2 );
|
|
|
|
$s = array_shift( $args );
|
|
|
|
return new AFPData( AFPData::DBOOL, self::contains( $s, $args, true, true ) );
|
|
}
|
|
|
|
/**
|
|
* Normalize and search a string for multiple substrings in AND mode
|
|
*
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcCCNormContainsAll( $args ) {
|
|
$this->checkEnoughArguments( $args, 'ccnorm_contains_all', 2 );
|
|
|
|
$s = array_shift( $args );
|
|
|
|
return new AFPData( AFPData::DBOOL, self::contains( $s, $args, false, true ) );
|
|
}
|
|
|
|
/**
|
|
* Search for substrings in a string
|
|
*
|
|
* Use is_any to determine wether to use logic OR (true) or AND (false).
|
|
*
|
|
* Use normalize = true to make use of ccnorm and
|
|
* normalize both sides of the search.
|
|
*
|
|
* @param AFPData $string
|
|
* @param AFPData[] $values
|
|
* @param bool $is_any
|
|
* @param bool $normalize
|
|
*
|
|
* @return bool
|
|
*/
|
|
protected static function contains( $string, $values, $is_any = true, $normalize = false ) {
|
|
$string = $string->toString();
|
|
|
|
if ( $string === '' ) {
|
|
return false;
|
|
}
|
|
|
|
if ( $normalize ) {
|
|
$string = self::ccnorm( $string );
|
|
}
|
|
|
|
foreach ( $values as $needle ) {
|
|
$needle = $needle->toString();
|
|
if ( $normalize ) {
|
|
$needle = self::ccnorm( $needle );
|
|
}
|
|
if ( $needle === '' ) {
|
|
// T62203: Keep empty parameters from causing PHP warnings
|
|
continue;
|
|
}
|
|
|
|
$is_found = strpos( $string, $needle ) !== false;
|
|
if ( $is_found === $is_any ) {
|
|
// If I'm here and it's ANY (OR) => something is found.
|
|
// If I'm here and it's ALL (AND) => nothing is found.
|
|
// In both cases, we've had enough.
|
|
return $is_found;
|
|
}
|
|
}
|
|
|
|
// If I'm here and it's ANY (OR) => nothing was found: return false ($is_any is true)
|
|
// If I'm here and it's ALL (AND) => everything was found: return true ($is_any is false)
|
|
return !$is_any;
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcEqualsToAny( $args ) {
|
|
$this->checkEnoughArguments( $args, 'equals_to_any', 2 );
|
|
|
|
$s = array_shift( $args );
|
|
|
|
return new AFPData( AFPData::DBOOL, self::equalsToAny( $s, $args ) );
|
|
}
|
|
|
|
/**
|
|
* Check if the given string is equals to any of the following strings
|
|
*
|
|
* @param AFPData $string
|
|
* @param AFPData[] $values
|
|
*
|
|
* @return bool
|
|
*/
|
|
protected static function equalsToAny( $string, $values ) {
|
|
$string = $string->toString();
|
|
|
|
foreach ( $values as $needle ) {
|
|
$needle = $needle->toString();
|
|
|
|
if ( $string === $needle ) {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* @param string $s
|
|
* @return mixed
|
|
*/
|
|
protected static function ccnorm( $s ) {
|
|
// Instantiate a single version of the equivset so the data is only loaded once.
|
|
if ( !self::$equivset ) {
|
|
self::$equivset = new Equivset();
|
|
}
|
|
|
|
return self::$equivset->normalize( $s );
|
|
}
|
|
|
|
/**
|
|
* @param string $s
|
|
* @return array|string
|
|
*/
|
|
protected function rmspecials( $s ) {
|
|
return preg_replace( '/[^\p{L}\p{N}]/u', '', $s );
|
|
}
|
|
|
|
/**
|
|
* @param string $s
|
|
* @return array|string
|
|
*/
|
|
protected function rmdoubles( $s ) {
|
|
return preg_replace( '/(.)\1+/us', '\1', $s );
|
|
}
|
|
|
|
/**
|
|
* @param string $s
|
|
* @return array|string
|
|
*/
|
|
protected function rmwhitespace( $s ) {
|
|
return preg_replace( '/\s+/u', '', $s );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcRMSpecials( $args ) {
|
|
$this->checkEnoughArguments( $args, 'rmspecials', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, $this->rmspecials( $s ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcRMWhitespace( $args ) {
|
|
$this->checkEnoughArguments( $args, 'rmwhitespace', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, $this->rmwhitespace( $s ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcRMDoubles( $args ) {
|
|
$this->checkEnoughArguments( $args, 'rmdoubles', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, $this->rmdoubles( $s ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcNorm( $args ) {
|
|
$this->checkEnoughArguments( $args, 'norm', 1 );
|
|
$s = $args[0]->toString();
|
|
|
|
$s = $this->ccnorm( $s );
|
|
$s = $this->rmdoubles( $s );
|
|
$s = $this->rmspecials( $s );
|
|
$s = $this->rmwhitespace( $s );
|
|
|
|
return new AFPData( AFPData::DSTRING, $s );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcSubstr( $args ) {
|
|
$this->checkEnoughArguments( $args, 'substr', 2 );
|
|
|
|
$s = $args[0]->toString();
|
|
$offset = $args[1]->toInt();
|
|
$length = isset( $args[2] ) ? $args[2]->toInt() : null;
|
|
|
|
$result = mb_substr( $s, $offset, $length );
|
|
|
|
return new AFPData( AFPData::DSTRING, $result );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcStrPos( $args ) {
|
|
$this->checkEnoughArguments( $args, 'strpos', 2 );
|
|
|
|
$haystack = $args[0]->toString();
|
|
$needle = $args[1]->toString();
|
|
$offset = isset( $args[2] ) ? $args[2]->toInt() : 0;
|
|
|
|
// T62203: Keep empty parameters from causing PHP warnings
|
|
if ( $needle === '' ) {
|
|
return new AFPData( AFPData::DINT, -1 );
|
|
}
|
|
|
|
$result = mb_strpos( $haystack, $needle, $offset );
|
|
|
|
if ( $result === false ) {
|
|
$result = -1;
|
|
}
|
|
|
|
return new AFPData( AFPData::DINT, $result );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcStrReplace( $args ) {
|
|
$this->checkEnoughArguments( $args, 'str_replace', 3 );
|
|
|
|
$subject = $args[0]->toString();
|
|
$search = $args[1]->toString();
|
|
$replace = $args[2]->toString();
|
|
|
|
return new AFPData( AFPData::DSTRING, str_replace( $search, $replace, $subject ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function funcStrRegexEscape( $args ) {
|
|
$this->checkEnoughArguments( $args, 'rescape', 1 );
|
|
|
|
$string = $args[0]->toString();
|
|
|
|
// preg_quote does not need the second parameter, since rlike takes
|
|
// care of the delimiter symbol itself
|
|
return new AFPData( AFPData::DSTRING, preg_quote( $string ) );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return mixed
|
|
*/
|
|
protected function funcSetVar( $args ) {
|
|
$this->checkEnoughArguments( $args, 'set_var', 2 );
|
|
|
|
$varName = $args[0]->toString();
|
|
$value = $args[1];
|
|
|
|
$this->setUserVariable( $varName, $value );
|
|
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function castString( $args ) {
|
|
$this->checkEnoughArguments( $args, 'string', 1 );
|
|
return AFPData::castTypes( $args[0], AFPData::DSTRING );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function castInt( $args ) {
|
|
$this->checkEnoughArguments( $args, 'int', 1 );
|
|
return AFPData::castTypes( $args[0], AFPData::DINT );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function castFloat( $args ) {
|
|
$this->checkEnoughArguments( $args, 'float', 1 );
|
|
return AFPData::castTypes( $args[0], AFPData::DFLOAT );
|
|
}
|
|
|
|
/**
|
|
* @param array $args
|
|
* @return AFPData
|
|
*/
|
|
protected function castBool( $args ) {
|
|
$this->checkEnoughArguments( $args, 'bool', 1 );
|
|
return AFPData::castTypes( $args[0], AFPData::DBOOL );
|
|
}
|
|
|
|
/**
|
|
* Log empty operands for T156096
|
|
*
|
|
* @param string $type Type of the empty operand
|
|
* @param string $fname Method where the empty operand is found
|
|
*/
|
|
protected function logEmptyOperand( $type, $fname ) {
|
|
$logger = LoggerFactory::getInstance( 'AbuseFilter' );
|
|
$logger->info( "Empty operand of type $type at method $fname" );
|
|
}
|
|
}
|