Skip to content

Minds Backend - Engine
Minds Backend - Engine
Source
...
Target
 
Commits (2)
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 366 additions and 668 deletions
Core/Security/Events.php
View file @ 4f014594
......@@ -7,6 +7,7 @@ use Minds\Core\Events\Dispatcher;
use Minds\Core\Security\TwoFactor;
use Minds\Exceptions;
use Minds\Helpers\Text;
use Minds\Core\Security\ProhibitedDomains;
class Events
{
......@@ -16,10 +17,13 @@ class Events
/** @var Config $config */
protected $config;
public function __construct()
/** @var ProhibitedDomains */
protected $prohibitedDomains;
public function __construct($prohibitedDomains = null)
{
$this->sms = Di::_()->get('SMS');
$this->config = $config ?: Di::_()->get('Config');
$this->prohibitedDomains = $prohibitedDomains ?? new ProhibitedDomains();
}
public function register()
......@@ -55,9 +59,9 @@ class Events
* @param $object - excepts fields description, briefdescription, message and title.
* @return boolean - true if prohibited domain found.
*/
public function containsProhibitedDomain($object)
public function containsProhibitedDomain($object): string
{
$prohibitedDomains = $this->config->get('prohibited_domains');
$prohibitedDomains = $this->prohibitedDomains->get();
$bodies = [
$object->description,
$object->briefdescription,
......@@ -70,7 +74,7 @@ class Events
return $found;
}
}
return false;
return "";
}
/**
......
Core/Security/ProhibitedDomains.php 0 → 100644
View file @ 4f014594
<?php
namespace Minds\Core\Security;
/**
* @author Ben
* @desc holds the list of prohibited domains.
*/
class ProhibitedDomains
{
public function __construct()
{
}
/**
* getter for prohibitedDomains
*
* @return array an array of prohibited domains.
*/
public function get(): array
{
return $this->prohibitedDomains;
}
private $prohibitedDomains = [ //shorts
// 't.co', 'goo.gl', 'ow.ly', 'bitly.com', 'bit.ly','tinyurl.com','bit.do','go2.do',
// 'adf.ly', 'adcrun.ch', 'zpag.es','ity.im', 'q.gs', 'lnk.co', 'is.gd',
//full
'movieblog.tumblr.com',
'moviehdstream.wordpress.com',
'moviehq.tumblr.com',
'moviehq.webs.com',
'moviehq.wordpress.com',
'movieo.wordpress.com',
'movieonline.tumblr.com',
'movieonline.webs.com',
'movieonline.wordpress.com',
'movieonlinehd.tumblr.com',
'movieonlinehd.webs.com',
'movieonlinehd.wordpress.com',
'movies.tumblr.com',
'moviesf.tumblr.com',
'moviesgodetia.com',
'movieslinks4u',
'moviesmount.com',
'moviesmonster.biz',
'moviesondesktop',
'moviesonlinefree.biz',
'moviestream.wordpress.com',
'movieontop.com',
'afllivestreaming.com.au',
'londonolympiccorner',
'nrllivestreaming.com.au',
'24x7livestreamtvchannels.com',
'www.edogo.us',
'all4health.in',
'watches4a.co.uk',
'es.jennyjoseph.com',
'allsportslive24x7.blogspot.com',
'boxing-tv-2014-live-stream.blogspot.com',
'amarblogdalima.blogspot.com',
'www.officialtvstream.com.es',
'topsalor.com',
'busybo.org',
'www.nowvideo.sx',
'180upload.com',
'allmyvideos.net',
'busybo.org',
'hdmovieshouse.biz',
'sportblog.info',
'psport.space',
'discus.space',
'euro2016.it.ua',
'neymar.space',
'espnstream.space',
'2016.vn.u',
'blogstream.space',
'liveextratime.xyz',
'thebestlive.xyz',
'streamoffside.xyz',
'sportmaster2014.page.tl',
'bloggersdelight.dk',
'watchsportslive.space',
'freeforward.xyz',
'live4sports.xyz',
'streamfun.xyz',
'angelfire.com',
'streamtime.xyz',
'futebol2star.com',
'live2sport.com',
'newssports.space',
'onlineolympics.xyz',
'liveolympics.xyz',
'streamontv.xyz',
'londonschedule.com',
'onlineolympics.space',
'sportwinning.xyz',
'streamworld.xyz',
'streamtop.xyz',
'livechampion.xyz',
'playstreams.xyz',
'live4sport.xyz',
'streampage.xyz',
'calendarsport.space',
'fsport.space',
'euro2016.od.ua',
'streambig.xyz',
'sportprediction.xyz',
'streamwork.xyz',
'r041.donnael.com',
'2016.lt.ua',
'vipleague.se',
'liveonline.company',
'liveolympics.space',
'seoandvideomarketing.com.au',
'vipbox.sx',
'germanypolandlivestream.club',
'sportgoal.xyz',
'ggdbsale.com',
'gorillasteroids.eu',
'watchlivesports.space',
'penaltyshootout.xyz',
'streamgroup.xyz',
'streamnew.xyz',
'cottonsport.space',
'gosport.space',
'streambest.xyz',
'penaltyspot.xyz',
'streamthe.xyz',
'liveevents.name',
'londonblog.work',
'testcollections.com',
'alfagy.com',
'teravide1974.full-design.com',
'selfnarhasbllaq1980-blog.logdown.com',
'neipononchoi1984.suomiblog.com',
'gemttranlonthe1985.blogzet.com',
'pitchero.com',
'blogolize.com',
'lisbopholsven1974.thezenweb.com',
'blogocial.com',
'tinyblogging.com',
'share.pho.to',
'community.vietfun.com',
'ockuderla1985.full-design.com',
'unmosimla1978.total-blog.com',
'gemttranlonthe1985.blogzet.com',
'rapptubizboe1978.blogminds.com',
'descduclighgon1973.full-design.com',
'ricphosati1972.full-design.com',
'fuddbluslanmaa1975.blogdigy.com',
'smarforcute1976.blogdigy.com',
'xn--90aizihgi.xn--p1ai',
'tinyurl.com',
'bit.ly',
'bit.do',
'123football.space',
'bitly.com',
'j.mp',
'livestreaming.one',
'livestreaming.life',
'forbest.pw',
'olizev.tdska2ll.ru',
'tdska2ll.ru',
'tdska1ll.ru',
'tdska3ll.ru',
'tdska4ll.ru',
'ihmail.ru',
'tdska5ll.ru',
'tdska6ll.ru',
'll.ru',
'shorl.com',
'scorestream.space',
'bestsplayer.xyz',
'worldwideevents.space',
'worldseries.space',
'best247chemist.net',
'9tn.ru',
'futbolkin2013.ru',
'playnowstore.com',
'qr-url.tk',
'watchonlinerugby.net',
'esecuritys.com',
'rufile.no-ip.ca',
'imzonline.com',
'femeedia.com',
'mediomatic.com',
'savemoneyeasily.com',
'option1pro.com',
'perron07.nl',
'movieonrails.com',
'topmoviestoday.com',
'playnowstore.com',
'g-files.biz',
'dawnloadonline.com',
'thedirsite.com',
'siteslocate.com',
'mydrugdir.com',
'find24hs.com',
'veeble.org',
'movieonrails.com',
'bestmoviehd.net',
'putmovies.info',
'awarefinance.com',
'shurll.com',
'acceptsearch.com',
'signforcover.com',
'raisengine.com',
'rocketcarrental.com',
'godsearchs.com',
'listenhanced.com',
'find24hs.com',
'findinform.com',
'sitesworlds.com',
'rocketcarrental.com',
'thedirsite.com',
'getboook.com',
'pokerarena88.com',
'aquamelia.com',
'beautyskintalks.com',
'getmooovie.com',
'getdriversss.com',
'getsoooft.com',
'getgamesss.com',
'abrts.pro',
'leadbit.biz',
'efght.pro',
'qyresearcheurope.com',
'plusfreemaxfr.com',
'getappmac.com',
'getharlemhealthy.org',
'goo.gl',
'getmooovie.com',
'marketreportscenter.com',
'getsooft.com',
'myowndom.ru',
'print-mgn.ru',
'wiki-data.ru',
'velobog.ru',
'mobisony.ru',
'dzeroki.ru',
'slimkor.ru',
'kak-brosit-kyrit.ru',
'jinyurl.com',
'urlin.us',
'capillus.com',
'siteprofissional.com',
'mitersawjudge.com',
'mohajreen-jeeda.com',
'jobberies.com',
'bestfilms.site',
'baystudios.ch',
'elvenarhack.bid',
'essencephskincare.com',
'blog2learn.com',
'superrugbyonline.net',
'superrugby18.livejournal.com',
'expertairco.com',
'draesthetica.co.uk',
'sphere.social',
'saveabookmarks.xyz',
'/t.co',
'samuelsconstruction.build',
'pmwares.com',
'watchesofwales.co.uk',
//'.ru',
'zotero.org',
'speakerdeck.com',
'freesiteslike.com',
'pusha.se',
'vrootdownload.org',
'rubberwebshop.nl',
'restaurerlecorps.info',
'discretthemes.info',
'bride-forever.com',
'simplesmetamorphoses.info',
'mp3gain.com',
'mp4gain.com',
'ttlink.com',
'onepost.cf',
'getmefunds.com',
'vikinail.pl',
'typesofbeauty.info',
'joie6portia93.bloglove.cc',
'htgtea.com',
'tblogz.com',
'liveinternet.ru',
'.diowebhost.com',
'/yoursite.com',
'reworkedgames.eu',
'mp3gain.sourceforge.net',
'pages10.com',
'nudegirIs.info',
'aidagirls.com',
'alsoloves.com',
'hotswishes.com',
'instaphoto.club',
'intimspace.com',
'pornopoisk.info',
'localmodels.online',
'kaikki-mallit.com',
'hotswishes.com',
];
}
Core/Security/Spam.php
View file @ 4f014594
......@@ -2,12 +2,9 @@
namespace Minds\Core\Security;
use Minds\Core\Di\Di;
use Minds\Core\Events\Dispatcher;
use Minds\Core\Security\TwoFactor;
use Minds\Exceptions;
use Minds\Helpers\Text;
use Minds\Core\Config;
use Minds\Core\Security\ProhibitedDomains;
class Spam
{
......@@ -15,14 +12,14 @@ class Spam
protected $config;
public function __construct(
$config = null
$prohibitedDomains = null
) {
$this->config = $config ?: Di::_()->get('Config');
$this->prohibitedDomains = $prohibitedDomains ?? new ProhibitedDomains();
}
public function check($entity)
{
$prohibitedDomains = $this->config->get('prohibited_domains');
$prohibitedDomains = $this->prohibitedDomains->get();
$foundSpam = false;
switch ($entity->getType()) {
......
Spec/Core/Security/SpamSpec.php
View file @ 4f014594
......@@ -10,6 +10,7 @@ use Minds\Core\Comments\Comment;
use Minds\Entities\User;
use Minds\Entities\Group;
use Minds\Entities\Entity;
use Minds\Core\Security\ProhibitedDomains;
class SpamSpec extends ObjectBehavior
{
......@@ -18,13 +19,16 @@ class SpamSpec extends ObjectBehavior
$this->shouldHaveType('Minds\Core\Security\Spam');
}
public function it_should_detect_spam_in_a_blog(Blog $blog, Config $config)
public function it_should_detect_spam_in_a_blog(
Blog $blog,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$blog->getBody()->shouldBeCalled()->willReturn('test bit.ly test');
$blog->getType()->shouldBeCalled()->willReturn('object');
......@@ -34,13 +38,16 @@ class SpamSpec extends ObjectBehavior
->duringCheck($blog);
}
public function it_should_detect_spam_in_a_comment(Comment $comment, Config $config)
public function it_should_detect_spam_in_a_comment(
Comment $comment,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$comment = new Comment();
$comment->setBody('test bit.ly test');
......@@ -50,13 +57,16 @@ class SpamSpec extends ObjectBehavior
->duringCheck($comment);
}
public function it_should_detect_spam_in_a_user(User $user, Config $config)
public function it_should_detect_spam_in_a_user(
User $user,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$user = new User('123');
$user['briefdescription'] = 'test bit.ly test';
......@@ -66,13 +76,16 @@ class SpamSpec extends ObjectBehavior
->duringCheck($user);
}
public function it_should_detect_spam_in_a_group(Group $group, Config $config)
public function it_should_detect_spam_in_a_group(
Group $group,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$group = new Group();
$group->setBriefdescription('test bit.ly test');
......@@ -82,13 +95,16 @@ class SpamSpec extends ObjectBehavior
->duringCheck($group);
}
public function it_should_detect_NO_spam_in_a_blog(Blog $blog, Config $config)
public function it_should_detect_NO_spam_in_a_blog(
Blog $blog,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$blog->getBody()->shouldBeCalled()->willReturn('test bit.nospam test');
$blog->getType()->shouldBeCalled()->willReturn('object');
......@@ -97,13 +113,16 @@ class SpamSpec extends ObjectBehavior
$this->check($blog)->shouldReturn(false);
}
public function it_should_detect_NO_spam_in_a_comment(Comment $comment, Config $config)
public function it_should_detect_NO_spam_in_a_comment(
Comment $comment,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$comment = new Comment();
$comment->setBody('test bit.nospam test');
......@@ -112,13 +131,16 @@ class SpamSpec extends ObjectBehavior
$this->check($comment)->shouldReturn(false);
}
public function it_should_detect_NO_spam_in_a_user(User $user, Config $config)
public function it_should_detect_NO_spam_in_a_user(
User $user,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$user = new User('123');
$user['briefdescription'] = 'test bit.nospam test';
......@@ -127,13 +149,16 @@ class SpamSpec extends ObjectBehavior
$this->check($user)->shouldReturn(false);
}
public function it_should_detect_NO_spam_in_a_group(Group $group, Config $config)
public function it_should_detect_NO_spam_in_a_group(
Group $group,
ProhibitedDomains $prohibitedDomains
)
{
$config->get('prohibited_domains')
$prohibitedDomains->get()
->shouldBeCalled()
->willReturn(['bit.ly']);
$this->beConstructedWith($config);
$this->beConstructedWith($prohibitedDomains);
$group = new Group();
$group->setBriefdescription('test bit.nospam test');
......
settings.example.php
View file @ 4f014594
This diff is collapsed.