예제 #1
0
        public void CheckifContainsUrls()
        {
            Console.WriteLine("Before CheckifContainsUrls");

            //Create the mocked inputcontext
            Mockery mock = new Mockery();
            IInputContext mockedInputContext = DnaMockery.CreateDatabaseInputContext();
            DnaMockery.SetDefaultDiagnostics(mockedInputContext);
            DnaMockery.SetDefaultAllowedURLs(mockedInputContext);
                     
            //XmlDocument siteconfig = new XmlDocument();
            //siteconfig.LoadXml("<SITECONFIG />");
            ISite site = mock.NewMock<ISite>();
            //Stub.On(site).GetProperty("SiteConfig").Will(Return.Value(siteconfig.FirstChild));
            Stub.On(site).GetProperty("SiteID").Will(Return.Value(1));

            // Create the stored procedure reader for the UITemplate object
            using (IDnaDataReader reader = mockedInputContext.CreateDnaDataReader("getallallowedurls"))
            {
                Stub.On(mockedInputContext).Method("CreateDnaDataReader").With("getallallowedurls").Will(Return.Value(reader));

                User user = new User(mockedInputContext);
                Stub.On(mockedInputContext).GetProperty("ViewingUser").Will(Return.Value(user));
                Stub.On(mockedInputContext).GetProperty("CurrentSite").Will(Return.Value(site));

                URLFilter urlFilter = new URLFilter(mockedInputContext);
                List<string> URLMatches = new List<string>();

                URLFilter.FilterState state = urlFilter.CheckForURLs("Here is a url http://www.bbc.co.uk ", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Pass == state, "Catching a valid url address");
                
                state = urlFilter.CheckForURLs("Check a plain url  www.bbc.co.uk ", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Pass == state, "Catching a valid url address");

                state = urlFilter.CheckForURLs("http://www.bbc.co.uk ", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Pass == state, "Catching a valid url address");

                state = urlFilter.CheckForURLs("http://www.bbc.co.uk/cbbc", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Pass == state, "Catching a valid url address");

                state = urlFilter.CheckForURLs("http://www.dodgyporn.co.uk/", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Fail == state, "Not Catching the url address");

                state = urlFilter.CheckForURLs("Here is a bit of text with an / but no url address", URLMatches);

                Assert.IsTrue(URLFilter.FilterState.Pass == state, "Catching  a non existant url address");
            }
            
            Console.WriteLine("After CheckifContainsUrls");
        }
예제 #2
0
파일: UIField.cs 프로젝트: rocketeerbkw/DNA
        /// <summary>
        /// Validate fields
        /// </summary>
        /// <returns>true if valid false if not</returns>
        public bool Validate()
        {
            bool isValid = true;
            if (_validateEmpty && _valueRaw.Length == 0)
            {
                AddErrorXml("Empty field", "This field cannot be empty.", _errorXML);
                isValid = false;
            }
            if (_validateNotEqualTo && _valueRaw == _notEqualToValue)
            {
                AddErrorXml("Not Equal To", "This field cannot be equal to the given value.", _errorXML);
                isValid = false;
            }
            if (_validateParsesOK && ParseValue(_valueRaw))
            {
                isValid = false;
            }
            if (_required && (_valueRaw == String.Empty))
            {
                AddErrorXml("Required Field Not Present", "This field must be passed a value.", _errorXML);
                isValid = false;
            }
            if (HasProfanities(_valueRaw))
            {
                isValid = false;
            }

            if(InputContext.GetSiteOptionValueBool("General", "IsURLFiltered") && !(InputContext.ViewingUser.IsEditor || InputContext.ViewingUser.IsNotable))
            {
                URLFilter filter = new URLFilter(InputContext);
                List<string> nonAllowedURLs = new List<string>();
                if (filter.CheckForURLs(_valueRaw, nonAllowedURLs) == URLFilter.FilterState.Fail)
                {
                    string errorMessage = "A Non-Allowed url has been found. The following URL(s) were found :- ";
                    foreach(string URL in nonAllowedURLs)
                    {
                        errorMessage += URL + " , ";
                    }
                    errorMessage += "these are not in the allowed URL list for this site. ";
                    AddErrorXml("Non Allowed URL", errorMessage, _errorXML);
                    isValid = false;
                }
            }

            if (InputContext.GetSiteOptionValueBool("Forum", "EmailAddressFilter") && !(InputContext.ViewingUser.IsEditor || InputContext.ViewingUser.IsNotable))
            {
                if (EmailAddressFilter.CheckForEmailAddresses(_valueRaw))
                {
                    AddErrorXml("Non Allowed Email address", "An Email address has been found.", _errorXML);
                    isValid = false;
                }
            }

            FillValues();

            return isValid;
        }
예제 #3
0
파일: Forum.cs 프로젝트: rocketeerbkw/DNA
        /// <summary>
        /// posts a new entry to the user's journal
        /// </summary>
        /// <param name="userID">ID of user posting</param>
        /// <param name="journalID">Forum ID of the user's journal</param>
        /// <param name="userName">username (not used, I think)</param>
        /// <param name="subject">Subject line of posting</param>
        /// <param name="body">body of journal posting</param>
        /// <param name="siteID"></param>
        /// <param name="postStyle"></param>
        /// <param name="profanityFound">if profanites are found</param>
        /// <param name="nonAllowedURLsFound">if non allowed urls are found</param>
        /// <param name="emailAddressFound">Indicates an email address was found.</param>
        public void PostToJournal(int userID, int journalID, string userName, string subject, string body, int siteID, int postStyle, ref bool profanityFound, ref bool nonAllowedURLsFound, ref bool emailAddressFound)
        {
            string textToCheck = subject + " " + body;

            string matchedProfanity = String.Empty;
            List<Term> terms = null;

            int forumId = 0;
            //if (InputContext.DoesParamExist("forumid", "forumid"))
            //{
            //    forumId = InputContext.GetParamIntOrZero("forumid", "forumid");
            //}

            bool forceModerate = false;
            profanityFound = false;
            nonAllowedURLsFound = false;
            emailAddressFound = false;

            ProfanityFilter.FilterState filterState = ProfanityFilter.CheckForProfanities(InputContext.CurrentSite.ModClassID, textToCheck, out matchedProfanity, out terms, forumId);

            if (filterState == ProfanityFilter.FilterState.FailBlock)
            {
                //represent the submission first time only
                //need to keep track of this
                profanityFound = true;
                //return immediately - these don't get submitted
                return;
            }
            else if (filterState == ProfanityFilter.FilterState.FailRefer)
            {
                forceModerate = true;
                profanityFound = true;
            }

            if (InputContext.GetSiteOptionValueBool("General", "IsURLFiltered") && !(InputContext.ViewingUser.IsEditor || InputContext.ViewingUser.IsNotable))
            {
                URLFilter URLFilter = new URLFilter(InputContext);
                List<string> nonAllowedURLs = new List<string>();
                URLFilter.FilterState URLFilterState = URLFilter.CheckForURLs(textToCheck, nonAllowedURLs);
                if (URLFilterState == URLFilter.FilterState.Fail)
                {
                    nonAllowedURLsFound = true;
                    //return immediately - these don't get submitted
                    return;
                }
            }

            //Filter for email addresses.
            if (InputContext.GetSiteOptionValueBool("Forum", "EmailAddressFilter") && !(InputContext.ViewingUser.IsEditor || InputContext.ViewingUser.IsNotable))
            {
                if (EmailAddressFilter.CheckForEmailAddresses(textToCheck))
                {
                    emailAddressFound = true;
                    //return immediately - these don't get submitted
                    return;
                }
            }

            //SuperUsers / Editors are not moderated.
            bool ignoreModeration = false;
            if (InputContext.ViewingUser.UserLoggedIn && (InputContext.ViewingUser.IsSuperUser || InputContext.ViewingUser.IsEditor))
            {
                ignoreModeration = true;
            }

            string hash = String.Empty;
            string hashString = subject + "<:>" + body + "<:>" + userID + "<:>" + journalID + "<:>" + postStyle + "<:>ToJournal";

            // Setup the stored procedure object
            using (IDnaDataReader reader = InputContext.CreateDnaDataReader("posttojournal"))
            {
                reader.AddParameter("userID", userID);
                reader.AddParameter("journal", journalID);
                reader.AddParameter("subject", subject);
                reader.AddParameter("nickname", userName);
                reader.AddParameter("content", body);
                reader.AddParameter("siteid", siteID);
                reader.AddParameter("poststyle", postStyle);
                reader.AddParameter("Hash", DnaHasher.GenerateHash(hashString));
                reader.AddParameter("forcemoderation", forceModerate);
                reader.AddParameter("ignoremoderation", ignoreModeration);
                reader.AddParameter("ipaddress", InputContext.IpAddress);
                reader.AddParameter("bbcuid", InputContext.BBCUid);
                // Now call the procedure
                reader.Execute();
            }
        }