-
Notifications
You must be signed in to change notification settings - Fork 0
/
LsRerAntiphishing.php
72 lines (61 loc) · 1.75 KB
/
LsRerAntiphishing.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<?php
class LsRerAntiphishing extends \LimeSurvey\PluginManager\PluginBase
{
static protected $name = 'Rer: Antiphishing';
static protected $description = 'Limesurvey plugin hardening against phishing';
/**
* Subscribe to Limesurvey Events
*
*/
public function init()
{
$this->subscribe('beforeEmail');
$this->subscribe('beforeTokenEmail');
}
/**
* Hooks to Events
*
*/
public function beforeEmail()
{
$this->_antiphishing();
}
public function beforeTokenEmail()
{
$this->_antiphishing();
}
/**
* The real thing
*
*/
private function _antiphishing()
{
$sBody = $this->event->get('body');
// Running HtmlPurifier only in case of htmlemail setting On
if ('Y' == Survey::model()->find('sid='.$this->event->get('survey'))->htmlemail)
{
$oPurifier = new \CHtmlPurifier();
$oPurifier->setOptions([
'Core.EscapeNonASCIICharacters' => true,
'AutoFormat.DisplayLinkURI' => true,
'CSS.AllowTricky' => false,
]);
$sBody = $oPurifier->purify($sBody);
$sBody = preg_replace('%<a>https?:\/\/.*<\/a>%', '',$sBody);
$this->log($sBody, 'debug');
$this->event->set('body', $sBody);
}
}
/**
* @inheritdoc
* Adding message to vardump if user activate debug mode
* Use default plugin log too
*/
public function log($message, $level = \CLogger::LEVEL_TRACE)
{
if(is_callable("parent::log")) {
parent::log($message, $level);
}
Yii::log("[".get_class($this)."] ".$message, $level, 'vardump');
}
} // end: class