modules/spam/spam.module

<?php
// $Id: spam.module,v 1.50 2005/03/09 13:00:19 jeremy Exp $

/***********  spam api ***********/

/**
 * Determine whether or not provided text is spam.
 *
 * @param $content
 *   An object containing the content to test as spam
 * @param $body
 *   A string that is the name of the text body within the content object
 * @param $header
 *   A string that is the name of the text header within the content object
 * @param $callback
 *   A function to call when we determine whether or not given content is spam
 * @action
 *   'insert' or 'update'
 * @old_value
 *   Only valid on updates, whether this content was previously considered spam
 *   (TRUE or FALSE)
 *
 * @return
 *   TRUE (spam) or FALSE (not spam)
 */
function spam_check($content, $body, $header, $callback = NULL, $action = NULL, $old_value = NULL) {
  $weight = spam_filter_open_relay();
  $weight += spam_custom_filter($content->$header .' '. $content->$body, $delete);
  $weight += spam_filter_urls($content->$header .' '. $content->$body);
  $tokens = spam_tokenize($content->$header, $header .'*');
  $tokens = array_merge($tokens, spam_tokenize($content->$body));
  $weight += spam_limit_urls($header, spam_count_urls());
  // invoke _spam hook, allow external modules to perform filter actions
  $updated = spam_invoke_spam_hook('check', $content->$header . ' '. $content->$body, $tokens, $header);
  if ($updated['weight']) {
    $weight += $updated['weight'];
  }
  $rating = _spam_rating($tokens, $weight);
  $spam = ($rating >= variable_get('spam_threshold', 80));
  if ($callback != NULL) {
    if ($action == 'insert') {
      $callback($content, $tokens, $spam, $rating, $action, $delete);
    }
    else if ($action == 'update') {
      $callback($content, $tokens, $spam, $rating, $action, $delete, $old_value);
    }
  }
  if ($spam)
    return TRUE;
  else
    return FALSE;
}

/***********  spam module drupal hooks ***********/

function spam_help($section) {
  switch ($section) {
    case 'admin/modules#description':
      $output = t('Bayesian filter to automatically handle spam.');
      break;
    case 'admin/comment/list/spam':
      $output = t('The following comments have been marked as spam.');
      break;
    case 'admin/node/spam':
      $output = t('The following posts have been marked as spam.');
      break;
    case 'admin/spam':
    case 'admin/spam/statistics':
      $output = t('<p>The spam module provides an automatic mechanism for detecting and dealing with unwanted spam.  It is able to filter comments and nodes.  Spam is content posted to your site that is unrelated to the current topic, usually either advertising a product or including links to an external website in the hopes of increasing that website\'s visibility in search engines.</p><p>Configure the spam module at '. l(t('administer &raquo; settings &raquo; spam'), 'admin/settings/spam') .'.  View all comment spam at '. l(t('administer &raquo comments &raquo; list &raquo spam'), 'admin/comment/list/spam') .'.  View all node spam at '. l(t('administer &raquo content &raquo; spam'), 'admin/node/spam') .'.</p>');
      break;
    case 'admin/spam/custom':
      $output = t('<p>Define words, phrases and regular expressions to be tested against new content on your site.  If your custom filter matches, you can cause this to increase or decrease the probability that the given content is spam.  For example, if a comment about "viagra" is completely out of place on your site you could create a custom filter such that any comment with the word "viagra" in it would always be marked as spam, no matter what the Bayesian filter rates it.</p>');
      break;
    case 'admin/spam/urls':
      $output = t('<p>They Bayesian filter automatically learns spammer domain names.  Any new comment or other content containing one of the domain names listed below will be automatically marked as spam.  For example, if "spam.com" is listed below, a new comment containing the text "http://spam.com/great/deals" will be marked as spam.  In addition to automatically learning spammer domains, you can also manually add known spammer domains below.</p><p>It is possible to instead block spammer domains by adding an appropriate "custom filter" at %custom, however the big advantage of "URL filters" is that they are automatically learned using Bayesian logic.', array('%custom' => l(t('administer &raquo spam &raquo customer filters'), 'admin/spam/custom')));
      break;
    case 'admin/help#spam':
      $output = t("
      <p><b>Overview</b><br />
      The spam module provides an automatic mechanism for detecting and dealing with unwanted spam.  It is able to filter comments and nodes.  Spam is content posted to your site that is unrelated to the current topic, usually either advertising a product or including links to an external website in the hopes of increasing that website's visibility in search engines.</p>
      <p>Spam is detected with Bayesian logic.  Essentially, all new content is broken into individual words.  These words are then looked up in a database table to check if we've seen them before.  If most of the words that we have seen before more often in spam content than non-spam conent, then there is a high probability that this new content is also spam.  If new content has a high enough probability of being spam, the module can take automatic action, such as unpublishing the content and notifying the website administrator.</p>
      <p>To begin, the module has no knowledge of what is spam and what is not spam.  Thus, it will assume that all new content is not spam.  When you get your first spam posting, you will need to click 'mark as spam' to teach the Bayesian filter that it made a mistake.  The content will then be broken into individual words, and the words will be stored in the database to be used for detecting future spam.  You will have to continue teaching the Bayesian filter with a couple hundred examples before it will begin to consistently detect spam automatically.</p>
      <p><b>Configuration</b><br />
      The spam module can be configured at ". l(t('administer &raquo; settings &raquo; spam'), 'admin/settings/spam') .".  By default, only comments will be filtered.  However, you are able to enable content filtering as well.  Each node type supported by your website will be listed on the spam configuration page, allowing you to for example filter forum posts but not stories.</p>
      <p>The next configuration section provides automatic actions for the module to take when it detects spam.  For example, if you wish for spam to be automatically unpublished when detected, click 'Automatically unpublish spam'.  If you wish to send a notification email to the site administrator, click 'Notify admin when spam detected'.</p>
      <p>The rest of the options are related to the Bayesian logic, and are best left in their default configurations, unless you feel very confident that you know what you're doing.</p>
      <p><b>Permissions</b><br />
      The spam module provides to permissions that can be configured at ". l(t('administer &raquo; user &raquo; configure &raquo; permissions'), 'admin/user/configure/permission') .".  The 'administer spam rating' permisison allows a user to see whether or not conent is rated as spam.  The 'administer spam rating' permissions allows a user to teach the Bayesian filter, providing links that say 'mark as spam', and 'mark as not spam'.</p>
      <p><b>Spam</b><br />
      The spam module adds links to any site content that is being filtered.  The links are only visible to users with the proper permissions (explained above).  Additionally, a complete listing of all spam comments on the website can be viewed at ". l(t('administer &raquo; comments &raquo; spam'), 'admin/comment/list/spam') .".  A complete listing of all spam posts can be viewed at ". l(t('administer &raquo content &raquo; spam'), 'admin/node/spam') ."</p>
      <p><b>Background</b><br />
      This module was inspired by my experiences with the <a href='http://spamassassin.apache.org/'>Spamassassin</a> mail filter.  For actual implementation, I referred to Paul Graham's excellent papers, <a href='http://www.paulgraham.com/spam.html'>A Plan For Spam</a> and <a href='http://www.paulgraham.com/better.html'>Better Bayesian Filtering</a>.  Further enhancements and ideas were also inspired by Bill Yerazunis' <a href='http://crm114.sourceforge.net/'>CRM114</a>, especially his paper 'The Spam-Filtering Accuracy Plateau at 99.9% Accuracy'.</p>
");
  }
  return $output;
}

/* This modules defines three permissions:
 *  access spam rating - allows admin to see content's current spam status
 *  administer spam rating - allows admin to edit content's current spam status
 *  bypass spam filter - a role with this permission can submit content without
 *                       being filtered for spam
 */
function spam_perm() {
  return array('access spam rating', 'administer spam rating', 'bypass spam filter');
}

function spam_cron() {
  if (variable_get('spam_calculate_probabilities', 1)) {
    spam_calculate_probabilities();
  }
}

/* logic to detect spam comments */
function spam_comment($action, $comment) {
  global $base_url;
  if (user_access('bypass spam filter')) return;
  $comment = array2object($comment);
  // also scan anonymous user names and links
  $comment->comment .= ' '. $comment->name .' '. $comment->mail .' '. $comment->homepage;
  switch ($action) {
    case 'insert':
      spam_check($comment, 'comment', 'subject', 'spam_comment_actions', $action);
      break;
    case 'update':
      $old = db_fetch_object(db_query('SELECT * FROM {spam_comments} WHERE cid = %d', $comment->cid));
      spam_check($comment, 'comment', 'subject', 'spam_comment_actions', $action, $old->spam);
      break;
    case 'delete':
      // this hook doesn't actually exist (in Drupal 4.4), leaving for future
      db_query('DELETE FROM {spam_comments} WHERE cid = %d', $comment->cid);
      break;
  }
}

/* logic to detect spam nodes */
function spam_nodeapi(&$node, $op, $arg = 0) {
  if (user_access('bypass spam filter')) return;
  switch ($op) {
    case 'insert':
      if (variable_get("spam_filter_$node->type", 0)) {
        spam_check($node, 'body', 'header', 'spam_node_actions', $op);
      }
      break;
    case 'update':
      // check if spam status of node has changed
      if (variable_get("spam_filter_$node->type", 0)) {
        $old = db_fetch_object(db_query('SELECT * FROM {spam_nodes} WHERE nid = %d', $node->nid));
        spam_check($node, 'body', 'header', 'spam_node_actions', $op, $old->spam);
      }
      break;
    case 'delete':
      db_query('DELETE FROM {spam_nodes} WHERE nid = %d', $node->nid);
      break;
  }
}

function spam_filter_open_relay() {
  // inspired by http://weblog.sinteur.com/index.php?p=7967
  $weight = 0;
  if (variable_get('spam_filter_open_relay', 0)) {
    list($a, $b, $c, $d) = split('.', $_SERVER['REMOTE_ADDR']);
    if(checkdnsrr("$d.$c.$b.$a.list.dsbl.org")) {
      // this comment was submitted from an open relay, most probably spam
      _count(array("+blocked_open_relay"));
      $weight = $interesting * 200;
    }
  }
  return $weight;
}

function spam_filter_urls($text) {
  if (variable_get('spam_filter_urls', 1)) {
    $interesting = variable_get('spam_interesting_tokens', 15);
    $weight = 0;
    $result = db_query("SELECT token FROM {spam_tokens} WHERE probability > %d AND token LIKE 'URL*%%'", variable_get('spam_threshold', 80));
    while ($url = db_fetch_object($result)) {
      $url = preg_replace('/^URL\*/', '', $url->token);
      $match = preg_match_all("!$url!", $text, $matches);
      if ($match) {
        _count(array("+matched_spam_url"));
        $weight = $weight + ($match * $interesting * 200);
      }
    }
  }
  return $weight;
}

function spam_settings() {
  // general configuration
  $group = form_checkbox(t('Filter comments'), 'spam_filter_comments', 1, variable_get('spam_filter_comments', 1), t('If checked, the spam module will check all new comments that are posted to this site and attempt to determine whether or not they are spam.  If only trusted users are able to post comments, there is no need to enable this option.'));
  $node_types = node_list();
  foreach ($node_types as $type) {
    $group .= form_checkbox(t("Filter $type content"), "spam_filter_$type", 1, variable_get("spam_filter_$type", 0), t("If checked, the spam module will check all new $type content that is posted to this site and attempt to determine whether or not it is spam.  If only trusted users are able to post $type content, there is no need to enable this option."));
  }
  $group .= form_checkbox(t('Filter open relays'), 'spam_filter_open_relay', 1, variable_get('spam_filter_open_relay', 0), t('If checked, the spam module will mark as spam all new or updated comments or content that are being posted from an IP address that is a known open email relay.  The determination of whether or not an IP address is an open relay or otherwise commonly used to generate spam is done with the <a href="http://dsbl.org/">Distributed Server Boycott List</a>.  Note that if using custom filters, matching on a "never spam" rule or multiple "usually not spam" rules can permit postings even from open relays.'));
  $group .= form_checkbox(t('Filter spammer URLs'), 'spam_filter_urls', 1, variable_get('spam_filter_urls', 1), t('If checked, the spam module will pay special attention to any URLs that are embedded within comments and other content.  When URLs that were found within known spam are found in new comments and other new content, the new content is automatically considered to be spam.  When this option is enabled, a single spam URL found within an otherwise spam-free comment or other content will cause the filter to mark the new content as spam.'));
  // invoke _spam hook, allow external modules to define filter types
  $updated = spam_invoke_spam_hook('filter_settings');
  if ($updated['group']) {
    $group .= $updated['group'];
  }
  $output = form_group ('Filter', $group);

  // limits
  $group = form_select(t('Total URLs per comment'), 'spam_comment_total_urls', variable_get('spam_comment_total_urls', 0), array(0 => 'disabled', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '15', '20'), t('Specificy the maximum number of URLs that are allowed in a single comment before the comment is considered to be spam.  For example, if you select 5 from the pop down menu, and then a comment has 6 weblinks, the comment will be marked as spam.  This option will only take affect if you enable comment filtering above.'));
  $group .= form_select(t('Repeated URLs per comment'), 'spam_comment_repeat_urls', variable_get('spam_comment_repeat_urls', 0), array(0 => 'disabled', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '15', '20'), t('Specificy the maximum number of times that the same URL  is allowed to appear in one single comment before the comment is considered to be spam.  For example, if you select 5 from the pop down menu, and then a comment has 6 weblinks to the same exact location, the comment will be marked as spam.  (The entire url is used, so "http://kerneltrap.org/journals/hacker" would be considered different than "http://kerneltrap.org/journals".)  This option will only take affect if you enable comment filtering above.'));
  $group .= form_select(t('Total URLs per post'), 'spam_content_total_urls', variable_get('spam_content_total_urls', 0), array(0 => 'disabled', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '15', '20'), t('Specificy the maximum number of URLs that are allowed in a single post before the post is considered to be spam.  For example, if you select 5 from the pop down menu, and then a post has 6 weblinks, the post will be marked as spam.  Posts are content other than comments, such as story content and page content.  This option will only take affect if you enable content filtering above.'));
  $group .= form_select(t('Repeated URLs per post'), 'spam_content_repeat_urls', variable_get('spam_content_repeat_urls', 0), array(0 => 'disabled', '1', '2', '3', '4', '5', '6', '7', '8', '9', '10', '15', '20'), t('Specificy the maximum number of times that the same URL  is allowed to appear in one single post before the post is considered to be spam.  For example, if you select 5 from the pop down menu, and then a post has 6 weblinks to the same exact location, the post will be marked as spam.  (The entire url is used, so "http://kerneltrap.org/journals/hacker" would be considered different than "http://kerneltrap.org/journals".)  This option will only take affect if you enable content filtering above.'));
  // invoke _spam hook, allow external modules to define url_count limits
  $updated = spam_invoke_spam_hook('url_count_settings');
  if ($updated['group']) {
    $group .= $updated['group'];
  }

  $output .= form_group ('Limits', $group);

  // actions
  $group = form_checkbox(t('Automatically unpublish spam'), 'spam_unpublish', 1, variable_get('spam_unpublish', 0), t('Automatically unpublish spam content.  This will prevent it from being displayed unless an administrator manually publishes it or marks the content as being not spam.'));
  $group .= form_checkbox(t('Notify admin when spam detected'), 'spam_notify_admin', 1, variable_get('spam_notify_admin', 0), t('Send an email to the site administrator when the Bayesian filter detectes spam content.'));
  // invoke _spam hook, allow external modules to define actions
  $updated = spam_invoke_spam_hook('action_settings');
  if ($updated['group']) {
    $group .= $updated['group'];
  }
  $output .= form_group('Actions', $group);

  // advanced configuration options
  $group = form_checkbox(t('Advanced configuration'), 'spam_advanced_configuration', 1, variable_get('spam_advanced_configuration', 0), t('Enable the advanced configuration options allowing you to fine tune the Bayesion filter.'));
  if (variable_get('spam_advanced_configuration', 0)) {
    // developer tools
    $inner_group = form_checkbox(t('Display spam rating'), 'spam_display_rating', 1, variable_get('spam_display_rating', 0), t('If enabled, the probability that a given piece of content is spam will be displayed next to the content.  Useful when configuring your bayesian filter.'));
    $inner_group .= form_checkbox(t('Collect statistics'), 'spam_statistics', 1, variable_get('spam_statistics', 1), t('Measure the effectiveness of the Bayesian filter.  There is some performance overhead caused by enabling this option.'));
    $inner_output = form_group('Tools', $inner_group);

    // bayesion filter configuration
    $inner_group = form_select(t('Threshold'), 'spam_threshold', variable_get('spam_threshold', 80), array(10 => 10, 20 => 20, 30 => 30, 40 => 40, 50 => 50, 60 => 60, 70 => 70, 80 => 80, 90 => 90), t('After content is passed through the bayesian filter, we get back a value from 1 to 99.  1 means that there is a 1% chance this content is spam.  99 means that there is a 99% chance this content is spam.  The threshold defines at what probability we require content to be before labeling it as spam.  It is best to keep this value high to minimize false positives.'));
    $inner_group .= form_select(t('Assign unknown token probability'), 'spam_unknown_probability', variable_get('spam_unknown_probability', 40), array(10 => 10, 20 => 20, 30 => 30, 40 => 40, 50 => 50, 60 => 60, 70 => 70, 80 => 80, 90 => 90), t('To caculate whether or not given content is spam we look at each word and based on how often the words has been speen in spam content versus non-spam content.  If we\'ve never seen the word before, we arbitrarily assign this value to it.  The lower the value, the more you trust new content will not be spam.'));
    $inner_group .= form_select(t('Examine how many words'), 'spam_interesting_tokens', variable_get('spam_interesting_tokens', 15), array(5 => 5, 10 => 10, 15 => 15, 25 => 25, 35 => 35, 50 => 50, 75 => 75, 100 => 100), t('When determining if content is spam or not we only pass a finite number of the "most interesting" words into the Bayesian filter.  The more spam-like or non-spam-like the word, the "more interesting".  That is, a word that has a 50% chance of being spam is "least interesting", whereas words that have 1% chance of being spam or 99% chance of being spam are "most interesting".'));
    $inner_group .= form_select(t('Training method'), 'spam_train_method', variable_get('spam_train_method', 0), array('TOE (Train On Error)', 'TEFT (Train Everything)'), t('TOE, or Train on Error, means that the bayesian filter will only learn new words when it is told that it mislabeled content.  TEFT, or Train Everything means that the Bayesian filter will automatically learn from every piece of content it sees.  TOE is recommended as it tends to be more accurate, avoiding artificial predjudices often introduced by TEFT.'));
    $inner_group .= form_select(t('Probability calculation method'), 'spam_waited_probability', variable_get('spam_waited_probability', 1), array(0 => 'simple', 1 => 'weighted'), t('Choosing the "simple" method will calculate the probability that each token is spam by dividing the number of times the token has been seen in spam content by the number of times the token has been seen in all content.  Choosing the "weighted" method will use a different algorithm that is quicker to consider a word as more likely to be spam or non-spam.'));
    $inner_output .= form_group('Bayesian logic (advanced)', $inner_group);
    $group .= $inner_output;
  }
  $output .= form_group('Advanced configuration', $group);
  
  return $output;
}

function spam_link($type, $node = 0, $main = 0) {
  $links = array();
  if ($type == 'comment') {
    if ($spam = theme('spam_link', $node, 'comment')) {
      $links[] = $spam;
    }
  }
  if ($type == 'node') {
    if ($spam = theme('spam_link', $node, 'node')) {
      $links[] = $spam;
    }
  }

  return ($links);
}

function spam_menu($may_cache) {
  $items = array();
  if ($may_cache) {
    $items[] = array('path' => 'admin/comment/list/spam', 'title' => t('spam'),
      'access' => user_access('administer spam rating'), 
      'callback' => 'spam_admin', 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/node/spam', 'title' => t('spam'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/spam', 'title' => t('spam'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin');
    $items[] = array('path' => 'admin/spam/statistics',
      'title' => t('statistics'), 'weight' => -1,
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/spam/custom',
      'title' => t('custom filters'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/spam/urls',
      'title' => t('URL filters'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_LOCAL_TASK);

    $items[] = array('path' => 'admin/spam/comment', 'title' => t('comment'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'admin/spam/node', 'title' => t('node'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'admin/spam/rebuild', 'title' => t('rebuild'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_admin', 'type' => MENU_HIDE);
    $items[] = array('path' => 'spam', 'title' => t('spam'),
      'access' => user_access('administer spam rating'),
      'callback' => 'spam_page', 'type' => MENU_CALLBACK);
  }
  return $items;
}

function spam_admin_comment_overview() {
  drupal_set_title(t('Spam comments'));

  $operations = array(
    array(t('Mark the selected comments as not spam'), 'spam_admin_mark_comment_notspam'),
    array(t('Unpublish the selected comments'), 'spam_admin_unpublish_comment'),
    array(t('Publish the selected comments'), 'spam_admin_publish_comment'),
    array(t('Delete the selected comments (no confirmation)'), 'spam_admin_delete_comment')
  );

  $op = $_POST['op'];

  if ($op == t('Update comments') && isset($_POST['edit']['operation']) && isset($_POST['edit']['status'])) {
    $function = $operations[$_POST['edit']['operation']][1];
    foreach ($_POST['edit']['status'] as $cid => $value) {
      if ($value) {
        $function(spam_load_comment(($cid)));
      }
    }

    drupal_set_message(t('the update has been performed.'));
  }

  $header = array(
    array('data' => t('select')),
    array('data' => t('subject'), 'field' => 'subject'),
    array('data' => t('author'), 'field' => 'u.name'),
    array('data' => t('hostname'), 'field' => 'c.hostname'),
    array('data' => t('status'), 'field' => 'status'),
    array('data' => t('time'), 'field' => 'c.timestamp', 'sort' => 'desc'),
    array('data' => t('operations'), 'colspan' => 2)
  );

  $sql = "SELECT c.*, s.cid, s.spam FROM {spam_comments} s, {comments} c WHERE s.cid = c.cid AND s.spam = 1";
  $sql .= tablesort_sql($header);
  $result = pager_query($sql,  50);

  // Make sure the update controls are disabled if we don't have any rows 
  // to select from.
  $disabled = !db_num_rows($result);

  $options = array();
  foreach ($operations as $key => $value) {
    $options[] = $value[0];
  }

  $form = form_select(NULL, 'operation', 0, $options, NULL, ($disabled ? 'disabled="disabled"' : ''));
  $form .= form_submit(t('Update comments'), 'op', ($disabled ? array('disabled' => 'disabled') : array()));

  $output .= '<h3>'. t('Update options') .'</h3>';
  $output .= "<div class=\"container-inline\">$form</div>";

  while ($comment = db_fetch_object($result)) {
    $rows[] = array(form_checkbox(NULL, "status][$comment->cid", 1, 0), l($comment->subject, "node/$comment->nid", array('title' => htmlspecialchars(substr($comment->comment, 0, 128))), NULL, "comment-$comment->cid") .' '. (node_last_viewed($comment->nid) < $comment->timestamp ? theme('mark') : ''), format_name($comment), $comment->hostname, ($comment->status == 0 ? t('published') : t('not published')) .'</td><td>'. format_date($comment->timestamp, 'small'), l(t('edit'), "admin/comment/edit/$comment->cid"), l(t('delete'), "admin/comment/delete/$comment->cid"));
  }

  if ($pager = theme('pager', NULL, 50, 0, tablesort_pager())) {
    $rows[] = array(array('data' => $pager, 'colspan' => 6));
  }

  $output .= theme('table', $header, $rows);
  return form($output);
}

function spam_admin_node_overview() {
  drupal_set_title(t('Spam nodes'));

  $operations = array(
    array(t('Mark the selected posts as not spam'), 'spam_admin_mark_node_notspam'),
    array(t('Unpublish the selected posts'), 'spam_admin_unpublish_node'),
    array(t('Publish the selected posts'), 'spam_admin_publish_node'),
    array(t('Delete the selected posts (no confirmation)'), 'spam_admin_delete_node')
  );

  $op = $_POST['op'];

  if ($op == t('Update nodes') && isset($_POST['edit']['operation']) && isset($_POST['edit']['status'])) {
    $function = $operations[$_POST['edit']['operation']][1];
    foreach ($_POST['edit']['status'] as $nid => $value) {
      if ($value) {
        $function(node_load(array('nid' => $nid)));
      }
    }

    drupal_set_message(t('the update has been performed.'));
  }

  $header = array(
    array('data' => t('select')),
    array('data' => t('title'), 'field' => 'title'),
    array('data' => t('type'), 'field' => 'type'),
    array('data' => t('author'), 'field' => 'u.name'),
    array('data' => t('hostname'), 'field' => 'hostname'),
    array('data' => t('status'), 'field' => 'status'),
    array('data' => t('time'), 'field' => 'n.changed', 'sort' => 'desc'),
    array('data' => t('operations'), 'colspan' => 3)
  );
  $sql = 'SELECT n.*, u.name, u.uid, s.nid, s.spam, s.hostname FROM {spam_nodes} s, {node} n, {users} u WHERE n.uid = u.uid AND s.nid = n.nid AND s.spam = 1';
  $sql .= tablesort_sql($header);
  $result = pager_query($sql,  50);

  // Make sure the update controls are disabled if we don't have any rows 
  // to select from.
  $disabled = !db_num_rows($result);

  $options = array();
  foreach ($operations as $key => $value) {
    $options[] = $value[0];
  }

  $form = form_select(NULL, 'operation', 0, $options, NULL, ($disabled ? 'disabled="disabled"' : ''));
  $form .= form_submit(t('Update nodes'), 'op', ($disabled ? array('disabled' => 'disabled') : array()));

  $output .= '<h3>'. t('Update options') .'</h3>';
  $output .= "<div class=\"container-inline\">$form</div>";

  // Overview table:
  while ($node = db_fetch_object($result)) {
    $rows[] = array(form_checkbox(NULL, "status][$node->nid", 1, 0), l($node->title, "node/$node->nid") .' '. (node_last_viewed($node->nid) < $node->changed ? theme_mark() : ''), node_invoke($node, 'node_name'), format_name($node), $node->hostname, ($node->status ? t('published') : t('not published')), format_date($node->changed, 'small'), l(t('edit node'), "node/$node->nid/edit"), l(t('delete node'), "admin/node/delete/$node->nid"));
  }

  if ($pager = theme('pager', NULL, 50, 0)) {
    $rows[] = array(array('data' => $pager, 'colspan' => 7));
  }

  $output .= theme('table', $header, $rows);
  return form($output);
}

function spam_admin_statistics() {
  // TODO: cleanup this page:
  //  - get rid of hard-coded html
  //  - reveal more of the statistics, where possible
  //  - cleanup logic to determine accuracy
  $stats = spam_get_statistics();

  // overview
  $output = '<p><b>'. t('Overview') .':</b><br />';
  if (variable_get('spam_statistics', 1)) {
    if ($stats['spam']->value > 0) {
      $output .= t('Spam comments and content: %total<br />', array('%total' => (int)$stats['spam']->value));
      $output .= t('Last spam posted: %time on %date<br />', array('%time' => format_date((int)$stats['spam']->last, 'custom', 'g:i a'), '%date' => format_date((int)$stats['spam']->last, 'custom', 'l, F j, Y')));
      // TODO: fix rebuild logic
      //$output .= '  <small>['. l(t('rebuild filter'), 'admin/spam/rebuild/all') .']</small>';
    }

    // comments
    $output .= '</p><p><b>'. t('Spam comments') .':</b><br />';
    if ($stats['spam_comment']->value > 0) {
      $output .= t('Spam comments: %total<br />', array('%total' => (int)$stats['spam_comment']->value));
      $output .= t('Last spam comment posted: %time on %date<br />', array('%time' => format_date((int)$stats['spam_comment']->last, 'custom', 'g:i a'), '%date' => format_date((int)$stats['spam_comment']->last, 'custom', 'l, F j, Y')));
      $output .= t('Deleted spam comments: %total (%auto automatically)<br />', array('%total' => (int)$stats['delete_comment']->value, '%auto' => (int)$stats['auto_delete_comment']->value));
      $output .= '  <small>['. l(t('view undeleted comment spam'), 'admin/comment/list/spam') .']</small>';
    }
    else {
      $output .= t('This site has not had any spam comment postings.');
    }

    // content (nodes)
    $output .= '</p><p><b>'. t('Spam content') .':</b><br />';
    $total = 0;
    $node_types = node_list();
    foreach ($node_types as $type) {
      $spam["$type"] = $stats["spam_$type"]->value;
      $total = $total + $stats["spam_$type"]->value;
    }
    if ($total) {
      $types = array();
      foreach ($spam as $type => $num) {
        if ($num) {
	  $output .= t('');
          $types[] = t('%num spam %type %posting', array('%num' => (int)$num, '%type' => $type, '%posting' => format_plural($num, 'posting', 'postings')));
          $last[] = t('  The last spam %type posting was at %time on %date.', array('%type' => $type, '%time' => format_date($stats["spam_$type"]->last, 'custom', 'g:i a'), '%date' => format_date($stats["spam_$type"]->last, 'custom', 'l, F j, Y')));
        }
      }
      $n = count($types);
      if ($n == 1) {
        $spam_types = $types[0];
      }
      else {
        for ($i = 0; $i < ($n - 1); $i++) {
          $spam_types .= $types[$i] .', ';
        }
        $spam_types .= 'and '. $types[$n-1];
      }
      $output .= t('This site has had a combined total of %spam_content spam node %posting in the form of %spam_types.', array('%spam_content' => (int)$total, '%spam_types' => $spam_types, '%posting' => format_plural($total, 'posting', 'postings')));
      foreach ($last as $l) {
        $output .= $l;
      }
      $output .= '  <small>['. l(t('view content spam'), 'admin/node/spam') .']</small>';
    }
    else {
      $output .= t('This site has not had any content spam.');
    }
  }
  else {
    $output .= t('This module is currently configured to not collect statistics.');
  }
  $output .= '</p>';
  return $output;
}

function spam_get_statistics() {
  $spam_statistics = array();

  $result = db_query('SELECT name, value, last FROM {spam_statistics}');
  while ($statistic = db_fetch_object($result)) {
    $spam_statistics["$statistic->name"] = $statistic;
  }

  return ($spam_statistics);
}

function spam_admin_urls($edit = array()) {

  if (variable_get('spam_filter_urls', 1) == 0) {
    $group = t('The URL filtering functionality provided by this module is currently disabled.  You can configure URL filters below, but they will not function until you check "Filter spammer URLs" at %url.', array('%url' => l(t('administer &raquo; settings &raquo spam'), 'admin/settings/spam')));
    $output = form_group(t('Notice'), $group);
  }

  if (!empty($edit)) {
    $edit['url'] = preg_replace('/^URL\*/', '', $edit['token']);
  }

  $header = array(
    array('data' => t('domain'), 'field' => 'token', 'sort' => 'asc'),
    array('data' => t('spam matches'), 'field' => 'spam'),
    array('data' => t('not spam matches'), 'field' => 'notspam'),
    array('data' => t('spam probability'), 'field' => 'probability'),
    array('data' => t('last match'), 'field' => 'last'),
    array('data' => t('operations'), 'colspan' => 2)
  );

  $sql = 'SELECT * FROM {spam_tokens} WHERE probability > '. variable_get('spam_threshold', 80) ." AND token LIKE 'URL%%'";
  $sql .= tablesort_sql($header);
  $result = pager_query($sql,  25);

  while ($url = db_fetch_object($result)) {
    $rows[] = array(
      $url->url = htmlspecialchars(preg_replace('/^URL\*/', '', $url->token)),
      $url->spam,
      $url->notspam,
      $url->probability .'%',
      format_date($url->last, 'small'),
      l(t('edit'), htmlspecialchars("admin/spam/urls/$url->url/edit")),
      l(t('delete'), htmlspecialchars("admin/spam/urls/$url->url/delete"))
    );
   }

  if ($pager = theme('pager', NULL, 25, 0, tablesort_pager())) {
    $rows[] = array(array('data' => $pager, 'colspan' => 6));
  }

  $group = theme('table', $header, $rows);
  $output .= form_group(t('URL filters'), $group);

  $group = form_textfield(t('Domain'), 'url', $edit['url'], 45, 255, t('Enter a domain name that if found in new site content will cause the content to be marked  as spam.  For example if you enter "spam.com" as a domain name, a comment containing the URL "http://spam.com/stuff/for/sale" will be automatically marked as spam.'));
  if (empty($edit['url'])) {
    $group .= form_submit(t('Add URL filter'));
    $output .= form_group(t('Add new URL filter'), $group);
  }
  else {
    $group .= form_submit(t('Edit URL filter'));
    $group .= form_hidden('token', $edit['token']);
    $output .= form_group(t('Edit URL filter'), $group);
  }

  return form($output, 'post', url('admin/spam/urls'));
}

function _spam_load_urls($url, $type = 'object') {
  $result = db_query("SELECT * FROM {spam_tokens} WHERE token = 'URL*%s'", $url);
  if ($type == 'object') {
    $url = db_fetch_object($result);
  }
  else {
    $url = db_fetch_array($result);
  }
  return $url;
}

function spam_admin_urls_edit($edit = array(), $action = 'add') {
  if (!empty($edit['url'])) {
    if ($action == 'edit') {
      db_query("UPDATE {spam_tokens} SET token = 'URL*%s' WHERE token = '%s'", $edit['url'], $edit['token']);
      drupal_set_message(t('URL filter "%filter" updated.', array('%filter' => htmlspecialchars($edit['url']))));
    }
    else {  // add
      $duplicate = db_fetch_object(db_query("SELECT token FROM {spam_tokens} WHERE token = 'URL*%s'", $edit['url']));
      // there's no reason to allow duplicate filters
      if ($duplicate->token) {
        drupal_set_message(t('URL filter "%filter" already exists.', array('%filter' => htmlspecialchars($edit['url']))), 'error');
      }
      else {
        db_query("INSERT INTO {spam_tokens} (token, probability) VALUES('URL*%s', %d)", $edit['url'], 99);
        drupal_set_message(t('URL filter "%filter" added.', array('%filter' => htmlspecialchars($edit['url']))));
      }
    }
  }
}

function spam_admin_urls_delete_confirm($edit = array()) {
  $edit['url'] = preg_replace('/^URL\*/', '', $edit['token']);
  $group = t('Are you sure you want to delete the "%filter" URL filter?', array('%filter' => htmlspecialchars($edit['url']))) .'<br />';
  $group .= form_hidden('token', $edit['token']);
  $group .= form_submit(t('Delete URL filter'));
  $output = form_group('Confirm URL filter deletion', $group);
  return form($output, 'post', url('admin/spam/urls'));
}

function spam_admin_urls_delete($edit) {
  db_query("DELETE FROM {spam_tokens} WHERE token = '%s'", $edit['token']);
  drupal_set_message(t('URL filter deleted.'));
}

function spam_admin_custom_scan_comments($filter, $cid) {
  $operations = array(
    array(t('Mark the selected comments as spam'), 'spam_admin_mark_comment_spam'),
    array(t('Mark the selected comments as not spam'), 'spam_admin_mark_comment_notspam'),
    array(t('Unpublish the selected comments'), 'spam_admin_unpublish_comment'),
    array(t('Publish the selected comments'), 'spam_admin_publish_comment'),
    array(t('Delete the selected comments (no confirmation)'), 'spam_admin_delete_comment')
  );
  $op = $_POST['op'];

  if ($op == t('Update scanned comments') && isset($_POST['edit']['operation']) && isset($_POST['edit']['status'])) {
    $function = $operations[$_POST['edit']['operation']][1];
    foreach ($_POST['edit']['status'] as $cid => $value) {
      if ($value) {
        $function(spam_load_comment(($cid)));
      }
    }

    drupal_set_message(t('the update has been performed.'));
  }

  $options = array();
  foreach ($operations as $key => $value) {
    $options[] = $value[0];
  }

  $rows = array();
  $header = array(
    array('data' => ' '),
    array('data' => t('rating'), 'field' => 'spam', 'sort' => 'asc'),
    array('data' => t('status'), 'field' => 'status'),
    array('data' => t('subject'), 'field' => 'subject'),
    array('data' => t('comment'), 'field' => 'comment'),
    array('data' => t('operations'), 'colspan' => 2)
  );
  if ($filter->regex) {
    // try and convert perl regex to MySQL regex
    $boundary = substr($filter->filter, 0, 1);
    $contents = "/\\$boundary(.*)\\$boundary/";
    preg_match($contents, $filter->filter, $regex);
    // TODO: find out if posgresql supports regex?
    $sql = "SELECT c.cid, c.status, c.nid, c.subject, c.comment, s.spam FROM {comments} c LEFT JOIN {spam_comments} s ON c.cid = s.cid WHERE subject REGEXP '". $regex[1] ."' OR comment REGEXP '". $regex[1] ."' OR name REGEXP '". $regex[1] ."' OR mail REGEXP '". $regex[1] ."' OR homepage REGEXP '". $regex[1] ."'";
  }
  else {
    $sql = "SELECT c.cid, c.nid, c.status, c.subject, c.comment, s.spam FROM {comments} c LEFT JOIN {spam_comments} s ON c.cid = s.cid WHERE subject LIKE '%%". $filter->filter ."%%' OR comment LIKE '%%". $filter->filter ."%%' OR name LIKE '%%". $filter->filter ."%%' OR mail LIKE '%%". $filter->filter ."%%' OR homepage LIKE '%%". $filter->filter ."%%'";
  }
  $sql .= tablesort_sql($header);
  $result = pager_query($sql, 10);

  while ($comment = db_fetch_object($result)) {
    $rows[] = array(
      form_checkbox(NULL, "status][$comment->cid", 1, 0),
      $comment->spam ? t('spam') : t('not spam'),
      $comment->status == 0 ? t('published') : t('not published'),
      strlen($comment->subject) > 128 ? htmlspecialchars(substr($comment->subject, 0, 128)). t('...') : htmlspecialchars($comment->subject),
      strlen($comment->comment) > 256 ? htmlspecialchars(substr($comment->comment, 0, 256)). t('...') : htmlspecialchars($comment->comment),
      l(t('view'), "node/$comment->nid#comment-$comment->cid"),
      $comment->spam ? l(t('mark as not spam'), "spam/comment/$comment->cid/notspam") : l(t('mark as spam'), "spam/comment/$comment->cid/spam")
    );
  }
    
  if ($pager = theme('pager', NULL, 10, 0, tablesort_pager())) {
    $rows[] = array(array('data' => $pager, 'colspan' => 6));
  }

  $disabled = !db_num_rows($result);
  $form = form_select(NULL, 'operation', 0, $options, NULL, ($disabled ? 'disabled="disabled"' : ''));
  $form .= form_submit(t('Update scanned comments'), 'op', ($disabled ? array('disabled' => 'disabled') : array()));
  $form .= form_hidden('scan', $filter->scid);

  $output = '<h3>'. t('Scan result options') .'</h3>';
  $output .= "<div class=\"container-inline\">$form</div>";

  if ($disabled) {
    $output .= '<p>'. t('No matching comments.') .'</p>';
  }
  else {
    $group = theme('table', $header, $rows);
    $output .= form_group(t('Matching comments'), $group);
  }

  return form($output);
}

// TODO:
/*
 * function spam_admin_custom_scan_content($filter, $nid) {
 * } 
 */

function spam_admin_custom($edit = array()) {

  $header = array(
    array('data' => t('filter'), 'field' => 'filter', 'sort' => 'asc'),
    array('data' => t('type'), 'field' => 'regex'),
    array('data' => t('effect'), 'field' => 'effect'),
    array('data' => t('delete'), 'field' => 'autodelete'),
    array('data' => t('matches'), 'field' => 'matches'),
    array('data' => t('last match'), 'field' => 'last'),
    array('data' => t('operations'), 'colspan' => 3)
  );

  $sql = 'SELECT * FROM {spam_custom}';
  $sql .= tablesort_sql($header);
  $result = pager_query($sql,  25);

  $effects = array(t('always spam'), t('usually spam'), t('usually not spam'), t('never spam'));

  while ($custom = db_fetch_object($result)) {
    $rows[] = array(
      htmlspecialchars($custom->filter),
      $custom->regex ? t('regex') : t('plain text'),
      $effects["$custom->effect"],
      $custom->autodelete ? t('enabled') : t('disabled'),
      $custom->matches,
      format_date($custom->last, 'small'),
      l(t('scan'), "admin/spam/custom/$custom->scid/scan#scan-results"),
      l(t('edit'), "admin/spam/custom/$custom->scid/edit#edit-filter"),
      l(t('delete'), "admin/spam/custom/$custom->scid/delete")
    );
   }

  if ($pager = theme('pager', NULL, 25, 0, tablesort_pager())) {
    $rows[] = array(array('data' => $pager, 'colspan' => 7));
  }

  $group = theme('table', $header, $rows);
  $output = form_group(t('Custom filters'), $group);

  if ((($id = (int)arg(3)) && (arg(4) == 'scan')) ||
      ($id = $edit['scan'])) {
    $output .= '<a name="scan-results"></a>';
    $filter = db_fetch_object(db_query("SELECT scid,filter,regex FROM {spam_custom} WHERE scid = %d", $id));
    $output .= spam_admin_custom_scan_comments($filter, $id);
  }
  else {
    $group = '<a name="edit-filter"></a>';
    $group .= form_textfield(t('Custom filter'), 'filter', $edit['filter'], 45, 255, t('Enter a custom filter string.  You can enter a word, a phrase, or a complete regular expression.  All new content that is being scanned for spam will also be tested against your custom filters.'));
    $group .= form_checkbox(t('Regular expression'), 'regex', 1, $edit['regex'], t('Check this box if the above custom filter should be treated as a regular expression.  This module uses <a href="http://www.php.net/manual/en/ref.pcre.php">Perl-compatible regular expressions</a>.  As a simple example to do a case-insensitve match on the word "viagra", you would enter (without the quotes) "<code>/viagra/i</code>".'));
    $group .= form_select(t('Match effect'), 'effect', $edit['effect'], array(t('always spam'), t('usually spam'), t('usually not spam'), t('never spam')), t('Define the effect when your custom filter matches on new content.  If your filter defines "always spam", this increases the chances the new content will be marked spam by 200%. If your filter defines "usually spam", this increases the chances the new content will be marked spam by 50%.  If your filter defines "usually not spam", this decreases the chances the new content will be marked spam by 50%.  And if your filter defines "never spam", this decreases the chances the new content will be marked spam by 200%.  Note that it is possible to match both an "always spam" and a "never spam" filter with the same content, and that then the filters will cancel each other out.  Additionally, four "usually not spam" matches will cancel out one "always spam" match.'));
    $group .= form_checkbox(t('Automatically delete spam'), 'autodelete', 1, $edit['autodelete'], t('Checking this box will cause any new content that matches this filter and ultimately is determined to be spam to be automatically (and silently) deleted.  It is not recommended that you enable this option unless you are fully confident that it will never match non-spam content.'));
    if (empty($edit['filter'])) {
      $group .= form_submit(t('Add filter'));
      $output .= form_group(t('Add new custom filter'), $group);
    }
    else {
      $group .= form_hidden('scid', $edit['scid']);
      $group .= form_submit(t('Edit filter'));
      $output .= form_group(t('Edit custom filter'), $group);
    }
  }

  return form($output, 'post', url('admin/spam/custom'));
}

function spam_admin_custom_add($edit = array()) {
  if (!empty($edit['filter'])) {
    // validate if regex
    if ($edit['regex'] && preg_match($edit['filter'], 'test') === FALSE) {
      /* failed regex validation is a critical error and things break, so we
      ** just echo an error and exit.  (If we don't exit, additional errors
      ** appear about modifying headers making it confusing)
      */
      echo t('Your regular expression "%regex" does not validate.  Please press the back button on your browser to fix the error you see above.', array('%regex' => $edit['filter']));
      exit (1);
    }
    if ($edit['scid']) {
      db_query("UPDATE {spam_custom} SET filter = '%s', regex = %d, effect = %d, autodelete = %d WHERE scid = %d", $edit['filter'], $edit['regex'], $edit['effect'], $edit['autodelete'], $edit['scid']);
      drupal_set_message(t('Custom filter "%filter" updated.', array('%filter' => htmlspecialchars($edit['filter']))));
    }
    else {
      // there's no reason to allow duplicate filters
      $duplicate = db_fetch_object(db_query("SELECT scid FROM {spam_custom} WHERE filter = '%s'", $edit['filter']));
      if ($duplicate->scid) {
        drupal_set_message(t('Custom filter "%filter" already exists.', array('%filter' => htmlspecialchars($edit['filter']))), 'error');
      }
      else {
        db_query("INSERT INTO {spam_custom} (filter, regex, effect, autodelete) VALUES('%s', %d, %d, %d)", $edit['filter'], $edit['regex'], $edit['effect'], $edit['autodelete']);
        drupal_set_message(t('Custom filter "%filter" added.', array('%filter' => htmlspecialchars($edit['filter']))));
      }
    }
  }
}

function _spam_load_custom($scid, $type = 'object') {
  $result = db_query('SELECT * FROM {spam_custom} WHERE scid = %d', $scid);
  if ($type == 'object') {
    $custom = db_fetch_object($result);
  }
  else {
    $custom = db_fetch_array($result);
  }
  return $custom;
}

function spam_admin_custom_delete_confirm($edit = array()) {
  $group = t('Are you sure you want to delete the "%filter" filter?', array('%filter' => htmlspecialchars($edit['filter']))) .'<br />';
  $group .= form_hidden('scid', $edit['scid']);
  $group .= form_submit(t('Delete filter'));
  $output = form_group('Confirm filter deletion', $group);
  return form($output, 'post', url('admin/spam/custom'));
}

function spam_admin_custom_delete($scid) {
  db_query('DELETE FROM {spam_custom} WHERE scid = %d', $scid);
  drupal_set_message(t('Filter deleted.'));
}

function spam_admin() {
  $op = $_POST['op'];
  $edit = $_POST['edit'];

  if (empty($op)) {
    $op = arg(1);
  }

  switch ($op) {
    case 'spam':
      switch (arg(2)) {
        case 'rebuild':
          $output = spam_admin_rebuild_check(arg(3));
          break;
        case 'custom':
          switch (arg(4)) {
            case 'edit':
              $edit = _spam_load_custom(arg(3), 'array');
              $output = spam_admin_custom($edit);
              break;
            case 'delete':
              $edit = _spam_load_custom(arg(3), 'array');
              $output = spam_admin_custom_delete_confirm($edit);
              break;
            default:
              $output = spam_admin_custom();
              break;