Details
-
Type:
Sub-task
-
Status: Closed
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 1.6.9, 1.7.7, 1.8.8, 1.9.4
-
Component/s: Administration
-
Labels:None
-
Affected Branches:MOODLE_16_STABLE, MOODLE_17_STABLE, MOODLE_18_STABLE, MOODLE_19_STABLE
-
Fixed Branches:MOODLE_16_STABLE, MOODLE_17_STABLE, MOODLE_18_STABLE, MOODLE_19_STABLE, MOODLE_20_STABLE
Description
Dongsheng, can you turn spamcleaner.php (MDL-17144) into an admin report and backport it all the way back to 1.6?
Gliffy Diagrams
Issue Links
- has a non-specific relationship to
-
MDL-17144
Implement spamcleaner.php tool to clean up damaged profiles
-
- Closed
-
Activity
loops like this was not merged into HEAD, right?
merging to HEAD now and fixing problems in 1.9.x and HEAD...
merged into HEAD, fixed old report title in admin tree, normalised external page name
Fixed theoretical XSS - title attributes must be processed with s() 
fixed some xhtml strict problems too
fixed repeated format_text() - should be used only once
Backported to 1.8, 1,7 and 1.6.
In Moodle 1.6, yui is not supported internally, so I have to modify js code to run without yui.
Thanks for testing.
Works pretty well under 1.9 and 1.8. I haven't tested under 1.7 and 1.6. The report helped me to find a dozen of spam profiles at a site with 10k users. I had an issue with the report page layout and non-working Ignore/Delete buttons but I suppose that was because of non-valid HTML in the spam profiles. Maybe we can force HTML purifying of the profile description?
A note (haven't tested): CSS definition can be included inline in the profile. A spammer could, in theory, write a CSS so the profile content does not display at the report page, or is replaced by a look-like-a-valid profile. Any ideas regarding this?
IMO can be closed as the script seems to be successfully implemented as an admin report. Thanks for your work on this!
Closing.
The one for 1.9.5 is look good, Dongsheng! Now we just need 1.8, 1.7 and 1.6 versions!