From 652654d4d592e570b1243fcb649dddb7e0e4d9db Mon Sep 17 00:00:00 2001 From: saxmatt Date: Mon, 10 Jan 2005 20:21:06 +0000 Subject: [PATCH] Spam tastes great, we should eat more of it. Add 'spam' approval value, and basic blacklist. git-svn-id: http://svn.automattic.com/wordpress/trunk@2075 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/edit-comments.php | 2 +- wp-admin/options-discussion.php | 11 +++++-- wp-admin/upgrade-schema.php | 8 +++-- wp-includes/comment-functions.php | 12 +------ wp-includes/functions-post.php | 55 +++++++++++++++++++++++++++---- 5 files changed, 64 insertions(+), 24 deletions(-) diff --git a/wp-admin/edit-comments.php b/wp-admin/edit-comments.php index 4ab252577a..bf5d5b41d3 100644 --- a/wp-admin/edit-comments.php +++ b/wp-admin/edit-comments.php @@ -66,7 +66,7 @@ if (isset($_GET['s'])) { else $offset = 0; - $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments ORDER BY comment_date DESC LIMIT $offset,20"); + $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20"); } if ('view' == $mode) { if ($comments) { diff --git a/wp-admin/options-discussion.php b/wp-admin/options-discussion.php index dd87e9b586..1dd959818a 100644 --- a/wp-admin/options-discussion.php +++ b/wp-admin/options-discussion.php @@ -22,7 +22,7 @@ if ($action == 'retrospam') {

- +
(These settings may be overridden for individual articles.)') ?>
+
+ +

+

+ +

diff --git a/wp-admin/upgrade-schema.php b/wp-admin/upgrade-schema.php index c4f9b864fd..20dfb35ee3 100644 --- a/wp-admin/upgrade-schema.php +++ b/wp-admin/upgrade-schema.php @@ -22,7 +22,7 @@ CREATE TABLE $wpdb->comments ( comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00', comment_content text NOT NULL, comment_karma int(11) NOT NULL default '0', - comment_approved enum('0','1') NOT NULL default '1', + comment_approved enum('0','1','spam') NOT NULL default '1', comment_agent varchar(255) NOT NULL default '', comment_type varchar(20) NOT NULL default '', comment_parent int(11) NOT NULL default '0', @@ -212,6 +212,7 @@ function populate_options() { add_option('stylesheet', 'default'); add_option('comment_whitelist', 1); add_option('page_uris'); + add_option('blacklist_keys'); // Delete unused options $unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl'); @@ -220,9 +221,10 @@ function populate_options() { endforeach; // Set up a few options not to load by default - $fatoptions = array( 'moderation_keys', 'recently_edited' ); + $fatoptions = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' ); foreach ($fatoptions as $fatoption) : $wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'"); endforeach; } -?> + +?> \ No newline at end of file diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php index f8bca5eca5..a08d500bf1 100644 --- a/wp-includes/comment-functions.php +++ b/wp-includes/comment-functions.php @@ -724,7 +724,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) { // Comment whitelisting: if ( 1 == get_settings('comment_whitelist')) { if( $author != '' && $email != '' ) { - $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author_email = '$email' and comment_approved = '1' "); + $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' "); if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) ) return true; } else { @@ -732,16 +732,6 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) { } } - // Useless numeric encoding is a pretty good spam indicator: - // Extract entities: - if (preg_match_all('/&#(\d+);/',$comment,$chars)) { - foreach ($chars[1] as $char) { - // If it's an encoded char in the normal ASCII set, reject - if ($char < 128) - return false; - } - } - $mod_keys = trim( get_settings('moderation_keys') ); if ('' == $mod_keys ) return true; // If moderation keys are empty diff --git a/wp-includes/functions-post.php b/wp-includes/functions-post.php index c88cb89b49..c5307e2a74 100644 --- a/wp-includes/functions-post.php +++ b/wp-includes/functions-post.php @@ -381,8 +381,45 @@ function user_can_edit_user($user_id, $other_user) { return false; } +function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) { + global $wpdb; -function wp_new_comment( $commentdata ) { + if ( preg_match_all('/&#(\d+);/', $comment, $chars) ) { + foreach ($chars[1] as $char) { + // If it's an encoded char in the normal ASCII set, reject + if ($char < 128) + return true; + } + } + + $mod_keys = trim( get_settings('blacklist_keys') ); + if ('' == $mod_keys ) + return false; // If moderation keys are empty + $words = explode("\n", $mod_keys ); + + foreach ($words as $word) { + $word = trim($word); + + // Skip empty lines + if ( empty($word) ) { continue; } + + // Do some escaping magic so that '#' chars in the + // spam words don't break things: + $word = preg_quote($word, '#'); + + $pattern = "#$word#i"; + if ( preg_match($pattern, $author ) ) return true; + if ( preg_match($pattern, $email ) ) return true; + if ( preg_match($pattern, $url ) ) return true; + if ( preg_match($pattern, $comment ) ) return true; + if ( preg_match($pattern, $user_ip ) ) return true; + if ( preg_match($pattern, $user_agent) ) return true; + } + + return false; +} + +function wp_new_comment( $commentdata, $spam = false ) { global $wpdb; $commentdata = apply_filters('preprocess_comment', $commentdata); @@ -412,10 +449,12 @@ function wp_new_comment( $commentdata ) { die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); } - if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) ) + if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) ) $approved = 1; else $approved = 0; + if ( wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) ) + $approved = 'spam'; $result = $wpdb->query("INSERT INTO $wpdb->comments (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type) @@ -426,11 +465,13 @@ function wp_new_comment( $commentdata ) { $comment_id = $wpdb->insert_id; do_action('comment_post', $comment_id); - if ( !$approved ) - wp_notify_moderator($comment_id); - - if ( get_settings('comments_notify') && $approved ) - wp_notify_postauthor($comment_id, 'comment'); + if ( 'spam' != $approved ) { // If it's spam save it silently for later crunching + if ( !$approved ) + wp_notify_moderator($comment_id); + + if ( get_settings('comments_notify') && $approved ) + wp_notify_postauthor($comment_id, 'comment'); + } return $result; }