mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 01:27:36 +01:00
Spam tastes great, we should eat more of it. Add 'spam' approval value, and basic blacklist.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
2ce6f9608d
commit
652654d4d5
@ -66,7 +66,7 @@ if (isset($_GET['s'])) {
|
|||||||
else
|
else
|
||||||
$offset = 0;
|
$offset = 0;
|
||||||
|
|
||||||
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments ORDER BY comment_date DESC LIMIT $offset,20");
|
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
|
||||||
}
|
}
|
||||||
if ('view' == $mode) {
|
if ('view' == $mode) {
|
||||||
if ($comments) {
|
if ($comments) {
|
||||||
|
@ -22,7 +22,7 @@ if ($action == 'retrospam') {
|
|||||||
<h2><?php _e('Discussion Options') ?></h2>
|
<h2><?php _e('Discussion Options') ?></h2>
|
||||||
<form name="form1" method="post" action="options.php">
|
<form name="form1" method="post" action="options.php">
|
||||||
<input type="hidden" name="action" value="update" />
|
<input type="hidden" name="action" value="update" />
|
||||||
<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys'" />
|
<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys'" />
|
||||||
<fieldset class="options">
|
<fieldset class="options">
|
||||||
<legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend>
|
<legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend>
|
||||||
<ul>
|
<ul>
|
||||||
@ -79,7 +79,14 @@ if ($action == 'retrospam') {
|
|||||||
<textarea name="moderation_keys" cols="60" rows="4" id="moderation_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('moderation_keys'); ?></textarea>
|
<textarea name="moderation_keys" cols="60" rows="4" id="moderation_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('moderation_keys'); ?></textarea>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<a id="retrospambutton" href="options-discussion.php?action=retrospam" title="Click this link to check old comments for spam that your current filters would catch.">Check past comments against current word list</a>
|
<a id="retrospambutton" href="options-discussion.php?action=retrospam"><?php _e('Check past comments against moderation list'); ?></a>
|
||||||
|
</p>
|
||||||
|
</fieldset>
|
||||||
|
<fieldset class="options">
|
||||||
|
<legend><?php _e('Comment Blacklist') ?></legend>
|
||||||
|
<p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
|
||||||
|
<p>
|
||||||
|
<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea>
|
||||||
</p>
|
</p>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
<p class="submit">
|
<p class="submit">
|
||||||
|
@ -22,7 +22,7 @@ CREATE TABLE $wpdb->comments (
|
|||||||
comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
|
comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
|
||||||
comment_content text NOT NULL,
|
comment_content text NOT NULL,
|
||||||
comment_karma int(11) NOT NULL default '0',
|
comment_karma int(11) NOT NULL default '0',
|
||||||
comment_approved enum('0','1') NOT NULL default '1',
|
comment_approved enum('0','1','spam') NOT NULL default '1',
|
||||||
comment_agent varchar(255) NOT NULL default '',
|
comment_agent varchar(255) NOT NULL default '',
|
||||||
comment_type varchar(20) NOT NULL default '',
|
comment_type varchar(20) NOT NULL default '',
|
||||||
comment_parent int(11) NOT NULL default '0',
|
comment_parent int(11) NOT NULL default '0',
|
||||||
@ -212,6 +212,7 @@ function populate_options() {
|
|||||||
add_option('stylesheet', 'default');
|
add_option('stylesheet', 'default');
|
||||||
add_option('comment_whitelist', 1);
|
add_option('comment_whitelist', 1);
|
||||||
add_option('page_uris');
|
add_option('page_uris');
|
||||||
|
add_option('blacklist_keys');
|
||||||
|
|
||||||
// Delete unused options
|
// Delete unused options
|
||||||
$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl');
|
$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl');
|
||||||
@ -220,9 +221,10 @@ function populate_options() {
|
|||||||
endforeach;
|
endforeach;
|
||||||
|
|
||||||
// Set up a few options not to load by default
|
// Set up a few options not to load by default
|
||||||
$fatoptions = array( 'moderation_keys', 'recently_edited' );
|
$fatoptions = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
|
||||||
foreach ($fatoptions as $fatoption) :
|
foreach ($fatoptions as $fatoption) :
|
||||||
$wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'");
|
$wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'");
|
||||||
endforeach;
|
endforeach;
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
@ -724,7 +724,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) {
|
|||||||
// Comment whitelisting:
|
// Comment whitelisting:
|
||||||
if ( 1 == get_settings('comment_whitelist')) {
|
if ( 1 == get_settings('comment_whitelist')) {
|
||||||
if( $author != '' && $email != '' ) {
|
if( $author != '' && $email != '' ) {
|
||||||
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author_email = '$email' and comment_approved = '1' ");
|
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
|
||||||
if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
|
if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
|
||||||
return true;
|
return true;
|
||||||
} else {
|
} else {
|
||||||
@ -732,16 +732,6 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Useless numeric encoding is a pretty good spam indicator:
|
|
||||||
// Extract entities:
|
|
||||||
if (preg_match_all('/&#(\d+);/',$comment,$chars)) {
|
|
||||||
foreach ($chars[1] as $char) {
|
|
||||||
// If it's an encoded char in the normal ASCII set, reject
|
|
||||||
if ($char < 128)
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$mod_keys = trim( get_settings('moderation_keys') );
|
$mod_keys = trim( get_settings('moderation_keys') );
|
||||||
if ('' == $mod_keys )
|
if ('' == $mod_keys )
|
||||||
return true; // If moderation keys are empty
|
return true; // If moderation keys are empty
|
||||||
|
@ -381,8 +381,45 @@ function user_can_edit_user($user_id, $other_user) {
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) {
|
||||||
|
global $wpdb;
|
||||||
|
|
||||||
function wp_new_comment( $commentdata ) {
|
if ( preg_match_all('/&#(\d+);/', $comment, $chars) ) {
|
||||||
|
foreach ($chars[1] as $char) {
|
||||||
|
// If it's an encoded char in the normal ASCII set, reject
|
||||||
|
if ($char < 128)
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$mod_keys = trim( get_settings('blacklist_keys') );
|
||||||
|
if ('' == $mod_keys )
|
||||||
|
return false; // If moderation keys are empty
|
||||||
|
$words = explode("\n", $mod_keys );
|
||||||
|
|
||||||
|
foreach ($words as $word) {
|
||||||
|
$word = trim($word);
|
||||||
|
|
||||||
|
// Skip empty lines
|
||||||
|
if ( empty($word) ) { continue; }
|
||||||
|
|
||||||
|
// Do some escaping magic so that '#' chars in the
|
||||||
|
// spam words don't break things:
|
||||||
|
$word = preg_quote($word, '#');
|
||||||
|
|
||||||
|
$pattern = "#$word#i";
|
||||||
|
if ( preg_match($pattern, $author ) ) return true;
|
||||||
|
if ( preg_match($pattern, $email ) ) return true;
|
||||||
|
if ( preg_match($pattern, $url ) ) return true;
|
||||||
|
if ( preg_match($pattern, $comment ) ) return true;
|
||||||
|
if ( preg_match($pattern, $user_ip ) ) return true;
|
||||||
|
if ( preg_match($pattern, $user_agent) ) return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
function wp_new_comment( $commentdata, $spam = false ) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
|
|
||||||
$commentdata = apply_filters('preprocess_comment', $commentdata);
|
$commentdata = apply_filters('preprocess_comment', $commentdata);
|
||||||
@ -416,6 +453,8 @@ function wp_new_comment( $commentdata ) {
|
|||||||
$approved = 1;
|
$approved = 1;
|
||||||
else
|
else
|
||||||
$approved = 0;
|
$approved = 0;
|
||||||
|
if ( wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) )
|
||||||
|
$approved = 'spam';
|
||||||
|
|
||||||
$result = $wpdb->query("INSERT INTO $wpdb->comments
|
$result = $wpdb->query("INSERT INTO $wpdb->comments
|
||||||
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type)
|
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type)
|
||||||
@ -426,11 +465,13 @@ function wp_new_comment( $commentdata ) {
|
|||||||
$comment_id = $wpdb->insert_id;
|
$comment_id = $wpdb->insert_id;
|
||||||
do_action('comment_post', $comment_id);
|
do_action('comment_post', $comment_id);
|
||||||
|
|
||||||
|
if ( 'spam' != $approved ) { // If it's spam save it silently for later crunching
|
||||||
if ( !$approved )
|
if ( !$approved )
|
||||||
wp_notify_moderator($comment_id);
|
wp_notify_moderator($comment_id);
|
||||||
|
|
||||||
if ( get_settings('comments_notify') && $approved )
|
if ( get_settings('comments_notify') && $approved )
|
||||||
wp_notify_postauthor($comment_id, 'comment');
|
wp_notify_postauthor($comment_id, 'comment');
|
||||||
|
}
|
||||||
|
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user