Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Track and check user agent for comments. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@1603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2004-09-05 01:50:39 +00:00
parent 5d597fb226
commit ddba48add2
3 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
wp-comments-post.php
View File

@ -15,6 +15,7 @@ function add_magic_quotes($array) {
if (!get_magic_quotes_gpc()) {
$_POST = add_magic_quotes($_POST);
$_COOKIE = add_magic_quotes($_COOKIE);
$_SERVER = add_magic_quotes($_SERVER);
}
$author = trim(strip_tags($_POST['author']));
@ -28,6 +29,8 @@ $url = ((!stristr($url, '://')) && ($url != '')) ? 'http://'.$url : $url;
if (strlen($url) < 7)
$url = '';
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$comment = trim($_POST['comment']);
$comment_post_ID = intval($_POST['comment_post_ID']);
$user_ip = $_SERVER['REMOTE_ADDR'];
@ -62,16 +65,16 @@ if (!empty($lasttime)) {
// If we've made it this far, let's post.
if(check_comment($author, $email, $url, $comment, $user_ip)) {
if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) ) {
$approved = 1;
} else {
$approved = 0;
}
$wpdb->query("INSERT INTO $wpdb->comments
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
VALUES
('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
");
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');

1
wp-includes/functions.php
View File

@ -1493,6 +1493,7 @@ function check_comment($author, $email, $url, $comment, $user_ip) {
if ( preg_match($pattern, $url) ) return false;
if ( preg_match($pattern, $comment) ) return false;
if ( preg_match($pattern, $user_ip) ) return false;
if ( preg_match($pattern, $useg_agent) ) return false;
}
return true;

8
wp-trackback.php
View File

@ -54,6 +54,8 @@ if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
$now = current_time('mysql');
$now_gmt = current_time('mysql', 1);
$user_agent = addslashes($_SERVER['HTTP_USER_AGENT']);
$comment = convert_chars($comment);
$comment = format_to_post($comment);
@ -66,16 +68,16 @@ if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
$comment_moderation = get_settings('comment_moderation');
$moderation_notify = get_settings('moderation_notify');
if(check_comment($author, $email, $url, $comment, $user_ip)) {
if(check_comment($author, $email, $url, $comment, $user_ip, $user_agent)) {
$approved = 1;
} else {
$approved = 0;
}
$result = $wpdb->query("INSERT INTO $wpdb->comments
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
VALUES
('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
");
if (!$result) {