Ticket #37319: comment.php.13.patch
| File comment.php.13.patch, 5.2 KB (added by , 10 years ago) |
|---|
-
src/wp-includes/comment.php
36 36 * trackback, or pingback. 37 37 * @return bool If all checks pass, true, otherwise false. 38 38 */ 39 function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type) {39 function check_comment( $author, $email, $url, $comment, $user_ip, $user_agent, $comment_type ) { 40 40 global $wpdb; 41 41 42 42 // If manual moderation is enabled, skip all checks and return false. 43 if ( 1 == get_option('comment_moderation') ) 43 if ( 1 == get_option( 'comment_moderation' ) ) { 44 44 45 return false; 45 46 } 46 47 /** This filter is documented in wp-includes/comment-template.php */ 47 48 $comment = apply_filters( 'comment_text', $comment ); 48 49 49 50 // Check for the number of external links if a max allowed number is set. 50 if ( $max_links = get_option( 'comment_max_links' ) ) { 51 /** 52 * Filters the maximum number of links allowed in a comment. 53 * 54 * @since 4.6.0 55 * 56 * @param int $max_links The number of links allowed. 57 * @param string $url Comment author's URL. Included in allowed links total. 58 */ 59 if ( $max_links = apply_filters( 'comment_max_links_allowed', get_option( 'comment_max_links' ), $url ) ) { 51 60 $num_links = preg_match_all( '/<a [^>]*href/i', $comment, $out ); 52 61 53 62 /** … … 54 63 * Filters the maximum number of links allowed in a comment. 55 64 * 56 65 * @since 3.0.0 66 * @deprecated 4.6.0 Use links_found_in_comment instead. 57 67 * 58 68 * @param int $num_links The number of links allowed. 59 69 * @param string $url Comment author's URL. Included in allowed links total. … … 60 70 */ 61 71 $num_links = apply_filters( 'comment_max_links_url', $num_links, $url ); 62 72 73 74 /** 75 * Filters the maximum number of links allowed in a comment. 76 * 77 * @since 4.6.0 78 * 79 * @param int $num_links The number of links allowed. 80 * @param string $url Comment author's URL. Included in allowed links total. 81 */ 82 $num_links = apply_filters( 'links_found_in_comment', $num_links, $url ); 83 63 84 /* 64 85 * If the number of links in the comment exceeds the allowed amount, 65 86 * fail the check by returning false. 66 87 */ 67 if ( $num_links >= $max_links ) 88 if ( $num_links >= $max_links ) { 89 68 90 return false; 91 } 69 92 } 70 93 71 $mod_keys = trim( get_option('moderation_keys'));94 $mod_keys = trim( get_option( 'moderation_keys' ) ); 72 95 73 96 // If moderation 'keys' (keywords) are set, process them. 74 if ( ! empty($mod_keys) ) {75 $words = explode( "\n", $mod_keys );97 if ( ! empty( $mod_keys ) ) { 98 $words = explode( '\n', $mod_keys ); 76 99 77 foreach ( (array) $words as $word ) {78 $word = trim( $word);100 foreach ( (array) $words as $word ) { 101 $word = trim( $word ); 79 102 80 103 // Skip empty lines. 81 if ( empty($word) ) 104 if ( empty( $word ) ) { 105 82 106 continue; 107 } 83 108 84 109 /* 85 110 * Do some escaping magic so that '#' (number of) characters in the spam 86 111 * words don't break things: 87 112 */ 88 $word = preg_quote( $word, '#');113 $word = preg_quote( $word, '#' ); 89 114 90 115 /* 91 116 * Check the comment fields for moderation keywords. If any are found, … … 92 117 * fail the check for the given field by returning false. 93 118 */ 94 119 $pattern = "#$word#i"; 95 if ( preg_match( $pattern, $author) ) return false;96 if ( preg_match( $pattern, $email) ) return false;97 if ( preg_match( $pattern, $url) ) return false;98 if ( preg_match( $pattern, $comment) ) return false;99 if ( preg_match( $pattern, $user_ip) ) return false;100 if ( preg_match( $pattern, $user_agent) ) return false;120 if ( preg_match( $pattern, $author ) ) { return false; }; 121 if ( preg_match( $pattern, $email ) ) { return false; }; 122 if ( preg_match( $pattern, $url ) ) { return false; }; 123 if ( preg_match( $pattern, $comment ) ) { return false; }; 124 if ( preg_match( $pattern, $user_ip ) ) { return false; }; 125 if ( preg_match( $pattern, $user_agent ) ) { return false; }; 101 126 } 102 127 } 103 128 … … 108 133 * as well as whether there are any moderation keywords (if set) present in the author 109 134 * email address. If both checks pass, return true. Otherwise, return false. 110 135 */ 111 if ( 1 == get_option( 'comment_whitelist')) {112 if ( 'trackback' != $comment_type && 'pingback' != $comment_type && $author != '' && $email != '') {136 if ( 1 == get_option( 'comment_whitelist' ) ) { 137 if ( 'trackback' != $comment_type && 'pingback' != $comment_type && '' != $author && '' != $email ) { 113 138 // expected_slashed ($author, $email) 114 $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1"); 115 if ( ( 1 == $ok_to_comment ) && 116 ( empty($mod_keys) || false === strpos( $email, $mod_keys) ) ) 117 return true; 118 else 139 $ok_to_comment = $wpdb->get_var( "SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' LIMIT 1" ); 140 if ( ( 1 == $ok_to_comment ) && ( empty( $mod_keys ) || false === strpos( $email, $mod_keys ) ) ) { 141 142 return true; 143 } else { 144 119 145 return false; 146 } 120 147 } else { 148 121 149 return false; 122 150 } 123 151 }