Changeset 2075

Timestamp:

01/10/2005 08:21:06 PM (21 years ago)

Author:

saxmatt

Message:

Spam tastes great, we should eat more of it. Add 'spam' approval value, and basic blacklist.

Location:

trunk

Files:

• wp-admin/edit-comments.php (modified) (1 diff)
• wp-admin/options-discussion.php (modified) (2 diffs)
• wp-admin/upgrade-schema.php (modified) (3 diffs)
• wp-includes/comment-functions.php (modified) (1 diff)
• wp-includes/functions-post.php (modified) (3 diffs)

trunk/wp-admin/edit-comments.php

@@ -67 +67 @@
         $offset = 0;
 
-    $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments ORDER BY comment_date DESC LIMIT $offset,20");
+    $comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
 }
 if ('view' == $mode) {

trunk/wp-admin/options-discussion.php

@@ -23 +23 @@
     <form name="form1" method="post" action="options.php"> 
         <input type="hidden" name="action" value="update" /> 
-        <input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys'" /> 
+        <input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys'" /> 
 <fieldset class="options">
         <legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend> 
@@ -80 +80 @@
         </p> 
         <p>
-            <a id="retrospambutton" href="options-discussion.php?action=retrospam" title="Click this link to check old comments for spam that your current filters would catch.">Check past comments against current word list</a>
+            <a id="retrospambutton" href="options-discussion.php?action=retrospam"><?php _e('Check past comments against moderation list'); ?></a>
         </p> 
+</fieldset>
+<fieldset class="options">
+    <legend><?php _e('Comment Blacklist') ?></legend>
+    <p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
+        <p> 
+            <textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> 
+        </p> 
 </fieldset>
         <p class="submit"> 

trunk/wp-admin/upgrade-schema.php

@@ -23 +23 @@
   comment_content text NOT NULL,
   comment_karma int(11) NOT NULL default '0',
-  comment_approved enum('0','1') NOT NULL default '1',
+  comment_approved enum('0','1','spam') NOT NULL default '1',
   comment_agent varchar(255) NOT NULL default '',
   comment_type varchar(20) NOT NULL default '',
@@ -213 +213 @@
     add_option('comment_whitelist', 1);
     add_option('page_uris');
+    add_option('blacklist_keys');
 
     // Delete unused options
@@ -221 +222 @@
 
     // Set up a few options not to load by default
-    $fatoptions = array( 'moderation_keys', 'recently_edited' );
+    $fatoptions = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
     foreach ($fatoptions as $fatoption) :
         $wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'");
     endforeach;
 }
+
 ?>

trunk/wp-includes/comment-functions.php

@@ -725 +725 @@
     if ( 1 == get_settings('comment_whitelist')) {
         if( $author != '' && $email != '' ) {
-            $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author_email = '$email' and comment_approved = '1' ");
+            $ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
             if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
             return true;
         } else {
             return false;
-        }
-    }
-
-    // Useless numeric encoding is a pretty good spam indicator:
-    // Extract entities:
-    if (preg_match_all('/&#(\d+);/',$comment,$chars)) {
-        foreach ($chars[1] as $char) {
-            // If it's an encoded char in the normal ASCII set, reject
-            if ($char < 128)
-                return false;
         }
     }

trunk/wp-includes/functions-post.php

@@ -382 +382 @@
 }
 
-
-function wp_new_comment( $commentdata ) {
+function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) {
+    global $wpdb;
+
+    if ( preg_match_all('/&#(\d+);/', $comment, $chars) ) {
+        foreach ($chars[1] as $char) {
+            // If it's an encoded char in the normal ASCII set, reject
+            if ($char < 128)
+                return true;
+        }
+    }
+
+    $mod_keys = trim( get_settings('blacklist_keys') );
+    if ('' == $mod_keys )
+        return false; // If moderation keys are empty
+    $words = explode("\n", $mod_keys );
+
+    foreach ($words as $word) {
+        $word = trim($word);
+
+        // Skip empty lines
+        if ( empty($word) ) { continue; }
+
+        // Do some escaping magic so that '#' chars in the 
+        // spam words don't break things:
+        $word = preg_quote($word, '#');
+        
+        $pattern = "#$word#i"; 
+        if ( preg_match($pattern, $author    ) ) return true;
+        if ( preg_match($pattern, $email     ) ) return true;
+        if ( preg_match($pattern, $url       ) ) return true;
+        if ( preg_match($pattern, $comment   ) ) return true;
+        if ( preg_match($pattern, $user_ip   ) ) return true;
+        if ( preg_match($pattern, $user_agent) ) return true;
+    }
+
+    return false;
+}
+
+function wp_new_comment( $commentdata, $spam = false ) {
     global $wpdb;
 
@@ -413 +450 @@
     }
 
-    if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) )
+    if ( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) )
         $approved = 1;
     else
         $approved = 0;
+    if ( wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) )
+        $approved = 'spam';
 
     $result = $wpdb->query("INSERT INTO $wpdb->comments 
@@ -427 +466 @@
     do_action('comment_post', $comment_id);
 
-    if ( !$approved )
-        wp_notify_moderator($comment_id);
-
-    if ( get_settings('comments_notify') && $approved )
-        wp_notify_postauthor($comment_id, 'comment');
+    if ( 'spam' != $approved ) { // If it's spam save it silently for later crunching
+        if ( !$approved )
+            wp_notify_moderator($comment_id);
+    
+        if ( get_settings('comments_notify') && $approved )
+            wp_notify_postauthor($comment_id, 'comment');
+    }
 
     return $result;