WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 5 years ago

#7268 closed defect (bug) (worksforme)

Comments with ' or " in are treated as spam

Reported by: NigelDunn Owned by: markjaquith
Milestone: Priority: normal
Severity: normal Version: 2.5.1
Component: Comments Keywords:
Focuses: Cc:

Description

On one site we've had a number of comments being automatically classed as spam where the user has included the character ' (& also possibly "). These are being converted into ' (when I've used print_r to put create the body text for wp_mail they're actually \') and then are being flagged as spam by wp_blacklist_check.

If I amend line 415 of wp-includes/comment.php to check for character 39 as well then the same comment is added into the comment list for approval.

No extra spam filters/plugins have been included on the site, it's just using the default processing supplied by WP 2.5.1. Nothing has been added to the comment blacklist setting in Settings->Discussion

The site is running on a shared Unix server & the hosting company have switched off phpInfo(), so unfortunately I can't supply the settings there.

Change History (6)

comment:1 markjaquith5 years ago

  • Milestone changed from 2.7 to 2.8
  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

We have to figure out why characters are being encoded before the blacklist check.

comment:2 mrmist5 years ago

Possibly related to #8627 ?

comment:3 tott5 years ago

I am trying to reproduce this in order to cross check relation with #8627 and #7821. I could not. Could anyone provide the steps necessary to reproduce this case?

comment:4 mtekk5 years ago

I can't reproduce this with r10859, can any one else reproduce it? Otherwise it should probably be closed as fixed/worksforme.

comment:5 ryan5 years ago

  • Component changed from General to Comments

comment:6 Denis-de-Bernardy5 years ago

  • Milestone 2.8 deleted
  • Resolution set to worksforme
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.