From 6386e0815ce541992fb0231c15624f2e072bd93f Mon Sep 17 00:00:00 2001
From: emc3 <emc3@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 3 Nov 2004 14:21:46 +0000
Subject: [PATCH] ANTI-SPAM: reject numerically encoded entities that fall in
 the normal ASCII range

git-svn-id: http://svn.automattic.com/wordpress/trunk@1844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/functions.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index a780cb770b..3c3f0a98a1 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1656,6 +1656,16 @@ function check_comment($author, $email, $url, $comment, $user_ip) {
 		}
 	}
 
+	// Useless numeric encoding is a pretty good spam indicator:
+	// Extract entities:
+	if (preg_match_all('/&#(\d+);/',$comment,$chars)) {
+		foreach ($chars[1] as $char) {
+			// If it's an encoded char in the normal ASCII set, reject
+			if ($char < 128)
+				return false;
+		}
+	}
+
 	$mod_keys = trim( get_settings('moderation_keys') );
 	if ('' == $mod_keys )
 		return true; // If moderation keys are empty