Spam tastes great, we should eat more of it. Add 'spam' approval value, and basic blacklist.

git-svn-id: http://svn.automattic.com/wordpress/trunk@2075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
saxmatt 2005-01-10 20:21:06 +00:00
parent 2ce6f9608d
commit 652654d4d5
5 changed files with 64 additions and 24 deletions

View File

@ -66,7 +66,7 @@ if (isset($_GET['s'])) {
else
$offset = 0;
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments ORDER BY comment_date DESC LIMIT $offset,20");
$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_approved = '0' OR comment_approved = '1' ORDER BY comment_date DESC LIMIT $offset,20");
}
if ('view' == $mode) {
if ($comments) {

View File

@ -22,7 +22,7 @@ if ($action == 'retrospam') {
<h2><?php _e('Discussion Options') ?></h2>
<form name="form1" method="post" action="options.php">
<input type="hidden" name="action" value="update" />
<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys'" />
<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys'" />
<fieldset class="options">
<legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend>
<ul>
@ -79,7 +79,14 @@ if ($action == 'retrospam') {
<textarea name="moderation_keys" cols="60" rows="4" id="moderation_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('moderation_keys'); ?></textarea>
</p>
<p>
<a id="retrospambutton" href="options-discussion.php?action=retrospam" title="Click this link to check old comments for spam that your current filters would catch.">Check past comments against current word list</a>
<a id="retrospambutton" href="options-discussion.php?action=retrospam"><?php _e('Check past comments against moderation list'); ?></a>
</p>
</fieldset>
<fieldset class="options">
<legend><?php _e('Comment Blacklist') ?></legend>
<p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
<p>
<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea>
</p>
</fieldset>
<p class="submit">

View File

@ -22,7 +22,7 @@ CREATE TABLE $wpdb->comments (
comment_date_gmt datetime NOT NULL default '0000-00-00 00:00:00',
comment_content text NOT NULL,
comment_karma int(11) NOT NULL default '0',
comment_approved enum('0','1') NOT NULL default '1',
comment_approved enum('0','1','spam') NOT NULL default '1',
comment_agent varchar(255) NOT NULL default '',
comment_type varchar(20) NOT NULL default '',
comment_parent int(11) NOT NULL default '0',
@ -212,6 +212,7 @@ function populate_options() {
add_option('stylesheet', 'default');
add_option('comment_whitelist', 1);
add_option('page_uris');
add_option('blacklist_keys');
// Delete unused options
$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl');
@ -220,9 +221,10 @@ function populate_options() {
endforeach;
// Set up a few options not to load by default
$fatoptions = array( 'moderation_keys', 'recently_edited' );
$fatoptions = array( 'moderation_keys', 'recently_edited', 'blacklist_keys' );
foreach ($fatoptions as $fatoption) :
$wpdb->query("UPDATE $wpdb->options SET `autoload` = 'no' WHERE option_name = '$fatoption'");
endforeach;
}
?>

View File

@ -724,7 +724,7 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) {
// Comment whitelisting:
if ( 1 == get_settings('comment_whitelist')) {
if( $author != '' && $email != '' ) {
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author_email = '$email' and comment_approved = '1' ");
$ok_to_comment = $wpdb->get_var("SELECT comment_approved FROM $wpdb->comments WHERE comment_author = '$author' AND comment_author_email = '$email' and comment_approved = '1' ");
if ( 1 == $ok_to_comment && false === strpos( $email, get_settings('moderation_keys')) )
return true;
} else {
@ -732,16 +732,6 @@ function check_comment($author, $email, $url, $comment, $user_ip, $user_agent) {
}
}
// Useless numeric encoding is a pretty good spam indicator:
// Extract entities:
if (preg_match_all('/&#(\d+);/',$comment,$chars)) {
foreach ($chars[1] as $char) {
// If it's an encoded char in the normal ASCII set, reject
if ($char < 128)
return false;
}
}
$mod_keys = trim( get_settings('moderation_keys') );
if ('' == $mod_keys )
return true; // If moderation keys are empty

View File

@ -381,8 +381,45 @@ function user_can_edit_user($user_id, $other_user) {
return false;
}
function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) {
global $wpdb;
function wp_new_comment( $commentdata ) {
if ( preg_match_all('/&#(\d+);/', $comment, $chars) ) {
foreach ($chars[1] as $char) {
// If it's an encoded char in the normal ASCII set, reject
if ($char < 128)
return true;
}
}
$mod_keys = trim( get_settings('blacklist_keys') );
if ('' == $mod_keys )
return false; // If moderation keys are empty
$words = explode("\n", $mod_keys );
foreach ($words as $word) {
$word = trim($word);
// Skip empty lines
if ( empty($word) ) { continue; }
// Do some escaping magic so that '#' chars in the
// spam words don't break things:
$word = preg_quote($word, '#');
$pattern = "#$word#i";
if ( preg_match($pattern, $author ) ) return true;
if ( preg_match($pattern, $email ) ) return true;
if ( preg_match($pattern, $url ) ) return true;
if ( preg_match($pattern, $comment ) ) return true;
if ( preg_match($pattern, $user_ip ) ) return true;
if ( preg_match($pattern, $user_agent) ) return true;
}
return false;
}
function wp_new_comment( $commentdata, $spam = false ) {
global $wpdb;
$commentdata = apply_filters('preprocess_comment', $commentdata);
@ -416,6 +453,8 @@ function wp_new_comment( $commentdata ) {
$approved = 1;
else
$approved = 0;
if ( wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_agent) )
$approved = 'spam';
$result = $wpdb->query("INSERT INTO $wpdb->comments
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent, comment_type)
@ -426,11 +465,13 @@ function wp_new_comment( $commentdata ) {
$comment_id = $wpdb->insert_id;
do_action('comment_post', $comment_id);
if ( 'spam' != $approved ) { // If it's spam save it silently for later crunching
if ( !$approved )
wp_notify_moderator($comment_id);
if ( get_settings('comments_notify') && $approved )
wp_notify_postauthor($comment_id, 'comment');
}
return $result;
}