Track and check user agent for comments.
git-svn-id: http://svn.automattic.com/wordpress/trunk@1603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
5d597fb226
commit
ddba48add2
|
@ -15,6 +15,7 @@ function add_magic_quotes($array) {
|
||||||
if (!get_magic_quotes_gpc()) {
|
if (!get_magic_quotes_gpc()) {
|
||||||
$_POST = add_magic_quotes($_POST);
|
$_POST = add_magic_quotes($_POST);
|
||||||
$_COOKIE = add_magic_quotes($_COOKIE);
|
$_COOKIE = add_magic_quotes($_COOKIE);
|
||||||
|
$_SERVER = add_magic_quotes($_SERVER);
|
||||||
}
|
}
|
||||||
|
|
||||||
$author = trim(strip_tags($_POST['author']));
|
$author = trim(strip_tags($_POST['author']));
|
||||||
|
@ -28,6 +29,8 @@ $url = ((!stristr($url, '://')) && ($url != '')) ? 'http://'.$url : $url;
|
||||||
if (strlen($url) < 7)
|
if (strlen($url) < 7)
|
||||||
$url = '';
|
$url = '';
|
||||||
|
|
||||||
|
$user_agent = $_SERVER['HTTP_USER_AGENT'];
|
||||||
|
|
||||||
$comment = trim($_POST['comment']);
|
$comment = trim($_POST['comment']);
|
||||||
$comment_post_ID = intval($_POST['comment_post_ID']);
|
$comment_post_ID = intval($_POST['comment_post_ID']);
|
||||||
$user_ip = $_SERVER['REMOTE_ADDR'];
|
$user_ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
@ -62,16 +65,16 @@ if (!empty($lasttime)) {
|
||||||
|
|
||||||
// If we've made it this far, let's post.
|
// If we've made it this far, let's post.
|
||||||
|
|
||||||
if(check_comment($author, $email, $url, $comment, $user_ip)) {
|
if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) ) {
|
||||||
$approved = 1;
|
$approved = 1;
|
||||||
} else {
|
} else {
|
||||||
$approved = 0;
|
$approved = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
$wpdb->query("INSERT INTO $wpdb->comments
|
$wpdb->query("INSERT INTO $wpdb->comments
|
||||||
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
|
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
|
||||||
VALUES
|
VALUES
|
||||||
('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
|
('$comment_post_ID', '$author', '$email', '$url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
|
||||||
");
|
");
|
||||||
|
|
||||||
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
|
$comment_ID = $wpdb->get_var('SELECT last_insert_id()');
|
||||||
|
|
|
@ -1493,6 +1493,7 @@ function check_comment($author, $email, $url, $comment, $user_ip) {
|
||||||
if ( preg_match($pattern, $url) ) return false;
|
if ( preg_match($pattern, $url) ) return false;
|
||||||
if ( preg_match($pattern, $comment) ) return false;
|
if ( preg_match($pattern, $comment) ) return false;
|
||||||
if ( preg_match($pattern, $user_ip) ) return false;
|
if ( preg_match($pattern, $user_ip) ) return false;
|
||||||
|
if ( preg_match($pattern, $useg_agent) ) return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -54,6 +54,8 @@ if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
|
||||||
$now = current_time('mysql');
|
$now = current_time('mysql');
|
||||||
$now_gmt = current_time('mysql', 1);
|
$now_gmt = current_time('mysql', 1);
|
||||||
|
|
||||||
|
$user_agent = addslashes($_SERVER['HTTP_USER_AGENT']);
|
||||||
|
|
||||||
$comment = convert_chars($comment);
|
$comment = convert_chars($comment);
|
||||||
$comment = format_to_post($comment);
|
$comment = format_to_post($comment);
|
||||||
|
|
||||||
|
@ -66,16 +68,16 @@ if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) {
|
||||||
$comment_moderation = get_settings('comment_moderation');
|
$comment_moderation = get_settings('comment_moderation');
|
||||||
$moderation_notify = get_settings('moderation_notify');
|
$moderation_notify = get_settings('moderation_notify');
|
||||||
|
|
||||||
if(check_comment($author, $email, $url, $comment, $user_ip)) {
|
if(check_comment($author, $email, $url, $comment, $user_ip, $user_agent)) {
|
||||||
$approved = 1;
|
$approved = 1;
|
||||||
} else {
|
} else {
|
||||||
$approved = 0;
|
$approved = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = $wpdb->query("INSERT INTO $wpdb->comments
|
$result = $wpdb->query("INSERT INTO $wpdb->comments
|
||||||
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved)
|
(comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent)
|
||||||
VALUES
|
VALUES
|
||||||
('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved')
|
('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent')
|
||||||
");
|
");
|
||||||
|
|
||||||
if (!$result) {
|
if (!$result) {
|
||||||
|
|
Loading…
Reference in New Issue