function akismet_cron_recheck()
{
global $wpdb;
$status = akismet_verify_key(akismet_get_key());
if (get_option('akismet_alert_code') || $status == 'invalid') {
// since there is currently a problem with the key, reschedule a check for 6 hours hence
wp_schedule_single_event(time() + 21600, 'akismet_schedule_cron_recheck');
return false;
}
delete_option('akismet_available_servers');
$comment_errors = $wpdb->get_col("\n\t\tSELECT comment_id\n\t\tFROM {$wpdb->prefix}commentmeta\n\t\tWHERE meta_key = 'akismet_error'\n\t\tLIMIT 100\n\t");
foreach ((array) $comment_errors as $comment_id) {
// if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck
$comment = get_comment($comment_id);
if (!$comment || strtotime($comment->comment_date_gmt) < strtotime("-15 days")) {
delete_comment_meta($comment_id, 'akismet_error');
continue;
}
add_comment_meta($comment_id, 'akismet_rechecking', true);
$status = akismet_check_db_comment($comment_id, 'retry');
$msg = '';
if ($status == 'true') {
$msg = __('Akismet caught this comment as spam during an automatic retry.');
} elseif ($status == 'false') {
$msg = __('Akismet cleared this comment during an automatic retry.');
}
// If we got back a legit response then update the comment history
// other wise just bail now and try again later. No point in
// re-trying all the comments once we hit one failure.
if (!empty($msg)) {
delete_comment_meta($comment_id, 'akismet_error');
akismet_update_comment_history($comment_id, $msg, 'cron-retry');
update_comment_meta($comment_id, 'akismet_result', $status);
// make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere.
$comment = get_comment($comment_id);
if ($comment && 'unapproved' == wp_get_comment_status($comment_id)) {
if ($status == 'true') {
wp_spam_comment($comment_id);
} elseif ($status == 'false') {
// comment is good, but it's still in the pending queue. depending on the moderation settings
// we may need to change it to approved.
if (check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type)) {
wp_set_comment_status($comment_id, 1);
}
}
}
} else {
delete_comment_meta($comment_id, 'akismet_rechecking');
wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck');
return;
}
delete_comment_meta($comment_id, 'akismet_rechecking');
}
$remaining = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'");
if ($remaining && !wp_next_scheduled('akismet_schedule_cron_recheck')) {
wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck');
}
}
/**
* ajax_save_comment - Saves a comment to the database, returns the updated comment via JSON
*
* Returns a JSON object of the saved comment
*
* @since 1.0
*
* @param string $_POST[ 'comment_content' ] The comment to save
* @param int $_POST[ 'comment_id' ] The Comment ID
* @param int $_POST[ 'post_id' ] The Comment's Post ID
* @param string $_POST[ 'nonce' ] The nonce to check against
* @return JSON object
*/
public function ajax_save_comment()
{
define('DOING_SCE', true);
$new_comment_content = trim($_POST['comment_content']);
$comment_id = absint($_POST['comment_id']);
$post_id = absint($_POST['post_id']);
$nonce = $_POST['nonce'];
$return = array();
$return['errors'] = false;
$return['remove'] = false;
//If set to true, removes the editing interface
//Do a nonce check
if (!wp_verify_nonce($nonce, 'sce-edit-comment' . $comment_id)) {
$return['errors'] = true;
$return['remove'] = true;
$return['error'] = $this->errors->get_error_message('nonce_fail');
die(json_encode($return));
}
//Check to see if the user can edit the comment
if (!$this->can_edit($comment_id, $post_id)) {
$return['errors'] = true;
$return['remove'] = true;
$return['error'] = $this->errors->get_error_message('edit_fail');
die(json_encode($return));
}
//Check that the content isn't empty
if ('' == $new_comment_content || 'undefined' == $new_comment_content) {
$return['errors'] = true;
$return['error'] = $this->errors->get_error_message('comment_empty');
die(json_encode($return));
}
//Get original comment
$comment_to_save = get_comment($comment_id, ARRAY_A);
//Check the comment
if ($comment_to_save['comment_approved'] == 1) {
if (check_comment($comment_to_save['comment_author'], $comment_to_save['comment_author_email'], $comment_to_save['comment_author_url'], $new_comment_content, $comment_to_save['comment_author_IP'], $comment_to_save['comment_agent'], $comment_to_save['comment_type'])) {
$comment_to_save['comment_approved'] = 1;
} else {
$comment_to_save['comment_approved'] = 0;
}
}
//Check comment against blacklist
if (wp_blacklist_check($comment_to_save['comment_author'], $comment_to_save['comment_author_email'], $comment_to_save['comment_author_url'], $new_comment_content, $comment_to_save['comment_author_IP'], $comment_to_save['comment_agent'])) {
$comment_to_save['comment_approved'] = 'spam';
}
//Update comment content with new content
$comment_to_save['comment_content'] = $new_comment_content;
//Before save comment
/**
* Filter: sce_comment_check_errors
*
* Return a custom error message based on the saved comment
*
* @since 1.2.4
*
* @param bool $custom_error Default custom error. Overwrite with a string
* @param array $comment_to_save Associative array of comment attributes
*/
$custom_error = apply_filters('sce_comment_check_errors', false, $comment_to_save);
//Filter expects a string returned - $comment_to_save is an associative array
if (is_string($custom_error) && !empty($custom_error)) {
$return['errors'] = true;
$return['error'] = esc_html($custom_error);
die(json_encode($return));
}
/**
* Filter: sce_save_before
*
* Allow third parties to modify comment
*
* @since 1.5.0
*
* @param object $comment_to_save The Comment Object
* @param int $post_id The Post ID
* @param int $comment_id The Comment ID
*/
$comment_to_save = apply_filters('sce_save_before', $comment_to_save, $post_id, $comment_id);
//Save the comment
wp_update_comment($comment_to_save);
/**
* Action: sce_save_after
*
* Allow third parties to save content after a comment has been updated
*
* @since 1.5.0
*
* @param object $comment_to_save The Comment Object
* @param int $post_id The Post ID
* @param int $comment_id The Comment ID
*/
ob_start();
do_action('sce_save_after', $comment_to_save, $post_id, $comment_id);
ob_end_clean();
//If the comment was marked as spam, return an error
if ($comment_to_save['comment_approved'] === 'spam') {
$return['errors'] = true;
$return['remove'] = true;
$return['error'] = $this->errors->get_error_message('comment_marked_spam');
$this->remove_comment_cookie($comment_to_save);
die(json_encode($return));
}
//Check the new comment for spam with Akismet
if (function_exists('akismet_check_db_comment')) {
if (akismet_verify_key(get_option('wordpress_api_key')) != "failed") {
//Akismet
$response = akismet_check_db_comment($comment_id);
if ($response == "true") {
//You have spam
wp_set_comment_status($comment_id, 'spam');
$return['errors'] = true;
$return['remove'] = true;
$return['error'] = $this->errors->get_error_message('comment_marked_spam');
$this->remove_comment_cookie($comment_to_save);
die(json_encode($return));
}
}
}
$comment_to_return = $this->get_comment($comment_id);
$comment_content_to_return = $this->get_comment_content($comment_to_return);
//Ajax response
$return['comment_text'] = $comment_content_to_return;
$return['error'] = '';
die(json_encode($return));
}
function akismet_cron_recheck( $data ) {
global $wpdb;
delete_option('akismet_available_servers');
$comment_errors = $wpdb->get_col( "
SELECT comment_id
FROM {$wpdb->prefix}commentmeta
WHERE meta_key = 'akismet_error'
" );
foreach ( (array) $comment_errors as $comment_id ) {
add_comment_meta( $comment_id, 'akismet_rechecking', true );
$status = akismet_check_db_comment( $comment_id, 'retry' );
$msg = '';
if ( $status == 'true' ) {
$msg = __( 'Akismet caught this comment as spam during an automatic retry.' );
} elseif ( $status == 'false' ) {
$msg = __( 'Akismet cleared this comment during an automatic retry.' );
}
// If we got back a legit response then update the comment history
// other wise just bail now and try again later. No point in
// re-trying all the comments once we hit one failure.
if ( !empty( $msg ) ) {
delete_comment_meta( $comment_id, 'akismet_error' );
akismet_update_comment_history( $comment_id, $msg, 'cron-retry' );
update_comment_meta( $comment_id, 'akismet_result', $status );
// make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere.
$comment = get_comment( $comment_id );
if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) {
if ( $status == 'true' ) {
wp_spam_comment( $comment_id );
} elseif ( $status == 'false' ) {
// comment is good, but it's still in the pending queue. depending on the moderation settings
// we may need to change it to approved.
if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) )
wp_set_comment_status( $comment_id, 1 );
}
}
} else {
delete_comment_meta( $comment_id, 'akismet_rechecking' );
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
return;
}
}
}
function check_spam($commentID = 0, $postID = 0)
{
$options = $this->adminOptions;
//Check to see if spam protection is enabled
if ($options['spam_protection'] == "none") {
return false;
}
//Return if user is post author or can edit posts
if ($this->is_comment_owner($postID)) {
return false;
}
if (function_exists("akismet_check_db_comment") && $options['spam_protection'] == 'akismet') {
//Akismet
//Check to see if there is a valid API key
if (akismet_verify_key(get_option('wordpress_api_key')) != "failed") {
//Akismet
$response = akismet_check_db_comment($commentID);
if ($response == "true") {
//You have spam
wp_set_comment_status($commentID, 'spam');
return true;
}
}
} elseif ($options['spam_protection'] == "defensio" && function_exists('defensio_post')) {
//Defensio
global $defensio_conf, $wpdb;
$comment = get_comment($commentID, ARRAY_A);
if (!$comment) {
return true;
}
$comment['owner-url'] = $defensio_conf['blog'];
$comment['user-ip'] = $comment['comment_author_IP'];
$comment['article-date'] = strftime("%Y/%m/%d", strtotime($wpdb->get_var("SELECT post_date FROM {$wpdb->posts} WHERE ID=" . $comment['comment_post_ID'])));
$comment['comment-author'] = $comment['comment_author'];
$comment['comment-author-email'] = $comment['comment_author_email'];
$comment['comment-author-url'] = $comment['comment_author_url'];
$comment['comment-content'] = defensio_unescape_string($comment['comment_content']);
if (!isset($comment['comment_type']) or empty($comment['comment_type'])) {
$comment['comment-type'] = 'comment';
} else {
$comment['comment-type'] = $comment['comment_type'];
}
if (defensio_reapply_wp_comment_preferences($comment) === "spam") {
return true;
}
$results = defensio_post('audit-comment', $comment);
$ar = Spyc::YAMLLoad($results);
if (isset($ar['defensio-result'])) {
if ($ar['defensio-result']['spam']) {
wp_set_comment_status($commentID, 'spam');
return true;
}
}
}
return false;
}