Ejemplo n.º 1
0
function antispam_check_spam($arg = array())
{
    $options_key = 'plugin_antispam';
    $options = mso_get_option($options_key, 'plugins', array());
    // все опции
    if (!isset($options['antispam_on'])) {
        $options['antispam_on'] = false;
    }
    // включен ли антиспам
    if (!$options['antispam_on']) {
        return;
    }
    if (!isset($options['logging'])) {
        $options['logging'] = false;
    }
    // разрешено ли логирование?
    if (!isset($options['moderation_links'])) {
        $options['moderation_links'] = true;
    }
    // модерировать все ссылки
    if (!isset($options['logging_file'])) {
        $options['logging_file'] = '';
    }
    // разрешено ли логирование?
    if (!isset($options['black_ip'])) {
        $options['black_ip'] = '';
    }
    // черный список IP
    if (!isset($options['black_words'])) {
        $options['black_words'] = '';
    }
    // черный список слов
    if (!isset($options['moderation_words'])) {
        $options['moderation_words'] = '';
    }
    // список слов модерации
    $black_ip = explode("\n", trim($options['black_ip']));
    if (in_array($arg['comments_author_ip'], $black_ip)) {
        if ($options['logging']) {
            antispam_log($options['logging_file'], 'BLACK_IP: ' . $arg['comments_author_ip'] . NR . 'PAGE_ID: ' . $arg['comments_page_id'] . NR . 'DATE: ' . $arg['comments_date'] . NR . 'CONTENT: ' . NR . $arg['comments_content']);
        }
        return array('check_spam' => true, 'message' => t('Для вашего IP комментирование запрещено!'));
    }
    $black_words = explode("\n", trim($options['black_words']));
    foreach ($black_words as $word) {
        if ($word and mb_stristr($arg['comments_content'], $word, false, 'UTF-8') or $word and $arg['comments_author'] and mb_stristr($arg['comments_author'], $word, false, 'UTF-8')) {
            if ($options['logging']) {
                antispam_log($options['logging_file'], 'BLACK WORD: ' . $word . NR . 'IP: ' . $arg['comments_author_ip'] . NR . 'PAGE_ID: ' . $arg['comments_page_id'] . NR . 'DATE: ' . $arg['comments_date'] . NR . 'CONTENT: ' . NR . $arg['comments_content']);
            }
            return array('check_spam' => true, 'message' => t('Вы используете запрещенные слова!'));
        }
    }
    if ($options['moderation_links']) {
        // Если в комментарии хоть одна ссылка - сразу на модерацию
        $check_a = strpos($arg['comments_content'], '<a') === false ? false : true;
        if ($check_a) {
            return array('moderation' => 1);
        }
        // отправим на модерацию
    }
    $moderation_words = explode("\n", trim($options['moderation_words']));
    foreach ($moderation_words as $word) {
        if ($word and mb_stristr($arg['comments_content'], $word, false, 'UTF-8')) {
            return array('moderation' => 1);
        }
    }
}
function antispam_check_comment($commentdata)
{
    global $antispam_settings;
    $rn = "\r\n";
    // .chr(13).chr(10)
    extract($commentdata);
    $antispam_pre_error_message = '<p><strong><a href="javascript:window.history.back()">Go back</a></strong> and try again.</p>';
    $antispam_error_message = '';
    if ($antispam_settings['send_spam_comment_to_admin'] || $antispam_settings['log_spam_comment']) {
        // if sending email to admin is enabled or loging
        $post = get_post($comment->comment_post_ID);
        $antispam_message_spam_info = 'Spam for post: "' . $post->post_title . '"' . $rn;
        $antispam_message_spam_info .= get_permalink($comment->comment_post_ID) . $rn . $rn;
        $antispam_message_spam_info .= 'IP: ' . $_SERVER['REMOTE_ADDR'] . $rn;
        $antispam_message_spam_info .= 'User agent: ' . $_SERVER['HTTP_USER_AGENT'] . $rn;
        $antispam_message_spam_info .= 'Referer: ' . $_SERVER['HTTP_REFERER'] . $rn . $rn;
        $antispam_message_spam_info .= 'Comment data:' . $rn;
        // lets see what comment data spammers try to submit
        foreach ($commentdata as $key => $value) {
            $antispam_message_spam_info .= '$commentdata[' . $key . '] = ' . $value . $rn;
        }
        $antispam_message_spam_info .= $rn . $rn;
        $antispam_message_spam_info .= 'Post vars:' . $rn;
        // lets see what post vars spammers try to submit
        foreach ($_POST as $key => $value) {
            $antispam_message_spam_info .= '$_POST[' . $key . '] = ' . $value . $rn;
        }
        $antispam_message_spam_info .= $rn . $rn;
        $antispam_message_spam_info .= 'Cookie vars:' . $rn;
        // lets see what cookie vars spammers try to submit
        foreach ($_COOKIE as $key => $value) {
            $antispam_message_spam_info .= '$_COOKIE[' . $key . '] = ' . $value . $rn;
        }
        $antispam_message_spam_info .= $rn . $rn;
        $antispam_message_append = '-----------------------------' . $rn;
        $antispam_message_append .= 'This is spam comment rejected by Anti-spam plugin - wordpress.org/plugins/anti-spam/' . $rn;
        $antispam_message_append .= 'You may edit "anti-spam.php" file and disable this notification.' . $rn;
        $antispam_message_append .= 'You should find "$antispam_send_spam_comment_to_admin" and make it equal to "false".' . $rn;
    }
    if (!is_user_logged_in() && $comment_type != 'pingback' && $comment_type != 'trackback') {
        // logged in user is not a spammer
        $spam_flag = false;
        if (trim($_POST['antspm-q']) != date('Y')) {
            // year-answer is wrong - it is spam
            if (trim($_POST['antspm-d']) != date('Y')) {
                // extra js-only check: there is no js added input - it is spam
                $spam_flag = true;
                if (empty($_POST['antspm-q'])) {
                    // empty answer - it is spam
                    $antispam_error_message .= 'Error: empty answer. [' . esc_attr($_POST['antspm-q']) . ']<br> ' . $rn;
                } else {
                    $antispam_error_message .= 'Error: answer is wrong. [' . esc_attr($_POST['antspm-q']) . ']<br> ' . $rn;
                }
            }
        }
        if (!empty($_POST['antspm-e-email-url-website'])) {
            // trap field is not empty - it is spam
            $spam_flag = true;
            $antispam_error_message .= 'Error: field should be empty. [' . esc_attr($_POST['antspm-e-email-url-website']) . ']<br> ' . $rn;
        }
        if ($spam_flag) {
            // it is spam
            $antispam_error_message .= '<strong>Comment was blocked because it is spam.</strong><br> ';
            if ($antispam_settings['send_spam_comment_to_admin']) {
                $antispam_subject = 'Spam comment on site [' . get_bloginfo('name') . ']';
                // email subject
                $antispam_message = '';
                $antispam_message .= $antispam_error_message . $rn . $rn;
                $antispam_message .= $antispam_message_spam_info;
                // spam comment, post, cookie and other data
                $antispam_message .= $antispam_message_append;
                @wp_mail($antispam_settings['admin_email'], $antispam_subject, $antispam_message);
                // send spam comment to admin email
            }
            if ($antispam_settings['log_spam_comment']) {
                $antispam_message = $rn . $rn . '========== ========== ==========' . $rn . $rn;
                $antispam_message .= $antispam_error_message . $rn . $rn;
                $antispam_message .= $antispam_message_spam_info;
                // spam comment, post, cookie and other data
                antispam_log($antispam_message);
            }
            antispam_counter_stats();
            wp_die($antispam_pre_error_message . $antispam_error_message);
            // die - do not send comment and show errors
        }
    }
    if (!$antispam_settings['allow_trackbacks']) {
        // if trackbacks are blocked (pingbacks are alowed)
        if ($comment_type == 'trackback') {
            // if trackbacks ( || $comment_type == 'pingback')
            $antispam_error_message .= 'Error: trackbacks are disabled.<br> ';
            if ($antispam_settings['send_spam_comment_to_admin']) {
                // if sending email to admin is enabled
                $antispam_subject = 'Spam trackback on site [' . get_bloginfo('name') . ']';
                // email subject
                $antispam_message = '';
                $antispam_message .= $antispam_error_message . $rn . $rn;
                $antispam_message .= $antispam_message_spam_info;
                // spam comment, post, cookie and other data
                $antispam_message .= $antispam_message_append;
                @wp_mail($antispam_settings['admin_email'], $antispam_subject, $antispam_message);
                // send trackback comment to admin email
            }
            antispam_counter_stats();
            wp_die($antispam_pre_error_message . $antispam_error_message);
            // die - do not send trackback
        }
    }
    return $commentdata;
    // if comment does not looks like spam
}