function __construct($comment)
{
$ini = eZINI::instance('akismet.ini');
$blogURL = $ini->variable('SiteSettings', 'BlogURL');
$apiKey = $ini->variable('AccountSettings', 'APIKey');
parent::__construct($blogURL, $apiKey);
if (isset($comment['permalink'])) {
parent::setPermalink($comment['permalink']);
}
if ($comment['type']) {
parent::setCommentType($comment['type']);
}
if (isset($comment['author'])) {
parent::setCommentAuthor($comment['author']);
} else {
parent::setCommentAuthor('');
}
if (isset($comment['email'])) {
parent::setCommentAuthorEmail($comment['email']);
}
if ($comment['website']) {
parent::setCommentAuthorURL($comment['website']);
}
if ($comment['body']) {
parent::setCommentContent($comment['body']);
}
}
/**
* Function: create
* Attempts to create a comment using the passed information. If the Akismet API key is present, it will check it.
*
* Parameters:
* $body - The comment.
* $author - The name of the commenter.
* $url - The commenter's website.
* $email - The commenter's email.
* $post - The <Post> they're commenting on.
* $parent - The <Comment> they're replying to.
* $notify - Notification on follow-up comments.
* $type - The type of comment. Optional, used for trackbacks/pingbacks.
*/
static function create($body, $author, $url, $email, $post, $parent, $notify, $type = null)
{
if (!self::user_can($post->id) and !in_array($type, array("trackback", "pingback"))) {
return;
}
$config = Config::current();
$route = Route::current();
$visitor = Visitor::current();
if (!$type) {
$status = $post->user_id == $visitor->id ? "approved" : $config->default_comment_status;
$type = "comment";
} else {
$status = $type;
}
if (!empty($config->akismet_api_key)) {
$akismet = new Akismet($config->url, $config->akismet_api_key);
$akismet->setCommentContent($body);
$akismet->setCommentAuthor($author);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentAuthorEmail($email);
$akismet->setPermalink($post->url());
$akismet->setCommentType($type);
$akismet->setReferrer($_SERVER['HTTP_REFERER']);
$akismet->setUserIP($_SERVER['REMOTE_ADDR']);
if ($akismet->isCommentSpam()) {
self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], "spam", $post->id, $visitor->id, $parent, $notify);
error(__("Spam Comment"), __("Your comment has been marked as spam. It has to be reviewed and/or approved by an admin.", "comments"));
} else {
$comment = self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], $status, $post->id, $visitor->id, $parent, $notify);
fallback($_SESSION['comments'], array());
$_SESSION['comments'][] = $comment->id;
if (isset($_POST['ajax'])) {
exit("{ \"comment_id\": \"" . $comment->id . "\", \"comment_timestamp\": \"" . $comment->created_at . "\" }");
}
Flash::notice(__("Comment added."), $post->url() . "#comments");
}
} else {
$comment = self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], $status, $post->id, $visitor->id, $parent, $notify);
fallback($_SESSION['comments'], array());
$_SESSION['comments'][] = $comment->id;
if (isset($_POST['ajax'])) {
exit("{ \"comment_id\": \"" . $comment->id . "\", \"comment_timestamp\": \"" . $comment->created_at . "\" }");
}
Flash::notice(__("Comment added."), $post->url() . "#comment");
}
}
/**
* Akismet Operations
*
* Send a message to check for spam. If the message is flagged as spam, true is returned.
*
* @param string|array $data The message to check
*
* @return bool True if the message is flagged as spam, false if not
*/
public static function akismet($data)
{
global $cache, $config, $db, $user;
if (!$config['asacp_enable'] || !$config['asacp_akismet_enable'] || !$config['asacp_akismet_key']) {
return false;
}
if ($user->data['is_registered']) {
if ($user->data['user_posts'] > $config['asacp_akismet_post_limit'] && $config['asacp_akismet_post_limit'] > 0) {
return false;
}
}
// else the user is a guest
if (!class_exists('Akismet')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'antispam/Akismet.class.' . $phpEx;
}
$akismet = new Akismet($config['asacp_akismet_domain'], $config['asacp_akismet_key']);
$akismet->setUserIP($user->ip);
$akismet->setCommentType('comment');
$akismet->setCommentAuthor($user->data['username']);
$akismet->setCommentAuthorEmail($user->data['user_email']);
$akismet->setCommentContent((string) $data);
return $akismet->isCommentSpam() ? true : false;
}
function report_ham($c)
{
$spam = $this->db->quick_query('SELECT * FROM %pspam WHERE spam_id=%d', $c);
if (!$spam) {
return $this->message('Spam Control', 'There is no such spam comment.', 'Continue', '/index.php?a=spam_control');
}
if ($this->user['user_level'] == USER_CONTRIBUTOR) {
$user = null;
if ($spam['spam_type'] == COMMENT_BLOG) {
$user = $this->db->quick_query('SELECT post_user FROM %blogposts WHERE post_id=%d', $spam['spam_post']);
} else {
if ($spam['spam_type'] == COMMENT_GALLERY) {
$user = $this->db->quick_query('SELECT photo_user FROM %pphotogallery WHERE photo_id=%d', $spam['spam_post']);
} else {
if ($spam['spam_type'] == COMMENT_FILE) {
$user = $this->db->quick_query('SELECT file_user FROM %pfilelist WHERE file_id=%d', $spam['spam_post']);
}
}
}
if (!$user) {
return $this->error('Access Denied: You do not own the entry you are trying to report.');
}
}
$svars = json_decode($spam['spam_server'], true);
// Setup and deliver the information to flag this comment as legit with Akismet.
require_once 'lib/akismet.php';
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->version);
$akismet->setCommentAuthor($spam['spam_author']);
$akismet->setCommentAuthorURL($spam['spam_url']);
$akismet->setCommentContent($spam['spam_message']);
$akismet->setUserIP($spam['spam_ip']);
$akismet->setReferrer($svars['HTTP_REFERER']);
$akismet->setUserAgent($svars['HTTP_USER_AGENT']);
$akismet->setCommentType('comment');
$akismet->submitHam();
$q = $spam['spam_post'];
$author = $spam['spam_user'];
$author_name = $spam['spam_author'];
$message = $spam['spam_message'];
$url = $spam['spam_url'];
$time = $spam['spam_date'];
$ip = $spam['spam_ip'];
$type = $spam['spam_type'];
$this->settings['spam_count']--;
$this->settings['ham_count']++;
$this->save_settings();
$this->db->dbquery("INSERT INTO %pblogcomments\n\t\t (comment_post, comment_user, comment_author, comment_message, comment_date, comment_ip, comment_type)\n\t\t VALUES ( %d, %d, '%s', '%s', %d, '%s', %d)", $q, $author, $author_name, $message, $time, $ip, $type);
if ($type == COMMENT_BLOG) {
$this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count+1 WHERE post_id=%d', $q);
} elseif ($type == COMMENT_GALLERY) {
$this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count+1 WHERE photo_id=%d', $q);
} elseif ($type == COMMENT_FILE) {
$this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count+1 WHERE file_id=%d', $q);
}
$this->db->dbquery('DELETE FROM %pspam WHERE spam_id=%d', $c);
return $this->message('Spam Control', 'Comment has been posted and Akismet notified of a false positive.', 'Continue', $this->settings['site_address'] . 'index.php?a=spam_control');
}
WHERE post_id = ' . $post_id;
$result = $db->sql_query($sql);
$post = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($post) {
if (!class_exists('Akismet')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'antispam/Akismet.class.' . $phpEx;
}
$post['decoded_text'] = $post['post_text'];
decode_message($post['decoded_text'], $post['bbcode_uid']);
$akismet = new Akismet($config['asacp_akismet_domain'], $config['asacp_akismet_key']);
$akismet->setUserIP($post['poster_ip']);
$akismet->setReferrer('');
$akismet->setCommentUserAgent('');
$akismet->setCommentType('comment');
$akismet->setCommentAuthor($user_row['username']);
$akismet->setCommentAuthorEmail($user_row['user_email']);
$akismet->setCommentContent($post['decoded_text']);
$akismet->submitSpam();
}
}
trigger_error(sprintf($user->lang['ASACP_BAN_COMPLETE'], append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=viewprofile&u={$user_id}")));
} else {
if (isset($_REQUEST['confirm_key']) && $error) {
// Hack to fix the confirm_box if we need to come back to it because of an error
unset($_REQUEST['confirm_key']);
}
// Build the ban actions string
$user->add_lang('mods/acp_asacp');
$ban_actions = array();
function delete_comment()
{
if (!isset($this->get['c'])) {
return $this->message('Delete Comment', 'No comment was specified for editing.');
}
$c = intval($this->get['c']);
$comment = $this->db->quick_query('SELECT c.*, u.* FROM %pblogcomments c
LEFT JOIN %pusers u ON u.user_id=c.comment_user
WHERE comment_id=%d', $c);
if (!$comment) {
return $this->message('Delete Comment', 'No such comment was found for deletion.');
}
if (!isset($this->get['confirm'])) {
$xtpl = new XTemplate('./skins/' . $this->skin . '/AdminCP/post_comment_edit.xtpl');
$xtpl->assign('token', $this->generate_token());
$xtpl->assign('author', htmlspecialchars($comment['user_name']));
$params = POST_BBCODE | POST_EMOTICONS;
$xtpl->assign('text', $this->format($comment['comment_message'], $params));
$xtpl->assign('date', date($this->settings['blog_dateformat'], $comment['comment_date']));
$link = 'admin.php?a=posts&s=del_comment&c=' . $c;
$sp = null;
if (isset($this->get['t']) && $this->get['t'] == 'spam') {
$link .= '&t=spam';
$sp = '<br />This comment will be reported as spam.';
}
$xtpl->assign('action_link', $link);
$xtpl->assign('sp', $sp);
$xtpl->parse('Comment.Delete');
return $xtpl->text('Comment.Delete');
}
if (!$this->is_valid_token()) {
return $this->error('Invalid or expired security token. Please go back, reload the form, and try again.');
}
$out = null;
if (isset($this->get['t']) && $this->get['t'] == 'spam') {
// Time to report the spammer before we delete the comment. Hopefully this is enough info to strike back with.
require_once 'lib/akismet.php';
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key']);
$akismet->setCommentAuthor($comment['user_name']);
$akismet->setCommentAuthorURL($comment['user_url']);
$akismet->setCommentContent($comment['comment_message']);
$akismet->setUserIP($comment['comment_ip']);
$akismet->setReferrer($comment['comment_referrer']);
$akismet->setCommentUserAgent($comment['comment_agent']);
$akismet->setCommentType('comment');
$akismet->submitSpam();
$this->settings['spam_count']++;
$this->settings['spam_uncaught']++;
$this->save_settings();
$out .= 'Comment tagged as spam and reported.<br />';
}
$this->db->dbquery('DELETE FROM %pblogcomments WHERE comment_id=%d', $c);
if ($comment['comment_type'] == COMMENT_BLOG) {
$this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count-1 WHERE post_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_GALLERY) {
$this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count-1 WHERE photo_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_FILE) {
$this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count-1 WHERE file_id=%d', $comment['comment_post']);
}
$out .= 'Comment has been deleted.';
return $this->message('Delete Comment', $out, 'Continue', "admin.php?a=posts&s=edit&p={$comment['comment_post']}");
}
function cmtx_akismet($name, $email, $website, $comment)
{
//check Akismet test for spam
global $cmtx_path;
//globalise variables
$name = cmtx_strip_slashes(cmtx_decode($name));
$email = cmtx_strip_slashes(cmtx_decode($email));
$website = cmtx_strip_slashes(cmtx_decode($website));
if ($website == 'http://') {
$website = '';
}
$comment = cmtx_strip_slashes(cmtx_decode($comment));
if (!class_exists('Akismet')) {
require_once $cmtx_path . 'includes/external/akismet/akismet.php';
//load Akismet script
}
$WordPressAPIKey = cmtx_setting('akismet_key');
//set API key
$MyBlogURL = cmtx_setting('site_url');
$akismet = new Akismet($MyBlogURL, $WordPressAPIKey);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($website);
$akismet->setCommentContent($comment);
$akismet->setCommentType('comment');
$akismet->setPermalink(cmtx_current_page());
if ($akismet->isCommentSpam()) {
return true;
} else {
return false;
}
}
function execute()
{
$owner = 'Administrator';
if (isset($this->settings['site_owner'])) {
$owner = $this->settings['site_owner'];
}
$this->title('Contact ' . $owner);
$errors = array();
$name = '';
$email = '';
$subject = '';
$message = '';
if (isset($this->post['name'])) {
$name = $this->post['name'];
}
if (isset($this->post['email'])) {
$email = $this->post['email'];
}
if (isset($this->post['subject'])) {
$subject = $this->post['subject'];
}
if (isset($this->post['comments'])) {
$message = $this->post['comments'];
}
if (isset($this->post['submit'])) {
if (!isset($this->post['name']) || empty($this->post['name'])) {
array_push($errors, 'You did not enter your name.');
}
if (!isset($this->post['email']) || !$this->is_email($this->post['email'])) {
array_push($errors, 'You did not enter a valid email address.');
}
if (!isset($this->post['subject']) || empty($this->post['subject'])) {
array_push($errors, 'You did not enter a subject.');
}
if (!isset($this->post['comments']) || empty($this->post['comments'])) {
array_push($errors, 'You did not enter a message.');
}
}
if (!isset($this->post['submit']) || count($errors) != 0) {
$xtpl = new XTemplate('./skins/' . $this->skin . '/contact.xtpl');
if (count($errors) > 0) {
$xtpl->assign('errors', implode($errors, "<br />\n"));
$xtpl->parse('Contact.Errors');
}
$xtpl->assign('owner', $owner);
$xtpl->assign('name', $name);
$xtpl->assign('email', $email);
$xtpl->assign('subject', $subject);
$xtpl->assign('message', $message);
$xtpl->parse('Contact');
return $xtpl->text('Contact');
}
// I'm not sure if the anti-spam code needs to use the escaped strings or not, so I'll feed them whatever the spammer fed me.
require_once './lib/akismet.php';
$spam_checked = false;
$error_state = false;
$akismet = null;
if ($this->user['user_level'] < USER_PRIVILEGED) {
try {
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->version);
$akismet->setCommentAuthor($this->post['name']);
$akismet->setCommentAuthorEmail($this->post['email']);
$akismet->setCommentContent($this->post['comments']);
$akismet->setCommentType('contact-form');
$spam_checked = true;
} catch (Exception $e) {
$error_state = true;
}
} else {
$spam_checked = true;
}
if ($spam_checked && $akismet != null && $akismet->isCommentSpam()) {
$this->settings['email_spam_count']++;
$this->save_settings();
return $this->message('Akismet Warning', 'Your email has been rejected as spam. If you believe this to be an error, you\'ll need to find some other way to let me know.');
}
if ($error_state) {
return $this->message('Delivery Failed', 'Email delivery failed. Please try again later.');
}
$headers = "From: {$name} <{$this->settings['email_sys']}>\r\n" . "Reply-To: " . str_replace("\n", "\\n", $email) . "\r\n" . "User-IP: " . $this->ip . "\r\n" . "X-Mailer: PHP/" . phpversion();
mail($this->settings['email_adm'], '[' . $this->settings['site_name'] . '] ' . str_replace('\\n', '\\n', $subject), $message, $headers);
return $this->message('Send Email', 'Your message has been sent. You will recieve a reply to ' . htmlspecialchars($email) . ' if the message warrants it.', 'Return to Homepage', 'index.php');
}
function delete_comment()
{
// Lock this shit down!!!
if ($this->user['user_level'] < USER_PRIVILEGED) {
return $this->module->error('Access Denied: You do not have permission to perform that action.');
}
if (!isset($this->module->get['c'])) {
return $this->module->message('Delete Comment', 'No comment was specified for editing.');
}
$c = intval($this->module->get['c']);
$comment = $this->db->quick_query('SELECT c.*, u.* FROM %pblogcomments c
LEFT JOIN %pusers u ON u.user_id=c.comment_user WHERE comment_id=%d', $c);
if (!$comment) {
return $this->module->message('Delete Comment', 'No such comment was found for deletion.');
}
if ($this->user['user_id'] != $comment['comment_user'] && $this->user['user_level'] < USER_CONTRIBUTOR) {
return $this->module->error('Access Denied: You do not own the comment you are attempting to delete.');
}
// After 3 hours, you're stuck with it if you're a regular member.
if ($this->user['user_level'] == USER_PRIVILEGED && $this->module->time - $comment['comment_date'] > 10800) {
return $this->module->error('Access Denied: You cannot delete your comments after 3 hours have gone by.');
}
$user = null;
if ($comment['comment_type'] == COMMENT_BLOG) {
$user = $this->db->quick_query('SELECT post_user FROM %pblogposts WHERE post_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_GALLERY) {
$user = $this->db->quick_query('SELECT photo_user FROM %pphotogallery WHERE photo_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_FILE) {
$user = $this->db->quick_query('SELECT file_user FROM %pfilelist WHERE file_id=%d', $comment['comment_post']);
}
if (!$user) {
return $this->module->error('Access Denied: You do not own the entry you are trying to edit.');
}
if ($this->user['user_level'] == USER_CONTRIBUTOR) {
switch ($comment['comment_type']) {
case COMMENT_BLOG:
if ($this->user['user_id'] != $user['post_user'] && $this->user['user_id'] != $comment['comment_user']) {
return $this->module->error('Access Denied: You do not own the blog entry you are trying to edit.');
}
break;
case COMMENT_GALLERY:
if ($this->user['user_id'] != $user['photo_user'] && $this->user['user_id'] != $comment['comment_user']) {
return $this->module->error('Access Denied: You do not own the image entry you are trying to edit.');
}
break;
case COMMENT_FILE:
if ($this->user['user_id'] != $user['file_user'] && $this->user['user_id'] != $comment['comment_user']) {
return $this->module->error('Access Denied: You do not own the download entry you are trying to edit.');
}
break;
default:
return $this->module->error('Unknown comment type selected for editing.');
}
}
if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') {
if ($this->user['user_level'] < USER_CONTRIBUTOR) {
return $this->module->error('Access Denied: You are not authorized to report spam.');
}
}
$page = '';
if ($comment['comment_type'] == COMMENT_BLOG) {
$page = 'blog';
} elseif ($comment['comment_type'] == COMMENT_GALLERY) {
$page = 'gallery';
} elseif ($comment['comment_type'] == COMMENT_FILE) {
$page = 'downloads';
}
if (!isset($this->module->get['confirm'])) {
$author = htmlspecialchars($comment['user_name']);
$params = POST_BBCODE | POST_EMOTICONS;
$text = $this->module->format($comment['comment_message'], $params);
$date = date($this->settings['blog_dateformat'], $comment['comment_date']);
$msg = "<div class=\"title\">Comment by {$author} Posted on: {$date}</div><div class=\"article\">{$text}</div>";
$link = "index.php?a={$page}&s=del_comment&c={$c}&confirm=1";
$sp = null;
if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') {
$link .= '&t=spam';
$sp = '<br />This comment will be reported as spam.';
}
$msg .= "<div class=\"title\" style=\"text-align:center\">Are you sure you want to delete this comment?{$sp}</div>";
return $this->module->message('DELETE COMMENT', $msg, 'Delete', $link, 0);
}
$out = null;
if (isset($this->module->get['t']) && $this->module->get['t'] == 'spam') {
// Time to report the spammer before we delete the comment. Hopefully this is enough info to strike back with.
require_once 'lib/akismet.php';
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->module->version);
$akismet->setCommentAuthor($comment['user_name']);
$akismet->setCommentAuthorURL($comment['user_url']);
$akismet->setCommentContent($comment['comment_message']);
$akismet->setUserIP($comment['comment_ip']);
$akismet->setReferrer($comment['comment_referrer']);
$akismet->setCommentUserAgent($comment['comment_agent']);
$akismet->setCommentType('comment');
$akismet->submitSpam();
$this->settings['spam_count']++;
$this->settings['spam_uncaught']++;
$this->module->save_settings();
$out .= 'Comment tagged as spam and reported.<br />';
}
$this->db->dbquery('DELETE FROM %pblogcomments WHERE comment_id=%d', $c);
if ($comment['comment_type'] == COMMENT_BLOG) {
$this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count-1 WHERE post_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_GALLERY) {
$this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count-1 WHERE photo_id=%d', $comment['comment_post']);
} elseif ($comment['comment_type'] == COMMENT_FILE) {
$this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count-1 WHERE file_id=%d', $comment['comment_post']);
}
$out .= 'Comment has been deleted.';
return $this->module->message('Delete Comment', $out, 'Continue', "index.php?a={$page}&p={$comment['comment_post']}");
}
function execute()
{
$svars = array();
$this->title('Spam Control');
if (isset($this->get['s'])) {
switch ($this->get['s']) {
case 'keytest':
return $this->test_akismet_key();
}
}
if (!isset($this->get['p'])) {
return $this->display_spam_comments();
}
if (!$this->is_valid_token()) {
return $this->error('Invalid or expired security token. Please go back, reload the form, and try again.');
}
$p = intval($this->get['p']);
if ($p == 0) {
$this->db->dbquery('TRUNCATE TABLE %pspam');
return $this->message('Spam Control', 'All entries in the spam table have been cleared.', 'Continue', 'admin.php?a=spam');
}
$spam = $this->db->quick_query('SELECT s.*, u.user_name, u.user_url, u.user_id FROM %pspam s
LEFT JOIN %pusers u ON u.user_id=s.spam_user WHERE spam_id=%d', $p);
if (!$spam) {
return $this->message('Spam Control', 'There is no such spam comment.', 'Continue', 'admin.php?a=spam');
}
$out = '';
if (!isset($this->get['s']) || $this->get['s'] != 'delete_spam') {
$svars = json_decode($spam['spam_server'], true);
// Setup and deliver the information to flag this comment as legit with Akismet.
require_once 'lib/akismet.php';
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->version);
$akismet->setCommentAuthor($spam['spam_author']);
$akismet->setCommentAuthorURL($spam['user_url']);
$akismet->setCommentContent($spam['spam_message']);
$akismet->setUserIP($spam['spam_ip']);
$akismet->setReferrer($svars['HTTP_REFERER']);
$akismet->setCommentUserAgent($svars['HTTP_USER_AGENT']);
$akismet->setCommentType('Sandbox');
$akismet->submitHam();
$q = $spam['spam_post'];
$author = $spam['user_id'];
$author_name = $spam['spam_author'];
$message = $spam['spam_message'];
$url = $spam['spam_url'];
$time = $spam['spam_date'];
$ip = $spam['spam_ip'];
$type = $spam['spam_type'];
$this->settings['spam_count']--;
$this->settings['ham_count']++;
$this->save_settings();
$this->db->dbquery("INSERT INTO %pblogcomments\n\t\t\t (comment_post, comment_user, comment_author, comment_message, comment_date, comment_ip, comment_type)\n\t\t\t VALUES (%d, %d, '%s', '%s', %d, '%s', %d)", $q, $author, $author_name, $message, $time, $ip, $type);
if ($type == COMMENT_BLOG) {
$this->db->dbquery('UPDATE %pblogposts SET post_comment_count=post_comment_count+1 WHERE post_id=%d', $q);
} elseif ($type == COMMENT_GALLERY) {
$this->db->dbquery('UPDATE %pphotogallery SET photo_comment_count=photo_comment_count+1 WHERE photo_id=%d', $q);
} elseif ($type == COMMENT_FILE) {
$this->db->dbquery('UPDATE %pfilelist SET file_comment_count=file_comment_count+1 WHERE file_id=%d', $q);
}
$out .= 'Comment has been posted and Akismet notified of false positive.<br />';
}
$this->db->dbquery('DELETE FROM %pspam WHERE spam_id=%d', $p);
$out .= 'Message deleted from spam table.';
return $this->message('Spam Control', $out, 'Continue', 'admin.php?a=spam');
}
function execute()
{
if (!isset($this->get['s'])) {
$this->get['s'] = null;
}
switch ($this->get['s']) {
case 'forgotpassword':
return $this->forgot_password();
break;
case 'resetpassword':
return $this->reset_password();
break;
}
if (!isset($this->post['submit'])) {
$xtpl = new XTemplate('./skins/' . $this->skin . '/register.xtpl');
$SideBar = new sidebar($this);
$xtpl->assign('sidebar', $SideBar->build_sidebar());
$xtpl->assign('token', $this->generate_token());
if (!empty($this->settings['wordpress_api_key'])) {
$xtpl->parse('Registration.Akismet');
}
$type = mt_rand(1, 3);
$num1 = mt_rand();
$num2 = mt_rand();
$answer = 0;
switch ($type) {
case 1:
$answer = $num1 + $num2;
$op = '+';
break;
case 2:
$answer = $num1 - $num2;
$op = '-';
break;
case 3:
$answer = $num1 * $num2;
$op = '*';
break;
}
$_SESSION['answer'] = $answer;
$xtpl->assign('prompt', "What is {$num1} {$op} {$num2} ?");
$xtpl->parse('Registration');
return $xtpl->text('Registration');
}
if (!$this->is_valid_token()) {
return $this->message('New User Registration', 'Cookies are not being accepted by your browser. Please adjust your privacy settings, then go back and try again.');
}
if (!isset($this->post['user_name']) || !$this->valid_user($this->post['user_name'])) {
return $this->message('New User Registration', 'User name contains illegal characters.');
}
if (!isset($this->post['user_email']) || !$this->is_email($this->post['user_email'])) {
return $this->message('New User Registration', 'User email contains illegal characters.');
}
if (!isset($this->post['user_math'])) {
return $this->message('New User Registration', 'You failed to correctly answer the math question. Please try again.');
}
$name = $this->post['user_name'];
$email = $this->post['user_email'];
$url = $this->post['user_url'];
$pass = $this->generate_pass(8);
$dbpass = hash('sha256', $pass);
$math = $this->post['user_math'];
if ($math != $_SESSION['answer']) {
return $this->message('New User Registration', 'You failed to correctly answer the math question. Please try again.');
}
$prev_user = $this->db->quick_query("SELECT user_id FROM %pusers WHERE user_name='%s'", $name);
if ($prev_user) {
return $this->message('New User Registration', 'A user by that name has already registered here.');
}
$prev_email = $this->db->quick_query("SELECT user_id FROM %pusers WHERE user_email='%s'", $email);
if ($prev_email) {
return $this->message('New User Registration', 'A user with that email address has already registered here.');
}
require_once 'lib/akismet.php';
$spam_checked = false;
try {
$akismet = new Akismet($this->settings['site_address'], $this->settings['wordpress_api_key'], $this->version);
$akismet->setCommentAuthor($this->post['user_name']);
$akismet->setCommentAuthorEmail($this->post['user_email']);
$akismet->setCommentAuthorURL($this->post['user_url']);
$akismet->setCommentContent($this->post['user_regcomment']);
$akismet->setCommentType('signup');
$spam_checked = true;
} catch (Exception $e) {
}
if ($spam_checked && $akismet->isCommentSpam()) {
$this->settings['register_spam_count']++;
$this->save_settings();
return $this->message('Registration Failure', 'Information provided during registration has been flagged by Akismet as a spam source. You will need to find another means of contacting the administration if you wish to register.');
}
$this->settings['user_count']++;
$this->save_settings();
$level = USER_MEMBER;
$perms = PERM_URL | PERM_SIG | PERM_ICON;
$this->db->dbquery("INSERT INTO %pusers (user_name, user_password, user_email, user_url, user_level, user_perms, user_joined)\n\t\t\t\t VALUES( '%s', '%s', '%s', '%s', %d, %d, %d )", $name, $dbpass, $email, $url, $level, $perms, $this->time);
$headers = "From: {$this->settings['site_name']} <{$this->settings['email_sys']}>\r\n" . "X-Mailer: PHP/" . phpversion();
$subject = 'New account creation';
$message = "A new account has been registered for you at {$this->settings['site_name']}: {$this->settings['site_address']}\n\n";
$message .= "Your user name is: {$this->post['user_name']}\n";
$message .= "Your temporary password is: {$pass}\n\n";
$message .= 'Please write this information down as you will need it in order to log on to the site. You should change this password at your earliest convenience to something you will more easily remember.';
$message .= 'You will be able to make any changes to your user profile once you log on the first time.';
mail($this->post['user_email'], '[' . $this->settings['site_name'] . '] ' . str_replace('\\n', '\\n', $subject), $message, $headers);
$headers = "From: {$this->settings['site_name']} <{$this->settings['email_sys']}>\r\n" . "X-Mailer: PHP/" . phpversion();
$subject = 'New user signup';
$message = "A new user has signed up at {$this->settings['site_name']} named {$this->post['user_name']}\n";
mail($this->settings['email_adm'], '[' . $this->settings['site_name'] . '] ' . str_replace('\\n', '\\n', $subject), $message, $headers);
return $this->message('New User Registration', 'Your new account has been created. An email is being send to the address you provided with your temporary password.', 'Continue', '/');
}
