function akismet_cron_recheck() { global $wpdb; $status = akismet_verify_key(akismet_get_key()); if (get_option('akismet_alert_code') || $status == 'invalid') { // since there is currently a problem with the key, reschedule a check for 6 hours hence wp_schedule_single_event(time() + 21600, 'akismet_schedule_cron_recheck'); return false; } delete_option('akismet_available_servers'); $comment_errors = $wpdb->get_col("\n\t\tSELECT comment_id\n\t\tFROM {$wpdb->prefix}commentmeta\n\t\tWHERE meta_key = 'akismet_error'\n\t\tLIMIT 100\n\t"); foreach ((array) $comment_errors as $comment_id) { // if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck $comment = get_comment($comment_id); if (!$comment || strtotime($comment->comment_date_gmt) < strtotime("-15 days")) { delete_comment_meta($comment_id, 'akismet_error'); continue; } add_comment_meta($comment_id, 'akismet_rechecking', true); $status = akismet_check_db_comment($comment_id, 'retry'); $msg = ''; if ($status == 'true') { $msg = __('Akismet caught this comment as spam during an automatic retry.'); } elseif ($status == 'false') { $msg = __('Akismet cleared this comment during an automatic retry.'); } // If we got back a legit response then update the comment history // other wise just bail now and try again later. No point in // re-trying all the comments once we hit one failure. if (!empty($msg)) { delete_comment_meta($comment_id, 'akismet_error'); akismet_update_comment_history($comment_id, $msg, 'cron-retry'); update_comment_meta($comment_id, 'akismet_result', $status); // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. $comment = get_comment($comment_id); if ($comment && 'unapproved' == wp_get_comment_status($comment_id)) { if ($status == 'true') { wp_spam_comment($comment_id); } elseif ($status == 'false') { // comment is good, but it's still in the pending queue. depending on the moderation settings // we may need to change it to approved. if (check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type)) { wp_set_comment_status($comment_id, 1); } } } } else { delete_comment_meta($comment_id, 'akismet_rechecking'); wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck'); return; } delete_comment_meta($comment_id, 'akismet_rechecking'); } $remaining = $wpdb->get_var("SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'"); if ($remaining && !wp_next_scheduled('akismet_schedule_cron_recheck')) { wp_schedule_single_event(time() + 1200, 'akismet_schedule_cron_recheck'); } }
/** * ajax_save_comment - Saves a comment to the database, returns the updated comment via JSON * * Returns a JSON object of the saved comment * * @since 1.0 * * @param string $_POST[ 'comment_content' ] The comment to save * @param int $_POST[ 'comment_id' ] The Comment ID * @param int $_POST[ 'post_id' ] The Comment's Post ID * @param string $_POST[ 'nonce' ] The nonce to check against * @return JSON object */ public function ajax_save_comment() { define('DOING_SCE', true); $new_comment_content = trim($_POST['comment_content']); $comment_id = absint($_POST['comment_id']); $post_id = absint($_POST['post_id']); $nonce = $_POST['nonce']; $return = array(); $return['errors'] = false; $return['remove'] = false; //If set to true, removes the editing interface //Do a nonce check if (!wp_verify_nonce($nonce, 'sce-edit-comment' . $comment_id)) { $return['errors'] = true; $return['remove'] = true; $return['error'] = $this->errors->get_error_message('nonce_fail'); die(json_encode($return)); } //Check to see if the user can edit the comment if (!$this->can_edit($comment_id, $post_id)) { $return['errors'] = true; $return['remove'] = true; $return['error'] = $this->errors->get_error_message('edit_fail'); die(json_encode($return)); } //Check that the content isn't empty if ('' == $new_comment_content || 'undefined' == $new_comment_content) { $return['errors'] = true; $return['error'] = $this->errors->get_error_message('comment_empty'); die(json_encode($return)); } //Get original comment $comment_to_save = get_comment($comment_id, ARRAY_A); //Check the comment if ($comment_to_save['comment_approved'] == 1) { if (check_comment($comment_to_save['comment_author'], $comment_to_save['comment_author_email'], $comment_to_save['comment_author_url'], $new_comment_content, $comment_to_save['comment_author_IP'], $comment_to_save['comment_agent'], $comment_to_save['comment_type'])) { $comment_to_save['comment_approved'] = 1; } else { $comment_to_save['comment_approved'] = 0; } } //Check comment against blacklist if (wp_blacklist_check($comment_to_save['comment_author'], $comment_to_save['comment_author_email'], $comment_to_save['comment_author_url'], $new_comment_content, $comment_to_save['comment_author_IP'], $comment_to_save['comment_agent'])) { $comment_to_save['comment_approved'] = 'spam'; } //Update comment content with new content $comment_to_save['comment_content'] = $new_comment_content; //Before save comment /** * Filter: sce_comment_check_errors * * Return a custom error message based on the saved comment * * @since 1.2.4 * * @param bool $custom_error Default custom error. Overwrite with a string * @param array $comment_to_save Associative array of comment attributes */ $custom_error = apply_filters('sce_comment_check_errors', false, $comment_to_save); //Filter expects a string returned - $comment_to_save is an associative array if (is_string($custom_error) && !empty($custom_error)) { $return['errors'] = true; $return['error'] = esc_html($custom_error); die(json_encode($return)); } /** * Filter: sce_save_before * * Allow third parties to modify comment * * @since 1.5.0 * * @param object $comment_to_save The Comment Object * @param int $post_id The Post ID * @param int $comment_id The Comment ID */ $comment_to_save = apply_filters('sce_save_before', $comment_to_save, $post_id, $comment_id); //Save the comment wp_update_comment($comment_to_save); /** * Action: sce_save_after * * Allow third parties to save content after a comment has been updated * * @since 1.5.0 * * @param object $comment_to_save The Comment Object * @param int $post_id The Post ID * @param int $comment_id The Comment ID */ ob_start(); do_action('sce_save_after', $comment_to_save, $post_id, $comment_id); ob_end_clean(); //If the comment was marked as spam, return an error if ($comment_to_save['comment_approved'] === 'spam') { $return['errors'] = true; $return['remove'] = true; $return['error'] = $this->errors->get_error_message('comment_marked_spam'); $this->remove_comment_cookie($comment_to_save); die(json_encode($return)); } //Check the new comment for spam with Akismet if (function_exists('akismet_check_db_comment')) { if (akismet_verify_key(get_option('wordpress_api_key')) != "failed") { //Akismet $response = akismet_check_db_comment($comment_id); if ($response == "true") { //You have spam wp_set_comment_status($comment_id, 'spam'); $return['errors'] = true; $return['remove'] = true; $return['error'] = $this->errors->get_error_message('comment_marked_spam'); $this->remove_comment_cookie($comment_to_save); die(json_encode($return)); } } } $comment_to_return = $this->get_comment($comment_id); $comment_content_to_return = $this->get_comment_content($comment_to_return); //Ajax response $return['comment_text'] = $comment_content_to_return; $return['error'] = ''; die(json_encode($return)); }
function akismet_cron_recheck( $data ) { global $wpdb; delete_option('akismet_available_servers'); $comment_errors = $wpdb->get_col( " SELECT comment_id FROM {$wpdb->prefix}commentmeta WHERE meta_key = 'akismet_error' " ); foreach ( (array) $comment_errors as $comment_id ) { add_comment_meta( $comment_id, 'akismet_rechecking', true ); $status = akismet_check_db_comment( $comment_id, 'retry' ); $msg = ''; if ( $status == 'true' ) { $msg = __( 'Akismet caught this comment as spam during an automatic retry.' ); } elseif ( $status == 'false' ) { $msg = __( 'Akismet cleared this comment during an automatic retry.' ); } // If we got back a legit response then update the comment history // other wise just bail now and try again later. No point in // re-trying all the comments once we hit one failure. if ( !empty( $msg ) ) { delete_comment_meta( $comment_id, 'akismet_error' ); akismet_update_comment_history( $comment_id, $msg, 'cron-retry' ); update_comment_meta( $comment_id, 'akismet_result', $status ); // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. $comment = get_comment( $comment_id ); if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) { if ( $status == 'true' ) { wp_spam_comment( $comment_id ); } elseif ( $status == 'false' ) { // comment is good, but it's still in the pending queue. depending on the moderation settings // we may need to change it to approved. if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) ) wp_set_comment_status( $comment_id, 1 ); } } } else { delete_comment_meta( $comment_id, 'akismet_rechecking' ); wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); return; } } }
function check_spam($commentID = 0, $postID = 0) { $options = $this->adminOptions; //Check to see if spam protection is enabled if ($options['spam_protection'] == "none") { return false; } //Return if user is post author or can edit posts if ($this->is_comment_owner($postID)) { return false; } if (function_exists("akismet_check_db_comment") && $options['spam_protection'] == 'akismet') { //Akismet //Check to see if there is a valid API key if (akismet_verify_key(get_option('wordpress_api_key')) != "failed") { //Akismet $response = akismet_check_db_comment($commentID); if ($response == "true") { //You have spam wp_set_comment_status($commentID, 'spam'); return true; } } } elseif ($options['spam_protection'] == "defensio" && function_exists('defensio_post')) { //Defensio global $defensio_conf, $wpdb; $comment = get_comment($commentID, ARRAY_A); if (!$comment) { return true; } $comment['owner-url'] = $defensio_conf['blog']; $comment['user-ip'] = $comment['comment_author_IP']; $comment['article-date'] = strftime("%Y/%m/%d", strtotime($wpdb->get_var("SELECT post_date FROM {$wpdb->posts} WHERE ID=" . $comment['comment_post_ID']))); $comment['comment-author'] = $comment['comment_author']; $comment['comment-author-email'] = $comment['comment_author_email']; $comment['comment-author-url'] = $comment['comment_author_url']; $comment['comment-content'] = defensio_unescape_string($comment['comment_content']); if (!isset($comment['comment_type']) or empty($comment['comment_type'])) { $comment['comment-type'] = 'comment'; } else { $comment['comment-type'] = $comment['comment_type']; } if (defensio_reapply_wp_comment_preferences($comment) === "spam") { return true; } $results = defensio_post('audit-comment', $comment); $ar = Spyc::YAMLLoad($results); if (isset($ar['defensio-result'])) { if ($ar['defensio-result']['spam']) { wp_set_comment_status($commentID, 'spam'); return true; } } } return false; }