function punish_comments($hours = 2) { global $globals, $db; echo "STARTING punish_comments\n"; $log = new Annotation('punish-comment'); if ($log->read() && $log->time > time() - 3600 * $hours) { echo "Comments already verified at: " . get_date_time($log->time) . "\n"; return false; } if ($globals['min_karma_for_comments'] > 0) { $min_karma = $globals['min_karma_for_comments']; } else { $min_karma = 4.5; } $votes_from = time() - $hours * 3600; // 'date_sub(now(), interval 6 hour)'; $comments_from = time() - 2 * $hours * 3600; //'date_sub(now(), interval 12 hour)'; echo "Starting karma_comments...\n"; $users = "SELECT SQL_NO_CACHE distinct comment_user_id as user_id from comments, users where comment_date > from_unixtime({$comments_from}) and comment_karma < -70 and comment_user_id = user_id and user_level != 'disabled' and user_karma >= {$min_karma}"; $result = $db->get_results($users); $log->store(); if (!$result) { return; } foreach ($result as $dbuser) { $user = new User($dbuser->user_id); printf("%07d %s\n", $user->id, $user->username); $punish = 0; $comment_votes_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(*) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}"); if ($comment_votes_count > 5) { $votes_karma = (int) $db->get_var("SELECT SQL_NO_CACHE sum(vote_value) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}"); if ($votes_karma < 50) { $distinct_votes_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(distinct comment_id) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}"); $comments_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(*) from comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from})"); $comment_coeff = min($comments_count / 10, 1) * min($distinct_votes_count / ($comments_count * 0.75), 1); $punish = max(-2, round($votes_karma * $comment_coeff * 1 / 1000, 2)); } } if ($punish < -0.1) { echo "comments: {$comments_count} votes distinct: {$distinct_votes_count} karma: {$votes_karma} coef: {$comment_coeff} -> {$punish}\n"; $user->add_karma($punish, _('Penalización por comentarios')); echo _('Penalización por negativos en comentarios') . ": {$punish}, nuevo karma: {$user->karma}\n"; $log->append(_('Penalización') . " {$user->username}: {$punish}, nuevo karma: {$user->karma}\n"); } $db->barrier(); } }
} if ($link->status == 'published') { $freq *= 2; } // Allow to play a little more if published if ($votes_freq > $freq) { if ($current_user->user_id > 0 && $current_user->user_karma > 4 && $link->status != 'published') { // Crazy votes attack, decrease karma // she does not deserve it :-) $user = new User(); $user->id = $current_user->user_id; $user->read(); $user->karma = $user->karma - 0.2; $user->store(); $annotation = new Annotation("karma-{$user->id}"); $annotation->append(_('voto cowboy') . ": -0.2, karma: {$user->karma}\n"); error(_('¡tranquilo cowboy!') . ', ' . _('tu karma ha bajado: ') . $user->karma); } else { error(_('¡tranquilo cowboy!')); } } if ($current_user->user_id > 0) { $value = $current_user->user_karma; } else { $value = $anon_karma; } if (!$link->insert_vote($value)) { if ($current_user->user_id > 0) { error(_('ya se votó antes con el mismo usuario o IP')); } else { error(_('ya se votó antes desde la misma IP'));
static function save_from_post($link) { global $db, $current_user, $globals; require_once(mnminclude.'ban.php'); $error = ''; if(check_ban_proxy() && !$globals['development']) return _('dirección IP no permitida'); // Check if is a POST of a comment if( ! ($link->votes > 0 && $link->date > $globals['now']-$globals['time_enabled_comments']*1.01 && $link->comments < $globals['max_comments'] && intval($_POST['link_id']) == $link->id && $current_user->authenticated && intval($_POST['user_id']) == $current_user->user_id && intval($_POST['randkey']) > 0 )) { return _('comentario o usuario incorrecto'); } if ($current_user->user_karma < $globals['min_karma_for_comments'] && $current_user->user_id != $link->author) { return _('karma demasiado bajo'); } $comment = new Comment; $comment->link=$link->id; $comment->ip = $db->escape($globals['user_ip']); $comment->randkey=intval($_POST['randkey']); $comment->author=intval($_POST['user_id']); $comment->karma=round($current_user->user_karma); $comment->content=clean_text_with_tags($_POST['comment_content'], 0, false, 10000); $comment->parent=intval($_POST['parent_id']); //get level $parentComment = new Comment(); $parentComment->id = intval($comment->parent); $parentComment->read_basic(); if ($parentComment->nested_level > $globals['NESTED_COMMENTS_MAX_LEVEL']) { return _('Chegache ao nivel límite de comentarios aniñados...'); } $comment->nested_level = $parentComment->nested_level + 1; // Check if is an admin comment if ($current_user->user_level == 'god' && $_POST['type'] == 'admin') { $comment->type = 'admin'; } // Don't allow to comment with a clone $hours = intval($globals['user_comments_clon_interval']); if ($hours > 0) { $clones = $current_user->get_clones($hours+1); if ( $clones) { $l = implode(',', $clones); $c = (int) $db->get_var("select count(*) from comments where comment_date > date_sub(now(), interval $hours hour) and comment_user_id in ($l)"); if ($c > 0) { syslog(LOG_NOTICE, "Meneame, clon comment ($current_user->user_login, $comment->ip) in $link->uri"); return _('ya hizo un comentario con usuarios clones'); } } } // Basic check to avoid abuses from same IP if (!$current_user->admin && $current_user->user_karma < 6.2) { // Don't check in case of admin comments or higher karma // Avoid astroturfing from the same link's author if ($link->status != 'published' && $link->ip == $globals['user_ip'] && $link->author != $comment->author) { UserAuth::insert_clon($comment->author, $link->author, $link->ip); syslog(LOG_NOTICE, "Meneame, comment-link astroturfing ($current_user->user_login, $link->ip): ".$link->get_permalink()); return _('no se puede comentar desde la misma IP del autor del envío'); } // Avoid floods with clones from the same IP if (intval($db->get_var("select count(*) from comments where comment_link_id = $link->id and comment_ip='$comment->ip' and comment_user_id != $comment->author")) > 1) { syslog(LOG_NOTICE, "Meneame, comment astroturfing ($current_user->user_login, $comment->ip)"); return _('demasiados comentarios desde la misma IP con usuarios diferentes'); } } if (mb_strlen($comment->content) < 5 || ! preg_match('/[a-zA-Z:-]/', $_POST['comment_content'])) { // Check there are at least a valid char return _('texto muy breve o caracteres no válidos'); } // Check the comment wasn't already stored $already_stored = intval($db->get_var("select count(*) from comments where comment_link_id = $comment->link and comment_user_id = $comment->author and comment_randkey = $comment->randkey")); if ($already_stored) { return _('comentario duplicado'); } if (! $current_user->admin) { $comment->get_links(); if ($comment->banned && $current_user->Date() > $globals['now'] - 86400) { syslog(LOG_NOTICE, "Meneame: comment not inserted, banned link ($current_user->user_login)"); return _('comentario no insertado, enlace a sitio deshabilitado (y usuario reciente)'); } // Lower karma to comments' spammers $comment_count = (int) $db->get_var("select count(*) from comments where comment_user_id = $current_user->user_id and comment_date > date_sub(now(), interval 3 minute)"); // Check the text is not the same $same_count = $comment->same_text_count(); $same_links_count = $comment->same_links_count(); if ($comment->banned) $same_links_count *= 2; $same_count += $same_links_count; } else { $comment_count = $same_count = 0; } $comment_limit = round(min($current_user->user_karma/6, 2) * 2.5); if ($comment_count > $comment_limit || $same_count > 2) { $reduction = 0; if ($comment_count > $comment_limit) { $reduction += ($comment_count-3) * 0.1; } if($same_count > 1) { $reduction += $same_count * 0.25; } if ($reduction > 0) { $user = new User; $user->id = $current_user->user_id; $user->read(); $user->karma = $user->karma - $reduction; syslog(LOG_NOTICE, "Meneame: story decreasing $reduction of karma to $current_user->user_login (now $user->karma)"); $user->store(); $annotation = new Annotation("karma-$user->id"); $annotation->append(_('texto repetido o abuso de enlaces en comentarios').": -$reduction, karma: $user->karma\n"); $error .= ' ' . ('penalización de karma por texto repetido o abuso de enlaces'); } } $db->transaction(); $comment->store(); $comment->insert_vote(); $link->update_comments(); $db->commit(); // Comment stored, just redirect to it page header('Location: '.$link->get_permalink() . '#c-'.$comment->order); die; //return $error; }
} else { $votes_freq = intval($db->get_var("select count(*) from votes where vote_type='comments' and vote_user_id=$current_user->user_id and vote_date > subtime(now(), '0:0:30') and vote_value <= 0 and vote_ip_int = ".$globals['user_ip_int'])); $freq = 5; } if ($votes_freq > $freq) { if ($current_user->user_id > 0 && $current_user->user_karma > 4) { // Crazy votes attack, decrease karma // she does not deserve it :-) $user = new User; $user->id = $current_user->user_id; $user->read(); $user->karma = $user->karma - 0.2; $user->store(); $annotation = new Annotation("karma-$user->id"); $annotation->append(_('Voto cowboy a comentarios').": -0.2, karma: $user->karma\n"); error(_('¡tranquilo cowboy!, tu karma ha bajado: ') . $user->karma); } else { error(_('¡tranquilo cowboy!')); } } $value = round($value * $current_user->user_karma); $r = $comment->insert_vote($value); if (!$r) { error(_('ya se votó antes con el mismo usuario o IP')); } elseif (is_array($r)) { if ($r[0] == "DELETE") { // only delete
function save_post($post_id) { global $link, $db, $post, $current_user, $globals, $site_key; $post = new Post(); $_POST['post'] = clean_text_with_tags($_POST['post'], 0, false, $globals['posts_len']); if (mb_strlen($_POST['post']) < 5) { echo 'ERROR: ' . _('texto muy corto'); die; } if ($post_id > 0) { $post->id = $post_id; if (!$post->read()) { die; } if ((intval($_POST['user_id']) == $current_user->user_id && $current_user->user_id == $post->author && time() - $post->date < 3600 || $current_user->user_level == 'god' && time() - $post->date < 864000) && $_POST['key'] == $post->randkey) { $post->content = $_POST['post']; if (strlen($post->content) > 0) { $post->store(); } } else { echo 'ERROR: ' . _('no tiene permisos para grabar'); die; } } else { if ($current_user->user_id != intval($_POST['user_id'])) { die; } if ($current_user->user_karma < $globals['min_karma_for_posts']) { echo 'ERROR: ' . _('el karma es muy bajo'); die; } // Check the post wasn't already stored $post->randkey = intval($_POST['key']); $post->author = $current_user->user_id; $post->content = $_POST['post']; $dupe = intval($db->get_var("select count(*) from posts where post_user_id = {$current_user->user_id} and post_date > date_sub(now(), interval 1 hour) and post_randkey = {$post->randkey}")); if (!$dupe && !$post->same_text_count()) { // Verify that there are a period of 1 minute between posts. if (intval($db->get_var("select count(*) from posts where post_user_id = {$current_user->user_id} and post_date > date_sub(now(), interval 1 minute)")) > 0) { echo 'ERROR: ' . _('debe esperar 1 minuto entre notas'); die; } $same_links = $post->same_links_count(); if ($same_links > 2) { $user = new User(); $user->id = $current_user->user_id; $user->read(); $reduction = $same_links * 0.2; $user->karma = $user->karma - $reduction; syslog(LOG_NOTICE, "Meneame: post_edit decreasing {$reduction} of karma to {$user->username} (now {$user->karma})"); $user->store(); $annotation = new Annotation("karma-{$user->id}"); $annotation->append(_('demasiados enlaces al mismo dominio en las notas') . ": -{$reduction}, karma: {$user->karma}\n"); } // Check again for last seconds, ajax calls sometimes add two posts $dupe = intval($db->get_var("select count(*) from posts where post_user_id = {$current_user->user_id} and post_date > date_sub(now(), interval 10 second) and post_randkey = {$post->randkey}")); if (!$dupe) { $post->store(); } } else { echo 'ERROR: ' . _('comentario grabado previamente'); die; } } $post->print_summary(); }
if ($current_user->user_id > 0) { if ($current_user->user_level == 'admin' || $current_user->user_level == 'god') { $freq = 5; } else { $freq = 2; } } else { $freq = 2; } if ($votes_freq > $freq && $current_user->user_karma > 4) { // Typical "negative votes" attack, decrease karma require_once mnminclude . 'user.php'; require_once mnminclude . 'annotation.php'; $user = new User(); $user->id = $current_user->user_id; $user->read(); $user->karma = $user->karma - 1.0; $user->store(); error(_('¡tranquilo cowboy!, tu karma ha bajado: ') . $user->karma); $annotation = new Annotation("karma-{$user->id}"); $annotation->append(_('Voto cowboy negativo') . ": -1, karma: {$user->karma}\n"); } if (!$link->insert_vote($current_user->user_id, $value)) { error(_('ya ha votado antes')); } echo "{$link->id}~" . ($link->votes + $link->anonymous) . "~{$link->negatives}~" . intval($link->karma) . "~" . intval($value); function error($mess) { echo "ERROR:{$mess}"; die; }
function publish(&$link) { global $globals, $db; global $users_karma_avg; // Calculate votes average // it's used to calculate and check future averages $votes_avg = (double) $db->get_var("select SQL_NO_CACHE avg(vote_value) from votes, users where vote_type='links' AND vote_link_id={$link->id} and vote_user_id > 0 and vote_value > 0 and vote_user_id = user_id and user_level !='disabled'"); if ($votes_avg < $users_karma_avg) { $link->votes_avg = max($votes_avg, $users_karma_avg * 0.97); } else { $link->votes_avg = $votes_avg; } $link->status = 'published'; $link->date = $link->published_date = time(); $link->store_basic(); // Increase user's karma $user = new User(); $user->id = $link->author; if ($user->read()) { $user->karma = min(20, $user->karma + 1); $user->store(); $annotation = new Annotation("karma-{$user->id}"); $annotation->append(_('Noticia publicada') . ": +1, karma: {$user->karma}\n"); } // Add the publish event/log log_insert('link_publish', $link->id, $link->author); $short_url = fon_gs($link->get_permalink()); if ($globals['twitter_user'] && $globals['twitter_password']) { twitter_post($link, $short_url); } if ($globals['jaiku_user'] && $globals['jaiku_key']) { jaiku_post($link, $short_url); } }
function publish($link) { global $globals, $db, $client; //return; if (DEBUG) return; // Calculate votes average // it's used to calculate and check future averages $votes_avg = (float) $db->get_var("select SQL_NO_CACHE avg(vote_value) from votes, users where vote_type='links' AND vote_link_id=$link->id and vote_user_id > 0 and vote_value > 0 and vote_user_id = user_id and user_level !='disabled'"); if ($votes_avg < $globals['users_karma_avg']) $link->votes_avg = max($votes_avg, $globals['users_karma_avg']*0.97); else $link->votes_avg = $votes_avg; $link->status = 'published'; $link->date = $link->published_date=time(); $db->query("update links set link_status='published', link_date=now(), link_votes_avg=$link->votes_avg where link_id=$link->id"); // Increase user's karma $user = new User; $user->id = $link->author; if ($user->read()) { $user->karma = min(20, $user->karma + $globals['instant_karma_per_published']); $user->store(); $annotation = new Annotation("karma-$user->id"); $annotation->append(_('noticia publicada').": +". $globals['instant_karma_per_published'] .", karma: $user->karma\n"); } // Add the publish event/log log_insert('link_publish', $link->id, $link->author); $link->annotation .= _('publicación'). "<br/>"; $link->save_annotation('link-karma'); if ($globals['url_shortener']) { $short_url = $link->get_short_permalink(); } else { $short_url = fon_gs($link->get_permalink()); } if ($globals['twitter_user'] && $globals['twitter_password']) { twitter_post($link->title, $short_url); } if ($globals['jaiku_user'] && $globals['jaiku_key']) { jaiku_post($link->title, $short_url); } if ($globals['pubsub']) { pubsub_post(); } if ($link->start_date) { createEvent($client, $link->title, $link->content, $link->start_date, $link->end_date); } }