function defensio_check_comment($defensio_conf, $comment)
{
global $pixelpost_db_prefix;
define('DF_SUCCESS', 'success');
define('DF_FAIL', 'fail');
require_once 'libraries/spyc.php';
if ($r = defensio_post('audit-comment', $defensio_conf, $comment)) {
$ar = Spyc::YAMLLoad($r);
if (isset($ar['defensio-result'])) {
if ($ar['defensio-result']['status'] == DF_SUCCESS) {
// Set metadata about the comment
// Mark it as SPAM
$query = "UPDATE {$pixelpost_db_prefix}comments SET `spaminess` = '" . $ar['defensio-result']['spaminess'] . "', `signature` = '" . $ar['defensio-result']['signature'] . "' WHERE id = " . $comment['id'];
mysql_query($query);
if ($ar['defensio-result']['spam']) {
// in this case defensio thinks it is spam
$query = "UPDATE {$pixelpost_db_prefix}comments SET publish = 'dfn' WHERE id = " . $comment['id'];
mysql_query($query);
$query = "SELECT defensio_addon FROM {$pixelpost_db_prefix}spamlog LIMIT 1";
if (mysql_query($query)) {
$query = "UPDATE `{$pixelpost_db_prefix}spamlog` SET `defensio_addon`=`defensio_addon`+1";
$result = mysql_query($query) or die(mysql_error());
}
} else {
//determine the setting for the image
$query = "SELECT `comments` FROM {$pixelpost_db_prefix}pixelpost WHERE id = " . $comment['comment_post_ID'];
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_array($result)) {
if ($row[0] == 'A') {
$publish = 'yes';
} else {
$publish = 'no';
}
}
$query = "UPDATE {$pixelpost_db_prefix}comments SET publish = '" . $publish . "' WHERE id = " . $comment['id'];
mysql_query($query);
}
} else {
// Succesful http request, but Defensio failed.
//Put comment in moderation queue.
$query = "UPDATE {$pixelpost_db_prefix}comments SET publish = 'dfn',`spaminess` = '-1' WHERE id = " . $comment['id'];
mysql_query($query);
}
}
} else {
// Unsuccesful POST to the server. Defensio might be down.
// Put comment in moderation queue.
$query = "UPDATE {$pixelpost_db_prefix}comments SET publish = 'dfn',`spaminess` = '-1' WHERE id = " . $comment['id'];
mysql_query($query);
}
}
function DEFNENSIO_FILTER($type, $name, $title, $url, $content, $openid = false)
{
global $hostURL, $blogURL, $database, $configVal, $defensio_conf;
//if ( doesHaveOwnership() ) return true; // owner
DEFENSIO_Init();
$defensio_meta = array();
$comment = array();
$comment['referrer'] = $_SERVER['HTTP_REFERER'];
$comment['user-ip'] = preg_replace('/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR']);
$comment['user-ip'] = '168.126.63.1';
$comment['owner-url'] = $defensio_conf['blog'];
$comment['comment_type'] = $type == 2 ? 'trackback' : 'comment';
$comment['comment-author'] = $name;
$comment['article-date'] = strftime("%Y/%m/%d", time());
// $comment['permalink'] = $comment_perma_link;
// Make sure it we don't send an SQL escaped string to the server
$comment['comment-content'] = defensio_unescape_string($content);
$comment['comment-author-url'] = $url;
//$comment['comment-author-email'] = $email; // optional field
$next_id = $type == 2 ? getTrackBacksNextId() : getCommentsNextId();
$comment_TYPE = $type == 2 ? 'T' : 'C';
// to using openid
if ($openid) {
$comment['openid'] = Acl::getIdentity('openid');
$comment['user-logged-in'] = 'true';
}
// to testing
// $comment['test-force'] = 'spam,x.xxxx'; // | 'ham,x.xxxx' ( 0 ~ 1)
if ($r = defensio_post('audit-comment', $comment)) {
$ar = Spyc::YAMLLoad($r);
if (isset($ar['defensio-result'])) {
if ($ar['defensio-result']['status'] == DF_SUCCESS) {
// Set metadata about the comment
$defensio_meta['spaminess'] = $ar['defensio-result']['spaminess'];
$defensio_meta['signature'] = $ar['defensio-result']['signature'];
error_log(print_r($ar, true));
if ($ar['defensio-result']['spam']) {
$defensio_meta['spam'] = true;
defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta);
return false;
} else {
// not spam
$defensio_meta['spaminess'] = 0;
// if do you want check with Thief-cat algorithm, comment out the following two lines.
if (!$defensio_conf['force_with_tca']) {
defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta);
return true;
}
}
}
}
/* else {
// Succesful http request, but Defensio failed.
} */
}
/* else {
// Unsuccesful POST to the server. Defensio might be down.
} */
//defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta); // there is problem in defensio.
///////////////////////
// call fail
// Do Local spam check with "Thief-cat algorithm"
$count = 0;
$tableName = $database['prefix'] . 'Trackbacks';
if ($type == 2) {
$sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'Trackbacks WHERE';
$sql .= ' url = \'' . POD::escapeString($url) . '\'';
$sql .= ' AND isFiltered > 0';
if ($row = POD::queryRow($sql)) {
$count += @$row[0];
}
} else {
// Comment Case
$tableName = $database['prefix'] . 'Comments';
$sql = 'SELECT COUNT(id) as cc FROM ' . $database['prefix'] . 'Comments WHERE';
$sql .= ' comment = \'' . POD::escapeString($content) . '\'';
$sql .= ' AND homepage = \'' . POD::escapeString($url) . '\'';
$sql .= ' AND name = \'' . POD::escapeString($name) . '\'';
$sql .= ' AND isFiltered > 0';
if ($row = POD::queryRow($sql)) {
$count += @$row[0];
}
}
// Check IP
$sql = 'SELECT COUNT(id) as cc FROM ' . $tableName . ' WHERE';
$sql .= ' ip = \'' . POD::escapeString($_SERVER['REMOTE_ADDR']) . '\'';
$sql .= ' AND isFiltered > 0';
if ($row = POD::queryRow($sql)) {
$count += @$row[0];
}
$is_spam = $count >= 10 ? 1 : 0;
if (isset($defensio_meta['spaminess']) and isset($defensio_meta['signature']) && $is_spam) {
defensio_submit_spam($defensio_meta['signature']);
}
$defensio_meta['spam'] = $defensio_meta['spaminess'] = $is_spam;
defensio_save_meta_data($comment_TYPE, $next_id, $defensio_meta);
return !$is_spam;
}
function check_spam($commentID = 0, $postID = 0)
{
$options = $this->adminOptions;
//Check to see if spam protection is enabled
if ($options['spam_protection'] == "none") {
return false;
}
//Return if user is post author or can edit posts
if ($this->is_comment_owner($postID)) {
return false;
}
if (function_exists("akismet_check_db_comment") && $options['spam_protection'] == 'akismet') {
//Akismet
//Check to see if there is a valid API key
if (akismet_verify_key(get_option('wordpress_api_key')) != "failed") {
//Akismet
$response = akismet_check_db_comment($commentID);
if ($response == "true") {
//You have spam
wp_set_comment_status($commentID, 'spam');
return true;
}
}
} elseif ($options['spam_protection'] == "defensio" && function_exists('defensio_post')) {
//Defensio
global $defensio_conf, $wpdb;
$comment = get_comment($commentID, ARRAY_A);
if (!$comment) {
return true;
}
$comment['owner-url'] = $defensio_conf['blog'];
$comment['user-ip'] = $comment['comment_author_IP'];
$comment['article-date'] = strftime("%Y/%m/%d", strtotime($wpdb->get_var("SELECT post_date FROM {$wpdb->posts} WHERE ID=" . $comment['comment_post_ID'])));
$comment['comment-author'] = $comment['comment_author'];
$comment['comment-author-email'] = $comment['comment_author_email'];
$comment['comment-author-url'] = $comment['comment_author_url'];
$comment['comment-content'] = defensio_unescape_string($comment['comment_content']);
if (!isset($comment['comment_type']) or empty($comment['comment_type'])) {
$comment['comment-type'] = 'comment';
} else {
$comment['comment-type'] = $comment['comment_type'];
}
if (defensio_reapply_wp_comment_preferences($comment) === "spam") {
return true;
}
$results = defensio_post('audit-comment', $comment);
$ar = Spyc::YAMLLoad($results);
if (isset($ar['defensio-result'])) {
if ($ar['defensio-result']['spam']) {
wp_set_comment_status($commentID, 'spam');
return true;
}
}
}
return false;
}
