| [ XREF Home ] [ Index ] |
PHP Cross Reference of WordPress TrunkProvided by Yoast |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @package Akismet 4 */ 5 /* 6 Plugin Name: Akismet 7 Plugin URI: http://akismet.com/ 8 Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your <a href="plugins.php?page=akismet-key-config">Akismet configuration</a> page, and save your API key. 9 Version: 2.5.3 10 Author: Automattic 11 Author URI: http://automattic.com/wordpress-plugins/ 12 License: GPLv2 or later 13 */ 14 15 /* 16 This program is free software; you can redistribute it and/or 17 modify it under the terms of the GNU General Public License 18 as published by the Free Software Foundation; either version 2 19 of the License, or (at your option) any later version. 20 21 This program is distributed in the hope that it will be useful, 22 but WITHOUT ANY WARRANTY; without even the implied warranty of 23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 24 GNU General Public License for more details. 25 26 You should have received a copy of the GNU General Public License 27 along with this program; if not, write to the Free Software 28 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 29 */ 30 31 define('AKISMET_VERSION', '2.5.3'); 32 define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ )); 33 34 /** If you hardcode a WP.com API key here, all key config screens will be hidden */ 35 if ( defined('WPCOM_API_KEY') ) 36 $wpcom_api_key = constant('WPCOM_API_KEY'); 37 else 38 $wpcom_api_key = ''; 39 40 // Make sure we don't expose any info if called directly 41 if ( !function_exists( 'add_action' ) ) { 42 echo "Hi there! I'm just a plugin, not much I can do when called directly."; 43 exit; 44 } 45 46 if ( isset($wp_db_version) && $wp_db_version <= 9872 ) 47 include_once dirname( __FILE__ ) . '/legacy.php'; 48 49 include_once dirname( __FILE__ ) . '/widget.php'; 50 51 if ( is_admin() ) 52 require_once dirname( __FILE__ ) . '/admin.php'; 53 54 function akismet_init() { 55 global $wpcom_api_key, $akismet_api_host, $akismet_api_port; 56 57 if ( $wpcom_api_key ) 58 $akismet_api_host = $wpcom_api_key . '.rest.akismet.com'; 59 else 60 $akismet_api_host = get_option('wordpress_api_key') . '.rest.akismet.com'; 61 62 $akismet_api_port = 80; 63 } 64 add_action('init', 'akismet_init'); 65 66 function akismet_get_key() { 67 global $wpcom_api_key; 68 if ( !empty($wpcom_api_key) ) 69 return $wpcom_api_key; 70 return get_option('wordpress_api_key'); 71 } 72 73 function akismet_verify_key( $key, $ip = null ) { 74 global $akismet_api_host, $akismet_api_port, $wpcom_api_key; 75 $blog = urlencode( get_option('home') ); 76 if ( $wpcom_api_key ) 77 $key = $wpcom_api_key; 78 $response = akismet_http_post("key=$key&blog=$blog", 'rest.akismet.com', '/1.1/verify-key', $akismet_api_port, $ip); 79 if ( !is_array($response) || !isset($response[1]) || $response[1] != 'valid' && $response[1] != 'invalid' ) 80 return 'failed'; 81 return $response[1]; 82 } 83 84 // if we're in debug or test modes, use a reduced service level so as not to polute training or stats data 85 function akismet_test_mode() { 86 if ( defined('AKISMET_TEST_MODE') && AKISMET_TEST_MODE ) 87 return true; 88 return false; 89 } 90 91 // return a comma-separated list of role names for the given user 92 function akismet_get_user_roles($user_id ) { 93 $roles = false; 94 95 if ( !class_exists('WP_User') ) 96 return false; 97 98 if ( $user_id > 0 ) { 99 $comment_user = new WP_User($user_id); 100 if ( isset($comment_user->roles) ) 101 $roles = join(',', $comment_user->roles); 102 } 103 104 if ( is_multisite() && is_super_admin( $user_id ) ) { 105 if ( empty( $roles ) ) { 106 $roles = 'super_admin'; 107 } else { 108 $comment_user->roles[] = 'super_admin'; 109 $roles = join( ',', $comment_user->roles ); 110 } 111 } 112 113 return $roles; 114 } 115 116 // Returns array with headers in $response[0] and body in $response[1] 117 function akismet_http_post($request, $host, $path, $port = 80, $ip=null) { 118 global $wp_version; 119 120 $akismet_ua = "WordPress/{$wp_version} | "; 121 $akismet_ua .= 'Akismet/' . constant( 'AKISMET_VERSION' ); 122 123 $content_length = strlen( $request ); 124 125 $http_host = $host; 126 // use a specific IP if provided 127 // needed by akismet_check_server_connectivity() 128 if ( $ip && long2ip( ip2long( $ip ) ) ) { 129 $http_host = $ip; 130 } else { 131 $http_host = $host; 132 } 133 134 // use the WP HTTP class if it is available 135 if ( function_exists( 'wp_remote_post' ) ) { 136 $http_args = array( 137 'body' => $request, 138 'headers' => array( 139 'Content-Type' => 'application/x-www-form-urlencoded; ' . 140 'charset=' . get_option( 'blog_charset' ), 141 'Host' => $host, 142 'User-Agent' => $akismet_ua 143 ), 144 'httpversion' => '1.0', 145 'timeout' => 15 146 ); 147 $akismet_url = "http://{$http_host}{$path}"; 148 $response = wp_remote_post( $akismet_url, $http_args ); 149 if ( is_wp_error( $response ) ) 150 return ''; 151 152 return array( $response['headers'], $response['body'] ); 153 } else { 154 $http_request = "POST $path HTTP/1.0\r\n"; 155 $http_request .= "Host: $host\r\n"; 156 $http_request .= 'Content-Type: application/x-www-form-urlencoded; charset=' . get_option('blog_charset') . "\r\n"; 157 $http_request .= "Content-Length: {$content_length}\r\n"; 158 $http_request .= "User-Agent: {$akismet_ua}\r\n"; 159 $http_request .= "\r\n"; 160 $http_request .= $request; 161 162 $response = ''; 163 if( false != ( $fs = @fsockopen( $http_host, $port, $errno, $errstr, 10 ) ) ) { 164 fwrite( $fs, $http_request ); 165 166 while ( !feof( $fs ) ) 167 $response .= fgets( $fs, 1160 ); // One TCP-IP packet 168 fclose( $fs ); 169 $response = explode( "\r\n\r\n", $response, 2 ); 170 } 171 return $response; 172 } 173 } 174 175 // filter handler used to return a spam result to pre_comment_approved 176 function akismet_result_spam( $approved ) { 177 // bump the counter here instead of when the filter is added to reduce the possibility of overcounting 178 if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) 179 update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); 180 // this is a one-shot deal 181 remove_filter( 'pre_comment_approved', 'akismet_result_spam' ); 182 return 'spam'; 183 } 184 185 function akismet_result_hold( $approved ) { 186 // once only 187 remove_filter( 'pre_comment_approved', 'akismet_result_hold' ); 188 return '0'; 189 } 190 191 // how many approved comments does this author have? 192 function akismet_get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { 193 global $wpdb; 194 195 if ( !empty($user_id) ) 196 return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE user_id = %d AND comment_approved = 1", $user_id ) ); 197 198 if ( !empty($comment_author_email) ) 199 return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); 200 201 return 0; 202 } 203 204 function akismet_microtime() { 205 $mtime = explode( ' ', microtime() ); 206 return $mtime[1] + $mtime[0]; 207 } 208 209 // log an event for a given comment, storing it in comment_meta 210 function akismet_update_comment_history( $comment_id, $message, $event=null ) { 211 global $current_user; 212 213 // failsafe for old WP versions 214 if ( !function_exists('add_comment_meta') ) 215 return false; 216 217 $user = ''; 218 if ( is_object($current_user) && isset($current_user->user_login) ) 219 $user = $current_user->user_login; 220 221 $event = array( 222 'time' => akismet_microtime(), 223 'message' => $message, 224 'event' => $event, 225 'user' => $user, 226 ); 227 228 // $unique = false so as to allow multiple values per comment 229 $r = add_comment_meta( $comment_id, 'akismet_history', $event, false ); 230 } 231 232 // get the full comment history for a given comment, as an array in reverse chronological order 233 function akismet_get_comment_history( $comment_id ) { 234 235 // failsafe for old WP versions 236 if ( !function_exists('add_comment_meta') ) 237 return false; 238 239 $history = get_comment_meta( $comment_id, 'akismet_history', false ); 240 usort( $history, 'akismet_cmp_time' ); 241 return $history; 242 } 243 244 function akismet_cmp_time( $a, $b ) { 245 return $a['time'] > $b['time'] ? -1 : 1; 246 } 247 248 // this fires on wp_insert_comment. we can't update comment_meta when akismet_auto_check_comment() runs 249 // because we don't know the comment ID at that point. 250 function akismet_auto_check_update_meta( $id, $comment ) { 251 global $akismet_last_comment; 252 253 // failsafe for old WP versions 254 if ( !function_exists('add_comment_meta') ) 255 return false; 256 257 // wp_insert_comment() might be called in other contexts, so make sure this is the same comment 258 // as was checked by akismet_auto_check_comment 259 if ( is_object($comment) && !empty($akismet_last_comment) && is_array($akismet_last_comment) ) { 260 if ( intval($akismet_last_comment['comment_post_ID']) == intval($comment->comment_post_ID) 261 && $akismet_last_comment['comment_author'] == $comment->comment_author 262 && $akismet_last_comment['comment_author_email'] == $comment->comment_author_email ) { 263 // normal result: true or false 264 if ( $akismet_last_comment['akismet_result'] == 'true' ) { 265 update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' ); 266 akismet_update_comment_history( $comment->comment_ID, __('Akismet caught this comment as spam'), 'check-spam' ); 267 if ( $comment->comment_approved != 'spam' ) 268 akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed'.$comment->comment_approved ); 269 } elseif ( $akismet_last_comment['akismet_result'] == 'false' ) { 270 update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' ); 271 akismet_update_comment_history( $comment->comment_ID, __('Akismet cleared this comment'), 'check-ham' ); 272 if ( $comment->comment_approved == 'spam' ) { 273 if ( wp_blacklist_check($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent) ) 274 akismet_update_comment_history( $comment->comment_ID, __('Comment was caught by wp_blacklist_check'), 'wp-blacklisted' ); 275 else 276 akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed-'.$comment->comment_approved ); 277 } 278 // abnormal result: error 279 } else { 280 update_comment_meta( $comment->comment_ID, 'akismet_error', time() ); 281 akismet_update_comment_history( $comment->comment_ID, sprintf( __('Akismet was unable to check this comment (response: %s), will automatically retry again later.'), $akismet_last_comment['akismet_result']), 'check-error' ); 282 } 283 284 // record the complete original data as submitted for checking 285 if ( isset($akismet_last_comment['comment_as_submitted']) ) 286 update_comment_meta( $comment->comment_ID, 'akismet_as_submitted', $akismet_last_comment['comment_as_submitted'] ); 287 } 288 } 289 } 290 291 add_action( 'wp_insert_comment', 'akismet_auto_check_update_meta', 10, 2 ); 292 293 294 function akismet_auto_check_comment( $commentdata ) { 295 global $akismet_api_host, $akismet_api_port, $akismet_last_comment; 296 297 $comment = $commentdata; 298 $comment['user_ip'] = $_SERVER['REMOTE_ADDR']; 299 $comment['user_agent'] = $_SERVER['HTTP_USER_AGENT']; 300 $comment['referrer'] = $_SERVER['HTTP_REFERER']; 301 $comment['blog'] = get_option('home'); 302 $comment['blog_lang'] = get_locale(); 303 $comment['blog_charset'] = get_option('blog_charset'); 304 $comment['permalink'] = get_permalink($comment['comment_post_ID']); 305 306 $comment['user_role'] = akismet_get_user_roles($comment['user_ID']); 307 308 $akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); 309 $comment['akismet_comment_nonce'] = 'inactive'; 310 if ( $akismet_nonce_option == 'true' || $akismet_nonce_option == '' ) { 311 $comment['akismet_comment_nonce'] = 'failed'; 312 if ( isset( $_POST['akismet_comment_nonce'] ) && wp_verify_nonce( $_POST['akismet_comment_nonce'], 'akismet_comment_nonce_' . $comment['comment_post_ID'] ) ) 313 $comment['akismet_comment_nonce'] = 'passed'; 314 315 // comment reply in wp-admin 316 if ( isset( $_POST['_ajax_nonce-replyto-comment'] ) && check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ) ) 317 $comment['akismet_comment_nonce'] = 'passed'; 318 319 } 320 321 if ( akismet_test_mode() ) 322 $comment['is_test'] = 'true'; 323 324 foreach ($_POST as $key => $value ) { 325 if ( is_string($value) ) 326 $comment["POST_{$key}"] = $value; 327 } 328 329 $ignore = array( 'HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW' ); 330 331 foreach ( $_SERVER as $key => $value ) { 332 if ( !in_array( $key, $ignore ) && is_string($value) ) 333 $comment["$key"] = $value; 334 else 335 $comment["$key"] = ''; 336 } 337 338 $query_string = ''; 339 foreach ( $comment as $key => $data ) 340 $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; 341 342 $commentdata['comment_as_submitted'] = $comment; 343 344 $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port); 345 $commentdata['akismet_result'] = $response[1]; 346 if ( 'true' == $response[1] ) { 347 // akismet_spam_count will be incremented later by akismet_result_spam() 348 add_filter('pre_comment_approved', 'akismet_result_spam'); 349 350 do_action( 'akismet_spam_caught' ); 351 352 $post = get_post( $comment['comment_post_ID'] ); 353 $last_updated = strtotime( $post->post_modified_gmt ); 354 $diff = time() - $last_updated; 355 $diff = $diff / 86400; 356 357 if ( $post->post_type == 'post' && $diff > 30 && get_option( 'akismet_discard_month' ) == 'true' && empty($comment['user_ID']) ) { 358 // akismet_result_spam() won't be called so bump the counter here 359 if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) 360 update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); 361 wp_redirect( $_SERVER['HTTP_REFERER'] ); 362 die(); 363 } 364 } 365 366 // if the response is neither true nor false, hold the comment for moderation and schedule a recheck 367 if ( 'true' != $response[1] && 'false' != $response[1] ) { 368 add_filter('pre_comment_approved', 'akismet_result_hold'); 369 wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); 370 } 371 372 if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_event') ) { 373 // WP 2.1+: delete old comments daily 374 if ( !wp_next_scheduled('akismet_scheduled_delete') ) 375 wp_schedule_event(time(), 'daily', 'akismet_scheduled_delete'); 376 } elseif ( (mt_rand(1, 10) == 3) ) { 377 // WP 2.0: run this one time in ten 378 akismet_delete_old(); 379 } 380 $akismet_last_comment = $commentdata; 381 return $commentdata; 382 } 383 384 add_action('preprocess_comment', 'akismet_auto_check_comment', 1); 385 386 function akismet_delete_old() { 387 global $wpdb; 388 $now_gmt = current_time('mysql', 1); 389 $comment_ids = $wpdb->get_col("SELECT comment_id FROM $wpdb->comments WHERE DATE_SUB('$now_gmt', INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam'"); 390 if ( empty( $comment_ids ) ) 391 return; 392 393 $comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) ); 394 395 do_action( 'delete_comment', $comment_ids ); 396 $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_id IN ( $comma_comment_ids )"); 397 $wpdb->query("DELETE FROM $wpdb->commentmeta WHERE comment_id IN ( $comma_comment_ids )"); 398 clean_comment_cache( $comment_ids ); 399 $n = mt_rand(1, 5000); 400 if ( apply_filters('akismet_optimize_table', ($n == 11)) ) // lucky number 401 $wpdb->query("OPTIMIZE TABLE $wpdb->comments"); 402 403 } 404 405 add_action('akismet_scheduled_delete', 'akismet_delete_old'); 406 407 function akismet_check_db_comment( $id, $recheck_reason = 'recheck_queue' ) { 408 global $wpdb, $akismet_api_host, $akismet_api_port; 409 410 $id = (int) $id; 411 $c = $wpdb->get_row( "SELECT * FROM $wpdb->comments WHERE comment_ID = '$id'", ARRAY_A ); 412 if ( !$c ) 413 return; 414 415 $c['user_ip'] = $c['comment_author_IP']; 416 $c['user_agent'] = $c['comment_agent']; 417 $c['referrer'] = ''; 418 $c['blog'] = get_option('home'); 419 $c['blog_lang'] = get_locale(); 420 $c['blog_charset'] = get_option('blog_charset'); 421 $c['permalink'] = get_permalink($c['comment_post_ID']); 422 $id = $c['comment_ID']; 423 if ( akismet_test_mode() ) 424 $c['is_test'] = 'true'; 425 $c['recheck_reason'] = $recheck_reason; 426 427 $query_string = ''; 428 foreach ( $c as $key => $data ) 429 $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; 430 431 $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port); 432 return $response[1]; 433 } 434 435 function akismet_cron_recheck() { 436 global $wpdb; 437 438 delete_option('akismet_available_servers'); 439 440 $comment_errors = $wpdb->get_col( " 441 SELECT comment_id 442 FROM {$wpdb->prefix}commentmeta 443 WHERE meta_key = 'akismet_error' 444 LIMIT 100 445 " ); 446 447 foreach ( (array) $comment_errors as $comment_id ) { 448 // if the comment no longer exists, remove the meta entry from the queue to avoid getting stuck 449 if ( !get_comment( $comment_id ) ) { 450 delete_comment_meta( $comment_id, 'akismet_error' ); 451 continue; 452 } 453 454 add_comment_meta( $comment_id, 'akismet_rechecking', true ); 455 $status = akismet_check_db_comment( $comment_id, 'retry' ); 456 457 $msg = ''; 458 if ( $status == 'true' ) { 459 $msg = __( 'Akismet caught this comment as spam during an automatic retry.' ); 460 } elseif ( $status == 'false' ) { 461 $msg = __( 'Akismet cleared this comment during an automatic retry.' ); 462 } 463 464 // If we got back a legit response then update the comment history 465 // other wise just bail now and try again later. No point in 466 // re-trying all the comments once we hit one failure. 467 if ( !empty( $msg ) ) { 468 delete_comment_meta( $comment_id, 'akismet_error' ); 469 akismet_update_comment_history( $comment_id, $msg, 'cron-retry' ); 470 update_comment_meta( $comment_id, 'akismet_result', $status ); 471 // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. 472 $comment = get_comment( $comment_id ); 473 if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) { 474 if ( $status == 'true' ) { 475 wp_spam_comment( $comment_id ); 476 } elseif ( $status == 'false' ) { 477 // comment is good, but it's still in the pending queue. depending on the moderation settings 478 // we may need to change it to approved. 479 if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) ) 480 wp_set_comment_status( $comment_id, 1 ); 481 } 482 } 483 } else { 484 delete_comment_meta( $comment_id, 'akismet_rechecking' ); 485 wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); 486 return; 487 } 488 } 489 490 $remaining = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->commentmeta WHERE meta_key = 'akismet_error'" ) ); 491 if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) { 492 wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); 493 } 494 } 495 add_action( 'akismet_schedule_cron_recheck', 'akismet_cron_recheck' ); 496 497 function akismet_add_comment_nonce( $post_id ) { 498 echo '<p style="display: none;">'; 499 wp_nonce_field( 'akismet_comment_nonce_' . $post_id, 'akismet_comment_nonce', FALSE ); 500 echo '</p>'; 501 } 502 503 $akismet_comment_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); 504 505 if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' ) 506 add_action( 'comment_form', 'akismet_add_comment_nonce' ); 507 508 if ( '3.0.5' == $wp_version ) { 509 remove_filter( 'comment_text', 'wp_kses_data' ); 510 if ( is_admin() ) 511 add_filter( 'comment_text', 'wp_kses_post' ); 512 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jun 1 08:30:02 2011 |
Cross-referenced by PHPXref 0.7 Provided by Yoast and awesome WordPress Hosting |