diff options
| author | rvelices <rv-github@modusoptimus.com> | 2007-10-29 23:39:41 +0000 |
|---|---|---|
| committer | rvelices <rv-github@modusoptimus.com> | 2007-10-29 23:39:41 +0000 |
| commit | 831694b4d1a1e93b5ed6a8e1e4a0c80d21df95cd (patch) | |
| tree | 9a31419b292aad362bacbb83773c90d8060545e7 | |
| parent | f33617a5b85fd9c842e4e415aebe9dd213595783 (diff) | |
- send status code 403 when attempt to enter a user comment, but comments are disabled
- don't increase hit count when a comment is posted
- remove the check of user ip agains spamhaus.org when a comment is entered (my conclusion is that is useless)
git-svn-id: http://piwigo.org/svn/trunk@2155 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
| -rw-r--r-- | include/config_default.inc.php | 4 | ||||
| -rw-r--r-- | include/functions_comment.inc.php | 23 | ||||
| -rw-r--r-- | include/functions_url.inc.php | 4 | ||||
| -rw-r--r-- | include/picture_comment.inc.php | 6 | ||||
| -rw-r--r-- | picture.php | 2 |
5 files changed, 14 insertions, 25 deletions
diff --git a/include/config_default.inc.php b/include/config_default.inc.php index 3a178ea7a..d8334e6c0 100644 --- a/include/config_default.inc.php +++ b/include/config_default.inc.php @@ -94,10 +94,6 @@ $conf['comment_spam_reject'] = true; // maximum number of links in a comment before it is qualified spam $conf['comment_spam_max_links'] = 3; -// if the ip address of a comenteer is in spamhaus.org block list, the -// comment is qualified spam -$conf['comment_spam_check_ip'] = false; - // calendar_datefield : date field of table "images" used for calendar // catgory $conf['calendar_datefield'] = 'date_creation'; diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php index 3a8139a9c..aaadb2fc9 100644 --- a/include/functions_comment.inc.php +++ b/include/functions_comment.inc.php @@ -30,7 +30,7 @@ function get_comment_post_key($image_id) { global $conf; - + $time = time(); return sprintf( @@ -68,21 +68,10 @@ function user_comment_check($action, $comment) { $link_count++; } - + if ( $link_count>$conf['comment_spam_max_links'] ) return $my_action; - if ( isset($comment['ip']) and $conf['comment_spam_check_ip'] - and $_SERVER["SERVER_ADDR"] != $comment['ip'] - ) - { - $rev_ip = implode( '.', array_reverse( explode('.',$comment['ip']) ) ); - $lookup = $rev_ip . '.sbl-xbl.spamhaus.org.'; - $res = gethostbyname( $lookup ); - if ( $lookup != $res ) - return $my_action; - } - return $action; } @@ -100,8 +89,8 @@ add_event_handler('user_comment_check', 'user_comment_check', function insert_user_comment( &$comm, $key, &$infos ) { global $conf, $user; - - $comm = array_merge( $comm, + + $comm = array_merge( $comm, array( 'ip' => $_SERVER['REMOTE_ADDR'], 'agent' => $_SERVER['HTTP_USER_AGENT'] @@ -161,7 +150,7 @@ SELECT COUNT(*) AS user_exists { $comment_action='reject'; } - + if ($comment_action!='reject' and $conf['anti-flood_time']>0 ) { // anti-flood system $reference_date = time() - $conf['anti-flood_time']; @@ -192,7 +181,7 @@ INSERT INTO '.COMMENTS_TABLE.' NOW(), "'.($comment_action=='validate' ? 'true':'false').'", '.($comment_action=='validate' ? 'NOW()':'NULL').', - '.$comm['image_id'].' + '.$comm['image_id'].' ) '; diff --git a/include/functions_url.inc.php b/include/functions_url.inc.php index 2d0a39f6d..6180dae3e 100644 --- a/include/functions_url.inc.php +++ b/include/functions_url.inc.php @@ -252,7 +252,7 @@ function make_picture_url($params) } if ( !isset($params['category'] ) ) {// make urls shorter ... - unset( $params['flat'] ); + unset( $params['flat'] ); } $url .= make_section_in_url($params); $url = add_well_known_params_in_url($url, $params); @@ -622,7 +622,7 @@ function parse_section_url( $tokens, &$next_token) * the reverse of add_well_known_params_in_url * parses start, flat and chronology from url tokens */ -function parse_well_known_params_url($tokens, $i) +function parse_well_known_params_url($tokens, &$i) { $page = array(); while (isset($tokens[$i])) diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index 971336fba..1c6968e17 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -87,7 +87,11 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) ) array_merge($comm, array('action'=>$comment_action) ) ); } - +elseif ( isset($_POST['content']) ) +{ + set_status_header(403); + die('ugly spammer'); +} if ($page['show_comments']) { diff --git a/picture.php b/picture.php index de2c7b8dd..89fbe04ab 100644 --- a/picture.php +++ b/picture.php @@ -244,7 +244,7 @@ DELETE FROM '.COMMENTS_TABLE.' } // incrementation of the number of hits, we do this only if no action -if (trigger_event('allow_increment_element_hit_count', true) ) +if (trigger_event('allow_increment_element_hit_count', !isset($_POST['content']) ) ) { $query = ' UPDATE |