aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/functions_comment.inc.php23
1 files changed, 16 insertions, 7 deletions
diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php
index 3cb0f79c7..9bd0b9f25 100644
--- a/include/functions_comment.inc.php
+++ b/include/functions_comment.inc.php
@@ -146,15 +146,23 @@ SELECT COUNT(*) AS user_exists
// website
if (!empty($comm['website_url']))
{
- $comm['website_url'] = strip_tags($comm['website_url']);
- if (!preg_match('/^https?/i', $comm['website_url']))
- {
- $comm['website_url'] = 'http://'.$comm['website_url'];
+ if (!$conf['comments_enable_website'])
+ { // honeypot: if the field is disabled, it should be empty !
+ $comment_action='reject';
+ $_POST['cr'][] = 'website_url';
}
- if (!url_check_format($comm['website_url']))
+ else
{
- $infos[] = l10n('Your website URL is invalid');
- $comment_action='reject';
+ $comm['website_url'] = strip_tags($comm['website_url']);
+ if (!preg_match('/^https?/i', $comm['website_url']))
+ {
+ $comm['website_url'] = 'http://'.$comm['website_url'];
+ }
+ if (!url_check_format($comm['website_url']))
+ {
+ $infos[] = l10n('Your website URL is invalid');
+ $comment_action='reject';
+ }
}
}
@@ -206,6 +214,7 @@ SELECT count(1) FROM '.COMMENTS_TABLE.'
{
$infos[] = l10n('Anti-flood system : please wait for a moment before trying to post another comment');
$comment_action='reject';
+ $_POST['cr'][] = 'flood_time';
}
}