mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

mail-based comment authorisation for spamblock plugin

Browse Source
This commit is contained in:
Garvin Hicking 2008-10-13 11:02:12 +00:00
parent 29b46f0c53
commit 2214abf835
11 changed files with 246 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
comment.php
View File

@ -20,6 +20,10 @@ if (isset($serendipity['GET']['switch'], $serendipity['GET']['entry'])) {
serendipity_allowCommentsToggle($serendipity['GET']['entry'], $serendipity['GET']['switch']);
}
if (!empty($_REQUEST['c']) && !empty($_REQUEST['hash'])) {
serendipity_confirmMail($_REQUEST['c'], $_REQUEST['hash']);
}
serendipity_rememberComment();
// Trackback logging. For developers: can be switched to true!

4
docs/NEWS
View File

@ -3,6 +3,10 @@
Version 1.4 ()
------------------------------------------------------------------------
* Allow spamblock plugin to use approval mechanism for comments,
so that commenting users first need to approve their comment
via email ("once" or "always" as options).
* Replace htmlarea with XINHA. Thanks to abdussamad!
(Experimental! Needs testing on shared installations. Might
need browser cache refresh!)

221
include/functions_comments.inc.php
View File

@ -186,7 +186,11 @@ function serendipity_displayCommentForm($id, $url = '', $comments = NULL, $data
global $serendipity;
if ($comments == NULL) {
$comments = serendipity_fetchComments($id);
if (empty($id)) {
$comments = array();
} else {
$comments = serendipity_fetchComments($id);
}
}
$commentform_data = array(
@ -668,6 +672,168 @@ function serendipity_approveComment($cid, $entry_id, $force = false, $moderate =
return true;
}
/**
* Confirm a mail authentication request
*
* @access public
* @param int The ID of a comment
* @param string The confirmation hash
* @return boolean
*/
function serendipity_confirmMail($cid, $hash) {
global $serendipity;
$q = "SELECT c.entry_id, e.title, e.timestamp, e.id
FROM {$serendipity['dbPrefix']}comments AS c
JOIN {$serendipity['dbPrefix']}entries AS e
ON (e.id = c.entry_id)
WHERE c.status = 'confirm" . serendipity_db_escape_string($hash) . "'
AND c.id = '" . (int)$cid . "'";
$confirm = serendipity_db_query($q, true);
if ($confirm['entry_id'] > 0) {
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}options
SET okey = 'mail_confirm'
WHERE okey = 'mail_confirm" . serendipity_db_escape_string($hash) . "'");
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}comments
SET status = 'pending'
WHERE status = 'confirm" . serendipity_db_escape_string($hash) . "'
AND id = '" . (int)$cid . "'");
// TODO?
/* if (serendipity_db_bool($confirm['mail_comments'])) {
serendipity_sendComment($cid, $row['email'], $name, $email, $url, $id, $row['title'], $comments, $type, serendipity_db_bool($ca['moderate_comments']));
}
*/
serendipity_approveComment($cid, $confirm['entry_id'], true);
$link = serendipity_getPermalink($confirm);
header('Location: ' . $serendipity['baseURL'] . $link);
exit;
return $confirm['entry_id'];
} else {
exit;
return false;
}
}
/**
* Store the comment made by a visitor in the database
*
* @access public
* @param int The ID of an entry
* @param array An array that holds the input data from the visitor
* @param string The type of a comment (normal/trackback)
* @param string Where did a comment come from? (internal|trackback|plugin)
* @param string Additional plugin data (spamblock plugin etc.)
* @return boolean Returns true if the comment could be added
*/
function serendipity_insertComment($id, $commentInfo, $type = 'NORMAL', $source = 'internal', $ca = array()) {
global $serendipity;
if (!empty($ca['status'])) {
$commentInfo['status'] = $ca['status'];
}
$title = serendipity_db_escape_string(isset($commentInfo['title']) ? $commentInfo['title'] : '');
$comments = $commentInfo['comment'];
$ip = serendipity_db_escape_string(isset($commentInfo['ip']) ? $commentInfo['ip'] : $_SERVER['REMOTE_ADDR']);
$commentsFixed = serendipity_db_escape_string($commentInfo['comment']);
$name = serendipity_db_escape_string($commentInfo['name']);
$url = serendipity_db_escape_string($commentInfo['url']);
$email = serendipity_db_escape_string($commentInfo['email']);
$parentid = (isset($commentInfo['parent_id']) && is_numeric($commentInfo['parent_id'])) ? $commentInfo['parent_id'] : 0;
$status = serendipity_db_escape_string(isset($commentInfo['status']) ? $commentInfo['status'] : (serendipity_db_bool($ca['moderate_comments']) ? 'pending' : 'approved'));
$t = serendipity_db_escape_string(isset($commentInfo['time']) ? $commentInfo['time'] : time());
$referer = substr((isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : ''), 0, 200);
$query = "SELECT a.email, e.title, a.mail_comments, a.mail_trackbacks
FROM {$serendipity['dbPrefix']}entries e, {$serendipity['dbPrefix']}authors a
WHERE e.id = '". (int)$id ."'
AND e.isdraft = 'false'
AND e.authorid = a.authorid";
if (!serendipity_db_bool($serendipity['showFutureEntries'])) {
$query .= " AND e.timestamp <= " . serendipity_db_time();
}
$row = serendipity_db_query($query, true); // Get info on author/entry
if (!is_array($row) || empty($id)) {
// No associated entry found.
return false;
}
if (isset($commentInfo['subscribe'])) {
$subscribe = 'true';
} else {
$subscribe = 'false';
}
$dbhash = md5(uniqid(rand(), true));
if ($status == 'confirm') {
$dbstatus = 'confirm' . $dbhash;
} elseif ($status == 'confirm1') {
$auth = serendipity_db_query("SELECT *
FROM {$serendipity['dbPrefix']}options
WHERE okey = 'mail_confirm'
AND name = '" . $email . "'
AND value = '" . $name . "'", true);
if (!is_array($auth)) {
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}options (okey, name, value)
VALUES ('mail_confirm{$dbhash}', '{$email}', '{$name}')");
$dbstatus = 'confirm' . $dbhash;
} else {
$serendipity['csuccess'] = 'true';
$status = $dbstatus = 'approved';
}
} else {
$dbstatus = $status;
}
$query = "INSERT INTO {$serendipity['dbPrefix']}comments (entry_id, parent_id, ip, author, email, url, body, type, timestamp, title, subscribed, status, referer)";
$query .= " VALUES ('". (int)$id ."', '$parentid', '$ip', '$name', '$email', '$url', '$commentsFixed', '$type', '$t', '$title', '$subscribe', '$dbstatus', '$referer')";
serendipity_db_query($query);
$cid = serendipity_db_insert_id('comments', 'id');
// Send mail to the author if he chose to receive these mails, or if the comment is awaiting moderation
if ($status != 'confirm' && (serendipity_db_bool($ca['moderate_comments'])
|| ($type == 'NORMAL' && serendipity_db_bool($row['mail_comments']))
|| ($type == 'TRACKBACK' && serendipity_db_bool($row['mail_trackbacks'])))) {
serendipity_sendComment($cid, $row['email'], $name, $email, $url, $id, $row['title'], $comments, $type, serendipity_db_bool($ca['moderate_comments']));
}
// Approve with force, if moderation is disabled
if ($status != 'confirm' && (empty($ca['moderate_comments']) || serendipity_db_bool($ca['moderate_comments']) == false)) {
serendipity_approveComment($cid, $id, true);
}
if ($status == 'confirm') {
$subject = sprintf(NEW_COMMENT_TO_SUBSCRIBED_ENTRY, $row['title']);
$message = sprintf(CONFIRMATION_MAIL_ALWAYS,
$name,
$row['title'],
$commentsFixed,
$serendipity['baseURL'] . 'comment.php?c=' . $cid . '&hash=' . $dbhash);
serendipity_sendMail($email, $subject, $message, $serendipity['blogMail']);
} elseif ($status == 'confirm1') {
$subject = sprintf(NEW_COMMENT_TO_SUBSCRIBED_ENTRY, $row['title']);
$message = sprintf(CONFIRMATION_MAIL_ONCE,
$name,
$row['title'],
$commentsFixed,
$serendipity['baseURL'] . 'comment.php?c=' . $cid . '&hash=' . $dbhash);
serendipity_sendMail($email, $subject, $message, $serendipity['blogMail']);
}
serendipity_purgeEntry($id, $t);
}
/**
* Save a comment made by a visitor
*
@ -688,58 +854,7 @@ function serendipity_saveComment($id, $commentInfo, $type = 'NORMAL', $source =
$commentInfo['source'] = $source;
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
if (!is_array($ca) || serendipity_db_bool($ca['allow_comments'])) {
$title = serendipity_db_escape_string(isset($commentInfo['title']) ? $commentInfo['title'] : '');
$comments = $commentInfo['comment'];
$ip = serendipity_db_escape_string(isset($commentInfo['ip']) ? $commentInfo['ip'] : $_SERVER['REMOTE_ADDR']);
$commentsFixed = serendipity_db_escape_string($commentInfo['comment']);
$name = serendipity_db_escape_string($commentInfo['name']);
$url = serendipity_db_escape_string($commentInfo['url']);
$email = serendipity_db_escape_string($commentInfo['email']);
$parentid = (isset($commentInfo['parent_id']) && is_numeric($commentInfo['parent_id'])) ? $commentInfo['parent_id'] : 0;
$status = serendipity_db_escape_string(isset($commentInfo['status']) ? $commentInfo['status'] : (serendipity_db_bool($ca['moderate_comments']) ? 'pending' : 'approved'));
$t = serendipity_db_escape_string(isset($commentInfo['time']) ? $commentInfo['time'] : time());
$referer = substr((isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : ''), 0, 200);
$query = "SELECT a.email, e.title, a.mail_comments, a.mail_trackbacks
FROM {$serendipity['dbPrefix']}entries e, {$serendipity['dbPrefix']}authors a
WHERE e.id = '". (int)$id ."'
AND e.isdraft = 'false'
AND e.authorid = a.authorid";
if (!serendipity_db_bool($serendipity['showFutureEntries'])) {
$query .= " AND e.timestamp <= " . serendipity_db_time();
}
$row = serendipity_db_query($query, true); // Get info on author/entry
if (!is_array($row) || empty($id)) {
// No associated entry found.
return false;
}
if (isset($commentInfo['subscribe'])) {
$subscribe = 'true';
} else {
$subscribe = 'false';
}
$query = "INSERT INTO {$serendipity['dbPrefix']}comments (entry_id, parent_id, ip, author, email, url, body, type, timestamp, title, subscribed, status, referer)";
$query .= " VALUES ('". (int)$id ."', '$parentid', '$ip', '$name', '$email', '$url', '$commentsFixed', '$type', '$t', '$title', '$subscribe', '$status', '$referer')";
serendipity_db_query($query);
$cid = serendipity_db_insert_id('comments', 'id');
// Send mail to the author if he chose to receive these mails, or if the comment is awaiting moderation
if (serendipity_db_bool($ca['moderate_comments'])
|| ($type == 'NORMAL' && serendipity_db_bool($row['mail_comments']))
|| ($type == 'TRACKBACK' && serendipity_db_bool($row['mail_trackbacks']))) {
serendipity_sendComment($cid, $row['email'], $name, $email, $url, $id, $row['title'], $comments, $type, serendipity_db_bool($ca['moderate_comments']));
}
// Approve with force, if moderation is disabled
if (empty($ca['moderate_comments']) || serendipity_db_bool($ca['moderate_comments']) == false) {
serendipity_approveComment($cid, $id, true);
}
serendipity_purgeEntry($id, $t);
serendipity_insertComment($id, $commentInfo, $type, $source, $ca);
return true;
} else {
return false;

3
lang/UTF-8/serendipity_lang_de.inc.php
View File

@ -920,3 +920,6 @@
@define('COMMENT_NOTOKENMATCH', 'Der Kommentar-Link ist nicht mehr gültig, oder Kommentar #%s wurde bereits akzeptiert oder gelöscht.');
@define('TRACKBACK_NOTOKENMATCH', 'Der Kommentar-Link ist nicht mehr gültig, oder Trackback #%s wurde bereits akzeptiert oder gelöscht.');
@define('BADTOKEN', 'Ungültiger Kommentar-Link');
@define('CONFIRMATION_MAIL_ALWAYS', "Hallo %s,\n\nSie haben einen neuen Kommentar zu \"%s\" erstellt. Ihr Kommentar war:\n\n%s\n\nDer Betreiber dieses Blogs hat die Bestätigung per E-Mail gewünscht, daher müssen Sie folgenden Link anklicken:\n<%s>\n");
@define('CONFIRMATION_MAIL_ONCE', "Hallo %s,\n\nSie haben einen neuen Kommentar zu \"%s\" erstellt. Ihr Kommentar war:\n\n%s\n\nDer Betreiber dieses Blogs hat die Bestätigung per E-Mail gewünscht, daher müssen Sie folgenden Link anklicken:\n<%s>\n\nNachdem Sie dies getan haben, können Sie auf dem Blog jederzeit mit ihrem Namen und E-Mail-Adresse ohne weitere Freischaltung kommentieren.");

3
lang/UTF-8/serendipity_lang_en.inc.php
View File

@ -920,3 +920,6 @@
@define('COMMENT_NOTOKENMATCH', 'Moderation link has expired or comment #%s has already been approved or deleted');
@define('TRACKBACK_NOTOKENMATCH', 'Moderation link has expired or trackback #%s has already been approved or deleted');
@define('BADTOKEN', 'Invalid Moderation Link');
@define('CONFIRMATION_MAIL_ALWAYS', "Hello %s,\n\nYou have sent a new comment to \"%s\". Your comment was:\n\n%s\n\nThe owner of the blog has enabled mail verification, so you need to click on the following link to authenticate your comment:\n<%s>\n");
@define('CONFIRMATION_MAIL_ONCE', "Hello %s,\n\nYou have sent a new comment to \"%s\". Your comment was:\n\n%s\n\nThe owner of the blog has enabled one-time mail verification, so you need to click on the following link to authenticate your comment:\n<%s>\n\nAfter you have done that, you can always post comments on that blog with your username and e-mail address without receiving such notifications.");

3
lang/serendipity_lang_de.inc.php
View File

@ -920,3 +920,6 @@
@define('COMMENT_NOTOKENMATCH', 'Der Kommentar-Link ist nicht mehr gültig, oder Kommentar #%s wurde bereits akzeptiert oder gelöscht.');
@define('TRACKBACK_NOTOKENMATCH', 'Der Kommentar-Link ist nicht mehr gültig, oder Trackback #%s wurde bereits akzeptiert oder gelöscht.');
@define('BADTOKEN', 'Ungültiger Kommentar-Link');
@define('CONFIRMATION_MAIL_ALWAYS', "Hallo %s,\n\nSie haben einen neuen Kommentar zu \"%s\" erstellt. Ihr Kommentar war:\n\n%s\n\nDer Betreiber dieses Blogs hat die Bestätigung per E-Mail gewünscht, daher müssen Sie folgenden Link anklicken:\n<%s>\n");
@define('CONFIRMATION_MAIL_ONCE', "Hallo %s,\n\nSie haben einen neuen Kommentar zu \"%s\" erstellt. Ihr Kommentar war:\n\n%s\n\nDer Betreiber dieses Blogs hat die Bestätigung per E-Mail gewünscht, daher müssen Sie folgenden Link anklicken:\n<%s>\n\nNachdem Sie dies getan haben, können Sie auf dem Blog jederzeit mit ihrem Namen und E-Mail-Adresse ohne weitere Freischaltung kommentieren.");

3
lang/serendipity_lang_en.inc.php
View File

@ -920,3 +920,6 @@
@define('COMMENT_NOTOKENMATCH', 'Moderation link has expired or comment #%s has already been approved or deleted');
@define('TRACKBACK_NOTOKENMATCH', 'Moderation link has expired or trackback #%s has already been approved or deleted');
@define('BADTOKEN', 'Invalid Moderation Link');
@define('CONFIRMATION_MAIL_ALWAYS', "Hello %s,\n\nYou have sent a new comment to \"%s\". Your comment was:\n\n%s\n\nThe owner of the blog has enabled mail verification, so you need to click on the following link to authenticate your comment:\n<%s>\n");
@define('CONFIRMATION_MAIL_ONCE', "Hello %s,\n\nYou have sent a new comment to \"%s\". Your comment was:\n\n%s\n\nThe owner of the blog has enabled one-time mail verification, so you need to click on the following link to authenticate your comment:\n<%s>\n\nAfter you have done that, you can always post comments on that blog with your username and e-mail address without receiving such notifications.");

6
plugins/serendipity_event_spamblock/UTF-8/lang_de.inc.php
View File

@ -116,4 +116,8 @@
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Soll die IP des Senders bei Trackbacks/Pingbacks mit der IP des Hosts übereinstimmen, auf den der Kommentar gesetzt werden soll? (EMPFOHLEN!)');
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP Validierung : %s [%s] != Sender IP [%s]');
?>
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'Falls deaktiviert wird keine E-Mail-Prüfung ausgeführt. Falls auf "Ja" gesetzt wird eine E-Mail-Adresse auf syntaktische Korrektheit geprüft. "Immer bestätigen" bedeutet, dass ein Kommentator seine Kommentare jedesmal per E-Mail bestätigen muss. "Einmal bestätigen" heißt, dass er beim ersten Kommentare seine Identität bestätigt, und danach immer ohne weitere Moderation kommentieren darf.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Einmal bestätigen');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Immer bestätigen');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'Sie erhalten nun eine E-Mail-Benachrichtigung, mit der Sie ihren Kommentar freischalten können.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'Um einen Kommentar hinterlassen zu können, erhalten Sie nach dem Kommentieren eine E-Mail mit Aktivierungslink an ihre angegebene Adresse.');

6
plugins/serendipity_event_spamblock/lang_de.inc.php
View File

@ -116,4 +116,8 @@
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Soll die IP des Senders bei Trackbacks/Pingbacks mit der IP des Hosts übereinstimmen, auf den der Kommentar gesetzt werden soll? (EMPFOHLEN!)');
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP Validierung : %s [%s] != Sender IP [%s]');
?>
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'Falls deaktiviert wird keine E-Mail-Prüfung ausgeführt. Falls auf "Ja" gesetzt wird eine E-Mail-Adresse auf syntaktische Korrektheit geprüft. "Immer bestätigen" bedeutet, dass ein Kommentator seine Kommentare jedesmal per E-Mail bestätigen muss. "Einmal bestätigen" heißt, dass er beim ersten Kommentare seine Identität bestätigt, und danach immer ohne weitere Moderation kommentieren darf.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Einmal bestätigen');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Immer bestätigen');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'Sie erhalten nun eine E-Mail-Benachrichtigung, mit der Sie ihren Kommentar freischalten können.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'Um einen Kommentar hinterlassen zu können, erhalten Sie nach dem Kommentieren eine E-Mail mit Aktivierungslink an ihre angegebene Adresse.');

6
plugins/serendipity_event_spamblock/lang_en.inc.php
View File

@ -128,4 +128,8 @@
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Should the IP of the sender match the IP of the host, a trackback/pingback is set to? (RECOMMENDED!)');
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP validation: %s [%s] != sender ip [%s]');
?>
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'If disabled, no email checking will be performed. If set to "Yes", the commenting user must supply a valid e-mail address. If set to "Confirm always", the commenting user will need to approve his comments always via email (by clicking a mailed link). If set to "Confirm once", the user has to confirm his comment once and will then always be allowed to pass comment moderation.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Confirm once');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Confirm always');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'You will now receive an email notification with which you can approve your comment.');
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'To leave a comment you must approve it via e-mail, which will be sent to your address after submission.');

47
plugins/serendipity_event_spamblock/serendipity_event_spamblock.php
View File

@ -157,10 +157,15 @@ var $filter_defaults;
break;
case 'checkmail':
$propbag->add('type', 'boolean');
$propbag->add('type', 'radio');
$propbag->add('name', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL);
$propbag->add('description', '');
$propbag->add('default', false);
$propbag->add('description', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC);
$propbag->add('default', 'false');
$propbag->add('radio', array(
'value' => array('false', 'true', 'verify_once', 'verify_always'),
'desc' => array(NO, YES, PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE, PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS)
));
$propbag->add('radio_per_row', '1');
break;
case 'required_fields':
@ -735,6 +740,7 @@ var $filter_defaults;
$serendipity['csuccess'] = 'true';
$logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
$required_fields = $this->get_config('required_fields', '');
$checkmail = $this->get_config('checkmail');
// Check CSRF [comments only, cannot be applied to trackbacks]
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('csrf', true))) {
@ -758,7 +764,7 @@ var $filter_defaults;
}
}
}
/*
if ($addData['type'] != 'NORMAL' && empty($addData['name'])) {
$eventData = array('allow_coments' => false);
@ -772,6 +778,26 @@ var $filter_defaults;
return true;
}
// Check if the user has verified himself via email already.
if ($addData['type'] == 'NORMAL' && (string)$checkmail === 'verify_once') {
$auth = serendipity_db_query("SELECT *
FROM {$serendipity['dbPrefix']}options
WHERE okey = 'mail_confirm'
AND name = '" . serendipity_db_escape_string($addData['email']) . "'
AND value = '" . serendipity_db_escape_string($addData['name']) . "'", true);
if (!is_array($auth)) {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm1';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
} else {
// User is allowed to post message, bypassing other checks as if he were logged in.
return true;
}
}
// Check if entry title is the same as comment body
if (serendipity_db_bool($this->get_config('entrytitle')) && trim($eventData['title']) == trim($addData['comment'])) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TITLE, $addData);
@ -1103,6 +1129,15 @@ var $filter_defaults;
}
}
if ($addData['type'] == 'NORMAL' && (string)$checkmail === 'verify_always') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
}
// Check invalid email
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('checkmail', false))) {
if (!empty($addData['email']) && strstr($addData['email'], '@') === false) {
@ -1125,6 +1160,10 @@ var $filter_defaults;
if (serendipity_db_bool($this->get_config('hide_email', false))) {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_HIDE_EMAIL_NOTICE . '</div>';
}
if ((string)$this->get_config('checkmail') === 'verify_always' || (string)$this->get_config('checkmail') === 'verify_once') {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO . '</div>';
}
if (serendipity_db_bool($this->get_config('csrf', true))) {
echo serendipity_setFormToken('form');