*/
/*
Plugin Name: Akismet
-Plugin URI: http://akismet.com/
-Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your <a href="plugins.php?page=akismet-key-config">Akismet configuration</a> page, and save your API key.
-Version: 2.5.3
+Plugin URI: http://akismet.com/?return=true
+Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your Akismet configuration page, and save your API key.
+Version: 2.5.8
Author: Automattic
Author URI: http://automattic.com/wordpress-plugins/
License: GPLv2 or later
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-define('AKISMET_VERSION', '2.5.3');
+// Make sure we don't expose any info if called directly
+if ( !function_exists( 'add_action' ) ) {
+ echo 'Hi there! I\'m just a plugin, not much I can do when called directly.';
+ exit;
+}
+
+define('AKISMET_VERSION', '2.5.8');
define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
/** If you hardcode a WP.com API key here, all key config screens will be hidden */
else
$wpcom_api_key = '';
-// Make sure we don't expose any info if called directly
-if ( !function_exists( 'add_action' ) ) {
- echo "Hi there! I'm just a plugin, not much I can do when called directly.";
- exit;
-}
-
if ( isset($wp_db_version) && $wp_db_version <= 9872 )
include_once dirname( __FILE__ ) . '/legacy.php';
return get_option('wordpress_api_key');
}
-function akismet_verify_key( $key, $ip = null ) {
+function akismet_check_key_status( $key, $ip = null ) {
global $akismet_api_host, $akismet_api_port, $wpcom_api_key;
$blog = urlencode( get_option('home') );
if ( $wpcom_api_key )
$key = $wpcom_api_key;
$response = akismet_http_post("key=$key&blog=$blog", 'rest.akismet.com', '/1.1/verify-key', $akismet_api_port, $ip);
+ return $response;
+}
+
+// given a response from an API call like akismet_check_key_status(), update the alert code options if an alert is present.
+function akismet_update_alert( $response ) {
+ $code = $msg = null;
+ if ( isset($response[0]['x-akismet-alert-code']) ) {
+ $code = $response[0]['x-akismet-alert-code'];
+ $msg = $response[0]['x-akismet-alert-msg'];
+ }
+
+ // only call update_option() if the value has changed
+ if ( $code != get_option( 'akismet_alert_code' ) ) {
+ update_option( 'akismet_alert_code', $code );
+ update_option( 'akismet_alert_msg', $msg );
+ }
+}
+
+function akismet_verify_key( $key, $ip = null ) {
+ $response = akismet_check_key_status( $key, $ip );
+ akismet_update_alert( $response );
if ( !is_array($response) || !isset($response[1]) || $response[1] != 'valid' && $response[1] != 'invalid' )
return 'failed';
return $response[1];
}
// return a comma-separated list of role names for the given user
-function akismet_get_user_roles($user_id ) {
+function akismet_get_user_roles( $user_id ) {
$roles = false;
if ( !class_exists('WP_User') )
$akismet_ua = "WordPress/{$wp_version} | ";
$akismet_ua .= 'Akismet/' . constant( 'AKISMET_VERSION' );
+ $akismet_ua = apply_filters( 'akismet_ua', $akismet_ua );
+
$content_length = strlen( $request );
$http_host = $host;
if ( !function_exists('add_comment_meta') )
return false;
+ if ( !isset( $akismet_last_comment['comment_author_email'] ) )
+ $akismet_last_comment['comment_author_email'] = '';
+
// wp_insert_comment() might be called in other contexts, so make sure this is the same comment
// as was checked by akismet_auto_check_comment
if ( is_object($comment) && !empty($akismet_last_comment) && is_array($akismet_last_comment) ) {
- if ( intval($akismet_last_comment['comment_post_ID']) == intval($comment->comment_post_ID)
+ if ( isset($akismet_last_comment['comment_post_ID']) && intval($akismet_last_comment['comment_post_ID']) == intval($comment->comment_post_ID)
&& $akismet_last_comment['comment_author'] == $comment->comment_author
&& $akismet_last_comment['comment_author_email'] == $comment->comment_author_email ) {
// normal result: true or false
// abnormal result: error
} else {
update_comment_meta( $comment->comment_ID, 'akismet_error', time() );
- akismet_update_comment_history( $comment->comment_ID, sprintf( __('Akismet was unable to check this comment (response: %s), will automatically retry again later.'), $akismet_last_comment['akismet_result']), 'check-error' );
+ akismet_update_comment_history( $comment->comment_ID, sprintf( __('Akismet was unable to check this comment (response: %s), will automatically retry again later.'), substr($akismet_last_comment['akismet_result'], 0, 50)), 'check-error' );
}
// record the complete original data as submitted for checking
$comment = $commentdata;
$comment['user_ip'] = $_SERVER['REMOTE_ADDR'];
- $comment['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
- $comment['referrer'] = $_SERVER['HTTP_REFERER'];
+ $comment['user_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null;
+ $comment['referrer'] = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
$comment['blog'] = get_option('home');
$comment['blog_lang'] = get_locale();
$comment['blog_charset'] = get_option('blog_charset');
$comment['permalink'] = get_permalink($comment['comment_post_ID']);
- $comment['user_role'] = akismet_get_user_roles($comment['user_ID']);
+ if ( !empty( $comment['user_ID'] ) ) {
+ $comment['user_role'] = akismet_get_user_roles( $comment['user_ID'] );
+ }
$akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) );
$comment['akismet_comment_nonce'] = 'inactive';
$comment["$key"] = '';
}
+ $post = get_post( $comment['comment_post_ID'] );
+ $comment[ 'comment_post_modified_gmt' ] = $post->post_modified_gmt;
+
$query_string = '';
foreach ( $comment as $key => $data )
$query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&';
$commentdata['comment_as_submitted'] = $comment;
$response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port);
+ do_action( 'akismet_comment_check_response', $response );
+ akismet_update_alert( $response );
$commentdata['akismet_result'] = $response[1];
if ( 'true' == $response[1] ) {
// akismet_spam_count will be incremented later by akismet_result_spam()
do_action( 'akismet_spam_caught' );
- $post = get_post( $comment['comment_post_ID'] );
$last_updated = strtotime( $post->post_modified_gmt );
$diff = time() - $last_updated;
$diff = $diff / 86400;
// akismet_result_spam() won't be called so bump the counter here
if ( $incr = apply_filters('akismet_spam_count_incr', 1) )
update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr );
- wp_redirect( $_SERVER['HTTP_REFERER'] );
+ $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : get_permalink( $post );
+ wp_safe_redirect( $redirect_to );
die();
}
}
// if the response is neither true nor false, hold the comment for moderation and schedule a recheck
if ( 'true' != $response[1] && 'false' != $response[1] ) {
- add_filter('pre_comment_approved', 'akismet_result_hold');
- wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
+ if ( !current_user_can('moderate_comments') ) {
+ add_filter('pre_comment_approved', 'akismet_result_hold');
+ }
+ if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
+ wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
+ }
}
if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_event') ) {
akismet_delete_old();
}
$akismet_last_comment = $commentdata;
+
+ akismet_fix_scheduled_recheck();
return $commentdata;
}
}
+function akismet_delete_old_metadata() {
+ global $wpdb;
+
+ $now_gmt = current_time( 'mysql', 1 );
+ $interval = apply_filters( 'akismet_delete_commentmeta_interval', 15 );
+
+ # enfore a minimum of 1 day
+ $interval = absint( $interval );
+ if ( $interval < 1 ) {
+ return;
+ }
+
+ // akismet_as_submitted meta values are large, so expire them
+ // after $interval days regardless of the comment status
+ while ( TRUE ) {
+ $comment_ids = $wpdb->get_col( "SELECT $wpdb->comments.comment_id FROM $wpdb->commentmeta INNER JOIN $wpdb->comments USING(comment_id) WHERE meta_key = 'akismet_as_submitted' AND DATE_SUB('$now_gmt', INTERVAL {$interval} DAY) > comment_date_gmt LIMIT 10000" );
+
+ if ( empty( $comment_ids ) ) {
+ return;
+ }
+
+ foreach ( $comment_ids as $comment_id ) {
+ delete_comment_meta( $comment_id, 'akismet_as_submitted' );
+ }
+ }
+
+ /*
+ $n = mt_rand( 1, 5000 );
+ if ( apply_filters( 'akismet_optimize_table', ( $n == 11 ), 'commentmeta' ) ) { // lucky number
+ $wpdb->query( "OPTIMIZE TABLE $wpdb->commentmeta" );
+ }
+ */
+}
+
add_action('akismet_scheduled_delete', 'akismet_delete_old');
+add_action('akismet_scheduled_delete', 'akismet_delete_old_metadata');
function akismet_check_db_comment( $id, $recheck_reason = 'recheck_queue' ) {
global $wpdb, $akismet_api_host, $akismet_api_port;
$query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&';
$response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port);
- return $response[1];
+ return ( is_array( $response ) && isset( $response[1] ) ) ? $response[1] : false;
}
function akismet_cron_recheck() {
global $wpdb;
+ $status = akismet_verify_key( akismet_get_key() );
+ if ( get_option( 'akismet_alert_code' ) || $status == 'invalid' ) {
+ // since there is currently a problem with the key, reschedule a check for 6 hours hence
+ wp_schedule_single_event( time() + 21600, 'akismet_schedule_cron_recheck' );
+ return false;
+ }
+
delete_option('akismet_available_servers');
$comment_errors = $wpdb->get_col( "
" );
foreach ( (array) $comment_errors as $comment_id ) {
- // if the comment no longer exists, remove the meta entry from the queue to avoid getting stuck
- if ( !get_comment( $comment_id ) ) {
+ // if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck
+ $comment = get_comment( $comment_id );
+ if ( !$comment || strtotime( $comment->comment_date_gmt ) < strtotime( "-15 days" ) ) {
delete_comment_meta( $comment_id, 'akismet_error' );
continue;
}
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
return;
}
+ delete_comment_meta( $comment_id, 'akismet_rechecking' );
}
- $remaining = $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->commentmeta WHERE meta_key = 'akismet_error'" ) );
+ $remaining = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->commentmeta WHERE meta_key = 'akismet_error'" );
if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) {
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
}
if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' )
add_action( 'comment_form', 'akismet_add_comment_nonce' );
+global $wp_version;
if ( '3.0.5' == $wp_version ) {
remove_filter( 'comment_text', 'wp_kses_data' );
if ( is_admin() )
add_filter( 'comment_text', 'wp_kses_post' );
}
+
+function akismet_fix_scheduled_recheck() {
+ $future_check = wp_next_scheduled( 'akismet_schedule_cron_recheck' );
+ if ( !$future_check ) {
+ return;
+ }
+
+ if ( get_option( 'akismet_alert_code' ) > 0 ) {
+ return;
+ }
+
+ $check_range = time() + 1200;
+ if ( $future_check > $check_range ) {
+ wp_clear_scheduled_hook( 'akismet_schedule_cron_recheck' );
+ wp_schedule_single_event( time() + 300, 'akismet_schedule_cron_recheck' );
+ }
+}