<?php akismet_counter(); ?> in your template. See also: WP Stats plugin.
-Version: 2.1.3
-Author: Matt Mullenweg
-Author URI: http://photomatt.net/
+Plugin URI: http://akismet.com/?return=true
+Description: Used by millions, Akismet is quite possibly the best way in the world to protect your blog from comment and trackback spam. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) Sign up for an Akismet API key, and 3) Go to your Akismet configuration page, and save your API key.
+Version: 2.6.0
+Author: Automattic
+Author URI: http://automattic.com/wordpress-plugins/
+License: GPLv2 or later
*/
-// If you hardcode a WP.com API key here, all key config screens will be hidden
-$wpcom_api_key = '';
+/*
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+*/
+
+// Make sure we don't expose any info if called directly
+if ( !function_exists( 'add_action' ) ) {
+ echo 'Hi there! I\'m just a plugin, not much I can do when called directly.';
+ exit;
+}
+
+define('AKISMET_VERSION', '2.6.0');
+define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
+define('AKISMET_DELETE_LIMIT', 10000);
+
+/** If you hardcode a WP.com API key here, all key config screens will be hidden */
+if ( defined('WPCOM_API_KEY') )
+ $wpcom_api_key = constant('WPCOM_API_KEY');
+else
+ $wpcom_api_key = '';
+
+if ( isset($wp_db_version) && $wp_db_version <= 9872 )
+ include_once dirname( __FILE__ ) . '/legacy.php';
+
+include_once dirname( __FILE__ ) . '/widget.php';
+
+if ( is_admin() )
+ require_once dirname( __FILE__ ) . '/admin.php';
function akismet_init() {
global $wpcom_api_key, $akismet_api_host, $akismet_api_port;
@@ -20,727 +61,640 @@ function akismet_init() {
$akismet_api_host = get_option('wordpress_api_key') . '.rest.akismet.com';
$akismet_api_port = 80;
- add_action('admin_menu', 'akismet_config_page');
}
add_action('init', 'akismet_init');
-if ( !function_exists('wp_nonce_field') ) {
- function akismet_nonce_field($action = -1) { return; }
- $akismet_nonce = -1;
-} else {
- function akismet_nonce_field($action = -1) { return wp_nonce_field($action); }
- $akismet_nonce = 'akismet-update-key';
+function akismet_get_key() {
+ global $wpcom_api_key;
+ if ( !empty($wpcom_api_key) )
+ return $wpcom_api_key;
+ return get_option('wordpress_api_key');
}
-function akismet_config_page() {
- if ( function_exists('add_submenu_page') )
- add_submenu_page('plugins.php', __('Akismet Configuration'), __('Akismet Configuration'), 'manage_options', 'akismet-key-config', 'akismet_conf');
+function akismet_check_key_status( $key, $ip = null ) {
+ global $akismet_api_host, $akismet_api_port, $wpcom_api_key;
+ $blog = urlencode( get_option('home') );
+ if ( $wpcom_api_key )
+ $key = $wpcom_api_key;
+ $response = akismet_http_post("key=$key&blog=$blog", 'rest.akismet.com', '/1.1/verify-key', $akismet_api_port, $ip);
+ return $response;
+}
+
+// given a response from an API call like akismet_check_key_status(), update the alert code options if an alert is present.
+function akismet_update_alert( $response ) {
+ $code = $msg = null;
+ if ( isset($response[0]['x-akismet-alert-code']) ) {
+ $code = $response[0]['x-akismet-alert-code'];
+ $msg = $response[0]['x-akismet-alert-msg'];
+ }
+ // only call update_option() if the value has changed
+ if ( $code != get_option( 'akismet_alert_code' ) ) {
+ update_option( 'akismet_alert_code', $code );
+ update_option( 'akismet_alert_msg', $msg );
+ }
}
-function akismet_conf() {
- global $akismet_nonce, $wpcom_api_key;
+function akismet_verify_key( $key, $ip = null ) {
+ $response = akismet_check_key_status( $key, $ip );
+ akismet_update_alert( $response );
+ if ( !is_array($response) || !isset($response[1]) || $response[1] != 'valid' && $response[1] != 'invalid' )
+ return 'failed';
+ return $response[1];
+}
- if ( isset($_POST['submit']) ) {
- if ( function_exists('current_user_can') && !current_user_can('manage_options') )
- die(__('Cheatin’ uh?'));
+// if we're in debug or test modes, use a reduced service level so as not to polute training or stats data
+function akismet_test_mode() {
+ if ( defined('AKISMET_TEST_MODE') && AKISMET_TEST_MODE )
+ return true;
+ return false;
+}
- check_admin_referer( $akismet_nonce );
- $key = preg_replace( '/[^a-h0-9]/i', '', $_POST['key'] );
+// return a comma-separated list of role names for the given user
+function akismet_get_user_roles( $user_id ) {
+ $roles = false;
+
+ if ( !class_exists('WP_User') )
+ return false;
+
+ if ( $user_id > 0 ) {
+ $comment_user = new WP_User($user_id);
+ if ( isset($comment_user->roles) )
+ $roles = join(',', $comment_user->roles);
+ }
- if ( empty($key) ) {
- $key_status = 'empty';
- $ms[] = 'new_key_empty';
- delete_option('wordpress_api_key');
+ if ( is_multisite() && is_super_admin( $user_id ) ) {
+ if ( empty( $roles ) ) {
+ $roles = 'super_admin';
} else {
- $key_status = akismet_verify_key( $key );
+ $comment_user->roles[] = 'super_admin';
+ $roles = join( ',', $comment_user->roles );
}
+ }
- if ( $key_status == 'valid' ) {
- update_option('wordpress_api_key', $key);
- $ms[] = 'new_key_valid';
- } else if ( $key_status == 'invalid' ) {
- $ms[] = 'new_key_invalid';
- } else if ( $key_status == 'failed' ) {
- $ms[] = 'new_key_failed';
- }
+ return $roles;
+}
- if ( isset( $_POST['akismet_discard_month'] ) )
- update_option( 'akismet_discard_month', 'true' );
- else
- update_option( 'akismet_discard_month', 'false' );
- }
+// Returns array with headers in $response[0] and body in $response[1]
+function akismet_http_post($request, $host, $path, $port = 80, $ip=null) {
+ global $wp_version;
- if ( $key_status != 'valid' ) {
- $key = get_option('wordpress_api_key');
- if ( empty( $key ) ) {
- if ( $key_status != 'failed' ) {
- if ( akismet_verify_key( '1234567890ab' ) == 'failed' )
- $ms[] = 'no_connection';
- else
- $ms[] = 'key_empty';
- }
- $key_status = 'empty';
- } else {
- $key_status = akismet_verify_key( $key );
- }
- if ( $key_status == 'valid' ) {
- $ms[] = 'key_valid';
- } else if ( $key_status == 'invalid' ) {
- delete_option('wordpress_api_key');
- $ms[] = 'key_empty';
- } else if ( !empty($key) && $key_status == 'failed' ) {
- $ms[] = 'key_failed';
+ $akismet_ua = "WordPress/{$wp_version} | ";
+ $akismet_ua .= 'Akismet/' . constant( 'AKISMET_VERSION' );
+
+ $akismet_ua = apply_filters( 'akismet_ua', $akismet_ua );
+
+ $content_length = strlen( $request );
+
+ $http_host = $host;
+ // use a specific IP if provided
+ // needed by akismet_check_server_connectivity()
+ if ( $ip && long2ip( ip2long( $ip ) ) ) {
+ $http_host = $ip;
+ } else {
+ $http_host = $host;
+ }
+
+ // use the WP HTTP class if it is available
+ if ( function_exists( 'wp_remote_post' ) ) {
+ $http_args = array(
+ 'body' => $request,
+ 'headers' => array(
+ 'Content-Type' => 'application/x-www-form-urlencoded; ' .
+ 'charset=' . get_option( 'blog_charset' ),
+ 'Host' => $host,
+ 'User-Agent' => $akismet_ua
+ ),
+ 'httpversion' => '1.0',
+ 'timeout' => 15
+ );
+ $akismet_url = "http://{$http_host}{$path}";
+ $response = wp_remote_post( $akismet_url, $http_args );
+ if ( is_wp_error( $response ) )
+ return '';
+
+ return array( $response['headers'], $response['body'] );
+ } else {
+ $http_request = "POST $path HTTP/1.0\r\n";
+ $http_request .= "Host: $host\r\n";
+ $http_request .= 'Content-Type: application/x-www-form-urlencoded; charset=' . get_option('blog_charset') . "\r\n";
+ $http_request .= "Content-Length: {$content_length}\r\n";
+ $http_request .= "User-Agent: {$akismet_ua}\r\n";
+ $http_request .= "\r\n";
+ $http_request .= $request;
+
+ $response = '';
+ if( false != ( $fs = @fsockopen( $http_host, $port, $errno, $errstr, 10 ) ) ) {
+ fwrite( $fs, $http_request );
+
+ while ( !feof( $fs ) )
+ $response .= fgets( $fs, 1160 ); // One TCP-IP packet
+ fclose( $fs );
+ $response = explode( "\r\n\r\n", $response, 2 );
}
+ return $response;
}
+}
- $messages = array(
- 'new_key_empty' => array('color' => 'aa0', 'text' => __('Your key has been cleared.')),
- 'new_key_valid' => array('color' => '2d2', 'text' => __('Your key has been verified. Happy blogging!')),
- 'new_key_invalid' => array('color' => 'd22', 'text' => __('The key you entered is invalid. Please double-check it.')),
- 'new_key_failed' => array('color' => 'd22', 'text' => __('The key you entered could not be verified because a connection to akismet.com could not be established. Please check your server configuration.')),
- 'no_connection' => array('color' => 'd22', 'text' => __('There was a problem connecting to the Akismet server. Please check your server configuration.')),
- 'key_empty' => array('color' => 'aa0', 'text' => sprintf(__('Please enter an API key. (Get your key.)'), 'http://wordpress.com/profile/')),
- 'key_valid' => array('color' => '2d2', 'text' => __('This key is valid.')),
- 'key_failed' => array('color' => 'aa0', 'text' => __('The key below was previously validated but a connection to akismet.com can not be established at this time. Please check your server configuration.')));
-?>
-
-".__('Akismet is almost ready.')." ".sprintf(__('You must enter your WordPress.com API key for it to work.'), "plugins.php?page=akismet-key-config")."
- "; - } - add_action('admin_notices', 'akismet_warning'); - return; +// how many approved comments does this author have? +function akismet_get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { + global $wpdb; + + if ( !empty($user_id) ) + return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE user_id = %d AND comment_approved = 1", $user_id ) ); + + if ( !empty($comment_author_email) ) + return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); + + return 0; } -// Returns array with headers in $response[0] and body in $response[1] -function akismet_http_post($request, $host, $path, $port = 80) { - global $wp_version; +function akismet_microtime() { + $mtime = explode( ' ', microtime() ); + return $mtime[1] + $mtime[0]; +} + +// log an event for a given comment, storing it in comment_meta +function akismet_update_comment_history( $comment_id, $message, $event=null ) { + global $current_user; + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $user = ''; + if ( is_object($current_user) && isset($current_user->user_login) ) + $user = $current_user->user_login; - $http_request = "POST $path HTTP/1.0\r\n"; - $http_request .= "Host: $host\r\n"; - $http_request .= "Content-Type: application/x-www-form-urlencoded; charset=" . get_option('blog_charset') . "\r\n"; - $http_request .= "Content-Length: " . strlen($request) . "\r\n"; - $http_request .= "User-Agent: WordPress/$wp_version | Akismet/2.0\r\n"; - $http_request .= "\r\n"; - $http_request .= $request; - - $response = ''; - if( false != ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) { - fwrite($fs, $http_request); - - while ( !feof($fs) ) - $response .= fgets($fs, 1160); // One TCP-IP packet - fclose($fs); - $response = explode("\r\n\r\n", $response, 2); + $event = array( + 'time' => akismet_microtime(), + 'message' => $message, + 'event' => $event, + 'user' => $user, + ); + + // $unique = false so as to allow multiple values per comment + $r = add_comment_meta( $comment_id, 'akismet_history', $event, false ); +} + +// get the full comment history for a given comment, as an array in reverse chronological order +function akismet_get_comment_history( $comment_id ) { + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $history = get_comment_meta( $comment_id, 'akismet_history', false ); + usort( $history, 'akismet_cmp_time' ); + return $history; +} + +function akismet_cmp_time( $a, $b ) { + return $a['time'] > $b['time'] ? -1 : 1; +} + +// this fires on wp_insert_comment. we can't update comment_meta when akismet_auto_check_comment() runs +// because we don't know the comment ID at that point. +function akismet_auto_check_update_meta( $id, $comment ) { + global $akismet_last_comment; + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + if ( !isset( $akismet_last_comment['comment_author_email'] ) ) + $akismet_last_comment['comment_author_email'] = ''; + + // wp_insert_comment() might be called in other contexts, so make sure this is the same comment + // as was checked by akismet_auto_check_comment + if ( is_object($comment) && !empty($akismet_last_comment) && is_array($akismet_last_comment) ) { + if ( isset($akismet_last_comment['comment_post_ID']) && intval($akismet_last_comment['comment_post_ID']) == intval($comment->comment_post_ID) + && $akismet_last_comment['comment_author'] == $comment->comment_author + && $akismet_last_comment['comment_author_email'] == $comment->comment_author_email ) { + // normal result: true or false + if ( $akismet_last_comment['akismet_result'] == 'true' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' ); + akismet_update_comment_history( $comment->comment_ID, __('Akismet caught this comment as spam'), 'check-spam' ); + if ( $comment->comment_approved != 'spam' ) + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed'.$comment->comment_approved ); + } elseif ( $akismet_last_comment['akismet_result'] == 'false' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' ); + akismet_update_comment_history( $comment->comment_ID, __('Akismet cleared this comment'), 'check-ham' ); + if ( $comment->comment_approved == 'spam' ) { + if ( wp_blacklist_check($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent) ) + akismet_update_comment_history( $comment->comment_ID, __('Comment was caught by wp_blacklist_check'), 'wp-blacklisted' ); + else + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed-'.$comment->comment_approved ); + } + // abnormal result: error + } else { + update_comment_meta( $comment->comment_ID, 'akismet_error', time() ); + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Akismet was unable to check this comment (response: %s), will automatically retry again later.'), substr($akismet_last_comment['akismet_result'], 0, 50)), 'check-error' ); + } + + // record the complete original data as submitted for checking + if ( isset($akismet_last_comment['comment_as_submitted']) ) + update_comment_meta( $comment->comment_ID, 'akismet_as_submitted', $akismet_last_comment['comment_as_submitted'] ); + } } - return $response; } -function akismet_auto_check_comment( $comment ) { - global $akismet_api_host, $akismet_api_port; +add_action( 'wp_insert_comment', 'akismet_auto_check_update_meta', 10, 2 ); + - $comment['user_ip'] = preg_replace( '/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR'] ); - $comment['user_agent'] = $_SERVER['HTTP_USER_AGENT']; - $comment['referrer'] = $_SERVER['HTTP_REFERER']; +function akismet_auto_check_comment( $commentdata ) { + global $akismet_api_host, $akismet_api_port, $akismet_last_comment; + + $comment = $commentdata; + $comment['user_ip'] = akismet_get_ip_address(); + $comment['user_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null; + $comment['referrer'] = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; $comment['blog'] = get_option('home'); + $comment['blog_lang'] = get_locale(); + $comment['blog_charset'] = get_option('blog_charset'); + $comment['permalink'] = get_permalink($comment['comment_post_ID']); + + if ( !empty( $comment['user_ID'] ) ) { + $comment['user_role'] = akismet_get_user_roles( $comment['user_ID'] ); + } - $ignore = array( 'HTTP_COOKIE' ); + $akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); + $comment['akismet_comment_nonce'] = 'inactive'; + if ( $akismet_nonce_option == 'true' || $akismet_nonce_option == '' ) { + $comment['akismet_comment_nonce'] = 'failed'; + if ( isset( $_POST['akismet_comment_nonce'] ) && wp_verify_nonce( $_POST['akismet_comment_nonce'], 'akismet_comment_nonce_' . $comment['comment_post_ID'] ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + // comment reply in wp-admin + if ( isset( $_POST['_ajax_nonce-replyto-comment'] ) && check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + } - foreach ( $_SERVER as $key => $value ) - if ( !in_array( $key, $ignore ) ) + if ( akismet_test_mode() ) + $comment['is_test'] = 'true'; + + foreach ($_POST as $key => $value ) { + if ( is_string($value) ) + $comment["POST_{$key}"] = $value; + } + + $ignore = array( 'HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW' ); + + foreach ( $_SERVER as $key => $value ) { + if ( !in_array( $key, $ignore ) && is_string($value) ) $comment["$key"] = $value; + else + $comment["$key"] = ''; + } + + $post = get_post( $comment['comment_post_ID'] ); + $comment[ 'comment_post_modified_gmt' ] = $post->post_modified_gmt; $query_string = ''; foreach ( $comment as $key => $data ) $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; + + $commentdata['comment_as_submitted'] = $comment; $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port); + do_action( 'akismet_comment_check_response', $response ); + akismet_update_alert( $response ); + $commentdata['akismet_result'] = $response[1]; if ( 'true' == $response[1] ) { - add_filter('pre_comment_approved', create_function('$a', 'return \'spam\';')); - update_option( 'akismet_spam_count', get_option('akismet_spam_count') + 1 ); + // akismet_spam_count will be incremented later by akismet_result_spam() + add_filter('pre_comment_approved', 'akismet_result_spam'); do_action( 'akismet_spam_caught' ); - $post = get_post( $comment['comment_post_ID'] ); $last_updated = strtotime( $post->post_modified_gmt ); $diff = time() - $last_updated; $diff = $diff / 86400; - - if ( $post->post_type == 'post' && $diff > 30 && get_option( 'akismet_discard_month' ) == 'true' ) - die; + + if ( $post->post_type == 'post' && $diff > 30 && get_option( 'akismet_discard_month' ) == 'true' && empty($comment['user_ID']) ) { + // akismet_result_spam() won't be called so bump the counter here + if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) + update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); + $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : get_permalink( $post ); + wp_safe_redirect( $redirect_to ); + die(); + } } - akismet_delete_old(); - return $comment; -} - -function akismet_delete_old() { - global $wpdb; - $now_gmt = current_time('mysql', 1); - $wpdb->query("DELETE FROM $wpdb->comments WHERE DATE_SUB('$now_gmt', INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam'"); - $n = mt_rand(1, 5000); - if ( $n == 11 ) // lucky number - $wpdb->query("OPTIMIZE TABLE $wpdb->comments"); -} - -function akismet_submit_nonspam_comment ( $comment_id ) { - global $wpdb, $akismet_api_host, $akismet_api_port; - - $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_id'"); - if ( !$comment ) // it was deleted - return; - $comment->blog = get_option('home'); - $query_string = ''; - foreach ( $comment as $key => $data ) - $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; - $response = akismet_http_post($query_string, $akismet_api_host, "/1.1/submit-ham", $akismet_api_port); -} - -function akismet_submit_spam_comment ( $comment_id ) { - global $wpdb, $akismet_api_host, $akismet_api_port; - - $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_id'"); - if ( !$comment ) // it was deleted - return; - if ( 'spam' != $comment->comment_approved ) - return; - $comment->blog = get_option('home'); - $query_string = ''; - foreach ( $comment as $key => $data ) - $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; + + // if the response is neither true nor false, hold the comment for moderation and schedule a recheck + if ( 'true' != $response[1] && 'false' != $response[1] ) { + if ( !current_user_can('moderate_comments') ) { + add_filter('pre_comment_approved', 'akismet_result_hold'); + } + if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); + } + } + + if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_event') ) { + // WP 2.1+: delete old comments daily + if ( !wp_next_scheduled('akismet_scheduled_delete') ) + wp_schedule_event(time(), 'daily', 'akismet_scheduled_delete'); + } elseif ( (mt_rand(1, 10) == 3) ) { + // WP 2.0: run this one time in ten + akismet_delete_old(); + } + $akismet_last_comment = $commentdata; - $response = akismet_http_post($query_string, $akismet_api_host, "/1.1/submit-spam", $akismet_api_port); + akismet_fix_scheduled_recheck(); + return $commentdata; } -add_action('wp_set_comment_status', 'akismet_submit_spam_comment'); -add_action('edit_comment', 'akismet_submit_spam_comment'); add_action('preprocess_comment', 'akismet_auto_check_comment', 1); -function akismet_spam_count() { - global $wpdb, $comments; - $count = wp_cache_get( 'akismet_spam_count', 'widget' ); - if ( false === $count ) { - $count = $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_approved = 'spam'"); - wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 ); +function akismet_get_ip_address() { + foreach( array( 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR' ) as $key ) { + if ( array_key_exists( $key, $_SERVER ) === true ) { + foreach ( explode( ',', $_SERVER[$key] ) as $ip ) { + $ip = trim($ip); + + if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false ) { + return $ip; + } + } + } } - return $count; + return null; } -function akismet_manage_page() { - global $wpdb, $submenu; - $count = sprintf(__('Akismet Spam (%s)'), akismet_spam_count()); - if ( isset( $submenu['edit-comments.php'] ) ) - add_submenu_page('edit-comments.php', __('Akismet Spam'), $count, 'moderate_comments', 'akismet-admin', 'akismet_caught' ); - elseif ( function_exists('add_management_page') ) - add_management_page(__('Akismet Spam'), $count, 'moderate_comments', 'akismet-admin', 'akismet_caught'); -} +function akismet_delete_old() { + global $wpdb; + + while( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_id FROM {$wpdb->comments} WHERE DATE_SUB(NOW(), INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam' LIMIT %d", defined( 'AKISMET_DELETE_LIMIT' ) ? AKISMET_DELETE_LIMIT : 10000 ) ) ) { + if ( empty( $comment_ids ) ) + return; + + $wpdb->queries = array(); -function akismet_caught() { - global $wpdb, $comment, $akismet_caught, $akismet_nonce; - akismet_recheck_queue(); - if (isset($_POST['submit']) && 'recover' == $_POST['action'] && ! empty($_POST['not_spam'])) { - check_admin_referer( $akismet_nonce ); - if ( function_exists('current_user_can') && !current_user_can('moderate_comments') ) - die(__('You do not have sufficient permission to moderate comments.')); + do_action( 'delete_comment', $comment_ids ); - $i = 0; - foreach ($_POST['not_spam'] as $comment): - $comment = (int) $comment; - if ( function_exists('wp_set_comment_status') ) - wp_set_comment_status($comment, 'approve'); - else - $wpdb->query("UPDATE $wpdb->comments SET comment_approved = '1' WHERE comment_ID = '$comment'"); - akismet_submit_nonspam_comment($comment); - ++$i; - endforeach; - $to = add_query_arg( 'recovered', $i, $_SERVER['HTTP_REFERER'] ); - wp_redirect( $to ); - exit; - } - if ('delete' == $_POST['action']) { - check_admin_referer( $akismet_nonce ); - if ( function_exists('current_user_can') && !current_user_can('moderate_comments') ) - die(__('You do not have sufficient permission to moderate comments.')); - - $delete_time = addslashes( $_POST['display_time'] ); - $nuked = $wpdb->query( "DELETE FROM $wpdb->comments WHERE comment_approved = 'spam' AND '$delete_time' > comment_date_gmt" ); - wp_cache_delete( 'akismet_spam_count', 'widget' ); - $to = add_query_arg( 'deleted', 'all', $_SERVER['HTTP_REFERER'] ); - wp_redirect( $to ); - exit; + $comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) ); + + $wpdb->query("DELETE FROM {$wpdb->comments} WHERE comment_id IN ( $comma_comment_ids )"); + $wpdb->query("DELETE FROM {$wpdb->commentmeta} WHERE comment_id IN ( $comma_comment_ids )"); + + clean_comment_cache( $comment_ids ); } -if ( isset( $_GET['recovered'] ) ) { - $i = (int) $_GET['recovered']; - echo '' . sprintf(__('%1$s comments recovered.'), $i) . "
' . __('All spam deleted.') . '
%1$s spam for you since you first installed it.'), number_format($count) ); ?>
-get_var( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_approved = 'spam'" ); - - -if ( 0 == $gotspam ) { - echo ''.__('You have no spam currently in the queue. Must be your lucky day. :)').'
'; - echo ''.__('You can delete all of the spam from your database with a single click. This operation cannot be undone, so you may wish to check to ensure that no legitimate comments got through first. Spam is automatically deleted after 15 days, so don’t sweat it.').'
'; -?> - - - - -$r
"; -?> - - - - - - - - - - -'.sprintf(__('Akismet has protected your site from %3$s spam comments.'), 'http://akismet.com/', clean_url("$link?page=akismet-admin"), number_format($count) ).'
'; +function akismet_add_comment_nonce( $post_id ) { + echo ''; } -add_action('activity_box_end', 'akismet_stats'); +$akismet_comment_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); +if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' ) + add_action( 'comment_form', 'akismet_add_comment_nonce' ); -if ( 'moderation.php' == $pagenow ) { - function akismet_recheck_button( $page ) { - global $submenu; - if ( isset( $submenu['edit-comments.php'] ) ) - $link = 'edit-comments.php'; - else - $link = 'edit.php'; - $button = "" . __('Recheck Queue for Spam') . ""; - $page = str_replace( '