<?php akismet_counter(); ?> in your template. See also: WP Stats plugin.
-Version: 2.4.0
+Plugin URI: http://akismet.com/?return=true
+Description: Used by millions, Akismet is quite possibly the best way in the world to protect your blog from comment and trackback spam. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) Sign up for an Akismet API key, and 3) Go to your Akismet configuration page, and save your API key.
+Version: 2.5.7
Author: Automattic
Author URI: http://automattic.com/wordpress-plugins/
-License: GPLv2
+License: GPLv2 or later
*/
/*
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; version 2 of the License.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-define('AKISMET_VERSION', '2.4.0');
+// Make sure we don't expose any info if called directly
+if ( !function_exists( 'add_action' ) ) {
+ echo 'Hi there! I\'m just a plugin, not much I can do when called directly.';
+ exit;
+}
+
+define('AKISMET_VERSION', '2.5.7');
+define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
/** If you hardcode a WP.com API key here, all key config screens will be hidden */
if ( defined('WPCOM_API_KEY') )
@@ -35,14 +43,13 @@ if ( defined('WPCOM_API_KEY') )
else
$wpcom_api_key = '';
-// Make sure we don't expose any info if called directly
-if ( !function_exists( 'add_action' ) ) {
- echo "Hi there! I'm just a plugin, not much I can do when called directly.";
- exit;
-}
+if ( isset($wp_db_version) && $wp_db_version <= 9872 )
+ include_once dirname( __FILE__ ) . '/legacy.php';
+
+include_once dirname( __FILE__ ) . '/widget.php';
-if ( $wp_db_version <= 9872 )
- include_once( dirname(__FILE__) . '/legacy.php' );
+if ( is_admin() )
+ require_once dirname( __FILE__ ) . '/admin.php';
function akismet_init() {
global $wpcom_api_key, $akismet_api_host, $akismet_api_port;
@@ -53,251 +60,9 @@ function akismet_init() {
$akismet_api_host = get_option('wordpress_api_key') . '.rest.akismet.com';
$akismet_api_port = 80;
- add_action('admin_menu', 'akismet_config_page');
- add_action('admin_menu', 'akismet_stats_page');
- akismet_admin_warnings();
}
add_action('init', 'akismet_init');
-function akismet_admin_init() {
- if ( function_exists( 'get_plugin_page_hook' ) )
- $hook = get_plugin_page_hook( 'akismet-stats-display', 'index.php' );
- else
- $hook = 'dashboard_page_akismet-stats-display';
- add_action('admin_head-'.$hook, 'akismet_stats_script');
-}
-add_action('admin_init', 'akismet_admin_init');
-
-if ( !function_exists('wp_nonce_field') ) {
- function akismet_nonce_field($action = -1) { return; }
- $akismet_nonce = -1;
-} else {
- function akismet_nonce_field($action = -1) { return wp_nonce_field($action); }
- $akismet_nonce = 'akismet-update-key';
-}
-
-if ( !function_exists('number_format_i18n') ) {
- function number_format_i18n( $number, $decimals = null ) { return number_format( $number, $decimals ); }
-}
-
-function akismet_config_page() {
- if ( function_exists('add_submenu_page') )
- add_submenu_page('plugins.php', __('Akismet Configuration'), __('Akismet Configuration'), 'manage_options', 'akismet-key-config', 'akismet_conf');
-
-}
-
-function akismet_conf() {
- global $akismet_nonce, $wpcom_api_key;
-
- if ( isset($_POST['submit']) ) {
- if ( function_exists('current_user_can') && !current_user_can('manage_options') )
- die(__('Cheatin’ uh?'));
-
- check_admin_referer( $akismet_nonce );
- $key = preg_replace( '/[^a-h0-9]/i', '', $_POST['key'] );
-
- if ( empty($key) ) {
- $key_status = 'empty';
- $ms[] = 'new_key_empty';
- delete_option('wordpress_api_key');
- } else {
- $key_status = akismet_verify_key( $key );
- }
-
- if ( $key_status == 'valid' ) {
- update_option('wordpress_api_key', $key);
- $ms[] = 'new_key_valid';
- } else if ( $key_status == 'invalid' ) {
- $ms[] = 'new_key_invalid';
- } else if ( $key_status == 'failed' ) {
- $ms[] = 'new_key_failed';
- }
-
- if ( isset( $_POST['akismet_discard_month'] ) )
- update_option( 'akismet_discard_month', 'true' );
- else
- update_option( 'akismet_discard_month', 'false' );
- } elseif ( isset($_POST['check']) ) {
- akismet_get_server_connectivity(0);
- }
-
- if ( empty( $key_status) || $key_status != 'valid' ) {
- $key = get_option('wordpress_api_key');
- if ( empty( $key ) ) {
- if ( empty( $key_status ) || $key_status != 'failed' ) {
- if ( akismet_verify_key( '1234567890ab' ) == 'failed' )
- $ms[] = 'no_connection';
- else
- $ms[] = 'key_empty';
- }
- $key_status = 'empty';
- } else {
- $key_status = akismet_verify_key( $key );
- }
- if ( $key_status == 'valid' ) {
- $ms[] = 'key_valid';
- } else if ( $key_status == 'invalid' ) {
- delete_option('wordpress_api_key');
- $ms[] = 'key_empty';
- } else if ( !empty($key) && $key_status == 'failed' ) {
- $ms[] = 'key_failed';
- }
- }
-
- $messages = array(
- 'new_key_empty' => array('color' => 'aa0', 'text' => __('Your key has been cleared.')),
- 'new_key_valid' => array('color' => '2d2', 'text' => __('Your key has been verified. Happy blogging!')),
- 'new_key_invalid' => array('color' => 'd22', 'text' => __('The key you entered is invalid. Please double-check it.')),
- 'new_key_failed' => array('color' => 'd22', 'text' => __('The key you entered could not be verified because a connection to akismet.com could not be established. Please check your server configuration.')),
- 'no_connection' => array('color' => 'd22', 'text' => __('There was a problem connecting to the Akismet server. Please check your server configuration.')),
- 'key_empty' => array('color' => 'aa0', 'text' => sprintf(__('Please enter an API key. (Get your key.)'), 'http://akismet.com/get/')),
- 'key_valid' => array('color' => '2d2', 'text' => __('This key is valid.')),
- 'key_failed' => array('color' => 'aa0', 'text' => __('The key below was previously validated but a connection to akismet.com can not be established at this time. Please check your server configuration.')));
-?>
-
-'.sprintf(__('Akismet has protected your site from %3$s spam comments.'), 'http://akismet.com/', clean_url("$link?page=akismet-admin"), number_format_i18n($count) ).'
'; -} -add_action('activity_box_end', 'akismet_stats'); - function akismet_get_key() { global $wpcom_api_key; if ( !empty($wpcom_api_key) ) @@ -305,119 +70,47 @@ function akismet_get_key() { return get_option('wordpress_api_key'); } -function akismet_verify_key( $key, $ip = null ) { +function akismet_check_key_status( $key, $ip = null ) { global $akismet_api_host, $akismet_api_port, $wpcom_api_key; $blog = urlencode( get_option('home') ); if ( $wpcom_api_key ) $key = $wpcom_api_key; $response = akismet_http_post("key=$key&blog=$blog", 'rest.akismet.com', '/1.1/verify-key', $akismet_api_port, $ip); - if ( !is_array($response) || !isset($response[1]) || $response[1] != 'valid' && $response[1] != 'invalid' ) - return 'failed'; - return $response[1]; + return $response; } -// Check connectivity between the WordPress blog and Akismet's servers. -// Returns an associative array of server IP addresses, where the key is the IP address, and value is true (available) or false (unable to connect). -function akismet_check_server_connectivity() { - global $akismet_api_host, $akismet_api_port, $wpcom_api_key; - - $test_host = 'rest.akismet.com'; - - // Some web hosts may disable one or both functions - if ( !function_exists('fsockopen') || !function_exists('gethostbynamel') ) - return array(); +// given a response from an API call like akismet_check_key_status(), update the alert code options if an alert is present. +function akismet_update_alert( $response ) { + $code = $msg = null; + if ( isset($response[0]['x-akismet-alert-code']) ) { + $code = $response[0]['x-akismet-alert-code']; + $msg = $response[0]['x-akismet-alert-msg']; + } - $ips = gethostbynamel($test_host); - if ( !$ips || !is_array($ips) || !count($ips) ) - return array(); - - $servers = array(); - foreach ( $ips as $ip ) { - $response = akismet_verify_key( akismet_get_key(), $ip ); - // even if the key is invalid, at least we know we have connectivity - if ( $response == 'valid' || $response == 'invalid' ) - $servers[$ip] = true; - else - $servers[$ip] = false; + // only call update_option() if the value has changed + if ( $code != get_option( 'akismet_alert_code' ) ) { + update_option( 'akismet_alert_code', $code ); + update_option( 'akismet_alert_msg', $msg ); } - - return $servers; } -// Check the server connectivity and store the results in an option. -// Cached results will be used if not older than the specified timeout in seconds; use $cache_timeout = 0 to force an update. -// Returns the same associative array as akismet_check_server_connectivity() -function akismet_get_server_connectivity( $cache_timeout = 86400 ) { - $servers = get_option('akismet_available_servers'); - if ( (time() - get_option('akismet_connectivity_time') < $cache_timeout) && $servers !== false ) - return $servers; - - // There's a race condition here but the effect is harmless. - $servers = akismet_check_server_connectivity(); - update_option('akismet_available_servers', $servers); - update_option('akismet_connectivity_time', time()); - return $servers; +function akismet_verify_key( $key, $ip = null ) { + $response = akismet_check_key_status( $key, $ip ); + akismet_update_alert( $response ); + if ( !is_array($response) || !isset($response[1]) || $response[1] != 'valid' && $response[1] != 'invalid' ) + return 'failed'; + return $response[1]; } -// Returns true if server connectivity was OK at the last check, false if there was a problem that needs to be fixed. -function akismet_server_connectivity_ok() { - // skip the check on WPMU because the status page is hidden - global $wpcom_api_key; - if ( $wpcom_api_key ) +// if we're in debug or test modes, use a reduced service level so as not to polute training or stats data +function akismet_test_mode() { + if ( defined('AKISMET_TEST_MODE') && AKISMET_TEST_MODE ) return true; - $servers = akismet_get_server_connectivity(); - return !( empty($servers) || !count($servers) || count( array_filter($servers) ) < count($servers) ); -} - -function akismet_admin_warnings() { - global $wpcom_api_key; - if ( !get_option('wordpress_api_key') && !$wpcom_api_key && !isset($_POST['submit']) ) { - function akismet_warning() { - echo " - - "; - } - add_action('admin_notices', 'akismet_warning'); - return; - } elseif ( get_option('akismet_connectivity_time') && empty($_POST) && is_admin() && !akismet_server_connectivity_ok() ) { - function akismet_warning() { - echo " - - "; - } - add_action('admin_notices', 'akismet_warning'); - return; - } -} - -function akismet_get_host($host) { - // if all servers are accessible, just return the host name. - // if not, return an IP that was known to be accessible at the last check. - if ( akismet_server_connectivity_ok() ) { - return $host; - } else { - $ips = akismet_get_server_connectivity(); - // a firewall may be blocking access to some Akismet IPs - if ( count($ips) > 0 && count(array_filter($ips)) < count($ips) ) { - // use DNS to get current IPs, but exclude any known to be unreachable - $dns = (array)gethostbynamel( rtrim($host, '.') . '.' ); - $dns = array_filter($dns); - foreach ( $dns as $ip ) { - if ( array_key_exists( $ip, $ips ) && empty( $ips[$ip] ) ) - unset($dns[$ip]); - } - // return a random IP from those available - if ( count($dns) ) - return $dns[ array_rand($dns) ]; - - } - } - // if all else fails try the host name - return $host; + return false; } // return a comma-separated list of role names for the given user -function akismet_get_user_roles($user_id ) { +function akismet_get_user_roles( $user_id ) { $roles = false; if ( !class_exists('WP_User') ) @@ -428,42 +121,78 @@ function akismet_get_user_roles($user_id ) { if ( isset($comment_user->roles) ) $roles = join(',', $comment_user->roles); } - + + if ( is_multisite() && is_super_admin( $user_id ) ) { + if ( empty( $roles ) ) { + $roles = 'super_admin'; + } else { + $comment_user->roles[] = 'super_admin'; + $roles = join( ',', $comment_user->roles ); + } + } + return $roles; } // Returns array with headers in $response[0] and body in $response[1] function akismet_http_post($request, $host, $path, $port = 80, $ip=null) { global $wp_version; - - $akismet_version = constant('AKISMET_VERSION'); - - $http_request = "POST $path HTTP/1.0\r\n"; - $http_request .= "Host: $host\r\n"; - $http_request .= "Content-Type: application/x-www-form-urlencoded; charset=" . get_option('blog_charset') . "\r\n"; - $http_request .= "Content-Length: " . strlen($request) . "\r\n"; - $http_request .= "User-Agent: WordPress/$wp_version | Akismet/$akismet_version\r\n"; - $http_request .= "\r\n"; - $http_request .= $request; - + + $akismet_ua = "WordPress/{$wp_version} | "; + $akismet_ua .= 'Akismet/' . constant( 'AKISMET_VERSION' ); + + $akismet_ua = apply_filters( 'akismet_ua', $akismet_ua ); + + $content_length = strlen( $request ); + $http_host = $host; - // use a specific IP if provided - needed by akismet_check_server_connectivity() - if ( $ip && long2ip(ip2long($ip)) ) { + // use a specific IP if provided + // needed by akismet_check_server_connectivity() + if ( $ip && long2ip( ip2long( $ip ) ) ) { $http_host = $ip; } else { - $http_host = akismet_get_host($host); + $http_host = $host; } - - $response = ''; - if( false != ( $fs = @fsockopen($http_host, $port, $errno, $errstr, 10) ) ) { - fwrite($fs, $http_request); - - while ( !feof($fs) ) - $response .= fgets($fs, 1160); // One TCP-IP packet - fclose($fs); - $response = explode("\r\n\r\n", $response, 2); + + // use the WP HTTP class if it is available + if ( function_exists( 'wp_remote_post' ) ) { + $http_args = array( + 'body' => $request, + 'headers' => array( + 'Content-Type' => 'application/x-www-form-urlencoded; ' . + 'charset=' . get_option( 'blog_charset' ), + 'Host' => $host, + 'User-Agent' => $akismet_ua + ), + 'httpversion' => '1.0', + 'timeout' => 15 + ); + $akismet_url = "http://{$http_host}{$path}"; + $response = wp_remote_post( $akismet_url, $http_args ); + if ( is_wp_error( $response ) ) + return ''; + + return array( $response['headers'], $response['body'] ); + } else { + $http_request = "POST $path HTTP/1.0\r\n"; + $http_request .= "Host: $host\r\n"; + $http_request .= 'Content-Type: application/x-www-form-urlencoded; charset=' . get_option('blog_charset') . "\r\n"; + $http_request .= "Content-Length: {$content_length}\r\n"; + $http_request .= "User-Agent: {$akismet_ua}\r\n"; + $http_request .= "\r\n"; + $http_request .= $request; + + $response = ''; + if( false != ( $fs = @fsockopen( $http_host, $port, $errno, $errstr, 10 ) ) ) { + fwrite( $fs, $http_request ); + + while ( !feof( $fs ) ) + $response .= fgets( $fs, 1160 ); // One TCP-IP packet + fclose( $fs ); + $response = explode( "\r\n\r\n", $response, 2 ); + } + return $response; } - return $response; } // filter handler used to return a spam result to pre_comment_approved @@ -471,36 +200,181 @@ function akismet_result_spam( $approved ) { // bump the counter here instead of when the filter is added to reduce the possibility of overcounting if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); + // this is a one-shot deal + remove_filter( 'pre_comment_approved', 'akismet_result_spam' ); return 'spam'; } +function akismet_result_hold( $approved ) { + // once only + remove_filter( 'pre_comment_approved', 'akismet_result_hold' ); + return '0'; +} + +// how many approved comments does this author have? +function akismet_get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { + global $wpdb; + + if ( !empty($user_id) ) + return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE user_id = %d AND comment_approved = 1", $user_id ) ); + + if ( !empty($comment_author_email) ) + return $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM $wpdb->comments WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); + + return 0; +} + +function akismet_microtime() { + $mtime = explode( ' ', microtime() ); + return $mtime[1] + $mtime[0]; +} + +// log an event for a given comment, storing it in comment_meta +function akismet_update_comment_history( $comment_id, $message, $event=null ) { + global $current_user; + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $user = ''; + if ( is_object($current_user) && isset($current_user->user_login) ) + $user = $current_user->user_login; + + $event = array( + 'time' => akismet_microtime(), + 'message' => $message, + 'event' => $event, + 'user' => $user, + ); + + // $unique = false so as to allow multiple values per comment + $r = add_comment_meta( $comment_id, 'akismet_history', $event, false ); +} + +// get the full comment history for a given comment, as an array in reverse chronological order +function akismet_get_comment_history( $comment_id ) { + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $history = get_comment_meta( $comment_id, 'akismet_history', false ); + usort( $history, 'akismet_cmp_time' ); + return $history; +} + +function akismet_cmp_time( $a, $b ) { + return $a['time'] > $b['time'] ? -1 : 1; +} + +// this fires on wp_insert_comment. we can't update comment_meta when akismet_auto_check_comment() runs +// because we don't know the comment ID at that point. +function akismet_auto_check_update_meta( $id, $comment ) { + global $akismet_last_comment; + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + if ( !isset( $akismet_last_comment['comment_author_email'] ) ) + $akismet_last_comment['comment_author_email'] = ''; + + // wp_insert_comment() might be called in other contexts, so make sure this is the same comment + // as was checked by akismet_auto_check_comment + if ( is_object($comment) && !empty($akismet_last_comment) && is_array($akismet_last_comment) ) { + if ( isset($akismet_last_comment['comment_post_ID']) && intval($akismet_last_comment['comment_post_ID']) == intval($comment->comment_post_ID) + && $akismet_last_comment['comment_author'] == $comment->comment_author + && $akismet_last_comment['comment_author_email'] == $comment->comment_author_email ) { + // normal result: true or false + if ( $akismet_last_comment['akismet_result'] == 'true' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' ); + akismet_update_comment_history( $comment->comment_ID, __('Akismet caught this comment as spam'), 'check-spam' ); + if ( $comment->comment_approved != 'spam' ) + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed'.$comment->comment_approved ); + } elseif ( $akismet_last_comment['akismet_result'] == 'false' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' ); + akismet_update_comment_history( $comment->comment_ID, __('Akismet cleared this comment'), 'check-ham' ); + if ( $comment->comment_approved == 'spam' ) { + if ( wp_blacklist_check($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent) ) + akismet_update_comment_history( $comment->comment_ID, __('Comment was caught by wp_blacklist_check'), 'wp-blacklisted' ); + else + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Comment status was changed to %s'), $comment->comment_approved), 'status-changed-'.$comment->comment_approved ); + } + // abnormal result: error + } else { + update_comment_meta( $comment->comment_ID, 'akismet_error', time() ); + akismet_update_comment_history( $comment->comment_ID, sprintf( __('Akismet was unable to check this comment (response: %s), will automatically retry again later.'), substr($akismet_last_comment['akismet_result'], 0, 50)), 'check-error' ); + } + + // record the complete original data as submitted for checking + if ( isset($akismet_last_comment['comment_as_submitted']) ) + update_comment_meta( $comment->comment_ID, 'akismet_as_submitted', $akismet_last_comment['comment_as_submitted'] ); + } + } +} + +add_action( 'wp_insert_comment', 'akismet_auto_check_update_meta', 10, 2 ); + + function akismet_auto_check_comment( $commentdata ) { - global $akismet_api_host, $akismet_api_port; + global $akismet_api_host, $akismet_api_port, $akismet_last_comment; $comment = $commentdata; $comment['user_ip'] = $_SERVER['REMOTE_ADDR']; - $comment['user_agent'] = $_SERVER['HTTP_USER_AGENT']; - $comment['referrer'] = $_SERVER['HTTP_REFERER']; + $comment['user_agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null; + $comment['referrer'] = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null; $comment['blog'] = get_option('home'); $comment['blog_lang'] = get_locale(); $comment['blog_charset'] = get_option('blog_charset'); $comment['permalink'] = get_permalink($comment['comment_post_ID']); - $comment['user_role'] = akismet_get_user_roles($comment['user_ID']); + if ( !empty( $comment['user_ID'] ) ) { + $comment['user_role'] = akismet_get_user_roles( $comment['user_ID'] ); + } + + $akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); + $comment['akismet_comment_nonce'] = 'inactive'; + if ( $akismet_nonce_option == 'true' || $akismet_nonce_option == '' ) { + $comment['akismet_comment_nonce'] = 'failed'; + if ( isset( $_POST['akismet_comment_nonce'] ) && wp_verify_nonce( $_POST['akismet_comment_nonce'], 'akismet_comment_nonce_' . $comment['comment_post_ID'] ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + // comment reply in wp-admin + if ( isset( $_POST['_ajax_nonce-replyto-comment'] ) && check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + } + + if ( akismet_test_mode() ) + $comment['is_test'] = 'true'; + + foreach ($_POST as $key => $value ) { + if ( is_string($value) ) + $comment["POST_{$key}"] = $value; + } $ignore = array( 'HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW' ); - foreach ( $_SERVER as $key => $value ) + foreach ( $_SERVER as $key => $value ) { if ( !in_array( $key, $ignore ) && is_string($value) ) $comment["$key"] = $value; else $comment["$key"] = ''; + } + + $post = get_post( $comment['comment_post_ID'] ); + $comment[ 'comment_post_modified_gmt' ] = $post->post_modified_gmt; $query_string = ''; foreach ( $comment as $key => $data ) $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; + + $commentdata['comment_as_submitted'] = $comment; $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port); + do_action( 'akismet_comment_check_response', $response ); + akismet_update_alert( $response ); $commentdata['akismet_result'] = $response[1]; if ( 'true' == $response[1] ) { // akismet_spam_count will be incremented later by akismet_result_spam() @@ -508,7 +382,6 @@ function akismet_auto_check_comment( $commentdata ) { do_action( 'akismet_spam_caught' ); - $post = get_post( $comment['comment_post_ID'] ); $last_updated = strtotime( $post->post_modified_gmt ); $diff = time() - $last_updated; $diff = $diff / 86400; @@ -517,7 +390,19 @@ function akismet_auto_check_comment( $commentdata ) { // akismet_result_spam() won't be called so bump the counter here if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); - die; + $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : get_permalink( $post ); + wp_safe_redirect( $redirect_to ); + die(); + } + } + + // if the response is neither true nor false, hold the comment for moderation and schedule a recheck + if ( 'true' != $response[1] && 'false' != $response[1] ) { + if ( !current_user_can('moderate_comments') ) { + add_filter('pre_comment_approved', 'akismet_result_hold'); + } + if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); } } @@ -529,361 +414,200 @@ function akismet_auto_check_comment( $commentdata ) { // WP 2.0: run this one time in ten akismet_delete_old(); } + $akismet_last_comment = $commentdata; + + akismet_fix_scheduled_recheck(); return $commentdata; } +add_action('preprocess_comment', 'akismet_auto_check_comment', 1); + function akismet_delete_old() { global $wpdb; $now_gmt = current_time('mysql', 1); $comment_ids = $wpdb->get_col("SELECT comment_id FROM $wpdb->comments WHERE DATE_SUB('$now_gmt', INTERVAL 15 DAY) > comment_date_gmt AND comment_approved = 'spam'"); if ( empty( $comment_ids ) ) return; + + $comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) ); do_action( 'delete_comment', $comment_ids ); - $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_id IN ( " . implode( ', ', $comment_ids ) . " )"); + $wpdb->query("DELETE FROM $wpdb->comments WHERE comment_id IN ( $comma_comment_ids )"); + $wpdb->query("DELETE FROM $wpdb->commentmeta WHERE comment_id IN ( $comma_comment_ids )"); + clean_comment_cache( $comment_ids ); $n = mt_rand(1, 5000); if ( apply_filters('akismet_optimize_table', ($n == 11)) ) // lucky number $wpdb->query("OPTIMIZE TABLE $wpdb->comments"); } -add_action('akismet_scheduled_delete', 'akismet_delete_old'); +function akismet_delete_old_metadata() { + global $wpdb; -function akismet_submit_nonspam_comment ( $comment_id ) { - global $wpdb, $akismet_api_host, $akismet_api_port, $current_user, $current_site; - $comment_id = (int) $comment_id; + $now_gmt = current_time( 'mysql', 1 ); + $interval = apply_filters( 'akismet_delete_commentmeta_interval', 15 ); - $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_id'"); - if ( !$comment ) // it was deleted + # enfore a minimum of 1 day + $interval = absint( $interval ); + if ( $interval < 1 ) { return; - $comment->blog = get_option('home'); - $comment->blog_lang = get_locale(); - $comment->blog_charset = get_option('blog_charset'); - $comment->permalink = get_permalink($comment->comment_post_ID); - if ( is_object($current_user) ) { - $comment->reporter = $current_user->user_login; } - if ( is_object($current_site) ) { - $comment->site_domain = $current_site->domain; - } - - $comment->user_role = ''; - if ( isset( $comment->user_ID ) ) - $comment->user_role = akismet_get_user_roles($comment->user_ID); - - $query_string = ''; - foreach ( $comment as $key => $data ) - $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; - $response = akismet_http_post($query_string, $akismet_api_host, "/1.1/submit-ham", $akismet_api_port); - do_action('akismet_submit_nonspam_comment', $comment_id, $response[1]); -} + // akismet_as_submitted meta values are large, so expire them + // after $interval days regardless of the comment status + while ( TRUE ) { + $comment_ids = $wpdb->get_col( "SELECT $wpdb->comments.comment_id FROM $wpdb->commentmeta INNER JOIN $wpdb->comments USING(comment_id) WHERE meta_key = 'akismet_as_submitted' AND DATE_SUB('$now_gmt', INTERVAL {$interval} DAY) > comment_date_gmt LIMIT 10000" ); -function akismet_submit_spam_comment ( $comment_id ) { - global $wpdb, $akismet_api_host, $akismet_api_port, $current_user, $current_site; - $comment_id = (int) $comment_id; + if ( empty( $comment_ids ) ) { + return; + } - $comment = $wpdb->get_row("SELECT * FROM $wpdb->comments WHERE comment_ID = '$comment_id'"); - if ( !$comment ) // it was deleted - return; - if ( 'spam' != $comment->comment_approved ) - return; - $comment->blog = get_option('home'); - $comment->blog_lang = get_locale(); - $comment->blog_charset = get_option('blog_charset'); - $comment->permalink = get_permalink($comment->comment_post_ID); - if ( is_object($current_user) ) { - $comment->reporter = $current_user->user_login; + foreach ( $comment_ids as $comment_id ) { + delete_comment_meta( $comment_id, 'akismet_as_submitted' ); + } } - if ( is_object($current_site) ) { - $comment->site_domain = $current_site->domain; + + /* + $n = mt_rand( 1, 5000 ); + if ( apply_filters( 'akismet_optimize_table', ( $n == 11 ), 'commentmeta' ) ) { // lucky number + $wpdb->query( "OPTIMIZE TABLE $wpdb->commentmeta" ); } + */ +} - $comment->user_role = ''; - if ( !isset( $comment->user_id ) ) - $comment->user_role = akismet_get_user_roles($comment->user_ID); +add_action('akismet_scheduled_delete', 'akismet_delete_old'); +add_action('akismet_scheduled_delete', 'akismet_delete_old_metadata'); - $query_string = ''; - foreach ( $comment as $key => $data ) - $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; +function akismet_check_db_comment( $id, $recheck_reason = 'recheck_queue' ) { + global $wpdb, $akismet_api_host, $akismet_api_port; - $response = akismet_http_post($query_string, $akismet_api_host, "/1.1/submit-spam", $akismet_api_port); - do_action('akismet_submit_spam_comment', $comment_id, $response[1]); -} + $id = (int) $id; + $c = $wpdb->get_row( "SELECT * FROM $wpdb->comments WHERE comment_ID = '$id'", ARRAY_A ); + if ( !$c ) + return; -add_action('preprocess_comment', 'akismet_auto_check_comment', 1); + $c['user_ip'] = $c['comment_author_IP']; + $c['user_agent'] = $c['comment_agent']; + $c['referrer'] = ''; + $c['blog'] = get_option('home'); + $c['blog_lang'] = get_locale(); + $c['blog_charset'] = get_option('blog_charset'); + $c['permalink'] = get_permalink($c['comment_post_ID']); + $id = $c['comment_ID']; + if ( akismet_test_mode() ) + $c['is_test'] = 'true'; + $c['recheck_reason'] = $recheck_reason; -// For old versions of WP only -function akismet_set_comment_status( $comment_id, $status ) { - if ( $status == 'spam' ) { - akismet_submit_spam_comment( $comment_id ); - } elseif ( $status == 'approve' ) { - akismet_submit_nonspam_comment( $comment_id ); - } -} + $query_string = ''; + foreach ( $c as $key => $data ) + $query_string .= $key . '=' . urlencode( stripslashes($data) ) . '&'; -// For WP 2.7+ -function akismet_transition_comment_status( $new_status, $old_status, $comment ) { - if ( $new_status == $old_status ) - return; - - if ( $new_status == 'spam' ) { - akismet_submit_spam_comment( $comment->comment_ID ); - } elseif ( $old_status == 'spam' && ( $new_status == 'approved' || $new_status == 'unapproved' ) ) { - akismet_submit_nonspam_comment( $comment->comment_ID ); - } + $response = akismet_http_post($query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port); + return ( is_array( $response ) && isset( $response[1] ) ) ? $response[1] : false; } -function akismet_spamtoham( $comment ) { akismet_submit_nonspam_comment( $comment->comment_ID ); } - -if ( function_exists( 'wp_transition_comment_status' ) ) { - add_action( 'transition_comment_status', 'akismet_transition_comment_status', 10, 3 ); -} else { - add_action('wp_set_comment_status', 'akismet_set_comment_status', 10, 2); - add_action('edit_comment', 'akismet_submit_spam_comment'); - add_filter( 'comment_spam_to_approved', 'akismet_spamtoham' ); - add_filter( 'comment_spam_to_unapproved', 'akismet_spamtoham' ); -} -// Total spam in queue -// get_option( 'akismet_spam_count' ) is the total caught ever -function akismet_spam_count( $type = false ) { +function akismet_cron_recheck() { global $wpdb; - if ( !$type ) { // total - $count = wp_cache_get( 'akismet_spam_count', 'widget' ); - if ( false === $count ) { - if ( function_exists('wp_count_comments') ) { - $count = wp_count_comments(); - $count = $count->spam; - } else { - $count = (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_approved = 'spam'"); + $status = akismet_verify_key( akismet_get_key() ); + if ( get_option( 'akismet_alert_code' ) || $status == 'invalid' ) { + // since there is currently a problem with the key, reschedule a check for 6 hours hence + wp_schedule_single_event( time() + 21600, 'akismet_schedule_cron_recheck' ); + return false; + } + + delete_option('akismet_available_servers'); + + $comment_errors = $wpdb->get_col( " + SELECT comment_id + FROM {$wpdb->prefix}commentmeta + WHERE meta_key = 'akismet_error' + LIMIT 100 + " ); + + foreach ( (array) $comment_errors as $comment_id ) { + // if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck + $comment = get_comment( $comment_id ); + if ( !$comment || strtotime( $comment->comment_date_gmt ) < strtotime( "-15 days" ) ) { + delete_comment_meta( $comment_id, 'akismet_error' ); + continue; + } + + add_comment_meta( $comment_id, 'akismet_rechecking', true ); + $status = akismet_check_db_comment( $comment_id, 'retry' ); + + $msg = ''; + if ( $status == 'true' ) { + $msg = __( 'Akismet caught this comment as spam during an automatic retry.' ); + } elseif ( $status == 'false' ) { + $msg = __( 'Akismet cleared this comment during an automatic retry.' ); + } + + // If we got back a legit response then update the comment history + // other wise just bail now and try again later. No point in + // re-trying all the comments once we hit one failure. + if ( !empty( $msg ) ) { + delete_comment_meta( $comment_id, 'akismet_error' ); + akismet_update_comment_history( $comment_id, $msg, 'cron-retry' ); + update_comment_meta( $comment_id, 'akismet_result', $status ); + // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. + $comment = get_comment( $comment_id ); + if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) { + if ( $status == 'true' ) { + wp_spam_comment( $comment_id ); + } elseif ( $status == 'false' ) { + // comment is good, but it's still in the pending queue. depending on the moderation settings + // we may need to change it to approved. + if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) ) + wp_set_comment_status( $comment_id, 1 ); + } } - wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 ); + } else { + delete_comment_meta( $comment_id, 'akismet_rechecking' ); + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); + return; } - return $count; - } elseif ( 'comments' == $type || 'comment' == $type ) { // comments - $type = ''; - } else { // pingback, trackback, ... - $type = $wpdb->escape( $type ); - } - - return (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments WHERE comment_approved = 'spam' AND comment_type='$type'"); -} - - -// WP 2.5+ -function akismet_rightnow() { - global $submenu, $wp_db_version; - - // clean_url was deprecated in WP 3.0 - $esc_url = 'clean_url'; - if ( function_exists( 'esc_url' ) ) - $esc_url = 'esc_url'; - - if ( 8645 < $wp_db_version ) // 2.7 - $link = 'edit-comments.php?comment_status=spam'; - elseif ( isset( $submenu['edit-comments.php'] ) ) - $link = 'edit-comments.php?page=akismet-admin'; - else - $link = 'edit.php?page=akismet-admin'; - - if ( $count = get_option('akismet_spam_count') ) { - $intro = sprintf( __ngettext( - 'Akismet has protected your site from %2$s spam comment already,', - 'Akismet has protected your site from %2$s spam comments already,', - $count - ), 'http://akismet.com/', number_format_i18n( $count ) ); - } else { - $intro = sprintf( __('Akismet blocks spam from getting to your blog,'), 'http://akismet.com/' ); + delete_comment_meta( $comment_id, 'akismet_rechecking' ); } - - if ( $queue_count = akismet_spam_count() ) { - $queue_text = sprintf( __ngettext( - 'and there\'s %1$s comment in your spam queue right now.', - 'and there are %1$s comments in your spam queue right now.', - $queue_count - ), number_format_i18n( $queue_count ), clean_url($link) ); - } else { - $queue_text = sprintf( __( "but there's nothing in your spam queue at the moment." ), $esc_url($link) ); + + $remaining = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->commentmeta WHERE meta_key = 'akismet_error'" ); + if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) { + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); } - - // _c was deprecated in WP 2.9.0 - if ( function_exists( '_x' ) ) - $text = sprintf( _x( '%1$s %2$s', 'akismet_rightnow' ), $intro, $queue_text ); - else - $text = sprintf( _c( '%1$s %2$s|akismet_rightnow' ), $intro, $queue_text ); - - echo "\n"; } - -add_action('rightnow_end', 'akismet_rightnow'); - +add_action( 'akismet_schedule_cron_recheck', 'akismet_cron_recheck' ); -// For WP >= 2.5 -function akismet_check_for_spam_button($comment_status) { - if ( 'approved' == $comment_status ) - return; - if ( function_exists('plugins_url') ) - $link = 'admin.php?action=akismet_recheck_queue'; - else - $link = 'edit-comments.php?page=akismet-admin&recheckqueue=true&noheader=true'; - echo "