mail-based comment authorisation for spamblock plugin
This commit is contained in:
@@ -116,4 +116,8 @@
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Soll die IP des Senders bei Trackbacks/Pingbacks mit der IP des Hosts übereinstimmen, auf den der Kommentar gesetzt werden soll? (EMPFOHLEN!)');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP Validierung : %s [%s] != Sender IP [%s]');
|
||||
|
||||
?>
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'Falls deaktiviert wird keine E-Mail-Prüfung ausgeführt. Falls auf "Ja" gesetzt wird eine E-Mail-Adresse auf syntaktische Korrektheit geprüft. "Immer bestätigen" bedeutet, dass ein Kommentator seine Kommentare jedesmal per E-Mail bestätigen muss. "Einmal bestätigen" heißt, dass er beim ersten Kommentare seine Identität bestätigt, und danach immer ohne weitere Moderation kommentieren darf.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Einmal bestätigen');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Immer bestätigen');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'Sie erhalten nun eine E-Mail-Benachrichtigung, mit der Sie ihren Kommentar freischalten können.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'Um einen Kommentar hinterlassen zu können, erhalten Sie nach dem Kommentieren eine E-Mail mit Aktivierungslink an ihre angegebene Adresse.');
|
||||
|
||||
@@ -116,4 +116,8 @@
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Soll die IP des Senders bei Trackbacks/Pingbacks mit der IP des Hosts übereinstimmen, auf den der Kommentar gesetzt werden soll? (EMPFOHLEN!)');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP Validierung : %s [%s] != Sender IP [%s]');
|
||||
|
||||
?>
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'Falls deaktiviert wird keine E-Mail-Prüfung ausgeführt. Falls auf "Ja" gesetzt wird eine E-Mail-Adresse auf syntaktische Korrektheit geprüft. "Immer bestätigen" bedeutet, dass ein Kommentator seine Kommentare jedesmal per E-Mail bestätigen muss. "Einmal bestätigen" heißt, dass er beim ersten Kommentare seine Identität bestätigt, und danach immer ohne weitere Moderation kommentieren darf.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Einmal bestätigen');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Immer bestätigen');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'Sie erhalten nun eine E-Mail-Benachrichtigung, mit der Sie ihren Kommentar freischalten können.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'Um einen Kommentar hinterlassen zu können, erhalten Sie nach dem Kommentieren eine E-Mail mit Aktivierungslink an ihre angegebene Adresse.');
|
||||
|
||||
@@ -128,4 +128,8 @@
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_TRACKBACKIPVALIDATION_DESC', 'Should the IP of the sender match the IP of the host, a trackback/pingback is set to? (RECOMMENDED!)');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION', 'IP validation: %s [%s] != sender ip [%s]');
|
||||
|
||||
?>
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC', 'If disabled, no email checking will be performed. If set to "Yes", the commenting user must supply a valid e-mail address. If set to "Confirm always", the commenting user will need to approve his comments always via email (by clicking a mailed link). If set to "Confirm once", the user has to confirm his comment once and will then always be allowed to pass comment moderation.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE', 'Confirm once');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS', 'Confirm always');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL', 'You will now receive an email notification with which you can approve your comment.');
|
||||
@define('PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO', 'To leave a comment you must approve it via e-mail, which will be sent to your address after submission.');
|
||||
|
||||
@@ -157,10 +157,15 @@ var $filter_defaults;
|
||||
break;
|
||||
|
||||
case 'checkmail':
|
||||
$propbag->add('type', 'boolean');
|
||||
$propbag->add('type', 'radio');
|
||||
$propbag->add('name', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL);
|
||||
$propbag->add('description', '');
|
||||
$propbag->add('default', false);
|
||||
$propbag->add('description', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_DESC);
|
||||
$propbag->add('default', 'false');
|
||||
$propbag->add('radio', array(
|
||||
'value' => array('false', 'true', 'verify_once', 'verify_always'),
|
||||
'desc' => array(NO, YES, PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ONCE, PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_ALWAYS)
|
||||
));
|
||||
$propbag->add('radio_per_row', '1');
|
||||
break;
|
||||
|
||||
case 'required_fields':
|
||||
@@ -735,6 +740,7 @@ var $filter_defaults;
|
||||
$serendipity['csuccess'] = 'true';
|
||||
$logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
|
||||
$required_fields = $this->get_config('required_fields', '');
|
||||
$checkmail = $this->get_config('checkmail');
|
||||
|
||||
// Check CSRF [comments only, cannot be applied to trackbacks]
|
||||
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('csrf', true))) {
|
||||
@@ -758,7 +764,7 @@ var $filter_defaults;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
if ($addData['type'] != 'NORMAL' && empty($addData['name'])) {
|
||||
$eventData = array('allow_coments' => false);
|
||||
@@ -772,6 +778,26 @@ var $filter_defaults;
|
||||
return true;
|
||||
}
|
||||
|
||||
// Check if the user has verified himself via email already.
|
||||
if ($addData['type'] == 'NORMAL' && (string)$checkmail === 'verify_once') {
|
||||
$auth = serendipity_db_query("SELECT *
|
||||
FROM {$serendipity['dbPrefix']}options
|
||||
WHERE okey = 'mail_confirm'
|
||||
AND name = '" . serendipity_db_escape_string($addData['email']) . "'
|
||||
AND value = '" . serendipity_db_escape_string($addData['name']) . "'", true);
|
||||
if (!is_array($auth)) {
|
||||
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
|
||||
$eventData['moderate_comments'] = true;
|
||||
$eventData['status'] = 'confirm1';
|
||||
$serendipity['csuccess'] = 'moderate';
|
||||
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
|
||||
return false;
|
||||
} else {
|
||||
// User is allowed to post message, bypassing other checks as if he were logged in.
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
// Check if entry title is the same as comment body
|
||||
if (serendipity_db_bool($this->get_config('entrytitle')) && trim($eventData['title']) == trim($addData['comment'])) {
|
||||
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TITLE, $addData);
|
||||
@@ -1103,6 +1129,15 @@ var $filter_defaults;
|
||||
}
|
||||
}
|
||||
|
||||
if ($addData['type'] == 'NORMAL' && (string)$checkmail === 'verify_always') {
|
||||
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
|
||||
$eventData['moderate_comments'] = true;
|
||||
$eventData['status'] = 'confirm';
|
||||
$serendipity['csuccess'] = 'moderate';
|
||||
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check invalid email
|
||||
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('checkmail', false))) {
|
||||
if (!empty($addData['email']) && strstr($addData['email'], '@') === false) {
|
||||
@@ -1125,6 +1160,10 @@ var $filter_defaults;
|
||||
if (serendipity_db_bool($this->get_config('hide_email', false))) {
|
||||
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_HIDE_EMAIL_NOTICE . '</div>';
|
||||
}
|
||||
|
||||
if ((string)$this->get_config('checkmail') === 'verify_always' || (string)$this->get_config('checkmail') === 'verify_once') {
|
||||
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO . '</div>';
|
||||
}
|
||||
|
||||
if (serendipity_db_bool($this->get_config('csrf', true))) {
|
||||
echo serendipity_setFormToken('form');
|
||||
|
||||
Reference in New Issue
Block a user