[wp-hackers] Proposed patch for spam problem
David Clark
david at davidsaccess.com
Mon Nov 1 17:51:42 UTC 2004
Hi,
My friend and I have been dealing with the outrageous spam guy
discussed at
http://wordpress.org/support/?
action=vthread&forum=3&topic=13443&page=1.
After digging into it, I found an inconsistency (at least in 1.2) that
he was exploiting.
The code for check_comment only checked for the existence of http in
the comment entered. The problem is that apply_filters() is able to
detect things without http as links and render them appropriately when
displaying the comment.
my solution is to change that check to:
if ( (count(explode('href', apply_filters('comment_text', $comment)))
- 1) >= get_settings('comment_max_links') )
return false; // Check # of external links
is there a downside to this approach?
dc
More information about the hackers
mailing list