ID * strlen(ABSPATH); } /* This adds a random hidden field to the form */ function hashcash_add_hidden_tag($page) { global $posts, $single; if ($single){ $field_id = hashcash_random_string(rand(6,18)); $field_name = hashcash_random_string(rand(6,18)); $form_action = hashcash_random_string(rand(6,18)); // Write in hidden field $page = str_replace(' ', '', $page); } return $page; } function hashcash_call_stopgap() { ob_start('hashcash_add_hidden_tag'); } add_action('wp_head', 'hashcash_call_stopgap'); function write_comment_log($comment){ if ( !HASHCASH_DEBUG || !function_exists('fopen') || !function_exists('fclose') || !function_exists('fwrite') ) return; /* Information to write to log */ $user = array(); $user[] = date("F j, Y, g:i a"); $user[] = $_SERVER['REMOTE_ADDR']; $user[] = $_SERVER['HTTP_USER_AGENT']; $user[] = $_SERVER['HTTP_REFERER']; $user[] = $_POST['author']; $user[] = $_POST['email']; $user[] = $_POST['url']; $user[] = preg_replace('/[\n\r]+/','
', $comment); $user[] = $_POST['comment_post_ID']; /* Open the file */ $path = ABSPATH . "wp-content/plugins/wp-hashcash.log"; $file = fopen($path, 'a'); if(!$file){ die("File \"$path\" failed to open"); } else{ $msg = ''; for($i = 0; $i < count($user); $i++){ $msg .= $user[$i] . "\n"; } $status = fwrite($file, $msg); fclose($file); if(!status){ die("Spam-log write failed..."); } } /* If we're here, the file exists. Check size, email every 64kb */ if(filesize($path) > HASHCASH_LOG_SIZE){ $header = "

Spam Report:

"; $footer = ""; $temp = file($path); if(!$temp){ die("Unable to open $path for email report..."); } else{ // Process log $log = $header; $i = false; // Get some statistics $count = count($temp) / 9; $log .= "

There were $count spam...

"; // Table $log .= ""; for($j = 0; $j < count($temp); $j++){ if($i){ $log .= ''; } else{ $log .= ''; } $log .= ""; $log .= ""; $i = !$i; } $log .= "

"; $log .= $temp[$j]; $j++; $log .= "

"; $log .= "IP: $temp[$j]
"; $j++; $log .= "User-Agent: $temp[$j]
"; $j++; $log .= "Referer: $temp[$j]
"; $j++; $log .= "Author: $temp[$j]
"; $j++; $log .= "Email: $temp[$j]
"; $j++; $log .= "URL: $temp[$j]
"; $j++; $log .= "
"; $log .= $temp[$j]; $j++; $log .= "

"; $log .= "on post " . $temp[$j] . ""; $log .= "

"; $log .="

"; // Footer $log .= $footer; // Send email $headers = "Content-type: text/html; charset=" . get_settings('blog_charset') . "\r\n"; @mail(get_settings('admin_email'), "Spam report for " . get_settings('blogname'), $log, $headers); // Clear file $file = fopen($path, 'w'); if(!file){ die("Unable to truncate old log file"); } else{ fclose($file); } } } } function hashcash_check_hidden_tag($comment) { // Our special codes, fixed to check the previous hour $special = array(); $special[] = md5($_SERVER['REMOTE_ADDR'] . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a")); $special[] = md5($_SERVER['REMOTE_ADDR'] . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a", time()-(60*60))); $special[] = md5(session_id() . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a")); $special[] = md5(session_id() . ABSPATH . $_SERVER['HTTP_USER_AGENT'] . date("F j, Y, g a", time()-(60*60))); foreach($special as $val){ if($_POST[md5($val)] == ($_POST['comment_post_ID'] * strlen(ABSPATH) )){ return $comment; } } if(HASHCASH_DEBUG){ write_comment_log($comment); } die(); } add_filter('post_comment_text', 'hashcash_check_hidden_tag'); ?>