[geeklog-cvs] geeklog-1.3/public_html comment.php,1.54,1.54.2.1

dhaun at iowaoutdoors.org dhaun at iowaoutdoors.org
Mon May 31 06:47:53 EDT 2004 

Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv13549

Modified Files:
      Tag: geeklog_1_3_9_1
	comment.php 
Log Message:
Fix for the anonymous comment spamming even if comments for anonymous users were switched off. Also added an additional check for the comment speed limit.


Index: comment.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/comment.php,v
retrieving revision 1.54
retrieving revision 1.54.2.1
diff -C2 -d -r1.54 -r1.54.2.1
*** comment.php	2 Mar 2004 08:20:07 -0000	1.54
--- comment.php	31 May 2004 10:47:51 -0000	1.54.2.1
***************
*** 242,254 ****
      $retval = '';
  
      if (empty ($sid) || empty ($title) || empty ($comment) || empty ($type) ||
!             ($uid < 1) || (($uid != $_USER['uid']) &&
!             !empty ($_USER['username'])) || (empty ($_USER['username'])
!             && (($_CONF['loginrequired'] == 1) ||
!            ($_CONF['commentsloginrequired'] == 1)))) {
          $retval .= COM_refresh ($_CONF['site_url'] . '/index.php');
          return $retval;
      }
  
      // Clean 'em up a bit!
      if ($postmode == 'html') {
--- 242,271 ----
      $retval = '';
  
+     // ignore $uid as it may be manipulated anyway
+     if (empty ($_USER['uid'])) {
+         $uid = 1;
+     } else {
+         $uid = $_USER['uid'];
+     }
+ 
      if (empty ($sid) || empty ($title) || empty ($comment) || empty ($type) ||
!             (($uid == 1) && (($_CONF['loginrequired'] == 1) ||
!                 ($_CONF['commentsloginrequired'] == 1)))) {
          $retval .= COM_refresh ($_CONF['site_url'] . '/index.php');
          return $retval;
      }
  
+     // Check for people breaking the speed limit
+     COM_clearSpeedlimit ($_CONF['commentspeedlimit'], 'comment');
+     $last = COM_checkSpeedlimit ('comment');
+     if ($last > 0) {
+         $retval .= COM_startBlock ($LANG12[26], '', COM_getBlockTemplate ('_msg_block', 'header'))
+                 . $LANG03[7]
+                 . $last
+                 . $LANG03[8]
+                 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
+         return $retval;
+     }
+ 
      // Clean 'em up a bit!
      if ($postmode == 'html') {

More information about the geeklog-cvs mailing list