[geeklog-cvs] geeklog: Avoid triggering a false spam report when submitting an...

Sun Aug 2 13:49:58 EDT 2009

details:   http://project.geeklog.net/cgi-bin/hgweb.cgi/rev/e4e3e849bff8
changeset: 7217:e4e3e849bff8
user:      Dirk Haun <dirk at haun-online.de>
date:      Sun Aug 02 19:31:01 2009 +0200
description:
Avoid triggering a false spam report when submitting an event with the default "http://" entry for the link still in place (bug #0000946)

diffstat:

 plugins/calendar/functions.inc |  28 ++++++++++++++++++----------
 public_html/docs/history       |   5 +++++
 2 files changed, 23 insertions(+), 10 deletions(-)

diffs (63 lines):

diff -r c63444adf474 -r e4e3e849bff8 plugins/calendar/functions.inc

--- a/plugins/calendar/functions.inc	Sat Aug 01 21:39:34 2009 +0200
+++ b/plugins/calendar/functions.inc	Sun Aug 02 19:31:01 2009 +0200
@@ -471,15 +471,26 @@
     $A['description'] = (isset($A['description']) ? $A['description'] : '');
     $A['event_type']  = (isset($A['event_type']) ? $A['event_type'] : '');
 
+    if ($A['url'] == 'http://') {
+        // remove default entry now to avoid false spam reports
+        $A['url'] = '';
+    }
+
     // pseudo-formatted event description for the spam check
-    $spamcheck = COM_createLink($A['title'], $A['url']) . '<br' . XHTML . '>'
-               . $A['location'] . '<br' . XHTML . '>' . $A['address1'] . '<br' . XHTML . '>'
-               . $A['address2'] . '<br' . XHTML . '>' . $A['city'] . ', ' . $A['zipcode']
+    $spamcheck = '';
+    if (empty($A['url'])) {
+        $spamcheck .= $title;
+    } else {
+        $spamcheck .= COM_createLink($A['title'], $A['url']);
+    }
+    $spamcheck .= '<br' . XHTML . '>' . $A['location'] . '<br' . XHTML . '>'
+               . $A['address1'] . '<br' . XHTML . '>' . $A['address2']
+               . '<br' . XHTML . '>' . $A['city'] . ', ' . $A['zipcode']
                . '<br' . XHTML . '>' . $A['description'] . '</p>';
-    $result = PLG_checkforSpam ($spamcheck, $_CONF['spamx']);
+    $result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
     if ($result > 0) {
-        COM_updateSpeedlimit ('submit');
-        COM_displayMessageAndAbort ($result, 'spamx', 403, 'Forbidden');
+        COM_updateSpeedlimit('submit');
+        COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
     }
 
     $A['description'] = addslashes (htmlspecialchars (COM_checkWords ($A['description'])));
@@ -492,10 +503,7 @@
     $A['event_type'] = addslashes (strip_tags (COM_checkWords ($A['event_type'])));
     $A['title'] = addslashes ($A['title']);
 
-    $A['url'] = addslashes (COM_sanitizeUrl ($A['url']));
-    if ($A['url'] == 'http://') {
-        $A['url'] = '';
-    }
+    $A['url'] = addslashes(COM_sanitizeUrl($A['url']));
 
     if (!empty ($A['eid'])) {
         $A['eid'] = addslashes (COM_applyFilter ($A['eid']));
diff -r c63444adf474 -r e4e3e849bff8 public_html/docs/history
--- a/public_html/docs/history	Sat Aug 01 21:39:34 2009 +0200
+++ b/public_html/docs/history	Sun Aug 02 19:31:01 2009 +0200
@@ -20,6 +20,11 @@
 - Use $LANG_ADMIN['na'] instead of hard-coding 'N/A' in several places [Dirk]
 - For Remote Users, display their service name in the User Editor [Dirk]
 
+Calendar Plugin
+---------------
+- Avoid triggering a false spam report when submitting an event with the default
+  "http://" entry for the link still in place (bug #0000946) [Dirk]
+
 
 Jul 30, 2009 (1.6.0sr1)
 ------------

