What is the sum of 2 and 9? Version: 3.0 Author: Michael Woehrer Author URI: http://sw-guide.de/ */ /* ---------------------------------------------------------------------------- ____________________________________________________ | | | Math Comment Spam Protection | | © Michael Woehrer | |____________________________________________________| © Copyright 2006-2010 Michael Woehrer (michael dot woehrer at gmail dot com) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. ---------------------------------------------------------------------------- ACKNOWLEDGEMENTS: - Thanks to Steven Herod (http://www.herod.net/) for his plugin "Did You Pass Math?". I took his idea and extended/improved it by writing a plugin on my own. ---------------------------------------------------------------------------- INSTALLATION, USAGE: Visit the plugin's homepage. ---------------------------------------------------------------------------- */ require_once ( dirname(__FILE__) . '/inc.swg-plugin-framework.php'); class MathCommentSpamProtection extends MathCommentSpamProtection_SWGPluginFramework { /** * Apply Spam Protection */ function ApplyMathCommentSpamProtection() { // We add the math comment field to the theme if ($this->g_opt['mcsp_opt_apply'] == '1') { add_action('comment_form_after_fields', array(&$this, 'EchoInputField')); } // We check the user input add_filter('preprocess_comment', array(&$this, 'CheckInput'), 0); } function GetInputField() { // Include math class, create object and generate numbers if ( !class_exists('MathCheck') ) include_once ( dirname(__FILE__) . '/math-comment-spam-protection.classes.php'); $MathCheckObject = new MathCheck; $GeneratedNumbersArray = $MathCheckObject->MathCheck_GenerateValues($this->g_opt['mcsp_opt_numbers']); // Replace placeholders $result = $this->g_opt['mcsp_opt_html']; $result = str_replace('[operand1]', $GeneratedNumbersArray['operand1'], $result); $result = str_replace('[operand2]', $GeneratedNumbersArray['operand2'], $result); $result = str_replace('[result]', $GeneratedNumbersArray['result'], $result); $result = str_replace('[fieldname_answer]', $this->g_opt['mcsp_opt_fieldname_useranswer'], $result); $result = str_replace('[fieldname_hash]', $this->g_opt['mcsp_opt_fieldname_mathresult'], $result); return $result; } function EchoInputField() { echo $this->GetInputField(); } /** * Input validation. */ function CheckInput($comment_data) { if ( ( !is_user_logged_in() ) && ( $comment_data['comment_type'] == '' ) ) { // Do not check if the user is logged in & do not check trackbacks/pingbacks // Get actual result $actual_result = $_POST[ $this->g_opt['mcsp_opt_fieldname_mathresult'] ]; // Get value user has entered $value_entered = $_POST[ $this->g_opt['mcsp_opt_fieldname_useranswer'] ]; // Get input validation result if ( !class_exists('MathCheck') ) include_once ( dirname(__FILE__) . '/math-comment-spam-protection.classes.php'); $MathCheckObject = new MathCheck; $result = $MathCheckObject->MathCheck_InputValidation($actual_result, $value_entered); // DIE if there was an error. Apply filter for security reasons (strip JS code, etc.) switch ($result) { case 'No answer': wp_die( apply_filters('pre_comment_content', stripslashes($this->g_opt['mcsp_opt_msg_no_answer'])) ); break; case 'Wrong answer': wp_die( apply_filters('pre_comment_content', stripslashes($this->g_opt['mcsp_opt_msg_wrong_answer'])) ); break; } } return $comment_data; } /** * Plugin Options */ function PluginOptionsPage() { $this->AddContentMain(__('Add math question field automatically',$this->g_info['ShortName']), '

'.__('If this option is activated, the HTML code for the math question field will be added automatically to your theme.',$this->g_info['ShortName']). ' '.__('Please note that this may not work with all themes. If it does not work with your theme, then deactivate this option and add the template tag',$this->g_info['ShortName']). ' <?php mcsp_html(); ?> '.__('manually to the according theme file.',$this->g_info['ShortName']). '

COPTHTML('mcsp_opt_apply')=='1'?'checked="checked"':'') . ' /> '); $this->AddContentMain(__('HTML code for the math question field',$this->g_info['ShortName']), '

'.__('Here we have the HTML code for the math question field (will be used when activating the option',$this->g_info['ShortName']).' "'.__('Add HTML output automatically',$this->g_info['ShortName']).'" ' . __('or when using the template tag',$this->g_info['ShortName']) . ' <?php mcsp_html(); ?> '.__('in your theme).',$this->g_info['ShortName']) . '

' .__('Use HTML only, no PHP allowed. You can use the following placeholders:',$this->g_info['ShortName']). ' [operand1] '.__('(first operand)',$this->g_info['ShortName']). ', [operand2] ' . __('(second operand)',$this->g_info['ShortName']). ', [fieldname_answer] '.__('(name of field for user\'s answer)',$this->g_info['ShortName']). ', [fieldname_hash] '.__('(name of the hidden field that contains the hash)',$this->g_info['ShortName']). ', [result] '.__('(the calculated hash result)',$this->g_info['ShortName']) .'

'.__('If you want to add the HTML code manually to your comments.php, then you can use for example the following code (as with the former versions of this plugin):',$this->g_info['ShortName']). '
<?php if ( function_exists(\'math_comment_spam_protection\') ) {'."
".'$mcsp_info = math_comment_spam_protection();'."
".'?> <p><input type="text" name="<?php echo $mcsp_info[\'fieldname_answer\'] ?>" id="<?php echo $mcsp_info[\'fieldname_answer\'] ?>" value="" size="22" tabindex="4" />'."
".'<label for="<?php echo $mcsp_info[\'fieldname_answer\'] ?>">Spam protection: Sum of <?php echo $mcsp_info[\'operand1\'] . \' + \' . $mcsp_info[\'operand2\'] . \' ?\' ?></label>'."
".'<input type="hidden" name="<?php echo $mcsp_info[\'fieldname_hash\'] ?>" value="<?php echo $mcsp_info[\'result\']; ?>" />'."
".'</p>'."
".'<?php } // if function_exists... ?>

'); $this->AddContentMain(__('Operands',$this->g_info['ShortName']), '

'.__('Enter the numbers to be used. Use the number on the left side, tilde (~) as separator and then the term to display. Separate values with comma (,). Examples:',$this->g_info['ShortName']). '


'); $this->AddContentMain(__('Error Messages',$this->g_info['ShortName']), '

'.__('Error message being displayed in case of no answer (empty field) / not entered a number:',$this->g_info['ShortName']). '

'.__('Error message being displayed in case of a wrong answer:',$this->g_info['ShortName']). '

'); $this->AddContentMain(__('Field Names',$this->g_info['ShortName']), '

'.__('Here you can change the default HTML field names to make it more difficult for spam bots.',$this->g_info['ShortName']). '





'); // Sidebar, we can also add individual items... $this->PrepareStandardSidebar(); $this->GetGeneratedOptionsPage(); } // function PluginOptionsPage() /** * Formats the input of the numbers... */ function ConvertOptions_Numbers($input) { $result = str_replace(' ', '', $input); // Strip whitespace $result = preg_replace('/,/', ', ', $result); // Add whitespace after comma $result = preg_replace('/(\r\n|\n|\r)/', '', $result); // Strip line breaks return $result; } /** * Clean the input values for the field names... */ function ConvertOptions_Fieldname($input) { $return = preg_replace('/[^a-zA-Z0-9_\-]/', '', $input); return $return; } /** * Convert option prior to save ("COPTSave"). * !!!! This function is used by the framework class !!!! */ function COPTSave($optname) { switch ($optname) { case 'mcsp_opt_numbers': return $this->ConvertOptions_Numbers($_POST[$optname]); case 'mcsp_opt_fieldname_useranswer': return $this->ConvertOptions_Fieldname($_POST[$optname]); case 'mcsp_opt_fieldname_mathresult': return $this->ConvertOptions_Fieldname($_POST[$optname]); default: if (isset($_POST[$optname])) { return $_POST[$optname]; } else { return; } } // switch } /** * Convert option before HTML output ("COPTHTML"). * *NOT* used by the framework class */ function COPTHTML($optname) { $optval = $this->g_opt[$optname]; switch ($optname) { case 'mcsp_opt_numbers': return htmlspecialchars(stripslashes($this->ConvertOptions_Numbers($optval))); case 'mcsp_opt_msg_no_answer': return htmlspecialchars(stripslashes($optval)); case 'mcsp_opt_msg_wrong_answer': return htmlspecialchars(stripslashes($optval)); case 'mcsp_opt_html': return htmlspecialchars(stripslashes($optval)); default: return $optval; } // switch } } // Class if( !isset($myMCSP) ) { // Create a new instance of your plugin that utilizes the WordpressPluginFramework and initialize the instance. $myMCSP = new MathCommentSpamProtection(); $myMCSP->Initialize( // 1. We define the plugin information now and do not use get_plugin_data() due to performance. array( # Plugin name 'Name' => 'Math Comment Spam Protection', # Author of the plugin 'Author' => 'Michael Wöhrer', # Authot URI 'AuthorURI' => 'http://sw-guide.de/', # Plugin URI 'PluginURI' => 'http://sw-guide.de/wordpress/plugins/math-comment-spam-protection/', # Support URI: E.g. WP or plugin forum, wordpress.org tags, etc. 'SupportURI' => 'http://wordpress.org/tags/math-comment-spam-protection', # Name of the options for the options database table 'OptionName' => 'plugin_mathcommentspamprotection', # Old option names to delete from the options table; newest last please #'DeleteOldOpt' => array('plugin_mathcommentspamprotection'), # Plugin version 'Version' => '3.0', # First plugin version of which we do not reset the plugin options to default; # Normally we reset the plugin's options after an update; but if we for example # update the plugin from version 2.3 to 2.4 und did only do minor changes and # not any option modifications, we should enter '2.3' here. In this example # options are being reset to default only if the old plugin version was < 2.3. 'UseOldOpt' => '3.0', # Copyright year(s) 'CopyrightYear' => '2006-2010', # Minimum WordPress version 'MinWP' => '2.9', # Do not change; full path and filename of the plugin 'PluginFile' => __FILE__, # Used for language file, nonce field security, etc. 'ShortName' => 'math-comment-spam-protection', ), // 2. We define the plugin option names and the initial options array( 'mcsp_opt_numbers' => '1~1, 2~2, 3~3, 4~4, 5~5, 6~6, 7~7, 8~8, 9~9, 10~10', 'mcsp_opt_msg_no_answer' => '

'."\n".'Error: Please press the back button and fill the required field for spam protection.'."\n".'

', 'mcsp_opt_msg_wrong_answer' => '

'."\n".'Error: You have entered the wrong sum in the spam protection field.'."\n".'
Press the back button and try again.'."\n".'

', 'mcsp_opt_fieldname_useranswer' => 'mcspvalue', 'mcsp_opt_fieldname_mathresult' => 'mcspinfo', 'mcsp_opt_html' => '

'."\n".' *'."\n".''."\n".''."\n".'

', 'mcsp_opt_apply' => '1', )); $myMCSP->ApplyMathCommentSpamProtection(); ############################################################################ # Template Tags for using in themes ############################################################################ function mcsp_html() { global $myMCSP; echo $myMCSP->GetInputField(); } function math_comment_spam_protection() { global $myMCSP; // Include math class, create object and generate numbers if ( !class_exists('MathCheck') ) include_once ( dirname(__FILE__) . '/math-comment-spam-protection.classes.php'); $MathCheckObject = new MathCheck; $GeneratedNumbersArray = $MathCheckObject->MathCheck_GenerateValues($myMCSP->g_opt['mcsp_opt_numbers']); $mcsp_info['operand1'] = $GeneratedNumbersArray['operand1']; $mcsp_info['operand2'] = $GeneratedNumbersArray['operand2']; $mcsp_info['result'] = $GeneratedNumbersArray['result']; $mcsp_info['fieldname_answer'] = $myMCSP->g_opt['mcsp_opt_fieldname_useranswer']; $mcsp_info['fieldname_hash'] = $myMCSP->g_opt['mcsp_opt_fieldname_mathresult']; return $mcsp_info; } } // if( !$myMCSP ?>