[pLog-svn] r1881 - in plog/trunk: class/action class/dao
class/security class/view templates/admin
oscar at devel.plogworld.net
oscar at devel.plogworld.net
Tue Apr 19 20:17:30 GMT 2005
Author: oscar
Date: 2005-04-19 20:17:30 +0000 (Tue, 19 Apr 2005)
New Revision: 1881
Modified:
plog/trunk/class/action/addtrackbackaction.class.php
plog/trunk/class/action/viewarticletrackbacksaction.class.php
plog/trunk/class/dao/article.class.php
plog/trunk/class/dao/trackbacks.class.php
plog/trunk/class/security/bayesianfilter.class.php
plog/trunk/class/view/trackbackview.class.php
plog/trunk/templates/admin/editposts.template
Log:
this should complete the integration of the bayesian anti-spam filter with trackbacks. Now trackbacks can be marked and unmarked as spam whenever necessary, adn when receiving a trackback, the spam filter will scan the message to see if it contains any spam. If it does, then it will eithe be left in the db and marked as spam or thrown away (as with comments)
Modified: plog/trunk/class/action/addtrackbackaction.class.php
===================================================================
--- plog/trunk/class/action/addtrackbackaction.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/action/addtrackbackaction.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -38,7 +38,7 @@
* @private
* @static
*/
- function log( $message )
+ function tblog( $message )
{
$logger =& LoggerManager::getLogger( "trackback" );
$logger->debug( $message );
@@ -54,18 +54,18 @@
$articleId = $this->_request->getValue( "id" );
$url = $tf->filterAllHTML( $this->_request->getValue( "url" ));
- $this->log( "** Incoming request **" );
- $this->log( "Blog name = ".$blogName );
- $this->log( "Excerpt = ".$excerpt );
- $this->log( "Title = ".$title );
- $this->log( "Article ID = ".$articleId );
- $this->log( "url = ".$url );
+ $this->tblog( "** Incoming request **" );
+ $this->tblog( "Blog name = ".$blogName );
+ $this->tblog( "Excerpt = ".$excerpt );
+ $this->tblog( "Title = ".$title );
+ $this->tblog( "Article ID = ".$articleId );
+ $this->tblog( "url = ".$url );
// try to see if the article is correct
$articles = new Articles();
$article = $articles->getBlogArticle( $articleId );
if( !$article ) {
- $this->log( "ERROR: Incorrect error identifier" );
+ $this->tblog( "ERROR: Incorrect error identifier" );
$this->_view = new TrackbackView( "Incorrect article identifier", true );
return( false );
}
@@ -76,18 +76,18 @@
// a bit of protection...
if( !$blogInfo ) {
- $this->log( "ERROR: Article id ".$article->getId()." points to blog ".$article->getBlog()." that doesn't exist!" );
+ $this->tblog( "ERROR: Article id ".$article->getId()." points to blog ".$article->getBlog()." that doesn't exist!" );
$this->_view = new TrackbackView( "The blog does not exist", true );
return( false );
}
// if the blog is disabled, then we shoulnd't take trackbacks...
if( $blogInfo->getStatus() != BLOG_STATUS_ACTIVE ) {
- $this->log( "ERROR: The blog ".$blogInfo->getBlog()." is set as disabled and cannot receive trackbacks!" );
+ $this->tblog( "ERROR: The blog ".$blogInfo->getBlog()." is set as disabled and cannot receive trackbacks!" );
$this->_view = new TrackbackView( "The blog is not active", true );
return( false );
}
-
+
// if everything went fine, load the plugins so that we can throw some events...
$pm =& PluginManager::getPluginManager();
$pm->loadPlugins();
@@ -95,7 +95,20 @@
// who threw the events...
$pm->setBlogInfo( $blogInfo );
$userInfo = $blogInfo->getOwnerInfo();
- $pm->setUserInfo( $userInfo );
+ $pm->setUserInfo( $userInfo );
+
+ // let's take a look at the security stuff, once we've made sure that the
+ // blog and the article are both valid
+ $pipeline = new Pipeline( $this->_request, $blogInfo );
+ $result = $pipeline->process();
+ // let the sender of the trackback know that something went wrong
+ if( !$result->isValid()) {
+ // use the default view
+ $this->tblog( "The trackback was blocked by a filter" );
+ $this->_view = new TrackbackView( $result->getErrorMessage(), true );
+ print($this->_view->render());
+ die();
+ }
// receives the request and adds it to the database
$trackbacks = new TrackBacks();
@@ -103,12 +116,22 @@
$now = new Timestamp();
$ip = Client::getIp();
$trackback = new Trackback( $url, $title, $articleId, $excerpt, $blogName, $now->getTimestamp(), $ip );
- // throw the event in case somebody is listening to it!
- $pm->notifyEvent( EVENT_PRE_TRACKBACK_ADD, Array( "trackback" => &$trackback ));
- $result = $trackbacks->addTrackBack( $trackback );
- if( !$result ) {
- $this->log( "There was an error saving the trackback!" );
+
+ // this code probably needs some explanation...
+ // Basically, if the bayesian filter is configured to save spam to the database marked as spam,
+ // we would end up with two identical trackbacks: one marked as spam and the other one not marked
+ // as spam. The first one would be created by the spam filter and the second one would be created
+ // by us here, so we need to know if the trackback is already there and if not, don't add it.
+ // This also works as an additional protection feature agains repeating trackback spammers.
+ if( !$trackbacks->getIdenticalTrackback( $trackback )) {
+ // throw the event in case somebody is listening to it!
+ $pm->notifyEvent( EVENT_PRE_TRACKBACK_ADD, Array( "trackback" => &$trackback ));
+ $result = $trackbacks->addTrackBack( $trackback );
+ if( !$result ) {
+ $this->tblog( "There was an error saving the trackback!" );
+ }
}
+
// throw the post event too...
$pm->notifyEvent( EVENT_POST_TRACKBACK_ADD, Array( "trackback" => &$trackback ));
@@ -124,7 +147,7 @@
// clear the blog cache
CacheControl::resetBlogCache( $article->getBlog());
- $this->log( "** End **" );
+ $this->tblog( "** End **" );
}
}
?>
\ No newline at end of file
Modified: plog/trunk/class/action/viewarticletrackbacksaction.class.php
===================================================================
--- plog/trunk/class/action/viewarticletrackbacksaction.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/action/viewarticletrackbacksaction.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -116,7 +116,7 @@
// if everything's fine, we set up the article object for the view
$this->_view->setValue( "post", $article );
$this->_view->setValue( "user", $user );
- $this->_view->setValue( "trackbacks", $article->getTrackbacks());
+ $this->_view->setValue( "trackbacks", $article->getTrackbacks( true ));
$this->setCommonData();
// and return everything normal
Modified: plog/trunk/class/dao/article.class.php
===================================================================
--- plog/trunk/class/dao/article.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/dao/article.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -282,17 +282,33 @@
* Returns an array of Trackback objects, with all the trackbacks that have been received for
* this article.
*
+ * @param onlyActive return only those trackbacks that are not marked as spam
* @return An array of Trackback objects.
* @see Trackback
*/
- function getTrackbacks()
+ function getTrackbacks( $onlyActive = true )
{
- if( $this->_trackbacks == null ) {
- $trackbacks = new Trackbacks();
- $this->_trackbacks = $trackbacks->getArticleTrackbacks( $this->getId());
+ // load the comments if they haven't been loaded yet
+ if( $this->_trackbacks == null ) {
+ include_once( PLOG_CLASS_PATH.'class/dao/trackbacks.class.php' );
+ $trackbacks = new Trackbacks();
+ $blogSettings = $this->_blogInfo->getSettings();
+ $this->setTrackbacks( $trackbacks->getArticleTrackBacks( $this->getId(), COMMENT_STATUS_ALL ));
}
-
- return $this->_trackbacks;
+
+ // if we only want to return the active ones, then we have to loop through
+ // the array once more
+ if( $onlyActive ) {
+ $comments = Array();
+ foreach( $this->_trackbacks as $trackback ) {
+ if( $trackback->getStatus() == COMMENT_STATUS_NONSPAM )
+ $tbs[] = $trackback;
+ }
+ }
+ else
+ $tbs = $this->_trackbacks;
+
+ return( $tbs );
}
/**
@@ -457,6 +473,8 @@
function setTrackbacks( $trackbacks )
{
$this->_trackbacks = $trackbacks;
+ if( !is_array( $this->_trackbacks ))
+ $this->_trackbacks = Array();
return true;
}
@@ -517,7 +535,7 @@
function getTotalComments( $onlyActive = true )
{
// trigger the loading of the comments
- $this->getComments();
+ $this->getComments( $onlyActive );
if( $onlyActive ) {
$num = 0;
@@ -535,20 +553,34 @@
/**
* Returns the number of trackback pings that this post has received.
*
+ * @param onlyActive return only the number of active (as in non-spam, etc)
* @return An integer representing the number of trackback pings.
*/
- function getNumTrackbacks()
+ function getNumTrackbacks( $onlyActive = true )
{
- return( count( $this->getTrackbacks()));
+ // trigger the loading of the comments
+ $this->getTrackbacks( $onlyActive );
+
+ if( $onlyActive ) {
+ $num = 0;
+ foreach( $this->_trackbacks as $trackback ) {
+ if( $trackback->getStatus() == COMMENT_STATUS_NONSPAM )
+ $num++;
+ }
+ }
+ else
+ $num = count( $this->_trackbacks );
+
+ return( $num );
}
/**
* alias for the one above
* @see getNumTrackbacks
*/
- function getTotalTrackbacks()
+ function getTotalTrackbacks( $onlyActive = true )
{
- return( $this->getNumTrackbacks());
+ return( $this->getNumTrackbacks( $onlyActive ));
}
/**
Modified: plog/trunk/class/dao/trackbacks.class.php
===================================================================
--- plog/trunk/class/dao/trackbacks.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/dao/trackbacks.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -178,5 +178,22 @@
{
return( CommentsCommon::deletePostComment( $articleId, $trackbackId, COMMENT_TYPE_TRACKBACK ));
}
+
+ /**
+ * @private
+ * @return Returns true if this trackback already exists in the db
+ */
+ function getIdenticalTrackback( $trackback )
+ {
+ return( CommentsCommon::getIdenticalComment( $trackback->getTopic(),
+ $trackback->getText(),
+ $trackback->getArticleId(),
+ $trackback->getParentId(),
+ $trackback->getUserName(),
+ $trackback->getUserEmail(),
+ $trackback->getUserUrl(),
+ $trackback->getClientIp(),
+ COMMENT_TYPE_TRACKBACK ));
+ }
}
?>
Modified: plog/trunk/class/security/bayesianfilter.class.php
===================================================================
--- plog/trunk/class/security/bayesianfilter.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/security/bayesianfilter.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -2,6 +2,7 @@
include_once( PLOG_CLASS_PATH."class/security/pipelinefilter.class.php" );
include_once( PLOG_CLASS_PATH."class/bayesian/bayesiantokenizer.class.php" );
+ include_once( PLOG_CLASS_PATH."class/bayesian/bayesianfiltercore.class.php" );
include_once( PLOG_CLASS_PATH."class/dao/bayesiantokens.class.php" );
include_once( PLOG_CLASS_PATH."class/dao/bayesiantoken.class.php" );
include_once( PLOG_CLASS_PATH."class/dao/bayesianfilterinfos.class.php" );
@@ -59,26 +60,40 @@
$blogInfo = $this->_pipelineRequest->getBlogInfo();
$request = $this->_pipelineRequest->getHttpRequest();
- // we only have to filter the contents if the user is posting a comment
+ // we only have to filter the contents if the user is posting a comment or we're receiving
// so there's no point in doing anything else if that's not the case
- if( $request->getValue( "op" ) != "AddComment" ) {
+ if( $request->getValue( "op" ) != "AddComment" && $request->getValue( "op" ) != "AddTrackback" ) {
$result = new PipelineResult();
return $result;
}
- // text and topic of the comment
- $commentText = $request->getValue( "commentText" );
- $commentTopic = $request->getValue( "commentTopic" );
- $userName = $request->getValue( "userName" );
- $userEmail = $request->getValue( "userEmail" );
- $userUrl = $request->getValue( "userUrl" );
- $articleId = $request->getValue( "articleId" );
- $parentId = $request->getValue( "parentId" );
+ // if it's a trackback, the data is in another place...
+ $isTrackback = ($request->getValue( "op" ) == "AddTrackback");
+ if( $isTrackback ) {
+ $commentText = $request->getValue( "excerpt" );
+ $commentTopic = $request->getValue( "title" );
+ $articleId = $request->getValue( "id" );
+ // that's all we can get from a trackback...
+ $userName = $request->getValue( "blog_name" );
+ $userUrl = $request->getValue( "url" );
+ $userEmail = $request->getValue( "" );
+ }
+ else {
+ // or else let's assume that we're dealing with a comment
+ $commentText = $request->getValue( "commentText" );
+ $commentTopic = $request->getValue( "commentTopic" );
+ $userName = $request->getValue( "userName" );
+ $userEmail = $request->getValue( "userEmail" );
+ $userUrl = $request->getValue( "userUrl" );
+ $articleId = $request->getValue( "articleId" );
+ $parentId = $request->getValue( "parentId" );
+ }
+
if( $parentId == "" )
$parentId = 0;
$spamicity = $this->getSpamProbability($blogInfo->getId(), $commentTopic, $commentText, $userName, $userEmail, $userUrl);
-
+
if ($spamicity >= $config->getValue("bayesian_filter_spam_probability_treshold"))
{
$result = new PipelineResult(false, HIGH_SPAM_PROBABILITY, "You cannot post this message. Anti-spam filter has blocked it.");
@@ -90,10 +105,19 @@
// still be added but marked as spam and so on... sometimes breaking a few
// rules makes things easier :)
if( $config->getValue( "bayesian_filter_spam_comments_action" ) == BAYESIAN_FILTER_KEEP_COMMENT_ACTION ) {
+ $clientIp = Client::getIp();
$comments = new ArticleComments();
- $comment = new UserComment( $articleId, $parentId, $topic, $commentText,
+ $comment = new UserComment( $articleId, $parentId, $commentTopic, $commentText,
null, $userName, $userEmail, $userUrl, $clientIp,
0, COMMENT_STATUS_SPAM );
+ // mark it as a trackback instead of a user comment...
+
+ if( $isTrackback ) {
+ $this->log->debug("saving the trackback but saving it as spam...");
+ $comment->setType( COMMENT_TYPE_TRACKBACK );
+ }
+
+ // add the comment to the db
$comments->addComment( $comment );
}
else {
Modified: plog/trunk/class/view/trackbackview.class.php
===================================================================
--- plog/trunk/class/view/trackbackview.class.php 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/class/view/trackbackview.class.php 2005-04-19 20:17:30 UTC (rev 1881)
@@ -48,8 +48,8 @@
// and render it
$response = $this->_template->fetch();
- AddTrackbackAction::log( "*** Sending response ***" );
- AddTrackbackAction::log( $response );
+ AddTrackbackAction::tblog( "*** Sending response ***" );
+ AddTrackbackAction::tblog( $response );
print( $response );
}
Modified: plog/trunk/templates/admin/editposts.template
===================================================================
--- plog/trunk/templates/admin/editposts.template 2005-04-19 20:15:02 UTC (rev 1880)
+++ plog/trunk/templates/admin/editposts.template 2005-04-19 20:17:30 UTC (rev 1881)
@@ -123,7 +123,7 @@
</td>
<td style="text-align: center;">
{if $post->getTotalTrackbacks() > 0}
- <a href="?op=editTrackbacks&articleId={$post->getId()}">({$post->getTotalTrackbacks()})</a>
+ <a href="?op=editTrackbacks&articleId={$post->getId()}">({$post->getTotalTrackbacks(false)})</a>
{else}
0
{/if}
More information about the pLog-svn
mailing list