Changeset 28893


Ignore:
Timestamp:
Jul 1, 2014, 11:56:02 AM (10 years ago)
Author:
mistic100
Message:

feature 3095 : block comment if website_url is not empty when field is disabled

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/include/functions_comment.inc.php

    r28714 r28893  
    147147  if (!empty($comm['website_url']))
    148148  {
    149     $comm['website_url'] = strip_tags($comm['website_url']);
    150     if (!preg_match('/^https?/i', $comm['website_url']))
    151     {
    152       $comm['website_url'] = 'http://'.$comm['website_url'];
    153     }
    154     if (!url_check_format($comm['website_url']))
    155     {
    156       $infos[] = l10n('Your website URL is invalid');
     149    if (!$conf['comments_enable_website'])
     150    { // honeypot: if the field is disabled, it should be empty !
    157151      $comment_action='reject';
     152      $_POST['cr'][] = 'website_url';
     153    }
     154    else
     155    {
     156      $comm['website_url'] = strip_tags($comm['website_url']);
     157      if (!preg_match('/^https?/i', $comm['website_url']))
     158      {
     159        $comm['website_url'] = 'http://'.$comm['website_url'];
     160      }
     161      if (!url_check_format($comm['website_url']))
     162      {
     163        $infos[] = l10n('Your website URL is invalid');
     164        $comment_action='reject';
     165      }
    158166    }
    159167  }
     
    207215      $infos[] = l10n('Anti-flood system : please wait for a moment before trying to post another comment');
    208216      $comment_action='reject';
     217      $_POST['cr'][] = 'flood_time';
    209218    }
    210219  }
Note: See TracChangeset for help on using the changeset viewer.