Changeset 28893


Ignore:
Timestamp:
07/01/14 11:56:02 (5 years ago)
Author:
mistic100
Message:

feature 3095 : block comment if website_url is not empty when field is disabled

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/include/functions_comment.inc.php

    r28714 r28893  
    147147  if (!empty($comm['website_url'])) 
    148148  { 
    149     $comm['website_url'] = strip_tags($comm['website_url']); 
    150     if (!preg_match('/^https?/i', $comm['website_url'])) 
    151     { 
    152       $comm['website_url'] = 'http://'.$comm['website_url']; 
    153     } 
    154     if (!url_check_format($comm['website_url'])) 
    155     { 
    156       $infos[] = l10n('Your website URL is invalid'); 
     149    if (!$conf['comments_enable_website']) 
     150    { // honeypot: if the field is disabled, it should be empty ! 
    157151      $comment_action='reject'; 
     152      $_POST['cr'][] = 'website_url'; 
     153    } 
     154    else 
     155    { 
     156      $comm['website_url'] = strip_tags($comm['website_url']); 
     157      if (!preg_match('/^https?/i', $comm['website_url'])) 
     158      { 
     159        $comm['website_url'] = 'http://'.$comm['website_url']; 
     160      } 
     161      if (!url_check_format($comm['website_url'])) 
     162      { 
     163        $infos[] = l10n('Your website URL is invalid'); 
     164        $comment_action='reject'; 
     165      } 
    158166    } 
    159167  } 
     
    207215      $infos[] = l10n('Anti-flood system : please wait for a moment before trying to post another comment'); 
    208216      $comment_action='reject'; 
     217      $_POST['cr'][] = 'flood_time'; 
    209218    } 
    210219  } 
Note: See TracChangeset for help on using the changeset viewer.