Announcement

  •  » Engine
  •  » $_POST['cr'] and spam protection

#1 2014-07-01 12:02:13

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13809

$_POST['cr'] and spam protection

Hi rvelices,

In include/functions_comment.inc.php, we fill $_POST['cr']:

Code:

~/public_html/piwigo/dev/trunk
$ grep -w cr include/functions_comment.inc.php
    $_POST['cr'][] = 'links';
    $_POST['cr'][] = 'key'; // rvelices: I use this outside to see how spam robots work
      $_POST['cr'][] = 'website_url';
      $_POST['cr'][] = 'flood_time';

(rv_akismet also fills it)

but I don't see where it is used. Can you give details about $_POST['cr'] ?

Offline

 

#2 2014-07-01 12:48:30

mistic100
Former Piwigo Team
Lyon (FR)
2008-09-27
3277

Re: $_POST['cr'] and spam protection

(I just added website_url and flood_time because "why not")

Offline

 

#3 2014-07-01 13:44:47

rvelices
Former Piwigo Team
2005-12-29
1960

Re: $_POST['cr'] and spam protection

I am using it on my site to analyze what works best for stopping spams. Basically it's dumped in a file with every comment (even rejected). Thats how I came up with the post key and with the hidden image (former implemented in akismet)

If you want you can remove it but its useful in case more intelligent spammers appear.

Offline

 

#4 2014-07-01 15:27:43

plg
Piwigo Team
Nantes, France, Europe
2002-04-05
13809

Re: $_POST['cr'] and spam protection

Let's keep it of course, but it would be nice to have a comment and that you implement your log system in core with $conf['antispam_enable_log'] = false; you see what I mean :-) (I think "cr" stands for "comment reject" but you have to confirm)

Offline

 
  •  » Engine
  •  » $_POST['cr'] and spam protection

Board footer

Powered by FluxBB

github twitter newsletter Donate Piwigo.org © 2002-2024 · Contact