Akismet Anti-Spam - Version 2.5.5

Version Description

  • Add nonce check for comment author URL remove action
  • Fix the settings link
Download this release

Release Info

Developer josephscott
Plugin Icon 128x128 Akismet Anti-Spam
Version 2.5.5
Comparing to
See all releases

Code changes from version 2.5.4 to 2.5.5

Files changed (4) hide show
  1. admin.php +6 -3
  2. akismet.js +2 -0
  3. akismet.php +3 -3
  4. readme.txt +5 -1
admin.php CHANGED
@@ -44,6 +44,9 @@ function akismet_load_js_and_css() {
44
 
45
  wp_register_script( 'akismet.js', AKISMET_PLUGIN_URL . 'akismet.js', array('jquery'), '2.5.4.6' );
46
  wp_enqueue_script( 'akismet.js' );
 
 
 
47
  }
48
  }
49
 
@@ -292,7 +295,7 @@ function akismet_admin_warnings() {
292
  if ( !get_option('wordpress_api_key') && !$wpcom_api_key && !isset($_POST['submit']) ) {
293
  function akismet_warning() {
294
  echo "
295
- <div id='akismet-warning' class='updated fade'><p><strong>".__('Akismet is almost ready.')."</strong> ".sprintf(__('You must <a href="%1$s">enter your Akismet API key</a> for it to work.'), "plugins.php?page=akismet-key-config")."</p></div>
296
  ";
297
  }
298
  add_action('admin_notices', 'akismet_warning');
@@ -708,7 +711,7 @@ add_action('admin_action_akismet_recheck_queue', 'akismet_recheck_queue');
708
 
709
  // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link
710
  function akismet_remove_comment_author_url() {
711
- if (!empty($_POST['id'])) {
712
  global $wpdb;
713
  $comment = get_comment( intval($_POST['id']), ARRAY_A );
714
  if (current_user_can('edit_comment', $comment['comment_ID'])) {
@@ -723,7 +726,7 @@ function akismet_remove_comment_author_url() {
723
  add_action('wp_ajax_comment_author_deurl', 'akismet_remove_comment_author_url');
724
 
725
  function akismet_add_comment_author_url() {
726
- if (!empty($_POST['id']) && !empty($_POST['url'])) {
727
  global $wpdb;
728
  $comment = get_comment( intval($_POST['id']), ARRAY_A );
729
  if (current_user_can('edit_comment', $comment['comment_ID'])) {
44
 
45
  wp_register_script( 'akismet.js', AKISMET_PLUGIN_URL . 'akismet.js', array('jquery'), '2.5.4.6' );
46
  wp_enqueue_script( 'akismet.js' );
47
+ wp_localize_script( 'akismet.js', 'WPAkismet', array(
48
+ 'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' )
49
+ ) );
50
  }
51
  }
52
 
295
  if ( !get_option('wordpress_api_key') && !$wpcom_api_key && !isset($_POST['submit']) ) {
296
  function akismet_warning() {
297
  echo "
298
+ <div id='akismet-warning' class='updated fade'><p><strong>".__('Akismet is almost ready.')."</strong> ".sprintf(__('You must <a href="%1$s">enter your Akismet API key</a> for it to work.'), "admin.php?page=akismet-key-config")."</p></div>
299
  ";
300
  }
301
  add_action('admin_notices', 'akismet_warning');
711
 
712
  // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link
713
  function akismet_remove_comment_author_url() {
714
+ if ( !empty($_POST['id'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
715
  global $wpdb;
716
  $comment = get_comment( intval($_POST['id']), ARRAY_A );
717
  if (current_user_can('edit_comment', $comment['comment_ID'])) {
726
  add_action('wp_ajax_comment_author_deurl', 'akismet_remove_comment_author_url');
727
 
728
  function akismet_add_comment_author_url() {
729
+ if ( !empty( $_POST['id'] ) && !empty( $_POST['url'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
730
  global $wpdb;
731
  $comment = get_comment( intval($_POST['id']), ARRAY_A );
732
  if (current_user_can('edit_comment', $comment['comment_ID'])) {
akismet.js CHANGED
@@ -21,6 +21,7 @@ jQuery(document).ready(function () {
21
  var thisId = jQuery(this).attr('commentid');
22
  var data = {
23
  action: 'comment_author_deurl',
 
24
  id: thisId
25
  };
26
  jQuery.ajax({
@@ -48,6 +49,7 @@ jQuery(document).ready(function () {
48
  var thisUrl = jQuery(this).attr('href').replace("http://www.", "").replace("http://", "");
49
  var data = {
50
  action: 'comment_author_reurl',
 
51
  id: thisId,
52
  url: thisUrl
53
  };
21
  var thisId = jQuery(this).attr('commentid');
22
  var data = {
23
  action: 'comment_author_deurl',
24
+ _wpnonce: WPAkismet.comment_author_url_nonce,
25
  id: thisId
26
  };
27
  jQuery.ajax({
49
  var thisUrl = jQuery(this).attr('href').replace("http://www.", "").replace("http://", "");
50
  var data = {
51
  action: 'comment_author_reurl',
52
+ _wpnonce: WPAkismet.comment_author_url_nonce,
53
  id: thisId,
54
  url: thisUrl
55
  };
akismet.php CHANGED
@@ -5,8 +5,8 @@
5
  /*
6
  Plugin Name: Akismet
7
  Plugin URI: http://akismet.com/?return=true
8
- Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your <a href="plugins.php?page=akismet-key-config">Akismet configuration</a> page, and save your API key.
9
- Version: 2.5.4
10
  Author: Automattic
11
  Author URI: http://automattic.com/wordpress-plugins/
12
  License: GPLv2 or later
@@ -28,7 +28,7 @@ along with this program; if not, write to the Free Software
28
  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
29
  */
30
 
31
- define('AKISMET_VERSION', '2.5.4');
32
  define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
33
 
34
  /** If you hardcode a WP.com API key here, all key config screens will be hidden */
5
  /*
6
  Plugin Name: Akismet
7
  Plugin URI: http://akismet.com/?return=true
8
+ Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from comment and trackback spam</strong>. It keeps your site protected from spam even while you sleep. To get started: 1) Click the "Activate" link to the left of this description, 2) <a href="http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>, and 3) Go to your <a href="admin.php?page=akismet-key-config">Akismet configuration</a> page, and save your API key.
9
+ Version: 2.5.5
10
  Author: Automattic
11
  Author URI: http://automattic.com/wordpress-plugins/
12
  License: GPLv2 or later
28
  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
29
  */
30
 
31
+ define('AKISMET_VERSION', '2.5.5');
32
  define('AKISMET_PLUGIN_URL', plugin_dir_url( __FILE__ ));
33
 
34
  /** If you hardcode a WP.com API key here, all key config screens will be hidden */
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, au
3
  Tags: akismet, comments, spam
4
  Requires at least: 3.0
5
  Tested up to: 3.3.1
6
- Stable tag: 2.5.4
7
  License: GPLv2 or later
8
 
9
  Akismet checks your comments against the Akismet web service to see if they look like spam or not.
@@ -31,6 +31,10 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
31
 
32
  == Changelog ==
33
 
 
 
 
 
34
  = 2.5.4 =
35
  * Limit Akismet CSS and Javascript loading in wp-admin to just the pages that need it
36
  * Added author URL quick removal functionality
3
  Tags: akismet, comments, spam
4
  Requires at least: 3.0
5
  Tested up to: 3.3.1
6
+ Stable tag: 2.5.5
7
  License: GPLv2 or later
8
 
9
  Akismet checks your comments against the Akismet web service to see if they look like spam or not.
31
 
32
  == Changelog ==
33
 
34
+ = 2.5.5 =
35
+ * Add nonce check for comment author URL remove action
36
+ * Fix the settings link
37
+
38
  = 2.5.4 =
39
  * Limit Akismet CSS and Javascript loading in wp-admin to just the pages that need it
40
  * Added author URL quick removal functionality