Cookies for Comments - Version 0.5.1

Version Description

  • Generate cfc_key all the time if it's missing, not just on serving the css html
  • Added MU signup form mod_rewrite rules to docs and admin page
  • Added Settings page link to plugins page.
  • Add explanation text to css file.
  • Add docs on how to use CFC to protect the MU signup form
  • Show htaccess rules on admin page.
  • Don't let wp-super-cache cache this page.
  • Store cfc_key in sitemeta for WordPress MU sites
  • Added mod_rewrite rules to block spam comments before they get to WordPress
Download this release

Release Info

Developer donncha
Plugin Icon wp plugin Cookies for Comments
Version 0.5.1
Comparing to
See all releases

Code changes from version 0.5 to 0.5.1

Files changed (2) hide show
  1. cookies-for-comments.php +58 -10
  2. readme.txt +26 -2
cookies-for-comments.php CHANGED
@@ -3,11 +3,12 @@
3
  Plugin Name: Cookies for Comments
4
  Plugin URI: http://ocaoimh.ie/cookies-for-comments/
5
  Description: Sets a cookie that must exist for a comment to be allowed through
6
- Version: 0.5
7
  Author: Donncha O Caoimh
8
  Author URI: http://ocaoimh.ie/
9
 
10
  CHANGES
 
11
  2008-08-23 - Add a random key to the css file url.
12
  2008-08-21 - Set the cookie for a week
13
  2008-07-15 - User can delete spam comments now, http://wordpress.org/support/topic/187810?replies=2
@@ -18,20 +19,38 @@ CHANGES
18
  */
19
 
20
  function cfc_stylesheet_html() {
21
- $cfc_key = get_option( 'cfc_key' );
22
- if( !$cfc_key )
 
 
 
 
 
 
 
 
 
 
 
 
 
 
23
  if( current_user_can('edit_plugins') ) {
24
  $cfc_key = md5( time() );
25
- add_option( 'cfc_key', $cfc_key );
 
 
 
 
26
  } else {
27
  return;
28
  }
29
- ?><link rel="stylesheet" href="<?php echo trailingslashit( get_option( 'siteurl' ) ) . $cfc_key . '.css?t=' . mt_rand(); ?>" type="text/css" media="screen" /><?php
 
30
  }
31
- add_action( 'wp_head', 'cfc_stylesheet_html' );
32
 
33
  function cfc_set_comment_style_cookie() {
34
- $cfc_key = get_option( 'cfc_key' );
35
  if( !$cfc_key )
36
  return;
37
 
@@ -39,7 +58,8 @@ function cfc_set_comment_style_cookie() {
39
  if( !isset( $_COOKIE[ $cfc_key ] ) )
40
  @setcookie( $cfc_key, 1, time()+604800, '/' );
41
  header("Content-type: text/css");
42
- echo " ";
 
43
  die();
44
  }
45
  if( function_exists( 'akismet_auto_check_comment' ) ) {
@@ -50,7 +70,7 @@ function cfc_set_comment_style_cookie() {
50
  add_action( 'init', 'cfc_set_comment_style_cookie' );
51
 
52
  function cfc_check_comment_style_cookie( $comment ) {
53
- $cfc_key = get_option( 'cfc_key' );
54
  if( !$cfc_key )
55
  return $comment;
56
 
@@ -74,7 +94,6 @@ function cfc_config_page() {
74
  add_action('admin_menu', 'cfc_config_page');
75
 
76
  function cfc_conf() {
77
-
78
  if ( isset($_POST['submit']) ) {
79
  if ( function_exists('current_user_can') && !current_user_can('manage_options') )
80
  die(__('Cheatin&#8217; uh?'));
@@ -98,8 +117,37 @@ function cfc_conf() {
98
  <label><h3>What should happen to comments caught by CFC?</h3> <select name='cfc_spam'><option value='delete' <?php echo ( get_option( 'cfc_spam' ) == 'delete' ? 'selected' : '' ); ?> /> Delete <option value='spam' <?php echo ( get_option( 'cfc_spam' ) == 'spam' ? 'selected' : '' ); ?> /> Spam</select></label>
99
  <input type='submit' name='submit' value='Save Options' />
100
  </form>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
101
  </div>
102
  </div>
103
  <?php
104
  }
 
 
 
 
 
 
 
 
 
105
  ?>
3
  Plugin Name: Cookies for Comments
4
  Plugin URI: http://ocaoimh.ie/cookies-for-comments/
5
  Description: Sets a cookie that must exist for a comment to be allowed through
6
+ Version: 0.5.1
7
  Author: Donncha O Caoimh
8
  Author URI: http://ocaoimh.ie/
9
 
10
  CHANGES
11
+ 2009-02-18 - Store cfc key in sitemeta on WordPress MU sites
12
  2008-08-23 - Add a random key to the css file url.
13
  2008-08-21 - Set the cookie for a week
14
  2008-07-15 - User can delete spam comments now, http://wordpress.org/support/topic/187810?replies=2
19
  */
20
 
21
  function cfc_stylesheet_html() {
22
+ $cfc_key = get_cfc_key();
23
+
24
+ if ( $cfc_key == '' )
25
+ return false;
26
+
27
+ ?><link rel="stylesheet" href="<?php echo trailingslashit( get_option( 'siteurl' ) ) . $cfc_key . '.css?t=' . mt_rand(); ?>" type="text/css" media="screen" /><?php
28
+ }
29
+ add_action( 'wp_head', 'cfc_stylesheet_html' );
30
+
31
+ function get_cfc_key() {
32
+ if( function_exists( 'get_site_option' ) ) {
33
+ $cfc_key = get_site_option( 'cfc_key' );
34
+ } else {
35
+ $cfc_key = get_option( 'cfc_key' );
36
+ }
37
+ if( !$cfc_key ) {
38
  if( current_user_can('edit_plugins') ) {
39
  $cfc_key = md5( time() );
40
+ if( function_exists( 'add_site_option' ) ) {
41
+ $cfc_key = add_site_option( 'cfc_key', $cfc_key );
42
+ } else {
43
+ $cfc_key = add_option( 'cfc_key', $cfc_key );
44
+ }
45
  } else {
46
  return;
47
  }
48
+ }
49
+ return $cfc_key;
50
  }
 
51
 
52
  function cfc_set_comment_style_cookie() {
53
+ $cfc_key = get_cfc_key();
54
  if( !$cfc_key )
55
  return;
56
 
58
  if( !isset( $_COOKIE[ $cfc_key ] ) )
59
  @setcookie( $cfc_key, 1, time()+604800, '/' );
60
  header("Content-type: text/css");
61
+ echo "/* Page generated by Cookies for Comments at http://ocaoimh.ie/cookies-for-comments/ */";
62
+ define( 'DONOTCACHEPAGE', 1 ); // don't let wp-super-cache cache this page.
63
  die();
64
  }
65
  if( function_exists( 'akismet_auto_check_comment' ) ) {
70
  add_action( 'init', 'cfc_set_comment_style_cookie' );
71
 
72
  function cfc_check_comment_style_cookie( $comment ) {
73
+ $cfc_key = get_cfc_key();
74
  if( !$cfc_key )
75
  return $comment;
76
 
94
  add_action('admin_menu', 'cfc_config_page');
95
 
96
  function cfc_conf() {
 
97
  if ( isset($_POST['submit']) ) {
98
  if ( function_exists('current_user_can') && !current_user_can('manage_options') )
99
  die(__('Cheatin&#8217; uh?'));
117
  <label><h3>What should happen to comments caught by CFC?</h3> <select name='cfc_spam'><option value='delete' <?php echo ( get_option( 'cfc_spam' ) == 'delete' ? 'selected' : '' ); ?> /> Delete <option value='spam' <?php echo ( get_option( 'cfc_spam' ) == 'spam' ? 'selected' : '' ); ?> /> Spam</select></label>
118
  <input type='submit' name='submit' value='Save Options' />
119
  </form>
120
+ <?php
121
+ $cfc_key = get_cfc_key();
122
+ if( $cfc_key ) { ?>
123
+ <p>If you're feeling adventerous, you can add the following two lines <em>before</em> the regular WordPress mod_rewrite rules in your <tt>.htaccess</tt> file. They will stop comments from spambots before they reach the database or are executed in PHP:</p>
124
+ <pre>
125
+ RewriteCond %{HTTP_COOKIE} !^.*<?php echo $cfc_key; ?>.*$
126
+ RewriteRule ^wp-comments-post.php - [F,L]
127
+ </pre>
128
+ <?php
129
+ }
130
+ global $wpmu_version;
131
+ if ( isset( $wpmu_version ) && $wpmu_version != '' ) {
132
+ ?><p>As you're using WordPress MU, copy these lines into your .htaccess file, making sure the paths match the location of the signup form.</p>
133
+ <pre>
134
+ RewriteCond %{HTTP_COOKIE} !^.*<?php echo $cfc_key; ?>.*$
135
+ RewriteRule ^wp-signup.php - [F,L]
136
+ </pre>
137
+ <?php
138
+ }
139
+ ?>
140
  </div>
141
  </div>
142
  <?php
143
  }
144
+
145
+ function cfc_plugin_actions( $links, $file ) {
146
+ if( $file == 'cookies-for-comments/cookies-for-comments.php' && function_exists( "admin_url" ) ) {
147
+ $settings_link = '<a href="' . admin_url( 'options-general.php?page=cfc_config' ) . '">' . __('Settings') . '</a>';
148
+ array_unshift( $links, $settings_link ); // before other links
149
+ }
150
+ return $links;
151
+ }
152
+ add_filter( 'plugin_action_links', 'cfc_plugin_actions', 10, 2 );
153
  ?>
readme.txt CHANGED
@@ -1,13 +1,37 @@
1
  === Cookies for Comments ===
2
  Contributors: donncha
3
  Tags: cookies, comments, spam
4
- Tested up to: 2.6.1
5
- Stable tag: 0.5
 
6
 
7
  Sets a cookie on a random URL that is then checked when a comment is posted. If the cookie is missing the comment is marked as spam. This plugin will reduce your comment spam by at least 90%, probably.
8
 
9
  == Description ==
10
  This plugin adds a stylesheet to your blog's html source code. When a browser loads that stylesheet a cookie is dropped. If that user then leaves a comment the cookie is checked. If it doesn't exist the comment is marked as spam.
11
 
 
 
 
 
 
 
 
 
 
 
12
  == Installation ==
13
  Copy into your plugins folder and activate. If you are using a caching plugin such as [WP Super Cache](http://ocaoimh.ie/wp-super-cache/) make sure you clear the cache after enabling this plugin.
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  === Cookies for Comments ===
2
  Contributors: donncha
3
  Tags: cookies, comments, spam
4
+ Tested up to: 2.8.2
5
+ Stable tag: 0.5.1
6
+ Donate link: http://ocaoimh.ie/wordpress-plugins/gifts-and-donations/
7
 
8
  Sets a cookie on a random URL that is then checked when a comment is posted. If the cookie is missing the comment is marked as spam. This plugin will reduce your comment spam by at least 90%, probably.
9
 
10
  == Description ==
11
  This plugin adds a stylesheet to your blog's html source code. When a browser loads that stylesheet a cookie is dropped. If that user then leaves a comment the cookie is checked. If it doesn't exist the comment is marked as spam.
12
 
13
+ For the adventurous, add these lines to your .htaccess and it will block spam attempts before they ever get to WordPress. Replace the Xs with the cookie that was set in your browser after viewing your blog. Make sure the lines go above the standard WordPress rules.
14
+
15
+ `RewriteCond %{HTTP_COOKIE} !^.*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*$`
16
+ `RewriteRule ^wp-comments-post.php - [F,L]`
17
+
18
+ If you use WordPress MU, replace wp-comments-post.php above with wp-signup.php to block spam signups.
19
+
20
+ `RewriteCond %{HTTP_COOKIE} !^.*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*$`
21
+ `RewriteRule ^wp-signup.php - [F,L]`
22
+
23
  == Installation ==
24
  Copy into your plugins folder and activate. If you are using a caching plugin such as [WP Super Cache](http://ocaoimh.ie/wp-super-cache/) make sure you clear the cache after enabling this plugin.
25
+
26
+ == Changelog ==
27
+
28
+ = 0.5.1 =
29
+ * Generate cfc_key all the time if it's missing, not just on serving the css html
30
+ * Added MU signup form mod_rewrite rules to docs and admin page
31
+ * Added Settings page link to plugins page.
32
+ * Add explanation text to css file.
33
+ * Add docs on how to use CFC to protect the MU signup form
34
+ * Show htaccess rules on admin page.
35
+ * Don't let wp-super-cache cache this page.
36
+ * Store cfc_key in sitemeta for WordPress MU sites
37
+ * Added mod_rewrite rules to block spam comments before they get to WordPress