From 9ef62e7f0ca57a25f7b71ec74978c701ee5fa89e Mon Sep 17 00:00:00 2001 From: Dougal Campbell Date: Wed, 3 Nov 2004 14:21:46 +0000 Subject: [PATCH] ANTI-SPAM: reject numerically encoded entities that fall in the normal ASCII range git-svn-id: https://develop.svn.wordpress.org/trunk@1844 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-includes/functions.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/wp-includes/functions.php b/wp-includes/functions.php index a780cb770b..3c3f0a98a1 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1656,6 +1656,16 @@ function check_comment($author, $email, $url, $comment, $user_ip) { } } + // Useless numeric encoding is a pretty good spam indicator: + // Extract entities: + if (preg_match_all('/&#(\d+);/',$comment,$chars)) { + foreach ($chars[1] as $char) { + // If it's an encoded char in the normal ASCII set, reject + if ($char < 128) + return false; + } + } + $mod_keys = trim( get_settings('moderation_keys') ); if ('' == $mod_keys ) return true; // If moderation keys are empty