{"id":232101,"date":"2023-01-20T13:51:00","date_gmt":"2023-01-20T10:51:00","guid":{"rendered":"https:\/\/wordpress.mediadoma.com\/?p=232101"},"modified":"2023-01-29T10:41:33","modified_gmt":"2023-01-29T07:41:33","slug":"parim-tohus-raempspostivastane-php-koodi-tuvastamine-wordpressi-jaoks","status":"publish","type":"post","link":"https:\/\/wordpress.mediadoma.com\/et\/parim-tohus-raempspostivastane-php-koodi-tuvastamine-wordpressi-jaoks\/","title":{"rendered":"Parim t\u00f5hus r\u00e4mpspostivastane PHP-koodi tuvastamine WordPressi jaoks"},"content":{"rendered":"

WordPressi ajaveebi v\u00f5ib p\u00e4evas saada rohkem kui 100 r\u00e4mpspostikommentaari (toodavad r\u00e4mpspostirobotid), mis on t\u00fc\u00fctu.<\/p>\n

\"Parim<\/a><\/p>\n

wordpress-r\u00e4mpspost<\/p>\n

\u00dcldjuhul saavad need pistikprogrammid, nagu Akismet, h\u00f5ivata, kuid need andmed s\u00e4ilitatakse ikkagi andmebaasis, enne kui need k\u00e4sitsi v\u00e4lja l\u00f5igatakse v\u00f5i p\u00e4rast<\/a> aegumiskuup\u00e4eva<\/a>.<\/p>\n

LEONA<\/a> pakub nutikat lahendust, et v\u00e4ltida nende r\u00e4mpspostikommentaaride sattumist isegi andmebaasi. See p\u00f5hineb peidetud v\u00e4lja asetamisel vormi ja v\u00e4\u00e4rtuse m\u00e4\u00e4ramisel, kui kasutaja vajutab klahvi (onkeyup). Nii et kui v\u00e4\u00e4rtused ei \u00fchti, arvame, et seda ei esitanud inimene.<\/p>\n

wordpress pakub filtrit preprocess_comment<\/strong>, nii et saate kommentaare kontrollida ja lehelt v\u00e4ljuda kasutades wp_die()<\/strong> varem.<\/p>\n

WP ametlik API \u00fctleb (https:\/\/codex.wordpress.org\/Plugin_API\/Filter_Reference\/preprocess_comment<\/a> ), $commentdata sisaldab j\u00e4rgmist teavet:<\/p>\n

'comment_post_ID' \u00a0 \u00a0 \u00a0- The post to which the comment will apply\n\u00a0 \u00a0'comment_author' \u00a0 \u00a0 \u00a0 - (may be empty)\n\u00a0 \u00a0'comment_author_email' - (may be empty)\n\u00a0 \u00a0'comment_author_url' \u00a0 - (may be empty)\n\u00a0 \u00a0'comment_content' \u00a0 \u00a0 \u00a0- The text of the proposed comment\n\u00a0 \u00a0'comment_type' \u00a0 \u00a0 \u00a0 \u00a0 - 'pingback', 'trackback', or empty for regular comments\n\u00a0 \u00a0'user_ID' \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0- (empty if not logged in)<\/code><\/pre>\n
Seej\u00e4rel saame kasutada seda pistikprogrammi, et lubada pingback\/trackback (mis minu arvates on kasulik) ja t\u00f5husalt vabaneda r\u00e4mpspostikommentaaridest.<\/p>\n
$leonax_magic_lower = 328;\n$leonax_magic_upper = 3450709;\n\u00a0\nfunction leonax_anti_spam_form($fields){\n\u00a0 \u00a0 global $leonax_magic_lower, $leonax_magic_upper;\n\u00a0 \u00a0 $leonax_magic = mt_rand($leonax_magic_lower, $leonax_magic_upper);\n\u00a0 \u00a0 $fields['leonax_magic'] = <<<EOT\n\u00a0 \u00a0 \u00a0 \u00a0 <input type=\"hidden\" id=\"leonax-magic\" name=\"leonax-magic\" value=\"0\">\n\u00a0 \u00a0 \u00a0 \u00a0 <script type=\"text\/javascript\">\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 jQuery(function() {\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 jQuery(\"#comment\").on(\"keyup\", function() {\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 jQuery(\"#leonax-magic\").val(\"$leonax_magic\");\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 });\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 })\n\u00a0 \u00a0 \u00a0 \u00a0 <\/script>\nEOT;\n\u00a0 \u00a0 return $fields;\n}\n\u00a0\nadd_filter('comment_form_default_fields', 'leonax_anti_spam_form');\n\u00a0\nfunction leonax_anit_spam_caught() {\n\u00a0 wp_die('<strong>ERROR<\/strong>: Looks like you are a spam bot. Please stop doing this.');\n}\n\u00a0\nfunction leonax_anti_spam_check( $commentdata) {\n\u00a0 $comment_type = '';\n\u00a0 if (isset($commentdata['comment_type'])) {\n\u00a0 \u00a0 $comment_type = trim($commentdata['comment_type']);\n\u00a0 } \u00a0 \n\u00a0 \n\u00a0if (($comment_type == 'pingback') || ($comment_type == 'trackback')) {\n\u00a0 \u00a0 return $commentdata;\n\u00a0 }\n\u00a0 $content = '';\n\u00a0 if (isset($commentdata['comment_content'])) {\n\u00a0 \u00a0 $content = trim($commentdata['comment_content']);\n\u00a0 } \u00a0 \n\u00a0 if (!strlen($content)) {\n\u00a0 \u00a0 leonax_anit_spam_caught();\n\u00a0 }\n\u00a0 \n\u00a0 if (preg_match(\"\/[a-e0-9]{25,}\/i\", $content)) { \/\/ To capture the strange IDs\n\u00a0 \u00a0 leonax_anit_spam_caught(); \u00a0\n\u00a0 }\n\u00a0\n\u00a0 global $leonax_magic_lower, $leonax_magic_upper; \u00a0\n\u00a0 \n\u00a0 if (isset($commentdata['user_ID']) && $commentdata['user_ID']) { \/\/ Login-users are not bad\n\u00a0 \u00a0 return $commentdata;\n\u00a0 }\n\u00a0 \n\u00a0 if (!isset($_POST['leonax-magic'])) {\n\u00a0 \u00a0 leonax_anit_spam_caught();\n\u00a0 }\n\u00a0 $magic = intval($_POST['leonax-magic']);\n\u00a0 if ($magic < $leonax_magic_lower || $magic > $leonax_magic_upper) {\n\u00a0 \u00a0 leonax_anit_spam_caught();\n\u00a0 }\n\u00a0 return $commentdata;\n}\n\u00a0\nadd_filter( 'preprocess_comment', 'leonax_anti_spam_check' );<\/code><\/pre>\n
Kui testime funktsiooni\/filtrit tahtlikult kummaliste ID-de sisestamisega, saame j\u00e4rgmise (ja kommentaari ei sisestata ootealasse).<\/p>\n
M\u00e4rkus. Pange \u00fclaltoodud kood malli functions.php<\/strong> (v\u00f5i alamteema) l\u00f5ppu .<\/p>\n
\"Parim<\/a><\/p>\n
wordpress-spam-detect<\/p>\n
See toimib nagu v\u00f5lu!<\/p>\n
:  helloacm.com<\/a><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"
Parim t\u00f5hus r\u00e4mpspostivastane PHP-koodi tuvastamine WordPressi jaoks<\/p>\n","protected":false},"author":1,"featured_media":223984,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wp_rev_ctl_limit":""},"categories":[718,1029,842,802,863],"tags":[1165,1165],"class_list":["post-232101","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-arendaja","category-ohutus","category-opetused","category-php-4","category-wordpress-4","tag-affiai-et"],"_links":{"self":[{"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/posts\/232101","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/comments?post=232101"}],"version-history":[{"count":0,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/posts\/232101\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/media\/223984"}],"wp:attachment":[{"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/media?parent=232101"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/categories?post=232101"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.mediadoma.com\/et\/wp-json\/wp\/v2\/tags?post=232101"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}