Created
January 16, 2014 18:13
-
-
Save naeluh/8460216 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require ('/path/to/mollom.class.inc'); | |
| class MollomMyPlatform extends Mollom { | |
| public function loadConfiguration($name) { | |
| // You may also hard-code your settings like this: | |
| $config = array( | |
| 'publicKey' => 'place key here', | |
| 'privateKey' => 'place key here', | |
| ); | |
| return $config[$name]; | |
| } | |
| public function saveConfiguration($name, $value) {} | |
| public function deleteConfiguration($name) {} | |
| public function getClientInformation() { | |
| $data = array( | |
| // Only supply different platform values, if your client maps to a | |
| // public platform/application that may be used by others. | |
| // Examples: Drupal 7.x, Wordpress 3.6, etc. | |
| 'platformName' => 'PHP', | |
| 'platformVersion' => PHP_VERSION, | |
| // Always specify your implementation values here: | |
| 'clientName' => 'Mollom PHP client example', | |
| 'clientVersion' => '1.0', | |
| ); | |
| return $data; | |
| } | |
| protected function request($method, $server, $path, $query = NULL, array $headers = array()) { | |
| $ch = curl_init(); | |
| // CURLOPT_HTTPHEADER expects all headers as values: | |
| // @see http://php.net/manual/function.curl-setopt.php | |
| foreach ($headers as $name => &$value) { | |
| $value = $name . ': ' . $value; | |
| } | |
| // Compose the Mollom endpoint URL. | |
| $url = $server . '/' . $path; | |
| if (isset($query) && $method == 'GET') { | |
| $url .= '?' . $query; | |
| } | |
| curl_setopt($ch, CURLOPT_URL, $url); | |
| // Send OAuth + other request headers. | |
| curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); | |
| // Prevent API calls from taking too long. | |
| // Under normal operations, API calls may time out for Mollom users without | |
| // a paid subscription. | |
| curl_setopt($ch, CURLOPT_TIMEOUT, $this->requestTimeout); | |
| if ($method == 'POST') { | |
| curl_setopt($ch, CURLOPT_POST, TRUE); | |
| curl_setopt($ch, CURLOPT_POSTFIELDS, $query); | |
| } | |
| else { | |
| curl_setopt($ch, CURLOPT_HTTPGET, TRUE); | |
| } | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); | |
| //curl_setopt($ch, CURLOPT_VERBOSE, TRUE); | |
| curl_setopt($ch, CURLOPT_HEADER, TRUE); | |
| // Execute the HTTP request. | |
| if ($raw_response = curl_exec($ch)) { | |
| // Split the response headers from the response body. | |
| list($raw_response_headers, $response_body) = explode("\r\n\r\n", $raw_response, 2); | |
| // Parse HTTP response headers. | |
| // @see http_parse_headers() | |
| $raw_response_headers = str_replace("\r", '', $raw_response_headers); | |
| $raw_response_headers = explode("\n", $raw_response_headers); | |
| $message = array_shift($raw_response_headers); | |
| $response_headers = array(); | |
| foreach ($raw_response_headers as $line) { | |
| list($name, $value) = explode(': ', $line, 2); | |
| // Mollom::handleRequest() expects response header names in lowercase. | |
| $response_headers[strtolower($name)] = $value; | |
| } | |
| $info = curl_getinfo($ch); | |
| $response = array( | |
| 'code' => $info['http_code'], | |
| 'message' => $message, | |
| 'headers' => $response_headers, | |
| 'body' => $response_body, | |
| ); | |
| } | |
| else { | |
| $response = array( | |
| 'code' => curl_errno($ch), | |
| 'message' => curl_error($ch), | |
| ); | |
| } | |
| curl_close($ch); | |
| $response = (object) $response; | |
| return $response; | |
| } | |
| public static function getServerParameters() { | |
| if ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD') { | |
| $data = self::httpParseQuery($_SERVER['QUERY_STRING']); | |
| // Remove $_GET['q']. | |
| unset($data['q']); | |
| } | |
| elseif ($_SERVER['REQUEST_METHOD'] == 'POST' || $_SERVER['REQUEST_METHOD'] == 'PUT') { | |
| $data = self::httpParseQuery(file_get_contents('php://input')); | |
| } | |
| return $data; | |
| } | |
| /* | |
| * Retrieves the OAuth authorization header of an inbound request. | |
| * | |
| * @return array | |
| * An array containing all key/value pairs extracted out of the | |
| * 'Authorization' HTTP header, if any. | |
| * | |
| * @todo Move into base class. | |
| */ | |
| public static function getServerAuthentication() { | |
| $header = array(); | |
| if (function_exists('apache_request_headers')) { | |
| $headers = apache_request_headers(); | |
| if (isset($headers['Authorization'])) { | |
| $input = $headers['Authorization']; | |
| } | |
| } | |
| elseif (isset($_SERVER['HTTP_AUTHORIZATION'])) { | |
| $input = $_SERVER['HTTP_AUTHORIZATION']; | |
| } | |
| if (isset($input)) { | |
| preg_match_all('@([^, =]+)="([^"]*)"@', $input, $header); | |
| $header = array_combine($header[1], $header[2]); | |
| } | |
| return $header; | |
| } | |
| } | |
| // When a comment is submitted: | |
| $mollom = new MollomMyPlatform(); | |
| //THIS IS THE FIELDS YOU ARE CHECKING AND WHICH BECOMES THE ARRAY $result | |
| $comment = $_POST['comment']; | |
| $result = $mollom->checkContent(array( | |
| 'checks' => array('spam'), | |
| 'postTitle' => $comment['title'], | |
| 'postBody' => $comment['body'], | |
| 'authorName' => $comment['name'], | |
| 'authorUrl' => $comment['homepage'], | |
| 'authorIp' => $_SERVER['REMOTE_ADDR'], | |
| 'authorId' => $userid, // If the author is logged in. | |
| )); | |
| // You might want to make the fallback case configurable: | |
| if (!is_array($result) || !isset($result['id'])) { | |
| print "The content moderation system is currently unavailable. Please try again later."; | |
| die(); | |
| } | |
| // Check the final spam classification. | |
| switch ($result['spamClassification']) { | |
| case 'ham': | |
| // Do nothing. (Accept content.) | |
| break; | |
| case 'spam': | |
| // Discard (block) the form submission. | |
| print "Your submission has triggered the spam filter and will not be accepted."; | |
| die(); | |
| break; | |
| case 'unsure': | |
| // Require to solve a CAPTCHA to get the post submitted. | |
| $captcha = $mollom->createCaptcha(array( | |
| 'contentId' => $result['id'], | |
| 'type' => 'image', | |
| )); | |
| if (!is_array($captcha) || !isset($captcha['id'])) { | |
| print "The content moderation system is currently unavailable. Please try again later."; | |
| die(); | |
| } | |
| // Output the CAPTCHA. | |
| print '<img src="' . $captcha['url'] . '" alt="Type the characters you see in this picture." />'; | |
| print '<input type="text" name="captcha" size="10" value="" autocomplete="off" />'; | |
| // Re-inject the submitted form values, re-render the form, | |
| // and ask the user to solve the CAPTCHA. | |
| break; | |
| default: | |
| // If we end up here, Mollom responded with a unknown spamClassification. | |
| // Normally, this should not happen. | |
| break; | |
| } | |
| if (empty($data['id'])) { | |
| return FALSE; | |
| } | |
| // The ID originates from raw form input. Ensure we hit the right endpoint | |
| // in case a bogus bot fills in even hidden input fields with random | |
| // strings, by performing a basic syntax validation. | |
| if (!preg_match('@^[a-z0-9-]+$@i', $data['id'])) { | |
| return FALSE; | |
| } | |
| $path = 'captcha/' . rawurlencode($data['id']); | |
| unset($data['id']); | |
| $result = $this->query('POST', $path, $data, array('captcha', 'id')); | |
| return isset($result['captcha']) ? $result['captcha'] : $result; | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment