function _anonymous_publishing_cl_content_validate in Anonymous Publishing 7
Common validation of submission form for nodes and comments.
Only called when content is first posted (not when it it is activated via link).
Parameters
mixed $content: The content (array or object).
Return value
bool TRUE if the form validates, FALSE otherwise.
2 calls to _anonymous_publishing_cl_content_validate()
- anonymous_publishing_cl_comment_form_validate in modules/
cl/ anonymous_publishing_cl.module - Callback for comment_form_validate.
- anonymous_publishing_cl_node_validate in modules/
cl/ anonymous_publishing_cl.module - Implements hook_node_validate().
File
- modules/
cl/ anonymous_publishing_cl.module, line 586
Code
function _anonymous_publishing_cl_content_validate($content) {
// Node contents is object. Comment content is array.
$nodep = is_object($content);
if ($nodep) {
$email = $content->anonymous_publishing['email'];
$alias = !empty($content->anonymous_publishing['alias']) ? $content->anonymous_publishing['alias'] : '';
}
else {
$email = $content['anonymous_publishing']['email'];
$alias = !empty($content['anonymous_publishing']['alias']) ? $content['anonymous_publishing']['alias'] : '';
}
$aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
$reqchar = variable_get('anonymous_publishing_cl_requiredchar', 6);
if (empty($alias)) {
$alias = db_query("SELECT alias FROM {anonymous_publishing_emails} WHERE email = :email", array(
':email' => $email,
))
->fetchField();
}
if (2 == $aliasopt) {
if ($alias && strlen($alias) < $reqchar) {
form_set_error('anonymous_publishing][alias', t('If you enter a byline, make it at least @reqchar characters.', array(
'@reqchar' => $reqchar,
)));
return FALSE;
}
}
elseif (3 == $aliasopt && strlen($alias) < $reqchar) {
form_set_error('anonymous_publishing][alias', t('Please enter a byline with at least @reqchar characters.', array(
'@reqchar' => $reqchar,
)));
return FALSE;
}
$isrelevantp = _anonymous_publishing_cl_relevantp($content, $nodep);
if (!$isrelevantp) {
return TRUE;
}
// Extract bogus email confirm field.
if ($nodep) {
$ecfld = $content->email_confirm_field;
$email = check_plain($content->anonymous_publishing['email']);
}
else {
$ecfld = $content['email_confirm_field'];
$email = check_plain($content['anonymous_publishing']['email']);
}
if (!empty($ecfld)) {
drupal_set_message(t("I smell a 'bot. Please log in to post."), 'status');
watchdog('anonymous_publishing', 'Bot with email "@email".', array(
'@email' => $email,
));
$stats = variable_get('anonymous_publishing_cl_stats', array(
'start' => REQUEST_TIME,
'smart' => 0,
'stupid' => 0,
));
$stats['stupid']++;
variable_set('anonymous_publishing_cl_stats', $stats);
$id = db_query("SELECT id FROM {anonymous_publishing_bots} WHERE ip = :ip", array(
':ip' => ip_address(),
))
->fetchField();
if ($id) {
db_update('anonymous_publishing_bots')
->fields(array(
'last' => REQUEST_TIME,
))
->expression('visits', 'visits + 1')
->condition('id', $id)
->execute();
}
else {
db_insert('anonymous_publishing_bots')
->fields(array(
'ip' => ip_address(),
'visits' => 1,
'first' => REQUEST_TIME,
'last' => REQUEST_TIME,
))
->execute();
}
drupal_goto('<front>');
return FALSE;
}
$cntid = $nodep ? $content->nid : $content['cid'];
if (empty($cntid) && user_is_anonymous()) {
if (!isset($email)) {
form_set_error('anonymous_publishing][email', t('No e-mail-field. (This should not happen.)'));
return FALSE;
}
if (user_validate_mail($email)) {
form_set_error('anonymous_publishing][email', t('Please type in a valid e-mail address.'));
return FALSE;
}
$options = variable_get('anonymous_publishing_cl_options', array());
if (db_query("SELECT COUNT(*) FROM {users} WHERE mail = :email", array(
':email' => $email,
))
->fetchField()) {
if (!$options['aregist']) {
form_set_error('anonymous_publishing][email', t('This e-mail is already in use. If this is you, please log in to post.'));
return FALSE;
}
}
$ip = ip_address();
$sql1 = "SELECT auid, email, ipaddress, blocked FROM {anonymous_publishing_emails} WHERE email = :email";
$parameters = array(
':email' => $email,
);
if ($options['blockip']) {
$sql1 .= " OR ipaddress = :ip";
$parameters[':ip'] = $ip;
}
$result = db_query($sql1, $parameters);
$nmrows = $result
->rowCount();
// Block if at least one record indicate that this should be blocked.
$blocked = 0;
$now = date('Y-m-d');
if ($nmrows) {
foreach ($result as $record) {
$auid = $record->auid;
$blocked += $record->blocked;
db_update('anonymous_publishing_emails')
->fields(array(
'lastseen' => $now,
))
->condition('auid', $auid)
->execute();
}
}
else {
$flood = variable_get('anonymous_publishing_cl_flood');
$flooded = FALSE;
if ($flood != -1) {
if (flood_is_allowed('anonymous_publishing_ip', $flood, 3600)) {
flood_register_event('anonymous_publishing_ip', 3600);
if (flood_is_allowed('anonymous_publishing_em', $flood, 3600, $email)) {
flood_register_event('anonymous_publishing_em', 3600, $email);
}
else {
$flooded = TRUE;
}
}
else {
$flooded = TRUE;
}
}
if ($flooded) {
form_set_error('anonymous_publishing][email', t('This website only allows @flood postings of content from non-registered users within one hour. This restriction may be lifted if you register.', array(
'@flood' => $flood,
)));
return FALSE;
}
return FALSE;
}
if ($blocked) {
form_set_error('anonymous_publishing][email', t('This e-mail/ip-address is banned from posting content on this site. Please contact the site administrator if you believe this is an error.'));
return FALSE;
}
}
return TRUE;
}