Subject:
It's a feature.
Date: September
12, 1994 01:30
21:45 Mount Elliot National Park (Townsville), Queensland
:: 7 SEP 94
I had a startling experience today. One of those weird ones that makes
you wonder "Just what's in this tea, anyway?" I had a bug in
my program. I mean literally -- there was an actual bug. Well, literally
it wasn't in the program itself, rather in the UI (uuhh, that's User Interface
for those of you not chained to a PC), but nevertheless a real live, crawling
six-legged bug trundling along in my MS Mail client.
It wasn't on the screen either. I've seen that plenty of times
on both my Toshiba T3400 notebook and the clone desktop at home. No, this
programmer's nightmare had somehow wormed its way into the display and
was traipsing through overlapping windows with total disregard to the
laws of MDI laid down by BillG & Co. over at Microsoft.
The Toshiba T3400 notebook computer dumps some of the heat generated
by the display through two narrow exhaust vents at the top of the display
flap. Seems the "feature" (for the unenlightened masses, that's
programmer-speak for "bug") was attracted by the light and heat
escaping from the vents and wormed its way into the display's display.
You may not know this but there's a narrow space between the pixel plane
and the backlighting surface in these notebook LCD displays. The critter
found it.
For a minute I thought I was losing my mind.
Patrick.
-- Responses Sought --
0) {
$error_message.=$COM_LANG['not_allowed'] . "
";
}
if ($_REQUEST['disc_name'] == '') {
$error_message.=$_REQUEST['r_disc_name'] . "
";
}
if ($_REQUEST['disc_body'] == '') {
$error_message.=$_REQUEST['r_disc_body'] . "
";
}
if ($_REQUEST['disc_email'] != '') {
if (!smcom_is_email($_REQUEST['disc_email'])) {
$error_message.="Invalid email address" . "
";
}
}
return $error_message;
}
function smcom_flood_protection($INPUT) {
global $comments_db_link, $COM_CONF, $COM_LANG;
$result = mysql_query("select time from {$COM_CONF['dbmaintable']} where ip='{$_SERVER['REMOTE_ADDR']}' AND (UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP( time )) < {$COM_CONF['anti_flood_pause']}", $comments_db_link);
if (mysql_num_rows($result)>0) {
$error_message="Flood detected";
return $error_message;
}
$result = mysql_query("select ID from {$COM_CONF['dbmaintable']} where text='{$INPUT['disc_body']}' AND author='{$INPUT['disc_name']}' AND href='{$INPUT['href']}'", $comments_db_link);
if (mysql_num_rows($result)>0) {
$error_message="Flood detected";
return $error_message;
}
return "";
}
function smcom_spam_check($email, $name, $url, $text, $path_to_page, $ip) {
global $COM_CONF, $comments_db_link;
$try = 0;
while (!$valid && $try <= 3) {
// Initialize and verify API key
$akismet = new Akismet($COM_CONF['site_url'], $COM_CONF['akismet_apikey']);
$result = $akismet->isKeyValid();
// Possible values: 'valid', 'invalid', 'no connect'
if ($result != 'valid') {
if (($result == 'invalid')) {
// Invalid key
return 2;
} else {
// Could not connect to the Akismet server
$try++;
}
}
else {
$valid = 1;
}
}
if (!$valid) {
return 3; // Could not connect to the Akismet server
}
// Pass comment info to the class
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($text);
$akismet->setUserIP($ip);
$akismet->setPermalink($COM_CONF['site_url'] . $path_to_page);
$akismet->setCommentType('Comment');
$try = 0;
while ($try <= 3) {
// Check the comment for spam
$result = $akismet->isCommentSpam();
// Possible values: 'false' (not spam), 'true' (spam), 'no connect'
if ($result != 'false') {
if ($result == 'true') {
// The comment is spam
return 1;
} else {
// Could not connect to the Akismet server
$try++;
}
} else {
return 0;
}
}
return 3; // Could not connect to the Akismet server
}
function smcom_add()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
foreach ($_REQUEST as $key => $value) {
if ($key == 'disc_body') {
$comment_text=stripslashes($value);
}
$_REQUEST[$key] = str_replace('<', '<', $_REQUEST[$key]);
$_REQUEST[$key] = str_replace('>', '>', $_REQUEST[$key]);
if (get_magic_quotes_gpc()) {
$_REQUEST[$key] = stripslashes($_REQUEST[$key]);
}
$_REQUEST[$key] = mysql_escape_string($_REQUEST[$key]);
}
$_REQUEST['href'] = str_replace('%2F', '/', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3F', '?', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%26', '&', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3D', '=', $_REQUEST['href']);
if ($_REQUEST['dont_show_email'] != '') { $dont_show="1"; }
else { $dont_show="0"; }
$error_message = smcom_check_for_errors();
$error_message .= smcom_flood_protection($_REQUEST);
if ($COM_CONF['ckeck_for_spam']) {
if (!$error_message) {
$spam_check_result = smcom_spam_check($_REQUEST['disc_email'], $_REQUEST['disc_name'], "", $comment_text, $_REQUEST['href'], "");
if ($spam_check_result == 1) {
$error_message .= "
Your comment suspected as spam.";
mysql_query("INSERT INTO {$COM_CONF['dbjunktable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);
}
if ($spam_check_result == 2) {
$error_message .= "
Invalid WordPress API key";
}
if ($spam_check_result == 3) {
$error_message .= "
Could not connect to the Akismet server";
}
}
}
if ($error_message) {
print "The following errors occured:
$error_message
Please
get back and try again.";
return 0;
}
mysql_query("INSERT INTO {$COM_CONF['dbmaintable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);
if ($_REQUEST['email_me'] != '' && $_REQUEST['disc_email'] != '') {
$result = mysql_query("select COUNT(*) from {$COM_CONF['dbemailstable']} where href='{$_REQUEST['href']}' AND email='{$_REQUEST['disc_email']}'", $comments_db_link);
list ($count) = mysql_fetch_row($result);
if ($count == 0) {
$hash=md5($email . $COM_CONF['copy_random_seed']);
mysql_query("INSERT INTO {$COM_CONF['dbemailstable']} VALUES (NULL, '{$_REQUEST['disc_email']}', '{$_REQUEST['href']}', '$hash')", $comments_db_link);
}
}
if ($COM_CONF['email_admin']) {
smcom_notify_admin($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email'], $comment_text, "{$_SERVER['REMOTE_ADDR']}, {$_SERVER['HTTP_USER_AGENT']}");
}
smcom_notify_users($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email']);
header("HTTP/1.1 302");
header("Location: {$COM_CONF['site_url']}{$_REQUEST['href']}");
print "
Click here to get back.";
}
function smcom_notify_admin($href, $name, $email, $text, $ip)
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$headers = "From: Comments <{$COM_CONF['email_from']}>\r\n";
$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name <$email>
$text
$ip
";
mail($COM_CONF['email_admin'], "{$COM_LANG['email_new_comment']} $href", $text_of_message, $headers);
}
function smcom_notify_users($href, $name, $email_from)
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$headers = "From: Comments <{$COM_CONF['email_from']}>\n";
$result=mysql_query("select email, hash from {$COM_CONF['dbemailstable']} where href='$href'", $comments_db_link);
while (list($email, $hash) = mysql_fetch_row($result)) {
if ($email != $email_from) {
$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name
{$COM_LANG['email_to_unsubscribe']}
{$COM_CONF['site_url']}{$COM_CONF['script_url']}?action=unsub&page=$href&id=$hash
";
mail($email, "{$COM_LANG['email_new_comment']} $href",$text_of_message, $headers);
}
}
}
function smcom_unsub()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$id=mysql_escape_string($_REQUEST['id']);
$href=mysql_escape_string($_REQUEST['page']);
mysql_query("delete from {$COM_CONF['dbemailstable']} where href='$href' AND hash='$id'", $comments_db_link);
if (mysql_affected_rows() > 0) {
print "{$COM_LANG['unsubscribed']}";
}
else {
print "{$COM_LANG['not_unsubscribed']}";
}
}
function smcom_view()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$request_uri = mysql_escape_string($_SERVER['REQUEST_URI']);
$result = mysql_query("select time, text, author, email, dont_show_email from {$COM_CONF['dbmaintable']} where href='$request_uri' order by time {$COM_CONF['sort_order']}", $comments_db_link);
$comments_count=0;
$time=$text=$author=$email=$dont_show_email=array();
while (list($time[$comments_count], $text[$comments_count], $author[$comments_count], $email[$comments_count], $dont_show_email[$comments_count])=mysql_fetch_array($result)) {
$text[$comments_count] = wordwrap($text[$comments_count], 75, "\n", 1);
$time[$comments_count] = smcom_format_date($time[$comments_count]);
$comments_count++;
}
require("{$COM_CONF['full_path']}/templates/{$COM_CONF['template']}.php");
}
function smcom_format_date($date)
{
global $COM_LANG;
$year = substr($date, 0, 4);
$month = intval(substr($date, 5, 2)) - 1;
$day = substr($date, 8, 2);
$hour = substr($date, 11, 2);
$min = substr($date, 14, 2);
return "$day {$COM_LANG['months'][$month]} $year, $hour:$min";
}
function smcom_is_email($Addr)
{
$p = '/^[a-z0-9!#$%&*+-=?^_`{|}~]+(\.[a-z0-9!#$%&*+-=?^_`{|}~]+)*';
$p.= '@([-a-z0-9]+\.)+([a-z]{2,3}';
$p.= '|info|arpa|aero|coop|name|museum)$/ix';
return preg_match($p, $Addr);
}
?>
