Changeset 10961

Timestamp:

05/10/2021 05:42:47 AM (2 years ago)

Author:

dd32

Message:

Registration: Introduce a new check on some heuristics to determine if a signup looks spammy.

This is intended to replace the usage of Akismet (which isn't designed for this) to hopefully reduce the number of blocked signups that require manual review.

Location:

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login

Files:

• admin/class-user-registrations-list-table.php (modified) (3 diffs)
• functions-registration.php (modified) (2 diffs)

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/admin/class-user-registrations-list-table.php

@@ -26 +26 @@
                 'akismet',
                 'Akismet said no',
+            ],
+            [
+                'heuristics',
+                'Heiristics: Review / Block',
             ]
         ];
@@ -80 +84 @@
             case 'akismet':
                 return "meta LIKE '%akismet_result\":\"spam%'";
+            case 'heuristics':
+                return "meta LIKE '%heuristics%' AND meta NOT LIKE '%heuristics\":\"allow%'";
             case 'registered':
                 return 'created = 1';
@@ -317 +323 @@
         }
 
+        $heuristics = $meta->heuristics ?? '';
+        if ( $heuristics ) {
+            printf(
+                '<abbr title="%s">%s</abbr> ',
+                esc_attr( 'Heuristics' ),
+                esc_html( strtolower( $heuristics ) )
+            );
+        }
+
         $row_actions = [];
 

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-login/functions-registration.php

@@ -122 +122 @@
     }
 
+    if ( function_exists( 'wporg_registration_check_private_heuristics' ) ) {
+        // Returns block, review, allow.
+        $pending_user['meta']['heuristics'] = wporg_registration_check_private_heuristics( compact( 'user_login', 'user_email' ) );
+    }
+
     $pending_user['meta']['akismet_result'] = wporg_login_check_akismet( $user_login, $user_email );
 
     $pending_user['cleared'] = (
+        // ( !isset( $pending_user['meta']['heuristics'] ) || 'allow' === $pending_user['meta']['heuristics'] ) && // Disabled for now, review results first, replace Akismet below
         'spam' !== $pending_user['meta']['akismet_result'] &&
         (float)$pending_user['scores']['pending'] >= (float) get_option( 'recaptcha_v3_threshold', 0.2 ) 
@@ -213 +219 @@
 
     // Cast the int fields to an integer.
-    foreach ( [ 'pending_id', 'cleared', 'created' ] as $field ) {
-        $pending_user[ $field ] = (int) $pending_user[ $field ];
-    }
+    $pending_user['pending_id'] = (int) $pending_user['pending_id'];
+    $pending_user['cleared']    = (int) $pending_user['cleared'];
+    $pending_user['created']    = (int) $pending_user['created'];
 
     return $pending_user;