antispam, pomoc w przerobieniu skryptu Opcje

[sebcio80]

mam malutki problem

otoz na mojej stronie mam mozliwosc dodawania komentarzy, problem polega na tym ze jakies robociki coraz wiecej spamuja i dodaja niechciany przeze mnie tekst

sam malo sie znam na php i mialbym prosbe czy ktos nie pomogl by mi w przerobieniu skryptu dodawania komentarzy?

chodziloby o to aby skrypt "rozpoznawał" czy w tekscie sa ciagi znakow (bez wzgledu na wielkosc liter):

<a
[url

jezeli tak to nie dodawal by komentarza i zwracal komunikat: cos jak jest w anti-flood

tak wyglada kod dodawania komentarza (mam nadzieje ze caly):

Kod

//------------------------------------------------------  comment registeration
if ( isset( $_POST['content'] ) && !empty($_POST['content']) )
{
  $register_comment = true;
  $author = !empty($_POST['author'])?$_POST['author']:$lang['guest'];
  // if a guest try to use the name of an already existing user, he must be
  // rejected
  if ( $author != $user['username'] )
  {
    $query = 'SELECT COUNT(*) AS user_exists';
    $query.= ' FROM '.USERS_TABLE;
    $query.= " WHERE username = '".$author."'";
    $query.= ';';
    $row = mysql_fetch_array( pwg_query( $query ) );
    if ( $row['user_exists'] == 1 )
    {
      $template->assign_block_vars(
        'information',
        array('INFORMATION'=>$lang['comment_user_exists']));
      $register_comment = false;
    }
  }
  
  if ( $register_comment )
  {
    // anti-flood system
    $reference_date = time() - $conf['anti-flood_time'];
    $query = 'SELECT id FROM '.COMMENTS_TABLE;
    $query.= ' WHERE date > FROM_UNIXTIME('.$reference_date.')';
    $query.= " AND author = '".$author."'";
    $query.= ';';
    if ( mysql_num_rows( pwg_query( $query ) ) == 0
         or $conf['anti-flood_time'] == 0 )
    {
      $query = 'INSERT INTO '.COMMENTS_TABLE;
      $query.= ' (author,date,image_id,content,validated) VALUES (';
      $query.= "'".$author."'";
      $query.= ',NOW(),'.$_GET['image_id'];
      $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'";
      if ( !$conf['comments_validation'] or $user['status'] == 'admin' )
      {        
        $query.= ",'true'";
      }
      else
      {
        $query.= ",'false'";
      }
      $query.= ');';
      pwg_query( $query );
      // information message
      $message = $lang['comment_added'];
      if ( $conf['comments_validation'] and $user['status'] != 'admin' )
      {
        $message.= '<br />'.$lang['comment_to_validate'];
      }
      $template->assign_block_vars('information',
                                   array('INFORMATION'=>$message));
      // notification to the administrators
      if ( $conf['mail_notification'] )
      {
        // find any related category (can be unreachable to this admin)
        $category = $related_categories[0];
        // locally, we change the $conf['level_separator']
        $conf_separator = $conf['level_separator'];
        $conf['level_separator'] = ' > ';
        $cat_name = get_cat_display_name_cache($category['uppercats'],
                                               '',
                                               false);
        $conf['level_separator'] = $conf_separator;
        
        $cat_name = strip_tags( $cat_name );
        notify( 'comment', $cat_name.' > '.$picture['current']['name']);
      }
    }
    else
    {
      // information message
      $template->assign_block_vars(
        'information',
        array('INFORMATION'=>$lang['comment_anti-flood']));
    }
  }
}