//# 0 errors, 92 messages
//#
/*
    //#AkismetCommentValidator.java:1:1: class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
 * Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  The ASF licenses this file to You
 * under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.  For additional information regarding
 * copyright in this work, please see the NOTICE file in the top level
 * directory of this distribution.
 */

package org.apache.roller.weblogger.ui.rendering.plugins.comments;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URL;
import java.net.URLConnection;
import java.util.ResourceBundle;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.pojos.WeblogEntryComment;
import org.apache.roller.weblogger.ui.rendering.util.*;
import org.apache.roller.weblogger.util.RollerMessages;


/**
 * Check against Akismet service. Expects to a valid Akismet API key in the
 * Roller startup config property comment.validator.akismet.apikey.
 * You can get a free personal use key by registering as a user at wordpress.com.
 * See Akismet site for API details (http://akismet.com/development/api/)
 */
public class AkismetCommentValidator implements CommentValidator { 
    private static Log log = LogFactory.getLog(AkismetCommentValidator.class);    
    //#AkismetCommentValidator.java:43: method: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init
    //#AkismetCommentValidator.java:43: Warning: method not available
    //#    -- call on Log org.apache.commons.logging.LogFactory:getLog(Class)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init
    //#    unanalyzed callee: Log org.apache.commons.logging.LogFactory:getLog(Class)
    //#output(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Descendant_Table[org/apache/roller/weblogger/ui/rendering/plugins/comments/AkismetCommentValidator]
    //#output(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Dispatch_Table.getName()Ljava/lang/String;
    //#output(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Dispatch_Table.validate(Lorg/apache/roller/weblogger/pojos/WeblogEntryComment;Lorg/apache/roller/weblogger/util/RollerMessages;)I
    //#output(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): log
    //#output(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): org/apache/roller/weblogger/ui/rendering/plugins/comments/CommentValidator.__Descendant_Table[org/apache/roller/weblogger/ui/rendering/plugins/comments/AkismetCommentValidator]
    //#post(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Descendant_Table[org/apache/roller/weblogger/ui/rendering/plugins/comments/AkismetCommentValidator] == &__Dispatch_Table
    //#post(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): org/apache/roller/weblogger/ui/rendering/plugins/comments/CommentValidator.__Descendant_Table[org/apache/roller/weblogger/ui/rendering/plugins/comments/AkismetCommentValidator] == &__Dispatch_Table
    //#post(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Dispatch_Table.getName()Ljava/lang/String; == &getName
    //#post(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): __Dispatch_Table.validate(Lorg/apache/roller/weblogger/pojos/WeblogEntryComment;Lorg/apache/roller/weblogger/util/RollerMessages;)I == &validate
    //#post(org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init): init'ed(log)
    //#AkismetCommentValidator.java:43: end of method: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator__static_init
    private ResourceBundle bundle = ResourceBundle.getBundle("ApplicationResources");
    private String apikey;
    
    /** Creates a new instance of AkismetCommentValidator */
    public AkismetCommentValidator() {
    //#AkismetCommentValidator.java:48: method: void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()
    //#input(void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()): this
    //#output(void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()): this.apikey
    //#output(void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()): this.bundle
    //#post(void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()): init'ed(this.apikey)
    //#post(void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()): init'ed(this.bundle)
        apikey = WebloggerConfig.getProperty("comment.validator.akismet.apikey");
    //#AkismetCommentValidator.java:49: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.config.WebloggerConfig:getProperty(String)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()
    //#    unanalyzed callee: String org.apache.roller.weblogger.config.WebloggerConfig:getProperty(String)
    }
    //#AkismetCommentValidator.java:50: end of method: void org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator()

    public String getName() {
        return bundle.getString("comment.validator.akismetName");
    //#AkismetCommentValidator.java:53: method: String org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.getName()
    //#input(String getName()): this
    //#input(String getName()): this.bundle
    //#output(String getName()): return_value
    //#pre[2] (String getName()): this.bundle != null
    //#post(String getName()): init'ed(return_value)
    //#AkismetCommentValidator.java:53: end of method: String org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.getName()
    }

    public int validate(WeblogEntryComment comment, RollerMessages messages) {
        StringBuffer sb = new StringBuffer();
    //#AkismetCommentValidator.java:57: method: int org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.validate(WeblogEntryComment, RollerMessages)
    //#input(int validate(WeblogEntryComment, RollerMessages)): "&amp;"._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): ".rest.akismet.com.1.1.comment-check"._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "Roller "._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "blog="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment"._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment_author="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment_author_email="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment_author_url="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment_content="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "comment_type="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "http:.."._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "permalink="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "referrer="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "user_agent="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): "user_ip="._tainted
    //#input(int validate(WeblogEntryComment, RollerMessages)): comment
    //#input(int validate(WeblogEntryComment, RollerMessages)): log
    //#input(int validate(WeblogEntryComment, RollerMessages)): messages
    //#input(int validate(WeblogEntryComment, RollerMessages)): messages.__Tag
    //#input(int validate(WeblogEntryComment, RollerMessages)): messages.mErrors
    //#input(int validate(WeblogEntryComment, RollerMessages)): org/apache/roller/weblogger/util/RollerMessages.__Descendant_Table[org/apache/roller/weblogger/util/RollerMessages]
    //#input(int validate(WeblogEntryComment, RollerMessages)): org/apache/roller/weblogger/util/RollerMessages.__Descendant_Table[others]
    //#input(int validate(WeblogEntryComment, RollerMessages)): org/apache/roller/weblogger/util/RollerMessages.__Dispatch_Table.addError(Ljava/lang/String;)V
    //#input(int validate(WeblogEntryComment, RollerMessages)): this
    //#input(int validate(WeblogEntryComment, RollerMessages)): this.apikey
    //#input(int validate(WeblogEntryComment, RollerMessages)): this.apikey._tainted
    //#output(int validate(WeblogEntryComment, RollerMessages)): return_value
    //#pre[1] (int validate(WeblogEntryComment, RollerMessages)): comment != null
    //#pre[2] (int validate(WeblogEntryComment, RollerMessages)): (soft) log != null
    //#pre[3] (int validate(WeblogEntryComment, RollerMessages)): (soft) messages != null
    //#pre[4] (int validate(WeblogEntryComment, RollerMessages)): (soft) messages.__Tag == org/apache/roller/weblogger/util/RollerMessages
    //#pre[5] (int validate(WeblogEntryComment, RollerMessages)): (soft) messages.mErrors != null
    //#pre[7] (int validate(WeblogEntryComment, RollerMessages)): (soft) init'ed(this.apikey)
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): java.net.URL:openConnection(...)@72 != null
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): org.apache.roller.weblogger.business.Weblogger:getUrlStrategy(...)@58 != null
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger(...)@58 != null
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger(...)@75 != null
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry(...)@58 != null
    //#presumption(int validate(WeblogEntryComment, RollerMessages)): org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry(...)@63 != null
    //#post(int validate(WeblogEntryComment, RollerMessages)): return_value in {0, 100}
    //#unanalyzed(int validate(WeblogEntryComment, RollerMessages)): Effects-of-calling:org.apache.roller.weblogger.util.RollerMessages$RollerMessage
    //#unanalyzed(int validate(WeblogEntryComment, RollerMessages)): Effects-of-calling:java.util.List:add
    //#test_vector(int validate(WeblogEntryComment, RollerMessages)): java.lang.String:equals(...)@86: {0}, {1}
        sb.append("blog=").append(
    //#AkismetCommentValidator.java:58: Warning: method not available
    //#    -- call on Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
    //#AkismetCommentValidator.java:58: Warning: method not available
    //#    -- call on URLStrategy org.apache.roller.weblogger.business.Weblogger:getUrlStrategy()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: URLStrategy org.apache.roller.weblogger.business.Weblogger:getUrlStrategy()
    //#AkismetCommentValidator.java:58: Warning: method not available
    //#    -- call on WeblogEntry org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: WeblogEntry org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry()
    //#AkismetCommentValidator.java:58: Warning: method not available
    //#    -- call on Weblog org.apache.roller.weblogger.pojos.WeblogEntry:getWebsite()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: Weblog org.apache.roller.weblogger.pojos.WeblogEntry:getWebsite()
    //#AkismetCommentValidator.java:58: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.business.URLStrategy:getWeblogURL(Weblog, String, bool)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.business.URLStrategy:getWeblogURL(Weblog, String, bool)
            WebloggerFactory.getWeblogger().getUrlStrategy().getWeblogURL(comment.getWeblogEntry().getWebsite(), null, true)).append("&");
        sb.append("user_ip="        ).append(comment.getRemoteHost()).append("&");
    //#AkismetCommentValidator.java:60: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getRemoteHost()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getRemoteHost()
        sb.append("user_agent="     ).append(comment.getUserAgent()).append("&");
    //#AkismetCommentValidator.java:61: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getUserAgent()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getUserAgent()
        sb.append("referrer="       ).append(comment.getReferrer()).append("&");
    //#AkismetCommentValidator.java:62: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getReferrer()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getReferrer()
        sb.append("permalink="      ).append(comment.getWeblogEntry().getPermalink()).append("&");
    //#AkismetCommentValidator.java:63: Warning: method not available
    //#    -- call on WeblogEntry org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: WeblogEntry org.apache.roller.weblogger.pojos.WeblogEntryComment:getWeblogEntry()
    //#AkismetCommentValidator.java:63: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntry:getPermalink()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntry:getPermalink()
        sb.append("comment_type="   ).append("comment").append("&");
        sb.append("comment_author=" ).append(comment.getName()).append("&");
    //#AkismetCommentValidator.java:65: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getName()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getName()
        sb.append("comment_author_email=").append(comment.getEmail()).append("&");
    //#AkismetCommentValidator.java:66: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getEmail()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getEmail()
        sb.append("comment_author_url="  ).append(comment.getUrl()).append("&");
    //#AkismetCommentValidator.java:67: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getUrl()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getUrl()
        sb.append("comment_content="     ).append(comment.getContent());
    //#AkismetCommentValidator.java:68: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.WeblogEntryComment:getContent()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.WeblogEntryComment:getContent()

        try {
            URL url = new URL("http://" + apikey + ".rest.akismet.com/1.1/comment-check");
            URLConnection conn = url.openConnection();
            conn.setDoOutput(true);

            conn.setRequestProperty("User_Agent", "Roller " + WebloggerFactory.getWeblogger().getVersion()); 
    //#AkismetCommentValidator.java:75: Warning: method not available
    //#    -- call on Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
    //#AkismetCommentValidator.java:75: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.business.Weblogger:getVersion()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: String org.apache.roller.weblogger.business.Weblogger:getVersion()
            conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded;charset=utf8"); 
            conn.setRequestProperty("Content-length", Integer.toString(sb.length()));

            OutputStreamWriter osr = new OutputStreamWriter(conn.getOutputStream());
            osr.write(sb.toString(), 0, sb.length());
            osr.flush();
            osr.close();

            BufferedReader br = new BufferedReader(new InputStreamReader(conn.getInputStream())); 
            String response = br.readLine();
            if ("true".equals(response)) {
                messages.addError("comment.validator.akismetMessage");
                return 0;
            }
            else return 100;
        } catch (Exception e) {
            log.error("ERROR checking comment against Akismet", e);
    //#AkismetCommentValidator.java:92: Warning: method not available
    //#    -- call on void org.apache.commons.logging.Log:error(Object, Throwable)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
    //#    method: int validate(WeblogEntryComment, RollerMessages)
    //#    unanalyzed callee: void org.apache.commons.logging.Log:error(Object, Throwable)
        }
        return 0; // interpret error as spam: better safe than sorry? 
    //#AkismetCommentValidator.java:94: end of method: int org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator.validate(WeblogEntryComment, RollerMessages)
    }
}



    //#AkismetCommentValidator.java:: end of class: org.apache.roller.weblogger.ui.rendering.plugins.comments.AkismetCommentValidator
