*** lib/MT/App/Comments.pm.orig	2006-08-04 06:15:31.000000000 +0900
--- lib/MT/App/Comments.pm	2007-02-07 19:26:40.000000000 +0900
***************
*** 265,270 ****
--- 265,291 ----
         return $app->handle_error($app->translate("Comment text is required."));
      } 
  
+     # ダイジェストを作成
+     require Digest::SHA1;
+     my $sha1 = Digest::SHA1->new;
+     my $sha1_token = $q->param('text') . $q->param('entry_id') . $app->remote_ip . $q->param('author') . $q->param('email') . $q->param('url');
+     $sha1_token =~ s/\x0D\x0A//g;
+     $sha1_token =~ s/\x0D//g;
+     $sha1_token =~ s/\x0A//g;
+     $sha1->add($sha1_token);
+     my $salt_file = MT::ConfigMgr->instance->PluginPath .'/salt.txt';
+     my $FH;
+     open($FH, $salt_file) or die "cannot open file <$salt_file> ($!)";
+     $sha1->addfile($FH);
+     close $FH; 
+     my $digest = $sha1->b64digest . "=";
+ 
+     # validatedで送られてきたダイジェストと比較
+     if ($q->param('validated') ne $digest) {
+     return $app->handle_error($app->translate(
+             "コメントの投稿はプレビュー画面から行ってください。"));
+     }
+ 
      my ($comment, $commenter) = _make_comment($app, $entry);
      my $remember = $q->param('bakecookie') || 0;
      $remember = 0 if $remember eq 'Forget Info'; # another value for '0'