--- /dev/null
+--- drupal-4.6.8/modules/user.module 2006-03-13 23:29:18.000000000 +0200
++++ /usr/share/drupal/modules/user.module 2006-07-05 01:09:17.183413371 +0300
+@@ -1046,8 +1046,10 @@
+ function user_edit_form($uid, $edit) {
+ // Account information:
+ $group = form_textfield(t('Username'), 'name', $edit['name'], 30, 55, t('Your full name or your preferred username: only letters, numbers and spaces are allowed.'), NULL, TRUE);
++ if (user_access('administer user fields')) {
+ $group .= form_textfield(t('E-mail address'), 'mail', $edit['mail'], 30, 55, t('Insert a valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'), NULL, TRUE);
+ $group .= form_item(t('Password'), '<input type="password" class="form-password" name="edit[pass1]" size="12" maxlength="24" /> <input type="password" class="form-password" name="edit[pass2]" size="12" maxlength="24" />', t('Enter your new password twice if you want to change your current password, or leave it blank if you are happy with your current password.'), NULL, TRUE);
++ }
+
+ if (user_access('administer users')) {
+ $group .= form_radios(t('Status'), 'status', $edit['status'], array(t('Blocked'), t('Active')));
+@@ -1082,6 +1084,7 @@
+ form_set_error('name', t('The name %name has been denied access.', array('%name' => theme('placeholder', $edit['name']))));
+ }
+
++ if (user_access('administer user fields')) {
+ // Validate the e-mail address:
+ if ($error = user_validate_mail($edit['mail'])) {
+ form_set_error('mail', $error);
+@@ -1092,6 +1095,7 @@
+ else if (user_deny('mail', $edit['mail'])) {
+ form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => theme('placeholder', $edit['mail']))));
+ }
++ }
+
+ // Validate the user roles:
+ if (user_access('administer users')) {
--- /dev/null
+--- drupal/modules/comment.module~ 2007-09-12 11:15:08.000000000 +0300
++++ drupal/modules/comment.module 2007-09-12 11:15:01.000000000 +0300
+@@ -650,8 +650,11 @@
+ $edit['name'] = $user->name;
+ }
+
+-
+- db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
++ if ($edit['name'] == '' && strpos($edit['comment'], 'http://') !== false) {
++ error_log("comments Got spammer: cid=$edit[cid] nid=$edit[nid] pid=$edit[pid] uid=$edit[uid] subject=$edit[subject] comment=$edit[comment]");
++ } else {
++ db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
++ }
+
+ _comment_update_node_statistics($edit['nid']);
+