Akismet Anti-Spam - Version 4.0

Version Description

Release Date - 19 September 2017

Added REST API endpoints for configuring Akismet and retrieving stats.
Increased the minimum supported WordPress version to 4.0.
Added compatibility with comments submitted via the REST API.
Improved the progress indicator on the "Check for Spam" button.

Release Info

Developer	cfinke
Plugin	Akismet Anti-Spam
Version	4.0
Comparing to
See all releases

Code changes from version 3.3.4 to 4.0

Files changed (7) hide show

_inc/akismet.js +8 -2
akismet.php +6 -3
class.akismet-admin.php +20 -25
class.akismet-rest-api.php +271 -0
class.akismet.php +37 -37
readme.txt +11 -2
views/config.php +1 -4

_inc/akismet.js CHANGED Viewed

	@@ -162,8 +162,14 @@ jQuery( function ( $ ) {
162	var recheck_count = 0;
163
164	function akismet_check_for_spam(offset, limit) {






165	// Update the progress counter on the "Check for Spam" button.
166	- $( '.checkforspam-progress' ).text( ~~$( '~~.~~checkforspam' ).~~data( 'progress-label-format' ).replace( '%1$s', ~~offset~~ ) );
167
168	$.post(
169	ajaxurl,
	@@ -177,7 +183,7 @@ jQuery( function ( $ ) {
177	spam_count += result.counts.spam;
178
179	if (result.counts.processed < limit) {
180	- window.location.href = ~~$( '~~.~~checkforspam' ).~~data( 'success-url' ).replace( '__recheck_count__', recheck_count ).replace( '__spam_count__', spam_count );
181	}
182	else {
183	// Account for comments that were caught as spam and moved out of the queue.


162	var recheck_count = 0;
163
164	function akismet_check_for_spam(offset, limit) {
165	+ var check_for_spam_buttons = $( '.checkforspam' );
166	+
167	+ // We show the percentage complete down to one decimal point so even queues with 100k
168	+ // pending comments will show some progress pretty quickly.
169	+ var percentage_complete = Math.round( ( recheck_count / check_for_spam_buttons.data( 'pending-comment-count' ) ) * 1000 ) / 10;
170	+
171	// Update the progress counter on the "Check for Spam" button.
172	+ $( '.checkforspam-progress' ).text( check_for_spam_buttons.data( 'progress-label-format' ).replace( '%1$s', percentage_complete ) );
173
174	$.post(
175	ajaxurl,

183	spam_count += result.counts.spam;
184
185	if (result.counts.processed < limit) {
186	+ window.location.href = check_for_spam_buttons.data( 'success-url' ).replace( '__recheck_count__', recheck_count ).replace( '__spam_count__', spam_count );
187	}
188	else {
189	// Account for comments that were caught as spam and moved out of the queue.

akismet.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	Plugin Name: Akismet Anti-Spam
7	Plugin URI: https://akismet.com/
8	Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
9	- Version: 3.~~3.4~~
10	Author: Automattic
11	Author URI: https://automattic.com/wordpress-plugins/
12	License: GPLv2 or later
	@@ -37,8 +37,8 @@ if ( !function_exists( 'add_action' ) ) {
37	exit;
38	}
39
40	- define( 'AKISMET_VERSION', '3.~~3.4~~' );
41	- define( 'AKISMET__MINIMUM_WP_VERSION', '3.7' );
42	define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
43	define( 'AKISMET_DELETE_LIMIT', 100000 );
44
	@@ -47,9 +47,12 @@ register_deactivation_hook( __FILE__, array( 'Akismet', 'plugin_deactivation' )
47
48	require_once( AKISMET__PLUGIN_DIR . 'class.akismet.php' );
49	require_once( AKISMET__PLUGIN_DIR . 'class.akismet-widget.php' );

50
51	add_action( 'init', array( 'Akismet', 'init' ) );
52


53	if ( is_admin() \|\| ( defined( 'WP_CLI' ) && WP_CLI ) ) {
54	require_once( AKISMET__PLUGIN_DIR . 'class.akismet-admin.php' );
55	add_action( 'init', array( 'Akismet_Admin', 'init' ) );


6	Plugin Name: Akismet Anti-Spam
7	Plugin URI: https://akismet.com/
8	Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
9	+ Version: 4.0
10	Author: Automattic
11	Author URI: https://automattic.com/wordpress-plugins/
12	License: GPLv2 or later

37	exit;
38	}
39
40	+ define( 'AKISMET_VERSION', '4.0' );
41	+ define( 'AKISMET__MINIMUM_WP_VERSION', '4.0' );
42	define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
43	define( 'AKISMET_DELETE_LIMIT', 100000 );
44

47
48	require_once( AKISMET__PLUGIN_DIR . 'class.akismet.php' );
49	require_once( AKISMET__PLUGIN_DIR . 'class.akismet-widget.php' );
50	+ require_once( AKISMET__PLUGIN_DIR . 'class.akismet-rest-api.php' );
51
52	add_action( 'init', array( 'Akismet', 'init' ) );
53
54	+ add_action( 'rest_api_init', array( 'Akismet_REST_API', 'init' ) );
55	+
56	if ( is_admin() \|\| ( defined( 'WP_CLI' ) && WP_CLI ) ) {
57	require_once( AKISMET__PLUGIN_DIR . 'class.akismet-admin.php' );
58	add_action( 'init', array( 'Akismet_Admin', 'init' ) );

class.akismet-admin.php CHANGED Viewed

	@@ -91,12 +91,14 @@ class Akismet_Admin {
91	}
92
93	public static function load_menu() {
94	- if ( class_exists( 'Jetpack' ) )
95	$hook = add_submenu_page( 'jetpack', __( 'Akismet' , 'akismet'), __( 'Akismet' , 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
96	- ~~else~~

97	$hook = add_options_page( __('Akismet', 'akismet'), __('Akismet', 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
98	-
99	- ~~if ( version_compare( $GLOBALS['wp_version'], '3.3', '>=' ) ) {~~

100	add_action( "load-$hook", array( 'Akismet_Admin', 'admin_help' ) );
101	}
102	}
	@@ -248,8 +250,9 @@ class Akismet_Admin {
248	}
249
250	public static function enter_api_key() {
251	- if ( ~~function_exists('current_user_can')~~ ~~&& !~~current_user_can('manage_options') )
252	- die(__('Cheatin’ uh?', 'akismet'));

253
254	if ( !wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) )
255	return false;
	@@ -303,8 +306,9 @@ class Akismet_Admin {
303	}
304
305	public static function dashboard_stats() {
306	- if ( ~~!function_exists('~~did_action~~') \|\| did_action~~( 'rightnow_end' ) )
307	return; // We already displayed this info in the "Right Now" section

308
309	if ( !$count = get_option('akismet_spam_count') )
310	return;
	@@ -356,19 +360,19 @@ class Akismet_Admin {
356	return;
357	}
358
359	- if ( ~~function_exists~~('~~plugins_url~~') )
360	- $link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );
361	- else
362	- $link = add_query_arg( array( 'page' => 'akismet-admin', 'recheckqueue' => 'true', 'noheader' => 'true' ), admin_url( 'edit-comments.php' ) );
363


364	echo '</div>';
365	echo '<div class="alignleft">';
366	echo '<a
367	class="button-secondary checkforspam"
368	href="' . esc_url( $link ) . '"
369	data-active-label="' . esc_attr( __( 'Checking for Spam', 'akismet' ) ) . '"
370	- data-progress-label-format="' . esc_attr( __( '(%1$s~~...~~)', 'akismet' ) ) . '"
371	data-success-url="' . esc_attr( remove_query_arg( 'akismet_recheck', add_query_arg( array( 'akismet_recheck_complete' => 1, 'recheck_count' => urlencode( '__recheck_count__' ), 'spam_count' => urlencode( '__spam_count__' ) ) ) ) ) . '"

372	>';
373	echo '<span class="akismet-label">' . esc_html__('Check for Spam', 'akismet') . '</span>';
374	echo '<span class="checkforspam-progress"></span>';
	@@ -467,11 +471,6 @@ class Akismet_Admin {
467	}
468
469	public static function comment_row_action( $a, $comment ) {
470	-
471	- // failsafe for old WP versions
472	- if ( !function_exists('add_comment_meta') )
473	- return $a;
474	-
475	$akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
476	$akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
477	$user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);
	@@ -500,7 +499,7 @@ class Akismet_Admin {
500	$b[ $k ] = $item;
501	if (
502	$k == 'edit'
503	- \|\| ( $k == 'unspam' ~~&& $GLOBALS['wp_version'] >= 3.4 )~~
504	) {
505	$b['history'] = '<a href="comment.php?action=editcomment&c='.$comment->comment_ID.'#akismet-status" title="'. esc_attr__( 'View comment history' , 'akismet') . '"> '. esc_html__('History', 'akismet') . '</a>';
506	}
	@@ -645,12 +644,8 @@ class Akismet_Admin {
645	if ( !$type ) { // total
646	$count = wp_cache_get( 'akismet_spam_count', 'widget' );
647	if ( false === $count ) {
648	- if ( ~~function_exists~~(~~'wp_count_comments'~~) ~~) {~~
649	- $count = ~~wp_count_comments()~~;
650	- $count = $count->spam;
651	- } else {
652	- $count = (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam'");
653	- }
654	wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 );
655	}
656	return $count;
	@@ -706,7 +701,7 @@ class Akismet_Admin {
706	update_option('akismet_connectivity_time', time());
707	}
708
709	- if ( ~~function_exists( '~~wp_http_supports~~' ) &&~~ ( ~~wp_http_supports(~~ array( 'ssl' ) ) ) ) {
710	$response = wp_remote_get( 'https://rest.akismet.com/1.1/test' );
711	}
712	else {


91	}
92
93	public static function load_menu() {
94	+ if ( class_exists( 'Jetpack' ) ) {
95	$hook = add_submenu_page( 'jetpack', __( 'Akismet' , 'akismet'), __( 'Akismet' , 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
96	+ }
97	+ else {
98	$hook = add_options_page( __('Akismet', 'akismet'), __('Akismet', 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
99	+ }
100	+
101	+ if ( $hook ) {
102	add_action( "load-$hook", array( 'Akismet_Admin', 'admin_help' ) );
103	}
104	}

250	}
251
252	public static function enter_api_key() {
253	+ if ( ! current_user_can( 'manage_options' ) ) {
254	+ die( __( 'Cheatin’ uh?', 'akismet' ) );
255	+ }
256
257	if ( !wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) )
258	return false;

306	}
307
308	public static function dashboard_stats() {
309	+ if ( did_action( 'rightnow_end' ) ) {
310	return; // We already displayed this info in the "Right Now" section
311	+ }
312
313	if ( !$count = get_option('akismet_spam_count') )
314	return;

360	return;
361	}
362
363	+ $link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );



364
365	+ $comments_count = wp_count_comments();
366	+
367	echo '</div>';
368	echo '<div class="alignleft">';
369	echo '<a
370	class="button-secondary checkforspam"
371	href="' . esc_url( $link ) . '"
372	data-active-label="' . esc_attr( __( 'Checking for Spam', 'akismet' ) ) . '"
373	+ data-progress-label-format="' . esc_attr( __( '(%1$s%)', 'akismet' ) ) . '"
374	data-success-url="' . esc_attr( remove_query_arg( 'akismet_recheck', add_query_arg( array( 'akismet_recheck_complete' => 1, 'recheck_count' => urlencode( '__recheck_count__' ), 'spam_count' => urlencode( '__spam_count__' ) ) ) ) ) . '"
375	+ data-pending-comment-count="' . esc_attr( $comments_count->moderated ) . '"
376	>';
377	echo '<span class="akismet-label">' . esc_html__('Check for Spam', 'akismet') . '</span>';
378	echo '<span class="checkforspam-progress"></span>';

471	}
472
473	public static function comment_row_action( $a, $comment ) {





474	$akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
475	$akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
476	$user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);

499	$b[ $k ] = $item;
500	if (
501	$k == 'edit'
502	+ \|\| $k == 'unspam'
503	) {
504	$b['history'] = '<a href="comment.php?action=editcomment&c='.$comment->comment_ID.'#akismet-status" title="'. esc_attr__( 'View comment history' , 'akismet') . '"> '. esc_html__('History', 'akismet') . '</a>';
505	}

644	if ( !$type ) { // total
645	$count = wp_cache_get( 'akismet_spam_count', 'widget' );
646	if ( false === $count ) {
647	+ $count = wp_count_comments();
648	+ $count = $count->spam;




649	wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 );
650	}
651	return $count;

701	update_option('akismet_connectivity_time', time());
702	}
703
704	+ if ( wp_http_supports( array( 'ssl' ) ) ) {
705	$response = wp_remote_get( 'https://rest.akismet.com/1.1/test' );
706	}
707	else {

class.akismet-rest-api.php ADDED Viewed

	@@ -0,0 +1,271 @@


1	+ <?php
2	+
3	+ class Akismet_REST_API {
4	+ /**
5	+ * Register the REST API routes.
6	+ */
7	+ public static function init() {
8	+ if ( ! function_exists( 'register_rest_route' ) ) {
9	+ // The REST API wasn't integrated into core until 4.4, and we support 4.0+ (for now).
10	+ return false;
11	+ }
12	+
13	+ register_rest_route( 'akismet/v1', '/key', array(
14	+ array(
15	+ 'methods' => WP_REST_Server::READABLE,
16	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
17	+ 'callback' => array( 'Akismet_REST_API', 'get_key' ),
18	+ ), array(
19	+ 'methods' => WP_REST_Server::EDITABLE,
20	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
21	+ 'callback' => array( 'Akismet_REST_API', 'set_key' ),
22	+ 'args' => array(
23	+ 'key' => array(
24	+ 'required' => true,
25	+ 'type' => 'string',
26	+ 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
27	+ 'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
28	+ ),
29	+ ),
30	+ ), array(
31	+ 'methods' => WP_REST_Server::DELETABLE,
32	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
33	+ 'callback' => array( 'Akismet_REST_API', 'delete_key' ),
34	+ )
35	+ ) );
36	+
37	+ register_rest_route( 'akismet/v1', '/settings/', array(
38	+ array(
39	+ 'methods' => WP_REST_Server::READABLE,
40	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
41	+ 'callback' => array( 'Akismet_REST_API', 'get_settings' ),
42	+ ),
43	+ array(
44	+ 'methods' => WP_REST_Server::EDITABLE,
45	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
46	+ 'callback' => array( 'Akismet_REST_API', 'set_boolean_settings' ),
47	+ 'args' => array(
48	+ 'akismet_strictness' => array(
49	+ 'required' => false,
50	+ 'type' => 'boolean',
51	+ 'description' => __( 'If true, Akismet will automatically discard the worst spam automatically rather than putting it in the spam folder.', 'akismet' ),
52	+ ),
53	+ 'akismet_show_user_comments_approved' => array(
54	+ 'required' => false,
55	+ 'type' => 'boolean',
56	+ 'description' => __( 'If true, show the number of approved comments beside each comment author in the comments list page.', 'akismet' ),
57	+ ),
58	+ ),
59	+ )
60	+ ) );
61	+
62	+ register_rest_route( 'akismet/v1', '/stats', array(
63	+ 'methods' => WP_REST_Server::READABLE,
64	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
65	+ 'callback' => array( 'Akismet_REST_API', 'get_stats' ),
66	+ 'args' => array(
67	+ 'interval' => array(
68	+ 'required' => false,
69	+ 'type' => 'string',
70	+ 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_interval' ),
71	+ 'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
72	+ 'default' => 'all',
73	+ ),
74	+ ),
75	+ ) );
76	+
77	+ register_rest_route( 'akismet/v1', '/stats/(?P<interval>[\w+])', array(
78	+ 'args' => array(
79	+ 'interval' => array(
80	+ 'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
81	+ 'type' => 'string',
82	+ ),
83	+ ),
84	+ array(
85	+ 'methods' => WP_REST_Server::READABLE,
86	+ 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
87	+ 'callback' => array( 'Akismet_REST_API', 'get_stats' ),
88	+ )
89	+ ) );
90	+ }
91	+
92	+ /**
93	+ * Get the current Akismet API key.
94	+ *
95	+ * @param WP_REST_Request $request
96	+ * @return WP_Error\|WP_REST_Response
97	+ */
98	+ public static function get_key( $request = null ) {
99	+ return rest_ensure_response( Akismet::get_api_key() );
100	+ }
101	+
102	+ /**
103	+ * Set the API key, if possible.
104	+ *
105	+ * @param WP_REST_Request $request
106	+ * @return WP_Error\|WP_REST_Response
107	+ */
108	+ public static function set_key( $request ) {
109	+ if ( defined( 'WPCOM_API_KEY' ) ) {
110	+ return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be changed via the API.', 'akismet' ), array( 'status'=> 409 ) ) );
111	+ }
112	+
113	+ $new_api_key = $request->get_param( 'key' );
114	+
115	+ if ( ! self::key_is_valid( $new_api_key ) ) {
116	+ return rest_ensure_response( new WP_Error( 'invalid_key', __( 'The value provided is not a valid and registered API key.', 'akismet' ), array( 'status' => 400 ) ) );
117	+ }
118	+
119	+ update_option( 'wordpress_api_key', $new_api_key );
120	+
121	+ return self::get_key();
122	+ }
123	+
124	+ /**
125	+ * Unset the API key, if possible.
126	+ *
127	+ * @param WP_REST_Request $request
128	+ * @return WP_Error\|WP_REST_Response
129	+ */
130	+ public static function delete_key( $request ) {
131	+ if ( defined( 'WPCOM_API_KEY' ) ) {
132	+ return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be deleted.', 'akismet' ), array( 'status'=> 409 ) ) );
133	+ }
134	+
135	+ delete_option( 'wordpress_api_key' );
136	+
137	+ return rest_ensure_response( true );
138	+ }
139	+
140	+ /**
141	+ * Get the Akismet settings.
142	+ *
143	+ * @param WP_REST_Request $request
144	+ * @return WP_Error\|WP_REST_Response
145	+ */
146	+ public static function get_settings( $request = null ) {
147	+ return rest_ensure_response( array(
148	+ 'akismet_strictness' => ( get_option( 'akismet_strictness', '1' ) === '1' ),
149	+ 'akismet_show_user_comments_approved' => ( get_option( 'akismet_show_user_comments_approved', '1' ) === '1' ),
150	+ ) );
151	+ }
152	+
153	+ /**
154	+ * Update the Akismet settings.
155	+ *
156	+ * @param WP_REST_Request $request
157	+ * @return WP_Error\|WP_REST_Response
158	+ */
159	+ public static function set_boolean_settings( $request ) {
160	+ foreach ( array(
161	+ 'akismet_strictness',
162	+ 'akismet_show_user_comments_approved',
163	+ ) as $setting_key ) {
164	+
165	+ $setting_value = $request->get_param( $setting_key );
166	+ if ( is_null( $setting_value ) ) {
167	+ // This setting was not specified.
168	+ continue;
169	+ }
170	+
171	+ // From 4.7+, WP core will ensure that these are always boolean
172	+ // values because they are registered with 'type' => 'boolean',
173	+ // but we need to do this ourselves for prior versions.
174	+ $setting_value = Akismet_REST_API::parse_boolean( $setting_value );
175	+
176	+ update_option( $setting_key, $setting_value ? '1' : '0' );
177	+ }
178	+
179	+ return self::get_settings();
180	+ }
181	+
182	+ /**
183	+ * Parse a numeric or string boolean value into a boolean.
184	+ *
185	+ * @param mixed $value The value to convert into a boolean.
186	+ * @return bool The converted value.
187	+ */
188	+ public static function parse_boolean( $value ) {
189	+ switch ( $value ) {
190	+ case true:
191	+ case 'true':
192	+ case '1':
193	+ case 1:
194	+ return true;
195	+
196	+ case false:
197	+ case 'false':
198	+ case '0':
199	+ case 0:
200	+ return false;
201	+
202	+ default:
203	+ return (bool) $value;
204	+ }
205	+ }
206	+
207	+ /**
208	+ * Get the Akismet stats for a given time period.
209	+ *
210	+ * Possible `interval` values:
211	+ * - all
212	+ * - 60-days
213	+ * - 6-months
214	+ *
215	+ * @param WP_REST_Request $request
216	+ * @return WP_Error\|WP_REST_Response
217	+ */
218	+ public static function get_stats( $request ) {
219	+ $api_key = Akismet::get_api_key();
220	+
221	+ $interval = $request->get_param( 'interval' );
222	+
223	+ $stat_totals = array();
224	+
225	+ $response = Akismet::http_post( Akismet::build_query( array( 'blog' => get_option( 'home' ), 'key' => $api_key, 'from' => $interval ) ), 'get-stats' );
226	+
227	+ if ( ! empty( $response[1] ) ) {
228	+ $stat_totals[$interval] = json_decode( $response[1] );
229	+ }
230	+
231	+ return rest_ensure_response( $stat_totals );
232	+ }
233	+
234	+ private static function key_is_valid( $key ) {
235	+ $response = Akismet::http_post(
236	+ Akismet::build_query(
237	+ array(
238	+ 'key' => $key,
239	+ 'blog' => get_option( 'home' )
240	+ )
241	+ ),
242	+ 'verify-key'
243	+ );
244	+
245	+ if ( $response[1] == 'valid' ) {
246	+ return true;
247	+ }
248	+
249	+ return false;
250	+ }
251	+
252	+ public static function privileged_permission_callback() {
253	+ return current_user_can( 'manage_options' );
254	+ }
255	+
256	+ public static function sanitize_interval( $interval, $request, $param ) {
257	+ $interval = trim( $interval );
258	+
259	+ $valid_intervals = array( '60-days', '6-months', 'all', );
260	+
261	+ if ( ! in_array( $interval, $valid_intervals ) ) {
262	+ $interval = 'all';
263	+ }
264	+
265	+ return $interval;
266	+ }
267	+
268	+ public static function sanitize_key( $key, $request, $param ) {
269	+ return trim( $key );
270	+ }
271	+ }

class.akismet.php CHANGED Viewed

	@@ -10,7 +10,8 @@ class Akismet {
10	private static $prevent_moderation_email_for_these_comments = array();
11	private static $last_comment_result = null;
12	private static $comment_as_submitted_allowed_keys = array( 'blog' => '', 'blog_charset' => '', 'blog_lang' => '', 'blog_ua' => '', 'comment_agent' => '', 'comment_author' => '', 'comment_author_IP' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => '', 'comment_date_gmt' => '', 'comment_tags' => '', 'comment_type' => '', 'guid' => '', 'is_test' => '', 'permalink' => '', 'reporter' => '', 'site_domain' => '', 'submit_referer' => '', 'submit_uri' => '', 'user_ID' => '', 'user_agent' => '', 'user_id' => '', 'user_ip' => '' );
13	-

14	public static function init() {
15	if ( ! self::$initiated ) {
16	self::init_hooks();
	@@ -25,6 +26,8 @@ class Akismet {
25
26	add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 );
27	add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 );


28	add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) );
29	add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) );
30	add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) );
	@@ -104,6 +107,12 @@ class Akismet {
104	self::verify_key( $value );
105	}
106	}






107
108	public static function auto_check_comment( $commentdata ) {
109	self::$last_comment_result = null;
	@@ -190,14 +199,25 @@ class Akismet {
190	do_action( 'akismet_spam_caught', $discard );
191
192	if ( $discard ) {

193	// akismet_result_spam() won't be called so bump the counter here
194	- if ( $incr = apply_filters('akismet_spam_count_incr', 1) )
195	- update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr );
196	- ~~// The spam is obvious, so we're bailing out early. Redirect back to the previous page,~~
197	- ~~// or failing that, the post permalink, or failing that, the homepage of the blog.~~
198	- ~~$redirect_to~~ ~~= isset~~( ~~$_SERVER['HTTP_REFERER']~~ ) ~~? $_SERVER['HTTP_REFERER'] : ( $post ? get_permalink( $post ) : home_url() );~~
199	- ~~wp_safe_redirect~~( ~~esc_url_raw~~( ~~$redirect_to~~ ) );
200	- ~~die();~~










201	}
202	}
203
	@@ -207,26 +227,20 @@ class Akismet {
207	// Comment status should be moderated
208	self::$last_comment_result = '0';
209	}
210	- ~~if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_single_event') ) {~~
211	- if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
212	- wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
213	- do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] );
214	- }
215	}
216
217	self::$prevent_moderation_email_for_these_comments[] = $commentdata;
218	}
219
220	- if ( ~~function_exists('wp_next_scheduled')~~ && ~~function_exists('wp_schedule_event') ) {~~
221	- // WP ~~2.1+:~~ ~~delete~~ ~~old~~ ~~comments~~ ~~daily~~
222	- if ( ~~!wp_next_scheduled~~( 'akismet_scheduled_delete' ) )
223	- wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' );
224	- }
225	- elseif ( (mt_rand(1, 10) == 3) ) {
226	- // WP 2.0: run this one time in ten
227	- self::delete_old_comments();
228	}
229	-
230	self::set_last_comment( $commentdata );
231	self::fix_scheduled_recheck();
232
	@@ -256,11 +270,6 @@ class Akismet {
256	// this fires on wp_insert_comment. we can't update comment_meta when auto_check_comment() runs
257	// because we don't know the comment ID at that point.
258	public static function auto_check_update_meta( $id, $comment ) {
259	-
260	- // failsafe for old WP versions
261	- if ( !function_exists('add_comment_meta') )
262	- return false;
263	-
264	// wp_insert_comment() might be called in other contexts, so make sure this is the same comment
265	// as was checked by auto_check_comment
266	if ( is_object( $comment ) && !empty( self::$last_comment ) && is_array( self::$last_comment ) ) {
	@@ -398,11 +407,6 @@ class Akismet {
398
399	// get the full comment history for a given comment, as an array in reverse chronological order
400	public static function get_comment_history( $comment_id ) {
401	-
402	- // failsafe for old WP versions
403	- if ( !function_exists('add_comment_meta') )
404	- return false;
405	-
406	$history = get_comment_meta( $comment_id, 'akismet_history', false );
407	usort( $history, array( 'Akismet', '_cmp_time' ) );
408	return $history;
	@@ -419,10 +423,6 @@ class Akismet {
419	public static function update_comment_history( $comment_id, $message, $event=null, $meta=null ) {
420	global $current_user;
421
422	- // failsafe for old WP versions
423	- if ( !function_exists('add_comment_meta') )
424	- return false;
425	-
426	$user = '';
427
428	$event = array(
	@@ -1024,7 +1024,7 @@ class Akismet {
1024	do_action( 'akismet_ssl_disabled' );
1025	}
1026
1027	- if ( ! $ssl_disabled && ~~function_exists~~( ~~'wp_http_supports') && (~~ $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
1028	$akismet_url = set_url_scheme( $akismet_url, 'https' );
1029
1030	do_action( 'akismet_https_request_pre' );


10	private static $prevent_moderation_email_for_these_comments = array();
11	private static $last_comment_result = null;
12	private static $comment_as_submitted_allowed_keys = array( 'blog' => '', 'blog_charset' => '', 'blog_lang' => '', 'blog_ua' => '', 'comment_agent' => '', 'comment_author' => '', 'comment_author_IP' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => '', 'comment_date_gmt' => '', 'comment_tags' => '', 'comment_type' => '', 'guid' => '', 'is_test' => '', 'permalink' => '', 'reporter' => '', 'site_domain' => '', 'submit_referer' => '', 'submit_uri' => '', 'user_ID' => '', 'user_agent' => '', 'user_id' => '', 'user_ip' => '' );
13	+ private static $is_rest_api_call = false;
14	+
15	public static function init() {
16	if ( ! self::$initiated ) {
17	self::init_hooks();

26
27	add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 );
28	add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 );
29	+ add_filter( 'rest_pre_insert_comment', array( 'Akismet', 'rest_auto_check_comment' ), 1 );
30	+
31	add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) );
32	add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) );
33	add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) );

107	self::verify_key( $value );
108	}
109	}
110	+
111	+ public static function rest_auto_check_comment( $commentdata ) {
112	+ self::$is_rest_api_call = true;
113	+
114	+ return self::auto_check_comment( $commentdata );
115	+ }
116
117	public static function auto_check_comment( $commentdata ) {
118	self::$last_comment_result = null;

199	do_action( 'akismet_spam_caught', $discard );
200
201	if ( $discard ) {
202	+ // The spam is obvious, so we're bailing out early.
203	// akismet_result_spam() won't be called so bump the counter here
204	+ if ( $incr = apply_filters( 'akismet_spam_count_incr', 1 ) ) {
205	+ update_option( 'akismet_spam_count', get_option( 'akismet_spam_count' ) + $incr );
206	+ }
207	+
208	+ if ( self::$is_rest_api_call ) {
209	+ return new WP_Error( 'akismet_rest_comment_discarded', __( 'Comment discarded.', 'akismet' ) );
210	+ }
211	+ else {
212	+ // Redirect back to the previous page, or failing that, the post permalink, or failing that, the homepage of the blog.
213	+ $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : ( $post ? get_permalink( $post ) : home_url() );
214	+ wp_safe_redirect( esc_url_raw( $redirect_to ) );
215	+ die();
216	+ }
217	+ }
218	+ else if ( self::$is_rest_api_call ) {
219	+ // The way the REST API structures its calls, we can set the comment_approved value right away.
220	+ $commentdata['comment_approved'] = 'spam';
221	}
222	}
223

227	// Comment status should be moderated
228	self::$last_comment_result = '0';
229	}
230	+
231	+ if ( ! wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
232	+ wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
233	+ do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] );

234	}
235
236	self::$prevent_moderation_email_for_these_comments[] = $commentdata;
237	}
238
239	+ // Delete old comments daily
240	+ if ( ! wp_next_scheduled( 'akismet_scheduled_delete' ) ) {
241	+ wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' );





242	}
243	+
244	self::set_last_comment( $commentdata );
245	self::fix_scheduled_recheck();
246

270	// this fires on wp_insert_comment. we can't update comment_meta when auto_check_comment() runs
271	// because we don't know the comment ID at that point.
272	public static function auto_check_update_meta( $id, $comment ) {





273	// wp_insert_comment() might be called in other contexts, so make sure this is the same comment
274	// as was checked by auto_check_comment
275	if ( is_object( $comment ) && !empty( self::$last_comment ) && is_array( self::$last_comment ) ) {

407
408	// get the full comment history for a given comment, as an array in reverse chronological order
409	public static function get_comment_history( $comment_id ) {





410	$history = get_comment_meta( $comment_id, 'akismet_history', false );
411	usort( $history, array( 'Akismet', '_cmp_time' ) );
412	return $history;

423	public static function update_comment_history( $comment_id, $message, $event=null, $meta=null ) {
424	global $current_user;
425




426	$user = '';
427
428	$event = array(

1024	do_action( 'akismet_ssl_disabled' );
1025	}
1026
1027	+ if ( ! $ssl_disabled && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
1028	$akismet_url = set_url_scheme( $akismet_url, 'https' );
1029
1030	do_action( 'akismet_https_request_pre' );

readme.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Akismet ===
2	Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs
3	Tags: akismet, comments, spam, antispam, anti-spam, anti spam, comment moderation, comment spam, contact form spam, spam comments
4	- Requires at least: 3.7
5	Tested up to: 4.8.1
6	- Stable tag: 3.~~3.4~~
7	License: GPLv2 or later
8
9	Akismet checks your comments and contact form submissions against our global database of spam to protect you and your site from malicious content.
	@@ -30,7 +30,16 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
30
31	== Changelog ==
32








33	= 3.3.4 =

34
35	* Disabled Akismet's debug log output by default unless AKISMET_DEBUG is defined.
36	* URL previews now begin preloading when the mouse moves near them in the comments section of wp-admin.


1	=== Akismet ===
2	Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs
3	Tags: akismet, comments, spam, antispam, anti-spam, anti spam, comment moderation, comment spam, contact form spam, spam comments
4	+ Requires at least: 4.0
5	Tested up to: 4.8.1
6	+ Stable tag: 4.0
7	License: GPLv2 or later
8
9	Akismet checks your comments and contact form submissions against our global database of spam to protect you and your site from malicious content.

30
31	== Changelog ==
32
33	+ = 4.0 =
34	+ Release Date - 19 September 2017
35	+
36	+ * Added REST API endpoints for configuring Akismet and retrieving stats.
37	+ * Increased the minimum supported WordPress version to 4.0.
38	+ * Added compatibility with comments submitted via the REST API.
39	+ * Improved the progress indicator on the "Check for Spam" button.
40	+
41	= 3.3.4 =
42	+ Release Date - 3 August 2017
43
44	* Disabled Akismet's debug log output by default unless AKISMET_DEBUG is defined.
45	* URL previews now begin preloading when the mouse moves near them in the comments section of wp-admin.

views/config.php CHANGED Viewed

	@@ -82,10 +82,7 @@
82	<p>
83	<?php
84
85	- if ( ! ~~function_exists~~( '~~wp_http_supports~~' ) ) {
86	- ?><b><?php esc_html_e( 'Disabled.', 'akismet' ); ?></b> <?php printf( esc_html( 'Your WordPress installation does not include the function %s; upgrade to the latest version of WordPress.', 'akismet' ), '<code>wp_http_supports</code>' ); ?><?php
87	- }
88	- else if ( ! wp_http_supports( array( 'ssl' ) ) ) {
89	?><b><?php esc_html_e( 'Disabled.', 'akismet' ); ?></b> <?php esc_html_e( 'Your Web server cannot make SSL requests; contact your Web host and ask them to add support for SSL requests.', 'akismet' ); ?><?php
90	}
91	else {


82	<p>
83	<?php
84
85	+ if ( ! wp_http_supports( array( 'ssl' ) ) ) {



86	?><b><?php esc_html_e( 'Disabled.', 'akismet' ); ?></b> <?php esc_html_e( 'Your Web server cannot make SSL requests; contact your Web host and ask them to add support for SSL requests.', 'akismet' ); ?><?php
87	}
88	else {