Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.126

Version Description

September 9 2019 = * Spam protection improved! * Integration: Option wheel. * Mod: Improved Email detection. * Mod: Improved IP detection. * Fix: Too large database table with alternative sessions. * Fix: Exception for WooCommerce AJAX. * Fix: API key validation. * Minor fixes.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.126
Comparing to
See all releases

Code changes from version 5.125 to 5.126

Files changed (25) hide show
  1. cleantalk.php +1788 -1773
  2. css/cleantalk-admin-settings-page.min.css +1 -1
  3. css/cleantalk-admin.min.css +1 -1
  4. inc/classCleantalkAdmin.php +41 -0
  5. inc/classCleantalkPublic.php +47 -0
  6. inc/cleantalk-ajax.php +716 -710
  7. inc/cleantalk-common.php +976 -945
  8. inc/cleantalk-public.php +3297 -3306
  9. inc/cleantalk-settings.php +8 -7
  10. inc/cleantalk-updater.php +11 -0
  11. inc/cleantalk-users.php +9 -5
  12. lib/Cleantalk/Antispam/API.php +774 -0
  13. lib/{CleantalkBase/CleantalkDB.php → Cleantalk/Antispam/DB.php} +2 -2
  14. lib/Cleantalk/Antispam/Helper.php +689 -0
  15. lib/{CleantalkBase/CleantalkSFW.php → Cleantalk/Antispam/SFW.php} +14 -14
  16. lib/CleantalkAPI.php +2 -2
  17. lib/CleantalkBase/CleantalkAPI.php +0 -777
  18. lib/CleantalkBase/CleantalkHelper.php +0 -671
  19. lib/CleantalkDB.php +2 -2
  20. lib/CleantalkHelper.php +2 -2
  21. lib/CleantalkIntegration.php +0 -55
  22. lib/CleantalkSFW.php +2 -2
  23. lib/CleantalkSFW_Base.php +16 -17
  24. lib/CleantalkState.php +505 -505
  25. readme.txt +23 -3
cleantalk.php CHANGED
@@ -1,1774 +1,1789 @@
1
- <?php
2
- /*
3
- Plugin Name: Anti-Spam by CleanTalk
4
- Plugin URI: http://cleantalk.org
5
- Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.125
7
- Author: СleanTalk <welcome@cleantalk.org>
8
- Author URI: http://cleantalk.org
9
- Text Domain: cleantalk
10
- Domain Path: /i18n
11
- */
12
-
13
- $cleantalk_executed = false;
14
-
15
- // Getting version form main file (look above)
16
- $plugin_info = get_file_data(__FILE__, array('Version' => 'Version', 'Name' => 'Plugin Name',));
17
-
18
- // Common params
19
- define('APBCT_NAME', $plugin_info['Name']);
20
- define('APBCT_VERSION', $plugin_info['Version']);
21
- define('APBCT_URL_PATH', plugins_url('', __FILE__)); //HTTP path. Plugin root folder without '/'.
22
- define('APBCT_DIR_PATH', plugin_dir_path(__FILE__)); //System path. Plugin root folder with '/'.
23
- define('APBCT_PLUGIN_BASE_NAME', plugin_basename(__FILE__)); //Plugin base name.
24
- define('APBCT_CASERT_PATH', file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt') ? ABSPATH . WPINC . '/certificates/ca-bundle.crt' : ''); // SSL Serttificate path
25
-
26
- // API params
27
- define('APBCT_AGENT', 'wordpress-'.str_replace('.', '', $plugin_info['Version']));
28
- define('APBCT_MODERATE_URL', 'http://moderate.cleantalk.org'); //Api URL
29
-
30
- // Option names
31
- define('APBCT_DATA', 'cleantalk_data'); //Option name with different plugin data.
32
- define('APBCT_SETTINGS', 'cleantalk_settings'); //Option name with plugin settings.
33
- define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
34
- define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
35
-
36
- // Multisite
37
- define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
38
-
39
- // Sessions
40
- define('APBCT_SEESION__LIVE_TIME', 86400*2);
41
- define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
42
-
43
- // Different params
44
- define('APBCT_REMOTE_CALL_SLEEP', 5); // Minimum time between remote call
45
-
46
- if(!defined('CLEANTALK_PLUGIN_DIR')){
47
-
48
- define('CLEANTALK_PLUGIN_DIR', dirname(__FILE__ ) . '/');
49
-
50
- // PHP functions patches
51
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/cleantalk-php-patch.php'); // Pathces fpr different functions which not exists
52
-
53
- // Base classes
54
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkAPI.php'); // API
55
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkDB.php'); // Database driver
56
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkHelper.php'); // Helper
57
- include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkBase/CleantalkSFW.php"); // SpamFireWall
58
-
59
- // Child classes
60
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkAPI.php'); // API for Wordpress
61
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
62
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkHelper.php'); // Helper for Worpdress
63
- include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php"); // SpamFireWall for Wordpress
64
-
65
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk.php'); // Main class for request
66
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkRequest.php'); // Holds request data
67
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkResponse.php'); // Holds response data
68
-
69
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkCron.php'); // Cron handling
70
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkState.php'); // State class
71
- // require_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkIntegration.php'); // Integrations
72
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-pluggable.php'); // Pluggable functions
73
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
74
-
75
- // Global ArrayObject with settings and other global varables
76
- global $apbct;
77
- $apbct = new CleantalkState('cleantalk', array('settings', 'data', 'debug', 'errors', 'remote_calls', 'stats'), is_multisite());
78
-
79
- $apbct->white_label = defined('APBCT_WHITELABEL') && APBCT_WHITELABEL == true ? true : false;
80
-
81
- // Customize CleantalkState
82
- // Account status
83
- $apbct->base_name = 'cleantalk-spam-protect/cleantalk.php';
84
- $apbct->plugin_name = defined('APBCT_WHITELABEL_NAME') ? APBCT_WHITELABEL_NAME : APBCT_NAME; // For test purposes
85
-
86
- $apbct->logo = plugin_dir_url(__FILE__) . 'inc/images/logo.png';
87
- $apbct->logo__small = plugin_dir_url(__FILE__) . 'inc/images/logo_small.png';
88
- $apbct->logo__small__colored = plugin_dir_url(__FILE__) . 'inc/images/logo_color.png';
89
-
90
- $apbct->key_is_ok = !empty($apbct->data['key_is_ok']) ? $apbct->data['key_is_ok'] : 0;
91
- $apbct->key_is_ok = isset($apbct->data['testing_failed']) && $apbct->data['testing_failed'] == 0 ? 1 : $apbct->key_is_ok;
92
-
93
- $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
94
- $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
95
-
96
- $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
97
-
98
- if(!$apbct->white_label){
99
- require_once( CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
100
- $apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
101
- }
102
-
103
- // Passing JS key to frontend
104
- add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
105
- add_action('wp_ajax_nopriv_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
106
-
107
- // Database prefix
108
- global $wpdb;
109
- $apbct->db_prefix = !$apbct->white_label && defined('CLEANTALK_ACCESS_KEY') ? $wpdb->base_prefix : $wpdb->prefix;
110
- // Database constants
111
- define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
112
- define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
113
- define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
114
- define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
115
- define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
116
-
117
- /** @todo HARDCODE FIX */
118
- if($apbct->plugin_version === '1.0.0')
119
- $apbct->plugin_version = '5.100';
120
-
121
- // Do update actions if version is changed
122
- apbct_update_actions();
123
-
124
- // Self cron
125
- if(!defined('DOING_CRON') || (defined('DOING_CRON') && DOING_CRON !== true)){
126
-
127
- $ct_cron = new CleantalkCron();
128
- $ct_cron->checkTasks();
129
-
130
- if(!empty($ct_cron->tasks_to_run)){
131
-
132
- define('CT_CRON', true); // Letting know functions that they are running under CT_CRON
133
- $ct_cron->runTasks();
134
- unset($ct_cron);
135
-
136
- }
137
- }
138
-
139
- //Delete cookie for admin trial notice
140
- add_action('wp_logout', 'apbct__hook__wp_logout__delete_trial_notice_cookie');
141
-
142
- // Set cookie only for public pages and for non-AJAX requests
143
- if (!is_admin() && !apbct_is_ajax() && !defined('DOING_CRON')
144
- && empty($_POST['ct_checkjs_register_form']) // Buddy press registration fix
145
- && empty($_GET['ct_checkjs_search_default']) // Search form fix
146
- && empty($_POST['action']) //bbPress
147
- ){
148
- add_action('template_redirect','apbct_cookie', 2);
149
- add_action('template_redirect','apbct_store__urls', 2);
150
- if (empty($_POST) && empty($_GET)){
151
- apbct_cookie();
152
- apbct_store__urls();
153
- }
154
- }
155
-
156
- // Early checks
157
- // Facebook
158
- if ($apbct->settings['general_contact_forms_test'] == 1
159
- && (!empty($_POST['action']) && $_POST['action'] == 'fb_intialize')
160
- && !empty($_POST['FB_userdata'])
161
- ){
162
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
163
- if (apbct_is_user_enable()){
164
- $ct_check_post_result=false;
165
- ct_registration_errors(null);
166
- }
167
-
168
- }
169
-
170
- // Ninja Forms. Making GET action to POST action
171
- if(isset($_SERVER['REQUEST_URI']) && stripos($_SERVER['REQUEST_URI'],'admin-ajax.php') !== false && sizeof($_POST) > 0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
172
- $_POST['action']='ninja_forms_ajax_submit';
173
-
174
- add_action( 'wp_ajax_nopriv_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
175
- add_action( 'wp_ajax_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
176
- add_action( 'wp_ajax_nopriv_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
177
- add_action( 'wp_ajax_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
178
- add_action( 'ninja_forms_process', 'apbct_form__ninjaForms__testSpam', 1); // Depricated ?
179
-
180
- // Public actions
181
- if(!is_admin() && !apbct_is_ajax()){
182
-
183
- // Default search
184
- //add_filter( 'get_search_form', 'apbct_forms__search__addField' );
185
- add_filter( 'get_search_query', 'apbct_forms__search__testSpam' );
186
-
187
- // Remote calls
188
- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && in_array($_GET['plugin_name'], array('antispam','anti-spam', 'apbct'))){
189
- apbct_remote_call__perform();
190
- }
191
-
192
- // SpamFireWall check
193
- if( $apbct->plugin_version == APBCT_VERSION && // Do not call with first start
194
- $apbct->settings['spam_firewall'] == 1 &&
195
- $_SERVER["REQUEST_METHOD"] == 'GET')
196
- {
197
- apbct_sfw__check();
198
- }
199
-
200
- }
201
-
202
-
203
- // Activation/deactivation functions must be in main plugin file.
204
- // http://codex.wordpress.org/Function_Reference/register_activation_hook
205
- register_activation_hook( __FILE__, 'apbct_activation' );
206
- register_deactivation_hook( __FILE__, 'apbct_deactivation' );
207
-
208
- // Hook for newly added blog
209
- add_action('wpmu_new_blog', 'apbct_activation__new_blog', 10, 6);
210
-
211
- // Async loading for JavaScript
212
- add_filter('script_loader_tag', 'apbct_add_async_attribute', 10, 3);
213
-
214
- // Redirect admin to plugin settings.
215
- if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
216
- add_action('admin_init', 'apbct_plugin_redirect');
217
-
218
- // Deleting SFW tables when deleting websites
219
- if(defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE === true)
220
- add_action( 'delete_blog', 'apbct_sfw__delete_tables', 10, 2 );
221
-
222
- // After plugin loaded - to load locale as described in manual
223
- add_action('plugins_loaded', 'apbct_plugin_loaded' );
224
-
225
- if( !empty($apbct->settings['use_ajax']) &&
226
- stripos($_SERVER['REQUEST_URI'],'.xml')===false &&
227
- stripos($_SERVER['REQUEST_URI'],'.xsl')===false)
228
- {
229
- add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
230
- add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
231
- }
232
-
233
- // Admin panel actions
234
- if (is_admin() || is_network_admin()){
235
-
236
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
237
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
238
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
239
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-settings.php');
240
-
241
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
242
-
243
- add_action('admin_enqueue_scripts', 'apbct_admin__enqueue_scripts');
244
-
245
- add_action('admin_init', 'apbct_admin__init', 1);
246
- add_action('admin_menu', 'apbct_settings__add_page');
247
- add_action('network_admin_menu', 'apbct_settings__add_page');
248
- add_action('admin_notices', 'apbct_admin__notice_message');
249
- add_action('network_admin_notices', 'apbct_admin__notice_message');
250
-
251
- //Show widget only if not IP license
252
- if(!$apbct->moderate_ip)
253
- add_action('wp_dashboard_setup', 'ct_dashboard_statistics_widget' );
254
- }
255
-
256
- if(apbct_is_ajax() || isset($_POST['cma-action'])){
257
-
258
- $cleantalk_hooked_actions = array();
259
- $cleantalk_ajax_actions_to_check = array();
260
-
261
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
262
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
263
-
264
- // Feedback for comments
265
- if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_comment'){
266
- add_action( 'wp_ajax_nopriv_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
267
- add_action( 'wp_ajax_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
268
- }
269
- if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_user'){
270
- add_action( 'wp_ajax_nopriv_ct_feedback_user', 'apbct_user__send_feedback',1 );
271
- add_action( 'wp_ajax_ct_feedback_user', 'apbct_user__send_feedback',1 );
272
- }
273
-
274
- // Check AJAX requests
275
- // if User is not logged in
276
- // if Unknown action or Known action with mandatory check
277
- if( (!apbct_is_user_logged_in() || $apbct->settings['protect_logged_in'] == 1) &&
278
- isset($_POST['action']) && (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
279
- ){
280
- ct_ajax_hook();
281
- }
282
-
283
- //QAEngine Theme answers
284
- if (intval($apbct->settings['general_contact_forms_test']))
285
- add_filter('et_pre_insert_question', 'ct_ajax_hook', 1, 1); // Questions
286
- add_filter('et_pre_insert_answer', 'ct_ajax_hook', 1, 1); // Answers
287
-
288
- // Formidable
289
- add_filter( 'frm_entries_before_create', 'ct_frm_validate_entry', 10, 2 );
290
- add_action( 'frm_entries_footer_scripts', 'ct_frm_entries_footer_scripts', 20, 2 );
291
-
292
- // Some of plugins to register a users use AJAX context.
293
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
294
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
295
- add_action('user_register', 'apbct_user_register');
296
-
297
- if(class_exists('BuddyPress')){
298
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
299
- add_filter('bp_activity_is_spam_before_save', 'apbct_integration__buddyPres__activityWall', 999 ,2); /* ActivityWall */
300
- add_action('bp_locate_template', 'apbct_integration__buddyPres__getTemplateName', 10, 6);
301
- }
302
-
303
- }
304
-
305
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
306
- //Bitrix24 contact form
307
- if ($apbct->settings['general_contact_forms_test'] == 1 &&
308
- !empty($_POST['your-phone']) &&
309
- !empty($_POST['your-email']) &&
310
- !empty($_POST['your-message'])
311
- ){
312
- $ct_check_post_result=false;
313
- ct_contact_form_validate();
314
- }
315
-
316
- // Sends feedback to the cloud about comments
317
- // add_action('wp_set_comment_status', 'ct_comment_send_feedback', 10, 2);
318
-
319
- // Sends feedback to the cloud about deleted users
320
- global $pagenow;
321
- if($pagenow=='users.php')
322
- add_action('delete_user', 'apbct_user__delete__hook', 10, 2);
323
-
324
- if($pagenow=='plugins.php' || (isset($_SERVER['REQUEST_URI']) && strpos($_SERVER['REQUEST_URI'],'plugins.php') !== false)){
325
-
326
- add_filter('plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
327
- add_filter('network_admin_plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
328
-
329
- add_filter('plugin_row_meta', 'apbct_admin__register_plugin_links', 10, 2);
330
- }
331
-
332
- // Public pages actions
333
- }else{
334
-
335
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
336
-
337
- add_action('wp_enqueue_scripts', 'ct_enqueue_scripts_public');
338
-
339
- // Init action.
340
- add_action('plugins_loaded', 'apbct_init', 1);
341
-
342
- // Comments
343
- add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
344
- add_filter('comment_text', 'ct_comment_text' );
345
- add_filter('wp_die_handler', 'apbct_comment__sanitize_data__before_wp_die', 1); // Check comments after validation
346
-
347
- // Registrations
348
- if(!isset($_POST['wp-submit'])){
349
- add_action('login_form_register', 'apbct_cookie');
350
- add_action('login_form_register', 'apbct_store__urls');
351
- }
352
- add_action('login_enqueue_scripts', 'apbct_login__scripts');
353
- add_action('register_form', 'ct_register_form');
354
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
355
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
356
- add_action('user_register', 'apbct_user_register');
357
-
358
- // Multisite registrations
359
- add_action('signup_extra_fields','ct_register_form');
360
- add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
361
-
362
- // Login form - for notifications only
363
- add_filter('login_message', 'ct_login_message');
364
-
365
- // Comments output hook
366
- add_filter('wp_list_comments_args', 'ct_wp_list_comments_args');
367
-
368
- // Ait-Themes fix
369
- if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
370
- $tmp=$_POST['redirect_to'];
371
- unset($_POST['redirect_to']);
372
- ct_contact_form_validate();
373
- $_POST['redirect_to']=$tmp;
374
- }
375
- }
376
-
377
- // Short code for GDPR
378
- if($apbct->settings['gdpr_enabled'])
379
- add_shortcode('cleantalk_gdpr_form', 'apbct_shrotcode_handler__GDPR_public_notice__form');
380
-
381
- }
382
-
383
- /**
384
- * Function preforms remote call
385
- */
386
- function apbct_remote_call__perform()
387
- {
388
- global $apbct;
389
-
390
- $remote_action = $_GET['spbc_remote_call_action'];
391
-
392
- if(array_key_exists($remote_action, $apbct->remote_calls)){
393
-
394
- if(time() - $apbct->remote_calls[$remote_action]['last_call'] > APBCT_REMOTE_CALL_SLEEP){
395
-
396
- $apbct->remote_calls[$remote_action]['last_call'] = time();
397
- $apbct->save('remote_calls');
398
-
399
- if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
400
-
401
- // Flag to let plugin know that Remote Call is running.
402
- $apbct->rc_running = true;
403
-
404
- switch ($_GET['spbc_remote_call_action']) {
405
-
406
- // Close renew banner
407
- case 'close_renew_banner':
408
- $apbct->data['notice_trial'] = 0;
409
- $apbct->data['notice_renew'] = 0;
410
- $apbct->saveData();
411
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
412
- die('OK');
413
- break;
414
-
415
- // SFW update
416
- case 'sfw_update':
417
- $result = ct_sfw_update(true);
418
- /**
419
- * @todo CRUNCH
420
- */
421
- if(is_string($result) && strpos($result, 'FAIL') !== false){
422
- $result = json_decode(substr($result, 5), true);
423
- }
424
- die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
425
- break;
426
-
427
- // SFW send logs
428
- case 'sfw_send_logs':
429
- $result = ct_sfw_send_logs();
430
- die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
431
- break;
432
-
433
- // Update plugin
434
- case 'update_plugin':
435
- add_action('wp', 'apbct_rc__update', 1);
436
- break;
437
-
438
- // Install plugin
439
- case 'install_plugin':
440
- add_action('wp', 'apbct_rc__install_plugin', 1);
441
- break;
442
- // Activate plugin
443
- case 'activate_plugin':
444
- $result = apbct_rc__activate_plugin($_GET['plugin']);
445
- die(empty($result['error'])
446
- ? 'OK'
447
- : 'FAIL '.json_encode(array('error' => $result['error'])));
448
- break;
449
-
450
- // Insert API key
451
- case 'insert_auth_key':
452
- $result = apbct_rc__insert_auth_key($_GET['auth_key'], $_GET['plugin']);
453
- die(empty($result['error'])
454
- ? 'OK'
455
- : 'FAIL '.json_encode(array('error' => $result['error'])));
456
- break;
457
-
458
- // Update settins
459
- case 'update_settings':
460
- $result = apbct_rc__update_settings($_GET);
461
- die(empty($result['error'])
462
- ? 'OK'
463
- : 'FAIL '.json_encode(array('error' => $result['error'])));
464
- break;
465
- // Deactivate plugin
466
- case 'deactivate_plugin':
467
- add_action('plugins_loaded', 'apbct_rc__deactivate_plugin', 1);
468
- break;
469
-
470
- // Uninstall plugin
471
- case 'uninstall_plugin':
472
- add_action('plugins_loaded', 'apbct_rc__uninstall_plugin', 1);
473
- break;
474
- // No action found
475
- default:
476
- die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION_2')));
477
- break;
478
- }
479
-
480
- }else
481
- die('FAIL '.json_encode(array('error' => 'WRONG_TOKEN')));
482
- }else
483
- die('FAIL '.json_encode(array('error' => 'TOO_MANY_ATTEMPTS')));
484
- }else
485
- die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION')));
486
- }
487
-
488
- /**
489
- * Function for SpamFireWall check
490
- */
491
- function apbct_sfw__check()
492
- {
493
- global $apbct, $spbc, $cleantalk_url_exclusions;
494
-
495
- // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
496
- if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
497
- $core_page_to_skip_check = array('/feed');
498
- foreach (array_merge($cleantalk_url_exclusions, $core_page_to_skip_check) as $v) {
499
- if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
500
- return;
501
- }
502
- }
503
- }
504
-
505
- // Turn off the SpamFireWall if Remote Call is in progress
506
- if($apbct->rc_running || (!empty($spbc) && $spbc->rc_running))
507
- return;
508
-
509
- $is_sfw_check = true;
510
- $sfw = new CleantalkSFW();
511
- $sfw->ip_array = (array)$sfw->ip__get(array('real'), true);
512
-
513
- // Skip by cookie
514
- foreach($sfw->ip_array as $ct_cur_ip){
515
- if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$apbct->api_key)){
516
- $is_sfw_check=false;
517
- if(isset($_COOKIE['ct_sfw_passed'])){
518
- $sfw->logs__update($ct_cur_ip, 'passed');
519
- $apbct->data['sfw_counter']['all']++;
520
- $apbct->saveData();
521
- if(!headers_sent())
522
- setcookie ('ct_sfw_passed', '0', time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
523
- }
524
- break;
525
- }else{
526
- $is_sfw_check = true;
527
- }
528
- }
529
-
530
- // Skip the check
531
- if(!empty($_GET['access'])){
532
- $spbc_settings = get_option('spbc_settings');
533
- $spbc_key = !empty($spbc_settings['spbc_key']) ? $spbc_settings['spbc_key'] : false;
534
- if($_GET['access'] === $apbct->api_key || ($spbc_key !== false && $_GET['access'] === $spbc_key)){
535
- $is_sfw_check = false;
536
- setcookie ('spbc_firewall_pass_key', md5($_SERVER['REMOTE_ADDR'].$spbc_key), time()+1200, '/');
537
- setcookie ('ct_sfw_pass_key', md5($_SERVER['REMOTE_ADDR'].$apbct->api_key), time()+1200, '/');
538
- }
539
- unset($spbc_settings, $spbc_key);
540
- }
541
-
542
- if($is_sfw_check){
543
-
544
- $sfw->ip_check();
545
-
546
- // Pass remote calls
547
- if($sfw->pass === false){
548
- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name'])){
549
- foreach($sfw->blocked_ips as $ip){
550
- $resolved = CleantalkHelper::ip__resolve($ip['ip']);
551
- if($resolved && preg_match('/cleantalk\.org/', $resolved) === 1 || $resolved === 'back'){
552
- $sfw->pass = true;
553
- }
554
- } unset($ip);
555
- }
556
- }
557
-
558
- if($sfw->test){
559
- $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST), 'test');
560
- }
561
-
562
- if($sfw->pass === false){
563
- foreach($sfw->blocked_ips as $ip){
564
- $sfw->logs__update($ip['ip'], 'blocked');
565
- }
566
- $apbct->data['sfw_counter']['blocked']++;
567
- $apbct->saveData();
568
- $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST));
569
- }else{
570
- reset($sfw->passed_ips);
571
- if(!empty($apbct->settings['set_cookies']) && !headers_sent() && key($sfw->passed_ips))
572
- setcookie ('ct_sfw_pass_key', md5($sfw->passed_ips[key($sfw->passed_ips)]['ip'].$apbct->api_key), time()+86400*30, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
573
- }
574
- }
575
- unset($is_sfw_check, $sfw, $sfw_ip, $ct_cur_ip);
576
- }
577
-
578
- /**
579
- * On activation, set a time, frequency and name of an action hook to be scheduled.
580
- */
581
- function apbct_activation( $network = false ) {
582
-
583
- global $wpdb;
584
-
585
- // SFW data
586
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
587
- `network` int(11) unsigned NOT NULL,
588
- `mask` int(11) unsigned NOT NULL,
589
- INDEX ( `network` , `mask` )
590
- ) ENGINE = MYISAM ;';
591
-
592
- // SFW log
593
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
594
- `ip` VARCHAR(15) NOT NULL,
595
- `all_entries` INT NOT NULL,
596
- `blocked_entries` INT NOT NULL,
597
- `entries_timestamp` INT NOT NULL,
598
- PRIMARY KEY (`ip`))
599
- ENGINE = MYISAM;';
600
-
601
- // Sessions
602
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
603
- `id` VARCHAR(64) NOT NULL,
604
- `name` VARCHAR(40) NOT NULL,
605
- `value` TEXT NULL DEFAULT NULL,
606
- `last_update` DATETIME NULL DEFAULT NULL,
607
- PRIMARY KEY (`name`(40), `id`(64)))
608
- ENGINE = MYISAM;';
609
-
610
- if($network && !defined('CLEANTALK_ACCESS_KEY')){
611
- $initial_blog = get_current_blog_id();
612
- $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
613
- foreach ($blogs as $blog) {
614
- switch_to_blog($blog);
615
- apbct_activation__create_tables($sqls);
616
- // Cron tasks
617
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
618
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
619
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
620
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+300); // SFW update
621
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
622
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
623
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
624
- }
625
- switch_to_blog($initial_blog);
626
- }else{
627
-
628
- // Cron tasks
629
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
630
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
631
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
632
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
633
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
634
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
635
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
636
-
637
- apbct_activation__create_tables($sqls);
638
- ct_sfw_update(); // Updating SFW
639
- ct_account_status_check(null, false);
640
- }
641
-
642
- // Additional options
643
- add_option('ct_plugin_do_activation_redirect', true);
644
- }
645
-
646
- function apbct_activation__create_tables($sqls) {
647
- global $wpdb;
648
- $wpdb->show_errors = false;
649
- foreach($sqls as $sql){
650
- $sql = sprintf($sql, $wpdb->prefix); // Adding current blog prefix
651
- $result = $wpdb->query($sql);
652
- if($result === false)
653
- $errors[] = "Failed.\nQuery: {$wpdb->last_query}\nError: {$wpdb->last_error}";
654
- }
655
- $wpdb->show_errors = true;
656
-
657
- // Logging errors
658
- if(!empty($errors))
659
- apbct_log($errors);
660
- }
661
-
662
- function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id, $meta) {
663
- if (apbct_is_plugin_active_for_network('cleantalk-spam-protect/cleantalk.php')){
664
-
665
- switch_to_blog($blog_id);
666
-
667
- global $wpdb;
668
-
669
- // SFW data
670
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
671
- `network` int(11) unsigned NOT NULL,
672
- `mask` int(11) unsigned NOT NULL,
673
- INDEX ( `network` , `mask` )
674
- ) ENGINE = MYISAM ;';
675
-
676
- // SFW log
677
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
678
- `ip` VARCHAR(15) NOT NULL,
679
- `all_entries` INT NOT NULL,
680
- `blocked_entries` INT NOT NULL,
681
- `entries_timestamp` INT NOT NULL,
682
- PRIMARY KEY (`ip`))
683
- ENGINE = MYISAM;';
684
-
685
- // Sessions
686
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
687
- `id` VARCHAR(64) NOT NULL,
688
- `name` TEXT NOT NULL,
689
- `value` TEXT NULL DEFAULT NULL,
690
- `last_update` DATETIME NULL DEFAULT NULL,
691
- PRIMARY KEY (`id`(64), `name`(64)))
692
- ENGINE = MYISAM;';
693
-
694
- // Cron tasks
695
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
696
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
697
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
698
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
699
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
700
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
701
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
702
- apbct_activation__create_tables($sqls);
703
- ct_sfw_update(); // Updating SFW
704
- ct_account_status_check(null, false);
705
- restore_current_blog();
706
- }
707
- }
708
-
709
- /**
710
- * On deactivation, clear schedule.
711
- */
712
- function apbct_deactivation( $network ) {
713
-
714
- global $apbct, $wpdb;
715
-
716
- // Deactivation for network
717
- if(is_multisite() && $network){
718
-
719
- $initial_blog = get_current_blog_id();
720
- $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
721
- foreach ($blogs as $blog) {
722
- switch_to_blog($blog);
723
- apbct_deactivation__delete_blog_tables();
724
- delete_option('cleantalk_cron'); // Deleting cron entries
725
-
726
- if($apbct->settings['complete_deactivation'])
727
- apbct_deactivation__delete_all_options();
728
-
729
- }
730
- switch_to_blog($initial_blog);
731
-
732
- // Deactivation for blog
733
- }elseif(is_multisite()){
734
-
735
- apbct_deactivation__delete_common_tables();
736
- delete_option('cleantalk_cron'); // Deleting cron entries
737
-
738
- if($apbct->settings['complete_deactivation'])
739
- apbct_deactivation__delete_all_options();
740
-
741
- // Deactivation on standalone blog
742
- }elseif(!is_multisite()){
743
-
744
- apbct_deactivation__delete_common_tables();
745
- delete_option('cleantalk_cron'); // Deleting cron entries
746
-
747
- if($apbct->settings['complete_deactivation'])
748
- apbct_deactivation__delete_all_options();
749
-
750
- }
751
- }
752
-
753
- /**
754
- * Delete all cleantalk_* entries from _options table
755
- */
756
- function apbct_deactivation__delete_all_options(){
757
- delete_option('cleantalk_settings');
758
- delete_option('cleantalk_data');
759
- delete_option('cleantalk_cron');
760
- delete_option('cleantalk_errors');
761
- delete_option('cleantalk_remote_calls');
762
- delete_option('cleantalk_server');
763
- delete_option('cleantalk_stats');
764
- delete_option('cleantalk_timelabel_reg');
765
- }
766
-
767
- function apbct_deactivation__delete_common_tables() {
768
- global $wpdb;
769
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw`;'); // Deleting SFW data
770
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
771
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sessions`;'); // Deleting session table
772
- }
773
-
774
- function apbct_deactivation__delete_blog_tables() {
775
- global $wpdb;
776
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
777
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
778
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sessions`;'); // Deleting session table
779
- }
780
-
781
- /**
782
- * Redirects admin to plugin settings after activation.
783
- */
784
- function apbct_plugin_redirect()
785
- {
786
- if (get_option('ct_plugin_do_activation_redirect', false) && !isset($_GET['activate-multi'])){
787
- delete_option('ct_plugin_do_activation_redirect');
788
- wp_redirect("options-general.php?page=cleantalk");
789
- }
790
- }
791
-
792
- function ct_add_event($event_type)
793
- {
794
- global $apbct, $cleantalk_executed;
795
-
796
- //
797
- // To migrate on the new version of ct_add_event().
798
- //
799
- switch ($event_type) {
800
- case '0': $event_type = 'no';break;
801
- case '1': $event_type = 'yes';break;
802
- }
803
-
804
- $current_hour = intval(date('G'));
805
-
806
- // Updating current hour
807
- if($current_hour!=$apbct->data['current_hour']){
808
- $apbct->data['current_hour'] = $current_hour;
809
- $apbct->data['array_accepted'][$current_hour] = 0;
810
- $apbct->data['array_blocked'][$current_hour] = 0;
811
- }
812
-
813
- //Add 1 to counters
814
- if($event_type=='yes'){
815
- $apbct->data['array_accepted'][$current_hour]++;
816
- $apbct->data['all_time_counter']['accepted']++;
817
- $apbct->data['user_counter']['accepted']++;
818
- }
819
- if($event_type=='no'){
820
- $apbct->data['array_blocked'][$current_hour]++;
821
- $apbct->data['all_time_counter']['blocked']++;
822
- $apbct->data['user_counter']['blocked']++;
823
- }
824
-
825
- $apbct->saveData();
826
-
827
- $cleantalk_executed=true;
828
- }
829
-
830
- /**
831
- * return new cookie value
832
- */
833
- function ct_get_cookie()
834
- {
835
- global $ct_checkjs_def;
836
- $ct_checkjs_key = ct_get_checkjs_value();
837
- print $ct_checkjs_key;
838
- die();
839
- }
840
-
841
- function ct_sfw_update($immediate = false){
842
-
843
- global $apbct;
844
-
845
- if($apbct->settings['spam_firewall'] == 1){
846
-
847
- $sfw = new CleantalkSFW();
848
-
849
- $file_url = isset($_GET['file_url']) ? $_GET['file_url'] : null;
850
- $result = $sfw->sfw_update($apbct->api_key, $file_url, $immediate);
851
-
852
- if(empty($result['error'])){
853
- $apbct->stats['sfw']['last_update_time'] = time();
854
- $apbct->stats['sfw']['entries'] = $result;
855
- $apbct->save('stats');
856
- }
857
-
858
- return $result;
859
- }
860
-
861
- return array('error' => 'SFW_DISABLED');
862
-
863
- }
864
-
865
- function ct_sfw_send_logs()
866
- {
867
- global $apbct;
868
-
869
- if($apbct->settings['spam_firewall'] == 1){
870
-
871
- $sfw = new CleantalkSFW();
872
- $result = $sfw->logs__send($apbct->api_key);
873
-
874
- if(empty($result['error'])){
875
- $apbct->stats['sfw']['last_send_time'] = time();
876
- $apbct->stats['sfw']['last_send_amount'] = $result['rows'];
877
- $apbct->save('stats');
878
- }
879
-
880
- return $result;
881
-
882
- }
883
-
884
- return array('error' => 'SFW_DISABLED');
885
- }
886
-
887
- /**
888
- * Wrapper for Cleantalk's remote calls
889
- *
890
- * @param string $action What you want to do?
891
- * @param array $additional_params Additional GET parameters for RC
892
- * @param string $presets Presets for CleantalkHelper::http__request(). 'async' maybe?
893
- * @param string $plugin_name Plugin name 'antispam' by default
894
- * @param string $call_token RC securirty token
895
- * @param string $url Current site URL by default
896
- *
897
- * @return array|bool
898
- */
899
- function apbct_rc__send($action, $additional_params = array(), $presets = 'get', $plugin_name = 'antispam', $call_token = '', $url = ''){
900
-
901
- global $apbct;
902
-
903
- $default_params = array(
904
- 'plugin_name' => $plugin_name,
905
- 'spbc_remote_call_token' => $call_token ? $call_token : md5($apbct->api_key),
906
- 'spbc_remote_call_action' => $action,
907
- );
908
-
909
- $params = array_merge($additional_params, $default_params);
910
-
911
- return apbct_rc__parse_result(
912
- CleantalkHelper::http__request(
913
- $url ? $url : get_option('siteurl'),
914
- $params,
915
- $presets
916
- )
917
- );
918
- }
919
-
920
- /**
921
- * Parse different types of remote call results
922
- *
923
- * @param array|string $rc_result
924
- * string - 'FAIL {"some":"result}'
925
- * string - 'OK {"some":"result}'
926
- *
927
- * @return array|string
928
- */
929
- function apbct_rc__parse_result($rc_result){
930
- if(is_string($rc_result)){
931
- $rc_result = preg_replace('/^(OK\s?|FAIL\s?)(.*)/', '$2', $rc_result, 1);
932
- $rc_result = json_decode($rc_result, true);
933
- $rc_result = $rc_result
934
- ? $rc_result
935
- : array('error' => 'FAIL_TO_PARSE_RC_RESULT');
936
- }
937
- return $rc_result;
938
- }
939
-
940
- /**
941
- * Install plugin from wordpress catalog
942
- *
943
- * @param WP $wp
944
- * @param string $plugin_slug
945
- */
946
- function apbct_rc__install_plugin($wp = null, $plugin = null){
947
-
948
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
949
-
950
- if($plugin){
951
-
952
- if(preg_match('/[a-zA-Z-\d]+[\/\\][a-zA-Z-\d]+\.php/', $plugin)){
953
-
954
- $plugin_slug = preg_replace('@([a-zA-Z-\d]+)[\\\/].*@', '$1', $plugin);
955
-
956
- if($plugin_slug){
957
-
958
- require_once(ABSPATH.'wp-admin/includes/plugin-install.php');
959
- $result = plugins_api(
960
- 'plugin_information',
961
- array('slug' => $plugin_slug, 'fileds' => array('version' => true, 'download_link' => true,),)
962
- );
963
-
964
- if(!is_wp_error($result)){
965
-
966
- require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
967
- include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
968
- include_once( ABSPATH . 'wp-admin/includes/file.php' );
969
- include_once( ABSPATH . 'wp-admin/includes/misc.php' );
970
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
971
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
972
-
973
- $installer= new CleantalkUpgrader( new CleantalkUpgraderSkin() );
974
- $installer->install($result->download_link);
975
-
976
- if($installer->apbct_result === 'OK'){
977
- die('OK');
978
-
979
- }else
980
- die('FAIL '. json_encode(array('error' => $installer->apbct_result)));
981
- }else
982
- die('FAIL '. json_encode(array('error' => 'FAIL_TO_GET_LATEST_VERSION', 'details' => $result->get_error_message(),)));
983
- }else
984
- die('FAIL '. json_encode(array('error' => 'PLUGIN_SLUG_INCORRECT')));
985
- }else
986
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_INCORRECT')));
987
- }else
988
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
989
- }
990
-
991
- function apbct_rc__activate_plugin($plugin){
992
-
993
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
994
-
995
- if($plugin){
996
-
997
- if(preg_match('@[a-zA-Z-\d]+[\\\/][a-zA-Z-\d]+\.php@', $plugin)){
998
-
999
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1000
-
1001
- $result = activate_plugins($plugin);
1002
-
1003
- if($result && !is_wp_error($result)){
1004
- return array('success' => true);
1005
- }else
1006
- return array('error' => 'FAIL_TO_ACTIVATE', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''));
1007
- }else
1008
- return array('error' => 'PLUGIN_NAME_IS_INCORRECT');
1009
- }else
1010
- return array('error' => 'PLUGIN_NAME_IS_UNSET');
1011
- }
1012
-
1013
- /**
1014
- * Uninstall plugin from wordpress catalog
1015
- *
1016
- * @param null $plugin_name
1017
- */
1018
- function apbct_rc__deactivate_plugin($plugin = null){
1019
-
1020
- global $apbct;
1021
-
1022
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1023
-
1024
- if($plugin){
1025
-
1026
- // Switching complete deactivation for security
1027
- if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1028
- $spbc_settings = get_option('spbc_settings');
1029
- $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1030
- update_option('spbc_settings', $spbc_settings);
1031
- }
1032
-
1033
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1034
-
1035
- if(is_plugin_active( $plugin )){
1036
- // Hook to set flag if the plugin is deactivated
1037
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1038
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1039
- }else{
1040
- $apbct->plugin_deactivated = true;
1041
- }
1042
-
1043
- // Hook to set flag if the plugin is deactivated
1044
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1045
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1046
-
1047
- if($apbct->plugin_deactivated){
1048
- die('OK');
1049
- }else
1050
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1051
- }else
1052
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1053
- }
1054
-
1055
-
1056
- /**
1057
- * Uninstall plugin from wordpress catalog
1058
- *
1059
- * @param null $plugin
1060
- */
1061
- function apbct_rc__uninstall_plugin($plugin = null){
1062
-
1063
- global $apbct;
1064
-
1065
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1066
-
1067
- if($plugin){
1068
-
1069
- // Switching complete deactivation for security
1070
- if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1071
- $spbc_settings = get_option('spbc_settings');
1072
- $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1073
- update_option('spbc_settings', $spbc_settings);
1074
- }
1075
-
1076
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1077
-
1078
- if(is_plugin_active( $plugin )){
1079
- // Hook to set flag if the plugin is deactivated
1080
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1081
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1082
- }else{
1083
- $apbct->plugin_deactivated = true;
1084
- }
1085
-
1086
- if($apbct->plugin_deactivated){
1087
-
1088
- require_once (ABSPATH .'/wp-admin/includes/file.php');
1089
-
1090
- $result = delete_plugins(array($plugin));
1091
-
1092
- if($result && !is_wp_error($result)){
1093
- die('OK');
1094
- }else
1095
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_EXISTS', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''))));
1096
- }else
1097
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1098
- }else
1099
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1100
- }
1101
-
1102
- function apbct_rc__uninstall_plugin__check_deactivate(){
1103
- global $apbct;
1104
- $apbct->plugin_deactivated = true;
1105
- }
1106
-
1107
- function apbct_rc__update(){
1108
-
1109
- //Upgrade params
1110
- $plugin = 'cleantalk-spam-protect/cleantalk.php';
1111
- $plugin_slug = 'cleantalk-spam-protect';
1112
- $title = __('Update Plugin');
1113
- $nonce = 'upgrade-plugin_' . $plugin;
1114
- $url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
1115
-
1116
- $prev_version = APBCT_VERSION;
1117
-
1118
- require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1119
- include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1120
- include_once( ABSPATH . 'wp-admin/includes/file.php' );
1121
- include_once( ABSPATH . 'wp-admin/includes/misc.php' );
1122
-
1123
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
1124
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
1125
-
1126
- $upgrader = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin') ) );
1127
- $upgrader->upgrade($plugin);
1128
-
1129
- // Changing response UP_TO_DATE to OK
1130
- if($upgrader->apbct_result === 'UP_TO_DATE')
1131
- $upgrader->apbct_result = 'OK';
1132
-
1133
- if($upgrader->apbct_result === 'OK'){
1134
-
1135
- $result = activate_plugins( $plugin );
1136
-
1137
- if(is_wp_error($result))
1138
- die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1139
-
1140
- $httpResponseCode = CleantalkHelper::http__request(get_option('siteurl'), array(), 'get_code');
1141
-
1142
- if( strpos($httpResponseCode, '200') === false ){
1143
-
1144
- // Rollback
1145
- $rollback = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin_slug', 'prev_version') ) );
1146
- $rollback->rollback($plugin);
1147
-
1148
- $response = array(
1149
- 'error' => 'BAD_HTTP_CODE',
1150
- 'http_code' => $httpResponseCode,
1151
- 'output' => substr(file_get_contents(get_option('siteurl')), 0, 900),
1152
- 'rollback_result' => $rollback->apbct_result,
1153
- );
1154
-
1155
- die('FAIL '.json_encode($response));
1156
- }
1157
-
1158
- $plugin_data = get_plugin_data(__FILE__);
1159
- $apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
1160
- ct_send_feedback('0:' . $apbct_agent);
1161
-
1162
- die('OK '.json_encode(array('agent' => $apbct_agent)));
1163
-
1164
- }else{
1165
- die('FAIL '. json_encode(array('error' => $upgrader->apbct_result)));
1166
- }
1167
- }
1168
-
1169
- function apbct_rc__update_settings($source) {
1170
-
1171
- global $apbct;
1172
-
1173
- foreach($apbct->def_settings as $setting => $def_value){
1174
- if(array_key_exists($setting, $source)){
1175
- $var = $source[$setting];
1176
- $type = gettype($def_value);
1177
- settype($var, $type);
1178
- if($type == 'string')
1179
- $var = preg_replace(array('/=/', '/`/'), '', $var);
1180
- $apbct->settings[$setting] = $var;
1181
- }
1182
- }
1183
-
1184
- $apbct->save('settings');
1185
-
1186
- return true;
1187
- }
1188
-
1189
- function apbct_rc__insert_auth_key($key, $plugin){
1190
-
1191
- global $apbct;
1192
-
1193
- if($plugin === 'security-malware-firewall/security-malware-firewall.php'){
1194
-
1195
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1196
-
1197
- if(is_plugin_active( $plugin )){
1198
-
1199
- $key = trim($key);
1200
-
1201
- if($key && preg_match('/^[a-z\d]{3,15}$/', $key)){
1202
-
1203
- $result = CleantalkAPI::method__notice_paid_till(
1204
- $key,
1205
- preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1) // Site URL
1206
- );
1207
-
1208
- if( empty( $result['error'] ) ) {
1209
-
1210
- if( $result['valid'] ){
1211
-
1212
- // Set account params
1213
- $data = get_option('spbc_data', array());
1214
- $data['user_token'] = $result['user_token'];
1215
- $data['notice_show'] = $result['show_notice'];
1216
- $data['notice_renew'] = $result['renew'];
1217
- $data['notice_trial'] = $result['trial'];
1218
- $data['auto_update_app'] = isset($result['show_auto_update_notice']) ? $result['show_auto_update_notice'] : 0;
1219
- $data['service_id'] = $result['service_id'];
1220
- $data['moderate'] = $result['moderate'];
1221
- $data['auto_update_app '] = isset($result['auto_update_app']) ? $result['auto_update_app'] : 0;
1222
- $data['license_trial'] = isset($result['license_trial']) ? $result['license_trial'] : 0;
1223
- $data['account_name_ob'] = isset($result['account_name_ob']) ? $result['account_name_ob'] : '';
1224
- $data['key_is_ok'] = true;
1225
- update_option('spbc_data', $data);
1226
-
1227
- // Set key
1228
- $settings = get_option('spbc_settings', array());
1229
- $settings['spbc_key'] = $key;
1230
- update_option('spbc_settings', $settings);
1231
-
1232
- return 'OK';
1233
- }else
1234
- return array('error' => array('KEY_IS_NOT_VALID'));
1235
- }else
1236
- return array('error' => $result);
1237
- }else
1238
- return array('error' => 'KEY_IS_NOT_CORRECT');
1239
- }else
1240
- return array('error' => 'PLUGIN_IS_NOT_ACTIVE_OR_NOT_INSTALLED');
1241
- }else
1242
- return array('error' => 'PLUGIN_SLUG_INCORRECT');
1243
- }
1244
-
1245
- function cleantalk_get_brief_data(){
1246
-
1247
- global $apbct;
1248
-
1249
- $apbct->data['brief_data'] = CleantalkAPI::method__get_antispam_report_breif($apbct->api_key);
1250
- $apbct->saveData();
1251
-
1252
- return;
1253
- }
1254
-
1255
- //Delete cookie for admin trial notice
1256
- function apbct__hook__wp_logout__delete_trial_notice_cookie(){
1257
- if(!headers_sent())
1258
- setcookie('ct_trial_banner_closed', '', time()-3600);
1259
- }
1260
-
1261
- function apbct_alt_session__id__get(){
1262
- $id = CleantalkHelper::ip__get(array('real'))
1263
- .filter_input(INPUT_SERVER, 'HTTP_USER_AGENT')
1264
- //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT') // Could be different. Broke session id
1265
- .filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE');
1266
- //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT_ENCODING'); // Could be different. Broke session id
1267
- return hash('sha256', $id);
1268
- }
1269
-
1270
- function apbct_alt_sessions__remove_old(){
1271
- if(rand(0, 1000) < APBCT_SEESION__CHANCE_TO_CLEAN){
1272
- global $wpdb;
1273
- $wpdb->query(
1274
- 'DELETE
1275
- FROM `'. APBCT_TBL_SESSIONS .'`
1276
- WHERE last_update < NOW() - INTERVAL '. APBCT_SEESION__LIVE_TIME .' SECOND;'
1277
- );
1278
- }
1279
- }
1280
-
1281
- function apbct_alt_session__save($name, $value){
1282
-
1283
- global $wpdb;
1284
-
1285
- $session_id = apbct_alt_session__id__get();
1286
-
1287
- $wpdb->query(
1288
- $wpdb->prepare(
1289
- 'INSERT INTO '. APBCT_TBL_SESSIONS .'
1290
- (id, name, value, last_update)
1291
- VALUES (%s, %s, %s, %s)
1292
- ON DUPLICATE KEY UPDATE
1293
- value = %s,
1294
- last_update = %s',
1295
- $session_id, $name, $value, date('Y-m-d H:i:s'), $value, date('Y-m-d H:i:s')
1296
- )
1297
- );
1298
-
1299
- }
1300
-
1301
- function apbct_alt_session__get($name){
1302
- global $wpdb;
1303
- $session_id = apbct_alt_session__id__get();
1304
- $result = $wpdb->get_row(
1305
- $wpdb->prepare(
1306
- 'SELECT value
1307
- FROM `'. APBCT_TBL_SESSIONS .'`
1308
- WHERE id = %s AND name = %s;',
1309
- $session_id, $name
1310
- ),
1311
- OBJECT
1312
- );
1313
-
1314
- $result = isset($result->value)
1315
- ? strpos($result->value, '{') === 0
1316
- ? (array)json_decode($result->value, true) // JSON
1317
- : $result->value
1318
- : false;
1319
-
1320
- return $result ? $result : null;
1321
- }
1322
-
1323
- function apbct_store__urls(){
1324
-
1325
- global $apbct;
1326
-
1327
- if($apbct->settings['store_urls'] && empty($apbct->flags__url_stored) && !headers_sent()){
1328
-
1329
- // URLs HISTORY
1330
- // Get current url
1331
- $current_url = filter_input(INPUT_SERVER, 'HTTP_HOST').filter_input(INPUT_SERVER, 'REQUEST_URI');
1332
- $current_url = $current_url ? $current_url : 'UNKNOWN';
1333
-
1334
- // Get already stored URLs
1335
- $urls = $apbct->settings['store_urls__sessions']
1336
- ? (array)apbct_alt_session__get('apbct_urls')
1337
- : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
1338
-
1339
- $urls[$current_url][] = time();
1340
-
1341
- // Rotating. Saving only latest 10
1342
- $urls[$current_url] = count($urls[$current_url]) > 10 ? array_slice($urls[$current_url], 1, 10) : $urls[$current_url];
1343
- $urls = count($urls) > 10 ? array_slice($urls, 1, 10) : $urls;
1344
-
1345
- // Saving
1346
- $apbct->settings['store_urls__sessions']
1347
- ? apbct_alt_session__save('apbct_urls', json_encode($urls))
1348
- : setcookie('apbct_urls', json_encode($urls), time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1349
-
1350
- // REFERER
1351
- // Get current fererer
1352
- $new_site_referer = filter_input(INPUT_SERVER, 'HTTP_REFERER');
1353
- $new_site_referer = $new_site_referer ? $new_site_referer : 'UNKNOWN';
1354
-
1355
- // Get already stored referer
1356
- $site_referer = $apbct->settings['store_urls__sessions']
1357
- ? apbct_alt_session__get('apbct_site_referer')
1358
- : filter_input(INPUT_COOKIE, 'apbct_site_referer');
1359
-
1360
- // Save if empty
1361
- if(!$site_referer || parse_url($new_site_referer, PHP_URL_HOST) !== filter_input(INPUT_SERVER, 'HTTP_HOST')){
1362
-
1363
- $apbct->settings['store_urls__sessions']
1364
- ? apbct_alt_session__save('apbct_site_referer', $new_site_referer)
1365
- : setcookie('apbct_site_referer', $new_site_referer, time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1366
- }
1367
-
1368
- $apbct->flags__url_stored = true;
1369
-
1370
- }
1371
- }
1372
-
1373
- /*
1374
- * Set Cookies test for cookie test
1375
- * Sets cookies with pararms timestamp && landing_timestamp && pervious_referer
1376
- * Sets test cookie with all other cookies
1377
- */
1378
- function apbct_cookie(){
1379
-
1380
- global $apbct;
1381
-
1382
- if(
1383
- empty($apbct->settings['set_cookies']) || // Do not set cookies if option is disabled (for Varnish cache).
1384
- !empty($apbct->flags__cookies_setuped) || // Cookies already set
1385
- !empty($apbct->headers_sent) // Headers sent
1386
- )
1387
- return false;
1388
-
1389
- // Prevent headers sent error
1390
- if(headers_sent($file, $line)){
1391
- $apbct->headers_sent = true;
1392
- $apbct->headers_sent__hook = current_action();
1393
- $apbct->headers_sent__where = $file.':'.$line;
1394
- return false;
1395
- }
1396
-
1397
- if($apbct->settings['store_urls__sessions'])
1398
- apbct_alt_sessions__remove_old();
1399
-
1400
- // Cookie names to validate
1401
- $cookie_test_value = array(
1402
- 'cookies_names' => array(),
1403
- 'check_value' => $apbct->api_key,
1404
- );
1405
-
1406
- $domain = parse_url(get_option('siteurl'),PHP_URL_HOST);
1407
-
1408
- // Submit time
1409
- if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
1410
- $apbct_timestamp = time();
1411
- $apbct->settings['set_cookies__sessions']
1412
- ? apbct_alt_session__save('apbct_timestamp', $apbct_timestamp)
1413
- : setcookie('apbct_timestamp', $apbct_timestamp, 0, '/', $domain, false, true);
1414
- $cookie_test_value['cookies_names'][] = 'apbct_timestamp';
1415
- $cookie_test_value['check_value'] .= $apbct_timestamp;
1416
- }
1417
-
1418
- // Pervious referer
1419
- if(!empty($_SERVER['HTTP_REFERER'])){
1420
- $apbct->settings['set_cookies__sessions']
1421
- ? apbct_alt_session__save('apbct_prev_referer', $_SERVER['HTTP_REFERER'])
1422
- : setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0, '/', $domain, false, true);
1423
- $cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
1424
- $cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
1425
- }
1426
-
1427
- // Landing time
1428
- $site_landing_timestamp = $apbct->settings['set_cookies__sessions']
1429
- ? apbct_alt_session__get('apbct_site_landing_ts')
1430
- : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
1431
- if(!$site_landing_timestamp){
1432
- $site_landing_timestamp = time();
1433
- $apbct->settings['set_cookies__sessions']
1434
- ? apbct_alt_session__save('apbct_site_landing_ts', $site_landing_timestamp)
1435
- : setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/', $domain, false, true);
1436
- }
1437
- $cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
1438
- $cookie_test_value['check_value'] .= $site_landing_timestamp;
1439
-
1440
- // Page hits
1441
- // Get
1442
- $page_hits = $apbct->settings['set_cookies__sessions']
1443
- ? apbct_alt_session__get('apbct_page_hits')
1444
- : filter_input(INPUT_COOKIE, 'apbct_page_hits');
1445
- // Set / Increase
1446
- $page_hits = intval($page_hits) ? $page_hits + 1 : 1;
1447
-
1448
- $apbct->settings['set_cookies__sessions']
1449
- ? apbct_alt_session__save('apbct_page_hits', $page_hits)
1450
- : setcookie('apbct_page_hits', $page_hits, 0, '/', $domain, false, true);
1451
-
1452
- $cookie_test_value['cookies_names'][] = 'apbct_page_hits';
1453
- $cookie_test_value['check_value'] .= $page_hits;
1454
-
1455
- // Cookies test
1456
- $cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
1457
- if(!$apbct->settings['set_cookies__sessions'])
1458
- setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/', $domain, false, true);
1459
-
1460
- $apbct->flags__cookies_setuped = true;
1461
-
1462
- }
1463
-
1464
- /**
1465
- * Cookies test for sender
1466
- * Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES
1467
- * @return null|0|1;
1468
- */
1469
- function apbct_cookies_test()
1470
- {
1471
- global $apbct;
1472
-
1473
- if($apbct->settings['set_cookies__sessions'])
1474
- return 1;
1475
-
1476
- if(isset($_COOKIE['apbct_cookies_test'])){
1477
-
1478
- $cookie_test = json_decode(urldecode($_COOKIE['apbct_cookies_test']),true);
1479
-
1480
- if(!is_array($cookie_test))
1481
- return 0;
1482
-
1483
- $check_srting = $apbct->api_key;
1484
- foreach($cookie_test['cookies_names'] as $cookie_name){
1485
- $check_srting .= isset($_COOKIE[$cookie_name]) ? $_COOKIE[$cookie_name] : '';
1486
- } unset($cookie_name);
1487
-
1488
- if($cookie_test['check_value'] == md5($check_srting)){
1489
- return 1;
1490
- }else{
1491
- return 0;
1492
- }
1493
- }else{
1494
- return null;
1495
- }
1496
- }
1497
-
1498
- function apbct_cookies__delete($cookie){
1499
- if(isset($_COOKIE[$cookie]))
1500
- setcookie($cookie, '', time()-3600);
1501
- }
1502
-
1503
- function apbct_cookies__delete_all(){
1504
- if(count($_COOKIE)){
1505
- foreach($_COOKIE as $key => $val){
1506
- if(preg_match("/apbct_|ct_/", $key)){
1507
- setcookie($key, '', time()-3600);
1508
- }
1509
- } unset($key, $val);
1510
- }
1511
- return false;
1512
- }
1513
-
1514
- /**
1515
- * Gets submit time
1516
- * Uses Cookies with check via apbct_cookies_test()
1517
- * @return null|int;
1518
- */
1519
- function apbct_get_submit_time()
1520
- {
1521
- global $apbct;
1522
- $apbct_timestamp = $apbct->settings['set_cookies__sessions']
1523
- ? apbct_alt_session__get('apbct_timestamp')
1524
- : filter_input(INPUT_COOKIE, 'apbct_timestamp');
1525
- return apbct_cookies_test() == 1 ? time() - (int)$apbct_timestamp : null;
1526
- }
1527
-
1528
- /*
1529
- * Inner function - Account status check
1530
- * Scheduled in 1800 seconds for default!
1531
- */
1532
- function ct_account_status_check($api_key = null, $process_errors = true){
1533
-
1534
- global $apbct;
1535
-
1536
- $api_key = $api_key ? $api_key : $apbct->api_key;
1537
- $result = CleantalkAPI::method__notice_paid_till(
1538
- $api_key,
1539
- preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1)
1540
- );
1541
-
1542
- if(empty($result['error']) || $result['valid']){
1543
-
1544
- // Notices
1545
- $apbct->data['notice_show'] = isset($result['show_notice']) ? (int)$result['show_notice'] : 0;
1546
- $apbct->data['notice_renew'] = isset($result['renew']) ? (int)$result['renew'] : 0;
1547
- $apbct->data['notice_trial'] = isset($result['trial']) ? (int)$result['trial'] : 0;
1548
- $apbct->data['notice_review'] = isset($result['show_review']) ? (int)$result['show_review'] : 0;
1549
- $apbct->data['notice_auto_update'] = isset($result['show_auto_update_notice']) ? (int)$result['show_auto_update_notice'] : 0;
1550
-
1551
- // Other
1552
- $apbct->data['service_id'] = isset($result['service_id']) ? (int)$result['service_id'] : 0;
1553
- $apbct->data['valid'] = isset($result['valid']) ? (int)$result['valid'] : 0;
1554
- $apbct->data['moderate'] = isset($result['moderate']) ? (int)$result['moderate'] : 0;
1555
- $apbct->data['ip_license'] = isset($result['ip_license']) ? (int)$result['ip_license'] : 0;
1556
- $apbct->data['moderate_ip'] = isset($result['moderate_ip'], $result['ip_license']) ? (int)$result['moderate_ip'] : 0;
1557
- $apbct->data['spam_count'] = isset($result['spam_count']) ? (int)$result['spam_count'] : 0;
1558
- $apbct->data['auto_update'] = isset($result['auto_update_app']) ? (int)$result['auto_update_app'] : 0;
1559
- $apbct->data['user_token'] = isset($result['user_token']) ? (string)$result['user_token'] : '';
1560
- $apbct->data['license_trial'] = isset($result['license_trial']) ? (int)$result['license_trial'] : 0;
1561
- $apbct->data['account_name_ob'] = isset($result['account_name_ob']) ? (string)$result['account_name_ob'] : '';
1562
-
1563
- if($apbct->data['notice_show'] == 1 && $apbct->data['notice_trial'] == 1)
1564
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 3600);
1565
-
1566
- if($apbct->data['notice_show'] == 1 && $apbct->data['notice_renew'] == 1)
1567
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 1800);
1568
-
1569
- if($apbct->data['notice_show'] == 0)
1570
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
1571
-
1572
- $apbct->error_delete('account_check', 'save');
1573
-
1574
- $apbct->saveData();
1575
-
1576
- }elseif($process_errors){
1577
- $apbct->error_add('account_check', $result);
1578
- }
1579
-
1580
- if($result['valid']){
1581
- $apbct->data['key_is_ok'] = true;
1582
- $result = true;
1583
- }else{
1584
- $apbct->data['key_is_ok'] = false;
1585
- $result = false;
1586
- }
1587
-
1588
- return $result;
1589
- }
1590
-
1591
- function ct_mail_send_connection_report() {
1592
-
1593
- global $apbct;
1594
-
1595
- if (($apbct->settings['send_connection_reports'] == 1 && $apbct->connection_reports['negative'] > 0) || !empty($_GET['ct_send_connection_report']))
1596
- {
1597
- $to = "welcome@cleantalk.org" ;
1598
- $subject = "Connection report for ".$_SERVER['HTTP_HOST'];
1599
- $message = '
1600
- <html>
1601
- <head>
1602
- <title></title>
1603
- </head>
1604
- <body>
1605
- <p>From '.$apbct->connection_reports['since'].' to '.date('d M').' has been made '.($apbct->connection_reports['success']+$apbct->connection_reports['negative']).' calls, where '.$apbct->connection_reports['success'].' were success and '.$apbct->connection_reports['negative'].' were negative</p>
1606
- <p>Negative report:</p>
1607
- <table> <tr>
1608
- <td>&nbsp;</td>
1609
- <td><b>Date</b></td>
1610
- <td><b>Page URL</b></td>
1611
- <td><b>Library report</b></td>
1612
- <td><b>Server IP</b></td>
1613
- </tr>
1614
- ';
1615
- foreach ($apbct->connection_reports['negative_report'] as $key => $report)
1616
- {
1617
- $message.= '<tr>'
1618
- . '<td>'.($key+1).'.</td>'
1619
- . '<td>'.$report['date'].'</td>'
1620
- . '<td>'.$report['page_url'].'</td>'
1621
- . '<td>'.$report['lib_report'].'</td>'
1622
- . '<td>'.$report['work_url'].'</td>'
1623
- . '</tr>';
1624
- }
1625
- $message.='</table></body></html>';
1626
-
1627
- $headers = 'Content-type: text/html; charset=windows-1251 \r\n';
1628
- $headers .= 'From: '.get_option('admin_email');
1629
- mail($to, $subject, $message, $headers);
1630
- }
1631
-
1632
- $apbct->data['connection_reports'] = $apbct->def_data['connection_reports'];
1633
- $apbct->data['connection_reports']['since'] = date('d M');
1634
- $apbct->saveData();
1635
- }
1636
-
1637
- //* Write $message to the plugin's debug option
1638
- function apbct_log($message = 'empty', $func = null, $params = array())
1639
- {
1640
- global $apbct;
1641
-
1642
- $debug = get_option( APBCT_DEBUG );
1643
-
1644
- $function = $func ? $func : '';
1645
- $cron = in_array('cron', $params) ? true : false;
1646
- $data = in_array('data', $params) ? true : false;
1647
- $settings = in_array('settings', $params) ? true : false;
1648
-
1649
- if(is_array($message) or is_object($message))
1650
- $message = print_r($message, true);
1651
-
1652
- if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
1653
- if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1654
- if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1655
- if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1656
-
1657
- update_option(APBCT_DEBUG, $debug);
1658
- }
1659
-
1660
- function apbct_sfw__delete_tables( $blog_id, $drop ) {
1661
-
1662
- global $wpdb;
1663
-
1664
- $initial_blog = get_current_blog_id();
1665
-
1666
- switch_to_blog($blog_id);
1667
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
1668
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
1669
-
1670
- switch_to_blog($initial_blog);
1671
- }
1672
-
1673
- /**
1674
- * Is enable for user group
1675
- *
1676
- * @param WP_User $user
1677
- *
1678
- * @return boolean
1679
- */
1680
- function apbct_is_user_enable($user = null) {
1681
-
1682
- global $current_user;
1683
-
1684
- $user = !empty($user) ? $user : $current_user;
1685
-
1686
- return apbct_is_user_role_in(array('administrator', 'editor', 'author'), $user)
1687
- ? false
1688
- : true;
1689
- }
1690
-
1691
- /**
1692
- * Checks if the current user has role
1693
- *
1694
- * @param array $roles array of strings
1695
- * @param int|string|WP_User|mixed $user User ID to check|user_login|WP_User
1696
- *
1697
- * @return boolean Does the user has this role|roles
1698
- */
1699
- function apbct_is_user_role_in( $roles, $user = false ){
1700
-
1701
- if( is_numeric($user) && function_exists('get_userdata')) $user = get_userdata( $user );
1702
- if( is_string($user) && function_exists('get_user_by')) $user = get_user_by('login', $user );
1703
- if( ! $user && function_exists('wp_get_current_user')) $user = wp_get_current_user();
1704
- if( ! $user ) $user = apbct_wp_get_current_user();
1705
-
1706
- if( empty($user->ID) )
1707
- return false;
1708
-
1709
- foreach( (array) $roles as $role ){
1710
- if( isset($user->caps[ strtolower($role) ]) || in_array(strtolower($role), $user->roles) )
1711
- return true;
1712
- }
1713
-
1714
- return false;
1715
- }
1716
-
1717
- /**
1718
- * Update and rotate statistics with requests exection time
1719
- *
1720
- * @param $exec_time
1721
- */
1722
- function apbct_statistics__rotate($exec_time){
1723
-
1724
- global $apbct;
1725
-
1726
- // Delete old stats
1727
- if(min(array_keys($apbct->stats['requests'])) < time() - (86400 * 7))
1728
- unset($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]);
1729
-
1730
- // Create new if newest older than 1 day
1731
- if(empty($apbct->stats['requests']) || max(array_keys($apbct->stats['requests'])) < time() - (86400 * 1))
1732
- $apbct->stats['requests'][time()] = array('amount' => 0, 'average_time' => 0);
1733
-
1734
- // Update all existing stats
1735
- foreach($apbct->stats['requests'] as &$weak_stat){
1736
- $weak_stat['average_time'] = ($weak_stat['average_time'] * $weak_stat['amount'] + $exec_time) / ++$weak_stat['amount'];
1737
- }
1738
-
1739
- $apbct->save('stats');
1740
- }
1741
-
1742
- /**
1743
- * Runs update actions for new version.
1744
- *
1745
- * @global CleantalkState $apbct
1746
- */
1747
- function apbct_update_actions(){
1748
-
1749
- global $apbct;
1750
-
1751
- // Update logic
1752
- if($apbct->plugin_version != APBCT_VERSION){
1753
-
1754
- // Main blog
1755
- if(is_main_site()){
1756
-
1757
- require_once(CLEANTALK_PLUGIN_DIR.'inc/cleantalk-updater.php');
1758
-
1759
- $result = apbct_run_update_actions($apbct->plugin_version, APBCT_VERSION);
1760
- //If update is successfull
1761
- if($result === true){
1762
- $apbct->data['plugin_version'] = APBCT_VERSION;
1763
- $apbct->saveData();
1764
- }
1765
- ct_send_feedback('0:' . APBCT_AGENT ); // Send feedback to let cloud know about updated version.
1766
-
1767
- // Side blogs
1768
- }else{
1769
- $apbct->data['plugin_version'] = APBCT_VERSION;
1770
- $apbct->saveData();
1771
- }
1772
- }
1773
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1774
  }
1
+ <?php
2
+ /*
3
+ Plugin Name: Anti-Spam by CleanTalk
4
+ Plugin URI: http://cleantalk.org
5
+ Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.126
7
+ Author: СleanTalk <welcome@cleantalk.org>
8
+ Author URI: http://cleantalk.org
9
+ Text Domain: cleantalk
10
+ Domain Path: /i18n
11
+ */
12
+
13
+ $cleantalk_executed = false;
14
+
15
+ // Getting version form main file (look above)
16
+ $plugin_info = get_file_data(__FILE__, array('Version' => 'Version', 'Name' => 'Plugin Name',));
17
+
18
+ // Common params
19
+ define('APBCT_NAME', $plugin_info['Name']);
20
+ define('APBCT_VERSION', $plugin_info['Version']);
21
+ define('APBCT_URL_PATH', plugins_url('', __FILE__)); //HTTP path. Plugin root folder without '/'.
22
+ define('APBCT_DIR_PATH', dirname(__FILE__ ) . '/'); //System path. Plugin root folder with '/'.
23
+ define('APBCT_PLUGIN_BASE_NAME', plugin_basename(__FILE__)); //Plugin base name.
24
+ define('APBCT_CASERT_PATH', file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt') ? ABSPATH . WPINC . '/certificates/ca-bundle.crt' : ''); // SSL Serttificate path
25
+
26
+ // API params
27
+ define('APBCT_AGENT', 'wordpress-'.str_replace('.', '', $plugin_info['Version']));
28
+ define('APBCT_MODERATE_URL', 'http://moderate.cleantalk.org'); //Api URL
29
+
30
+ // Option names
31
+ define('APBCT_DATA', 'cleantalk_data'); //Option name with different plugin data.
32
+ define('APBCT_SETTINGS', 'cleantalk_settings'); //Option name with plugin settings.
33
+ define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
34
+ define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
35
+
36
+ // Multisite
37
+ define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
38
+
39
+ // Sessions
40
+ define('APBCT_SEESION__LIVE_TIME', 86400*2);
41
+ define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
42
+
43
+ // Different params
44
+ define('APBCT_REMOTE_CALL_SLEEP', 5); // Minimum time between remote call
45
+
46
+ if(!defined('CLEANTALK_PLUGIN_DIR')){
47
+
48
+ define('CLEANTALK_PLUGIN_DIR', dirname(__FILE__ ) . '/');
49
+
50
+ // PHP functions patches
51
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/cleantalk-php-patch.php'); // Pathces fpr different functions which not exists
52
+
53
+ // Base classes
54
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/API.php'); // API
55
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/DB.php'); // Database driver
56
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/Helper.php'); // Helper
57
+ include_once(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/Antispam/SFW.php"); // SpamFireWall
58
+
59
+ // Child classes
60
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkAPI.php'); // API for Wordpress
61
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
62
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkHelper.php'); // Helper for Worpdress
63
+ include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php"); // SpamFireWall for Wordpress
64
+
65
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk.php'); // Main class for request
66
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkRequest.php'); // Holds request data
67
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkResponse.php'); // Holds response data
68
+
69
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkCron.php'); // Cron handling
70
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkState.php'); // State class
71
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-pluggable.php'); // Pluggable functions
72
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
73
+
74
+ // Global ArrayObject with settings and other global varables
75
+ global $apbct;
76
+ $apbct = new CleantalkState('cleantalk', array('settings', 'data', 'debug', 'errors', 'remote_calls', 'stats'), is_multisite());
77
+
78
+ $apbct->white_label = defined('APBCT_WHITELABEL') && APBCT_WHITELABEL == true ? true : false;
79
+
80
+ // Customize CleantalkState
81
+ // Account status
82
+ $apbct->base_name = 'cleantalk-spam-protect/cleantalk.php';
83
+ $apbct->plugin_name = defined('APBCT_WHITELABEL_NAME') ? APBCT_WHITELABEL_NAME : APBCT_NAME; // For test purposes
84
+
85
+ $apbct->logo = plugin_dir_url(__FILE__) . 'inc/images/logo.png';
86
+ $apbct->logo__small = plugin_dir_url(__FILE__) . 'inc/images/logo_small.png';
87
+ $apbct->logo__small__colored = plugin_dir_url(__FILE__) . 'inc/images/logo_color.png';
88
+
89
+ $apbct->key_is_ok = !empty($apbct->data['key_is_ok']) ? $apbct->data['key_is_ok'] : 0;
90
+ $apbct->key_is_ok = isset($apbct->data['testing_failed']) && $apbct->data['testing_failed'] == 0 ? 1 : $apbct->key_is_ok;
91
+
92
+ $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
93
+ $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
94
+
95
+ $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
96
+
97
+ if(!$apbct->white_label){
98
+ require_once( CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
99
+ $apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
100
+ }
101
+
102
+ // Passing JS key to frontend
103
+ add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
104
+ add_action('wp_ajax_nopriv_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
105
+
106
+ // Database prefix
107
+ global $wpdb;
108
+ $apbct->db_prefix = !$apbct->white_label && defined('CLEANTALK_ACCESS_KEY') ? $wpdb->base_prefix : $wpdb->prefix;
109
+ // Database constants
110
+ define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
111
+ define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
112
+ define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
113
+ define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
114
+ define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
115
+
116
+ /** @todo HARDCODE FIX */
117
+ if($apbct->plugin_version === '1.0.0')
118
+ $apbct->plugin_version = '5.100';
119
+
120
+ // Do update actions if version is changed
121
+ apbct_update_actions();
122
+
123
+ // Self cron
124
+ if(!defined('DOING_CRON') || (defined('DOING_CRON') && DOING_CRON !== true)){
125
+
126
+ $ct_cron = new CleantalkCron();
127
+ $ct_cron->checkTasks();
128
+
129
+ if(!empty($ct_cron->tasks_to_run)){
130
+
131
+ define('CT_CRON', true); // Letting know functions that they are running under CT_CRON
132
+ $ct_cron->runTasks();
133
+ unset($ct_cron);
134
+
135
+ }
136
+ }
137
+
138
+ /*
139
+ * New structure
140
+ */
141
+ require_once( CLEANTALK_PLUGIN_DIR . 'inc/classCleantalkPublic.php' );
142
+ add_action( 'init', array( 'classCleantalkPublic', 'init' ) );
143
+
144
+ if ( is_admin() || ( defined( 'WP_CLI' ) && WP_CLI ) ) {
145
+ require_once( CLEANTALK_PLUGIN_DIR . 'inc/classCleantalkAdmin.php' );
146
+ add_action( 'init', array( 'classCleantalkAdmin', 'init' ) );
147
+ }
148
+
149
+ //Delete cookie for admin trial notice
150
+ add_action('wp_logout', 'apbct__hook__wp_logout__delete_trial_notice_cookie');
151
+
152
+ // Set cookie only for public pages and for non-AJAX requests
153
+ if (!is_admin() && !apbct_is_ajax() && !defined('DOING_CRON')
154
+ && empty($_POST['ct_checkjs_register_form']) // Buddy press registration fix
155
+ && empty($_GET['ct_checkjs_search_default']) // Search form fix
156
+ && empty($_POST['action']) //bbPress
157
+ ){
158
+ add_action('template_redirect','apbct_cookie', 2);
159
+ add_action('template_redirect','apbct_store__urls', 2);
160
+ if (empty($_POST) && empty($_GET)){
161
+ apbct_cookie();
162
+ apbct_store__urls();
163
+ }
164
+ }
165
+
166
+ // Early checks
167
+ // Facebook
168
+ if ($apbct->settings['general_contact_forms_test'] == 1
169
+ && (!empty($_POST['action']) && $_POST['action'] == 'fb_intialize')
170
+ && !empty($_POST['FB_userdata'])
171
+ ){
172
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
173
+ if (apbct_is_user_enable()){
174
+ $ct_check_post_result=false;
175
+ ct_registration_errors(null);
176
+ }
177
+
178
+ }
179
+
180
+ // Ninja Forms. Making GET action to POST action
181
+ if(isset($_SERVER['REQUEST_URI']) && stripos($_SERVER['REQUEST_URI'],'admin-ajax.php') !== false && sizeof($_POST) > 0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
182
+ $_POST['action']='ninja_forms_ajax_submit';
183
+
184
+ add_action( 'wp_ajax_nopriv_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
185
+ add_action( 'wp_ajax_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
186
+ add_action( 'wp_ajax_nopriv_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
187
+ add_action( 'wp_ajax_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
188
+ add_action( 'ninja_forms_process', 'apbct_form__ninjaForms__testSpam', 1); // Depricated ?
189
+
190
+ // Public actions
191
+ if(!is_admin() && !apbct_is_ajax()){
192
+
193
+ // Default search
194
+ //add_filter( 'get_search_form', 'apbct_forms__search__addField' );
195
+ add_filter( 'get_search_query', 'apbct_forms__search__testSpam' );
196
+
197
+ // Remote calls
198
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && in_array($_GET['plugin_name'], array('antispam','anti-spam', 'apbct'))){
199
+ apbct_remote_call__perform();
200
+ }
201
+
202
+ // SpamFireWall check
203
+ if( $apbct->plugin_version == APBCT_VERSION && // Do not call with first start
204
+ $apbct->settings['spam_firewall'] == 1 &&
205
+ $_SERVER["REQUEST_METHOD"] == 'GET')
206
+ {
207
+ apbct_sfw__check();
208
+ }
209
+
210
+ }
211
+
212
+
213
+ // Activation/deactivation functions must be in main plugin file.
214
+ // http://codex.wordpress.org/Function_Reference/register_activation_hook
215
+ register_activation_hook( __FILE__, 'apbct_activation' );
216
+ register_deactivation_hook( __FILE__, 'apbct_deactivation' );
217
+
218
+ // Hook for newly added blog
219
+ add_action('wpmu_new_blog', 'apbct_activation__new_blog', 10, 6);
220
+
221
+ // Async loading for JavaScript
222
+ add_filter('script_loader_tag', 'apbct_add_async_attribute', 10, 3);
223
+
224
+ // Redirect admin to plugin settings.
225
+ if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
226
+ add_action('admin_init', 'apbct_plugin_redirect');
227
+
228
+ // Deleting SFW tables when deleting websites
229
+ if(defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE === true)
230
+ add_action( 'delete_blog', 'apbct_sfw__delete_tables', 10, 2 );
231
+
232
+ // After plugin loaded - to load locale as described in manual
233
+ add_action('plugins_loaded', 'apbct_plugin_loaded' );
234
+
235
+ if( !empty($apbct->settings['use_ajax']) &&
236
+ stripos($_SERVER['REQUEST_URI'],'.xml')===false &&
237
+ stripos($_SERVER['REQUEST_URI'],'.xsl')===false)
238
+ {
239
+ add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
240
+ add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
241
+ }
242
+
243
+ // Admin panel actions
244
+ if (is_admin() || is_network_admin()){
245
+
246
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
247
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
248
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
249
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-settings.php');
250
+
251
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
252
+
253
+ add_action('admin_enqueue_scripts', 'apbct_admin__enqueue_scripts');
254
+
255
+ add_action('admin_init', 'apbct_admin__init', 1);
256
+ add_action('admin_menu', 'apbct_settings__add_page');
257
+ add_action('network_admin_menu', 'apbct_settings__add_page');
258
+ add_action('admin_notices', 'apbct_admin__notice_message');
259
+ add_action('network_admin_notices', 'apbct_admin__notice_message');
260
+
261
+ //Show widget only if not IP license
262
+ if(!$apbct->moderate_ip)
263
+ add_action('wp_dashboard_setup', 'ct_dashboard_statistics_widget' );
264
+ }
265
+
266
+ if(apbct_is_ajax() || isset($_POST['cma-action'])){
267
+
268
+ $cleantalk_hooked_actions = array();
269
+ $cleantalk_ajax_actions_to_check = array();
270
+
271
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
272
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
273
+
274
+ // Feedback for comments
275
+ if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_comment'){
276
+ add_action( 'wp_ajax_nopriv_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
277
+ add_action( 'wp_ajax_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
278
+ }
279
+ if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_user'){
280
+ add_action( 'wp_ajax_nopriv_ct_feedback_user', 'apbct_user__send_feedback',1 );
281
+ add_action( 'wp_ajax_ct_feedback_user', 'apbct_user__send_feedback',1 );
282
+ }
283
+
284
+ // Check AJAX requests
285
+ // if User is not logged in
286
+ // if Unknown action or Known action with mandatory check
287
+ if( (!apbct_is_user_logged_in() || $apbct->settings['protect_logged_in'] == 1) &&
288
+ isset($_POST['action']) && (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
289
+ ){
290
+ ct_ajax_hook();
291
+ }
292
+
293
+ //QAEngine Theme answers
294
+ if (intval($apbct->settings['general_contact_forms_test']))
295
+ add_filter('et_pre_insert_question', 'ct_ajax_hook', 1, 1); // Questions
296
+ add_filter('et_pre_insert_answer', 'ct_ajax_hook', 1, 1); // Answers
297
+
298
+ // Formidable
299
+ add_filter( 'frm_entries_before_create', 'ct_frm_validate_entry', 10, 2 );
300
+ add_action( 'frm_entries_footer_scripts', 'ct_frm_entries_footer_scripts', 20, 2 );
301
+
302
+ // Some of plugins to register a users use AJAX context.
303
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
304
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
305
+ add_action('user_register', 'apbct_user_register');
306
+
307
+ if(class_exists('BuddyPress')){
308
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
309
+ add_filter('bp_activity_is_spam_before_save', 'apbct_integration__buddyPres__activityWall', 999 ,2); /* ActivityWall */
310
+ add_action('bp_locate_template', 'apbct_integration__buddyPres__getTemplateName', 10, 6);
311
+ }
312
+
313
+ }
314
+
315
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
316
+ //Bitrix24 contact form
317
+ if ($apbct->settings['general_contact_forms_test'] == 1 &&
318
+ !empty($_POST['your-phone']) &&
319
+ !empty($_POST['your-email']) &&
320
+ !empty($_POST['your-message'])
321
+ ){
322
+ $ct_check_post_result=false;
323
+ ct_contact_form_validate();
324
+ }
325
+
326
+ // Sends feedback to the cloud about comments
327
+ // add_action('wp_set_comment_status', 'ct_comment_send_feedback', 10, 2);
328
+
329
+ // Sends feedback to the cloud about deleted users
330
+ global $pagenow;
331
+ if($pagenow=='users.php')
332
+ add_action('delete_user', 'apbct_user__delete__hook', 10, 2);
333
+
334
+ if($pagenow=='plugins.php' || (isset($_SERVER['REQUEST_URI']) && strpos($_SERVER['REQUEST_URI'],'plugins.php') !== false)){
335
+
336
+ add_filter('plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
337
+ add_filter('network_admin_plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
338
+
339
+ add_filter('plugin_row_meta', 'apbct_admin__register_plugin_links', 10, 2);
340
+ }
341
+
342
+ // Public pages actions
343
+ }else{
344
+
345
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
346
+
347
+ add_action('wp_enqueue_scripts', 'ct_enqueue_scripts_public');
348
+
349
+ // Init action.
350
+ add_action('plugins_loaded', 'apbct_init', 1);
351
+
352
+ // Comments
353
+ add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
354
+ add_filter('comment_text', 'ct_comment_text' );
355
+ add_filter('wp_die_handler', 'apbct_comment__sanitize_data__before_wp_die', 1); // Check comments after validation
356
+
357
+ // Registrations
358
+ if(!isset($_POST['wp-submit'])){
359
+ add_action('login_form_register', 'apbct_cookie');
360
+ add_action('login_form_register', 'apbct_store__urls');
361
+ }
362
+ add_action('login_enqueue_scripts', 'apbct_login__scripts');
363
+ add_action('register_form', 'ct_register_form');
364
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
365
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
366
+ add_action('user_register', 'apbct_user_register');
367
+
368
+ // Multisite registrations
369
+ add_action('signup_extra_fields','ct_register_form');
370
+ add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
371
+
372
+ // Login form - for notifications only
373
+ add_filter('login_message', 'ct_login_message');
374
+
375
+ // Comments output hook
376
+ add_filter('wp_list_comments_args', 'ct_wp_list_comments_args');
377
+
378
+ // Ait-Themes fix
379
+ if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
380
+ $tmp=$_POST['redirect_to'];
381
+ unset($_POST['redirect_to']);
382
+ ct_contact_form_validate();
383
+ $_POST['redirect_to']=$tmp;
384
+ }
385
+ }
386
+
387
+ // Short code for GDPR
388
+ if($apbct->settings['gdpr_enabled'])
389
+ add_shortcode('cleantalk_gdpr_form', 'apbct_shrotcode_handler__GDPR_public_notice__form');
390
+
391
+ }
392
+
393
+ /**
394
+ * Function preforms remote call
395
+ */
396
+ function apbct_remote_call__perform()
397
+ {
398
+ global $apbct;
399
+
400
+ $remote_action = $_GET['spbc_remote_call_action'];
401
+
402
+ if(array_key_exists($remote_action, $apbct->remote_calls)){
403
+
404
+ if(time() - $apbct->remote_calls[$remote_action]['last_call'] > APBCT_REMOTE_CALL_SLEEP){
405
+
406
+ $apbct->remote_calls[$remote_action]['last_call'] = time();
407
+ $apbct->save('remote_calls');
408
+
409
+ if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
410
+
411
+ // Flag to let plugin know that Remote Call is running.
412
+ $apbct->rc_running = true;
413
+
414
+ switch ($_GET['spbc_remote_call_action']) {
415
+
416
+ // Close renew banner
417
+ case 'close_renew_banner':
418
+ $apbct->data['notice_trial'] = 0;
419
+ $apbct->data['notice_renew'] = 0;
420
+ $apbct->saveData();
421
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
422
+ die('OK');
423
+ break;
424
+
425
+ // SFW update
426
+ case 'sfw_update':
427
+ $result = ct_sfw_update(true);
428
+ /**
429
+ * @todo CRUNCH
430
+ */
431
+ if(is_string($result) && strpos($result, 'FAIL') !== false){
432
+ $result = json_decode(substr($result, 5), true);
433
+ }
434
+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
435
+ break;
436
+
437
+ // SFW send logs
438
+ case 'sfw_send_logs':
439
+ $result = ct_sfw_send_logs();
440
+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
441
+ break;
442
+
443
+ // Update plugin
444
+ case 'update_plugin':
445
+ add_action('wp', 'apbct_rc__update', 1);
446
+ break;
447
+
448
+ // Install plugin
449
+ case 'install_plugin':
450
+ add_action('wp', 'apbct_rc__install_plugin', 1);
451
+ break;
452
+ // Activate plugin
453
+ case 'activate_plugin':
454
+ $result = apbct_rc__activate_plugin($_GET['plugin']);
455
+ die(empty($result['error'])
456
+ ? 'OK'
457
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
458
+ break;
459
+
460
+ // Insert API key
461
+ case 'insert_auth_key':
462
+ $result = apbct_rc__insert_auth_key($_GET['auth_key'], $_GET['plugin']);
463
+ die(empty($result['error'])
464
+ ? 'OK'
465
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
466
+ break;
467
+
468
+ // Update settins
469
+ case 'update_settings':
470
+ $result = apbct_rc__update_settings($_GET);
471
+ die(empty($result['error'])
472
+ ? 'OK'
473
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
474
+ break;
475
+ // Deactivate plugin
476
+ case 'deactivate_plugin':
477
+ add_action('plugins_loaded', 'apbct_rc__deactivate_plugin', 1);
478
+ break;
479
+
480
+ // Uninstall plugin
481
+ case 'uninstall_plugin':
482
+ add_action('plugins_loaded', 'apbct_rc__uninstall_plugin', 1);
483
+ break;
484
+ // No action found
485
+ default:
486
+ die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION_2')));
487
+ break;
488
+ }
489
+
490
+ }else
491
+ die('FAIL '.json_encode(array('error' => 'WRONG_TOKEN')));
492
+ }else
493
+ die('FAIL '.json_encode(array('error' => 'TOO_MANY_ATTEMPTS')));
494
+ }else
495
+ die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION')));
496
+ }
497
+
498
+ /**
499
+ * Function for SpamFireWall check
500
+ */
501
+ function apbct_sfw__check()
502
+ {
503
+ global $apbct, $spbc, $cleantalk_url_exclusions;
504
+
505
+ // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
506
+ if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
507
+ $core_page_to_skip_check = array('/feed');
508
+ foreach (array_merge($cleantalk_url_exclusions, $core_page_to_skip_check) as $v) {
509
+ if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
510
+ return;
511
+ }
512
+ }
513
+ }
514
+
515
+ // Turn off the SpamFireWall if Remote Call is in progress
516
+ if($apbct->rc_running || (!empty($spbc) && $spbc->rc_running))
517
+ return;
518
+
519
+ $is_sfw_check = true;
520
+ $sfw = new CleantalkSFW();
521
+ $sfw->ip_array = (array)$sfw->ip__get(array('real'), true);
522
+
523
+ // Skip by cookie
524
+ foreach($sfw->ip_array as $ct_cur_ip){
525
+ if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$apbct->api_key)){
526
+ $is_sfw_check=false;
527
+ if(isset($_COOKIE['ct_sfw_passed'])){
528
+ $sfw->logs__update($ct_cur_ip, 'passed');
529
+ $apbct->data['sfw_counter']['all']++;
530
+ $apbct->saveData();
531
+ if(!headers_sent())
532
+ setcookie ('ct_sfw_passed', '0', time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
533
+ }
534
+ break;
535
+ }else{
536
+ $is_sfw_check = true;
537
+ }
538
+ }
539
+
540
+ // Skip the check
541
+ if(!empty($_GET['access'])){
542
+ $spbc_settings = get_option('spbc_settings');
543
+ $spbc_key = !empty($spbc_settings['spbc_key']) ? $spbc_settings['spbc_key'] : false;
544
+ if($_GET['access'] === $apbct->api_key || ($spbc_key !== false && $_GET['access'] === $spbc_key)){
545
+ $is_sfw_check = false;
546
+ setcookie ('spbc_firewall_pass_key', md5($_SERVER['REMOTE_ADDR'].$spbc_key), time()+1200, '/');
547
+ setcookie ('ct_sfw_pass_key', md5($_SERVER['REMOTE_ADDR'].$apbct->api_key), time()+1200, '/');
548
+ }
549
+ unset($spbc_settings, $spbc_key);
550
+ }
551
+
552
+ if($is_sfw_check){
553
+
554
+ $sfw->ip_check();
555
+
556
+ // Pass remote calls
557
+ if($sfw->pass === false){
558
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name'])){
559
+ foreach($sfw->blocked_ips as $ip){
560
+ $resolved = CleantalkHelper::ip__resolve($ip['ip']);
561
+ if($resolved && preg_match('/cleantalk\.org/', $resolved) === 1 || $resolved === 'back'){
562
+ $sfw->pass = true;
563
+ }
564
+ } unset($ip);
565
+ }
566
+ }
567
+
568
+ if($sfw->test){
569
+ $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST), 'test');
570
+ }
571
+
572
+ if($sfw->pass === false){
573
+ foreach($sfw->blocked_ips as $ip){
574
+ $sfw->logs__update($ip['ip'], 'blocked');
575
+ }
576
+ $apbct->data['sfw_counter']['blocked']++;
577
+ $apbct->saveData();
578
+ $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST));
579
+ }else{
580
+ reset($sfw->passed_ips);
581
+ if(!empty($apbct->settings['set_cookies']) && !headers_sent() && key($sfw->passed_ips))
582
+ setcookie ('ct_sfw_pass_key', md5($sfw->passed_ips[key($sfw->passed_ips)]['ip'].$apbct->api_key), time()+86400*30, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
583
+ }
584
+ }
585
+ unset($is_sfw_check, $sfw, $sfw_ip, $ct_cur_ip);
586
+ }
587
+
588
+ /**
589
+ * On activation, set a time, frequency and name of an action hook to be scheduled.
590
+ */
591
+ function apbct_activation( $network = false ) {
592
+
593
+ global $wpdb;
594
+
595
+ // SFW data
596
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
597
+ `network` int(11) unsigned NOT NULL,
598
+ `mask` int(11) unsigned NOT NULL,
599
+ INDEX ( `network` , `mask` )
600
+ ) ENGINE = MYISAM ;';
601
+
602
+ // SFW log
603
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
604
+ `ip` VARCHAR(15) NOT NULL,
605
+ `all_entries` INT NOT NULL,
606
+ `blocked_entries` INT NOT NULL,
607
+ `entries_timestamp` INT NOT NULL,
608
+ PRIMARY KEY (`ip`))
609
+ ENGINE = MYISAM;';
610
+
611
+ // Sessions
612
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
613
+ `id` VARCHAR(64) NOT NULL,
614
+ `name` VARCHAR(40) NOT NULL,
615
+ `value` TEXT NULL DEFAULT NULL,
616
+ `last_update` DATETIME NULL DEFAULT NULL,
617
+ PRIMARY KEY (`name`(40), `id`(64)))
618
+ ENGINE = MYISAM;';
619
+
620
+ if($network && !defined('CLEANTALK_ACCESS_KEY')){
621
+ $initial_blog = get_current_blog_id();
622
+ $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
623
+ foreach ($blogs as $blog) {
624
+ switch_to_blog($blog);
625
+ apbct_activation__create_tables($sqls);
626
+ // Cron tasks
627
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
628
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
629
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
630
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+300); // SFW update
631
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
632
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
633
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
634
+ }
635
+ switch_to_blog($initial_blog);
636
+ }else{
637
+
638
+ // Cron tasks
639
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
640
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
641
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
642
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
643
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
644
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
645
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
646
+
647
+ apbct_activation__create_tables($sqls);
648
+ ct_sfw_update(); // Updating SFW
649
+ ct_account_status_check(null, false);
650
+ }
651
+
652
+ // Additional options
653
+ add_option('ct_plugin_do_activation_redirect', true);
654
+ }
655
+
656
+ function apbct_activation__create_tables($sqls) {
657
+ global $wpdb;
658
+ $wpdb->show_errors = false;
659
+ foreach($sqls as $sql){
660
+ $sql = sprintf($sql, $wpdb->prefix); // Adding current blog prefix
661
+ $result = $wpdb->query($sql);
662
+ if($result === false)
663
+ $errors[] = "Failed.\nQuery: {$wpdb->last_query}\nError: {$wpdb->last_error}";
664
+ }
665
+ $wpdb->show_errors = true;
666
+
667
+ // Logging errors
668
+ if(!empty($errors))
669
+ apbct_log($errors);
670
+ }
671
+
672
+ function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id, $meta) {
673
+ if (apbct_is_plugin_active_for_network('cleantalk-spam-protect/cleantalk.php')){
674
+
675
+ switch_to_blog($blog_id);
676
+
677
+ global $wpdb;
678
+
679
+ // SFW data
680
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
681
+ `network` int(11) unsigned NOT NULL,
682
+ `mask` int(11) unsigned NOT NULL,
683
+ INDEX ( `network` , `mask` )
684
+ ) ENGINE = MYISAM ;';
685
+
686
+ // SFW log
687
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
688
+ `ip` VARCHAR(15) NOT NULL,
689
+ `all_entries` INT NOT NULL,
690
+ `blocked_entries` INT NOT NULL,
691
+ `entries_timestamp` INT NOT NULL,
692
+ PRIMARY KEY (`ip`))
693
+ ENGINE = MYISAM;';
694
+
695
+ // Sessions
696
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
697
+ `id` VARCHAR(64) NOT NULL,
698
+ `name` TEXT NOT NULL,
699
+ `value` TEXT NULL DEFAULT NULL,
700
+ `last_update` DATETIME NULL DEFAULT NULL,
701
+ PRIMARY KEY (`id`(64), `name`(64)))
702
+ ENGINE = MYISAM;';
703
+
704
+ // Cron tasks
705
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
706
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
707
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
708
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
709
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
710
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
711
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
712
+ apbct_activation__create_tables($sqls);
713
+ ct_sfw_update(); // Updating SFW
714
+ ct_account_status_check(null, false);
715
+ restore_current_blog();
716
+ }
717
+ }
718
+
719
+ /**
720
+ * On deactivation, clear schedule.
721
+ */
722
+ function apbct_deactivation( $network ) {
723
+
724
+ global $apbct, $wpdb;
725
+
726
+ // Deactivation for network
727
+ if(is_multisite() && $network){
728
+
729
+ $initial_blog = get_current_blog_id();
730
+ $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
731
+ foreach ($blogs as $blog) {
732
+ switch_to_blog($blog);
733
+ apbct_deactivation__delete_blog_tables();
734
+ delete_option('cleantalk_cron'); // Deleting cron entries
735
+
736
+ if($apbct->settings['complete_deactivation'])
737
+ apbct_deactivation__delete_all_options();
738
+
739
+ }
740
+ switch_to_blog($initial_blog);
741
+
742
+ // Deactivation for blog
743
+ }elseif(is_multisite()){
744
+
745
+ apbct_deactivation__delete_common_tables();
746
+ delete_option('cleantalk_cron'); // Deleting cron entries
747
+
748
+ if($apbct->settings['complete_deactivation'])
749
+ apbct_deactivation__delete_all_options();
750
+
751
+ // Deactivation on standalone blog
752
+ }elseif(!is_multisite()){
753
+
754
+ apbct_deactivation__delete_common_tables();
755
+ delete_option('cleantalk_cron'); // Deleting cron entries
756
+
757
+ if($apbct->settings['complete_deactivation'])
758
+ apbct_deactivation__delete_all_options();
759
+
760
+ }
761
+ }
762
+
763
+ /**
764
+ * Delete all cleantalk_* entries from _options table
765
+ */
766
+ function apbct_deactivation__delete_all_options(){
767
+ delete_option('cleantalk_settings');
768
+ delete_option('cleantalk_data');
769
+ delete_option('cleantalk_cron');
770
+ delete_option('cleantalk_errors');
771
+ delete_option('cleantalk_remote_calls');
772
+ delete_option('cleantalk_server');
773
+ delete_option('cleantalk_stats');
774
+ delete_option('cleantalk_timelabel_reg');
775
+ }
776
+
777
+ function apbct_deactivation__delete_common_tables() {
778
+ global $wpdb;
779
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw`;'); // Deleting SFW data
780
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
781
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sessions`;'); // Deleting session table
782
+ }
783
+
784
+ function apbct_deactivation__delete_blog_tables() {
785
+ global $wpdb;
786
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
787
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
788
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sessions`;'); // Deleting session table
789
+ }
790
+
791
+ /**
792
+ * Redirects admin to plugin settings after activation.
793
+ */
794
+ function apbct_plugin_redirect()
795
+ {
796
+ if (get_option('ct_plugin_do_activation_redirect', false) && !isset($_GET['activate-multi'])){
797
+ delete_option('ct_plugin_do_activation_redirect');
798
+ wp_redirect("options-general.php?page=cleantalk");
799
+ }
800
+ }
801
+
802
+ function ct_add_event($event_type)
803
+ {
804
+ global $apbct, $cleantalk_executed;
805
+
806
+ //
807
+ // To migrate on the new version of ct_add_event().
808
+ //
809
+ switch ($event_type) {
810
+ case '0': $event_type = 'no';break;
811
+ case '1': $event_type = 'yes';break;
812
+ }
813
+
814
+ $current_hour = intval(date('G'));
815
+
816
+ // Updating current hour
817
+ if($current_hour!=$apbct->data['current_hour']){
818
+ $apbct->data['current_hour'] = $current_hour;
819
+ $apbct->data['array_accepted'][$current_hour] = 0;
820
+ $apbct->data['array_blocked'][$current_hour] = 0;
821
+ }
822
+
823
+ //Add 1 to counters
824
+ if($event_type=='yes'){
825
+ $apbct->data['array_accepted'][$current_hour]++;
826
+ $apbct->data['all_time_counter']['accepted']++;
827
+ $apbct->data['user_counter']['accepted']++;
828
+ }
829
+ if($event_type=='no'){
830
+ $apbct->data['array_blocked'][$current_hour]++;
831
+ $apbct->data['all_time_counter']['blocked']++;
832
+ $apbct->data['user_counter']['blocked']++;
833
+ }
834
+
835
+ $apbct->saveData();
836
+
837
+ $cleantalk_executed=true;
838
+ }
839
+
840
+ /**
841
+ * return new cookie value
842
+ */
843
+ function ct_get_cookie()
844
+ {
845
+ global $ct_checkjs_def;
846
+ $ct_checkjs_key = ct_get_checkjs_value();
847
+ print $ct_checkjs_key;
848
+ die();
849
+ }
850
+
851
+ function ct_sfw_update($immediate = false){
852
+
853
+ global $apbct;
854
+
855
+ if($apbct->settings['spam_firewall'] == 1){
856
+
857
+ $sfw = new CleantalkSFW();
858
+
859
+ $file_url = isset($_GET['file_url']) ? $_GET['file_url'] : null;
860
+ $result = $sfw->sfw_update($apbct->api_key, $file_url, $immediate);
861
+
862
+ if(empty($result['error'])){
863
+ $apbct->stats['sfw']['last_update_time'] = time();
864
+ $apbct->stats['sfw']['entries'] = $result;
865
+ $apbct->save('stats');
866
+ }
867
+
868
+ return $result;
869
+ }
870
+
871
+ return array('error' => 'SFW_DISABLED');
872
+
873
+ }
874
+
875
+ function ct_sfw_send_logs()
876
+ {
877
+ global $apbct;
878
+
879
+ if($apbct->settings['spam_firewall'] == 1){
880
+
881
+ $sfw = new CleantalkSFW();
882
+ $result = $sfw->logs__send($apbct->api_key);
883
+
884
+ if(empty($result['error'])){
885
+ $apbct->stats['sfw']['last_send_time'] = time();
886
+ $apbct->stats['sfw']['last_send_amount'] = $result['rows'];
887
+ $apbct->save('stats');
888
+ }
889
+
890
+ return $result;
891
+
892
+ }
893
+
894
+ return array('error' => 'SFW_DISABLED');
895
+ }
896
+
897
+ /**
898
+ * Wrapper for Cleantalk's remote calls
899
+ *
900
+ * @param string $action What you want to do?
901
+ * @param array $additional_params Additional GET parameters for RC
902
+ * @param string $presets Presets for CleantalkHelper::http__request(). 'async' maybe?
903
+ * @param string $plugin_name Plugin name 'antispam' by default
904
+ * @param string $call_token RC securirty token
905
+ * @param string $url Current site URL by default
906
+ *
907
+ * @return array|bool
908
+ */
909
+ function apbct_rc__send($action, $additional_params = array(), $presets = 'get', $plugin_name = 'antispam', $call_token = '', $url = ''){
910
+
911
+ global $apbct;
912
+
913
+ $default_params = array(
914
+ 'plugin_name' => $plugin_name,
915
+ 'spbc_remote_call_token' => $call_token ? $call_token : md5($apbct->api_key),
916
+ 'spbc_remote_call_action' => $action,
917
+ );
918
+
919
+ $params = array_merge($additional_params, $default_params);
920
+
921
+ return apbct_rc__parse_result(
922
+ CleantalkHelper::http__request(
923
+ $url ? $url : get_option('siteurl'),
924
+ $params,
925
+ $presets
926
+ )
927
+ );
928
+ }
929
+
930
+ /**
931
+ * Parse different types of remote call results
932
+ *
933
+ * @param array|string $rc_result
934
+ * string - 'FAIL {"some":"result}'
935
+ * string - 'OK {"some":"result}'
936
+ *
937
+ * @return array|string
938
+ */
939
+ function apbct_rc__parse_result($rc_result){
940
+ if(is_string($rc_result)){
941
+ $rc_result = preg_replace('/^(OK\s?|FAIL\s?)(.*)/', '$2', $rc_result, 1);
942
+ $rc_result = json_decode($rc_result, true);
943
+ $rc_result = $rc_result
944
+ ? $rc_result
945
+ : array('error' => 'FAIL_TO_PARSE_RC_RESULT');
946
+ }
947
+ return $rc_result;
948
+ }
949
+
950
+ /**
951
+ * Install plugin from wordpress catalog
952
+ *
953
+ * @param WP $wp
954
+ * @param string $plugin_slug
955
+ */
956
+ function apbct_rc__install_plugin($wp = null, $plugin = null){
957
+
958
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
959
+
960
+ if($plugin){
961
+
962
+ if(preg_match('/[a-zA-Z-\d]+[\/\\][a-zA-Z-\d]+\.php/', $plugin)){
963
+
964
+ $plugin_slug = preg_replace('@([a-zA-Z-\d]+)[\\\/].*@', '$1', $plugin);
965
+
966
+ if($plugin_slug){
967
+
968
+ require_once(ABSPATH.'wp-admin/includes/plugin-install.php');
969
+ $result = plugins_api(
970
+ 'plugin_information',
971
+ array(
972
+ 'slug' => $plugin_slug,
973
+ 'fileds' => array('version' => true, 'download_link' => true,),
974
+ )
975
+ );
976
+
977
+ if(!is_wp_error($result)){
978
+
979
+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
980
+ include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
981
+ include_once( ABSPATH . 'wp-admin/includes/file.php' );
982
+ include_once( ABSPATH . 'wp-admin/includes/misc.php' );
983
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
984
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
985
+
986
+ $installer= new CleantalkUpgrader( new CleantalkUpgraderSkin() );
987
+ $installer->install($result->download_link);
988
+
989
+ if($installer->apbct_result === 'OK'){
990
+ die('OK');
991
+
992
+ }else
993
+ die('FAIL '. json_encode(array('error' => $installer->apbct_result)));
994
+ }else
995
+ die('FAIL '. json_encode(array('error' => 'FAIL_TO_GET_LATEST_VERSION', 'details' => $result->get_error_message(),)));
996
+ }else
997
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_SLUG_INCORRECT')));
998
+ }else
999
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_INCORRECT')));
1000
+ }else
1001
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1002
+ }
1003
+
1004
+ function apbct_rc__activate_plugin($plugin){
1005
+
1006
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1007
+
1008
+ if($plugin){
1009
+
1010
+ if(preg_match('@[a-zA-Z-\d]+[\\\/][a-zA-Z-\d]+\.php@', $plugin)){
1011
+
1012
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1013
+
1014
+ $result = activate_plugins($plugin);
1015
+
1016
+ if($result && !is_wp_error($result)){
1017
+ return array('success' => true);
1018
+ }else
1019
+ return array('error' => 'FAIL_TO_ACTIVATE', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''));
1020
+ }else
1021
+ return array('error' => 'PLUGIN_NAME_IS_INCORRECT');
1022
+ }else
1023
+ return array('error' => 'PLUGIN_NAME_IS_UNSET');
1024
+ }
1025
+
1026
+ /**
1027
+ * Uninstall plugin from wordpress catalog
1028
+ *
1029
+ * @param null $plugin_name
1030
+ */
1031
+ function apbct_rc__deactivate_plugin($plugin = null){
1032
+
1033
+ global $apbct;
1034
+
1035
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1036
+
1037
+ if($plugin){
1038
+
1039
+ // Switching complete deactivation for security
1040
+ if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1041
+ $spbc_settings = get_option('spbc_settings');
1042
+ $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1043
+ update_option('spbc_settings', $spbc_settings);
1044
+ }
1045
+
1046
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1047
+
1048
+ if(is_plugin_active( $plugin )){
1049
+ // Hook to set flag if the plugin is deactivated
1050
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1051
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1052
+ }else{
1053
+ $apbct->plugin_deactivated = true;
1054
+ }
1055
+
1056
+ // Hook to set flag if the plugin is deactivated
1057
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1058
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1059
+
1060
+ if($apbct->plugin_deactivated){
1061
+ die('OK');
1062
+ }else
1063
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1064
+ }else
1065
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1066
+ }
1067
+
1068
+
1069
+ /**
1070
+ * Uninstall plugin from wordpress catalog
1071
+ *
1072
+ * @param null $plugin
1073
+ */
1074
+ function apbct_rc__uninstall_plugin($plugin = null){
1075
+
1076
+ global $apbct;
1077
+
1078
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1079
+
1080
+ if($plugin){
1081
+
1082
+ // Switching complete deactivation for security
1083
+ if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1084
+ $spbc_settings = get_option('spbc_settings');
1085
+ $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1086
+ update_option('spbc_settings', $spbc_settings);
1087
+ }
1088
+
1089
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1090
+
1091
+ if(is_plugin_active( $plugin )){
1092
+ // Hook to set flag if the plugin is deactivated
1093
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1094
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1095
+ }else{
1096
+ $apbct->plugin_deactivated = true;
1097
+ }
1098
+
1099
+ if($apbct->plugin_deactivated){
1100
+
1101
+ require_once (ABSPATH .'/wp-admin/includes/file.php');
1102
+
1103
+ $result = delete_plugins(array($plugin));
1104
+
1105
+ if($result && !is_wp_error($result)){
1106
+ die('OK');
1107
+ }else
1108
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_EXISTS', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''))));
1109
+ }else
1110
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1111
+ }else
1112
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1113
+ }
1114
+
1115
+ function apbct_rc__uninstall_plugin__check_deactivate(){
1116
+ global $apbct;
1117
+ $apbct->plugin_deactivated = true;
1118
+ }
1119
+
1120
+ function apbct_rc__update(){
1121
+
1122
+ //Upgrade params
1123
+ $plugin = 'cleantalk-spam-protect/cleantalk.php';
1124
+ $plugin_slug = 'cleantalk-spam-protect';
1125
+ $title = __('Update Plugin');
1126
+ $nonce = 'upgrade-plugin_' . $plugin;
1127
+ $url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
1128
+
1129
+ $prev_version = APBCT_VERSION;
1130
+
1131
+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1132
+ include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1133
+ include_once( ABSPATH . 'wp-admin/includes/file.php' );
1134
+ include_once( ABSPATH . 'wp-admin/includes/misc.php' );
1135
+
1136
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
1137
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
1138
+
1139
+ $upgrader = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin') ) );
1140
+ $upgrader->upgrade($plugin);
1141
+
1142
+ // Changing response UP_TO_DATE to OK
1143
+ if($upgrader->apbct_result === 'UP_TO_DATE')
1144
+ $upgrader->apbct_result = 'OK';
1145
+
1146
+ if($upgrader->apbct_result === 'OK'){
1147
+
1148
+ $result = activate_plugins( $plugin );
1149
+
1150
+ if(is_wp_error($result))
1151
+ die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1152
+
1153
+ $httpResponseCode = CleantalkHelper::http__request(get_option('siteurl'), array(), 'get_code');
1154
+
1155
+ if( strpos($httpResponseCode, '200') === false ){
1156
+
1157
+ // Rollback
1158
+ $rollback = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin_slug', 'prev_version') ) );
1159
+ $rollback->rollback($plugin);
1160
+
1161
+ $response = array(
1162
+ 'error' => 'BAD_HTTP_CODE',
1163
+ 'http_code' => $httpResponseCode,
1164
+ 'output' => substr(file_get_contents(get_option('siteurl')), 0, 900),
1165
+ 'rollback_result' => $rollback->apbct_result,
1166
+ );
1167
+
1168
+ die('FAIL '.json_encode($response));
1169
+ }
1170
+
1171
+ $plugin_data = get_plugin_data(__FILE__);
1172
+ $apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
1173
+ ct_send_feedback('0:' . $apbct_agent);
1174
+
1175
+ die('OK '.json_encode(array('agent' => $apbct_agent)));
1176
+
1177
+ }else{
1178
+ die('FAIL '. json_encode(array('error' => $upgrader->apbct_result)));
1179
+ }
1180
+ }
1181
+
1182
+ function apbct_rc__update_settings($source) {
1183
+
1184
+ global $apbct;
1185
+
1186
+ foreach($apbct->def_settings as $setting => $def_value){
1187
+ if(array_key_exists($setting, $source)){
1188
+ $var = $source[$setting];
1189
+ $type = gettype($def_value);
1190
+ settype($var, $type);
1191
+ if($type == 'string')
1192
+ $var = preg_replace(array('/=/', '/`/'), '', $var);
1193
+ $apbct->settings[$setting] = $var;
1194
+ }
1195
+ }
1196
+
1197
+ $apbct->save('settings');
1198
+
1199
+ return true;
1200
+ }
1201
+
1202
+ function apbct_rc__insert_auth_key($key, $plugin){
1203
+
1204
+ global $apbct;
1205
+
1206
+ if($plugin === 'security-malware-firewall/security-malware-firewall.php'){
1207
+
1208
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1209
+
1210
+ if(is_plugin_active( $plugin )){
1211
+
1212
+ $key = trim($key);
1213
+
1214
+ if($key && preg_match('/^[a-z\d]{3,15}$/', $key)){
1215
+
1216
+ $result = CleantalkAPI::method__notice_paid_till(
1217
+ $key,
1218
+ preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1) // Site URL
1219
+ );
1220
+
1221
+ if( empty( $result['error'] ) ) {
1222
+
1223
+ if( $result['valid'] ){
1224
+
1225
+ // Set account params
1226
+ $data = get_option('spbc_data', array());
1227
+ $data['user_token'] = $result['user_token'];
1228
+ $data['notice_show'] = $result['show_notice'];
1229
+ $data['notice_renew'] = $result['renew'];
1230
+ $data['notice_trial'] = $result['trial'];
1231
+ $data['auto_update_app'] = isset($result['show_auto_update_notice']) ? $result['show_auto_update_notice'] : 0;
1232
+ $data['service_id'] = $result['service_id'];
1233
+ $data['moderate'] = $result['moderate'];
1234
+ $data['auto_update_app '] = isset($result['auto_update_app']) ? $result['auto_update_app'] : 0;
1235
+ $data['license_trial'] = isset($result['license_trial']) ? $result['license_trial'] : 0;
1236
+ $data['account_name_ob'] = isset($result['account_name_ob']) ? $result['account_name_ob'] : '';
1237
+ $data['key_is_ok'] = true;
1238
+ update_option('spbc_data', $data);
1239
+
1240
+ // Set key
1241
+ $settings = get_option('spbc_settings', array());
1242
+ $settings['spbc_key'] = $key;
1243
+ update_option('spbc_settings', $settings);
1244
+
1245
+ return 'OK';
1246
+ }else
1247
+ return array('error' => array('KEY_IS_NOT_VALID'));
1248
+ }else
1249
+ return array('error' => $result);
1250
+ }else
1251
+ return array('error' => 'KEY_IS_NOT_CORRECT');
1252
+ }else
1253
+ return array('error' => 'PLUGIN_IS_NOT_ACTIVE_OR_NOT_INSTALLED');
1254
+ }else
1255
+ return array('error' => 'PLUGIN_SLUG_INCORRECT');
1256
+ }
1257
+
1258
+ function cleantalk_get_brief_data(){
1259
+
1260
+ global $apbct;
1261
+
1262
+ $apbct->data['brief_data'] = CleantalkAPI::method__get_antispam_report_breif($apbct->api_key);
1263
+ $apbct->saveData();
1264
+
1265
+ return;
1266
+ }
1267
+
1268
+ //Delete cookie for admin trial notice
1269
+ function apbct__hook__wp_logout__delete_trial_notice_cookie(){
1270
+ if(!headers_sent())
1271
+ setcookie('ct_trial_banner_closed', '', time()-3600);
1272
+ }
1273
+
1274
+ function apbct_alt_session__id__get(){
1275
+ $id = CleantalkHelper::ip__get(array('real'))
1276
+ .filter_input(INPUT_SERVER, 'HTTP_USER_AGENT')
1277
+ //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT') // Could be different. Broke session id
1278
+ .filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE');
1279
+ //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT_ENCODING'); // Could be different. Broke session id
1280
+ return hash('sha256', $id);
1281
+ }
1282
+
1283
+ function apbct_alt_sessions__remove_old(){
1284
+ if(rand(0, 1000) < APBCT_SEESION__CHANCE_TO_CLEAN){
1285
+ global $wpdb;
1286
+ $wpdb->query(
1287
+ 'DELETE
1288
+ FROM `'. APBCT_TBL_SESSIONS .'`
1289
+ WHERE last_update < NOW() - INTERVAL '. APBCT_SEESION__LIVE_TIME .' SECOND
1290
+ LIMIT 100000;'
1291
+ );
1292
+ }
1293
+ }
1294
+
1295
+ function apbct_alt_session__save($name, $value){
1296
+
1297
+ global $wpdb;
1298
+
1299
+ $session_id = apbct_alt_session__id__get();
1300
+
1301
+ $wpdb->query(
1302
+ $wpdb->prepare(
1303
+ 'INSERT INTO '. APBCT_TBL_SESSIONS .'
1304
+ (id, name, value, last_update)
1305
+ VALUES (%s, %s, %s, %s)
1306
+ ON DUPLICATE KEY UPDATE
1307
+ value = %s,
1308
+ last_update = %s',
1309
+ $session_id, $name, $value, date('Y-m-d H:i:s'), $value, date('Y-m-d H:i:s')
1310
+ )
1311
+ );
1312
+
1313
+ }
1314
+
1315
+ function apbct_alt_session__get($name){
1316
+ global $wpdb;
1317
+ $session_id = apbct_alt_session__id__get();
1318
+ $result = $wpdb->get_row(
1319
+ $wpdb->prepare(
1320
+ 'SELECT value
1321
+ FROM `'. APBCT_TBL_SESSIONS .'`
1322
+ WHERE id = %s AND name = %s;',
1323
+ $session_id, $name
1324
+ ),
1325
+ OBJECT
1326
+ );
1327
+
1328
+ $result = isset($result->value)
1329
+ ? strpos($result->value, '{') === 0
1330
+ ? (array)json_decode($result->value, true) // JSON
1331
+ : $result->value
1332
+ : false;
1333
+
1334
+ return $result ? $result : null;
1335
+ }
1336
+
1337
+ function apbct_store__urls(){
1338
+
1339
+ global $apbct;
1340
+
1341
+ if($apbct->settings['store_urls'] && empty($apbct->flags__url_stored) && !headers_sent()){
1342
+
1343
+ // URLs HISTORY
1344
+ // Get current url
1345
+ $current_url = filter_input(INPUT_SERVER, 'HTTP_HOST').filter_input(INPUT_SERVER, 'REQUEST_URI');
1346
+ $current_url = $current_url ? substr($current_url, 0,256) : 'UNKNOWN';
1347
+
1348
+ // Get already stored URLs
1349
+ $urls = $apbct->settings['store_urls__sessions']
1350
+ ? (array)apbct_alt_session__get('apbct_urls')
1351
+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
1352
+
1353
+ $urls[$current_url][] = time();
1354
+
1355
+ // Rotating. Saving only latest 10
1356
+ $urls[$current_url] = count($urls[$current_url]) > 10 ? array_slice($urls[$current_url], 1, 10) : $urls[$current_url];
1357
+ $urls = count($urls) > 10 ? array_slice($urls, 1, 10) : $urls;
1358
+
1359
+ // Saving
1360
+ $apbct->settings['store_urls__sessions']
1361
+ ? apbct_alt_session__save('apbct_urls', json_encode($urls))
1362
+ : setcookie('apbct_urls', json_encode($urls), time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1363
+
1364
+ // REFERER
1365
+ // Get current fererer
1366
+ $new_site_referer = filter_input(INPUT_SERVER, 'HTTP_REFERER');
1367
+ $new_site_referer = $new_site_referer ? $new_site_referer : 'UNKNOWN';
1368
+
1369
+ // Get already stored referer
1370
+ $site_referer = $apbct->settings['store_urls__sessions']
1371
+ ? apbct_alt_session__get('apbct_site_referer')
1372
+ : filter_input(INPUT_COOKIE, 'apbct_site_referer');
1373
+
1374
+ // Save if empty
1375
+ if(!$site_referer || parse_url($new_site_referer, PHP_URL_HOST) !== filter_input(INPUT_SERVER, 'HTTP_HOST')){
1376
+
1377
+ $apbct->settings['store_urls__sessions']
1378
+ ? apbct_alt_session__save('apbct_site_referer', $new_site_referer)
1379
+ : setcookie('apbct_site_referer', $new_site_referer, time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1380
+ }
1381
+
1382
+ $apbct->flags__url_stored = true;
1383
+
1384
+ }
1385
+ }
1386
+
1387
+ /*
1388
+ * Set Cookies test for cookie test
1389
+ * Sets cookies with pararms timestamp && landing_timestamp && pervious_referer
1390
+ * Sets test cookie with all other cookies
1391
+ */
1392
+ function apbct_cookie(){
1393
+
1394
+ global $apbct;
1395
+
1396
+ if($apbct->settings['store_urls__sessions'] || $apbct->settings['set_cookies__sessions'])
1397
+ apbct_alt_sessions__remove_old();
1398
+
1399
+ if(
1400
+ empty($apbct->settings['set_cookies']) || // Do not set cookies if option is disabled (for Varnish cache).
1401
+ !empty($apbct->flags__cookies_setuped) || // Cookies already set
1402
+ !empty($apbct->headers_sent) // Headers sent
1403
+ )
1404
+ return false;
1405
+
1406
+ // Prevent headers sent error
1407
+ if(headers_sent($file, $line)){
1408
+ $apbct->headers_sent = true;
1409
+ $apbct->headers_sent__hook = current_action();
1410
+ $apbct->headers_sent__where = $file.':'.$line;
1411
+ return false;
1412
+ }
1413
+
1414
+
1415
+ // Cookie names to validate
1416
+ $cookie_test_value = array(
1417
+ 'cookies_names' => array(),
1418
+ 'check_value' => $apbct->api_key,
1419
+ );
1420
+
1421
+ $domain = parse_url(get_option('siteurl'),PHP_URL_HOST);
1422
+
1423
+ // Submit time
1424
+ if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
1425
+ $apbct_timestamp = time();
1426
+ $apbct->settings['set_cookies__sessions']
1427
+ ? apbct_alt_session__save('apbct_timestamp', $apbct_timestamp)
1428
+ : setcookie('apbct_timestamp', $apbct_timestamp, 0, '/', $domain, false, true);
1429
+ $cookie_test_value['cookies_names'][] = 'apbct_timestamp';
1430
+ $cookie_test_value['check_value'] .= $apbct_timestamp;
1431
+ }
1432
+
1433
+ // Pervious referer
1434
+ if(!empty($_SERVER['HTTP_REFERER'])){
1435
+ $apbct->settings['set_cookies__sessions']
1436
+ ? apbct_alt_session__save('apbct_prev_referer', $_SERVER['HTTP_REFERER'])
1437
+ : setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0, '/', $domain, false, true);
1438
+ $cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
1439
+ $cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
1440
+ }
1441
+
1442
+ // Landing time
1443
+ $site_landing_timestamp = $apbct->settings['set_cookies__sessions']
1444
+ ? apbct_alt_session__get('apbct_site_landing_ts')
1445
+ : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
1446
+ if(!$site_landing_timestamp){
1447
+ $site_landing_timestamp = time();
1448
+ $apbct->settings['set_cookies__sessions']
1449
+ ? apbct_alt_session__save('apbct_site_landing_ts', $site_landing_timestamp)
1450
+ : setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/', $domain, false, true);
1451
+ }
1452
+ $cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
1453
+ $cookie_test_value['check_value'] .= $site_landing_timestamp;
1454
+
1455
+ // Page hits
1456
+ // Get
1457
+ $page_hits = $apbct->settings['set_cookies__sessions']
1458
+ ? apbct_alt_session__get('apbct_page_hits')
1459
+ : filter_input(INPUT_COOKIE, 'apbct_page_hits');
1460
+ // Set / Increase
1461
+ $page_hits = intval($page_hits) ? $page_hits + 1 : 1;
1462
+
1463
+ $apbct->settings['set_cookies__sessions']
1464
+ ? apbct_alt_session__save('apbct_page_hits', $page_hits)
1465
+ : setcookie('apbct_page_hits', $page_hits, 0, '/', $domain, false, true);
1466
+
1467
+ $cookie_test_value['cookies_names'][] = 'apbct_page_hits';
1468
+ $cookie_test_value['check_value'] .= $page_hits;
1469
+
1470
+ // Cookies test
1471
+ $cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
1472
+ if(!$apbct->settings['set_cookies__sessions'])
1473
+ setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/', $domain, false, true);
1474
+
1475
+ $apbct->flags__cookies_setuped = true;
1476
+
1477
+ }
1478
+
1479
+ /**
1480
+ * Cookies test for sender
1481
+ * Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES
1482
+ * @return null|0|1;
1483
+ */
1484
+ function apbct_cookies_test()
1485
+ {
1486
+ global $apbct;
1487
+
1488
+ if($apbct->settings['set_cookies__sessions'])
1489
+ return 1;
1490
+
1491
+ if(isset($_COOKIE['apbct_cookies_test'])){
1492
+
1493
+ $cookie_test = json_decode(urldecode($_COOKIE['apbct_cookies_test']),true);
1494
+
1495
+ if(!is_array($cookie_test))
1496
+ return 0;
1497
+
1498
+ $check_srting = $apbct->api_key;
1499
+ foreach($cookie_test['cookies_names'] as $cookie_name){
1500
+ $check_srting .= isset($_COOKIE[$cookie_name]) ? $_COOKIE[$cookie_name] : '';
1501
+ } unset($cookie_name);
1502
+
1503
+ if($cookie_test['check_value'] == md5($check_srting)){
1504
+ return 1;
1505
+ }else{
1506
+ return 0;
1507
+ }
1508
+ }else{
1509
+ return null;
1510
+ }
1511
+ }
1512
+
1513
+ function apbct_cookies__delete($cookie){
1514
+ if(isset($_COOKIE[$cookie]))
1515
+ setcookie($cookie, '', time()-3600);
1516
+ }
1517
+
1518
+ function apbct_cookies__delete_all(){
1519
+ if(count($_COOKIE)){
1520
+ foreach($_COOKIE as $key => $val){
1521
+ if(preg_match("/apbct_|ct_/", $key)){
1522
+ setcookie($key, '', time()-3600);
1523
+ }
1524
+ } unset($key, $val);
1525
+ }
1526
+ return false;
1527
+ }
1528
+
1529
+ /**
1530
+ * Gets submit time
1531
+ * Uses Cookies with check via apbct_cookies_test()
1532
+ * @return null|int;
1533
+ */
1534
+ function apbct_get_submit_time()
1535
+ {
1536
+ global $apbct;
1537
+ $apbct_timestamp = $apbct->settings['set_cookies__sessions']
1538
+ ? apbct_alt_session__get('apbct_timestamp')
1539
+ : filter_input(INPUT_COOKIE, 'apbct_timestamp');
1540
+ return apbct_cookies_test() == 1 ? time() - (int)$apbct_timestamp : null;
1541
+ }
1542
+
1543
+ /*
1544
+ * Inner function - Account status check
1545
+ * Scheduled in 1800 seconds for default!
1546
+ */
1547
+ function ct_account_status_check($api_key = null, $process_errors = true){
1548
+
1549
+ global $apbct;
1550
+
1551
+ $api_key = $api_key ? $api_key : $apbct->api_key;
1552
+ $result = CleantalkAPI::method__notice_paid_till(
1553
+ $api_key,
1554
+ preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1)
1555
+ );
1556
+
1557
+ if(empty($result['error']) || !empty($result['valid'])){
1558
+
1559
+ // Notices
1560
+ $apbct->data['notice_show'] = isset($result['show_notice']) ? (int)$result['show_notice'] : 0;
1561
+ $apbct->data['notice_renew'] = isset($result['renew']) ? (int)$result['renew'] : 0;
1562
+ $apbct->data['notice_trial'] = isset($result['trial']) ? (int)$result['trial'] : 0;
1563
+ $apbct->data['notice_review'] = isset($result['show_review']) ? (int)$result['show_review'] : 0;
1564
+ $apbct->data['notice_auto_update'] = isset($result['show_auto_update_notice']) ? (int)$result['show_auto_update_notice'] : 0;
1565
+
1566
+ // Other
1567
+ $apbct->data['service_id'] = isset($result['service_id']) ? (int)$result['service_id'] : 0;
1568
+ $apbct->data['valid'] = isset($result['valid']) ? (int)$result['valid'] : 0;
1569
+ $apbct->data['moderate'] = isset($result['moderate']) ? (int)$result['moderate'] : 0;
1570
+ $apbct->data['ip_license'] = isset($result['ip_license']) ? (int)$result['ip_license'] : 0;
1571
+ $apbct->data['moderate_ip'] = isset($result['moderate_ip'], $result['ip_license']) ? (int)$result['moderate_ip'] : 0;
1572
+ $apbct->data['spam_count'] = isset($result['spam_count']) ? (int)$result['spam_count'] : 0;
1573
+ $apbct->data['auto_update'] = isset($result['auto_update_app']) ? (int)$result['auto_update_app'] : 0;
1574
+ $apbct->data['user_token'] = isset($result['user_token']) ? (string)$result['user_token'] : '';
1575
+ $apbct->data['license_trial'] = isset($result['license_trial']) ? (int)$result['license_trial'] : 0;
1576
+ $apbct->data['account_name_ob'] = isset($result['account_name_ob']) ? (string)$result['account_name_ob'] : '';
1577
+
1578
+ if($apbct->data['notice_show'] == 1 && $apbct->data['notice_trial'] == 1)
1579
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 3600);
1580
+
1581
+ if($apbct->data['notice_show'] == 1 && $apbct->data['notice_renew'] == 1)
1582
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 1800);
1583
+
1584
+ if($apbct->data['notice_show'] == 0)
1585
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
1586
+
1587
+ $apbct->error_delete('account_check', 'save');
1588
+
1589
+ $apbct->saveData();
1590
+
1591
+ }elseif($process_errors){
1592
+ $apbct->error_add('account_check', $result);
1593
+ }
1594
+
1595
+ if(!empty($result['valid'])){
1596
+ $apbct->data['key_is_ok'] = true;
1597
+ $result = true;
1598
+ }else{
1599
+ $apbct->data['key_is_ok'] = false;
1600
+ $result = false;
1601
+ }
1602
+
1603
+ return $result;
1604
+ }
1605
+
1606
+ function ct_mail_send_connection_report() {
1607
+
1608
+ global $apbct;
1609
+
1610
+ if (($apbct->settings['send_connection_reports'] == 1 && $apbct->connection_reports['negative'] > 0) || !empty($_GET['ct_send_connection_report']))
1611
+ {
1612
+ $to = "welcome@cleantalk.org" ;
1613
+ $subject = "Connection report for ".$_SERVER['HTTP_HOST'];
1614
+ $message = '
1615
+ <html>
1616
+ <head>
1617
+ <title></title>
1618
+ </head>
1619
+ <body>
1620
+ <p>From '.$apbct->connection_reports['since'].' to '.date('d M').' has been made '.($apbct->connection_reports['success']+$apbct->connection_reports['negative']).' calls, where '.$apbct->connection_reports['success'].' were success and '.$apbct->connection_reports['negative'].' were negative</p>
1621
+ <p>Negative report:</p>
1622
+ <table> <tr>
1623
+ <td>&nbsp;</td>
1624
+ <td><b>Date</b></td>
1625
+ <td><b>Page URL</b></td>
1626
+ <td><b>Library report</b></td>
1627
+ <td><b>Server IP</b></td>
1628
+ </tr>
1629
+ ';
1630
+ foreach ($apbct->connection_reports['negative_report'] as $key => $report)
1631
+ {
1632
+ $message.= '<tr>'
1633
+ . '<td>'.($key+1).'.</td>'
1634
+ . '<td>'.$report['date'].'</td>'
1635
+ . '<td>'.$report['page_url'].'</td>'
1636
+ . '<td>'.$report['lib_report'].'</td>'
1637
+ . '<td>'.$report['work_url'].'</td>'
1638
+ . '</tr>';
1639
+ }
1640
+ $message.='</table></body></html>';
1641
+
1642
+ $headers = 'Content-type: text/html; charset=windows-1251 \r\n';
1643
+ $headers .= 'From: '.get_option('admin_email');
1644
+ mail($to, $subject, $message, $headers);
1645
+ }
1646
+
1647
+ $apbct->data['connection_reports'] = $apbct->def_data['connection_reports'];
1648
+ $apbct->data['connection_reports']['since'] = date('d M');
1649
+ $apbct->saveData();
1650
+ }
1651
+
1652
+ //* Write $message to the plugin's debug option
1653
+ function apbct_log($message = 'empty', $func = null, $params = array())
1654
+ {
1655
+ global $apbct;
1656
+
1657
+ $debug = get_option( APBCT_DEBUG );
1658
+
1659
+ $function = $func ? $func : '';
1660
+ $cron = in_array('cron', $params) ? true : false;
1661
+ $data = in_array('data', $params) ? true : false;
1662
+ $settings = in_array('settings', $params) ? true : false;
1663
+
1664
+ if(is_array($message) or is_object($message))
1665
+ $message = print_r($message, true);
1666
+
1667
+ if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
1668
+ if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1669
+ if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1670
+ if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1671
+
1672
+ update_option(APBCT_DEBUG, $debug);
1673
+ }
1674
+
1675
+ function apbct_sfw__delete_tables( $blog_id, $drop ) {
1676
+
1677
+ global $wpdb;
1678
+
1679
+ $initial_blog = get_current_blog_id();
1680
+
1681
+ switch_to_blog($blog_id);
1682
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
1683
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
1684
+
1685
+ switch_to_blog($initial_blog);
1686
+ }
1687
+
1688
+ /**
1689
+ * Is enable for user group
1690
+ *
1691
+ * @param WP_User $user
1692
+ *
1693
+ * @return boolean
1694
+ */
1695
+ function apbct_is_user_enable($user = null) {
1696
+
1697
+ global $current_user;
1698
+
1699
+ $user = !empty($user) ? $user : $current_user;
1700
+
1701
+ return apbct_is_user_role_in(array('administrator', 'editor', 'author'), $user)
1702
+ ? false
1703
+ : true;
1704
+ }
1705
+
1706
+ /**
1707
+ * Checks if the current user has role
1708
+ *
1709
+ * @param array $roles array of strings
1710
+ * @param int|string|WP_User|mixed $user User ID to check|user_login|WP_User
1711
+ *
1712
+ * @return boolean Does the user has this role|roles
1713
+ */
1714
+ function apbct_is_user_role_in( $roles, $user = false ){
1715
+
1716
+ if( is_numeric($user) && function_exists('get_userdata')) $user = get_userdata( $user );
1717
+ if( is_string($user) && function_exists('get_user_by')) $user = get_user_by('login', $user );
1718
+ if( ! $user && function_exists('wp_get_current_user')) $user = wp_get_current_user();
1719
+ if( ! $user ) $user = apbct_wp_get_current_user();
1720
+
1721
+ if( empty($user->ID) )
1722
+ return false;
1723
+
1724
+ foreach( (array) $roles as $role ){
1725
+ if( isset($user->caps[ strtolower($role) ]) || in_array(strtolower($role), $user->roles) )
1726
+ return true;
1727
+ }
1728
+
1729
+ return false;
1730
+ }
1731
+
1732
+ /**
1733
+ * Update and rotate statistics with requests exection time
1734
+ *
1735
+ * @param $exec_time
1736
+ */
1737
+ function apbct_statistics__rotate($exec_time){
1738
+
1739
+ global $apbct;
1740
+
1741
+ // Delete old stats
1742
+ if(min(array_keys($apbct->stats['requests'])) < time() - (86400 * 7))
1743
+ unset($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]);
1744
+
1745
+ // Create new if newest older than 1 day
1746
+ if(empty($apbct->stats['requests']) || max(array_keys($apbct->stats['requests'])) < time() - (86400 * 1))
1747
+ $apbct->stats['requests'][time()] = array('amount' => 0, 'average_time' => 0);
1748
+
1749
+ // Update all existing stats
1750
+ foreach($apbct->stats['requests'] as &$weak_stat){
1751
+ $weak_stat['average_time'] = ($weak_stat['average_time'] * $weak_stat['amount'] + $exec_time) / ++$weak_stat['amount'];
1752
+ }
1753
+
1754
+ $apbct->save('stats');
1755
+ }
1756
+
1757
+ /**
1758
+ * Runs update actions for new version.
1759
+ *
1760
+ * @global CleantalkState $apbct
1761
+ */
1762
+ function apbct_update_actions(){
1763
+
1764
+ global $apbct;
1765
+
1766
+ // Update logic
1767
+ if($apbct->plugin_version != APBCT_VERSION){
1768
+
1769
+ // Main blog
1770
+ if(is_main_site()){
1771
+
1772
+ require_once(CLEANTALK_PLUGIN_DIR.'inc/cleantalk-updater.php');
1773
+
1774
+ $result = apbct_run_update_actions($apbct->plugin_version, APBCT_VERSION);
1775
+ //If update is successfull
1776
+ if($result === true){
1777
+ $apbct->data['plugin_version'] = APBCT_VERSION;
1778
+ $apbct->saveData();
1779
+ }
1780
+ ct_send_feedback('0:' . APBCT_AGENT ); // Send feedback to let cloud know about updated version.
1781
+
1782
+ // Side blogs
1783
+ }else{
1784
+ $apbct->data['plugin_version'] = APBCT_VERSION;
1785
+ $apbct->saveData();
1786
+ }
1787
+ }
1788
+
1789
  }
css/cleantalk-admin-settings-page.min.css CHANGED
@@ -1 +1 @@
1
- #apbctTopWarning{margin-bottom:5px}#apbctTopWarning h3{margin:10px 0 5px}#apbctTopWarning h4{margin:10px}#apbctTopWarning h4 span{margin-top:5px}.apbct_settings-subtitle{position:relative;top:-15px;margin:0}.apbct_settings-field_wrapper{margin:15px 0}.apbct_settings-field_wrapper--sub{margin-left:30px!important}.apbct_settings__label{margin-right:10px;font-size:17px;vertical-align:text-bottom}.apbct_settings-field_content{display:inline-block}.apbct_settings-field_content--radio{width:70%}.apbct_settings-field_title--radio{display:inline-block;margin:0;width:210px;padding-right:10px;font-size:14px;vertical-align:top}.apbct_input_text{min-width:255px}.apbct_input_text-width--500px{width:500px}.cleantalk_manual_link{border:0}.cleantalk_auto_link,.cleantalk_manual_link{text-decoration:none;font-size:13px;line-height:26px;margin:0;padding:0 10px 1px;cursor:pointer;border-width:1px;border-style:solid;-webkit-appearance:none;white-space:nowrap}.cleantalk_auto_link{background:#ccc;border-color:#999;-webkit-box-shadow:inset 0 1px 0 rgba(200,200,200,.5),0 1px 0 rgba(0,0,0,.15);box-shadow:inset 0 1px 0 rgba(200,200,200,.5),0 1px 0 rgba(0,0,0,.15);color:#000;display:inline-block;height:28px;-webkit-border-radius:2px;border-radius:2px;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.cleantalk_auto_link:hover{color:#fff}.cleantalk_manual_link{background:#2ea2cc;border-color:#0074a2;-webkit-box-shadow:inset 0 1px 0 rgba(120,200,230,.5),0 1px 0 rgba(0,0,0,.15);box-shadow:inset 0 1px 0 rgba(120,200,230,.5),0 1px 0 rgba(0,0,0,.15);color:#fff;display:inline-block;-webkit-border-radius:3px;border-radius:3px;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;text-align:center}.cleantalk_manual_link:hover{color:#000}.apbct_status_icon{vertical-align:text-bottom;margin:0 5px 0 8px}a.ct_support_link{color:#666;margin-right:.5em;font-size:10pt;font-weight:400}.ct-warning-test-failed{display:inline-block;position:relative;padding:5px;margin:4px;border:3px solid rgba(240,50,50,1);border-radius:5px;background-color:rgba(255,200,200,1)}.ct_settings_banner{text-align:right;display:inline-block;width:100%;margin:1em 0;vertical-align:top}#ct_translate_plugin{margin-left:0}.ct_rate_block{display:inline-block;width:370px;margin-right:3em;padding:.8em .8em 15px;text-align:center;border:1px dashed #666}#ct_translate_plugin .spbc_button_rate{margin-bottom:10px}
1
+ #apbctTopWarning{margin-bottom:5px}#apbctTopWarning h3{margin:10px 0 5px}#apbctTopWarning h4{margin:10px}#apbctTopWarning h4 span{margin-top:5px}.apbct_settings-subtitle{position:relative;top:-15px;margin:0}.apbct_settings-field_wrapper{margin:15px 0}.apbct_settings-field_wrapper--sub{margin-left:30px!important}.apbct_settings__label{margin-right:10px;font-size:17px;vertical-align:text-bottom}.apbct_settings-field_content{display:inline-block}.apbct_settings-field_content--radio{width:70%}.apbct_settings-field_title--radio{display:inline-block;margin:0;width:210px;padding-right:10px;font-size:14px;vertical-align:top}.apbct_input_text{min-width:255px}.apbct_input_text-width--500px{width:500px}.cleantalk_link{text-decoration:none;font-size:13px;line-height:26px;margin:0;padding:0 10px 1px;cursor:pointer;border-width:1px;border-style:solid;-webkit-appearance:none;white-space:nowrap;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.cleantalk_link-auto{background:#ccc;border-color:#999;-webkit-box-shadow:inset 0 1px 0 rgba(200,200,200,.5),0 1px 0 rgba(0,0,0,.15);box-shadow:inset 0 1px 0 rgba(200,200,200,.5),0 1px 0 rgba(0,0,0,.15);color:#000;display:inline-block;height:28px;-webkit-border-radius:2px;border-radius:2px}.cleantalk_link-auto:hover{color:#fff}.cleantalk_link-manual{background:#2ea2cc;border-color:#0074a2;-webkit-box-shadow:inset 0 1px 0 rgba(120,200,230,.5),0 1px 0 rgba(0,0,0,.15);box-shadow:inset 0 1px 0 rgba(120,200,230,.5),0 1px 0 rgba(0,0,0,.15);color:#fff;display:inline-block;-webkit-border-radius:3px;border-radius:3px;text-align:center}.cleantalk_link-manual:hover{color:#000}.apbct_status_icon{vertical-align:text-bottom;margin:0 5px 0 8px}a.ct_support_link{color:#666;margin-right:.5em;font-size:10pt;font-weight:400}.ct-warning-test-failed{display:inline-block;position:relative;padding:5px;margin:4px;border:3px solid rgba(240,50,50,1);border-radius:5px;background-color:rgba(255,200,200,1)}.ct_settings_banner{text-align:right;display:inline-block;width:100%;margin:1em 0;vertical-align:top}#ct_translate_plugin{margin-left:0}.ct_rate_block{display:inline-block;width:370px;margin-right:3em;padding:.8em .8em 15px;text-align:center;border:1px dashed #666}#ct_translate_plugin .spbc_button_rate{margin-bottom:10px}
css/cleantalk-admin.min.css CHANGED
@@ -1 +1 @@
1
- :disabled{cursor:not-allowed!important}.apbct_color--gray{color:gray}.apbct_display--none{display:none}.apbct_font-size--14pt{font-size:14pt}.ct_translate_links{color:rgba(150,150,20,1)}.ct_support_links{color:rgba(150,20,20,1)}.ct_faq_links{color:rgba(20,150,20,1)}.ct_setting_links{color:rgba(20,20,150,1)}.ct_translate_links:hover{color:rgba(210,210,20,1)!important}.ct_support_links:hover{color:rgba(250,20,20,1)!important}.ct_faq_links:hover{color:rgba(20,250,20,1)!important}.ct_setting_links:hover{color:rgba(20,20,250,1)!important}.ct_link_new_tab img{float:none!important;margin:0 2px;border:0}#negative_reports_table tr td{padding:7px 5px!important}#apbct_gdpr_open_modal:hover{cursor:pointer};
1
+ :disabled{cursor:not-allowed!important}.apbct_color--gray{color:gray}.apbct_display--none{display:none}.apbct_font-size--14pt{font-size:14pt}.ct_translate_links{color:rgba(150,150,20,1)}.ct_support_links{color:rgba(150,20,20,1)}.ct_faq_links{color:rgba(20,150,20,1)}.ct_setting_links{color:rgba(20,20,150,1)}.ct_translate_links:hover{color:rgba(210,210,20,1)!important}.ct_support_links:hover{color:rgba(250,20,20,1)!important}.ct_faq_links:hover{color:rgba(20,250,20,1)!important}.ct_setting_links:hover{color:rgba(20,20,250,1)!important}.ct_link_new_tab img{float:none!important;margin:0 2px;border:0}#negative_reports_table tr td{padding:7px 5px!important}#apbct_gdpr_open_modal:hover{cursor:pointer}
inc/classCleantalkAdmin.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+
4
+ class classCleantalkAdmin {
5
+
6
+ /**
7
+ * Flag: hooks was initiated or not
8
+ */
9
+ private static $launched = false;
10
+
11
+ /**
12
+ * Init method
13
+ * Launched once by 'init' wp hook
14
+ */
15
+ public static function init()
16
+ {
17
+
18
+ if ( ! self::$launched ) {
19
+ self::init_hooks();
20
+ }
21
+
22
+ }
23
+
24
+ /**
25
+ * Plugging Up WordPress hooks
26
+ * Contains native WP functionality and Integrations
27
+ */
28
+ private static function init_hooks()
29
+ {
30
+
31
+ self::$launched = true;
32
+
33
+ // Admin side hooks will be placed here
34
+ }
35
+
36
+ /**
37
+ * Methods accepted by public hooks in init_hooks()
38
+ * The methods have to be staic
39
+ */
40
+
41
+ }
inc/classCleantalkPublic.php ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+
4
+ class classCleantalkPublic {
5
+
6
+ /**
7
+ * Flag: hooks was initiated or not
8
+ */
9
+ private static $launched = false;
10
+
11
+ private static $apbct;
12
+
13
+ /**
14
+ * Init method
15
+ * Launched once by 'init' wp hook
16
+ */
17
+ public static function init()
18
+ {
19
+
20
+ if ( ! self::$launched ) {
21
+ self::init_hooks();
22
+ }
23
+
24
+ global $apbct;
25
+ self::$apbct = $apbct;
26
+
27
+ }
28
+
29
+ /**
30
+ * Plugging Up WordPress hooks
31
+ * Contains native WP functionality and Integrations
32
+ */
33
+ private static function init_hooks()
34
+ {
35
+
36
+ self::$launched = true;
37
+
38
+ // Public side hooks will be placed here
39
+
40
+ }
41
+
42
+ /**
43
+ * Methods accepted by public hooks in init_hooks()
44
+ * The methods have to be staic
45
+ */
46
+
47
+ }
inc/cleantalk-ajax.php CHANGED
@@ -1,710 +1,716 @@
1
- <?php
2
- global $cleantalk_hooked_actions;
3
-
4
- /*
5
- AJAX functions
6
- */
7
-
8
- //$cleantalk_ajax_actions_to_check - array for POST 'actions' we should check.
9
-
10
- $cleantalk_ajax_actions_to_check[] = 'qcf_validate_form'; //Quick Contact Form
11
- $cleantalk_ajax_actions_to_check[] = 'amoforms_submit'; //amoForms
12
-
13
- //cleantalk_hooked_actions[] - array for POST 'actions' which were direct hooked.
14
-
15
- $cleantalk_hooked_actions[] = 'rwp_ajax_action_rating'; //Don't check Reviewer plugin
16
-
17
- $cleantalk_hooked_actions[] = 'ct_feedback_comment';
18
-
19
- /* MailChimp Premium*/
20
- add_filter('mc4wp_form_errors', 'ct_mc4wp_ajax_hook');
21
-
22
- /*hooks for Usernoise Form*/
23
- add_action('un_feedback_form_body', 'ct_add_hidden_fields',1);
24
- add_filter('un_validate_feedback', 'ct_ajax_hook', 1, 2);
25
-
26
- /*hooks for AJAX Login & Register email validation*/
27
- add_action( 'wp_ajax_nopriv_validate_email', 'ct_validate_email_ajaxlogin',1 );
28
- add_action( 'wp_ajax_validate_email', 'ct_validate_email_ajaxlogin',1 );
29
- $cleantalk_hooked_actions[]='validate_email';
30
-
31
- /*hooks for user registration*/
32
- add_action( 'user_register', 'ct_user_register_ajaxlogin',1 );
33
-
34
- /*hooks for WPUF pro */
35
- //add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
36
- //add_action( 'wp_ajax_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
37
- add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_ajax_hook',1 );
38
- add_action( 'wp_ajax_wpuf_submit_register', 'ct_ajax_hook',1 );
39
- $cleantalk_hooked_actions[]='submit_register';
40
-
41
- /*hooks for MyMail */
42
- //add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_mymail_form_submit',1 );
43
- //add_action( 'wp_ajax_mymail_form_submit', 'ct_mymail_form_submit',1 );
44
- add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_ajax_hook',1 );
45
- add_action( 'wp_ajax_mymail_form_submit', 'ct_ajax_hook',1 );
46
- $cleantalk_hooked_actions[]='form_submit';
47
-
48
- /*hooks for MailPoet */
49
- //add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_wysija_ajax',1 );
50
- //add_action( 'wp_ajax_wysija_ajax', 'ct_wysija_ajax',1 );
51
- add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_ajax_hook',1 );
52
- add_action( 'wp_ajax_wysija_ajax', 'ct_ajax_hook',1 );
53
- $cleantalk_hooked_actions[]='wysija_ajax';
54
-
55
- /*hooks for cs_registration_validation */
56
- //add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_cs_registration_validation',1 );
57
- //add_action( 'wp_ajax_cs_registration_validation', 'ct_cs_registration_validation',1 );
58
- add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_ajax_hook',1 );
59
- add_action( 'wp_ajax_cs_registration_validation', 'ct_ajax_hook',1 );
60
- $cleantalk_hooked_actions[]='cs_registration_validation';
61
-
62
- /*hooks for send_message and request_appointment */
63
- //add_action( 'wp_ajax_nopriv_send_message', 'ct_sm_ra',1 );
64
- //add_action( 'wp_ajax_send_message', 'ct_sm_ra',1 );
65
- //add_action( 'wp_ajax_nopriv_request_appointment', 'ct_sm_ra',1 );
66
- //add_action( 'wp_ajax_request_appointment', 'ct_sm_ra',1 );
67
- add_action( 'wp_ajax_nopriv_send_message', 'ct_ajax_hook',1 );
68
- add_action( 'wp_ajax_send_message', 'ct_ajax_hook',1 );
69
- add_action( 'wp_ajax_nopriv_request_appointment', 'ct_ajax_hook',1 );
70
- add_action( 'wp_ajax_request_appointment', 'ct_ajax_hook',1 );
71
- $cleantalk_hooked_actions[]='send_message';
72
- $cleantalk_hooked_actions[]='request_appointment';
73
-
74
- /*hooks for zn_do_login */
75
- //add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_zn_do_login',1 );
76
- //add_action( 'wp_ajax_zn_do_login', 'ct_zn_do_login',1 );
77
- add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_ajax_hook',1 );
78
- add_action( 'wp_ajax_zn_do_login', 'ct_ajax_hook',1 );
79
- $cleantalk_hooked_actions[]='zn_do_login';
80
-
81
- /*hooks for zn_do_login */
82
- //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_cscf_submitform',1 );
83
- //add_action( 'wp_ajax_cscf-submitform', 'ct_cscf_submitform',1 );
84
- if(isset($_POST['action']) && $_POST['action'] == 'cscf-submitform'){
85
- add_filter('preprocess_comment', 'ct_ajax_hook', 1);
86
- //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_ajax_hook',1 );
87
- //add_action( 'wp_ajax_cscf-submitform', 'ct_ajax_hook',1 );
88
- $cleantalk_hooked_actions[]='cscf-submitform';
89
- }
90
-
91
-
92
- /*hooks for visual form builder */
93
- //add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_vfb_submit',1 );
94
- //add_action( 'wp_ajax_vfb_submit', 'ct_vfb_submit',1 );
95
- add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_ajax_hook',1 );
96
- add_action( 'wp_ajax_vfb_submit', 'ct_ajax_hook',1 );
97
- $cleantalk_hooked_actions[]='vfb_submit';
98
-
99
- /*hooks for woocommerce_checkout*/
100
- add_action( 'wp_ajax_nopriv_woocommerce_checkout', 'ct_ajax_hook',1 );
101
- add_action( 'wp_ajax_woocommerce_checkout', 'ct_ajax_hook',1 );
102
- $cleantalk_hooked_actions[]='woocommerce_checkout';
103
-
104
- /*hooks for frm_action*/
105
- add_action( 'wp_ajax_nopriv_frm_entries_create', 'ct_ajax_hook',1 );
106
- add_action( 'wp_ajax_frm_entries_create', 'ct_ajax_hook',1 );
107
- $cleantalk_hooked_actions[]='frm_entries_create';
108
-
109
- add_action( 'wp_ajax_nopriv_td_mod_register', 'ct_ajax_hook',1 );
110
- add_action( 'wp_ajax_td_mod_register', 'ct_ajax_hook',1 );
111
- $cleantalk_hooked_actions[]='td_mod_register';
112
-
113
- /*hooks for tevolution theme*/
114
- add_action( 'wp_ajax_nopriv_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
115
- add_action( 'wp_ajax_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
116
- add_action( 'wp_ajax_nopriv_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
117
- add_action( 'wp_ajax_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
118
- add_action( 'wp_ajax_nopriv_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
119
- add_action( 'wp_ajax_tmpl_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
120
- $cleantalk_hooked_actions[]='tmpl_ajax_check_user_email';
121
- $cleantalk_hooked_actions[]='tevolution_submit_from_preview';
122
- $cleantalk_hooked_actions[]='submit_form_recaptcha_validation';
123
-
124
- /* hooks for contact forms by web settler ajax*/
125
- add_action( 'wp_ajax_nopriv_smuzform-storage', 'ct_ajax_hook',1 );
126
- $cleantalk_hooked_actions[]='smuzform_form_submit';
127
-
128
- /* hooks for reviewer plugin*/
129
- add_action( 'wp_ajax_nopriv_rwp_ajax_action_rating', 'ct_ajax_hook',1 );
130
- $cleantalk_hooked_actions[]='rwp-submit-wrap';
131
-
132
- $cleantalk_hooked_actions[]='post_update';
133
-
134
- /* Ninja Forms hoocked actions */
135
- $cleantalk_hooked_actions[]='ninja_forms_ajax_submit';
136
- $cleantalk_hooked_actions[]='nf_ajax_submit';
137
- $cleantalk_hooked_actions[]='ninja_forms_process'; // Depricated ?
138
-
139
- /* Follow-Up Emails */
140
- $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
141
-
142
- /* Follow-Up Emails */
143
- $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
144
-
145
- function ct_validate_email_ajaxlogin($email=null, $is_ajax=true){
146
-
147
- require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-public.php');
148
-
149
- $email = is_null( $email ) ? $email : $_POST['email'];
150
- $email = sanitize_email($email);
151
- $is_good = !filter_var($email, FILTER_VALIDATE_EMAIL) || email_exists($email) ? false : true;
152
-
153
- if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='validate_email'){
154
-
155
- $checkjs = apbct_js_test('ct_checkjs', $_POST);
156
- $sender_info['post_checkjs_passed'] = $checkjs;
157
- if ($checkjs === null){
158
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
159
- $sender_info['cookie_checkjs_passed'] = $checkjs;
160
- }
161
-
162
- //Making a call
163
- $base_call_result = apbct_base_call(
164
- array(
165
- 'sender_email' => $email,
166
- 'sender_nickname' => '',
167
- 'sender_info' => $sender_info,
168
- 'js_on' => $checkjs,
169
- ),
170
- true
171
- );
172
-
173
- $ct_result = $base_call_result['ct_result'];
174
-
175
- if ($ct_result->allow===0){
176
- $is_good=false;
177
- }
178
- }
179
-
180
- if($is_good){
181
- $ajaxresult=array(
182
- 'description' => null,
183
- 'cssClass' => 'noon',
184
- 'code' => 'success'
185
- );
186
- }else{
187
- $ajaxresult=array(
188
- 'description' => 'Invalid Email',
189
- 'cssClass' => 'error-container',
190
- 'code' => 'error'
191
- );
192
- }
193
-
194
- $ajaxresult = json_encode($ajaxresult);
195
- print $ajaxresult;
196
- wp_die();
197
- }
198
-
199
- function ct_user_register_ajaxlogin($user_id)
200
- {
201
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
202
-
203
- if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='register_submit')
204
- {
205
-
206
- $checkjs = apbct_js_test('ct_checkjs', $_POST);
207
- $sender_info['post_checkjs_passed'] = $checkjs;
208
- if ($checkjs === null){
209
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
210
- $sender_info['cookie_checkjs_passed'] = $checkjs;
211
- }
212
-
213
- //Making a call
214
- $base_call_result = apbct_base_call(
215
- array(
216
- 'sender_email' => sanitize_email($_POST['email']),
217
- 'sender_nickname' => sanitize_email($_POST['login']),
218
- 'sender_info' => $sender_info,
219
- 'js_on' => $checkjs,
220
- ),
221
- true
222
- );
223
-
224
- $ct_result = $base_call_result['ct_result'];
225
-
226
- if ($ct_result->allow === 0)
227
- {
228
- wp_delete_user($user_id);
229
- }
230
- }
231
- return $user_id;
232
- }
233
-
234
- /**
235
- * Hook into MailChimp for WordPress `mc4wp_form_errors` filter.
236
- *
237
- * @param array $errors
238
- * @return array
239
- */
240
- function ct_mc4wp_ajax_hook( array $errors )
241
- {
242
- $result = ct_ajax_hook();
243
-
244
- // only return modified errors array when function returned a string value (the message key)
245
- if( is_string( $result ) ) {
246
- $errors[] = $result;
247
- }
248
-
249
- return $errors;
250
- }
251
-
252
- function ct_ajax_hook($message_obj = false, $additional = false)
253
- {
254
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
255
-
256
- global $apbct, $current_user;
257
-
258
- $message_obj = (array)$message_obj;
259
-
260
- // Get current_user and set it globaly
261
- apbct_wp_set_current_user($current_user instanceof WP_User ? $current_user : apbct_wp_get_current_user() );
262
-
263
- // Go out because of not spam data
264
- $skip_post = array(
265
- 'gmaps_display_info_window', // Geo My WP pop-up windows.
266
- 'gmw_ps_display_info_window', // Geo My WP pop-up windows.
267
- 'the_champ_user_auth', // Super Socializer
268
- 'simbatfa-init-otp', //Two-Factor Auth
269
- 'wppb_msf_check_required_fields', //ProfileBuilder skip step checking
270
- 'boss_we_login', //Login form
271
- 'sidebar_login_process', // Login CF7
272
- 'cp_update_style_settings', // Convert Pro. Saving settings
273
- 'updraft_savesettings', // UpdraftPlus
274
- 'wpdUpdateAutomatically', //Comments update
275
- 'upload-attachment', // Skip ulpload attachments
276
- 'iwj_update_profile', //Skip profile page checker
277
- 'st_partner_create_service', //Skip add hotel via admin
278
- 'vp_ajax_vpt_option_save', // https://themeforest.net/item/motor-vehicles-parts-equipments-accessories-wordpress-woocommerce-theme/16829946
279
- 'mailster_send_test', //Mailster send test admin
280
- 'acf/validate_save_post', //ACF validate post admin
281
- 'admin:saveThemeOptions', //Ait-theme admin checking
282
- 'save_tourmaster_option', //Tourmaster admin save
283
- 'validate_register_email', // Service id #313320
284
- 'elementor_pro_forms_send_form', //Elementor Pro
285
- 'phone-orders-for-woocommerce', //Phone orders for woocommerce backend
286
- 'ihc_check_reg_field_ajax', //Ajax check required fields
287
- 'OSTC_lostPassword', //Lost password ajax form
288
- );
289
-
290
- // Skip test if
291
- if( !$apbct->settings['general_contact_forms_test'] || // Test disabled
292
- !apbct_is_user_enable($apbct->user) || // User is admin, editor, author
293
- // (function_exists('get_current_user_id') && get_current_user_id() != 0) || // Check with default wp_* function if it's admin
294
- ($apbct->settings['protect_logged_in'] && ($apbct->user instanceof WP_User) && $apbct->user->ID !== 0 ) || // Logged in user
295
- check_url_exclusions() || // url exclusions
296
- (isset($_POST['action']) && in_array($_POST['action'], $skip_post)) || // Special params
297
- (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
298
- isset($_POST['quform_submit']) || //QForms multi-paged form skip
299
- // QAEngine Theme fix
300
- ( strval(current_action()) != 'et_pre_insert_answer' &&
301
- (
302
- (isset($message_obj['author']) && intval($message_obj['author']) == 0) ||
303
- (isset($message_obj['post_author']) && intval($message_obj['post_author']) == 0)
304
- )
305
- )
306
- )
307
- {
308
- return false;
309
- }
310
-
311
- //General post_info for all ajax calls
312
- $post_info = array('comment_type' => 'feedback_ajax');
313
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
314
-
315
- if(isset($_POST['user_login']))
316
- $sender_nickname = $_POST['user_login'];
317
- else
318
- $sender_nickname = '';
319
-
320
- //QAEngine Theme answers
321
- if( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
322
- $curr_user = get_user_by('id', $message_obj['author']);
323
- if (!$curr_user)
324
- $curr_user = get_user_by('id', $message_obj['post_author']);
325
- $ct_post_temp['comment'] = $message_obj['post_content'];
326
- $ct_post_temp['email'] = $curr_user->data->user_email;
327
- $ct_post_temp['name'] = $curr_user->data->user_login;
328
- }
329
-
330
- //CSCF fix
331
- if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform'){
332
- $ct_post_temp[] = $message_obj['comment_author'];
333
- $ct_post_temp[] = $message_obj['comment_author_email'];
334
- $ct_post_temp[] = $message_obj['comment_content'];
335
- }
336
-
337
- //??? fix
338
- if(isset($_POST['action'], $_POST['target']) && ($_POST['action']=='request_appointment'||$_POST['action']=='send_message')){
339
- $ct_post_temp=$_POST;
340
- $ct_post_temp['target']=1;
341
- }
342
-
343
- //UserPro fix
344
- if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register'){
345
- $ct_post_temp = $_POST;
346
- $ct_post_temp['shortcode'] = '';
347
- }
348
- //Reviewer fix
349
- if(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
350
- {
351
- $ct_post_temp['name'] = $_POST['user_name'];
352
- $ct_post_temp['email'] = $_POST['user_email'];
353
- $ct_post_temp['comment'] = $_POST['comment'];
354
- }
355
- //Woocommerce checkout
356
- if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout'){
357
- $post_info['comment_type'] = 'order';
358
- }
359
- //Easy Forms for Mailchimp
360
- if( isset($_POST['action']) && $_POST['action']=='process_form_submission' ){
361
- $post_info['comment_type'] = 'contact_enquire_wordpress_easy_forms_for_mailchimp';
362
- if( isset($_POST['form_data']) ) {
363
- $form_data = explode( '&', $_POST['form_data'] );
364
- $form_data_arr = array();
365
- foreach ( $form_data as $val ) {
366
- $form_data_element = explode( '=', $val );
367
- $form_data_arr[$form_data_element[0]] = @$form_data_element[1];
368
- }
369
- if( isset( $form_data_arr['EMAIL'] ) ) {
370
- $ct_post_temp['email'] = $form_data_arr['EMAIL'];
371
- }
372
- }
373
- }
374
-
375
- $ct_temp_msg_data = isset($ct_post_temp)
376
- ? ct_get_fields_any($ct_post_temp)
377
- : ct_get_fields_any($_POST);
378
-
379
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
380
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
381
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
382
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
383
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
384
- if($subject != '') {
385
- $message['subject'] = $subject;
386
- }
387
-
388
- // Skip submission if no data found
389
- if ($sender_email === ''|| !$contact_form)
390
- return false;
391
-
392
- // Mailpoet fix
393
- if (isset($message['wysijaData'], $message['wysijaplugin'], $message['task'], $message['controller']) && $message['wysijaplugin'] == 'wysija-newsletters' && $message['controller'] == 'campaigns')
394
- return false;
395
- // Mailpoet3 admin skip fix
396
- if (isset($_POST['action'], $_POST['method']) && $_POST['action'] == 'mailpoet' && $_POST['method'] =='save')
397
- return false;
398
-
399
- // WP Foto Vote Fix
400
- if (!empty($_FILES)){
401
- foreach($message as $key => $value){
402
- if(strpos($key, 'oje') !== false)
403
- return;
404
- } unset($key ,$value);
405
- }
406
-
407
- /**
408
- * @todo Contact form detect
409
- */
410
- // Detect contact form an set it's name to $contact_form to use later
411
- $contact_form = null;
412
- foreach($_POST as $param => $value){
413
- if(strpos($param, 'et_pb_contactform_submit') === 0){
414
- $contact_form = 'contact_form_divi_theme';
415
- $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
416
- }
417
- if(strpos($param, 'avia_generated_form') === 0){
418
- $contact_form = 'contact_form_enfold_theme';
419
- $contact_form_additional = str_replace('avia_generated_form', '', $param);
420
- }
421
- if(!empty($contact_form))
422
- break;
423
- }
424
-
425
- $base_call_result = apbct_base_call(
426
- array(
427
- 'message' => $message,
428
- 'sender_email' => $sender_email,
429
- 'sender_nickname' => $sender_nickname,
430
- 'sender_info' => array('post_checkjs_passed' => $checkjs),
431
- 'post_info' => $post_info,
432
- 'js_on' => $checkjs,
433
- )
434
- );
435
- $ct_result = $base_call_result['ct_result'];
436
-
437
- if ($ct_result->allow == 0)
438
- {
439
- if(isset($_POST['action']) && $_POST['action']=='wpuf_submit_register'){
440
- $result=Array('success'=>false,'error'=>$ct_result->comment);
441
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
442
- print json_encode($result);
443
- die();
444
- }
445
- else if(isset($_POST['action']) && $_POST['action']=='mymail_form_submit')
446
- {
447
- $result=Array('success'=>false,'html'=>$ct_result->comment);
448
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
449
- print json_encode($result);
450
- die();
451
- }
452
- else if(isset($_POST['action'], $_POST['task']) && $_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview' && $_POST['task'] != 'send_test_mail')
453
- {
454
- $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
455
- //@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
456
- print $_GET['callback'].'('.json_encode($result).');';
457
- die();
458
- }
459
- else if(isset($_POST['action']) && $_POST['action']=='cs_registration_validation')
460
- {
461
- $result=Array("type"=>"error","message"=>$ct_result->comment);
462
- print json_encode($result);
463
- die();
464
- }
465
- else if(isset($_POST['action']) && ($_POST['action']=='request_appointment' || $_POST['action']=='send_message'))
466
- {
467
- print $ct_result->comment;
468
- die();
469
- }
470
- else if(isset($_POST['action']) && $_POST['action']=='zn_do_login')
471
- {
472
- print '<div id="login_error">'.$ct_result->comment.'</div>';
473
- die();
474
- }
475
- else if(isset($_POST['action']) && $_POST['action']=='vfb_submit')
476
- {
477
- $result=Array('result'=>false,'message'=>$ct_result->comment);
478
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
479
- print json_encode($result);
480
- die();
481
- }
482
- else if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout')
483
- {
484
- print $ct_result->comment;
485
- die();
486
- }
487
- else if(isset($_POST['action']) && $_POST['action']=='frm_entries_create')
488
- {
489
- $result=Array('112'=>$ct_result->comment);
490
- print json_encode($result);
491
- die();
492
- }
493
- else if(isset($_POST['cma-action']) && $_POST['cma-action']=='add')
494
- {
495
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
496
- print json_encode($result);
497
- die();
498
- }
499
- else if(isset($_POST['action']) && $_POST['action']=='td_mod_register')
500
- {
501
- print json_encode(array('register', 0, $ct_result->comment));
502
- die();
503
- }
504
- else if(isset($_POST['action']) && $_POST['action']=='tmpl_ajax_check_user_email')
505
- {
506
- print "17,email";
507
- die();
508
- }
509
- else if(isset($_POST['action']) && ($_POST['action']=='tevolution_submit_from_preview' || $_POST['action']=='submit_form_recaptcha_validation'))
510
- {
511
- print $ct_result->comment;
512
- die();
513
- }
514
- // WooWaitList
515
- // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
516
- else if(isset($_POST['action']) && $_POST['action']=='wew_save_to_db_callback')
517
- {
518
- $result = array();
519
- $result['error'] = 1;
520
- $result['message'] = $ct_result->comment;
521
- $result['code'] = 5; // Unused code number in WooWaitlist
522
- print json_encode($result);
523
- die();
524
- }
525
- // UserPro
526
- else if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register')
527
- {
528
- foreach($_POST as $key => $value){
529
- $output[$key]=$value;
530
- }unset($key, $value);
531
- $output['template'] = $ct_result->comment;
532
- $output=json_encode($output);
533
- print_r($output);
534
- die;
535
- }
536
- // Quick event manager
537
- else if(isset($_POST['action']) && $_POST['action']=='qem_validate_form'){
538
- $errors[] = 'registration_forbidden';
539
- $result = Array(
540
- 'success' => 'false',
541
- 'errors' => $errors,
542
- 'title' => $ct_result->comment
543
- );
544
- print json_encode($result);
545
- die();
546
- }
547
- // Quick Contact Form
548
- elseif(isset($_POST['action']) && $_POST['action'] == 'qcf_validate_form')
549
- {
550
- $result = Array(
551
- 'blurb' => "<h1>".$ct_result->comment."</h1>",
552
- 'display' => "Oops, got a few problems here",
553
- 'errors' => array(
554
- 0 => array(
555
- error => 'error',
556
- name => 'name'
557
- ),
558
- ),
559
- 'success' => 'false',
560
- );
561
- print json_encode($result);
562
- die();
563
- }
564
- // Usernoise Contact Form
565
- elseif(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs']))
566
- {
567
- return array($ct_result->comment);
568
- die();
569
- }
570
- // amoForms
571
- elseif(isset($_POST['action']) && $_POST['action'] == 'amoforms_submit')
572
- {
573
- $result = Array(
574
- 'result' => true,
575
- 'type' => "html",
576
- 'value' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
577
- 'fast' => false
578
- );
579
- print json_encode($result);
580
- die();
581
- }
582
- // MailChimp for Wordpress Premium
583
- elseif(!empty($_POST['_mc4wp_form_id']))
584
- {
585
- return 'ct_mc4wp_response';
586
- }
587
- // QAEngine Theme answers
588
- elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
589
- throw new Exception($ct_result->comment);
590
- }
591
- //ES Add subscriber
592
- elseif(isset($_POST['action']) && $_POST['action'] == 'es_add_subscriber')
593
- {
594
- $result = Array(
595
- 'error' => 'unexpected-error',
596
- );
597
- print json_encode($result);
598
- die();
599
- }
600
- //Convertplug. Strpos because action value dynamically changes and depends on mailing service
601
- elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
602
- $result = Array(
603
- 'action' => "message",
604
- 'detailed_msg' => "",
605
- 'email_status' => false,
606
- 'message' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
607
- 'status' => "error",
608
- 'url' => "none"
609
- );
610
- print json_encode($result);
611
- die();
612
- }
613
- // Ultimate Form Builder
614
- elseif (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
615
- $result = Array(
616
- 'error_keys' => array(),
617
- 'error_flag' => 1,
618
- 'response_message' => $ct_result->comment
619
- );
620
- print json_encode($result);
621
- die();
622
- }
623
- // Smart Forms
624
- elseif (isset($_POST['action']) && $_POST['action'] == 'rednao_smart_forms_save_form_values'){
625
- $result = Array(
626
- 'message' => $ct_result->comment,
627
- 'refreshCaptcha' => 'n',
628
- 'success' => 'n'
629
- );
630
- print json_encode($result);
631
- die();
632
- }
633
- //cFormsII
634
- elseif(isset($_POST['action']) && $_POST['action'] == 'submitcform')
635
- {
636
- header('Content-Type: application/json');
637
- $result = Array(
638
- 'no' => "",
639
- 'result' => "failure",
640
- 'html' =>$ct_result->comment,
641
- 'hide' => false,
642
- 'redirection' => null
643
-
644
- );
645
- print json_encode($result);
646
- die();
647
- }
648
- //Contact Form by Web-Settler
649
- elseif(isset($_POST['smFieldData']))
650
- {
651
- $result = Array(
652
- 'signal' => true,
653
- 'code' => 0,
654
- 'thanksMsg' => $ct_result->comment,
655
- 'errors' => array(),
656
- 'isMsg' => true,
657
- 'redirectUrl' => null
658
- );
659
- print json_encode($result);
660
- die();
661
- }
662
- //Reviewer
663
- elseif(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
664
- {
665
- $result = Array(
666
- 'success' => false,
667
- 'data' => array(0=>$ct_result->comment)
668
- );
669
- print json_encode($result);
670
- die();
671
- }
672
- // CouponXXL Theme
673
- elseif(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] == 'register'){
674
- $result = array(
675
- 'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
676
- );
677
- die(json_encode($result));
678
- }
679
- //ConvertPro
680
- elseif(isset($_POST['action']) && $_POST['action'] == 'cp_v2_notify_admin' || $_POST['action'] == 'cpro_notify_via_email')
681
- {
682
- $result = Array(
683
- 'success' => false,
684
- 'data' => array('error'=>$ct_result->comment,'style_slug'=>'convertprot-form'),
685
- );
686
- print json_encode($result);
687
- die();
688
- }
689
- //Easy Forms for Mailchimp
690
- elseif( isset($_POST['action']) && $_POST['action']=='process_form_submission' ) {
691
- wp_send_json_error(
692
- array(
693
- 'error' => 1,
694
- 'response' => $ct_result->comment
695
- )
696
- );
697
- }
698
- else
699
- {
700
- die(json_encode(array('apbct' => array('blocked' => true, 'comment' => $ct_result->comment,))));
701
- }
702
- }
703
- //Allow == 1
704
- else{
705
- //QAEngine Theme answers
706
- if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
707
- return $message_obj;
708
- }
709
- }
710
- }
 
 
 
 
 
 
1
+ <?php
2
+ global $cleantalk_hooked_actions;
3
+
4
+ /*
5
+ AJAX functions
6
+ */
7
+
8
+ //$cleantalk_ajax_actions_to_check - array for POST 'actions' we should check.
9
+
10
+ $cleantalk_ajax_actions_to_check[] = 'qcf_validate_form'; //Quick Contact Form
11
+ $cleantalk_ajax_actions_to_check[] = 'amoforms_submit'; //amoForms
12
+
13
+ //cleantalk_hooked_actions[] - array for POST 'actions' which were direct hooked.
14
+
15
+ $cleantalk_hooked_actions[] = 'rwp_ajax_action_rating'; //Don't check Reviewer plugin
16
+
17
+ $cleantalk_hooked_actions[] = 'ct_feedback_comment';
18
+
19
+ /* MailChimp Premium*/
20
+ add_filter('mc4wp_form_errors', 'ct_mc4wp_ajax_hook');
21
+
22
+ /*hooks for Usernoise Form*/
23
+ add_action('un_feedback_form_body', 'ct_add_hidden_fields',1);
24
+ add_filter('un_validate_feedback', 'ct_ajax_hook', 1, 2);
25
+
26
+ /*hooks for AJAX Login & Register email validation*/
27
+ add_action( 'wp_ajax_nopriv_validate_email', 'ct_validate_email_ajaxlogin',1 );
28
+ add_action( 'wp_ajax_validate_email', 'ct_validate_email_ajaxlogin',1 );
29
+ $cleantalk_hooked_actions[]='validate_email';
30
+
31
+ /*hooks for user registration*/
32
+ add_action( 'user_register', 'ct_user_register_ajaxlogin',1 );
33
+
34
+ /*hooks for WPUF pro */
35
+ //add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
36
+ //add_action( 'wp_ajax_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
37
+ add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_ajax_hook',1 );
38
+ add_action( 'wp_ajax_wpuf_submit_register', 'ct_ajax_hook',1 );
39
+ $cleantalk_hooked_actions[]='submit_register';
40
+
41
+ /*hooks for MyMail */
42
+ //add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_mymail_form_submit',1 );
43
+ //add_action( 'wp_ajax_mymail_form_submit', 'ct_mymail_form_submit',1 );
44
+ add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_ajax_hook',1 );
45
+ add_action( 'wp_ajax_mymail_form_submit', 'ct_ajax_hook',1 );
46
+ $cleantalk_hooked_actions[]='form_submit';
47
+
48
+ /*hooks for MailPoet */
49
+ //add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_wysija_ajax',1 );
50
+ //add_action( 'wp_ajax_wysija_ajax', 'ct_wysija_ajax',1 );
51
+ add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_ajax_hook',1 );
52
+ add_action( 'wp_ajax_wysija_ajax', 'ct_ajax_hook',1 );
53
+ $cleantalk_hooked_actions[]='wysija_ajax';
54
+
55
+ /*hooks for cs_registration_validation */
56
+ //add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_cs_registration_validation',1 );
57
+ //add_action( 'wp_ajax_cs_registration_validation', 'ct_cs_registration_validation',1 );
58
+ add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_ajax_hook',1 );
59
+ add_action( 'wp_ajax_cs_registration_validation', 'ct_ajax_hook',1 );
60
+ $cleantalk_hooked_actions[]='cs_registration_validation';
61
+
62
+ /*hooks for send_message and request_appointment */
63
+ //add_action( 'wp_ajax_nopriv_send_message', 'ct_sm_ra',1 );
64
+ //add_action( 'wp_ajax_send_message', 'ct_sm_ra',1 );
65
+ //add_action( 'wp_ajax_nopriv_request_appointment', 'ct_sm_ra',1 );
66
+ //add_action( 'wp_ajax_request_appointment', 'ct_sm_ra',1 );
67
+ add_action( 'wp_ajax_nopriv_send_message', 'ct_ajax_hook',1 );
68
+ add_action( 'wp_ajax_send_message', 'ct_ajax_hook',1 );
69
+ add_action( 'wp_ajax_nopriv_request_appointment', 'ct_ajax_hook',1 );
70
+ add_action( 'wp_ajax_request_appointment', 'ct_ajax_hook',1 );
71
+ $cleantalk_hooked_actions[]='send_message';
72
+ $cleantalk_hooked_actions[]='request_appointment';
73
+
74
+ /*hooks for zn_do_login */
75
+ //add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_zn_do_login',1 );
76
+ //add_action( 'wp_ajax_zn_do_login', 'ct_zn_do_login',1 );
77
+ add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_ajax_hook',1 );
78
+ add_action( 'wp_ajax_zn_do_login', 'ct_ajax_hook',1 );
79
+ $cleantalk_hooked_actions[]='zn_do_login';
80
+
81
+ /*hooks for zn_do_login */
82
+ //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_cscf_submitform',1 );
83
+ //add_action( 'wp_ajax_cscf-submitform', 'ct_cscf_submitform',1 );
84
+ if(isset($_POST['action']) && $_POST['action'] == 'cscf-submitform'){
85
+ add_filter('preprocess_comment', 'ct_ajax_hook', 1);
86
+ //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_ajax_hook',1 );
87
+ //add_action( 'wp_ajax_cscf-submitform', 'ct_ajax_hook',1 );
88
+ $cleantalk_hooked_actions[]='cscf-submitform';
89
+ }
90
+
91
+
92
+ /*hooks for visual form builder */
93
+ //add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_vfb_submit',1 );
94
+ //add_action( 'wp_ajax_vfb_submit', 'ct_vfb_submit',1 );
95
+ add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_ajax_hook',1 );
96
+ add_action( 'wp_ajax_vfb_submit', 'ct_ajax_hook',1 );
97
+ $cleantalk_hooked_actions[]='vfb_submit';
98
+
99
+ /*hooks for woocommerce_checkout*/
100
+ add_action( 'wp_ajax_nopriv_woocommerce_checkout', 'ct_ajax_hook',1 );
101
+ add_action( 'wp_ajax_woocommerce_checkout', 'ct_ajax_hook',1 );
102
+ $cleantalk_hooked_actions[]='woocommerce_checkout';
103
+ $cleantalk_hooked_actions[]='wcfm_ajax_controller';
104
+
105
+ /*hooks for frm_action*/
106
+ add_action( 'wp_ajax_nopriv_frm_entries_create', 'ct_ajax_hook',1 );
107
+ add_action( 'wp_ajax_frm_entries_create', 'ct_ajax_hook',1 );
108
+ $cleantalk_hooked_actions[]='frm_entries_create';
109
+
110
+ add_action( 'wp_ajax_nopriv_td_mod_register', 'ct_ajax_hook',1 );
111
+ add_action( 'wp_ajax_td_mod_register', 'ct_ajax_hook',1 );
112
+ $cleantalk_hooked_actions[]='td_mod_register';
113
+
114
+ /*hooks for tevolution theme*/
115
+ add_action( 'wp_ajax_nopriv_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
116
+ add_action( 'wp_ajax_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
117
+ add_action( 'wp_ajax_nopriv_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
118
+ add_action( 'wp_ajax_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
119
+ add_action( 'wp_ajax_nopriv_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
120
+ add_action( 'wp_ajax_tmpl_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
121
+ $cleantalk_hooked_actions[]='tmpl_ajax_check_user_email';
122
+ $cleantalk_hooked_actions[]='tevolution_submit_from_preview';
123
+ $cleantalk_hooked_actions[]='submit_form_recaptcha_validation';
124
+
125
+ /* hooks for contact forms by web settler ajax*/
126
+ add_action( 'wp_ajax_nopriv_smuzform-storage', 'ct_ajax_hook',1 );
127
+ $cleantalk_hooked_actions[]='smuzform_form_submit';
128
+
129
+ /* hooks for reviewer plugin*/
130
+ add_action( 'wp_ajax_nopriv_rwp_ajax_action_rating', 'ct_ajax_hook',1 );
131
+ $cleantalk_hooked_actions[]='rwp-submit-wrap';
132
+
133
+ $cleantalk_hooked_actions[]='post_update';
134
+
135
+ /* Ninja Forms hoocked actions */
136
+ $cleantalk_hooked_actions[]='ninja_forms_ajax_submit';
137
+ $cleantalk_hooked_actions[]='nf_ajax_submit';
138
+ $cleantalk_hooked_actions[]='ninja_forms_process'; // Depricated ?
139
+
140
+ /* Follow-Up Emails */
141
+ $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
142
+
143
+ /* Follow-Up Emails */
144
+ $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
145
+
146
+ function ct_validate_email_ajaxlogin($email=null, $is_ajax=true){
147
+
148
+ require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-public.php');
149
+
150
+ $email = is_null( $email ) ? $email : $_POST['email'];
151
+ $email = sanitize_email($email);
152
+ $is_good = !filter_var($email, FILTER_VALIDATE_EMAIL) || email_exists($email) ? false : true;
153
+
154
+ if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='validate_email'){
155
+
156
+ $checkjs = apbct_js_test('ct_checkjs', $_POST);
157
+ $sender_info['post_checkjs_passed'] = $checkjs;
158
+ if ($checkjs === null){
159
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
160
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
161
+ }
162
+
163
+ //Making a call
164
+ $base_call_result = apbct_base_call(
165
+ array(
166
+ 'sender_email' => $email,
167
+ 'sender_nickname' => '',
168
+ 'sender_info' => $sender_info,
169
+ 'js_on' => $checkjs,
170
+ ),
171
+ true
172
+ );
173
+
174
+ $ct_result = $base_call_result['ct_result'];
175
+
176
+ if ($ct_result->allow===0){
177
+ $is_good=false;
178
+ }
179
+ }
180
+
181
+ if($is_good){
182
+ $ajaxresult=array(
183
+ 'description' => null,
184
+ 'cssClass' => 'noon',
185
+ 'code' => 'success'
186
+ );
187
+ }else{
188
+ $ajaxresult=array(
189
+ 'description' => 'Invalid Email',
190
+ 'cssClass' => 'error-container',
191
+ 'code' => 'error'
192
+ );
193
+ }
194
+
195
+ $ajaxresult = json_encode($ajaxresult);
196
+ print $ajaxresult;
197
+ wp_die();
198
+ }
199
+
200
+ function ct_user_register_ajaxlogin($user_id)
201
+ {
202
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
203
+
204
+ if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='register_submit')
205
+ {
206
+
207
+ $checkjs = apbct_js_test('ct_checkjs', $_POST);
208
+ $sender_info['post_checkjs_passed'] = $checkjs;
209
+ if ($checkjs === null){
210
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
211
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
212
+ }
213
+
214
+ //Making a call
215
+ $base_call_result = apbct_base_call(
216
+ array(
217
+ 'sender_email' => sanitize_email($_POST['email']),
218
+ 'sender_nickname' => sanitize_email($_POST['login']),
219
+ 'sender_info' => $sender_info,
220
+ 'js_on' => $checkjs,
221
+ ),
222
+ true
223
+ );
224
+
225
+ $ct_result = $base_call_result['ct_result'];
226
+
227
+ if ($ct_result->allow === 0)
228
+ {
229
+ wp_delete_user($user_id);
230
+ }
231
+ }
232
+ return $user_id;
233
+ }
234
+
235
+ /**
236
+ * Hook into MailChimp for WordPress `mc4wp_form_errors` filter.
237
+ *
238
+ * @param array $errors
239
+ * @return array
240
+ */
241
+ function ct_mc4wp_ajax_hook( array $errors )
242
+ {
243
+ $result = ct_ajax_hook();
244
+
245
+ // only return modified errors array when function returned a string value (the message key)
246
+ if( is_string( $result ) ) {
247
+ $errors[] = $result;
248
+ }
249
+
250
+ return $errors;
251
+ }
252
+
253
+ function ct_ajax_hook($message_obj = false, $additional = false)
254
+ {
255
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
256
+
257
+ global $apbct, $current_user;
258
+
259
+ $message_obj = (array)$message_obj;
260
+
261
+ // Get current_user and set it globaly
262
+ apbct_wp_set_current_user($current_user instanceof WP_User ? $current_user : apbct_wp_get_current_user() );
263
+
264
+ // Go out because of not spam data
265
+ $skip_post = array(
266
+ 'gmaps_display_info_window', // Geo My WP pop-up windows.
267
+ 'gmw_ps_display_info_window', // Geo My WP pop-up windows.
268
+ 'the_champ_user_auth', // Super Socializer
269
+ 'simbatfa-init-otp', //Two-Factor Auth
270
+ 'wppb_msf_check_required_fields', //ProfileBuilder skip step checking
271
+ 'boss_we_login', //Login form
272
+ 'sidebar_login_process', // Login CF7
273
+ 'cp_update_style_settings', // Convert Pro. Saving settings
274
+ 'updraft_savesettings', // UpdraftPlus
275
+ 'wpdUpdateAutomatically', //Comments update
276
+ 'upload-attachment', // Skip ulpload attachments
277
+ 'iwj_update_profile', //Skip profile page checker
278
+ 'st_partner_create_service', //Skip add hotel via admin
279
+ 'vp_ajax_vpt_option_save', // https://themeforest.net/item/motor-vehicles-parts-equipments-accessories-wordpress-woocommerce-theme/16829946
280
+ 'mailster_send_test', //Mailster send test admin
281
+ 'acf/validate_save_post', //ACF validate post admin
282
+ 'admin:saveThemeOptions', //Ait-theme admin checking
283
+ 'save_tourmaster_option', //Tourmaster admin save
284
+ 'validate_register_email', // Service id #313320
285
+ 'elementor_pro_forms_send_form', //Elementor Pro
286
+ 'phone-orders-for-woocommerce', //Phone orders for woocommerce backend
287
+ 'ihc_check_reg_field_ajax', //Ajax check required fields
288
+ 'OSTC_lostPassword', //Lost password ajax form
289
+ 'check_retina_image_availability', //There are too many ajax requests from mobile
290
+ );
291
+
292
+ // Skip test if
293
+ if( !$apbct->settings['general_contact_forms_test'] || // Test disabled
294
+ !apbct_is_user_enable($apbct->user) || // User is admin, editor, author
295
+ // (function_exists('get_current_user_id') && get_current_user_id() != 0) || // Check with default wp_* function if it's admin
296
+ ($apbct->settings['protect_logged_in'] && ($apbct->user instanceof WP_User) && $apbct->user->ID !== 0 ) || // Logged in user
297
+ apbct_check_url_exclusions() || // url exclusions
298
+ (isset($_POST['action']) && in_array($_POST['action'], $skip_post)) || // Special params
299
+ (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
300
+ isset($_POST['quform_submit']) || //QForms multi-paged form skip
301
+ // QAEngine Theme fix
302
+ ( strval(current_action()) != 'et_pre_insert_answer' &&
303
+ (
304
+ (isset($message_obj['author']) && intval($message_obj['author']) == 0) ||
305
+ (isset($message_obj['post_author']) && intval($message_obj['post_author']) == 0)
306
+ )
307
+ )
308
+ )
309
+ {
310
+ return false;
311
+ }
312
+
313
+ //General post_info for all ajax calls
314
+ $post_info = array('comment_type' => 'feedback_ajax');
315
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
316
+
317
+ if(isset($_POST['user_login']))
318
+ $sender_nickname = $_POST['user_login'];
319
+ else
320
+ $sender_nickname = '';
321
+
322
+ //QAEngine Theme answers
323
+ if( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
324
+ $curr_user = get_user_by('id', $message_obj['author']);
325
+ if (!$curr_user)
326
+ $curr_user = get_user_by('id', $message_obj['post_author']);
327
+ $ct_post_temp['comment'] = $message_obj['post_content'];
328
+ $ct_post_temp['email'] = $curr_user->data->user_email;
329
+ $ct_post_temp['name'] = $curr_user->data->user_login;
330
+ }
331
+
332
+ //CSCF fix
333
+ if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform'){
334
+ $ct_post_temp[] = $message_obj['comment_author'];
335
+ $ct_post_temp[] = $message_obj['comment_author_email'];
336
+ $ct_post_temp[] = $message_obj['comment_content'];
337
+ }
338
+
339
+ //??? fix
340
+ if(isset($_POST['action'], $_POST['target']) && ($_POST['action']=='request_appointment'||$_POST['action']=='send_message')){
341
+ $ct_post_temp=$_POST;
342
+ $ct_post_temp['target']=1;
343
+ }
344
+
345
+ //UserPro fix
346
+ if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register'){
347
+ $ct_post_temp = $_POST;
348
+ $ct_post_temp['shortcode'] = '';
349
+ }
350
+ //Reviewer fix
351
+ if(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
352
+ {
353
+ $ct_post_temp['name'] = $_POST['user_name'];
354
+ $ct_post_temp['email'] = $_POST['user_email'];
355
+ $ct_post_temp['comment'] = $_POST['comment'];
356
+ }
357
+ //Woocommerce checkout
358
+ if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout'){
359
+ $post_info['comment_type'] = 'order';
360
+ }
361
+ //Easy Forms for Mailchimp
362
+ if( isset($_POST['action']) && $_POST['action']=='process_form_submission' ){
363
+ $post_info['comment_type'] = 'contact_enquire_wordpress_easy_forms_for_mailchimp';
364
+ if( isset($_POST['form_data']) ) {
365
+ $form_data = explode( '&', $_POST['form_data'] );
366
+ $form_data_arr = array();
367
+ foreach ( $form_data as $val ) {
368
+ $form_data_element = explode( '=', $val );
369
+ $form_data_arr[$form_data_element[0]] = @$form_data_element[1];
370
+ }
371
+ if( isset( $form_data_arr['EMAIL'] ) ) {
372
+ $ct_post_temp['email'] = $form_data_arr['EMAIL'];
373
+ }
374
+ }
375
+ }
376
+
377
+ $ct_temp_msg_data = isset($ct_post_temp)
378
+ ? ct_get_fields_any($ct_post_temp)
379
+ : ct_get_fields_any($_POST);
380
+
381
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
382
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
383
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
384
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
385
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
386
+ if($subject != '') {
387
+ $message['subject'] = $subject;
388
+ }
389
+
390
+ // Skip submission if no data found
391
+ if ($sender_email === ''|| !$contact_form)
392
+ return false;
393
+
394
+ // Mailpoet fix
395
+ if (isset($message['wysijaData'], $message['wysijaplugin'], $message['task'], $message['controller']) && $message['wysijaplugin'] == 'wysija-newsletters' && $message['controller'] == 'campaigns')
396
+ return false;
397
+ // Mailpoet3 admin skip fix
398
+ if (isset($_POST['action'], $_POST['method']) && $_POST['action'] == 'mailpoet' && $_POST['method'] =='save')
399
+ return false;
400
+
401
+ // WP Foto Vote Fix
402
+ if (!empty($_FILES)){
403
+ foreach($message as $key => $value){
404
+ if(strpos($key, 'oje') !== false)
405
+ return;
406
+ } unset($key ,$value);
407
+ }
408
+
409
+ /**
410
+ * @todo Contact form detect
411
+ */
412
+ // Detect contact form an set it's name to $contact_form to use later
413
+ $contact_form = null;
414
+ foreach($_POST as $param => $value){
415
+ if(strpos($param, 'et_pb_contactform_submit') === 0){
416
+ $contact_form = 'contact_form_divi_theme';
417
+ $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
418
+ }
419
+ if(strpos($param, 'avia_generated_form') === 0){
420
+ $contact_form = 'contact_form_enfold_theme';
421
+ $contact_form_additional = str_replace('avia_generated_form', '', $param);
422
+ }
423
+ if(!empty($contact_form))
424
+ break;
425
+ }
426
+
427
+ $base_call_result = apbct_base_call(
428
+ array(
429
+ 'message' => $message,
430
+ 'sender_email' => $sender_email,
431
+ 'sender_nickname' => $sender_nickname,
432
+ 'sender_info' => array('post_checkjs_passed' => $checkjs),
433
+ 'post_info' => $post_info,
434
+ 'js_on' => $checkjs,
435
+ )
436
+ );
437
+ $ct_result = $base_call_result['ct_result'];
438
+
439
+ if ($ct_result->allow == 0)
440
+ {
441
+ if(isset($_POST['action']) && $_POST['action']=='wpuf_submit_register'){
442
+ $result=Array('success'=>false,'error'=>$ct_result->comment);
443
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
444
+ print json_encode($result);
445
+ die();
446
+ }
447
+ else if(isset($_POST['action']) && $_POST['action']=='mymail_form_submit')
448
+ {
449
+ $result=Array('success'=>false,'html'=>$ct_result->comment);
450
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
451
+ print json_encode($result);
452
+ die();
453
+ }
454
+ else if(isset($_POST['action'], $_POST['task']) && $_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview' && $_POST['task'] != 'send_test_mail')
455
+ {
456
+ $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
457
+ //@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
458
+ print $_GET['callback'].'('.json_encode($result).');';
459
+ die();
460
+ }
461
+ else if(isset($_POST['action']) && $_POST['action']=='cs_registration_validation')
462
+ {
463
+ $result=Array("type"=>"error","message"=>$ct_result->comment);
464
+ print json_encode($result);
465
+ die();
466
+ }
467
+ else if(isset($_POST['action']) && ($_POST['action']=='request_appointment' || $_POST['action']=='send_message'))
468
+ {
469
+ print $ct_result->comment;
470
+ die();
471
+ }
472
+ else if(isset($_POST['action']) && $_POST['action']=='zn_do_login')
473
+ {
474
+ print '<div id="login_error">'.$ct_result->comment.'</div>';
475
+ die();
476
+ }
477
+ else if(isset($_POST['action']) && $_POST['action']=='vfb_submit')
478
+ {
479
+ $result=Array('result'=>false,'message'=>$ct_result->comment);
480
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
481
+ print json_encode($result);
482
+ die();
483
+ }
484
+ else if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout')
485
+ {
486
+ print $ct_result->comment;
487
+ die();
488
+ }
489
+ else if(isset($_POST['action']) && $_POST['action']=='frm_entries_create')
490
+ {
491
+ $result=Array('112'=>$ct_result->comment);
492
+ print json_encode($result);
493
+ die();
494
+ }
495
+ else if(isset($_POST['cma-action']) && $_POST['cma-action']=='add')
496
+ {
497
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
498
+ print json_encode($result);
499
+ die();
500
+ }
501
+ else if(isset($_POST['action']) && $_POST['action']=='td_mod_register')
502
+ {
503
+ print json_encode(array('register', 0, $ct_result->comment));
504
+ die();
505
+ }
506
+ else if(isset($_POST['action']) && $_POST['action']=='tmpl_ajax_check_user_email')
507
+ {
508
+ print "17,email";
509
+ die();
510
+ }
511
+ else if(isset($_POST['action']) && ($_POST['action']=='tevolution_submit_from_preview' || $_POST['action']=='submit_form_recaptcha_validation'))
512
+ {
513
+ print $ct_result->comment;
514
+ die();
515
+ }
516
+ // WooWaitList
517
+ // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
518
+ else if(isset($_POST['action']) && $_POST['action']=='wew_save_to_db_callback')
519
+ {
520
+ $result = array();
521
+ $result['error'] = 1;
522
+ $result['message'] = $ct_result->comment;
523
+ $result['code'] = 5; // Unused code number in WooWaitlist
524
+ print json_encode($result);
525
+ die();
526
+ }
527
+ // UserPro
528
+ else if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register')
529
+ {
530
+ foreach($_POST as $key => $value){
531
+ $output[$key]=$value;
532
+ }unset($key, $value);
533
+ $output['template'] = $ct_result->comment;
534
+ $output=json_encode($output);
535
+ print_r($output);
536
+ die;
537
+ }
538
+ // Quick event manager
539
+ else if(isset($_POST['action']) && $_POST['action']=='qem_validate_form'){
540
+ $errors[] = 'registration_forbidden';
541
+ $result = Array(
542
+ 'success' => 'false',
543
+ 'errors' => $errors,
544
+ 'title' => $ct_result->comment
545
+ );
546
+ print json_encode($result);
547
+ die();
548
+ }
549
+ // Quick Contact Form
550
+ elseif(isset($_POST['action']) && $_POST['action'] == 'qcf_validate_form')
551
+ {
552
+ $result = Array(
553
+ 'blurb' => "<h1>".$ct_result->comment."</h1>",
554
+ 'display' => "Oops, got a few problems here",
555
+ 'errors' => array(
556
+ 0 => array(
557
+ error => 'error',
558
+ name => 'name'
559
+ ),
560
+ ),
561
+ 'success' => 'false',
562
+ );
563
+ print json_encode($result);
564
+ die();
565
+ }
566
+ // Usernoise Contact Form
567
+ elseif(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs']))
568
+ {
569
+ return array($ct_result->comment);
570
+ die();
571
+ }
572
+ // amoForms
573
+ elseif(isset($_POST['action']) && $_POST['action'] == 'amoforms_submit')
574
+ {
575
+ $result = Array(
576
+ 'result' => true,
577
+ 'type' => "html",
578
+ 'value' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
579
+ 'fast' => false
580
+ );
581
+ print json_encode($result);
582
+ die();
583
+ }
584
+ // MailChimp for Wordpress Premium
585
+ elseif(!empty($_POST['_mc4wp_form_id']))
586
+ {
587
+ return 'ct_mc4wp_response';
588
+ }
589
+ // QAEngine Theme answers
590
+ elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
591
+ throw new Exception($ct_result->comment);
592
+ }
593
+ //ES Add subscriber
594
+ elseif(isset($_POST['action']) && $_POST['action'] == 'es_add_subscriber')
595
+ {
596
+ $result = Array(
597
+ 'error' => 'unexpected-error',
598
+ );
599
+ print json_encode($result);
600
+ die();
601
+ }
602
+ //Convertplug. Strpos because action value dynamically changes and depends on mailing service
603
+ elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
604
+ $result = Array(
605
+ 'action' => "message",
606
+ 'detailed_msg' => "",
607
+ 'email_status' => false,
608
+ 'message' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
609
+ 'status' => "error",
610
+ 'url' => "none"
611
+ );
612
+ print json_encode($result);
613
+ die();
614
+ }
615
+ // Ultimate Form Builder
616
+ elseif (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
617
+ $result = Array(
618
+ 'error_keys' => array(),
619
+ 'error_flag' => 1,
620
+ 'response_message' => $ct_result->comment
621
+ );
622
+ print json_encode($result);
623
+ die();
624
+ }
625
+ // Smart Forms
626
+ elseif (isset($_POST['action']) && $_POST['action'] == 'rednao_smart_forms_save_form_values'){
627
+ $result = Array(
628
+ 'message' => $ct_result->comment,
629
+ 'refreshCaptcha' => 'n',
630
+ 'success' => 'n'
631
+ );
632
+ print json_encode($result);
633
+ die();
634
+ }
635
+ //cFormsII
636
+ elseif(isset($_POST['action']) && $_POST['action'] == 'submitcform')
637
+ {
638
+ header('Content-Type: application/json');
639
+ $result = Array(
640
+ 'no' => "",
641
+ 'result' => "failure",
642
+ 'html' =>$ct_result->comment,
643
+ 'hide' => false,
644
+ 'redirection' => null
645
+
646
+ );
647
+ print json_encode($result);
648
+ die();
649
+ }
650
+ //Contact Form by Web-Settler
651
+ elseif(isset($_POST['smFieldData']))
652
+ {
653
+ $result = Array(
654
+ 'signal' => true,
655
+ 'code' => 0,
656
+ 'thanksMsg' => $ct_result->comment,
657
+ 'errors' => array(),
658
+ 'isMsg' => true,
659
+ 'redirectUrl' => null
660
+ );
661
+ print json_encode($result);
662
+ die();
663
+ }
664
+ //Reviewer
665
+ elseif(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
666
+ {
667
+ $result = Array(
668
+ 'success' => false,
669
+ 'data' => array(0=>$ct_result->comment)
670
+ );
671
+ print json_encode($result);
672
+ die();
673
+ }
674
+ // CouponXXL Theme
675
+ elseif(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] == 'register'){
676
+ $result = array(
677
+ 'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
678
+ );
679
+ die(json_encode($result));
680
+ }
681
+ //ConvertPro
682
+ elseif(isset($_POST['action']) && $_POST['action'] == 'cp_v2_notify_admin' || $_POST['action'] == 'cpro_notify_via_email')
683
+ {
684
+ $result = Array(
685
+ 'success' => false,
686
+ 'data' => array('error'=>$ct_result->comment,'style_slug'=>'convertprot-form'),
687
+ );
688
+ print json_encode($result);
689
+ die();
690
+ }
691
+ //Easy Forms for Mailchimp
692
+ elseif( isset($_POST['action']) && $_POST['action']=='process_form_submission' ) {
693
+ wp_send_json_error(
694
+ array(
695
+ 'error' => 1,
696
+ 'response' => $ct_result->comment
697
+ )
698
+ );
699
+ }
700
+ //Optin wheel
701
+ elseif( isset($_POST['action']) && ($_POST['action'] == 'wof-lite-email-optin' || $_POST['action'] == 'wof-email-optin')) {
702
+ wp_send_json_error(__($ct_result->comment, 'wp-optin-wheel'));
703
+ }
704
+ else
705
+ {
706
+ die(json_encode(array('apbct' => array('blocked' => true, 'comment' => $ct_result->comment,))));
707
+ }
708
+ }
709
+ //Allow == 1
710
+ else{
711
+ //QAEngine Theme answers
712
+ if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
713
+ return $message_obj;
714
+ }
715
+ }
716
+ }
inc/cleantalk-common.php CHANGED
@@ -1,946 +1,977 @@
1
- <?php
2
-
3
- $ct_checkjs_frm = 'ct_checkjs_frm';
4
- $ct_checkjs_register_form = 'ct_checkjs_register_form';
5
-
6
- $apbct_cookie_request_id_label = 'request_id';
7
- $apbct_cookie_register_ok_label = 'register_ok';
8
-
9
- $ct_checkjs_cf7 = 'ct_checkjs_cf7';
10
- $ct_cf7_comment = '';
11
-
12
- $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
13
- $ct_jpcf_patched = false;
14
- $ct_jpcf_fields = array('name', 'email');
15
-
16
- // Comment already proccessed
17
- $ct_comment_done = false;
18
-
19
- // Comment already proccessed
20
- $ct_signup_done = false;
21
-
22
- //Contains registration error
23
- $ct_registration_error_comment = false;
24
-
25
- // Default value for JS test
26
- $ct_checkjs_def = 0;
27
-
28
- // COOKIE label to store request id for last approved
29
- $ct_approved_request_id_label = 'ct_approved_request_id';
30
-
31
- // Last request id approved for publication
32
- $ct_approved_request_id = null;
33
-
34
- // Trial notice show time in minutes
35
- $trial_notice_showtime = 10;
36
-
37
- // Renew notice show time in minutes
38
- $renew_notice_showtime = 10;
39
-
40
- // COOKIE label for WP Landing Page proccessing result
41
- $ct_wplp_result_label = 'ct_wplp_result';
42
-
43
- // Flag indicates active JetPack comments
44
- $ct_jp_comments = false;
45
-
46
- // WP admin email notice interval in seconds
47
- $ct_admin_notoice_period = 21600;
48
-
49
- // Sevice negative comment to visitor.
50
- // It uses for BuddyPress registrations to avoid double checks
51
- $ct_negative_comment = null;
52
-
53
- // Set globals to NULL to avoid massive DB requests. Globals will be set when needed only and by accessors only.
54
- $ct_server = NULL;
55
- $admin_email = NULL;
56
-
57
- /**
58
- * Public action 'plugins_loaded' - Loads locale, see http://codex.wordpress.org/Function_Reference/load_plugin_textdomain
59
- */
60
- function apbct_plugin_loaded() {
61
- $dir=plugin_basename( dirname( __FILE__ ) ) . '/../i18n';
62
- $loaded=load_plugin_textdomain('cleantalk', false, $dir);
63
- }
64
-
65
- /**
66
- * Inner function - Request's wrapper for anything
67
- * @param array Array of parameters:
68
- * 'message' - string
69
- * 'example' - string
70
- * 'checkjs' - int
71
- * 'sender_email' - string
72
- * 'sender_nickname' - string
73
- * 'sender_info' - array
74
- * 'post_info' - string
75
- * @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
76
- */
77
- function apbct_base_call($params = array(), $reg_flag = false){
78
-
79
- global $apbct;
80
-
81
- $sender_info = !empty($params['sender_info'])
82
- ? CleantalkHelper::array_merge__save_numeric_keys__recursive(apbct_get_sender_info(), (array)$params['sender_info'])
83
- : apbct_get_sender_info();
84
-
85
- !empty($params['message'])
86
- ? $params['message'] = ct_filter_array($params['message'])
87
- : null;
88
-
89
- $default_params = array(
90
-
91
- // IPs
92
- 'sender_ip' => defined('CT_TEST_IP') ? CT_TEST_IP : (isset($params['sender_ip']) ? $params['sender_ip'] : CleantalkHelper::ip__get(array('real'), false)),
93
- 'x_forwarded_for' => CleantalkHelper::ip__get(array('x_forwarded_for'), false),
94
- 'x_real_ip' => CleantalkHelper::ip__get(array('x_real_ip'), false),
95
-
96
- // Misc
97
- 'auth_key' => $apbct->api_key,
98
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE) ? 1 : apbct_js_test('ct_checkjs', $_POST),
99
-
100
- 'agent' => APBCT_AGENT,
101
- 'sender_info' => $sender_info,
102
- 'submit_time' => apbct_get_submit_time(),
103
- );
104
-
105
- $ct_request = new CleantalkRequest(
106
- CleantalkHelper::array_merge__save_numeric_keys__recursive($default_params, $params)
107
- );
108
-
109
- $ct = new Cleantalk();
110
-
111
- $ct->use_bultin_api = $apbct->settings['use_buitin_http_api'] ? true : false;
112
- $ct->ssl_on = $apbct->settings['ssl_on'];
113
- $ct->ssl_path = APBCT_CASERT_PATH;
114
-
115
- // Options store url without shceme because of DB error with ''://'
116
- $config = ct_get_server();
117
- $ct->server_url = APBCT_MODERATE_URL;
118
- $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
119
- $ct->server_ttl = $config['ct_server_ttl'];
120
- $ct->server_changed = $config['ct_server_changed'];
121
-
122
- $start = microtime(true);
123
- $ct_result = $reg_flag
124
- ? @$ct->isAllowUser($ct_request)
125
- : @$ct->isAllowMessage($ct_request);
126
- $exec_time = microtime(true) - $start;
127
-
128
- // Statistics
129
- // Average request time
130
- apbct_statistics__rotate($exec_time);
131
- // Last request
132
- $apbct->stats['last_request']['time'] = time();
133
- $apbct->stats['last_request']['server'] = $ct->work_url;
134
- $apbct->save('stats');
135
-
136
- // Connection reports
137
- if ($ct_result->errno === 0 && empty($ct_result->errstr))
138
- $apbct->data['connection_reports']['success']++;
139
- else
140
- {
141
- $apbct->data['connection_reports']['negative']++;
142
- $apbct->data['connection_reports']['negative_report'][] = array(
143
- 'date' => date("Y-m-d H:i:s"),
144
- 'page_url' => $_SERVER['REQUEST_URI'],
145
- 'lib_report' => $ct_result->errstr,
146
- 'work_url' => $ct->work_url,
147
- );
148
-
149
- if(count($apbct->data['connection_reports']['negative_report']) > 20)
150
- $apbct->data['connection_reports']['negative_report'] = array_slice($apbct->data['connection_reports']['negative_report'], -20, 20);
151
-
152
- }
153
-
154
- if ($ct->server_change) {
155
- update_option(
156
- 'cleantalk_server',
157
- array(
158
- 'ct_work_url' => $ct->work_url,
159
- 'ct_server_ttl' => $ct->server_ttl,
160
- 'ct_server_changed' => time(),
161
- )
162
- );
163
- }
164
-
165
- $ct_result = ct_change_plugin_resonse($ct_result, $ct_request->js_on);
166
-
167
- // Restart submit form counter for failed requests
168
- if ($ct_result->allow == 0){
169
- apbct_cookie(); // Setting page timer and cookies
170
- ct_add_event('no');
171
- }else{
172
- ct_add_event('yes');
173
- }
174
-
175
- // Set cookies if it's not.
176
- if(empty($apbct->flags__cookies_setuped))
177
- apbct_cookie();
178
-
179
- return array('ct' => $ct, 'ct_result' => $ct_result);
180
-
181
- }
182
-
183
- /**
184
- * Inner function - Default data array for senders
185
- * @return array
186
- */
187
- function apbct_get_sender_info() {
188
-
189
- global $apbct;
190
-
191
- // Validate cookie from the backend
192
- $cookie_is_ok = apbct_cookies_test();
193
-
194
- $referer_previous = $apbct->settings['set_cookies__sessions']
195
- ? apbct_alt_session__get('apbct_prev_referer')
196
- : filter_input(INPUT_COOKIE, 'apbct_prev_referer');
197
-
198
- $site_landing_ts = $apbct->settings['set_cookies__sessions']
199
- ? apbct_alt_session__get('apbct_site_landing_ts')
200
- : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
201
-
202
- $page_hits = $apbct->settings['set_cookies__sessions']
203
- ? apbct_alt_session__get('apbct_page_hits')
204
- : filter_input(INPUT_COOKIE, 'apbct_page_hits');
205
-
206
- if (count($_POST) > 0) {
207
- foreach ($_POST as $k => $v) {
208
- if (preg_match("/^(ct_check|checkjs).+/", $k)) {
209
- $checkjs_data_post = $v;
210
- }
211
- }
212
- }
213
-
214
- // AMP check
215
- $amp_detected = isset($_SERVER['HTTP_REFERER'])
216
- ? strpos($_SERVER['HTTP_REFERER'], '/amp/') !== false || strpos($_SERVER['HTTP_REFERER'], '?amp=1') !== false || strpos($_SERVER['HTTP_REFERER'], '&amp=1') !== false
217
- ? 1
218
- : 0
219
- : null;
220
-
221
- $site_referer = $apbct->settings['store_urls__sessions']
222
- ? apbct_alt_session__get('apbct_site_referer')
223
- : filter_input(INPUT_COOKIE, 'apbct_site_referer');
224
-
225
- $urls = $apbct->settings['store_urls__sessions']
226
- ? (array)apbct_alt_session__get('apbct_urls')
227
- : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
228
-
229
- return array(
230
- 'remote_addr' => CleantalkHelper::ip__get(array('remote_addr'), false),
231
- 'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
232
- 'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
233
- 'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
234
- 'cms_lang' => substr(get_locale(), 0, 2),
235
- 'ct_options' => json_encode($apbct->settings),
236
- 'fields_number' => sizeof($_POST),
237
- 'direct_post' => $cookie_is_ok === null && $_SERVER['REQUEST_METHOD'] == 'POST' ? 1 : 0,
238
- // Raw data to validated JavaScript test in the cloud
239
- 'checkjs_data_cookies' => !empty($_COOKIE['ct_checkjs']) ? $_COOKIE['ct_checkjs'] : null,
240
- 'checkjs_data_post' => !empty($checkjs_data_post) ? $checkjs_data_post : null,
241
- // PHP cookies
242
- 'cookies_enabled' => $cookie_is_ok,
243
- 'REFFERRER_PREVIOUS' => !empty($referer_previous) && $cookie_is_ok ? $referer_previous : null,
244
- 'site_landing_ts' => !empty($site_landing_ts) && $cookie_is_ok ? $site_landing_ts : null,
245
- 'page_hits' => !empty($page_hits) ? $page_hits : null,
246
- // JS cookies
247
- 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info']), true) : null,
248
- 'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
249
- 'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
250
- 'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,
251
- 'page_set_timestamp' => !empty($_COOKIE['ct_ps_timestamp']) ? $_COOKIE['ct_ps_timestamp'] : null,
252
- 'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
253
- 'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? apbct_visibile_fields__process($_COOKIE['apbct_visible_fields']) : null,
254
- // Misc
255
- 'site_referer' => !empty($site_referer) ? $site_referer : null,
256
- 'source_url' => !empty($urls) ? json_encode($urls) : null,
257
- // Debug stuff
258
- 'amp_detected' => $amp_detected,
259
- 'hook' => current_action(),
260
- 'headers_sent' => !empty($apbct->headers_sent) ? $apbct->headers_sent : false,
261
- 'headers_sent__hook' => !empty($apbct->headers_sent__hook) ? $apbct->headers_sent__hook : false,
262
- 'headers_sent__where' => !empty($apbct->headers_sent__where) ? $apbct->headers_sent__where : false,
263
- 'request_type' => isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'UNKNOWN',
264
- 'abpct_hyro_acc_collect' => !empty($_COOKIE['abpct_hyro_acc_collect']) ? json_decode(stripslashes($_COOKIE['abpct_hyro_acc_collect']), true): null,
265
- );
266
- }
267
-
268
- /**
269
- * Process visible fields for specific form to match the fields from request
270
- *
271
- * @param string $visible_fields
272
- *
273
- * @return string
274
- */
275
- function apbct_visibile_fields__process($visible_fields) {
276
- if(strpos($visible_fields, 'wpforms') !== false){
277
- $visible_fields = preg_replace(
278
- array('/\[/', '/\]/'),
279
- '',
280
- str_replace(
281
- '][',
282
- '_',
283
- str_replace(
284
- 'wpforms[fields]',
285
- '',
286
- $visible_fields
287
- )
288
- )
289
- );
290
- }
291
-
292
- return $visible_fields;
293
- }
294
-
295
- /*
296
- * Outputs JS key for AJAX-use only. Stops script.
297
- */
298
- function apbct_js_keys__get__ajax($direct_call = false){
299
- if(!$direct_call){
300
- if(isset($_POST['_ajax_nonce'])){
301
- if(!wp_verify_nonce($_POST['_ajax_nonce'], 'ct_secret_stuff')){
302
- wp_doing_ajax()
303
- ? wp_die( -1, 403 )
304
- : die( '-1' );
305
- }
306
- }else{
307
- wp_doing_ajax()
308
- ? wp_die( -1, 403 )
309
- : die( '-1' );
310
- }
311
- }
312
- die(json_encode(array(
313
- 'js_key' => ct_get_checkjs_value()
314
- )));
315
- }
316
-
317
- /**
318
- * Get ct_get_checkjs_value
319
- *
320
- * @param bool $random_key
321
- *
322
- * @return int|string|null
323
- */
324
- function ct_get_checkjs_value(){
325
-
326
- global $apbct;
327
-
328
- // Use static JS keys
329
- if($apbct->settings['use_static_js_key']){
330
- $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
331
-
332
- // Using dynamic JS keys
333
- }else{
334
-
335
- $keys = $apbct->data['js_keys'];
336
- $keys_checksum = md5(json_encode($keys));
337
-
338
- $key = null;
339
- $latest_key_time = 0;
340
-
341
- foreach ($keys as $k => $t) {
342
-
343
- // Removing key if it's to old
344
- if (time() - $t > $apbct->data['js_keys_store_days'] * 86400) {
345
- unset($keys[$k]);
346
- continue;
347
- }
348
-
349
- if ($t > $latest_key_time) {
350
- $latest_key_time = $t;
351
- $key = $k;
352
- }
353
- }
354
-
355
- // Set new key if the latest key is too old
356
- if (time() - $latest_key_time > $apbct->data['js_key_lifetime']) {
357
- $key = rand();
358
- $keys[$key] = time();
359
- }
360
-
361
- // Save keys if they were changed
362
- if (md5(json_encode($keys)) != $keys_checksum) {
363
- $apbct->data['js_keys'] = $keys;
364
- $apbct->saveData();
365
- }
366
- }
367
-
368
- return $key;
369
- }
370
-
371
- /**
372
- * Inner function - Current site admin e-mail
373
- * @return string Admin e-mail
374
- */
375
- function ct_get_admin_email() {
376
- global $admin_email;
377
- if(!isset($admin_email))
378
- {
379
- $admin_email = get_option('admin_email');
380
- }
381
- return $admin_email;
382
- }
383
-
384
- /**
385
- * Inner function - Current Cleantalk working server info
386
- * @return mixed[] Array of server data
387
- */
388
- function ct_get_server($force=false) {
389
- global $ct_server;
390
- if(!$force && isset($ct_server) && isset($ct_server['ct_work_url']) && !empty($ct_server['ct_work_url'])){
391
-
392
- return $ct_server;
393
-
394
- }else{
395
-
396
- $ct_server = get_option('cleantalk_server');
397
- if (!is_array($ct_server)){
398
- $ct_server = array(
399
- 'ct_work_url' => NULL,
400
- 'ct_server_ttl' => NULL,
401
- 'ct_server_changed' => NULL
402
- );
403
- }
404
- return $ct_server;
405
- }
406
- }
407
-
408
- /**
409
- * Inner function - Stores ang returns cleantalk hash of current comment
410
- * @param string New hash or NULL
411
- * @return string New hash or current hash depending on parameter
412
- */
413
- function ct_hash($new_hash = '') {
414
- /**
415
- * Current hash
416
- */
417
- static $hash;
418
-
419
- if (!empty($new_hash)) {
420
- $hash = $new_hash;
421
- }
422
- return $hash;
423
- }
424
-
425
- /**
426
- * Inner function - Write manual moderation results to PHP sessions
427
- * @param string $hash Cleantalk comment hash
428
- * @param string $message comment_content
429
- * @param int $allow flag good comment (1) or bad (0)
430
- * @return string comment_content w\o cleantalk resume
431
- */
432
- function ct_feedback($hash, $allow) {
433
- global $apbct;
434
-
435
- $ct_feedback = $hash . ':' . $allow . ';';
436
- if($apbct->data['feedback_request'])
437
- $apbct->data['feedback_request'] = $ct_feedback;
438
- else
439
- $apbct->data['feedback_request'] .= $ct_feedback;
440
-
441
- $apbct->saveData();
442
- }
443
-
444
- /**
445
- * Inner function - Sends the results of moderation
446
- * Scheduled in 3600 seconds!
447
- * @param string $feedback_request
448
- * @return bool
449
- */
450
- function ct_send_feedback($feedback_request = null) {
451
-
452
- global $apbct;
453
-
454
- if (empty($feedback_request) && isset($apbct->data['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $apbct->data['feedback_request'])){
455
- $feedback_request = $apbct->data['feedback_request'];
456
- $apbct->data['feedback_request'] = '';
457
- $apbct->saveData();
458
- }
459
-
460
- if ($feedback_request !== null) {
461
-
462
- $ct_request = new CleantalkRequest(array(
463
- // General
464
- 'auth_key' => $apbct->api_key,
465
- // Additional
466
- 'feedback' => $feedback_request,
467
- ));
468
-
469
- $ct = new Cleantalk();
470
-
471
- // Server URL handling
472
- $config = ct_get_server();
473
- $ct->server_url = APBCT_MODERATE_URL;
474
- $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
475
- $ct->server_ttl = $config['ct_server_ttl'];
476
- $ct->server_changed = $config['ct_server_changed'];
477
-
478
- $ct->sendFeedback($ct_request);
479
-
480
- if ($ct->server_change) {
481
- update_option(
482
- 'cleantalk_server',
483
- array(
484
- 'ct_work_url' => $ct->work_url,
485
- 'ct_server_ttl' => $ct->server_ttl,
486
- 'ct_server_changed' => time(),
487
- )
488
- );
489
- }
490
-
491
- return true;
492
- }
493
-
494
- return false;
495
- }
496
-
497
- /**
498
- * Delete old spam comments
499
- * Scheduled in 3600 seconds!
500
- * @return null
501
- */
502
- function ct_delete_spam_comments() {
503
-
504
- global $apbct;
505
-
506
- if ($apbct->settings['remove_old_spam'] == 1) {
507
- $last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
508
- foreach ($last_comments as $c) {
509
- if (time() - strtotime($c->comment_date_gmt) > 86400 * $apbct->settings['spam_store_days']) {
510
- // Force deletion old spam comments
511
- wp_delete_comment($c->comment_ID, true);
512
- }
513
- }
514
- }
515
-
516
- return null;
517
- }
518
-
519
- /*
520
- * Get data from an ARRAY recursively
521
- * @return array
522
- */
523
- function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
524
-
525
- //Skip request if fields exists
526
- $skip_params = array(
527
- 'ipn_track_id', // PayPal IPN #
528
- 'txn_type', // PayPal transaction type
529
- 'payment_status', // PayPal payment status
530
- 'ccbill_ipn', // CCBill IPN
531
- 'ct_checkjs', // skip ct_checkjs field
532
- 'api_mode', // DigiStore-API
533
- 'loadLastCommentId' // Plugin: WP Discuz. ticket_id=5571
534
- );
535
-
536
- // Fields to replace with ****
537
- $obfuscate_params = array(
538
- 'password',
539
- 'pass',
540
- 'pwd',
541
- 'pswd'
542
- );
543
-
544
- // Skip feilds with these strings and known service fields
545
- $skip_fields_with_strings = array(
546
- // Common
547
- 'ct_checkjs', //Do not send ct_checkjs
548
- 'nonce', //nonce for strings such as 'rsvp_nonce_name'
549
- 'security',
550
- // 'action',
551
- 'http_referer',
552
- 'referer-page',
553
- 'timestamp',
554
- 'captcha',
555
- // Formidable Form
556
- 'form_key',
557
- 'submit_entry',
558
- // Custom Contact Forms
559
- 'form_id',
560
- 'ccf_form',
561
- 'form_page',
562
- // Qu Forms
563
- 'iphorm_uid',
564
- 'form_url',
565
- 'post_id',
566
- 'iphorm_ajax',
567
- 'iphorm_id',
568
- // Fast SecureContact Froms
569
- 'fs_postonce_1',
570
- 'fscf_submitted',
571
- 'mailto_id',
572
- 'si_contact_action',
573
- // Ninja Forms
574
- 'formData_id',
575
- 'formData_settings',
576
- 'formData_fields_\d+_id',
577
- 'formData_fields_\d+_files.*',
578
- // E_signature
579
- 'recipient_signature',
580
- 'output_\d+_\w{0,2}',
581
- // Contact Form by Web-Settler protection
582
- '_formId',
583
- '_returnLink',
584
- // Social login and more
585
- '_save',
586
- '_facebook',
587
- '_social',
588
- 'user_login-',
589
- // Contact Form 7
590
- '_wpcf7',
591
- 'ebd_settings',
592
- 'ebd_downloads_',
593
- 'ecole_origine',
594
- );
595
-
596
- // Reset $message if we have a sign-up data
597
- $skip_message_post = array(
598
- 'edd_action', // Easy Digital Downloads
599
- );
600
-
601
- foreach($skip_params as $value){
602
- if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
603
- $contact = false;
604
- } unset($value);
605
-
606
- if(count($arr)){
607
-
608
- foreach($arr as $key => $value){
609
-
610
- if(gettype($value) == 'string'){
611
-
612
- $tmp = strpos($value, '\\') !== false ? stripslashes($value) : $value;
613
- $decoded_json_value = json_decode($tmp, true);
614
-
615
- // Decoding JSON
616
- if($decoded_json_value !== null){
617
- $value = $decoded_json_value;
618
-
619
- // Ajax Contact Forms. Get data from such strings:
620
- // acfw30_name %% Blocked~acfw30_email %% s@cleantalk.org
621
- // acfw30_textarea %% msg
622
- }elseif(preg_match('/^\S+\s%%\s\S+.+$/', $value)){
623
- $value = explode('~', $value);
624
- foreach ($value as &$val){
625
- $tmp = explode(' %% ', $val);
626
- $val = array($tmp[0] => $tmp[1]);
627
- }
628
- }
629
- }
630
-
631
- if(!is_array($value) && !is_object($value) && @get_class($value) != 'WP_User'){
632
-
633
- if (in_array($key, $skip_params, true) && $key != 0 && $key != '' || preg_match("/^ct_checkjs/", $key))
634
- $contact = false;
635
-
636
- if($value === '')
637
- continue;
638
-
639
- // Skipping fields names with strings from (array)skip_fields_with_strings
640
- foreach($skip_fields_with_strings as $needle){
641
- if (preg_match("/".$needle."/", $prev_name.$key) == 1){
642
- continue(2);
643
- }
644
- }unset($needle);
645
-
646
- // Obfuscating params
647
- foreach($obfuscate_params as $needle){
648
- if (strpos($key, $needle) !== false){
649
- $value = ct_obfuscate_param($value);
650
- continue(2);
651
- }
652
- }unset($needle);
653
-
654
- // Removes shortcodes to do better spam filtration on server side.
655
- $value = strip_shortcodes($value);
656
-
657
- // Decodes URL-encoded data to string.
658
- $value = urldecode($value);
659
-
660
- // Email
661
- if (!$email && preg_match("/^\S+@\S+\.\S+$/", $value)){
662
- $email = $value;
663
-
664
- // Names
665
- }elseif (preg_match("/name/i", $key)){
666
-
667
- preg_match("/((name.?)?(your|first|for)(.?name)?)$/", $key, $match_forename);
668
- preg_match("/((name.?)?(last|family|second|sur)(.?name)?)$/", $key, $match_surname);
669
- preg_match("/^(name.?)?(nick|user)(.?name)?$/", $key, $match_nickname);
670
-
671
- if(count($match_forename) > 1)
672
- $nickname['first'] = $value;
673
- elseif(count($match_surname) > 1)
674
- $nickname['last'] = $value;
675
- elseif(count($match_nickname) > 1)
676
- $nickname['nick'] = $value;
677
- else
678
- $message[$prev_name.$key] = $value;
679
-
680
- // Subject
681
- }elseif ($subject === null && preg_match("/subject/i", $key)){
682
- $subject = $value;
683
-
684
- // Message
685
- }else{
686
- $message[$prev_name.$key] = $value;
687
- }
688
-
689
- }elseif(!is_object($value) && @get_class($value) != 'WP_User'){
690
-
691
- $prev_name_original = $prev_name;
692
- $prev_name = ($prev_name === '' ? $key.'_' : $prev_name.$key.'_');
693
-
694
- $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
695
-
696
- $message = $temp['message'];
697
- $email = ($temp['email'] ? $temp['email'] : null);
698
- $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
699
- $subject = ($temp['subject'] ? $temp['subject'] : null);
700
- if($contact === true)
701
- $contact = ($temp['contact'] === false ? false : true);
702
- $prev_name = $prev_name_original;
703
- }
704
- } unset($key, $value);
705
- }
706
-
707
- foreach ($skip_message_post as $v) {
708
- if (isset($_POST[$v])) {
709
- $message = null;
710
- break;
711
- }
712
- } unset($v);
713
-
714
- //If top iteration, returns compiled name field. Example: "Nickname Firtsname Lastname".
715
- if($prev_name === ''){
716
- if(!empty($nickname)){
717
- $nickname_str = '';
718
- foreach($nickname as $value){
719
- $nickname_str .= ($value ? $value." " : "");
720
- }unset($value);
721
- }
722
- $nickname = $nickname_str;
723
- }
724
-
725
- $return_param = array(
726
- 'email' => $email,
727
- 'nickname' => $nickname,
728
- 'subject' => $subject,
729
- 'contact' => $contact,
730
- 'message' => $message
731
- );
732
- return $return_param;
733
- }
734
-
735
- /**
736
- * Masks a value with asterisks (*)
737
- * @return string
738
- */
739
- function ct_obfuscate_param($value = null) {
740
- if ($value && (!is_object($value) || !is_array($value))) {
741
- $length = strlen($value);
742
- $value = str_repeat('*', $length);
743
- }
744
-
745
- return $value;
746
- }
747
-
748
- //New ct_get_fields_any_postdata
749
- function ct_get_fields_any_postdata($arr, $message=array()){
750
- $skip_params = array(
751
- 'ipn_track_id', // PayPal IPN #
752
- 'txn_type', // PayPal transaction type
753
- 'payment_status', // PayPal payment status
754
- );
755
-
756
- foreach($arr as $key => $value){
757
- if(!is_array($value)){
758
- if($value == '')
759
- continue;
760
- if (!(in_array($key, $skip_params) || preg_match("/^ct_checkjs/", $key)) && $value!='')
761
- $message[$key] = $value;
762
- }else{
763
- $temp = ct_get_fields_any_postdata($value);
764
- $message = (count($temp) == 0 ? $message : array_merge($message, $temp));
765
- }
766
- }
767
- return $message;
768
- }
769
-
770
- /*
771
- * Check if Array has keys with restricted names
772
- */
773
-
774
- $ct_check_post_result=false;
775
-
776
- function ct_check_array_keys_loop($key){
777
-
778
- global $ct_check_post_result;
779
-
780
- $strict = Array('members_search_submit');
781
-
782
- for($i=0;$i<sizeof($strict);$i++){
783
-
784
- if(stripos($key,$strict[$i])!== false)
785
- $ct_check_post_result = true;
786
-
787
- }
788
- }
789
-
790
- function ct_check_array_keys($arr){
791
-
792
- global $ct_check_post_result;
793
-
794
- if(!is_array($arr))
795
- return $ct_check_post_result;
796
-
797
- foreach($arr as $key=>$value){
798
-
799
- if(!is_array($value))
800
- ct_check_array_keys_loop($key);
801
- else
802
- ct_check_array_keys($value);
803
-
804
- }
805
-
806
- return $ct_check_post_result;
807
- }
808
-
809
- function check_url_exclusions($exclusions = NULL){
810
-
811
- global $cleantalk_url_exclusions;
812
-
813
- if ((isset($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions) && sizeof($cleantalk_url_exclusions)>0) ||
814
- ($exclusions !== NULL && is_array($exclusions) && sizeof($exclusions)>0)
815
- ){
816
-
817
- // Fix for AJAX forms
818
- $haystack = $_SERVER['REQUEST_URI'] == '/wp-admin/admin-ajax.php' && !empty($_SERVER['HTTP_REFERER'])
819
- ? $_SERVER['HTTP_REFERER']
820
- : $_SERVER['REQUEST_URI'];
821
-
822
- foreach($cleantalk_url_exclusions as $value){
823
- if(stripos($haystack, $value) !== false){
824
- return true;
825
- }
826
- }
827
- }
828
-
829
- return false;
830
- }
831
-
832
- function check_ip_exclusions($exclusions = NULL){
833
-
834
- global $cleantalk_ip_exclusions;
835
-
836
- if ((isset($cleantalk_ip_exclusions) && is_array($cleantalk_ip_exclusions) && sizeof($cleantalk_ip_exclusions)>0) ||
837
- ($exclusions !== NULL && is_array($exclusions) && sizeof($exclusions)>0)
838
- ){
839
- foreach($cleantalk_ip_exclusions as $key => $value){
840
- if(stripos($_SERVER['REMOTE_ADDR'], $value) !== false){
841
- return true;
842
- }
843
- }
844
- }
845
-
846
- return false;
847
- }
848
-
849
- function ct_filter_array(&$data)
850
- {
851
- global $cleantalk_key_exclusions;
852
-
853
- if(isset($cleantalk_key_exclusions) && sizeof($cleantalk_key_exclusions) > 0 && is_array($data)){
854
-
855
- foreach($data as $key => $value){
856
-
857
- if(!is_array($value)){
858
- if(in_array($key,$cleantalk_key_exclusions)){
859
- unset($data[$key]);
860
- }
861
- }else{
862
- $data[$key] = ct_filter_array($value);
863
- }
864
- }
865
-
866
- return $data;
867
-
868
- }else{
869
- return $data;
870
- }
871
- }
872
-
873
-
874
- function cleantalk_debug($key,$value)
875
- {
876
- if(isset($_COOKIE) && isset($_COOKIE['cleantalk_debug']))
877
- {
878
- @header($key.": ".$value);
879
- }
880
- }
881
-
882
- /**
883
- * Function changes CleanTalk result object if an error occured.
884
- * @return object
885
- */
886
- function ct_change_plugin_resonse($ct_result = null, $checkjs = null) {
887
-
888
- global $apbct;
889
-
890
- if (!$ct_result) {
891
- return $ct_result;
892
- }
893
-
894
- if(@intval($ct_result->errno) != 0)
895
- {
896
- if($checkjs === null || $checkjs != 1)
897
- {
898
- $ct_result->allow = 0;
899
- $ct_result->spam = 1;
900
- $ct_result->comment = sprintf('We\'ve got an issue: %s. Forbidden. Please, enable Javascript. %s.',
901
- $ct_result->comment,
902
- $apbct->plugin_name
903
- );
904
- }
905
- else
906
- {
907
- $ct_result->allow = 1;
908
- $ct_result->comment = 'Allow';
909
- }
910
- }
911
-
912
- return $ct_result;
913
- }
914
-
915
- /**
916
- * Does key has correct symbols? Checks against regexp ^[a-z\d]{3,15}$
917
- * @param api_key
918
- * @return bool
919
- */
920
- function apbct_api_key__is_correct($api_key = null)
921
- {
922
- global $apbct;
923
- $api_key = $api_key !== null ? $api_key : $apbct->api_key;
924
- return $api_key && preg_match('/^[a-z\d]{3,15}$/', $api_key) ? true : false;
925
- }
926
-
927
- function apbct_add_async_attribute($tag, $handle, $src) {
928
-
929
- global $apbct;
930
-
931
- if(
932
- $apbct->settings['async_js'] &&
933
- (
934
- $handle === 'ct_public'
935
- || $handle === 'ct_public_gdpr'
936
- || $handle === 'ct_debug_js'
937
- || $handle === 'ct_public_admin_js'
938
- || $handle === 'ct_internal'
939
- || $handle === 'ct_external'
940
- || $handle === 'ct_nocache'
941
- )
942
- )
943
- return str_replace( ' src', ' async="async" src', $tag );
944
- else
945
- return $tag;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
946
  }
1
+ <?php
2
+
3
+ $ct_checkjs_frm = 'ct_checkjs_frm';
4
+ $ct_checkjs_register_form = 'ct_checkjs_register_form';
5
+
6
+ $apbct_cookie_request_id_label = 'request_id';
7
+ $apbct_cookie_register_ok_label = 'register_ok';
8
+
9
+ $ct_checkjs_cf7 = 'ct_checkjs_cf7';
10
+ $ct_cf7_comment = '';
11
+
12
+ $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
13
+ $ct_jpcf_patched = false;
14
+ $ct_jpcf_fields = array('name', 'email');
15
+
16
+ // Comment already proccessed
17
+ $ct_comment_done = false;
18
+
19
+ // Comment already proccessed
20
+ $ct_signup_done = false;
21
+
22
+ //Contains registration error
23
+ $ct_registration_error_comment = false;
24
+
25
+ // Default value for JS test
26
+ $ct_checkjs_def = 0;
27
+
28
+ // COOKIE label to store request id for last approved
29
+ $ct_approved_request_id_label = 'ct_approved_request_id';
30
+
31
+ // Last request id approved for publication
32
+ $ct_approved_request_id = null;
33
+
34
+ // Trial notice show time in minutes
35
+ $trial_notice_showtime = 10;
36
+
37
+ // Renew notice show time in minutes
38
+ $renew_notice_showtime = 10;
39
+
40
+ // COOKIE label for WP Landing Page proccessing result
41
+ $ct_wplp_result_label = 'ct_wplp_result';
42
+
43
+ // Flag indicates active JetPack comments
44
+ $ct_jp_comments = false;
45
+
46
+ // WP admin email notice interval in seconds
47
+ $ct_admin_notoice_period = 21600;
48
+
49
+ // Sevice negative comment to visitor.
50
+ // It uses for BuddyPress registrations to avoid double checks
51
+ $ct_negative_comment = null;
52
+
53
+ // Set globals to NULL to avoid massive DB requests. Globals will be set when needed only and by accessors only.
54
+ $ct_server = NULL;
55
+ $admin_email = NULL;
56
+
57
+ /**
58
+ * Public action 'plugins_loaded' - Loads locale, see http://codex.wordpress.org/Function_Reference/load_plugin_textdomain
59
+ */
60
+ function apbct_plugin_loaded() {
61
+ $dir=plugin_basename( dirname( __FILE__ ) ) . '/../i18n';
62
+ $loaded=load_plugin_textdomain('cleantalk', false, $dir);
63
+ }
64
+
65
+ /**
66
+ * Inner function - Request's wrapper for anything
67
+ * @param array Array of parameters:
68
+ * 'message' - string
69
+ * 'example' - string
70
+ * 'checkjs' - int
71
+ * 'sender_email' - string
72
+ * 'sender_nickname' - string
73
+ * 'sender_info' - array
74
+ * 'post_info' - string
75
+ * @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
76
+ */
77
+ function apbct_base_call($params = array(), $reg_flag = false){
78
+
79
+ global $apbct, $cleantalk_executed;
80
+
81
+ $cleantalk_executed = true;
82
+
83
+ $sender_info = !empty($params['sender_info'])
84
+ ? CleantalkHelper::array_merge__save_numeric_keys__recursive(apbct_get_sender_info(), (array)$params['sender_info'])
85
+ : apbct_get_sender_info();
86
+
87
+ !empty($params['message'])
88
+ ? $params['message'] = ct_filter_array($params['message'])
89
+ : null;
90
+
91
+ $default_params = array(
92
+
93
+ // IPs
94
+ 'sender_ip' => defined('CT_TEST_IP') ? CT_TEST_IP : (isset($params['sender_ip']) ? $params['sender_ip'] : CleantalkHelper::ip__get(array('real'), false)),
95
+ 'x_forwarded_for' => CleantalkHelper::ip__get(array('x_forwarded_for'), false),
96
+ 'x_real_ip' => CleantalkHelper::ip__get(array('x_real_ip'), false),
97
+
98
+ // Misc
99
+ 'auth_key' => $apbct->api_key,
100
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE) ? 1 : apbct_js_test('ct_checkjs', $_POST),
101
+
102
+ 'agent' => APBCT_AGENT,
103
+ 'sender_info' => $sender_info,
104
+ 'submit_time' => apbct_get_submit_time(),
105
+ );
106
+
107
+ // Send $_SERVER if couldn't find IP
108
+ if(empty($default_params['sender_ip']))
109
+ $default_params['sender_info']['server_info'] = $_SERVER;
110
+
111
+ $ct_request = new CleantalkRequest(
112
+ CleantalkHelper::array_merge__save_numeric_keys__recursive($default_params, $params)
113
+ );
114
+
115
+ $ct = new Cleantalk();
116
+
117
+ $ct->use_bultin_api = $apbct->settings['use_buitin_http_api'] ? true : false;
118
+ $ct->ssl_on = $apbct->settings['ssl_on'];
119
+ $ct->ssl_path = APBCT_CASERT_PATH;
120
+
121
+ // Options store url without shceme because of DB error with ''://'
122
+ $config = ct_get_server();
123
+ $ct->server_url = APBCT_MODERATE_URL;
124
+ $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
125
+ $ct->server_ttl = $config['ct_server_ttl'];
126
+ $ct->server_changed = $config['ct_server_changed'];
127
+
128
+ $start = microtime(true);
129
+ $ct_result = $reg_flag
130
+ ? @$ct->isAllowUser($ct_request)
131
+ : @$ct->isAllowMessage($ct_request);
132
+ $exec_time = microtime(true) - $start;
133
+
134
+ // Statistics
135
+ // Average request time
136
+ apbct_statistics__rotate($exec_time);
137
+ // Last request
138
+ $apbct->stats['last_request']['time'] = time();
139
+ $apbct->stats['last_request']['server'] = $ct->work_url;
140
+ $apbct->save('stats');
141
+
142
+ // Connection reports
143
+ if ($ct_result->errno === 0 && empty($ct_result->errstr))
144
+ $apbct->data['connection_reports']['success']++;
145
+ else
146
+ {
147
+ $apbct->data['connection_reports']['negative']++;
148
+ $apbct->data['connection_reports']['negative_report'][] = array(
149
+ 'date' => date("Y-m-d H:i:s"),
150
+ 'page_url' => $_SERVER['REQUEST_URI'],
151
+ 'lib_report' => $ct_result->errstr,
152
+ 'work_url' => $ct->work_url,
153
+ );
154
+
155
+ if(count($apbct->data['connection_reports']['negative_report']) > 20)
156
+ $apbct->data['connection_reports']['negative_report'] = array_slice($apbct->data['connection_reports']['negative_report'], -20, 20);
157
+
158
+ }
159
+
160
+ if ($ct->server_change) {
161
+ update_option(
162
+ 'cleantalk_server',
163
+ array(
164
+ 'ct_work_url' => $ct->work_url,
165
+ 'ct_server_ttl' => $ct->server_ttl,
166
+ 'ct_server_changed' => time(),
167
+ )
168
+ );
169
+ }
170
+
171
+ $ct_result = ct_change_plugin_resonse($ct_result, $ct_request->js_on);
172
+
173
+ // Restart submit form counter for failed requests
174
+ if ($ct_result->allow == 0){
175
+ apbct_cookie(); // Setting page timer and cookies
176
+ ct_add_event('no');
177
+ }else{
178
+ ct_add_event('yes');
179
+ }
180
+
181
+ // Set cookies if it's not.
182
+ if(empty($apbct->flags__cookies_setuped))
183
+ apbct_cookie();
184
+
185
+ return array('ct' => $ct, 'ct_result' => $ct_result);
186
+
187
+ }
188
+
189
+ function apbct_base__check_exlusions($func = null){
190
+
191
+ global $apbct, $cleantalk_executed;
192
+
193
+ // Common exclusions
194
+ if(
195
+ apbct_check_ip_exclusions() ||
196
+ apbct_check_url_exclusions() ||
197
+ $cleantalk_executed
198
+ )
199
+ return true;
200
+
201
+ // Personal exclusions
202
+ switch ($func){
203
+ case 'ct_contact_form_validate_postdata':
204
+ if(
205
+ (defined( 'DOING_AJAX' ) && DOING_AJAX) ||
206
+ apbct_does_array_has_key__recursive($_POST)
207
+ )
208
+ return true;
209
+ break;
210
+ case 'ct_contact_form_validate':
211
+ if(
212
+ apbct_does_array_has_key__recursive($_POST)
213
+ )
214
+ return true;
215
+ break;
216
+ default:
217
+ return false;
218
+ break;
219
+ }
220
+
221
+ return false;
222
+ }
223
+
224
+ /**
225
+ * Inner function - Default data array for senders
226
+ * @return array
227
+ */
228
+ function apbct_get_sender_info() {
229
+
230
+ global $apbct;
231
+
232
+ // Validate cookie from the backend
233
+ $cookie_is_ok = apbct_cookies_test();
234
+
235
+ $referer_previous = $apbct->settings['set_cookies__sessions']
236
+ ? apbct_alt_session__get('apbct_prev_referer')
237
+ : filter_input(INPUT_COOKIE, 'apbct_prev_referer');
238
+
239
+ $site_landing_ts = $apbct->settings['set_cookies__sessions']
240
+ ? apbct_alt_session__get('apbct_site_landing_ts')
241
+ : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
242
+
243
+ $page_hits = $apbct->settings['set_cookies__sessions']
244
+ ? apbct_alt_session__get('apbct_page_hits')
245
+ : filter_input(INPUT_COOKIE, 'apbct_page_hits');
246
+
247
+ if (count($_POST) > 0) {
248
+ foreach ($_POST as $k => $v) {
249
+ if (preg_match("/^(ct_check|checkjs).+/", $k)) {
250
+ $checkjs_data_post = $v;
251
+ }
252
+ }
253
+ }
254
+
255
+ // AMP check
256
+ $amp_detected = isset($_SERVER['HTTP_REFERER'])
257
+ ? strpos($_SERVER['HTTP_REFERER'], '/amp/') !== false || strpos($_SERVER['HTTP_REFERER'], '?amp=1') !== false || strpos($_SERVER['HTTP_REFERER'], '&amp=1') !== false
258
+ ? 1
259
+ : 0
260
+ : null;
261
+
262
+ $site_referer = $apbct->settings['store_urls__sessions']
263
+ ? apbct_alt_session__get('apbct_site_referer')
264
+ : filter_input(INPUT_COOKIE, 'apbct_site_referer');
265
+
266
+ $urls = $apbct->settings['store_urls__sessions']
267
+ ? (array)apbct_alt_session__get('apbct_urls')
268
+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
269
+
270
+ return array(
271
+ 'remote_addr' => CleantalkHelper::ip__get(array('remote_addr'), false),
272
+ 'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
273
+ 'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT']) : null,
274
+ 'page_url' => isset($_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI']) ? htmlspecialchars($_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']) : null,
275
+ 'cms_lang' => substr(get_locale(), 0, 2),
276
+ 'ct_options' => json_encode($apbct->settings),
277
+ 'fields_number' => sizeof($_POST),
278
+ 'direct_post' => $cookie_is_ok === null && $_SERVER['REQUEST_METHOD'] == 'POST' ? 1 : 0,
279
+ // Raw data to validated JavaScript test in the cloud
280
+ 'checkjs_data_cookies' => !empty($_COOKIE['ct_checkjs']) ? $_COOKIE['ct_checkjs'] : null,
281
+ 'checkjs_data_post' => !empty($checkjs_data_post) ? $checkjs_data_post : null,
282
+ // PHP cookies
283
+ 'cookies_enabled' => $cookie_is_ok,
284
+ 'REFFERRER_PREVIOUS' => !empty($referer_previous) && $cookie_is_ok ? $referer_previous : null,
285
+ 'site_landing_ts' => !empty($site_landing_ts) && $cookie_is_ok ? $site_landing_ts : null,
286
+ 'page_hits' => !empty($page_hits) ? $page_hits : null,
287
+ // JS cookies
288
+ 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info']), true) : null,
289
+ 'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
290
+ 'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
291
+ 'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,
292
+ 'page_set_timestamp' => !empty($_COOKIE['ct_ps_timestamp']) ? $_COOKIE['ct_ps_timestamp'] : null,
293
+ 'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
294
+ 'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? apbct_visibile_fields__process($_COOKIE['apbct_visible_fields']) : null,
295
+ // Misc
296
+ 'site_referer' => !empty($site_referer) ? $site_referer : null,
297
+ 'source_url' => !empty($urls) ? json_encode($urls) : null,
298
+ // Debug stuff
299
+ 'amp_detected' => $amp_detected,
300
+ 'hook' => current_action(),
301
+ 'headers_sent' => !empty($apbct->headers_sent) ? $apbct->headers_sent : false,
302
+ 'headers_sent__hook' => !empty($apbct->headers_sent__hook) ? $apbct->headers_sent__hook : false,
303
+ 'headers_sent__where' => !empty($apbct->headers_sent__where) ? $apbct->headers_sent__where : false,
304
+ 'request_type' => isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : 'UNKNOWN',
305
+ 'abpct_hyro_acc_collect' => !empty($_COOKIE['abpct_hyro_acc_collect']) ? json_decode(stripslashes($_COOKIE['abpct_hyro_acc_collect']), true): null,
306
+ );
307
+ }
308
+
309
+ /**
310
+ * Process visible fields for specific form to match the fields from request
311
+ *
312
+ * @param string $visible_fields
313
+ *
314
+ * @return string
315
+ */
316
+ function apbct_visibile_fields__process($visible_fields) {
317
+ if(strpos($visible_fields, 'wpforms') !== false){
318
+ $visible_fields = preg_replace(
319
+ array('/\[/', '/\]/'),
320
+ '',
321
+ str_replace(
322
+ '][',
323
+ '_',
324
+ str_replace(
325
+ 'wpforms[fields]',
326
+ '',
327
+ $visible_fields
328
+ )
329
+ )
330
+ );
331
+ }
332
+
333
+ return $visible_fields;
334
+ }
335
+
336
+ /*
337
+ * Outputs JS key for AJAX-use only. Stops script.
338
+ */
339
+ function apbct_js_keys__get__ajax($direct_call = false){
340
+ if(!$direct_call){
341
+ if(isset($_POST['_ajax_nonce'])){
342
+ if(!wp_verify_nonce($_POST['_ajax_nonce'], 'ct_secret_stuff')){
343
+ wp_doing_ajax()
344
+ ? wp_die( -1, 403 )
345
+ : die( '-1' );
346
+ }
347
+ }else{
348
+ wp_doing_ajax()
349
+ ? wp_die( -1, 403 )
350
+ : die( '-1' );
351
+ }
352
+ }
353
+ die(json_encode(array(
354
+ 'js_key' => ct_get_checkjs_value()
355
+ )));
356
+ }
357
+
358
+ /**
359
+ * Get ct_get_checkjs_value
360
+ *
361
+ * @param bool $random_key
362
+ *
363
+ * @return int|string|null
364
+ */
365
+ function ct_get_checkjs_value(){
366
+
367
+ global $apbct;
368
+
369
+ // Use static JS keys
370
+ if($apbct->settings['use_static_js_key']){
371
+ $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
372
+
373
+ // Using dynamic JS keys
374
+ }else{
375
+
376
+ $keys = $apbct->data['js_keys'];
377
+ $keys_checksum = md5(json_encode($keys));
378
+
379
+ $key = null;
380
+ $latest_key_time = 0;
381
+
382
+ foreach ($keys as $k => $t) {
383
+
384
+ // Removing key if it's to old
385
+ if (time() - $t > $apbct->data['js_keys_store_days'] * 86400) {
386
+ unset($keys[$k]);
387
+ continue;
388
+ }
389
+
390
+ if ($t > $latest_key_time) {
391
+ $latest_key_time = $t;
392
+ $key = $k;
393
+ }
394
+ }
395
+
396
+ // Set new key if the latest key is too old
397
+ if (time() - $latest_key_time > $apbct->data['js_key_lifetime']) {
398
+ $key = rand();
399
+ $keys[$key] = time();
400
+ }
401
+
402
+ // Save keys if they were changed
403
+ if (md5(json_encode($keys)) != $keys_checksum) {
404
+ $apbct->data['js_keys'] = $keys;
405
+ $apbct->saveData();
406
+ }
407
+ }
408
+
409
+ return $key;
410
+ }
411
+
412
+ /**
413
+ * Inner function - Current site admin e-mail
414
+ * @return string Admin e-mail
415
+ */
416
+ function ct_get_admin_email() {
417
+ global $admin_email;
418
+ if(!isset($admin_email))
419
+ {
420
+ $admin_email = get_option('admin_email');
421
+ }
422
+ return $admin_email;
423
+ }
424
+
425
+ /**
426
+ * Inner function - Current Cleantalk working server info
427
+ * @return mixed[] Array of server data
428
+ */
429
+ function ct_get_server($force=false) {
430
+ global $ct_server;
431
+ if(!$force && isset($ct_server) && isset($ct_server['ct_work_url']) && !empty($ct_server['ct_work_url'])){
432
+
433
+ return $ct_server;
434
+
435
+ }else{
436
+
437
+ $ct_server = get_option('cleantalk_server');
438
+ if (!is_array($ct_server)){
439
+ $ct_server = array(
440
+ 'ct_work_url' => NULL,
441
+ 'ct_server_ttl' => NULL,
442
+ 'ct_server_changed' => NULL
443
+ );
444
+ }
445
+ return $ct_server;
446
+ }
447
+ }
448
+
449
+ /**
450
+ * Inner function - Stores ang returns cleantalk hash of current comment
451
+ * @param string New hash or NULL
452
+ * @return string New hash or current hash depending on parameter
453
+ */
454
+ function ct_hash($new_hash = '') {
455
+ /**
456
+ * Current hash
457
+ */
458
+ static $hash;
459
+
460
+ if (!empty($new_hash)) {
461
+ $hash = $new_hash;
462
+ }
463
+ return $hash;
464
+ }
465
+
466
+ /**
467
+ * Inner function - Write manual moderation results to PHP sessions
468
+ * @param string $hash Cleantalk comment hash
469
+ * @param string $message comment_content
470
+ * @param int $allow flag good comment (1) or bad (0)
471
+ * @return string comment_content w\o cleantalk resume
472
+ */
473
+ function ct_feedback($hash, $allow) {
474
+ global $apbct;
475
+
476
+ $ct_feedback = $hash . ':' . $allow . ';';
477
+ if($apbct->data['feedback_request'])
478
+ $apbct->data['feedback_request'] = $ct_feedback;
479
+ else
480
+ $apbct->data['feedback_request'] .= $ct_feedback;
481
+
482
+ $apbct->saveData();
483
+ }
484
+
485
+ /**
486
+ * Inner function - Sends the results of moderation
487
+ * Scheduled in 3600 seconds!
488
+ * @param string $feedback_request
489
+ * @return bool
490
+ */
491
+ function ct_send_feedback($feedback_request = null) {
492
+
493
+ global $apbct;
494
+
495
+ if (empty($feedback_request) && isset($apbct->data['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $apbct->data['feedback_request'])){
496
+ $feedback_request = $apbct->data['feedback_request'];
497
+ $apbct->data['feedback_request'] = '';
498
+ $apbct->saveData();
499
+ }
500
+
501
+ if ($feedback_request !== null) {
502
+
503
+ $ct_request = new CleantalkRequest(array(
504
+ // General
505
+ 'auth_key' => $apbct->api_key,
506
+ // Additional
507
+ 'feedback' => $feedback_request,
508
+ ));
509
+
510
+ $ct = new Cleantalk();
511
+
512
+ // Server URL handling
513
+ $config = ct_get_server();
514
+ $ct->server_url = APBCT_MODERATE_URL;
515
+ $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
516
+ $ct->server_ttl = $config['ct_server_ttl'];
517
+ $ct->server_changed = $config['ct_server_changed'];
518
+
519
+ $ct->sendFeedback($ct_request);
520
+
521
+ if ($ct->server_change) {
522
+ update_option(
523
+ 'cleantalk_server',
524
+ array(
525
+ 'ct_work_url' => $ct->work_url,
526
+ 'ct_server_ttl' => $ct->server_ttl,
527
+ 'ct_server_changed' => time(),
528
+ )
529
+ );
530
+ }
531
+
532
+ return true;
533
+ }
534
+
535
+ return false;
536
+ }
537
+
538
+ /**
539
+ * Delete old spam comments
540
+ * Scheduled in 3600 seconds!
541
+ * @return null
542
+ */
543
+ function ct_delete_spam_comments() {
544
+
545
+ global $apbct;
546
+
547
+ if ($apbct->settings['remove_old_spam'] == 1) {
548
+ $last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
549
+ foreach ($last_comments as $c) {
550
+ $comment_date_gmt = strtotime($c->comment_date_gmt);
551
+ if ($comment_date_gmt && is_numeric($comment_date_gmt)) {
552
+ if (time() - $comment_date_gmt > 86400 * $apbct->settings['spam_store_days']) {
553
+ // Force deletion old spam comments
554
+ wp_delete_comment($c->comment_ID, true);
555
+ }
556
+ }
557
+ }
558
+ }
559
+
560
+ return null;
561
+ }
562
+
563
+ /*
564
+ * Get data from an ARRAY recursively
565
+ * @return array
566
+ */
567
+ function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
568
+
569
+ //Skip request if fields exists
570
+ $skip_params = array(
571
+ 'ipn_track_id', // PayPal IPN #
572
+ 'txn_type', // PayPal transaction type
573
+ 'payment_status', // PayPal payment status
574
+ 'ccbill_ipn', // CCBill IPN
575
+ 'ct_checkjs', // skip ct_checkjs field
576
+ 'api_mode', // DigiStore-API
577
+ 'loadLastCommentId' // Plugin: WP Discuz. ticket_id=5571
578
+ );
579
+
580
+ // Fields to replace with ****
581
+ $obfuscate_params = array(
582
+ 'password',
583
+ 'pass',
584
+ 'pwd',
585
+ 'pswd'
586
+ );
587
+
588
+ // Skip feilds with these strings and known service fields
589
+ $skip_fields_with_strings = array(
590
+ // Common
591
+ 'ct_checkjs', //Do not send ct_checkjs
592
+ 'nonce', //nonce for strings such as 'rsvp_nonce_name'
593
+ 'security',
594
+ // 'action',
595
+ 'http_referer',
596
+ 'referer-page',
597
+ 'timestamp',
598
+ 'captcha',
599
+ // Formidable Form
600
+ 'form_key',
601
+ 'submit_entry',
602
+ // Custom Contact Forms
603
+ 'form_id',
604
+ 'ccf_form',
605
+ 'form_page',
606
+ // Qu Forms
607
+ 'iphorm_uid',
608
+ 'form_url',
609
+ 'post_id',
610
+ 'iphorm_ajax',
611
+ 'iphorm_id',
612
+ // Fast SecureContact Froms
613
+ 'fs_postonce_1',
614
+ 'fscf_submitted',
615
+ 'mailto_id',
616
+ 'si_contact_action',
617
+ // Ninja Forms
618
+ 'formData_id',
619
+ 'formData_settings',
620
+ 'formData_fields_\d+_id',
621
+ 'formData_fields_\d+_files.*',
622
+ // E_signature
623
+ 'recipient_signature',
624
+ 'output_\d+_\w{0,2}',
625
+ // Contact Form by Web-Settler protection
626
+ '_formId',
627
+ '_returnLink',
628
+ // Social login and more
629
+ '_save',
630
+ '_facebook',
631
+ '_social',
632
+ 'user_login-',
633
+ // Contact Form 7
634
+ '_wpcf7',
635
+ 'ebd_settings',
636
+ 'ebd_downloads_',
637
+ 'ecole_origine',
638
+ );
639
+
640
+ // Reset $message if we have a sign-up data
641
+ $skip_message_post = array(
642
+ 'edd_action', // Easy Digital Downloads
643
+ );
644
+
645
+ foreach($skip_params as $value){
646
+ if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
647
+ $contact = false;
648
+ } unset($value);
649
+
650
+ if(count($arr)){
651
+
652
+ foreach($arr as $key => $value){
653
+
654
+ if(gettype($value) == 'string'){
655
+
656
+ $tmp = strpos($value, '\\') !== false ? stripslashes($value) : $value;
657
+ $decoded_json_value = json_decode($tmp, true);
658
+
659
+ // Decoding JSON
660
+ if($decoded_json_value !== null){
661
+ $value = $decoded_json_value;
662
+
663
+ // Ajax Contact Forms. Get data from such strings:
664
+ // acfw30_name %% Blocked~acfw30_email %% s@cleantalk.org
665
+ // acfw30_textarea %% msg
666
+ }elseif(preg_match('/^\S+\s%%\s\S+.+$/', $value)){
667
+ $value = explode('~', $value);
668
+ foreach ($value as &$val){
669
+ $tmp = explode(' %% ', $val);
670
+ $val = array($tmp[0] => $tmp[1]);
671
+ }
672
+ }
673
+ }
674
+
675
+ if(!is_array($value) && !is_object($value) && @get_class($value) != 'WP_User'){
676
+
677
+ if (in_array($key, $skip_params, true) && $key != 0 && $key != '' || preg_match("/^ct_checkjs/", $key))
678
+ $contact = false;
679
+
680
+ if($value === '')
681
+ continue;
682
+
683
+ // Skipping fields names with strings from (array)skip_fields_with_strings
684
+ foreach($skip_fields_with_strings as $needle){
685
+ if (preg_match("/".$needle."/", $prev_name.$key) == 1){
686
+ continue(2);
687
+ }
688
+ }unset($needle);
689
+
690
+ // Obfuscating params
691
+ foreach($obfuscate_params as $needle){
692
+ if (strpos($key, $needle) !== false){
693
+ $value = ct_obfuscate_param($value);
694
+ continue(2);
695
+ }
696
+ }unset($needle);
697
+
698
+ // Removes whitespaces
699
+ $value = urldecode( trim( strip_shortcodes( $value ) ) ); // Fully cleaned message
700
+ $value_for_email = trim( strip_shortcodes( $value ) ); // Removes shortcodes to do better spam filtration on server side.
701
+
702
+ // Email
703
+ if ( ! $email && preg_match( "/^\S+@\S+\.\S+$/", $value_for_email ) ) {
704
+ $email = $value_for_email;
705
+
706
+ // Names
707
+ }elseif (preg_match("/name/i", $key)){
708
+
709
+ preg_match("/((name.?)?(your|first|for)(.?name)?)$/", $key, $match_forename);
710
+ preg_match("/((name.?)?(last|family|second|sur)(.?name)?)$/", $key, $match_surname);
711
+ preg_match("/^(name.?)?(nick|user)(.?name)?$/", $key, $match_nickname);
712
+
713
+ if(count($match_forename) > 1)
714
+ $nickname['first'] = $value;
715
+ elseif(count($match_surname) > 1)
716
+ $nickname['last'] = $value;
717
+ elseif(count($match_nickname) > 1)
718
+ $nickname['nick'] = $value;
719
+ else
720
+ $message[$prev_name.$key] = $value;
721
+
722
+ // Subject
723
+ }elseif ($subject === null && preg_match("/subject/i", $key)){
724
+ $subject = $value;
725
+
726
+ // Message
727
+ }else{
728
+ $message[$prev_name.$key] = $value;
729
+ }
730
+
731
+ }elseif(!is_object($value) && @get_class($value) != 'WP_User'){
732
+
733
+ $prev_name_original = $prev_name;
734
+ $prev_name = ($prev_name === '' ? $key.'_' : $prev_name.$key.'_');
735
+
736
+ $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
737
+
738
+ $message = $temp['message'];
739
+ $email = ($temp['email'] ? $temp['email'] : null);
740
+ $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
741
+ $subject = ($temp['subject'] ? $temp['subject'] : null);
742
+ if($contact === true)
743
+ $contact = ($temp['contact'] === false ? false : true);
744
+ $prev_name = $prev_name_original;
745
+ }
746
+ } unset($key, $value);
747
+ }
748
+
749
+ foreach ($skip_message_post as $v) {
750
+ if (isset($_POST[$v])) {
751
+ $message = null;
752
+ break;
753
+ }
754
+ } unset($v);
755
+
756
+ //If top iteration, returns compiled name field. Example: "Nickname Firtsname Lastname".
757
+ if($prev_name === ''){
758
+ if(!empty($nickname)){
759
+ $nickname_str = '';
760
+ foreach($nickname as $value){
761
+ $nickname_str .= ($value ? $value." " : "");
762
+ }unset($value);
763
+ }
764
+ $nickname = $nickname_str;
765
+ }
766
+
767
+ $return_param = array(
768
+ 'email' => $email,
769
+ 'nickname' => $nickname,
770
+ 'subject' => $subject,
771
+ 'contact' => $contact,
772
+ 'message' => $message
773
+ );
774
+ return $return_param;
775
+ }
776
+
777
+ /**
778
+ * Masks a value with asterisks (*)
779
+ * @return string
780
+ */
781
+ function ct_obfuscate_param($value = null) {
782
+ if ($value && (!is_object($value) || !is_array($value))) {
783
+ $length = strlen($value);
784
+ $value = str_repeat('*', $length);
785
+ }
786
+
787
+ return $value;
788
+ }
789
+
790
+ //New ct_get_fields_any_postdata
791
+ function ct_get_fields_any_postdata($arr, $message=array()){
792
+ $skip_params = array(
793
+ 'ipn_track_id', // PayPal IPN #
794
+ 'txn_type', // PayPal transaction type
795
+ 'payment_status', // PayPal payment status
796
+ );
797
+
798
+ foreach($arr as $key => $value){
799
+ if(!is_array($value)){
800
+ if($value == '')
801
+ continue;
802
+ if (!(in_array($key, $skip_params) || preg_match("/^ct_checkjs/", $key)) && $value!='')
803
+ $message[$key] = $value;
804
+ }else{
805
+ $temp = ct_get_fields_any_postdata($value);
806
+ $message = (count($temp) == 0 ? $message : array_merge($message, $temp));
807
+ }
808
+ }
809
+ return $message;
810
+ }
811
+
812
+ /*
813
+ * Check if Array has keys with restricted names
814
+ */
815
+ function apbct_does_array_has_key__recursive( $arr ) {
816
+ foreach ( $arr as $key => $value ) {
817
+ if ( is_array( $value ) )
818
+ apbct_does_array_has_key__recursive( $value );
819
+ else{
820
+ $exclusions = Array( 'members_search_submit' );
821
+ foreach ( $exclusions as $exclusion ) {
822
+ if ( stripos( $key, $exclusion ) !== false ) {
823
+ return true;
824
+ }
825
+ }
826
+ }
827
+ }
828
+ return false;
829
+ }
830
+
831
+ /**
832
+ * Checks if reuqest URI is in exclusion list
833
+ *
834
+ * @return bool
835
+ */
836
+ function apbct_check_url_exclusions(){
837
+
838
+ global $cleantalk_url_exclusions;
839
+
840
+ if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)){
841
+
842
+ // Fix for AJAX forms
843
+ $haystack = $_SERVER['REQUEST_URI'] == '/wp-admin/admin-ajax.php' && !empty($_SERVER['HTTP_REFERER'])
844
+ ? $_SERVER['HTTP_REFERER']
845
+ : $_SERVER['REQUEST_URI'];
846
+
847
+ foreach($cleantalk_url_exclusions as $exclusion){
848
+ if(stripos($haystack, $exclusion) !== false){
849
+ return true;
850
+ }
851
+ }
852
+ }
853
+
854
+ return false;
855
+ }
856
+
857
+ /**
858
+ * Checks if sender_ip is in exclusion list
859
+ *
860
+ * @return bool
861
+ */
862
+ function apbct_check_ip_exclusions(){
863
+
864
+ global $cleantalk_ip_exclusions;
865
+
866
+ if(CleantalkHelper::ip__is_cleantalks($_SERVER['REMOTE_ADDR']))
867
+ return true;
868
+
869
+ if (!empty($cleantalk_ip_exclusions) && is_array($cleantalk_ip_exclusions)){
870
+ foreach($cleantalk_ip_exclusions as $exclusion){
871
+ if(stripos($_SERVER['REMOTE_ADDR'], $exclusion) !== false){
872
+ return true;
873
+ }
874
+ }
875
+ }
876
+
877
+ return false;
878
+ }
879
+
880
+ function ct_filter_array(&$data)
881
+ {
882
+ global $cleantalk_key_exclusions;
883
+
884
+ if(isset($cleantalk_key_exclusions) && sizeof($cleantalk_key_exclusions) > 0 && is_array($data)){
885
+
886
+ foreach($data as $key => $value){
887
+
888
+ if(!is_array($value)){
889
+ if(in_array($key,$cleantalk_key_exclusions)){
890
+ unset($data[$key]);
891
+ }
892
+ }else{
893
+ $data[$key] = ct_filter_array($value);
894
+ }
895
+ }
896
+
897
+ return $data;
898
+
899
+ }else{
900
+ return $data;
901
+ }
902
+ }
903
+
904
+
905
+ function cleantalk_debug($key,$value)
906
+ {
907
+ if(isset($_COOKIE) && isset($_COOKIE['cleantalk_debug']))
908
+ {
909
+ @header($key.": ".$value);
910
+ }
911
+ }
912
+
913
+ /**
914
+ * Function changes CleanTalk result object if an error occured.
915
+ * @return object
916
+ */
917
+ function ct_change_plugin_resonse($ct_result = null, $checkjs = null) {
918
+
919
+ global $apbct;
920
+
921
+ if (!$ct_result) {
922
+ return $ct_result;
923
+ }
924
+
925
+ if(@intval($ct_result->errno) != 0)
926
+ {
927
+ if($checkjs === null || $checkjs != 1)
928
+ {
929
+ $ct_result->allow = 0;
930
+ $ct_result->spam = 1;
931
+ $ct_result->comment = sprintf('We\'ve got an issue: %s. Forbidden. Please, enable Javascript. %s.',
932
+ $ct_result->comment,
933
+ $apbct->plugin_name
934
+ );
935
+ }
936
+ else
937
+ {
938
+ $ct_result->allow = 1;
939
+ $ct_result->comment = 'Allow';
940
+ }
941
+ }
942
+
943
+ return $ct_result;
944
+ }
945
+
946
+ /**
947
+ * Does key has correct symbols? Checks against regexp ^[a-z\d]{3,15}$
948
+ * @param api_key
949
+ * @return bool
950
+ */
951
+ function apbct_api_key__is_correct($api_key = null)
952
+ {
953
+ global $apbct;
954
+ $api_key = $api_key !== null ? $api_key : $apbct->api_key;
955
+ return $api_key && preg_match('/^[a-z\d]{3,15}$/', $api_key) ? true : false;
956
+ }
957
+
958
+ function apbct_add_async_attribute($tag, $handle, $src) {
959
+
960
+ global $apbct;
961
+
962
+ if(
963
+ $apbct->settings['async_js'] &&
964
+ (
965
+ $handle === 'ct_public'
966
+ || $handle === 'ct_public_gdpr'
967
+ || $handle === 'ct_debug_js'
968
+ || $handle === 'ct_public_admin_js'
969
+ || $handle === 'ct_internal'
970
+ || $handle === 'ct_external'
971
+ || $handle === 'ct_nocache'
972
+ )
973
+ )
974
+ return str_replace( ' src', ' async="async" src', $tag );
975
+ else
976
+ return $tag;
977
  }
inc/cleantalk-public.php CHANGED
@@ -1,3306 +1,3297 @@
1
- <?php
2
-
3
- /**
4
- * Init functions
5
- * @return mixed[] Array of options
6
- */
7
- function apbct_init() {
8
-
9
- global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $apbct, $ct_check_post_result, $test_external_forms, $cleantalk_executed, $wpdb;
10
-
11
- //Check internal forms with such "action" http://wordpress.loc/contact-us/some_script.php
12
- if((isset($_POST['action']) && $_POST['action'] == 'ct_check_internal') &&
13
- $apbct->settings['check_internal']
14
- ){
15
- $ct_result = ct_contact_form_validate();
16
- if($ct_result == null){
17
- echo 'true';
18
- die();
19
- }else{
20
- echo $ct_result;
21
- die();
22
- }
23
- }
24
-
25
- //fix for EPM registration form
26
- if(isset($_POST) && isset($_POST['reg_email']) && shortcode_exists( 'epm_registration_form' ))
27
- {
28
- unset($_POST['ct_checkjs_register_form']);
29
- }
30
-
31
- if(isset($_POST['_wpnonce-et-pb-contact-form-submitted']))
32
- {
33
- add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
34
- }
35
-
36
- if($apbct->settings['check_external']){
37
-
38
- // Fixing form and directs it this site
39
- if($apbct->settings['check_external__capture_buffer'] && !is_admin() && !apbct_is_ajax() && apbct_is_user_enable() && !(defined('DOING_CRON') && DOING_CRON) && !(defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)){
40
- add_action('wp', 'apbct_buffer__start');
41
- add_action('shutdown', 'apbct_buffer__end', 0);
42
- add_action('shutdown', 'apbct_buffer__output', 2);
43
- }
44
-
45
- // Check and redirecct
46
- if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST'
47
- && isset($_POST['cleantalk_hidden_method'])
48
- && isset($_POST['cleantalk_hidden_action'])
49
- ){
50
- $action = htmlspecialchars($_POST['cleantalk_hidden_action']);
51
- $method = htmlspecialchars($_POST['cleantalk_hidden_method']);
52
- unset($_POST['cleantalk_hidden_action']);
53
- unset($_POST['cleantalk_hidden_method']);
54
- ct_contact_form_validate();
55
- if(!apbct_is_ajax()){
56
- print "<html><body><form method='$method' action='$action'>";
57
- ct_print_form($_POST, '');
58
- print "</form>Redirecting to " . $action . "... Anti-spam by CleanTalk.</body></html>";
59
- print "<script>
60
- if(document.forms[0].submit !== 'undefined'){
61
- var objects = document.getElementsByName('submit');
62
- if(objects.length > 0)
63
- document.forms[0].removeChild(objects[0]);
64
- }
65
- document.forms[0].submit();
66
- </script>";
67
- die();
68
- }
69
- }
70
- }
71
-
72
- if(isset($_POST['quform_ajax'], $_POST['quform_csrf_token'], $_POST['quform_form_id'])){
73
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
74
- ct_ajax_hook();
75
- }
76
-
77
- /**hooks for cm answers pro */
78
- if(defined('CMA_PLUGIN_FILE')){
79
- add_action( 'wp', 'ct_ajax_hook',1 );
80
- }
81
-
82
- //hook for Anonymous Post
83
- if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
84
- add_action('wp','ct_contact_form_validate_postdata',1);
85
-
86
- if($apbct->settings['general_contact_forms_test'] == 1 && empty($_POST['ct_checkjs_cf7'])){
87
- add_action('CMA_custom_post_type_nav','ct_contact_form_validate_postdata',1);
88
- //add_action('init','ct_contact_form_validate',1);
89
- ct_contact_form_validate();
90
- if(isset($_POST['reg_redirect_link'])&&isset($_POST['tmpl_registration_nonce_field']))
91
- {
92
- unset($_POST['ct_checkjs_register_form']);
93
- ct_contact_form_validate();
94
- }
95
- /*if(isset($_GET['ait-action'])&&$_GET['ait-action']=='register')
96
- {
97
- $tmp=$_POST['redirect_to'];
98
- unset($_POST['redirect_to']);
99
- ct_contact_form_validate();
100
- $_POST['redirect_to']=$tmp;
101
- }*/
102
- }
103
-
104
- if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
105
- add_action('CMA_custom_post_type_nav','ct_contact_form_validate_postdata',1);
106
-
107
- //add_action('wp_footer','ct_ajaxurl');
108
-
109
- // Fast Secure contact form
110
- if(defined('FSCF_VERSION')){
111
- add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
112
- add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
113
- }
114
-
115
- // WooCoomerse signups
116
- if(class_exists('WooCommerce'))
117
- add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
118
-
119
- // WooCommerce whishlist
120
- if(class_exists('WC_Wishlists_Wishlist'))
121
- add_filter('wc_wishlists_create_list_args', 'ct_woocommerce_wishlist_check', 1, 1);
122
-
123
-
124
- // JetPack Contact form
125
- $jetpack_active_modules = false;
126
- if(defined('JETPACK__VERSION'))
127
- {
128
- if(isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form' ){
129
- if(JETPACK__VERSION=='3.4-beta')
130
- {
131
- add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
132
- }
133
- else if(JETPACK__VERSION=='3.4-beta2'||JETPACK__VERSION>='3.4')
134
- {
135
- add_filter('jetpack_contact_form_is_spam', 'ct_contact_form_is_spam_jetpack',50,2);
136
- }
137
- else
138
- {
139
- add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
140
- }
141
- $jetpack_active_modules = get_option('jetpack_active_modules');
142
- if ((class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)))
143
- {
144
- $ct_jp_comments = true;
145
- }
146
- }else
147
- add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
148
- }
149
-
150
- // WP Maintenance Mode (wpmm)
151
- add_action('wpmm_head', 'apbct_form__wpmm__addField', 1);
152
-
153
- // Contact Form7
154
- if(defined('WPCF7_VERSION')){
155
- add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
156
- add_filter('wpcf7_validate', 'apbct_form__contactForm7__tesSpam__before_validate', 999, 2);
157
- add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
158
- }
159
-
160
- // Formidable
161
- add_filter( 'frm_entries_before_create', 'ct_frm_validate_entry', 10, 2 );
162
- add_action( 'frm_entries_footer_scripts', 'ct_frm_entries_footer_scripts', 20, 2 );
163
-
164
- // BuddyPress
165
- if(class_exists('BuddyPress')){
166
- add_action('bp_before_registration_submit_buttons','ct_register_form',1);
167
- add_action('messages_message_before_save', 'apbct_integration__buddyPres__private_msg_check', 1);
168
- add_filter('bp_signup_validate', 'ct_registration_errors',1);
169
- add_filter('bp_signup_validate', 'ct_check_registration_erros', 999999);
170
- }
171
-
172
- if(defined('PROFILEPRESS_SYSTEM_FILE_PATH')){
173
- add_filter('pp_registration_validation', 'ct_registration_errors_ppress', 11, 2);
174
- }
175
-
176
-
177
- // bbPress
178
- if(class_exists('bbPress')){
179
- add_filter('bbp_new_topic_pre_title', 'ct_bbp_get_topic', 1);
180
- add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
181
- add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
182
- add_action('bbp_theme_before_topic_form_content', 'ct_comment_form');
183
- add_action('bbp_theme_before_reply_form_content', 'ct_comment_form');
184
- }
185
-
186
- //Custom Contact Forms
187
- if(defined('CCF_VERSION'))
188
- add_filter('ccf_field_validator', 'ct_ccf', 1, 4);
189
-
190
- add_action('comment_form', 'ct_comment_form');
191
-
192
- // intercept WordPress Landing Pages POST
193
- if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
194
- if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)
195
- ct_check_wplp();
196
- }else if(array_key_exists('inbound_submitted', $_POST) && $_POST['inbound_submitted'] == '1'){ // Final submit
197
- ct_check_wplp();
198
- }
199
- }
200
-
201
- // S2member. intercept POST
202
- if (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION')){
203
- $post_keys = array_keys($_POST);
204
- foreach($post_keys as $post_key){
205
-
206
- // Detect POST keys like /s2member_pro.*registration/
207
- if(strpos($post_key, 's2member') !== false && strpos($post_key, 'registration') !== false){
208
- ct_s2member_registration_test($post_key);
209
- break;
210
- }
211
- }
212
- }
213
-
214
- // New user approve hack
215
- // https://wordpress.org/plugins/new-user-approve/
216
- if (ct_plugin_active('new-user-approve/new-user-approve.php')) {
217
- add_action('register_post', 'ct_register_post', 1, 3);
218
- }
219
-
220
- // Wilcity theme registration validation fix
221
- add_filter( 'wilcity/filter/wiloke-listing-tools/validate-before-insert-account', 'apbct_wilcity_reg_validation', 10, 2 );
222
-
223
-
224
- // Gravity forms
225
- if (defined('GF_MIN_WP_VERSION')) {
226
- add_filter('gform_get_form_filter', 'apbct_form__gravityForms__addField', 10, 2);
227
- add_filter('gform_entry_is_spam', 'apbct_form__gravityForms__testSpam', 999, 3);
228
- add_filter('gform_confirmation', 'apbct_form__gravityForms__showResponse', 999, 4 );
229
- }
230
-
231
- //Pirate forms
232
- if(defined('PIRATE_FORMS_VERSION')){
233
- if(isset($_POST['pirate-forms-contact-name']) && $_POST['pirate-forms-contact-name'] && isset($_POST['pirate-forms-contact-email']) && $_POST['pirate-forms-contact-email'])
234
- ct_pirate_forms_check();
235
- }
236
-
237
- // WPForms
238
- // Adding fields
239
- add_action('wpforms_frontend_output', 'apbct_form__WPForms__addField', 1000, 5);
240
- // Gathering data to validate
241
- add_filter('wpforms_process_before_filter', 'apbct_from__WPForms__gatherData', 100, 2);
242
- // Do spam check
243
- add_filter('wpforms_process_initial_errors', 'apbct_form__WPForms__showResponse', 100, 2);
244
-
245
- // QForms integration
246
- add_filter( 'quform_post_validate', 'ct_quform_post_validate', 10, 2 );
247
-
248
-
249
- //
250
- // Load JS code to website footer
251
- //
252
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
253
- add_action('wp_head', 'apbct_hook__wp_head__set_cookie__ct_checkjs', 1);
254
- add_action('wp_footer', 'apbct_hook__wp_footer', 1);
255
- }
256
-
257
- if ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) {
258
- $ct_check_post_result=false;
259
- ct_contact_form_validate();
260
- }
261
-
262
- if (apbct_is_user_enable()) {
263
-
264
- if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
265
- $ct_check_post_result=false;
266
- add_action( 'init', 'ct_contact_form_validate', 999 );
267
- }
268
- if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' &&
269
- $apbct->settings['general_postdata_test'] == 1 &&
270
- !isset($_POST['ct_checkjs_cf7']) &&
271
- !is_admin() &&
272
- !apbct_is_user_role_in(array('administrator', 'moderator'))
273
- ){
274
- $ct_check_post_result=false;
275
- ct_contact_form_validate_postdata();
276
- }
277
- }
278
- }
279
-
280
- function apbct_buffer__start(){
281
- ob_start();
282
- }
283
-
284
- function apbct_buffer__end(){
285
-
286
- if(!ob_get_level())
287
- return;
288
-
289
- global $apbct;
290
- $apbct->buffer = ob_get_contents();
291
- ob_end_clean();
292
- }
293
-
294
- /**
295
- * Outputs changed buffer
296
- *
297
- * @global $apbct
298
- */
299
- function apbct_buffer__output(){
300
-
301
- global $apbct;
302
-
303
- if(empty($apbct->buffer))
304
- return;
305
-
306
- $site_url = get_option('siteurl');
307
- $site__host = parse_url($site_url, PHP_URL_HOST);
308
-
309
- $dom = new DOMDocument();
310
- @$dom->loadHTML($apbct->buffer);
311
-
312
- $forms = $dom->getElementsByTagName('form');
313
-
314
- foreach($forms as $form){
315
-
316
- $action = $form->getAttribute('action');
317
- $action = $action ? $action : $site_url;
318
- $action__host = parse_url($action, PHP_URL_HOST);
319
-
320
- // Check if the form directed to the third party site
321
- if($site__host != $action__host){
322
-
323
- $method = $form->getAttribute('method');
324
- $method = $method ? $method : 'get';
325
- // Directs form to our site
326
- $form->setAttribute('method', 'POST');
327
- $form->setAttribute('action', $site_url);
328
-
329
- // Add cleantalk_hidden_action
330
- $new_input = $dom->createElement('input');
331
- $new_input->setAttribute('type', 'hidden');
332
- $new_input->setAttribute('name', 'cleantalk_hidden_action');
333
- $new_input->setAttribute('value', $action);
334
- $form->appendChild($new_input);
335
-
336
- // Add cleantalk_hidden_method
337
- $new_input = $dom->createElement('input');
338
- $new_input->setAttribute('type', 'hidden');
339
- $new_input->setAttribute('name', 'cleantalk_hidden_method');
340
- $new_input->setAttribute('value', $method);
341
- $form->appendChild($new_input);
342
-
343
- }
344
- } unset($form);
345
-
346
- $html = $dom->getElementsByTagName('html');
347
-
348
- echo gettype($html) == 'object'
349
- ? $html[0]->childNodes[0]->ownerDocument->saveHTML()
350
- : $apbct->buffer;
351
- }
352
-
353
- // MailChimp Premium for Wordpress
354
- function ct_add_mc4wp_error_message($messages){
355
-
356
- $messages['ct_mc4wp_response'] = array(
357
- 'type' => 'error',
358
- 'text' => 'Your message looks like spam.'
359
- );
360
- return $messages;
361
- }
362
- add_filter( 'mc4wp_form_messages', 'ct_add_mc4wp_error_message' );
363
-
364
- /*
365
- * Function to set validate fucntion for CCF form
366
- * Input - Сonsistently each form field
367
- * Returns - String. Validate function
368
- */
369
- function ct_ccf($callback, $value, $field_id, $type){
370
- /*
371
- if($type == 'name')
372
- $ct_global_temporary_data['name'] = $value;
373
- elseif($type == 'email')
374
- $ct_global_temporary_data['email'] = $value;
375
- else
376
- $ct_global_temporary_data[] = $value;
377
- //*/
378
- return 'ct_validate_ccf_submission';
379
- }
380
- /*
381
- * Validate function for CCF form. Gatheering data. Multiple calls.
382
- * Input - void. Global $ct_global_temporary_data
383
- * Returns - String. CleanTalk comment.
384
- */
385
- $ct_global_temporary_data = array();
386
- function ct_validate_ccf_submission($value, $field_id, $required){
387
- global $ct_global_temporary_data, $apbct;
388
-
389
-
390
-
391
- //If the check for contact forms enabled
392
- if(!$apbct->settings['contact_forms_test'])
393
- return true;
394
- //If the check for logged in users enabled
395
- if($apbct->settings['protect_logged_in'] == 1 && is_user_logged_in())
396
- return true;
397
-
398
- //Accumulate data
399
- $ct_global_temporary_data[] = $value;
400
-
401
- //If it's the last field of the form
402
- (!isset($ct_global_temporary_data['count']) ? $ct_global_temporary_data['count'] = 1 : $ct_global_temporary_data['count']++);
403
- $form_id = $_POST['form_id'];
404
- if($ct_global_temporary_data['count'] != count(get_post_meta( $form_id, 'ccf_attached_fields', true )))
405
- return true;
406
- unset($ct_global_temporary_data['count']);
407
-
408
- //Getting request params
409
- $ct_temp_msg_data = ct_get_fields_any($_POST);
410
-
411
- unset($ct_global_temporary_data);
412
-
413
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
414
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
415
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
416
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
417
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
418
-
419
- if ($subject != '')
420
- $message['subject'] = $subject;
421
-
422
- $post_info['comment_type'] = 'feedback_custom_contact_forms';
423
- $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
424
-
425
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
426
- ? apbct_js_test('ct_checkjs', $_COOKIE)
427
- : apbct_js_test('ct_checkjs', $_POST);
428
-
429
- //Making a call
430
- $base_call_result = apbct_base_call(
431
- array(
432
- 'message' => $message,
433
- 'sender_email' => $sender_email,
434
- 'sender_nickname' => $sender_nickname,
435
- 'post_info' => $post_info,
436
- 'js_on' => $checkjs,
437
- 'sender_info' => array('sender_url' => null),
438
- )
439
- );
440
-
441
- $ct_result = $base_call_result['ct_result'];
442
-
443
- return $ct_result->allow == 0 ? $ct_result->comment : true;;
444
- }
445
-
446
- function ct_woocommerce_wishlist_check($args){
447
- global $apbct;
448
-
449
-
450
-
451
- //Protect logged in users
452
- if($args['wishlist_status'])
453
- if($apbct->settings['protect_logged_in'] == 0)
454
- return $args;
455
-
456
- //If the IP is a Google bot
457
- $hostname = gethostbyaddr( filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) );
458
- if(!strpos($hostname, 'googlebot.com'))
459
- return $args;
460
-
461
- //Getting request params
462
- $message = '';
463
- $subject = '';
464
- $email = $args['wishlist_owner_email'];
465
- if($args['wishlist_first_name']!='' || $args['wishlist_last_name']!='')
466
- $nickname = trim($args['wishlist_first_name']." ".$args['wishlist_last_name']);
467
- else
468
- $nickname = '';
469
-
470
- $post_info['comment_type'] = 'feedback';
471
- $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
472
-
473
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
474
- ? apbct_js_test('ct_checkjs', $_COOKIE)
475
- : apbct_js_test('ct_checkjs', $_POST);
476
-
477
- //Making a call
478
- $base_call_result = apbct_base_call(
479
- array(
480
- 'message' => $subject." ".$message,
481
- 'sender_email' => $email,
482
- 'sender_nickname' => $nickname,
483
- 'post_info' => $post_info,
484
- 'js_on' => $checkjs,
485
- 'sender_info' => array('sender_url' => null),
486
- )
487
- );
488
-
489
- $ct_result = $base_call_result['ct_result'];
490
-
491
- if ($ct_result->allow == 0)
492
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
493
- else
494
- return $args;
495
- }
496
-
497
- function apbct_integration__buddyPres__getTemplateName( $located, $template_name, $template_names, $template_locations, $load, $require_once ) {
498
- global $apbct;
499
- preg_match("/\/([a-z-_]+)\/buddypress-functions\.php$/", $located, $matches);
500
- $apbct->buddy_press_tmpl = isset($matches[1]) ? $matches[1] : 'unknown';
501
- }
502
-
503
- /**
504
- * Test BuddyPress activity for spam (post update only)
505
- *
506
- * @global SpbcState $apbct
507
- * @param bool $is_spam
508
- * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
509
- * @return boolean Spam flag
510
- */
511
- function apbct_integration__buddyPres__activityWall( $is_spam, $activity_obj = null ){
512
-
513
- global $apbct;
514
-
515
- if($activity_obj === null || !isset($_POST['action']) || $_POST['action'] && $_POST['action'] !== 'post_update')
516
- return;
517
-
518
- $curr_user = get_user_by('id', $activity_obj->user_id);
519
-
520
- //Making a call
521
- $base_call_result = apbct_base_call(
522
- array(
523
- 'message' => is_string($activity_obj->content) ? $activity_obj->content : '',
524
- 'sender_email' => $curr_user->data->user_email,
525
- 'sender_nickname' => $curr_user->data->user_login,
526
- 'post_info' => array(
527
- 'post_url' => 'buddypress_activitywall',
528
- 'comment_type' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
529
- ),
530
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
531
- 'sender_info' => array('sender_url' => null),
532
- )
533
- );
534
-
535
- $ct_result = $base_call_result['ct_result'];
536
-
537
- if ($ct_result->allow == 0){
538
- add_action('bp_activity_after_save', 'apbct_integration__buddyPres__activityWall_showResponse', 1, 1);
539
- $apbct->spam_notification = $ct_result->comment;
540
- return true;
541
- }else
542
- return $is_spam;
543
- }
544
-
545
- /**
546
- * Outputs message to AJAX frontend handler
547
- *
548
- * @global SpbcState $apbct
549
- * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
550
- */
551
- function apbct_integration__buddyPres__activityWall_showResponse( $activity_obj ){
552
-
553
- global $apbct;
554
-
555
- // Legacy template
556
- if($apbct->buddy_press_tmpl === 'bp-legacy'){
557
- die('<div id="message" class="error bp-ajax-message"><p>'. $apbct->spam_notification .'</p></div>');
558
- // Nouveau tamplate and others
559
- }else{
560
- @header( 'Content-Type: application/json; charset=' . get_option('blog_charset'));
561
- die(json_encode(array(
562
- 'success' => false,
563
- 'data' => array('message' => $apbct->spam_notification),
564
- )));
565
- }
566
- }
567
-
568
- /**
569
- * Public function - Tests new private messages (dialogs)
570
- *
571
- * @global SpbcState $apbct
572
- * @param type $bp_message_obj
573
- * @return array with errors if spam has found
574
- */
575
- function apbct_integration__buddyPres__private_msg_check( $bp_message_obj){
576
-
577
- global $apbct;
578
-
579
- //Check for enabled option
580
- if($apbct->settings['bp_private_messages'] == 0)
581
- return;
582
-
583
- //Check for quantity of comments
584
- $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER')
585
- ? CLEANTALK_CHECK_COMMENTS_NUMBER
586
- : 3;
587
-
588
- if($apbct->settings['check_comments_number']){
589
- $args = array(
590
- 'user_id' => $bp_message_obj->sender_id,
591
- 'box' => 'sentbox',
592
- 'type' => 'all',
593
- 'limit' => $comments_check_number,
594
- 'page' => null,
595
- 'search_terms' => '',
596
- 'meta_query' => array()
597
- );
598
- $sentbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
599
- $cnt_sentbox_msgs = $sentbox_msgs['total'];
600
- $args['box'] = 'inbox';
601
- $inbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
602
- $cnt_inbox_msgs = $inbox_msgs['total'];
603
-
604
- if(($cnt_inbox_msgs + $cnt_sentbox_msgs) >= $comments_check_number)
605
- $is_max_comments = true;
606
- }
607
-
608
- if(!empty($is_max_comments))
609
- return;
610
-
611
- $sender_user_obj = get_user_by('id', $bp_message_obj->sender_id);
612
-
613
- //Making a call
614
- $base_call_result = apbct_base_call(
615
- array(
616
- 'message' => $bp_message_obj->subject." ".$bp_message_obj->message,
617
- 'sender_email' => $sender_user_obj->data->user_email,
618
- 'sender_nickname' => $sender_user_obj->data->user_login,
619
- 'post_info' => array(
620
- 'comment_type' => 'buddypress_comment',
621
- 'post_url' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
622
- ),
623
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE)
624
- ? apbct_js_test('ct_checkjs', $_COOKIE)
625
- : apbct_js_test('ct_checkjs', $_POST),
626
- 'sender_info' => array('sender_url' => null),
627
- )
628
- );
629
-
630
- $ct_result = $base_call_result['ct_result'];
631
-
632
- if ($ct_result->allow == 0)
633
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
634
- }
635
-
636
- /**
637
- * Adds hiden filed to deafualt serach form
638
- *
639
- * @param $form string
640
- * @return string
641
- */
642
- function apbct_forms__search__addField( $form ){
643
- global $apbct;
644
- if($apbct->settings['search_test'] == 1){
645
- $js_filed = ct_add_hidden_fields('ct_checkjs_search_default', true, false, false, false);
646
- $form = str_replace('</form>', $js_filed, $form);
647
- }
648
- return $form;
649
- }
650
-
651
- /**
652
- * Test default search string for spam
653
- *
654
- * @param $search string
655
- * @return string
656
- */
657
- function apbct_forms__search__testSpam( $search ){
658
-
659
- global $apbct, $cleantalk_executed;
660
-
661
- if(
662
- empty($search) ||
663
- $cleantalk_executed ||
664
- $apbct->settings['search_test'] == 0 ||
665
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
666
- ){
667
- return $search;
668
- }
669
-
670
- if(apbct_is_user_logged_in())
671
- $user = wp_get_current_user();
672
-
673
- $base_call_result = apbct_base_call(
674
- array(
675
- 'message' => $search,
676
- 'sender_email' => !empty($user) ? $user->user_email : null,
677
- 'sender_nickname' => !empty($user) ? $user->user_login : null,
678
- 'post_info' => array('comment_type' => 'site_search_wordpress'),
679
- //'js_on' => apbct_js_test('ct_checkjs_search_default', $_GET, true),
680
- )
681
- );
682
- $ct_result = $base_call_result['ct_result'];
683
-
684
- $cleantalk_executed = true;
685
-
686
- if ($ct_result->allow == 0){
687
- die($ct_result->comment);
688
- }
689
-
690
- return $search;
691
- }
692
-
693
- /**
694
- * Public function - Tests for Pirate contact froms
695
- * return NULL
696
- */
697
- function ct_pirate_forms_check(){
698
-
699
- global $apbct;
700
-
701
- //Check for enabled option
702
- if( !$apbct->settings['contact_forms_test'])
703
- return;
704
-
705
- //Getting request params
706
- $ct_temp_msg_data = ct_get_fields_any($_POST);
707
-
708
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
709
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
710
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
711
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
712
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
713
-
714
- if($subject != '')
715
- $message = array_merge(array('subject' => $subject), $message);
716
-
717
- $post_info['comment_type'] = 'contact_form_wordpress_feedback_pirate';
718
- $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
719
-
720
- //Making a call
721
- $base_call_result = apbct_base_call(
722
- array(
723
- 'message' => $message,
724
- 'sender_email' => $sender_email,
725
- 'sender_nickname' => $sender_nickname,
726
- 'post_info' => $post_info,
727
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
728
- 'sender_info' => array('sender_url' => null),
729
- )
730
- );
731
-
732
- $ct_result = $base_call_result['ct_result'];
733
-
734
- if ($ct_result->allow == 0)
735
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
736
- }
737
-
738
- /**
739
- * Adds hidden filed to comment form
740
- */
741
- function ct_comment_form($post_id){
742
-
743
- global $apbct;
744
-
745
- if (apbct_is_user_enable() === false) {
746
- return false;
747
- }
748
-
749
- if ( !$apbct->settings['comments_test']) {
750
- return false;
751
- }
752
-
753
- ct_add_hidden_fields('ct_checkjs', false, false);
754
-
755
- return null;
756
- }
757
-
758
- /**
759
- * Adds cookie script filed to head
760
- */
761
- function apbct_hook__wp_head__set_cookie__ct_checkjs() {
762
-
763
- ct_add_hidden_fields('ct_checkjs', false, true, true);
764
-
765
- return null;
766
- }
767
-
768
- /**
769
- * Adds cookie script filed to footer
770
- */
771
- function apbct_hook__wp_footer() {
772
-
773
- //ct_add_hidden_fields(true, 'ct_checkjs', false, true, true);
774
-
775
- return null;
776
- }
777
-
778
- /**
779
- * Adds hidden filed to define avaialbility of client's JavaScript
780
- * @param bool $random_key switch on generation random key for every page load
781
- */
782
- function ct_add_hidden_fields($field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false, $ajax = true) {
783
-
784
- global $ct_checkjs_def, $apbct;
785
-
786
- $ct_checkjs_key = ct_get_checkjs_value();
787
- $field_id_hash = md5(rand(0, 1000));
788
-
789
- // Using only cookies
790
- if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
791
-
792
- $html = "<script type='text/javascript'>
793
- function ctSetCookie(c_name, value, def_value){
794
- document.cookie = c_name + '=' + escape(value) + '; path=/';
795
- }
796
- ctSetCookie('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
797
- </script>";
798
-
799
- // Using AJAX to get key
800
- }elseif($apbct->settings['use_ajax'] && $ajax){
801
-
802
- // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
803
- if($no_print)
804
- return;
805
-
806
- $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
807
- $field_id = $field_name . '_' . $field_id_hash;
808
- $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
809
- <script type='text/javascript'>
810
- setTimeout(function(){
811
- apbct_sendAJAXRequest(
812
- {action: 'apbct_js_keys__get'},
813
- {callback: apbct_js_keys__set_input_value, input_name: '{$field_id}'}
814
- );
815
- }, 1000);
816
- </script>";
817
-
818
- // Set KEY from backend
819
- }else{
820
- // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
821
- if($no_print)
822
- return;
823
-
824
- $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
825
- $field_id = $field_name . '_' . $field_id_hash;
826
- $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
827
- <script type='text/javascript'>
828
- setTimeout(function(){
829
- var ct_input_name = '{$field_id}';
830
- if (document.getElementById(ct_input_name) !== null) {
831
- var ct_input_value = document.getElementById(ct_input_name).value;
832
- document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, {$ct_input_challenge});
833
- }
834
- }, 1000);
835
- </script>";
836
- }
837
-
838
- // Simplify JS code and Fixing issue with wpautop()
839
- $html = str_replace(array("\n","\r","\t"),'', $html);
840
-
841
- if ($return_string === true) {
842
- return $html;
843
- } else {
844
- echo $html;
845
- }
846
- }
847
-
848
- /**
849
- * Public function - Insert JS code for spam tests
850
- * return null;
851
- */
852
- function ct_frm_entries_footer_scripts($fields, $form) {
853
- global $apbct, $ct_checkjs_frm;
854
-
855
- if ( !$apbct->settings['contact_forms_test'])
856
- return false;
857
-
858
- $ct_checkjs_key = ct_get_checkjs_value();
859
- $ct_frm_base_name = 'form_';
860
- $ct_frm_name = $ct_frm_base_name . $form->form_key;
861
-
862
- echo "var input = document.createElement('input');
863
- input.setAttribute('type', 'hidden');
864
- input.setAttribute('name', '$ct_checkjs_frm');
865
- input.setAttribute('value', '$ct_checkjs_key');
866
- for (i = 0; i < document.forms.length; i++) {
867
- if (typeof document.forms[i].id == 'string'){
868
- if(document.forms[i].id.search('$ct_frm_name') != -1) {
869
- document.forms[i].appendChild(input);
870
- }
871
- }
872
- }";
873
-
874
- /* Excessive cookie set
875
- $js_code = ct_add_hidden_fields(true, 'ct_checkjs', true, true);
876
- $js_code = strip_tags($js_code); // Removing <script> tag
877
- echo $js_code;
878
- //*/
879
- }
880
-
881
- /**
882
- * Public function - Test Formidable data for spam activity
883
- * @param $errors
884
- * @param $form
885
- *
886
- * @return array with errors if spam has found
887
- */
888
- function ct_frm_validate_entry ( $errors, $form ) {
889
-
890
- global $apbct;
891
-
892
- if ( !$apbct->settings['contact_forms_test']) {
893
- return $errors;
894
- }
895
-
896
- // Skip processing for logged in users.
897
- if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in()) {
898
- return $errors;
899
- }
900
-
901
- $ct_temp_msg_data = ct_get_fields_any($_POST['item_meta']);
902
-
903
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
904
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
905
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
906
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
907
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
908
-
909
- // Adding 'input_meta[]' to every field /Formidable fix/
910
- $message = array_flip($message);
911
- foreach($message as &$value){
912
- $value = 'item_meta['.$value.']';
913
- } unset($value);
914
- $message = array_flip($message);
915
-
916
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
917
- ? apbct_js_test('ct_checkjs', $_COOKIE)
918
- : apbct_js_test('ct_checkjs', $_POST);
919
-
920
- $base_call_result = apbct_base_call(
921
- array(
922
- 'message' => $message,
923
- 'sender_email' => $sender_email,
924
- 'sender_nickname' => $sender_nickname,
925
- 'post_info' => array('comment_type' => 'contact_form_wordpress_formidable'),
926
- 'js_on' => $checkjs
927
- )
928
- );
929
- $ct_result = $base_call_result['ct_result'];
930
-
931
- if ($ct_result->allow == 0) {
932
- $errors['ct_error'] = '<br /><b>' . $ct_result->comment . '</b><br /><br />';
933
- }
934
-
935
- return $errors;
936
- }
937
-
938
- /**
939
- * Public filter 'bbp_*' - Get new topic name to global $ct_bbp_topic
940
- * @param mixed[] $comment Comment string
941
- * @return mixed[] $comment Comment string
942
- */
943
- function ct_bbp_get_topic($topic){
944
- global $ct_bbp_topic;
945
-
946
- $ct_bbp_topic=$topic;
947
-
948
- return $topic;
949
- }
950
-
951
- /**
952
- * Public filter 'bbp_*' - Checks topics, replies by cleantalk
953
- * @param mixed[] $comment Comment string
954
- * @return mixed[] $comment Comment string
955
- */
956
- function ct_bbp_new_pre_content ($comment) {
957
-
958
- global $apbct, $current_user;
959
-
960
- if ( !$apbct->settings['comments_test']) {
961
- return $comment;
962
- }
963
-
964
- // Skip processing for logged in users and admin.
965
- if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in() ||
966
- in_array("administrator", $current_user->roles))
967
- return $comment;
968
-
969
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
970
- ? apbct_js_test('ct_checkjs', $_COOKIE)
971
- : apbct_js_test('ct_checkjs', $_POST);
972
-
973
- $post_info['comment_type'] = 'bbpress_comment';
974
- $post_info['post_url'] = bbp_get_topic_permalink();
975
-
976
- if( is_user_logged_in() ) {
977
- $sender_email = $current_user->user_email;
978
- $sender_nickname = $current_user->display_name;
979
- } else {
980
- $sender_email = isset($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : null;
981
- $sender_nickname = isset($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : null;
982
- }
983
-
984
- $base_call_result = apbct_base_call(
985
- array(
986
- 'message' => $comment,
987
- 'sender_email' => $sender_email,
988
- 'sender_nickname' => $sender_nickname,
989
- 'post_info' => $post_info,
990
- 'js_on' => $checkjs,
991
- 'sender_info' => array('sender_url' => isset($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : null),
992
- )
993
- );
994
- $ct_result = $base_call_result['ct_result'];
995
-
996
- if ($ct_result->allow == 0) {
997
- bbp_add_error('bbp_reply_content', $ct_result->comment);
998
- }
999
-
1000
- return $comment;
1001
- }
1002
-
1003
- function apbct_comment__sanitize_data__before_wp_die($function){
1004
-
1005
- global $apbct;
1006
-
1007
- $comment_data = wp_unslash($_POST);
1008
-
1009
- $user_ID = 0;
1010
-
1011
- $comment_type = '';
1012
-
1013
- $comment_content = isset($comment_data['comment']) ? (string) $comment_data['comment'] : null;
1014
- $comment_parent = isset($comment_data['comment_parent']) ? (int) absint($comment_data['comment_parent']) : null;
1015
-
1016
- $comment_author = isset($comment_data['author']) ? (string) trim(strip_tags($comment_data['author'])) : null;
1017
- $comment_author_email = isset($comment_data['email']) ? (string) trim($comment_data['email']) : null;
1018
- $comment_author_url = isset($comment_data['url']) ? (string) trim($comment_data['url']) : null;
1019
- $comment_post_ID = isset($comment_data['comment_post_ID']) ? (int) $comment_data['comment_post_ID'] : null;
1020
-
1021
- if(isset($comment_content, $comment_parent)){
1022
-
1023
- $user = wp_get_current_user();
1024
-
1025
- if($user->exists()){
1026
- $comment_author = empty($user->display_name) ? $user->user_login : $user->display_name;
1027
- $comment_author_email = $user->user_email;
1028
- $comment_author_url = $user->user_url;
1029
- $user_ID = $user->ID;
1030
- }
1031
-
1032
- $apbct->comment_data = compact(
1033
- 'comment_post_ID',
1034
- 'comment_author',
1035
- 'comment_author_email',
1036
- 'comment_author_url',
1037
- 'comment_content',
1038
- 'comment_type',
1039
- 'comment_parent',
1040
- 'user_ID'
1041
- );
1042
-
1043
- $function = 'apbct_comment__check_via_wp_die';
1044
-
1045
- }
1046
-
1047
- return $function;
1048
- }
1049
-
1050
- function apbct_comment__check_via_wp_die($message, $title, $args){
1051
- if($title == __('Comment Submission Failure')){
1052
- global $apbct;
1053
- $apbct->validation_error = $message;
1054
- ct_preprocess_comment($apbct->comment_data);
1055
- }
1056
- _default_wp_die_handler($message, $title, $args);
1057
- }
1058
-
1059
- /**
1060
- * Public filter 'preprocess_comment' - Checks comment by cleantalk server
1061
- * @param mixed[] $comment Comment data array
1062
- * @return mixed[] New data array of comment
1063
- */
1064
- function ct_preprocess_comment($comment) {
1065
- // this action is called just when WP process POST request (adds new comment)
1066
- // this action is called by wp-comments-post.php
1067
- // after processing WP makes redirect to post page with comment's form by GET request (see above)
1068
- global $current_user, $comment_post_id, $ct_comment_done, $ct_jp_comments, $apbct;
1069
-
1070
- // Send email notification for chosen groups of users
1071
- if($apbct->settings['comment_notify'] && !empty($apbct->settings['comment_notify__roles']) && $apbct->data['moderate']){
1072
-
1073
- add_filter('notify_post_author', 'apbct_comment__Wordpress__doNotify', 100, 2);
1074
-
1075
- $users = get_users(array(
1076
- 'role__in' => $apbct->settings['comment_notify__roles'],
1077
- 'fileds' => array('user_email')
1078
- ));
1079
-
1080
- if($users){
1081
- add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotificationGroups', 100, 2);
1082
- add_filter('comment_notification_recipients', 'apbct_comment__Wordpress__changeMailNotificationRecipients', 100, 2);
1083
- foreach($users as $user){
1084
- $emails[] = $user->user_email;
1085
- }
1086
- $apbct->comment_notification_recipients = json_encode($emails);
1087
- }
1088
- }
1089
-
1090
- // Skip processing admin.
1091
- if (in_array("administrator", $current_user->roles))
1092
- return $comment;
1093
-
1094
- $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1095
-
1096
- if($apbct->settings['check_comments_number']){
1097
- $args = array(
1098
- 'author_email' => $comment['comment_author_email'],
1099
- 'status' => 'approve',
1100
- 'count' => false,
1101
- 'number' => $comments_check_number,
1102
- );
1103
- $cnt = count(get_comments($args));
1104
- $is_max_comments = $cnt >= $comments_check_number ? true : false;
1105
- }
1106
-
1107
- if (
1108
- ($comment['comment_type']!='trackback') &&
1109
- (
1110
- apbct_is_user_enable() === false ||
1111
- $apbct->settings['comments_test'] == 0 ||
1112
- $ct_comment_done ||
1113
- (isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'],'page=wysija_campaigns&action=editTemplate')!==false) ||
1114
- (isset($is_max_comments) && $is_max_comments) ||
1115
- strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false)
1116
- )
1117
- {
1118
- return $comment;
1119
- }
1120
-
1121
- $local_blacklists = wp_blacklist_check(
1122
- $comment['comment_author'],
1123
- $comment['comment_author_email'],
1124
- $comment['comment_author_url'],
1125
- $comment['comment_content'],
1126
- @$_SERVER['REMOTE_ADDR'],
1127
- @$_SERVER['HTTP_USER_AGENT']
1128
- );
1129
-
1130
- // Go out if author in local blacklists
1131
- if ($comment['comment_type']!='trackback' && $local_blacklists === true) {
1132
- return $comment;
1133
- }
1134
-
1135
- // Skip pingback anti-spam test
1136
- /*if ($comment['comment_type'] == 'pingback') {
1137
- return $comment;
1138
- }*/
1139
-
1140
- $ct_comment_done = true;
1141
-
1142
- $comment_post_id = $comment['comment_post_ID'];
1143
-
1144
- // JetPack comments logic
1145
- $post_info['comment_type'] = $ct_jp_comments ? 'jetpack_comment' : $comment['comment_type'];
1146
- $post_info['post_url'] = ct_post_url(null, $comment_post_id);
1147
-
1148
- // Comment type
1149
- $post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
1150
-
1151
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1152
- ? apbct_js_test('ct_checkjs', $_COOKIE)
1153
- : apbct_js_test('ct_checkjs', $_POST);
1154
-
1155
-
1156
- $example = null;
1157
- if ($apbct->settings['relevance_test']) {
1158
- $post = get_post($comment_post_id);
1159
- if ($post !== null){
1160
- $example['title'] = $post->post_title;
1161
- $example['body'] = $post->post_content;
1162
- $example['comments'] = null;
1163
-
1164
- $last_comments = get_comments(array('status' => 'approve', 'number' => 10, 'post_id' => $comment_post_id));
1165
- foreach ($last_comments as $post_comment){
1166
- $example['comments'] .= "\n\n" . $post_comment->comment_content;
1167
- }
1168
-
1169
- $example = json_encode($example);
1170
- }
1171
-
1172
- // Use plain string format if've failed with JSON
1173
- if ($example === false || $example === null){
1174
- $example = ($post->post_title !== null) ? $post->post_title : '';
1175
- $example .= ($post->post_content !== null) ? "\n\n" . $post->post_content : '';
1176
- }
1177
- }
1178
-
1179
- $base_call_result = apbct_base_call(
1180
- array(
1181
- 'message' => $comment['comment_content'],
1182
- 'example' => $example,
1183
- 'sender_email' => $comment['comment_author_email'],
1184
- 'sender_nickname' => $comment['comment_author'],
1185
- 'post_info' => $post_info,
1186
- 'js_on' => $checkjs,
1187
- 'sender_info' => array(
1188
- 'sender_url' => @$comment['comment_author_url'],
1189
- 'form_validation' => !isset($apbct->validation_error)
1190
- ? null
1191
- : json_encode(array(
1192
- 'validation_notice' => $apbct->validation_error,
1193
- 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
1194
- ))
1195
- ),
1196
- )
1197
- );
1198
- $ct_result = $base_call_result['ct_result'];
1199
-
1200
- ct_hash($ct_result->id);
1201
-
1202
- //Don't check trusted users
1203
- if (isset($comment['comment_author_email'])){
1204
- $approved_comments = get_comments(array('status' => 'approve', 'count' => true, 'author_email' => $comment['comment_author_email']));
1205
- $new_user = $approved_comments == 0 ? true : false;
1206
- }
1207
-
1208
- // Change comment flow only for new authors
1209
- if ($new_user || $ct_result->stop_words !== null || $ct_result->spam == 1)
1210
- add_action('comment_post', 'ct_set_meta', 10, 2);
1211
-
1212
- if($ct_result->allow){ // Pass if allowed
1213
- if(get_option('comment_moderation') === '1') // Wordpress moderation flag
1214
- add_filter('pre_comment_approved', 'ct_set_not_approved', 999, 2);
1215
- else
1216
- add_filter('pre_comment_approved', 'ct_set_approved', 999, 2);
1217
- }else{
1218
-
1219
- global $ct_comment, $ct_stop_words;
1220
-
1221
- $ct_comment = $ct_result->comment;
1222
- $ct_stop_words = $ct_result->stop_words;
1223
-
1224
- $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_result->comment;
1225
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1226
-
1227
- // Terminate. Definitely spam.
1228
- if($ct_result->stop_queue == 1)
1229
- wp_die($err_text, 'Blacklisted', array('back_link' => true));
1230
-
1231
- // Terminate by user's setting.
1232
- if($ct_result->spam == 3)
1233
- wp_die($err_text, 'Blacklisted', array('back_link' => true));
1234
-
1235
- // Trash comment.
1236
- if($ct_result->spam == 2){
1237
- add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1238
- add_action('comment_post', 'ct_wp_trash_comment', 997, 2);
1239
- }
1240
-
1241
- // Spam comment
1242
- if($ct_result->spam == 1)
1243
- add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1244
-
1245
- // Move to pending folder. Contains stop_words.
1246
- if($ct_result->stop_words){
1247
- add_filter('pre_comment_approved', 'ct_set_not_approved', 998, 2);
1248
- add_action('comment_post', 'ct_mark_red', 998, 2);
1249
- }
1250
-
1251
- add_action('comment_post', 'ct_die', 999, 2);
1252
- }
1253
-
1254
- if($apbct->settings['remove_comments_links'] == 1){
1255
- $comment['comment_content'] = preg_replace("~(http|https|ftp|ftps)://(.*?)(\s|\n|[,.?!](\s|\n)|$)~", '[Link deleted]', $comment['comment_content']);
1256
- }
1257
-
1258
- // Change mail notification if license is out of date
1259
- if($apbct->data['moderate'] == 0){
1260
- $apbct->sender_email = $comment['comment_author_email'];
1261
- $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
1262
- add_filter('comment_moderation_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment sent to moderation
1263
- add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment approved
1264
- }
1265
-
1266
- return $comment;
1267
- }
1268
-
1269
- /**
1270
- * Changes whether notify admin/athor or not.
1271
- *
1272
- * @param bool $maybe_notify notify flag
1273
- * @param int $comment_ID Comment id
1274
- * @return bool flag
1275
- */
1276
- function apbct_comment__Wordpress__doNotify($maybe_notify, $comment_ID){
1277
- return true;
1278
- }
1279
-
1280
- /**
1281
- * Add notification setting link
1282
- *
1283
- * @param type $notify_message
1284
- * @param type $comment_id
1285
- * @return type
1286
- */
1287
- function apbct_comment__Wordpress__changeMailNotificationGroups($notify_message, $comment_id){
1288
- $website = parse_url(get_option('siteurl'),PHP_URL_HOST);
1289
- return $notify_message
1290
- .PHP_EOL
1291
- .'---'.PHP_EOL
1292
- .'Manage notifications settings: http://'.$website.'/wp-admin/options-general.php?page=cleantalk';
1293
- }
1294
-
1295
- /**
1296
- * Change email notification recipients
1297
- *
1298
- * @global SpbcState $apbct
1299
- * @param type $emails
1300
- * @param type $comment_id
1301
- * @return type
1302
- */
1303
- function apbct_comment__Wordpress__changeMailNotificationRecipients($emails, $comment_id){
1304
- global $apbct;
1305
- return array_unique(array_merge($emails, (array)json_decode($apbct->comment_notification_recipients, true)));
1306
- }
1307
-
1308
- /**
1309
- * Changes email notification for spam comment for native Wordpress comment system
1310
- *
1311
- * @param string $notify_message Body of email notification
1312
- * @param int $comment_id Comment id
1313
- * @return string Body for email notification
1314
- */
1315
- function apbct_comment__Wordpress__changeMailNotification($notify_message, $comment_id){
1316
-
1317
- global $apbct;
1318
-
1319
- $notify_message =
1320
- PHP_EOL
1321
- .__('CleanTalk AntiSpam: This message is possible spam.', 'cleantalk')
1322
- ."\n".__('You could check it in CleanTalk\'s anti-spam database:', 'cleantalk')
1323
- ."\n".'IP: https://cleantalk.org/blacklists/' . $apbct->sender_ip
1324
- ."\n".'Email: https://cleantalk.org/blacklists/' . $apbct->sender_email
1325
- ."\n".PHP_EOL . sprintf(
1326
- __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
1327
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_comment_passed'
1328
- .($apbct->data['user_token']
1329
- ? '&iser_token='.$apbct->data['user_token']
1330
- : ''
1331
- )
1332
- )
1333
- .PHP_EOL . '---'
1334
- .PHP_EOL
1335
- .PHP_EOL
1336
- .$notify_message;
1337
-
1338
- return $notify_message;
1339
-
1340
- }
1341
-
1342
- /**
1343
- * Set die page with Cleantalk comment.
1344
- * @global array $ct_comment
1345
- $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_comment;
1346
- * @param type $comment_status
1347
- */
1348
- function ct_die($comment_id, $comment_status) {
1349
- global $ct_comment;
1350
- $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_comment;
1351
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1352
- if(isset($_POST['et_pb_contact_email']))
1353
- {
1354
- $mes='<div id="et_pb_contact_form_1" class="et_pb_contact_form_container clearfix"><h1 class="et_pb_contact_main_title">Blacklisted</h1><div class="et-pb-contact-message"><p>'.$ct_comment.'</p></div></div>';
1355
- wp_die($mes, 'Blacklisted', array('back_link' => true,'response'=>200));
1356
- }
1357
- else
1358
- {
1359
- wp_die($err_text, 'Blacklisted', array('back_link' => true));
1360
- }
1361
- }
1362
-
1363
- /**
1364
- * Set die page with Cleantalk comment from parameter.
1365
- * @param type $comment_body
1366
- */
1367
- function ct_die_extended($comment_body) {
1368
- $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $comment_body;
1369
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1370
- wp_die($err_text, 'Blacklisted', array('back_link' => true));
1371
- }
1372
-
1373
- /**
1374
- * Validates JavaScript anti-spam test
1375
- *
1376
- * @param string $field_name filed to serach in data
1377
- * @param null $data Data to search in
1378
- * @param bool $random_key
1379
- *
1380
- * @return int|null
1381
- */
1382
- function apbct_js_test($field_name = 'ct_checkjs', $data = null) {
1383
-
1384
- global $apbct;
1385
-
1386
- $out = null;
1387
-
1388
- if($data && isset($data[$field_name])){
1389
-
1390
- $js_key = $data[$field_name];
1391
-
1392
- // Check static key
1393
- if($apbct->settings['use_static_js_key']){
1394
- $ct_challenge = ct_get_checkjs_value();
1395
- $out = preg_match("/$ct_challenge/", $js_key) ? 1 : 0;
1396
-
1397
- // Random key check
1398
- }else{
1399
- $out = array_key_exists($js_key, $apbct->js_keys) ? 1 : 0;
1400
- }
1401
- }
1402
-
1403
- return $out;
1404
- }
1405
-
1406
- /**
1407
- * Get post url
1408
- * @param int $comment_id
1409
- * @param int $comment_post_id
1410
- * @return string|bool
1411
- */
1412
- function ct_post_url($comment_id = null, $comment_post_id) {
1413
-
1414
- if (empty($comment_post_id))
1415
- return null;
1416
-
1417
- if ($comment_id === null) {
1418
- $last_comment = get_comments('number=1');
1419
- $comment_id = isset($last_comment[0]->comment_ID) ? (int) $last_comment[0]->comment_ID + 1 : 1;
1420
- }
1421
- $permalink = get_permalink($comment_post_id);
1422
-
1423
- $post_url = null;
1424
- if ($permalink !== null)
1425
- $post_url = $permalink . '#comment-' . $comment_id;
1426
-
1427
- return $post_url;
1428
- }
1429
-
1430
- /**
1431
- * Public filter 'pre_comment_approved' - Mark comment unapproved always
1432
- * @return int Zero
1433
- */
1434
- function ct_set_not_approved() {
1435
- return 0;
1436
- }
1437
-
1438
- /**
1439
- * @author Artem Leontiev
1440
- * Public filter 'pre_comment_approved' - Mark comment approved if it's not 'spam' only
1441
- * @return int 1
1442
- */
1443
- function ct_set_approved($approved, $comment) {
1444
- if ($approved == 'spam'){
1445
- return $approved;
1446
- } else {
1447
- return 1;
1448
- }
1449
- }
1450
-
1451
- /**
1452
- * Public filter 'pre_comment_approved' - Mark comment unapproved always
1453
- * @return int Zero
1454
- */
1455
- function ct_set_comment_spam() {
1456
- return 'spam';
1457
- }
1458
-
1459
- /**
1460
- * Public action 'comment_post' - Store cleantalk hash in comment meta 'ct_hash'
1461
- * @param int $comment_id Comment ID
1462
- * @param mixed $comment_status Approval status ("spam", or 0/1), not used
1463
- */
1464
- function ct_set_meta($comment_id, $comment_status) {
1465
- global $comment_post_id;
1466
- $hash1 = ct_hash();
1467
- if (!empty($hash1)) {
1468
- update_comment_meta($comment_id, 'ct_hash', $hash1);
1469
- if (function_exists('base64_encode') && isset($comment_status) && $comment_status != 'spam') {
1470
- $post_url = ct_post_url($comment_id, $comment_post_id);
1471
- $post_url = base64_encode($post_url);
1472
- if ($post_url === false)
1473
- return false;
1474
- // 01 - URL to approved comment
1475
- $feedback_request = $hash1 . ':' . '01' . ':' . $post_url . ';';
1476
- ct_send_feedback($feedback_request);
1477
- }
1478
- }
1479
- return true;
1480
- }
1481
-
1482
- /**
1483
- * Mark bad words
1484
- * @global string $ct_stop_words
1485
- * @param int $comment_id
1486
- * @param int $comment_status Not use
1487
- */
1488
- function ct_mark_red($comment_id, $comment_status) {
1489
- global $ct_stop_words;
1490
-
1491
- $comment = get_comment($comment_id, 'ARRAY_A');
1492
- $message = $comment['comment_content'];
1493
- foreach (explode(':', $ct_stop_words) as $word) {
1494
- $message = preg_replace("/($word)/ui", '<font rel="cleantalk" color="#FF1000">' . "$1" . '</font>', $message);
1495
-
1496
- }
1497
- $comment['comment_content'] = $message;
1498
- kses_remove_filters();
1499
- wp_update_comment($comment);
1500
- }
1501
-
1502
- //
1503
- //Send post to trash
1504
- //
1505
- function ct_wp_trash_comment($comment_id, $comment_status){
1506
- wp_trash_comment($comment_id);
1507
- }
1508
-
1509
- /**
1510
- * Tests plugin activation status
1511
- * @return bool
1512
- */
1513
- function ct_plugin_active($plugin_name){
1514
- foreach (get_option('active_plugins') as $k => $v) {
1515
- if ($plugin_name == $v)
1516
- return true;
1517
- }
1518
- return false;
1519
- }
1520
-
1521
- /**
1522
- * Insert a hidden field to registration form
1523
- * @return null
1524
- */
1525
- function ct_register_form() {
1526
-
1527
- global $ct_checkjs_register_form, $apbct;
1528
-
1529
- if ($apbct->settings['registrations_test'] == 0) {
1530
- return false;
1531
- }
1532
-
1533
- ct_add_hidden_fields($ct_checkjs_register_form, false, false, false, false);
1534
-
1535
- return null;
1536
- }
1537
-
1538
- function apbct_login__scripts(){
1539
- echo '<script src="'.APBCT_URL_PATH.'/js/apbct-public.min.js"></script>';
1540
- }
1541
-
1542
- /**
1543
- * Adds notification text to login form - to inform about approved registration
1544
- * @return null
1545
- */
1546
- function ct_login_message($message) {
1547
-
1548
- global $errors, $apbct, $apbct_cookie_register_ok_label;
1549
-
1550
-
1551
-
1552
- if ($apbct->settings['registrations_test'] != 0){
1553
- if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ){
1554
- if (isset($_COOKIE[$apbct_cookie_register_ok_label])){
1555
- if(is_wp_error($errors)){
1556
- $errors->add('ct_message',sprintf(__('Registration approved by %s.', 'cleantalk'), '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk</b>'), 'message');
1557
- }
1558
- }
1559
- }
1560
- }
1561
- return $message;
1562
- }
1563
-
1564
- /**
1565
- * Test users registration for pPress
1566
- * @return array with errors
1567
- */
1568
- function ct_registration_errors_ppress($reg_errors, $form_id) {
1569
-
1570
- $email = $_POST['reg_email'];
1571
- $login = $_POST['reg_username'];
1572
-
1573
- $reg_errors = ct_registration_errors($reg_errors, $login, $email);
1574
-
1575
- return $reg_errors;
1576
- }
1577
-
1578
- /**
1579
- * Test users registration for multisite enviroment
1580
- * @return array with errors
1581
- */
1582
- function ct_registration_errors_wpmu($errors) {
1583
- global $ct_signup_done;
1584
-
1585
- //
1586
- // Multisite actions
1587
- //
1588
- $sanitized_user_login = null;
1589
- if (isset($errors['user_name'])) {
1590
- $sanitized_user_login = $errors['user_name'];
1591
- $wpmu = true;
1592
- }
1593
- $user_email = null;
1594
- if (isset($errors['user_email'])) {
1595
- $user_email = $errors['user_email'];
1596
- $wpmu = true;
1597
- }
1598
-
1599
- if ($wpmu && isset($errors['errors']->errors) && count($errors['errors']->errors) > 0) {
1600
- return $errors;
1601
- }
1602
-
1603
- $errors['errors'] = ct_registration_errors($errors['errors'], $sanitized_user_login, $user_email);
1604
-
1605
- // Show CleanTalk errors in user_name field
1606
- if (isset($errors['errors']->errors['ct_error'])) {
1607
- $errors['errors']->errors['user_name'] = $errors['errors']->errors['ct_error'];
1608
- unset($errors['errors']->errors['ct_error']);
1609
- }
1610
-
1611
- return $errors;
1612
- }
1613
-
1614
- /**
1615
- * Shell for action register_post
1616
- * @return array with errors
1617
- */
1618
- function ct_register_post($sanitized_user_login = null, $user_email = null, $errors) {
1619
- return ct_registration_errors($errors, $sanitized_user_login, $user_email);
1620
- }
1621
-
1622
- /**
1623
- * Check messages for external plugins
1624
- * @return array with checking result;
1625
- */
1626
-
1627
- function ct_test_message($nickname, $email, $ip, $text){
1628
-
1629
- $base_call_result = apbct_base_call(
1630
- array(
1631
- 'message' => $text,
1632
- 'sender_email' => $email,
1633
- 'sender_nickname' => $nickname,
1634
- 'post_info' => array('comment_type' => 'feedback_plugin_check'),
1635
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
1636
- )
1637
- );
1638
-
1639
- $ct_result = $base_call_result['ct_result'];
1640
-
1641
- $result=Array(
1642
- 'allow' => $ct_result->allow,
1643
- 'comment' => $ct_result->comment,
1644
- );
1645
- return $result;
1646
- }
1647
-
1648
- /**
1649
- * Check registrations for external plugins
1650
- * @return array with checking result;
1651
- */
1652
- function ct_test_registration($nickname, $email, $ip){
1653
-
1654
- global $ct_checkjs_register_form, $apbct;
1655
-
1656
- if(apbct_js_test($ct_checkjs_register_form, $_POST)){
1657
- $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1658
- $sender_info['post_checkjs_passed'] = $checkjs;
1659
- }else{
1660
- $checkjs = $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1661
- $sender_info['cookie_checkjs_passed'] = $checkjs;
1662
- }
1663
-
1664
- //Making a call
1665
- $base_call_result = apbct_base_call(
1666
- array(
1667
- 'sender_ip' => $ip,
1668
- 'sender_email' => $email,
1669
- 'sender_nickname' => $nickname,
1670
- 'sender_info' => $sender_info,
1671
- 'js_on' => $checkjs,
1672
- ),
1673
- true
1674
- );
1675
- $ct_result = $base_call_result['ct_result'];
1676
-
1677
- $result = array(
1678
- 'allow' => $ct_result->allow,
1679
- 'comment' => $ct_result->comment,
1680
- );
1681
- return $result;
1682
- }
1683
-
1684
- /**
1685
- * Test users registration
1686
- * @return array with errors
1687
- */
1688
- function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1689
-
1690
- global $ct_checkjs_register_form, $apbct_cookie_request_id_label, $apbct_cookie_register_ok_label, $bp, $ct_signup_done, $ct_negative_comment, $apbct, $ct_registration_error_comment, $cleantalk_executed;
1691
-
1692
- // Go out if a registrered user action
1693
- if (apbct_is_user_enable() === false) {
1694
- return $errors;
1695
- }
1696
-
1697
- if ($apbct->settings['registrations_test'] == 0) {
1698
- return $errors;
1699
- }
1700
-
1701
- //
1702
- // The function already executed
1703
- // It happens when used ct_register_post();
1704
- //
1705
- if ($ct_signup_done && is_object($errors) && count($errors->errors) > 0) {
1706
- return $errors;
1707
- }
1708
-
1709
- // Facebook registration
1710
- if ($sanitized_user_login === null && isset($_POST['FB_userdata'])){
1711
- $sanitized_user_login = $_POST['FB_userdata']['name'];
1712
- $facebook = true;
1713
- }
1714
- if ($user_email === null && isset($_POST['FB_userdata'])){
1715
- $user_email = $_POST['FB_userdata']['email'];
1716
- $facebook = true;
1717
- }
1718
-
1719
- // BuddyPress actions
1720
- $buddypress = false;
1721
- if ($sanitized_user_login === null && isset($_POST['signup_username'])) {
1722
- $sanitized_user_login = $_POST['signup_username'];
1723
- $buddypress = true;
1724
- }
1725
- if ($user_email === null && isset($_POST['signup_email'])) {
1726
- $user_email = $_POST['signup_email'];
1727
- $buddypress = true;
1728
- }
1729
-
1730
- //
1731
- // Break tests because we already have servers response
1732
- //
1733
- if ($buddypress && $ct_signup_done) {
1734
- if ($ct_negative_comment) {
1735
- $bp->signup->errors['signup_username'] = $ct_negative_comment;
1736
- }
1737
- return $errors;
1738
- }
1739
-
1740
- $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1741
- $sender_info['post_checkjs_passed'] = $checkjs;
1742
- // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1743
- if ($checkjs == 0) {
1744
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1745
- $sender_info['cookie_checkjs_passed'] = $checkjs;
1746
- }
1747
-
1748
- $base_call_result = apbct_base_call(
1749
- array(
1750
- 'sender_email' => $user_email,
1751
- 'sender_nickname' => $sanitized_user_login,
1752
- 'sender_info' => $sender_info,
1753
- 'js_on' => $checkjs,
1754
- ),
1755
- true
1756
- );
1757
- $ct_result = $base_call_result['ct_result'];
1758
-
1759
- // Change mail notification if license is out of date
1760
- if($apbct->data['moderate'] == 0 &&
1761
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
1762
- ){
1763
- $apbct->sender_email = $user_email;
1764
- $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
1765
- add_filter('wp_new_user_notification_email_admin', 'apbct_registration__Wordpress__changeMailNotification', 100, 3);
1766
- }
1767
-
1768
- $ct_signup_done = true;
1769
-
1770
- $ct_result = ct_change_plugin_resonse($ct_result, $checkjs);
1771
-
1772
- $cleantalk_executed = true;
1773
-
1774
- if ($ct_result->inactive != 0) {
1775
- ct_send_error_notice($ct_result->comment);
1776
- return $errors;
1777
- }
1778
-
1779
- if ($ct_result->allow == 0) {
1780
-
1781
- if ($buddypress === true) {
1782
- $bp->signup->errors['signup_username'] = $ct_result->comment;
1783
- }elseif(!empty($facebook)){
1784
- $_POST['FB_userdata']['email'] = '';
1785
- $_POST['FB_userdata']['name'] = '';
1786
- return;
1787
- }else{
1788
- if(is_wp_error($errors))
1789
- $errors->add('ct_error', $ct_result->comment);
1790
- $ct_negative_comment = $ct_result->comment;
1791
- }
1792
-
1793
- $ct_registration_error_comment = $ct_result->comment;
1794
-
1795
- } else {
1796
- if ($ct_result->id !== null) {
1797
- setcookie($apbct_cookie_register_ok_label, $ct_result->id, time()+10, '/');
1798
- setcookie($apbct_cookie_request_id_label, $ct_result->id, time()+10, '/');
1799
- }
1800
- }
1801
-
1802
- return $errors;
1803
- }
1804
-
1805
- /**
1806
- * Changes email notification for newly registred user
1807
- *
1808
- * @param string $wp_new_user_notification_email_admin Body of email notification
1809
- * @param array $user User inof
1810
- * @param string $blogname Blog name
1811
- * @return string Body for email notification
1812
- */
1813
- function apbct_registration__Wordpress__changeMailNotification($wp_new_user_notification_email_admin, $user, $blogname){
1814
-
1815
- global $apbct;
1816
-
1817
- $wp_new_user_notification_email_admin['message'] = PHP_EOL
1818
- .__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk')
1819
- ."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1820
- ."\n" . 'IP: ' . $apbct->sender_ip
1821
- ."\n" . 'Email: ' . $apbct->sender_email
1822
- .PHP_EOL . PHP_EOL .
1823
- __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
1824
- .'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'
1825
- .($apbct->data['user_token']
1826
- ? '&iser_token='.$apbct->data['user_token']
1827
- : ''
1828
- )
1829
- .PHP_EOL . '---'
1830
- .PHP_EOL
1831
- .$wp_new_user_notification_email_admin['message'];
1832
-
1833
- return $wp_new_user_notification_email_admin;
1834
-
1835
-
1836
- }
1837
-
1838
- /**
1839
- * Checks registration error and set it if it was dropped
1840
- * @return errors
1841
- */
1842
- function ct_check_registration_erros($errors, $sanitized_user_login = null, $user_email = null) {
1843
- global $bp, $ct_registration_error_comment;
1844
-
1845
- if($ct_registration_error_comment){
1846
-
1847
- if(isset($bp))
1848
- if(method_exists($bp, 'signup'))
1849
- if(method_exists($bp->signup, 'errors'))
1850
- if(isset($bp->signup->errors['signup_username']))
1851
- if($bp->signup->errors['signup_username'] != $ct_registration_error_comment)
1852
- $bp->signup->errors['signup_username'] = $ct_registration_error_comment;
1853
-
1854
- if(isset($errors))
1855
- if(method_exists($errors, 'errors'))
1856
- if(isset($errors->errors['ct_error']))
1857
- if($errors->errors['ct_error'][0] != $ct_registration_error_comment)
1858
- $errors->add('ct_error', $ct_registration_error_comment);
1859
-
1860
- }
1861
- return $errors;
1862
- }
1863
-
1864
- /**
1865
- * Set user meta (ct_hash) for successed registration
1866
- * @return null
1867
- */
1868
- function apbct_user_register($user_id) {
1869
- global $apbct_cookie_request_id_label;
1870
- if (isset($_COOKIE[$apbct_cookie_request_id_label])) {
1871
- if(update_user_meta($user_id, 'ct_hash', $_COOKIE[$apbct_cookie_request_id_label])){
1872
- setcookie($apbct_cookie_request_id_label, '0', 1, '/');
1873
- }
1874
- }
1875
- }
1876
-
1877
-
1878
- /**
1879
- * Test for JetPack contact form
1880
- */
1881
- function ct_grunion_contact_form_field_html($r, $field_label) {
1882
- global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields, $apbct;
1883
-
1884
-
1885
-
1886
-
1887
- if ($apbct->settings['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match("/[text|email]/i", $r)) {
1888
-
1889
- // Looking for element name prefix
1890
- $name_patched = false;
1891
- foreach ($ct_jpcf_fields as $v) {
1892
- if ($name_patched === false && preg_match("/(g\d-)$v/", $r, $matches)) {
1893
- $ct_checkjs_jpcf = $matches[1] . $ct_checkjs_jpcf;
1894
- $name_patched = true;
1895
- }
1896
- }
1897
-
1898
- $r .= ct_add_hidden_fields($ct_checkjs_jpcf, true);
1899
- $ct_jpcf_patched = true;
1900
- }
1901
-
1902
- return $r;
1903
- }
1904
- /**
1905
- * Test for JetPack contact form
1906
- */
1907
- function ct_contact_form_is_spam($form) {
1908
-
1909
- global $ct_checkjs_jpcf, $apbct;
1910
-
1911
- if ($apbct->settings['contact_forms_test'] == 0) {
1912
- return null;
1913
- }
1914
-
1915
- $js_field_name = $ct_checkjs_jpcf;
1916
- foreach ($_POST as $k => $v) {
1917
- if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1918
- $js_field_name = $k;
1919
- }
1920
-
1921
- $sender_email = null;
1922
- $sender_nickname = null;
1923
- $message = '';
1924
- if (isset($form['comment_author_email']))
1925
- $sender_email = $form['comment_author_email'];
1926
-
1927
- if (isset($form['comment_author']))
1928
- $sender_nickname = $form['comment_author'];
1929
-
1930
- if (isset($form['comment_content']))
1931
- $message = $form['comment_content'];
1932
-
1933
- $base_call_result = apbct_base_call(
1934
- array(
1935
- 'message' => $message,
1936
- 'sender_email' => $sender_email,
1937
- 'sender_nickname' => $sender_nickname,
1938
- 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1939
- 'sender_info' => array('sender_url' => @$form['comment_author_url']),
1940
- 'js_on' => apbct_js_test($js_field_name, $_POST),
1941
- )
1942
- );
1943
- $ct_result = $base_call_result['ct_result'];
1944
-
1945
- if ($ct_result->allow == 0) {
1946
- global $ct_comment;
1947
- $ct_comment = $ct_result->comment;
1948
- ct_die(null, null);
1949
- exit;
1950
- }
1951
-
1952
- return (bool) !$ct_result->allow;
1953
- }
1954
-
1955
- function ct_contact_form_is_spam_jetpack($is_spam,$form) {
1956
- global $ct_checkjs_jpcf, $apbct;
1957
-
1958
- if ($apbct->settings['contact_forms_test'] == 0) {
1959
- return null;
1960
- }
1961
-
1962
- $js_field_name = $ct_checkjs_jpcf;
1963
- foreach ($_POST as $k => $v) {
1964
- if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1965
- $js_field_name = $k;
1966
- }
1967
-
1968
- $base_call_result = apbct_base_call(
1969
- array(
1970
- 'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
1971
- 'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
1972
- 'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
1973
- 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1974
- 'sender_info' => array('sender_url' => @$form['comment_author_url']),
1975
- )
1976
- );
1977
- $ct_result = $base_call_result['ct_result'];
1978
-
1979
- if ($ct_result->allow == 0) {
1980
- global $ct_comment;
1981
- $ct_comment = $ct_result->comment;
1982
- ct_die(null, null);
1983
- exit;
1984
- }
1985
-
1986
- return (bool) !$ct_result->allow;
1987
- }
1988
-
1989
- /**
1990
- * Inserts anti-spam hidden to WP Maintenance Mode (wpmm)
1991
- */
1992
- function apbct_form__wpmm__addField(){
1993
- ct_add_hidden_fields('ct_checkjs', false, true, true);
1994
- }
1995
-
1996
- /**
1997
- * Inserts anti-spam hidden to CF7
1998
- */
1999
- function apbct_form__contactForm7__addField($html) {
2000
- global $ct_checkjs_cf7, $apbct;
2001
-
2002
-
2003
-
2004
- if ($apbct->settings['contact_forms_test'] == 0) {
2005
- return $html;
2006
- }
2007
-
2008
- $html .= ct_add_hidden_fields($ct_checkjs_cf7, true);
2009
-
2010
- return $html;
2011
- }
2012
-
2013
- /**
2014
- * Test spam for Contact Fomr 7 (CF7) right before validation
2015
- *
2016
- * @global SpbcState $apbct
2017
- * @param type $result
2018
- * @param type $tags
2019
- * @return type
2020
- */
2021
- function apbct_form__contactForm7__tesSpam__before_validate($result = null, $tags = null) {
2022
- global $apbct;
2023
-
2024
- if ($result && method_exists($result, 'get_invalid_fields')){
2025
- $invalid_fields = $result->get_invalid_fields();
2026
- if(!empty($invalid_fields) && is_array($invalid_fields)){
2027
- $apbct->validation_error = $invalid_fields[key($invalid_fields)]['reason'];
2028
- apbct_form__contactForm7__testSpam(false);
2029
- }
2030
- }
2031
-
2032
- return $result;
2033
- }
2034
-
2035
- /**
2036
- * Test CF7 message for spam
2037
- */
2038
- function apbct_form__contactForm7__testSpam($param) {
2039
-
2040
- global $ct_checkjs_cf7, $apbct;
2041
-
2042
- if(
2043
- $apbct->settings['contact_forms_test'] == 0 ||
2044
- $param == false && WPCF7_VERSION < '3.0.0' ||
2045
- $param === true && WPCF7_VERSION >= '3.0.0' ||
2046
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() || // Skip processing for logged in users.
2047
- check_url_exclusions() ||
2048
- check_ip_exclusions() ||
2049
- isset($apbct->cf7_checked)
2050
- ){
2051
- return $param;
2052
- }
2053
-
2054
- $checkjs = apbct_js_test($ct_checkjs_cf7, $_POST)
2055
- ? apbct_js_test($ct_checkjs_cf7, $_POST)
2056
- : apbct_js_test('ct_checkjs', $_COOKIE);
2057
-
2058
- $ct_temp_msg_data = ct_get_fields_any($_POST);
2059
-
2060
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2061
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2062
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2063
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2064
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2065
- if ($subject != '') {
2066
- $message = array_merge(array('subject' => $subject), $message);
2067
- }
2068
-
2069
- $base_call_result = apbct_base_call(
2070
- array(
2071
- 'message' => $message,
2072
- 'sender_email' => $sender_email,
2073
- 'sender_nickname' => $sender_nickname,
2074
- 'js_on' => $checkjs,
2075
- 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
2076
- 'sender_info' => array(
2077
- 'form_validation' => !isset($apbct->validation_error)
2078
- ? null
2079
- : json_encode(array(
2080
- 'validation_notice' => $apbct->validation_error,
2081
- 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
2082
- ))
2083
- ),
2084
- )
2085
- );
2086
-
2087
- $ct_result = $base_call_result['ct_result'];
2088
-
2089
- // Change mail notification if license is out of date
2090
- if($apbct->data['moderate'] == 0 &&
2091
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2092
- ){
2093
- $apbct->sender_email = $sender_email;
2094
- $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2095
- add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
2096
- }
2097
-
2098
- if ($ct_result->allow == 0) {
2099
-
2100
- global $ct_cf7_comment;
2101
- $ct_cf7_comment = $ct_result->comment;
2102
-
2103
- add_filter('wpcf7_display_message', 'apbct_form__contactForm7__showResponse', 10, 2);
2104
-
2105
- $param = WPCF7_VERSION >= '3.0.0' ? true : false;
2106
-
2107
- }
2108
-
2109
- $apbct->cf7_checked = true;
2110
-
2111
- return $param;
2112
- }
2113
-
2114
- /**
2115
- * Changes CF7 status message
2116
- * @param string $hook URL of hooked page
2117
- */
2118
- function apbct_form__contactForm7__showResponse($message, $status = 'spam') {
2119
- global $ct_cf7_comment;
2120
-
2121
- if ($status == 'spam') {
2122
- $message = $ct_cf7_comment;
2123
- }
2124
-
2125
- return $message;
2126
- }
2127
-
2128
- /**
2129
- * Changes email notification for succes subscription for Contact Form 7
2130
- *
2131
- * @param array $component Arguments for email notification
2132
- * @return array Arguments for email notification
2133
- */
2134
- function apbct_form__contactForm7__changeMailNotification($component){
2135
-
2136
- global $apbct;
2137
-
2138
- $component['body'] =
2139
- __('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2140
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2141
- .PHP_EOL . 'IP: ' . $apbct->sender_ip
2142
- .PHP_EOL . 'Email: ' . $apbct->sender_email
2143
- .PHP_EOL . sprintf(
2144
- __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
2145
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=cf7_activate_antispam&user_token='.$apbct->user_token
2146
- )
2147
- .PHP_EOL . '---' . PHP_EOL . PHP_EOL
2148
- .$component['body'];
2149
-
2150
- return (array) $component;
2151
- }
2152
-
2153
- /**
2154
- * Test Ninja Forms message for spam
2155
- *
2156
- * @global SpbcState $apbct
2157
- * @return void
2158
- */
2159
- function apbct_form__ninjaForms__testSpam() {
2160
-
2161
- global $apbct;
2162
-
2163
- if(
2164
- $apbct->settings['contact_forms_test'] == 0
2165
- || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2166
- || check_url_exclusions()
2167
- ){
2168
- return;
2169
- }
2170
-
2171
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2172
-
2173
- // Choosing between POST and GET
2174
- $params = ct_get_fields_any(isset($_GET['ninja_forms_ajax_submit']) || isset($_GET['nf_ajax_submit']) ? $_GET : $_POST);
2175
-
2176
- $sender_email = ($params['email'] ? $params['email'] : '');
2177
- $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2178
- $subject = ($params['subject'] ? $params['subject'] : '');
2179
- $message = ($params['message'] ? $params['message'] : array());
2180
- if ($subject != '') {
2181
- $message = array_merge(array('subject' => $subject), $message);
2182
- }
2183
-
2184
- //Ninja Forms xml fix
2185
- foreach ($message as $key => $value){
2186
- if (strpos($value, '<xml>') !== false)
2187
- unset($message[$key]);
2188
- }
2189
-
2190
- $base_call_result = apbct_base_call(
2191
- array(
2192
- 'message' => $message,
2193
- 'sender_email' => $sender_email,
2194
- 'sender_nickname' => $sender_nickname,
2195
- 'post_info' => array('comment_type' => 'contact_form_wordpress_ninja_froms'),
2196
- 'js_on' => $checkjs,
2197
- )
2198
- );
2199
- $ct_result = $base_call_result['ct_result'];
2200
-
2201
- // Change mail notification if license is out of date
2202
- if($apbct->data['moderate'] == 0 &&
2203
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2204
- ){
2205
- $apbct->sender_email = $sender_email;
2206
- $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2207
- add_filter('ninja_forms_action_email_message', 'apbct_form__ninjaForms__changeMailNotification', 1, 3);
2208
- }
2209
-
2210
- if ($ct_result->allow == 0) {
2211
-
2212
- // We have to use GLOBAL variable to transfer the comment to apbct_form__ninjaForms__changeResponse() function :(
2213
- $apbct->response = $ct_result->comment;
2214
- add_action( 'ninja_forms_before_response', 'apbct_form__ninjaForms__changeResponse', 10, 1 );
2215
- }
2216
- }
2217
-
2218
- function apbct_form__ninjaForms__changeResponse( $data ) {
2219
-
2220
- global $apbct;
2221
-
2222
- // Show error message below field found by ID
2223
- if(array_key_exists('email', $data['fields_by_key'])){
2224
- // Find ID of EMAIL field
2225
- $nf_field_id = $data['fields_by_key']['email']['id'];
2226
- }else{
2227
- // Find ID of last field (usually SUBMIT)
2228
- $nf_field_id = array_pop(array_keys($data['fields']));
2229
- }
2230
-
2231
- // Below is modified NJ logic
2232
- $error = array(
2233
- 'fields' => array(
2234
- $nf_field_id => $apbct->response,
2235
- ),
2236
- );
2237
-
2238
- $response = array( 'data' => $data, 'errors' => $error, 'debug' => '' );
2239
-
2240
- die(wp_json_encode( $response, JSON_FORCE_OBJECT ));
2241
-
2242
- }
2243
-
2244
- /**
2245
- * Changes email notification for succes subscription for Ninja Forms
2246
- *
2247
- * @param string $message Body of email notification
2248
- * @return string Body for email notification
2249
- */
2250
- function apbct_form__ninjaForms__changeMailNotification($message, $data, $action_settings){
2251
-
2252
- global $apbct;
2253
-
2254
- if($action_settings['to'] !== $apbct->sender_email){
2255
-
2256
- $message .= wpautop(PHP_EOL . '---'
2257
- .PHP_EOL
2258
- .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2259
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2260
- .PHP_EOL . 'IP: ' . $apbct->sender_ip
2261
- .PHP_EOL . 'Email: ' . $apbct->sender_email
2262
- .PHP_EOL .
2263
- __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
2264
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token
2265
- );
2266
- }
2267
-
2268
- return $message;
2269
- }
2270
-
2271
- /**
2272
- * Inserts anti-spam hidden to WPForms
2273
- *
2274
- * @global SpbcState $apbct
2275
- * @return void
2276
- */
2277
- function apbct_form__WPForms__addField($form_data, $some, $title, $description, $errors) {
2278
-
2279
- global $apbct;
2280
-
2281
- if($apbct->settings['contact_forms_test'] == 1)
2282
- ct_add_hidden_fields('checkjs_wpforms', false);
2283
-
2284
- }
2285
-
2286
- /**
2287
- * Gather fields data from submission and store it
2288
- *
2289
- * @global SpbcState $apbct
2290
- * @param array $entry
2291
- * @param array $form_data
2292
- * @return array
2293
- */
2294
- function apbct_from__WPForms__gatherData($entry, $form_data){
2295
-
2296
- global $apbct;
2297
-
2298
- $apbct->form_data = $entry['fields'];
2299
-
2300
- return $entry;
2301
- }
2302
-
2303
- /**
2304
- * Adding error to form entry if message is spam
2305
- * Call spam test from here
2306
- *
2307
- * @param array $errors
2308
- * @param array $form_data
2309
- * @return array
2310
- */
2311
- function apbct_form__WPForms__showResponse($errors, $form_data) {
2312
-
2313
- if(empty($errors) || ( isset($form_data['id'], $errors[$form_data['id']]) && !count($errors[$form_data['id']]) ) ){
2314
-
2315
- $spam_comment = apbct_form__WPForms__testSpam();
2316
-
2317
- if($spam_comment)
2318
- $errors[$form_data['id']][0] = $spam_comment;
2319
-
2320
- }
2321
-
2322
- return $errors;
2323
- }
2324
-
2325
- /**
2326
- * Test WPForms message for spam
2327
- * Doesn't hooked anywhere.
2328
- * Called directly from apbct_form__WPForms__showResponse()
2329
- *
2330
- * @global SpbcState $apbct
2331
- * @global array $apbct->form_data Contains form data
2332
- * @param array $errors Array of errors to write false result in
2333
- * @return void
2334
- */
2335
- function apbct_form__WPForms__testSpam() {
2336
-
2337
- global $apbct;
2338
-
2339
- if(
2340
- $apbct->settings['contact_forms_test'] == 0 ||
2341
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
2342
- ){
2343
- return;
2344
- }
2345
-
2346
- $checkjs = apbct_js_test('checkjs_wpforms', $_POST);
2347
-
2348
- $params = ct_get_fields_any($apbct->form_data);
2349
-
2350
- $sender_email = ($params['email'] ? $params['email'] : '');
2351
- $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2352
- $subject = ($params['subject'] ? $params['subject'] : '');
2353
- $message = ($params['message'] ? $params['message'] : array());
2354
- if ($subject != '') {
2355
- $message = array_merge(array('subject' => $subject), $message);
2356
- }
2357
-
2358
- $base_call_result = apbct_base_call(
2359
- array(
2360
- 'message' => $message,
2361
- 'sender_email' => $sender_email,
2362
- 'sender_nickname' => $sender_nickname,
2363
- 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2364
- 'js_on' => $checkjs,
2365
- )
2366
- );
2367
- $ct_result = $base_call_result['ct_result'];
2368
-
2369
- // Change mail notification if license is out of date
2370
- if($apbct->data['moderate'] == 0 &&
2371
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2372
- ){
2373
- $apbct->sender_email = $sender_email;
2374
- $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2375
- add_filter('wpforms_email_message', 'apbct_form__WPForms__changeMailNotification', 100, 2);
2376
- }
2377
-
2378
- if ($ct_result->allow == 0){
2379
- return $ct_result->comment;
2380
- }
2381
-
2382
- return null;
2383
-
2384
- }
2385
-
2386
- /**
2387
- * Changes email notification for succes subscription for Ninja Forms
2388
- *
2389
- * @param string $message Body of email notification
2390
- * @param WPForms_WP_Emails $wpforms_email WPForms email class object
2391
- * @return string Body for email notification
2392
- */
2393
- function apbct_form__WPForms__changeMailNotification($message, $wpforms_email){
2394
-
2395
- global $apbct;
2396
-
2397
- $message = str_replace('</html>', '', $message);
2398
- $message = str_replace('</body>', '', $message);
2399
- $message .= wpautop(PHP_EOL . '---'
2400
- .PHP_EOL
2401
- .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2402
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2403
- .PHP_EOL . 'IP: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_ip . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_ip . '</a>'
2404
- .PHP_EOL . 'Email: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_email . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_email . '</a>'
2405
- .PHP_EOL . sprintf(
2406
- __('Activate protection in your %sAnti-Spam Dashboard%s.', 'clentalk'),
2407
- '<a href="https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_activate_antispam" target="_blank">',
2408
- '</a>'
2409
- ))
2410
- .'</body></html>';
2411
-
2412
- return $message;
2413
-
2414
- }
2415
-
2416
- /*
2417
- * QuForms check spam
2418
- * works with singl-paged forms
2419
- * and with multi-paged forms - check only last step of the forms
2420
- */
2421
- function ct_quform_post_validate($result, $form) {
2422
-
2423
- if ( $form->hasPages() ) {
2424
- $comment_type = 'contact_form_wordpress_quforms_multipage';
2425
- } else {
2426
- $comment_type = 'contact_form_wordpress_quforms_singlepage';
2427
- }
2428
-
2429
- $ct_temp_msg_data = ct_get_fields_any( $form->getValues() );
2430
- // @ToDo If we have several emails at the form - will be used only the first detected!
2431
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2432
-
2433
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2434
- $base_call_result = apbct_base_call(
2435
- array(
2436
- 'message' => $form->getValues(),
2437
- 'sender_email' => $sender_email,
2438
- 'post_info' => array('comment_type' => $comment_type),
2439
- 'js_on' => $checkjs,
2440
- )
2441
- );
2442
-
2443
- $ct_result = $base_call_result['ct_result'];
2444
- if ($ct_result->allow == 0) {
2445
- die(json_encode(array('type' => 'error', 'apbct' => array('blocked' => true, 'comment' => $ct_result->comment))));
2446
- } else {
2447
- return $result;
2448
- }
2449
-
2450
- return $result;
2451
-
2452
- }
2453
-
2454
- /**
2455
- * Inserts anti-spam hidden to Fast Secure contact form
2456
- */
2457
- function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
2458
- $string .= ct_add_hidden_fields('ct_checkjs', true);
2459
- return $string;
2460
- }
2461
-
2462
- /**
2463
- * Test for Fast Secure contact form
2464
- */
2465
- function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
2466
- global $apbct, $cleantalk_executed;
2467
-
2468
- if (!empty($form_errors))
2469
- return $form_errors;
2470
-
2471
- if ($apbct->settings['contact_forms_test'] == 0)
2472
- return $form_errors;
2473
-
2474
- // Skip processing because data already processed.
2475
- if ($cleantalk_executed) {
2476
- return $form_errors;
2477
- }
2478
-
2479
- //getting info from custom fields
2480
- $ct_temp_msg_data = ct_get_fields_any($_POST);
2481
-
2482
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2483
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2484
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2485
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2486
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2487
- if($subject != '') {
2488
- $message['subject'] = $subject;
2489
- }
2490
-
2491
- $base_call_result = apbct_base_call(
2492
- array(
2493
- 'message' => $message,
2494
- 'sender_email' => $sender_email,
2495
- 'sender_nickname' => $sender_nickname,
2496
- 'post_info' => array('comment_type' => 'contact_form_wordpress_fscf'),
2497
- 'js_on' => apbct_js_test('ct_checkjs', $_POST),
2498
- )
2499
- );
2500
-
2501
- $ct_result = $base_call_result['ct_result'];
2502
-
2503
- $cleantalk_executed = true;
2504
-
2505
- if ($ct_result->allow == 0) {
2506
- global $ct_comment;
2507
- $ct_comment = $ct_result->comment;
2508
- ct_die(null, null);
2509
- exit;
2510
- }
2511
-
2512
- return $form_errors;
2513
- }
2514
-
2515
- /**
2516
- * Notice for commentators which comment has automatically approved by plugin
2517
- * @param string $hook URL of hooked page
2518
- */
2519
- function ct_comment_text($comment_text) {
2520
- global $comment, $ct_approved_request_id_label;
2521
-
2522
- if (isset($_COOKIE[$ct_approved_request_id_label]) && isset($comment->comment_ID)) {
2523
- $ct_hash = get_comment_meta($comment->comment_ID, 'ct_hash', true);
2524
-
2525
- if ($ct_hash !== '' && $_COOKIE[$ct_approved_request_id_label] == $ct_hash) {
2526
- $comment_text .= '<br /><br /> <em class="comment-awaiting-moderation">' . __('Comment approved. Anti-spam by CleanTalk.', 'cleantalk') . '</em>';
2527
- }
2528
- }
2529
-
2530
- return $comment_text;
2531
- }
2532
-
2533
-
2534
- /**
2535
- * Checks WordPress Landing Pages raw $_POST values
2536
- */
2537
- function ct_check_wplp(){
2538
-
2539
- global $ct_wplp_result_label, $apbct;
2540
-
2541
- if (!isset($_COOKIE[$ct_wplp_result_label])) {
2542
- // First AJAX submit of WPLP form
2543
- if ($apbct->settings['contact_forms_test'] == 0)
2544
- return;
2545
-
2546
- $post_info['comment_type'] = 'feedback';
2547
- $post_info = json_encode($post_info);
2548
- if ($post_info === false)
2549
- $post_info = '';
2550
-
2551
- $sender_email = '';
2552
- foreach ($_POST as $v) {
2553
- if (preg_match("/^\S+@\S+\.\S+$/", $v)) {
2554
- $sender_email = $v;
2555
- break;
2556
- }
2557
- }
2558
-
2559
- $message = '';
2560
- if(array_key_exists('form_input_values', $_POST)){
2561
- $form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
2562
- if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
2563
- $message = $form_input_values['null'];
2564
- } else if (array_key_exists('null', $_POST)) {
2565
- $message = $_POST['null'];
2566
- }
2567
-
2568
- $base_call_result = apbct_base_call(
2569
- array(
2570
- 'message' => $message,
2571
- 'sender_email' => $sender_email,
2572
- 'post_info' => array('comment_type' => 'contact_form_wordpress_wplp'),
2573
- )
2574
- );
2575
-
2576
- $ct_result = $base_call_result['ct_result'];
2577
-
2578
- if ($ct_result->allow == 0) {
2579
- $cleantalk_comment = $ct_result->comment;
2580
- } else {
2581
- $cleantalk_comment = 'OK';
2582
- }
2583
-
2584
- setcookie($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
2585
- } else {
2586
- // Next POST/AJAX submit(s) of same WPLP form
2587
- $cleantalk_comment = $_COOKIE[$ct_wplp_result_label];
2588
- }
2589
- if ($cleantalk_comment !== 'OK')
2590
- ct_die_extended($cleantalk_comment);
2591
- }
2592
-
2593
- /**
2594
- * Places a hidding field to Gravity forms.
2595
- * @return string
2596
- */
2597
- function apbct_form__gravityForms__addField($form_string, $form){
2598
- $ct_hidden_field = 'ct_checkjs';
2599
-
2600
- // Do not add a hidden field twice.
2601
- if (preg_match("/$ct_hidden_field/", $form_string)) {
2602
- return $form_string;
2603
- }
2604
-
2605
- $search = "</form>";
2606
-
2607
- // Adding JS code
2608
- $js_code = ct_add_hidden_fields($ct_hidden_field, true, false);
2609
- $form_string = str_replace($search, $js_code . $search, $form_string);
2610
-
2611
- // Adding field for multipage form. Look for cleantalk.php -> apbct_cookie();
2612
- $append_string = isset($form['lastPageButton']) ? "<input type='hidden' name='ct_multipage_form' value='yes'>" : '';
2613
- $form_string = str_replace($search, $append_string.$search, $form_string);
2614
-
2615
- return $form_string;
2616
- }
2617
-
2618
- /**
2619
- * Gravity forms anti-spam test.
2620
- * @return boolean
2621
- */
2622
- function apbct_form__gravityForms__testSpam($is_spam, $form, $entry) {
2623
-
2624
- global $apbct, $cleantalk_executed, $ct_gform_is_spam, $ct_gform_response;
2625
-
2626
- if (
2627
- $apbct->settings['contact_forms_test'] == 0 ||
2628
- $is_spam ||
2629
- $cleantalk_executed // Return unchanged result if the submission was already tested.
2630
- )
2631
- return $is_spam;
2632
-
2633
- $ct_temp = array();
2634
- foreach($entry as $key => $value){
2635
- if(is_numeric($key))
2636
- $ct_temp[$key]=$value;
2637
- } unset($key, $value);
2638
-
2639
- $ct_temp_msg_data = ct_get_fields_any($ct_temp);
2640
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2641
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2642
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2643
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2644
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2645
-
2646
- // Adding 'input_' to every field /Gravity Forms fix/
2647
- $message = array_flip($message);
2648
- foreach($message as &$value){
2649
- $value = 'input_'.$value;
2650
- } unset($value);
2651
- $message = array_flip($message);
2652
-
2653
- if($subject != '')
2654
- $message['subject'] = $subject;
2655
-
2656
- $checkjs = apbct_js_test('ct_checkjs', $_POST)
2657
- ? apbct_js_test('ct_checkjs', $_POST)
2658
- : apbct_js_test('ct_checkjs', $_COOKIE);
2659
-
2660
- $base_call_result = apbct_base_call(
2661
- array(
2662
- 'message' => $message,
2663
- 'sender_email' => $sender_email,
2664
- 'sender_nickname' => $sender_nickname,
2665
- 'post_info' => array('comment_type' => 'contact_form_wordpress_gravity_forms'),
2666
- 'js_on' => $checkjs,
2667
- )
2668
- );
2669
-
2670
- $ct_result = $base_call_result['ct_result'];
2671
- if ($ct_result->allow == 0) {
2672
- $is_spam = true;
2673
- $ct_gform_is_spam = true;
2674
- $ct_gform_response = $ct_result->comment;
2675
- }
2676
-
2677
- return $is_spam;
2678
- }
2679
-
2680
- function apbct_form__gravityForms__showResponse( $confirmation, $form, $entry, $ajax ){
2681
-
2682
- global $ct_gform_is_spam, $ct_gform_response;
2683
-
2684
- if(!empty($ct_gform_is_spam)){
2685
- $confirmation = '<a id="gf_'.$form['id'].'" class="gform_anchor" ></a><div id="gform_confirmation_wrapper_'.$form['id'].'" class="gform_confirmation_wrapper "><div id="gform_confirmation_message_'.$form['id'].'" class="gform_confirmation_message_'.$form['id'].' gform_confirmation_message"><font style="color: red">'.$ct_gform_response.'</font></div></div>';
2686
- }
2687
-
2688
- return $confirmation;
2689
- }
2690
-
2691
- /**
2692
- * Test S2member registration
2693
- * @return array with errors
2694
- */
2695
- function ct_s2member_registration_test($post_key) {
2696
-
2697
- global $apbct;
2698
-
2699
- if ($apbct->settings['registrations_test'] == 0) {
2700
- return null;
2701
- }
2702
-
2703
- $sender_email = isset($_POST[$post_key]['email']) ? sanitize_email($_POST[$post_key]['email']) : null;
2704
- $sender_nickname = isset($_POST[$post_key]['username']) ? sanitize_email($_POST[$post_key]['username']) : null;
2705
-
2706
- //Making a call
2707
- $base_call_result = apbct_base_call(
2708
- array(
2709
- 'sender_email' => $sender_email,
2710
- 'sender_nickname' => $sender_nickname,
2711
- ),
2712
- true
2713
- );
2714
- $ct_result = $base_call_result['ct_result'];
2715
-
2716
- if ($ct_result->allow == 0) {
2717
- ct_die_extended($ct_result->comment);
2718
- }
2719
-
2720
- return true;
2721
- }
2722
-
2723
- /**
2724
- * General test for any contact form
2725
- */
2726
- function ct_contact_form_validate() {
2727
-
2728
- global $pagenow,$cleantalk_executed, $cleantalk_url_exclusions,$apbct, $ct_checkjs_frm;
2729
-
2730
- if($cleantalk_executed)
2731
- return null;
2732
-
2733
- if (@sizeof($_POST)==0 ||
2734
- (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2735
- (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2736
- (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2737
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'lostpassword') !== false) ||
2738
- (strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!== false && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
2739
- strpos($_SERVER['REQUEST_URI'],'wp-login.php')!==false||
2740
- strpos($_SERVER['REQUEST_URI'],'wp-comments-post.php')!==false ||
2741
- strpos($_SERVER['REQUEST_URI'],'?provider=facebook&')!==false ||
2742
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'/wp-admin/') !== false) ||
2743
- strpos($_SERVER['REQUEST_URI'],'/login/')!==false ||
2744
- strpos($_SERVER['REQUEST_URI'], '/my-account/edit-account/')!==false || //WooCommerce edit account page
2745
- (isset($_POST['action']) && $_POST['action'] == 'save_account_details') || //WooCommerce edit account action
2746
- strpos($_SERVER['REQUEST_URI'], '/peepsoajax/profilefieldsajax.validate_register')!== false ||
2747
- isset($_GET['ptype']) && $_GET['ptype']=='login' ||
2748
- check_url_exclusions() ||
2749
- check_ip_exclusions() ||
2750
- ct_check_array_keys($_POST) ||
2751
- isset($_POST['ct_checkjs_register_form']) ||
2752
- (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
2753
- $apbct->settings['general_contact_forms_test'] == 0 ||
2754
- isset($_POST['bbp_topic_content']) ||
2755
- isset($_POST['bbp_reply_content']) ||
2756
- isset($_POST['fscf_submitted']) ||
2757
- strpos($_SERVER['REQUEST_URI'],'/wc-api/')!==false ||
2758
- isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit']) ||
2759
- isset($_POST[$ct_checkjs_frm]) && $apbct->settings['contact_forms_test'] == 1 ||// Formidable forms
2760
- isset($_POST['comment_post_ID']) || // The comment form
2761
- isset($_GET['for']) ||
2762
- (isset($_POST['log'], $_POST['pwd'])) || //WooCommerce Sensei login form fix
2763
- (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || // WooCommerce recovery password form
2764
- ((isset($_POST['woocommerce-login-nonce']) || isset($_POST['_wpnonce'])) && isset($_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || // WooCommerce login form
2765
- (isset($_POST['wc-api']) && strtolower($_POST['wc-api']) == 'wc_gateway_systempay') || // Woo Systempay payment plugin
2766
- (isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) || //CF7 fix)
2767
- (isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) ||//Mobile Assistant Connector fix
2768
- isset($_POST['gform_submit']) || //Gravity form
2769
- strpos($_SERVER['REQUEST_URI'], 'wc-ajax=get_refreshed_fragments') !== false ||
2770
- (isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) ||
2771
- (isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) ||
2772
- (strpos($_SERVER['REQUEST_URI'], 'bizuno.php') && !empty($_POST['bizPass'])) ||
2773
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'my-dashboard/') !== false) || // ticket_id=7885
2774
- isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) || // ticket_id=9122
2775
- (isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') || // WPForms
2776
- (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') || // JetPack
2777
- (isset($_POST['action']) && $_POST['action'] == 'bbp-update-user') || //BBP update user info page
2778
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'?wc-api=WC_Gateway_Transferuj') !== false) || //WC Gateway
2779
- (isset($_GET['mbr'], $_GET['amp;appname'], $_GET['amp;master'])) || // ticket_id=10773
2780
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'lost-password') !== false) || //Skip lost-password form check
2781
- (isset($_POST['call_function']) && $_POST['call_function'] == 'push_notification_settings') || // Skip mobile requests (push settings)
2782
- (strpos($_SERVER['REQUEST_URI'],'membership-login')!==false ) || // Skip login form
2783
- (isset($_GET['cookie-state-change'])) || //skip GDPR plugin
2784
- (isset($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] == 'MailChimp' && strpos($_SERVER['REQUEST_URI'], 'mc4wp-sync-api/webhook-listener') !== false) || // Mailchimp webhook skip
2785
- (strpos($_SERVER['REQUEST_URI'],'researcher-log-in')!==false ) || // Skip login form
2786
- (strpos($_SERVER['REQUEST_URI'],'admin_aspcms/_system/AspCms_SiteSetting.asp?action=saves')!==false ) || // Skip admin save callback
2787
- (strpos($_SERVER['REQUEST_URI'],'?profile_tab=postjobs')!==false ) || // Skip post vacancies
2788
- (isset($_POST['btn_insert_post_type_hotel']) && $_POST['btn_insert_post_type_hotel'] == 'SUBMIT HOTEL') || // Skip adding hotel
2789
- (isset($_POST['action']) && $_POST['action'] == 'updraft_savesettings') || // Updraft save settings
2790
- isset($_POST['quform_submit']) //QForms multi-paged form skip
2791
- ) {
2792
- return null;
2793
- }
2794
-
2795
- // Do not execute anti-spam test for logged in users.
2796
- if (isset($_COOKIE[LOGGED_IN_COOKIE]) && $apbct->settings['protect_logged_in'] != 1)
2797
- return null;
2798
-
2799
- $post_info['comment_type'] = 'feedback_general_contact_form';
2800
-
2801
- // Skip the test if it's WooCommerce and the checkout test unset
2802
- if(strpos($_SERVER['REQUEST_URI'], 'wc-ajax=checkout') !== false ||
2803
- strpos($_SERVER['REQUEST_URI'], 'wc-ajax=update_order_review') !== false ||
2804
- (isset($_POST['_wp_http_referer']) && strpos($_SERVER['REQUEST_URI'], 'wc-ajax=update_order_review') !== false) ||
2805
- !empty($_POST['woocommerce_checkout_place_order']) ||
2806
- strpos($_SERVER['REQUEST_URI'], 'wc-ajax=wc_ppec_start_checkout') !== false
2807
- ){
2808
- $post_info['comment_type'] = 'order';
2809
- if($apbct->settings['wc_checkout_test'] == 0){
2810
- if ( $apbct->settings['wc_register_from_order'] == 1 && ! is_user_logged_in() ) {
2811
- $post_info['comment_type'] = 'wc_register_from_order';
2812
- } else {
2813
- remove_filter('woocommerce_register_post', 'ct_register_post', 1 );
2814
- return null;
2815
- }
2816
- }
2817
- }
2818
-
2819
- $ct_temp_msg_data = ct_get_fields_any($_POST);
2820
-
2821
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2822
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2823
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2824
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2825
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2826
- if ($subject != '') {
2827
- $message = array_merge(array('subject' => $subject), $message);
2828
- }
2829
-
2830
- // Skip submission if no data found
2831
- if ($sender_email === ''|| !$contact_form) {
2832
- return false;
2833
- }
2834
- $cleantalk_executed=true;
2835
-
2836
- if(isset($_POST['TellAFriend_Link'])){
2837
- $tmp = $_POST['TellAFriend_Link'];
2838
- unset($_POST['TellAFriend_Link']);
2839
- }
2840
-
2841
- $base_call_result = apbct_base_call(
2842
- array(
2843
- 'message' => $message,
2844
- 'sender_email' => $sender_email,
2845
- 'sender_nickname' => $sender_nickname,
2846
- 'post_info' => $post_info,
2847
- )
2848
- );
2849
-
2850
- if(isset($_POST['TellAFriend_Link'])){
2851
- $_POST['TellAFriend_Link']=$tmp;
2852
- }
2853
-
2854
- $ct_result = $base_call_result['ct_result'];
2855
- if ($ct_result->allow == 0) {
2856
-
2857
- // Recognize contact form an set it's name to $contact_form to use later
2858
- $contact_form = null;
2859
- foreach($_POST as $param => $value){
2860
- if(strpos($param, 'et_pb_contactform_submit') === 0){
2861
- $contact_form = 'contact_form_divi_theme';
2862
- $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
2863
- }
2864
- if(strpos($param, 'avia_generated_form') === 0){
2865
- $contact_form = 'contact_form_enfold_theme';
2866
- $contact_form_additional = str_replace('avia_generated_form', '', $param);
2867
- }
2868
- if(!empty($contact_form))
2869
- break;
2870
- }
2871
-
2872
- $ajax_call = false;
2873
- if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
2874
- ) {
2875
- $ajax_call = true;
2876
- }
2877
- if ($ajax_call) {
2878
- echo $ct_result->comment;
2879
- } else {
2880
-
2881
- global $ct_comment;
2882
- $ct_comment = $ct_result->comment;
2883
- if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add'){
2884
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
2885
- header("Content-Type: application/json");
2886
- print json_encode($result);
2887
- die();
2888
-
2889
- }else if(isset($_POST['TellAFriend_email'])){
2890
- echo $ct_result->comment;
2891
- die();
2892
-
2893
- }else if(isset($_POST['gform_submit'])){ // Gravity forms submission
2894
- $response = sprintf("<!DOCTYPE html><html><head><meta charset='UTF-8' /></head><body class='GF_AJAX_POSTBACK'><div id='gform_confirmation_wrapper_1' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_1' class='gform_confirmation_message_1
2895
- gform_confirmation_message'>%s</div></div></body></html>",
2896
- $ct_result->comment
2897
- );
2898
- echo $response;
2899
- die();
2900
-
2901
- }elseif(isset($_POST['_wp_http_referer']) && strpos($_POST['_wp_http_referer'],'wc-ajax=update_order_review')){ //WooCommerce checkout ("Place Oreder button")
2902
- $result = Array(
2903
- 'result' => 'failure',
2904
- 'messages' => "<ul class=\"woocommerce-error\"><li>".$ct_result->comment."</li></ul>",
2905
- 'refresh' => 'false',
2906
- 'reload' => 'false'
2907
- );
2908
- print json_encode($result);
2909
- die();
2910
-
2911
- }elseif(isset($_POST['action']) && $_POST['action'] == 'ct_check_internal'){
2912
- return $ct_result->comment;
2913
-
2914
- }elseif(isset($_POST['vfb-submit']) && defined('VFB_VERSION')){
2915
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
2916
- // Caldera Contact Forms
2917
- }elseif(isset($_POST['action']) && $_POST['action'] == 'cf_process_ajax_submit'){
2918
- print json_encode("<h3 style='color: red;'><red>".$ct_result->comment);
2919
- die();
2920
- // Mailster
2921
- }elseif(isset($_POST['_referer'], $_POST['formid'], $_POST['email'])){
2922
- $return = array(
2923
- 'success' => false,
2924
- 'html' => '<p>' . $ct_result->comment . '</p>',
2925
- );
2926
- print json_encode($return);
2927
- die();
2928
- // Divi Theme Contact Form. Using $contact_form
2929
- }elseif(!empty($contact_form) && $contact_form == 'contact_form_divi_theme'){
2930
- echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
2931
- die();
2932
- // Enfold Theme Contact Form. Using $contact_form
2933
- }elseif(!empty($contact_form) && $contact_form == 'contact_form_enfold_theme'){
2934
- echo "<div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1' style='display: block;'><div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1'><h3 class='avia-form-success'>Antispam by CleanTalk: ".$ct_result->comment."</h3><a href='.'><-Back</a></div></div>";
2935
- die();
2936
- }else{
2937
- ct_die(null, null);
2938
- }
2939
- }
2940
- exit;
2941
- }
2942
-
2943
- return null;
2944
- }
2945
-
2946
- /**
2947
- * General test for any post data
2948
- */
2949
- function ct_contact_form_validate_postdata() {
2950
-
2951
- global $pagenow,$cleantalk_executed, $cleantalk_url_exclusions, $apbct;
2952
-
2953
- if($cleantalk_executed)
2954
- return null;
2955
-
2956
- if ((defined( 'DOING_AJAX' ) && DOING_AJAX))
2957
- return null;
2958
-
2959
- if (@sizeof($_POST)==0 ||
2960
- (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2961
- (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2962
- (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2963
- strpos($_SERVER['REQUEST_URI'],'/checkout/')!==false ||
2964
- /* WooCommerce Service Requests - skip them */
2965
- isset($_GET['wc-ajax']) && (
2966
- $_GET['wc-ajax']=='checkout' ||
2967
- $_GET['wc-ajax']=='get_refreshed_fragments' ||
2968
- $_GET['wc-ajax']=='apply_coupon' ||
2969
- $_GET['wc-ajax']=='remove_coupon' ||
2970
- $_GET['wc-ajax']=='update_shipping_method' ||
2971
- $_GET['wc-ajax']=='get_cart_totals' ||
2972
- $_GET['wc-ajax']=='update_order_review' ||
2973
- $_GET['wc-ajax']=='add_to_cart' ||
2974
- $_GET['wc-ajax']=='remove_from_cart' ||
2975
- $_GET['wc-ajax']=='get_variation' ||
2976
- $_GET['wc-ajax']=='get_customer_location'
2977
- ) ||
2978
- /* END: WooCommerce Service Requests */
2979
- strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false ||
2980
- strpos($_SERVER['REQUEST_URI'],'wp-login.php')!==false||
2981
- strpos($_SERVER['REQUEST_URI'],'wp-comments-post.php')!==false ||
2982
- @strpos($_SERVER['HTTP_REFERER'],'/wp-admin/')!==false ||
2983
- strpos($_SERVER['REQUEST_URI'],'/login/')!==false||
2984
- strpos($_SERVER['REQUEST_URI'],'?provider=facebook&')!==false ||
2985
- isset($_GET['ptype']) && $_GET['ptype']=='login' ||
2986
- check_url_exclusions() ||
2987
- check_ip_exclusions() ||
2988
- ct_check_array_keys($_POST) ||
2989
- isset($_POST['ct_checkjs_register_form']) ||
2990
- (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
2991
- $apbct->settings['general_contact_forms_test']==0 ||
2992
- isset($_POST['bbp_topic_content']) ||
2993
- isset($_POST['bbp_reply_content']) ||
2994
- isset($_POST['fscf_submitted']) ||
2995
- isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit'])||
2996
- strpos($_SERVER['REQUEST_URI'],'/wc-api/')!==false ||
2997
- (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || //WooCommerce recovery password form
2998
- (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || //WooCommerce login form
2999
- (isset($_POST['provider'], $_POST['authcode']) && $_POST['provider'] == 'Two_Factor_Totp') || //TwoFactor authorization
3000
- (isset($_GET['wc-ajax']) && $_GET['wc-ajax'] == 'sa_wc_buy_now_get_ajax_buy_now_button') || //BuyNow add to cart
3001
- strpos($_SERVER['REQUEST_URI'],'/wp-json/wpstatistics/v1/hit')!==false || //WPStatistics
3002
- (isset($_POST['ihcaction']) && $_POST['ihcaction'] == 'login') || //Skip login form
3003
- (isset($_POST['action']) && $_POST['action'] == 'infinite_scroll') //Scroll
3004
- ) {
3005
- return null;
3006
- }
3007
-
3008
- $message = ct_get_fields_any_postdata($_POST);
3009
-
3010
- // ???
3011
- if(strlen(json_encode($message))<10)
3012
- return null;
3013
-
3014
- // Skip if request contains params
3015
- $skip_params = array(
3016
- 'ipn_track_id', // PayPal IPN #
3017
- 'txn_type', // PayPal transaction type
3018
- 'payment_status', // PayPal payment status
3019
- );
3020
- foreach($skip_params as $key=>$value){
3021
- if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
3022
- return null;
3023
- }
3024
-
3025
- $base_call_result = apbct_base_call(
3026
- array(
3027
- 'message' => $message,
3028
- 'post_info' => array('comment_type' => 'feedback_general_postdata'),
3029
- )
3030
- );
3031
-
3032
- $cleantalk_executed=true;
3033
-
3034
- $ct_result = $base_call_result['ct_result'];
3035
-
3036
- if ($ct_result->allow == 0) {
3037
-
3038
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
3039
- global $ct_comment;
3040
- $ct_comment = $ct_result->comment;
3041
- if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add')
3042
- {
3043
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3044
- header("Content-Type: application/json");
3045
- print json_encode($result);
3046
- die();
3047
- }
3048
- else
3049
- {
3050
- ct_die(null, null);
3051
- }
3052
- } else {
3053
- echo $ct_result->comment;
3054
- }
3055
- exit;
3056
- }
3057
-
3058
- return null;
3059
- }
3060
-
3061
-
3062
- /**
3063
- * Inner function - Finds and returns pattern in string
3064
- * @return null|bool
3065
- */
3066
- function ct_get_data_from_submit($value = null, $field_name = null) {
3067
- if (!$value || !$field_name || !is_string($value)) {
3068
- return false;
3069
- }
3070
- if (preg_match("/[a-z0-9_\-]*" . $field_name. "[a-z0-9_\-]*$/", $value)) {
3071
- return true;
3072
- }
3073
- }
3074
-
3075
- /**
3076
- * Sends error notice to admin
3077
- * @return null
3078
- */
3079
- function ct_send_error_notice ($comment = '') {
3080
- global $ct_admin_notoice_period, $apbct;
3081
-
3082
- $timelabel_reg = intval( get_option('cleantalk_timelabel_reg') );
3083
- if(time() - $ct_admin_notoice_period > $timelabel_reg){
3084
- update_option('cleantalk_timelabel_reg', time());
3085
-
3086
- $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3087
- $message = __('Attention, please!', 'cleantalk') . "\r\n\r\n";
3088
- $message .= sprintf(__('"%s" plugin error on your site "%s":', 'cleantalk'), $apbct->plugin_name, $blogname) . "\r\n\r\n";
3089
- $message .= preg_replace('/^(.*?)<a.*?"(.*?)".*?>(.*?)<.a>(.*)$/', '$1. $3: $2?user_token='. $apbct->user_token .' $4', $comment) . "\r\n\r\n";
3090
- @wp_mail(ct_get_admin_email(), sprintf(__('[%s] "%s" error!', 'cleantalk'), $apbct->plugin_name, $blogname), $message);
3091
- }
3092
-
3093
- return null;
3094
- }
3095
-
3096
- function ct_print_form($arr, $k)
3097
- {
3098
- foreach($arr as $key => $value){
3099
- if(!is_array($value)){
3100
- if($k == ''){
3101
- print '<textarea name="' . $key . '" style="display:none;">' . htmlspecialchars($value) . '</textarea>';
3102
- }else{
3103
- print '<textarea name="' . $k . '[' . $key . ']" style="display:none;">' . htmlspecialchars($value) . '</textarea>';
3104
- }
3105
- }else{
3106
- if($k == ''){
3107
- ct_print_form($value, $key);
3108
- }else{
3109
- ct_print_form($value, $k . '[' . $key . ']');
3110
- }
3111
- }
3112
- }
3113
- }
3114
-
3115
- /**
3116
- * Attaches public scripts and styles.
3117
- */
3118
- function ct_enqueue_scripts_public($hook){
3119
-
3120
- global $current_user, $apbct;
3121
-
3122
- if($apbct->settings['registrations_test'] || $apbct->settings['comments_test'] || $apbct->settings['contact_forms_test'] || $apbct->settings['general_contact_forms_test'] || $apbct->settings['wc_checkout_test'] || $apbct->settings['check_external'] || $apbct->settings['check_internal'] || $apbct->settings['bp_private_messages'] || $apbct->settings['general_postdata_test']){
3123
-
3124
- // Differnt JS params
3125
- wp_enqueue_script('ct_public', APBCT_URL_PATH.'/js/apbct-public.min.js', array('jquery'), APBCT_VERSION, false /*in header*/);
3126
-
3127
- wp_localize_script('ct_public', 'ctPublic', array(
3128
- '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
3129
- '_ajax_url' => admin_url('admin-ajax.php'),
3130
- ));
3131
-
3132
- // GDPR script
3133
- if($apbct->settings['gdpr_enabled']){
3134
-
3135
- wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.min.js', array('jquery', 'ct_public'), APBCT_VERSION, false /*in header*/);
3136
-
3137
- wp_localize_script('ct_public_gdpr', 'ctPublicGDPR', array(
3138
- 'gdpr_forms' => array(),
3139
- 'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk'),
3140
- ));
3141
- }
3142
-
3143
- }
3144
-
3145
- if(!defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') || (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') && CLEANTALK_AJAX_USE_FOOTER_HEADER)){
3146
- if($apbct->settings['use_ajax'] && stripos($_SERVER['REQUEST_URI'],'.xml') === false && stripos($_SERVER['REQUEST_URI'],'.xsl') === false){
3147
- if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
3148
-
3149
- // Use AJAX for JavaScript check
3150
- if($apbct->settings['use_ajax']){
3151
-
3152
- wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/js/cleantalk_nocache.min.js'), array(), APBCT_VERSION, false /*in header*/);
3153
-
3154
- wp_localize_script('ct_nocache', 'ctNocache', array(
3155
- 'ajaxurl' => admin_url('admin-ajax.php'),
3156
- 'info_flag' => $apbct->settings['collect_details'] && $apbct->settings['set_cookies'] ? true : false,
3157
- 'set_cookies_flag' => $apbct->settings['set_cookies'] ? false : true,
3158
- 'blog_home' => get_home_url().'/',
3159
- ));
3160
- }
3161
-
3162
- // External forms check
3163
- if($apbct->settings['check_external'])
3164
- wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/js/cleantalk_external.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3165
-
3166
- // Internal forms check
3167
- if($apbct->settings['check_internal'])
3168
- wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/js/cleantalk_internal.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3169
-
3170
- }
3171
- }
3172
- }
3173
-
3174
- // Show controls for commentaies
3175
- if(in_array("administrator", $current_user->roles)){
3176
-
3177
- if($apbct->settings['show_check_links']){
3178
-
3179
- $ajax_nonce = wp_create_nonce( "ct_secret_nonce" );
3180
-
3181
- wp_enqueue_style ('ct_public_admin_css', plugins_url('/cleantalk-spam-protect/css/cleantalk-public-admin.min.css'), array(), APBCT_VERSION, 'all');
3182
- wp_enqueue_script('ct_public_admin_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-public-admin.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3183
-
3184
- wp_localize_script('ct_public_admin_js', 'ctPublicAdmin', array(
3185
- 'ct_ajax_nonce' => $ajax_nonce,
3186
- 'ajaxurl' => admin_url('admin-ajax.php'),
3187
- 'ct_feedback_error' => __('Error occured while sending feedback.', 'cleantalk'),
3188
- 'ct_feedback_no_hash' => __('Feedback wasn\'t sent. There is no associated request.', 'cleantalk'),
3189
- 'ct_feedback_msg' => sprintf(__("Feedback has been sent to %sCleanTalk Dashboard%s.", 'cleantalk'), $apbct->user_token ? "<a target='_blank' href=https://cleantalk.org/my/show_requests?user_token={$apbct->user_token}&cp_mode=antispam>" : '', $apbct->user_token ? "</a>" : ''),
3190
- ));
3191
-
3192
- }
3193
- }
3194
-
3195
- // Debug
3196
- if($apbct->settings['debug_ajax']){
3197
- wp_enqueue_script('ct_debug_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-debug-ajax.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3198
-
3199
- wp_localize_script('ct_debug_js', 'apbctDebug', array(
3200
- 'reload' => false,
3201
- 'reload_time' => 10000,
3202
- ));
3203
- }
3204
- }
3205
-
3206
- /**
3207
- * Reassign callbackback function for the bootom of comment output.
3208
- */
3209
- function ct_wp_list_comments_args($options){
3210
-
3211
- global $current_user, $apbct;
3212
-
3213
- if(in_array("administrator", $current_user->roles))
3214
- if($apbct->settings['show_check_links'])
3215
- $options['end-callback'] = 'ct_comments_output';
3216
-
3217
- return $options;
3218
- }
3219
-
3220
- /**
3221
- * Callback function for the bootom comment output.
3222
- */
3223
- function ct_comments_output($curr_comment, $param2, $wp_list_comments_args){
3224
-
3225
- $email = $curr_comment->comment_author_email;
3226
- $ip = $curr_comment->comment_author_IP;
3227
- $id = $curr_comment->comment_ID;
3228
-
3229
- $settings_link = '/wp-admin/'.(is_network_admin() ? "settings.php?page=cleantalk" : "options-general.php?page=cleantalk");
3230
-
3231
- echo "<div class='ct_comment_info'><div class ='ct_comment_titles'>";
3232
- echo "<p class='ct_comment_info_title'>".__('Sender info', 'cleantalk')."</p>";
3233
-
3234
- echo "<p class='ct_comment_logo_title'>
3235
- ".__('by', 'cleantalk')
3236
- ." <a href='{$settings_link}' target='_blank'><img class='ct_comment_logo_img' src='".plugins_url()."/cleantalk-spam-protect/inc/images/logo_color.png'></a>"
3237
- ." <a href='{$settings_link}' target='_blank'>CleanTalk</a>"
3238
- ."</p></div>";
3239
- // Outputs email if exists
3240
- if($email)
3241
- echo "<a href='https://cleantalk.org/blacklists/$email' target='_blank' title='https://cleantalk.org/blacklists/$email'>"
3242
- ."$email"
3243
- ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3244
- ."</a>";
3245
- else
3246
- echo __('No email', 'cleantalk');
3247
- echo "&nbsp;|&nbsp;";
3248
-
3249
- // Outputs IP if exists
3250
- if($ip)
3251
- echo "<a href='https://cleantalk.org/blacklists/$ip' target='_blank' title='https://cleantalk.org/blacklists/$ip'>"
3252
- ."$ip"
3253
- ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3254
- ."</a>";
3255
- else
3256
- echo __('No IP', 'cleantalk');
3257
- echo '&nbsp;|&nbsp;';
3258
-
3259
- echo "<span commentid='$id' class='ct_this_is ct_this_is_spam' href='#'>".__('Mark as spam', 'cleantalk')."</span>";
3260
- echo "<span commentid='$id' class='ct_this_is ct_this_is_not_spam ct_hidden' href='#'>".__('Unspam', 'cleantalk')."</span>";
3261
- echo "<p class='ct_feedback_wrap'>";
3262
- echo "<span class='ct_feedback_result ct_feedback_result_spam'>".__('Marked as spam.', 'cleantalk')."</span>";
3263
- echo "<span class='ct_feedback_result ct_feedback_result_not_spam'>".__('Marked as not spam.', 'cleantalk')."</span>";
3264
- echo "&nbsp;<span class='ct_feedback_msg'><span>";
3265
- echo "</p>";
3266
-
3267
- echo "</div>";
3268
-
3269
- // Ending comment output
3270
- echo "</{$wp_list_comments_args['style']}>";
3271
- }
3272
-
3273
- /**
3274
- * Callback function for the bootom comment output.
3275
- *
3276
- * attrs = array()
3277
- */
3278
- function apbct_shrotcode_handler__GDPR_public_notice__form( $attrs ){
3279
-
3280
- $out = '';
3281
-
3282
- if(isset($attrs['id']))
3283
- $out .= 'ctPublicGDPR.gdpr_forms.push("'.$attrs['id'].'");';
3284
-
3285
- if(isset($attrs['text']))
3286
- $out .= 'ctPublicGDPR.gdpr_text = "'.$attrs['text'].'";';
3287
-
3288
- $out = '<script>'.$out.'</script>';
3289
- return $out;
3290
- }
3291
-
3292
- /**
3293
- * Filters the 'status' array before register the user
3294
- * using only by WICITY theme
3295
- *
3296
- * @param $success array array( 'status' => 'success' )
3297
- * @param $data array ['username'] ['password'] ['email']
3298
- * @return array array( 'status' => 'error' ) or array( 'status' => 'success' ) by default
3299
- */
3300
- function apbct_wilcity_reg_validation( $success, $data ) {
3301
- $check = ct_test_registration( $data['username'], $data['email'], '' );
3302
- if( $check['allow'] == 0 ) {
3303
- return array( 'status' => 'error' );
3304
- }
3305
- return $success;
3306
- }
1
+ <?php
2
+
3
+ /**
4
+ * Init functions
5
+ * @return mixed[] Array of options
6
+ */
7
+ function apbct_init() {
8
+
9
+ global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $apbct, $test_external_forms, $cleantalk_executed, $wpdb;
10
+
11
+ //Check internal forms with such "action" http://wordpress.loc/contact-us/some_script.php
12
+ if((isset($_POST['action']) && $_POST['action'] == 'ct_check_internal') &&
13
+ $apbct->settings['check_internal']
14
+ ){
15
+ $ct_result = ct_contact_form_validate();
16
+ if($ct_result == null){
17
+ echo 'true';
18
+ die();
19
+ }else{
20
+ echo $ct_result;
21
+ die();
22
+ }
23
+ }
24
+
25
+ //fix for EPM registration form
26
+ if(isset($_POST) && isset($_POST['reg_email']) && shortcode_exists( 'epm_registration_form' ))
27
+ {
28
+ unset($_POST['ct_checkjs_register_form']);
29
+ }
30
+
31
+ if(isset($_POST['_wpnonce-et-pb-contact-form-submitted']))
32
+ {
33
+ add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
34
+ }
35
+
36
+ if($apbct->settings['check_external']){
37
+
38
+ // Fixing form and directs it this site
39
+ if($apbct->settings['check_external__capture_buffer'] && !is_admin() && !apbct_is_ajax() && apbct_is_user_enable() && !(defined('DOING_CRON') && DOING_CRON) && !(defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)){
40
+ add_action('wp', 'apbct_buffer__start');
41
+ add_action('shutdown', 'apbct_buffer__end', 0);
42
+ add_action('shutdown', 'apbct_buffer__output', 2);
43
+ }
44
+
45
+ // Check and redirecct
46
+ if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST'
47
+ && isset($_POST['cleantalk_hidden_method'])
48
+ && isset($_POST['cleantalk_hidden_action'])
49
+ ){
50
+ $action = htmlspecialchars($_POST['cleantalk_hidden_action']);
51
+ $method = htmlspecialchars($_POST['cleantalk_hidden_method']);
52
+ unset($_POST['cleantalk_hidden_action']);
53
+ unset($_POST['cleantalk_hidden_method']);
54
+ ct_contact_form_validate();
55
+ if(!apbct_is_ajax()){
56
+ print "<html><body><form method='$method' action='$action'>";
57
+ ct_print_form($_POST, '');
58
+ print "</form>Redirecting to " . $action . "... Anti-spam by CleanTalk.</body></html>";
59
+ print "<script>
60
+ if(document.forms[0].submit !== 'undefined'){
61
+ var objects = document.getElementsByName('submit');
62
+ if(objects.length > 0)
63
+ document.forms[0].removeChild(objects[0]);
64
+ }
65
+ document.forms[0].submit();
66
+ </script>";
67
+ die();
68
+ }
69
+ }
70
+ }
71
+
72
+ if(isset($_POST['quform_ajax'], $_POST['quform_csrf_token'], $_POST['quform_form_id'])){
73
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
74
+ ct_ajax_hook();
75
+ }
76
+
77
+ /**hooks for cm answers pro */
78
+ if(defined('CMA_PLUGIN_FILE')){
79
+ add_action( 'wp', 'ct_ajax_hook',1 );
80
+ }
81
+
82
+ //hook for Anonymous Post
83
+ if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
84
+ add_action('wp', 'ct_contact_form_validate_postdata',1);
85
+
86
+ if($apbct->settings['general_contact_forms_test'] == 1 && empty($_POST['ct_checkjs_cf7'])){
87
+ add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
88
+ //add_action('init','ct_contact_form_validate',1);
89
+ ct_contact_form_validate();
90
+ if(isset($_POST['reg_redirect_link'])&&isset($_POST['tmpl_registration_nonce_field']))
91
+ {
92
+ unset($_POST['ct_checkjs_register_form']);
93
+ ct_contact_form_validate();
94
+ }
95
+ /*if(isset($_GET['ait-action'])&&$_GET['ait-action']=='register')
96
+ {
97
+ $tmp=$_POST['redirect_to'];
98
+ unset($_POST['redirect_to']);
99
+ ct_contact_form_validate();
100
+ $_POST['redirect_to']=$tmp;
101
+ }*/
102
+ }
103
+
104
+ if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
105
+ add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
106
+
107
+ //add_action('wp_footer','ct_ajaxurl');
108
+
109
+ // Fast Secure contact form
110
+ if(defined('FSCF_VERSION')){
111
+ add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
112
+ add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
113
+ }
114
+
115
+ // WooCoomerse signups
116
+ if(class_exists('WooCommerce'))
117
+ add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
118
+
119
+ // WooCommerce whishlist
120
+ if(class_exists('WC_Wishlists_Wishlist'))
121
+ add_filter('wc_wishlists_create_list_args', 'ct_woocommerce_wishlist_check', 1, 1);
122
+
123
+
124
+ // JetPack Contact form
125
+ $jetpack_active_modules = false;
126
+ if(defined('JETPACK__VERSION'))
127
+ {
128
+ if(isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form' ){
129
+ if(JETPACK__VERSION=='3.4-beta')
130
+ {
131
+ add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
132
+ }
133
+ else if(JETPACK__VERSION=='3.4-beta2'||JETPACK__VERSION>='3.4')
134
+ {
135
+ add_filter('jetpack_contact_form_is_spam', 'ct_contact_form_is_spam_jetpack',50,2);
136
+ }
137
+ else
138
+ {
139
+ add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
140
+ }
141
+ $jetpack_active_modules = get_option('jetpack_active_modules');
142
+ if ((class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)))
143
+ {
144
+ $ct_jp_comments = true;
145
+ }
146
+ }else
147
+ add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
148
+ }
149
+
150
+ // WP Maintenance Mode (wpmm)
151
+ add_action('wpmm_head', 'apbct_form__wpmm__addField', 1);
152
+
153
+ // Contact Form7
154
+ if(defined('WPCF7_VERSION')){
155
+ add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
156
+ add_filter('wpcf7_validate', 'apbct_form__contactForm7__tesSpam__before_validate', 999, 2);
157
+ add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
158
+ }
159
+
160
+ // Formidable
161
+ add_filter( 'frm_entries_before_create', 'ct_frm_validate_entry', 10, 2 );
162
+ add_action( 'frm_entries_footer_scripts', 'ct_frm_entries_footer_scripts', 20, 2 );
163
+
164
+ // BuddyPress
165
+ if(class_exists('BuddyPress')){
166
+ add_action('bp_before_registration_submit_buttons','ct_register_form',1);
167
+ add_action('messages_message_before_save', 'apbct_integration__buddyPres__private_msg_check', 1);
168
+ add_filter('bp_signup_validate', 'ct_registration_errors',1);
169
+ add_filter('bp_signup_validate', 'ct_check_registration_erros', 999999);
170
+ }
171
+
172
+ if(defined('PROFILEPRESS_SYSTEM_FILE_PATH')){
173
+ add_filter('pp_registration_validation', 'ct_registration_errors_ppress', 11, 2);
174
+ }
175
+
176
+
177
+ // bbPress
178
+ if(class_exists('bbPress')){
179
+ add_filter('bbp_new_topic_pre_title', 'ct_bbp_get_topic', 1);
180
+ add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
181
+ add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
182
+ add_action('bbp_theme_before_topic_form_content', 'ct_comment_form');
183
+ add_action('bbp_theme_before_reply_form_content', 'ct_comment_form');
184
+ }
185
+
186
+ //Custom Contact Forms
187
+ if(defined('CCF_VERSION'))
188
+ add_filter('ccf_field_validator', 'ct_ccf', 1, 4);
189
+
190
+ add_action('comment_form', 'ct_comment_form');
191
+
192
+ // intercept WordPress Landing Pages POST
193
+ if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
194
+ if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)
195
+ ct_check_wplp();
196
+ }else if(array_key_exists('inbound_submitted', $_POST) && $_POST['inbound_submitted'] == '1'){ // Final submit
197
+ ct_check_wplp();
198
+ }
199
+ }
200
+
201
+ // S2member. intercept POST
202
+ if (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION')){
203
+ $post_keys = array_keys($_POST);
204
+ foreach($post_keys as $post_key){
205
+
206
+ // Detect POST keys like /s2member_pro.*registration/
207
+ if(strpos($post_key, 's2member') !== false && strpos($post_key, 'registration') !== false){
208
+ ct_s2member_registration_test($post_key);
209
+ break;
210
+ }
211
+ }
212
+ }
213
+
214
+ // New user approve hack
215
+ // https://wordpress.org/plugins/new-user-approve/
216
+ if (ct_plugin_active('new-user-approve/new-user-approve.php')) {
217
+ add_action('register_post', 'ct_register_post', 1, 3);
218
+ }
219
+
220
+ // Wilcity theme registration validation fix
221
+ add_filter( 'wilcity/filter/wiloke-listing-tools/validate-before-insert-account', 'apbct_wilcity_reg_validation', 10, 2 );
222
+
223
+
224
+ // Gravity forms
225
+ if (defined('GF_MIN_WP_VERSION')) {
226
+ add_filter('gform_get_form_filter', 'apbct_form__gravityForms__addField', 10, 2);
227
+ add_filter('gform_entry_is_spam', 'apbct_form__gravityForms__testSpam', 999, 3);
228
+ add_filter('gform_confirmation', 'apbct_form__gravityForms__showResponse', 999, 4 );
229
+ }
230
+
231
+ //Pirate forms
232
+ if(defined('PIRATE_FORMS_VERSION')){
233
+ if(isset($_POST['pirate-forms-contact-name']) && $_POST['pirate-forms-contact-name'] && isset($_POST['pirate-forms-contact-email']) && $_POST['pirate-forms-contact-email'])
234
+ ct_pirate_forms_check();
235
+ }
236
+
237
+ // WPForms
238
+ // Adding fields
239
+ add_action('wpforms_frontend_output', 'apbct_form__WPForms__addField', 1000, 5);
240
+ // Gathering data to validate
241
+ add_filter('wpforms_process_before_filter', 'apbct_from__WPForms__gatherData', 100, 2);
242
+ // Do spam check
243
+ add_filter('wpforms_process_initial_errors', 'apbct_form__WPForms__showResponse', 100, 2);
244
+
245
+ // QForms integration
246
+ add_filter( 'quform_post_validate', 'ct_quform_post_validate', 10, 2 );
247
+
248
+
249
+ //
250
+ // Load JS code to website footer
251
+ //
252
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
253
+ add_action('wp_head', 'apbct_hook__wp_head__set_cookie__ct_checkjs', 1);
254
+ add_action('wp_footer', 'apbct_hook__wp_footer', 1);
255
+ }
256
+
257
+ if ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) {
258
+ ct_contact_form_validate();
259
+ }
260
+
261
+ if (apbct_is_user_enable()) {
262
+
263
+ if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
264
+ add_action( 'init', 'ct_contact_form_validate', 999 );
265
+ }
266
+ if(isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' &&
267
+ $apbct->settings['general_postdata_test'] == 1 &&
268
+ !isset($_POST['ct_checkjs_cf7']) &&
269
+ !is_admin() &&
270
+ !apbct_is_user_role_in(array('administrator', 'moderator'))
271
+ ){
272
+ ct_contact_form_validate_postdata();
273
+ }
274
+ }
275
+ }
276
+
277
+ function apbct_buffer__start(){
278
+ ob_start();
279
+ }
280
+
281
+ function apbct_buffer__end(){
282
+
283
+ if(!ob_get_level())
284
+ return;
285
+
286
+ global $apbct;
287
+ $apbct->buffer = ob_get_contents();
288
+ ob_end_clean();
289
+ }
290
+
291
+ /**
292
+ * Outputs changed buffer
293
+ *
294
+ * @global $apbct
295
+ */
296
+ function apbct_buffer__output(){
297
+
298
+ global $apbct;
299
+
300
+ if(empty($apbct->buffer))
301
+ return;
302
+
303
+ $site_url = get_option('siteurl');
304
+ $site__host = parse_url($site_url, PHP_URL_HOST);
305
+
306
+ $dom = new DOMDocument();
307
+ @$dom->loadHTML($apbct->buffer);
308
+
309
+ $forms = $dom->getElementsByTagName('form');
310
+
311
+ foreach($forms as $form){
312
+
313
+ $action = $form->getAttribute('action');
314
+ $action = $action ? $action : $site_url;
315
+ $action__host = parse_url($action, PHP_URL_HOST);
316
+
317
+ // Check if the form directed to the third party site
318
+ if($site__host != $action__host){
319
+
320
+ $method = $form->getAttribute('method');
321
+ $method = $method ? $method : 'get';
322
+ // Directs form to our site
323
+ $form->setAttribute('method', 'POST');
324
+ $form->setAttribute('action', $site_url);
325
+
326
+ // Add cleantalk_hidden_action
327
+ $new_input = $dom->createElement('input');
328
+ $new_input->setAttribute('type', 'hidden');
329
+ $new_input->setAttribute('name', 'cleantalk_hidden_action');
330
+ $new_input->setAttribute('value', $action);
331
+ $form->appendChild($new_input);
332
+
333
+ // Add cleantalk_hidden_method
334
+ $new_input = $dom->createElement('input');
335
+ $new_input->setAttribute('type', 'hidden');
336
+ $new_input->setAttribute('name', 'cleantalk_hidden_method');
337
+ $new_input->setAttribute('value', $method);
338
+ $form->appendChild($new_input);
339
+
340
+ }
341
+ } unset($form);
342
+
343
+ $html = $dom->getElementsByTagName('html');
344
+
345
+ echo gettype($html) == 'object'
346
+ ? $html[0]->childNodes[0]->ownerDocument->saveHTML()
347
+ : $apbct->buffer;
348
+ }
349
+
350
+ // MailChimp Premium for Wordpress
351
+ function ct_add_mc4wp_error_message($messages){
352
+
353
+ $messages['ct_mc4wp_response'] = array(
354
+ 'type' => 'error',
355
+ 'text' => 'Your message looks like spam.'
356
+ );
357
+ return $messages;
358
+ }
359
+ add_filter( 'mc4wp_form_messages', 'ct_add_mc4wp_error_message' );
360
+
361
+ /*
362
+ * Function to set validate fucntion for CCF form
363
+ * Input - Сonsistently each form field
364
+ * Returns - String. Validate function
365
+ */
366
+ function ct_ccf($callback, $value, $field_id, $type){
367
+ /*
368
+ if($type == 'name')
369
+ $ct_global_temporary_data['name'] = $value;
370
+ elseif($type == 'email')
371
+ $ct_global_temporary_data['email'] = $value;
372
+ else
373
+ $ct_global_temporary_data[] = $value;
374
+ //*/
375
+ return 'ct_validate_ccf_submission';
376
+ }
377
+ /*
378
+ * Validate function for CCF form. Gatheering data. Multiple calls.
379
+ * Input - void. Global $ct_global_temporary_data
380
+ * Returns - String. CleanTalk comment.
381
+ */
382
+ $ct_global_temporary_data = array();
383
+ function ct_validate_ccf_submission($value, $field_id, $required){
384
+ global $ct_global_temporary_data, $apbct;
385
+
386
+
387
+
388
+ //If the check for contact forms enabled
389
+ if(!$apbct->settings['contact_forms_test'])
390
+ return true;
391
+ //If the check for logged in users enabled
392
+ if($apbct->settings['protect_logged_in'] == 1 && is_user_logged_in())
393
+ return true;
394
+
395
+ //Accumulate data
396
+ $ct_global_temporary_data[] = $value;
397
+
398
+ //If it's the last field of the form
399
+ (!isset($ct_global_temporary_data['count']) ? $ct_global_temporary_data['count'] = 1 : $ct_global_temporary_data['count']++);
400
+ $form_id = $_POST['form_id'];
401
+ if($ct_global_temporary_data['count'] != count(get_post_meta( $form_id, 'ccf_attached_fields', true )))
402
+ return true;
403
+ unset($ct_global_temporary_data['count']);
404
+
405
+ //Getting request params
406
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
407
+
408
+ unset($ct_global_temporary_data);
409
+
410
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
411
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
412
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
413
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
414
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
415
+
416
+ if ($subject != '')
417
+ $message['subject'] = $subject;
418
+
419
+ $post_info['comment_type'] = 'feedback_custom_contact_forms';
420
+ $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
421
+
422
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
423
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
424
+ : apbct_js_test('ct_checkjs', $_POST);
425
+
426
+ //Making a call
427
+ $base_call_result = apbct_base_call(
428
+ array(
429
+ 'message' => $message,
430
+ 'sender_email' => $sender_email,
431
+ 'sender_nickname' => $sender_nickname,
432
+ 'post_info' => $post_info,
433
+ 'js_on' => $checkjs,
434
+ 'sender_info' => array('sender_url' => null),
435
+ )
436
+ );
437
+
438
+ $ct_result = $base_call_result['ct_result'];
439
+
440
+ return $ct_result->allow == 0 ? $ct_result->comment : true;;
441
+ }
442
+
443
+ function ct_woocommerce_wishlist_check($args){
444
+ global $apbct;
445
+
446
+
447
+
448
+ //Protect logged in users
449
+ if($args['wishlist_status'])
450
+ if($apbct->settings['protect_logged_in'] == 0)
451
+ return $args;
452
+
453
+ //If the IP is a Google bot
454
+ $hostname = gethostbyaddr( filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) );
455
+ if(!strpos($hostname, 'googlebot.com'))
456
+ return $args;
457
+
458
+ //Getting request params
459
+ $message = '';
460
+ $subject = '';
461
+ $email = $args['wishlist_owner_email'];
462
+ if($args['wishlist_first_name']!='' || $args['wishlist_last_name']!='')
463
+ $nickname = trim($args['wishlist_first_name']." ".$args['wishlist_last_name']);
464
+ else
465
+ $nickname = '';
466
+
467
+ $post_info['comment_type'] = 'feedback';
468
+ $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
469
+
470
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
471
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
472
+ : apbct_js_test('ct_checkjs', $_POST);
473
+
474
+ //Making a call
475
+ $base_call_result = apbct_base_call(
476
+ array(
477
+ 'message' => $subject." ".$message,
478
+ 'sender_email' => $email,
479
+ 'sender_nickname' => $nickname,
480
+ 'post_info' => $post_info,
481
+ 'js_on' => $checkjs,
482
+ 'sender_info' => array('sender_url' => null),
483
+ )
484
+ );
485
+
486
+ $ct_result = $base_call_result['ct_result'];
487
+
488
+ if ($ct_result->allow == 0)
489
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
490
+ else
491
+ return $args;
492
+ }
493
+
494
+ function apbct_integration__buddyPres__getTemplateName( $located, $template_name, $template_names, $template_locations, $load, $require_once ) {
495
+ global $apbct;
496
+ preg_match("/\/([a-z-_]+)\/buddypress-functions\.php$/", $located, $matches);
497
+ $apbct->buddy_press_tmpl = isset($matches[1]) ? $matches[1] : 'unknown';
498
+ }
499
+
500
+ /**
501
+ * Test BuddyPress activity for spam (post update only)
502
+ *
503
+ * @global SpbcState $apbct
504
+ * @param bool $is_spam
505
+ * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
506
+ * @return boolean Spam flag
507
+ */
508
+ function apbct_integration__buddyPres__activityWall( $is_spam, $activity_obj = null ){
509
+
510
+ global $apbct;
511
+
512
+ if($activity_obj === null || !isset($_POST['action']) || $_POST['action'] && $_POST['action'] !== 'post_update')
513
+ return;
514
+
515
+ $curr_user = get_user_by('id', $activity_obj->user_id);
516
+
517
+ //Making a call
518
+ $base_call_result = apbct_base_call(
519
+ array(
520
+ 'message' => is_string($activity_obj->content) ? $activity_obj->content : '',
521
+ 'sender_email' => $curr_user->data->user_email,
522
+ 'sender_nickname' => $curr_user->data->user_login,
523
+ 'post_info' => array(
524
+ 'post_url' => 'buddypress_activitywall',
525
+ 'comment_type' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
526
+ ),
527
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
528
+ 'sender_info' => array('sender_url' => null),
529
+ )
530
+ );
531
+
532
+ $ct_result = $base_call_result['ct_result'];
533
+
534
+ if ($ct_result->allow == 0){
535
+ add_action('bp_activity_after_save', 'apbct_integration__buddyPres__activityWall_showResponse', 1, 1);
536
+ $apbct->spam_notification = $ct_result->comment;
537
+ return true;
538
+ }else
539
+ return $is_spam;
540
+ }
541
+
542
+ /**
543
+ * Outputs message to AJAX frontend handler
544
+ *
545
+ * @global SpbcState $apbct
546
+ * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
547
+ */
548
+ function apbct_integration__buddyPres__activityWall_showResponse( $activity_obj ){
549
+
550
+ global $apbct;
551
+
552
+ // Legacy template
553
+ if($apbct->buddy_press_tmpl === 'bp-legacy'){
554
+ die('<div id="message" class="error bp-ajax-message"><p>'. $apbct->spam_notification .'</p></div>');
555
+ // Nouveau tamplate and others
556
+ }else{
557
+ @header( 'Content-Type: application/json; charset=' . get_option('blog_charset'));
558
+ die(json_encode(array(
559
+ 'success' => false,
560
+ 'data' => array('message' => $apbct->spam_notification),
561
+ )));
562
+ }
563
+ }
564
+
565
+ /**
566
+ * Public function - Tests new private messages (dialogs)
567
+ *
568
+ * @global SpbcState $apbct
569
+ * @param type $bp_message_obj
570
+ * @return array with errors if spam has found
571
+ */
572
+ function apbct_integration__buddyPres__private_msg_check( $bp_message_obj){
573
+
574
+ global $apbct;
575
+
576
+ //Check for enabled option
577
+ if($apbct->settings['bp_private_messages'] == 0)
578
+ return;
579
+
580
+ //Check for quantity of comments
581
+ $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER')
582
+ ? CLEANTALK_CHECK_COMMENTS_NUMBER
583
+ : 3;
584
+
585
+ if($apbct->settings['check_comments_number']){
586
+ $args = array(
587
+ 'user_id' => $bp_message_obj->sender_id,
588
+ 'box' => 'sentbox',
589
+ 'type' => 'all',
590
+ 'limit' => $comments_check_number,
591
+ 'page' => null,
592
+ 'search_terms' => '',
593
+ 'meta_query' => array()
594
+ );
595
+ $sentbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
596
+ $cnt_sentbox_msgs = $sentbox_msgs['total'];
597
+ $args['box'] = 'inbox';
598
+ $inbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
599
+ $cnt_inbox_msgs = $inbox_msgs['total'];
600
+
601
+ if(($cnt_inbox_msgs + $cnt_sentbox_msgs) >= $comments_check_number)
602
+ $is_max_comments = true;
603
+ }
604
+
605
+ if(!empty($is_max_comments))
606
+ return;
607
+
608
+ $sender_user_obj = get_user_by('id', $bp_message_obj->sender_id);
609
+
610
+ //Making a call
611
+ $base_call_result = apbct_base_call(
612
+ array(
613
+ 'message' => $bp_message_obj->subject." ".$bp_message_obj->message,
614
+ 'sender_email' => $sender_user_obj->data->user_email,
615
+ 'sender_nickname' => $sender_user_obj->data->user_login,
616
+ 'post_info' => array(
617
+ 'comment_type' => 'buddypress_comment',
618
+ 'post_url' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
619
+ ),
620
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE)
621
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
622
+ : apbct_js_test('ct_checkjs', $_POST),
623
+ 'sender_info' => array('sender_url' => null),
624
+ )
625
+ );
626
+
627
+ $ct_result = $base_call_result['ct_result'];
628
+
629
+ if ($ct_result->allow == 0)
630
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
631
+ }
632
+
633
+ /**
634
+ * Adds hiden filed to deafualt serach form
635
+ *
636
+ * @param $form string
637
+ * @return string
638
+ */
639
+ function apbct_forms__search__addField( $form ){
640
+ global $apbct;
641
+ if($apbct->settings['search_test'] == 1){
642
+ $js_filed = ct_add_hidden_fields('ct_checkjs_search_default', true, false, false, false);
643
+ $form = str_replace('</form>', $js_filed, $form);
644
+ }
645
+ return $form;
646
+ }
647
+
648
+ /**
649
+ * Test default search string for spam
650
+ *
651
+ * @param $search string
652
+ * @return string
653
+ */
654
+ function apbct_forms__search__testSpam( $search ){
655
+
656
+ global $apbct, $cleantalk_executed;
657
+
658
+ if(
659
+ empty($search) ||
660
+ $cleantalk_executed ||
661
+ $apbct->settings['search_test'] == 0 ||
662
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
663
+ ){
664
+ return $search;
665
+ }
666
+
667
+ if(apbct_is_user_logged_in())
668
+ $user = wp_get_current_user();
669
+
670
+ $base_call_result = apbct_base_call(
671
+ array(
672
+ 'message' => $search,
673
+ 'sender_email' => !empty($user) ? $user->user_email : null,
674
+ 'sender_nickname' => !empty($user) ? $user->user_login : null,
675
+ 'post_info' => array('comment_type' => 'site_search_wordpress'),
676
+ //'js_on' => apbct_js_test('ct_checkjs_search_default', $_GET, true),
677
+ )
678
+ );
679
+ $ct_result = $base_call_result['ct_result'];
680
+
681
+ $cleantalk_executed = true;
682
+
683
+ if ($ct_result->allow == 0){
684
+ die($ct_result->comment);
685
+ }
686
+
687
+ return $search;
688
+ }
689
+
690
+ /**
691
+ * Public function - Tests for Pirate contact froms
692
+ * return NULL
693
+ */
694
+ function ct_pirate_forms_check(){
695
+
696
+ global $apbct;
697
+
698
+ //Check for enabled option
699
+ if( !$apbct->settings['contact_forms_test'])
700
+ return;
701
+
702
+ //Getting request params
703
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
704
+
705
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
706
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
707
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
708
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
709
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
710
+
711
+ if($subject != '')
712
+ $message = array_merge(array('subject' => $subject), $message);
713
+
714
+ $post_info['comment_type'] = 'contact_form_wordpress_feedback_pirate';
715
+ $post_info['post_url'] = $_SERVER['HTTP_REFERER'];
716
+
717
+ //Making a call
718
+ $base_call_result = apbct_base_call(
719
+ array(
720
+ 'message' => $message,
721
+ 'sender_email' => $sender_email,
722
+ 'sender_nickname' => $sender_nickname,
723
+ 'post_info' => $post_info,
724
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
725
+ 'sender_info' => array('sender_url' => null),
726
+ )
727
+ );
728
+
729
+ $ct_result = $base_call_result['ct_result'];
730
+
731
+ if ($ct_result->allow == 0)
732
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
733
+ }
734
+
735
+ /**
736
+ * Adds hidden filed to comment form
737
+ */
738
+ function ct_comment_form($post_id){
739
+
740
+ global $apbct;
741
+
742
+ if (apbct_is_user_enable() === false) {
743
+ return false;
744
+ }
745
+
746
+ if ( !$apbct->settings['comments_test']) {
747
+ return false;
748
+ }
749
+
750
+ ct_add_hidden_fields('ct_checkjs', false, false);
751
+
752
+ return null;
753
+ }
754
+
755
+ /**
756
+ * Adds cookie script filed to head
757
+ */
758
+ function apbct_hook__wp_head__set_cookie__ct_checkjs() {
759
+
760
+ ct_add_hidden_fields('ct_checkjs', false, true, true);
761
+
762
+ return null;
763
+ }
764
+
765
+ /**
766
+ * Adds cookie script filed to footer
767
+ */
768
+ function apbct_hook__wp_footer() {
769
+
770
+ //ct_add_hidden_fields(true, 'ct_checkjs', false, true, true);
771
+
772
+ return null;
773
+ }
774
+
775
+ /**
776
+ * Adds hidden filed to define avaialbility of client's JavaScript
777
+ * @param bool $random_key switch on generation random key for every page load
778
+ */
779
+ function ct_add_hidden_fields($field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false, $ajax = true) {
780
+
781
+ global $ct_checkjs_def, $apbct;
782
+
783
+ $ct_checkjs_key = ct_get_checkjs_value();
784
+ $field_id_hash = md5(rand(0, 1000));
785
+
786
+ // Using only cookies
787
+ if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
788
+
789
+ $html = "<script type='text/javascript'>
790
+ function ctSetCookie(c_name, value, def_value){
791
+ document.cookie = c_name + '=' + escape(value) + '; path=/';
792
+ }
793
+ ctSetCookie('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
794
+ </script>";
795
+
796
+ // Using AJAX to get key
797
+ }elseif($apbct->settings['use_ajax'] && $ajax){
798
+
799
+ // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
800
+ if($no_print)
801
+ return;
802
+
803
+ $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
804
+ $field_id = $field_name . '_' . $field_id_hash;
805
+ $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
806
+ <script type='text/javascript'>
807
+ setTimeout(function(){
808
+ apbct_sendAJAXRequest(
809
+ {action: 'apbct_js_keys__get'},
810
+ {callback: apbct_js_keys__set_input_value, input_name: '{$field_id}'}
811
+ );
812
+ }, 1000);
813
+ </script>";
814
+
815
+ // Set KEY from backend
816
+ }else{
817
+ // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
818
+ if($no_print)
819
+ return;
820
+
821
+ $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
822
+ $field_id = $field_name . '_' . $field_id_hash;
823
+ $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
824
+ <script type='text/javascript'>
825
+ setTimeout(function(){
826
+ var ct_input_name = '{$field_id}';
827
+ if (document.getElementById(ct_input_name) !== null) {
828
+ var ct_input_value = document.getElementById(ct_input_name).value;
829
+ document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, {$ct_input_challenge});
830
+ }
831
+ }, 1000);
832
+ </script>";
833
+ }
834
+
835
+ // Simplify JS code and Fixing issue with wpautop()
836
+ $html = str_replace(array("\n","\r","\t"),'', $html);
837
+
838
+ if ($return_string === true) {
839
+ return $html;
840
+ } else {
841
+ echo $html;
842
+ }
843
+ }
844
+
845
+ /**
846
+ * Public function - Insert JS code for spam tests
847
+ * return null;
848
+ */
849
+ function ct_frm_entries_footer_scripts($fields, $form) {
850
+ global $apbct, $ct_checkjs_frm;
851
+
852
+ if ( !$apbct->settings['contact_forms_test'])
853
+ return false;
854
+
855
+ $ct_checkjs_key = ct_get_checkjs_value();
856
+ $ct_frm_base_name = 'form_';
857
+ $ct_frm_name = $ct_frm_base_name . $form->form_key;
858
+
859
+ echo "var input = document.createElement('input');
860
+ input.setAttribute('type', 'hidden');
861
+ input.setAttribute('name', '$ct_checkjs_frm');
862
+ input.setAttribute('value', '$ct_checkjs_key');
863
+ for (i = 0; i < document.forms.length; i++) {
864
+ if (typeof document.forms[i].id == 'string'){
865
+ if(document.forms[i].id.search('$ct_frm_name') != -1) {
866
+ document.forms[i].appendChild(input);
867
+ }
868
+ }
869
+ }";
870
+
871
+ /* Excessive cookie set
872
+ $js_code = ct_add_hidden_fields(true, 'ct_checkjs', true, true);
873
+ $js_code = strip_tags($js_code); // Removing <script> tag
874
+ echo $js_code;
875
+ //*/
876
+ }
877
+
878
+ /**
879
+ * Public function - Test Formidable data for spam activity
880
+ * @param $errors
881
+ * @param $form
882
+ *
883
+ * @return array with errors if spam has found
884
+ */
885
+ function ct_frm_validate_entry ( $errors, $form ) {
886
+
887
+ global $apbct;
888
+
889
+ if ( !$apbct->settings['contact_forms_test']) {
890
+ return $errors;
891
+ }
892
+
893
+ // Skip processing for logged in users.
894
+ if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in()) {
895
+ return $errors;
896
+ }
897
+
898
+ $ct_temp_msg_data = ct_get_fields_any($_POST['item_meta']);
899
+
900
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
901
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
902
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
903
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
904
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
905
+
906
+ // Adding 'input_meta[]' to every field /Formidable fix/
907
+ $message = array_flip($message);
908
+ foreach($message as &$value){
909
+ $value = 'item_meta['.$value.']';
910
+ } unset($value);
911
+ $message = array_flip($message);
912
+
913
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
914
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
915
+ : apbct_js_test('ct_checkjs', $_POST);
916
+
917
+ $base_call_result = apbct_base_call(
918
+ array(
919
+ 'message' => $message,
920
+ 'sender_email' => $sender_email,
921
+ 'sender_nickname' => $sender_nickname,
922
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_formidable'),
923
+ 'js_on' => $checkjs
924
+ )
925
+ );
926
+ $ct_result = $base_call_result['ct_result'];
927
+
928
+ if ($ct_result->allow == 0) {
929
+ $errors['ct_error'] = '<br /><b>' . $ct_result->comment . '</b><br /><br />';
930
+ }
931
+
932
+ return $errors;
933
+ }
934
+
935
+ /**
936
+ * Public filter 'bbp_*' - Get new topic name to global $ct_bbp_topic
937
+ * @param mixed[] $comment Comment string
938
+ * @return mixed[] $comment Comment string
939
+ */
940
+ function ct_bbp_get_topic($topic){
941
+ global $ct_bbp_topic;
942
+
943
+ $ct_bbp_topic=$topic;
944
+
945
+ return $topic;
946
+ }
947
+
948
+ /**
949
+ * Public filter 'bbp_*' - Checks topics, replies by cleantalk
950
+ * @param mixed[] $comment Comment string
951
+ * @return mixed[] $comment Comment string
952
+ */
953
+ function ct_bbp_new_pre_content ($comment) {
954
+
955
+ global $apbct, $current_user;
956
+
957
+ if ( !$apbct->settings['comments_test']) {
958
+ return $comment;
959
+ }
960
+
961
+ // Skip processing for logged in users and admin.
962
+ if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in() ||
963
+ in_array("administrator", $current_user->roles))
964
+ return $comment;
965
+
966
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
967
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
968
+ : apbct_js_test('ct_checkjs', $_POST);
969
+
970
+ $post_info['comment_type'] = 'bbpress_comment';
971
+ $post_info['post_url'] = bbp_get_topic_permalink();
972
+
973
+ if( is_user_logged_in() ) {
974
+ $sender_email = $current_user->user_email;
975
+ $sender_nickname = $current_user->display_name;
976
+ } else {
977
+ $sender_email = isset($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : null;
978
+ $sender_nickname = isset($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : null;
979
+ }
980
+
981
+ $base_call_result = apbct_base_call(
982
+ array(
983
+ 'message' => $comment,
984
+ 'sender_email' => $sender_email,
985
+ 'sender_nickname' => $sender_nickname,
986
+ 'post_info' => $post_info,
987
+ 'js_on' => $checkjs,
988
+ 'sender_info' => array('sender_url' => isset($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : null),
989
+ )
990
+ );
991
+ $ct_result = $base_call_result['ct_result'];
992
+
993
+ if ($ct_result->allow == 0) {
994
+ bbp_add_error('bbp_reply_content', $ct_result->comment);
995
+ }
996
+
997
+ return $comment;
998
+ }
999
+
1000
+ function apbct_comment__sanitize_data__before_wp_die($function){
1001
+
1002
+ global $apbct;
1003
+
1004
+ $comment_data = wp_unslash($_POST);
1005
+
1006
+ $user_ID = 0;
1007
+
1008
+ $comment_type = '';
1009
+
1010
+ $comment_content = isset($comment_data['comment']) ? (string) $comment_data['comment'] : null;
1011
+ $comment_parent = isset($comment_data['comment_parent']) ? (int) absint($comment_data['comment_parent']) : null;
1012
+
1013
+ $comment_author = isset($comment_data['author']) ? (string) trim(strip_tags($comment_data['author'])) : null;
1014
+ $comment_author_email = isset($comment_data['email']) ? (string) trim($comment_data['email']) : null;
1015
+ $comment_author_url = isset($comment_data['url']) ? (string) trim($comment_data['url']) : null;
1016
+ $comment_post_ID = isset($comment_data['comment_post_ID']) ? (int) $comment_data['comment_post_ID'] : null;
1017
+
1018
+ if(isset($comment_content, $comment_parent)){
1019
+
1020
+ $user = wp_get_current_user();
1021
+
1022
+ if($user->exists()){
1023
+ $comment_author = empty($user->display_name) ? $user->user_login : $user->display_name;
1024
+ $comment_author_email = $user->user_email;
1025
+ $comment_author_url = $user->user_url;
1026
+ $user_ID = $user->ID;
1027
+ }
1028
+
1029
+ $apbct->comment_data = compact(
1030
+ 'comment_post_ID',
1031
+ 'comment_author',
1032
+ 'comment_author_email',
1033
+ 'comment_author_url',
1034
+ 'comment_content',
1035
+ 'comment_type',
1036
+ 'comment_parent',
1037
+ 'user_ID'
1038
+ );
1039
+
1040
+ $function = 'apbct_comment__check_via_wp_die';
1041
+
1042
+ }
1043
+
1044
+ return $function;
1045
+ }
1046
+
1047
+ function apbct_comment__check_via_wp_die($message, $title, $args){
1048
+ if($title == __('Comment Submission Failure')){
1049
+ global $apbct;
1050
+ $apbct->validation_error = $message;
1051
+ ct_preprocess_comment($apbct->comment_data);
1052
+ }
1053
+ _default_wp_die_handler($message, $title, $args);
1054
+ }
1055
+
1056
+ /**
1057
+ * Public filter 'preprocess_comment' - Checks comment by cleantalk server
1058
+ * @param mixed[] $comment Comment data array
1059
+ * @return mixed[] New data array of comment
1060
+ */
1061
+ function ct_preprocess_comment($comment) {
1062
+ // this action is called just when WP process POST request (adds new comment)
1063
+ // this action is called by wp-comments-post.php
1064
+ // after processing WP makes redirect to post page with comment's form by GET request (see above)
1065
+ global $current_user, $comment_post_id, $ct_comment_done, $ct_jp_comments, $apbct;
1066
+
1067
+ // Send email notification for chosen groups of users
1068
+ if($apbct->settings['comment_notify'] && !empty($apbct->settings['comment_notify__roles']) && $apbct->data['moderate']){
1069
+
1070
+ add_filter('notify_post_author', 'apbct_comment__Wordpress__doNotify', 100, 2);
1071
+
1072
+ $users = get_users(array(
1073
+ 'role__in' => $apbct->settings['comment_notify__roles'],
1074
+ 'fileds' => array('user_email')
1075
+ ));
1076
+
1077
+ if($users){
1078
+ add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotificationGroups', 100, 2);
1079
+ add_filter('comment_notification_recipients', 'apbct_comment__Wordpress__changeMailNotificationRecipients', 100, 2);
1080
+ foreach($users as $user){
1081
+ $emails[] = $user->user_email;
1082
+ }
1083
+ $apbct->comment_notification_recipients = json_encode($emails);
1084
+ }
1085
+ }
1086
+
1087
+ // Skip processing admin.
1088
+ if (in_array("administrator", $current_user->roles))
1089
+ return $comment;
1090
+
1091
+ $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1092
+
1093
+ if($apbct->settings['check_comments_number']){
1094
+ $args = array(
1095
+ 'author_email' => $comment['comment_author_email'],
1096
+ 'status' => 'approve',
1097
+ 'count' => false,
1098
+ 'number' => $comments_check_number,
1099
+ );
1100
+ $cnt = count(get_comments($args));
1101
+ $is_max_comments = $cnt >= $comments_check_number ? true : false;
1102
+ }
1103
+
1104
+ if (
1105
+ ($comment['comment_type']!='trackback') &&
1106
+ (
1107
+ apbct_is_user_enable() === false ||
1108
+ $apbct->settings['comments_test'] == 0 ||
1109
+ $ct_comment_done ||
1110
+ (isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'],'page=wysija_campaigns&action=editTemplate')!==false) ||
1111
+ (isset($is_max_comments) && $is_max_comments) ||
1112
+ strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false)
1113
+ )
1114
+ {
1115
+ return $comment;
1116
+ }
1117
+
1118
+ $local_blacklists = wp_blacklist_check(
1119
+ $comment['comment_author'],
1120
+ $comment['comment_author_email'],
1121
+ $comment['comment_author_url'],
1122
+ $comment['comment_content'],
1123
+ @$_SERVER['REMOTE_ADDR'],
1124
+ @$_SERVER['HTTP_USER_AGENT']
1125
+ );
1126
+
1127
+ // Go out if author in local blacklists
1128
+ if ($comment['comment_type']!='trackback' && $local_blacklists === true) {
1129
+ return $comment;
1130
+ }
1131
+
1132
+ // Skip pingback anti-spam test
1133
+ /*if ($comment['comment_type'] == 'pingback') {
1134
+ return $comment;
1135
+ }*/
1136
+
1137
+ $ct_comment_done = true;
1138
+
1139
+ $comment_post_id = $comment['comment_post_ID'];
1140
+
1141
+ // JetPack comments logic
1142
+ $post_info['comment_type'] = $ct_jp_comments ? 'jetpack_comment' : $comment['comment_type'];
1143
+ $post_info['post_url'] = ct_post_url(null, $comment_post_id);
1144
+
1145
+ // Comment type
1146
+ $post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
1147
+
1148
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1149
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
1150
+ : apbct_js_test('ct_checkjs', $_POST);
1151
+
1152
+
1153
+ $example = null;
1154
+ if ($apbct->settings['relevance_test']) {
1155
+ $post = get_post($comment_post_id);
1156
+ if ($post !== null){
1157
+ $example['title'] = $post->post_title;
1158
+ $example['body'] = $post->post_content;
1159
+ $example['comments'] = null;
1160
+
1161
+ $last_comments = get_comments(array('status' => 'approve', 'number' => 10, 'post_id' => $comment_post_id));
1162
+ foreach ($last_comments as $post_comment){
1163
+ $example['comments'] .= "\n\n" . $post_comment->comment_content;
1164
+ }
1165
+
1166
+ $example = json_encode($example);
1167
+ }
1168
+
1169
+ // Use plain string format if've failed with JSON
1170
+ if ($example === false || $example === null){
1171
+ $example = ($post->post_title !== null) ? $post->post_title : '';
1172
+ $example .= ($post->post_content !== null) ? "\n\n" . $post->post_content : '';
1173
+ }
1174
+ }
1175
+
1176
+ $base_call_result = apbct_base_call(
1177
+ array(
1178
+ 'message' => $comment['comment_content'],
1179
+ 'example' => $example,
1180
+ 'sender_email' => $comment['comment_author_email'],
1181
+ 'sender_nickname' => $comment['comment_author'],
1182
+ 'post_info' => $post_info,
1183
+ 'js_on' => $checkjs,
1184
+ 'sender_info' => array(
1185
+ 'sender_url' => @$comment['comment_author_url'],
1186
+ 'form_validation' => !isset($apbct->validation_error)
1187
+ ? null
1188
+ : json_encode(array(
1189
+ 'validation_notice' => $apbct->validation_error,
1190
+ 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
1191
+ ))
1192
+ ),
1193
+ )
1194
+ );
1195
+ $ct_result = $base_call_result['ct_result'];
1196
+
1197
+ ct_hash($ct_result->id);
1198
+
1199
+ //Don't check trusted users
1200
+ if (isset($comment['comment_author_email'])){
1201
+ $approved_comments = get_comments(array('status' => 'approve', 'count' => true, 'author_email' => $comment['comment_author_email']));
1202
+ $new_user = $approved_comments == 0 ? true : false;
1203
+ }
1204
+
1205
+ // Change comment flow only for new authors
1206
+ if (!empty($new_user) || $ct_result->stop_words !== null || $ct_result->spam == 1)
1207
+ add_action('comment_post', 'ct_set_meta', 10, 2);
1208
+
1209
+ if($ct_result->allow){ // Pass if allowed
1210
+ if(get_option('comment_moderation') === '1') // Wordpress moderation flag
1211
+ add_filter('pre_comment_approved', 'ct_set_not_approved', 999, 2);
1212
+ else
1213
+ add_filter('pre_comment_approved', 'ct_set_approved', 999, 2);
1214
+ }else{
1215
+
1216
+ global $ct_comment, $ct_stop_words;
1217
+
1218
+ $ct_comment = $ct_result->comment;
1219
+ $ct_stop_words = $ct_result->stop_words;
1220
+
1221
+ $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_result->comment;
1222
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1223
+
1224
+ // Terminate. Definitely spam.
1225
+ if($ct_result->stop_queue == 1)
1226
+ wp_die($err_text, 'Blacklisted', array('back_link' => true));
1227
+
1228
+ // Terminate by user's setting.
1229
+ if($ct_result->spam == 3)
1230
+ wp_die($err_text, 'Blacklisted', array('back_link' => true));
1231
+
1232
+ // Trash comment.
1233
+ if($ct_result->spam == 2){
1234
+ add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1235
+ add_action('comment_post', 'ct_wp_trash_comment', 997, 2);
1236
+ }
1237
+
1238
+ // Spam comment
1239
+ if($ct_result->spam == 1)
1240
+ add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1241
+
1242
+ // Move to pending folder. Contains stop_words.
1243
+ if($ct_result->stop_words){
1244
+ add_filter('pre_comment_approved', 'ct_set_not_approved', 998, 2);
1245
+ add_action('comment_post', 'ct_mark_red', 998, 2);
1246
+ }
1247
+
1248
+ add_action('comment_post', 'ct_die', 999, 2);
1249
+ }
1250
+
1251
+ if($apbct->settings['remove_comments_links'] == 1){
1252
+ $comment['comment_content'] = preg_replace("~(http|https|ftp|ftps)://(.*?)(\s|\n|[,.?!](\s|\n)|$)~", '[Link deleted]', $comment['comment_content']);
1253
+ }
1254
+
1255
+ // Change mail notification if license is out of date
1256
+ if($apbct->data['moderate'] == 0){
1257
+ $apbct->sender_email = $comment['comment_author_email'];
1258
+ $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
1259
+ add_filter('comment_moderation_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment sent to moderation
1260
+ add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment approved
1261
+ }
1262
+
1263
+ return $comment;
1264
+ }
1265
+
1266
+ /**
1267
+ * Changes whether notify admin/athor or not.
1268
+ *
1269
+ * @param bool $maybe_notify notify flag
1270
+ * @param int $comment_ID Comment id
1271
+ * @return bool flag
1272
+ */
1273
+ function apbct_comment__Wordpress__doNotify($maybe_notify, $comment_ID){
1274
+ return true;
1275
+ }
1276
+
1277
+ /**
1278
+ * Add notification setting link
1279
+ *
1280
+ * @param type $notify_message
1281
+ * @param type $comment_id
1282
+ * @return type
1283
+ */
1284
+ function apbct_comment__Wordpress__changeMailNotificationGroups($notify_message, $comment_id){
1285
+ $website = parse_url(get_option('siteurl'),PHP_URL_HOST);
1286
+ return $notify_message
1287
+ .PHP_EOL
1288
+ .'---'.PHP_EOL
1289
+ .'Manage notifications settings: http://'.$website.'/wp-admin/options-general.php?page=cleantalk';
1290
+ }
1291
+
1292
+ /**
1293
+ * Change email notification recipients
1294
+ *
1295
+ * @global SpbcState $apbct
1296
+ * @param type $emails
1297
+ * @param type $comment_id
1298
+ * @return type
1299
+ */
1300
+ function apbct_comment__Wordpress__changeMailNotificationRecipients($emails, $comment_id){
1301
+ global $apbct;
1302
+ return array_unique(array_merge($emails, (array)json_decode($apbct->comment_notification_recipients, true)));
1303
+ }
1304
+
1305
+ /**
1306
+ * Changes email notification for spam comment for native Wordpress comment system
1307
+ *
1308
+ * @param string $notify_message Body of email notification
1309
+ * @param int $comment_id Comment id
1310
+ * @return string Body for email notification
1311
+ */
1312
+ function apbct_comment__Wordpress__changeMailNotification($notify_message, $comment_id){
1313
+
1314
+ global $apbct;
1315
+
1316
+ $notify_message =
1317
+ PHP_EOL
1318
+ .__('CleanTalk AntiSpam: This message is possible spam.', 'cleantalk')
1319
+ ."\n".__('You could check it in CleanTalk\'s anti-spam database:', 'cleantalk')
1320
+ ."\n".'IP: https://cleantalk.org/blacklists/' . $apbct->sender_ip
1321
+ ."\n".'Email: https://cleantalk.org/blacklists/' . $apbct->sender_email
1322
+ ."\n".PHP_EOL . sprintf(
1323
+ __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
1324
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_comment_passed'
1325
+ .($apbct->data['user_token']
1326
+ ? '&iser_token='.$apbct->data['user_token']
1327
+ : ''
1328
+ )
1329
+ )
1330
+ .PHP_EOL . '---'
1331
+ .PHP_EOL
1332
+ .PHP_EOL
1333
+ .$notify_message;
1334
+
1335
+ return $notify_message;
1336
+
1337
+ }
1338
+
1339
+ /**
1340
+ * Set die page with Cleantalk comment.
1341
+ * @global array $ct_comment
1342
+ $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_comment;
1343
+ * @param type $comment_status
1344
+ */
1345
+ function ct_die($comment_id, $comment_status) {
1346
+ global $ct_comment;
1347
+ $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $ct_comment;
1348
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1349
+ if(isset($_POST['et_pb_contact_email']))
1350
+ {
1351
+ $mes='<div id="et_pb_contact_form_1" class="et_pb_contact_form_container clearfix"><h1 class="et_pb_contact_main_title">Blacklisted</h1><div class="et-pb-contact-message"><p>'.$ct_comment.'</p></div></div>';
1352
+ wp_die($mes, 'Blacklisted', array('back_link' => true,'response'=>200));
1353
+ }
1354
+ else
1355
+ {
1356
+ wp_die($err_text, 'Blacklisted', array('back_link' => true));
1357
+ }
1358
+ }
1359
+
1360
+ /**
1361
+ * Set die page with Cleantalk comment from parameter.
1362
+ * @param type $comment_body
1363
+ */
1364
+ function ct_die_extended($comment_body) {
1365
+ $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk') . "</center><br><br>\n" . $comment_body;
1366
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1367
+ wp_die($err_text, 'Blacklisted', array('back_link' => true));
1368
+ }
1369
+
1370
+ /**
1371
+ * Validates JavaScript anti-spam test
1372
+ *
1373
+ * @param string $field_name filed to serach in data
1374
+ * @param null $data Data to search in
1375
+ * @param bool $random_key
1376
+ *
1377
+ * @return int|null
1378
+ */
1379
+ function apbct_js_test($field_name = 'ct_checkjs', $data = null) {
1380
+
1381
+ global $apbct;
1382
+
1383
+ $out = null;
1384
+
1385
+ if($data && isset($data[$field_name])){
1386
+
1387
+ $js_key = $data[$field_name];
1388
+
1389
+ // Check static key
1390
+ if($apbct->settings['use_static_js_key']){
1391
+ $ct_challenge = ct_get_checkjs_value();
1392
+ $out = preg_match("/$ct_challenge/", $js_key) ? 1 : 0;
1393
+
1394
+ // Random key check
1395
+ }else{
1396
+ $out = array_key_exists($js_key, $apbct->js_keys) ? 1 : 0;
1397
+ }
1398
+ }
1399
+
1400
+ return $out;
1401
+ }
1402
+
1403
+ /**
1404
+ * Get post url
1405
+ * @param int $comment_id
1406
+ * @param int $comment_post_id
1407
+ * @return string|bool
1408
+ */
1409
+ function ct_post_url($comment_id = null, $comment_post_id) {
1410
+
1411
+ if (empty($comment_post_id))
1412
+ return null;
1413
+
1414
+ if ($comment_id === null) {
1415
+ $last_comment = get_comments('number=1');
1416
+ $comment_id = isset($last_comment[0]->comment_ID) ? (int) $last_comment[0]->comment_ID + 1 : 1;
1417
+ }
1418
+ $permalink = get_permalink($comment_post_id);
1419
+
1420
+ $post_url = null;
1421
+ if ($permalink !== null)
1422
+ $post_url = $permalink . '#comment-' . $comment_id;
1423
+
1424
+ return $post_url;
1425
+ }
1426
+
1427
+ /**
1428
+ * Public filter 'pre_comment_approved' - Mark comment unapproved always
1429
+ * @return int Zero
1430
+ */
1431
+ function ct_set_not_approved() {
1432
+ return 0;
1433
+ }
1434
+
1435
+ /**
1436
+ * @author Artem Leontiev
1437
+ * Public filter 'pre_comment_approved' - Mark comment approved if it's not 'spam' only
1438
+ * @return int 1
1439
+ */
1440
+ function ct_set_approved($approved, $comment) {
1441
+ if ($approved == 'spam'){
1442
+ return $approved;
1443
+ } else {
1444
+ return 1;
1445
+ }
1446
+ }
1447
+
1448
+ /**
1449
+ * Public filter 'pre_comment_approved' - Mark comment unapproved always
1450
+ * @return int Zero
1451
+ */
1452
+ function ct_set_comment_spam() {
1453
+ return 'spam';
1454
+ }
1455
+
1456
+ /**
1457
+ * Public action 'comment_post' - Store cleantalk hash in comment meta 'ct_hash'
1458
+ * @param int $comment_id Comment ID
1459
+ * @param mixed $comment_status Approval status ("spam", or 0/1), not used
1460
+ */
1461
+ function ct_set_meta($comment_id, $comment_status) {
1462
+ global $comment_post_id;
1463
+ $hash1 = ct_hash();
1464
+ if (!empty($hash1)) {
1465
+ update_comment_meta($comment_id, 'ct_hash', $hash1);
1466
+ if (function_exists('base64_encode') && isset($comment_status) && $comment_status != 'spam') {
1467
+ $post_url = ct_post_url($comment_id, $comment_post_id);
1468
+ $post_url = base64_encode($post_url);
1469
+ if ($post_url === false)
1470
+ return false;
1471
+ // 01 - URL to approved comment
1472
+ $feedback_request = $hash1 . ':' . '01' . ':' . $post_url . ';';
1473
+ ct_send_feedback($feedback_request);
1474
+ }
1475
+ }
1476
+ return true;
1477
+ }
1478
+
1479
+ /**
1480
+ * Mark bad words
1481
+ * @global string $ct_stop_words
1482
+ * @param int $comment_id
1483
+ * @param int $comment_status Not use
1484
+ */
1485
+ function ct_mark_red($comment_id, $comment_status) {
1486
+ global $ct_stop_words;
1487
+
1488
+ $comment = get_comment($comment_id, 'ARRAY_A');
1489
+ $message = $comment['comment_content'];
1490
+ foreach (explode(':', $ct_stop_words) as $word) {
1491
+ $message = preg_replace("/($word)/ui", '<font rel="cleantalk" color="#FF1000">' . "$1" . '</font>', $message);
1492
+
1493
+ }
1494
+ $comment['comment_content'] = $message;
1495
+ kses_remove_filters();
1496
+ wp_update_comment($comment);
1497
+ }
1498
+
1499
+ //
1500
+ //Send post to trash
1501
+ //
1502
+ function ct_wp_trash_comment($comment_id, $comment_status){
1503
+ wp_trash_comment($comment_id);
1504
+ }
1505
+
1506
+ /**
1507
+ * Tests plugin activation status
1508
+ * @return bool
1509
+ */
1510
+ function ct_plugin_active($plugin_name){
1511
+ foreach (get_option('active_plugins') as $k => $v) {
1512
+ if ($plugin_name == $v)
1513
+ return true;
1514
+ }
1515
+ return false;
1516
+ }
1517
+
1518
+ /**
1519
+ * Insert a hidden field to registration form
1520
+ * @return null
1521
+ */
1522
+ function ct_register_form() {
1523
+
1524
+ global $ct_checkjs_register_form, $apbct;
1525
+
1526
+ if ($apbct->settings['registrations_test'] == 0) {
1527
+ return false;
1528
+ }
1529
+
1530
+ ct_add_hidden_fields($ct_checkjs_register_form, false, false, false, false);
1531
+
1532
+ return null;
1533
+ }
1534
+
1535
+ function apbct_login__scripts(){
1536
+ echo '<script src="'.APBCT_URL_PATH.'/js/apbct-public.min.js"></script>';
1537
+ }
1538
+
1539
+ /**
1540
+ * Adds notification text to login form - to inform about approved registration
1541
+ * @return null
1542
+ */
1543
+ function ct_login_message($message) {
1544
+
1545
+ global $errors, $apbct, $apbct_cookie_register_ok_label;
1546
+
1547
+
1548
+
1549
+ if ($apbct->settings['registrations_test'] != 0){
1550
+ if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ){
1551
+ if (isset($_COOKIE[$apbct_cookie_register_ok_label])){
1552
+ if(is_wp_error($errors)){
1553
+ $errors->add('ct_message',sprintf(__('Registration approved by %s.', 'cleantalk'), '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk</b>'), 'message');
1554
+ }
1555
+ }
1556
+ }
1557
+ }
1558
+ return $message;
1559
+ }
1560
+
1561
+ /**
1562
+ * Test users registration for pPress
1563
+ * @return array with errors
1564
+ */
1565
+ function ct_registration_errors_ppress($reg_errors, $form_id) {
1566
+
1567
+ $email = $_POST['reg_email'];
1568
+ $login = $_POST['reg_username'];
1569
+
1570
+ $reg_errors = ct_registration_errors($reg_errors, $login, $email);
1571
+
1572
+ return $reg_errors;
1573
+ }
1574
+
1575
+ /**
1576
+ * Test users registration for multisite enviroment
1577
+ * @return array with errors
1578
+ */
1579
+ function ct_registration_errors_wpmu($errors) {
1580
+ global $ct_signup_done;
1581
+
1582
+ //
1583
+ // Multisite actions
1584
+ //
1585
+ $sanitized_user_login = null;
1586
+ if (isset($errors['user_name'])) {
1587
+ $sanitized_user_login = $errors['user_name'];
1588
+ $wpmu = true;
1589
+ }
1590
+ $user_email = null;
1591
+ if (isset($errors['user_email'])) {
1592
+ $user_email = $errors['user_email'];
1593
+ $wpmu = true;
1594
+ }
1595
+
1596
+ if ($wpmu && isset($errors['errors']->errors) && count($errors['errors']->errors) > 0) {
1597
+ return $errors;
1598
+ }
1599
+
1600
+ $errors['errors'] = ct_registration_errors($errors['errors'], $sanitized_user_login, $user_email);
1601
+
1602
+ // Show CleanTalk errors in user_name field
1603
+ if (isset($errors['errors']->errors['ct_error'])) {
1604
+ $errors['errors']->errors['user_name'] = $errors['errors']->errors['ct_error'];
1605
+ unset($errors['errors']->errors['ct_error']);
1606
+ }
1607
+
1608
+ return $errors;
1609
+ }
1610
+
1611
+ /**
1612
+ * Shell for action register_post
1613
+ * @return array with errors
1614
+ */
1615
+ function ct_register_post($sanitized_user_login = null, $user_email = null, $errors) {
1616
+ return ct_registration_errors($errors, $sanitized_user_login, $user_email);
1617
+ }
1618
+
1619
+ /**
1620
+ * Check messages for external plugins
1621
+ * @return array with checking result;
1622
+ */
1623
+
1624
+ function ct_test_message($nickname, $email, $ip, $text){
1625
+
1626
+ $base_call_result = apbct_base_call(
1627
+ array(
1628
+ 'message' => $text,
1629
+ 'sender_email' => $email,
1630
+ 'sender_nickname' => $nickname,
1631
+ 'post_info' => array('comment_type' => 'feedback_plugin_check'),
1632
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
1633
+ )
1634
+ );
1635
+
1636
+ $ct_result = $base_call_result['ct_result'];
1637
+
1638
+ $result=Array(
1639
+ 'allow' => $ct_result->allow,
1640
+ 'comment' => $ct_result->comment,
1641
+ );
1642
+ return $result;
1643
+ }
1644
+
1645
+ /**
1646
+ * Check registrations for external plugins
1647
+ * @return array with checking result;
1648
+ */
1649
+ function ct_test_registration($nickname, $email, $ip){
1650
+
1651
+ global $ct_checkjs_register_form, $apbct;
1652
+
1653
+ if(apbct_js_test($ct_checkjs_register_form, $_POST)){
1654
+ $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1655
+ $sender_info['post_checkjs_passed'] = $checkjs;
1656
+ }else{
1657
+ $checkjs = $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1658
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
1659
+ }
1660
+
1661
+ //Making a call
1662
+ $base_call_result = apbct_base_call(
1663
+ array(
1664
+ 'sender_ip' => $ip,
1665
+ 'sender_email' => $email,
1666
+ 'sender_nickname' => $nickname,
1667
+ 'sender_info' => $sender_info,
1668
+ 'js_on' => $checkjs,
1669
+ ),
1670
+ true
1671
+ );
1672
+ $ct_result = $base_call_result['ct_result'];
1673
+
1674
+ $result = array(
1675
+ 'allow' => $ct_result->allow,
1676
+ 'comment' => $ct_result->comment,
1677
+ );
1678
+ return $result;
1679
+ }
1680
+
1681
+ /**
1682
+ * Test users registration
1683
+ * @return array with errors
1684
+ */
1685
+ function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1686
+
1687
+ global $ct_checkjs_register_form, $apbct_cookie_request_id_label, $apbct_cookie_register_ok_label, $bp, $ct_signup_done, $ct_negative_comment, $apbct, $ct_registration_error_comment, $cleantalk_executed;
1688
+
1689
+ // Go out if a registrered user action
1690
+ if (apbct_is_user_enable() === false) {
1691
+ return $errors;
1692
+ }
1693
+
1694
+ if ($apbct->settings['registrations_test'] == 0) {
1695
+ return $errors;
1696
+ }
1697
+
1698
+ //
1699
+ // The function already executed
1700
+ // It happens when used ct_register_post();
1701
+ //
1702
+ if ($ct_signup_done && is_object($errors) && count($errors->errors) > 0) {
1703
+ return $errors;
1704
+ }
1705
+
1706
+ // Facebook registration
1707
+ if ($sanitized_user_login === null && isset($_POST['FB_userdata'])){
1708
+ $sanitized_user_login = $_POST['FB_userdata']['name'];
1709
+ $facebook = true;
1710
+ }
1711
+ if ($user_email === null && isset($_POST['FB_userdata'])){
1712
+ $user_email = $_POST['FB_userdata']['email'];
1713
+ $facebook = true;
1714
+ }
1715
+
1716
+ // BuddyPress actions
1717
+ $buddypress = false;
1718
+ if ($sanitized_user_login === null && isset($_POST['signup_username'])) {
1719
+ $sanitized_user_login = $_POST['signup_username'];
1720
+ $buddypress = true;
1721
+ }
1722
+ if ($user_email === null && isset($_POST['signup_email'])) {
1723
+ $user_email = $_POST['signup_email'];
1724
+ $buddypress = true;
1725
+ }
1726
+
1727
+ //
1728
+ // Break tests because we already have servers response
1729
+ //
1730
+ if ($buddypress && $ct_signup_done) {
1731
+ if ($ct_negative_comment) {
1732
+ $bp->signup->errors['signup_username'] = $ct_negative_comment;
1733
+ }
1734
+ return $errors;
1735
+ }
1736
+
1737
+ $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1738
+ $sender_info['post_checkjs_passed'] = $checkjs;
1739
+ // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1740
+ if ($checkjs == 0) {
1741
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1742
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
1743
+ }
1744
+
1745
+ $base_call_result = apbct_base_call(
1746
+ array(
1747
+ 'sender_email' => $user_email,
1748
+ 'sender_nickname' => $sanitized_user_login,
1749
+ 'sender_info' => $sender_info,
1750
+ 'js_on' => $checkjs,
1751
+ ),
1752
+ true
1753
+ );
1754
+ $ct_result = $base_call_result['ct_result'];
1755
+
1756
+ // Change mail notification if license is out of date
1757
+ if($apbct->data['moderate'] == 0 &&
1758
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
1759
+ ){
1760
+ $apbct->sender_email = $user_email;
1761
+ $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
1762
+ add_filter('wp_new_user_notification_email_admin', 'apbct_registration__Wordpress__changeMailNotification', 100, 3);
1763
+ }
1764
+
1765
+ $ct_signup_done = true;
1766
+
1767
+ $ct_result = ct_change_plugin_resonse($ct_result, $checkjs);
1768
+
1769
+ $cleantalk_executed = true;
1770
+
1771
+ if ($ct_result->inactive != 0) {
1772
+ ct_send_error_notice($ct_result->comment);
1773
+ return $errors;
1774
+ }
1775
+
1776
+ if ($ct_result->allow == 0) {
1777
+
1778
+ if ($buddypress === true) {
1779
+ $bp->signup->errors['signup_username'] = $ct_result->comment;
1780
+ }elseif(!empty($facebook)){
1781
+ $_POST['FB_userdata']['email'] = '';
1782
+ $_POST['FB_userdata']['name'] = '';
1783
+ return;
1784
+ }else{
1785
+ if(is_wp_error($errors))
1786
+ $errors->add('ct_error', $ct_result->comment);
1787
+ $ct_negative_comment = $ct_result->comment;
1788
+ }
1789
+
1790
+ $ct_registration_error_comment = $ct_result->comment;
1791
+
1792
+ } else {
1793
+ if ($ct_result->id !== null) {
1794
+ setcookie($apbct_cookie_register_ok_label, $ct_result->id, time()+10, '/');
1795
+ setcookie($apbct_cookie_request_id_label, $ct_result->id, time()+10, '/');
1796
+ }
1797
+ }
1798
+
1799
+ return $errors;
1800
+ }
1801
+
1802
+ /**
1803
+ * Changes email notification for newly registred user
1804
+ *
1805
+ * @param string $wp_new_user_notification_email_admin Body of email notification
1806
+ * @param array $user User inof
1807
+ * @param string $blogname Blog name
1808
+ * @return string Body for email notification
1809
+ */
1810
+ function apbct_registration__Wordpress__changeMailNotification($wp_new_user_notification_email_admin, $user, $blogname){
1811
+
1812
+ global $apbct;
1813
+
1814
+ $wp_new_user_notification_email_admin['message'] = PHP_EOL
1815
+ .__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk')
1816
+ ."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1817
+ ."\n" . 'IP: ' . $apbct->sender_ip
1818
+ ."\n" . 'Email: ' . $apbct->sender_email
1819
+ .PHP_EOL . PHP_EOL .
1820
+ __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
1821
+ .'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'
1822
+ .($apbct->data['user_token']
1823
+ ? '&iser_token='.$apbct->data['user_token']
1824
+ : ''
1825
+ )
1826
+ .PHP_EOL . '---'
1827
+ .PHP_EOL
1828
+ .$wp_new_user_notification_email_admin['message'];
1829
+
1830
+ return $wp_new_user_notification_email_admin;
1831
+
1832
+
1833
+ }
1834
+
1835
+ /**
1836
+ * Checks registration error and set it if it was dropped
1837
+ * @return errors
1838
+ */
1839
+ function ct_check_registration_erros($errors, $sanitized_user_login = null, $user_email = null) {
1840
+ global $bp, $ct_registration_error_comment;
1841
+
1842
+ if($ct_registration_error_comment){
1843
+
1844
+ if(isset($bp))
1845
+ if(method_exists($bp, 'signup'))
1846
+ if(method_exists($bp->signup, 'errors'))
1847
+ if(isset($bp->signup->errors['signup_username']))
1848
+ if($bp->signup->errors['signup_username'] != $ct_registration_error_comment)
1849
+ $bp->signup->errors['signup_username'] = $ct_registration_error_comment;
1850
+
1851
+ if(isset($errors))
1852
+ if(method_exists($errors, 'errors'))
1853
+ if(isset($errors->errors['ct_error']))
1854
+ if($errors->errors['ct_error'][0] != $ct_registration_error_comment)
1855
+ $errors->add('ct_error', $ct_registration_error_comment);
1856
+
1857
+ }
1858
+ return $errors;
1859
+ }
1860
+
1861
+ /**
1862
+ * Set user meta (ct_hash) for successed registration
1863
+ * @return null
1864
+ */
1865
+ function apbct_user_register($user_id) {
1866
+ global $apbct_cookie_request_id_label;
1867
+ if (isset($_COOKIE[$apbct_cookie_request_id_label])) {
1868
+ if(update_user_meta($user_id, 'ct_hash', $_COOKIE[$apbct_cookie_request_id_label])){
1869
+ setcookie($apbct_cookie_request_id_label, '0', 1, '/');
1870
+ }
1871
+ }
1872
+ }
1873
+
1874
+
1875
+ /**
1876
+ * Test for JetPack contact form
1877
+ */
1878
+ function ct_grunion_contact_form_field_html($r, $field_label) {
1879
+ global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields, $apbct;
1880
+
1881
+
1882
+
1883
+
1884
+ if ($apbct->settings['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match("/[text|email]/i", $r)) {
1885
+
1886
+ // Looking for element name prefix
1887
+ $name_patched = false;
1888
+ foreach ($ct_jpcf_fields as $v) {
1889
+ if ($name_patched === false && preg_match("/(g\d-)$v/", $r, $matches)) {
1890
+ $ct_checkjs_jpcf = $matches[1] . $ct_checkjs_jpcf;
1891
+ $name_patched = true;
1892
+ }
1893
+ }
1894
+
1895
+ $r .= ct_add_hidden_fields($ct_checkjs_jpcf, true);
1896
+ $ct_jpcf_patched = true;
1897
+ }
1898
+
1899
+ return $r;
1900
+ }
1901
+ /**
1902
+ * Test for JetPack contact form
1903
+ */
1904
+ function ct_contact_form_is_spam($form) {
1905
+
1906
+ global $ct_checkjs_jpcf, $apbct;
1907
+
1908
+ if ($apbct->settings['contact_forms_test'] == 0) {
1909
+ return null;
1910
+ }
1911
+
1912
+ $js_field_name = $ct_checkjs_jpcf;
1913
+ foreach ($_POST as $k => $v) {
1914
+ if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1915
+ $js_field_name = $k;
1916
+ }
1917
+
1918
+ $sender_email = null;
1919
+ $sender_nickname = null;
1920
+ $message = '';
1921
+ if (isset($form['comment_author_email']))
1922
+ $sender_email = $form['comment_author_email'];
1923
+
1924
+ if (isset($form['comment_author']))
1925
+ $sender_nickname = $form['comment_author'];
1926
+
1927
+ if (isset($form['comment_content']))
1928
+ $message = $form['comment_content'];
1929
+
1930
+ $base_call_result = apbct_base_call(
1931
+ array(
1932
+ 'message' => $message,
1933
+ 'sender_email' => $sender_email,
1934
+ 'sender_nickname' => $sender_nickname,
1935
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1936
+ 'sender_info' => array('sender_url' => @$form['comment_author_url']),
1937
+ 'js_on' => apbct_js_test($js_field_name, $_POST),
1938
+ )
1939
+ );
1940
+ $ct_result = $base_call_result['ct_result'];
1941
+
1942
+ if ($ct_result->allow == 0) {
1943
+ global $ct_comment;
1944
+ $ct_comment = $ct_result->comment;
1945
+ ct_die(null, null);
1946
+ exit;
1947
+ }
1948
+
1949
+ return (bool) !$ct_result->allow;
1950
+ }
1951
+
1952
+ function ct_contact_form_is_spam_jetpack($is_spam,$form) {
1953
+ global $ct_checkjs_jpcf, $apbct;
1954
+
1955
+ if ($apbct->settings['contact_forms_test'] == 0) {
1956
+ return null;
1957
+ }
1958
+
1959
+ $js_field_name = $ct_checkjs_jpcf;
1960
+ foreach ($_POST as $k => $v) {
1961
+ if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1962
+ $js_field_name = $k;
1963
+ }
1964
+
1965
+ $base_call_result = apbct_base_call(
1966
+ array(
1967
+ 'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
1968
+ 'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
1969
+ 'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
1970
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1971
+ 'sender_info' => array('sender_url' => @$form['comment_author_url']),
1972
+ )
1973
+ );
1974
+ $ct_result = $base_call_result['ct_result'];
1975
+
1976
+ if ($ct_result->allow == 0) {
1977
+ global $ct_comment;
1978
+ $ct_comment = $ct_result->comment;
1979
+ ct_die(null, null);
1980
+ exit;
1981
+ }
1982
+
1983
+ return (bool) !$ct_result->allow;
1984
+ }
1985
+
1986
+ /**
1987
+ * Inserts anti-spam hidden to WP Maintenance Mode (wpmm)
1988
+ */
1989
+ function apbct_form__wpmm__addField(){
1990
+ ct_add_hidden_fields('ct_checkjs', false, true, true);
1991
+ }
1992
+
1993
+ /**
1994
+ * Inserts anti-spam hidden to CF7
1995
+ */
1996
+ function apbct_form__contactForm7__addField($html) {
1997
+ global $ct_checkjs_cf7, $apbct;
1998
+
1999
+
2000
+
2001
+ if ($apbct->settings['contact_forms_test'] == 0) {
2002
+ return $html;
2003
+ }
2004
+
2005
+ $html .= ct_add_hidden_fields($ct_checkjs_cf7, true);
2006
+
2007
+ return $html;
2008
+ }
2009
+
2010
+ /**
2011
+ * Test spam for Contact Fomr 7 (CF7) right before validation
2012
+ *
2013
+ * @global SpbcState $apbct
2014
+ * @param type $result
2015
+ * @param type $tags
2016
+ * @return type
2017
+ */
2018
+ function apbct_form__contactForm7__tesSpam__before_validate($result = null, $tags = null) {
2019
+ global $apbct;
2020
+
2021
+ if ($result && method_exists($result, 'get_invalid_fields')){
2022
+ $invalid_fields = $result->get_invalid_fields();
2023
+ if(!empty($invalid_fields) && is_array($invalid_fields)){
2024
+ $apbct->validation_error = $invalid_fields[key($invalid_fields)]['reason'];
2025
+ apbct_form__contactForm7__testSpam(false);
2026
+ }
2027
+ }
2028
+
2029
+ return $result;
2030
+ }
2031
+
2032
+ /**
2033
+ * Test CF7 message for spam
2034
+ */
2035
+ function apbct_form__contactForm7__testSpam($param) {
2036
+
2037
+ global $ct_checkjs_cf7, $apbct;
2038
+
2039
+ if(
2040
+ $apbct->settings['contact_forms_test'] == 0 ||
2041
+ $param == false && WPCF7_VERSION < '3.0.0' ||
2042
+ $param === true && WPCF7_VERSION >= '3.0.0' ||
2043
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() || // Skip processing for logged in users.
2044
+ apbct_check_url_exclusions() ||
2045
+ apbct_check_ip_exclusions() ||
2046
+ isset($apbct->cf7_checked)
2047
+ ){
2048
+ return $param;
2049
+ }
2050
+
2051
+ $checkjs = apbct_js_test($ct_checkjs_cf7, $_POST)
2052
+ ? apbct_js_test($ct_checkjs_cf7, $_POST)
2053
+ : apbct_js_test('ct_checkjs', $_COOKIE);
2054
+
2055
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
2056
+
2057
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2058
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2059
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2060
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2061
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2062
+ if ($subject != '') {
2063
+ $message = array_merge(array('subject' => $subject), $message);
2064
+ }
2065
+
2066
+ $base_call_result = apbct_base_call(
2067
+ array(
2068
+ 'message' => $message,
2069
+ 'sender_email' => $sender_email,
2070
+ 'sender_nickname' => $sender_nickname,
2071
+ 'js_on' => $checkjs,
2072
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
2073
+ 'sender_info' => array(
2074
+ 'form_validation' => !isset($apbct->validation_error)
2075
+ ? null
2076
+ : json_encode(array(
2077
+ 'validation_notice' => $apbct->validation_error,
2078
+ 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
2079
+ ))
2080
+ ),
2081
+ )
2082
+ );
2083
+
2084
+ $ct_result = $base_call_result['ct_result'];
2085
+
2086
+ // Change mail notification if license is out of date
2087
+ if($apbct->data['moderate'] == 0 &&
2088
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2089
+ ){
2090
+ $apbct->sender_email = $sender_email;
2091
+ $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2092
+ add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
2093
+ }
2094
+
2095
+ if ($ct_result->allow == 0) {
2096
+
2097
+ global $ct_cf7_comment;
2098
+ $ct_cf7_comment = $ct_result->comment;
2099
+
2100
+ add_filter('wpcf7_display_message', 'apbct_form__contactForm7__showResponse', 10, 2);
2101
+
2102
+ $param = WPCF7_VERSION >= '3.0.0' ? true : false;
2103
+
2104
+ }
2105
+
2106
+ $apbct->cf7_checked = true;
2107
+
2108
+ return $param;
2109
+ }
2110
+
2111
+ /**
2112
+ * Changes CF7 status message
2113
+ * @param string $hook URL of hooked page
2114
+ */
2115
+ function apbct_form__contactForm7__showResponse($message, $status = 'spam') {
2116
+ global $ct_cf7_comment;
2117
+
2118
+ if ($status == 'spam') {
2119
+ $message = $ct_cf7_comment;
2120
+ }
2121
+
2122
+ return $message;
2123
+ }
2124
+
2125
+ /**
2126
+ * Changes email notification for succes subscription for Contact Form 7
2127
+ *
2128
+ * @param array $component Arguments for email notification
2129
+ * @return array Arguments for email notification
2130
+ */
2131
+ function apbct_form__contactForm7__changeMailNotification($component){
2132
+
2133
+ global $apbct;
2134
+
2135
+ $component['body'] =
2136
+ __('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2137
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2138
+ .PHP_EOL . 'IP: ' . $apbct->sender_ip
2139
+ .PHP_EOL . 'Email: ' . $apbct->sender_email
2140
+ .PHP_EOL . sprintf(
2141
+ __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
2142
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=cf7_activate_antispam&user_token='.$apbct->user_token
2143
+ )
2144
+ .PHP_EOL . '---' . PHP_EOL . PHP_EOL
2145
+ .$component['body'];
2146
+
2147
+ return (array) $component;
2148
+ }
2149
+
2150
+ /**
2151
+ * Test Ninja Forms message for spam
2152
+ *
2153
+ * @global SpbcState $apbct
2154
+ * @return void
2155
+ */
2156
+ function apbct_form__ninjaForms__testSpam() {
2157
+
2158
+ global $apbct;
2159
+
2160
+ if(
2161
+ $apbct->settings['contact_forms_test'] == 0
2162
+ || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2163
+ || apbct_check_url_exclusions()
2164
+ ){
2165
+ return;
2166
+ }
2167
+
2168
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2169
+
2170
+ // Choosing between POST and GET
2171
+ $params = ct_get_fields_any(isset($_GET['ninja_forms_ajax_submit']) || isset($_GET['nf_ajax_submit']) ? $_GET : $_POST);
2172
+
2173
+ $sender_email = ($params['email'] ? $params['email'] : '');
2174
+ $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2175
+ $subject = ($params['subject'] ? $params['subject'] : '');
2176
+ $message = ($params['message'] ? $params['message'] : array());
2177
+ if ($subject != '') {
2178
+ $message = array_merge(array('subject' => $subject), $message);
2179
+ }
2180
+
2181
+ //Ninja Forms xml fix
2182
+ foreach ($message as $key => $value){
2183
+ if (strpos($value, '<xml>') !== false)
2184
+ unset($message[$key]);
2185
+ }
2186
+
2187
+ $base_call_result = apbct_base_call(
2188
+ array(
2189
+ 'message' => $message,
2190
+ 'sender_email' => $sender_email,
2191
+ 'sender_nickname' => $sender_nickname,
2192
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_ninja_froms'),
2193
+ 'js_on' => $checkjs,
2194
+ )
2195
+ );
2196
+ $ct_result = $base_call_result['ct_result'];
2197
+
2198
+ // Change mail notification if license is out of date
2199
+ if($apbct->data['moderate'] == 0 &&
2200
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2201
+ ){
2202
+ $apbct->sender_email = $sender_email;
2203
+ $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2204
+ add_filter('ninja_forms_action_email_message', 'apbct_form__ninjaForms__changeMailNotification', 1, 3);
2205
+ }
2206
+
2207
+ if ($ct_result->allow == 0) {
2208
+
2209
+ // We have to use GLOBAL variable to transfer the comment to apbct_form__ninjaForms__changeResponse() function :(
2210
+ $apbct->response = $ct_result->comment;
2211
+ add_action( 'ninja_forms_before_response', 'apbct_form__ninjaForms__changeResponse', 10, 1 );
2212
+ }
2213
+ }
2214
+
2215
+ function apbct_form__ninjaForms__changeResponse( $data ) {
2216
+
2217
+ global $apbct;
2218
+
2219
+ // Show error message below field found by ID
2220
+ if(array_key_exists('email', $data['fields_by_key'])){
2221
+ // Find ID of EMAIL field
2222
+ $nf_field_id = $data['fields_by_key']['email']['id'];
2223
+ }else{
2224
+ // Find ID of last field (usually SUBMIT)
2225
+ $nf_field_id = array_pop(array_keys($data['fields']));
2226
+ }
2227
+
2228
+ // Below is modified NJ logic
2229
+ $error = array(
2230
+ 'fields' => array(
2231
+ $nf_field_id => $apbct->response,
2232
+ ),
2233
+ );
2234
+
2235
+ $response = array( 'data' => $data, 'errors' => $error, 'debug' => '' );
2236
+
2237
+ die(wp_json_encode( $response, JSON_FORCE_OBJECT ));
2238
+
2239
+ }
2240
+
2241
+ /**
2242
+ * Changes email notification for succes subscription for Ninja Forms
2243
+ *
2244
+ * @param string $message Body of email notification
2245
+ * @return string Body for email notification
2246
+ */
2247
+ function apbct_form__ninjaForms__changeMailNotification($message, $data, $action_settings){
2248
+
2249
+ global $apbct;
2250
+
2251
+ if($action_settings['to'] !== $apbct->sender_email){
2252
+
2253
+ $message .= wpautop(PHP_EOL . '---'
2254
+ .PHP_EOL
2255
+ .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2256
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2257
+ .PHP_EOL . 'IP: ' . $apbct->sender_ip
2258
+ .PHP_EOL . 'Email: ' . $apbct->sender_email
2259
+ .PHP_EOL .
2260
+ __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
2261
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token
2262
+ );
2263
+ }
2264
+
2265
+ return $message;
2266
+ }
2267
+
2268
+ /**
2269
+ * Inserts anti-spam hidden to WPForms
2270
+ *
2271
+ * @global SpbcState $apbct
2272
+ * @return void
2273
+ */
2274
+ function apbct_form__WPForms__addField($form_data, $some, $title, $description, $errors) {
2275
+
2276
+ global $apbct;
2277
+
2278
+ if($apbct->settings['contact_forms_test'] == 1)
2279
+ ct_add_hidden_fields('checkjs_wpforms', false);
2280
+
2281
+ }
2282
+
2283
+ /**
2284
+ * Gather fields data from submission and store it
2285
+ *
2286
+ * @global SpbcState $apbct
2287
+ * @param array $entry
2288
+ * @param array $form_data
2289
+ * @return array
2290
+ */
2291
+ function apbct_from__WPForms__gatherData($entry, $form_data){
2292
+
2293
+ global $apbct;
2294
+
2295
+ $apbct->form_data = $entry['fields'];
2296
+
2297
+ return $entry;
2298
+ }
2299
+
2300
+ /**
2301
+ * Adding error to form entry if message is spam
2302
+ * Call spam test from here
2303
+ *
2304
+ * @param array $errors
2305
+ * @param array $form_data
2306
+ * @return array
2307
+ */
2308
+ function apbct_form__WPForms__showResponse($errors, $form_data) {
2309
+
2310
+ if(empty($errors) || ( isset($form_data['id'], $errors[$form_data['id']]) && !count($errors[$form_data['id']]) ) ){
2311
+
2312
+ $spam_comment = apbct_form__WPForms__testSpam();
2313
+
2314
+ if($spam_comment)
2315
+ $errors[$form_data['id']][0] = $spam_comment;
2316
+
2317
+ }
2318
+
2319
+ return $errors;
2320
+ }
2321
+
2322
+ /**
2323
+ * Test WPForms message for spam
2324
+ * Doesn't hooked anywhere.
2325
+ * Called directly from apbct_form__WPForms__showResponse()
2326
+ *
2327
+ * @global SpbcState $apbct
2328
+ * @global array $apbct->form_data Contains form data
2329
+ * @param array $errors Array of errors to write false result in
2330
+ * @return void
2331
+ */
2332
+ function apbct_form__WPForms__testSpam() {
2333
+
2334
+ global $apbct;
2335
+
2336
+ if(
2337
+ $apbct->settings['contact_forms_test'] == 0 ||
2338
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
2339
+ ){
2340
+ return;
2341
+ }
2342
+
2343
+ $checkjs = apbct_js_test('checkjs_wpforms', $_POST);
2344
+
2345
+ $params = ct_get_fields_any($apbct->form_data);
2346
+
2347
+ $sender_email = ($params['email'] ? $params['email'] : '');
2348
+ $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2349
+ $subject = ($params['subject'] ? $params['subject'] : '');
2350
+ $message = ($params['message'] ? $params['message'] : array());
2351
+ if ($subject != '') {
2352
+ $message = array_merge(array('subject' => $subject), $message);
2353
+ }
2354
+
2355
+ $base_call_result = apbct_base_call(
2356
+ array(
2357
+ 'message' => $message,
2358
+ 'sender_email' => $sender_email,
2359
+ 'sender_nickname' => $sender_nickname,
2360
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2361
+ 'js_on' => $checkjs,
2362
+ )
2363
+ );
2364
+ $ct_result = $base_call_result['ct_result'];
2365
+
2366
+ // Change mail notification if license is out of date
2367
+ if($apbct->data['moderate'] == 0 &&
2368
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2369
+ ){
2370
+ $apbct->sender_email = $sender_email;
2371
+ $apbct->sender_ip = CleantalkHelper::ip__get(array('real'));
2372
+ add_filter('wpforms_email_message', 'apbct_form__WPForms__changeMailNotification', 100, 2);
2373
+ }
2374
+
2375
+ if ($ct_result->allow == 0){
2376
+ return $ct_result->comment;
2377
+ }
2378
+
2379
+ return null;
2380
+
2381
+ }
2382
+
2383
+ /**
2384
+ * Changes email notification for succes subscription for Ninja Forms
2385
+ *
2386
+ * @param string $message Body of email notification
2387
+ * @param WPForms_WP_Emails $wpforms_email WPForms email class object
2388
+ * @return string Body for email notification
2389
+ */
2390
+ function apbct_form__WPForms__changeMailNotification($message, $wpforms_email){
2391
+
2392
+ global $apbct;
2393
+
2394
+ $message = str_replace('</html>', '', $message);
2395
+ $message = str_replace('</body>', '', $message);
2396
+ $message .= wpautop(PHP_EOL . '---'
2397
+ .PHP_EOL
2398
+ .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
2399
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
2400
+ .PHP_EOL . 'IP: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_ip . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_ip . '</a>'
2401
+ .PHP_EOL . 'Email: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_email . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_email . '</a>'
2402
+ .PHP_EOL . sprintf(
2403
+ __('Activate protection in your %sAnti-Spam Dashboard%s.', 'clentalk'),
2404
+ '<a href="https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_activate_antispam" target="_blank">',
2405
+ '</a>'
2406
+ ))
2407
+ .'</body></html>';
2408
+
2409
+ return $message;
2410
+
2411
+ }
2412
+
2413
+ /*
2414
+ * QuForms check spam
2415
+ * works with singl-paged forms
2416
+ * and with multi-paged forms - check only last step of the forms
2417
+ */
2418
+ function ct_quform_post_validate($result, $form) {
2419
+
2420
+ if ( $form->hasPages() ) {
2421
+ $comment_type = 'contact_form_wordpress_quforms_multipage';
2422
+ } else {
2423
+ $comment_type = 'contact_form_wordpress_quforms_singlepage';
2424
+ }
2425
+
2426
+ $ct_temp_msg_data = ct_get_fields_any( $form->getValues() );
2427
+ // @ToDo If we have several emails at the form - will be used only the first detected!
2428
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2429
+
2430
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2431
+ $base_call_result = apbct_base_call(
2432
+ array(
2433
+ 'message' => $form->getValues(),
2434
+ 'sender_email' => $sender_email,
2435
+ 'post_info' => array('comment_type' => $comment_type),
2436
+ 'js_on' => $checkjs,
2437
+ )
2438
+ );
2439
+
2440
+ $ct_result = $base_call_result['ct_result'];
2441
+ if ($ct_result->allow == 0) {
2442
+ die(json_encode(array('type' => 'error', 'apbct' => array('blocked' => true, 'comment' => $ct_result->comment))));
2443
+ } else {
2444
+ return $result;
2445
+ }
2446
+
2447
+ return $result;
2448
+
2449
+ }
2450
+
2451
+ /**
2452
+ * Inserts anti-spam hidden to Fast Secure contact form
2453
+ */
2454
+ function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
2455
+ $string .= ct_add_hidden_fields('ct_checkjs', true);
2456
+ return $string;
2457
+ }
2458
+
2459
+ /**
2460
+ * Test for Fast Secure contact form
2461
+ */
2462
+ function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
2463
+ global $apbct, $cleantalk_executed;
2464
+
2465
+ if (!empty($form_errors))
2466
+ return $form_errors;
2467
+
2468
+ if ($apbct->settings['contact_forms_test'] == 0)
2469
+ return $form_errors;
2470
+
2471
+ // Skip processing because data already processed.
2472
+ if ($cleantalk_executed) {
2473
+ return $form_errors;
2474
+ }
2475
+
2476
+ //getting info from custom fields
2477
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
2478
+
2479
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2480
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2481
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2482
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2483
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2484
+ if($subject != '') {
2485
+ $message['subject'] = $subject;
2486
+ }
2487
+
2488
+ $base_call_result = apbct_base_call(
2489
+ array(
2490
+ 'message' => $message,
2491
+ 'sender_email' => $sender_email,
2492
+ 'sender_nickname' => $sender_nickname,
2493
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_fscf'),
2494
+ 'js_on' => apbct_js_test('ct_checkjs', $_POST),
2495
+ )
2496
+ );
2497
+
2498
+ $ct_result = $base_call_result['ct_result'];
2499
+
2500
+ $cleantalk_executed = true;
2501
+
2502
+ if ($ct_result->allow == 0) {
2503
+ global $ct_comment;
2504
+ $ct_comment = $ct_result->comment;
2505
+ ct_die(null, null);
2506
+ exit;
2507
+ }
2508
+
2509
+ return $form_errors;
2510
+ }
2511
+
2512
+ /**
2513
+ * Notice for commentators which comment has automatically approved by plugin
2514
+ * @param string $hook URL of hooked page
2515
+ */
2516
+ function ct_comment_text($comment_text) {
2517
+ global $comment, $ct_approved_request_id_label;
2518
+
2519
+ if (isset($_COOKIE[$ct_approved_request_id_label]) && isset($comment->comment_ID)) {
2520
+ $ct_hash = get_comment_meta($comment->comment_ID, 'ct_hash', true);
2521
+
2522
+ if ($ct_hash !== '' && $_COOKIE[$ct_approved_request_id_label] == $ct_hash) {
2523
+ $comment_text .= '<br /><br /> <em class="comment-awaiting-moderation">' . __('Comment approved. Anti-spam by CleanTalk.', 'cleantalk') . '</em>';
2524
+ }
2525
+ }
2526
+
2527
+ return $comment_text;
2528
+ }
2529
+
2530
+
2531
+ /**
2532
+ * Checks WordPress Landing Pages raw $_POST values
2533
+ */
2534
+ function ct_check_wplp(){
2535
+
2536
+ global $ct_wplp_result_label, $apbct;
2537
+
2538
+ if (!isset($_COOKIE[$ct_wplp_result_label])) {
2539
+ // First AJAX submit of WPLP form
2540
+ if ($apbct->settings['contact_forms_test'] == 0)
2541
+ return;
2542
+
2543
+ $post_info['comment_type'] = 'feedback';
2544
+ $post_info = json_encode($post_info);
2545
+ if ($post_info === false)
2546
+ $post_info = '';
2547
+
2548
+ $sender_email = '';
2549
+ foreach ($_POST as $v) {
2550
+ if (preg_match("/^\S+@\S+\.\S+$/", $v)) {
2551
+ $sender_email = $v;
2552
+ break;
2553
+ }
2554
+ }
2555
+
2556
+ $message = '';
2557
+ if(array_key_exists('form_input_values', $_POST)){
2558
+ $form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
2559
+ if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
2560
+ $message = $form_input_values['null'];
2561
+ } else if (array_key_exists('null', $_POST)) {
2562
+ $message = $_POST['null'];
2563
+ }
2564
+
2565
+ $base_call_result = apbct_base_call(
2566
+ array(
2567
+ 'message' => $message,
2568
+ 'sender_email' => $sender_email,
2569
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wplp'),
2570
+ )
2571
+ );
2572
+
2573
+ $ct_result = $base_call_result['ct_result'];
2574
+
2575
+ if ($ct_result->allow == 0) {
2576
+ $cleantalk_comment = $ct_result->comment;
2577
+ } else {
2578
+ $cleantalk_comment = 'OK';
2579
+ }
2580
+
2581
+ setcookie($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
2582
+ } else {
2583
+ // Next POST/AJAX submit(s) of same WPLP form
2584
+ $cleantalk_comment = $_COOKIE[$ct_wplp_result_label];
2585
+ }
2586
+ if ($cleantalk_comment !== 'OK')
2587
+ ct_die_extended($cleantalk_comment);
2588
+ }
2589
+
2590
+ /**
2591
+ * Places a hidding field to Gravity forms.
2592
+ * @return string
2593
+ */
2594
+ function apbct_form__gravityForms__addField($form_string, $form){
2595
+ $ct_hidden_field = 'ct_checkjs';
2596
+
2597
+ // Do not add a hidden field twice.
2598
+ if (preg_match("/$ct_hidden_field/", $form_string)) {
2599
+ return $form_string;
2600
+ }
2601
+
2602
+ $search = "</form>";
2603
+
2604
+ // Adding JS code
2605
+ $js_code = ct_add_hidden_fields($ct_hidden_field, true, false);
2606
+ $form_string = str_replace($search, $js_code . $search, $form_string);
2607
+
2608
+ // Adding field for multipage form. Look for cleantalk.php -> apbct_cookie();
2609
+ $append_string = isset($form['lastPageButton']) ? "<input type='hidden' name='ct_multipage_form' value='yes'>" : '';
2610
+ $form_string = str_replace($search, $append_string.$search, $form_string);
2611
+
2612
+ return $form_string;
2613
+ }
2614
+
2615
+ /**
2616
+ * Gravity forms anti-spam test.
2617
+ * @return boolean
2618
+ */
2619
+ function apbct_form__gravityForms__testSpam($is_spam, $form, $entry) {
2620
+
2621
+ global $apbct, $cleantalk_executed, $ct_gform_is_spam, $ct_gform_response;
2622
+
2623
+ if (
2624
+ $apbct->settings['contact_forms_test'] == 0 ||
2625
+ $is_spam ||
2626
+ $cleantalk_executed // Return unchanged result if the submission was already tested.
2627
+ )
2628
+ return $is_spam;
2629
+
2630
+ $ct_temp = array();
2631
+ foreach($entry as $key => $value){
2632
+ if(is_numeric($key))
2633
+ $ct_temp[$key]=$value;
2634
+ } unset($key, $value);
2635
+
2636
+ $ct_temp_msg_data = ct_get_fields_any($ct_temp);
2637
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2638
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2639
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2640
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2641
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2642
+
2643
+ // Adding 'input_' to every field /Gravity Forms fix/
2644
+ $message = array_flip($message);
2645
+ foreach($message as &$value){
2646
+ $value = 'input_'.$value;
2647
+ } unset($value);
2648
+ $message = array_flip($message);
2649
+
2650
+ if($subject != '')
2651
+ $message['subject'] = $subject;
2652
+
2653
+ $checkjs = apbct_js_test('ct_checkjs', $_POST)
2654
+ ? apbct_js_test('ct_checkjs', $_POST)
2655
+ : apbct_js_test('ct_checkjs', $_COOKIE);
2656
+
2657
+ $base_call_result = apbct_base_call(
2658
+ array(
2659
+ 'message' => $message,
2660
+ 'sender_email' => $sender_email,
2661
+ 'sender_nickname' => $sender_nickname,
2662
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_gravity_forms'),
2663
+ 'js_on' => $checkjs,
2664
+ )
2665
+ );
2666
+
2667
+ $ct_result = $base_call_result['ct_result'];
2668
+ if ($ct_result->allow == 0) {
2669
+ $is_spam = true;
2670
+ $ct_gform_is_spam = true;
2671
+ $ct_gform_response = $ct_result->comment;
2672
+ }
2673
+
2674
+ return $is_spam;
2675
+ }
2676
+
2677
+ function apbct_form__gravityForms__showResponse( $confirmation, $form, $entry, $ajax ){
2678
+
2679
+ global $ct_gform_is_spam, $ct_gform_response;
2680
+
2681
+ if(!empty($ct_gform_is_spam)){
2682
+ $confirmation = '<a id="gf_'.$form['id'].'" class="gform_anchor" ></a><div id="gform_confirmation_wrapper_'.$form['id'].'" class="gform_confirmation_wrapper "><div id="gform_confirmation_message_'.$form['id'].'" class="gform_confirmation_message_'.$form['id'].' gform_confirmation_message"><font style="color: red">'.$ct_gform_response.'</font></div></div>';
2683
+ }
2684
+
2685
+ return $confirmation;
2686
+ }
2687
+
2688
+ /**
2689
+ * Test S2member registration
2690
+ * @return array with errors
2691
+ */
2692
+ function ct_s2member_registration_test($post_key) {
2693
+
2694
+ global $apbct;
2695
+
2696
+ if ($apbct->settings['registrations_test'] == 0) {
2697
+ return null;
2698
+ }
2699
+
2700
+ $sender_email = isset($_POST[$post_key]['email']) ? sanitize_email($_POST[$post_key]['email']) : null;
2701
+ $sender_nickname = isset($_POST[$post_key]['username']) ? sanitize_email($_POST[$post_key]['username']) : null;
2702
+
2703
+ //Making a call
2704
+ $base_call_result = apbct_base_call(
2705
+ array(
2706
+ 'sender_email' => $sender_email,
2707
+ 'sender_nickname' => $sender_nickname,
2708
+ ),
2709
+ true
2710
+ );
2711
+ $ct_result = $base_call_result['ct_result'];
2712
+
2713
+ if ($ct_result->allow == 0) {
2714
+ ct_die_extended($ct_result->comment);
2715
+ }
2716
+
2717
+ return true;
2718
+ }
2719
+
2720
+ /**
2721
+ * General test for any contact form
2722
+ */
2723
+ function ct_contact_form_validate() {
2724
+
2725
+ global $pagenow,$cleantalk_executed ,$apbct, $ct_checkjs_frm;
2726
+
2727
+ // Exclusios common function
2728
+ if ( apbct_base__check_exlusions(__FUNCTION__) )
2729
+ return null;
2730
+
2731
+ if (@sizeof($_POST)==0 ||
2732
+ (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2733
+ (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2734
+ (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2735
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'lostpassword') !== false) ||
2736
+ (strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!== false && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
2737
+ strpos($_SERVER['REQUEST_URI'],'wp-login.php')!==false||
2738
+ strpos($_SERVER['REQUEST_URI'],'wp-comments-post.php')!==false ||
2739
+ strpos($_SERVER['REQUEST_URI'],'?provider=facebook&')!==false ||
2740
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'/wp-admin/') !== false) ||
2741
+ strpos($_SERVER['REQUEST_URI'],'/login/')!==false ||
2742
+ strpos($_SERVER['REQUEST_URI'], '/my-account/edit-account/')!==false || // WooCommerce edit account page
2743
+ strpos($_SERVER['REQUEST_URI'], '/my-account/edit-address/')!==false || // WooCommerce edit account page
2744
+ (isset($_POST['action']) && $_POST['action'] == 'save_account_details') || // WooCommerce edit account action
2745
+ strpos($_SERVER['REQUEST_URI'], '/peepsoajax/profilefieldsajax.validate_register')!== false ||
2746
+ isset($_GET['ptype']) && $_GET['ptype']=='login' ||
2747
+ isset($_POST['ct_checkjs_register_form']) ||
2748
+ (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
2749
+ $apbct->settings['general_contact_forms_test'] == 0 ||
2750
+ isset($_POST['bbp_topic_content']) ||
2751
+ isset($_POST['bbp_reply_content']) ||
2752
+ isset($_POST['fscf_submitted']) ||
2753
+ strpos($_SERVER['REQUEST_URI'],'/wc-api/')!==false ||
2754
+ isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit']) ||
2755
+ isset($_POST[$ct_checkjs_frm]) && $apbct->settings['contact_forms_test'] == 1 ||// Formidable forms
2756
+ isset($_POST['comment_post_ID']) || // The comment form
2757
+ isset($_GET['for']) ||
2758
+ (isset($_POST['log'], $_POST['pwd'])) || //WooCommerce Sensei login form fix
2759
+ (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || // WooCommerce recovery password form
2760
+ ((isset($_POST['woocommerce-login-nonce']) || isset($_POST['_wpnonce'])) && isset($_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || // WooCommerce login form
2761
+ (isset($_POST['wc-api']) && strtolower($_POST['wc-api']) == 'wc_gateway_systempay') || // Woo Systempay payment plugin
2762
+ (isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) || //CF7 fix)
2763
+ (isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) ||//Mobile Assistant Connector fix
2764
+ isset($_POST['gform_submit']) || //Gravity form
2765
+ strpos($_SERVER['REQUEST_URI'], 'wc-ajax=get_refreshed_fragments') !== false ||
2766
+ (isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) ||
2767
+ (isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) ||
2768
+ (strpos($_SERVER['REQUEST_URI'], 'bizuno.php') && !empty($_POST['bizPass'])) ||
2769
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'my-dashboard/') !== false) || // ticket_id=7885
2770
+ isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) || // ticket_id=9122
2771
+ (isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') || // WPForms
2772
+ (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') || // JetPack
2773
+ (isset($_POST['action']) && $_POST['action'] == 'bbp-update-user') || //BBP update user info page
2774
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'?wc-api=WC_Gateway_Transferuj') !== false) || //WC Gateway
2775
+ (isset($_GET['mbr'], $_GET['amp;appname'], $_GET['amp;master'])) || // ticket_id=10773
2776
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'lost-password') !== false) || //Skip lost-password form check
2777
+ (isset($_POST['call_function']) && $_POST['call_function'] == 'push_notification_settings') || // Skip mobile requests (push settings)
2778
+ (strpos($_SERVER['REQUEST_URI'],'membership-login')!==false ) || // Skip login form
2779
+ (isset($_GET['cookie-state-change'])) || //skip GDPR plugin
2780
+ (isset($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] == 'MailChimp' && strpos($_SERVER['REQUEST_URI'], 'mc4wp-sync-api/webhook-listener') !== false) || // Mailchimp webhook skip
2781
+ (strpos($_SERVER['REQUEST_URI'],'researcher-log-in')!==false ) || // Skip login form
2782
+ (strpos($_SERVER['REQUEST_URI'],'admin_aspcms/_system/AspCms_SiteSetting.asp?action=saves')!==false ) || // Skip admin save callback
2783
+ (strpos($_SERVER['REQUEST_URI'],'?profile_tab=postjobs')!==false ) || // Skip post vacancies
2784
+ (isset($_POST['btn_insert_post_type_hotel']) && $_POST['btn_insert_post_type_hotel'] == 'SUBMIT HOTEL') || // Skip adding hotel
2785
+ (isset($_POST['action']) && $_POST['action'] == 'updraft_savesettings') || // Updraft save settings
2786
+ isset($_POST['quform_submit']) //QForms multi-paged form skip
2787
+ ) {
2788
+ return null;
2789
+ }
2790
+
2791
+ // Do not execute anti-spam test for logged in users.
2792
+ if (isset($_COOKIE[LOGGED_IN_COOKIE]) && $apbct->settings['protect_logged_in'] != 1)
2793
+ return null;
2794
+
2795
+ $post_info['comment_type'] = 'feedback_general_contact_form';
2796
+
2797
+ // Skip the test if it's WooCommerce and the checkout test unset
2798
+ if(strpos($_SERVER['REQUEST_URI'], 'wc-ajax=checkout') !== false ||
2799
+ strpos($_SERVER['REQUEST_URI'], 'wc-ajax=update_order_review') !== false ||
2800
+ (isset($_POST['_wp_http_referer']) && strpos($_SERVER['REQUEST_URI'], 'wc-ajax=update_order_review') !== false) ||
2801
+ !empty($_POST['woocommerce_checkout_place_order']) ||
2802
+ strpos($_SERVER['REQUEST_URI'], 'wc-ajax=wc_ppec_start_checkout') !== false
2803
+ ){
2804
+ $post_info['comment_type'] = 'order';
2805
+ if($apbct->settings['wc_checkout_test'] == 0){
2806
+ if ( $apbct->settings['wc_register_from_order'] == 1 && ! is_user_logged_in() ) {
2807
+ $post_info['comment_type'] = 'wc_register_from_order';
2808
+ } else {
2809
+ remove_filter('woocommerce_register_post', 'ct_register_post', 1 );
2810
+ return null;
2811
+ }
2812
+ }
2813
+ }
2814
+
2815
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
2816
+
2817
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2818
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2819
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2820
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2821
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2822
+ if ($subject != '') {
2823
+ $message = array_merge(array('subject' => $subject), $message);
2824
+ }
2825
+
2826
+ // Skip submission if no data found
2827
+ if ($sender_email === ''|| !$contact_form) {
2828
+ return false;
2829
+ }
2830
+ $cleantalk_executed=true;
2831
+
2832
+ if(isset($_POST['TellAFriend_Link'])){
2833
+ $tmp = $_POST['TellAFriend_Link'];
2834
+ unset($_POST['TellAFriend_Link']);
2835
+ }
2836
+
2837
+ $base_call_result = apbct_base_call(
2838
+ array(
2839
+ 'message' => $message,
2840
+ 'sender_email' => $sender_email,
2841
+ 'sender_nickname' => $sender_nickname,
2842
+ 'post_info' => $post_info,
2843
+ )
2844
+ );
2845
+
2846
+ if(isset($_POST['TellAFriend_Link'])){
2847
+ $_POST['TellAFriend_Link']=$tmp;
2848
+ }
2849
+
2850
+ $ct_result = $base_call_result['ct_result'];
2851
+ if ($ct_result->allow == 0) {
2852
+
2853
+ // Recognize contact form an set it's name to $contact_form to use later
2854
+ $contact_form = null;
2855
+ foreach($_POST as $param => $value){
2856
+ if(strpos($param, 'et_pb_contactform_submit') === 0){
2857
+ $contact_form = 'contact_form_divi_theme';
2858
+ $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
2859
+ }
2860
+ if(strpos($param, 'avia_generated_form') === 0){
2861
+ $contact_form = 'contact_form_enfold_theme';
2862
+ $contact_form_additional = str_replace('avia_generated_form', '', $param);
2863
+ }
2864
+ if(!empty($contact_form))
2865
+ break;
2866
+ }
2867
+
2868
+ $ajax_call = false;
2869
+ if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
2870
+ ) {
2871
+ $ajax_call = true;
2872
+ }
2873
+ if ($ajax_call) {
2874
+ echo $ct_result->comment;
2875
+ } else {
2876
+
2877
+ global $ct_comment;
2878
+ $ct_comment = $ct_result->comment;
2879
+ if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add'){
2880
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
2881
+ header("Content-Type: application/json");
2882
+ print json_encode($result);
2883
+ die();
2884
+
2885
+ }else if(isset($_POST['TellAFriend_email'])){
2886
+ echo $ct_result->comment;
2887
+ die();
2888
+
2889
+ }else if(isset($_POST['gform_submit'])){ // Gravity forms submission
2890
+ $response = sprintf("<!DOCTYPE html><html><head><meta charset='UTF-8' /></head><body class='GF_AJAX_POSTBACK'><div id='gform_confirmation_wrapper_1' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_1' class='gform_confirmation_message_1
2891
+ gform_confirmation_message'>%s</div></div></body></html>",
2892
+ $ct_result->comment
2893
+ );
2894
+ echo $response;
2895
+ die();
2896
+
2897
+ }elseif(isset($_POST['_wp_http_referer']) && strpos($_POST['_wp_http_referer'],'wc-ajax=update_order_review')){ //WooCommerce checkout ("Place Oreder button")
2898
+ $result = Array(
2899
+ 'result' => 'failure',
2900
+ 'messages' => "<ul class=\"woocommerce-error\"><li>".$ct_result->comment."</li></ul>",
2901
+ 'refresh' => 'false',
2902
+ 'reload' => 'false'
2903
+ );
2904
+ print json_encode($result);
2905
+ die();
2906
+
2907
+ }elseif(isset($_POST['action']) && $_POST['action'] == 'ct_check_internal'){
2908
+ return $ct_result->comment;
2909
+
2910
+ }elseif(isset($_POST['vfb-submit']) && defined('VFB_VERSION')){
2911
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
2912
+ // Caldera Contact Forms
2913
+ }elseif(isset($_POST['action']) && $_POST['action'] == 'cf_process_ajax_submit'){
2914
+ print json_encode("<h3 style='color: red;'><red>".$ct_result->comment);
2915
+ die();
2916
+ // Mailster
2917
+ }elseif(isset($_POST['_referer'], $_POST['formid'], $_POST['email'])){
2918
+ $return = array(
2919
+ 'success' => false,
2920
+ 'html' => '<p>' . $ct_result->comment . '</p>',
2921
+ );
2922
+ print json_encode($return);
2923
+ die();
2924
+ // Divi Theme Contact Form. Using $contact_form
2925
+ }elseif(!empty($contact_form) && $contact_form == 'contact_form_divi_theme'){
2926
+ echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
2927
+ die();
2928
+ // Enfold Theme Contact Form. Using $contact_form
2929
+ }elseif(!empty($contact_form) && $contact_form == 'contact_form_enfold_theme'){
2930
+ echo "<div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1' style='display: block;'><div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1'><h3 class='avia-form-success'>Antispam by CleanTalk: ".$ct_result->comment."</h3><a href='.'><-Back</a></div></div>";
2931
+ die();
2932
+ }else{
2933
+ ct_die(null, null);
2934
+ }
2935
+ }
2936
+ exit;
2937
+ }
2938
+
2939
+ return null;
2940
+ }
2941
+
2942
+ /**
2943
+ * General test for any post data
2944
+ */
2945
+ function ct_contact_form_validate_postdata() {
2946
+
2947
+ global $apbct, $pagenow,$cleantalk_executed;
2948
+
2949
+ // Exclusios common function
2950
+ if ( apbct_base__check_exlusions(__FUNCTION__) )
2951
+ return null;
2952
+
2953
+ if (@sizeof($_POST)==0 ||
2954
+ (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2955
+ (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2956
+ (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2957
+ strpos($_SERVER['REQUEST_URI'],'/checkout/')!==false ||
2958
+ /* WooCommerce Service Requests - skip them */
2959
+ isset($_GET['wc-ajax']) && (
2960
+ $_GET['wc-ajax']=='checkout' ||
2961
+ $_GET['wc-ajax']=='get_refreshed_fragments' ||
2962
+ $_GET['wc-ajax']=='apply_coupon' ||
2963
+ $_GET['wc-ajax']=='remove_coupon' ||
2964
+ $_GET['wc-ajax']=='update_shipping_method' ||
2965
+ $_GET['wc-ajax']=='get_cart_totals' ||
2966
+ $_GET['wc-ajax']=='update_order_review' ||
2967
+ $_GET['wc-ajax']=='add_to_cart' ||
2968
+ $_GET['wc-ajax']=='remove_from_cart' ||
2969
+ $_GET['wc-ajax']=='get_variation' ||
2970
+ $_GET['wc-ajax']=='get_customer_location'
2971
+ ) ||
2972
+ /* END: WooCommerce Service Requests */
2973
+ strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false ||
2974
+ strpos($_SERVER['REQUEST_URI'],'wp-login.php')!==false||
2975
+ strpos($_SERVER['REQUEST_URI'],'wp-comments-post.php')!==false ||
2976
+ @strpos($_SERVER['HTTP_REFERER'],'/wp-admin/')!==false ||
2977
+ strpos($_SERVER['REQUEST_URI'],'/login/')!==false||
2978
+ strpos($_SERVER['REQUEST_URI'],'?provider=facebook&')!==false ||
2979
+ isset($_GET['ptype']) && $_GET['ptype']=='login' ||
2980
+ isset($_POST['ct_checkjs_register_form']) ||
2981
+ (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
2982
+ $apbct->settings['general_contact_forms_test']==0 ||
2983
+ isset($_POST['bbp_topic_content']) ||
2984
+ isset($_POST['bbp_reply_content']) ||
2985
+ isset($_POST['fscf_submitted']) ||
2986
+ isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit'])||
2987
+ strpos($_SERVER['REQUEST_URI'],'/wc-api/')!==false ||
2988
+ (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || //WooCommerce recovery password form
2989
+ (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || //WooCommerce login form
2990
+ (isset($_POST['provider'], $_POST['authcode']) && $_POST['provider'] == 'Two_Factor_Totp') || //TwoFactor authorization
2991
+ (isset($_GET['wc-ajax']) && $_GET['wc-ajax'] == 'sa_wc_buy_now_get_ajax_buy_now_button') || //BuyNow add to cart
2992
+ strpos($_SERVER['REQUEST_URI'],'/wp-json/wpstatistics/v1/hit')!==false || //WPStatistics
2993
+ (isset($_POST['ihcaction']) && $_POST['ihcaction'] == 'login') || //Skip login form
2994
+ (isset($_POST['action']) && $_POST['action'] == 'infinite_scroll') //Scroll
2995
+ ) {
2996
+ return null;
2997
+ }
2998
+
2999
+ $message = ct_get_fields_any_postdata($_POST);
3000
+
3001
+ // ???
3002
+ if(strlen(json_encode($message))<10)
3003
+ return null;
3004
+
3005
+ // Skip if request contains params
3006
+ $skip_params = array(
3007
+ 'ipn_track_id', // PayPal IPN #
3008
+ 'txn_type', // PayPal transaction type
3009
+ 'payment_status', // PayPal payment status
3010
+ );
3011
+ foreach($skip_params as $key=>$value){
3012
+ if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
3013
+ return null;
3014
+ }
3015
+
3016
+ $base_call_result = apbct_base_call(
3017
+ array(
3018
+ 'message' => $message,
3019
+ 'post_info' => array('comment_type' => 'feedback_general_postdata'),
3020
+ )
3021
+ );
3022
+
3023
+ $cleantalk_executed=true;
3024
+
3025
+ $ct_result = $base_call_result['ct_result'];
3026
+
3027
+ if ($ct_result->allow == 0) {
3028
+
3029
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
3030
+ global $ct_comment;
3031
+ $ct_comment = $ct_result->comment;
3032
+ if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add')
3033
+ {
3034
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3035
+ header("Content-Type: application/json");
3036
+ print json_encode($result);
3037
+ die();
3038
+ }
3039
+ else
3040
+ {
3041
+ ct_die(null, null);
3042
+ }
3043
+ } else {
3044
+ echo $ct_result->comment;
3045
+ }
3046
+ exit;
3047
+ }
3048
+
3049
+ return null;
3050
+ }
3051
+
3052
+
3053
+ /**
3054
+ * Inner function - Finds and returns pattern in string
3055
+ * @return null|bool
3056
+ */
3057
+ function ct_get_data_from_submit($value = null, $field_name = null) {
3058
+ if (!$value || !$field_name || !is_string($value)) {
3059
+ return false;
3060
+ }
3061
+ if (preg_match("/[a-z0-9_\-]*" . $field_name. "[a-z0-9_\-]*$/", $value)) {
3062
+ return true;
3063
+ }
3064
+ }
3065
+
3066
+ /**
3067
+ * Sends error notice to admin
3068
+ * @return null
3069
+ */
3070
+ function ct_send_error_notice ($comment = '') {
3071
+ global $ct_admin_notoice_period, $apbct;
3072
+
3073
+ $timelabel_reg = intval( get_option('cleantalk_timelabel_reg') );
3074
+ if(time() - $ct_admin_notoice_period > $timelabel_reg){
3075
+ update_option('cleantalk_timelabel_reg', time());
3076
+
3077
+ $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3078
+ $message = __('Attention, please!', 'cleantalk') . "\r\n\r\n";
3079
+ $message .= sprintf(__('"%s" plugin error on your site "%s":', 'cleantalk'), $apbct->plugin_name, $blogname) . "\r\n\r\n";
3080
+ $message .= preg_replace('/^(.*?)<a.*?"(.*?)".*?>(.*?)<.a>(.*)$/', '$1. $3: $2?user_token='. $apbct->user_token .' $4', $comment) . "\r\n\r\n";
3081
+ @wp_mail(ct_get_admin_email(), sprintf(__('[%s] "%s" error!', 'cleantalk'), $apbct->plugin_name, $blogname), $message);
3082
+ }
3083
+
3084
+ return null;
3085
+ }
3086
+
3087
+ function ct_print_form($arr, $k)
3088
+ {
3089
+ foreach($arr as $key => $value){
3090
+ if(!is_array($value)){
3091
+ if($k == ''){
3092
+ print '<textarea name="' . $key . '" style="display:none;">' . htmlspecialchars($value) . '</textarea>';
3093
+ }else{
3094
+ print '<textarea name="' . $k . '[' . $key . ']" style="display:none;">' . htmlspecialchars($value) . '</textarea>';
3095
+ }
3096
+ }else{
3097
+ if($k == ''){
3098
+ ct_print_form($value, $key);
3099
+ }else{
3100
+ ct_print_form($value, $k . '[' . $key . ']');
3101
+ }
3102
+ }
3103
+ }
3104
+ }
3105
+
3106
+ /**
3107
+ * Attaches public scripts and styles.
3108
+ */
3109
+ function ct_enqueue_scripts_public($hook){
3110
+
3111
+ global $current_user, $apbct;
3112
+
3113
+ if($apbct->settings['registrations_test'] || $apbct->settings['comments_test'] || $apbct->settings['contact_forms_test'] || $apbct->settings['general_contact_forms_test'] || $apbct->settings['wc_checkout_test'] || $apbct->settings['check_external'] || $apbct->settings['check_internal'] || $apbct->settings['bp_private_messages'] || $apbct->settings['general_postdata_test']){
3114
+
3115
+ // Differnt JS params
3116
+ wp_enqueue_script('ct_public', APBCT_URL_PATH.'/js/apbct-public.min.js', array('jquery'), APBCT_VERSION, false /*in header*/);
3117
+
3118
+ wp_localize_script('ct_public', 'ctPublic', array(
3119
+ '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
3120
+ '_ajax_url' => admin_url('admin-ajax.php'),
3121
+ ));
3122
+
3123
+ // GDPR script
3124
+ if($apbct->settings['gdpr_enabled']){
3125
+
3126
+ wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.min.js', array('jquery', 'ct_public'), APBCT_VERSION, false /*in header*/);
3127
+
3128
+ wp_localize_script('ct_public_gdpr', 'ctPublicGDPR', array(
3129
+ 'gdpr_forms' => array(),
3130
+ 'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk'),
3131
+ ));
3132
+ }
3133
+
3134
+ }
3135
+
3136
+ if(!defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') || (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') && CLEANTALK_AJAX_USE_FOOTER_HEADER)){
3137
+ if($apbct->settings['use_ajax'] && stripos($_SERVER['REQUEST_URI'],'.xml') === false && stripos($_SERVER['REQUEST_URI'],'.xsl') === false){
3138
+ if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
3139
+
3140
+ // Use AJAX for JavaScript check
3141
+ if($apbct->settings['use_ajax']){
3142
+
3143
+ wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/js/cleantalk_nocache.min.js'), array(), APBCT_VERSION, false /*in header*/);
3144
+
3145
+ wp_localize_script('ct_nocache', 'ctNocache', array(
3146
+ 'ajaxurl' => admin_url('admin-ajax.php'),
3147
+ 'info_flag' => $apbct->settings['collect_details'] && $apbct->settings['set_cookies'] ? true : false,
3148
+ 'set_cookies_flag' => $apbct->settings['set_cookies'] ? false : true,
3149
+ 'blog_home' => get_home_url().'/',
3150
+ ));
3151
+ }
3152
+
3153
+ // External forms check
3154
+ if($apbct->settings['check_external'])
3155
+ wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/js/cleantalk_external.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3156
+
3157
+ // Internal forms check
3158
+ if($apbct->settings['check_internal'])
3159
+ wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/js/cleantalk_internal.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3160
+
3161
+ }
3162
+ }
3163
+ }
3164
+
3165
+ // Show controls for commentaies
3166
+ if(in_array("administrator", $current_user->roles)){
3167
+
3168
+ if($apbct->settings['show_check_links']){
3169
+
3170
+ $ajax_nonce = wp_create_nonce( "ct_secret_nonce" );
3171
+
3172
+ wp_enqueue_style ('ct_public_admin_css', plugins_url('/cleantalk-spam-protect/css/cleantalk-public-admin.min.css'), array(), APBCT_VERSION, 'all');
3173
+ wp_enqueue_script('ct_public_admin_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-public-admin.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3174
+
3175
+ wp_localize_script('ct_public_admin_js', 'ctPublicAdmin', array(
3176
+ 'ct_ajax_nonce' => $ajax_nonce,
3177
+ 'ajaxurl' => admin_url('admin-ajax.php'),
3178
+ 'ct_feedback_error' => __('Error occured while sending feedback.', 'cleantalk'),
3179
+ 'ct_feedback_no_hash' => __('Feedback wasn\'t sent. There is no associated request.', 'cleantalk'),
3180
+ 'ct_feedback_msg' => sprintf(__("Feedback has been sent to %sCleanTalk Dashboard%s.", 'cleantalk'), $apbct->user_token ? "<a target='_blank' href=https://cleantalk.org/my/show_requests?user_token={$apbct->user_token}&cp_mode=antispam>" : '', $apbct->user_token ? "</a>" : ''),
3181
+ ));
3182
+
3183
+ }
3184
+ }
3185
+
3186
+ // Debug
3187
+ if($apbct->settings['debug_ajax']){
3188
+ wp_enqueue_script('ct_debug_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-debug-ajax.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3189
+
3190
+ wp_localize_script('ct_debug_js', 'apbctDebug', array(
3191
+ 'reload' => false,
3192
+ 'reload_time' => 10000,
3193
+ ));
3194
+ }
3195
+ }
3196
+
3197
+ /**
3198
+ * Reassign callbackback function for the bootom of comment output.
3199
+ */
3200
+ function ct_wp_list_comments_args($options){
3201
+
3202
+ global $current_user, $apbct;
3203
+
3204
+ if(in_array("administrator", $current_user->roles))
3205
+ if($apbct->settings['show_check_links'])
3206
+ $options['end-callback'] = 'ct_comments_output';
3207
+
3208
+ return $options;
3209
+ }
3210
+
3211
+ /**
3212
+ * Callback function for the bootom comment output.
3213
+ */
3214
+ function ct_comments_output($curr_comment, $param2, $wp_list_comments_args){
3215
+
3216
+ $email = $curr_comment->comment_author_email;
3217
+ $ip = $curr_comment->comment_author_IP;
3218
+ $id = $curr_comment->comment_ID;
3219
+
3220
+ $settings_link = '/wp-admin/'.(is_network_admin() ? "settings.php?page=cleantalk" : "options-general.php?page=cleantalk");
3221
+
3222
+ echo "<div class='ct_comment_info'><div class ='ct_comment_titles'>";
3223
+ echo "<p class='ct_comment_info_title'>".__('Sender info', 'cleantalk')."</p>";
3224
+
3225
+ echo "<p class='ct_comment_logo_title'>
3226
+ ".__('by', 'cleantalk')
3227
+ ." <a href='{$settings_link}' target='_blank'><img class='ct_comment_logo_img' src='".plugins_url()."/cleantalk-spam-protect/inc/images/logo_color.png'></a>"
3228
+ ." <a href='{$settings_link}' target='_blank'>CleanTalk</a>"
3229
+ ."</p></div>";
3230
+ // Outputs email if exists
3231
+ if($email)
3232
+ echo "<a href='https://cleantalk.org/blacklists/$email' target='_blank' title='https://cleantalk.org/blacklists/$email'>"
3233
+ ."$email"
3234
+ ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3235
+ ."</a>";
3236
+ else
3237
+ echo __('No email', 'cleantalk');
3238
+ echo "&nbsp;|&nbsp;";
3239
+
3240
+ // Outputs IP if exists
3241
+ if($ip)
3242
+ echo "<a href='https://cleantalk.org/blacklists/$ip' target='_blank' title='https://cleantalk.org/blacklists/$ip'>"
3243
+ ."$ip"
3244
+ ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3245
+ ."</a>";
3246
+ else
3247
+ echo __('No IP', 'cleantalk');
3248
+ echo '&nbsp;|&nbsp;';
3249
+
3250
+ echo "<span commentid='$id' class='ct_this_is ct_this_is_spam' href='#'>".__('Mark as spam', 'cleantalk')."</span>";
3251
+ echo "<span commentid='$id' class='ct_this_is ct_this_is_not_spam ct_hidden' href='#'>".__('Unspam', 'cleantalk')."</span>";
3252
+ echo "<p class='ct_feedback_wrap'>";
3253
+ echo "<span class='ct_feedback_result ct_feedback_result_spam'>".__('Marked as spam.', 'cleantalk')."</span>";
3254
+ echo "<span class='ct_feedback_result ct_feedback_result_not_spam'>".__('Marked as not spam.', 'cleantalk')."</span>";
3255
+ echo "&nbsp;<span class='ct_feedback_msg'><span>";
3256
+ echo "</p>";
3257
+
3258
+ echo "</div>";
3259
+
3260
+ // Ending comment output
3261
+ echo "</{$wp_list_comments_args['style']}>";
3262
+ }
3263
+
3264
+ /**
3265
+ * Callback function for the bootom comment output.
3266
+ *
3267
+ * attrs = array()
3268
+ */
3269
+ function apbct_shrotcode_handler__GDPR_public_notice__form( $attrs ){
3270
+
3271
+ $out = '';
3272
+
3273
+ if(isset($attrs['id']))
3274
+ $out .= 'ctPublicGDPR.gdpr_forms.push("'.$attrs['id'].'");';
3275
+
3276
+ if(isset($attrs['text']))
3277
+ $out .= 'ctPublicGDPR.gdpr_text = "'.$attrs['text'].'";';
3278
+
3279
+ $out = '<script>'.$out.'</script>';
3280
+ return $out;
3281
+ }
3282
+
3283
+ /**
3284
+ * Filters the 'status' array before register the user
3285
+ * using only by WICITY theme
3286
+ *
3287
+ * @param $success array array( 'status' => 'success' )
3288
+ * @param $data array ['username'] ['password'] ['email']
3289
+ * @return array array( 'status' => 'error' ) or array( 'status' => 'success' ) by default
3290
+ */
3291
+ function apbct_wilcity_reg_validation( $success, $data ) {
3292
+ $check = ct_test_registration( $data['username'], $data['email'], '' );
3293
+ if( $check['allow'] == 0 ) {
3294
+ return array( 'status' => 'error' );
3295
+ }
3296
+ return $success;
3297
+ }
 
 
 
 
 
 
 
 
 
inc/cleantalk-settings.php CHANGED
@@ -188,7 +188,7 @@ function apbct_settings__add_page() {
188
  ),
189
  'check_comments_number' => array(
190
  'title' => __("Don't check trusted user's comments", 'cleantalk'),
191
- 'description' => sprintf(__("Don't check comments for users with above % comments.", 'cleantalk'), defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3),
192
  ),
193
  'remove_old_spam' => array(
194
  'title' => __('Automatically delete spam comments', 'cleantalk'),
@@ -350,6 +350,7 @@ function apbct_settings__add_page() {
350
  ),
351
  ),
352
  );
 
353
 
354
  foreach($apbct->settings_fields_in_groups as $group_name => $group){
355
 
@@ -459,12 +460,12 @@ function apbct_settings_page() {
459
  }
460
  if(!$apbct->white_label){
461
  // CP button
462
- echo '<a class="cleantalk_manual_link" target="__blank" href="https://cleantalk.org/my?user_token='.$apbct->user_token.'&cp_mode=antispam">'
463
  .__('Click here to get anti-spam statistics', 'cleantalk')
464
  .'</a>';
465
  echo '&nbsp;&nbsp;';
466
  // Support button
467
- echo '<a class="cleantalk_auto_link" target="__blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">'.__('Support', 'cleantalk').'</a>';
468
  echo '<br>'
469
  .'<br>';
470
  }
@@ -485,7 +486,7 @@ function apbct_settings_page() {
485
  }
486
 
487
  echo '<br>';
488
- echo '<button name="submit" class="cleantalk_manual_link" value="save_changes">'.__('Save Changes').'</button>';
489
 
490
  echo "</form>";
491
 
@@ -701,7 +702,7 @@ function apbct_settings__field__api_key(){
701
 
702
  // Auto get key
703
  if(!$apbct->ip_license){
704
- echo '<button id="apbct_setting_get_key_auto" name="submit" type="submit" class="cleantalk_manual_link" value="get_key_auto"'
705
  // . 'title="'
706
  // .sprintf(__('Admin e-mail (%s) will be used to get access key if you want to use another email, click on Get Access Key Manually.', 'cleantalk'),
707
  // ct_get_admin_email()
@@ -852,7 +853,7 @@ function apbct_settings__field__statistics() {
852
  echo '<br/>';
853
  echo '<button'
854
  . ' name="submit"'
855
- . ' class="cleantalk_manual_link"'
856
  . ' value="ct_send_connection_report"'
857
  . (!$apbct->settings['send_connection_reports'] ? ' disabled="disabled"' : '')
858
  . '>'
@@ -1060,7 +1061,7 @@ function apbct_settings__validate($settings) {
1060
  if(!$apbct->white_label)
1061
  $apbct->error_add('key_get', $result);
1062
  else
1063
- $apbct->error_add('key_get', $result['error'] . ' <button id="apbct_setting_get_key_auto" name="submit" type="submit" class="cleantalk_manual_link" value="get_key_auto">'.__('Get access key automatically', 'cleantalk').'</button>'.'<input type="hidden" id="ct_admin_timezone" name="ct_admin_timezone" value="null" />');
1064
  return $settings;
1065
  }
1066
  }
188
  ),
189
  'check_comments_number' => array(
190
  'title' => __("Don't check trusted user's comments", 'cleantalk'),
191
+ 'description' => sprintf(__("Don't check comments for users with above %d comments.", 'cleantalk'), defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3),
192
  ),
193
  'remove_old_spam' => array(
194
  'title' => __('Automatically delete spam comments', 'cleantalk'),
350
  ),
351
  ),
352
  );
353
+ error_log(var_export(defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3, true));
354
 
355
  foreach($apbct->settings_fields_in_groups as $group_name => $group){
356
 
460
  }
461
  if(!$apbct->white_label){
462
  // CP button
463
+ echo '<a class="cleantalk_link cleantalk_link-manual" target="__blank" href="https://cleantalk.org/my?user_token='.$apbct->user_token.'&cp_mode=antispam">'
464
  .__('Click here to get anti-spam statistics', 'cleantalk')
465
  .'</a>';
466
  echo '&nbsp;&nbsp;';
467
  // Support button
468
+ echo '<a class="cleantalk_link cleantalk_link-auto" target="__blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">'.__('Support', 'cleantalk').'</a>';
469
  echo '<br>'
470
  .'<br>';
471
  }
486
  }
487
 
488
  echo '<br>';
489
+ echo '<button name="submit" class="cleantalk_link cleantalk_link-manual" value="save_changes">'.__('Save Changes').'</button>';
490
 
491
  echo "</form>";
492
 
702
 
703
  // Auto get key
704
  if(!$apbct->ip_license){
705
+ echo '<button id="apbct_setting_get_key_auto" name="submit" type="submit" class="cleantalk_link cleantalk_link-manual" value="get_key_auto"'
706
  // . 'title="'
707
  // .sprintf(__('Admin e-mail (%s) will be used to get access key if you want to use another email, click on Get Access Key Manually.', 'cleantalk'),
708
  // ct_get_admin_email()
853
  echo '<br/>';
854
  echo '<button'
855
  . ' name="submit"'
856
+ . ' class="cleantalk_link cleantalk_link-manual"'
857
  . ' value="ct_send_connection_report"'
858
  . (!$apbct->settings['send_connection_reports'] ? ' disabled="disabled"' : '')
859
  . '>'
1061
  if(!$apbct->white_label)
1062
  $apbct->error_add('key_get', $result);
1063
  else
1064
+ $apbct->error_add('key_get', $result['error'] . ' <button id="apbct_setting_get_key_auto" name="submit" type="submit" class="cleantalk_link cleantalk_link-manual" value="get_key_auto">'.__('Get access key automatically', 'cleantalk').'</button>'.'<input type="hidden" id="ct_admin_timezone" name="ct_admin_timezone" value="null" />');
1065
  return $settings;
1066
  }
1067
  }
inc/cleantalk-updater.php CHANGED
@@ -285,4 +285,15 @@ function apbct_update_to_5_124_0(){
285
  // Deleting error in database because format were changed
286
  $apbct->errors = array();
287
  $apbct->saveErrors();
 
 
 
 
 
 
 
 
 
 
 
288
  }
285
  // Deleting error in database because format were changed
286
  $apbct->errors = array();
287
  $apbct->saveErrors();
288
+ }
289
+
290
+ function apbct_update_to_5_126_0(){
291
+
292
+ // Enable storing URLs
293
+ global $apbct;
294
+ $apbct->settings['store_urls'] = 1;
295
+ $apbct->settings['store_urls__sessions'] = 1;
296
+ $apbct->saveSettings();
297
+
298
+
299
  }
inc/cleantalk-users.php CHANGED
@@ -404,12 +404,14 @@ function ct_ajax_check_users(){
404
 
405
  // Opening CSV file
406
  $current_user = wp_get_current_user();
407
- $filename = WP_PLUGIN_DIR."/cleantalk-spam-protect/check-results/user_check_by_{$current_user->user_login}.csv";
408
- $text = "";
 
 
409
 
410
  if(isset($_POST['new_check']) && $_POST['new_check'] == 'true'){
411
  $file_desc = fopen($filename, 'w');
412
- $text .= "login,email,ip".PHP_EOL;
413
  }else
414
  $file_desc = fopen($filename, 'a+');
415
  // End of Opening CSV
@@ -448,8 +450,10 @@ function ct_ajax_check_users(){
448
  }
449
 
450
  }
451
- fwrite($file_desc, $text);
452
- fclose($file_desc);
 
 
453
  print json_encode($check_result);
454
  }else{
455
  $check_result['error'] = 1;
404
 
405
  // Opening CSV file
406
  $current_user = wp_get_current_user();
407
+ if(!is_dir(APBCT_DIR_PATH .'/check-results/'))
408
+ mkdir(APBCT_DIR_PATH .'/check-results');
409
+ $filename = APBCT_DIR_PATH ."/check-results/user_check_by_{$current_user->user_nicename}.csv";
410
+ $text = '';
411
 
412
  if(isset($_POST['new_check']) && $_POST['new_check'] == 'true'){
413
  $file_desc = fopen($filename, 'w');
414
+ $text .= 'login,email,ip'.PHP_EOL;
415
  }else
416
  $file_desc = fopen($filename, 'a+');
417
  // End of Opening CSV
450
  }
451
 
452
  }
453
+ if($file_desc){
454
+ fwrite($file_desc, $text);
455
+ fclose($file_desc);
456
+ }
457
  print json_encode($check_result);
458
  }else{
459
  $check_result['error'] = 1;
lib/Cleantalk/Antispam/API.php ADDED
@@ -0,0 +1,774 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace Cleantalk\Antispam;
4
+
5
+ /**
6
+ * CleanTalk API class.
7
+ * Mostly contains wrappers for API methods. Check and send mehods.
8
+ * Compatible with any CMS.
9
+ *
10
+ * @version 3.2
11
+ * @author Cleantalk team (welcome@cleantalk.org)
12
+ * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
13
+ * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
14
+ * @see https://github.com/CleanTalk/php-antispam
15
+ */
16
+ class API
17
+ {
18
+ /* Default params */
19
+ const URL = 'https://api.cleantalk.org';
20
+ const AGENT = 'ct-api-3.2';
21
+
22
+ /**
23
+ * Wrapper for 2s_blacklists_db API method.
24
+ * Gets data for SpamFireWall.
25
+ *
26
+ * @param string $api_key
27
+ * @param null|string $out Data output type (JSON or file URL)
28
+ * @param boolean $do_check
29
+ *
30
+ * @return mixed|string|array('error' => STRING)
31
+ */
32
+ static public function method__get_2s_blacklists_db($api_key, $out = null, $do_check = true)
33
+ {
34
+ $request = array(
35
+ 'method_name' => '2s_blacklists_db',
36
+ 'auth_key' => $api_key,
37
+ 'out' => $out,
38
+ );
39
+
40
+ $result = static::send_request($request);
41
+ $result = $do_check ? static::check_response($result, '2s_blacklists_db') : $result;
42
+
43
+ return $result;
44
+ }
45
+
46
+ /**
47
+ * Wrapper for get_api_key API method.
48
+ * Gets access key automatically.
49
+ *
50
+ * @param string $product_name Type of product
51
+ * @param string $email Website admin email
52
+ * @param string $website Website host
53
+ * @param string $platform Website platform
54
+ * @param string|null $timezone
55
+ * @param string|null $language
56
+ * @param string|null $user_ip
57
+ * @param bool $wpms
58
+ * @param bool $white_label
59
+ * @param string $hoster_api_key
60
+ * @param bool $do_check
61
+ *
62
+ * @return array|bool|mixed
63
+ */
64
+ static public function method__get_api_key($product_name, $email, $website, $platform, $timezone = null, $language = null, $user_ip = null, $wpms = false, $white_label = false, $hoster_api_key = '', $do_check = true)
65
+ {
66
+ $request = array(
67
+ 'method_name' => 'get_api_key',
68
+ 'product_name' => $product_name,
69
+ 'email' => $email,
70
+ 'website' => $website,
71
+ 'platform' => $platform,
72
+ 'timezone' => $timezone,
73
+ 'http_accept_language' => $language,
74
+ 'user_ip' => $user_ip,
75
+ 'wpms_setup' => $wpms,
76
+ 'hoster_whitelabel' => $white_label,
77
+ 'hoster_api_key' => $hoster_api_key,
78
+ );
79
+
80
+ $result = static::send_request($request);
81
+ $result = $do_check ? static::check_response($result, 'get_api_key') : $result;
82
+
83
+ return $result;
84
+ }
85
+
86
+ /**
87
+ * Wrapper for get_antispam_report API method.
88
+ * Gets spam report.
89
+ *
90
+ * @param string $host website host
91
+ * @param integer $period report days
92
+ * @param boolean $do_check
93
+ *
94
+ * @return array|bool|mixed
95
+ */
96
+ static public function method__get_antispam_report($host, $period = 1, $do_check = true)
97
+ {
98
+ $request = Array(
99
+ 'method_name' => 'get_antispam_report',
100
+ 'hostname' => $host,
101
+ 'period' => $period
102
+ );
103
+
104
+ $result = static::send_request($request);
105
+ $result = $do_check ? static::check_response($result, 'get_antispam_report') : $result;
106
+
107
+ return $result;
108
+ }
109
+
110
+ /**
111
+ * Wrapper for get_antispam_report_breif API method.
112
+ * Ggets spam statistics.
113
+ *
114
+ * @param string $api_key
115
+ * @param bool $do_check
116
+ *
117
+ * @return array|bool|mixed
118
+ */
119
+ static public function method__get_antispam_report_breif($api_key, $do_check = true)
120
+ {
121
+ $request = array(
122
+ 'method_name' => 'get_antispam_report_breif',
123
+ 'auth_key' => $api_key,
124
+ );
125
+
126
+ $result = static::send_request($request);
127
+ $result = $do_check ? static::check_response($result, 'get_antispam_report_breif') : $result;
128
+
129
+ return $result;
130
+ }
131
+
132
+ /**
133
+ * Wrapper for notice_paid_till API method.
134
+ * Gets information about renew notice.
135
+ *
136
+ * @param string $api_key API key
137
+ * @param string $path_to_cms Website URL
138
+ * @param bool $do_check
139
+ *
140
+ * @return array|bool|mixed
141
+ */
142
+ static public function method__notice_paid_till($api_key, $path_to_cms, $do_check = true)
143
+ {
144
+ $request = array(
145
+ 'method_name' => 'notice_paid_till',
146
+ 'path_to_cms' => $path_to_cms,
147
+ 'auth_key' => $api_key
148
+ );
149
+
150
+ $result = static::send_request($request);
151
+ $result = $do_check ? static::check_response($result, 'notice_paid_till') : $result;
152
+
153
+ return $result;
154
+ }
155
+
156
+ /**
157
+ * Wrapper for ip_info API method.
158
+ * Gets IP country.
159
+ *
160
+ * @param string $data
161
+ * @param bool $do_check
162
+ *
163
+ * @return array|bool|mixed
164
+ */
165
+ static public function method__ip_info($data, $do_check = true)
166
+ {
167
+ $request = array(
168
+ 'method_name' => 'ip_info',
169
+ 'data' => $data
170
+ );
171
+
172
+ $result = static::send_request($request);
173
+ $result = $do_check ? static::check_response($result, 'ip_info') : $result;
174
+ return $result;
175
+ }
176
+
177
+ /**
178
+ * Wrapper for spam_check_cms API method.
179
+ * Checks IP|email via CleanTalk's database.
180
+ *
181
+ * @param string $api_key
182
+ * @param array $data
183
+ * @param null|string $date
184
+ * @param bool $do_check
185
+ *
186
+ * @return array|bool|mixed
187
+ */
188
+ static public function method__spam_check_cms($api_key, $data, $date = null, $do_check = true)
189
+ {
190
+ $request = Array(
191
+ 'method_name' => 'spam_check_cms',
192
+ 'auth_key' => $api_key,
193
+ 'data' => is_array($data) ? implode(',', $data) : $data,
194
+ );
195
+
196
+ if($date) $request['date'] = $date;
197
+
198
+ $result = static::send_request($request, self::URL, 10);
199
+ $result = $do_check ? static::check_response($result, 'spam_check_cms') : $result;
200
+
201
+ return $result;
202
+ }
203
+
204
+ /**
205
+ * Wrapper for spam_check API method.
206
+ * Checks IP|email via CleanTalk's database.
207
+ *
208
+ * @param string $api_key
209
+ * @param array $data
210
+ * @param null|string $date
211
+ * @param bool $do_check
212
+ *
213
+ * @return array|bool|mixed
214
+ */
215
+ static public function method__spam_check($api_key, $data, $date = null, $do_check = true)
216
+ {
217
+ $request = Array(
218
+ 'method_name' => 'spam_check',
219
+ 'auth_key' => $api_key,
220
+ 'data' => is_array($data) ? implode(',', $data) : $data,
221
+ );
222
+
223
+ if($date) $request['date'] = $date;
224
+
225
+ $result = static::send_request($request, self::URL, 10);
226
+ $result = $do_check ? static::check_response($result, 'spam_check') : $result;
227
+
228
+ return $result;
229
+ }
230
+
231
+ /**
232
+ * Wrapper for sfw_logs API method.
233
+ * Sends SpamFireWall logs to the cloud.
234
+ *
235
+ * @param string $api_key
236
+ * @param array $data
237
+ * @param bool $do_check
238
+ *
239
+ * @return array|bool|mixed
240
+ */
241
+ static public function method__sfw_logs($api_key, $data, $do_check = true)
242
+ {
243
+
244
+ $request = array(
245
+ 'auth_key' => $api_key,
246
+ 'method_name' => 'sfw_logs',
247
+ 'data' => json_encode($data),
248
+ 'rows' => count($data),
249
+ 'timestamp' => time()
250
+ );
251
+
252
+ $result = static::send_request($request);
253
+ $result = $do_check ? static::check_response($result, 'sfw_logs') : $result;
254
+
255
+ return $result;
256
+ }
257
+
258
+ /**
259
+ * Wrapper for security_logs API method.
260
+ * Sends security logs to the cloud.
261
+ *
262
+ * @param string $api_key
263
+ * @param array $data
264
+ * @param bool $do_check
265
+ *
266
+ * @return array|bool|mixed
267
+ */
268
+ static public function method__security_logs($api_key, $data, $do_check = true)
269
+ {
270
+ $request = array(
271
+ 'auth_key' => $api_key,
272
+ 'method_name' => 'security_logs',
273
+ 'timestamp' => current_time('timestamp'),
274
+ 'data' => json_encode($data),
275
+ 'rows' => count($data),
276
+ );
277
+
278
+ $result = static::send_request($request);
279
+ $result = $do_check ? static::check_response($result, 'security_logs') : $result;
280
+
281
+ return $result;
282
+ }
283
+
284
+ /**
285
+ * Wrapper for security_logs API method.
286
+ * Sends Securitty Firewall logs to the cloud.
287
+ *
288
+ * @param string $api_key
289
+ * @param array $data
290
+ * @param bool $do_check
291
+ *
292
+ * @return array|bool|mixed
293
+ */
294
+ static public function method__security_logs__sendFWData($api_key, $data, $do_check = true)
295
+ {
296
+
297
+ $request = array(
298
+ 'auth_key' => $api_key,
299
+ 'method_name' => 'security_logs',
300
+ 'timestamp' => current_time('timestamp'),
301
+ 'data_fw' => json_encode($data),
302
+ 'rows_fw' => count($data),
303
+ );
304
+
305
+ $result = static::send_request($request);
306
+ $result = $do_check ? static::check_response($result, 'security_logs') : $result;
307
+
308
+ return $result;
309
+ }
310
+
311
+ /**
312
+ * Wrapper for security_logs API method.
313
+ * Sends empty data to the cloud to syncronize version.
314
+ *
315
+ * @param string $api_key
316
+ * @param bool $do_check
317
+ *
318
+ * @return array|bool|mixed
319
+ */
320
+ static public function method__security_logs__feedback($api_key, $do_check = true)
321
+ {
322
+ $request = array(
323
+ 'auth_key' => $api_key,
324
+ 'method_name' => 'security_logs',
325
+ 'data' => '0',
326
+ );
327
+
328
+ $result = static::send_request($request);
329
+ $result = $do_check ? static::check_response($result, 'security_logs') : $result;
330
+
331
+ return $result;
332
+ }
333
+
334
+ /**
335
+ * Wrapper for security_firewall_data API method.
336
+ * Gets Securitty Firewall data to write to the local database.
337
+ *
338
+ * @param string $api_key
339
+ * @param bool $do_check
340
+ *
341
+ * @return array|bool|mixed
342
+ */
343
+ static public function method__security_firewall_data($api_key, $do_check = true)
344
+ {
345
+
346
+ $request = array(
347
+ 'auth_key' => $api_key,
348
+ 'method_name' => 'security_firewall_data',
349
+ );
350
+
351
+ $result = static::send_request($request);
352
+ $result = $do_check ? static::check_response($result, 'security_firewall_data') : $result;
353
+
354
+ return $result;
355
+ }
356
+
357
+ /**
358
+ * Wrapper for security_firewall_data_file API method.
359
+ * Gets URI with security firewall data in .csv.gz file to write to the local database.
360
+ *
361
+ * @param string $api_key
362
+ * @param bool $do_check
363
+ *
364
+ * @return array|bool|mixed
365
+ */
366
+ static public function method__security_firewall_data_file($api_key, $do_check = true)
367
+ {
368
+
369
+ $request = array(
370
+ 'auth_key' => $api_key,
371
+ 'method_name' => 'security_firewall_data_file',
372
+ );
373
+
374
+ $result = static::send_request($request);
375
+ $result = $do_check ? static::check_response($result, 'security_firewall_data_file') : $result;
376
+
377
+ return $result;
378
+ }
379
+
380
+ /**
381
+ * Wrapper for security_linksscan_logs API method.
382
+ * Send data to the cloud about scanned links.
383
+ *
384
+ * @param string $api_key
385
+ * @param string $scan_time Datetime of scan
386
+ * @param bool $scan_result
387
+ * @param int $links_total
388
+ * @param array $links_list
389
+ * @param bool $do_check
390
+ *
391
+ * @return array|bool|mixed
392
+ */
393
+ static public function method__security_linksscan_logs($api_key, $scan_time, $scan_result, $links_total, $links_list, $do_check = true)
394
+ {
395
+ $request = array(
396
+ 'auth_key' => $api_key,
397
+ 'method_name' => 'security_linksscan_logs',
398
+ 'started' => $scan_time,
399
+ 'result' => $scan_result,
400
+ 'total_links_found' => $links_total,
401
+ 'links_list' => $links_list,
402
+ );
403
+
404
+ $result = static::send_request($request);
405
+ $result = $do_check ? static::check_response($result, 'security_linksscan_logs') : $result;
406
+
407
+ return $result;
408
+ }
409
+
410
+ /**
411
+ * Wrapper for security_mscan_logs API method.
412
+ * Sends result of file scan to the cloud.
413
+ *
414
+ * @param string $api_key
415
+ * @param int $service_id
416
+ * @param string $scan_time Datetime of scan
417
+ * @param bool $scan_result
418
+ * @param int $scanned_total
419
+ * @param array $modified List of modified files with details
420
+ * @param array $unknown List of modified files with details
421
+ * @param bool $do_check
422
+ *
423
+ * @return array|bool|mixed
424
+ */
425
+ static public function method__security_mscan_logs($api_key, $service_id, $scan_time, $scan_result, $scanned_total, $modified, $unknown, $do_check = true)
426
+ {
427
+ $request = array(
428
+ 'method_name' => 'security_mscan_logs',
429
+ 'auth_key' => $api_key,
430
+ 'service_id' => $service_id,
431
+ 'started' => $scan_time,
432
+ 'result' => $scan_result,
433
+ 'total_core_files' => $scanned_total,
434
+ );
435
+
436
+ if(!empty($modified)){
437
+ $request['failed_files'] = json_encode($modified);
438
+ $request['failed_files_rows'] = count($modified);
439
+ }
440
+ if(!empty($unknown)){
441
+ $request['unknown_files'] = json_encode($unknown);
442
+ $request['unknown_files_rows'] = count($unknown);
443
+ }
444
+
445
+ $result = static::send_request($request);
446
+ $result = $do_check ? static::check_response($result, 'security_mscan_logs') : $result;
447
+
448
+ return $result;
449
+ }
450
+
451
+ /**
452
+ * Wrapper for security_mscan_files API method.
453
+ * Sends file to the cloud for analysis.
454
+ *
455
+ * @param string $api_key
456
+ * @param string $file_path Path to the file
457
+ * @param array $file File itself
458
+ * @param string $file_md5 MD5 hash of file
459
+ * @param array $weak_spots List of weak spots found in file
460
+ * @param bool $do_check
461
+ *
462
+ * @return array|bool|mixed
463
+ */
464
+ static public function method__security_mscan_files($api_key, $file_path, $file, $file_md5, $weak_spots, $do_check = true)
465
+ {
466
+ $request = array(
467
+ 'method_name' => 'security_mscan_files',
468
+ 'auth_key' => $api_key,
469
+ 'path_to_sfile' => $file_path,
470
+ 'attached_sfile' => $file,
471
+ 'md5sum_sfile' => $file_md5,
472
+ 'dangerous_code' => $weak_spots,
473
+ );
474
+
475
+ $result = static::send_request($request);
476
+ $result = $do_check ? static::check_response($result, 'security_mscan_files') : $result;
477
+
478
+ return $result;
479
+ }
480
+
481
+ /**
482
+ * Wrapper for get_antispam_report API method.
483
+ * Function gets spam domains report.
484
+ *
485
+ * @param string $api_key
486
+ * @param array|string|mixed $data
487
+ * @param string $date
488
+ * @param bool $do_check
489
+ *
490
+ * @return array|bool|mixed
491
+ */
492
+ static public function method__backlinks_check_cms($api_key, $data, $date = null, $do_check = true)
493
+ {
494
+ $request = array(
495
+ 'method_name' => 'backlinks_check_cms',
496
+ 'auth_key' => $api_key,
497
+ 'data' => is_array($data) ? implode(',', $data) : $data,
498
+ );
499
+
500
+ if($date) $request['date'] = $date;
501
+
502
+ $result = static::send_request($request);
503
+ $result = $do_check ? static::check_response($result, 'backlinks_check_cms') : $result;
504
+
505
+ return $result;
506
+ }
507
+
508
+ /**
509
+ * Wrapper for get_antispam_report API method.
510
+ * Function gets spam domains report
511
+ *
512
+ * @param string $api_key
513
+ * @param array $logs
514
+ * @param bool $do_check
515
+ *
516
+ * @return array|bool|mixed
517
+ */
518
+ static public function method__security_backend_logs($api_key, $logs, $do_check = true)
519
+ {
520
+ $request = array(
521
+ 'method_name' => 'security_backend_logs',
522
+ 'auth_key' => $api_key,
523
+ 'logs' => json_encode($logs),
524
+ 'total_logs' => count($logs),
525
+ );
526
+
527
+ $result = static::send_request($request);
528
+ $result = $do_check ? static::check_response($result, 'security_backend_logs') : $result;
529
+
530
+ return $result;
531
+ }
532
+
533
+ /**
534
+ * Wrapper for get_antispam_report API method.
535
+ * Sends data about auto repairs
536
+ *
537
+ * @param string $api_key
538
+ * @param bool $repair_result
539
+ * @param string $repair_comment
540
+ * @param $repaired_processed_files
541
+ * @param $repaired_total_files_proccessed
542
+ * @param $backup_id
543
+ * @param bool $do_check
544
+ *
545
+ * @return array|bool|mixed
546
+ */
547
+ static public function method__security_mscan_repairs($api_key, $repair_result, $repair_comment, $repaired_processed_files, $repaired_total_files_proccessed, $backup_id, $do_check = true)
548
+ {
549
+ $request = array(
550
+ 'method_name' => 'security_mscan_repairs',
551
+ 'auth_key' => $api_key,
552
+ 'repair_result' => $repair_result,
553
+ 'repair_comment' => $repair_comment,
554
+ 'repair_processed_files' => json_encode($repaired_processed_files),
555
+ 'repair_total_files_processed' => $repaired_total_files_proccessed,
556
+ 'backup_id' => $backup_id,
557
+ 'mscan_log_id' => 1,
558
+ );
559
+
560
+ $result = static::send_request($request);
561
+ $result = $do_check ? static::check_response($result, 'security_mscan_repairs') : $result;
562
+
563
+ return $result;
564
+ }
565
+
566
+ /**
567
+ * Wrapper for get_antispam_report API method.
568
+ * Force server to update checksums for specific plugin\theme
569
+ *
570
+ * @param string $api_key
571
+ * @param string $plugins_and_themes_to_refresh
572
+ * @param bool $do_check
573
+ *
574
+ * @return array|bool|mixed
575
+ */
576
+ static public function method__request_checksums($api_key, $plugins_and_themes_to_refresh, $do_check = true)
577
+ {
578
+ $request = array(
579
+ 'method_name' => 'request_checksums',
580
+ 'auth_key' => $api_key,
581
+ 'data' => $plugins_and_themes_to_refresh
582
+ );
583
+
584
+ $result = static::send_request($request);
585
+ $result = $do_check ? static::check_response($result, 'request_checksums') : $result;
586
+
587
+ return $result;
588
+ }
589
+
590
+ /**
591
+ * Function sends raw request to API server
592
+ *
593
+ * @param array $data to send
594
+ * @param string $url of API server
595
+ * @param integer $timeout timeout in seconds
596
+ * @param boolean $ssl use ssl on not
597
+ *
598
+ * @return array|bool
599
+ */
600
+ static public function send_request($data, $url = self::URL, $timeout = 5, $ssl = false, $ssl_path = '')
601
+ {
602
+ // Possibility to switch agent vaersion
603
+ $data['agent'] = !empty($data['agent'])
604
+ ? $data['agent']
605
+ : (defined('CLEANTALK_AGENT') ? CLEANTALK_AGENT : self::AGENT);
606
+
607
+ // Make URL string
608
+ $data_string = http_build_query($data);
609
+ $data_string = str_replace("&amp;", "&", $data_string);
610
+
611
+ // For debug purposes
612
+ if(defined('CLEANTALK_DEBUG') && CLEANTALK_DEBUG){
613
+ global $apbct_debug;
614
+ $apbct_debug['sent_data'] = $data;
615
+ $apbct_debug['request_string'] = $data_string;
616
+ }
617
+
618
+ // Possibility to switch API url
619
+ $url = defined('CLEANTALK_API_URL') ? CLEANTALK_API_URL : $url;
620
+
621
+ if(function_exists('curl_init')){
622
+
623
+ $ch = curl_init();
624
+
625
+ // Set diff options
626
+ curl_setopt($ch, CURLOPT_URL, $url);
627
+ curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
628
+ curl_setopt($ch, CURLOPT_POST, true);
629
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
630
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
631
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
632
+
633
+ $ssl_path = $ssl_path
634
+ ? $ssl_path
635
+ : (defined('CLEANTALK_CASERT_PATH') ? CLEANTALK_CASERT_PATH : '');
636
+
637
+ // Switch on/off SSL
638
+ if($ssl && $ssl_path){
639
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
640
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
641
+ curl_setopt($ch, CURLOPT_CAINFO, $ssl_path);
642
+ }else{
643
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
644
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
645
+ }
646
+
647
+ // Make a request
648
+ $result = curl_exec($ch);
649
+ $errors = curl_error($ch);
650
+ curl_close($ch);
651
+
652
+ // Retry with SSL enabled if failed
653
+ if($result === false){
654
+ if($ssl === false){
655
+ return self::send_request($data, $url, $timeout, true, $ssl_path);
656
+ }
657
+ }
658
+
659
+ }else{
660
+ $errors = 'CURL_NOT_INSTALLED';
661
+ }
662
+
663
+ // Trying to use file_get_contents() to make a API call
664
+ if(!empty($errors)){
665
+ if(ini_get('allow_url_fopen')){
666
+ $opts = array(
667
+ 'http' => array(
668
+ 'method' => "POST",
669
+ 'timeout' => $timeout,
670
+ 'content' => $data_string,
671
+ ),
672
+ );
673
+ $context = stream_context_create($opts);
674
+ $result = @file_get_contents($url, 0, $context);
675
+
676
+ $errors = $result === false
677
+ ? $errors . '_FAILED_TO_USE_FILE_GET_CONTENTS'
678
+ : false;
679
+
680
+ }else{
681
+ $errors .= '_AND_ALLOW_URL_FOPEN_IS_DISABLED';
682
+ }
683
+ }
684
+
685
+ return empty($result) || !empty($errors)
686
+ ? array('error' => $errors)
687
+ : $result;
688
+ }
689
+
690
+ /**
691
+ * Function checks server response
692
+ *
693
+ * @param string $result
694
+ * @param string $method_name
695
+ *
696
+ * @return mixed (array || array('error' => true))
697
+ */
698
+ static public function check_response($result, $method_name = null)
699
+ {
700
+ // Errors handling
701
+ // Bad connection
702
+ if(is_array($result) && isset($result['error'])){
703
+ return array(
704
+ 'error' => 'CONNECTION_ERROR: ' . (isset($result['error']) ? ' ' . $result['error'] : ''),
705
+ );
706
+ }
707
+
708
+ // JSON decode errors
709
+ $result = json_decode($result, true);
710
+ if(empty($result)){
711
+ return array(
712
+ 'error' => 'JSON_DECODE_ERROR',
713
+ );
714
+ }
715
+
716
+ // Server errors
717
+ if($result &&
718
+ (isset($result['error_no']) || isset($result['error_message'])) &&
719
+ (isset($result['error_no']) && $result['error_no'] != 12)
720
+ ){
721
+ return array(
722
+ 'error' => "SERVER_ERROR NO: {$result['error_no']} MSG: {$result['error_message']}",
723
+ 'error_no' => $result['error_no'],
724
+ 'error_message' => $result['error_message'],
725
+ );
726
+ }
727
+
728
+ // Pathces for different methods
729
+ switch($method_name){
730
+
731
+ // notice_paid_till
732
+ case 'notice_paid_till':
733
+
734
+ $result = isset($result['data']) ? $result['data'] : $result;
735
+
736
+ if((isset($result['error_no']) && $result['error_no'] == 12) ||
737
+ (
738
+ !(isset($result['service_id']) && is_int($result['service_id'])) &&
739
+ empty($result['moderate_ip'])
740
+ )
741
+ )
742
+ $result['valid'] = 0;
743
+ else
744
+ $result['valid'] = 1;
745
+
746
+ return $result;
747
+
748
+ break;
749
+
750
+ // get_antispam_report_breif
751
+ case 'get_antispam_report_breif':
752
+
753
+ $out = isset($result['data']) && is_array($result['data'])
754
+ ? $result['data']
755
+ : array('error' => 'NO_DATA');
756
+
757
+ for($tmp = array(), $i = 0; $i < 7; $i++){
758
+ $tmp[date('Y-m-d', time() - 86400 * 7 + 86400 * $i)] = 0;
759
+ }
760
+ $out['spam_stat'] = (array)array_merge($tmp, isset($out['spam_stat']) ? $out['spam_stat'] : array());
761
+ $out['top5_spam_ip'] = isset($out['top5_spam_ip']) ? $out['top5_spam_ip'] : array();
762
+
763
+ return $out;
764
+
765
+ break;
766
+
767
+ default:
768
+ return isset($result['data']) && is_array($result['data'])
769
+ ? $result['data']
770
+ : array('error' => 'NO_DATA');
771
+ break;
772
+ }
773
+ }
774
+ }
lib/{CleantalkBase/CleantalkDB.php → Cleantalk/Antispam/DB.php} RENAMED
@@ -1,6 +1,6 @@
1
  <?php
2
 
3
- namespace CleantalkBase;
4
 
5
  /**
6
  * CleanTalk abstract Data Base driver.
@@ -14,7 +14,7 @@ namespace CleantalkBase;
14
  * @see https://github.com/CleanTalk/php-antispam
15
  */
16
 
17
- class CleantalkDB
18
  {
19
 
20
  private static $instance;
1
  <?php
2
 
3
+ namespace Cleantalk\Antispam;
4
 
5
  /**
6
  * CleanTalk abstract Data Base driver.
14
  * @see https://github.com/CleanTalk/php-antispam
15
  */
16
 
17
+ class DB
18
  {
19
 
20
  private static $instance;
lib/Cleantalk/Antispam/Helper.php ADDED
@@ -0,0 +1,689 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace Cleantalk\Antispam;
4
+
5
+ /**
6
+ * CleanTalk Helper class.
7
+ * Compatible with any CMS.
8
+ *
9
+ * @package PHP Antispam by CleanTalk
10
+ * @subpackage Helper
11
+ * @Version 3.2
12
+ * @author Cleantalk team (welcome@cleantalk.org)
13
+ * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
14
+ * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
15
+ * @see https://github.com/CleanTalk/php-antispam
16
+ */
17
+ class Helper
18
+ {
19
+ /**
20
+ * Default user agent for HTTP requests
21
+ */
22
+ const AGENT = 'Cleatalk-Helper/3.2';
23
+
24
+ /**
25
+ * @var array Set of private networks IPv4 and IPv6
26
+ */
27
+ public static $private_networks = array(
28
+ 'v4' => array(
29
+ '10.0.0.0/8',
30
+ '100.64.0.0/10',
31
+ '172.16.0.0/12',
32
+ '192.168.0.0/16',
33
+ '127.0.0.1/32',
34
+ ),
35
+ 'v6' => array(
36
+ '0:0:0:0:0:0:0:1/128', // localhost
37
+ '0:0:0:0:0:0:a:1/128', // ::ffff:127.0.0.1
38
+ ),
39
+ );
40
+
41
+ /**
42
+ * @var array Set of CleanTalk servers
43
+ */
44
+ public static $cleantalks_servers = array(
45
+ // MODERATE
46
+ 'moderate1.cleantalk.org' => '162.243.144.175',
47
+ 'moderate2.cleantalk.org' => '159.203.121.181',
48
+ 'moderate3.cleantalk.org' => '88.198.153.60',
49
+ 'moderate4.cleantalk.org' => '159.69.51.30',
50
+ 'moderate5.cleantalk.org' => '95.216.200.119',
51
+ 'moderate6.cleantalk.org' => '138.68.234.8',
52
+ // APIX
53
+ 'apix1.cleantalk.org' => '35.158.52.161',
54
+ 'apix2.cleantalk.org' => '18.206.49.217',
55
+ 'apix3.cleantalk.org' => '3.18.23.246',
56
+ //ns
57
+ 'netserv2.cleantalk.org' => '178.63.60.214',
58
+ 'netserv3.cleantalk.org' => '188.40.14.173',
59
+ );
60
+
61
+ /**
62
+ * Getting arrays of IP (REMOTE_ADDR, X-Forwarded-For, X-Real-Ip, Cf_Connecting_Ip)
63
+ *
64
+ * @param array $ip_types Type of IP you want to receive
65
+ * @param bool $v4_only
66
+ *
67
+ * @return array|mixed|null
68
+ */
69
+ static public function ip__get($ip_types = array('real', 'remote_addr', 'x_forwarded_for', 'x_real_ip', 'cloud_flare'), $v4_only = true)
70
+ {
71
+ $ips = array_flip($ip_types); // Result array with IPs
72
+ $headers = apache_request_headers();
73
+
74
+ // REMOTE_ADDR
75
+ if(isset($ips['remote_addr'])){
76
+ $ip_type = self::ip__validate($_SERVER['REMOTE_ADDR']);
77
+ if($ip_type){
78
+ $ips['remote_addr'] = $ip_type == 'v6' ? self::ip__v6_normalize($_SERVER['REMOTE_ADDR']) : $_SERVER['REMOTE_ADDR'];
79
+ }
80
+ }
81
+
82
+ // X-Forwarded-For
83
+ if(isset($ips['x_forwarded_for'])){
84
+ if(isset($headers['X-Forwarded-For'])){
85
+ $tmp = explode(",", trim($headers['X-Forwarded-For']));
86
+ $tmp = trim($tmp[0]);
87
+ $ip_type = self::ip__validate($tmp);
88
+ if($ip_type){
89
+ $ips['x_forwarded_for'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
90
+ }
91
+ }
92
+ }
93
+
94
+ // X-Real-Ip
95
+ if(isset($ips['x_real_ip'])){
96
+ if(isset($headers['X-Real-Ip'])){
97
+ $tmp = explode(",", trim($headers['X-Real-Ip']));
98
+ $tmp = trim($tmp[0]);
99
+ $ip_type = self::ip__validate($tmp);
100
+ if($ip_type){
101
+ $ips['x_forwarded_for'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
102
+ }
103
+ }
104
+ }
105
+
106
+ // Cloud Flare
107
+ if(isset($ips['cloud_flare'])){
108
+ if(isset($headers['CF-Connecting-IP'], $headers['CF-IPCountry'], $headers['CF-RAY']) || isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
109
+ $tmp = isset($headers['CF-Connecting-IP']) ? $headers['CF-Connecting-IP'] : $headers['Cf-Connecting-Ip'];
110
+ $tmp = strpos($tmp, ',') !== false ? explode(',', $tmp) : (array)$tmp;
111
+ $ip_type = self::ip__validate(trim($tmp[0]));
112
+ if($ip_type){
113
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize(trim($tmp[0])) : trim($tmp[0]);
114
+ }
115
+ }
116
+ }
117
+
118
+ // Getting real IP from REMOTE_ADDR or Cf_Connecting_Ip if set or from (X-Forwarded-For, X-Real-Ip) if REMOTE_ADDR is local.
119
+ if(isset($ips['real'])){
120
+
121
+ // Detect IP type
122
+ $ip_type = self::ip__validate($_SERVER['REMOTE_ADDR']);
123
+ if($ip_type)
124
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($_SERVER['REMOTE_ADDR']) : $_SERVER['REMOTE_ADDR'];
125
+
126
+ // Cloud Flare
127
+ if(isset($headers['CF-Connecting-IP'], $headers['CF-IPCountry'], $headers['CF-RAY']) || isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
128
+ $tmp = isset($headers['CF-Connecting-IP']) ? $headers['CF-Connecting-IP'] : $headers['Cf-Connecting-Ip'];
129
+ $tmp = strpos($tmp, ',') !== false ? explode(',', $tmp) : (array)$tmp;
130
+ $ip_type = self::ip__validate(trim($tmp[0]));
131
+ if($ip_type)
132
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize(trim($tmp[0])) : trim($tmp[0]);
133
+
134
+ // Sucury
135
+ }elseif(isset($headers['X-Sucuri-Clientip'], $headers['X-Sucuri-Country'])){
136
+ $ip_type = self::ip__validate($headers['X-Sucuri-Clientip']);
137
+ if($ip_type)
138
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['X-Sucuri-Clientip']) : $headers['X-Sucuri-Clientip'];
139
+
140
+ // OVH
141
+ }elseif(isset($headers['X-Cdn-Any-Ip'], $headers['Remote-Ip'])){
142
+ $ip_type = self::ip__validate($headers['X-Cdn-Any-Ip']);
143
+ if($ip_type)
144
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['X-Cdn-Any-Ip']) : $headers['X-Cdn-Any-Ip'];
145
+
146
+ // Incapsula proxy
147
+ }elseif(isset($headers['Incap-Client-Ip'])){
148
+ $ip_type = self::ip__validate($headers['Incap-Client-Ip']);
149
+ if($ip_type)
150
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['Incap-Client-Ip']) : $headers['Incap-Client-Ip'];
151
+ }
152
+
153
+ // Is private network
154
+ if($ip_type === false || ($ip_type && (self::ip__is_private_network($ips['real'], $ip_type) || self::ip__mask_match($ips['real'], filter_input(INPUT_SERVER, 'SERVER_ADDR') . '/24', $ip_type)))){
155
+
156
+ // X-Forwarded-For
157
+ if(isset($headers['X-Forwarded-For'])){
158
+ $tmp = explode(',', trim($headers['X-Forwarded-For']));
159
+ $tmp = trim($tmp[0]);
160
+ $ip_type = self::ip__validate($tmp);
161
+ if($ip_type)
162
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
163
+
164
+ // X-Real-Ip
165
+ }elseif(isset($headers['X-Real-Ip'])){
166
+ $tmp = explode(',', trim($headers['X-Real-Ip']));
167
+ $tmp = trim($tmp[0]);
168
+ $ip_type = self::ip__validate($tmp);
169
+ if($ip_type)
170
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
171
+ }
172
+ }
173
+ }
174
+
175
+ // Validating IPs
176
+ $result = array();
177
+ foreach($ips as $key => $ip){
178
+ $ip_version = self::ip__validate($ip);
179
+ if($ip && (($v4_only && $ip_version == 'v4') || !$v4_only)){
180
+ $result[$key] = $ip;
181
+ }
182
+ }
183
+
184
+ $result = array_unique($result);
185
+ return count($result) > 1
186
+ ? $result
187
+ : (reset($result) !== false
188
+ ? reset($result)
189
+ : null);
190
+ }
191
+
192
+ /**
193
+ * Checks if the IP is in private range
194
+ *
195
+ * @param string $ip
196
+ * @param string $ip_type
197
+ *
198
+ * @return bool
199
+ */
200
+ static function ip__is_private_network($ip, $ip_type = 'v4')
201
+ {
202
+ return self::ip__mask_match($ip, self::$private_networks[$ip_type], $ip_type);
203
+ }
204
+
205
+ /**
206
+ * Check if the IP belong to mask. Recursive.
207
+ * Octet by octet for IPv4
208
+ * Hextet by hextet for IPv6
209
+ *
210
+ * @param string $ip
211
+ * @param string $cidr work to compare with
212
+ * @param string $ip_type IPv6 or IPv4
213
+ * @param int $xtet_count Recursive counter. Determs current part of address to check.
214
+ *
215
+ * @return bool
216
+ */
217
+ static public function ip__mask_match($ip, $cidr, $ip_type = 'v4', $xtet_count = 0)
218
+ {
219
+ if(is_array($cidr)){
220
+ foreach($cidr as $curr_mask){
221
+ if(self::ip__mask_match($ip, $curr_mask, $ip_type)){
222
+ return true;
223
+ }
224
+ }
225
+ unset($curr_mask);
226
+ return false;
227
+ }
228
+
229
+ $xtet_base = ($ip_type == 'v4') ? 8 : 16;
230
+
231
+ // Calculate mask
232
+ $exploded = explode('/', $cidr);
233
+ $net_ip = $exploded[0];
234
+ $mask = $exploded[1];
235
+
236
+ // Exit condition
237
+ $xtet_end = ceil($mask / $xtet_base);
238
+ if($xtet_count == $xtet_end)
239
+ return true;
240
+
241
+ // Lenght of bits for comparsion
242
+ $mask = $mask - $xtet_base * $xtet_count >= $xtet_base ? $xtet_base : $mask - $xtet_base * $xtet_count;
243
+
244
+ // Explode by octets/hextets from IP and Net
245
+ $net_ip_xtets = explode($ip_type == 'v4' ? '.' : ':', $net_ip);
246
+ $ip_xtets = explode($ip_type == 'v4' ? '.' : ':', $ip);
247
+
248
+ // Standartizing. Getting current octets/hextets. Adding leading zeros.
249
+ $net_xtet = str_pad(decbin($ip_type == 'v4' ? $net_ip_xtets[$xtet_count] : hexdec($net_ip_xtets[$xtet_count])), $xtet_base, 0, STR_PAD_LEFT);
250
+ $ip_xtet = str_pad(decbin($ip_type == 'v4' ? $ip_xtets[$xtet_count] : hexdec($ip_xtets[$xtet_count])), $xtet_base, 0, STR_PAD_LEFT);
251
+
252
+ // Comparing bit by bit
253
+ for($i = 0, $result = true; $mask != 0; $mask--, $i++){
254
+ if($ip_xtet[$i] != $net_xtet[$i]){
255
+ $result = false;
256
+ break;
257
+ }
258
+ }
259
+
260
+ // Recursing. Moving to next octet/hextet.
261
+ if($result)
262
+ $result = self::ip__mask_match($ip, $cidr, $ip_type, $xtet_count + 1);
263
+
264
+ return $result;
265
+
266
+ }
267
+
268
+ /**
269
+ * Converts long mask like 4294967295 to number like 32
270
+ *
271
+ * @param int $long_mask
272
+ *
273
+ * @return int
274
+ */
275
+ static function ip__mask__long_to_number($long_mask)
276
+ {
277
+ $num_mask = strpos((string)decbin($long_mask), '0');
278
+ return $num_mask === false ? 32 : $num_mask;
279
+ }
280
+
281
+ /**
282
+ * Validating IPv4, IPv6
283
+ *
284
+ * @param string $ip
285
+ *
286
+ * @return string|bool
287
+ */
288
+ static public function ip__validate($ip)
289
+ {
290
+ if(!$ip) return false; // NULL || FALSE || '' || so on...
291
+ if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && $ip != '0.0.0.0') return 'v4'; // IPv4
292
+ if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && self::ip__v6_reduce($ip) != '0::0') return 'v6'; // IPv6
293
+ return false; // Unknown
294
+ }
295
+
296
+ /**
297
+ * Expand IPv6
298
+ *
299
+ * @param string $ip
300
+ *
301
+ * @return string IPv6
302
+ */
303
+ static public function ip__v6_normalize($ip)
304
+ {
305
+ $ip = trim($ip);
306
+ // Searching for ::ffff:xx.xx.xx.xx patterns and turn it to IPv6
307
+ if(preg_match('/^::ffff:([0-9]{1,3}\.?){4}$/', $ip)){
308
+ $ip = dechex(sprintf("%u", ip2long(substr($ip, 7))));
309
+ $ip = '0:0:0:0:0:0:' . (strlen($ip) > 4 ? substr('abcde', 0, -4) : '0') . ':' . substr($ip, -4, 4);
310
+ // Normalizing hextets number
311
+ }elseif(strpos($ip, '::') !== false){
312
+ $ip = str_replace('::', str_repeat(':0', 8 - substr_count($ip, ':')) . ':', $ip);
313
+ $ip = strpos($ip, ':') === 0 ? '0' . $ip : $ip;
314
+ $ip = strpos(strrev($ip), ':') === 0 ? $ip . '0' : $ip;
315
+ }
316
+ // Simplifyng hextets
317
+ if(preg_match('/:0(?=[a-z0-9]+)/', $ip)){
318
+ $ip = preg_replace('/:0(?=[a-z0-9]+)/', ':', strtolower($ip));
319
+ $ip = self::ip__v6_normalize($ip);
320
+ }
321
+ return $ip;
322
+ }
323
+
324
+ /**
325
+ * Reduce IPv6
326
+ *
327
+ * @param string $ip
328
+ *
329
+ * @return string IPv6
330
+ */
331
+ static public function ip__v6_reduce($ip)
332
+ {
333
+ if(strpos($ip, ':') !== false){
334
+ $ip = preg_replace('/:0{1,4}/', ':', $ip);
335
+ $ip = preg_replace('/:{2,}/', '::', $ip);
336
+ $ip = strpos($ip, '0') === 0 ? substr($ip, 1) : $ip;
337
+ }
338
+ return $ip;
339
+ }
340
+
341
+ /**
342
+ * Get URL form IP. Check if it's belong to cleantalk.
343
+ *
344
+ * @param string $ip
345
+ *
346
+ * @return false|int|string
347
+ */
348
+ static public function ip__is_cleantalks($ip)
349
+ {
350
+ if(self::ip__validate($ip)){
351
+ $url = array_search($ip, self::$cleantalks_servers);
352
+ return $url
353
+ ? true
354
+ : false;
355
+ }else
356
+ return false;
357
+ }
358
+
359
+ /**
360
+ * Get URL form IP. Check if it's belong to cleantalk.
361
+ *
362
+ * @param $ip
363
+ *
364
+ * @return false|int|string
365
+ */
366
+ static public function ip__resolve__cleantalks($ip)
367
+ {
368
+ if(self::ip__validate($ip)){
369
+ $url = array_search($ip, self::$cleantalks_servers);
370
+ return $url
371
+ ? $url
372
+ : self::ip__resolve($ip);
373
+ }else
374
+ return $ip;
375
+ }
376
+
377
+ /**
378
+ * Get URL form IP
379
+ *
380
+ * @param $ip
381
+ *
382
+ * @return string
383
+ */
384
+ static public function ip__resolve($ip)
385
+ {
386
+ if(self::ip__validate($ip)){
387
+ $url = gethostbyaddr($ip);
388
+ if($url)
389
+ return $url;
390
+ }
391
+ return $ip;
392
+ }
393
+
394
+ /**
395
+ * Resolve DNS to IP
396
+ *
397
+ * @param $host
398
+ * @param bool $out
399
+ *
400
+ * @return bool
401
+ */
402
+ static public function dns__resolve($host, $out = false)
403
+ {
404
+
405
+ // Get DNS records about URL
406
+ if(function_exists('dns_get_record')){
407
+ $records = dns_get_record($host, DNS_A);
408
+ if($records !== false){
409
+ $out = $records[0]['ip'];
410
+ }
411
+ }
412
+
413
+ // Another try if first failed
414
+ if(!$out && function_exists('gethostbynamel')){
415
+ $records = gethostbynamel($host);
416
+ if($records !== false){
417
+ $out = $records[0];
418
+ }
419
+ }
420
+
421
+ return $out;
422
+
423
+ }
424
+
425
+ /**
426
+ * Function sends raw http request
427
+ *
428
+ * May use 4 presets(combining possible):
429
+ * get_code - getting only HTTP response code
430
+ * async - async requests
431
+ * get - GET-request
432
+ * ssl - use SSL
433
+ *
434
+ * @param string $url URL
435
+ * @param array $data POST|GET indexed array with data to send
436
+ * @param string|array $presets String or Array with presets: get_code, async, get, ssl, dont_split_to_array
437
+ * @param array $opts Optional option for CURL connection
438
+ *
439
+ * @return array|bool (array || array('error' => true))
440
+ */
441
+ static public function http__request($url, $data = array(), $presets = null, $opts = array())
442
+ {
443
+ if(function_exists('curl_init')){
444
+
445
+ $ch = curl_init();
446
+
447
+ if(!empty($data)){
448
+ // If $data scalar converting it to array
449
+ $data = is_string($data) || is_int($data) ? array($data => 1) : $data;
450
+ // Build query
451
+ $opts[CURLOPT_POSTFIELDS] = $data;
452
+ }
453
+
454
+ // Merging OBLIGATORY options with GIVEN options
455
+ $opts = self::array_merge__save_numeric_keys(
456
+ array(
457
+ CURLOPT_URL => $url,
458
+ CURLOPT_RETURNTRANSFER => true,
459
+ CURLOPT_CONNECTTIMEOUT_MS => 3000,
460
+ CURLOPT_FORBID_REUSE => true,
461
+ CURLOPT_USERAGENT => self::AGENT . '; ' . (!empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'UNKNOWN_HOST'),
462
+ CURLOPT_POST => true,
463
+ CURLOPT_SSL_VERIFYPEER => false,
464
+ CURLOPT_SSL_VERIFYHOST => 0,
465
+ CURLOPT_HTTPHEADER => array('Expect:'), // Fix for large data and old servers http://php.net/manual/ru/function.curl-setopt.php#82418
466
+ CURLOPT_FOLLOWLOCATION => true,
467
+ CURLOPT_MAXREDIRS => 5,
468
+ ),
469
+ $opts
470
+ );
471
+
472
+ // Use presets
473
+ $presets = is_array($presets) ? $presets : explode(' ', $presets);
474
+ foreach($presets as $preset){
475
+
476
+ switch($preset){
477
+
478
+ // Do not follow redirects
479
+ case 'dont_follow_redirects':
480
+ $opts[CURLOPT_FOLLOWLOCATION] = false;
481
+ $opts[CURLOPT_MAXREDIRS] = 0;
482
+ break;
483
+
484
+ // Get headers only
485
+ case 'get_code':
486
+ $opts[CURLOPT_HEADER] = true;
487
+ $opts[CURLOPT_NOBODY] = true;
488
+ break;
489
+
490
+ // Make a request, don't wait for an answer
491
+ case 'async':
492
+ $opts[CURLOPT_CONNECTTIMEOUT_MS] = 1000;
493
+ $opts[CURLOPT_TIMEOUT_MS] = 500;
494
+ break;
495
+
496
+ case 'get':
497
+ $opts[CURLOPT_URL] .= $data ? '?' . str_replace("&amp;", "&", http_build_query($data)) : '';
498
+ $opts[CURLOPT_POST] = false;
499
+ $opts[CURLOPT_POSTFIELDS] = null;
500
+ break;
501
+
502
+ case 'ssl':
503
+ $opts[CURLOPT_SSL_VERIFYPEER] = true;
504
+ $opts[CURLOPT_SSL_VERIFYHOST] = 2;
505
+ if(defined('CLEANTALK_CASERT_PATH') && CLEANTALK_CASERT_PATH)
506
+ $opts[CURLOPT_CAINFO] = CLEANTALK_CASERT_PATH;
507
+ break;
508
+
509
+ default:
510
+
511
+ break;
512
+ }
513
+
514
+ }
515
+ unset($preset);
516
+
517
+ curl_setopt_array($ch, $opts);
518
+ $result = curl_exec($ch);
519
+
520
+ // RETURN if async request
521
+ if(in_array('async', $presets))
522
+ return true;
523
+
524
+ if($result){
525
+
526
+ if(strpos($result, PHP_EOL) !== false && !in_array('dont_split_to_array', $presets))
527
+ $result = explode(PHP_EOL, $result);
528
+
529
+ // Get code crossPHP method
530
+ if(in_array('get_code', $presets)){
531
+ $curl_info = curl_getinfo($ch);
532
+ $result = $curl_info['http_code'];
533
+ }
534
+ curl_close($ch);
535
+ $out = $result;
536
+ }else
537
+ $out = array('error' => curl_error($ch));
538
+ }else
539
+ $out = array('error' => 'CURL_NOT_INSTALLED');
540
+
541
+ /**
542
+ * Getting HTTP-response code without cURL
543
+ */
544
+ if($presets && ($presets == 'get_code' || (is_array($presets) && in_array('get_code', $presets)))
545
+ && isset($out['error']) && $out['error'] == 'CURL_NOT_INSTALLED'
546
+ ){
547
+ $headers = get_headers($url);
548
+ $out = (int)preg_replace('/.*(\d{3}).*/', '$1', $headers[0]);
549
+ }
550
+
551
+ return $out;
552
+ }
553
+
554
+ /**
555
+ * Merging arrays without reseting numeric keys
556
+ *
557
+ * @param array $arr1 One-dimentional array
558
+ * @param array $arr2 One-dimentional array
559
+ *
560
+ * @return array Merged array
561
+ */
562
+ public static function array_merge__save_numeric_keys($arr1, $arr2)
563
+ {
564
+ foreach($arr2 as $key => $val){
565
+ $arr1[$key] = $val;
566
+ }
567
+ return $arr1;
568
+ }
569
+
570
+ /**
571
+ * Merging arrays without reseting numeric keys recursive
572
+ *
573
+ * @param array $arr1 One-dimentional array
574
+ * @param array $arr2 One-dimentional array
575
+ *
576
+ * @return array Merged array
577
+ */
578
+ public static function array_merge__save_numeric_keys__recursive($arr1, $arr2)
579
+ {
580
+ foreach($arr2 as $key => $val){
581
+ // Array | array => array
582
+ if(isset($arr1[$key]) && is_array($arr1[$key]) && is_array($val)){
583
+ $arr1[$key] = self::array_merge__save_numeric_keys__recursive($arr1[$key], $val);
584
+ // Scalar | array => array
585
+ }elseif(isset($arr1[$key]) && !is_array($arr1[$key]) && is_array($val)){
586
+ $tmp = $arr1[$key] =
587
+ $arr1[$key] = $val;
588
+ $arr1[$key][] = $tmp;
589
+ // array | scalar => array
590
+ }elseif(isset($arr1[$key]) && is_array($arr1[$key]) && !is_array($val)){
591
+ $arr1[$key][] = $val;
592
+ // scalar | scalar => scalar
593
+ }else{
594
+ $arr1[$key] = $val;
595
+ }
596
+ }
597
+ return $arr1;
598
+ }
599
+
600
+ /**
601
+ * Function removing non UTF8 characters from array|string|object
602
+ *
603
+ * @param array|object|string $data
604
+ *
605
+ * @return array|object|string
606
+ */
607
+ public static function removeNonUTF8($data)
608
+ {
609
+ // Array || object
610
+ if(is_array($data) || is_object($data)){
611
+ foreach($data as $key => &$val){
612
+ $val = self::removeNonUTF8($val);
613
+ }
614
+ unset($key, $val);
615
+
616
+ //String
617
+ }else{
618
+ if(!preg_match('//u', $data))
619
+ $data = 'Nulled. Not UTF8 encoded or malformed.';
620
+ }
621
+ return $data;
622
+ }
623
+
624
+ /**
625
+ * Function convert anything to UTF8 and removes non UTF8 characters
626
+ *
627
+ * @param array|object|string $obj
628
+ * @param string $data_codepage
629
+ *
630
+ * @return mixed(array|object|string)
631
+ */
632
+ public static function toUTF8($obj, $data_codepage = null)
633
+ {
634
+ // Array || object
635
+ if(is_array($obj) || is_object($obj)){
636
+ foreach($obj as $key => &$val){
637
+ $val = self::toUTF8($val, $data_codepage);
638
+ }
639
+ unset($key, $val);
640
+
641
+ //String
642
+ }else{
643
+ if(!preg_match('//u', $obj) && function_exists('mb_detect_encoding') && function_exists('mb_convert_encoding')){
644
+ $encoding = mb_detect_encoding($obj);
645
+ $encoding = $encoding ? $encoding : $data_codepage;
646
+ if($encoding)
647
+ $obj = mb_convert_encoding($obj, 'UTF-8', $encoding);
648
+ }
649
+ }
650
+ return $obj;
651
+ }
652
+
653
+ /**
654
+ * Function convert from UTF8
655
+ *
656
+ * @param array|object|string $obj
657
+ * @param string $data_codepage
658
+ *
659
+ * @return mixed (array|object|string)
660
+ */
661
+ public static function fromUTF8($obj, $data_codepage = null)
662
+ {
663
+ // Array || object
664
+ if(is_array($obj) || is_object($obj)){
665
+ foreach($obj as $key => &$val){
666
+ $val = self::fromUTF8($val, $data_codepage);
667
+ }
668
+ unset($key, $val);
669
+
670
+ //String
671
+ }else{
672
+ if(preg_match('u', $obj) && function_exists('mb_convert_encoding') && $data_codepage !== null)
673
+ $obj = mb_convert_encoding($obj, $data_codepage, 'UTF-8');
674
+ }
675
+ return $obj;
676
+ }
677
+
678
+ /**
679
+ * Checks if the string is JSON type
680
+ *
681
+ * @param string
682
+ *
683
+ * @return bool
684
+ */
685
+ static public function is_json($string)
686
+ {
687
+ return is_string($string) && is_array(json_decode($string, true)) ? true : false;
688
+ }
689
+ }
lib/{CleantalkBase/CleantalkSFW.php → Cleantalk/Antispam/SFW.php} RENAMED
@@ -1,14 +1,14 @@
1
  <?php
2
 
3
- namespace CleantalkBase;
4
 
5
  /**
6
  * CleanTalk SpamFireWall base class.
7
  * Compatible with any CMS.
8
  *
9
- * @depends CleantalkHelper class
10
- * @depends CleantalkAPI class
11
- * @depends CleantalkDB class
12
  *
13
  * @version 3.3
14
  * @author Cleantalk team (welcome@cleantalk.org)
@@ -16,7 +16,7 @@ namespace CleantalkBase;
16
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
17
  * @see https://github.com/CleanTalk/php-antispam
18
  */
19
- class CleantalkSFW
20
  {
21
  public $ip = 0;
22
 
@@ -72,7 +72,7 @@ class CleantalkSFW
72
  {
73
  if(empty($this->db)){
74
  // Creating database object. Depends on current CMS.
75
- $this->db = CleantalkDB::getInstance();
76
 
77
  // Use default tables if not specified
78
  $this->data_table = defined('CLEANTALK_TBL_FIREWALL_DATA') ? CLEANTALK_TBL_FIREWALL_DATA : $this->db->prefix . 'cleantalk_sfw';
@@ -92,12 +92,12 @@ class CleantalkSFW
92
  */
93
  public function ip__get($ips_input = array('real', 'remote_addr', 'x_forwarded_for', 'x_real_ip', 'cloud_flare'), $v4_only = true){
94
 
95
- $result = CleantalkHelper::ip__get($ips_input, $v4_only);
96
 
97
  $result = !empty($result) ? array('real' => $result) : array();
98
 
99
  if(isset($_GET['sfw_test_ip'])){
100
- if(CleantalkHelper::ip__validate($_GET['sfw_test_ip']) !== false){
101
  $result['sfw_test'] = $_GET['sfw_test_ip'];
102
  $this->test = true;
103
  }
@@ -126,12 +126,12 @@ class CleantalkSFW
126
  $this->blocked_ips[$origin] = array(
127
  'ip' => $current_ip,
128
  'network' => long2ip($this->db->result['network']),
129
- 'mask' => CleantalkHelper::ip__mask__long_to_number($this->db->result['mask']),
130
  );
131
  $this->all_ips[$origin] = array(
132
  'ip' => $current_ip,
133
  'network' => long2ip($this->db->result['network']),
134
- 'mask' => CleantalkHelper::ip__mask__long_to_number($this->db->result['mask']),
135
  'status' => -1,
136
  );
137
  }else{
@@ -200,7 +200,7 @@ class CleantalkSFW
200
  unset($key, $value);
201
 
202
  //Sending the request
203
- $result = CleantalkAPI::method__sfw_logs($ct_key, $data);
204
 
205
  //Checking answer and deleting all lines from the table
206
  if(empty($result['error'])){
@@ -234,7 +234,7 @@ class CleantalkSFW
234
 
235
  sleep(6);
236
 
237
- $result = CleantalkAPI::method__get_2s_blacklists_db($ct_key, 'file');
238
 
239
  if(empty($result['error'])){
240
 
@@ -244,7 +244,7 @@ class CleantalkSFW
244
  $pattenrs[] = 'get';
245
  if(!$immediate) $pattenrs[] = 'async';
246
 
247
- return CleantalkHelper::http__request(
248
  get_option('siteurl'),
249
  array(
250
  'spbc_remote_call_token' => md5($ct_key),
@@ -261,7 +261,7 @@ class CleantalkSFW
261
  return $result;
262
  }else{
263
 
264
- if(CleantalkHelper::http__request($file_url, array(), 'get_code') === 200){ // Check if it's there
265
 
266
  if(ini_get('allow_url_fopen')){
267
 
1
  <?php
2
 
3
+ namespace Cleantalk\Antispam;
4
 
5
  /**
6
  * CleanTalk SpamFireWall base class.
7
  * Compatible with any CMS.
8
  *
9
+ * @depends Cleantalk\Antispam\Helper class
10
+ * @depends Cleantalk\Antispam\API class
11
+ * @depends Cleantalk\Antispam\DB class
12
  *
13
  * @version 3.3
14
  * @author Cleantalk team (welcome@cleantalk.org)
16
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
17
  * @see https://github.com/CleanTalk/php-antispam
18
  */
19
+ class SFW
20
  {
21
  public $ip = 0;
22
 
72
  {
73
  if(empty($this->db)){
74
  // Creating database object. Depends on current CMS.
75
+ $this->db = DB::getInstance();
76
 
77
  // Use default tables if not specified
78
  $this->data_table = defined('CLEANTALK_TBL_FIREWALL_DATA') ? CLEANTALK_TBL_FIREWALL_DATA : $this->db->prefix . 'cleantalk_sfw';
92
  */
93
  public function ip__get($ips_input = array('real', 'remote_addr', 'x_forwarded_for', 'x_real_ip', 'cloud_flare'), $v4_only = true){
94
 
95
+ $result = Helper::ip__get($ips_input, $v4_only);
96
 
97
  $result = !empty($result) ? array('real' => $result) : array();
98
 
99
  if(isset($_GET['sfw_test_ip'])){
100
+ if(Helper::ip__validate($_GET['sfw_test_ip']) !== false){
101
  $result['sfw_test'] = $_GET['sfw_test_ip'];
102
  $this->test = true;
103
  }
126
  $this->blocked_ips[$origin] = array(
127
  'ip' => $current_ip,
128
  'network' => long2ip($this->db->result['network']),
129
+ 'mask' => Helper::ip__mask__long_to_number($this->db->result['mask']),
130
  );
131
  $this->all_ips[$origin] = array(
132
  'ip' => $current_ip,
133
  'network' => long2ip($this->db->result['network']),
134
+ 'mask' => Helper::ip__mask__long_to_number($this->db->result['mask']),
135
  'status' => -1,
136
  );
137
  }else{
200
  unset($key, $value);
201
 
202
  //Sending the request
203
+ $result = API::method__sfw_logs($ct_key, $data);
204
 
205
  //Checking answer and deleting all lines from the table
206
  if(empty($result['error'])){
234
 
235
  sleep(6);
236
 
237
+ $result = API::method__get_2s_blacklists_db($ct_key, 'file');
238
 
239
  if(empty($result['error'])){
240
 
244
  $pattenrs[] = 'get';
245
  if(!$immediate) $pattenrs[] = 'async';
246
 
247
+ return Helper::http__request(
248
  get_option('siteurl'),
249
  array(
250
  'spbc_remote_call_token' => md5($ct_key),
261
  return $result;
262
  }else{
263
 
264
+ if(Helper::http__request($file_url, array(), 'get_code') === 200){ // Check if it's there
265
 
266
  if(ini_get('allow_url_fopen')){
267
 
lib/CleantalkAPI.php CHANGED
@@ -4,7 +4,7 @@
4
  * Class CleantalkAPI.
5
  * Compatible only with Wordpress.
6
  *
7
- * @depends CleantalkBase\CleantalkAPI
8
  *
9
  * @version 1.0
10
  * @author Cleantalk team (welcome@cleantalk.org)
@@ -12,7 +12,7 @@
12
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
13
  * @see https://github.com/CleanTalk/wordpress-antispam
14
  */
15
- class CleantalkAPI extends CleantalkBase\CleantalkAPI
16
  {
17
  /**
18
  * Function sends raw request to API server.
4
  * Class CleantalkAPI.
5
  * Compatible only with Wordpress.
6
  *
7
+ * @depends Cleantalk\Antispam\API
8
  *
9
  * @version 1.0
10
  * @author Cleantalk team (welcome@cleantalk.org)
12
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
13
  * @see https://github.com/CleanTalk/wordpress-antispam
14
  */
15
+ class CleantalkAPI extends Cleantalk\Antispam\API
16
  {
17
  /**
18
  * Function sends raw request to API server.
lib/CleantalkBase/CleantalkAPI.php DELETED
@@ -1,777 +0,0 @@
1
- <?php
2
-
3
- namespace CleantalkBase;
4
-
5
- if(!class_exists('CleantalkBase\CleantalkAPI'))
6
- {
7
- /**
8
- * CleanTalk API class.
9
- * Mostly contains wrappers for API methods. Check and send mehods.
10
- * Compatible with any CMS.
11
- *
12
- * @version 3.2
13
- * @author Cleantalk team (welcome@cleantalk.org)
14
- * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
15
- * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
16
- * @see https://github.com/CleanTalk/php-antispam
17
- */
18
- class CleantalkAPI
19
- {
20
- /* Default params */
21
- const URL = 'https://api.cleantalk.org';
22
- const AGENT = 'ct-api-3.2';
23
-
24
- /**
25
- * Wrapper for 2s_blacklists_db API method.
26
- * Gets data for SpamFireWall.
27
- *
28
- * @param string $api_key
29
- * @param null|string $out Data output type (JSON or file URL)
30
- * @param boolean $do_check
31
- *
32
- * @return mixed|string|array('error' => STRING)
33
- */
34
- static public function method__get_2s_blacklists_db($api_key, $out = null, $do_check = true)
35
- {
36
- $request = array(
37
- 'method_name' => '2s_blacklists_db',
38
- 'auth_key' => $api_key,
39
- 'out' => $out,
40
- );
41
-
42
- $result = static::send_request($request);
43
- $result = $do_check ? static::check_response($result, '2s_blacklists_db') : $result;
44
-
45
- return $result;
46
- }
47
-
48
- /**
49
- * Wrapper for get_api_key API method.
50
- * Gets access key automatically.
51
- *
52
- * @param string $product_name Type of product
53
- * @param string $email Website admin email
54
- * @param string $website Website host
55
- * @param string $platform Website platform
56
- * @param string|null $timezone
57
- * @param string|null $language
58
- * @param string|null $user_ip
59
- * @param bool $wpms
60
- * @param bool $white_label
61
- * @param string $hoster_api_key
62
- * @param bool $do_check
63
- *
64
- * @return array|bool|mixed
65
- */
66
- static public function method__get_api_key($product_name, $email, $website, $platform, $timezone = null, $language = null, $user_ip = null, $wpms = false, $white_label = false, $hoster_api_key = '', $do_check = true)
67
- {
68
- $request = array(
69
- 'method_name' => 'get_api_key',
70
- 'product_name' => $product_name,
71
- 'email' => $email,
72
- 'website' => $website,
73
- 'platform' => $platform,
74
- 'timezone' => $timezone,
75
- 'http_accept_language' => $language,
76
- 'user_ip' => $user_ip,
77
- 'wpms_setup' => $wpms,
78
- 'hoster_whitelabel' => $white_label,
79
- 'hoster_api_key' => $hoster_api_key,
80
- );
81
-
82
- $result = static::send_request($request);
83
- $result = $do_check ? static::check_response($result, 'get_api_key') : $result;
84
-
85
- return $result;
86
- }
87
-
88
- /**
89
- * Wrapper for get_antispam_report API method.
90
- * Gets spam report.
91
- *
92
- * @param string $host website host
93
- * @param integer $period report days
94
- * @param boolean $do_check
95
- *
96
- * @return array|bool|mixed
97
- */
98
- static public function method__get_antispam_report($host, $period = 1, $do_check = true)
99
- {
100
- $request = Array(
101
- 'method_name' => 'get_antispam_report',
102
- 'hostname' => $host,
103
- 'period' => $period
104
- );
105
-
106
- $result = static::send_request($request);
107
- $result = $do_check ? static::check_response($result, 'get_antispam_report') : $result;
108
-
109
- return $result;
110
- }
111
-
112
- /**
113
- * Wrapper for get_antispam_report_breif API method.
114
- * Ggets spam statistics.
115
- *
116
- * @param string $api_key
117
- * @param bool $do_check
118
- *
119
- * @return array|bool|mixed
120
- */
121
- static public function method__get_antispam_report_breif($api_key, $do_check = true)
122
- {
123
- $request = array(
124
- 'method_name' => 'get_antispam_report_breif',
125
- 'auth_key' => $api_key,
126
- );
127
-
128
- $result = static::send_request($request);
129
- $result = $do_check ? static::check_response($result, 'get_antispam_report_breif') : $result;
130
-
131
- return $result;
132
- }
133
-
134
- /**
135
- * Wrapper for notice_paid_till API method.
136
- * Gets information about renew notice.
137
- *
138
- * @param string $api_key API key
139
- * @param string $path_to_cms Website URL
140
- * @param bool $do_check
141
- *
142
- * @return array|bool|mixed
143
- */
144
- static public function method__notice_paid_till($api_key, $path_to_cms, $do_check = true)
145
- {
146
- $request = array(
147
- 'method_name' => 'notice_paid_till',
148
- 'path_to_cms' => $path_to_cms,
149
- 'auth_key' => $api_key
150
- );
151
-
152
- $result = static::send_request($request);
153
- $result = $do_check ? static::check_response($result, 'notice_paid_till') : $result;
154
-
155
- return $result;
156
- }
157
-
158
- /**
159
- * Wrapper for ip_info API method.
160
- * Gets IP country.
161
- *
162
- * @param string $data
163
- * @param bool $do_check
164
- *
165
- * @return array|bool|mixed
166
- */
167
- static public function method__ip_info($data, $do_check = true)
168
- {
169
- $request = array(
170
- 'method_name' => 'ip_info',
171
- 'data' => $data
172
- );
173
-
174
- $result = static::send_request($request);
175
- $result = $do_check ? static::check_response($result, 'ip_info') : $result;
176
- return $result;
177
- }
178
-
179
- /**
180
- * Wrapper for spam_check_cms API method.
181
- * Checks IP|email via CleanTalk's database.
182
- *
183
- * @param string $api_key
184
- * @param array $data
185
- * @param null|string $date
186
- * @param bool $do_check
187
- *
188
- * @return array|bool|mixed
189
- */
190
- static public function method__spam_check_cms($api_key, $data, $date = null, $do_check = true)
191
- {
192
- $request = Array(
193
- 'method_name' => 'spam_check_cms',
194
- 'auth_key' => $api_key,
195
- 'data' => is_array($data) ? implode(',', $data) : $data,
196
- );
197
-
198
- if($date) $request['date'] = $date;
199
-
200
- $result = static::send_request($request, self::URL, 10);
201
- $result = $do_check ? static::check_response($result, 'spam_check_cms') : $result;
202
-
203
- return $result;
204
- }
205
-
206
- /**
207
- * Wrapper for spam_check API method.
208
- * Checks IP|email via CleanTalk's database.
209
- *
210
- * @param string $api_key
211
- * @param array $data
212
- * @param null|string $date
213
- * @param bool $do_check
214
- *
215
- * @return array|bool|mixed
216
- */
217
- static public function method__spam_check($api_key, $data, $date = null, $do_check = true)
218
- {
219
- $request = Array(
220
- 'method_name' => 'spam_check',
221
- 'auth_key' => $api_key,
222
- 'data' => is_array($data) ? implode(',', $data) : $data,
223
- );
224
-
225
- if($date) $request['date'] = $date;
226
-
227
- $result = static::send_request($request, self::URL, 10);
228
- $result = $do_check ? static::check_response($result, 'spam_check') : $result;
229
-
230
- return $result;
231
- }
232
-
233
- /**
234
- * Wrapper for sfw_logs API method.
235
- * Sends SpamFireWall logs to the cloud.
236
- *
237
- * @param string $api_key
238
- * @param array $data
239
- * @param bool $do_check
240
- *
241
- * @return array|bool|mixed
242
- */
243
- static public function method__sfw_logs($api_key, $data, $do_check = true)
244
- {
245
-
246
- $request = array(
247
- 'auth_key' => $api_key,
248
- 'method_name' => 'sfw_logs',
249
- 'data' => json_encode($data),
250
- 'rows' => count($data),
251
- 'timestamp' => time()
252
- );
253
-
254
- $result = static::send_request($request);
255
- $result = $do_check ? static::check_response($result, 'sfw_logs') : $result;
256
-
257
- return $result;
258
- }
259
-
260
- /**
261
- * Wrapper for security_logs API method.
262
- * Sends security logs to the cloud.
263
- *
264
- * @param string $api_key
265
- * @param array $data
266
- * @param bool $do_check
267
- *
268
- * @return array|bool|mixed
269
- */
270
- static public function method__security_logs($api_key, $data, $do_check = true)
271
- {
272
- $request = array(
273
- 'auth_key' => $api_key,
274
- 'method_name' => 'security_logs',
275
- 'timestamp' => current_time('timestamp'),
276
- 'data' => json_encode($data),
277
- 'rows' => count($data),
278
- );
279
-
280
- $result = static::send_request($request);
281
- $result = $do_check ? static::check_response($result, 'security_logs') : $result;
282
-
283
- return $result;
284
- }
285
-
286
- /**
287
- * Wrapper for security_logs API method.
288
- * Sends Securitty Firewall logs to the cloud.
289
- *
290
- * @param string $api_key
291
- * @param array $data
292
- * @param bool $do_check
293
- *
294
- * @return array|bool|mixed
295
- */
296
- static public function method__security_logs__sendFWData($api_key, $data, $do_check = true)
297
- {
298
-
299
- $request = array(
300
- 'auth_key' => $api_key,
301
- 'method_name' => 'security_logs',
302
- 'timestamp' => current_time('timestamp'),
303
- 'data_fw' => json_encode($data),
304
- 'rows_fw' => count($data),
305
- );
306
-
307
- $result = static::send_request($request);
308
- $result = $do_check ? static::check_response($result, 'security_logs') : $result;
309
-
310
- return $result;
311
- }
312
-
313
- /**
314
- * Wrapper for security_logs API method.
315
- * Sends empty data to the cloud to syncronize version.
316
- *
317
- * @param string $api_key
318
- * @param bool $do_check
319
- *
320
- * @return array|bool|mixed
321
- */
322
- static public function method__security_logs__feedback($api_key, $do_check = true)
323
- {
324
- $request = array(
325
- 'auth_key' => $api_key,
326
- 'method_name' => 'security_logs',
327
- 'data' => '0',
328
- );
329
-
330
- $result = static::send_request($request);
331
- $result = $do_check ? static::check_response($result, 'security_logs') : $result;
332
-
333
- return $result;
334
- }
335
-
336
- /**
337
- * Wrapper for security_firewall_data API method.
338
- * Gets Securitty Firewall data to write to the local database.
339
- *
340
- * @param string $api_key
341
- * @param bool $do_check
342
- *
343
- * @return array|bool|mixed
344
- */
345
- static public function method__security_firewall_data($api_key, $do_check = true)
346
- {
347
-
348
- $request = array(
349
- 'auth_key' => $api_key,
350
- 'method_name' => 'security_firewall_data',
351
- );
352
-
353
- $result = static::send_request($request);
354
- $result = $do_check ? static::check_response($result, 'security_firewall_data') : $result;
355
-
356
- return $result;
357
- }
358
-
359
- /**
360
- * Wrapper for security_firewall_data_file API method.
361
- * Gets URI with security firewall data in .csv.gz file to write to the local database.
362
- *
363
- * @param string $api_key
364
- * @param bool $do_check
365
- *
366
- * @return array|bool|mixed
367
- */
368
- static public function method__security_firewall_data_file($api_key, $do_check = true)
369
- {
370
-
371
- $request = array(
372
- 'auth_key' => $api_key,
373
- 'method_name' => 'security_firewall_data_file',
374
- );
375
-
376
- $result = static::send_request($request);
377
- $result = $do_check ? static::check_response($result, 'security_firewall_data_file') : $result;
378
-
379
- return $result;
380
- }
381
-
382
- /**
383
- * Wrapper for security_linksscan_logs API method.
384
- * Send data to the cloud about scanned links.
385
- *
386
- * @param string $api_key
387
- * @param string $scan_time Datetime of scan
388
- * @param bool $scan_result
389
- * @param int $links_total
390
- * @param array $links_list
391
- * @param bool $do_check
392
- *
393
- * @return array|bool|mixed
394
- */
395
- static public function method__security_linksscan_logs($api_key, $scan_time, $scan_result, $links_total, $links_list, $do_check = true)
396
- {
397
- $request = array(
398
- 'auth_key' => $api_key,
399
- 'method_name' => 'security_linksscan_logs',
400
- 'started' => $scan_time,
401
- 'result' => $scan_result,
402
- 'total_links_found' => $links_total,
403
- 'links_list' => $links_list,
404
- );
405
-
406
- $result = static::send_request($request);
407
- $result = $do_check ? static::check_response($result, 'security_linksscan_logs') : $result;
408
-
409
- return $result;
410
- }
411
-
412
- /**
413
- * Wrapper for security_mscan_logs API method.
414
- * Sends result of file scan to the cloud.
415
- *
416
- * @param string $api_key
417
- * @param int $service_id
418
- * @param string $scan_time Datetime of scan
419
- * @param bool $scan_result
420
- * @param int $scanned_total
421
- * @param array $modified List of modified files with details
422
- * @param array $unknown List of modified files with details
423
- * @param bool $do_check
424
- *
425
- * @return array|bool|mixed
426
- */
427
- static public function method__security_mscan_logs($api_key, $service_id, $scan_time, $scan_result, $scanned_total, $modified, $unknown, $do_check = true)
428
- {
429
- $request = array(
430
- 'method_name' => 'security_mscan_logs',
431
- 'auth_key' => $api_key,
432
- 'service_id' => $service_id,
433
- 'started' => $scan_time,
434
- 'result' => $scan_result,
435
- 'total_core_files' => $scanned_total,
436
- );
437
-
438
- if(!empty($modified)){
439
- $request['failed_files'] = json_encode($modified);
440
- $request['failed_files_rows'] = count($modified);
441
- }
442
- if(!empty($unknown)){
443
- $request['unknown_files'] = json_encode($unknown);
444
- $request['unknown_files_rows'] = count($unknown);
445
- }
446
-
447
- $result = static::send_request($request);
448
- $result = $do_check ? static::check_response($result, 'security_mscan_logs') : $result;
449
-
450
- return $result;
451
- }
452
-
453
- /**
454
- * Wrapper for security_mscan_files API method.
455
- * Sends file to the cloud for analysis.
456
- *
457
- * @param string $api_key
458
- * @param string $file_path Path to the file
459
- * @param array $file File itself
460
- * @param string $file_md5 MD5 hash of file
461
- * @param array $weak_spots List of weak spots found in file
462
- * @param bool $do_check
463
- *
464
- * @return array|bool|mixed
465
- */
466
- static public function method__security_mscan_files($api_key, $file_path, $file, $file_md5, $weak_spots, $do_check = true)
467
- {
468
- $request = array(
469
- 'method_name' => 'security_mscan_files',
470
- 'auth_key' => $api_key,
471
- 'path_to_sfile' => $file_path,
472
- 'attached_sfile' => $file,
473
- 'md5sum_sfile' => $file_md5,
474
- 'dangerous_code' => $weak_spots,
475
- );
476
-
477
- $result = static::send_request($request);
478
- $result = $do_check ? static::check_response($result, 'security_mscan_files') : $result;
479
-
480
- return $result;
481
- }
482
-
483
- /**
484
- * Wrapper for get_antispam_report API method.
485
- * Function gets spam domains report.
486
- *
487
- * @param string $api_key
488
- * @param array|string|mixed $data
489
- * @param string $date
490
- * @param bool $do_check
491
- *
492
- * @return array|bool|mixed
493
- */
494
- static public function method__backlinks_check_cms($api_key, $data, $date = null, $do_check = true)
495
- {
496
- $request = array(
497
- 'method_name' => 'backlinks_check_cms',
498
- 'auth_key' => $api_key,
499
- 'data' => is_array($data) ? implode(',', $data) : $data,
500
- );
501
-
502
- if($date) $request['date'] = $date;
503
-
504
- $result = static::send_request($request);
505
- $result = $do_check ? static::check_response($result, 'backlinks_check_cms') : $result;
506
-
507
- return $result;
508
- }
509
-
510
- /**
511
- * Wrapper for get_antispam_report API method.
512
- * Function gets spam domains report
513
- *
514
- * @param string $api_key
515
- * @param array $logs
516
- * @param bool $do_check
517
- *
518
- * @return array|bool|mixed
519
- */
520
- static public function method__security_backend_logs($api_key, $logs, $do_check = true)
521
- {
522
- $request = array(
523
- 'method_name' => 'security_backend_logs',
524
- 'auth_key' => $api_key,
525
- 'logs' => json_encode($logs),
526
- 'total_logs' => count($logs),
527
- );
528
-
529
- $result = static::send_request($request);
530
- $result = $do_check ? static::check_response($result, 'security_backend_logs') : $result;
531
-
532
- return $result;
533
- }
534
-
535
- /**
536
- * Wrapper for get_antispam_report API method.
537
- * Sends data about auto repairs
538
- *
539
- * @param string $api_key
540
- * @param bool $repair_result
541
- * @param string $repair_comment
542
- * @param $repaired_processed_files
543
- * @param $repaired_total_files_proccessed
544
- * @param $backup_id
545
- * @param bool $do_check
546
- *
547
- * @return array|bool|mixed
548
- */
549
- static public function method__security_mscan_repairs($api_key, $repair_result, $repair_comment, $repaired_processed_files, $repaired_total_files_proccessed, $backup_id, $do_check = true)
550
- {
551
- $request = array(
552
- 'method_name' => 'security_mscan_repairs',
553
- 'auth_key' => $api_key,
554
- 'repair_result' => $repair_result,
555
- 'repair_comment' => $repair_comment,
556
- 'repair_processed_files' => json_encode($repaired_processed_files),
557
- 'repair_total_files_processed' => $repaired_total_files_proccessed,
558
- 'backup_id' => $backup_id,
559
- 'mscan_log_id' => 1,
560
- );
561
-
562
- $result = static::send_request($request);
563
- $result = $do_check ? static::check_response($result, 'security_mscan_repairs') : $result;
564
-
565
- return $result;
566
- }
567
-
568
- /**
569
- * Wrapper for get_antispam_report API method.
570
- * Force server to update checksums for specific plugin\theme
571
- *
572
- * @param string $api_key
573
- * @param string $plugins_and_themes_to_refresh
574
- * @param bool $do_check
575
- *
576
- * @return array|bool|mixed
577
- */
578
- static public function method__request_checksums($api_key, $plugins_and_themes_to_refresh, $do_check = true)
579
- {
580
- $request = array(
581
- 'method_name' => 'request_checksums',
582
- 'auth_key' => $api_key,
583
- 'data' => $plugins_and_themes_to_refresh
584
- );
585
-
586
- $result = static::send_request($request);
587
- $result = $do_check ? static::check_response($result, 'request_checksums') : $result;
588
-
589
- return $result;
590
- }
591
-
592
- /**
593
- * Function sends raw request to API server
594
- *
595
- * @param array $data to send
596
- * @param string $url of API server
597
- * @param integer $timeout timeout in seconds
598
- * @param boolean $ssl use ssl on not
599
- *
600
- * @return array|bool
601
- */
602
- static public function send_request($data, $url = self::URL, $timeout = 5, $ssl = false, $ssl_path = '')
603
- {
604
- // Possibility to switch agent vaersion
605
- $data['agent'] = !empty($data['agent'])
606
- ? $data['agent']
607
- : (defined('CLEANTALK_AGENT') ? CLEANTALK_AGENT : self::AGENT);
608
-
609
- // Make URL string
610
- $data_string = http_build_query($data);
611
- $data_string = str_replace("&amp;", "&", $data_string);
612
-
613
- // For debug purposes
614
- if(defined('CLEANTALK_DEBUG') && CLEANTALK_DEBUG){
615
- global $apbct_debug;
616
- $apbct_debug['sent_data'] = $data;
617
- $apbct_debug['request_string'] = $data_string;
618
- }
619
-
620
- // Possibility to switch API url
621
- $url = defined('CLEANTALK_API_URL') ? CLEANTALK_API_URL : $url;
622
-
623
- if(function_exists('curl_init')){
624
-
625
- $ch = curl_init();
626
-
627
- // Set diff options
628
- curl_setopt($ch, CURLOPT_URL, $url);
629
- curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
630
- curl_setopt($ch, CURLOPT_POST, true);
631
- curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
632
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
633
- curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
634
-
635
- $ssl_path = $ssl_path
636
- ? $ssl_path
637
- : (defined('CLEANTALK_CASERT_PATH') ? CLEANTALK_CASERT_PATH : '');
638
-
639
- // Switch on/off SSL
640
- if($ssl && $ssl_path){
641
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
642
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
643
- curl_setopt($ch, CURLOPT_CAINFO, $ssl_path);
644
- }else{
645
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
646
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
647
- }
648
-
649
- // Make a request
650
- $result = curl_exec($ch);
651
- $errors = curl_error($ch);
652
- curl_close($ch);
653
-
654
- // Retry with SSL enabled if failed
655
- if($result === false){
656
- if($ssl === false){
657
- return self::send_request($data, $url, $timeout, true, $ssl_path);
658
- }
659
- }
660
-
661
- }else{
662
- $errors = 'CURL_NOT_INSTALLED';
663
- }
664
-
665
- // Trying to use file_get_contents() to make a API call
666
- if(!empty($errors)){
667
- if(ini_get('allow_url_fopen')){
668
- $opts = array(
669
- 'http' => array(
670
- 'method' => "POST",
671
- 'timeout' => $timeout,
672
- 'content' => $data_string,
673
- ),
674
- );
675
- $context = stream_context_create($opts);
676
- $result = @file_get_contents($url, 0, $context);
677
-
678
- $errors = $result === false
679
- ? $errors . '_FAILED_TO_USE_FILE_GET_CONTENTS'
680
- : false;
681
-
682
- }else{
683
- $errors .= '_AND_ALLOW_URL_FOPEN_IS_DISABLED';
684
- }
685
- }
686
-
687
- return empty($result) || !empty($errors)
688
- ? array('error' => $errors)
689
- : $result;
690
- }
691
-
692
- /**
693
- * Function checks server response
694
- *
695
- * @param string $result
696
- * @param string $method_name
697
- *
698
- * @return mixed (array || array('error' => true))
699
- */
700
- static public function check_response($result, $method_name = null)
701
- {
702
- // Errors handling
703
- // Bad connection
704
- if(is_array($result) && isset($result['error'])){
705
- return array(
706
- 'error' => 'CONNECTION_ERROR: ' . (isset($result['error']) ? ' ' . $result['error'] : ''),
707
- );
708
- }
709
-
710
- // JSON decode errors
711
- $result = json_decode($result, true);
712
- if(empty($result)){
713
- return array(
714
- 'error' => 'JSON_DECODE_ERROR',
715
- );
716
- }
717
-
718
- // Server errors
719
- if($result &&
720
- (isset($result['error_no']) || isset($result['error_message'])) &&
721
- (isset($result['error_no']) && $result['error_no'] != 12)
722
- ){
723
- return array(
724
- 'error' => "SERVER_ERROR NO: {$result['error_no']} MSG: {$result['error_message']}",
725
- 'error_no' => $result['error_no'],
726
- 'error_message' => $result['error_message'],
727
- );
728
- }
729
-
730
- // Pathces for different methods
731
- switch($method_name){
732
-
733
- // notice_paid_till
734
- case 'notice_paid_till':
735
-
736
- $result = isset($result['data']) ? $result['data'] : $result;
737
-
738
- if((isset($result['error_no']) && $result['error_no'] == 12) ||
739
- (
740
- !(isset($result['service_id']) && is_int($result['service_id'])) &&
741
- empty($result['moderate_ip'])
742
- )
743
- )
744
- $result['valid'] = 0;
745
- else
746
- $result['valid'] = 1;
747
-
748
- return $result;
749
-
750
- break;
751
-
752
- // get_antispam_report_breif
753
- case 'get_antispam_report_breif':
754
-
755
- $out = isset($result['data']) && is_array($result['data'])
756
- ? $result['data']
757
- : array('error' => 'NO_DATA');
758
-
759
- for($tmp = array(), $i = 0; $i < 7; $i++){
760
- $tmp[date('Y-m-d', time() - 86400 * 7 + 86400 * $i)] = 0;
761
- }
762
- $out['spam_stat'] = (array)array_merge($tmp, isset($out['spam_stat']) ? $out['spam_stat'] : array());
763
- $out['top5_spam_ip'] = isset($out['top5_spam_ip']) ? $out['top5_spam_ip'] : array();
764
-
765
- return $out;
766
-
767
- break;
768
-
769
- default:
770
- return isset($result['data']) && is_array($result['data'])
771
- ? $result['data']
772
- : array('error' => 'NO_DATA');
773
- break;
774
- }
775
- }
776
- }
777
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
lib/CleantalkBase/CleantalkHelper.php DELETED
@@ -1,671 +0,0 @@
1
- <?php
2
-
3
- namespace CleantalkBase;
4
-
5
- if(!class_exists('CleantalkBase\CleantalkHelper'))
6
- {
7
- /**
8
- * CleanTalk Helper class.
9
- * Compatible with any CMS.
10
- *
11
- * @package PHP Antispam by CleanTalk
12
- * @subpackage Helper
13
- * @Version 3.2
14
- * @author Cleantalk team (welcome@cleantalk.org)
15
- * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
16
- * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
17
- * @see https://github.com/CleanTalk/php-antispam
18
- */
19
- class CleantalkHelper
20
- {
21
- /**
22
- * Default user agent for HTTP requests
23
- */
24
- const AGENT = 'Cleatalk-Helper/3.2';
25
-
26
- /**
27
- * @var array Set of private networks IPv4 and IPv6
28
- */
29
- public static $private_networks = array(
30
- 'v4' => array(
31
- '10.0.0.0/8',
32
- '100.64.0.0/10',
33
- '172.16.0.0/12',
34
- '192.168.0.0/16',
35
- '127.0.0.1/32',
36
- ),
37
- 'v6' => array(
38
- '0:0:0:0:0:0:0:1/128', // localhost
39
- '0:0:0:0:0:0:a:1/128', // ::ffff:127.0.0.1
40
- ),
41
- );
42
-
43
- /**
44
- * @var array Set of CleanTalk servers
45
- */
46
- public static $cleantalks_servers = array(
47
- // MODERATE
48
- 'moderate1.cleantalk.org' => '162.243.144.175',
49
- 'moderate2.cleantalk.org' => '159.203.121.181',
50
- 'moderate3.cleantalk.org' => '88.198.153.60',
51
- 'moderate4.cleantalk.org' => '159.69.51.30',
52
- 'moderate5.cleantalk.org' => '95.216.200.119',
53
- 'moderate6.cleantalk.org' => '138.68.234.8',
54
- // APIX
55
- 'apix1.cleantalk.org' => '35.158.52.161',
56
- 'apix2.cleantalk.org' => '18.206.49.217',
57
- 'apix3.cleantalk.org' => '3.18.23.246',
58
- );
59
-
60
- /**
61
- * Getting arrays of IP (REMOTE_ADDR, X-Forwarded-For, X-Real-Ip, Cf_Connecting_Ip)
62
- *
63
- * @param array $ip_types Type of IP you want to receive
64
- * @param bool $v4_only
65
- *
66
- * @return array|mixed|null
67
- */
68
- static public function ip__get($ip_types = array('real', 'remote_addr', 'x_forwarded_for', 'x_real_ip', 'cloud_flare'), $v4_only = true)
69
- {
70
- $ips = array_flip($ip_types); // Result array with IPs
71
- $headers = apache_request_headers();
72
-
73
- // REMOTE_ADDR
74
- if(isset($ips['remote_addr'])){
75
- $ip_type = self::ip__validate($_SERVER['REMOTE_ADDR']);
76
- if($ip_type){
77
- $ips['remote_addr'] = $ip_type == 'v6' ? self::ip__v6_normalize($_SERVER['REMOTE_ADDR']) : $_SERVER['REMOTE_ADDR'];
78
- }
79
- }
80
-
81
- // X-Forwarded-For
82
- if(isset($ips['x_forwarded_for'])){
83
- if(isset($headers['X-Forwarded-For'])){
84
- $tmp = explode(",", trim($headers['X-Forwarded-For']));
85
- $tmp = trim($tmp[0]);
86
- $ip_type = self::ip__validate($tmp);
87
- if($ip_type){
88
- $ips['x_forwarded_for'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
89
- }
90
- }
91
- }
92
-
93
- // X-Real-Ip
94
- if(isset($ips['x_real_ip'])){
95
- if(isset($headers['X-Real-Ip'])){
96
- $tmp = explode(",", trim($headers['X-Real-Ip']));
97
- $tmp = trim($tmp[0]);
98
- $ip_type = self::ip__validate($tmp);
99
- if($ip_type){
100
- $ips['x_forwarded_for'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
101
- }
102
- }
103
- }
104
-
105
- // Cloud Flare
106
- if(isset($ips['cloud_flare'])){
107
- if(isset($headers['CF-Connecting-IP'], $headers['CF-IPCountry'], $headers['CF-RAY']) || isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
108
- $tmp = isset($headers['CF-Connecting-IP']) ? $headers['CF-Connecting-IP'] : $headers['Cf-Connecting-Ip'];
109
- $tmp = strpos($tmp, ',') !== false ? explode(',', $tmp) : (array)$tmp;
110
- $ip_type = self::ip__validate(trim($tmp[0]));
111
- if($ip_type){
112
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize(trim($tmp[0])) : trim($tmp[0]);
113
- }
114
- }
115
- }
116
-
117
- // Getting real IP from REMOTE_ADDR or Cf_Connecting_Ip if set or from (X-Forwarded-For, X-Real-Ip) if REMOTE_ADDR is local.
118
- if(isset($ips['real'])){
119
-
120
- // Detect IP type
121
- $ip_type = self::ip__validate($_SERVER['REMOTE_ADDR']);
122
- if($ip_type)
123
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($_SERVER['REMOTE_ADDR']) : $_SERVER['REMOTE_ADDR'];
124
-
125
- // Cloud Flare
126
- if(isset($headers['CF-Connecting-IP'], $headers['CF-IPCountry'], $headers['CF-RAY']) || isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
127
- $tmp = isset($headers['CF-Connecting-IP']) ? $headers['CF-Connecting-IP'] : $headers['Cf-Connecting-Ip'];
128
- $tmp = strpos($tmp, ',') !== false ? explode(',', $tmp) : (array)$tmp;
129
- $ip_type = self::ip__validate(trim($tmp[0]));
130
- if($ip_type)
131
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize(trim($tmp[0])) : trim($tmp[0]);
132
-
133
- // Sucury
134
- }elseif(isset($headers['X-Sucuri-Clientip'], $headers['X-Sucuri-Country'])){
135
- $ip_type = self::ip__validate($headers['X-Sucuri-Clientip']);
136
- if($ip_type)
137
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['X-Sucuri-Clientip']) : $headers['X-Sucuri-Clientip'];
138
-
139
- // OVH
140
- }elseif(isset($headers['X-Cdn-Any-Ip'], $headers['Remote-Ip'])){
141
- $ip_type = self::ip__validate($headers['X-Cdn-Any-Ip']);
142
- if($ip_type)
143
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['X-Cdn-Any-Ip']) : $headers['X-Cdn-Any-Ip'];
144
-
145
- // Incapsula proxy
146
- }elseif(isset($headers['Incap-Client-Ip'])){
147
- $ip_type = self::ip__validate($headers['Incap-Client-Ip']);
148
- if($ip_type)
149
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['Incap-Client-Ip']) : $headers['Incap-Client-Ip'];
150
- }
151
-
152
- // Is private network
153
- if($ip_type === false || ($ip_type && (self::ip__is_private_network($ips['real'], $ip_type) || self::ip__mask_match($ips['real'], filter_input(INPUT_SERVER, 'SERVER_ADDR') . '/24', $ip_type)))){
154
-
155
- // X-Forwarded-For
156
- if(isset($headers['X-Forwarded-For'])){
157
- $tmp = explode(',', trim($headers['X-Forwarded-For']));
158
- $tmp = trim($tmp[0]);
159
- $ip_type = self::ip__validate($tmp);
160
- if($ip_type)
161
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
162
-
163
- // X-Real-Ip
164
- }elseif(isset($headers['X-Real-Ip'])){
165
- $tmp = explode(',', trim($headers['X-Real-Ip']));
166
- $tmp = trim($tmp[0]);
167
- $ip_type = self::ip__validate($tmp);
168
- if($ip_type)
169
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($tmp) : $tmp;
170
- }
171
- }
172
- }
173
-
174
- // Validating IPs
175
- $result = array();
176
- foreach($ips as $key => $ip){
177
- $ip_version = self::ip__validate($ip);
178
- if($ip && (($v4_only && $ip_version == 'v4') || !$v4_only)){
179
- $result[$key] = $ip;
180
- }
181
- }
182
-
183
- $result = array_unique($result);
184
- return count($result) > 1
185
- ? $result
186
- : (reset($result) !== false
187
- ? reset($result)
188
- : null);
189
- }
190
-
191
- /**
192
- * Checks if the IP is in private range
193
- *
194
- * @param string $ip
195
- * @param string $ip_type
196
- *
197
- * @return bool
198
- */
199
- static function ip__is_private_network($ip, $ip_type = 'v4')
200
- {
201
- return self::ip__mask_match($ip, self::$private_networks[$ip_type], $ip_type);
202
- }
203
-
204
- /**
205
- * Check if the IP belong to mask. Recursive.
206
- * Octet by octet for IPv4
207
- * Hextet by hextet for IPv6
208
- *
209
- * @param string $ip
210
- * @param string $cidr work to compare with
211
- * @param string $ip_type IPv6 or IPv4
212
- * @param int $xtet_count Recursive counter. Determs current part of address to check.
213
- *
214
- * @return bool
215
- */
216
- static public function ip__mask_match($ip, $cidr, $ip_type = 'v4', $xtet_count = 0)
217
- {
218
- if(is_array($cidr)){
219
- foreach($cidr as $curr_mask){
220
- if(self::ip__mask_match($ip, $curr_mask, $ip_type)){
221
- return true;
222
- }
223
- }
224
- unset($curr_mask);
225
- return false;
226
- }
227
-
228
- $xtet_base = ($ip_type == 'v4') ? 8 : 16;
229
-
230
- // Calculate mask
231
- $exploded = explode('/', $cidr);
232
- $net_ip = $exploded[0];
233
- $mask = $exploded[1];
234
-
235
- // Exit condition
236
- $xtet_end = ceil($mask / $xtet_base);
237
- if($xtet_count == $xtet_end)
238
- return true;
239
-
240
- // Lenght of bits for comparsion
241
- $mask = $mask - $xtet_base * $xtet_count >= $xtet_base ? $xtet_base : $mask - $xtet_base * $xtet_count;
242
-
243
- // Explode by octets/hextets from IP and Net
244
- $net_ip_xtets = explode($ip_type == 'v4' ? '.' : ':', $net_ip);
245
- $ip_xtets = explode($ip_type == 'v4' ? '.' : ':', $ip);
246
-
247
- // Standartizing. Getting current octets/hextets. Adding leading zeros.
248
- $net_xtet = str_pad(decbin($ip_type == 'v4' ? $net_ip_xtets[$xtet_count] : hexdec($net_ip_xtets[$xtet_count])), $xtet_base, 0, STR_PAD_LEFT);
249
- $ip_xtet = str_pad(decbin($ip_type == 'v4' ? $ip_xtets[$xtet_count] : hexdec($ip_xtets[$xtet_count])), $xtet_base, 0, STR_PAD_LEFT);
250
-
251
- // Comparing bit by bit
252
- for($i = 0, $result = true; $mask != 0; $mask--, $i++){
253
- if($ip_xtet[$i] != $net_xtet[$i]){
254
- $result = false;
255
- break;
256
- }
257
- }
258
-
259
- // Recursing. Moving to next octet/hextet.
260
- if($result)
261
- $result = self::ip__mask_match($ip, $cidr, $ip_type, $xtet_count + 1);
262
-
263
- return $result;
264
-
265
- }
266
-
267
- /**
268
- * Converts long mask like 4294967295 to number like 32
269
- *
270
- * @param int $long_mask
271
- *
272
- * @return int
273
- */
274
- static function ip__mask__long_to_number($long_mask)
275
- {
276
- $num_mask = strpos((string)decbin($long_mask), '0');
277
- return $num_mask === false ? 32 : $num_mask;
278
- }
279
-
280
- /**
281
- * Validating IPv4, IPv6
282
- *
283
- * @param string $ip
284
- *
285
- * @return string|bool
286
- */
287
- static public function ip__validate($ip)
288
- {
289
- if(!$ip) return false; // NULL || FALSE || '' || so on...
290
- if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && $ip != '0.0.0.0') return 'v4'; // IPv4
291
- if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && self::ip__v6_reduce($ip) != '0::0') return 'v6'; // IPv6
292
- return false; // Unknown
293
- }
294
-
295
- /**
296
- * Expand IPv6
297
- *
298
- * @param string $ip
299
- *
300
- * @return string IPv6
301
- */
302
- static public function ip__v6_normalize($ip)
303
- {
304
- $ip = trim($ip);
305
- // Searching for ::ffff:xx.xx.xx.xx patterns and turn it to IPv6
306
- if(preg_match('/^::ffff:([0-9]{1,3}\.?){4}$/', $ip)){
307
- $ip = dechex(sprintf("%u", ip2long(substr($ip, 7))));
308
- $ip = '0:0:0:0:0:0:' . (strlen($ip) > 4 ? substr('abcde', 0, -4) : '0') . ':' . substr($ip, -4, 4);
309
- // Normalizing hextets number
310
- }elseif(strpos($ip, '::') !== false){
311
- $ip = str_replace('::', str_repeat(':0', 8 - substr_count($ip, ':')) . ':', $ip);
312
- $ip = strpos($ip, ':') === 0 ? '0' . $ip : $ip;
313
- $ip = strpos(strrev($ip), ':') === 0 ? $ip . '0' : $ip;
314
- }
315
- // Simplifyng hextets
316
- if(preg_match('/:0(?=[a-z0-9]+)/', $ip)){
317
- $ip = preg_replace('/:0(?=[a-z0-9]+)/', ':', strtolower($ip));
318
- $ip = self::ip__v6_normalize($ip);
319
- }
320
- return $ip;
321
- }
322
-
323
- /**
324
- * Reduce IPv6
325
- *
326
- * @param string $ip
327
- *
328
- * @return string IPv6
329
- */
330
- static public function ip__v6_reduce($ip)
331
- {
332
- if(strpos($ip, ':') !== false){
333
- $ip = preg_replace('/:0{1,4}/', ':', $ip);
334
- $ip = preg_replace('/:{2,}/', '::', $ip);
335
- $ip = strpos($ip, '0') === 0 ? substr($ip, 1) : $ip;
336
- }
337
- return $ip;
338
- }
339
-
340
- /**
341
- * Get URL form IP. Check if it's belong to cleantalk.
342
- *
343
- * @param $ip
344
- *
345
- * @return false|int|string
346
- */
347
- static public function ip__resolve__cleantalks($ip)
348
- {
349
- if(self::ip__validate($ip)){
350
- $url = array_search($ip, self::$cleantalks_servers);
351
- return $url
352
- ? $url
353
- : self::ip__resolve($ip);
354
- }else
355
- return $ip;
356
- }
357
-
358
- /**
359
- * Get URL form IP
360
- *
361
- * @param $ip
362
- *
363
- * @return string
364
- */
365
- static public function ip__resolve($ip)
366
- {
367
- if(self::ip__validate($ip)){
368
- $url = gethostbyaddr($ip);
369
- if($url)
370
- return $url;
371
- }
372
- return $ip;
373
- }
374
-
375
- /**
376
- * Resolve DNS to IP
377
- *
378
- * @param $host
379
- * @param bool $out
380
- *
381
- * @return bool
382
- */
383
- static public function dns__resolve($host, $out = false)
384
- {
385
-
386
- // Get DNS records about URL
387
- if(function_exists('dns_get_record')){
388
- $records = dns_get_record($host, DNS_A);
389
- if($records !== false){
390
- $out = $records[0]['ip'];
391
- }
392
- }
393
-
394
- // Another try if first failed
395
- if(!$out && function_exists('gethostbynamel')){
396
- $records = gethostbynamel($host);
397
- if($records !== false){
398
- $out = $records[0];
399
- }
400
- }
401
-
402
- return $out;
403
-
404
- }
405
-
406
- /**
407
- * Function sends raw http request
408
- *
409
- * May use 4 presets(combining possible):
410
- * get_code - getting only HTTP response code
411
- * async - async requests
412
- * get - GET-request
413
- * ssl - use SSL
414
- *
415
- * @param string $url URL
416
- * @param array $data POST|GET indexed array with data to send
417
- * @param string|array $presets String or Array with presets: get_code, async, get, ssl, dont_split_to_array
418
- * @param array $opts Optional option for CURL connection
419
- *
420
- * @return array|bool (array || array('error' => true))
421
- */
422
- static public function http__request($url, $data = array(), $presets = null, $opts = array())
423
- {
424
- if(function_exists('curl_init')){
425
-
426
- $ch = curl_init();
427
-
428
- if(!empty($data)){
429
- // If $data scalar converting it to array
430
- $data = is_string($data) || is_int($data) ? array($data => 1) : $data;
431
- // Build query
432
- $opts[CURLOPT_POSTFIELDS] = $data;
433
- }
434
-
435
- // Merging OBLIGATORY options with GIVEN options
436
- $opts = self::array_merge__save_numeric_keys(
437
- array(
438
- CURLOPT_URL => $url,
439
- CURLOPT_RETURNTRANSFER => true,
440
- CURLOPT_CONNECTTIMEOUT_MS => 3000,
441
- CURLOPT_FORBID_REUSE => true,
442
- CURLOPT_USERAGENT => self::AGENT . '; ' . (!empty($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'UNKNOWN_HOST'),
443
- CURLOPT_POST => true,
444
- CURLOPT_SSL_VERIFYPEER => false,
445
- CURLOPT_SSL_VERIFYHOST => 0,
446
- CURLOPT_HTTPHEADER => array('Expect:'), // Fix for large data and old servers http://php.net/manual/ru/function.curl-setopt.php#82418
447
- CURLOPT_FOLLOWLOCATION => true,
448
- CURLOPT_MAXREDIRS => 5,
449
- ),
450
- $opts
451
- );
452
-
453
- // Use presets
454
- $presets = is_array($presets) ? $presets : explode(' ', $presets);
455
- foreach($presets as $preset){
456
-
457
- switch($preset){
458
-
459
- // Do not follow redirects
460
- case 'dont_follow_redirects':
461
- $opts[CURLOPT_FOLLOWLOCATION] = false;
462
- $opts[CURLOPT_MAXREDIRS] = 0;
463
- break;
464
-
465
- // Get headers only
466
- case 'get_code':
467
- $opts[CURLOPT_HEADER] = true;
468
- $opts[CURLOPT_NOBODY] = true;
469
- break;
470
-
471
- // Make a request, don't wait for an answer
472
- case 'async':
473
- $opts[CURLOPT_CONNECTTIMEOUT_MS] = 1000;
474
- $opts[CURLOPT_TIMEOUT_MS] = 500;
475
- break;
476
-
477
- case 'get':
478
- $opts[CURLOPT_URL] .= $data ? '?' . str_replace("&amp;", "&", http_build_query($data)) : '';
479
- $opts[CURLOPT_POST] = false;
480
- $opts[CURLOPT_POSTFIELDS] = null;
481
- break;
482
-
483
- case 'ssl':
484
- $opts[CURLOPT_SSL_VERIFYPEER] = true;
485
- $opts[CURLOPT_SSL_VERIFYHOST] = 2;
486
- if(defined('CLEANTALK_CASERT_PATH') && CLEANTALK_CASERT_PATH)
487
- $opts[CURLOPT_CAINFO] = CLEANTALK_CASERT_PATH;
488
- break;
489
-
490
- default:
491
-
492
- break;
493
- }
494
-
495
- }
496
- unset($preset);
497
-
498
- curl_setopt_array($ch, $opts);
499
- $result = curl_exec($ch);
500
-
501
- // RETURN if async request
502
- if(in_array('async', $presets))
503
- return true;
504
-
505
- if($result){
506
-
507
- if(strpos($result, PHP_EOL) !== false && !in_array('dont_split_to_array', $presets))
508
- $result = explode(PHP_EOL, $result);
509
-
510
- // Get code crossPHP method
511
- if(in_array('get_code', $presets)){
512
- $curl_info = curl_getinfo($ch);
513
- $result = $curl_info['http_code'];
514
- }
515
- curl_close($ch);
516
- $out = $result;
517
- }else
518
- $out = array('error' => curl_error($ch));
519
- }else
520
- $out = array('error' => 'CURL_NOT_INSTALLED');
521
-
522
- /**
523
- * Getting HTTP-response code without cURL
524
- */
525
- if($presets && ($presets == 'get_code' || (is_array($presets) && in_array('get_code', $presets)))
526
- && isset($out['error']) && $out['error'] == 'CURL_NOT_INSTALLED'
527
- ){
528
- $headers = get_headers($url);
529
- $out = (int)preg_replace('/.*(\d{3}).*/', '$1', $headers[0]);
530
- }
531
-
532
- return $out;
533
- }
534
-
535
- /**
536
- * Merging arrays without reseting numeric keys
537
- *
538
- * @param array $arr1 One-dimentional array
539
- * @param array $arr2 One-dimentional array
540
- *
541
- * @return array Merged array
542
- */
543
- public static function array_merge__save_numeric_keys($arr1, $arr2)
544
- {
545
- foreach($arr2 as $key => $val){
546
- $arr1[$key] = $val;
547
- }
548
- return $arr1;
549
- }
550
-
551
- /**
552
- * Merging arrays without reseting numeric keys recursive
553
- *
554
- * @param array $arr1 One-dimentional array
555
- * @param array $arr2 One-dimentional array
556
- *
557
- * @return array Merged array
558
- */
559
- public static function array_merge__save_numeric_keys__recursive($arr1, $arr2)
560
- {
561
- foreach($arr2 as $key => $val){
562
- // Array | array => array
563
- if(isset($arr1[$key]) && is_array($arr1[$key]) && is_array($val)){
564
- $arr1[$key] = self::array_merge__save_numeric_keys__recursive($arr1[$key], $val);
565
- // Scalar | array => array
566
- }elseif(isset($arr1[$key]) && !is_array($arr1[$key]) && is_array($val)){
567
- $tmp = $arr1[$key] =
568
- $arr1[$key] = $val;
569
- $arr1[$key][] = $tmp;
570
- // array | scalar => array
571
- }elseif(isset($arr1[$key]) && is_array($arr1[$key]) && !is_array($val)){
572
- $arr1[$key][] = $val;
573
- // scalar | scalar => scalar
574
- }else{
575
- $arr1[$key] = $val;
576
- }
577
- }
578
- return $arr1;
579
- }
580
-
581
- /**
582
- * Function removing non UTF8 characters from array|string|object
583
- *
584
- * @param array|object|string $data
585
- *
586
- * @return array|object|string
587
- */
588
- public static function removeNonUTF8($data)
589
- {
590
- // Array || object
591
- if(is_array($data) || is_object($data)){
592
- foreach($data as $key => &$val){
593
- $val = self::removeNonUTF8($val);
594
- }
595
- unset($key, $val);
596
-
597
- //String
598
- }else{
599
- if(!preg_match('//u', $data))
600
- $data = 'Nulled. Not UTF8 encoded or malformed.';
601
- }
602
- return $data;
603
- }
604
-
605
- /**
606
- * Function convert anything to UTF8 and removes non UTF8 characters
607
- *
608
- * @param array|object|string $obj
609
- * @param string $data_codepage
610
- *
611
- * @return mixed(array|object|string)
612
- */
613
- public static function toUTF8($obj, $data_codepage = null)
614
- {
615
- // Array || object
616
- if(is_array($obj) || is_object($obj)){
617
- foreach($obj as $key => &$val){
618
- $val = self::toUTF8($val, $data_codepage);
619
- }
620
- unset($key, $val);
621
-
622
- //String
623
- }else{
624
- if(!preg_match('//u', $obj) && function_exists('mb_detect_encoding') && function_exists('mb_convert_encoding')){
625
- $encoding = mb_detect_encoding($obj);
626
- $encoding = $encoding ? $encoding : $data_codepage;
627
- if($encoding)
628
- $obj = mb_convert_encoding($obj, 'UTF-8', $encoding);
629
- }
630
- }
631
- return $obj;
632
- }
633
-
634
- /**
635
- * Function convert from UTF8
636
- *
637
- * @param array|object|string $obj
638
- * @param string $data_codepage
639
- *
640
- * @return mixed (array|object|string)
641
- */
642
- public static function fromUTF8($obj, $data_codepage = null)
643
- {
644
- // Array || object
645
- if(is_array($obj) || is_object($obj)){
646
- foreach($obj as $key => &$val){
647
- $val = self::fromUTF8($val, $data_codepage);
648
- }
649
- unset($key, $val);
650
-
651
- //String
652
- }else{
653
- if(preg_match('u', $obj) && function_exists('mb_convert_encoding') && $data_codepage !== null)
654
- $obj = mb_convert_encoding($obj, $data_codepage, 'UTF-8');
655
- }
656
- return $obj;
657
- }
658
-
659
- /**
660
- * Checks if the string is JSON type
661
- *
662
- * @param string
663
- *
664
- * @return bool
665
- */
666
- static public function is_json($string)
667
- {
668
- return is_string($string) && is_array(json_decode($string, true)) ? true : false;
669
- }
670
- }
671
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
lib/CleantalkDB.php CHANGED
@@ -5,7 +5,7 @@
5
  * Compatible only with Wordpress.
6
  * Uses singleton pattern.
7
  *
8
- * @depends CleantalkBase\CleantalkDB
9
  *
10
  * @version 3.2
11
  * @author Cleantalk team (welcome@cleantalk.org)
@@ -14,7 +14,7 @@
14
  * @see https://github.com/CleanTalk/wordpress-antispam
15
  */
16
 
17
- class CleantalkDB extends CleantalkBase\CleantalkDB
18
  {
19
 
20
  private static $instance;
5
  * Compatible only with Wordpress.
6
  * Uses singleton pattern.
7
  *
8
+ * @depends Cleantalk\Antispam\DB
9
  *
10
  * @version 3.2
11
  * @author Cleantalk team (welcome@cleantalk.org)
14
  * @see https://github.com/CleanTalk/wordpress-antispam
15
  */
16
 
17
+ class CleantalkDB extends Cleantalk\Antispam\DB
18
  {
19
 
20
  private static $instance;
lib/CleantalkHelper.php CHANGED
@@ -4,7 +4,7 @@
4
  * CleanTalk Cleantalk Antispam Helper class.
5
  * Compatible only with Wordpress.
6
  *
7
- * @depends CleantalkBase\CleantalkHelper
8
  *
9
  * @package Antispam Plugin by CleanTalk
10
  * @subpackage Helper
@@ -15,7 +15,7 @@
15
  * @see https://github.com/CleanTalk/wordpress-antispam
16
  */
17
 
18
- class CleantalkHelper extends CleantalkBase\CleantalkHelper
19
  {
20
  /**
21
  * Function sends raw http request
4
  * CleanTalk Cleantalk Antispam Helper class.
5
  * Compatible only with Wordpress.
6
  *
7
+ * @depends Cleantalk\Antispam\Helper
8
  *
9
  * @package Antispam Plugin by CleanTalk
10
  * @subpackage Helper
15
  * @see https://github.com/CleanTalk/wordpress-antispam
16
  */
17
 
18
+ class CleantalkHelper extends Cleantalk\Antispam\Helper
19
  {
20
  /**
21
  * Function sends raw http request
lib/CleantalkIntegration.php DELETED
@@ -1,55 +0,0 @@
1
- <?php
2
-
3
- class CleantalkIntegration {
4
-
5
- /**
6
- * @var string Integration name
7
- */
8
- public $name;
9
-
10
- /**
11
- * @var string Integration type (form || comment || registration)
12
- */
13
- public $type = 'form';
14
-
15
- /**
16
- * @var boolean Ajax or not
17
- */
18
- public $ajax = false;
19
-
20
- /**
21
- * @var mixed array|null Request param for identify integration. For example: array('action' => 'myform')
22
- */
23
- public $identify = null;
24
-
25
- /**
26
- * @var mixed null|string|array special JSON string for form response
27
- */
28
- public $response;
29
-
30
- /**
31
- * @var array Array with hooks.
32
- * Example:
33
- * array(
34
- * 'spam_check' => array(
35
- * 'hook_function' => 'add_filter|do_action',
36
- * 'hook' => 'myform_test_spam',
37
- * 'function' => 'apbct_test_spam'
38
- * )
39
- * )
40
- */
41
- public $actions = array();
42
-
43
- function __construct($name, $type, $params = array()) {
44
-
45
- $this->name = $name;
46
- $this->type = $type;
47
- $this->ajax = isset($params['ajax']) ? true : false;
48
- $this->identify = isset($params['idetify']) ? $params['idetify'] : null;
49
- $this->response = isset($params['response']) ? $params['response'] : null;
50
- $this->actions = isset($params['actions']) ? $params['actions'] : null;
51
-
52
- }
53
-
54
-
55
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
lib/CleantalkSFW.php CHANGED
@@ -4,7 +4,7 @@
4
  * CleanTalk SpamFireWall Wordpress class
5
  * Compatible only with Wordpress.
6
  *
7
- * @depends CleantalkBase\CleantalkSFW
8
  *
9
  * @version 3.3
10
  * @author Cleantalk team (welcome@cleantalk.org)
@@ -12,7 +12,7 @@
12
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
13
  * @see https://github.com/CleanTalk/wordpress-antispam
14
  */
15
- class CleantalkSFW extends CleantalkBase\CleantalkSFW
16
  {
17
  /**
18
  * CleantalkSFW_Base constructor.
4
  * CleanTalk SpamFireWall Wordpress class
5
  * Compatible only with Wordpress.
6
  *
7
+ * @depends Cleantalk\Antispam\SFW
8
  *
9
  * @version 3.3
10
  * @author Cleantalk team (welcome@cleantalk.org)
12
  * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
13
  * @see https://github.com/CleanTalk/wordpress-antispam
14
  */
15
+ class CleantalkSFW extends Cleantalk\Antispam\SFW
16
  {
17
  /**
18
  * CleantalkSFW_Base constructor.
lib/CleantalkSFW_Base.php CHANGED
@@ -1,17 +1,16 @@
1
- <?php
2
-
3
- /**
4
- * Patch to use CleantalkBase/CleantalkSFW as CleantalkSFW_Base
5
- *
6
- * @since 5.124.2
7
- *
8
- */
9
-
10
- // Base classes
11
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkAPI.php'); // API
12
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkDB.php'); // Database driver
13
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkBase/CleantalkHelper.php'); // Helper
14
- include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkBase/CleantalkSFW.php"); // SpamFireWall
15
-
16
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
17
-
1
+ <?php
2
+
3
+ /**
4
+ * Patch to use CleantalkBase/CleantalkSFW as CleantalkSFW_Base
5
+ *
6
+ * @since 5.124.2
7
+ *
8
+ */
9
+
10
+ // Base classes
11
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/API.php'); // API
12
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/DB.php'); // Database driver
13
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/Helper.php'); // Helper
14
+ include_once(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/Antispam/SFW.php"); // SpamFireWall
15
+
16
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
 
lib/CleantalkState.php CHANGED
@@ -1,505 +1,505 @@
1
- <?php
2
-
3
- /**
4
- * CleanTalk Antispam State class
5
- *
6
- * @package Antiospam Plugin by CleanTalk
7
- * @subpackage State
8
- * @Version 2.0
9
- * @author Cleantalk team (welcome@cleantalk.org)
10
- * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
11
- * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
12
- */
13
-
14
- /**
15
- * @property mixed settings
16
- * @property mixed moderate_ip
17
- * @property mixed|string plugin_version
18
- * @property mixed|string db_prefix
19
- * @property bool|mixed white_label
20
- * @property string settings_link
21
- * @property mixed data
22
- * @property int key_is_ok
23
- * @property string logo__small__colored
24
- * @property string logo__small
25
- * @property string logo
26
- * @property string plugin_name
27
- * @property string base_name
28
- * @property array|mixed errors
29
- * @property ArrayObject network_data
30
- */
31
- class CleantalkState
32
- {
33
- public $user = null;
34
- public $option_prefix = 'cleantalk';
35
- public $storage = array();
36
- public $integrations = array();
37
- public $def_settings = array(
38
-
39
- 'spam_firewall' => 1,
40
- 'apikey' => '',
41
- 'custom_key' => 0,
42
- 'autoPubRevelantMess' => 0,
43
-
44
- /* Forms for protection */
45
- 'registrations_test' => 1,
46
- 'comments_test' => 1,
47
- 'contact_forms_test' => 1,
48
- 'general_contact_forms_test' => 1, // Antispam test for unsupported and untested contact forms
49
- 'wc_checkout_test' => 0, // WooCommerce checkout default test => OFF
50
- 'wc_register_from_order' => 1, // Woocommerce registration during checkout => ON
51
- 'search_test' => 1, // Test deafult Wordpress form
52
- 'check_external' => 0,
53
- 'check_external__capture_buffer' => 0,
54
- 'check_internal' => 0,
55
-
56
- /* Comments and messages */
57
- 'bp_private_messages' => 1, //buddyPress private messages test => ON
58
- 'check_comments_number' => 1,
59
- 'remove_old_spam' => 0,
60
- 'remove_comments_links' => 0, //Removes links from approved comments
61
- 'show_check_links' => 1, //Shows check link to Cleantalk's DB. And allowing to control comments form public page.
62
-
63
- // Data processing
64
- 'protect_logged_in' => 1, // Do anit-spam tests to for logged in users.
65
- 'use_ajax' => 1,
66
- 'use_static_js_key' => 0,
67
- 'general_postdata_test' => 0, //CAPD
68
- 'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.
69
- 'set_cookies__sessions'=> 0, // Use alt sessions for cookies.
70
- 'ssl_on' => 0, // Secure connection to servers
71
- 'use_buitin_http_api' => 0, // Using Wordpress HTTP built in API
72
-
73
- // Administrator Panel
74
- 'show_adminbar' => 1, // Show the admin bar.
75
- 'all_time_counter' => 0,
76
- 'daily_counter' => 0,
77
- 'sfw_counter' => 0,
78
-
79
- //Others
80
- 'spam_store_days' => '15', // Days before delete comments from folder Spam
81
- 'relevance_test' => 0, // Test comment for relevance
82
- 'notice_api_errors' => 0, // Send API error notices to WP admin
83
- 'user_token' => '', //user token for auto login into spam statistics
84
- 'collect_details' => 0, // Collect details about browser of the visitor.
85
- 'send_connection_reports' => 0, //Send connection reports to Cleantalk servers
86
- 'async_js' => 0,
87
- 'debug_ajax' => 0,
88
-
89
- // GDPR
90
- 'gdpr_enabled' => 0,
91
- 'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',
92
-
93
- // Msic
94
- 'store_urls' => 1,
95
- 'store_urls__sessions' => 1,
96
- 'comment_notify' => 1,
97
- 'comment_notify__roles' => array('administrator'),
98
- 'complete_deactivation' => 0,
99
- );
100
-
101
- public $def_data = array(
102
-
103
- // Plugin data
104
- 'plugin_version' => APBCT_VERSION,
105
- 'js_keys' => array(), // Keys to do JavaScript antispam test
106
- 'js_keys_store_days' => 14, // JavaScript keys store days - 8 days now
107
- 'js_key_lifetime' => 86400, // JavaScript key life time in seconds - 1 day now
108
- 'last_remote_call' => 0, //Timestam of last remote call
109
-
110
- // Account data
111
- 'service_id' => 0,
112
- 'moderate' => 0,
113
- 'moderate_ip' => 0,
114
- 'ip_license' => 0,
115
- 'spam_count' => 0,
116
- 'auto_update' => 0,
117
- 'user_token' => '',
118
- 'license_trial' => 0,
119
-
120
- // Notices
121
- 'notice_show' => 0,
122
- 'notice_trial' => 0,
123
- 'notice_renew' => 0,
124
- 'notice_review' => 0,
125
- 'notice_auto_update' => 0,
126
-
127
- // Brief data
128
- 'brief_data' => array(
129
- 'spam_stat' => array(),
130
- 'top5_spam_ip' => array(),
131
- ),
132
-
133
- 'array_accepted' => array(),
134
- 'array_blocked' => array(),
135
- 'current_hour' => '',
136
- 'sfw_counter' => array(
137
- 'all' => 0,
138
- 'blocked' => 0,
139
- ),
140
- 'all_time_counter' => array(
141
- 'accepted' => 0,
142
- 'blocked' => 0,
143
- ),
144
- 'user_counter' => array(
145
- 'accepted' => 0,
146
- 'blocked' => 0,
147
- // 'since' => date('d M'),
148
- ),
149
- 'connection_reports' => array(
150
- 'success' => 0,
151
- 'negative' => 0,
152
- 'negative_report' => array(),
153
- // 'since' => date('d M'),
154
- ),
155
-
156
- // A-B tests
157
- 'ab_test' => array(
158
- 'sfw_enabled' => false,
159
- ),
160
-
161
- // White label
162
- 'white_label_data' => array(
163
- 'is_key_recieved' => false,
164
- ),
165
-
166
- // Misc
167
- 'feedback_request' => '',
168
- 'key_is_ok' => 0,
169
- 'salt' => '',
170
- );
171
-
172
- public $def_network_data = array(
173
- 'allow_custom_key' => 0,
174
- 'key_is_ok' => 0,
175
- 'apikey' => '',
176
- 'user_token' => '',
177
- 'service_id' => 0,
178
- );
179
-
180
- public $def_remote_calls = array(
181
- 'close_renew_banner' => array(
182
- 'last_call' => 0,
183
- ),
184
- 'sfw_update' => array(
185
- 'last_call' => 0,
186
- ),
187
- 'sfw_send_logs' => array(
188
- 'last_call' => 0,
189
- ),
190
- 'update_plugin' => array(
191
- 'last_call' => 0,
192
- ),
193
- 'install_plugin' => array(
194
- 'last_call' => 0,
195
- ),
196
- 'activate_plugin' => array(
197
- 'last_call' => 0,
198
- ),
199
- 'insert_auth_key' => array(
200
- 'last_call' => 0,
201
- ),
202
- 'deactivate_plugin' => array(
203
- 'last_call' => 0,
204
- ),
205
- 'uninstall_plugin' => array(
206
- 'last_call' => 0,
207
- ),
208
- 'update_settings' => array(
209
- 'last_call' => 0,
210
- ),
211
- );
212
-
213
- public $def_stats = array(
214
- 'sfw' => array(
215
- 'last_send_time' => 0,
216
- 'last_send_amount' => 0,
217
- 'last_update_time' => 0,
218
- 'entries' => 0,
219
- ),
220
- 'last_sfw_block' => array(
221
- 'time' => 0,
222
- 'ip' => '',
223
- ),
224
- 'last_request' => array(
225
- 'time' => 0,
226
- 'server' => '',
227
- ),
228
- 'requests' => array(
229
- '0' => array(
230
- 'amount' => 1,
231
- 'average_time' => 0,
232
- ),
233
- )
234
- );
235
-
236
- /**
237
- * CleantalkState constructor.
238
- *
239
- * @param string $option_prefix Database settings prefix
240
- * @param array $options Array of strings. Types of settings you want to get.
241
- * @param bool $wpms Is multisite?
242
- */
243
- public function __construct($option_prefix, $options = array('settings'), $wpms = false)
244
- {
245
- $this->option_prefix = $option_prefix;
246
-
247
- if($wpms){
248
- $option = get_site_option($this->option_prefix.'_network_data');
249
- $option = is_array($option) ? $option : $this->def_network_data;
250
- $this->network_data = new ArrayObject($option);
251
- }
252
-
253
- foreach($options as $option_name){
254
-
255
- $option = get_option($this->option_prefix.'_'.$option_name);
256
-
257
- // Setting default options
258
- if($this->option_prefix.'_'.$option_name === 'cleantalk_settings'){
259
- $option = is_array($option) ? array_merge($this->def_settings, $option) : $this->def_settings;
260
- }
261
-
262
- // Setting default data
263
- if($this->option_prefix.'_'.$option_name === 'cleantalk_data'){
264
- $option = is_array($option) ? array_merge($this->def_data, $option) : $this->def_data;
265
- // Generate salt
266
- $option['salt'] = empty($option['salt'])
267
- ? str_pad(rand(0, getrandmax()), 6, '0').str_pad(rand(0, getrandmax()), 6, '0')
268
- : $option['salt'];
269
- }
270
-
271
- // Setting default errors
272
- if($this->option_prefix.'_'.$option_name === 'cleantalk_errors'){
273
- $option = $option ? $option : array();
274
- }
275
-
276
- // Default remote calls
277
- if($this->option_prefix.'_'.$option_name === 'cleantalk_remote_calls'){
278
- $option = is_array($option) ? array_merge($this->def_remote_calls, $option) : $this->def_remote_calls;
279
- }
280
-
281
- // Default statistics
282
- if($this->option_prefix.'_'.$option_name === 'cleantalk_stats'){
283
- $option = is_array($option) ? array_merge($this->def_stats, $option) : $this->def_stats;
284
- }
285
-
286
- $this->$option_name = is_array($option) ? new ArrayObject($option) : $option;
287
- }
288
- }
289
-
290
- /**
291
- * Get specified option from database
292
- *
293
- * @param string $option_name
294
- */
295
- private function getOption($option_name)
296
- {
297
- $option = get_option('cleantalk_'.$option_name, null);
298
- $this->$option_name = gettype($option) === 'array'
299
- ? new ArrayObject($option)
300
- : $option;
301
- }
302
-
303
- /**
304
- * Save option to database
305
- *
306
- * @param string $option_name
307
- * @param bool $use_perfix
308
- * @param bool $autoload Use autoload flag?
309
- */
310
- public function save($option_name, $use_perfix = true, $autoload = true)
311
- {
312
- $option_name_to_save = $use_perfix ? $this->option_prefix.'_'.$option_name : $option_name;
313
- $arr = array();
314
- foreach($this->$option_name as $key => $value){
315
- $arr[$key] = $value;
316
- }
317
- update_option($option_name_to_save, $arr, $autoload);
318
- }
319
-
320
- /**
321
- * Save PREFIX_setting to DB.
322
- */
323
- public function saveSettings()
324
- {
325
- update_option($this->option_prefix.'_settings', (array)$this->settings);
326
- }
327
-
328
- /**
329
- * Save PREFIX_data to DB.
330
- */
331
- public function saveData()
332
- {
333
- update_option($this->option_prefix.'_data', (array)$this->data);
334
- }
335
-
336
- /**
337
- * Save PREFIX_error to DB.
338
- */
339
- public function saveErrors()
340
- {
341
- update_option($this->option_prefix.'_errors', (array)$this->errors);
342
- }
343
-
344
- /**
345
- * Save PREFIX_network_data to DB.
346
- */
347
- public function saveNetworkData()
348
- {
349
- update_site_option($this->option_prefix.'_network_data', $this->network_data);
350
- }
351
-
352
- /**
353
- * Unset and delete option from DB.
354
- *
355
- * @param string $option_name
356
- * @param bool $use_prefix
357
- */
358
- public function deleteOption($option_name, $use_prefix = false)
359
- {
360
- if($this->__isset($option_name)){
361
- $this->__unset($option_name);
362
- delete_option( ($use_prefix ? $this->option_prefix.'_' : '') . $option_name);
363
- }
364
- }
365
-
366
- /**
367
- * Prepares an adds an error to the plugin's data
368
- *
369
- * @param string $type Error type/subtype
370
- * @param string|array $error Error
371
- * @param string $major_type Error major type
372
- * @param bool $set_time Do we need to set time of this error
373
- *
374
- * @returns null
375
- */
376
- public function error_add($type, $error, $major_type = null, $set_time = true)
377
- {
378
- $error = is_array($error)
379
- ? $error['error']
380
- : $error;
381
-
382
- // Exceptions
383
- if( ($type == 'send_logs' && $error == 'NO_LOGS_TO_SEND') ||
384
- ($type == 'send_firewall_logs' && $error == 'NO_LOGS_TO_SEND') ||
385
- $error == 'LOG_FILE_NOT_EXISTS'
386
- )
387
- return;
388
-
389
- $error = array(
390
- 'error' => $error,
391
- 'error_time' => $set_time ? current_time('timestamp') : null,
392
- );
393
-
394
- if(!empty($major_type)){
395
- $this->errors[$major_type][$type] = $error;
396
- }else{
397
- $this->errors[$type] = $error;
398
- }
399
-
400
- $this->saveErrors();
401
- }
402
-
403
- /**
404
- * Deletes an error from the plugin's data
405
- *
406
- * @param array|string $type Error type to delete
407
- * @param bool $save_flag Do we need to save data after error was deleted
408
- * @param string $major_type Error major type to delete
409
- *
410
- * @returns null
411
- */
412
- public function error_delete($type, $save_flag = false, $major_type = null)
413
- {
414
- /** @noinspection DuplicatedCode */
415
- if(is_string($type))
416
- $type = explode(' ', $type);
417
-
418
- foreach($type as $val){
419
- if($major_type){
420
- if(isset($this->errors[$major_type][$val]))
421
- unset($this->errors[$major_type][$val]);
422
- }else{
423
- if(isset($this->errors[$val]))
424
- unset($this->errors[$val]);
425
- }
426
- }
427
-
428
- // Save if flag is set and there are changes
429
- if($save_flag)
430
- $this->saveErrors();
431
- }
432
-
433
- /**
434
- * Deletes all errors from the plugin's data
435
- *
436
- * @param bool $save_flag Do we need to save data after all errors was deleted
437
- *
438
- * @returns null
439
- */
440
- public function error_delete_all($save_flag = false)
441
- {
442
- $this->errors = array();
443
- if($save_flag)
444
- $this->saveErrors();
445
- }
446
-
447
- /**
448
- * Magic.
449
- * Add new variables to storage[NEW_VARIABLE]
450
- * And duplicates it in storage['data'][NEW_VARIABLE]
451
- *
452
- * @param string $name
453
- * @param mixed $value
454
- */
455
- public function __set($name, $value)
456
- {
457
- $this->storage[$name] = $value;
458
- if(isset($this->storage['data']) && array_key_exists($name, $this->storage['data'])){
459
- $this->storage['data'][$name] = $value;
460
- }
461
- }
462
-
463
- /**
464
- * Magic.
465
- * Search and get param from: storage, data, api_key, database
466
- *
467
- * @param $name
468
- *
469
- * @return mixed
470
- */
471
- public function __get($name)
472
- {
473
- // First check in storage
474
- if (array_key_exists($name, $this->storage)){
475
- return $this->storage[$name];
476
-
477
- // Then in data
478
- }elseif(array_key_exists($name, $this->storage['data'])){
479
- $this->$name = $this->storage['data'][$name];
480
- return $this->storage['data'][$name];
481
-
482
- // Maybe it's apikey?
483
- }elseif($name == 'api_key'){
484
- $this->$name = $this->storage['settings']['apikey'];
485
- return $this->storage['settings']['apikey'];
486
-
487
- // Otherwise try to get it from db settings table
488
- // it will be arrayObject || scalar || null
489
- }else{
490
- $this->getOption($name);
491
- return $this->storage[$name];
492
- }
493
-
494
- }
495
-
496
- public function __isset($name)
497
- {
498
- return isset($this->storage[$name]);
499
- }
500
-
501
- public function __unset($name)
502
- {
503
- unset($this->storage[$name]);
504
- }
505
- }
1
+ <?php
2
+
3
+ /**
4
+ * CleanTalk Antispam State class
5
+ *
6
+ * @package Antiospam Plugin by CleanTalk
7
+ * @subpackage State
8
+ * @Version 2.0
9
+ * @author Cleantalk team (welcome@cleantalk.org)
10
+ * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
11
+ * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
12
+ */
13
+
14
+ /**
15
+ * @property mixed settings
16
+ * @property mixed moderate_ip
17
+ * @property mixed|string plugin_version
18
+ * @property mixed|string db_prefix
19
+ * @property bool|mixed white_label
20
+ * @property string settings_link
21
+ * @property mixed data
22
+ * @property int key_is_ok
23
+ * @property string logo__small__colored
24
+ * @property string logo__small
25
+ * @property string logo
26
+ * @property string plugin_name
27
+ * @property string base_name
28
+ * @property array|mixed errors
29
+ * @property ArrayObject network_data
30
+ */
31
+ class CleantalkState
32
+ {
33
+ public $user = null;
34
+ public $option_prefix = 'cleantalk';
35
+ public $storage = array();
36
+ public $integrations = array();
37
+ public $def_settings = array(
38
+
39
+ 'spam_firewall' => 1,
40
+ 'apikey' => '',
41
+ 'custom_key' => 0,
42
+ 'autoPubRevelantMess' => 0,
43
+
44
+ /* Forms for protection */
45
+ 'registrations_test' => 1,
46
+ 'comments_test' => 1,
47
+ 'contact_forms_test' => 1,
48
+ 'general_contact_forms_test' => 1, // Antispam test for unsupported and untested contact forms
49
+ 'wc_checkout_test' => 0, // WooCommerce checkout default test => OFF
50
+ 'wc_register_from_order' => 1, // Woocommerce registration during checkout => ON
51
+ 'search_test' => 1, // Test deafult Wordpress form
52
+ 'check_external' => 0,
53
+ 'check_external__capture_buffer' => 0,
54
+ 'check_internal' => 0,
55
+
56
+ /* Comments and messages */
57
+ 'bp_private_messages' => 1, //buddyPress private messages test => ON
58
+ 'check_comments_number' => 1,
59
+ 'remove_old_spam' => 0,
60
+ 'remove_comments_links' => 0, //Removes links from approved comments
61
+ 'show_check_links' => 1, //Shows check link to Cleantalk's DB. And allowing to control comments form public page.
62
+
63
+ // Data processing
64
+ 'protect_logged_in' => 1, // Do anit-spam tests to for logged in users.
65
+ 'use_ajax' => 1,
66
+ 'use_static_js_key' => 0,
67
+ 'general_postdata_test' => 0, //CAPD
68
+ 'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.
69
+ 'set_cookies__sessions'=> 0, // Use alt sessions for cookies.
70
+ 'ssl_on' => 0, // Secure connection to servers
71
+ 'use_buitin_http_api' => 0, // Using Wordpress HTTP built in API
72
+
73
+ // Administrator Panel
74
+ 'show_adminbar' => 1, // Show the admin bar.
75
+ 'all_time_counter' => 0,
76
+ 'daily_counter' => 0,
77
+ 'sfw_counter' => 0,
78
+
79
+ //Others
80
+ 'spam_store_days' => 15, // Days before delete comments from folder Spam
81
+ 'relevance_test' => 0, // Test comment for relevance
82
+ 'notice_api_errors' => 0, // Send API error notices to WP admin
83
+ 'user_token' => '', //user token for auto login into spam statistics
84
+ 'collect_details' => 0, // Collect details about browser of the visitor.
85
+ 'send_connection_reports' => 0, //Send connection reports to Cleantalk servers
86
+ 'async_js' => 0,
87
+ 'debug_ajax' => 0,
88
+
89
+ // GDPR
90
+ 'gdpr_enabled' => 0,
91
+ 'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',
92
+
93
+ // Msic
94
+ 'store_urls' => 1,
95
+ 'store_urls__sessions' => 1,
96
+ 'comment_notify' => 1,
97
+ 'comment_notify__roles' => array('administrator'),
98
+ 'complete_deactivation' => 0,
99
+ );
100
+
101
+ public $def_data = array(
102
+
103
+ // Plugin data
104
+ 'plugin_version' => APBCT_VERSION,
105
+ 'js_keys' => array(), // Keys to do JavaScript antispam test
106
+ 'js_keys_store_days' => 14, // JavaScript keys store days - 8 days now
107
+ 'js_key_lifetime' => 86400, // JavaScript key life time in seconds - 1 day now
108
+ 'last_remote_call' => 0, //Timestam of last remote call
109
+
110
+ // Account data
111
+ 'service_id' => 0,
112
+ 'moderate' => 0,
113
+ 'moderate_ip' => 0,
114
+ 'ip_license' => 0,
115
+ 'spam_count' => 0,
116
+ 'auto_update' => 0,
117
+ 'user_token' => '',
118
+ 'license_trial' => 0,
119
+
120
+ // Notices
121
+ 'notice_show' => 0,
122
+ 'notice_trial' => 0,
123
+ 'notice_renew' => 0,
124
+ 'notice_review' => 0,
125
+ 'notice_auto_update' => 0,
126
+
127
+ // Brief data
128
+ 'brief_data' => array(
129
+ 'spam_stat' => array(),
130
+ 'top5_spam_ip' => array(),
131
+ ),
132
+
133
+ 'array_accepted' => array(),
134
+ 'array_blocked' => array(),
135
+ 'current_hour' => '',
136
+ 'sfw_counter' => array(
137
+ 'all' => 0,
138
+ 'blocked' => 0,
139
+ ),
140
+ 'all_time_counter' => array(
141
+ 'accepted' => 0,
142
+ 'blocked' => 0,
143
+ ),
144
+ 'user_counter' => array(
145
+ 'accepted' => 0,
146
+ 'blocked' => 0,
147
+ // 'since' => date('d M'),
148
+ ),
149
+ 'connection_reports' => array(
150
+ 'success' => 0,
151
+ 'negative' => 0,
152
+ 'negative_report' => array(),
153
+ // 'since' => date('d M'),
154
+ ),
155
+
156
+ // A-B tests
157
+ 'ab_test' => array(
158
+ 'sfw_enabled' => false,
159
+ ),
160
+
161
+ // White label
162
+ 'white_label_data' => array(
163
+ 'is_key_recieved' => false,
164
+ ),
165
+
166
+ // Misc
167
+ 'feedback_request' => '',
168
+ 'key_is_ok' => 0,
169
+ 'salt' => '',
170
+ );
171
+
172
+ public $def_network_data = array(
173
+ 'allow_custom_key' => 0,
174
+ 'key_is_ok' => 0,
175
+ 'apikey' => '',
176
+ 'user_token' => '',
177
+ 'service_id' => 0,
178
+ );
179
+
180
+ public $def_remote_calls = array(
181
+ 'close_renew_banner' => array(
182
+ 'last_call' => 0,
183
+ ),
184
+ 'sfw_update' => array(
185
+ 'last_call' => 0,
186
+ ),
187
+ 'sfw_send_logs' => array(
188
+ 'last_call' => 0,
189
+ ),
190
+ 'update_plugin' => array(
191
+ 'last_call' => 0,
192
+ ),
193
+ 'install_plugin' => array(
194
+ 'last_call' => 0,
195
+ ),
196
+ 'activate_plugin' => array(
197
+ 'last_call' => 0,
198
+ ),
199
+ 'insert_auth_key' => array(
200
+ 'last_call' => 0,
201
+ ),
202
+ 'deactivate_plugin' => array(
203
+ 'last_call' => 0,
204
+ ),
205
+ 'uninstall_plugin' => array(
206
+ 'last_call' => 0,
207
+ ),
208
+ 'update_settings' => array(
209
+ 'last_call' => 0,
210
+ ),
211
+ );
212
+
213
+ public $def_stats = array(
214
+ 'sfw' => array(
215
+ 'last_send_time' => 0,
216
+ 'last_send_amount' => 0,
217
+ 'last_update_time' => 0,
218
+ 'entries' => 0,
219
+ ),
220
+ 'last_sfw_block' => array(
221
+ 'time' => 0,
222
+ 'ip' => '',
223
+ ),
224
+ 'last_request' => array(
225
+ 'time' => 0,
226
+ 'server' => '',
227
+ ),
228
+ 'requests' => array(
229
+ '0' => array(
230
+ 'amount' => 1,
231
+ 'average_time' => 0,
232
+ ),
233
+ )
234
+ );
235
+
236
+ /**
237
+ * CleantalkState constructor.
238
+ *
239
+ * @param string $option_prefix Database settings prefix
240
+ * @param array $options Array of strings. Types of settings you want to get.
241
+ * @param bool $wpms Is multisite?
242
+ */
243
+ public function __construct($option_prefix, $options = array('settings'), $wpms = false)
244
+ {
245
+ $this->option_prefix = $option_prefix;
246
+
247
+ if($wpms){
248
+ $option = get_site_option($this->option_prefix.'_network_data');
249
+ $option = is_array($option) ? $option : $this->def_network_data;
250
+ $this->network_data = new ArrayObject($option);
251
+ }
252
+
253
+ foreach($options as $option_name){
254
+
255
+ $option = get_option($this->option_prefix.'_'.$option_name);
256
+
257
+ // Setting default options
258
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_settings'){
259
+ $option = is_array($option) ? array_merge($this->def_settings, $option) : $this->def_settings;
260
+ }
261
+
262
+ // Setting default data
263
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_data'){
264
+ $option = is_array($option) ? array_merge($this->def_data, $option) : $this->def_data;
265
+ // Generate salt
266
+ $option['salt'] = empty($option['salt'])
267
+ ? str_pad(rand(0, getrandmax()), 6, '0').str_pad(rand(0, getrandmax()), 6, '0')
268
+ : $option['salt'];
269
+ }
270
+
271
+ // Setting default errors
272
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_errors'){
273
+ $option = $option ? $option : array();
274
+ }
275
+
276
+ // Default remote calls
277
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_remote_calls'){
278
+ $option = is_array($option) ? array_merge($this->def_remote_calls, $option) : $this->def_remote_calls;
279
+ }
280
+
281
+ // Default statistics
282
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_stats'){
283
+ $option = is_array($option) ? array_merge($this->def_stats, $option) : $this->def_stats;
284
+ }
285
+
286
+ $this->$option_name = is_array($option) ? new ArrayObject($option) : $option;
287
+ }
288
+ }
289
+
290
+ /**
291
+ * Get specified option from database
292
+ *
293
+ * @param string $option_name
294
+ */
295
+ private function getOption($option_name)
296
+ {
297
+ $option = get_option('cleantalk_'.$option_name, null);
298
+ $this->$option_name = gettype($option) === 'array'
299
+ ? new ArrayObject($option)
300
+ : $option;
301
+ }
302
+
303
+ /**
304
+ * Save option to database
305
+ *
306
+ * @param string $option_name
307
+ * @param bool $use_perfix
308
+ * @param bool $autoload Use autoload flag?
309
+ */
310
+ public function save($option_name, $use_perfix = true, $autoload = true)
311
+ {
312
+ $option_name_to_save = $use_perfix ? $this->option_prefix.'_'.$option_name : $option_name;
313
+ $arr = array();
314
+ foreach($this->$option_name as $key => $value){
315
+ $arr[$key] = $value;
316
+ }
317
+ update_option($option_name_to_save, $arr, $autoload);
318
+ }
319
+
320
+ /**
321
+ * Save PREFIX_setting to DB.
322
+ */
323
+ public function saveSettings()
324
+ {
325
+ update_option($this->option_prefix.'_settings', (array)$this->settings);
326
+ }
327
+
328
+ /**
329
+ * Save PREFIX_data to DB.
330
+ */
331
+ public function saveData()
332
+ {
333
+ update_option($this->option_prefix.'_data', (array)$this->data);
334
+ }
335
+
336
+ /**
337
+ * Save PREFIX_error to DB.
338
+ */
339
+ public function saveErrors()
340
+ {
341
+ update_option($this->option_prefix.'_errors', (array)$this->errors);
342
+ }
343
+
344
+ /**
345
+ * Save PREFIX_network_data to DB.
346
+ */
347
+ public function saveNetworkData()
348
+ {
349
+ update_site_option($this->option_prefix.'_network_data', $this->network_data);
350
+ }
351
+
352
+ /**
353
+ * Unset and delete option from DB.
354
+ *
355
+ * @param string $option_name
356
+ * @param bool $use_prefix
357
+ */
358
+ public function deleteOption($option_name, $use_prefix = false)
359
+ {
360
+ if($this->__isset($option_name)){
361
+ $this->__unset($option_name);
362
+ delete_option( ($use_prefix ? $this->option_prefix.'_' : '') . $option_name);
363
+ }
364
+ }
365
+
366
+ /**
367
+ * Prepares an adds an error to the plugin's data
368
+ *
369
+ * @param string $type Error type/subtype
370
+ * @param string|array $error Error
371
+ * @param string $major_type Error major type
372
+ * @param bool $set_time Do we need to set time of this error
373
+ *
374
+ * @returns null
375
+ */
376
+ public function error_add($type, $error, $major_type = null, $set_time = true)
377
+ {
378
+ $error = is_array($error)
379
+ ? $error['error']
380
+ : $error;
381
+
382
+ // Exceptions
383
+ if( ($type == 'send_logs' && $error == 'NO_LOGS_TO_SEND') ||
384
+ ($type == 'send_firewall_logs' && $error == 'NO_LOGS_TO_SEND') ||
385
+ $error == 'LOG_FILE_NOT_EXISTS'
386
+ )
387
+ return;
388
+
389
+ $error = array(
390
+ 'error' => $error,
391
+ 'error_time' => $set_time ? current_time('timestamp') : null,
392
+ );
393
+
394
+ if(!empty($major_type)){
395
+ $this->errors[$major_type][$type] = $error;
396
+ }else{
397
+ $this->errors[$type] = $error;
398
+ }
399
+
400
+ $this->saveErrors();
401
+ }
402
+
403
+ /**
404
+ * Deletes an error from the plugin's data
405
+ *
406
+ * @param array|string $type Error type to delete
407
+ * @param bool $save_flag Do we need to save data after error was deleted
408
+ * @param string $major_type Error major type to delete
409
+ *
410
+ * @returns null
411
+ */
412
+ public function error_delete($type, $save_flag = false, $major_type = null)
413
+ {
414
+ /** @noinspection DuplicatedCode */
415
+ if(is_string($type))
416
+ $type = explode(' ', $type);
417
+
418
+ foreach($type as $val){
419
+ if($major_type){
420
+ if(isset($this->errors[$major_type][$val]))
421
+ unset($this->errors[$major_type][$val]);
422
+ }else{
423
+ if(isset($this->errors[$val]))
424
+ unset($this->errors[$val]);
425
+ }
426
+ }
427
+
428
+ // Save if flag is set and there are changes
429
+ if($save_flag)
430
+ $this->saveErrors();
431
+ }
432
+
433
+ /**
434
+ * Deletes all errors from the plugin's data
435
+ *
436
+ * @param bool $save_flag Do we need to save data after all errors was deleted
437
+ *
438
+ * @returns null
439
+ */
440
+ public function error_delete_all($save_flag = false)
441
+ {
442
+ $this->errors = array();
443
+ if($save_flag)
444
+ $this->saveErrors();
445
+ }
446
+
447
+ /**
448
+ * Magic.
449
+ * Add new variables to storage[NEW_VARIABLE]
450
+ * And duplicates it in storage['data'][NEW_VARIABLE]
451
+ *
452
+ * @param string $name
453
+ * @param mixed $value
454
+ */
455
+ public function __set($name, $value)
456
+ {
457
+ $this->storage[$name] = $value;
458
+ if(isset($this->storage['data']) && array_key_exists($name, $this->storage['data'])){
459
+ $this->storage['data'][$name] = $value;
460
+ }
461
+ }
462
+
463
+ /**
464
+ * Magic.
465
+ * Search and get param from: storage, data, api_key, database
466
+ *
467
+ * @param $name
468
+ *
469
+ * @return mixed
470
+ */
471
+ public function __get($name)
472
+ {
473
+ // First check in storage
474
+ if (array_key_exists($name, $this->storage)){
475
+ return $this->storage[$name];
476
+
477
+ // Then in data
478
+ }elseif(array_key_exists($name, $this->storage['data'])){
479
+ $this->$name = $this->storage['data'][$name];
480
+ return $this->storage['data'][$name];
481
+
482
+ // Maybe it's apikey?
483
+ }elseif($name == 'api_key'){
484
+ $this->$name = $this->storage['settings']['apikey'];
485
+ return $this->storage['settings']['apikey'];
486
+
487
+ // Otherwise try to get it from db settings table
488
+ // it will be arrayObject || scalar || null
489
+ }else{
490
+ $this->getOption($name);
491
+ return $this->storage[$name];
492
+ }
493
+
494
+ }
495
+
496
+ public function __isset($name)
497
+ {
498
+ return isset($this->storage[$name]);
499
+ }
500
+
501
+ public function __unset($name)
502
+ {
503
+ unset($this->storage[$name]);
504
+ }
505
+ }
readme.txt CHANGED
@@ -3,14 +3,14 @@ Contributors: safronik
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.3
6
- Stable tag: 5.125
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
10
 
11
  == Description ==
12
 
13
- **Supports: Contact Form 7, Contact Form by WPForms, Ninja Forms, Gravity Forms, MailChimp, Formidable forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress, Fast Secure Contact form, S2Member, MailPoet, wpDiscuz, any WordPress registrations & contact forms and themes. Just setup and forget the spam!**
14
 
15
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.
16
 
@@ -56,7 +56,7 @@ Native spam protection for WordPress, JetPack comments and any other comment plu
56
  Filters spam bots on registration forms of WordPress, BuddyPress, bbPress, S2Member, WooCommerce, Profile builder, Login with AJAX and any other registration plugins.
57
 
58
  = Protection from contact form spam =
59
- The plugin is tested and ready to protect from spam emails via Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form, Ninja forms, Landing pages, Gravity forms, Contact Form by BestWebSoft, Simple Contact Form Plugin - PirateForms, Visual Form Builder, Form, Contact Form by WebDorado, Contact Form Email, MW WP Form, Contact Form by Jeff Bulllins, Easy Contact, Contact Us Form, Grunion Contact Form, WCP Contact Form, Easy WordPress Contact Form Plugin, WPForms Lite, Custom Contact, Forms, Amo Forms, Caldera Forms, Visual Form Builder, Contact Form Clean and Simple, Divi by Elegant Themes, The7 theme and any other themes or custom contact forms, amoForms, Custom Contact Form, Ultimate Form Builder, Contact Bank - Contact Forms Builder, Forms easily built with Smart Forms, Quick Contact Form, Usernoise contact form, cformsII - contact form, Contact Form by Web-Settler, HubSpot Marketing Free, QuForm.
60
 
61
  = WooCommerce spam filter =
62
  Anti-spam by CleanTalk filters spam registrations and spam reviews for WooCommerce. The plugin is fully compatible with WooCommerce 2.1 and higher.
@@ -575,6 +575,16 @@ If your website has forms that send data to external sources, you can enable opt
575
  10. Website's options.
576
 
577
  == Changelog ==
 
 
 
 
 
 
 
 
 
 
578
  = 5.125 August 26 2019 =
579
  * Fix: PHP Notices.
580
  * Fix: Auto update.
@@ -1977,6 +1987,16 @@ If your website has forms that send data to external sources, you can enable opt
1977
  * First version
1978
 
1979
  == Upgrade Notice ==
 
 
 
 
 
 
 
 
 
 
1980
  = 5.125 August 26 2019 =
1981
  * Fix: PHP Notices.
1982
  * Fix: Auto update.
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.3
6
+ Stable tag: 5.126
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
10
 
11
  == Description ==
12
 
13
+ **Supports: Contact Form 7, Contact Form by WPForms, Ninja Forms, Gravity Forms, MailChimp, Formidable forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress, S2Member, MailPoet, wpDiscuz, any WordPress registrations & contact forms and themes. Just setup and forget the spam!**
14
 
15
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.
16
 
56
  Filters spam bots on registration forms of WordPress, BuddyPress, bbPress, S2Member, WooCommerce, Profile builder, Login with AJAX and any other registration plugins.
57
 
58
  = Protection from contact form spam =
59
+ The plugin is tested and ready to protect from spam emails via Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form, Ninja forms, Landing Page Builder, Gravity forms, Contact Form by BestWebSoft, Simple Contact Form Plugin - PirateForms, Visual Form Builder, Contact Form by WebDorado, Contact Form Email, MW WP Form, Contact Form by Jeff Bulllins, Contact Us Form, WCP Contact Form, WPForms Lite, Custom Contact, Forms, Caldera Forms, Visual Form Builder, Contact Form Clean and Simple, Divi by Elegant Themes, The7 theme and any other themes or custom contact forms, amoForms, Ultimate Form Builder, Contact Bank - Contact Forms Builder, Forms easily built with Smart Forms, Usernoise contact form, Contact Form by Web-Settler, HubSpot Marketing Free, QuForm.
60
 
61
  = WooCommerce spam filter =
62
  Anti-spam by CleanTalk filters spam registrations and spam reviews for WooCommerce. The plugin is fully compatible with WooCommerce 2.1 and higher.
575
  10. Website's options.
576
 
577
  == Changelog ==
578
+ = 5.126 September 9 2019 =
579
+ * Spam protection improved!
580
+ * Integration: Option wheel.
581
+ * Mod: Improved Email detection.
582
+ * Mod: Improved IP detection.
583
+ * Fix: Too large database table with alternative sessions.
584
+ * Fix: Exception for WooCommerce AJAX.
585
+ * Fix: API key validation.
586
+ * Minor fixes.
587
+
588
  = 5.125 August 26 2019 =
589
  * Fix: PHP Notices.
590
  * Fix: Auto update.
1987
  * First version
1988
 
1989
  == Upgrade Notice ==
1990
+ = 5.126 September 9 2019 =
1991
+ * Spam protection improved!
1992
+ * Integration: Option wheel.
1993
+ * Mod: Improved Email detection.
1994
+ * Mod: Improved IP detection.
1995
+ * Fix: Too large database table with alternative sessions.
1996
+ * Fix: Exception for WooCommerce AJAX.
1997
+ * Fix: API key validation.
1998
+ * Minor fixes.
1999
+
2000
  = 5.125 August 26 2019 =
2001
  * Fix: PHP Notices.
2002
  * Fix: Auto update.