Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.129.1

Version Description

November 5 2019 = * Fix: WooCommerce order detecting.

Download this release

Release Info

Developer Safronik
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.129.1
Comparing to
See all releases

Code changes from version 5.129 to 5.129.1

Files changed (4) hide show
  1. cleantalk.php +1881 -1859
  2. inc/cleantalk-pluggable.php +2 -1
  3. inc/cleantalk-public.php +14 -13
  4. readme.txt +37 -1
cleantalk.php CHANGED
@@ -1,1860 +1,1882 @@
1
- <?php
2
- /*
3
- Plugin Name: Anti-Spam by CleanTalk
4
- Plugin URI: http://cleantalk.org
5
- Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.129
7
- Author: СleanTalk <welcome@cleantalk.org>
8
- Author URI: http://cleantalk.org
9
- Text Domain: cleantalk
10
- Domain Path: /i18n
11
- */
12
-
13
- $cleantalk_executed = false;
14
-
15
- // Getting version form main file (look above)
16
- $plugin_info = get_file_data(__FILE__, array('Version' => 'Version', 'Name' => 'Plugin Name',));
17
-
18
- // Common params
19
- define('APBCT_NAME', $plugin_info['Name']);
20
- define('APBCT_VERSION', $plugin_info['Version']);
21
- define('APBCT_URL_PATH', plugins_url('', __FILE__)); //HTTP path. Plugin root folder without '/'.
22
- define('APBCT_DIR_PATH', dirname(__FILE__ ) . '/'); //System path. Plugin root folder with '/'.
23
- define('APBCT_PLUGIN_BASE_NAME', plugin_basename(__FILE__)); //Plugin base name.
24
- define('APBCT_CASERT_PATH', file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt') ? ABSPATH . WPINC . '/certificates/ca-bundle.crt' : ''); // SSL Serttificate path
25
-
26
- // API params
27
- define('APBCT_AGENT', 'wordpress-'.str_replace('.', '', $plugin_info['Version']));
28
- define('APBCT_MODERATE_URL', 'http://moderate.cleantalk.org'); //Api URL
29
-
30
- // Option names
31
- define('APBCT_DATA', 'cleantalk_data'); //Option name with different plugin data.
32
- define('APBCT_SETTINGS', 'cleantalk_settings'); //Option name with plugin settings.
33
- define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
34
- define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
35
-
36
- // Multisite
37
- define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
38
-
39
- // Sessions
40
- define('APBCT_SEESION__LIVE_TIME', 86400*2);
41
- define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
42
-
43
- // Different params
44
- define('APBCT_REMOTE_CALL_SLEEP', 5); // Minimum time between remote call
45
-
46
- if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
47
-
48
- define('CLEANTALK_PLUGIN_DIR', dirname(__FILE__ ) . '/');
49
-
50
- // PHP functions patches
51
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/cleantalk-php-patch.php'); // Pathces fpr different functions which not exists
52
-
53
- // Base classes
54
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/API.php'); // API
55
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/DB.php'); // Database driver
56
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/Helper.php'); // Helper
57
- include_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/SFW.php'); // SpamFireWall
58
- include_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Arr.php'); // Array functions
59
-
60
- // Child classes
61
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkAPI.php'); // API for Wordpress
62
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
63
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkHelper.php'); // Helper for Worpdress
64
- include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php"); // SpamFireWall for Wordpress
65
-
66
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk.php'); // Main class for request
67
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkRequest.php'); // Holds request data
68
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkResponse.php'); // Holds response data
69
-
70
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkCron.php'); // Cron handling
71
- require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkState.php'); // State class
72
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-pluggable.php'); // Pluggable functions
73
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
74
-
75
- // Global ArrayObject with settings and other global varables
76
- global $apbct;
77
- $apbct = new CleantalkState('cleantalk', array('settings', 'data', 'debug', 'errors', 'remote_calls', 'stats'));
78
-
79
- $apbct->base_name = 'cleantalk-spam-protect/cleantalk.php';
80
-
81
- $apbct->logo = plugin_dir_url(__FILE__) . 'inc/images/logo.png';
82
- $apbct->logo__small = plugin_dir_url(__FILE__) . 'inc/images/logo_small.png';
83
- $apbct->logo__small__colored = plugin_dir_url(__FILE__) . 'inc/images/logo_color.png';
84
-
85
- // Customize CleantalkState
86
- // Account status
87
-
88
- $apbct->white_label = $apbct->network_settings['white_label'];
89
- $apbct->allow_custom_key = $apbct->network_settings['allow_custom_key'];
90
- $apbct->plugin_name = $apbct->network_settings['white_label__plugin_name'] ? $apbct->network_settings['white_label__plugin_name'] : APBCT_NAME;
91
- $apbct->api_key = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->settings['apikey'] : $apbct->network_settings['apikey'];
92
- $apbct->key_is_ok = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->data['key_is_ok'] : $apbct->network_data['key_is_ok'];
93
- $apbct->moderate = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->data['moderate'] : $apbct->network_data['moderate'];
94
-
95
- $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
96
- $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
97
-
98
- $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
99
-
100
- if(!$apbct->white_label){
101
- require_once( CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
102
- }
103
-
104
- // Passing JS key to frontend
105
- add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
106
- add_action('wp_ajax_nopriv_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
107
-
108
- // Database prefix
109
- global $wpdb;
110
- $apbct->db_prefix = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $wpdb->prefix : $wpdb->base_prefix;
111
- $apbct->db_prefix = !$apbct->white_label && defined('CLEANTALK_ACCESS_KEY') ? $wpdb->base_prefix : $wpdb->prefix;
112
- // Database constants
113
- define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
114
- define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
115
- define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
116
- define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
117
- define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
118
-
119
- /** @todo HARDCODE FIX */
120
- if($apbct->plugin_version === '1.0.0')
121
- $apbct->plugin_version = '5.100';
122
-
123
- // Do update actions if version is changed
124
- apbct_update_actions();
125
-
126
- // Self cron
127
- if(!defined('DOING_CRON') || (defined('DOING_CRON') && DOING_CRON !== true)){
128
-
129
- $ct_cron = new CleantalkCron();
130
- $ct_cron->checkTasks();
131
-
132
- if(!empty($ct_cron->tasks_to_run)){
133
-
134
- define('CT_CRON', true); // Letting know functions that they are running under CT_CRON
135
- $ct_cron->runTasks();
136
- unset($ct_cron);
137
-
138
- }
139
- }
140
-
141
- //Delete cookie for admin trial notice
142
- add_action('wp_logout', 'apbct__hook__wp_logout__delete_trial_notice_cookie');
143
-
144
- // Set cookie only for public pages and for non-AJAX requests
145
- if (!is_admin() && !apbct_is_ajax() && !defined('DOING_CRON')
146
- && empty($_POST['ct_checkjs_register_form']) // Buddy press registration fix
147
- && empty($_GET['ct_checkjs_search_default']) // Search form fix
148
- && empty($_POST['action']) //bbPress
149
- ){
150
- add_action('template_redirect','apbct_cookie', 2);
151
- add_action('template_redirect','apbct_store__urls', 2);
152
- if (empty($_POST) && empty($_GET)){
153
- apbct_cookie();
154
- apbct_store__urls();
155
- }
156
- }
157
-
158
- // Early checks
159
- // Facebook
160
- if ($apbct->settings['general_contact_forms_test'] == 1
161
- && (!empty($_POST['action']) && $_POST['action'] == 'fb_intialize')
162
- && !empty($_POST['FB_userdata'])
163
- ){
164
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
165
- if (apbct_is_user_enable()){
166
- $ct_check_post_result=false;
167
- ct_registration_errors(null);
168
- }
169
-
170
- }
171
-
172
- // Ninja Forms. Making GET action to POST action
173
- if(stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'admin-ajax.php') !== false && sizeof($_POST) > 0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
174
- $_POST['action']='ninja_forms_ajax_submit';
175
-
176
- add_action( 'wp_ajax_nopriv_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
177
- add_action( 'wp_ajax_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
178
- add_action( 'wp_ajax_nopriv_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
179
- add_action( 'wp_ajax_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
180
- add_action( 'ninja_forms_process', 'apbct_form__ninjaForms__testSpam', 1); // Depricated ?
181
-
182
- // SeedProd Coming Soon Page Pro integration
183
- add_action( 'wp_ajax_seed_cspv5_subscribe_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
184
- add_action( 'wp_ajax_nopriv_seed_cspv5_subscribe_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
185
- add_action( 'wp_ajax_seed_cspv5_contactform_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
186
- add_action( 'wp_ajax_nopriv_seed_cspv5_contactform_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
187
-
188
- // The 7 theme contact form integration
189
- add_action( 'wp_ajax_nopriv_dt_send_mail', 'apbct_form__the7_contact_form', 1 );
190
- add_action( 'wp_ajax_dt_send_mail', 'apbct_form__the7_contact_form', 1 );
191
-
192
- // Public actions
193
- if(!is_admin() && !apbct_is_ajax()){
194
-
195
- // Default search
196
- //add_filter( 'get_search_form', 'apbct_forms__search__addField' );
197
- add_filter( 'get_search_query', 'apbct_forms__search__testSpam' );
198
-
199
- // Remote calls
200
- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && in_array($_GET['plugin_name'], array('antispam','anti-spam', 'apbct'))){
201
- apbct_remote_call__perform();
202
- }
203
-
204
- // SpamFireWall check
205
- if( $apbct->plugin_version == APBCT_VERSION && // Do not call with first start
206
- $apbct->settings['spam_firewall'] == 1 &&
207
- filter_input(INPUT_SERVER, 'REQUEST_METHOD') == 'GET'
208
- ){
209
- apbct_sfw__check();
210
- }
211
-
212
- }
213
-
214
-
215
- // Activation/deactivation functions must be in main plugin file.
216
- // http://codex.wordpress.org/Function_Reference/register_activation_hook
217
- register_activation_hook( __FILE__, 'apbct_activation' );
218
- register_deactivation_hook( __FILE__, 'apbct_deactivation' );
219
-
220
- // Hook for newly added blog
221
- add_action('wpmu_new_blog', 'apbct_activation__new_blog', 10, 6);
222
-
223
- // Async loading for JavaScript
224
- add_filter('script_loader_tag', 'apbct_add_async_attribute', 10, 3);
225
-
226
- // Redirect admin to plugin settings.
227
- if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
228
- add_action('admin_init', 'apbct_plugin_redirect');
229
-
230
- // Deleting SFW tables when deleting websites
231
- if(defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE === true)
232
- add_action( 'delete_blog', 'apbct_sfw__delete_tables', 10, 2 );
233
-
234
- // After plugin loaded - to load locale as described in manual
235
- add_action('plugins_loaded', 'apbct_plugin_loaded' );
236
-
237
- if( !empty($apbct->settings['use_ajax']) &&
238
- stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'.xml')===false &&
239
- stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'.xsl')===false)
240
- {
241
- add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
242
- add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
243
- }
244
-
245
- // Admin panel actions
246
- if (is_admin() || is_network_admin()){
247
-
248
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
249
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
250
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
251
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-settings.php');
252
-
253
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
254
-
255
- add_action('admin_enqueue_scripts', 'apbct_admin__enqueue_scripts');
256
-
257
- add_action('admin_init', 'apbct_admin__init', 1);
258
- add_action('admin_menu', 'apbct_settings_add_page');
259
- add_action('network_admin_menu', 'apbct_settings_add_page');
260
- add_action('admin_notices', 'apbct_admin__notice_message');
261
- add_action('network_admin_notices', 'apbct_admin__notice_message');
262
-
263
- //Show widget only if not IP license
264
- if(!$apbct->moderate_ip)
265
- add_action('wp_dashboard_setup', 'ct_dashboard_statistics_widget' );
266
- }
267
-
268
- if(apbct_is_ajax() || isset($_POST['cma-action'])){
269
-
270
- $cleantalk_hooked_actions = array();
271
- $cleantalk_ajax_actions_to_check = array();
272
-
273
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
274
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
275
-
276
- // Feedback for comments
277
- if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_comment'){
278
- add_action( 'wp_ajax_nopriv_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
279
- add_action( 'wp_ajax_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
280
- }
281
- if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_user'){
282
- add_action( 'wp_ajax_nopriv_ct_feedback_user', 'apbct_user__send_feedback',1 );
283
- add_action( 'wp_ajax_ct_feedback_user', 'apbct_user__send_feedback',1 );
284
- }
285
-
286
- // Check AJAX requests
287
- // if User is not logged in
288
- // if Unknown action or Known action with mandatory check
289
- if( (!apbct_is_user_logged_in() || $apbct->settings['protect_logged_in'] == 1) &&
290
- isset($_POST['action']) && (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
291
- ){
292
- ct_ajax_hook();
293
- }
294
-
295
- //QAEngine Theme answers
296
- if (intval($apbct->settings['general_contact_forms_test']))
297
- add_filter('et_pre_insert_question', 'ct_ajax_hook', 1, 1); // Questions
298
- add_filter('et_pre_insert_answer', 'ct_ajax_hook', 1, 1); // Answers
299
-
300
- // Formidable
301
- add_filter( 'frm_entries_before_create', 'apbct_rorm__formidable__testSpam', 10, 2 );
302
- add_action( 'frm_entries_footer_scripts', 'apbct_rorm__formidable__footerScripts', 20, 2 );
303
-
304
- // Some of plugins to register a users use AJAX context.
305
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
306
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
307
- add_action('user_register', 'apbct_user_register');
308
-
309
- if(class_exists('BuddyPress')){
310
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
311
- add_filter('bp_activity_is_spam_before_save', 'apbct_integration__buddyPres__activityWall', 999 ,2); /* ActivityWall */
312
- add_action('bp_locate_template', 'apbct_integration__buddyPres__getTemplateName', 10, 6);
313
- }
314
-
315
- }
316
-
317
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
318
- //Bitrix24 contact form
319
- if ($apbct->settings['general_contact_forms_test'] == 1 &&
320
- !empty($_POST['your-phone']) &&
321
- !empty($_POST['your-email']) &&
322
- !empty($_POST['your-message'])
323
- ){
324
- $ct_check_post_result=false;
325
- ct_contact_form_validate();
326
- }
327
-
328
- // Sends feedback to the cloud about comments
329
- // add_action('wp_set_comment_status', 'ct_comment_send_feedback', 10, 2);
330
-
331
- // Sends feedback to the cloud about deleted users
332
- global $pagenow;
333
- if($pagenow=='users.php')
334
- add_action('delete_user', 'apbct_user__delete__hook', 10, 2);
335
-
336
- if($pagenow=='plugins.php' || (strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'plugins.php') !== false)){
337
-
338
- add_filter('plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
339
- add_filter('network_admin_plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
340
-
341
- add_filter('plugin_row_meta', 'apbct_admin__register_plugin_links', 10, 2);
342
- }
343
-
344
- // Public pages actions
345
- }else{
346
-
347
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
348
-
349
- add_action('wp_enqueue_scripts', 'ct_enqueue_scripts_public');
350
-
351
- // Init action.
352
- add_action('plugins_loaded', 'apbct_init', 1);
353
-
354
- // Comments
355
- add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
356
- add_filter('comment_text', 'ct_comment_text' );
357
- add_filter('wp_die_handler', 'apbct_comment__sanitize_data__before_wp_die', 1); // Check comments after validation
358
-
359
- // Registrations
360
- if(!isset($_POST['wp-submit'])){
361
- add_action('login_form_register', 'apbct_cookie');
362
- add_action('login_form_register', 'apbct_store__urls');
363
- }
364
- add_action('login_enqueue_scripts', 'apbct_login__scripts');
365
- add_action('register_form', 'ct_register_form');
366
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
367
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
368
- add_action('user_register', 'apbct_user_register');
369
-
370
- // Multisite registrations
371
- add_action('signup_extra_fields','ct_register_form');
372
- add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
373
-
374
- // Login form - for notifications only
375
- add_filter('login_message', 'ct_login_message');
376
-
377
- // Comments output hook
378
- add_filter('wp_list_comments_args', 'ct_wp_list_comments_args');
379
-
380
- // Ait-Themes fix
381
- if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
382
- $tmp=$_POST['redirect_to'];
383
- unset($_POST['redirect_to']);
384
- ct_contact_form_validate();
385
- $_POST['redirect_to']=$tmp;
386
- }
387
- }
388
-
389
- // Short code for GDPR
390
- if($apbct->settings['gdpr_enabled'])
391
- add_shortcode('cleantalk_gdpr_form', 'apbct_shrotcode_handler__GDPR_public_notice__form');
392
-
393
- }
394
-
395
- /**
396
- * Function preforms remote call
397
- */
398
- function apbct_remote_call__perform()
399
- {
400
- global $apbct;
401
-
402
- $remote_action = $_GET['spbc_remote_call_action'];
403
-
404
- if(array_key_exists($remote_action, $apbct->remote_calls)){
405
-
406
- if(time() - $apbct->remote_calls[$remote_action]['last_call'] > APBCT_REMOTE_CALL_SLEEP){
407
-
408
- $apbct->remote_calls[$remote_action]['last_call'] = time();
409
- $apbct->save('remote_calls');
410
-
411
- if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
412
-
413
- // Flag to let plugin know that Remote Call is running.
414
- $apbct->rc_running = true;
415
-
416
- switch ($_GET['spbc_remote_call_action']) {
417
-
418
- // Close renew banner
419
- case 'close_renew_banner':
420
- $apbct->data['notice_trial'] = 0;
421
- $apbct->data['notice_renew'] = 0;
422
- $apbct->saveData();
423
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
424
- die('OK');
425
- break;
426
-
427
- // SFW update
428
- case 'sfw_update':
429
- $result = ct_sfw_update(true);
430
- /**
431
- * @todo CRUNCH
432
- */
433
- if(is_string($result) && strpos($result, 'FAIL') !== false){
434
- $result = json_decode(substr($result, 5), true);
435
- }
436
- die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
437
- break;
438
-
439
- // SFW send logs
440
- case 'sfw_send_logs':
441
- $result = ct_sfw_send_logs();
442
- die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
443
- break;
444
-
445
- // Update plugin
446
- case 'update_plugin':
447
- add_action('wp', 'apbct_rc__update', 1);
448
- break;
449
-
450
- // Install plugin
451
- case 'install_plugin':
452
- add_action('wp', 'apbct_rc__install_plugin', 1);
453
- break;
454
- // Activate plugin
455
- case 'activate_plugin':
456
- $result = apbct_rc__activate_plugin($_GET['plugin']);
457
- die(empty($result['error'])
458
- ? 'OK'
459
- : 'FAIL '.json_encode(array('error' => $result['error'])));
460
- break;
461
-
462
- // Insert API key
463
- case 'insert_auth_key':
464
- $result = apbct_rc__insert_auth_key($_GET['auth_key'], $_GET['plugin']);
465
- die(empty($result['error'])
466
- ? 'OK'
467
- : 'FAIL '.json_encode(array('error' => $result['error'])));
468
- break;
469
-
470
- // Update settins
471
- case 'update_settings':
472
- $result = apbct_rc__update_settings($_GET);
473
- die(empty($result['error'])
474
- ? 'OK'
475
- : 'FAIL '.json_encode(array('error' => $result['error'])));
476
- break;
477
- // Deactivate plugin
478
- case 'deactivate_plugin':
479
- add_action('plugins_loaded', 'apbct_rc__deactivate_plugin', 1);
480
- break;
481
-
482
- // Uninstall plugin
483
- case 'uninstall_plugin':
484
- add_action('plugins_loaded', 'apbct_rc__uninstall_plugin', 1);
485
- break;
486
- // No action found
487
- default:
488
- die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION_2')));
489
- break;
490
- }
491
-
492
- }else
493
- die('FAIL '.json_encode(array('error' => 'WRONG_TOKEN')));
494
- }else
495
- die('FAIL '.json_encode(array('error' => 'TOO_MANY_ATTEMPTS')));
496
- }else
497
- die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION')));
498
- }
499
-
500
- /**
501
- * Function for SpamFireWall check
502
- */
503
- function apbct_sfw__check()
504
- {
505
- global $apbct, $spbc, $cleantalk_url_exclusions;
506
-
507
- // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
508
- if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
509
- $core_page_to_skip_check = array('/feed');
510
- foreach (array_merge($cleantalk_url_exclusions, $core_page_to_skip_check) as $v) {
511
- if (stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'), $v) !== false) {
512
- return;
513
- }
514
- }
515
- }
516
-
517
- // Turn off the SpamFireWall if Remote Call is in progress
518
- if($apbct->rc_running || (!empty($spbc) && $spbc->rc_running))
519
- return;
520
-
521
- $is_sfw_check = true;
522
- $sfw = new CleantalkSFW();
523
- $sfw->ip_array = (array)$sfw->ip__get(array('real'), true);
524
-
525
- // Skip by cookie
526
- foreach($sfw->ip_array as $ct_cur_ip){
527
- if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$apbct->api_key)){
528
- $is_sfw_check=false;
529
- if(isset($_COOKIE['ct_sfw_passed'])){
530
- $sfw->logs__update($ct_cur_ip, 'passed');
531
- $apbct->data['sfw_counter']['all']++;
532
- $apbct->saveData();
533
- if(!headers_sent())
534
- setcookie ('ct_sfw_passed', '0', time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
535
- }
536
- break;
537
- }else{
538
- $is_sfw_check = true;
539
- }
540
- }
541
-
542
- // Skip the check
543
- if(!empty($_GET['access'])){
544
- $spbc_settings = get_option('spbc_settings');
545
- $spbc_key = !empty($spbc_settings['spbc_key']) ? $spbc_settings['spbc_key'] : false;
546
- if($_GET['access'] === $apbct->api_key || ($spbc_key !== false && $_GET['access'] === $spbc_key)){
547
- $is_sfw_check = false;
548
- setcookie ('spbc_firewall_pass_key', md5(filter_input(INPUT_SERVER, 'REMOTE_ADDR') . $spbc_key), time()+1200, '/');
549
- setcookie ('ct_sfw_pass_key', md5(filter_input(INPUT_SERVER, 'REMOTE_ADDR') . $apbct->api_key), time()+1200, '/');
550
- }
551
- unset($spbc_settings, $spbc_key);
552
- }
553
-
554
- if($is_sfw_check){
555
-
556
- $sfw->ip_check();
557
-
558
- // Pass remote calls
559
- if($sfw->pass === false){
560
- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name'])){
561
- foreach($sfw->blocked_ips as $ip){
562
- $resolved = CleantalkHelper::ip__resolve($ip['ip']);
563
- if($resolved && preg_match('/cleantalk\.org/', $resolved) === 1 || $resolved === 'back'){
564
- $sfw->pass = true;
565
- }
566
- } unset($ip);
567
- }
568
- }
569
-
570
- if($sfw->test){
571
- $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST), 'test');
572
- }
573
-
574
- if($sfw->pass === false){
575
- foreach($sfw->blocked_ips as $ip){
576
- $sfw->logs__update($ip['ip'], 'blocked');
577
- }
578
- $apbct->data['sfw_counter']['blocked']++;
579
- $apbct->saveData();
580
- $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST));
581
- }else{
582
- reset($sfw->passed_ips);
583
- if(!empty($apbct->settings['set_cookies']) && !headers_sent() && key($sfw->passed_ips))
584
- setcookie ('ct_sfw_pass_key', md5($sfw->passed_ips[key($sfw->passed_ips)]['ip'].$apbct->api_key), time()+86400*30, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false);
585
- }
586
- }
587
- unset($is_sfw_check, $sfw, $sfw_ip, $ct_cur_ip);
588
- }
589
-
590
- /**
591
- * On activation, set a time, frequency and name of an action hook to be scheduled.
592
- */
593
- function apbct_activation( $network = false ) {
594
-
595
- global $wpdb;
596
-
597
- // SFW data
598
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
599
- `network` int(11) unsigned NOT NULL,
600
- `mask` int(11) unsigned NOT NULL,
601
- INDEX ( `network` , `mask` )
602
- );';
603
-
604
- // SFW log
605
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
606
- `ip` VARCHAR(15) NOT NULL,
607
- `all_entries` INT NOT NULL,
608
- `blocked_entries` INT NOT NULL,
609
- `entries_timestamp` INT NOT NULL,
610
- PRIMARY KEY (`ip`));';
611
-
612
- // Sessions
613
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
614
- `id` VARCHAR(64) NOT NULL,
615
- `name` VARCHAR(40) NOT NULL,
616
- `value` TEXT NULL DEFAULT NULL,
617
- `last_update` DATETIME NULL DEFAULT NULL,
618
- PRIMARY KEY (`name`(40), `id`(64)));';
619
-
620
- if($network && !defined('CLEANTALK_ACCESS_KEY')){
621
- $initial_blog = get_current_blog_id();
622
- $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
623
- foreach ($blogs as $blog) {
624
- switch_to_blog($blog);
625
- apbct_activation__create_tables($sqls);
626
- // Cron tasks
627
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
628
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
629
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
630
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+300); // SFW update
631
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
632
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
633
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
634
- }
635
- switch_to_blog($initial_blog);
636
- }else{
637
-
638
- // Cron tasks
639
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
640
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
641
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
642
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
643
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
644
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
645
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
646
-
647
- apbct_activation__create_tables($sqls);
648
- ct_sfw_update(); // Updating SFW
649
- ct_account_status_check(null, false);
650
- }
651
-
652
- // Additional options
653
- add_option('ct_plugin_do_activation_redirect', true);
654
- }
655
-
656
- function apbct_activation__create_tables($sqls) {
657
- global $wpdb;
658
- $wpdb->show_errors = false;
659
- foreach($sqls as $sql){
660
- $sql = sprintf($sql, $wpdb->prefix); // Adding current blog prefix
661
- $result = $wpdb->query($sql);
662
- if($result === false)
663
- $errors[] = "Failed.\nQuery: {$wpdb->last_query}\nError: {$wpdb->last_error}";
664
- }
665
- $wpdb->show_errors = true;
666
-
667
- // Logging errors
668
- if(!empty($errors))
669
- apbct_log($errors);
670
- }
671
-
672
- function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id, $meta) {
673
- if (apbct_is_plugin_active_for_network('cleantalk-spam-protect/cleantalk.php')){
674
-
675
- switch_to_blog($blog_id);
676
-
677
- global $wpdb;
678
-
679
- // SFW data
680
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
681
- `network` int(11) unsigned NOT NULL,
682
- `mask` int(11) unsigned NOT NULL,
683
- INDEX ( `network` , `mask` )
684
- );';
685
-
686
- // SFW log
687
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
688
- `ip` VARCHAR(15) NOT NULL,
689
- `all_entries` INT NOT NULL,
690
- `blocked_entries` INT NOT NULL,
691
- `entries_timestamp` INT NOT NULL,
692
- PRIMARY KEY (`ip`));';
693
-
694
- // Sessions
695
- $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
696
- `id` VARCHAR(64) NOT NULL,
697
- `name` TEXT NOT NULL,
698
- `value` TEXT NULL DEFAULT NULL,
699
- `last_update` DATETIME NULL DEFAULT NULL,
700
- PRIMARY KEY (`id`(64), `name`(64)));';
701
-
702
- // Cron tasks
703
- CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
704
- CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
705
- CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
706
- CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
707
- CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
708
- CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
709
- CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
710
- apbct_activation__create_tables($sqls);
711
- ct_sfw_update(); // Updating SFW
712
- ct_account_status_check(null, false);
713
- restore_current_blog();
714
- }
715
- }
716
-
717
- /**
718
- * On deactivation, clear schedule.
719
- */
720
- function apbct_deactivation( $network ) {
721
-
722
- global $apbct, $wpdb;
723
-
724
- // Deactivation for network
725
- if(is_multisite() && $network){
726
-
727
- $initial_blog = get_current_blog_id();
728
- $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
729
- foreach ($blogs as $blog) {
730
- switch_to_blog($blog);
731
- apbct_deactivation__delete_blog_tables();
732
- delete_option('cleantalk_cron'); // Deleting cron entries
733
-
734
- if($apbct->settings['complete_deactivation']){
735
- apbct_deactivation__delete_all_options();
736
- apbct_deactivation__delete_all_options__in_network();
737
- }
738
-
739
- }
740
- switch_to_blog($initial_blog);
741
-
742
- // Deactivation for blog
743
- }elseif(is_multisite()){
744
-
745
- apbct_deactivation__delete_common_tables();
746
- delete_option('cleantalk_cron'); // Deleting cron entries
747
-
748
- if($apbct->settings['complete_deactivation'])
749
- apbct_deactivation__delete_all_options();
750
-
751
- // Deactivation on standalone blog
752
- }elseif(!is_multisite()){
753
-
754
- apbct_deactivation__delete_common_tables();
755
- delete_option('cleantalk_cron'); // Deleting cron entries
756
-
757
- if($apbct->settings['complete_deactivation'])
758
- apbct_deactivation__delete_all_options();
759
-
760
- }
761
- }
762
-
763
- /**
764
- * Delete all cleantalk_* entries from _options table
765
- */
766
- function apbct_deactivation__delete_all_options(){
767
- delete_option('cleantalk_settings');
768
- delete_option('cleantalk_data');
769
- delete_option('cleantalk_cron');
770
- delete_option('cleantalk_errors');
771
- delete_option('cleantalk_remote_calls');
772
- delete_option('cleantalk_server');
773
- delete_option('cleantalk_stats');
774
- delete_option('cleantalk_timelabel_reg');
775
- }
776
-
777
- /**
778
- * Delete all cleantalk_* entries from _sitemeta table
779
- */
780
- function apbct_deactivation__delete_all_options__in_network(){
781
- delete_site_option('cleantalk_network_settings');
782
- delete_site_option('cleantalk_network_data');
783
- }
784
-
785
- function apbct_deactivation__delete_common_tables() {
786
- global $wpdb;
787
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw`;'); // Deleting SFW data
788
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
789
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sessions`;'); // Deleting session table
790
- }
791
-
792
- function apbct_deactivation__delete_blog_tables() {
793
- global $wpdb;
794
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
795
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
796
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sessions`;'); // Deleting session table
797
- }
798
-
799
- /**
800
- * Redirects admin to plugin settings after activation.
801
- */
802
- function apbct_plugin_redirect()
803
- {
804
- global $apbct;
805
- if (get_option('ct_plugin_do_activation_redirect', false) && !isset($_GET['activate-multi'])){
806
- delete_option('ct_plugin_do_activation_redirect');
807
- wp_redirect($apbct->settings_link);
808
- }
809
- }
810
-
811
- function ct_add_event($event_type)
812
- {
813
- global $apbct, $cleantalk_executed;
814
-
815
- //
816
- // To migrate on the new version of ct_add_event().
817
- //
818
- switch ($event_type) {
819
- case '0': $event_type = 'no';break;
820
- case '1': $event_type = 'yes';break;
821
- }
822
-
823
- $current_hour = intval(date('G'));
824
-
825
- // Updating current hour
826
- if($current_hour!=$apbct->data['current_hour']){
827
- $apbct->data['current_hour'] = $current_hour;
828
- $apbct->data['array_accepted'][$current_hour] = 0;
829
- $apbct->data['array_blocked'][$current_hour] = 0;
830
- }
831
-
832
- //Add 1 to counters
833
- if($event_type=='yes'){
834
- $apbct->data['array_accepted'][$current_hour]++;
835
- $apbct->data['all_time_counter']['accepted']++;
836
- $apbct->data['user_counter']['accepted']++;
837
- }
838
- if($event_type=='no'){
839
- $apbct->data['array_blocked'][$current_hour]++;
840
- $apbct->data['all_time_counter']['blocked']++;
841
- $apbct->data['user_counter']['blocked']++;
842
- }
843
-
844
- $apbct->saveData();
845
-
846
- $cleantalk_executed=true;
847
- }
848
-
849
- /**
850
- * return new cookie value
851
- */
852
- function ct_get_cookie()
853
- {
854
- global $ct_checkjs_def;
855
- $ct_checkjs_key = ct_get_checkjs_value();
856
- print $ct_checkjs_key;
857
- die();
858
- }
859
-
860
- function ct_sfw_update($immediate = false){
861
-
862
- global $apbct;
863
-
864
- if($apbct->settings['spam_firewall'] == 1){
865
-
866
- $sfw = new CleantalkSFW();
867
-
868
- $file_url = isset($_GET['file_url']) ? $_GET['file_url'] : null;
869
- $result = $sfw->sfw_update($apbct->api_key, $file_url, $immediate);
870
-
871
- if(empty($result['error'])){
872
- $apbct->stats['sfw']['last_update_time'] = time();
873
- $apbct->stats['sfw']['entries'] = $result;
874
- $apbct->save('stats');
875
- }
876
-
877
- return $result;
878
- }
879
-
880
- return array('error' => 'SFW_DISABLED');
881
-
882
- }
883
-
884
- function ct_sfw_send_logs()
885
- {
886
- global $apbct;
887
-
888
- if($apbct->settings['spam_firewall'] == 1){
889
-
890
- $sfw = new CleantalkSFW();
891
- $result = $sfw->logs__send($apbct->api_key);
892
-
893
- if(empty($result['error'])){
894
- $apbct->stats['sfw']['last_send_time'] = time();
895
- $apbct->stats['sfw']['last_send_amount'] = $result['rows'];
896
- $apbct->save('stats');
897
- }
898
-
899
- return $result;
900
-
901
- }
902
-
903
- return array('error' => 'SFW_DISABLED');
904
- }
905
-
906
- /**
907
- * Wrapper for Cleantalk's remote calls
908
- *
909
- * @param string $action What you want to do?
910
- * @param array $additional_params Additional GET parameters for RC
911
- * @param string $presets Presets for CleantalkHelper::http__request(). 'async' maybe?
912
- * @param string $plugin_name Plugin name 'antispam' by default
913
- * @param string $call_token RC securirty token
914
- * @param string $url Current site URL by default
915
- *
916
- * @return array|bool
917
- */
918
- function apbct_rc__send($action, $additional_params = array(), $presets = 'get', $plugin_name = 'antispam', $call_token = '', $url = ''){
919
-
920
- global $apbct;
921
-
922
- $default_params = array(
923
- 'plugin_name' => $plugin_name,
924
- 'spbc_remote_call_token' => $call_token ? $call_token : md5($apbct->api_key),
925
- 'spbc_remote_call_action' => $action,
926
- );
927
-
928
- $params = array_merge($additional_params, $default_params);
929
-
930
- return apbct_rc__parse_result(
931
- CleantalkHelper::http__request(
932
- $url ? $url : get_option('siteurl'),
933
- $params,
934
- $presets
935
- )
936
- );
937
- }
938
-
939
- /**
940
- * Parse different types of remote call results
941
- *
942
- * @param array|string $rc_result
943
- * string - 'FAIL {"some":"result}'
944
- * string - 'OK {"some":"result}'
945
- *
946
- * @return array|string
947
- */
948
- function apbct_rc__parse_result($rc_result){
949
- if(is_string($rc_result)){
950
- $rc_result = preg_replace('/^(OK\s?|FAIL\s?)(.*)/', '$2', $rc_result, 1);
951
- $rc_result = json_decode($rc_result, true);
952
- $rc_result = $rc_result
953
- ? $rc_result
954
- : array('error' => 'FAIL_TO_PARSE_RC_RESULT');
955
- }
956
- return $rc_result;
957
- }
958
-
959
- /**
960
- * Install plugin from wordpress catalog
961
- *
962
- * @param WP $wp
963
- * @param string $plugin_slug
964
- */
965
- function apbct_rc__install_plugin($wp = null, $plugin = null){
966
-
967
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
968
-
969
- if($plugin){
970
-
971
- if(preg_match('/[a-zA-Z-\d]+[\/\\][a-zA-Z-\d]+\.php/', $plugin)){
972
-
973
- $plugin_slug = preg_replace('@([a-zA-Z-\d]+)[\\\/].*@', '$1', $plugin);
974
-
975
- if($plugin_slug){
976
-
977
- require_once(ABSPATH.'wp-admin/includes/plugin-install.php');
978
- $result = plugins_api(
979
- 'plugin_information',
980
- array(
981
- 'slug' => $plugin_slug,
982
- 'fileds' => array('version' => true, 'download_link' => true,),
983
- )
984
- );
985
-
986
- if(!is_wp_error($result)){
987
-
988
- require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
989
- include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
990
- include_once( ABSPATH . 'wp-admin/includes/file.php' );
991
- include_once( ABSPATH . 'wp-admin/includes/misc.php' );
992
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
993
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
994
-
995
- $installer= new CleantalkUpgrader( new CleantalkUpgraderSkin() );
996
- $installer->install($result->download_link);
997
-
998
- if($installer->apbct_result === 'OK'){
999
- die('OK');
1000
-
1001
- }else
1002
- die('FAIL '. json_encode(array('error' => $installer->apbct_result)));
1003
- }else
1004
- die('FAIL '. json_encode(array('error' => 'FAIL_TO_GET_LATEST_VERSION', 'details' => $result->get_error_message(),)));
1005
- }else
1006
- die('FAIL '. json_encode(array('error' => 'PLUGIN_SLUG_INCORRECT')));
1007
- }else
1008
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_INCORRECT')));
1009
- }else
1010
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1011
- }
1012
-
1013
- function apbct_rc__activate_plugin($plugin){
1014
-
1015
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1016
-
1017
- if($plugin){
1018
-
1019
- if(preg_match('@[a-zA-Z-\d]+[\\\/][a-zA-Z-\d]+\.php@', $plugin)){
1020
-
1021
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1022
-
1023
- $result = activate_plugins($plugin);
1024
-
1025
- if($result && !is_wp_error($result)){
1026
- return array('success' => true);
1027
- }else
1028
- return array('error' => 'FAIL_TO_ACTIVATE', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''));
1029
- }else
1030
- return array('error' => 'PLUGIN_NAME_IS_INCORRECT');
1031
- }else
1032
- return array('error' => 'PLUGIN_NAME_IS_UNSET');
1033
- }
1034
-
1035
- /**
1036
- * Uninstall plugin from wordpress catalog
1037
- *
1038
- * @param null $plugin_name
1039
- */
1040
- function apbct_rc__deactivate_plugin($plugin = null){
1041
-
1042
- global $apbct;
1043
-
1044
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1045
-
1046
- if($plugin){
1047
-
1048
- // Switching complete deactivation for security
1049
- if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1050
- $spbc_settings = get_option('spbc_settings');
1051
- $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1052
- update_option('spbc_settings', $spbc_settings);
1053
- }
1054
-
1055
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1056
-
1057
- if(is_plugin_active( $plugin )){
1058
- // Hook to set flag if the plugin is deactivated
1059
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1060
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1061
- }else{
1062
- $apbct->plugin_deactivated = true;
1063
- }
1064
-
1065
- // Hook to set flag if the plugin is deactivated
1066
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1067
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1068
-
1069
- if($apbct->plugin_deactivated){
1070
- die('OK');
1071
- }else
1072
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1073
- }else
1074
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1075
- }
1076
-
1077
-
1078
- /**
1079
- * Uninstall plugin from wordpress catalog
1080
- *
1081
- * @param null $plugin
1082
- */
1083
- function apbct_rc__uninstall_plugin($plugin = null){
1084
-
1085
- global $apbct;
1086
-
1087
- $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1088
-
1089
- if($plugin){
1090
-
1091
- // Switching complete deactivation for security
1092
- if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1093
- $spbc_settings = get_option('spbc_settings');
1094
- $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1095
- update_option('spbc_settings', $spbc_settings);
1096
- }
1097
-
1098
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1099
-
1100
- if(is_plugin_active( $plugin )){
1101
- // Hook to set flag if the plugin is deactivated
1102
- add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1103
- deactivate_plugins($plugin, false, is_multisite() ? true : false);
1104
- }else{
1105
- $apbct->plugin_deactivated = true;
1106
- }
1107
-
1108
- if($apbct->plugin_deactivated){
1109
-
1110
- require_once (ABSPATH .'/wp-admin/includes/file.php');
1111
-
1112
- $result = delete_plugins(array($plugin));
1113
-
1114
- if($result && !is_wp_error($result)){
1115
- die('OK');
1116
- }else
1117
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_EXISTS', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''))));
1118
- }else
1119
- die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1120
- }else
1121
- die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1122
- }
1123
-
1124
- function apbct_rc__uninstall_plugin__check_deactivate(){
1125
- global $apbct;
1126
- $apbct->plugin_deactivated = true;
1127
- }
1128
-
1129
- function apbct_rc__update(){
1130
-
1131
- //Upgrade params
1132
- $plugin = 'cleantalk-spam-protect/cleantalk.php';
1133
- $plugin_slug = 'cleantalk-spam-protect';
1134
- $title = __('Update Plugin');
1135
- $nonce = 'upgrade-plugin_' . $plugin;
1136
- $url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
1137
-
1138
- $prev_version = APBCT_VERSION;
1139
-
1140
- require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1141
- include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1142
- include_once( ABSPATH . 'wp-admin/includes/file.php' );
1143
- include_once( ABSPATH . 'wp-admin/includes/misc.php' );
1144
-
1145
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
1146
- include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
1147
-
1148
- apbct_maintance_mode__enable( 30 );
1149
-
1150
- $upgrader = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin') ) );
1151
- $upgrader->upgrade($plugin);
1152
-
1153
- apbct_maintance_mode__disable();
1154
-
1155
- $result = activate_plugins( $plugin );
1156
-
1157
- // Changing response UP_TO_DATE to OK
1158
- if($upgrader->apbct_result === 'UP_TO_DATE')
1159
- $upgrader->apbct_result = 'OK';
1160
-
1161
- if($upgrader->apbct_result === 'OK'){
1162
-
1163
- if(is_wp_error($result)){
1164
- die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1165
- }
1166
-
1167
- $httpResponseCode = CleantalkHelper::http__request(get_option('siteurl'), array(), 'get_code');
1168
-
1169
- if( strpos($httpResponseCode, '200') === false ){
1170
-
1171
- apbct_maintance_mode__enable( 30 );
1172
-
1173
- // Rollback
1174
- $rollback = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin_slug', 'prev_version') ) );
1175
- $rollback->rollback($plugin);
1176
-
1177
- apbct_maintance_mode__disable();
1178
-
1179
- $response = array(
1180
- 'error' => 'BAD_HTTP_CODE',
1181
- 'http_code' => $httpResponseCode,
1182
- 'output' => substr(file_get_contents(get_option('siteurl')), 0, 900),
1183
- 'rollback_result' => $rollback->apbct_result,
1184
- );
1185
-
1186
- die('FAIL '.json_encode($response));
1187
- }
1188
-
1189
- $plugin_data = get_plugin_data(__FILE__);
1190
- $apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
1191
- ct_send_feedback('0:' . $apbct_agent);
1192
-
1193
- die('OK '.json_encode(array('agent' => $apbct_agent)));
1194
-
1195
- }else{
1196
- die('FAIL '. json_encode(array('error' => $upgrader->apbct_result)));
1197
- }
1198
- }
1199
-
1200
- function apbct_rc__update_settings($source) {
1201
-
1202
- global $apbct;
1203
-
1204
- foreach($apbct->def_settings as $setting => $def_value){
1205
- if(array_key_exists($setting, $source)){
1206
- $var = $source[$setting];
1207
- $type = gettype($def_value);
1208
- settype($var, $type);
1209
- if($type == 'string')
1210
- $var = preg_replace(array('/=/', '/`/'), '', $var);
1211
- $apbct->settings[$setting] = $var;
1212
- }
1213
- }
1214
-
1215
- $apbct->save('settings');
1216
-
1217
- return true;
1218
- }
1219
-
1220
- function apbct_rc__insert_auth_key($key, $plugin){
1221
-
1222
- global $apbct;
1223
-
1224
- if($plugin === 'security-malware-firewall/security-malware-firewall.php'){
1225
-
1226
- require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1227
-
1228
- if(is_plugin_active( $plugin )){
1229
-
1230
- $key = trim($key);
1231
-
1232
- if($key && preg_match('/^[a-z\d]{3,15}$/', $key)){
1233
-
1234
- $result = CleantalkAPI::method__notice_paid_till(
1235
- $key,
1236
- preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1) // Site URL
1237
- );
1238
-
1239
- if( empty( $result['error'] ) ) {
1240
-
1241
- if( $result['valid'] ){
1242
-
1243
- // Set account params
1244
- $data = get_option('spbc_data', array());
1245
- $data['user_token'] = $result['user_token'];
1246
- $data['notice_show'] = $result['show_notice'];
1247
- $data['notice_renew'] = $result['renew'];
1248
- $data['notice_trial'] = $result['trial'];
1249
- $data['auto_update_app'] = isset($result['show_auto_update_notice']) ? $result['show_auto_update_notice'] : 0;
1250
- $data['service_id'] = $result['service_id'];
1251
- $data['moderate'] = $result['moderate'];
1252
- $data['auto_update_app '] = isset($result['auto_update_app']) ? $result['auto_update_app'] : 0;
1253
- $data['license_trial'] = isset($result['license_trial']) ? $result['license_trial'] : 0;
1254
- $data['account_name_ob'] = isset($result['account_name_ob']) ? $result['account_name_ob'] : '';
1255
- $data['key_is_ok'] = true;
1256
- update_option('spbc_data', $data);
1257
-
1258
- // Set key
1259
- $settings = get_option('spbc_settings', array());
1260
- $settings['spbc_key'] = $key;
1261
- update_option('spbc_settings', $settings);
1262
-
1263
- return 'OK';
1264
- }else
1265
- return array('error' => 'KEY_IS_NOT_VALID');
1266
- }else
1267
- return array('error' => $result);
1268
- }else
1269
- return array('error' => 'KEY_IS_NOT_CORRECT');
1270
- }else
1271
- return array('error' => 'PLUGIN_IS_NOT_ACTIVE_OR_NOT_INSTALLED');
1272
- }else
1273
- return array('error' => 'PLUGIN_SLUG_INCORRECT');
1274
- }
1275
-
1276
- /**
1277
- * Putting Wordpress to maintenance mode.
1278
- * For given duration in seconds
1279
- *
1280
- * @param $duration
1281
- *
1282
- * @return bool
1283
- */
1284
- function apbct_maintance_mode__enable( $duration ) {
1285
- apbct_maintance_mode__disable();
1286
- $content = "<?php\n\n"
1287
- . '$upgrading = ' . (time() - ( 60 * 10 ) + $duration) . ';';
1288
-
1289
- return (bool)file_put_contents( ABSPATH . '.maintenance', $content );
1290
- }
1291
-
1292
- /**
1293
- * Disabling maintenance mode by deleting .maintenance file.
1294
- *
1295
- * @return void
1296
- */
1297
- function apbct_maintance_mode__disable() {
1298
- $maintenance_file = ABSPATH . '.maintenance';
1299
- if ( file_exists( $maintenance_file ) ) {
1300
- unlink( $maintenance_file );
1301
- }
1302
- }
1303
-
1304
- function cleantalk_get_brief_data(){
1305
-
1306
- global $apbct;
1307
-
1308
- $apbct->data['brief_data'] = CleantalkAPI::method__get_antispam_report_breif($apbct->api_key);
1309
- $apbct->saveData();
1310
-
1311
- return;
1312
- }
1313
-
1314
- //Delete cookie for admin trial notice
1315
- function apbct__hook__wp_logout__delete_trial_notice_cookie(){
1316
- if(!headers_sent())
1317
- setcookie('ct_trial_banner_closed', '', time()-3600);
1318
- }
1319
-
1320
- function apbct_alt_session__id__get(){
1321
- $id = CleantalkHelper::ip__get(array('real'))
1322
- .filter_input(INPUT_SERVER, 'HTTP_USER_AGENT')
1323
- //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT') // Could be different. Broke session id
1324
- .filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE');
1325
- //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT_ENCODING'); // Could be different. Broke session id
1326
- return hash('sha256', $id);
1327
- }
1328
-
1329
- function apbct_alt_sessions__remove_old(){
1330
- if(rand(0, 1000) < APBCT_SEESION__CHANCE_TO_CLEAN){
1331
- global $wpdb;
1332
- $wpdb->query(
1333
- 'DELETE
1334
- FROM `'. APBCT_TBL_SESSIONS .'`
1335
- WHERE last_update < NOW() - INTERVAL '. APBCT_SEESION__LIVE_TIME .' SECOND
1336
- LIMIT 100000;'
1337
- );
1338
- }
1339
- }
1340
-
1341
- function apbct_alt_session__save($name, $value){
1342
-
1343
- global $wpdb;
1344
-
1345
- $session_id = apbct_alt_session__id__get();
1346
-
1347
- $wpdb->query(
1348
- $wpdb->prepare(
1349
- 'INSERT INTO '. APBCT_TBL_SESSIONS .'
1350
- (id, name, value, last_update)
1351
- VALUES (%s, %s, %s, %s)
1352
- ON DUPLICATE KEY UPDATE
1353
- value = %s,
1354
- last_update = %s',
1355
- $session_id, $name, $value, date('Y-m-d H:i:s'), $value, date('Y-m-d H:i:s')
1356
- )
1357
- );
1358
-
1359
- }
1360
-
1361
- function apbct_alt_session__get($name){
1362
- global $wpdb;
1363
- $session_id = apbct_alt_session__id__get();
1364
- $result = $wpdb->get_row(
1365
- $wpdb->prepare(
1366
- 'SELECT value
1367
- FROM `'. APBCT_TBL_SESSIONS .'`
1368
- WHERE id = %s AND name = %s;',
1369
- $session_id, $name
1370
- ),
1371
- OBJECT
1372
- );
1373
-
1374
- $result = isset($result->value)
1375
- ? strpos($result->value, '{') === 0
1376
- ? (array)json_decode($result->value, true) // JSON
1377
- : $result->value
1378
- : false;
1379
-
1380
- return $result ? $result : null;
1381
- }
1382
-
1383
- function apbct_store__urls(){
1384
-
1385
- global $apbct;
1386
-
1387
- if($apbct->settings['store_urls'] && empty($apbct->flags__url_stored) && !headers_sent()){
1388
-
1389
- // URLs HISTORY
1390
- // Get current url
1391
- $current_url = filter_input(INPUT_SERVER, 'HTTP_HOST').filter_input(INPUT_SERVER, 'REQUEST_URI');
1392
- $current_url = $current_url ? substr($current_url, 0,256) : 'UNKNOWN';
1393
-
1394
- // Get already stored URLs
1395
- $urls = $apbct->settings['store_urls__sessions']
1396
- ? (array)apbct_alt_session__get('apbct_urls')
1397
- : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
1398
-
1399
- $urls[$current_url][] = time();
1400
-
1401
- // Rotating. Saving only latest 10
1402
- $urls[$current_url] = count($urls[$current_url]) > 10 ? array_slice($urls[$current_url], 1, 10) : $urls[$current_url];
1403
- $urls = count($urls) > 10 ? array_slice($urls, 1, 10) : $urls;
1404
-
1405
- // Saving
1406
- $apbct->settings['store_urls__sessions']
1407
- ? apbct_alt_session__save('apbct_urls', json_encode($urls))
1408
- : setcookie('apbct_urls', json_encode($urls), time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1409
-
1410
- // REFERER
1411
- // Get current fererer
1412
- $new_site_referer = filter_input(INPUT_SERVER, 'HTTP_REFERER');
1413
- $new_site_referer = $new_site_referer ? $new_site_referer : 'UNKNOWN';
1414
-
1415
- // Get already stored referer
1416
- $site_referer = $apbct->settings['store_urls__sessions']
1417
- ? apbct_alt_session__get('apbct_site_referer')
1418
- : filter_input(INPUT_COOKIE, 'apbct_site_referer');
1419
-
1420
- // Save if empty
1421
- if(!$site_referer || parse_url($new_site_referer, PHP_URL_HOST) !== filter_input(INPUT_SERVER, 'HTTP_HOST')){
1422
-
1423
- $apbct->settings['store_urls__sessions']
1424
- ? apbct_alt_session__save('apbct_site_referer', $new_site_referer)
1425
- : setcookie('apbct_site_referer', $new_site_referer, time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1426
- }
1427
-
1428
- $apbct->flags__url_stored = true;
1429
-
1430
- }
1431
- }
1432
-
1433
- /*
1434
- * Set Cookies test for cookie test
1435
- * Sets cookies with pararms timestamp && landing_timestamp && pervious_referer
1436
- * Sets test cookie with all other cookies
1437
- */
1438
- function apbct_cookie(){
1439
-
1440
- global $apbct;
1441
-
1442
- if($apbct->settings['store_urls__sessions'] || $apbct->settings['set_cookies__sessions'])
1443
- apbct_alt_sessions__remove_old();
1444
-
1445
- if(
1446
- empty($apbct->settings['set_cookies']) || // Do not set cookies if option is disabled (for Varnish cache).
1447
- !empty($apbct->flags__cookies_setuped) || // Cookies already set
1448
- !empty($apbct->headers_sent) // Headers sent
1449
- )
1450
- return false;
1451
-
1452
- // Prevent headers sent error
1453
- if(headers_sent($file, $line)){
1454
- $apbct->headers_sent = true;
1455
- $apbct->headers_sent__hook = current_action();
1456
- $apbct->headers_sent__where = $file.':'.$line;
1457
- return false;
1458
- }
1459
-
1460
-
1461
- // Cookie names to validate
1462
- $cookie_test_value = array(
1463
- 'cookies_names' => array(),
1464
- 'check_value' => $apbct->api_key,
1465
- );
1466
-
1467
- $domain = parse_url(get_option('siteurl'),PHP_URL_HOST);
1468
-
1469
- // Submit time
1470
- if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
1471
- $apbct_timestamp = time();
1472
- $apbct->settings['set_cookies__sessions']
1473
- ? apbct_alt_session__save('apbct_timestamp', $apbct_timestamp)
1474
- : setcookie('apbct_timestamp', $apbct_timestamp, 0, '/', $domain, false, true);
1475
- $cookie_test_value['cookies_names'][] = 'apbct_timestamp';
1476
- $cookie_test_value['check_value'] .= $apbct_timestamp;
1477
- }
1478
-
1479
- // Pervious referer
1480
- if(filter_input(INPUT_SERVER, 'HTTP_REFERER')){
1481
- $apbct->settings['set_cookies__sessions']
1482
- ? apbct_alt_session__save('apbct_prev_referer', filter_input(INPUT_SERVER, 'HTTP_REFERER'))
1483
- : setcookie('apbct_prev_referer', filter_input(INPUT_SERVER, 'HTTP_REFERER'), 0, '/', $domain, false, true);
1484
- $cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
1485
- $cookie_test_value['check_value'] .= filter_input(INPUT_SERVER, 'HTTP_REFERER');
1486
- }
1487
-
1488
- // Landing time
1489
- $site_landing_timestamp = $apbct->settings['set_cookies__sessions']
1490
- ? apbct_alt_session__get('apbct_site_landing_ts')
1491
- : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
1492
- if(!$site_landing_timestamp){
1493
- $site_landing_timestamp = time();
1494
- $apbct->settings['set_cookies__sessions']
1495
- ? apbct_alt_session__save('apbct_site_landing_ts', $site_landing_timestamp)
1496
- : setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/', $domain, false, true);
1497
- }
1498
- $cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
1499
- $cookie_test_value['check_value'] .= $site_landing_timestamp;
1500
-
1501
- // Page hits
1502
- // Get
1503
- $page_hits = $apbct->settings['set_cookies__sessions']
1504
- ? apbct_alt_session__get('apbct_page_hits')
1505
- : filter_input(INPUT_COOKIE, 'apbct_page_hits');
1506
- // Set / Increase
1507
- $page_hits = intval($page_hits) ? $page_hits + 1 : 1;
1508
-
1509
- $apbct->settings['set_cookies__sessions']
1510
- ? apbct_alt_session__save('apbct_page_hits', $page_hits)
1511
- : setcookie('apbct_page_hits', $page_hits, 0, '/', $domain, false, true);
1512
-
1513
- $cookie_test_value['cookies_names'][] = 'apbct_page_hits';
1514
- $cookie_test_value['check_value'] .= $page_hits;
1515
-
1516
- // Cookies test
1517
- $cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
1518
- if(!$apbct->settings['set_cookies__sessions'])
1519
- setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/', $domain, false, true);
1520
-
1521
- $apbct->flags__cookies_setuped = true;
1522
-
1523
- }
1524
-
1525
- /**
1526
- * Cookies test for sender
1527
- * Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES
1528
- * @return null|0|1;
1529
- */
1530
- function apbct_cookies_test()
1531
- {
1532
- global $apbct;
1533
-
1534
- if($apbct->settings['set_cookies__sessions'])
1535
- return 1;
1536
-
1537
- if(isset($_COOKIE['apbct_cookies_test'])){
1538
-
1539
- $cookie_test = json_decode(urldecode($_COOKIE['apbct_cookies_test']),true);
1540
-
1541
- if(!is_array($cookie_test))
1542
- return 0;
1543
-
1544
- $check_srting = $apbct->api_key;
1545
- foreach($cookie_test['cookies_names'] as $cookie_name){
1546
- $check_srting .= isset($_COOKIE[$cookie_name]) ? $_COOKIE[$cookie_name] : '';
1547
- } unset($cookie_name);
1548
-
1549
- if($cookie_test['check_value'] == md5($check_srting)){
1550
- return 1;
1551
- }else{
1552
- return 0;
1553
- }
1554
- }else{
1555
- return null;
1556
- }
1557
- }
1558
-
1559
- function apbct_cookies__delete($cookie){
1560
- if(isset($_COOKIE[$cookie]))
1561
- setcookie($cookie, '', time()-3600);
1562
- }
1563
-
1564
- function apbct_cookies__delete_all(){
1565
- if(count($_COOKIE)){
1566
- foreach($_COOKIE as $key => $val){
1567
- if(preg_match("/apbct_|ct_/", $key)){
1568
- setcookie($key, '', time()-3600);
1569
- }
1570
- } unset($key, $val);
1571
- }
1572
- return false;
1573
- }
1574
-
1575
- /**
1576
- * Gets submit time
1577
- * Uses Cookies with check via apbct_cookies_test()
1578
- * @return null|int;
1579
- */
1580
- function apbct_get_submit_time()
1581
- {
1582
- global $apbct;
1583
- $apbct_timestamp = $apbct->settings['set_cookies__sessions']
1584
- ? apbct_alt_session__get('apbct_timestamp')
1585
- : filter_input(INPUT_COOKIE, 'apbct_timestamp');
1586
- return apbct_cookies_test() == 1 ? time() - (int)$apbct_timestamp : null;
1587
- }
1588
-
1589
- /*
1590
- * Inner function - Account status check
1591
- * Scheduled in 1800 seconds for default!
1592
- */
1593
- function ct_account_status_check($api_key = null, $process_errors = true){
1594
-
1595
- global $apbct;
1596
-
1597
- $api_key = $api_key ? $api_key : $apbct->api_key;
1598
- $result = CleantalkAPI::method__notice_paid_till(
1599
- $api_key,
1600
- preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1)
1601
- );
1602
-
1603
- if(empty($result['error']) || !empty($result['valid'])){
1604
-
1605
- // Notices
1606
- $apbct->data['notice_show'] = isset($result['show_notice']) ? (int)$result['show_notice'] : 0;
1607
- $apbct->data['notice_renew'] = isset($result['renew']) ? (int)$result['renew'] : 0;
1608
- $apbct->data['notice_trial'] = isset($result['trial']) ? (int)$result['trial'] : 0;
1609
- $apbct->data['notice_review'] = isset($result['show_review']) ? (int)$result['show_review'] : 0;
1610
- $apbct->data['notice_auto_update'] = isset($result['show_auto_update_notice']) ? (int)$result['show_auto_update_notice'] : 0;
1611
-
1612
- // Other
1613
- $apbct->data['service_id'] = isset($result['service_id']) ? (int)$result['service_id'] : 0;
1614
- $apbct->data['valid'] = isset($result['valid']) ? (int)$result['valid'] : 0;
1615
- $apbct->data['moderate'] = isset($result['moderate']) ? (int)$result['moderate'] : 0;
1616
- $apbct->data['ip_license'] = isset($result['ip_license']) ? (int)$result['ip_license'] : 0;
1617
- $apbct->data['moderate_ip'] = isset($result['moderate_ip'], $result['ip_license']) ? (int)$result['moderate_ip'] : 0;
1618
- $apbct->data['spam_count'] = isset($result['spam_count']) ? (int)$result['spam_count'] : 0;
1619
- $apbct->data['auto_update'] = isset($result['auto_update_app']) ? (int)$result['auto_update_app'] : 0;
1620
- $apbct->data['user_token'] = isset($result['user_token']) ? (string)$result['user_token'] : '';
1621
- $apbct->data['license_trial'] = isset($result['license_trial']) ? (int)$result['license_trial'] : 0;
1622
- $apbct->data['account_name_ob'] = isset($result['account_name_ob']) ? (string)$result['account_name_ob'] : '';
1623
-
1624
- if($apbct->data['notice_show'] == 1 && $apbct->data['notice_trial'] == 1)
1625
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 3600);
1626
-
1627
- if($apbct->data['notice_show'] == 1 && $apbct->data['notice_renew'] == 1)
1628
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 1800);
1629
-
1630
- if($apbct->data['notice_show'] == 0)
1631
- CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
1632
-
1633
- $apbct->error_delete('account_check', 'save');
1634
-
1635
- $apbct->saveData();
1636
-
1637
- }elseif($process_errors){
1638
- $apbct->error_add('account_check', $result);
1639
- }
1640
-
1641
- if(!empty($result['valid'])){
1642
- $apbct->data['key_is_ok'] = true;
1643
- $result = true;
1644
- }else{
1645
- $apbct->data['key_is_ok'] = false;
1646
- $result = false;
1647
- }
1648
-
1649
- return $result;
1650
- }
1651
-
1652
- function ct_mail_send_connection_report() {
1653
-
1654
- global $apbct;
1655
-
1656
- if (($apbct->settings['send_connection_reports'] == 1 && $apbct->connection_reports['negative'] > 0) || !empty($_GET['ct_send_connection_report']))
1657
- {
1658
- $to = "welcome@cleantalk.org" ;
1659
- $subject = "Connection report for ".filter_input(INPUT_SERVER, 'HTTP_HOST');
1660
- $message = '
1661
- <html>
1662
- <head>
1663
- <title></title>
1664
- </head>
1665
- <body>
1666
- <p>From '.$apbct->connection_reports['since'].' to '.date('d M').' has been made '.($apbct->connection_reports['success']+$apbct->connection_reports['negative']).' calls, where '.$apbct->connection_reports['success'].' were success and '.$apbct->connection_reports['negative'].' were negative</p>
1667
- <p>Negative report:</p>
1668
- <table> <tr>
1669
- <td>&nbsp;</td>
1670
- <td><b>Date</b></td>
1671
- <td><b>Page URL</b></td>
1672
- <td><b>Library report</b></td>
1673
- <td><b>Server IP</b></td>
1674
- </tr>
1675
- ';
1676
- foreach ($apbct->connection_reports['negative_report'] as $key => $report)
1677
- {
1678
- $message.= '<tr>'
1679
- . '<td>'.($key+1).'.</td>'
1680
- . '<td>'.$report['date'].'</td>'
1681
- . '<td>'.$report['page_url'].'</td>'
1682
- . '<td>'.$report['lib_report'].'</td>'
1683
- . '<td>'.$report['work_url'].'</td>'
1684
- . '</tr>';
1685
- }
1686
- $message.='</table></body></html>';
1687
-
1688
- $headers = 'Content-type: text/html; charset=windows-1251 \r\n';
1689
- $headers .= 'From: '.get_option('admin_email');
1690
- mail($to, $subject, $message, $headers);
1691
- }
1692
-
1693
- $apbct->data['connection_reports'] = $apbct->def_data['connection_reports'];
1694
- $apbct->data['connection_reports']['since'] = date('d M');
1695
- $apbct->saveData();
1696
- }
1697
-
1698
- //* Write $message to the plugin's debug option
1699
- function apbct_log($message = 'empty', $func = null, $params = array())
1700
- {
1701
- global $apbct;
1702
-
1703
- $debug = get_option( APBCT_DEBUG );
1704
-
1705
- $function = $func ? $func : '';
1706
- $cron = in_array('cron', $params) ? true : false;
1707
- $data = in_array('data', $params) ? true : false;
1708
- $settings = in_array('settings', $params) ? true : false;
1709
-
1710
- if(is_array($message) or is_object($message))
1711
- $message = print_r($message, true);
1712
-
1713
- if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
1714
- if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1715
- if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1716
- if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1717
-
1718
- update_option(APBCT_DEBUG, $debug);
1719
- }
1720
-
1721
- function apbct_sfw__delete_tables( $blog_id, $drop ) {
1722
-
1723
- global $wpdb;
1724
-
1725
- $initial_blog = get_current_blog_id();
1726
-
1727
- switch_to_blog($blog_id);
1728
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
1729
- $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
1730
-
1731
- switch_to_blog($initial_blog);
1732
- }
1733
-
1734
- /**
1735
- * Is enable for user group
1736
- *
1737
- * @param WP_User $user
1738
- *
1739
- * @return boolean
1740
- */
1741
- function apbct_is_user_enable($user = null) {
1742
-
1743
- global $current_user;
1744
-
1745
- $user = !empty($user) ? $user : $current_user;
1746
-
1747
- return apbct_is_user_role_in(array('administrator', 'editor', 'author'), $user)
1748
- ? false
1749
- : true;
1750
- }
1751
-
1752
- /**
1753
- * Checks if the current user has role
1754
- *
1755
- * @param array $roles array of strings
1756
- * @param int|string|WP_User|mixed $user User ID to check|user_login|WP_User
1757
- *
1758
- * @return boolean Does the user has this role|roles
1759
- */
1760
- function apbct_is_user_role_in( $roles, $user = false ){
1761
-
1762
- if( is_numeric($user) && function_exists('get_userdata')) $user = get_userdata( $user );
1763
- if( is_string($user) && function_exists('get_user_by')) $user = get_user_by('login', $user );
1764
- if( ! $user && function_exists('wp_get_current_user')) $user = wp_get_current_user();
1765
- if( ! $user ) $user = apbct_wp_get_current_user();
1766
-
1767
- if( empty($user->ID) )
1768
- return false;
1769
-
1770
- foreach( (array) $roles as $role ){
1771
- if( isset($user->caps[ strtolower($role) ]) || in_array(strtolower($role), $user->roles) )
1772
- return true;
1773
- }
1774
-
1775
- return false;
1776
- }
1777
-
1778
- /**
1779
- * Update and rotate statistics with requests exection time
1780
- *
1781
- * @param $exec_time
1782
- */
1783
- function apbct_statistics__rotate($exec_time){
1784
-
1785
- global $apbct;
1786
-
1787
- // Delete old stats
1788
- if(min(array_keys($apbct->stats['requests'])) < time() - (86400 * 7))
1789
- unset($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]);
1790
-
1791
- // Create new if newest older than 1 day
1792
- if(empty($apbct->stats['requests']) || max(array_keys($apbct->stats['requests'])) < time() - (86400 * 1))
1793
- $apbct->stats['requests'][time()] = array('amount' => 0, 'average_time' => 0);
1794
-
1795
- // Update all existing stats
1796
- foreach($apbct->stats['requests'] as &$weak_stat){
1797
- $weak_stat['average_time'] = ($weak_stat['average_time'] * $weak_stat['amount'] + $exec_time) / ++$weak_stat['amount'];
1798
- }
1799
-
1800
- $apbct->save('stats');
1801
- }
1802
-
1803
- /**
1804
- * Runs update actions for new version.
1805
- *
1806
- * @global CleantalkState $apbct
1807
- */
1808
- function apbct_update_actions(){
1809
-
1810
- global $apbct;
1811
-
1812
- // Update logic
1813
- if($apbct->plugin_version != APBCT_VERSION){
1814
-
1815
- // Main blog
1816
- if(is_main_site()){
1817
-
1818
- require_once(CLEANTALK_PLUGIN_DIR.'inc/cleantalk-updater.php');
1819
-
1820
- $result = apbct_run_update_actions($apbct->plugin_version, APBCT_VERSION);
1821
-
1822
- //If update is successfull
1823
- if($result === true)
1824
- apbct_update__set_version__from_plugin('from_plugin');
1825
-
1826
- ct_send_feedback('0:' . APBCT_AGENT ); // Send feedback to let cloud know about updated version.
1827
-
1828
- // Side blogs
1829
- }else{
1830
- apbct_update__set_version__from_plugin('from_plugin');
1831
- }
1832
- }
1833
-
1834
- }
1835
-
1836
- /**
1837
- * Set version of plugin in database
1838
- *
1839
- * @param string $ver
1840
- *
1841
- * @return bool
1842
- * @global CleantalkState $apbct
1843
- *
1844
- */
1845
- function apbct_update__set_version__from_plugin($ver){
1846
- global $apbct;
1847
- switch (true){
1848
- case $ver === 'from_plugin':
1849
- $apbct->data['plugin_version'] = APBCT_VERSION;
1850
- break;
1851
- case preg_match('/^\d+\.\d+(\.\d+)?(-[a-zA-Z0-9-_]+)?$/', $ver) === 1;
1852
- $apbct->data['plugin_version'] = $ver;
1853
- break;
1854
- default:
1855
- return false;
1856
- break;
1857
- }
1858
- $apbct->saveData();
1859
- return true;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1860
  }
1
+ <?php
2
+ /*
3
+ Plugin Name: Anti-Spam by CleanTalk
4
+ Plugin URI: http://cleantalk.org
5
+ Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.129.1
7
+ Author: СleanTalk <welcome@cleantalk.org>
8
+ Author URI: http://cleantalk.org
9
+ Text Domain: cleantalk
10
+ Domain Path: /i18n
11
+ */
12
+
13
+ $cleantalk_executed = false;
14
+
15
+ // Getting version form main file (look above)
16
+ $plugin_info = get_file_data(__FILE__, array('Version' => 'Version', 'Name' => 'Plugin Name',));
17
+
18
+ // Common params
19
+ define('APBCT_NAME', $plugin_info['Name']);
20
+ define('APBCT_VERSION', $plugin_info['Version']);
21
+ define('APBCT_URL_PATH', plugins_url('', __FILE__)); //HTTP path. Plugin root folder without '/'.
22
+ define('APBCT_DIR_PATH', dirname(__FILE__ ) . '/'); //System path. Plugin root folder with '/'.
23
+ define('APBCT_PLUGIN_BASE_NAME', plugin_basename(__FILE__)); //Plugin base name.
24
+ define('APBCT_CASERT_PATH', file_exists(ABSPATH . WPINC . '/certificates/ca-bundle.crt') ? ABSPATH . WPINC . '/certificates/ca-bundle.crt' : ''); // SSL Serttificate path
25
+
26
+ // API params
27
+ define('APBCT_AGENT', 'wordpress-'.str_replace('.', '', $plugin_info['Version']));
28
+ define('APBCT_MODERATE_URL', 'http://moderate.cleantalk.org'); //Api URL
29
+
30
+ // Option names
31
+ define('APBCT_DATA', 'cleantalk_data'); //Option name with different plugin data.
32
+ define('APBCT_SETTINGS', 'cleantalk_settings'); //Option name with plugin settings.
33
+ define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
34
+ define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
35
+
36
+ // Multisite
37
+ define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
38
+
39
+ // Sessions
40
+ define('APBCT_SEESION__LIVE_TIME', 86400*2);
41
+ define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
42
+
43
+ // Different params
44
+ define('APBCT_REMOTE_CALL_SLEEP', 5); // Minimum time between remote call
45
+
46
+ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
47
+
48
+ define('CLEANTALK_PLUGIN_DIR', dirname(__FILE__ ) . '/');
49
+
50
+ // PHP functions patches
51
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/cleantalk-php-patch.php'); // Pathces fpr different functions which not exists
52
+
53
+ // Base classes
54
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/API.php'); // API
55
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/DB.php'); // Database driver
56
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/Helper.php'); // Helper
57
+ include_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Antispam/SFW.php'); // SpamFireWall
58
+ include_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk/Arr.php'); // Array functions
59
+
60
+ // Child classes
61
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkAPI.php'); // API for Wordpress
62
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkDB.php'); // Database class for Wordpress
63
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkHelper.php'); // Helper for Worpdress
64
+ include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php"); // SpamFireWall for Wordpress
65
+
66
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/Cleantalk.php'); // Main class for request
67
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkRequest.php'); // Holds request data
68
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkResponse.php'); // Holds response data
69
+
70
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkCron.php'); // Cron handling
71
+ require_once(CLEANTALK_PLUGIN_DIR . 'lib/CleantalkState.php'); // State class
72
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-pluggable.php'); // Pluggable functions
73
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
74
+
75
+ // Global ArrayObject with settings and other global varables
76
+ global $apbct;
77
+ $apbct = new CleantalkState('cleantalk', array('settings', 'data', 'debug', 'errors', 'remote_calls', 'stats'));
78
+
79
+ $apbct->base_name = 'cleantalk-spam-protect/cleantalk.php';
80
+
81
+ $apbct->logo = plugin_dir_url(__FILE__) . 'inc/images/logo.png';
82
+ $apbct->logo__small = plugin_dir_url(__FILE__) . 'inc/images/logo_small.png';
83
+ $apbct->logo__small__colored = plugin_dir_url(__FILE__) . 'inc/images/logo_color.png';
84
+
85
+ // Customize CleantalkState
86
+ // Account status
87
+
88
+ $apbct->white_label = $apbct->network_settings['white_label'];
89
+ $apbct->allow_custom_key = $apbct->network_settings['allow_custom_key'];
90
+ $apbct->plugin_name = $apbct->network_settings['white_label__plugin_name'] ? $apbct->network_settings['white_label__plugin_name'] : APBCT_NAME;
91
+ $apbct->api_key = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->settings['apikey'] : $apbct->network_settings['apikey'];
92
+ $apbct->key_is_ok = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->data['key_is_ok'] : $apbct->network_data['key_is_ok'];
93
+ $apbct->moderate = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $apbct->data['moderate'] : $apbct->network_data['moderate'];
94
+
95
+ $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
96
+ $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
97
+
98
+ $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
99
+
100
+ if(!$apbct->white_label){
101
+ require_once( CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
102
+ }
103
+
104
+ // Passing JS key to frontend
105
+ add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
106
+ add_action('wp_ajax_nopriv_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
107
+
108
+ // Database prefix
109
+ global $wpdb;
110
+ $apbct->db_prefix = !APBCT_WPMS || $apbct->allow_custom_key || $apbct->white_label ? $wpdb->prefix : $wpdb->base_prefix;
111
+ $apbct->db_prefix = !$apbct->white_label && defined('CLEANTALK_ACCESS_KEY') ? $wpdb->base_prefix : $wpdb->prefix;
112
+ // Database constants
113
+ define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
114
+ define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
115
+ define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
116
+ define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
117
+ define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
118
+
119
+ /** @todo HARDCODE FIX */
120
+ if($apbct->plugin_version === '1.0.0')
121
+ $apbct->plugin_version = '5.100';
122
+
123
+ // Do update actions if version is changed
124
+ apbct_update_actions();
125
+
126
+ // Self cron
127
+ if(!defined('DOING_CRON') || (defined('DOING_CRON') && DOING_CRON !== true)){
128
+
129
+ $ct_cron = new CleantalkCron();
130
+ $ct_cron->checkTasks();
131
+
132
+ if(!empty($ct_cron->tasks_to_run)){
133
+
134
+ define('CT_CRON', true); // Letting know functions that they are running under CT_CRON
135
+ $ct_cron->runTasks();
136
+ unset($ct_cron);
137
+
138
+ }
139
+ }
140
+
141
+ //Delete cookie for admin trial notice
142
+ add_action('wp_logout', 'apbct__hook__wp_logout__delete_trial_notice_cookie');
143
+
144
+ // Set cookie only for public pages and for non-AJAX requests
145
+ if (!is_admin() && !apbct_is_ajax() && !defined('DOING_CRON')
146
+ && empty($_POST['ct_checkjs_register_form']) // Buddy press registration fix
147
+ && empty($_GET['ct_checkjs_search_default']) // Search form fix
148
+ && empty($_POST['action']) //bbPress
149
+ ){
150
+ add_action('template_redirect','apbct_cookie', 2);
151
+ add_action('template_redirect','apbct_store__urls', 2);
152
+ if (empty($_POST) && empty($_GET)){
153
+ apbct_cookie();
154
+ apbct_store__urls();
155
+ }
156
+ }
157
+
158
+ // Early checks
159
+ // Facebook
160
+ if ($apbct->settings['general_contact_forms_test'] == 1
161
+ && (!empty($_POST['action']) && $_POST['action'] == 'fb_intialize')
162
+ && !empty($_POST['FB_userdata'])
163
+ ){
164
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
165
+ if (apbct_is_user_enable()){
166
+ $ct_check_post_result=false;
167
+ ct_registration_errors(null);
168
+ }
169
+
170
+ }
171
+
172
+ // Ninja Forms. Making GET action to POST action
173
+ if(stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'admin-ajax.php') !== false && sizeof($_POST) > 0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
174
+ $_POST['action']='ninja_forms_ajax_submit';
175
+
176
+ add_action( 'wp_ajax_nopriv_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
177
+ add_action( 'wp_ajax_ninja_forms_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
178
+ add_action( 'wp_ajax_nopriv_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
179
+ add_action( 'wp_ajax_nf_ajax_submit', 'apbct_form__ninjaForms__testSpam', 1);
180
+ add_action( 'ninja_forms_process', 'apbct_form__ninjaForms__testSpam', 1); // Depricated ?
181
+
182
+ // SeedProd Coming Soon Page Pro integration
183
+ add_action( 'wp_ajax_seed_cspv5_subscribe_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
184
+ add_action( 'wp_ajax_nopriv_seed_cspv5_subscribe_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
185
+ add_action( 'wp_ajax_seed_cspv5_contactform_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
186
+ add_action( 'wp_ajax_nopriv_seed_cspv5_contactform_callback', 'apbct_form__seedprod_coming_soon__testSpam', 1 );
187
+
188
+ // The 7 theme contact form integration
189
+ add_action( 'wp_ajax_nopriv_dt_send_mail', 'apbct_form__the7_contact_form', 1 );
190
+ add_action( 'wp_ajax_dt_send_mail', 'apbct_form__the7_contact_form', 1 );
191
+
192
+ // Public actions
193
+ if(!is_admin() && !apbct_is_ajax()){
194
+
195
+ // Default search
196
+ //add_filter( 'get_search_form', 'apbct_forms__search__addField' );
197
+ add_filter( 'get_search_query', 'apbct_forms__search__testSpam' );
198
+
199
+ // Remote calls
200
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && in_array($_GET['plugin_name'], array('antispam','anti-spam', 'apbct'))){
201
+ apbct_remote_call__perform();
202
+ }
203
+
204
+ // SpamFireWall check
205
+ if( $apbct->plugin_version == APBCT_VERSION && // Do not call with first start
206
+ $apbct->settings['spam_firewall'] == 1 &&
207
+ filter_input(INPUT_SERVER, 'REQUEST_METHOD') == 'GET'
208
+ ){
209
+ apbct_sfw__check();
210
+ }
211
+
212
+ }
213
+
214
+
215
+ // Activation/deactivation functions must be in main plugin file.
216
+ // http://codex.wordpress.org/Function_Reference/register_activation_hook
217
+ register_activation_hook( __FILE__, 'apbct_activation' );
218
+ register_deactivation_hook( __FILE__, 'apbct_deactivation' );
219
+
220
+ // Hook for newly added blog
221
+ add_action('wpmu_new_blog', 'apbct_activation__new_blog', 10, 6);
222
+
223
+ // Async loading for JavaScript
224
+ add_filter('script_loader_tag', 'apbct_add_async_attribute', 10, 3);
225
+
226
+ // Redirect admin to plugin settings.
227
+ if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
228
+ add_action('admin_init', 'apbct_plugin_redirect');
229
+
230
+ // Deleting SFW tables when deleting websites
231
+ if(defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE === true)
232
+ add_action( 'delete_blog', 'apbct_sfw__delete_tables', 10, 2 );
233
+
234
+ // After plugin loaded - to load locale as described in manual
235
+ add_action('plugins_loaded', 'apbct_plugin_loaded' );
236
+
237
+ if( !empty($apbct->settings['use_ajax']) &&
238
+ stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'.xml')===false &&
239
+ stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'.xsl')===false)
240
+ {
241
+ add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
242
+ add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
243
+ }
244
+
245
+ // Admin panel actions
246
+ if (is_admin() || is_network_admin()){
247
+
248
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
249
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
250
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
251
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-settings.php');
252
+
253
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
254
+
255
+ add_action('admin_enqueue_scripts', 'apbct_admin__enqueue_scripts');
256
+
257
+ add_action('admin_init', 'apbct_admin__init', 1);
258
+ add_action('admin_menu', 'apbct_settings_add_page');
259
+ add_action('network_admin_menu', 'apbct_settings_add_page');
260
+ add_action('admin_notices', 'apbct_admin__notice_message');
261
+ add_action('network_admin_notices', 'apbct_admin__notice_message');
262
+
263
+ //Show widget only if not IP license
264
+ if(!$apbct->moderate_ip)
265
+ add_action('wp_dashboard_setup', 'ct_dashboard_statistics_widget' );
266
+ }
267
+
268
+ if(apbct_is_ajax() || isset($_POST['cma-action'])){
269
+
270
+ $cleantalk_hooked_actions = array();
271
+ $cleantalk_ajax_actions_to_check = array();
272
+
273
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
274
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
275
+
276
+ // Feedback for comments
277
+ if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_comment'){
278
+ add_action( 'wp_ajax_nopriv_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
279
+ add_action( 'wp_ajax_ct_feedback_comment', 'apbct_comment__send_feedback',1 );
280
+ }
281
+ if(isset($_POST['action']) && $_POST['action'] == 'ct_feedback_user'){
282
+ add_action( 'wp_ajax_nopriv_ct_feedback_user', 'apbct_user__send_feedback',1 );
283
+ add_action( 'wp_ajax_ct_feedback_user', 'apbct_user__send_feedback',1 );
284
+ }
285
+
286
+ // Check AJAX requests
287
+ // if User is not logged in
288
+ // if Unknown action or Known action with mandatory check
289
+ if( (!apbct_is_user_logged_in() || $apbct->settings['protect_logged_in'] == 1) &&
290
+ isset($_POST['action']) && (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
291
+ ){
292
+ ct_ajax_hook();
293
+ }
294
+
295
+ //QAEngine Theme answers
296
+ if (intval($apbct->settings['general_contact_forms_test']))
297
+ add_filter('et_pre_insert_question', 'ct_ajax_hook', 1, 1); // Questions
298
+ add_filter('et_pre_insert_answer', 'ct_ajax_hook', 1, 1); // Answers
299
+
300
+ // Formidable
301
+ add_filter( 'frm_entries_before_create', 'apbct_rorm__formidable__testSpam', 10, 2 );
302
+ add_action( 'frm_entries_footer_scripts', 'apbct_rorm__formidable__footerScripts', 20, 2 );
303
+
304
+ // Some of plugins to register a users use AJAX context.
305
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
306
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
307
+ add_action('user_register', 'apbct_user_register');
308
+
309
+ if(class_exists('BuddyPress')){
310
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
311
+ add_filter('bp_activity_is_spam_before_save', 'apbct_integration__buddyPres__activityWall', 999 ,2); /* ActivityWall */
312
+ add_action('bp_locate_template', 'apbct_integration__buddyPres__getTemplateName', 10, 6);
313
+ }
314
+
315
+ }
316
+
317
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
318
+ //Bitrix24 contact form
319
+ if ($apbct->settings['general_contact_forms_test'] == 1 &&
320
+ !empty($_POST['your-phone']) &&
321
+ !empty($_POST['your-email']) &&
322
+ !empty($_POST['your-message'])
323
+ ){
324
+ $ct_check_post_result=false;
325
+ ct_contact_form_validate();
326
+ }
327
+
328
+ // Sends feedback to the cloud about comments
329
+ // add_action('wp_set_comment_status', 'ct_comment_send_feedback', 10, 2);
330
+
331
+ // Sends feedback to the cloud about deleted users
332
+ global $pagenow;
333
+ if($pagenow=='users.php')
334
+ add_action('delete_user', 'apbct_user__delete__hook', 10, 2);
335
+
336
+ if($pagenow=='plugins.php' || (strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'plugins.php') !== false)){
337
+
338
+ add_filter('plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
339
+ add_filter('network_admin_plugin_action_links_'.plugin_basename(__FILE__), 'apbct_admin__plugin_action_links', 10, 2);
340
+
341
+ add_filter('plugin_row_meta', 'apbct_admin__register_plugin_links', 10, 2);
342
+ }
343
+
344
+ // Public pages actions
345
+ }else{
346
+
347
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
348
+
349
+ add_action('wp_enqueue_scripts', 'ct_enqueue_scripts_public');
350
+
351
+ // Init action.
352
+ add_action('plugins_loaded', 'apbct_init', 1);
353
+
354
+ // Comments
355
+ add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
356
+ add_filter('comment_text', 'ct_comment_text' );
357
+ add_filter('wp_die_handler', 'apbct_comment__sanitize_data__before_wp_die', 1); // Check comments after validation
358
+
359
+ // Registrations
360
+ if(!isset($_POST['wp-submit'])){
361
+ add_action('login_form_register', 'apbct_cookie');
362
+ add_action('login_form_register', 'apbct_store__urls');
363
+ }
364
+ add_action('login_enqueue_scripts', 'apbct_login__scripts');
365
+ add_action('register_form', 'ct_register_form');
366
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
367
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
368
+ add_action('user_register', 'apbct_user_register');
369
+
370
+ // Multisite registrations
371
+ add_action('signup_extra_fields','ct_register_form');
372
+ add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
373
+
374
+ // Login form - for notifications only
375
+ add_filter('login_message', 'ct_login_message');
376
+
377
+ // Comments output hook
378
+ add_filter('wp_list_comments_args', 'ct_wp_list_comments_args');
379
+
380
+ // Ait-Themes fix
381
+ if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
382
+ $tmp=$_POST['redirect_to'];
383
+ unset($_POST['redirect_to']);
384
+ ct_contact_form_validate();
385
+ $_POST['redirect_to']=$tmp;
386
+ }
387
+ }
388
+
389
+ // Short code for GDPR
390
+ if($apbct->settings['gdpr_enabled'])
391
+ add_shortcode('cleantalk_gdpr_form', 'apbct_shrotcode_handler__GDPR_public_notice__form');
392
+
393
+ }
394
+
395
+ /**
396
+ * Function preforms remote call
397
+ */
398
+ function apbct_remote_call__perform()
399
+ {
400
+ global $apbct;
401
+
402
+ $remote_action = $_GET['spbc_remote_call_action'];
403
+
404
+ if(array_key_exists($remote_action, $apbct->remote_calls)){
405
+
406
+ if(time() - $apbct->remote_calls[$remote_action]['last_call'] > APBCT_REMOTE_CALL_SLEEP){
407
+
408
+ $apbct->remote_calls[$remote_action]['last_call'] = time();
409
+ $apbct->save('remote_calls');
410
+
411
+ if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
412
+
413
+ // Flag to let plugin know that Remote Call is running.
414
+ $apbct->rc_running = true;
415
+
416
+ switch ($_GET['spbc_remote_call_action']) {
417
+
418
+ // Close renew banner
419
+ case 'close_renew_banner':
420
+ $apbct->data['notice_trial'] = 0;
421
+ $apbct->data['notice_renew'] = 0;
422
+ $apbct->saveData();
423
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
424
+ die('OK');
425
+ break;
426
+
427
+ // SFW update
428
+ case 'sfw_update':
429
+ $result = ct_sfw_update(true);
430
+ /**
431
+ * @todo CRUNCH
432
+ */
433
+ if(is_string($result) && strpos($result, 'FAIL') !== false){
434
+ $result = json_decode(substr($result, 5), true);
435
+ }
436
+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
437
+ break;
438
+
439
+ // SFW send logs
440
+ case 'sfw_send_logs':
441
+ $result = ct_sfw_send_logs();
442
+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error'])));
443
+ break;
444
+
445
+ // Update plugin
446
+ case 'update_plugin':
447
+ add_action('wp', 'apbct_rc__update', 1);
448
+ break;
449
+
450
+ // Install plugin
451
+ case 'install_plugin':
452
+ add_action('wp', 'apbct_rc__install_plugin', 1);
453
+ break;
454
+ // Activate plugin
455
+ case 'activate_plugin':
456
+ $result = apbct_rc__activate_plugin($_GET['plugin']);
457
+ die(empty($result['error'])
458
+ ? 'OK'
459
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
460
+ break;
461
+
462
+ // Insert API key
463
+ case 'insert_auth_key':
464
+ $result = apbct_rc__insert_auth_key($_GET['auth_key'], $_GET['plugin']);
465
+ die(empty($result['error'])
466
+ ? 'OK'
467
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
468
+ break;
469
+
470
+ // Update settins
471
+ case 'update_settings':
472
+ $result = apbct_rc__update_settings($_GET);
473
+ die(empty($result['error'])
474
+ ? 'OK'
475
+ : 'FAIL '.json_encode(array('error' => $result['error'])));
476
+ break;
477
+ // Deactivate plugin
478
+ case 'deactivate_plugin':
479
+ add_action('plugins_loaded', 'apbct_rc__deactivate_plugin', 1);
480
+ break;
481
+
482
+ // Uninstall plugin
483
+ case 'uninstall_plugin':
484
+ add_action('plugins_loaded', 'apbct_rc__uninstall_plugin', 1);
485
+ break;
486
+ // No action found
487
+ default:
488
+ die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION_2')));
489
+ break;
490
+ }
491
+
492
+ }else
493
+ die('FAIL '.json_encode(array('error' => 'WRONG_TOKEN')));
494
+ }else
495
+ die('FAIL '.json_encode(array('error' => 'TOO_MANY_ATTEMPTS')));
496
+ }else
497
+ die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION')));
498
+ }
499
+
500
+ /**
501
+ * Function for SpamFireWall check
502
+ */
503
+ function apbct_sfw__check()
504
+ {
505
+ global $apbct, $spbc, $cleantalk_url_exclusions;
506
+
507
+ // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
508
+ if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
509
+ $core_page_to_skip_check = array('/feed');
510
+ foreach (array_merge($cleantalk_url_exclusions, $core_page_to_skip_check) as $v) {
511
+ if (stripos(filter_input(INPUT_SERVER, 'REQUEST_URI'), $v) !== false) {
512
+ return;
513
+ }
514
+ }
515
+ }
516
+
517
+ // Turn off the SpamFireWall if Remote Call is in progress
518
+ if($apbct->rc_running || (!empty($spbc) && $spbc->rc_running))
519
+ return;
520
+
521
+ $is_sfw_check = true;
522
+ $sfw = new CleantalkSFW();
523
+ $sfw->ip_array = (array)$sfw->ip__get(array('real'), true);
524
+
525
+ // Skip by cookie
526
+ foreach($sfw->ip_array as $ct_cur_ip){
527
+ if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$apbct->api_key)){
528
+ $is_sfw_check=false;
529
+ if(isset($_COOKIE['ct_sfw_passed'])){
530
+ $sfw->logs__update($ct_cur_ip, 'passed');
531
+ $apbct->data['sfw_counter']['all']++;
532
+ $apbct->saveData();
533
+ if(!headers_sent())
534
+ setcookie ('ct_sfw_passed', '0', time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false, true);
535
+ }
536
+ break;
537
+ }else{
538
+ $is_sfw_check = true;
539
+ }
540
+ }
541
+
542
+ // Skip the check
543
+ if(!empty($_GET['access'])){
544
+ $spbc_settings = get_option('spbc_settings');
545
+ $spbc_key = !empty($spbc_settings['spbc_key']) ? $spbc_settings['spbc_key'] : false;
546
+ if($_GET['access'] === $apbct->api_key || ($spbc_key !== false && $_GET['access'] === $spbc_key)){
547
+ $is_sfw_check = false;
548
+ setcookie ('spbc_firewall_pass_key', md5(filter_input(INPUT_SERVER, 'REMOTE_ADDR') . $spbc_key), time()+1200, '/');
549
+ setcookie ('ct_sfw_pass_key', md5(filter_input(INPUT_SERVER, 'REMOTE_ADDR') . $apbct->api_key), time()+1200, '/');
550
+ }
551
+ unset($spbc_settings, $spbc_key);
552
+ }
553
+
554
+ if($is_sfw_check){
555
+
556
+ $sfw->ip_check();
557
+
558
+ // Pass remote calls
559
+ if($sfw->pass === false){
560
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name'])){
561
+ foreach($sfw->blocked_ips as $ip){
562
+ $resolved = CleantalkHelper::ip__resolve($ip['ip']);
563
+ if($resolved && preg_match('/cleantalk\.org/', $resolved) === 1 || $resolved === 'back'){
564
+ $sfw->pass = true;
565
+ }
566
+ } unset($ip);
567
+ }
568
+ }
569
+
570
+ if($sfw->test){
571
+ $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST), 'test');
572
+ }
573
+
574
+ if($sfw->pass === false){
575
+ foreach($sfw->blocked_ips as $ip){
576
+ $sfw->logs__update($ip['ip'], 'blocked');
577
+ }
578
+ $apbct->data['sfw_counter']['blocked']++;
579
+ $apbct->saveData();
580
+ $sfw->sfw_die($apbct->api_key, '', parse_url(get_option('siteurl'),PHP_URL_HOST));
581
+ }else{
582
+ reset($sfw->passed_ips);
583
+ if(!empty($apbct->settings['set_cookies']) && !headers_sent() && key($sfw->passed_ips))
584
+ setcookie ('ct_sfw_pass_key', md5($sfw->passed_ips[key($sfw->passed_ips)]['ip'].$apbct->api_key), time()+86400*30, '/', parse_url(get_option('siteurl'),PHP_URL_HOST) ,false);
585
+ }
586
+ }
587
+ unset($is_sfw_check, $sfw, $sfw_ip, $ct_cur_ip);
588
+ }
589
+
590
+ /**
591
+ * On activation, set a time, frequency and name of an action hook to be scheduled.
592
+ */
593
+ function apbct_activation( $network = false ) {
594
+
595
+ global $wpdb;
596
+
597
+ // SFW data
598
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
599
+ `network` int(11) unsigned NOT NULL,
600
+ `mask` int(11) unsigned NOT NULL,
601
+ INDEX ( `network` , `mask` )
602
+ );';
603
+
604
+ // SFW log
605
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
606
+ `ip` VARCHAR(15) NOT NULL,
607
+ `all_entries` INT NOT NULL,
608
+ `blocked_entries` INT NOT NULL,
609
+ `entries_timestamp` INT NOT NULL,
610
+ PRIMARY KEY (`ip`));';
611
+
612
+ // Sessions
613
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
614
+ `id` VARCHAR(64) NOT NULL,
615
+ `name` VARCHAR(40) NOT NULL,
616
+ `value` TEXT NULL DEFAULT NULL,
617
+ `last_update` DATETIME NULL DEFAULT NULL,
618
+ PRIMARY KEY (`name`(40), `id`(64)));';
619
+
620
+ if($network && !defined('CLEANTALK_ACCESS_KEY')){
621
+ $initial_blog = get_current_blog_id();
622
+ $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
623
+ foreach ($blogs as $blog) {
624
+ switch_to_blog($blog);
625
+ apbct_activation__create_tables($sqls);
626
+ // Cron tasks
627
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
628
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
629
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
630
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+300); // SFW update
631
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
632
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
633
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
634
+ }
635
+ switch_to_blog($initial_blog);
636
+ }else{
637
+
638
+ // Cron tasks
639
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
640
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
641
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
642
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
643
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
644
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
645
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
646
+
647
+ apbct_activation__create_tables($sqls);
648
+ ct_sfw_update(); // Updating SFW
649
+ ct_account_status_check(null, false);
650
+ }
651
+
652
+ // Additional options
653
+ add_option('ct_plugin_do_activation_redirect', true);
654
+ }
655
+
656
+ function apbct_activation__create_tables($sqls) {
657
+ global $wpdb;
658
+ $wpdb->show_errors = false;
659
+ foreach($sqls as $sql){
660
+ $sql = sprintf($sql, $wpdb->prefix); // Adding current blog prefix
661
+ $result = $wpdb->query($sql);
662
+ if($result === false)
663
+ $errors[] = "Failed.\nQuery: {$wpdb->last_query}\nError: {$wpdb->last_error}";
664
+ }
665
+ $wpdb->show_errors = true;
666
+
667
+ // Logging errors
668
+ if(!empty($errors))
669
+ apbct_log($errors);
670
+ }
671
+
672
+ function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id, $meta) {
673
+ if (apbct_is_plugin_active_for_network('cleantalk-spam-protect/cleantalk.php')){
674
+
675
+ switch_to_blog($blog_id);
676
+
677
+ global $wpdb;
678
+
679
+ // SFW data
680
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw` (
681
+ `network` int(11) unsigned NOT NULL,
682
+ `mask` int(11) unsigned NOT NULL,
683
+ INDEX ( `network` , `mask` )
684
+ );';
685
+
686
+ // SFW log
687
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sfw_logs` (
688
+ `ip` VARCHAR(15) NOT NULL,
689
+ `all_entries` INT NOT NULL,
690
+ `blocked_entries` INT NOT NULL,
691
+ `entries_timestamp` INT NOT NULL,
692
+ PRIMARY KEY (`ip`));';
693
+
694
+ // Sessions
695
+ $sqls[] = 'CREATE TABLE IF NOT EXISTS `%scleantalk_sessions` (
696
+ `id` VARCHAR(64) NOT NULL,
697
+ `name` TEXT NOT NULL,
698
+ `value` TEXT NULL DEFAULT NULL,
699
+ `last_update` DATETIME NULL DEFAULT NULL,
700
+ PRIMARY KEY (`id`(64), `name`(64)));';
701
+
702
+ // Cron tasks
703
+ CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
704
+ CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
705
+ CleantalkCron::addTask('send_feedback', 'ct_send_feedback', 3600, time()+3500); // Formerly ct_hourly_event_hook()
706
+ CleantalkCron::addTask('sfw_update', 'ct_sfw_update', 86400, time()+43200); // SFW update
707
+ CleantalkCron::addTask('send_sfw_logs', 'ct_sfw_send_logs', 3600, time()+1800); // SFW send logs
708
+ CleantalkCron::addTask('get_brief_data', 'cleantalk_get_brief_data', 86400, time()+3500); // Get data for dashboard widget
709
+ CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
710
+ apbct_activation__create_tables($sqls);
711
+ ct_sfw_update(); // Updating SFW
712
+ ct_account_status_check(null, false);
713
+ restore_current_blog();
714
+ }
715
+ }
716
+
717
+ /**
718
+ * On deactivation, clear schedule.
719
+ */
720
+ function apbct_deactivation( $network ) {
721
+
722
+ global $apbct, $wpdb;
723
+
724
+ // Deactivation for network
725
+ if(is_multisite() && $network){
726
+
727
+ $initial_blog = get_current_blog_id();
728
+ $blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
729
+ foreach ($blogs as $blog) {
730
+ switch_to_blog($blog);
731
+ apbct_deactivation__delete_blog_tables();
732
+ delete_option('cleantalk_cron'); // Deleting cron entries
733
+
734
+ if($apbct->settings['complete_deactivation']){
735
+ apbct_deactivation__delete_all_options();
736
+ apbct_deactivation__delete_all_options__in_network();
737
+ }
738
+
739
+ }
740
+ switch_to_blog($initial_blog);
741
+
742
+ // Deactivation for blog
743
+ }elseif(is_multisite()){
744
+
745
+ apbct_deactivation__delete_common_tables();
746
+ delete_option('cleantalk_cron'); // Deleting cron entries
747
+
748
+ if($apbct->settings['complete_deactivation'])
749
+ apbct_deactivation__delete_all_options();
750
+
751
+ // Deactivation on standalone blog
752
+ }elseif(!is_multisite()){
753
+
754
+ apbct_deactivation__delete_common_tables();
755
+ delete_option('cleantalk_cron'); // Deleting cron entries
756
+
757
+ if($apbct->settings['complete_deactivation'])
758
+ apbct_deactivation__delete_all_options();
759
+
760
+ }
761
+ }
762
+
763
+ /**
764
+ * Delete all cleantalk_* entries from _options table
765
+ */
766
+ function apbct_deactivation__delete_all_options(){
767
+ delete_option('cleantalk_settings');
768
+ delete_option('cleantalk_data');
769
+ delete_option('cleantalk_cron');
770
+ delete_option('cleantalk_errors');
771
+ delete_option('cleantalk_remote_calls');
772
+ delete_option('cleantalk_server');
773
+ delete_option('cleantalk_stats');
774
+ delete_option('cleantalk_timelabel_reg');
775
+ }
776
+
777
+ /**
778
+ * Delete all cleantalk_* entries from _sitemeta table
779
+ */
780
+ function apbct_deactivation__delete_all_options__in_network(){
781
+ delete_site_option('cleantalk_network_settings');
782
+ delete_site_option('cleantalk_network_data');
783
+ }
784
+
785
+ function apbct_deactivation__delete_common_tables() {
786
+ global $wpdb;
787
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw`;'); // Deleting SFW data
788
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
789
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->base_prefix.'cleantalk_sessions`;'); // Deleting session table
790
+ }
791
+
792
+ function apbct_deactivation__delete_blog_tables() {
793
+ global $wpdb;
794
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
795
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
796
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sessions`;'); // Deleting session table
797
+ }
798
+
799
+ /**
800
+ * Redirects admin to plugin settings after activation.
801
+ */
802
+ function apbct_plugin_redirect()
803
+ {
804
+ global $apbct;
805
+ if (get_option('ct_plugin_do_activation_redirect', false) && !isset($_GET['activate-multi'])){
806
+ delete_option('ct_plugin_do_activation_redirect');
807
+ wp_redirect($apbct->settings_link);
808
+ }
809
+ }
810
+
811
+ function ct_add_event($event_type)
812
+ {
813
+ global $apbct, $cleantalk_executed;
814
+
815
+ //
816
+ // To migrate on the new version of ct_add_event().
817
+ //
818
+ switch ($event_type) {
819
+ case '0': $event_type = 'no';break;
820
+ case '1': $event_type = 'yes';break;
821
+ }
822
+
823
+ $current_hour = intval(date('G'));
824
+
825
+ // Updating current hour
826
+ if($current_hour!=$apbct->data['current_hour']){
827
+ $apbct->data['current_hour'] = $current_hour;
828
+ $apbct->data['array_accepted'][$current_hour] = 0;
829
+ $apbct->data['array_blocked'][$current_hour] = 0;
830
+ }
831
+
832
+ //Add 1 to counters
833
+ if($event_type=='yes'){
834
+ $apbct->data['array_accepted'][$current_hour]++;
835
+ $apbct->data['all_time_counter']['accepted']++;
836
+ $apbct->data['user_counter']['accepted']++;
837
+ }
838
+ if($event_type=='no'){
839
+ $apbct->data['array_blocked'][$current_hour]++;
840
+ $apbct->data['all_time_counter']['blocked']++;
841
+ $apbct->data['user_counter']['blocked']++;
842
+ }
843
+
844
+ $apbct->saveData();
845
+
846
+ $cleantalk_executed=true;
847
+ }
848
+
849
+ /**
850
+ * return new cookie value
851
+ */
852
+ function ct_get_cookie()
853
+ {
854
+ global $ct_checkjs_def;
855
+ $ct_checkjs_key = ct_get_checkjs_value();
856
+ print $ct_checkjs_key;
857
+ die();
858
+ }
859
+
860
+ function ct_sfw_update($immediate = false){
861
+
862
+ global $apbct;
863
+
864
+ if($apbct->settings['spam_firewall'] == 1){
865
+
866
+ $sfw = new CleantalkSFW();
867
+
868
+ $file_url = isset($_GET['file_url']) ? $_GET['file_url'] : null;
869
+ $result = $sfw->sfw_update($apbct->api_key, $file_url, $immediate);
870
+
871
+ if(empty($result['error'])){
872
+ $apbct->stats['sfw']['last_update_time'] = time();
873
+ $apbct->stats['sfw']['entries'] = $result;
874
+ $apbct->save('stats');
875
+ }
876
+
877
+ return $result;
878
+ }
879
+
880
+ return array('error' => 'SFW_DISABLED');
881
+
882
+ }
883
+
884
+ function ct_sfw_send_logs()
885
+ {
886
+ global $apbct;
887
+
888
+ if($apbct->settings['spam_firewall'] == 1){
889
+
890
+ $sfw = new CleantalkSFW();
891
+ $result = $sfw->logs__send($apbct->api_key);
892
+
893
+ if(empty($result['error'])){
894
+ $apbct->stats['sfw']['last_send_time'] = time();
895
+ $apbct->stats['sfw']['last_send_amount'] = $result['rows'];
896
+ $apbct->save('stats');
897
+ }
898
+
899
+ return $result;
900
+
901
+ }
902
+
903
+ return array('error' => 'SFW_DISABLED');
904
+ }
905
+
906
+ /**
907
+ * Wrapper for Cleantalk's remote calls
908
+ *
909
+ * @param string $action What you want to do?
910
+ * @param array $additional_params Additional GET parameters for RC
911
+ * @param string $presets Presets for CleantalkHelper::http__request(). 'async' maybe?
912
+ * @param string $plugin_name Plugin name 'antispam' by default
913
+ * @param string $call_token RC securirty token
914
+ * @param string $url Current site URL by default
915
+ *
916
+ * @return array|bool
917
+ */
918
+ function apbct_rc__send($action, $additional_params = array(), $presets = 'get', $plugin_name = 'antispam', $call_token = '', $url = ''){
919
+
920
+ global $apbct;
921
+
922
+ $default_params = array(
923
+ 'plugin_name' => $plugin_name,
924
+ 'spbc_remote_call_token' => $call_token ? $call_token : md5($apbct->api_key),
925
+ 'spbc_remote_call_action' => $action,
926
+ );
927
+
928
+ $params = array_merge($additional_params, $default_params);
929
+
930
+ return apbct_rc__parse_result(
931
+ CleantalkHelper::http__request(
932
+ $url ? $url : get_option('siteurl'),
933
+ $params,
934
+ $presets
935
+ )
936
+ );
937
+ }
938
+
939
+ /**
940
+ * Parse different types of remote call results
941
+ *
942
+ * @param array|string $rc_result
943
+ * string - 'FAIL {"some":"result}'
944
+ * string - 'OK {"some":"result}'
945
+ *
946
+ * @return array|string
947
+ */
948
+ function apbct_rc__parse_result($rc_result){
949
+ if(is_string($rc_result)){
950
+ $rc_result = preg_replace('/^(OK\s?|FAIL\s?)(.*)/', '$2', $rc_result, 1);
951
+ $rc_result = json_decode($rc_result, true);
952
+ $rc_result = $rc_result
953
+ ? $rc_result
954
+ : array('error' => 'FAIL_TO_PARSE_RC_RESULT');
955
+ }
956
+ return $rc_result;
957
+ }
958
+
959
+ /**
960
+ * Install plugin from wordpress catalog
961
+ *
962
+ * @param WP $wp
963
+ * @param string $plugin_slug
964
+ */
965
+ function apbct_rc__install_plugin($wp = null, $plugin = null){
966
+
967
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
968
+
969
+ if($plugin){
970
+
971
+ if(preg_match('/[a-zA-Z-\d]+[\/\\][a-zA-Z-\d]+\.php/', $plugin)){
972
+
973
+ $plugin_slug = preg_replace('@([a-zA-Z-\d]+)[\\\/].*@', '$1', $plugin);
974
+
975
+ if($plugin_slug){
976
+
977
+ require_once(ABSPATH.'wp-admin/includes/plugin-install.php');
978
+ $result = plugins_api(
979
+ 'plugin_information',
980
+ array(
981
+ 'slug' => $plugin_slug,
982
+ 'fileds' => array('version' => true, 'download_link' => true,),
983
+ )
984
+ );
985
+
986
+ if(!is_wp_error($result)){
987
+
988
+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
989
+ include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
990
+ include_once( ABSPATH . 'wp-admin/includes/file.php' );
991
+ include_once( ABSPATH . 'wp-admin/includes/misc.php' );
992
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
993
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
994
+
995
+ $installer= new CleantalkUpgrader( new CleantalkUpgraderSkin() );
996
+ $installer->install($result->download_link);
997
+
998
+ if($installer->apbct_result === 'OK'){
999
+ die('OK');
1000
+
1001
+ }else
1002
+ die('FAIL '. json_encode(array('error' => $installer->apbct_result)));
1003
+ }else
1004
+ die('FAIL '. json_encode(array('error' => 'FAIL_TO_GET_LATEST_VERSION', 'details' => $result->get_error_message(),)));
1005
+ }else
1006
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_SLUG_INCORRECT')));
1007
+ }else
1008
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_INCORRECT')));
1009
+ }else
1010
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1011
+ }
1012
+
1013
+ function apbct_rc__activate_plugin($plugin){
1014
+
1015
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1016
+
1017
+ if($plugin){
1018
+
1019
+ if(preg_match('@[a-zA-Z-\d]+[\\\/][a-zA-Z-\d]+\.php@', $plugin)){
1020
+
1021
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1022
+
1023
+ $result = activate_plugins($plugin);
1024
+
1025
+ if($result && !is_wp_error($result)){
1026
+ return array('success' => true);
1027
+ }else
1028
+ return array('error' => 'FAIL_TO_ACTIVATE', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''));
1029
+ }else
1030
+ return array('error' => 'PLUGIN_NAME_IS_INCORRECT');
1031
+ }else
1032
+ return array('error' => 'PLUGIN_NAME_IS_UNSET');
1033
+ }
1034
+
1035
+ /**
1036
+ * Uninstall plugin from wordpress catalog
1037
+ *
1038
+ * @param null $plugin_name
1039
+ */
1040
+ function apbct_rc__deactivate_plugin($plugin = null){
1041
+
1042
+ global $apbct;
1043
+
1044
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1045
+
1046
+ if($plugin){
1047
+
1048
+ // Switching complete deactivation for security
1049
+ if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1050
+ $spbc_settings = get_option('spbc_settings');
1051
+ $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1052
+ update_option('spbc_settings', $spbc_settings);
1053
+ }
1054
+
1055
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1056
+
1057
+ if(is_plugin_active( $plugin )){
1058
+ // Hook to set flag if the plugin is deactivated
1059
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1060
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1061
+ }else{
1062
+ $apbct->plugin_deactivated = true;
1063
+ }
1064
+
1065
+ // Hook to set flag if the plugin is deactivated
1066
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1067
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1068
+
1069
+ if($apbct->plugin_deactivated){
1070
+ die('OK');
1071
+ }else
1072
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1073
+ }else
1074
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1075
+ }
1076
+
1077
+
1078
+ /**
1079
+ * Uninstall plugin from wordpress catalog
1080
+ *
1081
+ * @param null $plugin
1082
+ */
1083
+ function apbct_rc__uninstall_plugin($plugin = null){
1084
+
1085
+ global $apbct;
1086
+
1087
+ $plugin = $plugin ? $plugin : (isset($_GET['plugin']) ? $_GET['plugin'] : null);
1088
+
1089
+ if($plugin){
1090
+
1091
+ // Switching complete deactivation for security
1092
+ if($plugin == 'security-malware-firewall/security-malware-firewall.php' && !empty($_GET['complete_deactivation'])){
1093
+ $spbc_settings = get_option('spbc_settings');
1094
+ $spbc_settings['complete_deactivation'] = intval($_GET['complete_deactivation']);
1095
+ update_option('spbc_settings', $spbc_settings);
1096
+ }
1097
+
1098
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1099
+
1100
+ if(is_plugin_active( $plugin )){
1101
+ // Hook to set flag if the plugin is deactivated
1102
+ add_action( 'deactivate_'.$plugin, 'apbct_rc__uninstall_plugin__check_deactivate' );
1103
+ deactivate_plugins($plugin, false, is_multisite() ? true : false);
1104
+ }else{
1105
+ $apbct->plugin_deactivated = true;
1106
+ }
1107
+
1108
+ if($apbct->plugin_deactivated){
1109
+
1110
+ require_once (ABSPATH .'/wp-admin/includes/file.php');
1111
+
1112
+ $result = delete_plugins(array($plugin));
1113
+
1114
+ if($result && !is_wp_error($result)){
1115
+ die('OK');
1116
+ }else
1117
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_EXISTS', 'details' => (is_wp_error($result) ? ' '.$result->get_error_message() : ''))));
1118
+ }else
1119
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_STILL_ACTIVE')));
1120
+ }else
1121
+ die('FAIL '. json_encode(array('error' => 'PLUGIN_NAME_IS_UNSET')));
1122
+ }
1123
+
1124
+ function apbct_rc__uninstall_plugin__check_deactivate(){
1125
+ global $apbct;
1126
+ $apbct->plugin_deactivated = true;
1127
+ }
1128
+
1129
+ function apbct_rc__update(){
1130
+
1131
+ //Upgrade params
1132
+ $plugin = 'cleantalk-spam-protect/cleantalk.php';
1133
+ $plugin_slug = 'cleantalk-spam-protect';
1134
+ $title = __('Update Plugin');
1135
+ $nonce = 'upgrade-plugin_' . $plugin;
1136
+ $url = 'update.php?action=upgrade-plugin&plugin=' . urlencode( $plugin );
1137
+
1138
+ $prev_version = APBCT_VERSION;
1139
+
1140
+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
1141
+ include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
1142
+ include_once( ABSPATH . 'wp-admin/includes/file.php' );
1143
+ include_once( ABSPATH . 'wp-admin/includes/misc.php' );
1144
+
1145
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgrader.php' );
1146
+ include_once( CLEANTALK_PLUGIN_DIR . 'lib/CleantalkUpgraderSkin.php' );
1147
+
1148
+ apbct_maintance_mode__enable( 30 );
1149
+
1150
+ $upgrader = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin') ) );
1151
+ $upgrader->upgrade($plugin);
1152
+
1153
+ apbct_maintance_mode__disable();
1154
+
1155
+ $result = activate_plugins( $plugin );
1156
+
1157
+ // Changing response UP_TO_DATE to OK
1158
+ if($upgrader->apbct_result === 'UP_TO_DATE')
1159
+ $upgrader->apbct_result = 'OK';
1160
+
1161
+ if($upgrader->apbct_result === 'OK'){
1162
+
1163
+ if(is_wp_error($result)){
1164
+ die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1165
+ }
1166
+
1167
+ $httpResponseCode = CleantalkHelper::http__request(get_option('siteurl'), array(), 'get_code');
1168
+
1169
+ if( strpos($httpResponseCode, '200') === false ){
1170
+
1171
+ apbct_maintance_mode__enable( 30 );
1172
+
1173
+ // Rollback
1174
+ $rollback = new CleantalkUpgrader( new CleantalkUpgraderSkin( compact('title', 'nonce', 'url', 'plugin_slug', 'prev_version') ) );
1175
+ $rollback->rollback($plugin);
1176
+
1177
+ apbct_maintance_mode__disable();
1178
+
1179
+ $response = array(
1180
+ 'error' => 'BAD_HTTP_CODE',
1181
+ 'http_code' => $httpResponseCode,
1182
+ 'output' => substr(file_get_contents(get_option('siteurl')), 0, 900),
1183
+ 'rollback_result' => $rollback->apbct_result,
1184
+ );
1185
+
1186
+ die('FAIL '.json_encode($response));
1187
+ }
1188
+
1189
+ $plugin_data = get_plugin_data(__FILE__);
1190
+ $apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
1191
+ ct_send_feedback('0:' . $apbct_agent);
1192
+
1193
+ die('OK '.json_encode(array('agent' => $apbct_agent)));
1194
+
1195
+ }else{
1196
+ die('FAIL '. json_encode(array('error' => $upgrader->apbct_result)));
1197
+ }
1198
+ }
1199
+
1200
+ function apbct_rc__update_settings($source) {
1201
+
1202
+ global $apbct;
1203
+
1204
+ foreach($apbct->def_settings as $setting => $def_value){
1205
+ if(array_key_exists($setting, $source)){
1206
+ $var = $source[$setting];
1207
+ $type = gettype($def_value);
1208
+ settype($var, $type);
1209
+ if($type == 'string')
1210
+ $var = preg_replace(array('/=/', '/`/'), '', $var);
1211
+ $apbct->settings[$setting] = $var;
1212
+ }
1213
+ }
1214
+
1215
+ $apbct->save('settings');
1216
+
1217
+ return true;
1218
+ }
1219
+
1220
+ function apbct_rc__insert_auth_key($key, $plugin){
1221
+
1222
+ global $apbct;
1223
+
1224
+ if($plugin === 'security-malware-firewall/security-malware-firewall.php'){
1225
+
1226
+ require_once (ABSPATH .'/wp-admin/includes/plugin.php');
1227
+
1228
+ if(is_plugin_active( $plugin )){
1229
+
1230
+ $key = trim($key);
1231
+
1232
+ if($key && preg_match('/^[a-z\d]{3,15}$/', $key)){
1233
+
1234
+ $result = CleantalkAPI::method__notice_paid_till(
1235
+ $key,
1236
+ preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1) // Site URL
1237
+ );
1238
+
1239
+ if( empty( $result['error'] ) ) {
1240
+
1241
+ if( $result['valid'] ){
1242
+
1243
+ // Set account params
1244
+ $data = get_option('spbc_data', array());
1245
+ $data['user_token'] = $result['user_token'];
1246
+ $data['notice_show'] = $result['show_notice'];
1247
+ $data['notice_renew'] = $result['renew'];
1248
+ $data['notice_trial'] = $result['trial'];
1249
+ $data['auto_update_app'] = isset($result['show_auto_update_notice']) ? $result['show_auto_update_notice'] : 0;
1250
+ $data['service_id'] = $result['service_id'];
1251
+ $data['moderate'] = $result['moderate'];
1252
+ $data['auto_update_app '] = isset($result['auto_update_app']) ? $result['auto_update_app'] : 0;
1253
+ $data['license_trial'] = isset($result['license_trial']) ? $result['license_trial'] : 0;
1254
+ $data['account_name_ob'] = isset($result['account_name_ob']) ? $result['account_name_ob'] : '';
1255
+ $data['key_is_ok'] = true;
1256
+ update_option('spbc_data', $data);
1257
+
1258
+ // Set key
1259
+ $settings = get_option('spbc_settings', array());
1260
+ $settings['spbc_key'] = $key;
1261
+ update_option('spbc_settings', $settings);
1262
+
1263
+ return 'OK';
1264
+ }else
1265
+ return array('error' => 'KEY_IS_NOT_VALID');
1266
+ }else
1267
+ return array('error' => $result);
1268
+ }else
1269
+ return array('error' => 'KEY_IS_NOT_CORRECT');
1270
+ }else
1271
+ return array('error' => 'PLUGIN_IS_NOT_ACTIVE_OR_NOT_INSTALLED');
1272
+ }else
1273
+ return array('error' => 'PLUGIN_SLUG_INCORRECT');
1274
+ }
1275
+
1276
+ /**
1277
+ * Putting Wordpress to maintenance mode.
1278
+ * For given duration in seconds
1279
+ *
1280
+ * @param $duration
1281
+ *
1282
+ * @return bool
1283
+ */
1284
+ function apbct_maintance_mode__enable( $duration ) {
1285
+ apbct_maintance_mode__disable();
1286
+ $content = "<?php\n\n"
1287
+ . '$upgrading = ' . (time() - ( 60 * 10 ) + $duration) . ';';
1288
+
1289
+ return (bool)file_put_contents( ABSPATH . '.maintenance', $content );
1290
+ }
1291
+
1292
+ /**
1293
+ * Disabling maintenance mode by deleting .maintenance file.
1294
+ *
1295
+ * @return void
1296
+ */
1297
+ function apbct_maintance_mode__disable() {
1298
+ $maintenance_file = ABSPATH . '.maintenance';
1299
+ if ( file_exists( $maintenance_file ) ) {
1300
+ unlink( $maintenance_file );
1301
+ }
1302
+ }
1303
+
1304
+ function cleantalk_get_brief_data(){
1305
+
1306
+ global $apbct;
1307
+
1308
+ $apbct->data['brief_data'] = CleantalkAPI::method__get_antispam_report_breif($apbct->api_key);
1309
+ $apbct->saveData();
1310
+
1311
+ return;
1312
+ }
1313
+
1314
+ //Delete cookie for admin trial notice
1315
+ function apbct__hook__wp_logout__delete_trial_notice_cookie(){
1316
+ if(!headers_sent())
1317
+ setcookie('ct_trial_banner_closed', '', time()-3600);
1318
+ }
1319
+
1320
+ function apbct_alt_session__id__get(){
1321
+ $id = CleantalkHelper::ip__get(array('real'))
1322
+ .filter_input(INPUT_SERVER, 'HTTP_USER_AGENT')
1323
+ //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT') // Could be different. Broke session id
1324
+ .filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE');
1325
+ //.filter_input(INPUT_SERVER, 'HTTP_ACCEPT_ENCODING'); // Could be different. Broke session id
1326
+ return hash('sha256', $id);
1327
+ }
1328
+
1329
+ function apbct_alt_sessions__remove_old(){
1330
+ if(rand(0, 1000) < APBCT_SEESION__CHANCE_TO_CLEAN){
1331
+ global $wpdb;
1332
+ $wpdb->query(
1333
+ 'DELETE
1334
+ FROM `'. APBCT_TBL_SESSIONS .'`
1335
+ WHERE last_update < NOW() - INTERVAL '. APBCT_SEESION__LIVE_TIME .' SECOND
1336
+ LIMIT 100000;'
1337
+ );
1338
+ }
1339
+ }
1340
+
1341
+ function apbct_alt_session__save($name, $value){
1342
+
1343
+ global $wpdb;
1344
+
1345
+ $session_id = apbct_alt_session__id__get();
1346
+
1347
+ $wpdb->query(
1348
+ $wpdb->prepare(
1349
+ 'INSERT INTO '. APBCT_TBL_SESSIONS .'
1350
+ (id, name, value, last_update)
1351
+ VALUES (%s, %s, %s, %s)
1352
+ ON DUPLICATE KEY UPDATE
1353
+ value = %s,
1354
+ last_update = %s',
1355
+ $session_id, $name, $value, date('Y-m-d H:i:s'), $value, date('Y-m-d H:i:s')
1356
+ )
1357
+ );
1358
+
1359
+ }
1360
+
1361
+ function apbct_alt_session__get($name){
1362
+ global $wpdb;
1363
+ $session_id = apbct_alt_session__id__get();
1364
+ $result = $wpdb->get_row(
1365
+ $wpdb->prepare(
1366
+ 'SELECT value
1367
+ FROM `'. APBCT_TBL_SESSIONS .'`
1368
+ WHERE id = %s AND name = %s;',
1369
+ $session_id, $name
1370
+ ),
1371
+ OBJECT
1372
+ );
1373
+
1374
+ $result = isset($result->value)
1375
+ ? strpos($result->value, '{') === 0
1376
+ ? (array)json_decode($result->value, true) // JSON
1377
+ : $result->value
1378
+ : false;
1379
+
1380
+ return $result ? $result : null;
1381
+ }
1382
+
1383
+ function apbct_store__urls(){
1384
+
1385
+ global $apbct;
1386
+
1387
+ if($apbct->settings['store_urls'] && empty($apbct->flags__url_stored) && !headers_sent()){
1388
+
1389
+ // URLs HISTORY
1390
+ // Get current url
1391
+ $current_url = filter_input(INPUT_SERVER, 'HTTP_HOST').filter_input(INPUT_SERVER, 'REQUEST_URI');
1392
+ $current_url = $current_url ? substr($current_url, 0,256) : 'UNKNOWN';
1393
+
1394
+ // Get already stored URLs
1395
+ $urls = $apbct->settings['store_urls__sessions']
1396
+ ? (array)apbct_alt_session__get('apbct_urls')
1397
+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
1398
+
1399
+ $urls[$current_url][] = time();
1400
+
1401
+ // Rotating. Saving only latest 10
1402
+ $urls[$current_url] = count($urls[$current_url]) > 10 ? array_slice($urls[$current_url], 1, 10) : $urls[$current_url];
1403
+ $urls = count($urls) > 10 ? array_slice($urls, 1, 10) : $urls;
1404
+
1405
+ // Saving
1406
+ $apbct->settings['store_urls__sessions']
1407
+ ? apbct_alt_session__save('apbct_urls', json_encode($urls))
1408
+ : setcookie('apbct_urls', json_encode($urls), time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1409
+
1410
+ // REFERER
1411
+ // Get current fererer
1412
+ $new_site_referer = filter_input(INPUT_SERVER, 'HTTP_REFERER');
1413
+ $new_site_referer = $new_site_referer ? $new_site_referer : 'UNKNOWN';
1414
+
1415
+ // Get already stored referer
1416
+ $site_referer = $apbct->settings['store_urls__sessions']
1417
+ ? apbct_alt_session__get('apbct_site_referer')
1418
+ : filter_input(INPUT_COOKIE, 'apbct_site_referer');
1419
+
1420
+ // Save if empty
1421
+ if(!$site_referer || parse_url($new_site_referer, PHP_URL_HOST) !== filter_input(INPUT_SERVER, 'HTTP_HOST')){
1422
+
1423
+ $apbct->settings['store_urls__sessions']
1424
+ ? apbct_alt_session__save('apbct_site_referer', $new_site_referer)
1425
+ : setcookie('apbct_site_referer', $new_site_referer, time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
1426
+ }
1427
+
1428
+ $apbct->flags__url_stored = true;
1429
+
1430
+ }
1431
+ }
1432
+
1433
+ /*
1434
+ * Set Cookies test for cookie test
1435
+ * Sets cookies with pararms timestamp && landing_timestamp && pervious_referer
1436
+ * Sets test cookie with all other cookies
1437
+ */
1438
+ function apbct_cookie(){
1439
+
1440
+ global $apbct;
1441
+
1442
+ if($apbct->settings['store_urls__sessions'] || $apbct->settings['set_cookies__sessions'])
1443
+ apbct_alt_sessions__remove_old();
1444
+
1445
+ if(
1446
+ empty($apbct->settings['set_cookies']) || // Do not set cookies if option is disabled (for Varnish cache).
1447
+ !empty($apbct->flags__cookies_setuped) || // Cookies already set
1448
+ !empty($apbct->headers_sent) // Headers sent
1449
+ )
1450
+ return false;
1451
+
1452
+ // Prevent headers sent error
1453
+ if(headers_sent($file, $line)){
1454
+ $apbct->headers_sent = true;
1455
+ $apbct->headers_sent__hook = current_action();
1456
+ $apbct->headers_sent__where = $file.':'.$line;
1457
+ return false;
1458
+ }
1459
+
1460
+
1461
+ // Cookie names to validate
1462
+ $cookie_test_value = array(
1463
+ 'cookies_names' => array(),
1464
+ 'check_value' => $apbct->api_key,
1465
+ );
1466
+
1467
+ $domain = parse_url(get_option('siteurl'),PHP_URL_HOST);
1468
+
1469
+ // Submit time
1470
+ if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
1471
+ $apbct_timestamp = time();
1472
+ $apbct->settings['set_cookies__sessions']
1473
+ ? apbct_alt_session__save('apbct_timestamp', $apbct_timestamp)
1474
+ : setcookie('apbct_timestamp', $apbct_timestamp, 0, '/', $domain, false, true);
1475
+ $cookie_test_value['cookies_names'][] = 'apbct_timestamp';
1476
+ $cookie_test_value['check_value'] .= $apbct_timestamp;
1477
+ }
1478
+
1479
+ // Pervious referer
1480
+ if(filter_input(INPUT_SERVER, 'HTTP_REFERER')){
1481
+ $apbct->settings['set_cookies__sessions']
1482
+ ? apbct_alt_session__save('apbct_prev_referer', filter_input(INPUT_SERVER, 'HTTP_REFERER'))
1483
+ : setcookie('apbct_prev_referer', filter_input(INPUT_SERVER, 'HTTP_REFERER'), 0, '/', $domain, false, true);
1484
+ $cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
1485
+ $cookie_test_value['check_value'] .= filter_input(INPUT_SERVER, 'HTTP_REFERER');
1486
+ }
1487
+
1488
+ // Landing time
1489
+ $site_landing_timestamp = $apbct->settings['set_cookies__sessions']
1490
+ ? apbct_alt_session__get('apbct_site_landing_ts')
1491
+ : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
1492
+ if(!$site_landing_timestamp){
1493
+ $site_landing_timestamp = time();
1494
+ $apbct->settings['set_cookies__sessions']
1495
+ ? apbct_alt_session__save('apbct_site_landing_ts', $site_landing_timestamp)
1496
+ : setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/', $domain, false, true);
1497
+ }
1498
+ $cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
1499
+ $cookie_test_value['check_value'] .= $site_landing_timestamp;
1500
+
1501
+ // Page hits
1502
+ // Get
1503
+ $page_hits = $apbct->settings['set_cookies__sessions']
1504
+ ? apbct_alt_session__get('apbct_page_hits')
1505
+ : filter_input(INPUT_COOKIE, 'apbct_page_hits');
1506
+ // Set / Increase
1507
+ $page_hits = intval($page_hits) ? $page_hits + 1 : 1;
1508
+
1509
+ $apbct->settings['set_cookies__sessions']
1510
+ ? apbct_alt_session__save('apbct_page_hits', $page_hits)
1511
+ : setcookie('apbct_page_hits', $page_hits, 0, '/', $domain, false, true);
1512
+
1513
+ $cookie_test_value['cookies_names'][] = 'apbct_page_hits';
1514
+ $cookie_test_value['check_value'] .= $page_hits;
1515
+
1516
+ // Cookies test
1517
+ $cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
1518
+ if(!$apbct->settings['set_cookies__sessions'])
1519
+ setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/', $domain, false, true);
1520
+
1521
+ $apbct->flags__cookies_setuped = true;
1522
+
1523
+ }
1524
+
1525
+ /**
1526
+ * Cookies test for sender
1527
+ * Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES
1528
+ * @return null|0|1;
1529
+ */
1530
+ function apbct_cookies_test()
1531
+ {
1532
+ global $apbct;
1533
+
1534
+ if($apbct->settings['set_cookies__sessions'])
1535
+ return 1;
1536
+
1537
+ if(isset($_COOKIE['apbct_cookies_test'])){
1538
+
1539
+ $cookie_test = json_decode(urldecode($_COOKIE['apbct_cookies_test']),true);
1540
+
1541
+ if(!is_array($cookie_test))
1542
+ return 0;
1543
+
1544
+ $check_srting = $apbct->api_key;
1545
+ foreach($cookie_test['cookies_names'] as $cookie_name){
1546
+ $check_srting .= isset($_COOKIE[$cookie_name]) ? $_COOKIE[$cookie_name] : '';
1547
+ } unset($cookie_name);
1548
+
1549
+ if($cookie_test['check_value'] == md5($check_srting)){
1550
+ return 1;
1551
+ }else{
1552
+ return 0;
1553
+ }
1554
+ }else{
1555
+ return null;
1556
+ }
1557
+ }
1558
+
1559
+ function apbct_cookies__delete($cookie){
1560
+ if(isset($_COOKIE[$cookie]))
1561
+ setcookie($cookie, '', time()-3600);
1562
+ }
1563
+
1564
+ function apbct_cookies__delete_all(){
1565
+ if(count($_COOKIE)){
1566
+ foreach($_COOKIE as $key => $val){
1567
+ if(preg_match("/apbct_|ct_/", $key)){
1568
+ setcookie($key, '', time()-3600);
1569
+ }
1570
+ } unset($key, $val);
1571
+ }
1572
+ return false;
1573
+ }
1574
+
1575
+ /**
1576
+ * Gets submit time
1577
+ * Uses Cookies with check via apbct_cookies_test()
1578
+ * @return null|int;
1579
+ */
1580
+ function apbct_get_submit_time()
1581
+ {
1582
+ global $apbct;
1583
+ $apbct_timestamp = $apbct->settings['set_cookies__sessions']
1584
+ ? apbct_alt_session__get('apbct_timestamp')
1585
+ : filter_input(INPUT_COOKIE, 'apbct_timestamp');
1586
+ return apbct_cookies_test() == 1 ? time() - (int)$apbct_timestamp : null;
1587
+ }
1588
+
1589
+ /*
1590
+ * Inner function - Account status check
1591
+ * Scheduled in 1800 seconds for default!
1592
+ */
1593
+ function ct_account_status_check($api_key = null, $process_errors = true){
1594
+
1595
+ global $apbct;
1596
+
1597
+ $api_key = $api_key ? $api_key : $apbct->api_key;
1598
+ $result = CleantalkAPI::method__notice_paid_till(
1599
+ $api_key,
1600
+ preg_replace('/http[s]?:\/\//', '', get_option('siteurl'), 1)
1601
+ );
1602
+
1603
+ if(empty($result['error']) || !empty($result['valid'])){
1604
+
1605
+ // Notices
1606
+ $apbct->data['notice_show'] = isset($result['show_notice']) ? (int)$result['show_notice'] : 0;
1607
+ $apbct->data['notice_renew'] = isset($result['renew']) ? (int)$result['renew'] : 0;
1608
+ $apbct->data['notice_trial'] = isset($result['trial']) ? (int)$result['trial'] : 0;
1609
+ $apbct->data['notice_review'] = isset($result['show_review']) ? (int)$result['show_review'] : 0;
1610
+ $apbct->data['notice_auto_update'] = isset($result['show_auto_update_notice']) ? (int)$result['show_auto_update_notice'] : 0;
1611
+
1612
+ // Other
1613
+ $apbct->data['service_id'] = isset($result['service_id']) ? (int)$result['service_id'] : 0;
1614
+ $apbct->data['valid'] = isset($result['valid']) ? (int)$result['valid'] : 0;
1615
+ $apbct->data['moderate'] = isset($result['moderate']) ? (int)$result['moderate'] : 0;
1616
+ $apbct->data['ip_license'] = isset($result['ip_license']) ? (int)$result['ip_license'] : 0;
1617
+ $apbct->data['moderate_ip'] = isset($result['moderate_ip'], $result['ip_license']) ? (int)$result['moderate_ip'] : 0;
1618
+ $apbct->data['spam_count'] = isset($result['spam_count']) ? (int)$result['spam_count'] : 0;
1619
+ $apbct->data['auto_update'] = isset($result['auto_update_app']) ? (int)$result['auto_update_app'] : 0;
1620
+ $apbct->data['user_token'] = isset($result['user_token']) ? (string)$result['user_token'] : '';
1621
+ $apbct->data['license_trial'] = isset($result['license_trial']) ? (int)$result['license_trial'] : 0;
1622
+ $apbct->data['account_name_ob'] = isset($result['account_name_ob']) ? (string)$result['account_name_ob'] : '';
1623
+
1624
+ if($apbct->data['notice_show'] == 1 && $apbct->data['notice_trial'] == 1)
1625
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 3600);
1626
+
1627
+ if($apbct->data['notice_show'] == 1 && $apbct->data['notice_renew'] == 1)
1628
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 1800);
1629
+
1630
+ if($apbct->data['notice_show'] == 0)
1631
+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
1632
+
1633
+ $apbct->error_delete('account_check', 'save');
1634
+
1635
+ $apbct->saveData();
1636
+
1637
+ }elseif($process_errors){
1638
+ $apbct->error_add('account_check', $result);
1639
+ }
1640
+
1641
+ if(!empty($result['valid'])){
1642
+ $apbct->data['key_is_ok'] = true;
1643
+ $result = true;
1644
+ }else{
1645
+ $apbct->data['key_is_ok'] = false;
1646
+ $result = false;
1647
+ }
1648
+
1649
+ return $result;
1650
+ }
1651
+
1652
+ function ct_mail_send_connection_report() {
1653
+
1654
+ global $apbct;
1655
+
1656
+ if (($apbct->settings['send_connection_reports'] == 1 && $apbct->connection_reports['negative'] > 0) || !empty($_GET['ct_send_connection_report']))
1657
+ {
1658
+ $to = "welcome@cleantalk.org" ;
1659
+ $subject = "Connection report for ".filter_input(INPUT_SERVER, 'HTTP_HOST');
1660
+ $message = '
1661
+ <html>
1662
+ <head>
1663
+ <title></title>
1664
+ </head>
1665
+ <body>
1666
+ <p>From '.$apbct->connection_reports['since'].' to '.date('d M').' has been made '.($apbct->connection_reports['success']+$apbct->connection_reports['negative']).' calls, where '.$apbct->connection_reports['success'].' were success and '.$apbct->connection_reports['negative'].' were negative</p>
1667
+ <p>Negative report:</p>
1668
+ <table> <tr>
1669
+ <td>&nbsp;</td>
1670
+ <td><b>Date</b></td>
1671
+ <td><b>Page URL</b></td>
1672
+ <td><b>Library report</b></td>
1673
+ <td><b>Server IP</b></td>
1674
+ </tr>
1675
+ ';
1676
+ foreach ($apbct->connection_reports['negative_report'] as $key => $report)
1677
+ {
1678
+ $message.= '<tr>'
1679
+ . '<td>'.($key+1).'.</td>'
1680
+ . '<td>'.$report['date'].'</td>'
1681
+ . '<td>'.$report['page_url'].'</td>'
1682
+ . '<td>'.$report['lib_report'].'</td>'
1683
+ . '<td>'.$report['work_url'].'</td>'
1684
+ . '</tr>';
1685
+ }
1686
+ $message.='</table></body></html>';
1687
+
1688
+ $headers = 'Content-type: text/html; charset=windows-1251 \r\n';
1689
+ $headers .= 'From: '.get_option('admin_email');
1690
+ mail($to, $subject, $message, $headers);
1691
+ }
1692
+
1693
+ $apbct->data['connection_reports'] = $apbct->def_data['connection_reports'];
1694
+ $apbct->data['connection_reports']['since'] = date('d M');
1695
+ $apbct->saveData();
1696
+ }
1697
+
1698
+ //* Write $message to the plugin's debug option
1699
+ function apbct_log($message = 'empty', $func = null, $params = array())
1700
+ {
1701
+ global $apbct;
1702
+
1703
+ $debug = get_option( APBCT_DEBUG );
1704
+
1705
+ $function = $func ? $func : '';
1706
+ $cron = in_array('cron', $params) ? true : false;
1707
+ $data = in_array('data', $params) ? true : false;
1708
+ $settings = in_array('settings', $params) ? true : false;
1709
+
1710
+ if(is_array($message) or is_object($message))
1711
+ $message = print_r($message, true);
1712
+
1713
+ if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
1714
+ if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1715
+ if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1716
+ if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1717
+
1718
+ update_option(APBCT_DEBUG, $debug);
1719
+ }
1720
+
1721
+ function apbct_sfw__delete_tables( $blog_id, $drop ) {
1722
+
1723
+ global $wpdb;
1724
+
1725
+ $initial_blog = get_current_blog_id();
1726
+
1727
+ switch_to_blog($blog_id);
1728
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
1729
+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
1730
+
1731
+ switch_to_blog($initial_blog);
1732
+ }
1733
+
1734
+ /**
1735
+ * Is enable for user group
1736
+ *
1737
+ * @param WP_User $user
1738
+ *
1739
+ * @return boolean
1740
+ */
1741
+ function apbct_is_user_enable($user = null) {
1742
+
1743
+ global $current_user;
1744
+
1745
+ $user = !empty($user) ? $user : $current_user;
1746
+
1747
+ return apbct_is_user_role_in(array('administrator', 'editor', 'author'), $user)
1748
+ ? false
1749
+ : true;
1750
+ }
1751
+
1752
+ /**
1753
+ * Checks if the current user has role
1754
+ *
1755
+ * @param array $roles array of strings
1756
+ * @param int|string|WP_User|mixed $user User ID to check|user_login|WP_User
1757
+ *
1758
+ * @return boolean Does the user has this role|roles
1759
+ */
1760
+ function apbct_is_user_role_in( $roles, $user = false ){
1761
+
1762
+ if( is_numeric($user) && function_exists('get_userdata')) $user = get_userdata( $user );
1763
+ if( is_string($user) && function_exists('get_user_by')) $user = get_user_by('login', $user );
1764
+ if( ! $user && function_exists('wp_get_current_user')) $user = wp_get_current_user();
1765
+ if( ! $user ) $user = apbct_wp_get_current_user();
1766
+
1767
+ if( empty($user->ID) )
1768
+ return false;
1769
+
1770
+ foreach( (array) $roles as $role ){
1771
+ if( isset($user->caps[ strtolower($role) ]) || in_array(strtolower($role), $user->roles) )
1772
+ return true;
1773
+ }
1774
+
1775
+ return false;
1776
+ }
1777
+
1778
+ /**
1779
+ * Update and rotate statistics with requests exection time
1780
+ *
1781
+ * @param $exec_time
1782
+ */
1783
+ function apbct_statistics__rotate($exec_time){
1784
+
1785
+ global $apbct;
1786
+
1787
+ // Delete old stats
1788
+ if(min(array_keys($apbct->stats['requests'])) < time() - (86400 * 7))
1789
+ unset($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]);
1790
+
1791
+ // Create new if newest older than 1 day
1792
+ if(empty($apbct->stats['requests']) || max(array_keys($apbct->stats['requests'])) < time() - (86400 * 1))
1793
+ $apbct->stats['requests'][time()] = array('amount' => 0, 'average_time' => 0);
1794
+
1795
+ // Update all existing stats
1796
+ foreach($apbct->stats['requests'] as &$weak_stat){
1797
+ $weak_stat['average_time'] = ($weak_stat['average_time'] * $weak_stat['amount'] + $exec_time) / ++$weak_stat['amount'];
1798
+ }
1799
+
1800
+ $apbct->save('stats');
1801
+ }
1802
+
1803
+ /**
1804
+ * Runs update actions for new version.
1805
+ *
1806
+ * @global CleantalkState $apbct
1807
+ */
1808
+ function apbct_update_actions(){
1809
+
1810
+ global $apbct;
1811
+
1812
+ // Update logic
1813
+ if($apbct->plugin_version != APBCT_VERSION){
1814
+
1815
+ // Main blog
1816
+ if(is_main_site()){
1817
+
1818
+ require_once(CLEANTALK_PLUGIN_DIR.'inc/cleantalk-updater.php');
1819
+
1820
+ $result = apbct_run_update_actions($apbct->plugin_version, APBCT_VERSION);
1821
+
1822
+ //If update is successfull
1823
+ if($result === true)
1824
+ apbct_update__set_version__from_plugin('from_plugin');
1825
+
1826
+ ct_send_feedback('0:' . APBCT_AGENT ); // Send feedback to let cloud know about updated version.
1827
+
1828
+ // Side blogs
1829
+ }else{
1830
+ apbct_update__set_version__from_plugin('from_plugin');
1831
+ }
1832
+ }
1833
+
1834
+ }
1835
+
1836
+ /**
1837
+ * Set version of plugin in database
1838
+ *
1839
+ * @param string $ver
1840
+ *
1841
+ * @return bool
1842
+ * @global CleantalkState $apbct
1843
+ *
1844
+ */
1845
+ function apbct_update__set_version__from_plugin($ver){
1846
+ global $apbct;
1847
+ switch (true){
1848
+ case $ver === 'from_plugin':
1849
+ $apbct->data['plugin_version'] = APBCT_VERSION;
1850
+ break;
1851
+ case preg_match('/^\d+\.\d+(\.\d+)?(-[a-zA-Z0-9-_]+)?$/', $ver) === 1;
1852
+ $apbct->data['plugin_version'] = $ver;
1853
+ break;
1854
+ default:
1855
+ return false;
1856
+ break;
1857
+ }
1858
+ $apbct->saveData();
1859
+ return true;
1860
+ }
1861
+
1862
+ function apbct_http_method(){
1863
+ $method = filter_input(INPUT_SERVER, 'REQUEST_METHOD');
1864
+ return is_string($method) ? strtoupper( $method ) : '';
1865
+ }
1866
+
1867
+ function apbct_is_post(){
1868
+ return apbct_http_method() === 'POST';
1869
+ }
1870
+
1871
+ function apbct_is_get(){
1872
+ return apbct_http_method() === 'GET';
1873
+ }
1874
+
1875
+ function apbct_is_in_referer( $str ){
1876
+ return isset( $_SERVER['HTTP_REFERER'] ) && strpos( $_SERVER['HTTP_REFERER'], $str ) !== false;
1877
+ }
1878
+
1879
+ function apbct_is_in_uri( $str ){
1880
+ return isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], $str ) !== false;
1881
+
1882
  }
inc/cleantalk-pluggable.php CHANGED
@@ -215,7 +215,8 @@ function apbct_is_ajax() {
215
  return
216
  (defined( 'DOING_AJAX' ) && DOING_AJAX) || // by standart WP functions
217
  (filter_input(INPUT_SERVER, 'HTTP_X_REQUESTED_WITH') && strtolower(filter_input(INPUT_SERVER, 'HTTP_X_REQUESTED_WITH')) == 'xmlhttprequest') || // by Request type
218
- !empty($_POST['quform_ajax']); // special. QForms
 
219
 
220
  }
221
 
215
  return
216
  (defined( 'DOING_AJAX' ) && DOING_AJAX) || // by standart WP functions
217
  (filter_input(INPUT_SERVER, 'HTTP_X_REQUESTED_WITH') && strtolower(filter_input(INPUT_SERVER, 'HTTP_X_REQUESTED_WITH')) == 'xmlhttprequest') || // by Request type
218
+ !empty($_POST['quform_ajax']) || // special. QForms
219
+ !empty($_POST['iphorm_ajax']); // special. IPHorm
220
 
221
  }
222
 
inc/cleantalk-public.php CHANGED
@@ -43,7 +43,7 @@ function apbct_init() {
43
  }
44
 
45
  // Check and redirecct
46
- if(filter_input(INPUT_SERVER, 'REQUEST_METHOD') == 'POST'
47
  && isset($_POST['cleantalk_hidden_method'])
48
  && isset($_POST['cleantalk_hidden_action'])
49
  ){
@@ -271,7 +271,7 @@ function apbct_init() {
271
  if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
272
  add_action( 'init', 'ct_contact_form_validate', 999 );
273
  }
274
- if(filter_input(INPUT_SERVER, 'REQUEST_METHOD') == 'POST' &&
275
  $apbct->settings['general_postdata_test'] == 1 &&
276
  !isset($_POST['ct_checkjs_cf7']) &&
277
  !is_admin() &&
@@ -1101,7 +1101,7 @@ function ct_preprocess_comment($comment) {
1101
  return $comment;
1102
 
1103
  $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1104
-
1105
  if($apbct->settings['check_comments_number']){
1106
  $args = array(
1107
  'author_email' => $comment['comment_author_email'],
@@ -1119,9 +1119,10 @@ function ct_preprocess_comment($comment) {
1119
  apbct_is_user_enable() === false ||
1120
  $apbct->settings['comments_test'] == 0 ||
1121
  $ct_comment_done ||
1122
- (stripos(filter_input(INPUT_SERVER, 'HTTP_REFERER'),'page=wysija_campaigns&action=editTemplate')!==false) ||
1123
  (isset($is_max_comments) && $is_max_comments) ||
1124
- strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/wp-admin/')!==false)
 
1125
  )
1126
  {
1127
  return $comment;
@@ -1405,7 +1406,7 @@ function apbct_js_test($field_name = 'ct_checkjs', $data = null) {
1405
  $apbct->settings['use_static_js_key'] == 1 ||
1406
  ( $apbct->settings['use_static_js_key'] == - 1 &&
1407
  ( apbct_is_cache_plugins_exists() ||
1408
- ( strtolower( filter_input(INPUT_SERVER, 'REQUEST_METHOD') ) == 'post' && $apbct->data['cache_detected'] == 1 )
1409
  )
1410
  )
1411
  ){
@@ -2937,12 +2938,12 @@ function ct_contact_form_validate() {
2937
  (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2938
  (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2939
  (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2940
- strpos(filter_input(INPUT_SERVER, 'HTTP_REFERER'),'lostpassword') !== false ||
2941
  (strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/wp-admin/')!== false && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
2942
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'wp-login.php')!==false||
2943
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'wp-comments-post.php')!==false ||
2944
- strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'?provider=facebook&')!==false ||
2945
- strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'reset-password/')!==false || // Ticket #13668. Password reset.
2946
  strpos(filter_input(INPUT_SERVER, 'HTTP_REFERER'),'/wp-admin/') !== false ||
2947
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/login/')!==false ||
2948
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'), '/my-account/edit-account/')!==false || // WooCommerce edit account page
@@ -3005,10 +3006,10 @@ function ct_contact_form_validate() {
3005
  $post_info['comment_type'] = 'feedback_general_contact_form';
3006
 
3007
  // Skip the test if it's WooCommerce and the checkout test unset
3008
- if(strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'), 'wc-ajax=checkout') !== false ||
3009
- (isset($_POST['_wp_http_referer']) && strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'), 'wc-ajax=update_order_review') !== false) ||
3010
- !empty($_POST['woocommerce_checkout_place_order']) ||
3011
- strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'), 'wc-ajax=wc_ppec_start_checkout') !== false
3012
  ){
3013
  if($apbct->settings['wc_checkout_test'] == 0){
3014
  return null;
43
  }
44
 
45
  // Check and redirecct
46
+ if( apbct_is_post()
47
  && isset($_POST['cleantalk_hidden_method'])
48
  && isset($_POST['cleantalk_hidden_action'])
49
  ){
271
  if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
272
  add_action( 'init', 'ct_contact_form_validate', 999 );
273
  }
274
+ if( apbct_is_post() &&
275
  $apbct->settings['general_postdata_test'] == 1 &&
276
  !isset($_POST['ct_checkjs_cf7']) &&
277
  !is_admin() &&
1101
  return $comment;
1102
 
1103
  $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1104
+
1105
  if($apbct->settings['check_comments_number']){
1106
  $args = array(
1107
  'author_email' => $comment['comment_author_email'],
1119
  apbct_is_user_enable() === false ||
1120
  $apbct->settings['comments_test'] == 0 ||
1121
  $ct_comment_done ||
1122
+ (isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'],'page=wysija_campaigns&action=editTemplate')!==false) ||
1123
  (isset($is_max_comments) && $is_max_comments) ||
1124
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false)
1125
+ )
1126
  )
1127
  {
1128
  return $comment;
1406
  $apbct->settings['use_static_js_key'] == 1 ||
1407
  ( $apbct->settings['use_static_js_key'] == - 1 &&
1408
  ( apbct_is_cache_plugins_exists() ||
1409
+ ( apbct_is_post() && $apbct->data['cache_detected'] == 1 )
1410
  )
1411
  )
1412
  ){
2938
  (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2939
  (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2940
  (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
2941
+ strpos(filter_input(INPUT_SERVER, 'HTTP_REFERER'),'lostpassword') !== false ||
2942
  (strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/wp-admin/')!== false && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
2943
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'wp-login.php')!==false||
2944
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'wp-comments-post.php')!==false ||
2945
+ strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'?provider=facebook&')!==false ||
2946
+ strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'reset-password/')!==false || // Ticket #13668. Password reset.
2947
  strpos(filter_input(INPUT_SERVER, 'HTTP_REFERER'),'/wp-admin/') !== false ||
2948
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/login/')!==false ||
2949
  strpos(filter_input(INPUT_SERVER, 'REQUEST_URI'), '/my-account/edit-account/')!==false || // WooCommerce edit account page
3006
  $post_info['comment_type'] = 'feedback_general_contact_form';
3007
 
3008
  // Skip the test if it's WooCommerce and the checkout test unset
3009
+ if( apbct_is_in_uri('wc-ajax=checkout') ||
3010
+ apbct_is_in_referer('wc-ajax=update_order_review') ||
3011
+ !empty($_POST['woocommerce_checkout_place_order']) ||
3012
+ apbct_is_in_uri('wc-ajax=wc_ppec_start_checkout')
3013
  ){
3014
  if($apbct->settings['wc_checkout_test'] == 0){
3015
  return null;
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: safronik
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.3
6
- Stable tag: 5.129
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
@@ -566,6 +566,9 @@ If your website has forms that send data to external sources, you can enable opt
566
  10. Website's options.
567
 
568
  == Changelog ==
 
 
 
569
  = 5.129 October 30 2019 =
570
  * Upd: Localize updated.
571
  * Fix: Direct $_SERVER access replaced.
@@ -2034,6 +2037,39 @@ If your website has forms that send data to external sources, you can enable opt
2034
  * First version
2035
 
2036
  == Upgrade Notice ==
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2037
  = 5.127.3 October 8 2019 =
2038
  * Fix: Errors during registration.
2039
 
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.3
6
+ Stable tag: 5.129.1
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
566
  10. Website's options.
567
 
568
  == Changelog ==
569
+ = 5.129.1 November 5 2019 =
570
+ * Fix: WooCommerce order detecting.
571
+
572
  = 5.129 October 30 2019 =
573
  * Upd: Localize updated.
574
  * Fix: Direct $_SERVER access replaced.
2037
  * First version
2038
 
2039
  == Upgrade Notice ==
2040
+ = 5.129.1 November 5 2019 =
2041
+ * Fix: WooCommerce order detecting.
2042
+
2043
+ = 5.129 October 30 2019 =
2044
+ * Upd: Localize updated.
2045
+ * Fix: Direct $_SERVER access replaced.
2046
+ * Integration: The 7 theme contact form.
2047
+ * Fix: Minor improvements and bug fixes.
2048
+ * Mod: Putting site in maintenance mode during plugin update.
2049
+
2050
+ = 5.128.1 October 23 2019 =
2051
+ * Fix: Fatal error when using buffer output.
2052
+ * Fix: Translate domain for errors.
2053
+ * Code: Fix spelling in function name.
2054
+ * Fix: JS disabled error.
2055
+ * Upd: Comment edit screen updated.
2056
+ * Fix: Cleantalk\Arr::search() fixed.
2057
+
2058
+ = 5.128 October 17 2019 =
2059
+ * Mod: Users check - functionality updated.
2060
+ * Fix: Users check - dates format updated.
2061
+ * Mod: Comments check - functionality updated.
2062
+ * Fix: Comments check - dates format updated.
2063
+ * Fix: Fields exclusion fixed.
2064
+ * Fix: Notice fixed.
2065
+ * Fix: Cleantalk/Antispam/API.
2066
+ * Fix: Minor improvements and bug fixes.
2067
+
2068
+ = 5.127.4 October 13 2019 =
2069
+ * Mod: Automatically decrease amount of checked users by one request if an error occurs.
2070
+ * Fix: Security issue.
2071
+ * Fix: Static JS key.
2072
+
2073
  = 5.127.3 October 8 2019 =
2074
  * Fix: Errors during registration.
2075