WP Live Chat Support - Version 8.0.33

Version Description

It is highly recommended that you upgrade to WP Live Chat Support version 8.0.30 for security reasons.

Download this release

Release Info

Developer WP-LiveChat
Plugin Icon 128x128 WP Live Chat Support
Version 8.0.33
Comparing to
See all releases

Code changes from version 8.0.32 to 8.0.33

Files changed (12) hide show
  1. ajax.php +398 -417
  2. config.php +1 -1
  3. functions.php +7 -3
  4. js/wplc_agent_node.js +0 -32
  5. js/wplc_common_node.js +2 -10
  6. js/wplc_node.js +6 -0
  7. js/wplc_u.js +7 -2
  8. modules/api/wplc-api-functions.php +2 -2
  9. modules/api/wplc-api-routes.php +19 -8
  10. modules/node_server.php +1 -1
  11. readme.txt +16 -1
  12. wp-live-chat-support.php +10 -3
ajax.php CHANGED
@@ -1,450 +1,431 @@
1
  <?php
2
 
3
- if ( ! defined( 'ABSPATH' ) ) {
4
- exit;
5
- }
6
-
7
- add_action('wp_ajax_wplc_admin_long_poll', 'wplc_init_ajax_callback');
8
- add_action('wp_ajax_wplc_admin_long_poll_chat', 'wplc_init_ajax_callback');
9
- add_action('wp_ajax_wplc_admin_accept_chat', 'wplc_init_ajax_callback');
10
- add_action('wp_ajax_wplc_admin_close_chat', 'wplc_init_ajax_callback');
11
- add_action('wp_ajax_wplc_admin_send_msg', 'wplc_init_ajax_callback');
12
- add_action('wp_ajax_wplc_call_to_server_visitor', 'wplc_init_ajax_callback');
13
- add_action('wp_ajax_wplc_user_close_chat', 'wplc_init_ajax_callback');
14
- add_action('wp_ajax_wplc_user_minimize_chat', 'wplc_init_ajax_callback');
15
- add_action('wp_ajax_wplc_user_maximize_chat', 'wplc_init_ajax_callback');
16
- add_action('wp_ajax_wplc_user_send_msg', 'wplc_init_ajax_callback');
17
- add_action('wp_ajax_wplc_start_chat', 'wplc_init_ajax_callback');
18
- add_action('wp_ajax_nopriv_wplc_start_chat', 'wplc_init_ajax_callback');
19
- add_action('wp_ajax_nopriv_wplc_call_to_server_visitor', 'wplc_init_ajax_callback');
20
- add_action('wp_ajax_nopriv_wplc_user_close_chat', 'wplc_init_ajax_callback');
21
- add_action('wp_ajax_nopriv_wplc_user_minimize_chat', 'wplc_init_ajax_callback');
22
- add_action('wp_ajax_nopriv_wplc_user_maximize_chat', 'wplc_init_ajax_callback');
23
- add_action('wp_ajax_nopriv_wplc_user_send_msg', 'wplc_init_ajax_callback');
24
-
25
- add_action('wp_ajax_wplc_get_chat_box', 'wplc_init_ajax_callback');
26
- add_action('wp_ajax_nopriv_wplc_get_chat_box', 'wplc_init_ajax_callback');
27
-
28
- function wplc_init_ajax_callback() {
29
-
30
- $wplc_session_id = rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9).rand(0,9);
31
  $check = is_user_logged_in() ? check_ajax_referer( 'wplc', 'security' ) : 1;
32
 
33
  if ($check == 1) {
34
-
35
- $wplc_advanced_settings = get_option("wplc_advanced_settings");
36
- if (!$wplc_advanced_settings) {
37
- $wplc_delay_between_updates = 500000;
38
- $wplc_delay_between_loops = 500000;
39
- $wplc_iterations = 55;
40
- } else {
41
- if (isset($wplc_advanced_settings['wplc_delay_between_updates'])) { $wplc_delay_between_updates = intval($wplc_advanced_settings['wplc_delay_between_updates']); } else { $wplc_delay_between_updates = 500000; }
42
- if (isset($wplc_advanced_settings['wplc_delay_between_loops'])) { $wplc_delay_between_loops = intval($wplc_advanced_settings['wplc_delay_between_loops']); } else { $wplc_delay_between_loops = 500000; }
43
- if (isset($wplc_advanced_settings['wplc_iterations'])) { $wplc_iterations = intval($wplc_advanced_settings['wplc_iterations']); } else { $wplc_iterations = 55; }
44
-
45
- if ($wplc_iterations < 10) { $wplc_iterations = 10; }
46
- if ($wplc_iterations > 200) { $wplc_iterations = 200; }
47
-
48
- if ($wplc_delay_between_updates < 250000) { $wplc_delay_between_updates = 250000; }
49
- if ($wplc_delay_between_updates > 1000000) { $wplc_delay_between_updates = 1000000; }
50
-
51
- if ($wplc_delay_between_loops < 250000) { $wplc_delay_between_loops = 250000; }
52
- if ($wplc_delay_between_loops > 1000000) { $wplc_delay_between_loops = 1000000; }
53
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
54
  }
 
55
 
 
 
 
 
56
 
57
- $iterations = $wplc_iterations;
58
-
59
-
60
-
61
- /* time in microseconds between updating the user on the page within the DB (lower number = higher resource usage) */
62
- define('WPLC_DELAY_BETWEEN_UPDATES', $wplc_delay_between_updates);
63
- /* time in microseconds between long poll loop (lower number = higher resource usage) */
64
- define('WPLC_DELAY_BETWEEN_LOOPS', $wplc_delay_between_loops);
65
- /* this needs to take into account the previous constants so that we dont run out of time, which in turn returns a 503 error */
66
- define('WPLC_TIMEOUT', (((WPLC_DELAY_BETWEEN_UPDATES + WPLC_DELAY_BETWEEN_LOOPS)) * $iterations) / 1000000);
67
-
68
-
69
-
70
- global $wpdb;
71
- global $wplc_tblname_chats;
72
- global $wplc_tblname_msgs;
73
- /* we're using PHP 'sleep' which may lock other requests until our script wakes up. Call this function to ensure that other requests can run without waiting for us to finish */
74
- session_write_close();
75
-
76
- if ($_POST['action'] == "wplc_get_chat_box") {
77
- $continue = apply_filters( "wplc_version_check_continue", true );
78
- if ($continue === true) {
79
- echo wplc_output_box_5100(sanitize_text_field($_POST['cid']));
80
- } else {
81
- echo boolval($continue);
82
- }
83
  die();
84
- }
85
-
86
- if($_POST['action'] == 'wplc_admin_long_poll'){
87
-
88
- if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
89
- $i = 1;
90
- $wplc_current_user = get_current_user_id();
91
-
92
- /* If user is either an agent or an admin, access the page. */
93
- if( !get_user_meta( $wplc_current_user, 'wplc_ma_agent', true )) {
94
- $array['error'] = 1;
95
- echo json_encode($array);
96
- exit();
97
  }
98
-
99
- while($i <= $iterations){
100
-
101
-
102
-
103
- if($i %round($iterations/2) == 0) {
104
- wplc_update_chat_statuses();
105
- }
106
-
107
-
108
-
109
- if($_POST['wplc_update_admin_chat_table'] == 'false'){
110
- /* this is a new load of the page, return false so we can force a send of the new visitor data */
111
- $old_chat_data = false;
112
- } else {
113
- $old_chat_data = sanitize_text_field(stripslashes($_POST['wplc_update_admin_chat_table']));
114
- }
115
-
116
- $pending = wplc_check_pending_chats();
117
- $new_chat_data = wplc_list_chats($_POST);
118
-
119
 
120
- if ($new_chat_data == "false") { $new_chat_data = false; }
 
121
 
 
122
 
123
- if($new_chat_data !== $old_chat_data){
124
- $array['old_chat_data'] = $old_chat_data;
125
- $array['wplc_update_admin_chat_table'] = $new_chat_data;
126
- $array['pending'] = $pending;
127
- $array['action'] = "wplc_update_chat_list";
128
-
129
- }
130
-
131
- if(isset($array)){
132
- echo json_encode($array);
133
- break;
134
- }
135
- if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
136
- $i++;
137
  }
138
- }
139
- if($_POST['action'] == "wplc_admin_long_poll_chat"){
140
- if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
141
- $i = 1;
142
- $cdata = wplc_get_chat_data(sanitize_text_field($_POST['cid']));
143
- $array = array();
144
- while($i <= $iterations){
145
- $array = apply_filters("wplc_filter_admin_long_poll_chat_loop_iteration",$array,$_POST,$i,$cdata);
146
- if($array){
147
- echo json_encode($array);
148
- break;
149
- }
150
- if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
151
- $i++;
152
  }
153
- }
154
- if ($_POST['action'] == "wplc_admin_accept_chat") {
155
- wplc_admin_accept_chat(sanitize_text_field($_POST['cid']));
156
- }
157
- if ($_POST['action'] == "wplc_admin_close_chat") {
158
- $chat_id = sanitize_text_field($_POST['cid']);
159
- wplc_change_chat_status($chat_id,1);
160
- echo 'done';
161
- }
162
- if ($_POST['action'] == "wplc_admin_send_msg") {
163
- $chat_id = sanitize_text_field($_POST['cid']);
164
- $chat_msg = wp_filter_post_kses(strip_tags($_POST['msg'], '<a><p><img><hr>'));
165
- $wplc_rec_msg = wplc_record_chat_msg("2",$chat_id,$chat_msg);
166
- if ($wplc_rec_msg) {
167
- echo 'sent';
168
- } else {
169
- echo "There was an error sending your chat message. Please contact support";
170
  }
171
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
172
 
173
  //User Ajax
174
 
175
- if($_POST['action'] == 'wplc_call_to_server_visitor'){
176
-
177
-
178
-
179
- $wplc_settings = get_option("WPLC_SETTINGS");
180
-
181
-
182
- if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
183
- $i = 1;
184
- $array = array("check" => false);
185
- $array['debug'] = "";
186
-
187
- $cdata = false;
188
- if($_POST['cid'] == null || $_POST['cid'] == "" || $_POST['cid'] == "null" || $_POST['cid'] == 0){ } else {
189
- /* get agent ID */
190
-
191
-
192
- $cdata = wplc_get_chat_data(sanitize_text_field(intval($_POST['cid'])),__LINE__);
193
- $from = __("Admin","wplivechat"); /* set default */
194
-
195
- $array['aname'] = apply_filters("wplc_filter_admin_from", $from, $_POST['cid'],$cdata);
196
-
197
  }
198
-
199
- while($i <= $iterations) {
200
-
201
- if($i %round($iterations/2) == 0) {
202
- wplc_update_chat_statuses();
203
- }
204
-
205
 
206
-
207
- if($_POST['cid'] == null || $_POST['cid'] == "" || $_POST['cid'] == "null" || $_POST['cid'] == 0){
208
- // echo 1;
209
-
210
- if( isset( $_POST['wplc_name'] ) && $_POST['wplc_name'] !== '' ){
211
- $user = sanitize_text_field($_POST['wplc_name']);
212
- } else {
213
- $user = "Guest";
214
- }
215
-
216
- if( isset( $_POST['wplc_email'] ) && $_POST['wplc_email'] !== '' ){
217
- $email = sanitize_text_field($_POST['wplc_email']);
218
- } else {
219
- $email = "no email set";
 
 
 
 
 
 
 
 
 
 
 
 
 
 
220
  }
 
221
 
222
- if(isset($_POST['wplc_is_mobile']) && ($_POST['wplc_is_mobile'] === 'true' || $_POST['wplc_is_mobile'] === true)){
223
- $is_mobile = true;
224
- } else {
225
- $is_mobile = false;
226
  }
227
-
228
- $cid = wplc_log_user_on_page($user,$email,sanitize_text_field($_POST['wplcsession']), $is_mobile);
229
- $array['cid'] = $cid;
230
- $array['status'] = wplc_return_chat_status($cid);
231
- $array['wplc_name'] = $user;
232
- $array['wplc_email'] = $email;
233
- $array['check'] = true;
234
-
235
- } else {
236
- // echo 2;
237
-
238
-
239
-
240
-
241
- $new_status = wplc_return_chat_status(sanitize_text_field($_POST['cid']));
242
- $array['wplc_name'] = sanitize_text_field($_POST['wplc_name']);
243
- $array['wplc_email'] = sanitize_text_field($_POST['wplc_email']);
244
- $array['cid'] = sanitize_text_field($_POST['cid']);
245
- $array['aid'] = sanitize_text_field($_POST['cid']);
246
-
247
- $array = apply_filters("wplc_filter_user_long_poll_chat_loop_iteration",$array,$_POST,$i,$cdata);
248
-
249
-
250
- if($new_status == $_POST['status']){ // if status matches do the following
251
- if( intval( $_POST['status'] ) != 2){
252
- /* check if session_variable is different? if yes then stop this script completely. */
253
- if (isset($_POST['wplcsession']) && $_POST['wplcsession'] != '' && $i > 1) {
254
- $wplc_session_variable = sanitize_text_field($_POST['wplcsession']);
255
- $current_session_variable = wplc_return_chat_session_variable(sanitize_text_field($_POST['cid']));
256
- if ($current_session_variable != "" && $current_session_variable != $wplc_session_variable) {
257
- /* stop this script */
258
- $array['status'] = 11;
259
- echo json_encode($array);
260
- die();
261
- }
262
- }
263
-
264
-
265
- if ($i == 1) {
266
- if (intval( $_POST['status'] ) != 12) {
267
- /* we dont want to update the time if the user was not answered by the agent as this needs to eventually time out and become a "missed chat" - status: 0 */
268
- wplc_update_user_on_page(sanitize_text_field($_POST['cid']), sanitize_text_field($_POST['status']), sanitize_text_field($_POST['wplcsession']));
269
- }
270
- }
271
- }
272
-
273
- if ( intval( $_POST['status'] ) == 0 || intval($_POST['status'] ) == 12 ){ // browsing - user tried to chat but admin didn't answer so turn back to browsing
274
- $array['status'] = 12;
275
-
276
- }
277
- else if( intval($_POST['status'] ) == 3 || intval($_POST['status'] ) == 10){
278
- $messages = wplc_return_user_chat_messages(sanitize_text_field($_POST['cid']),$wplc_settings,$cdata);
279
- if ( intval( $_POST['status'] ) == 10 ) {
280
- $array['alert'] = true;
281
- }
282
- if ($messages){
283
- wplc_mark_as_read_user_chat_messages( sanitize_text_field($_POST['cid']) );
284
- $array['status'] = 3;
285
- $array['data'] = $messages;
286
- $array['check'] = true;
287
- }
288
- }
289
- else if(intval($_POST['status']) == 2){
290
- $messages = wplc_return_user_chat_messages(sanitize_text_field($_POST['cid']),$wplc_settings,$cdata);
291
- $array['debug'] = "we are here ".__LINE__;
292
- if ($messages){
293
- wplc_mark_as_read_user_chat_messages(sanitize_text_field($_POST['cid']));
294
- $array['status'] = 2;
295
- $array['data'] = $messages;
296
- $array['check'] = true;
297
- }
298
- }
299
- else if( intval( $new_status ) == 12){ // no answer from admin, for the second+ time.
300
- $array['data'] = wplc_return_no_answer_string(sanitize_text_field($_POST['cid']));
301
- $array['check'] = true;
302
- @do_action("wplc_hook_missed_chat",array("cid" => sanitize_text_field($_POST['cid']),"name" => sanitize_text_field($_POST['wplc_name']),"email" => sanitize_email($_POST['wplc_email']) ));
303
-
304
- }
305
-
306
-
307
- /* check if this is part of the first run */
308
- if (isset($_POST['first_run']) && sanitize_text_field($_POST['first_run']) == 1) {
309
- /* if yes, then send data now and dont wait for all iterations to complete */
310
- if (!isset($array['status'])) { $array['status'] = $new_status; }
311
- $array['check'] = true;
312
- }
313
- else if (isset($_POST['short_poll']) && sanitize_text_field($_POST['short_poll']) == "true") {
314
- /* if yes, then send data now and dont wait for all iterations to complete */
315
- if (!isset($array['status'])) { $array['status'] = $new_status; }
316
- $array['check'] = true;
317
- }
318
- } else { // statuses do not match
319
-
320
- $array['debug'] = $array['debug']. " ". "Doesnt match $new_status ".$_POST['status'];
321
- $array['status'] = $new_status;
322
- if( intval( $new_status ) == 1 ){ // completed
323
- wplc_update_user_on_page( sanitize_text_field( $_POST['cid'] ), 8, sanitize_text_field( $_POST['wplcsession'] ) );
324
- $array['check'] = true;
325
- $array['status'] = 8;
326
- $array['data'] = array();
327
- $array['data'][9999] = array();
328
- $array['data'][9999]['msg'] = __("Admin has closed and ended the chat","wplivechat");
329
-
330
- }
331
- else if( intval( $new_status ) == 2 ) { // pending
332
- $array['debug'] = "we are here ".__LINE__;
333
- $array['check'] = true;
334
- $array['wplc_name'] = wplc_return_chat_name( sanitize_text_field($_POST['cid'] ) );
335
- $array['wplc_email'] = wplc_return_chat_email( sanitize_text_field($_POST['cid'] ) );
336
- $messages = wplc_return_chat_messages( sanitize_text_field($_POST['cid']), false, true, $wplc_settings, $cdata, 'array', false );
337
- if ($messages){
338
- $array['data'] = $messages;
339
- }
340
- }
341
- else if( intval( $new_status ) == 3 ){ // active
342
- $array['data'] = null;
343
- $array['check'] = true;
344
-
345
- if($_POST['status'] == 5 || $_POST['status'] == 3){
346
- $array['sound'] = false;
347
- $messages = wplc_return_chat_messages(sanitize_text_field($_POST['cid']),false,true,$wplc_settings,$cdata,'array',false);
348
- if ($messages){
349
- $array['data'] = $messages;
350
- }
351
- }
352
- }
353
- else if( intval( $new_status ) == 7){ // timed out
354
- wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 5, sanitize_text_field($_POST['wplcsession']));
355
- }
356
- else if( intval( $new_status ) == 9){ // user closed chat without inputting or starting a chat
357
- $array['check'] = true;
358
- }
359
- else if( intval( $new_status ) == 12){ // no answer from admin
360
-
361
- $array['data'] = wplc_return_no_answer_string(sanitize_text_field($_POST['cid']));
362
- $array['check'] = true;
363
- wplc_update_user_on_page(sanitize_text_field($_POST['cid']), 12, sanitize_text_field($_POST['wplcsession']));
364
- @do_action("wplc_hook_missed_chat",array("cid" => sanitize_text_field($_POST['cid']) ,"name" => sanitize_text_field($_POST['wplc_name']),"email" => sanitize_email($_POST['wplc_email']) ));
365
-
366
- }
367
- else if( intval( $new_status ) == 10 ) { // minimized active chat
368
- $array['check'] = true;
369
- if($_POST['status'] == 5){
370
- $messages = wplc_return_chat_messages(sanitize_text_field($_POST['cid']),false,true,$wplc_settings,$cdata,'array',false);
371
- if ($messages){
372
- $array['data'] = $messages;
373
- }
374
- }
375
- }
376
- /* check if this is part of the first run */
377
- if (isset($_POST['first_run']) && sanitize_text_field($_POST['first_run']) == "1") {
378
- /* if yes, then send data now and dont wait for all iterations to complete */
379
- if (!isset($array['status'])) { $array['status'] = $new_status; }
380
- $array['check'] = true;
381
- }
382
- else if (isset($_POST['short_poll']) && sanitize_text_field($_POST['short_poll']) == "true") {
383
- /* if yes, then send data now and dont wait for all iterations to complete */
384
- if (!isset($array['status'])) { $array['status'] = $new_status; }
385
- $array['check'] = true;
386
- }
387
- $array = apply_filters("wplc_filter_wplc_call_to_server_visitor_new_status_check",$array);
388
 
389
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
390
  }
391
- if($array['check'] == true){
392
- echo json_encode($array);
393
- break;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
394
  }
395
- $i++;
396
-
397
- if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
398
-
399
- }
400
- }
401
-
402
- /* */
403
- if ($_POST['action'] == "wplc_user_close_chat") {
404
- if($_POST['status'] == 5){
405
- wplc_change_chat_status(sanitize_text_field($_POST['cid']),9);
406
- } else if($_POST['status'] == 3){
407
- wplc_change_chat_status(sanitize_text_field($_POST['cid']),8);
408
- }
409
- }
410
-
411
- if ($_POST['action'] == "wplc_user_minimize_chat") {
412
- $chat_id = sanitize_text_field($_POST['cid']);
413
- wplc_change_chat_status(sanitize_text_field($_POST['cid']),10);
414
- }
415
- if ($_POST['action'] == "wplc_user_maximize_chat") {
416
- $chat_id = sanitize_text_field($_POST['cid']);
417
- $chat_status = intval(sanitize_text_field($_POST['chat_status']));
418
- wplc_change_chat_status(sanitize_text_field($_POST['cid']),$chat_status);
419
- }
420
-
421
- if ($_POST['action'] == "wplc_user_send_msg") {
422
- $chat_id = sanitize_text_field($_POST['cid']);
423
- $chat_msg = wp_filter_post_kses(strip_tags($_POST['msg'], '<p><a><img><hr>'));
424
- $wplc_rec_msg = wplc_record_chat_msg("1",$chat_id,$chat_msg);
425
- if ($wplc_rec_msg) {
426
- echo 'sent';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
427
  } else {
428
- echo "There was an error sending your chat message. Please contact support";
429
  }
430
- }
431
- if ($_POST['action'] == "wplc_start_chat") {
432
- if (isset($_POST['cid'])) {
433
- if ($_POST['name'] && $_POST['email']) {
434
- echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']),sanitize_email($_POST['email']),sanitize_text_field($_POST['cid']), sanitize_text_field($_POST['wplcsession'])); // echo the chat session id
435
- } else {
436
- echo "error2";
437
- }
438
  } else {
439
- if ($_POST['name'] && $_POST['email']) {
440
- echo wplc_user_initiate_chat(sanitize_text_field($_POST['name']), sanitize_email($_POST['email']), null, sanitize_text_field($_POST['wplcsession'])); // echo the chat session id
441
- } else {
442
- echo "error2";
443
- }
444
  }
445
- }
446
-
 
 
 
447
  }
448
 
449
- die();
450
- }
1
  <?php
2
 
3
+ if ( ! defined( 'ABSPATH' ) ) {
4
+ die();
5
+ }
6
+
7
+ add_action('wp_ajax_wplc_admin_long_poll', 'wplc_init_ajax_callback');
8
+ add_action('wp_ajax_wplc_admin_long_poll_chat', 'wplc_init_ajax_callback');
9
+ add_action('wp_ajax_wplc_admin_accept_chat', 'wplc_init_ajax_callback');
10
+ add_action('wp_ajax_wplc_admin_close_chat', 'wplc_init_ajax_callback');
11
+ add_action('wp_ajax_wplc_admin_send_msg', 'wplc_init_ajax_callback');
12
+ add_action('wp_ajax_wplc_call_to_server_visitor', 'wplc_init_ajax_callback');
13
+ add_action('wp_ajax_wplc_user_close_chat', 'wplc_init_ajax_callback');
14
+ add_action('wp_ajax_wplc_user_minimize_chat', 'wplc_init_ajax_callback');
15
+ add_action('wp_ajax_wplc_user_maximize_chat', 'wplc_init_ajax_callback');
16
+ add_action('wp_ajax_wplc_user_send_msg', 'wplc_init_ajax_callback');
17
+ add_action('wp_ajax_wplc_start_chat', 'wplc_init_ajax_callback');
18
+ add_action('wp_ajax_nopriv_wplc_start_chat', 'wplc_init_ajax_callback');
19
+ add_action('wp_ajax_nopriv_wplc_call_to_server_visitor', 'wplc_init_ajax_callback');
20
+ add_action('wp_ajax_nopriv_wplc_user_close_chat', 'wplc_init_ajax_callback');
21
+ add_action('wp_ajax_nopriv_wplc_user_minimize_chat', 'wplc_init_ajax_callback');
22
+ add_action('wp_ajax_nopriv_wplc_user_maximize_chat', 'wplc_init_ajax_callback');
23
+ add_action('wp_ajax_nopriv_wplc_user_send_msg', 'wplc_init_ajax_callback');
24
+ add_action('wp_ajax_wplc_get_chat_box', 'wplc_init_ajax_callback');
25
+ add_action('wp_ajax_nopriv_wplc_get_chat_box', 'wplc_init_ajax_callback');
26
+
27
+ function wplc_init_ajax_callback() {
28
+
 
 
29
  $check = is_user_logged_in() ? check_ajax_referer( 'wplc', 'security' ) : 1;
30
 
31
  if ($check == 1) {
32
+ $wplc_advanced_settings = get_option("wplc_advanced_settings");
33
+ if (!$wplc_advanced_settings) {
34
+ $wplc_delay_between_updates = 500000;
35
+ $wplc_delay_between_loops = 500000;
36
+ $wplc_iterations = 55;
37
+ } else {
38
+ if (isset($wplc_advanced_settings['wplc_delay_between_updates'])) { $wplc_delay_between_updates = intval($wplc_advanced_settings['wplc_delay_between_updates']); } else { $wplc_delay_between_updates = 500000; }
39
+ if (isset($wplc_advanced_settings['wplc_delay_between_loops'])) { $wplc_delay_between_loops = intval($wplc_advanced_settings['wplc_delay_between_loops']); } else { $wplc_delay_between_loops = 500000; }
40
+ if (isset($wplc_advanced_settings['wplc_iterations'])) { $wplc_iterations = intval($wplc_advanced_settings['wplc_iterations']); } else { $wplc_iterations = 55; }
41
+
42
+ if ($wplc_iterations < 10) { $wplc_iterations = 10; }
43
+ if ($wplc_iterations > 200) { $wplc_iterations = 200; }
44
+
45
+ if ($wplc_delay_between_updates < 250000) { $wplc_delay_between_updates = 250000; }
46
+ if ($wplc_delay_between_updates > 1000000) { $wplc_delay_between_updates = 1000000; }
47
+
48
+ if ($wplc_delay_between_loops < 250000) { $wplc_delay_between_loops = 250000; }
49
+ if ($wplc_delay_between_loops > 1000000) { $wplc_delay_between_loops = 1000000; }
50
+ }
51
+
52
+ $iterations = $wplc_iterations;
53
+
54
+ /* time in microseconds between updating the user on the page within the DB (lower number = higher resource usage) */
55
+ define('WPLC_DELAY_BETWEEN_UPDATES', $wplc_delay_between_updates);
56
+ /* time in microseconds between long poll loop (lower number = higher resource usage) */
57
+ define('WPLC_DELAY_BETWEEN_LOOPS', $wplc_delay_between_loops);
58
+ /* this needs to take into account the previous constants so that we dont run out of time, which in turn returns a 503 error */
59
+ define('WPLC_TIMEOUT', (((WPLC_DELAY_BETWEEN_UPDATES + WPLC_DELAY_BETWEEN_LOOPS)) * $iterations) / 1000000);
60
+
61
+ /* we're using PHP 'sleep' which may lock other requests until our script wakes up. Call this function to ensure that other requests can run without waiting for us to finish */
62
+ session_write_close();
63
+
64
+ // check input vars and sanitize once
65
+
66
+ $cid = 0;
67
+ if (!empty($_POST['cid'])) {
68
+ $cid=sanitize_text_field($_POST['cid']);
69
+ }
70
+
71
+ $action='';
72
+ if (!empty($_POST['action'])){
73
+ $action=sanitize_text_field($_POST['action']);
74
+ }
75
+
76
+ $name = "Guest";
77
+ if (isset( $_POST['wplc_name'] ) && !empty($_POST['wplc_name'])) {
78
+ $name = sanitize_text_field($_POST['wplc_name']);
79
+ }
80
+
81
+ $email = "no email set";
82
+ if (isset( $_POST['wplc_email'] ) && !empty($_POST['wplc_email'])) {
83
+ $email = sanitize_text_field($_POST['wplc_email']);
84
+ }
85
+
86
+ $status=0;
87
+ if (!empty($_POST['status'])) {
88
+ $status=intval($_POST['status']);
89
+ }
90
+
91
+ $is_mobile = false;
92
+ if (isset($_POST['wplc_is_mobile']) && ($_POST['wplc_is_mobile'] === 'true' || $_POST['wplc_is_mobile'] === true)) {
93
+ $is_mobile = true;
94
+ }
95
+
96
+ $chat_status = 0;
97
+ if (!empty($_POST['chat_status'])) {
98
+ $chat_status = intval($_POST['chat_status']);
99
+ }
100
+
101
+ $old_chat_data='';
102
+ if (!empty($_POST['wplc_update_admin_chat_table'])) {
103
+ $old_chat_data=sanitize_text_field(stripslashes($_POST['wplc_update_admin_chat_table']));
104
+ if ($old_chat_data=='false'){
105
+ $old_chat_data=false;
106
  }
107
+ }
108
 
109
+ $wplcsession='';
110
+ if (!empty($_POST['wplcsession'])) {
111
+ $wplcsession=sanitize_text_field($_POST['wplcsession']);
112
+ }
113
 
114
+ $first_run=isset($_POST['first_run']) && intval($_POST['first_run']) == 1;
115
+ $short_poll=isset($_POST['short_poll']) && sanitize_text_field($_POST['short_poll']) == "true";
116
+
117
+ // check actions
118
+
119
+ switch($action) {
120
+
121
+ case 'wplc_get_chat_box':
122
+ $continue = apply_filters("wplc_version_check_continue", true);
123
+ if ($continue === true) {
124
+ echo wplc_output_box_5100($cid);
125
+ } else {
126
+ echo boolval($continue);
127
+ }
128
+ break;
129
+
130
+ case 'wplc_admin_long_poll':
131
+ if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
132
+ $i = 1;
133
+ $wplc_current_user = get_current_user_id();
134
+
135
+ /* If user is either an agent or an admin, access the page. */
136
+ if( !get_user_meta( $wplc_current_user, 'wplc_ma_agent', true )) {
137
+ $array['error'] = 1;
138
+ echo json_encode($array);
 
139
  die();
140
+ }
141
+
142
+ while ($i <= $iterations) {
143
+ if($i %round($iterations/2) == 0) {
144
+ wplc_update_chat_statuses();
 
 
 
 
 
 
 
 
145
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
146
 
147
+ $pending = wplc_check_pending_chats();
148
+ $new_chat_data = wplc_list_chats($_POST);
149
 
150
+ if ($new_chat_data == "false") { $new_chat_data = false; }
151
 
152
+ if($new_chat_data !== $old_chat_data){
153
+ $array['old_chat_data'] = $old_chat_data;
154
+ $array['wplc_update_admin_chat_table'] = $new_chat_data;
155
+ $array['pending'] = $pending;
156
+ $array['action'] = "wplc_update_chat_list";
 
 
 
 
 
 
 
 
 
157
  }
158
+
159
+ if (isset($array)) {
160
+ echo json_encode($array);
161
+ break;
 
 
 
 
 
 
 
 
 
 
162
  }
163
+ if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
164
+ $i++;
165
+ }
166
+ break;
167
+
168
+ case 'wplc_admin_long_poll_chat':
169
+ if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
170
+ $i = 1;
171
+ $cdata = wplc_get_chat_data($cid);
172
+ $array = array();
173
+ while ($i <= $iterations) {
174
+ $array = apply_filters("wplc_filter_admin_long_poll_chat_loop_iteration", $array, $_POST, $i, $cdata);
175
+ if ($array) {
176
+ echo json_encode($array);
177
+ break;
 
 
178
  }
179
+ if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
180
+ $i++;
181
+ }
182
+ break;
183
+
184
+ case 'wplc_admin_accept_chat':
185
+ wplc_admin_accept_chat($cid);
186
+ break;
187
+
188
+ case 'wplc_admin_close_chat':
189
+ wplc_change_chat_status($cid, 1);
190
+ echo 'done';
191
+ break;
192
+
193
+ case 'wplc_admin_send_msg':
194
+ $chat_msg = wp_filter_post_kses(strip_tags($_POST['msg'], '<a><p><img><hr>'));
195
+ $wplc_rec_msg = wplc_record_chat_msg("2", $cid, $chat_msg);
196
+ if ($wplc_rec_msg) {
197
+ echo 'sent';
198
+ } else {
199
+ echo "There was an error sending your chat message. Please contact support";
200
+ }
201
+ break;
202
 
203
  //User Ajax
204
 
205
+ case 'wplc_call_to_server_visitor':
206
+ $wplc_settings = get_option("WPLC_SETTINGS");
207
+ if (defined('WPLC_TIMEOUT')) { @set_time_limit(WPLC_TIMEOUT); } else { @set_time_limit(120); }
208
+ $i = 1;
209
+ $array = array("check" => false);
210
+ $array['debug'] = "";
211
+
212
+ $cdata = false;
213
+
214
+ if (!empty($cid)) {
215
+ /* get agent ID */
216
+ $cdata = wplc_get_chat_data($cid,__LINE__);
217
+ $from = __("Admin","wplivechat"); /* set default */
218
+ $array['aname'] = apply_filters("wplc_filter_admin_from", $from, $cid, $cdata);
219
+ }
220
+
221
+ while ($i <= $iterations) {
222
+
223
+ if ($i %round($iterations/2) == 0) {
224
+ wplc_update_chat_statuses();
 
 
225
  }
 
 
 
 
 
 
 
226
 
227
+ if (empty($cid)) {
228
+ $cid = wplc_log_user_on_page($name, $email, $wplcsession, $is_mobile);
229
+ $array['cid'] = $cid;
230
+ $array['status'] = wplc_return_chat_status($cid);
231
+ $array['wplc_name'] = $name;
232
+ $array['wplc_email'] = $email;
233
+ $array['check'] = true;
234
+ } else {
235
+ // echo 2;
236
+ $new_status = wplc_return_chat_status($cid);
237
+ $array['wplc_name'] = $name;
238
+ $array['wplc_email'] = $email;
239
+ $array['cid'] = $cid;
240
+ $array['aid'] = $cid;
241
+ $array = apply_filters("wplc_filter_user_long_poll_chat_loop_iteration", $array, $_POST, $i, $cdata);
242
+
243
+ if ($new_status == $status) { // if status matches do the following
244
+ if ($status!=2) {
245
+
246
+ /* check if session_variable is different? if yes then stop this script completely. */
247
+ if (!empty($wplcsession) && $i > 1) {
248
+ $wplc_session_variable = $wplcsession;
249
+ $current_session_variable = wplc_return_chat_session_variable($cid);
250
+ if ($current_session_variable != "" && $current_session_variable != $wplc_session_variable) {
251
+ /* stop this script */
252
+ $array['status'] = 11;
253
+ echo json_encode($array);
254
+ die();
255
  }
256
+ }
257
 
258
+ if ($i == 1) {
259
+ if ($status != 12) {
260
+ /* we dont want to update the time if the user was not answered by the agent as this needs to eventually time out and become a "missed chat" - status: 0 */
261
+ wplc_update_user_on_page($cid, $status, $wplcsession);
262
  }
263
+ }
264
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
265
 
266
+ if ($status == 0 || $status == 12 ) { // browsing - user tried to chat but admin didn't answer so turn back to browsing
267
+ $array['status'] = 12;
268
+ }
269
+ else if ($status == 3 || $status == 10) {
270
+ $messages = wplc_return_user_chat_messages($cid, $wplc_settings, $cdata);
271
+ if ( $status == 10 ) {
272
+ $array['alert'] = true;
273
+ }
274
+ if ($messages){
275
+ wplc_mark_as_read_user_chat_messages($cid);
276
+ $array['status'] = 3;
277
+ $array['data'] = $messages;
278
+ $array['check'] = true;
279
+ }
280
  }
281
+ else if ($status == 2) {
282
+ $messages = wplc_return_user_chat_messages($cid, $wplc_settings, $cdata);
283
+ $array['debug'] = "we are here ".__LINE__;
284
+ if ($messages){
285
+ wplc_mark_as_read_user_chat_messages($cid);
286
+ $array['status'] = 2;
287
+ $array['data'] = $messages;
288
+ $array['check'] = true;
289
+ }
290
+ }
291
+ else if ($new_status == 12) { // no answer from admin, for the second+ time.
292
+ $array['data'] = wplc_return_no_answer_string($cid);
293
+ $array['check'] = true;
294
+ @do_action("wplc_hook_missed_chat",array("cid" => $cid, "name" => $name, "email" => $email));
295
+ }
296
+
297
+ /* check if this is part of the first run */
298
+ if ($first_run) {
299
+ /* if yes, then send data now and dont wait for all iterations to complete */
300
+ if (!isset($array['status'])) { $array['status'] = $new_status; }
301
+ $array['check'] = true;
302
+ }
303
+ else if ($short_poll) {
304
+ /* if yes, then send data now and dont wait for all iterations to complete */
305
+ if (!isset($array['status'])) { $array['status'] = $new_status; }
306
+ $array['check'] = true;
307
  }
308
+ } else { // statuses do not match
309
+ $array['debug'] = $array['debug']. ' Doesnt match '.$new_status.' '.$status;
310
+ $array['status'] = $new_status;
311
+ if ($new_status == 1) { // completed
312
+ wplc_update_user_on_page($cid, 8, $wplcsession);
313
+ $array['check'] = true;
314
+ $array['status'] = 8;
315
+ $array['data'] = array();
316
+ $array['data'][9999] = array();
317
+ $array['data'][9999]['msg'] = __("Admin has closed and ended the chat","wplivechat");
318
+ }
319
+ else if ($new_status == 2) { // pending
320
+ $array['debug'] = "we are here ".__LINE__;
321
+ $array['check'] = true;
322
+ $array['wplc_name'] = wplc_return_chat_name($cid);
323
+ $array['wplc_email'] = wplc_return_chat_email($cid);
324
+ $messages = wplc_return_chat_messages($cid, false, true, $wplc_settings, $cdata, 'array', false);
325
+ if ($messages){
326
+ $array['data'] = $messages;
327
+ }
328
+ }
329
+ else if ($new_status == 3) { // active
330
+ $array['data'] = null;
331
+ $array['check'] = true;
332
+
333
+ if($status == 5 || $status == 3) {
334
+ $array['sound'] = false;
335
+ $messages = wplc_return_chat_messages($cid, false, true, $wplc_settings, $cdata, 'array', false);
336
+ if ($messages){
337
+ $array['data'] = $messages;
338
+ }
339
+ }
340
+ }
341
+ else if ($new_status == 7) { // timed out
342
+ wplc_update_user_on_page($cid, 5, $wplcsession);
343
+ }
344
+ else if ($new_status == 9) { // user closed chat without inputting or starting a chat
345
+ $array['check'] = true;
346
+ }
347
+ else if ($new_status == 12) { // no answer from admin
348
+ $array['data'] = wplc_return_no_answer_string($cid);
349
+ $array['check'] = true;
350
+ wplc_update_user_on_page($cid, 12, $wplcsession);
351
+ @do_action("wplc_hook_missed_chat",array("cid" => $cid ,"name" => $name,"email" => $email));
352
+ }
353
+ else if ($new_status == 10) { // minimized active chat
354
+ $array['check'] = true;
355
+ if ($status == 5) {
356
+ $messages = wplc_return_chat_messages($cid, false, true, $wplc_settings, $cdata, 'array', false);
357
+ if ($messages){
358
+ $array['data'] = $messages;
359
+ }
360
+ }
361
+ }
362
+
363
+ /* check if this is part of the first run */
364
+ if ($first_run) {
365
+ /* if yes, then send data now and dont wait for all iterations to complete */
366
+ if (!isset($array['status'])) { $array['status'] = $new_status; }
367
+ $array['check'] = true;
368
+ }
369
+ else if ($short_poll) {
370
+ /* if yes, then send data now and dont wait for all iterations to complete */
371
+ if (!isset($array['status'])) { $array['status'] = $new_status; }
372
+ $array['check'] = true;
373
+ }
374
+ $array = apply_filters("wplc_filter_wplc_call_to_server_visitor_new_status_check", $array);
375
+ }
376
+ }
377
+ if ($array['check'] == true) {
378
+ echo json_encode($array);
379
+ break;
380
+ }
381
+ $i++;
382
+ if (defined('WPLC_DELAY_BETWEEN_LOOPS')) { usleep(WPLC_DELAY_BETWEEN_LOOPS); } else { usleep(500000); }
383
+ }
384
+ break;
385
+
386
+ case 'wplc_user_close_chat':
387
+ if ($status == 5) {
388
+ wplc_change_chat_status($cid, 9);
389
+ } else if ($status == 3) {
390
+ wplc_change_chat_status($cid, 8);
391
+ }
392
+ break;
393
+
394
+ case 'wplc_user_minimize_chat':
395
+ wplc_change_chat_status($cid, 10);
396
+ break;
397
+
398
+ case 'wplc_user_maximize_chat':
399
+ wplc_change_chat_status($cid, $chat_status);
400
+ break;
401
+
402
+ case 'wplc_user_send_msg':
403
+ $chat_msg = wp_filter_post_kses(strip_tags($_POST['msg'], '<p><a><img><hr>'));
404
+ $wplc_rec_msg = wplc_record_chat_msg("1", $cid, $chat_msg);
405
+ if ($wplc_rec_msg) {
406
+ echo 'sent';
407
+ } else {
408
+ echo "There was an error sending your chat message. Please contact support";
409
+ }
410
+ break;
411
+
412
+ case 'wplc_start_chat':
413
+ if (!empty($cid)) {
414
+ if ($name && $email) {
415
+ echo wplc_user_initiate_chat($name, $email, $cid, $wplcsession); // echo the chat session id
416
  } else {
417
+ echo "error2";
418
  }
419
+ } else {
420
+ if ($name && $email) {
421
+ echo wplc_user_initiate_chat($name, $email, null, $wplcsession); // echo the chat session id
 
 
 
 
 
422
  } else {
423
+ echo "error2";
 
 
 
 
424
  }
425
+ }
426
+ break;
427
+ } // switch
428
+ } // if
429
+ die();
430
  }
431
 
 
 
config.php CHANGED
@@ -7,7 +7,7 @@ if ( ! defined( 'ABSPATH' ) ) {
7
  exit;
8
  }
9
 
10
- define('WPLC_PLUGIN_VERSION', "8.0.32");
11
  define('WPLC_PLUGIN_DIR', dirname(__FILE__));
12
  define('WPLC_PLUGIN_URL', plugins_url( '/', __FILE__ ) );
13
  define('WPLC_PLUGIN', plugin_basename( __FILE__ ) );
7
  exit;
8
  }
9
 
10
+ define('WPLC_PLUGIN_VERSION', "8.0.33");
11
  define('WPLC_PLUGIN_DIR', dirname(__FILE__));
12
  define('WPLC_PLUGIN_URL', plugins_url( '/', __FILE__ ) );
13
  define('WPLC_PLUGIN', plugin_basename( __FILE__ ) );
functions.php CHANGED
@@ -309,7 +309,7 @@ function wplc_return_chat_name($cid) {
309
  function wplc_return_chat_id_by_rel($rel) {
310
  global $wpdb;
311
  global $wplc_tblname_chats;
312
- $rel = intval($rel);
313
 
314
  $results = $wpdb->get_results("SELECT * FROM $wplc_tblname_chats WHERE `rel` = '$rel' LIMIT 1");
315
  if ($results) {
@@ -1108,7 +1108,11 @@ function wplc_return_chat_session_variable($cid) {
1108
  }
1109
 
1110
 
1111
-
 
 
 
 
1112
  function wplc_return_chat_status($cid) {
1113
  global $wpdb;
1114
  global $wplc_tblname_chats;
@@ -1120,7 +1124,7 @@ function wplc_return_chat_status($cid) {
1120
  "
1121
  );
1122
  foreach ($results as $result) {
1123
- return $result->status;
1124
  }
1125
  }
1126
 
309
  function wplc_return_chat_id_by_rel($rel) {
310
  global $wpdb;
311
  global $wplc_tblname_chats;
312
+ $rel = sanitize_text_field($rel);
313
 
314
  $results = $wpdb->get_results("SELECT * FROM $wplc_tblname_chats WHERE `rel` = '$rel' LIMIT 1");
315
  if ($results) {
1108
  }
1109
 
1110
 
1111
+ /**
1112
+ * Return chat status as integer
1113
+ * @param cid chatid
1114
+ * @return int
1115
+ */
1116
  function wplc_return_chat_status($cid) {
1117
  global $wpdb;
1118
  global $wplc_tblname_chats;
1124
  "
1125
  );
1126
  foreach ($results as $result) {
1127
+ return intval($result->status);
1128
  }
1129
  }
1130
 
js/wplc_agent_node.js CHANGED
@@ -34,38 +34,6 @@ var bleepblop_running = false;
34
  var ping_list = {};
35
  var old_version_detected = false;
36
 
37
- // compatibility with 8.25
38
-
39
- if (typeof bleeper_server_list == "undefined"){
40
- old_version_detected = false;
41
- var bleeper_server_list = [
42
- "https://bleeper.us-3.evennode.com",
43
- "https://bleeper-eu-1.eu-4.evennode.com",
44
- "https://bleeper-eu-2.eu-4.evennode.com",
45
- "https://bleeper-us-2.us-3.evennode.com",
46
- "https://livechat-001.us-3.evennode.com",
47
- "https://livechat-002.us-3.evennode.com",
48
- "https://livechat-003.us-3.evennode.com",
49
- "https://livechat-004.eu-4.evennode.com",
50
- "https://livechat-005.eu-4.evennode.com",
51
- "https://livechat-006.eu-4.evennode.com",
52
- "https://livechat-007.eu-4.evennode.com",
53
- "https://livechat-008.eu-4.evennode.com",
54
- "https://livechat-009.eu-4.evennode.com",
55
- "https://livechat-010.eu-4.evennode.com",
56
- "https://livechat-011.eu-4.evennode.com",
57
- "https://livechat-012.us-3.evennode.com",
58
- "https://livechat-013.us-3.evennode.com",
59
- "https://livechat-014.us-3.evennode.com",
60
- "https://livechat-015.us-3.evennode.com",
61
- "https://livechat-016.us-3.evennode.com"
62
- ];
63
- }
64
-
65
- function bleeper_ping_servers(callback){
66
- callback(Math.floor(Math.random()*bleeper_server_list.length));
67
- }
68
-
69
  /**
70
  * Setup supported file suffix types
71
  */
34
  var ping_list = {};
35
  var old_version_detected = false;
36
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
37
  /**
38
  * Setup supported file suffix types
39
  */
js/wplc_common_node.js CHANGED
@@ -6,10 +6,6 @@
6
  var wplc_baseurl = config.baseurl;
7
 
8
  var wplc_server_list = [
9
- "https://bleeper.us-3.evennode.com",
10
- "https://bleeper-eu-1.eu-4.evennode.com",
11
- "https://bleeper-eu-2.eu-4.evennode.com",
12
- "https://bleeper-us-2.us-3.evennode.com",
13
  "https://livechat-001.us-3.evennode.com",
14
  "https://livechat-002.us-3.evennode.com",
15
  "https://livechat-003.us-3.evennode.com",
@@ -20,13 +16,9 @@ var wplc_server_list = [
20
  "https://livechat-008.eu-4.evennode.com",
21
  "https://livechat-009.eu-4.evennode.com",
22
  "https://livechat-010.eu-4.evennode.com",
23
- "https://livechat-011.eu-4.evennode.com",
24
- "https://livechat-012.us-3.evennode.com",
25
- "https://livechat-013.us-3.evennode.com",
26
- "https://livechat-014.us-3.evennode.com",
27
- "https://livechat-015.us-3.evennode.com",
28
- "https://livechat-016.us-3.evennode.com"
29
  ];
 
30
  var WPLC_SOCKET_URI = "";
31
 
32
  function wplc_shuffle(array) {
6
  var wplc_baseurl = config.baseurl;
7
 
8
  var wplc_server_list = [
 
 
 
 
9
  "https://livechat-001.us-3.evennode.com",
10
  "https://livechat-002.us-3.evennode.com",
11
  "https://livechat-003.us-3.evennode.com",
16
  "https://livechat-008.eu-4.evennode.com",
17
  "https://livechat-009.eu-4.evennode.com",
18
  "https://livechat-010.eu-4.evennode.com",
19
+ "https://tcx-live-chat.appspot.com"
 
 
 
 
 
20
  ];
21
+
22
  var WPLC_SOCKET_URI = "";
23
 
24
  function wplc_shuffle(array) {
js/wplc_node.js CHANGED
@@ -931,10 +931,16 @@ jQuery(document).on('wplc_sockets_ready', function () {
931
  setTimeout(function () {
932
  jQuery("#wp-live-chat-header").click();
933
  }, 50);
 
 
 
934
  });
935
 
936
  jQuery(document).on("click", "#wplc_send_msg", function () {
937
  var message = $inputMessage.val();
 
 
 
938
  sendMessage(message);
939
  });
940
 
931
  setTimeout(function () {
932
  jQuery("#wp-live-chat-header").click();
933
  }, 50);
934
+
935
+ jQuery('#wplc_end_chat_button').show();
936
+ jQuery('#wplc_end_chat_button').removeAttr('wplc_disable');
937
  });
938
 
939
  jQuery(document).on("click", "#wplc_send_msg", function () {
940
  var message = $inputMessage.val();
941
+ if(message.length > 2000){
942
+ message = message.substring(0, 2000);
943
+ }
944
  sendMessage(message);
945
  });
946
 
js/wplc_u.js CHANGED
@@ -286,9 +286,14 @@ jQuery(function() {
286
  agent_id: 0
287
  };
288
 
289
- wplc_rest_api('end_chat', data, 12000, null);
290
 
291
- jQuery.event.trigger({type: "wplc_end_chat_as_user"});
 
 
 
 
 
292
  });
293
 
294
 
286
  agent_id: 0
287
  };
288
 
289
+ jQuery(this).hide();
290
 
291
+ if(jQuery(this).attr('wplc_disable') === undefined && jQuery(this).attr('wplc_disable') !== 'true'){
292
+ wplc_rest_api('end_chat', data, 12000, null);
293
+ jQuery.event.trigger({type: "wplc_end_chat_as_user"});
294
+ }
295
+
296
+ jQuery(this).attr('wplc_disable', 'true');
297
  });
298
 
299
 
modules/api/wplc-api-functions.php CHANGED
@@ -26,7 +26,7 @@ function wplc_api_accept_chat(WP_REST_Request $request){
26
  if(wplc_change_chat_status($cid, 3, intval($request['agent_id']))){
27
 
28
 
29
- do_action("wplc_hook_update_agent_id",$request['cid'],intval($request['agent_id']));
30
 
31
  $return_array['response'] = "Chat accepted successfully";
32
  $return_array['code'] = "200";
@@ -758,7 +758,7 @@ function wplc_api_remote_upload(WP_REST_Request $request){
758
  * Rest Permission check for restricted end points
759
  */
760
  function wplc_api_permission_check(){
761
- return is_user_logged_in() ? check_ajax_referer( 'wp_rest', '_wpnonce', false ) : true;
762
  }
763
 
764
  function wplc_validate_agent_check(WP_REST_Request $request){
26
  if(wplc_change_chat_status($cid, 3, intval($request['agent_id']))){
27
 
28
 
29
+ do_action("wplc_hook_update_agent_id", sanitize_text_field($request['cid']) ,intval($request['agent_id']));
30
 
31
  $return_array['response'] = "Chat accepted successfully";
32
  $return_array['code'] = "200";
758
  * Rest Permission check for restricted end points
759
  */
760
  function wplc_api_permission_check(){
761
+ return check_ajax_referer( 'wp_rest', '_wpnonce', false );
762
  }
763
 
764
  function wplc_validate_agent_check(WP_REST_Request $request){
modules/api/wplc-api-routes.php CHANGED
@@ -28,7 +28,8 @@ function wplc_rest_routes_init() {
28
 
29
  register_rest_route('wp_live_chat_support/v1','/get_status', array(
30
  'methods' => 'GET, POST',
31
- 'callback' => 'wplc_api_get_status'
 
32
  ));
33
 
34
  register_rest_route('wp_live_chat_support/v1','/get_messages', array(
@@ -39,21 +40,25 @@ function wplc_rest_routes_init() {
39
 
40
  register_rest_route('wp_live_chat_support/v1','/get_sessions', array(
41
  'methods' => 'GET, POST',
42
- 'callback' => 'wplc_api_get_sessions'
 
43
  ));
44
 
45
  register_rest_route('wp_live_chat_support/v1','/start_chat', array(
46
  'methods' => 'GET, POST',
47
- 'callback' => 'wplc_api_call_start_chat'
 
48
  ));
49
 
50
  register_rest_route('wp_live_chat_support/v1','/remote_upload', array(
51
  'methods' => 'GET, POST',
52
  'callback' => 'wplc_api_remote_upload',
 
53
  ));
54
  register_rest_route('wp_live_chat_support/v1','/validate_agent', array(
55
  'methods' => 'GET, POST',
56
  'callback' => 'wplc_validate_agent_check',
 
57
  ));
58
 
59
  register_rest_route('wp_live_chat_support/v1','/edit_message', array(
@@ -64,25 +69,31 @@ function wplc_rest_routes_init() {
64
 
65
  register_rest_route('wp_live_chat_support/v1','/typing', array(
66
  'methods' => 'GET, POST',
67
- 'callback' => 'wplc_api_is_typing_mrg'
 
68
  ));
69
 
70
  register_rest_route('wp_live_chat_support/v1','/new-chat', array(
71
  'methods' => 'GET, POST',
72
- 'callback' => 'wplc_api_email_notification_mrg'
 
73
  ));
74
 
75
  register_rest_route('wp_live_chat_support/v1', '/get_agent_unread_message_counts', array(
76
  'methods' => 'GET, POST',
77
- 'callback' => 'wplc_api_get_agent_unread_message_counts_mrg'
 
 
78
  ));
79
  register_rest_route('wp_live_chat_support/v1', '/send_agent_message', array(
80
  'methods' => 'GET, POST',
81
- 'callback' => 'wplc_api_send_agent_message_mrg'
 
82
  ));
83
  register_rest_route('wp_live_chat_support/v1', '/initiate_chat', array(
84
  'methods' => 'GET, POST',
85
- 'callback' => 'wplc_api_initiate_chat_mrg'
 
86
  ));
87
 
88
  do_action("wplc_api_route_hook");
28
 
29
  register_rest_route('wp_live_chat_support/v1','/get_status', array(
30
  'methods' => 'GET, POST',
31
+ 'callback' => 'wplc_api_get_status',
32
+ 'permission_callback' => 'wplc_api_permission_check'
33
  ));
34
 
35
  register_rest_route('wp_live_chat_support/v1','/get_messages', array(
40
 
41
  register_rest_route('wp_live_chat_support/v1','/get_sessions', array(
42
  'methods' => 'GET, POST',
43
+ 'callback' => 'wplc_api_get_sessions',
44
+ 'permission_callback' => 'wplc_api_permission_check'
45
  ));
46
 
47
  register_rest_route('wp_live_chat_support/v1','/start_chat', array(
48
  'methods' => 'GET, POST',
49
+ 'callback' => 'wplc_api_call_start_chat',
50
+ 'permission_callback' => 'wplc_api_permission_check'
51
  ));
52
 
53
  register_rest_route('wp_live_chat_support/v1','/remote_upload', array(
54
  'methods' => 'GET, POST',
55
  'callback' => 'wplc_api_remote_upload',
56
+ 'permission_callback' => 'wplc_api_permission_check'
57
  ));
58
  register_rest_route('wp_live_chat_support/v1','/validate_agent', array(
59
  'methods' => 'GET, POST',
60
  'callback' => 'wplc_validate_agent_check',
61
+ 'permission_callback' => 'wplc_api_permission_check'
62
  ));
63
 
64
  register_rest_route('wp_live_chat_support/v1','/edit_message', array(
69
 
70
  register_rest_route('wp_live_chat_support/v1','/typing', array(
71
  'methods' => 'GET, POST',
72
+ 'callback' => 'wplc_api_is_typing_mrg',
73
+ 'permission_callback' => 'wplc_api_permission_check'
74
  ));
75
 
76
  register_rest_route('wp_live_chat_support/v1','/new-chat', array(
77
  'methods' => 'GET, POST',
78
+ 'callback' => 'wplc_api_email_notification_mrg',
79
+ 'permission_callback' => 'wplc_api_permission_check'
80
  ));
81
 
82
  register_rest_route('wp_live_chat_support/v1', '/get_agent_unread_message_counts', array(
83
  'methods' => 'GET, POST',
84
+ 'callback' => 'wplc_api_get_agent_unread_message_counts_mrg',
85
+ 'permission_callback' => 'wplc_api_permission_check'
86
+
87
  ));
88
  register_rest_route('wp_live_chat_support/v1', '/send_agent_message', array(
89
  'methods' => 'GET, POST',
90
+ 'callback' => 'wplc_api_send_agent_message_mrg',
91
+ 'permission_callback' => 'wplc_api_permission_check'
92
  ));
93
  register_rest_route('wp_live_chat_support/v1', '/initiate_chat', array(
94
  'methods' => 'GET, POST',
95
+ 'callback' => 'wplc_api_initiate_chat_mrg',
96
+ 'permission_callback' => 'wplc_api_permission_check'
97
  ));
98
 
99
  do_action("wplc_api_route_hook");
modules/node_server.php CHANGED
@@ -8,7 +8,7 @@ if ( ! defined( 'ABSPATH' ) ) {
8
  }
9
 
10
  define("BLEEPER_REMOTE_DASH_ROUTE", "remote_dashboard.php");
11
- define("BLEEPER_NODE_SERVER_URL", "https://livechat-016.us-3.evennode.com");
12
 
13
  define("BLEEPER_NODE_END_POINTS_ROUTE", "api/v1/");
14
  define("BLEEPER_NODE_END_POINT_TOKEN", "zf6fe1399sdfgsdfg02ad09ab6a8cb7345s");
8
  }
9
 
10
  define("BLEEPER_REMOTE_DASH_ROUTE", "remote_dashboard.php");
11
+ define("BLEEPER_NODE_SERVER_URL", "https://livechat-001.us-3.evennode.com");
12
 
13
  define("BLEEPER_NODE_END_POINTS_ROUTE", "api/v1/");
14
  define("BLEEPER_NODE_END_POINT_TOKEN", "zf6fe1399sdfgsdfg02ad09ab6a8cb7345s");
readme.txt CHANGED
@@ -106,6 +106,12 @@ WP Live Chat Support makes use of the external services listed below in order to
106
  = WP Live Chat Activation API (https://activation.wp-livechat.com) (Required) =
107
  We use a server side generated unique identifier (GUID) in order to guarantee proper identification and secure communication between agents and visitors connected to same website. This is needed because a client side identifier could be spoofed. The only information sent with this API is your website URL, so your personal data is not sent to our servers. We only store website URL and corresponding GUID. WP Live Chat Support Privacy Policy: https://wp-livechat.com/privacy-policy/
108
 
 
 
 
 
 
 
109
  = Gravatar (https://en.gravatar.com/) (Required) =
110
  We use Gravatars to generate user and agent avatars within the live chat environemnt. This process is anonymized using the hashed email address of the visitor or agent respectively. Gravatar Privacy Policy: https://automattic.com/privacy/
111
 
@@ -209,6 +215,9 @@ If the live chat box still does not appear on your website, please go through th
209
 
210
 
211
  == Upgrade Notice ==
 
 
 
212
  = 8.0.32 =
213
  It is highly recommended that you upgrade to WP Live Chat Support version 8.0.30 for security reasons.
214
 
@@ -271,6 +280,12 @@ We have patched the PHPMailer vulnerability. Please update to version 7.0.02.
271
 
272
 
273
  == Changelog ==
 
 
 
 
 
 
274
  = 8.0.32 - 2019-05-28 - High priority =
275
  * Removed references to esc_attr within PO file configuration
276
  * Remove Custom Scripts area (including JS and CSS)
@@ -282,7 +297,7 @@ We have patched the PHPMailer vulnerability. Please update to version 7.0.02.
282
  * Restored the ability to enable/disable the use of local servers
283
  * Fixed bug where Ace library was still trying to initialize custom JS and CSS boxes
284
 
285
- = 8.0.31 - 2019-05-30 - High priority =
286
  * Additional sanitization and security cleanup
287
  * Added upgrade check to clear custom JS prior to version 8.0.31
288
  * Updated readme to document use of external services
106
  = WP Live Chat Activation API (https://activation.wp-livechat.com) (Required) =
107
  We use a server side generated unique identifier (GUID) in order to guarantee proper identification and secure communication between agents and visitors connected to same website. This is needed because a client side identifier could be spoofed. The only information sent with this API is your website URL, so your personal data is not sent to our servers. We only store website URL and corresponding GUID. WP Live Chat Support Privacy Policy: https://wp-livechat.com/privacy-policy/
108
 
109
+ = Google App Engine (https://cloud.google.com/appengine/) (Optional) =
110
+ We use Google App Engine to spawn or despawn multiregional low latency chat servers depending on chat load. This service is optional, and is not enabled by default. You can enable this service from within the Advanced Features settings menu. Google App Engine Privacy Policy: https://cloud.google.com/security/privacy/
111
+
112
+ = EvenNode (/https://www.evennode.com/) (Optional) =
113
+ We use EvenNode to host our legacy chat servers. This service is optional, and is not enabled by default. You can enable this service from within the Advanced Features settings menu. EvenNode Privacy Policy: https://www.evennode.com/privacy-policy
114
+
115
  = Gravatar (https://en.gravatar.com/) (Required) =
116
  We use Gravatars to generate user and agent avatars within the live chat environemnt. This process is anonymized using the hashed email address of the visitor or agent respectively. Gravatar Privacy Policy: https://automattic.com/privacy/
117
 
215
 
216
 
217
  == Upgrade Notice ==
218
+ = 8.0.33 =
219
+ It is highly recommended that you upgrade to WP Live Chat Support version 8.0.30 for security reasons.
220
+
221
  = 8.0.32 =
222
  It is highly recommended that you upgrade to WP Live Chat Support version 8.0.30 for security reasons.
223
 
280
 
281
 
282
  == Changelog ==
283
+ = 8.0.33 - 2019-05-30 - High priority =
284
+ * Adds additional security hardening to the REST API (Reported by Jonny Milliken - Active Intelligence)
285
+ * Fixed issue where chat rel was not being respected by the converter function
286
+ * Fixed DDOS Vector on the End Chat button by hiding and disabling the end chat functionality once clicked
287
+ * Fixed DDOS Vector which allowed more than 2000 characters to be send as a user message. Checks in place to prevent this.
288
+
289
  = 8.0.32 - 2019-05-28 - High priority =
290
  * Removed references to esc_attr within PO file configuration
291
  * Remove Custom Scripts area (including JS and CSS)
297
  * Restored the ability to enable/disable the use of local servers
298
  * Fixed bug where Ace library was still trying to initialize custom JS and CSS boxes
299
 
300
+ = 8.0.31 - 2019-05-27 - High priority =
301
  * Additional sanitization and security cleanup
302
  * Added upgrade check to clear custom JS prior to version 8.0.31
303
  * Updated readme to document use of external services
wp-live-chat-support.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: WP Live Chat Support
4
  Plugin URI: http://www.wp-livechat.com
5
  Description: The easiest to use website live chat plugin. Let your visitors chat with you and increase sales conversion rates with WP Live Chat Support.
6
- Version: 8.0.32
7
  Author: WP-LiveChat
8
  Author URI: http://www.wp-livechat.com
9
  Text Domain: wplivechat
@@ -11,6 +11,12 @@
11
  */
12
 
13
  /*
 
 
 
 
 
 
14
  * 8.0.32 - 2019-05-28 - High priority
15
  * Removed references to esc_attr within PO file configuration
16
  * Remove Custom Scripts area (including JS and CSS)
@@ -22,7 +28,7 @@
22
  * Restored the ability to enable/disable the use of local servers
23
  * Fixed bug where Ace library was still trying to initialize custom JS and CSS boxes
24
  *
25
- * 8.0.31 - 2019-05-30 - High priority
26
  * Additional sanitization and security cleanup
27
  * Added upgrade check to clear custom JS prior to version 8.0.31
28
  * Updated readme to document use of external services
@@ -570,6 +576,7 @@ function wplc_check_guid() {
570
  'body' => array(
571
  'method' => 'get_guid',
572
  'url' => get_option('siteurl'),
 
573
  )
574
  );
575
  $response = wp_remote_post(WPLC_ACTIVATION_SERVER.'/api/v1', $data_array);
@@ -1896,7 +1903,7 @@ function wplc_filter_control_live_chat_box_html_4th_layer($wplc_settings,$wplc_u
1896
 
1897
  $ret_msg .= "<p>";
1898
  $placeholder = __('Type here','wplivechat');
1899
- $ret_msg .= "<textarea type=\"text\" name=\"wplc_chatmsg\" id=\"wplc_chatmsg\" placeholder=\"".$placeholder."\" class='wdt-emoji-bundle-enabled'></textarea>";
1900
  if(!isset($wplc_settings['wplc_newtheme'])){ $wplc_settings['wplc_newtheme'] = "theme-2"; }
1901
  if (isset($wplc_settings['wplc_newtheme']) && $wplc_settings['wplc_newtheme'] == 'theme-2') {
1902
  $ret_msg .= apply_filters("wplc_filter_typing_control_div_theme_2","");
3
  Plugin Name: WP Live Chat Support
4
  Plugin URI: http://www.wp-livechat.com
5
  Description: The easiest to use website live chat plugin. Let your visitors chat with you and increase sales conversion rates with WP Live Chat Support.
6
+ Version: 8.0.33
7
  Author: WP-LiveChat
8
  Author URI: http://www.wp-livechat.com
9
  Text Domain: wplivechat
11
  */
12
 
13
  /*
14
+ * 8.0.33 - 2019-05-30 - High priority
15
+ * Adds additional security hardening to the REST API (Reported by Jonny Milliken - Active Intelligence)
16
+ * Fixed issue where chat rel was not being respected by the converter function
17
+ * Fixed DDOS Vector on the End Chat button by hiding and disabling the end chat functionality once clicked
18
+ * Fixed DDOS Vector which allowed more than 2000 characters to be send as a user message. Checks in place to prevent this.
19
+ *
20
  * 8.0.32 - 2019-05-28 - High priority
21
  * Removed references to esc_attr within PO file configuration
22
  * Remove Custom Scripts area (including JS and CSS)
28
  * Restored the ability to enable/disable the use of local servers
29
  * Fixed bug where Ace library was still trying to initialize custom JS and CSS boxes
30
  *
31
+ * 8.0.31 - 2019-05-27 - High priority
32
  * Additional sanitization and security cleanup
33
  * Added upgrade check to clear custom JS prior to version 8.0.31
34
  * Updated readme to document use of external services
576
  'body' => array(
577
  'method' => 'get_guid',
578
  'url' => get_option('siteurl'),
579
+ 'server' => intval(get_option('wplc_use_node_server'))
580
  )
581
  );
582
  $response = wp_remote_post(WPLC_ACTIVATION_SERVER.'/api/v1', $data_array);
1903
 
1904
  $ret_msg .= "<p>";
1905
  $placeholder = __('Type here','wplivechat');
1906
+ $ret_msg .= "<textarea type=\"text\" name=\"wplc_chatmsg\" id=\"wplc_chatmsg\" placeholder=\"".$placeholder."\" class='wdt-emoji-bundle-enabled' maxlength='2000'></textarea>";
1907
  if(!isset($wplc_settings['wplc_newtheme'])){ $wplc_settings['wplc_newtheme'] = "theme-2"; }
1908
  if (isset($wplc_settings['wplc_newtheme']) && $wplc_settings['wplc_newtheme'] == 'theme-2') {
1909
  $ret_msg .= apply_filters("wplc_filter_typing_control_div_theme_2","");