function chat_session_moderate_user()
{
global $wpdb;
if (!isset($_POST['chat_id'])) {
die;
}
$chat_id = esc_attr($_POST['chat_id']);
if ($chat_id == '') {
die;
}
if (!isset($_POST['moderate_item'])) {
die;
}
$moderate_item = esc_attr($_POST['moderate_item']);
if (empty($moderate_item)) {
die;
}
if (!isset($_POST['moderate_action'])) {
die;
}
$moderate_action = esc_attr($_POST['moderate_action']);
if (empty($moderate_action)) {
die;
}
if (!isset($_POST['chat_session'])) {
die;
}
$chat_session = $_POST['chat_session'];
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
die;
}
}
if (!is_user_logged_in()) {
die;
}
if (!wpmudev_chat_is_moderator($chat_session)) {
die;
}
if ($moderate_action == "block-user") {
$this->_chat_options['global']['blocked_users'][] = $moderate_item;
$this->_chat_options['global']['blocked_users'] = array_unique($this->_chat_options['global']['blocked_users']);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
} else {
if ($moderate_action == "unblock-user") {
$arr_idx = array_search($moderate_item, $this->_chat_options['global']['blocked_users']);
if ($arr_idx !== false && isset($this->_chat_options['global']['blocked_users'][$arr_idx])) {
unset($this->_chat_options['global']['blocked_users'][$arr_idx]);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
}
}
}
wp_send_json_success();
die;
}
/**
* Process chat requests
*
* Mostly copied from process.php
*
* @global object $current_user
* @param string $return Return? 'yes' or 'no'
* @return string If $return is yes will return the output else echo
*/
function process_chat_actions($return = 'no')
{
if (!isset($_POST['function'])) {
die;
}
$function = $_POST['function'];
switch ($function) {
case 'chat_init':
$reply_data = array();
foreach ($this->chat_sessions as $chat_id => $chat_session) {
//echo "chat_session<pre>"; print_r($chat_session); echo "</pre>";
$reply_data[$chat_id] = array();
$reply_data[$chat_id]['html'] = $this->chat_session_build_box($chat_session);
// We load the box CSS via the AJAX call. This helps when bots are hitting the page.
$reply_data[$chat_id]['css'] = $this->chat_session_box_styles($chat_session);
}
wp_send_json($reply_data);
die;
break;
case 'chat_message_send':
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
if (!isset($_POST['chat_messages']) || !count($_POST['chat_messages'])) {
$reply_data['errorText'] = "chat_messages missing";
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
// Double check the user's authentication. Seems some users can login with multiple tabs. If they log out of one tab they
// should not be able to post via the other tab.
if (!isset($this->chat_auth['type'])) {
$reply_data['errorText'] = "Unknown user type";
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
//log_chat_message(__FUNCTION__. ": ". $function .": ------------------------------------------------------");
foreach ($_POST['chat_messages'] as $chat_id => $chat_messages) {
if (!isset($this->chat_sessions[$chat_id])) {
continue;
}
if (!is_array($chat_messages) || !count($chat_messages)) {
continue;
}
$chat_session = $this->chat_sessions[$chat_id];
if (!isset($reply_data['chat_messages'][$chat_id])) {
$reply_data['chat_messages'][$chat_id] = array();
}
//log_chat_message(__FUNCTION__ .": chat_id[". $chat_id ."] chat_message[". print_r($chat_messages, true) ."]");
foreach ($chat_messages as $chat_message_idx => $chat_message) {
$reply_data['chat_messages'][$chat_id][$chat_message_idx] = false;
$chat_message = urldecode($chat_message);
$chat_message = stripslashes($chat_message);
// Replace the chr(10) Line feed (not the chr(13) carraige return) with a placeholder. Will be replaced with
// real <br /> after filtering This is done so when we convert text within [code][/code] the <br /> are not
// converted to entities. Because we want the code to be formatted
$chat_message = str_replace(chr(10), "[[CR]]", $chat_message);
// In case the user entered HTML <code></code> instead of [code][/code]
$chat_message = str_replace("<code>", "[code]", $chat_message);
$chat_message = str_replace("</code>", "[/code]", $chat_message);
// We also can accept backtick quoted text and convert to [code][/code]
$chat_message = preg_replace('/`(.*?)`/', '[code]$1[/code]', $chat_message);
// Now split out the [code][/code] sections.
//preg_match_all("|\[code\](.*)\[/code\]|s", $chat_message, $code_out);
preg_match_all("~\\[code\\](.+?)\\[/code\\]~si", $chat_message, $code_out);
if ($code_out && is_array($code_out) && is_array($code_out[0]) && count($code_out[0])) {
foreach ($code_out[0] as $code_idx => $code_str_original) {
if (!isset($code_out[1][$code_idx])) {
continue;
}
// Here we replace our [code][/code] block or text in the message with placeholder [code-XXX] where XXX
// is the index (0,1,2,3, etc.) Again we do this because in the next step we will strip out all HTML not
// allowed. We want to protect any HTML within the code block
// which will be converted to HTML entities after the filtering.
$chat_message = str_replace($code_str_original, '[code-' . $code_idx . ']', $chat_message);
}
}
// First strip all the tags!
$allowed_protocols = array();
$allowed_html = array();
/*
$allowed_html = array( 'a' => array('href' => array()),
'br' => array(),
'em' => array(),
'strong' => array(),
'strike' => array(),
'blockquote' => array()
);
*/
$chat_message = wp_kses($chat_message, $allowed_html, $allowed_protocols);
// If the user enters something that liiks like a link (http://, ftp://, etc) it will be made clickable
// in that is will be wrapped in an anchor, etc. The the link tarket will be set so clicking it will open
// in a new window
$chat_message = links_add_target(make_clickable($chat_message));
// Now that we can filtered the text outside the [code][/code] we want to convert the code section HTML to entities since it
// will be viewed that way by other users.
if ($code_out && is_array($code_out) && is_array($code_out[0]) && count($code_out[0])) {
foreach ($code_out[0] as $code_idx => $code_str_original) {
if (!isset($code_out[1][$code_idx])) {
continue;
}
$code_str_replace = "<code>" . htmlentities2($code_out[1][$code_idx], ENT_QUOTES | ENT_XHTML) . "</code>";
$chat_message = str_replace('[code-' . $code_idx . ']', $code_str_replace, $chat_message);
}
}
// Finally convert any of our CR placeholders to HTML breaks.
$chat_message = str_replace("[[CR]]", '<br />', $chat_message);
// Just as a precaution. After processing we may end up with double breaks. So we convert to single.
$chat_message = str_replace("<br /><br />", '<br />', $chat_message);
// End message filtering
if ($chat_message == '') {
continue;
}
// Truncate the message IF the max length is set
if (!wpmudev_chat_is_moderator($chat_session)) {
if ($chat_session['row_message_input_length'] > 0 && strlen($chat_message) > $chat_session['row_message_input_length']) {
$chat_message = substr($chat_message, 0, $chat_session['row_message_input_length']);
}
}
// Process bad words
if ($this->_chat_options['banned']['blocked_words_active'] == "enabled" && $chat_session['blocked_words_active'] == "enabled") {
$chat_message = str_ireplace($this->_chat_options['banned']['blocked_words'], $this->_chat_options['banned']['blocked_words_replace'], $chat_message);
}
/*
// Save for later. We had a request to support latex via chat
if (preg_match('/\[latex\](.*)\[\/latex\]/', $chat_message, $match)) {
if (isset($match[1])) {
$latex_content = $match[1];
$latex_content = '[latexpage] \['. $match[1] .'\]';
$latex_image = quicklatex_parser($latex_content);
if ($latex_image) {
$latex_image = strip_tags($latex_image, '<img>');
$chat_message = str_replace($match[0], $latex_image, $chat_message);
}
}
}
*/
$ret = $this->chat_session_send_message($chat_message, $chat_session);
if (!empty($ret)) {
$reply_data['chat_messages'][$chat_id][$chat_message_idx] = true;
}
//$reply_data['errorText'] = "chat_message sent to DB wpdb[". $ret. "]";
}
}
// From wordpress-chat-2.0.2-Beta1
// Begin message filtering
//$chat_message = $_POST['chat_message'];
//log_chat_message(__FUNCTION__. ": ". $function ."\r\n");
wp_send_json($reply_data);
die;
break;
case 'chat_user_login':
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
if (!isset($_POST['user_info'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('missing POST user_info', $this->translation_domain);
wp_send_json($reply_data);
die;
}
$user_info = $_POST['user_info'];
switch ($user_info['type']) {
case 'public_user':
if (!isset($user_info['name']) || !isset($user_info['email'])) {
$reply_data['errorText'] = __('Please provide valid Name and Email.', $this->translation_domain);
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
$user_info['name'] = esc_attr($user_info['name']);
$user_info['email'] = esc_attr($user_info['email']);
if (empty($user_info['name']) || empty($user_info['email']) || !is_email($user_info['email'])) {
$reply_data['errorText'] = __('Please provide valid Name and Email.', $this->translation_domain);
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
$user_name_id = username_exists($user_info['name']);
if ($user_name_id) {
$reply_data['errorText'] = __('Name already registered. Try something unique', $this->translation_domain);
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
$user_name_id = email_exists($user_info['email']);
if ($user_name_id) {
$reply_data['errorText'] = __('Email already registered. Try something unique', $this->translation_domain);
$reply_data['errorStatus'] = true;
wp_send_json($reply_data);
die;
}
$avatar = get_avatar($user_info['email'], 96, get_option('avatar_default'), $user_info['name']);
if ($avatar) {
$avatar_parts = array();
if (stristr($avatar, ' src="') !== false) {
preg_match('/src="([^"]*)"/i', $avatar, $avatar_parts);
} else {
if (stristr($avatar, " src='") !== false) {
preg_match("/src='([^']*)'/i", $avatar, $avatar_parts);
}
}
if (isset($avatar_parts[1]) && !empty($avatar_parts[1])) {
$user_info['avatar'] = $avatar_parts[1];
}
}
$user_info['ip_address'] = isset($_SERVER['HTTP_X_FORWARD_FOR']) ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'];
$user_info['auth_hash'] = md5($user_info['name'] . $user_info['email'] . $user_info['ip_address']);
$reply_data['user_info'] = $user_info;
break;
case 'facebook':
case 'google_plus':
case 'twitter':
$user_info['ip_address'] = isset($_SERVER['HTTP_X_FORWARD_FOR']) ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'];
$user_info['auth_hash'] = md5($user_info['id'] . $user_info['ip_address']);
$reply_data['user_info'] = $user_info;
break;
default:
break;
}
wp_send_json($reply_data);
die;
break;
case 'chat_messages_update':
$reply_data = array();
//echo "_POST<pre>"; print_r($_POST); echo "</pre>";
//log_chat_message(__FUNCTION__. ": ". $function .": ------------------------------------------------------");
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
$reply_data['sessions'] = array();
$reply_data['invites'] = array();
if (isset($_POST['timers'])) {
$timers = $_POST['timers'];
} else {
$timers = array();
}
//log_chat_message(__FUNCTION__ .": timers". print_r($timers, true). "");
// We first want to grab the invites for the users. This will setup the extra items in the $this->chat_sessions reference. Then later
// in this section we will also add the rows and meta updates for the new invite box.
if ($this->using_popup_out_template == false && isset($timers['invites']) && $timers['invites'] == 1) {
//log_chat_message(__FUNCTION__ .": timer invite[1]");
$reply_data['invites'] = $this->chat_session_get_invites_new();
}
//if (!isset($chat_session['since'])) $chat_session['since'] = 0;
//if (!isset($chat_session['last_row_id'])) $chat_session['last_row_id'] = 0;
$this->chat_auth['ip_address'] = isset($_SERVER['HTTP_X_FORWARD_FOR']) ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'];
foreach ($this->chat_sessions as $chat_id => $chat_session) {
// Now process the meta information. Session Status, Deleted Row IDs and Session Users
$reply_data['sessions'][$chat_id]['meta'] = array();
if (!isset($this->chat_sessions_meta[$chat_id])) {
$this->chat_sessions_meta[$chat_id] = $this->chat_session_get_meta($chat_session);
}
if (isset($timers['messages']) && $timers['messages'] == 1) {
//log_chat_message(__FUNCTION__ .": timer messages[1]");
if (!isset($chat_session['last_row_id'])) {
$chat_session['last_row_id'] = "__EMPTY__";
}
//log_chat_message(__FUNCTION__ .": last_row_id chat_session[". $chat_session['last_row_id'] ."] meta[". $this->chat_sessions_meta[$chat_id]['last_row_id'] ."]");
//if ($this->chat_sessions_meta[$chat_id]['last_row_id'] === "__EMPTY__") {
// //log_chat_message(__FUNCTION__ .": here #1");
// $reply_data['sessions'][$chat_id]['rows'] = "__EMPTY__";
//} else if ($chat_session['last_row_id'] != $this->chat_sessions_meta[$chat_id]['last_row_id']) {
$reply_data['sessions'][$chat_id]['rows'] = array();
$new_rows = $this->chat_session_get_message_new($chat_session);
//log_chat_message(__FUNCTION__ .': new_rows<pre>'. print_r($new_rows, true) .'</pre>');
if ($new_rows && count($new_rows)) {
// Init the reply last_row_id with what was sent.
$reply_data['sessions'][$chat_id]['last_row_id'] = $chat_session['last_row_id'];
$_LAST_ROW_UPDATED = false;
foreach ($new_rows as $row_idx => $row) {
if (intval($chat_session['last_row_id']) > 0 && $row->id == $chat_session['last_row_id']) {
continue;
}
$reply_data['sessions'][$chat_id]['rows'][strtotime($row->timestamp) . "-" . $row->id] = $this->chat_session_build_row($row, $chat_session);
// Then update the last_row_id based on the higher row->id values returned
if ($_LAST_ROW_UPDATED == false) {
$reply_data['sessions'][$chat_id]['last_row_id'] = $row->id;
$_LAST_ROW_UPDATED = true;
}
//log_chat_message(__FUNCTION__ .': row_idx['. $row_idx.'] new row['. $row->id .'] message['. $row->message .']');
}
if (count($reply_data['sessions'][$chat_id]['rows'])) {
ksort($reply_data['sessions'][$chat_id]['rows']);
}
} else {
$reply_data['sessions'][$chat_id]['rows'] = "__EMPTY__";
}
//log_chat_message("\r\n");
//}
$reply_data['sessions'][$chat_id]['meta'] = $this->chat_session_update_meta_log($chat_session);
}
if (isset($timers['meta']) && $timers['meta'] == 1) {
//log_chat_message(__FUNCTION__ .": timer meta[1]");
//$reply_data['sessions'][$chat_id]['meta'] = $this->chat_session_update_meta_log($chat_session);
//log_chat_message(__FUNCTION__ .": meta". print_r($reply_data['sessions'][$chat_id]['meta'], true));
$reply_data['sessions'][$chat_id]['global'] = $this->chat_session_update_global_log($chat_session);
//log_chat_message(__FUNCTION__ .": global". print_r($reply_data['sessions'][$chat_id]['global'], true));
}
// We update the usermeta with the current tmestamp
if (isset($timers['users']) && $timers['users'] == 1) {
//log_chat_message(__FUNCTION__ .": timer users[1]");
$this->chat_session_users_update_polltime($chat_session);
$reply_data['sessions'][$chat_id]['meta']['users-active'] = $this->chat_session_get_active_users($chat_session);
//log_chat_message(__FUNCTION__ .": users-active". print_r($reply_data['sessions'][$chat_id]['meta']['users-active'], true));
}
}
wp_send_json($reply_data);
die;
break;
case 'chat_meta_leave_private_session':
global $wpdb;
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
$reply_data['sessions'] = array();
// Get Private chats
if (!isset($this->chat_auth['auth_hash']) || empty($this->chat_auth['auth_hash'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid auth_hash', $this->translation_domain);
wp_send_json($reply_data);
die;
}
//echo "chat_sessions<pre>"; print_r($this->chat_sessions); echo "</pre>";
//echo "chat_auth<pre>"; print_r($this->chat_auth); echo "</pre>";
//die();
foreach ($this->chat_sessions as $chat_id => $chat_session) {
//echo "chat_session<pre>"; print_r($chat_session); echo "</pre>";
$reply_data['sessions'][$chat_id] = $chat_id;
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('message') . " SET archived=%s WHERE chat_id=%s AND session_type=%s AND auth_hash=%s LIMIT 1", 'yes', $chat_session['id'], 'invite', $this->chat_auth['auth_hash']);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$wpdb->query($sql_str);
// When the moderator leave we archive the chat.
if (wpmudev_chat_is_moderator($chat_session)) {
$this->chat_session_archive_messages($chat_session);
}
}
wp_send_json($reply_data);
die;
break;
case 'chat_messages_clear':
global $wpdb;
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
}
if (!is_user_logged_in()) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
foreach ($this->chat_sessions as $chat_id => $chat_session) {
if (wpmudev_chat_is_moderator($chat_session)) {
$sql_str = $wpdb->prepare("DELETE FROM `" . WPMUDEV_Chat::tablename('message') . "` WHERE blog_id = %d AND chat_id = %s AND archived IN ('no') AND session_type = %s;", $chat_session['blog_id'], $chat_session['id'], $chat_session['session_type']);
$wpdb->query($sql_str);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$this->chat_session_set_meta($chat_session, 'last_row_id', '__EMPTY__');
$this->chat_session_update_message_rows_deleted($chat_session);
} else {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Not moderator', $this->translation_domain);
die;
}
}
wp_send_json($reply_data);
die;
break;
case 'chat_messages_archive':
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
}
if (!is_user_logged_in()) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
foreach ($this->chat_sessions as $chat_id => $chat_session) {
if (wpmudev_chat_is_moderator($chat_session)) {
$this->chat_session_archive_messages($chat_session);
}
}
wp_send_json($reply_data);
die;
break;
case 'chat_session_moderate_status':
$reply_data = array();
$reply_data['errorStatus'] = false;
$reply_data['errorText'] = '';
$chat_id = 0;
if (!isset($_POST['chat_session'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_session', $this->translation_domain);
wp_send_json($reply_data);
die;
}
$chat_session = $_POST['chat_session'];
$chat_id = esc_attr($chat_session['id']);
if ($chat_id == '') {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_id', $this->translation_domain);
wp_send_json($reply_data);
die;
}
if (!isset($_POST['chat_session_status'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_session_status', $this->translation_domain);
wp_send_json($reply_data);
die;
}
$chat_session_status = esc_attr($_POST['chat_session_status']);
if ($chat_session_status != "open" && $chat_session_status != "closed") {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_session_status', $this->translation_domain);
wp_send_json($reply_data);
die;
}
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
}
if (!is_user_logged_in()) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('Invalid chat_auth [type]', $this->translation_domain);
wp_send_json($reply_data);
die;
}
if (!wpmudev_chat_is_moderator($chat_session)) {
$reply_data['errorStatus'] = true;
$reply_data['errorText'] = __('not moderator', $this->translation_domain);
wp_send_json($reply_data);
die;
}
$this->chat_session_set_meta($chat_session, 'session_status', $chat_session_status);
wp_send_json($reply_data);
die;
break;
case 'chat_session_moderate_message':
global $wpdb;
if (!isset($_POST['chat_id'])) {
wp_send_json_error();
die;
}
$chat_id = $_POST['chat_id'];
if ($chat_id == '') {
wp_send_json_error();
die;
}
if (!isset($_POST['row_id'])) {
wp_send_json_error();
die;
}
list($row_time, $row_id) = explode('-', $_POST['row_id']);
//$row_id = intval($_POST['row_id']);
if (empty($row_time) || empty($row_id)) {
wp_send_json_error();
die;
}
//log_chat_message(__FUNCTION__ .": row_time[". $row_time ."] row_id[". $row_id ."]");
if (!isset($_POST['moderate_action'])) {
wp_send_json_error();
die;
}
$moderate_action = esc_attr($_POST['moderate_action']);
if (empty($moderate_action)) {
wp_send_json_error();
die;
}
if (!isset($_POST['chat_session'])) {
wp_send_json_error();
die;
}
$chat_session = $_POST['chat_session'];
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
wp_send_json_error();
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
wp_send_json_error();
die;
}
}
if (!is_user_logged_in()) {
wp_send_json_error();
die;
}
if (!wpmudev_chat_is_moderator($chat_session)) {
wp_send_json_error();
die;
}
$row_date = date('Y-m-d H:i:s', $row_time);
$sql_str = $wpdb->prepare("SELECT id, deleted FROM `" . WPMUDEV_Chat::tablename('message') . "` WHERE id = %d AND blog_id = %d AND chat_id = %s AND timestamp = %s LIMIT 1;", $row_id, $chat_session['blog_id'], $chat_id, $row_date);
//echo "sql_str=[". $sql_str ."]<br />";
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$chat_row = $wpdb->get_row($sql_str);
//log_chat_message(__FUNCTION__ .": chat_row<pre>". print_r($chat_row, true) ."</pre>";
if ($chat_row && isset($chat_row->deleted)) {
$chat_row_deleted_new = '';
if ($moderate_action == "delete") {
$chat_row_deleted_new = 'yes';
} else {
if ($moderate_action == "undelete") {
$chat_row_deleted_new = 'no';
}
}
if (!empty($chat_row_deleted_new)) {
$sql_str = $wpdb->prepare("UPDATE `" . WPMUDEV_Chat::tablename('message') . "` SET deleted=%s WHERE id=%d AND blog_id = %d AND chat_id = %s LIMIT 1;", $chat_row_deleted_new, $chat_row->id, $chat_session['blog_id'], $chat_id);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$wpdb->get_results($sql_str);
$this->chat_session_update_message_rows_deleted($chat_session);
//log_chat_message(__FUNCTION__ .": deleted_rows<pre>". print_r($deleted_rows, true) ."</pre>";
wp_send_json_success();
die;
}
}
break;
case 'chat_session_moderate_ipaddress':
global $wpdb;
if (!isset($_POST['chat_id'])) {
die;
}
$chat_id = esc_attr($_POST['chat_id']);
if ($chat_id == '') {
die;
}
if (!isset($_POST['ip_address'])) {
die;
}
$ip_address = esc_attr($_POST['ip_address']);
if (empty($ip_address)) {
die;
}
if (!isset($_POST['moderate_action'])) {
die;
}
$moderate_action = esc_attr($_POST['moderate_action']);
if (empty($moderate_action)) {
die;
}
if (!isset($_POST['chat_session'])) {
die;
}
$chat_session = $_POST['chat_session'];
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
die;
}
}
if (!is_user_logged_in()) {
die;
}
if (!wpmudev_chat_is_moderator($chat_session)) {
die;
}
if ($this->get_option('blocked_ip_addresses_active', 'global') != "enabled") {
die;
}
if (!isset($this->_chat_options['global']['blocked_ip_addresses']) || empty($this->_chat_options['global']['blocked_ip_addresses'])) {
$this->_chat_options['global']['blocked_ip_addresses'] = array();
}
if ($moderate_action == "block-ip") {
$this->_chat_options['global']['blocked_ip_addresses'][] = $ip_address;
$this->_chat_options['global']['blocked_ip_addresses'] = array_unique($this->_chat_options['global']['blocked_ip_addresses']);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
} else {
if ($moderate_action == "unblock-ip") {
$arr_idx = array_search($ip_address, $this->_chat_options['global']['blocked_ip_addresses']);
if ($arr_idx !== false && isset($this->_chat_options['global']['blocked_ip_addresses'][$arr_idx])) {
unset($this->_chat_options['global']['blocked_ip_addresses'][$arr_idx]);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
}
}
}
wp_send_json_success();
die;
break;
case 'chat_session_moderate_user':
global $wpdb;
if (!isset($_POST['chat_id'])) {
die;
}
$chat_id = esc_attr($_POST['chat_id']);
if ($chat_id == '') {
die;
}
if (!isset($_POST['moderate_item'])) {
die;
}
$moderate_item = esc_attr($_POST['moderate_item']);
if (empty($moderate_item)) {
die;
}
if (!isset($_POST['moderate_action'])) {
die;
}
$moderate_action = esc_attr($_POST['moderate_action']);
if (empty($moderate_action)) {
die;
}
if (!isset($_POST['chat_session'])) {
die;
}
$chat_session = $_POST['chat_session'];
// If the user doesn't have a type
if (!isset($this->chat_auth['type'])) {
die;
} else {
if ($this->chat_auth['type'] != "wordpress") {
die;
}
}
if (!is_user_logged_in()) {
die;
}
if (!wpmudev_chat_is_moderator($chat_session)) {
die;
}
if ($moderate_action == "block-user") {
$this->_chat_options['global']['blocked_users'][] = $moderate_item;
$this->_chat_options['global']['blocked_users'] = array_unique($this->_chat_options['global']['blocked_users']);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
} else {
if ($moderate_action == "unblock-user") {
$arr_idx = array_search($moderate_item, $this->_chat_options['global']['blocked_users']);
if ($arr_idx !== false && isset($this->_chat_options['global']['blocked_users'][$arr_idx])) {
unset($this->_chat_options['global']['blocked_users'][$arr_idx]);
update_option('wpmudev-chat-global', $this->_chat_options['global']);
}
}
}
wp_send_json_success();
die;
break;
case 'chat_session_invite_private':
global $wpdb, $blog_id;
//echo "_POST<pre>"; print_r($_POST); echo "</pre>";
//die();
// We ONLY allow logged in users to perform private invites
if (!is_user_logged_in()) {
wp_send_json_error();
return;
}
if (md5(get_current_user_id()) != $this->chat_auth['auth_hash']) {
wp_send_json_error();
return;
}
$user_from_hash = $this->chat_auth['auth_hash'];
if (!isset($_REQUEST['wpmudev-chat-to-user']) || empty($_REQUEST['wpmudev-chat-to-user'])) {
wp_send_json_error();
return;
}
$user_to_hash = esc_attr($_REQUEST['wpmudev-chat-to-user']);
$private_invite_noonce = time();
$chat_id = "private-" . $private_invite_noonce;
//if (is_multisite())
// $blog_id = $wpdb->blogid;
//else
// $blog_id = 1;
$sql_str = $wpdb->prepare("SELECT invite_from.chat_id, invite_from.id invite_from_id, invite_to.id invite_to_id FROM " . WPMUDEV_Chat::tablename('message') . " as invite_from INNER JOIN " . WPMUDEV_Chat::tablename('message') . " as invite_to ON invite_from.chat_id=invite_to.chat_id AND invite_to.auth_hash = %s WHERE invite_from.blog_id = %d AND invite_from.session_type=%s AND invite_from.auth_hash=%s ORDER BY invite_from.timestamp ASC LIMIT 1", $user_to_hash, $blog_id, 'invite', $user_from_hash);
//echo "sql_str[". $sql_str ."]<br />";
$invites = $wpdb->get_row($sql_str);
//echo "invites<pre>"; print_r($invites); echo "</pre>";
if (!empty($invites)) {
$invitation = array();
$invitation['host'] = array();
$invitation['host'] = $this->chat_auth;
// IF we have a previous private chat we do a number of setup tasks
// For the user sending the invite. We update the message with the 'no' archived status and fill in the invitation.
if (isset($invites->invite_from_id)) {
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('message') . " SET archived = %s, message = %s, moderator = %s WHERE id = %d AND blog_id = %d AND chat_id = %s AND auth_hash = %s LIMIT 1", 'no', serialize($invitation), 'no', $invites->invite_from_id, $blog_id, $invites->chat_id, $user_from_hash);
//echo "sql_str[". $sql_str ."]<br />";
$wpdb->get_results($sql_str);
}
// For the user receiving the invite. We update the message with the 'no' archived status and fill in the invitation. The invitation
// Contains information like who did the invite.
if (isset($invites->invite_to_id)) {
$invitation['id'] = $invites->invite_from_id;
$invitation['invite-status'] = 'pending';
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('message') . " SET archived = %s, message = %s, moderator = %s WHERE id = %d AND blog_id = %d AND chat_id = %s AND auth_hash = %s LIMIT 1", 'no', serialize($invitation), 'no', $invites->invite_to_id, $blog_id, $invites->chat_id, $user_to_hash);
//echo "sql_str[". $sql_str ."]<br />";
$wpdb->get_results($sql_str);
}
// Then we un-archive the previous messages if any
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('message') . " SET archived = %s WHERE blog_id = %d AND chat_id = %s AND session_type = %s", 'no', $blog_id, $invites->chat_id, 'private');
//echo "sql_str[". $sql_str ."]<br />";
$wpdb->get_results($sql_str);
// Lastly, we then unarchive the log reference.
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('log') . " SET archived = %s WHERE blog_id = %d AND chat_id = %s AND session_type = %s LIMIT 1", 'no', $blog_id, $invites->chat_id, 'private');
//echo "sql_str[". $sql_str ."]<br />";
$wpdb->get_results($sql_str);
} else {
if (empty($invites)) {
$sql_str = $wpdb->prepare("INSERT INTO " . WPMUDEV_Chat::tablename('message') . " (`blog_id`, `chat_id`, `session_type`, `timestamp`, `name`, `avatar`, `auth_hash`, `ip_address`, `message`, `moderator`, `deleted`, `archived`, `log_id`) VALUES(%d, %s, %s, NOW(), %s, %s, %s, %s, %s, %s, %s, %s, %d);", $blog_id, $chat_id, 'invite', $this->chat_auth['name'], $this->chat_auth['avatar'], $user_from_hash, $this->chat_auth['ip_address'], serialize($invitation), $user_moderator, 'no', 'no', 0);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$wpdb->get_results($sql_str);
if (intval($wpdb->insert_id)) {
$invitation['id'] = $wpdb->insert_id;
$invitation['invite-status'] = 'pending';
// Then add the to
$user_moderator = "no";
$sql_str = $wpdb->prepare("SELECT * FROM " . WPMUDEV_Chat::tablename('message') . " WHERE blog_id = %d AND chat_id=%s AND session_type=%s AND auth_hash=%s AND archived = %s ORDER BY timestamp ASC", $blog_id, $chat_id, 'invite', $user_to_hash, 'no');
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$invites = $wpdb->get_results($sql_str);
if (empty($invites)) {
$sql_str = $wpdb->prepare("INSERT INTO " . WPMUDEV_Chat::tablename('message') . " (`blog_id`, `chat_id`, `session_type`, `timestamp`, `name`, `avatar`, `auth_hash`, `ip_address`, `message`, `moderator`, `deleted`, `archived`, `log_id`) VALUES(%d, %s, %s, NOW(), %s, %s, %s, %s, %s, %s, %s, %s, %d);", $blog_id, $chat_id, 'invite', $this->chat_auth['name'], $this->chat_auth['avatar'], $user_to_hash, $this->chat_auth['ip_address'], serialize($invitation), $user_moderator, 'no', 'no', 0);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$wpdb->get_results($sql_str);
}
}
}
}
wp_send_json_success();
die;
break;
case 'chat_update_user_status':
if (!is_user_logged_in()) {
return;
}
$user_id = get_current_user_id();
if (md5($user_id) == $this->chat_auth['auth_hash']) {
if (isset($_POST['wpmudev-chat-user-status'])) {
$new_status = esc_attr($_POST['wpmudev-chat-user-status']);
if (isset($this->_chat_options['user-statuses'][$new_status])) {
wpmudev_chat_update_user_status($user_id, $new_status);
wp_send_json_success();
}
}
}
die;
break;
case 'chat_invite_update_user_status':
$chat_id = esc_attr($_POST['chat-id']);
if (!$chat_id) {
die;
}
if (!isset($this->chat_auth['auth_hash']) || empty($this->chat_auth['auth_hash'])) {
die;
}
$invite_status = esc_attr($_POST['invite-status']);
if ($invite_status != 'accepted' && $invite_status != 'declined') {
$invite_status = 'declined';
}
global $wpdb;
$sql_str = $wpdb->prepare("SELECT * FROM " . WPMUDEV_Chat::tablename('message') . " WHERE session_type=%s AND auth_hash=%s AND archived IN('no') ORDER BY timestamp ASC", 'invite', $this->chat_auth['auth_hash']);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$invite_chats = $wpdb->get_results($sql_str);
if (!empty($invite_chats)) {
foreach ($invite_chats as $invite_chat) {
$invite_info = unserialize($invite_chat->message);
$invite_info['invite-status'] = $invite_status;
$sql_str = $wpdb->prepare("UPDATE " . WPMUDEV_Chat::tablename('message') . " SET `message`= %s WHERE id=%d", serialize($invite_info), $invite_chat->id);
//log_chat_message(__FUNCTION__ .": [". $sql_str ."]");
$wpdb->query($sql_str);
}
}
wp_send_json_success();
die;
break;
}
}
