Ejemplo n.º 1
0
 /**
  * Validate the current customer, get the current customer id
  * @param string
  * @return JSON encoded array with results, results include original request parameters
  * @since 3.8.14
  */
 function wpsc_validate_customer_ajax()
 {
     // most of the validation should be done by the WPEC initialization, just return the current customer values
     $response = array('valid' => _wpsc_validate_customer_cookie() !== false, 'id' => wpsc_get_current_customer_id());
     $response = apply_filters('_wpsc_validate_customer_ajax', $response);
     wp_send_json_success($response);
 }
Ejemplo n.º 2
0
/**
 * Is the user an automata not worthy of a WPEC profile to hold shopping cart and other info
 *
 * @access private
 * @since  3.8.13
 */
function _wpsc_is_bot_user()
{
    $is_bot = false;
    // if the customer cookie is invalid, unset it
    $visitor_id_from_cookie = _wpsc_validate_customer_cookie();
    if ($visitor_id_from_cookie) {
        return $visitor_id_from_cookie === WPSC_BOT_VISITOR_ID;
    }
    if (!is_user_logged_in()) {
        // check for WordPress detected 404 or feed request
        if (did_action('posts_selection')) {
            if (is_feed()) {
                $is_bot = true;
            }
            if (is_404()) {
                $is_bot = true;
            }
        }
        // Check for non WPEC ajax request, no reason to create a visitor profile if this is the case
        // Although the AJAX request may not have originated from a bot, from WPeC's perspective we
        // treat it as such to avoid creating a WPeC visitor profile for an AJAX rerquest that doesn't need
        // WPeC functionality.
        if (!$is_bot && (defined('DOING_AJAX') && DOING_AJAX) && !_wpsc_doing_wpsc_ajax_request()) {
            $is_bot = true;
        }
        if (!$is_bot && strpos($_SERVER['REQUEST_URI'], '?wpsc_action=rss')) {
            $is_bot = true;
        }
        // Cron jobs are not flesh originated
        if (!$is_bot && (defined('DOING_CRON') && DOING_CRON)) {
            $is_bot = true;
        }
        // XML RPC requests are probably from cybernetic beasts
        if (!$is_bot && (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)) {
            $is_bot = true;
        }
        // coming to login first, after the user logs in we know they are a live being, until then they are something else
        if (!$is_bot && (strpos($_SERVER['PHP_SELF'], 'wp-login') || strpos($_SERVER['PHP_SELF'], 'wp-register'))) {
            $is_bot = true;
        }
        if (!$is_bot && !empty($_SERVER['HTTP_USER_AGENT'])) {
            // the user agent could be google bot, bing bot or some other bot,  one would hope real user agents do not have the
            // string 'bot|spider|crawler|preview' in them, there are bots that don't do us the kindness of identifying themselves as such,
            // check for the user being logged in in a real user is using a bot to access content from our site
            $bot_agent_strings = array('robot', 'bot', 'crawler', 'spider', 'preview', 'WordPress');
            $bot_agent_strings = apply_filters('wpsc_bot_user_agents', $bot_agent_strings);
            foreach ($bot_agent_strings as $bot_agent_string) {
                if (stripos($_SERVER['HTTP_USER_AGENT'], $bot_agent_string) !== false) {
                    $is_bot = true;
                    break;
                }
            }
        }
    }
    $is_bot = apply_filters('wpsc_is_bot_user', $is_bot);
    return $is_bot;
}