/**
* Validate the current customer, get the current customer id
* @param string
* @return JSON encoded array with results, results include original request parameters
* @since 3.8.14
*/
function wpsc_validate_customer_ajax()
{
// most of the validation should be done by the WPEC initialization, just return the current customer values
$response = array('valid' => _wpsc_validate_customer_cookie() !== false, 'id' => wpsc_get_current_customer_id());
$response = apply_filters('_wpsc_validate_customer_ajax', $response);
wp_send_json_success($response);
}
/**
* Is the user an automata not worthy of a WPEC profile to hold shopping cart and other info
*
* @access private
* @since 3.8.13
*/
function _wpsc_is_bot_user()
{
$is_bot = false;
// if the customer cookie is invalid, unset it
$visitor_id_from_cookie = _wpsc_validate_customer_cookie();
if ($visitor_id_from_cookie) {
return $visitor_id_from_cookie === WPSC_BOT_VISITOR_ID;
}
if (!is_user_logged_in()) {
// check for WordPress detected 404 or feed request
if (did_action('posts_selection')) {
if (is_feed()) {
$is_bot = true;
}
if (is_404()) {
$is_bot = true;
}
}
// Check for non WPEC ajax request, no reason to create a visitor profile if this is the case
// Although the AJAX request may not have originated from a bot, from WPeC's perspective we
// treat it as such to avoid creating a WPeC visitor profile for an AJAX rerquest that doesn't need
// WPeC functionality.
if (!$is_bot && (defined('DOING_AJAX') && DOING_AJAX) && !_wpsc_doing_wpsc_ajax_request()) {
$is_bot = true;
}
if (!$is_bot && strpos($_SERVER['REQUEST_URI'], '?wpsc_action=rss')) {
$is_bot = true;
}
// Cron jobs are not flesh originated
if (!$is_bot && (defined('DOING_CRON') && DOING_CRON)) {
$is_bot = true;
}
// XML RPC requests are probably from cybernetic beasts
if (!$is_bot && (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)) {
$is_bot = true;
}
// coming to login first, after the user logs in we know they are a live being, until then they are something else
if (!$is_bot && (strpos($_SERVER['PHP_SELF'], 'wp-login') || strpos($_SERVER['PHP_SELF'], 'wp-register'))) {
$is_bot = true;
}
if (!$is_bot && !empty($_SERVER['HTTP_USER_AGENT'])) {
// the user agent could be google bot, bing bot or some other bot, one would hope real user agents do not have the
// string 'bot|spider|crawler|preview' in them, there are bots that don't do us the kindness of identifying themselves as such,
// check for the user being logged in in a real user is using a bot to access content from our site
$bot_agent_strings = array('robot', 'bot', 'crawler', 'spider', 'preview', 'WordPress');
$bot_agent_strings = apply_filters('wpsc_bot_user_agents', $bot_agent_strings);
foreach ($bot_agent_strings as $bot_agent_string) {
if (stripos($_SERVER['HTTP_USER_AGENT'], $bot_agent_string) !== false) {
$is_bot = true;
break;
}
}
}
}
$is_bot = apply_filters('wpsc_is_bot_user', $is_bot);
return $is_bot;
}