function tdomf_moderation_handler()
{
    $message .= "";
    # this means a post was deleted
    #
    if (isset($_REQUEST['deleted'])) {
        $message .= __("Submissions deleted. ", "tdomf");
    }
    // bulk actions
    if (isset($_REQUEST['doaction']) && isset($_REQUEST['action']) && isset($_REQUEST['post'])) {
        $posts = $_REQUEST['post'];
        $action = $_REQUEST['action'];
        if ($action != -1 && is_array($posts) && !empty($posts)) {
            check_admin_referer('tdomf-moderate-bulk');
            switch ($action) {
                case 'spam_recheck':
                    $spam_list = array();
                    $ham_list = array();
                    foreach ($posts as $post) {
                        if (tdomf_check_submissions_spam($post)) {
                            $ham_list[] = $post;
                        } else {
                            $spam_list[] = $post;
                        }
                    }
                    tdomf_log_message('Akismet thinks these submissions are spam: ' . implode(", ", $spam_list));
                    $message .= sprintf(__("Marked these submissions as spam: %s.", "tdomf"), implode(", ", $spam_list));
                    tdomf_log_message('Akismet thinks these posts are not spam: ' . implode(", ", $ham_list));
                    $message .= " ";
                    $message .= sprintf(__("Marked these submissions as not spam: %s.", "tdomf"), implode(", ", $ham_list));
                    break;
                case 'delete':
                    foreach ($posts as $p) {
                        wp_delete_post($p);
                    }
                    tdomf_log_message('Deleted ' . implode(", ", $posts) . ' posts');
                    $message .= sprintf(__("Deleted submissions: %s", "tdomf"), implode(", ", $posts));
                    break;
                case 'publish_now':
                    $list = "";
                    foreach ($posts as $p) {
                        if (!get_post_meta($p, TDOMF_KEY_SPAM)) {
                            // if we're going to publish the post, then it's not spam!
                            tdomf_ham_post($p);
                        }
                        tdomf_publish_post($p, false);
                        $list .= "<a href=\"" . get_permalink($p) . "\">" . $p . "</a>, ";
                    }
                    tdomf_log_message("Published {$list} posts");
                    $message .= sprintf(__("Attempted to published these submissions immediately: %s", "tdomf"), $list);
                    break;
                case 'publish':
                    $list = "";
                    foreach ($posts as $p) {
                        if (!get_post_meta($p, TDOMF_KEY_SPAM)) {
                            // if we're going to publish the post, then it's not spam!
                            tdomf_ham_post($p);
                        }
                        tdomf_publish_post($p);
                        $list .= "<a href=\"" . get_permalink($p) . "\">" . $p . "</a>, ";
                    }
                    tdomf_log_message("Published or queued {$list} posts");
                    $message .= sprintf(__("Attempted to publish or queue these submissions: %s", "tdomf"), $list);
                    break;
                case 'unpublish':
                    foreach ($posts as $p) {
                        tdomf_unpublish_post($p);
                    }
                    tdomf_log_message("Un-published " . implode(", ", $posts) . " posts");
                    $message .= sprintf(__("Attempted to un-publish theses submissions: %s", "tdomf"), implode(", ", $posts));
                    break;
                case 'spamit':
                    $spams = array();
                    foreach ($posts as $p) {
                        if (!get_post_meta($p, TDOMF_KEY_SPAM)) {
                            tdomf_spam_post($p);
                            $spams[] = $p;
                        }
                    }
                    tdomf_log_message("Marked as spam " . implode(", ", $spams) . " posts");
                    $message .= sprintf(__("Marked these submissions as spam: %s", "tdomf"), implode(", ", $spams));
                    break;
                case 'hamit':
                    $hams = array();
                    foreach ($posts as $p) {
                        if (get_post_meta($p, TDOMF_KEY_SPAM)) {
                            tdomf_spam_post($p);
                            $hams[] = $p;
                        }
                    }
                    if (!empty($hams)) {
                        tdomf_log_message("Marked as ham " . implode(", ", $hams) . " posts");
                        $message .= sprintf(__("Marked these submissions as not spam: %s", "tdomf"), implode(", ", $hams));
                    }
                    break;
                case 'lock':
                    $locks = array();
                    foreach ($posts as $p) {
                        if (!get_post_meta($p, TDOMF_KEY_LOCK)) {
                            add_post_meta($p, TDOMF_KEY_LOCK, true, true);
                            $locks[] = $p;
                        }
                    }
                    if (!empty($locks)) {
                        tdomf_log_message("Locked " . implode(", ", $locks) . " posts");
                        $message .= sprintf(__("Locked these posts/pages from editing: %s", "tdomf"), implode(", ", $locks));
                    }
                    break;
                case 'unlock':
                    $locks = array();
                    foreach ($posts as $p) {
                        if (get_post_meta($p, TDOMF_KEY_LOCK)) {
                            delete_post_meta($p, TDOMF_KEY_LOCK);
                            $locks[] = $p;
                        }
                    }
                    if (!empty($locks)) {
                        tdomf_log_message("Unlocked " . implode(", ", $locks) . " posts");
                        $message .= sprintf(__("Unlocked these posts/pages: %s", "tdomf"), implode(", ", $locks));
                    }
                    break;
                case 'edit_spam_recheck':
                    $spam_list = array();
                    $ham_list = array();
                    $edit_spam_list = array();
                    $edit_ham_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if ($last_edit != false && !empty($last_edit)) {
                            if (tdomf_check_edit_spam($last_edit[0]->edit_id, false)) {
                                $ham_list[] = $post;
                                $edit_ham_list[] = $last_edit[0]->edit_id;
                            } else {
                                $spam_list[] = $post;
                                $edit_spam_list[] = $last_edit[0]->edit_id;
                            }
                        }
                    }
                    tdomf_log_message('Akismet thinks these edits are spam: ' . implode(", ", $edit_spam_list));
                    $message .= sprintf(__("Marked last contribution on these submissions as spam: %s.", "tdomf"), implode(", ", $spam_list));
                    tdomf_log_message('Akismet thinks these edits are not spam: ' . implode(", ", $edit_ham_list));
                    $message .= " ";
                    $message .= sprintf(__("Marked last contribution on these submissions as not spam: %s.", "tdomf"), implode(", ", $ham_list));
                    break;
                case 'edit_approve':
                    $edit_list = array();
                    $post_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if (!empty($last_edit) && $last_edit[0]->state != 'approved') {
                            $edit_list[] = $last_edit[0]->edit_id;
                            $post_list[] = $post;
                            $user_id = $last_edit[0]->user_id;
                            if ($last_edit[0]->state == 'spam') {
                                tdomf_hamit_edit($last_edit[0]);
                            }
                            wp_restore_post_revision($edit->revision_id);
                            tdomf_set_state_edit('approved', $last_edit[0]->edit_id);
                            if ($user_id > 0) {
                                tdomf_trust_user($user_id);
                            }
                        }
                    }
                    tdomf_log_message('These edits have been approved: ' . implode(", ", $edit_list));
                    $message .= sprintf(__("Approved contributions on these submissions: %s.", "tdomf"), implode(", ", $post_list));
                    break;
                case 'edit_revert':
                    $edit_list = array();
                    $post_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if (!empty($last_edit) && $last_edit[0]->state == 'approved' && $last_edit[0]->revision_id != 0 && $last_edit[0]->current_revision_id != 0) {
                            $edit_list[] = $last_edit[0]->edit_id;
                            $post_list[] = $post;
                            wp_restore_post_revision($last_edit[0]->current_revision_id);
                            tdomf_set_state_edit('unapproved', $last_edit[0]->edit_id);
                        }
                    }
                    tdomf_log_message('These edits have been reverted: ' . implode(", ", $edit_list));
                    $message .= sprintf(__("Latest contribution on these submissions have been reverted: %s.", "tdomf"), implode(", ", $post_list));
                    break;
                case 'edit_delete':
                    $edit_list = array();
                    $post_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if (!empty($last_edit) && $last_edit[0]->state != 'approved') {
                            $edit_list[] = $last_edit[0]->edit_id;
                            $post_list[] = $post;
                            if ($last_edit[0]->revision_id != 0) {
                                wp_delete_post_revision($edit->revision_id);
                                tdomf_log_message("Deleting revision " . $last_edit[0]->revision_id . " on post " . $post);
                            }
                            if ($last_edit[0]->current_revision_id != 0) {
                                wp_delete_post_revision($last_edit[0]->current_revision_id);
                                tdomf_log_message("Deleting revision " . $last_edit[0]->current_revision_id . " on post " . $post);
                            }
                        }
                        tdomf_delete_edits($edit_list);
                    }
                    tdomf_log_message('These edits have been deleted: ' . implode(", ", $edit_list));
                    $message .= sprintf(__("Latest contribution on these submissions have been deleted: %s.", "tdomf"), implode(", ", $post_list));
                    break;
                case 'edit_spamit':
                    $edit_list = array();
                    $post_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if (!empty($last_edit) && $last_edit[0]->state != 'spam') {
                            $edit_list[] = $last_edit[0]->edit_id;
                            $post_list[] = $post;
                            tdomf_spamit_edit($last_edit[0]);
                        }
                    }
                    tdomf_log_message('These edits have been marked as spam: ' . implode(", ", $edit_list));
                    $message .= sprintf(__("Latest contribution on these submissions have been marked as spam: %s.", "tdomf"), implode(", ", $post_list));
                    break;
                case 'edit_hamit':
                    $edit_list = array();
                    $post_list = array();
                    foreach ($posts as $post) {
                        $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1));
                        if (!empty($last_edit) && $last_edit[0]->state == 'soam') {
                            $edit_list[] = $last_edit[0]->edit_id;
                            $post_list[] = $post;
                            tdomf_hamit_edit($last_edit[0]);
                        }
                    }
                    tdomf_log_message('These edits have been marked as not spam: ' . implode(", ", $edit_list));
                    $message .= sprintf(__("Latest contribution on these submissions have been marked as not being spam: %s.", "tdomf"), implode(", ", $post_list));
                    break;
                default:
                    tdomf_log_message('Unexpected bulk action ' . $action . ' in moderation screen!', TDOMF_LOG_BAD);
                    $message .= sprintf(__("Unrecognised bulk action %s,", "tdomf"), $action);
                    break;
            }
        }
        // else no posts selected or bulk actions
        // individual actions
        // operations on posts/pages (submissions)
    } else {
        if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'publish_now') {
            $post_id = $_REQUEST['post'];
            check_admin_referer('tdomf-publish_' . $post_id);
            // if we're going to publish the post, then it's not spam!
            tdomf_ham_post($post_id);
            tdomf_publish_post($post_id, false);
            tdomf_log_message("Published post {$post_id}");
            $message .= sprintf(__("Published post <a href=\"%s\">%d</a>.", "tdomf"), get_permalink($post_id), $post_id);
        } else {
            if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'publish') {
                $post_id = $_REQUEST['post'];
                check_admin_referer('tdomf-publish_' . $post_id);
                // if we're going to publish the post, then it's not spam!
                tdomf_ham_post($post_id);
                tdomf_publish_post($post_id);
                tdomf_log_message("Published post {$post_id}");
                $message .= sprintf(__("Published post <a href=\"%s\">%d</a>.", "tdomf"), get_permalink($post_id), $post_id);
            } else {
                if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'unpublish') {
                    $post_id = $_REQUEST['post'];
                    check_admin_referer('tdomf-unpublish_' . $post_id);
                    tdomf_unpublish_post($post_id);
                    tdomf_log_message("Unpublished post {$post_id}");
                    $message .= sprintf(__("Unpublished post %d.", "tdomf"), $post_id);
                } else {
                    if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'spamit') {
                        $post_id = $_REQUEST['post'];
                        check_admin_referer('tdomf-spamit_' . $post_id);
                        if (!get_post_meta($post_id, TDOMF_KEY_SPAM)) {
                            tdomf_spam_post($post_id);
                            tdomf_log_message("Post {$post_id} submitted as spam");
                            $message .= sprintf(__("Post %d flagged as spam", "tdomf"), $post_id);
                        } else {
                            $message .= sprintf(__("Did not flag post %d as being spam as it is already flagged appropriately.", "tdomf"), $post_id);
                        }
                    } else {
                        if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'hamit') {
                            $post_id = $_REQUEST['post'];
                            check_admin_referer('tdomf-hamit_' . $post_id);
                            if (get_post_meta($post_id, TDOMF_KEY_SPAM)) {
                                tdomf_ham_post($post_id);
                                tdomf_log_message("Post {$post_id} submitted as ham");
                                $message .= sprintf(__("Post %d flagged as not being spam", "tdomf"), $post_id);
                            } else {
                                $message .= sprintf(__("Did not flag post %d as not being spam as it is already flagged appropriately.", "tdomf"), $post_id);
                            }
                        } else {
                            if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'lock') {
                                $post_id = $_REQUEST['post'];
                                check_admin_referer('tdomf-lock_' . $post_id);
                                if (!get_post_meta($post_id, TDOMF_KEY_LOCK)) {
                                    add_post_meta($post_id, TDOMF_KEY_LOCK, true, true);
                                    tdomf_log_message("Post {$post_id} locked");
                                    $message .= sprintf(__("Post %d is now locked from editing", "tdomf"), $post_id);
                                } else {
                                    $message .= sprintf(__("Post %d is already locked from editing.", "tdomf"), $post_id);
                                }
                            } else {
                                if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'unlock') {
                                    $post_id = $_REQUEST['post'];
                                    check_admin_referer('tdomf-unlock_' . $post_id);
                                    if (get_post_meta($post_id, TDOMF_KEY_LOCK)) {
                                        delete_post_meta($post_id, TDOMF_KEY_LOCK);
                                        tdomf_log_message("Post {$post_id} unlocked");
                                        $message .= sprintf(__("Post %d is now unlocked.", "tdomf"), $post_id);
                                    } else {
                                        $message .= sprintf(__("Post %d is already unlocked.", "tdomf"), $post_id);
                                    }
                                } else {
                                    if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'approve_edit') {
                                        $edit_id = $_REQUEST['edit'];
                                        check_admin_referer('tdomf-approve_edit_' . $edit_id);
                                        $edit = tdomf_get_edit($edit_id);
                                        if ($edit && ($edit->state == 'spam' || $edit->state == 'unapproved')) {
                                            if ($edit->state == 'spam') {
                                                tdomf_hamit_edit($edit);
                                            }
                                            wp_restore_post_revision($edit->revision_id);
                                            tdomf_set_state_edit('approved', $edit_id);
                                            if ($edit->user_id > 0) {
                                                tdomf_trust_user($edit->user_id);
                                            }
                                            tdomf_log_message("Edit {$edit_id} has been approved on post " . $edit->post_id);
                                            $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been approved and published', "tdomf"), get_permalink($edit->post_id), $edit->post_id);
                                        } else {
                                            tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD);
                                            $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id);
                                        }
                                    } else {
                                        if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'revert_edit') {
                                            $edit_id = $_REQUEST['edit'];
                                            check_admin_referer('tdomf-revert_edit_' . $edit_id);
                                            $edit = tdomf_get_edit($edit_id);
                                            if ($edit && $edit->state == 'approved' && $edit->revision_id != 0 && $edit->current_revision_id != 0) {
                                                wp_restore_post_revision($edit->current_revision_id);
                                                tdomf_set_state_edit('unapproved', $edit_id);
                                                tdomf_log_message("Edit {$edit_id} on post " . $edit->post_id . " has been reverted");
                                                $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has reverted to previous revision', "tdomf"), get_permalink($edit->post_id), $edit->post_id);
                                            } else {
                                                tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD);
                                                $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id);
                                            }
                                        } else {
                                            if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete_edit') {
                                                $edit_id = $_REQUEST['edit'];
                                                check_admin_referer('tdomf-delete_edit_' . $edit_id);
                                                $edit = tdomf_get_edit($edit_id);
                                                if ($edit && $edit->state != 'approved') {
                                                    $post_id = $edit->post_id;
                                                    if ($edit->revision_id != 0) {
                                                        wp_delete_post_revision($edit->revision_id);
                                                        tdomf_log_message("Deleting revision {$revision_id} on post " . $post_id);
                                                    }
                                                    if ($edit->current_revision_id != 0) {
                                                        wp_delete_post_revision($edit->current_revision_id);
                                                        tdomf_log_message("Deleting revision {$current_revision_id} on post " . $post_id);
                                                    }
                                                    tdomf_delete_edits(array($edit_id));
                                                    tdomf_log_message("Edit {$edit_id} on post " . $post_id . " has been deleted");
                                                    $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has deleted', "tdomf"), get_permalink($edit->post_id), $edit->post_id);
                                                } else {
                                                    tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD);
                                                    $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id);
                                                }
                                            } else {
                                                if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'spamit_edit') {
                                                    $edit_id = $_REQUEST['edit'];
                                                    check_admin_referer('tdomf-spamit_edit_' . $edit_id);
                                                    $edit = tdomf_get_edit($edit_id);
                                                    if ($edit && $edit->state != 'spam') {
                                                        tdomf_spamit_edit($edit);
                                                        tdomf_log_message("Marking edit {$edit_id} as spam!");
                                                        $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been flagged as spam', "tdomf"), get_permalink($edit->post_id), $edit->post_id);
                                                    } else {
                                                        tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD);
                                                        $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id);
                                                    }
                                                } else {
                                                    if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'hamit_edit') {
                                                        $edit_id = $_REQUEST['edit'];
                                                        check_admin_referer('tdomf-hamit_edit_' . $edit_id);
                                                        $edit = tdomf_get_edit($edit_id);
                                                        if ($edit && $edit->state == 'spam') {
                                                            tdomf_spamit_edit($edit);
                                                            tdomf_log_message("Marking edit {$edit_id} as not spam!");
                                                            $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been flagged as not being spam', "tdomf"), get_permalink($edit->post_id), $edit->post_id);
                                                        } else {
                                                            tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD);
                                                            $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id);
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
    if (!empty($message)) {
        ?>
      <div id="message" class="updated fade"><p><?php 
        echo $message;
        ?>
</p></div>
   <?php 
    }
}
Example #2
0
function tdomf_ham_edit($edit_id)
{
    if (!get_option(TDOMF_OPTION_SPAM)) {
        return;
    }
    $akismet_key = get_option(TDOMF_OPTION_SPAM_AKISMET_KEY);
    if (empty($akismet_key)) {
        tdomf_log_message("No Akismet key set, cannot submit spam for edit {$edit_id}!", TDOMF_LOG_ERROR);
        return;
    }
    $edit = tdomf_get_edit($edit_id);
    if (empty($edit)) {
        tdomf_log_message("Invalid edit data for {$edit_id}. Can't check if spam", TDOMF_LOG_ERROR);
        return true;
    }
    if ($edit->state != 'spam') {
        tdomf_log_message("Edit {$edit_id} is not spam!", TDOMF_LOG_BAD);
        return;
    }
    $query_data = array();
    if (!empty($edit->ip)) {
        $query_data['user_ip'] = $edit->ip;
    }
    if (!isset($edit->data['HTTP_USER_AGENT'])) {
        $query_data['user_agent'] = $edit->data['HTTP_USER_AGENT'];
    }
    if (!isset($edit->data['HTTP_REFERER'])) {
        $query_data['referrer'] = $edit->data['HTTP_REFERER'];
    }
    $query_data['blog'] = get_option('home');
    $query_data['comment_type'] = 'edit-entry';
    if ($edit->user_id != 0) {
        $user = get_userdata($edit->user_id);
        $query_data['comment_author_email'] = $user->user_email;
        if (!empty($user->user_url)) {
            $query_data['comment_author_url'] = $user->user_url;
        }
        $query_data['comment_author'] = $user->display_name;
    } else {
        if (isset($edit->data[TDOMF_KEY_NAME])) {
            $query_data['comment_author'] = $edit->data[TDOMF_KEY_NAME];
        }
        if (isset($edit->data[TDOMF_KEY_EMAIL])) {
            $query_data['comment_author_email'] = $edit->data[TDOMF_KEY_EMAIL];
        }
        if (isset($edit->data[TDOMF_KEY_WEB])) {
            $query_data['comment_author_url'] = $edit->data[TDOMF_KEY_WEB];
        }
    }
    # test - should trigger spam response
    #$query_data['comment_author'] = 'viagra-test-123';
    if ($edit->revision_id == 0) {
        $post_data = wp_get_single_post($edit->post_id, ARRAY_A);
    } else {
        $post_data = wp_get_single_post($edit->revision_id, ARRAY_A);
    }
    $query_data['comment_content'] = $post_data['post_content'];
    $query_string = '';
    foreach ($query_data as $key => $data) {
        $query_string .= $key . '=' . urlencode(stripslashes($data)) . '&';
    }
    tdomf_log_message_extra("{$akismet_key}.rest.akismet.com/1.1/comment-check<br/>{$query_string}");
    $response = tdomf_akismet_send($query_string, $akismet_key . ".rest.akismet.com", "/1.1/submit-ham", 80);
    // unflag spam
    //
    tdomf_set_state_edit('unapproved', $edit_id);
    $spam_count = get_option(TDOMF_STAT_SPAM);
    if ($spam_count == false) {
        add_option(TDOMF_STAT_SPAM, 0);
    } else {
        update_option(TDOMF_STAT_SPAM, $spam_count--);
    }
    $edited_count = get_option(TDOMF_STAT_EDITED);
    if ($edited_count == false) {
        add_option(TDOMF_STAT_EDITED, 1);
    } else {
        update_option(TDOMF_STAT_EDITED, $edited_count++);
    }
    tdomf_log_message("Edit {$edit_id} has been submitted as ham to Akismet<br/><pre>" . var_export($response, true) . "</pre>");
}