/**
* CleanTalk integrate register hook
* @param array $regOptions
* @param array $theme_vars
* @return void
*/
function cleantalk_check_register(&$regOptions, $theme_vars)
{
global $language, $user_info, $modSettings;
if ($regOptions['interface'] == 'admin') {
return;
}
$ct = new Cleantalk();
$ct->server_url = CT_SERVER_URL;
$ct_request = new CleantalkRequest();
$ct_request->auth_key = cleantalk_get_api_key();
$ct_request->response_lang = 'en';
// SMF use any charset and language
$ct_request->agent = CT_AGENT_VERSION;
$ct_request->sender_email = isset($regOptions['email']) ? $regOptions['email'] : '';
$ip = isset($regOptions['register_vars']['member_ip']) ? $regOptions['register_vars']['member_ip'] : $_SERVER['REMOTE_ADDR'];
$ct_request->sender_ip = $ct->ct_session_ip($ip);
$ct_request->sender_nickname = isset($regOptions['username']) ? $regOptions['username'] : '';
$ct_request->submit_time = cleantalk_get_form_submit_time();
$ct_request->js_on = cleantalk_is_valid_js() ? 1 : 0;
$ct_request->sender_info = json_encode(array('REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null, 'cms_lang' => substr($language, 0, 2), 'USER_AGENT' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : null));
if (defined('CT_DEBUG') && CT_DEBUG) {
log_error('CleanTalk request: ' . var_export($ct_request, true), 'user');
}
/**
* @var CleantalkResponse $ct_result CleanTalk API call result
*/
$ct_result = $ct->isAllowUser($ct_request);
if ($ct_result->errno != 0 && !cleantalk_is_valid_js()) {
cleantalk_log('deny registration (errno !=0, invalid js test)' . strip_tags($ct_result->comment));
fatal_error('CleanTalk: ' . strip_tags($ct_result->comment), false);
return;
}
if ($ct_result->inactive == 1) {
// need admin approval
cleantalk_log('need approval for "' . $regOptions['username'] . '"');
$regOptions['register_vars']['is_activated'] = 3;
// waiting for admin approval
$regOptions['require'] = 'approval';
if (!isset($modSettings['notify_new_registration']) || empty($modSettings['notify_new_registration'])) {
// temporarly turn on notify for new registration
$modSettings['notify_new_registration'] = 1;
}
// add Cleantalk message to email template
$user_info['cleantalkmessage'] = $ct_result->comment;
// temporarly turn on registration_method to approval_after
$modSettings['registration_method'] = 2;
return;
}
if ($ct_result->allow == 0) {
// this is bot, stop registration
cleantalk_log('deny registration' . strip_tags($ct_result->comment));
fatal_error('CleanTalk: ' . strip_tags($ct_result->comment), false);
} else {
// all ok, only logging
cleantalk_log('allow regisration for "' . $regOptions['username'] . '"');
}
}
/**
* Test S2member registration
* @return array with errors
*/
function ct_s2member_registration_test()
{
global $ct_agent_version, $ct_post_data_label, $ct_post_data_authnet_label, $ct_formtime_label, $ct_options, $ct_data;
$ct_options = ct_get_options();
$ct_data = ct_get_data();
if ($ct_options['registrations_test'] == 0) {
return null;
}
$submit_time = submit_time_test();
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
require_once 'cleantalk.class.php';
$sender_info = get_sender_info();
$sender_info = json_encode($sender_info);
if ($sender_info === false) {
$sender_info = '';
}
$sender_email = null;
if (isset($_POST[$ct_post_data_label]['email'])) {
$sender_email = $_POST[$ct_post_data_label]['email'];
}
if (isset($_POST[$ct_post_data_authnet_label]['email'])) {
$sender_email = $_POST[$ct_post_data_authnet_label]['email'];
}
$sender_nickname = null;
if (isset($_POST[$ct_post_data_label]['username'])) {
$sender_nickname = $_POST[$ct_post_data_label]['username'];
}
if (isset($_POST[$ct_post_data_authnet_label]['username'])) {
$sender_nickname = $_POST[$ct_post_data_authnet_label]['username'];
}
$config = get_option('cleantalk_server');
$ct = new Cleantalk();
$ct->work_url = $config['ct_work_url'];
$ct->server_url = $ct_options['server'];
$ct->server_ttl = $config['ct_server_ttl'];
$ct->server_changed = $config['ct_server_changed'];
$ct->ssl_on = $ct_options['ssl_on'];
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_options['apikey'];
$ct_request->sender_email = $sender_email;
$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
$ct_request->sender_nickname = $sender_nickname;
$ct_request->agent = $ct_agent_version;
$ct_request->sender_info = $sender_info;
$ct_request->js_on = $checkjs;
$ct_request->submit_time = $submit_time;
$ct_result = $ct->isAllowUser($ct_request);
if ($ct->server_change) {
update_option('cleantalk_server', array('ct_work_url' => $ct->work_url, 'ct_server_ttl' => $ct->server_ttl, 'ct_server_changed' => time()));
}
if ($ct_result->errno != 0) {
return false;
}
// Restart submit form counter for failed requests
if ($ct_result->allow == 0) {
$_SESSION[$ct_formtime_label] = time();
}
if ($ct_result->allow == 0) {
ct_die_extended($ct_result->comment);
}
return true;
}
protected function _checkSpam($spam_check, $options)
{
require_once 'CleanTalk/Base/cleantalk.class.php';
$ct_authkey = $options->get('cleantalk', 'apikey');
$dataRegistryModel = $this->getModelFromCache('XenForo_Model_DataRegistry');
$ct_ws = $dataRegistryModel->get('cleantalk_ws');
if (!$ct_ws) {
$ct_ws = array('work_url' => 'http://moderate.cleantalk.ru', 'server_url' => 'http://moderate.cleantalk.ru', 'server_ttl' => 0, 'server_changed' => 0);
}
$field_name = CleanTalk_Base_CleanTalk::getCheckjsName();
if (!isset($_COOKIE[$field_name])) {
$checkjs = NULL;
} elseif (in_array($_COOKIE[$field_name], CleanTalk_Base_CleanTalk::getCheckJSArray())) {
$checkjs = 1;
} else {
$checkjs = 0;
}
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$refferrer = $_SERVER['HTTP_REFERER'];
$ct = new Cleantalk();
$ct->work_url = $ct_ws['work_url'];
$ct->server_url = $ct_ws['server_url'];
$ct->server_ttl = $ct_ws['server_ttl'];
$ct->server_changed = $ct_ws['server_changed'];
$options = XenForo_Application::getOptions();
$ct_options = array('enabled' => $options->get('cleantalk', 'enabled'), 'apikey' => $options->get('cleantalk', 'apikey'));
$sender_info = json_encode(array('cms_lang' => 'en', 'REFFERRER' => $refferrer, 'post_url' => $refferrer, 'USER_AGENT' => $user_agent, 'ct_options' => json_encode($ct_options)));
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_authkey;
$ct_request->agent = 'xenforo-15';
$ct_request->response_lang = 'en';
$ct_request->js_on = $checkjs;
$ct_request->sender_info = $sender_info;
$ct_request->sender_email = $spam_check['sender_email'];
$ct_request->sender_nickname = $spam_check['sender_nickname'];
$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
$ct_submit_time = NULL;
// session_start();
switch ($spam_check['type']) {
case 'comment':
$stored_time = XenForo_Application::getSession()->get('ct_submit_comment_time');
if (isset($stored_time)) {
$ct_submit_time = time() - $stored_time;
}
$timelabels_key = 'e_comm';
$ct_request->submit_time = $ct_submit_time;
$ct_request->message = $spam_check['message_title'] . " \n\n" . $spam_check['message_body'];
$example = '';
$a_example = array();
$a_example['title'] = $spam_check['example_title'];
$a_example['body'] = $spam_check['example_body'];
$a_example['comments'] = $spam_check['example_comments'];
// Additional info.
$post_info = '';
$a_post_info['comment_type'] = 'comment';
// JSON format.
$example = json_encode($a_example);
$post_info = json_encode($a_post_info);
// Plain text format.
if ($example === FALSE) {
$example = '';
$example .= $a_example['title'] . " \n\n";
$example .= $a_example['body'] . " \n\n";
$example .= $a_example['comments'];
}
if ($post_info === FALSE) {
$post_info = '';
}
// Example text + last N comments in json or plain text format.
$ct_request->example = $example;
$ct_request->post_info = $post_info;
$ct_result = $ct->isAllowMessage($ct_request);
break;
case 'register':
$stored_time = XenForo_Application::getSession()->get('ct_submit_register_time');
if (isset($stored_time)) {
$ct_submit_time = time() - $stored_time;
}
$timelabels_key = 'e_reg';
$ct_request->submit_time = $ct_submit_time;
$ct_request->tz = $spam_check['timezone'];
$ct_result = $ct->isAllowUser($ct_request);
break;
}
$ret_val = array();
$ret_val['ct_request_id'] = $ct_result->id;
if ($ct->server_change) {
$dataRegistryModel->set('cleantalk_ws', array('work_url' => $ct->work_url, 'server_url' => $ct->server_url, 'server_ttl' => $ct->server_ttl, 'server_changed' => time()));
}
// First check errstr flag.
if (!empty($ct_result->errstr) || !empty($ct_result->inactive) && $ct_result->inactive == 1) {
// Cleantalk error so we go default way (no action at all).
$ret_val['errno'] = 1;
// Just inform admin.
//$err_title = $_SERVER['SERVER_NAME'] . ' - CleanTalk hook error';
if (!empty($ct_result->errstr)) {
$ret_val['errstr'] = $this->_filterResponse($ct_result->errstr);
} else {
$ret_val['errstr'] = $this->_filterResponse($ct_result->comment);
}
$send_flag = FALSE;
$ct_time = $dataRegistryModel->get('cleantalk_' . $timelabels_key);
if (!$ct_time) {
$send_flag = TRUE;
} elseif (time() - 900 > $ct_time[0]) {
// 15 minutes.
$send_flag = TRUE;
}
if ($send_flag) {
$dataRegistryModel->set('cleantalk_' . $timelabels_key, array(time()));
$mail = XenForo_Mail::create('cleantalk_error', array('plainText' => $ret_val['errstr'], 'htmlText' => nl2br($ret_val['errstr'])));
$mail->send($options->get('contactEmailAddress'));
}
return $ret_val;
}
$ret_val['errno'] = 0;
if ($ct_result->allow == 1) {
// Not spammer.
$ret_val['allow'] = 1;
/*
// Store request_id in globals to store it in DB later.
_cleantalk_ct_result('set', $ct_result->id);
// Don't store 'ct_result_comment', means good comment.
*/
} else {
// Spammer.
$ret_val['allow'] = 0;
$ret_val['ct_result_comment'] = $this->_filterResponse($ct_result->comment);
// Check stop_queue flag.
if ($spam_check['type'] == 'comment' && $ct_result->stop_queue == 0) {
// Spammer and stop_queue == 0 - to manual approvement.
$ret_val['stop_queue'] = 0;
/*
// Store request_id and comment in static to store them in DB later.
// Store 'ct_result_comment' - means bad comment.
_cleantalk_ct_result('set', $ct_result->id, $ret_val['ct_result_comment']);
*/
} else {
// New user or Spammer and stop_queue == 1 - display form error message.
$ret_val['stop_queue'] = 1;
}
}
return $ret_val;
}
/**
* Universal method for checking comment or new user for spam
* It makes checking itself
* @param &array Entity to check (comment or new user)
* @param boolean Notify admin about errors by email or not (default FALSE)
* @return array|null Checking result or NULL when bad params
*/
static function CheckSpam(&$arEntity, $bSendEmail = FALSE)
{
if (!is_array($arEntity) || !array_key_exists('type', $arEntity)) {
return;
}
$type = $arEntity['type'];
if ($type != 'comment' && $type != 'register') {
return;
}
$ct_key = Mage::getStoreConfig('general/cleantalk/api_key');
$ct_ws = self::GetWorkServer();
if (!(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')) {
if (!session_id()) {
session_start();
}
}
//This one is causing errors with ajax
if (!isset($_COOKIE['ct_checkjs'])) {
$checkjs = NULL;
} elseif ($_COOKIE['ct_checkjs'] == self::GetCheckJSValue()) {
$checkjs = 1;
} else {
$checkjs = 0;
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$user_agent = htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']);
} else {
$user_agent = NULL;
}
if (isset($_SERVER['HTTP_REFERER'])) {
$refferrer = htmlspecialchars((string) $_SERVER['HTTP_REFERER']);
} else {
$refferrer = NULL;
}
$ct_language = 'en';
$sender_info = array('cms_lang' => $ct_language, 'REFFERRER' => $refferrer, 'post_url' => $refferrer, 'USER_AGENT' => $user_agent);
$sender_info = json_encode($sender_info);
require_once 'lib/cleantalk.class.php';
$ct = new Cleantalk();
$ct->work_url = $ct_ws['work_url'];
$ct->server_url = $ct_ws['server_url'];
$ct->server_ttl = $ct_ws['server_ttl'];
$ct->server_changed = $ct_ws['server_changed'];
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$forwarded_for = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? htmlentities($_SERVER['HTTP_X_FORWARDED_FOR']) : '';
}
$sender_ip = !empty($forwarded_for) ? $forwarded_for : $_SERVER['REMOTE_ADDR'];
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_key;
$ct_request->sender_email = isset($arEntity['sender_email']) ? $arEntity['sender_email'] : '';
$ct_request->sender_nickname = isset($arEntity['sender_nickname']) ? $arEntity['sender_nickname'] : '';
$ct_request->sender_ip = isset($arEntity['sender_ip']) ? $arEntity['sender_ip'] : $sender_ip;
$ct_request->agent = 'magento-121';
$ct_request->js_on = $checkjs;
$ct_request->sender_info = $sender_info;
$ct_submit_time = NULL;
if (isset($_SESSION['ct_submit_time'])) {
$ct_submit_time = time() - $_SESSION['ct_submit_time'];
}
switch ($type) {
case 'comment':
$timelabels_key = 'mail_error_comment';
$ct_request->submit_time = $ct_submit_time;
$message_title = isset($arEntity['message_title']) ? $arEntity['message_title'] : '';
$message_body = isset($arEntity['message_body']) ? $arEntity['message_body'] : '';
$ct_request->message = $message_title . " \n\n" . $message_body;
$example = '';
$a_example['title'] = isset($arEntity['example_title']) ? $arEntity['example_title'] : '';
$a_example['body'] = isset($arEntity['example_body']) ? $arEntity['example_body'] : '';
$a_example['comments'] = isset($arEntity['example_comments']) ? $arEntity['example_comments'] : '';
// Additional info.
$post_info = '';
$a_post_info['comment_type'] = 'comment';
// JSON format.
$example = json_encode($a_example);
$post_info = json_encode($a_post_info);
// Plain text format.
if ($example === FALSE) {
$example = '';
$example .= $a_example['title'] . " \n\n";
$example .= $a_example['body'] . " \n\n";
$example .= $a_example['comments'];
}
if ($post_info === FALSE) {
$post_info = '';
}
// Example text + last N comments in json or plain text format.
$ct_request->example = $example;
$ct_request->post_info = $post_info;
$ct_result = $ct->isAllowMessage($ct_request);
break;
case 'register':
$timelabels_key = 'mail_error_reg';
$ct_request->submit_time = $ct_submit_time;
$ct_request->tz = isset($arEntity['user_timezone']) ? $arEntity['user_timezone'] : NULL;
$ct_result = $ct->isAllowUser($ct_request);
}
$ret_val = array();
$ret_val['ct_request_id'] = $ct_result->id;
if ($ct->server_change) {
self::SetWorkServer($ct->work_url, $ct->server_url, $ct->server_ttl, time());
}
// First check errstr flag.
if (!empty($ct_result->errstr) || !empty($ct_result->inactive) && $ct_result->inactive == 1) {
// Cleantalk error so we go default way (no action at all).
$ret_val['errno'] = 1;
$err_title = $_SERVER['SERVER_NAME'] . ' - CleanTalk module error';
if (!empty($ct_result->errstr)) {
if (preg_match('//u', $ct_result->errstr)) {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/iu', '', $ct_result->errstr);
} else {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/i', '', $ct_result->errstr);
}
} else {
if (preg_match('//u', $ct_result->comment)) {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/iu', '', $ct_result->comment);
} else {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/i', '', $ct_result->comment);
}
}
$ret_val['errstr'] = $err_str;
$timedata = FALSE;
$send_flag = FALSE;
$insert_flag = FALSE;
try {
$timelabels = Mage::getModel('antispam/timelabels');
$timelabels->load('mail_error');
$time = $timelabels->getData();
if (!$time || empty($time)) {
$send_flag = TRUE;
$insert_flag = TRUE;
} elseif (time() - 900 > $time['ct_value']) {
// 15 minutes
$send_flag = TRUE;
$insert_flag = FALSE;
}
} catch (Exception $e) {
$send_flag = FALSE;
Mage::log('Cannot operate with "cleantalk_timelabels" table.');
}
if ($send_flag) {
Mage::log($err_str);
if (!$insert_flag) {
$timelabels->setData('ct_key', 'mail_error');
}
$timelabels->setData('ct_value', time());
$timelabels->save();
$general_email = Mage::getStoreConfig('trans_email/ident_general/email');
$mail = Mage::getModel('core/email');
$mail->setToEmail($general_email);
$mail->setFromEmail($general_email);
$mail->setSubject($err_title);
$mail->setBody($_SERVER['SERVER_NAME'] . "\n\n" . $err_str);
$mail->setType('text');
try {
$mail->send();
} catch (Exception $e) {
Mage::log('Cannot send CleanTalk module error message to ' . $general_email);
}
}
return $ret_val;
}
$ret_val['errno'] = 0;
if ($ct_result->allow == 1) {
// Not spammer.
$ret_val['allow'] = 1;
} else {
$ret_val['allow'] = 0;
$ret_val['ct_result_comment'] = $ct_result->comment;
// Spammer.
// Check stop_queue flag.
if ($type == 'comment' && $ct_result->stop_queue == 0) {
// Spammer and stop_queue == 0 - to manual approvement.
$ret_val['stop_queue'] = 0;
} else {
// New user or Spammer and stop_queue == 1 - display message and exit.
$ret_val['stop_queue'] = 1;
}
}
return $ret_val;
}
/**
* Universal method for checking comment or new user for spam
* It makes checking itself
* Use it in your modules
* You must call it from OnBefore* events
* @param &array Entity to check (comment or new user)
* @param boolean Notify admin about errors by email or not (default FALSE)
* @return array|null Checking result or NULL when bad params
*/
static function CheckAllBefore(&$arEntity, $bSendEmail = FALSE)
{
global $DB;
if (!is_array($arEntity) || !array_key_exists('type', $arEntity)) {
CEventLog::Add(array('SEVERITY' => 'SECURITY', 'AUDIT_TYPE_ID' => 'CLEANTALK_E_INTERNAL', 'MODULE_ID' => 'cleantalk.antispam', 'DESCRIPTION' => GetMessage('CLEANTALK_E_PARAM')));
return;
}
$type = $arEntity['type'];
if ($type != 'comment' && $type != 'register') {
CEventLog::Add(array('SEVERITY' => 'SECURITY', 'AUDIT_TYPE_ID' => 'CLEANTALK_E_INTERNAL', 'MODULE_ID' => 'cleantalk.antispam', 'DESCRIPTION' => GetMessage('CLEANTALK_E_TYPE')));
return;
}
require_once dirname(__FILE__) . '/classes/general/cleantalk.class.php';
$ct_key = COption::GetOptionString('cleantalk.antispam', 'key', '0');
$ct_ws = self::GetWorkServer();
$ct_submit_time = NULL;
if (isset($_SESSION['ct_submit_time'])) {
$ct_submit_time = time() - $_SESSION['ct_submit_time'];
}
if (!isset($_COOKIE['ct_checkjs'])) {
$checkjs = NULL;
} elseif (in_array($_COOKIE['ct_checkjs'], self::GetCheckJSValues())) {
$checkjs = 1;
} else {
$checkjs = 0;
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$user_agent = htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']);
} else {
$user_agent = NULL;
}
if (isset($_SERVER['HTTP_REFERER'])) {
$refferrer = htmlspecialchars((string) $_SERVER['HTTP_REFERER']);
} else {
$refferrer = NULL;
}
$sender_info = array('cms_lang' => 'ru', 'REFFERRER' => $refferrer, 'post_url' => $refferrer, 'USER_AGENT' => $user_agent);
$sender_info = json_encode($sender_info);
$ct = new Cleantalk();
$ct->work_url = $ct_ws['work_url'];
$ct->server_url = $ct_ws['server_url'];
$ct->server_ttl = $ct_ws['server_ttl'];
$ct->server_changed = $ct_ws['server_changed'];
if (defined('BX_UTF')) {
$logicalEncoding = "utf-8";
} elseif (defined("SITE_CHARSET") && strlen(SITE_CHARSET) > 0) {
$logicalEncoding = SITE_CHARSET;
} elseif (defined("LANG_CHARSET") && strlen(LANG_CHARSET) > 0) {
$logicalEncoding = LANG_CHARSET;
} elseif (defined("BX_DEFAULT_CHARSET")) {
$logicalEncoding = BX_DEFAULT_CHARSET;
} else {
$logicalEncoding = "windows-1251";
}
$logicalEncoding = strtolower($logicalEncoding);
$ct->data_codepage = $logicalEncoding == 'utf-8' ? NULL : $logicalEncoding;
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_key;
$ct_request->sender_email = isset($arEntity['sender_email']) ? $arEntity['sender_email'] : '';
$ct_request->sender_nickname = isset($arEntity['sender_nickname']) ? $arEntity['sender_nickname'] : '';
$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
$ct_request->agent = 'bitrix-370';
$ct_request->response_lang = 'ru';
$ct_request->js_on = $checkjs;
$ct_request->sender_info = $sender_info;
switch ($type) {
case 'comment':
$timelabels_key = 'mail_error_comment';
$ct_request->submit_time = $ct_submit_time;
$ct_request->message = isset($arEntity['message_title']) ? $arEntity['message_title'] : '';
$ct_request->message .= "\n\n";
$ct_request->message .= isset($arEntity['message_body']) ? $arEntity['message_body'] : '';
$ct_request->example = isset($arEntity['example_title']) ? $arEntity['example_title'] : '';
$ct_request->example .= empty($ct_request->example) ? '' : "\n\n";
$ct_request->example .= isset($arEntity['example_body']) ? $arEntity['example_body'] : '';
$ct_request->example .= empty($ct_request->example) ? '' : "\n\n";
$ct_request->example .= isset($arEntity['example_comments']) ? $arEntity['example_comments'] : '';
if (empty($ct_request->example)) {
$ct_request->example = NULL;
}
$a_post_info['comment_type'] = 'comment';
$post_info = json_encode($a_post_info);
if ($post_info === FALSE) {
$post_info = '';
}
$ct_request->post_info = $post_info;
$ct_result = $ct->isAllowMessage($ct_request);
break;
case 'register':
$timelabels_key = 'mail_error_reg';
$ct_request->submit_time = $ct_submit_time;
$ct_request->tz = isset($arEntity['user_timezone']) ? $arEntity['user_timezone'] : NULL;
$ct_result = $ct->isAllowUser($ct_request);
}
$ret_val = array();
$ret_val['ct_request_id'] = $ct_result->id;
if ($ct->server_change) {
self::SetWorkServer($ct->work_url, $ct->server_url, $ct->server_ttl, time());
}
// First check errstr flag.
if (!empty($ct_result->errstr) || !empty($ct_result->inactive) && $ct_result->inactive == 1) {
// Cleantalk error so we go default way (no action at all).
$ret_val['errno'] = 1;
// Just inform admin.
$err_title = 'CleanTalk module error';
if (!empty($ct_result->errstr)) {
if (preg_match('//u', $ct_result->errstr)) {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/iu', '', $ct_result->errstr);
} else {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/i', '', $ct_result->errstr);
}
} else {
if (preg_match('//u', $ct_result->comment)) {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/iu', '', $ct_result->comment);
} else {
$err_str = preg_replace('/^[^\\*]*?\\*\\*\\*|\\*\\*\\*[^\\*]*?$/i', '', $ct_result->comment);
}
}
$ret_val['errstr'] = $err_str;
CEventLog::Add(array('SEVERITY' => 'SECURITY', 'AUDIT_TYPE_ID' => 'CLEANTALK_E_SERVER', 'MODULE_ID' => 'cleantalk.antispam', 'DESCRIPTION' => $err_str));
if ($bSendEmail) {
$send_flag = FALSE;
$insert_flag = FALSE;
$time = $DB->Query('SELECT ct_value FROM cleantalk_timelabels WHERE ct_key=\'' . $timelabels_key . '\'')->Fetch();
if ($time === FALSE) {
$send_flag = TRUE;
$insert_flag = TRUE;
} elseif (time() - 900 > $time['ct_value']) {
// 15 minutes
$send_flag = TRUE;
$insert_flag = FALSE;
}
if ($send_flag) {
if ($insert_flag) {
$arInsert = $DB->PrepareInsert('cleantalk_timelabels', array('ct_key' => $timelabels_key, 'ct_value' => time()));
$strSql = 'INSERT INTO cleantalk_timelabels(' . $arInsert[0] . ') VALUES (' . $arInsert[1] . ')';
} else {
$strUpdate = $DB->PrepareUpdate('cleantalk_timelabels', array('ct_value' => time()));
$strSql = 'UPDATE cleantalk_timelabels SET ' . $strUpdate . ' WHERE ct_key = \'' . $timelabels_key . '\'';
}
$DB->Query($strSql);
bxmail(COption::GetOptionString("main", "email_from"), $err_title, $err_str);
}
}
return $ret_val;
}
$ret_val['errno'] = 0;
if ($ct_result->allow == 1) {
// Not spammer.
$ret_val['allow'] = 1;
$GLOBALS['ct_request_id'] = $ct_result->id;
} else {
$ret_val['allow'] = 0;
$ret_val['ct_result_comment'] = $ct_result->comment;
// Spammer.
// Check stop_queue flag.
if ($type == 'comment' && $ct_result->stop_queue == 0) {
// Spammer and stop_queue == 0 - to manual approvement.
$ret_val['stop_queue'] = 0;
$GLOBALS['ct_request_id'] = $ct_result->id;
$GLOBALS['ct_result_comment'] = $ct_result->comment;
} else {
// New user or Spammer and stop_queue == 1 - display message and exit.
$ret_val['stop_queue'] = 1;
}
}
return $ret_val;
}
function ct_user_register_ajaxlogin($user_id)
{
require_once CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php';
global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment, $ct_options, $ct_data;
$ct_options = ct_get_options();
$ct_data = ct_get_data();
if (class_exists('AjaxLogin') && isset($_POST['action']) && $_POST['action'] == 'register_submit') {
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$submit_time = submit_time_test();
$sender_info = get_sender_info();
$sender_info['post_checkjs_passed'] = $checkjs;
if ($checkjs === null) {
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$sender_info['cookie_checkjs_passed'] = $checkjs;
}
$sender_info = json_encode($sender_info);
if ($sender_info === false) {
$sender_info = '';
}
require_once 'cleantalk.class.php';
$config = get_option('cleantalk_server');
$ct = new Cleantalk();
$ct->work_url = $config['ct_work_url'];
$ct->server_url = $ct_options['server'];
$ct->server_ttl = $config['ct_server_ttl'];
$ct->server_changed = $config['ct_server_changed'];
$ct->ssl_on = $ct_options['ssl_on'];
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_options['apikey'];
$ct_request->sender_email = sanitize_email($_POST['email']);
$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
$ct_request->sender_nickname = sanitize_email($_POST['login']);
$ct_request->agent = $ct_agent_version;
$ct_request->sender_info = $sender_info;
$ct_request->js_on = $checkjs;
$ct_request->submit_time = $submit_time;
$ct_result = $ct->isAllowUser($ct_request);
if ($ct->server_change) {
update_option('cleantalk_server', array('ct_work_url' => $ct->work_url, 'ct_server_ttl' => $ct->server_ttl, 'ct_server_changed' => time()));
}
if ($ct_result->allow === 0) {
wp_delete_user($user_id);
}
}
return $user_id;
}
function ct_cs_registration_validation()
{
require_once CLEANTALK_PLUGIN_DIR . 'cleantalk-public.php';
global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment, $ct_options, $ct_data;
$ct_data = ct_get_data();
$ct_options = ct_get_options();
$sender_email = null;
$message = '';
ct_get_fields($sender_email, $message, $_POST);
if ($sender_email != null) {
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$submit_time = submit_time_test();
$sender_info = get_sender_info();
$sender_info['post_checkjs_passed'] = $checkjs;
$sender_info = json_encode($sender_info);
if ($sender_info === false) {
$sender_info = '';
}
if (isset($_POST['user_login'])) {
$nickname = $_POST['user_login'];
} else {
$nickname = '';
}
require_once 'cleantalk.class.php';
$config = get_option('cleantalk_server');
$ct = new Cleantalk();
$ct->work_url = $config['ct_work_url'];
$ct->server_url = $ct_options['server'];
$ct->server_ttl = $config['ct_server_ttl'];
$ct->server_changed = $config['ct_server_changed'];
$ct->ssl_on = $ct_options['ssl_on'];
$ct_request = new CleantalkRequest();
$ct_request->auth_key = $ct_options['apikey'];
$ct_request->sender_email = $sender_email;
$ct_request->sender_ip = $_SERVER['REMOTE_ADDR'];
$ct_request->sender_nickname = $nickname;
$ct_request->agent = $ct_agent_version;
$ct_request->sender_info = $sender_info;
$ct_request->js_on = $checkjs;
$ct_request->submit_time = $submit_time;
$ct_result = $ct->isAllowUser($ct_request);
if ($ct_result->allow == 0) {
$result = array("type" => "error", "message" => $ct_result->comment);
print json_encode($result);
die;
}
}
}
/**
* Account spam test
* @return bool
*/
public static function onAbortNewAccount($user, &$message)
{
global $wgCTAccessKey, $wgCTServerURL, $wgRequest, $wgCTAgent, $wgCTExtName;
$allowAccount = true;
// The facility in which to store the query parameters
$ctRequest = new CleantalkRequest();
$ctRequest->auth_key = $wgCTAccessKey;
$ctRequest->sender_email = $user->mEmail;
$ctRequest->sender_nickname = $user->mName;
$ctRequest->agent = $wgCTAgent;
$ctRequest->sender_ip = $wgRequest->getIP();
$ctRequest->js_on = CTBody::JSTest();
$ctRequest->submit_time = CTBody::SubmitTimeTest();
$ctRequest->sender_info = json_encode(array('page_url' => htmlspecialchars(@$_SERVER['SERVER_NAME'] . @$_SERVER['REQUEST_URI'])));
$ct = new Cleantalk();
$ct->server_url = $wgCTServerURL;
// Check
$ctResult = $ct->isAllowUser($ctRequest);
// Allow account if we have any API errors
if ($ctResult->errno != 0) {
if (CTBody::JSTest() != 1) {
$ctResult->allow = 0;
$ctResult->comment = "Forbidden. Please, enable Javascript.";
} else {
$ctResult->allow = 1;
}
}
// Disallow account with CleanTalk comment
if ($ctResult->allow == 0) {
$allowAccount = false;
$message = $ctResult->comment;
}
if ($ctResult->inactive === 1) {
CTBody::SendAdminEmail($wgCTExtName, $ctResult->comment);
}
return $allowAccount;
}
/**
* [ActiveRecord] Save Changed Columns
*
* @return void
* @note We have to be careful when upgrading in case we are coming from an older version
*/
public function save()
{
$new = $this->_new;
$enabled = \IPS\Settings::i()->plugin_enabled;
$access_key = \IPS\Settings::i()->access_key;
if ($enabled == 1 && $new) {
require_once dirname($_SERVER['SCRIPT_FILENAME']) . "/uploads/cleantalk.class.php";
require_once dirname($_SERVER['SCRIPT_FILENAME']) . "/uploads/JSON.php";
session_name('cleantalksession');
if (!isset($_SESSION)) {
session_start();
}
if (array_key_exists('formtime', $_SESSION)) {
$submit_time = time() - (int) $_SESSION['formtime'];
} else {
$submit_time = NULL;
}
$_SESSION['formtime'] = time();
$post_info = '';
$lang = \IPS\Lang::getEnabledLanguages();
$locale = $lang[\IPS\Lang::defaultLanguage()]->short;
if (function_exists('json_encode')) {
$arr = array('cms_lang' => $locale, 'REFFERRER' => $_SERVER['HTTP_REFERER'], 'USER_AGENT' => $_SERVER['HTTP_USER_AGENT']);
$post_info = json_encode($arr);
}
if ($post_info === FALSE) {
$post_info = '';
}
$ct_url = 'http://moderate.cleantalk.ru';
$config_work_url = $ct_url;
$config_ttl = 43200;
$config_changed = 1349162987;
$config_key = $access_key;
$ct = new \Cleantalk();
$ct->work_url = $config_work_url;
$ct->server_url = $ct_url;
$ct->server_ttl = $config_ttl;
$ct->server_changed = $config_changed;
$sender_email = filter_var($_POST['email_address'], FILTER_SANITIZE_EMAIL);
$sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
$ct_request = new \CleantalkRequest();
$ct_request->auth_key = $config_key;
$ct_request->sender_nickname = $_POST['username'];
$ct_request->sender_ip = $sender_ip;
$ct_request->sender_email = $sender_email;
$ct_request->sender_info = $post_info;
$ct_request->agent = 'ipboard4-18';
//$ct_request->js_on = $_COOKIE['ct_checkjs'] == md5(\IPS\Settings::i()->access_key . '+' . \IPS\Settings::i()->email_in) ? 1 : 0;
$ct_request->js_on = in_array($_COOKIE['ct_checkjs'], self::getCheckJSArray()) ? 1 : 0;
$ct_request->submit_time = $submit_time;
$ct_result = $ct->isAllowUser($ct_request);
if (isset($ct_result->errno) && $ct_result->errno > 0) {
//sendErrorMessage("CleanTalk has some problems, errno is ".$ct_result->errno.", errstr is '".$ct_result->errstr."'")
}
if ($ct_result->allow == 1) {
// Not spammer.
call_user_func_array('parent::save', func_get_args());
} else {
// Spammer - display message and exit.
if (\IPS\Request::i()->isAjax()) {
$err_str = '<span style="color:#ab1f39;">' . $ct_result->comment . '</span><script>setTimeout("history.back()", 5000);</script>';
print $err_str;
} else {
\IPS\Output::i()->sidebar['enabled'] = FALSE;
\IPS\Output::i()->sendOutput(\IPS\Theme::i()->getTemplate('global', 'core')->globalTemplate("Forbidden", \IPS\Theme::i()->getTemplate('global', 'core')->error("Forbidden", $ct_result->comment, 1, ""), array('app' => \IPS\Dispatcher::i()->application ? \IPS\Dispatcher::i()->application->directory : NULL, 'module' => \IPS\Dispatcher::i()->module ? \IPS\Dispatcher::i()->module->key : NULL, 'controller' => \IPS\Dispatcher::i()->controller)), 200, 'text/html', array(), FALSE, FALSE);
}
die;
}
}
return call_user_func_array('parent::save', func_get_args());
}
