コード例 #1
0
/**
 * Saves the status of the verification against WangGuard service upon user registration
 *
 * @global type $wpdb
 * @global type $wangguard_user_check_status
 * @param type $userid
 */
function wangguard_plugin_user_register($userid)
{
    global $wpdb;
    global $wangguard_user_check_status;
    $user = new WP_User($userid);
    $user_email = $user->user_email;
    $wangguarstatus = wangguard_look_for_allowed_email($user_email);
    if (!$wangguarstatus) {
        if (empty($wangguard_user_check_status)) {
            $user = new WP_User($userid);
            $table_name = $wpdb->base_prefix . "wangguardsignupsstatus";
            //if there a status on the signups table?
            $user_status = $wpdb->get_var($wpdb->prepare("select user_status from {$table_name} where signup_username = '******'", $user->user_login));
            //delete the signup status
            $wpdb->query($wpdb->prepare("delete from {$table_name} where signup_username = '******'", $user->user_login));
            //If not empty, overrides the status with the signup status
            if (!empty($user_status)) {
                $wangguard_user_check_status = $user_status;
            }
        }
        $table_name = $wpdb->base_prefix . "wangguarduserstatus";
        $user_status = $wpdb->get_var($wpdb->prepare("select ID from {$table_name} where ID = %d", $userid));
        if (is_null($user_status)) {
            //insert the new status
            $wpdb->query($wpdb->prepare("insert into {$table_name}(ID , user_status , user_ip , user_proxy_ip) values (%d , '%s' , '%s' , '%s')", $userid, $wangguard_user_check_status, wangguard_getRemoteIP(), wangguard_getRemoteProxyIP()));
        } else {
            //update the new status
            $wpdb->query($wpdb->prepare("update {$table_name} set user_status = '%s' where ID = %d", $wangguard_user_check_status, $userid));
        }
    } else {
        $wangguard_user_check_status = 'whitelisted';
        if (empty($wangguard_user_check_status)) {
            $user2 = new WP_User($userid);
            $table_name = $wpdb->base_prefix . "wangguardsignupsstatus";
            //if there a status on the signups table?
            $user_status = $wpdb->get_var($wpdb->prepare("select user_status from {$table_name} where signup_username = '******'", $user2->user_login));
            //delete the signup status
            $wpdb->query($wpdb->prepare("delete from {$table_name} where signup_username = '******'", $user2->user_login));
            //If not empty, overrides the status with the signup status
            if (!empty($user_status)) {
                $wangguard_user_check_status = 'whitelisted';
            }
        }
        $table_name = $wpdb->base_prefix . "wangguarduserstatus";
        $user_status = $wpdb->get_var($wpdb->prepare("select ID from {$table_name} where ID = %d", $userid));
        if (is_null($user_status)) {
            //insert the new status
            $wpdb->query($wpdb->prepare("insert into {$table_name}(ID , user_status , user_ip , user_proxy_ip) values (%d , '%s' , '%s' , '%s')", $userid, $wangguard_user_check_status, wangguard_getRemoteIP(), wangguard_getRemoteProxyIP()));
        } else {
            //update the new status
            $wpdb->query($wpdb->prepare("update {$table_name} set user_status = '%s' where ID = %d", $wangguard_user_check_status, $userid));
        }
    }
}
 /**
  * Validate email based on user settings.
  *
  * First, verify email using `is_email()` WordPress function (required)
  *
  * Then, process email validation based on settings.
  *
  * @param  KWSContact $Contact Contact object
  *
  * @return WP_Error|boolean|void    If valid, return `true`, otherwise return a WP_Error object.
  */
 function validateEmail(KWSContact &$Contact)
 {
     if (!class_exists('DataValidation')) {
         include_once CTCT_DIR_PATH . 'lib/class.datavalidation.php';
     }
     if (!class_exists('SMTP_validateEmail')) {
         include_once CTCT_DIR_PATH . 'lib/mail/smtp_validateEmail.class.php';
     }
     $email = $Contact->get('email');
     $is_valid = array();
     // 1: Check if it's an email at all
     if (empty($email)) {
         do_action('ctct_activity', 'Empty email address', $email);
         $this->errors[] = new WP_Error('empty_email', __('Please enter your email address.', 'ctct'), 'email_address');
         return;
     } elseif (!is_email($email)) {
         do_action('ctct_activity', 'Invalid email address', $email);
         $this->errors[] = new WP_Error('not_email', __('Invalid email address.', 'ctct'), 'email_address');
         return;
     }
     $methods = (array) CTCT_Settings::get('spam_methods');
     // 2: Akismet validation
     if (in_array('akismet', $methods)) {
         $akismetCheck = $this->akismetCheck($Contact);
         if (is_wp_error($akismetCheck)) {
             $this->errors[] = $akismetCheck;
             return;
         }
     }
     // 3: WangGuard validation
     if (in_array('wangguard', $methods) && function_exists('wangguard_verify_email') && wangguard_server_connectivity_ok()) {
         global $wangguard_api_host;
         // If WangGuard isn't set up yet, set'er up!
         if (empty($wangguard_api_host)) {
             wangguard_init();
         }
         $return = wangguard_verify_email($email, wangguard_getRemoteIP(), wangguard_getRemoteProxyIP());
         if ($return == 'checked' || $return == 'not-checked') {
             do_action('ctct_activity', 'WangGuard validation passed.', $email, $return);
         } else {
             $this->errors[] = new WP_Error('wangguard', __('Email validation failed.', 'ctct'), $email, $return);
             return;
         }
     }
     // 4: DataValidation.com validation
     if (in_array('datavalidation', $methods) && class_exists('DataValidation')) {
         $Validate = new DataValidation(CTCT_Settings::get('datavalidation_api_key'));
         $validation = $Validate->validate($email);
         $process_inconclusive = apply_filters('ctct_process_inconclusive_emails', true);
         if (is_wp_error($validation)) {
             do_action('ctct_activity', 'DataValidation.com error', 'The email was not processed because of the error: ' . $validation->get_error_message());
             return;
         } elseif ($validation === false || $validation === NULL && !$process_inconclusive) {
             do_action('ctct_activity', 'DataValidation validation failed.', $email, $Validate);
             $message = isset($Validate->message) ? $Validate->message : __('Not a valid email.', 'ctct');
             $this->errors[] = new WP_Error('datavalidation', $message, $email, $Validate);
             return;
         }
         if ($validation === NULL) {
             do_action('ctct_activity', 'DataValidation validation inconclusive.', $email, $Validate);
         } elseif ($validation === true) {
             do_action('ctct_activity', 'DataValidation validation passed.', $email, $Validate);
         }
     }
     // 5: SMTP validation
     if (in_array('smtp', $methods) && class_exists('SMTP_validateEmail')) {
         try {
             $SMTP_Validator = new SMTP_validateEmail();
             // Timeout after 1 second
             $SMTP_Validator->max_conn_time = 1;
             $SMTP_Validator->max_read_time = 1;
             $SMTP_Validator->debug = 0;
             // Prevent PHP notices about timeouts
             ob_start();
             $results = $SMTP_Validator->validate(array($email), get_option('admin_email'));
             ob_clean();
             if (isset($results[$email])) {
                 // True = passed
                 if ($results[$email]) {
                     do_action('ctct_activity', 'SMTP validation passed.', $email, $results);
                     return true;
                 } else {
                     do_action('ctct_activity', 'SMTP validation failed.', $email, $results);
                     $this->errors[] = new WP_Error('smtp', __('Email validation failed.', 'ctct'), $email, $results);
                     return false;
                 }
             } else {
                 do_action('ctct_activity', 'SMTP validation did not work', 'Returned empty results. Maybe it timed out?');
                 return true;
             }
         } catch (Exception $e) {
             do_action('ctct_error', 'SMTP validation broke.', $e);
             return;
         }
     }
     return true;
 }
コード例 #3
0
/**
 * Validates security question
 *
 * @global type $bp
 * @global boolean $wangguard_bp_validated
 */
function wangguard_signup_validate_bp11()
{
    global $bp;
    global $wangguard_bp_validated;
    $wangguard_bp_validated = true;
    $signup_email = $_POST['signup_email'];
    $wggstopcheck = false;
    do_action('pre_wangguard_validate_signup_form_wordpress_no_multisite', $signup_email);
    $wggstopcheck = apply_filters('pre_wangguard_validate_signup_form_wordpress_no_multisite', $wggstopcheck);
    if (!$wggstopcheck) {
        if (!wangguard_validate_hfields($signup_email)) {
            $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe(__('<strong>ERROR</strong>: Banned by WangGuard <a href="http://www.wangguard.com/faq" target="_new">Is it an error?</a> Perhaps you tried to register many times.', 'wangguard'));
            return;
        }
        $answerOK = wangguard_question_repliedOK();
        //If at least a question exists on the questions table, then check the provided answer
        if (!$answerOK) {
            $bp->signup->errors['wangguardquestansw'] = wangguard_fix_bp_slashes_maybe(__('<strong>ERROR</strong>: The answer to the security question is invalid.', 'wangguard'));
        } else {
            //check domain against the list of selected blocked domains
            $blocked = wangguard_is_domain_blocked($signup_email);
            if ($blocked) {
                $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe(__("<strong>ERROR</strong>: Domain not allowed.", 'wangguard'));
            } else {
                $reported = wangguard_is_email_reported_as_sp($signup_email, wangguard_getRemoteIP(), wangguard_getRemoteProxyIP());
                if ($reported) {
                    $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe(__('<strong>ERROR</strong>: Banned by WangGuard <a href="http://www.wangguard.com/faq" target="_new">Is it an error?</a> Perhaps you tried to register many times.', 'wangguard'));
                } else {
                    if (wangguard_email_aliases_exists($signup_email)) {
                        $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe(__('<strong>ERROR</strong>: Duplicate alias email found by WangGuard.', 'wangguard'));
                    } else {
                        if (!wangguard_mx_record_is_ok($signup_email)) {
                            $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe(__("<strong>ERROR</strong>: WangGuard couldn't find an MX record associated with your email domain.", 'wangguard'));
                        }
                    }
                }
            }
        }
        if (isset($bp->signup->errors['signup_email'])) {
            $bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe($bp->signup->errors['signup_email']);
        }
    }
}