/** * Validate the current customer, get the current customer id * @param string * @return JSON encoded array with results, results include original request parameters * @since 3.8.14 */ function wpsc_validate_customer_ajax() { // most of the validation should be done by the WPEC initialization, just return the current customer values $response = array('valid' => _wpsc_validate_customer_cookie() !== false, 'id' => wpsc_get_current_customer_id()); $response = apply_filters('_wpsc_validate_customer_ajax', $response); wp_send_json_success($response); }
/** * Is the user an automata not worthy of a WPEC profile to hold shopping cart and other info * * @access private * @since 3.8.13 */ function _wpsc_is_bot_user() { $is_bot = false; // if the customer cookie is invalid, unset it $visitor_id_from_cookie = _wpsc_validate_customer_cookie(); if ($visitor_id_from_cookie) { return $visitor_id_from_cookie === WPSC_BOT_VISITOR_ID; } if (!is_user_logged_in()) { // check for WordPress detected 404 or feed request if (did_action('posts_selection')) { if (is_feed()) { $is_bot = true; } if (is_404()) { $is_bot = true; } } // Check for non WPEC ajax request, no reason to create a visitor profile if this is the case // Although the AJAX request may not have originated from a bot, from WPeC's perspective we // treat it as such to avoid creating a WPeC visitor profile for an AJAX rerquest that doesn't need // WPeC functionality. if (!$is_bot && (defined('DOING_AJAX') && DOING_AJAX) && !_wpsc_doing_wpsc_ajax_request()) { $is_bot = true; } if (!$is_bot && strpos($_SERVER['REQUEST_URI'], '?wpsc_action=rss')) { $is_bot = true; } // Cron jobs are not flesh originated if (!$is_bot && (defined('DOING_CRON') && DOING_CRON)) { $is_bot = true; } // XML RPC requests are probably from cybernetic beasts if (!$is_bot && (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)) { $is_bot = true; } // coming to login first, after the user logs in we know they are a live being, until then they are something else if (!$is_bot && (strpos($_SERVER['PHP_SELF'], 'wp-login') || strpos($_SERVER['PHP_SELF'], 'wp-register'))) { $is_bot = true; } if (!$is_bot && !empty($_SERVER['HTTP_USER_AGENT'])) { // the user agent could be google bot, bing bot or some other bot, one would hope real user agents do not have the // string 'bot|spider|crawler|preview' in them, there are bots that don't do us the kindness of identifying themselves as such, // check for the user being logged in in a real user is using a bot to access content from our site $bot_agent_strings = array('robot', 'bot', 'crawler', 'spider', 'preview', 'WordPress'); $bot_agent_strings = apply_filters('wpsc_bot_user_agents', $bot_agent_strings); foreach ($bot_agent_strings as $bot_agent_string) { if (stripos($_SERVER['HTTP_USER_AGENT'], $bot_agent_string) !== false) { $is_bot = true; break; } } } } $is_bot = apply_filters('wpsc_is_bot_user', $is_bot); return $is_bot; }