Пример #1
0
 public function reloadCaptcha()
 {
     $captcha_instance = new ReallySimpleCaptcha();
     $word = $captcha_instance->generate_random_word();
     $_SESSION['captcha_words'] = strtolower($word);
     $prefix = mt_rand();
     $image = $captcha_instance->generate_image($prefix, $word);
     echo json_encode(array('result' => true, 'imagePath' => $image));
     exit;
 }
Пример #2
0
 /**
  * Really simple captcha validation
  *
  * @return void
  */
 function validate_rs_captcha()
 {
     $rs_captcha_input = isset($_POST['rs_captcha']) ? $_POST['rs_captcha'] : '';
     $rs_captcha_file = isset($_POST['rs_captcha_val']) ? $_POST['rs_captcha_val'] : '';
     if (class_exists('ReallySimpleCaptcha')) {
         $captcha_instance = new ReallySimpleCaptcha();
         if (!$captcha_instance->check($rs_captcha_file, $rs_captcha_input)) {
             $this->send_error(__('Really Simple Captcha validation failed', 'wpuf'));
         } else {
             // validation success, remove the files
             $captcha_instance->remove($rs_captcha_file);
         }
     }
 }
Пример #3
0
function rcl_check_register_captcha($errors)
{
    $rcl_captcha = new ReallySimpleCaptcha();
    $rcl_captcha_prefix = sanitize_text_field($_POST['rcl_captcha_prefix']);
    $rcl_captcha_code = sanitize_text_field($_POST['rcl_captcha_code']);
    $rcl_captcha_correct = false;
    $rcl_captcha_check = $rcl_captcha->check($rcl_captcha_prefix, $rcl_captcha_code);
    $rcl_captcha_correct = $rcl_captcha_check;
    $rcl_captcha->remove($rcl_captcha_prefix);
    $rcl_captcha->cleanup();
    if (!$rcl_captcha_correct) {
        $errors = new WP_Error();
        $errors->add('rcl_register_captcha', __('Field filled not right CAPTCHA!', 'wp-recall'));
    }
    return $errors;
}
Пример #4
0
function mytheme_check_comment_captcha($comment_data)
{
    $comment_captcha = new ReallySimpleCaptcha();
    $comment_captcha_correct = false;
    $comment_captcha_prefix = $_POST['comment_captcha_prefix'];
    $comment_captcha_code = $_POST['comment_captcha_code'];
    $comment_captcha_check = $comment_captcha->check($comment_captcha_prefix, $comment_captcha_code);
    $comment_captcha_correct = $comment_captcha_check;
    //clean up
    $comment_captcha->remove($_POST['comment_captcha_prefix']);
    $comment_captcha->cleanup();
    if (!$comment_captcha_correct) {
        wp_die('You have entered an incorrect CAPTCHA value. try again.');
        break;
    }
    return $comment_data;
}
Пример #5
0
function gwolle_gb_captcha_ajax_callback()
{
    if (class_exists('ReallySimpleCaptcha')) {
        check_ajax_referer('gwolle_gb_captcha_ajax', 'security');
        // Instantiate class
        $gwolle_gb_captcha = new ReallySimpleCaptcha();
        // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
        $gwolle_gb_captcha_prefix = isset($_POST['gwolle_gb_captcha_prefix']) ? $_POST['gwolle_gb_captcha_prefix'] : false;
        // This variable holds the CAPTCHA response, entered by the user
        $gwolle_gb_captcha_code = isset($_POST['gwolle_gb_captcha_code']) ? $_POST['gwolle_gb_captcha_code'] : false;
        // This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
        $gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code) ? 'true' : 'false';
        // Return response
        echo $gwolle_gb_captcha_correct;
    }
    die;
    // this is required to return a proper result
}
Пример #6
0
 public static function get($args = array())
 {
     global $sb_captcha;
     if (empty($sb_captcha) && self::use_captcha()) {
         if (!is_array($args)) {
             $len = $args;
             $args = (array) $args;
             $args['len'] = $len;
         }
         $sb_captcha = new ReallySimpleCaptcha();
         $len = isset($args['len']) ? $args['len'] : 4;
         $bg = isset($args['bg']) ? (array) $args['bg'] : array();
         if (count($bg) > 0) {
             $sb_captcha->bg = $bg;
         }
         $sb_captcha->char_length = $len;
         $sb_captcha->cleanup(5);
     }
     return $sb_captcha;
 }
Пример #7
0
function wpmtst_add_captcha($captcha)
{
    $html = '';
    switch ($captcha) {
        case 'akismet':
            break;
            // Captcha by BestWebSoft
        // Captcha by BestWebSoft
        case 'bwsmath':
            if (function_exists('cptch_display_captcha_custom')) {
                $html .= '<input type="hidden" name="cntctfrm_contact_action" value="true">';
                $html .= cptch_display_captcha_custom();
            }
            break;
            // Really Simple Captcha by Takayuki Miyoshi
        // Really Simple Captcha by Takayuki Miyoshi
        case 'miyoshi':
            if (class_exists('ReallySimpleCaptcha')) {
                $captcha_instance = new ReallySimpleCaptcha();
                $word = $captcha_instance->generate_random_word();
                $prefix = mt_rand();
                $image = $captcha_instance->generate_image($prefix, $word);
                $html .= '<span>' . _x('Input this code:', 'Captcha', 'strong-testimonials') . '&nbsp;<input type="hidden" name="captchac" value="' . $prefix . '"><img class="captcha" src="' . plugins_url('really-simple-captcha/tmp/') . $image . '"></span>';
                $html .= '<input type="text" class="captcha" name="captchar" maxlength="4" size="5">';
            }
            break;
            // Advanced noCaptcha reCaptcha by Shamim Hasan
        // Advanced noCaptcha reCaptcha by Shamim Hasan
        case 'advnore':
            if (function_exists('anr_captcha_form_field')) {
                $html .= anr_captcha_form_field(false);
            }
            break;
        default:
            // no captcha
    }
    return $html;
}
Пример #8
0
    function et_contact_form($atts)
    {
        extract(shortcode_atts(array('class' => ''), $atts));
        $captcha_instance = new ReallySimpleCaptcha();
        $captcha_instance->bg = array(244, 80, 80);
        $word = $captcha_instance->generate_random_word();
        $prefix = mt_rand();
        $img_name = $captcha_instance->generate_image($prefix, $word);
        $captcha_img = ETHEME_CODE_URL . '/inc/really-simple-captcha/tmp/' . $img_name;
        ob_start();
        ?>
        <div id="contactsMsgs"></div>
        <form action="<?php 
        the_permalink();
        ?>
" method="get" id="contact-form" class="contact-form <?php 
        echo $class;
        ?>
">
            
            <div class="form-group">
              <p class="form-name">
                <label for="name" class="control-label"><?php 
        _e('Name and Surname', ETHEME_DOMAIN);
        ?>
 <span class="required">*</span></label>
                <input type="text" name="contact-name" class="required-field form-control" id="contact-name">
              </p>
            </div>

            <div class="form-group">
                <p class="form-name">
                  <label for="contact-email" class="control-label"><?php 
        _e('Email', ETHEME_DOMAIN);
        ?>
 <span class="required">*</span></label>
                  <input type="text" name="contact-email" class="required-field form-control" id="contact-email">
                </p>
            </div>
            
            <div class="form-group">
              <p class="form-name">
                <label for="contact-website" class="control-label"><?php 
        _e('Website', ETHEME_DOMAIN);
        ?>
</label>
                <input type="text" name="contact-website" class="form-control" id="contact-website">
              </p>
            </div>
            

            <div class="form-group">
              <p class="form-textarea">
                <label for="contact_msg" class="control-label"><?php 
        _e('Message', ETHEME_DOMAIN);
        ?>
 <span class="required">*</span></label>
                <textarea name="contact-msg" id="contact-msg" class="required-field form-control" cols="30" rows="7"></textarea>
              </p>
            </div>
            
            <div class="captcha-block">
              <img src="<?php 
        echo $captcha_img;
        ?>
">
              <input type="text" name="captcha-word" class="captcha-input">
              <input type="hidden" name="captcha-prefix" value="<?php 
        echo $prefix;
        ?>
">
            </div>
            
            <p class="pull-right">
              <input type="hidden" name="contact-submit" id="contact-submit" value="true" >
              <span class="spinner"><?php 
        _e('Sending...', ETHEME_DOMAIN);
        ?>
</span>
              <button class="btn btn-black big" id="submit" type="submit"><?php 
        _e('Send message', ETHEME_DOMAIN);
        ?>
</button>
            </p>

            <div class="clearfix"></div>
        </form>
    <?php 
        $output = ob_get_contents();
        ob_end_clean();
        return $output;
    }
Пример #9
0
function reload_captcha_really()
{
    require_once ABSPATH . 'wp-admin/admin-functions.php';
    if (class_exists('ReallySimpleCaptcha')) {
        //check if the Really Simple Captcha class is available
        $captcha = new ReallySimpleCaptcha();
        $captcha->char_length = 6;
        $captcha->img_size = array(95, 28);
        $captcha_word = $captcha->generate_random_word();
        //generate a random string with letters
        $captcha_prefix = mt_rand();
        //random number
        $captcha_image = $captcha->generate_image($captcha_prefix, $captcha_word);
        //generate the image file. it returns the file name
        echo json_encode(array(rtrim(get_bloginfo('wpurl'), '/') . '/wp-content/plugins/really-simple-captcha/tmp/' . $captcha_image, $captcha_prefix));
        //construct the absolute URL of the captcha image
    } else {
        echo '';
    }
    exit;
}
function easy_t_outputCaptcha()
{
    if (easy_testimonials_use_recaptcha()) {
        ?>
			<div class="g-recaptcha" data-sitekey="<?php 
        echo htmlentities(get_option('easy_t_recaptcha_api_key', ''));
        ?>
"></div>
			<br />		
		<?php 
    } else {
        if (class_exists('ReallySimpleCaptcha')) {
            // Instantiate the ReallySimpleCaptcha class, which will handle all of the heavy lifting
            $captcha = new ReallySimpleCaptcha();
            // ReallySimpleCaptcha class option defaults.
            // Changing these values will hav no impact. For now, these are here merely for reference.
            // If you want to configure these options, see "Set Really Simple CAPTCHA Options", below
            $captcha_defaults = array('chars' => 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789', 'char_length' => '4', 'img_size' => array('72', '24'), 'fg' => array('0', '0', '0'), 'bg' => array('255', '255', '255'), 'font_size' => '16', 'font_char_width' => '15', 'img_type' => 'png', 'base' => array('6', '18'));
            /**************************************
             * All configurable options are below  *
             ***************************************/
            //Set Really Simple CAPTCHA Options
            $captcha->chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
            $captcha->char_length = '4';
            $captcha->img_size = array('100', '50');
            $captcha->fg = array('0', '0', '0');
            $captcha->bg = array('255', '255', '255');
            $captcha->font_size = '16';
            $captcha->font_char_width = '15';
            $captcha->img_type = 'png';
            $captcha->base = array('6', '18');
            /********************************************************************
             * Nothing else to edit.  No configurable options below this point.  *
             *********************************************************************/
            // Generate random word and image prefix
            $captcha_word = $captcha->generate_random_word();
            $captcha_prefix = mt_rand();
            // Generate CAPTCHA image
            $captcha_image_name = $captcha->generate_image($captcha_prefix, $captcha_word);
            // Define values for CAPTCHA fields
            $captcha_image_url = get_bloginfo('wpurl') . '/wp-content/plugins/really-simple-captcha/tmp/';
            $captcha_image_src = $captcha_image_url . $captcha_image_name;
            $captcha_image_width = $captcha->img_size[0];
            $captcha_image_height = $captcha->img_size[1];
            $captcha_field_size = $captcha->char_length;
            // Output the CAPTCHA fields
            ?>
		<div class="easy_t_field_wrap">
			<img src="<?php 
            echo $captcha_image_src;
            ?>
"
			 alt="captcha"
			 width="<?php 
            echo $captcha_image_width;
            ?>
"
			 height="<?php 
            echo $captcha_image_height;
            ?>
" /><br/>
			<label for="captcha_code"><?php 
            echo get_option('easy_t_captcha_field_label', 'Captcha');
            ?>
</label><br/>
			<input id="captcha_code" name="captcha_code"
			 size="<?php 
            echo $captcha_field_size;
            ?>
" type="text" />
			<p class="easy_t_description"><?php 
            echo get_option('easy_t_captcha_field_description', 'Enter the value in the image above into this field.');
            ?>
</p>
			<input id="captcha_prefix" name="captcha_prefix" type="hidden"
			 value="<?php 
            echo $captcha_prefix;
            ?>
" />
		</div>
		<?php 
        }
    }
}
Пример #11
0
function gwolle_gb_frontend_write($shortcode_atts)
{
    global $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    $html5 = current_theme_supports('html5');
    $output = '';
    // Set data up for refilling an already submitted form that had errors
    $name = '';
    $origin = '';
    $email = '';
    $website = '';
    $antispam = '';
    $content = '';
    // Auto-fill the form if the user is already logged in
    $user_id = get_current_user_id();
    // returns 0 if no current user
    if ($user_id > 0) {
        $userdata = get_userdata($user_id);
        if (is_object($userdata)) {
            if (isset($userdata->display_name)) {
                $name = $userdata->display_name;
            } else {
                $name = $userdata->user_login;
            }
            $email = $userdata->user_email;
            $website = $userdata->user_url;
        }
    }
    // Only show old data when there are errors
    if ($gwolle_gb_errors) {
        if (is_array($gwolle_gb_data) && !empty($gwolle_gb_data)) {
            if (isset($gwolle_gb_data['author_name'])) {
                $name = stripslashes($gwolle_gb_data['author_name']);
            }
            if (isset($gwolle_gb_data['author_origin'])) {
                $origin = stripslashes($gwolle_gb_data['author_origin']);
            }
            if (isset($gwolle_gb_data['author_email'])) {
                $email = stripslashes($gwolle_gb_data['author_email']);
            }
            if (isset($gwolle_gb_data['author_website'])) {
                $website = stripslashes($gwolle_gb_data['author_website']);
            }
            if (isset($gwolle_gb_data['antispam'])) {
                $antispam = stripslashes($gwolle_gb_data['antispam']);
            }
            if (isset($gwolle_gb_data['content'])) {
                $content = stripslashes($gwolle_gb_data['content']);
            }
        }
    }
    // Initialize errors, if not set
    if (empty($gwolle_gb_error_fields)) {
        $gwolle_gb_error_fields = array();
    }
    /*
     * Handle Messaging to the user
     */
    $class = "";
    if ($gwolle_gb_errors) {
        $class = "error";
    }
    if (isset($gwolle_gb_messages) && $gwolle_gb_messages != '') {
        $output .= "<div id='gwolle_gb_messages' class='{$class}'>";
        $output .= $gwolle_gb_messages;
        $output .= "</div>";
    }
    /*
     * Button 'write a new entry.'
     */
    $output .= '
		<div id="gwolle_gb_write_button">
			<input type="button" value="&raquo; ' . esc_attr__('Write a new entry.', 'gwolle-gb') . '" />
		</div>';
    // Option to allow only logged-in users to post. Don't show the form if not logged-in. We still see the messages above.
    if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
        $output .= '
			<div id="gwolle_gb_new_entry">
				<h3>' . __('Log in to post an entry', 'gwolle-gb') . '</h3>';
        $args = array('echo' => false, 'redirect' => (is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
        $output .= wp_login_form($args);
        $output .= wp_register('', '', false);
        $output .= '</div>';
        return $output;
    }
    /*
     * Build up Form including possible error_fields
     */
    $form_setting = gwolle_gb_get_setting('form');
    $autofocus = 'autofocus="autofocus"';
    // Form for submitting new entries
    $header = gwolle_gb_sanitize_output(get_option('gwolle_gb-header', false));
    if ($header == false) {
        $header = __('Write a new entry for the Guestbook', 'gwolle-gb');
    }
    $output .= '
		<form id="gwolle_gb_new_entry" action="#" method="POST">
			<h3>' . $header . '</h3>
			<input type="hidden" name="gwolle_gb_function" id="gwolle_gb_function" value="add_entry" />';
    // The book_id from the shortcode, to be used by the posthandling function again.
    $output .= '<input type="hidden" name="gwolle_gb_book_id" id="gwolle_gb_book_id" value="' . $shortcode_atts['book_id'] . '" />';
    // Use this filter to just add something
    $output .= apply_filters('gwolle_gb_write_add_before', '');
    /* Name */
    if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_name">
				<div class="label"><label for="gwolle_gb_author_name">' . __('Name', 'gwolle-gb') . ':';
        if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('name', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $name . '" type="text" name="gwolle_gb_author_name" id="gwolle_gb_author_name" placeholder="' . __('Name', 'gwolle-gb') . '" ';
        if (in_array('name', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* City / Origin */
    if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_origin">
					<div class="label"><label for="gwolle_gb_author_origin">' . __('City', 'gwolle-gb') . ':';
        if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
					<div class="input"><input class="';
        if (in_array('author_origin', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $origin . '" type="text" name="gwolle_gb_author_origin" id="gwolle_gb_author_origin" placeholder="' . __('City', 'gwolle-gb') . '" ';
        if (in_array('author_origin', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
				</div>
				<div class="clearBoth">&nbsp;</div>';
    }
    /* Email */
    if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_email">
				<div class="label"><label for="gwolle_gb_author_email">' . __('Email', 'gwolle-gb') . ':';
        if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('author_email', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $email . '" ' . ($html5 ? 'type="email"' : 'type="text"') . ' name="gwolle_gb_author_email" id="gwolle_gb_author_email" placeholder="' . __('Email', 'gwolle-gb') . '" ';
        if (in_array('author_email', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    } else {
        if (isset($email) && strlen($email) > 0) {
            // For logged in users, just save the email anyway.
            $output .= '<input class="" value="' . $email . '" type="hidden" name="gwolle_gb_author_email" id="gwolle_gb_author_email" />';
        }
    }
    /* Website / Homepage */
    if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_website">
				<div class="label"><label for="gwolle_gb_author_website">' . __('Website', 'gwolle-gb') . ':';
        if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('author_website', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $website . '" ' . ($html5 ? 'type="url"' : 'type="text"') . ' name="gwolle_gb_author_website" id="gwolle_gb_author_website" placeholder="' . __('Website', 'gwolle-gb') . '" ';
        if (in_array('author_website', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* Content */
    if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_content">
				<div class="label"><label for="gwolle_gb_content">' . __('Guestbook entry', 'gwolle-gb') . ':';
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><textarea name="gwolle_gb_content" id="gwolle_gb_content" class="';
        if (in_array('content', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" placeholder="' . __('Message', 'gwolle-gb') . '" ';
        if (in_array('content', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' >' . $content . '</textarea>';
        if (isset($form_setting['form_bbcode_enabled']) && $form_setting['form_bbcode_enabled'] === 'true') {
            // BBcode and MarkItUp
            wp_enqueue_script('markitup', plugins_url('markitup/jquery.markitup.js', __FILE__), 'jquery', GWOLLE_GB_VER, false);
            wp_enqueue_script('markitup_set', plugins_url('markitup/set.js', __FILE__), 'jquery', GWOLLE_GB_VER, false);
            wp_enqueue_style('gwolle_gb_markitup_css', plugins_url('markitup/style.css', __FILE__), false, GWOLLE_GB_VER, 'screen');
            $dataToBePassed = array('bold' => __('Bold', 'gwolle-gb'), 'italic' => __('Italic', 'gwolle-gb'), 'bullet' => __('Bulleted List', 'gwolle-gb'), 'numeric' => __('Numeric List', 'gwolle-gb'), 'picture' => __('Picture', 'gwolle-gb'), 'source' => __('Source', 'gwolle-gb'), 'link' => __('Link', 'gwolle-gb'), 'linktext' => __('Your text to link...', 'gwolle-gb'), 'clean' => __('Clean', 'gwolle-gb'), 'emoji' => __('Emoji', 'gwolle-gb'));
            wp_localize_script('markitup_set', 'gwolle_gb_localize', $dataToBePassed);
            // Emoji symbols
            $output .= '<div class="gwolle_gb_emoji" style="display:none;">';
            $output .= gwolle_gb_get_emoji();
            $output .= '</div>';
        }
        $output .= '</div>';
        // .input
        $output .= '
				</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* Custom Anti-Spam */
    if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
        $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
        $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
        if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
            $output .= '
				<div class="gwolle_gb_antispam">
					<div class="label">
						<label for="gwolle_gb_antispam_answer">' . __('Anti-spam', 'gwolle-gb') . ': *<br />
						' . __('Question:', 'gwolle-gb') . " " . $antispam_question . '</label>
					</div>
					<div class="input"><input class="';
            if (in_array('antispam', $gwolle_gb_error_fields)) {
                $output .= ' error';
            }
            $output .= '" value="' . $antispam . '" type="text" name="gwolle_gb_antispam_answer" id="gwolle_gb_antispam_answer" placeholder="' . __('Answer', 'gwolle-gb') . '" ';
            if (in_array('antispam', $gwolle_gb_error_fields) && isset($autofocus)) {
                $output .= $autofocus;
                $autofocus = false;
                // disable it for the next error.
            }
            $output .= ' />
						</div>
					</div>
					<div class="clearBoth">&nbsp;</div>';
        }
    }
    /* CAPTCHA */
    if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
        if (class_exists('ReallySimpleCaptcha')) {
            // Disable page caching, we want a new CAPTCHA image each time.
            if (!defined('DONOTCACHEPAGE')) {
                define("DONOTCACHEPAGE", "true");
            }
            // Instantiate the ReallySimpleCaptcha class, which will handle all of the heavy lifting
            $gwolle_gb_captcha = new ReallySimpleCaptcha();
            // Set Really Simple CAPTCHA Options
            $gwolle_gb_captcha->chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
            $gwolle_gb_captcha->char_length = '4';
            $gwolle_gb_captcha->img_size = array('72', '24');
            $gwolle_gb_captcha->fg = array('0', '0', '0');
            $gwolle_gb_captcha->bg = array('255', '255', '255');
            $gwolle_gb_captcha->font_size = '16';
            $gwolle_gb_captcha->font_char_width = '15';
            $gwolle_gb_captcha->img_type = 'png';
            $gwolle_gb_captcha->base = array('6', '18');
            // Generate random word and image prefix
            $gwolle_gb_captcha_word = $gwolle_gb_captcha->generate_random_word();
            $gwolle_gb_captcha_prefix = mt_rand();
            // Generate CAPTCHA image
            $gwolle_gb_captcha_image_name = $gwolle_gb_captcha->generate_image($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_word);
            // Define values for CAPTCHA fields
            $gwolle_gb_captcha_image_url = content_url('plugins/really-simple-captcha/tmp/');
            $gwolle_gb_captcha_image_src = $gwolle_gb_captcha_image_url . $gwolle_gb_captcha_image_name;
            $gwolle_gb_captcha_image_width = $gwolle_gb_captcha->img_size[0];
            $gwolle_gb_captcha_image_height = $gwolle_gb_captcha->img_size[1];
            $gwolle_gb_captcha_field_size = $gwolle_gb_captcha->char_length;
            // Enqueue and localize the frontend script for CAPTCHA.
            wp_enqueue_script('gwolle_gb_captcha_js', plugins_url('js/captcha.js', __FILE__), 'jquery', GWOLLE_GB_VER, true);
            $dataToBePassed = array('ajaxurl' => admin_url('admin-ajax.php'), 'security' => wp_create_nonce('gwolle_gb_captcha_ajax'), 'correct' => __('Correct CAPTCHA value.', 'gwolle-gb'), 'incorrect' => __('Incorrect CAPTCHA value.', 'gwolle-gb'), 'gwolle_gb_captcha_prefix' => $gwolle_gb_captcha_prefix);
            wp_localize_script('gwolle_gb_captcha_js', 'gwolle_gb_captcha', $dataToBePassed);
            // Output the CAPTCHA fields
            $output .= '
				<div class="gwolle_gb_captcha">
					<div class="label">
						<label for="gwolle_gb_captcha_code">' . __('Anti-spam', 'gwolle-gb') . ': *<br />
						<img src="' . $gwolle_gb_captcha_image_src . '" alt="captcha" width="' . $gwolle_gb_captcha_image_width . '" height="' . $gwolle_gb_captcha_image_height . '" />
						</label>
					</div>
					<div class="input">
					<input class="';
            if (in_array('captcha', $gwolle_gb_error_fields)) {
                $output .= 'error';
            }
            $output .= '" value="" type="text" name="gwolle_gb_captcha_code" id="gwolle_gb_captcha_code" placeholder="' . __('CAPTCHA', 'gwolle-gb') . '" ';
            if (in_array('captcha', $gwolle_gb_error_fields) && isset($autofocus)) {
                $output .= $autofocus;
                $autofocus = false;
                // disable it for the next error.
            }
            $output .= ' />
							<input type="hidden" name="gwolle_gb_captcha_prefix" id="gwolle_gb_captcha_prefix" value="' . $gwolle_gb_captcha_prefix . '" />
							<span id="gwolle_gb_captcha_verify"></span>
						</div>
					</div>
					<div class="clearBoth">&nbsp;</div>';
        }
    }
    // Use this filter to just add something
    $output .= apply_filters('gwolle_gb_write_add_form', '');
    $output .= '
			<div class="gwolle_gb_submit">
				<div class="label">&nbsp;</div>
				<div class="input"><input type="submit" name="gwolle_gb_submit" value="' . esc_attr__('Submit', 'gwolle-gb') . '" /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>

			<div class="gwolle_gb_notice">
				';
    $notice = gwolle_gb_sanitize_output(get_option('gwolle_gb-notice', false));
    if ($notice == false) {
        // No text set by the user. Use the default text.
        $notice = __('
Fields marked with * are obligatory.
Your E-mail address wil not be published.
For security reasons we save the ip address %ip%.
It might be that your entry will only be visible in the guestbook after we reviewed it.
We reserve our right to edit, delete, or not publish entries.
', 'gwolle-gb');
    }
    $notice = nl2br($notice);
    $output .= str_replace('%ip%', $_SERVER['REMOTE_ADDR'], $notice);
    $output .= '
			</div>';
    // Use this filter to just add something
    $output .= apply_filters('gwolle_gb_write_add_after', '');
    $output .= '</form>';
    if (get_option('gwolle_gb-labels_float', 'true') === 'true') {
        $output .= '
		<style type="text/css" scoped>
			#gwolle_gb .label,
			#gwolle_gb .input {
				float: left;
			}
		</style>
		';
    }
    // Add filter for the form, so devs can manipulate it.
    $output = apply_filters('gwolle_gb_write', $output);
    return $output;
}
Пример #12
0
<?php

// This variable holds the ABSPATH
$cbnet_rscc_abspath = isset($_GET['abspath']) ? urldecode($_GET['abspath']) : false;
require $cbnet_rscc_abspath . 'wp-load.php';
// Instantiate class
$cbnet_rscc_captcha = new ReallySimpleCaptcha();
// This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
$cbnet_rscc_captcha_prefix = isset($_GET['prefix']) ? $_GET['prefix'] : false;
// This variable holds the CAPTCHA response, entered by the user
$cbnet_rscc_captcha_code = isset($_GET['code']) ? $_GET['code'] : false;
// This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
$cbnet_rscc_captcha_correct = $cbnet_rscc_captcha->check($cbnet_rscc_captcha_prefix, $cbnet_rscc_captcha_code) ? 'true' : 'false';
// Return response
echo $cbnet_rscc_captcha_correct;
Пример #13
0
 /**
  * Register function
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // get the globals
     global $user_ID, $wpmem_themsg, $userdata;
     // check the nonce
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // add the user email to the $fields array for _data hooks
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // build the $fields array from $_POST data
     $wpmem_fields = get_option('wpmembers_fields');
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // we do have password as part of the registration form
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // check for required fields
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // multisite has different requirements
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 if (!$fields['username']) {
                     $wpmem_themsg = __('Sorry, username is a required field', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!validate_username($fields['username'])) {
                     $wpmem_themsg = __('The username cannot include non-alphanumeric characters.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (username_exists($fields['username'])) {
                     return "user";
                     exit;
                 }
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
             }
             if ($wpmem_themsg) {
                 return "empty";
                 exit;
             }
             // if form contains password and email confirmation, validate that they match
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             $wpmem_captcha = get_option('wpmembers_captcha');
             // get the captcha settings (api keys)
             if (WPMEM_CAPTCHA == 1 && $wpmem_captcha['recaptcha']) {
                 // if captcha is on, check the captcha
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     // if there is no api key, the captcha never displayed to the end user
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // check to see if the recaptcha library has already been loaded by another plugin
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // the response from reCAPTCHA
                 $resp = null;
                 // the error code from reCAPTCHA, if any
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // set the error code so that we can display it
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // end check recaptcha
             } elseif (WPMEM_CAPTCHA == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     /** Validate Really Simple Captcha */
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // clean up the tmp directory
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             }
             // check for user defined password
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = $_REQUEST['redirect_to'];
             /**
              * these native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username. 
              * value can be filtered with wpmem_register_data
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // if the _pre_register_data hook sends back an error message
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // main new user fields are ready
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // get any excluded meta fields
             $excluded_meta = wpmem_get_excluded_meta('register');
             // user_url, first_name, last_name, description, jabber, aim, yim
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // inserts to wp_users table
             $fields['ID'] = wp_insert_user($new_user_fields);
             // set remaining fields to wp_usermeta table
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // capture IP address of user at registration
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // store the registration url
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // set user expiration, if used
             if (WPMEM_USE_EXP == 1 && WPMEM_MOD_REG != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once 'wp-members-email.php';
             // if this was successful, and you have email properly
             // configured, send a notification email to the user
             wpmem_inc_regemail($fields['ID'], $fields['password'], WPMEM_MOD_REG, $wpmem_fields, $fields);
             // notify admin of new reg, if needed;
             if (WPMEM_NOTIFY_ADMIN == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             // doing a check for existing email is not the same as a new reg. check first to
             // see if it's different, then check if it is a valid address and it exists.
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // if form includes email confirmation, validate that they match
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // add the user_ID to the fields array
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             // if the _pre_update_data hook sends back an error message
             // @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // a list of fields that can be updated by wp_update_user
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // if the field can be updated by wp_update_user
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             //wp_update_user( array( 'ID' => $user_ID, $meta[2] => $fields[$meta[2]] ) );
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // if the field is password
                         // if the field is password
                         case 'password':
                             // do nothing...
                             break;
                             // everything else goes into wp_usermeta
                         // everything else goes into wp_usermeta
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // update wp_update_user fields
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
Пример #14
0
/**
 * Create Really Simple CAPTCHA.
 *
 * @since 2.9.5
 *
 * @return array Form elements for Really Simple CAPTCHA.
 */
function wpmem_build_rs_captcha()
{
    if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
        // setup defaults
        $defaults = array('characters' => 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789', 'num_char' => '4', 'dim_w' => '72', 'dim_h' => '30', 'font_color' => '0,0,0', 'bg_color' => '255,255,255', 'font_size' => '12', 'kerning' => '14', 'img_type' => 'png');
        $wpmem_captcha = get_option('wpmembers_captcha');
        $args = isset($wpmem_captcha['really_simple']) && is_array($wpmem_captcha['really_simple']) ? $wpmem_captcha['really_simple'] : array();
        $args = wp_parse_args($args, $defaults);
        $img_size = array($args['dim_w'], $args['dim_h']);
        $fg = explode(",", $args['font_color']);
        $bg = explode(",", $args['bg_color']);
        $wpmem_captcha = new ReallySimpleCaptcha();
        $wpmem_captcha->chars = $args['characters'];
        $wpmem_captcha->char_length = $args['num_char'];
        $wpmem_captcha->img_size = $img_size;
        $wpmem_captcha->fg = $fg;
        $wpmem_captcha->bg = $bg;
        $wpmem_captcha->font_size = $args['font_size'];
        $wpmem_captcha->font_char_width = $args['kerning'];
        $wpmem_captcha->img_type = $args['img_type'];
        $wpmem_captcha_word = $wpmem_captcha->generate_random_word();
        $wpmem_captcha_prefix = mt_rand();
        $wpmem_captcha_image_name = $wpmem_captcha->generate_image($wpmem_captcha_prefix, $wpmem_captcha_word);
        /**
         * Filters the default Really Simple Captcha folder location.
         *
         * @since 3.0
         *
         * @param string The default location of RS Captcha.
         */
        $wpmem_captcha_image_url = apply_filters('wpmem_rs_captcha_folder', get_bloginfo('wpurl') . '/wp-content/plugins/really-simple-captcha/tmp/');
        $img_w = $wpmem_captcha->img_size[0];
        $img_h = $wpmem_captcha->img_size[1];
        $src = $wpmem_captcha_image_url . $wpmem_captcha_image_name;
        $size = $wpmem_captcha->char_length;
        $pre = $wpmem_captcha_prefix;
        return array('label' => '<label class="text" for="captcha">' . __('Input the code:', 'wp-members') . '</label>', 'field' => '<input id="captcha_code" name="captcha_code" size="' . $size . '" type="text" />
					<input id="captcha_prefix" name="captcha_prefix" type="hidden" value="' . $pre . '" />
					<img src="' . $src . '" alt="captcha" width="' . $img_w . '" height="' . $img_h . '" />');
    } else {
        return;
    }
}
Пример #15
0
/**
 * Check form input
 *
 * @param $captcha
 * @param $errors
 *
 * @return mixed
 */
function wpmtst_captcha_check($captcha, $errors)
{
    switch ($captcha) {
        // Captcha by BestWebSoft
        case 'bwsmath':
            if (function_exists('cptch_check_custom_form') && cptch_check_custom_form() !== true) {
                $errors['captcha'] = __('The Captcha failed. Please try again.', 'strong-testimonials');
            }
            break;
            // Really Simple Captcha by Takayuki Miyoshi
        // Really Simple Captcha by Takayuki Miyoshi
        case 'miyoshi':
            if (class_exists('ReallySimpleCaptcha')) {
                $captcha_instance = new ReallySimpleCaptcha();
                $prefix = isset($_POST['captchac']) ? (string) $_POST['captchac'] : '';
                $response = isset($_POST['captchar']) ? (string) $_POST['captchar'] : '';
                $correct = $captcha_instance->check($prefix, $response);
                if (!$correct) {
                    $errors['captcha'] = __('The Captcha failed. Please try again.', 'strong-testimonials');
                }
                // remove the temporary image and text files (except on Windows)
                if ('127.0.0.1' != $_SERVER['SERVER_ADDR']) {
                    $captcha_instance->remove($prefix);
                }
            }
            break;
            // Advanced noCaptcha reCaptcha by Shamim Hasan
        // Advanced noCaptcha reCaptcha by Shamim Hasan
        case 'advnore':
            if (function_exists('anr_verify_captcha') && !anr_verify_captcha()) {
                $errors['captcha'] = __('The Captcha failed. Please try again.', 'strong-testimonials');
            }
            break;
        default:
    }
    return $errors;
}
 private function load_si_captcha()
 {
     if (class_exists('ReallySimpleCaptcha')) {
         $captcha_instance = new ReallySimpleCaptcha();
         $captcha_instance->bg = array(0, 0, 0);
         $word = $captcha_instance->generate_random_word();
         $prefix = mt_rand();
         return $captcha_instance->generate_image($prefix, $word);
     } else {
         return '';
     }
 }
Пример #17
0
function gwolle_gb_frontend_posthandling()
{
    global $wpdb, $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    /*
     * Handle $_POST and check and save entry.
     */
    if (isset($_POST['gwolle_gb_function']) && $_POST['gwolle_gb_function'] == 'add_entry') {
        // Initialize errors
        $gwolle_gb_errors = false;
        $gwolle_gb_error_fields = array();
        // Initialize messages
        $gwolle_gb_messages = '';
        // Option to allow only logged-in users to post. Don't show the form if not logged-in.
        if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="require_login"><strong>' . __('Submitting a new guestbook entry is only allowed for logged-in users.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            return;
        }
        /*
         * Collect data from the Form
         */
        $gwolle_gb_data = array();
        $form_setting = gwolle_gb_get_setting('form');
        /* Name */
        if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_name'])) {
                $gwolle_gb_data['author_name'] = trim($_POST['gwolle_gb_author_name']);
                $gwolle_gb_data['author_name'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_name'], 'author_name');
                if ($gwolle_gb_data['author_name'] == "") {
                    if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'name';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'name';
                    // mandatory
                }
            }
        }
        /* City / Origin */
        if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_origin'])) {
                $gwolle_gb_data['author_origin'] = trim($_POST['gwolle_gb_author_origin']);
                $gwolle_gb_data['author_origin'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_origin'], 'author_origin');
                if ($gwolle_gb_data['author_origin'] == "") {
                    if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_origin';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_origin';
                    // mandatory
                }
            }
        }
        /* Email */
        if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
                if (filter_var($gwolle_gb_data['author_email'], FILTER_VALIDATE_EMAIL)) {
                    // Valid Email address.
                } else {
                    if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_email';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_email';
                    // mandatory
                }
            }
        }
        /* Website / Homepage */
        if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_website'])) {
                $gwolle_gb_data['author_website'] = trim($_POST['gwolle_gb_author_website']);
                $pattern = '/^http/';
                if (!preg_match($pattern, $gwolle_gb_data['author_website'], $matches)) {
                    $gwolle_gb_data['author_website'] = "http://" . $gwolle_gb_data['author_website'];
                }
                if (filter_var($gwolle_gb_data['author_website'], FILTER_VALIDATE_URL)) {
                    // Valid Website URL.
                } else {
                    if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_website';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_website';
                    // mandatory
                }
            }
        }
        /* Message */
        if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_content'])) {
                $gwolle_gb_data['content'] = trim($_POST['gwolle_gb_content']);
                if ($gwolle_gb_data['content'] == "") {
                    if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'content';
                        // mandatory
                    }
                } else {
                    $gwolle_gb_data['content'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['content'], 'content');
                }
            } else {
                if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'content';
                    // mandatory
                }
            }
        }
        /* Custom Anti-Spam */
        if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
            $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
            $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
            if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
                if (isset($_POST["gwolle_gb_antispam_answer"]) && trim($_POST["gwolle_gb_antispam_answer"]) == trim($antispam_answer)) {
                    //echo "You got it!";
                } else {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'antispam';
                    // mandatory
                }
            }
            if (isset($_POST["gwolle_gb_antispam_answer"])) {
                $gwolle_gb_data['antispam'] = trim($_POST['gwolle_gb_antispam_answer']);
            }
        }
        /* CAPTCHA */
        if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
            if (class_exists('ReallySimpleCaptcha')) {
                $gwolle_gb_captcha = new ReallySimpleCaptcha();
                // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                $gwolle_gb_captcha_prefix = $_POST['gwolle_gb_captcha_prefix'];
                // This variable holds the CAPTCHA response, entered by the user
                $gwolle_gb_captcha_code = $_POST['gwolle_gb_captcha_code'];
                // Validate the CAPTCHA response
                $gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code);
                // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
                if (true != $gwolle_gb_captcha_correct) {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'captcha';
                    // mandatory
                    //$gwolle_gb_messages .= '<p style="display_:none"><strong>' . $gwolle_gb_captcha_correct . '</strong></p>';
                } else {
                    // verified!
                    //$gwolle_gb_messages .= '<p class="error_fields"><strong>Verified.</strong></p>';
                }
                // clean up the tmp directory
                $gwolle_gb_captcha->remove($gwolle_gb_captcha_prefix);
                $gwolle_gb_captcha->cleanup();
            }
        }
        /* If there are errors, stop here and return false */
        if (is_array($gwolle_gb_error_fields) && !empty($gwolle_gb_error_fields)) {
            // There was no data filled in, even though that was mandatory.
            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            if (isset($gwolle_gb_error_fields)) {
                foreach ($gwolle_gb_error_fields as $field) {
                    switch ($field) {
                        case 'name':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your name is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_origin':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your origin is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_email':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your e-mail address is not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_website':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your website is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'content':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There is no message, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'antispam':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The anti-spam question was not answered correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'captcha':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The CAPTCHA was not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                    }
                }
            }
            $gwolle_gb_messages .= '<p class="error_fields" style="display: none;">' . print_r($gwolle_gb_error_fields, true) . '</p>';
            return false;
            // no need to check and save
        }
        /* New Instance of gwolle_gb_entry. */
        $entry = new gwolle_gb_entry();
        /* Set the data in the instance */
        $set_data = $entry->set_data($gwolle_gb_data);
        if (!$set_data) {
            // Data is not set in the Instance, something happened
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="set_data"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            return false;
        }
        /* Check for spam and set accordingly */
        $isspam = gwolle_gb_akismet($entry, 'comment-check');
        if ($isspam) {
            // Returned true, so considered spam
            $entry->set_isspam(true);
            // Is it wise to make them any wiser? Probably not...
            // $gwolle_gb_messages .= '<p><strong>' . __('Your guestbook entry is probably spam. A moderator will decide upon it.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
        }
        /* if Moderation is off, set it to "ischecked" */
        $user_id = get_current_user_id();
        // returns 0 if no current user
        if (get_option('gwolle_gb-moderate-entries', 'true') == 'true') {
            if (gwolle_gb_is_moderator($user_id)) {
                $entry->set_ischecked(true);
            } else {
                $entry->set_ischecked(false);
            }
        } else {
            // First set to checked
            $entry->set_ischecked(true);
            // Check for abusive content (too long words). Set it to unchecked, so manual moderation is needed.
            $maxlength = 100;
            $words = explode(" ", $entry->get_content());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
            $maxlength = 60;
            $words = explode(" ", $entry->get_author_name());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
        }
        /* Check for logged in user, and set the userid as author_id, just in case someone is also admin, or gets promoted some day */
        $entry->set_author_id($user_id);
        /*
         * Network Information
         */
        $entry->set_author_ip($_SERVER['REMOTE_ADDR']);
        $entry->set_author_host(gethostbyaddr($_SERVER['REMOTE_ADDR']));
        /*
         * Check for double post using email field and content.
         * Only if content is mandatory.
         */
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $entries = gwolle_gb_get_entries(array('email' => $entry->get_author_email()));
            if (is_array($entries) && !empty($entries)) {
                foreach ($entries as $entry_email) {
                    if ($entry_email->get_content() == $entry->get_content()) {
                        // Match is double entry
                        $gwolle_gb_errors = true;
                        $gwolle_gb_messages .= '<p class="double_post"><strong>' . __('Double post: An entry with the data you entered has already been saved.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                        return false;
                    }
                }
            }
        }
        /*
         * Save the Entry
         */
        // $save = ""; // Testing mode
        $save = $entry->save();
        //if ( WP_DEBUG ) { echo "save: "; var_dump($save); }
        if ($save) {
            // We have been saved to the Database
            $gwolle_gb_messages .= '<p class="entry_saved">' . __('Thank you for your entry.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
            if ($entry->get_ischecked() == 0) {
                $gwolle_gb_messages .= '<p>' . __('We will review it and unlock it in a short while.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
            }
        }
        /*
         * Update Cache plugins
         */
        if ($entry->get_ischecked() == 1) {
            gwolle_gb_clear_cache();
        }
        /*
         * Send the Notification Mail to moderators that have subscribed (only when it is not Spam)
         */
        if (!$isspam) {
            $subscribers = array();
            $recipients = get_option('gwolle_gb-notifyByMail', array());
            if (count($recipients) > 0) {
                $recipients = explode(",", $recipients);
                foreach ($recipients as $recipient) {
                    if (is_numeric($recipient)) {
                        $userdata = get_userdata($recipient);
                        $subscribers[] = $userdata->user_email;
                    }
                }
            }
            @ini_set('sendmail_from', get_bloginfo('admin_mail'));
            // Set the Mail Content
            $mailTags = array('user_email', 'user_name', 'status', 'entry_management_url', 'blog_name', 'blog_url', 'wp_admin_url', 'entry_content', 'author_ip');
            $mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-adminMailContent', false));
            if (!$mail_body) {
                $mail_body = __("\nHello,\n\nThere is a new guestbook entry at '%blog_name%'.\nYou can check it at %entry_management_url%.\n\nHave a nice day.\nYour Gwolle-GB-Mailer\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry status: %status%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
            }
            // Set the Mail Headers
            $subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
            $header = "";
            if (get_option('gwolle_gb-mail-from', false)) {
                $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_option('gwolle_gb-mail-from') . ">\r\n";
            } else {
                $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
            }
            $header .= "Content-Type: text/plain; charset=UTF-8\r\n";
            // Encoding of the mail
            // Replace the tags from the mailtemplate with real data from the website and entry
            $info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
            $info['user_email'] = $entry->get_author_email();
            $info['blog_name'] = get_bloginfo('name');
            $info['blog_url'] = get_bloginfo('wpurl');
            $info['wp_admin_url'] = $info['blog_url'] . '/wp-admin';
            $info['entry_management_url'] = $info['wp_admin_url'] . '/admin.php?page=' . GWOLLE_GB_FOLDER . '/editor.php&entry_id=' . $entry->get_id();
            $info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
            $info['author_ip'] = $_SERVER['REMOTE_ADDR'];
            if ($entry->get_ischecked()) {
                $info['status'] = __('Checked', GWOLLE_GB_TEXTDOMAIN);
            } else {
                $info['status'] = __('Unchecked', GWOLLE_GB_TEXTDOMAIN);
            }
            // The last tags are bloginfo-based
            for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
                $mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
                $mail_body = gwolle_gb_format_values_for_mail($mail_body);
            }
            if (is_array($subscribers) && !empty($subscribers)) {
                foreach ($subscribers as $subscriber) {
                    wp_mail($subscriber, $subject, $mail_body, $header);
                }
            }
        }
        /*
         * Send Notification Mail to the author if set to true in an option
         */
        if (!$isspam) {
            if (get_option('gwolle_gb-mail_author', 'false') == 'true') {
                // Set the Mail Content
                $mailTags = array('user_email', 'user_name', 'blog_name', 'blog_url', 'entry_content');
                $mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-authorMailContent', false));
                if (!$mail_body) {
                    $mail_body = __("\nHello,\n\nYou have just posted a new guestbook entry at '%blog_name%'.\n\nHave a nice day.\nThe editors at %blog_name%.\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
                }
                // Set the Mail Headers
                $subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
                $header = "";
                if (get_option('gwolle_gb-mail-from', false)) {
                    $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . gwolle_gb_sanitize_output(get_option('gwolle_gb-mail-from')) . ">\r\n";
                } else {
                    $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
                }
                $header .= "Content-Type: text/plain; charset=UTF-8\r\n";
                // Encoding of the mail
                // Replace the tags from the mailtemplate with real data from the website and entry
                $info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
                $info['user_email'] = $entry->get_author_email();
                $info['blog_name'] = get_bloginfo('name');
                $info['blog_url'] = get_bloginfo('wpurl');
                $info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
                for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
                    $mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
                    $mail_body = gwolle_gb_format_values_for_mail($mail_body);
                }
                wp_mail($entry->get_author_email(), $subject, $mail_body, $header);
            }
        }
        /*
         * No Log for the Entry needed, it has a default post date in the Entry itself.
         */
    }
}
Пример #18
0
function gwolle_gb_frontend_write()
{
    global $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    $output = '';
    // Set data up for refilling an already submitted form that had errors
    $name = '';
    $origin = '';
    $email = '';
    $website = '';
    $antispam = '';
    $content = '';
    // Auto-fill the form if the user is already logged in
    $user_id = get_current_user_id();
    // returns 0 if no current user
    if ($user_id > 0) {
        $userdata = get_userdata($user_id);
        if (is_object($userdata)) {
            if (isset($userdata->display_name)) {
                $name = $userdata->display_name;
            } else {
                $name = $userdata->user_login;
            }
            $email = $userdata->user_email;
            $website = $userdata->user_url;
        }
    }
    // Only show old data when there are errors
    if ($gwolle_gb_errors) {
        if (is_array($gwolle_gb_data) && !empty($gwolle_gb_data)) {
            if (isset($gwolle_gb_data['author_name'])) {
                $name = stripslashes($gwolle_gb_data['author_name']);
            }
            if (isset($gwolle_gb_data['author_origin'])) {
                $origin = stripslashes($gwolle_gb_data['author_origin']);
            }
            if (isset($gwolle_gb_data['author_email'])) {
                $email = stripslashes($gwolle_gb_data['author_email']);
            }
            if (isset($gwolle_gb_data['author_website'])) {
                $website = stripslashes($gwolle_gb_data['author_website']);
            }
            if (isset($gwolle_gb_data['antispam'])) {
                $antispam = stripslashes($gwolle_gb_data['antispam']);
            }
            if (isset($gwolle_gb_data['content'])) {
                $content = stripslashes($gwolle_gb_data['content']);
            }
        }
    }
    // Initialize errors, if not set
    if (empty($gwolle_gb_error_fields)) {
        $gwolle_gb_error_fields = array();
    }
    /*
     * Handle Messaging to the user
     */
    $class = "";
    if ($gwolle_gb_errors) {
        $class = "error";
    }
    if (isset($gwolle_gb_messages) && $gwolle_gb_messages != '') {
        $output .= "<div id='gwolle_gb_messages' class='{$class}'>";
        $output .= $gwolle_gb_messages;
        $output .= "</div>";
    }
    /*
     * Button 'write a new entry.'
     */
    $output .= '
		<div id="gwolle_gb_write_button">
			<input type="button" value="&raquo; ' . esc_attr__('Write a new entry.', GWOLLE_GB_TEXTDOMAIN) . '" />
		</div>';
    // Option to allow only logged-in users to post. Don't show the form if not logged-in. We still see the messages above.
    if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
        $output .= '
			<div id="gwolle_gb_new_entry">
				<h3>' . __('Log in to post an entry', GWOLLE_GB_TEXTDOMAIN) . '</h3>';
        $args = array('echo' => false, 'redirect' => (is_ssl() ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
        $output .= wp_login_form($args);
        $output .= wp_register('', '', false);
        $output .= '</div>';
        return $output;
    }
    /*
     * Build up Form including possible error_fields
     */
    $form_setting = gwolle_gb_get_setting('form');
    $autofocus = 'autofocus="autofocus"';
    // Form for submitting new entries
    $header = gwolle_gb_sanitize_output(get_option('gwolle_gb-header', false));
    if ($header == false) {
        $header = __('Write a new entry for the Guestbook', GWOLLE_GB_TEXTDOMAIN);
    }
    $output .= '
		<form id="gwolle_gb_new_entry" action="#" method="POST">
			<h3>' . $header . '</h3>
			<input type="hidden" name="gwolle_gb_function" value="add_entry" />';
    /* Name */
    if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_name">
				<div class="label"><label for="gwolle_gb_author_name">' . __('Name', GWOLLE_GB_TEXTDOMAIN) . ':';
        if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('name', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $name . '" type="text" name="gwolle_gb_author_name" id="gwolle_gb_author_name" placeholder="' . __('Name', GWOLLE_GB_TEXTDOMAIN) . '" ';
        if (in_array('name', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* City / Origin */
    if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_origin">
					<div class="label"><label for="gwolle_gb_author_origin">' . __('City', GWOLLE_GB_TEXTDOMAIN) . ':';
        if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
					<div class="input"><input class="';
        if (in_array('author_origin', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $origin . '" type="text" name="gwolle_gb_author_origin" id="gwolle_gb_author_origin" placeholder="' . __('City', GWOLLE_GB_TEXTDOMAIN) . '" ';
        if (in_array('author_origin', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
				</div>
				<div class="clearBoth">&nbsp;</div>';
    }
    /* Email */
    if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_email">
				<div class="label"><label for="gwolle_gb_author_email">' . __('Email', GWOLLE_GB_TEXTDOMAIN) . ':';
        if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('author_email', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $email . '" type="text" name="gwolle_gb_author_email" id="gwolle_gb_author_email" placeholder="' . __('Email', GWOLLE_GB_TEXTDOMAIN) . '" ';
        if (in_array('author_email', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* Website / Homepage */
    if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_author_website">
				<div class="label"><label for="gwolle_gb_author_website">' . __('Website', GWOLLE_GB_TEXTDOMAIN) . ':';
        if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><input class="';
        if (in_array('author_website', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" value="' . $website . '" type="text" name="gwolle_gb_author_website" id="gwolle_gb_author_website" placeholder="' . __('Website', GWOLLE_GB_TEXTDOMAIN) . '" ';
        if (in_array('author_website', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* Content */
    if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
        $output .= '<div class="gwolle_gb_content">
				<div class="label"><label for="gwolle_gb_content">' . __('Guestbook entry', GWOLLE_GB_TEXTDOMAIN) . ':';
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $output .= ' *';
        }
        $output .= '</label></div>
				<div class="input"><textarea name="gwolle_gb_content" id="gwolle_gb_content" class="';
        if (in_array('content', $gwolle_gb_error_fields)) {
            $output .= ' error';
        }
        $output .= '" placeholder="' . __('Message', GWOLLE_GB_TEXTDOMAIN) . '" ';
        if (in_array('content', $gwolle_gb_error_fields) && isset($autofocus)) {
            $output .= $autofocus;
            $autofocus = false;
            // disable it for the next error.
        }
        $output .= ' >' . $content . '</textarea>';
        if (isset($form_setting['form_bbcode_enabled']) && $form_setting['form_bbcode_enabled'] === 'true') {
            // BBcode and MarkItUp
            wp_enqueue_script('markitup', plugins_url('markitup/jquery.markitup.js', __FILE__), 'jquery', GWOLLE_GB_VER, false);
            wp_enqueue_script('markitup_set', plugins_url('markitup/set.js', __FILE__), 'jquery', GWOLLE_GB_VER, false);
            wp_enqueue_style('gwolle_gb_markitup_css', plugins_url('markitup/style.css', __FILE__), false, GWOLLE_GB_VER, 'screen');
            // Emoji symbols
            $output .= '<div class="gwolle_gb_emoji" style="display:none;">';
            $output .= gwolle_gb_get_emoji();
            $output .= '</div>';
        }
        $output .= '</div>';
        // .input
        $output .= '
				</div>
			<div class="clearBoth">&nbsp;</div>';
    }
    /* Custom Anti-Spam */
    if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
        $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
        $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
        if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
            $output .= '
				<div class="gwolle_gb_antispam">
					<div class="label">
						<label for="gwolle_gb_antispam_answer">' . __('Anti-spam', GWOLLE_GB_TEXTDOMAIN) . ': *<br />
						' . __('Question:', GWOLLE_GB_TEXTDOMAIN) . " " . $antispam_question . '</label>
					</div>
					<div class="input"><input class="';
            if (in_array('antispam', $gwolle_gb_error_fields)) {
                $output .= ' error';
            }
            $output .= '" value="' . $antispam . '" type="text" name="gwolle_gb_antispam_answer" id="gwolle_gb_antispam_answer" placeholder="' . __('Answer', GWOLLE_GB_TEXTDOMAIN) . '" ';
            if (in_array('antispam', $gwolle_gb_error_fields) && isset($autofocus)) {
                $output .= $autofocus;
                $autofocus = false;
                // disable it for the next error.
            }
            $output .= ' />
						</div>
					</div>
					<div class="clearBoth">&nbsp;</div>';
        }
    }
    /* CAPTCHA */
    if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
        if (class_exists('ReallySimpleCaptcha')) {
            // Instantiate the ReallySimpleCaptcha class, which will handle all of the heavy lifting
            $gwolle_gb_captcha = new ReallySimpleCaptcha();
            // Set Really Simple CAPTCHA Options
            $gwolle_gb_captcha->chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
            $gwolle_gb_captcha->char_length = '4';
            $gwolle_gb_captcha->img_size = array('72', '24');
            $gwolle_gb_captcha->fg = array('0', '0', '0');
            $gwolle_gb_captcha->bg = array('255', '255', '255');
            $gwolle_gb_captcha->font_size = '16';
            $gwolle_gb_captcha->font_char_width = '15';
            $gwolle_gb_captcha->img_type = 'png';
            $gwolle_gb_captcha->base = array('6', '18');
            // Generate random word and image prefix
            $gwolle_gb_captcha_word = $gwolle_gb_captcha->generate_random_word();
            $gwolle_gb_captcha_prefix = mt_rand();
            // Generate CAPTCHA image
            $gwolle_gb_captcha_image_name = $gwolle_gb_captcha->generate_image($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_word);
            // Define values for CAPTCHA fields
            $gwolle_gb_captcha_image_url = get_bloginfo('wpurl') . '/wp-content/plugins/really-simple-captcha/tmp/';
            $gwolle_gb_captcha_image_src = $gwolle_gb_captcha_image_url . $gwolle_gb_captcha_image_name;
            $gwolle_gb_captcha_image_width = $gwolle_gb_captcha->img_size[0];
            $gwolle_gb_captcha_image_height = $gwolle_gb_captcha->img_size[1];
            $gwolle_gb_captcha_field_size = $gwolle_gb_captcha->char_length;
            // AJAX url
            $gwolle_gb_captcha_ajax_url = GWOLLE_GB_URL . '/frontend/captcha/ajaxresponse.php';
            // ABSPATH
            $gwolle_gb_abspath = urlencode(ABSPATH);
            // Output the CAPTCHA fields
            ?>
			<script>
			function gwolle_gb_captcha_check( code, prefix, url, abspath ) {
				// Setup variables
				var code_string = '?code=' + code;
				var prefix_string = '&prefix=' + prefix;
				var abspath_string = '&abspath=' + abspath;
				var request_url_base = url;
				var request_url = request_url_base + code_string + prefix_string + abspath_string;

				// Instantiate request
				var xmlhttp = new XMLHttpRequest();

				// Parse resonse
				xmlhttp.onreadystatechange = function() {
					if ( 4 == xmlhttp.readyState && 200 == xmlhttp.status ) {
						var ajax_response = xmlhttp.responseText;

						// Update form verification feedback
						if ( 'true' == ajax_response ) {
							document.getElementById( 'gwolle_gb_captcha_verify' ).innerHTML = '<span style="color:green"><?php 
            _e('Correct CAPTCHA value.', GWOLLE_GB_TEXTDOMAIN);
            ?>
</span>';
							jQuery( '#gwolle_gb_captcha_code' ).removeClass('error');
						} else if ( 'false' == ajax_response ) {
							document.getElementById( 'gwolle_gb_captcha_verify' ).innerHTML = '<span style="color:red"><?php 
            _e('Incorrect CAPTCHA value.', GWOLLE_GB_TEXTDOMAIN);
            ?>
</span>';
							jQuery( '#gwolle_gb_captcha_code' ).addClass('error');
						}
					}
				}
				// Send request
				xmlhttp.open( 'GET', request_url, true );
				xmlhttp.send();
			}
			</script>

			<?php 
            $output .= '
				<div class="gwolle_gb_captcha">
					<div class="label">
						<label for="gwolle_gb_captcha_code">' . __('Anti-spam', GWOLLE_GB_TEXTDOMAIN) . ': *<br />
						<img src="' . $gwolle_gb_captcha_image_src . '" alt="captcha" width="' . $gwolle_gb_captcha_image_width . '" height="' . $gwolle_gb_captcha_image_height . '" />
						</label>
					</div>
					<div class="input">
					<input class="';
            if (in_array('captcha', $gwolle_gb_error_fields)) {
                $output .= 'error';
            }
            $output .= '" value="" type="text" name="gwolle_gb_captcha_code" id="gwolle_gb_captcha_code" placeholder="' . __('CAPTCHA', GWOLLE_GB_TEXTDOMAIN) . '" onblur="gwolle_gb_captcha_check( this.value, \'' . $gwolle_gb_captcha_prefix . '\', \'' . $gwolle_gb_captcha_ajax_url . '\', \'' . $gwolle_gb_abspath . '\' )" ';
            if (in_array('captcha', $gwolle_gb_error_fields) && isset($autofocus)) {
                $output .= $autofocus;
                $autofocus = false;
                // disable it for the next error.
            }
            $output .= ' />
							<input type="hidden" name="gwolle_gb_captcha_prefix" id="gwolle_gb_captcha_prefix" value="' . $gwolle_gb_captcha_prefix . '" />
							<span id="gwolle_gb_captcha_verify"></span>
						</div>
					</div>
					<div class="clearBoth">&nbsp;</div>';
        }
    }
    $output .= '
			<div class="gwolle_gb_submit">
				<div class="label">&nbsp;</div>
				<div class="input"><input type="submit" name="gwolle_gb_submit" value="' . esc_attr__('Submit', GWOLLE_GB_TEXTDOMAIN) . '" /></div>
			</div>
			<div class="clearBoth">&nbsp;</div>

			<div class="gwolle_gb_notice">
				';
    $notice = gwolle_gb_sanitize_output(get_option('gwolle_gb-notice', false));
    if ($notice == false) {
        // No text set by the user. Use the default text.
        $notice = __('
Fields marked with * are obligatory.
Your E-mail address wil not be published.
For security reasons we save the ip address %ip%.
It might be that your entry will only be visible in the guestbook after we reviewed it.
We reserve our right to edit, delete, or not publish entries.
', GWOLLE_GB_TEXTDOMAIN);
    }
    $notice = nl2br($notice);
    $output .= str_replace('%ip%', $_SERVER['REMOTE_ADDR'], $notice);
    $output .= '
			</div>
		</form>';
    if (get_option('gwolle_gb-labels_float', 'true') === 'true') {
        $output .= '
		<style type="text/css" scoped>
			#gwolle_gb .label,
			#gwolle_gb .input {
				float: left;
			}
		</style>
		';
    }
    // Add filter for the form, so devs can manipulate it.
    $output = apply_filters('gwolle_gb_write', $output);
    return $output;
}
Пример #19
0
    /**
     * Prints really simple captcha
     *
     * @param array $attr
     * @param int|null $post_id
     */
    function really_simple_captcha($attr, $post_id, $form_id)
    {
        if ($post_id) {
            return;
        }
        if (!class_exists('ReallySimpleCaptcha')) {
            ?>
            <div class="wpuf-fields <?php 
            echo ' wpuf_' . $attr['name'] . '_' . $form_id;
            ?>
">
            <?php 
            _e('Error: Really Simple Captcha plugin not found!', 'wpuf');
            ?>
            </div>
            <?php 
            return;
        }
        $captcha_instance = new ReallySimpleCaptcha();
        $word = $captcha_instance->generate_random_word();
        $prefix = mt_rand();
        $image_num = $captcha_instance->generate_image($prefix, $word);
        ?>
        <div class="wpuf-fields <?php 
        echo ' wpuf_' . $attr['name'] . '_' . $form_id;
        ?>
">
            <img src="<?php 
        echo plugins_url('really-simple-captcha/tmp/' . $image_num);
        ?>
" alt="Captcha" />
            <input type="text" name="rs_captcha" value="" />
            <input type="hidden" name="rs_captcha_val" value="<?php 
        echo $prefix;
        ?>
" />
        </div>
        <?php 
    }
Пример #20
0
function gwolle_gb_frontend_posthandling()
{
    global $wpdb, $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    /*
     * Handle $_POST and check and save entry.
     */
    if (isset($_POST['gwolle_gb_function']) && $_POST['gwolle_gb_function'] == 'add_entry') {
        // Initialize errors
        $gwolle_gb_errors = false;
        $gwolle_gb_error_fields = array();
        // Initialize messages
        $gwolle_gb_messages = '';
        // Option to allow only logged-in users to post. Don't show the form if not logged-in.
        if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="require_login"><strong>' . __('Submitting a new guestbook entry is only allowed for logged-in users.', 'gwolle-gb') . '</strong></p>';
            return;
        }
        /*
         * Collect data from the Form
         */
        $gwolle_gb_data = array();
        $form_setting = gwolle_gb_get_setting('form');
        /* Name */
        if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_name'])) {
                $gwolle_gb_data['author_name'] = trim($_POST['gwolle_gb_author_name']);
                $gwolle_gb_data['author_name'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_name'], 'author_name');
                if ($gwolle_gb_data['author_name'] == "") {
                    if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'name';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'name';
                    // mandatory
                }
            }
        }
        /* City / Origin */
        if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_origin'])) {
                $gwolle_gb_data['author_origin'] = trim($_POST['gwolle_gb_author_origin']);
                $gwolle_gb_data['author_origin'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_origin'], 'author_origin');
                if ($gwolle_gb_data['author_origin'] == "") {
                    if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_origin';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_origin';
                    // mandatory
                }
            }
        }
        /* Email */
        if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
                if (filter_var($gwolle_gb_data['author_email'], FILTER_VALIDATE_EMAIL)) {
                    // Valid Email address.
                } else {
                    if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_email';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_email';
                    // mandatory
                }
            }
        } else {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
            }
        }
        /* Website / Homepage */
        if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_website'])) {
                $gwolle_gb_data['author_website'] = trim($_POST['gwolle_gb_author_website']);
                $pattern = '/^http/';
                if (!preg_match($pattern, $gwolle_gb_data['author_website'], $matches)) {
                    $gwolle_gb_data['author_website'] = "http://" . $gwolle_gb_data['author_website'];
                }
                if (filter_var($gwolle_gb_data['author_website'], FILTER_VALIDATE_URL)) {
                    // Valid Website URL.
                } else {
                    if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_website';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_website';
                    // mandatory
                }
            }
        }
        /* Message */
        if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_content'])) {
                $gwolle_gb_data['content'] = trim($_POST['gwolle_gb_content']);
                if ($gwolle_gb_data['content'] == "") {
                    if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'content';
                        // mandatory
                    }
                } else {
                    $gwolle_gb_data['content'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['content'], 'content');
                }
            } else {
                if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'content';
                    // mandatory
                }
            }
        }
        /* Custom Anti-Spam */
        if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
            $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
            $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
            if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
                if (isset($_POST["gwolle_gb_antispam_answer"]) && trim($_POST["gwolle_gb_antispam_answer"]) == trim($antispam_answer)) {
                    //echo "You got it!";
                } else {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'antispam';
                    // mandatory
                }
            }
            if (isset($_POST["gwolle_gb_antispam_answer"])) {
                $gwolle_gb_data['antispam'] = trim($_POST['gwolle_gb_antispam_answer']);
            }
        }
        /* CAPTCHA */
        if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
            if (class_exists('ReallySimpleCaptcha')) {
                $gwolle_gb_captcha = new ReallySimpleCaptcha();
                // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                $gwolle_gb_captcha_prefix = $_POST['gwolle_gb_captcha_prefix'];
                // This variable holds the CAPTCHA response, entered by the user
                $gwolle_gb_captcha_code = $_POST['gwolle_gb_captcha_code'];
                // Validate the CAPTCHA response
                $gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code);
                // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
                if (true != $gwolle_gb_captcha_correct) {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'captcha';
                    // mandatory
                    //$gwolle_gb_messages .= '<p style="display_:none"><strong>' . $gwolle_gb_captcha_correct . '</strong></p>';
                } else {
                    // verified!
                    //$gwolle_gb_messages .= '<p class="error_fields"><strong>Verified.</strong></p>';
                }
                // clean up the tmp directory
                $gwolle_gb_captcha->remove($gwolle_gb_captcha_prefix);
                $gwolle_gb_captcha->cleanup();
            }
        }
        /* If there are errors, stop here and return false */
        if (is_array($gwolle_gb_error_fields) && !empty($gwolle_gb_error_fields)) {
            // There was no data filled in, even though that was mandatory.
            // $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There were errors submitting your guestbook entry.', 'gwolle-gb') . '</strong></p>';
            if (isset($gwolle_gb_error_fields)) {
                foreach ($gwolle_gb_error_fields as $field) {
                    switch ($field) {
                        case 'name':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>Des mots aussi beaux, ça mérite une signature non ?</strong></p>';
                            break;
                        case 'author_origin':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your origin is not filled in, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'author_email':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your e-mail address is not filled in correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'author_website':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your website is not filled in, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'content':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>Tu as oublié les mots doux ' . $gwolle_gb_data['author_name'] . ' :) !</strong></p>';
                            break;
                        case 'antispam':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The anti-spam question was not answered correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'captcha':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The CAPTCHA was not filled in correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                    }
                }
            }
            $gwolle_gb_messages .= '<p class="error_fields" style="display: none;">' . print_r($gwolle_gb_error_fields, true) . '</p>';
            return false;
            // no need to check and save
        }
        /* New Instance of gwolle_gb_entry. */
        $entry = new gwolle_gb_entry();
        /* Set the data in the instance */
        $set_data = $entry->set_data($gwolle_gb_data);
        if (!$set_data) {
            // Data is not set in the Instance, something happened
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="set_data"><strong>' . __('There were errors submitting your guestbook entry.', 'gwolle-gb') . '</strong></p>';
            return false;
        }
        /* Check for spam and set accordingly */
        $isspam = gwolle_gb_akismet($entry, 'comment-check');
        if ($isspam) {
            // Returned true, so considered spam
            $entry->set_isspam(true);
            // Is it wise to make them any wiser? Probably not...
            // $gwolle_gb_messages .= '<p><strong>' . __('Your guestbook entry is probably spam. A moderator will decide upon it.', 'gwolle-gb') . '</strong></p>';
        }
        /* if Moderation is off, set it to "ischecked" */
        $user_id = get_current_user_id();
        // returns 0 if no current user
        if (get_option('gwolle_gb-moderate-entries', 'true') == 'true') {
            if (gwolle_gb_is_moderator($user_id)) {
                $entry->set_ischecked(true);
            } else {
                $entry->set_ischecked(false);
            }
        } else {
            // First set to checked
            $entry->set_ischecked(true);
            // Check for abusive content (too long words). Set it to unchecked, so manual moderation is needed.
            $maxlength = 100;
            $words = explode(" ", $entry->get_content());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
            $maxlength = 60;
            $words = explode(" ", $entry->get_author_name());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
        }
        $entry->set_ischecked(false);
        /* Check for logged in user, and set the userid as author_id, just in case someone is also admin, or gets promoted some day */
        $entry->set_author_id($user_id);
        /*
         * Network Information
         */
        $entry->set_author_ip($_SERVER['REMOTE_ADDR']);
        $entry->set_author_host(gethostbyaddr($_SERVER['REMOTE_ADDR']));
        /*
         * Book ID
         */
        if (isset($_POST['gwolle_gb_book_id'])) {
            $gwolle_gb_data['book_id'] = (int) $_POST['gwolle_gb_book_id'];
        }
        if ($gwolle_gb_data['book_id'] < 1) {
            $gwolle_gb_data['book_id'] = 1;
        }
        $entry->set_book_id($gwolle_gb_data['book_id']);
        /*
         * Check for double post using email field and content.
         * Only if content is mandatory.
         */
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $entries = gwolle_gb_get_entries(array('email' => $entry->get_author_email()));
            if (is_array($entries) && !empty($entries)) {
                foreach ($entries as $entry_email) {
                    if ($entry_email->get_content() == $entry->get_content()) {
                        // Match is double entry
                        $gwolle_gb_errors = true;
                        $gwolle_gb_messages .= '<p class="double_post"><strong>' . __('Double post: An entry with the data you entered has already been saved.', 'gwolle-gb') . '</strong></p>';
                        return false;
                    }
                }
            }
        }
        /*
         * Save the Entry
         */
        // $save = ""; // Testing mode
        $save = $entry->save();
        //if ( WP_DEBUG ) { echo "save: "; var_dump($save); }
        if ($save) {
            // We have been saved to the Database
            $gwolle_gb_messages .= '<p class="entry_saved">Merci pour ton message ' . $gwolle_gb_data['author_name'] . ' !</p>';
            if ($entry->get_ischecked() == 0) {
                $gwolle_gb_messages .= '<p>Il apparaîtra bientôt sur le site !</p>';
            }
        }
        /*
         * Update Cache plugins
         */
        if ($entry->get_ischecked() == 1) {
            gwolle_gb_clear_cache();
        }
        /*
         * Send the Notification Mail to moderators that have subscribed (only when it is not Spam)
         */
        gwolle_gb_mail_moderators($entry);
        /*
         * Send Notification Mail to the author if set to true in an option
         */
        gwolle_gb_mail_author($entry);
        /*
         * No Log for the Entry needed, it has a default post date in the Entry itself.
         */
    }
}
function cbnet_check_comment_captcha($comment_data)
{
    if (!is_user_logged_in() && $comment_data['comment_type'] == '' && class_exists('ReallySimpleCaptcha')) {
        $cbnet_comment_captcha = new ReallySimpleCaptcha();
        // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
        $cbnet_comment_captcha_prefix = $_POST['comment_captcha_prefix'];
        // This variable holds the CAPTCHA response, entered by the user
        $cbnet_comment_captcha_code = $_POST['comment_captcha_code'];
        // This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
        $cbnet_comment_captcha_correct = false;
        // Validate the CAPTCHA response
        $cbnet_comment_captcha_check = $cbnet_comment_captcha->check($cbnet_comment_captcha_prefix, $cbnet_comment_captcha_code);
        // Set to 'true' if validation passes, and 'false' if validation fails
        $cbnet_comment_captcha_correct = $cbnet_comment_captcha_check;
        // clean up the tmp directory
        $cbnet_comment_captcha->remove($cbnet_comment_captcha_prefix);
        $cbnet_comment_captcha->cleanup();
        // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) don't process the comment.
        if (!$cbnet_comment_captcha_correct) {
            wp_die('You have entered an incorrect CAPTCHA value. Click the BACK button on your browser, and try again.');
            break;
        }
        // if CAPTCHA validation passes (correct value entered in CAPTCHA field), process the comment as per normal
        return $comment_data;
    } else {
        return $comment_data;
    }
}
Пример #22
0
 /**
  * Register function.
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // Get the globals.
     global $user_ID, $wpmem, $wpmem_themsg, $userdata;
     // Check the nonce.
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // Is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // Add the user email to the $fields array for _data hooks.
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // Build the $fields array from $_POST data.
     $wpmem_fields = $wpmem->fields;
     // get_option( 'wpmembers_fields' );
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // We do have password as part of the registration form.
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // Check for required fields, reverse the array for logical error message order.
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // Multisite has different requirements.
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 // Validate username and email fields.
                 $wpmem_themsg = email_exists($fields['user_email']) ? "email" : $wpmem_themsg;
                 $wpmem_themsg = username_exists($fields['username']) ? "user" : $wpmem_themsg;
                 $wpmem_themsg = !is_email($fields['user_email']) ? __('You must enter a valid email address.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !validate_username($fields['username']) ? __('The username cannot include non-alphanumeric characters.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !$fields['username'] ? __('Sorry, username is a required field', 'wp-members') : $wpmem_themsg;
                 // If there is an error from username, email, or required field validation, stop registration and return the error.
                 if ($wpmem_themsg) {
                     return $wpmem_themsg;
                     exit;
                 }
             }
             // If form contains password and email confirmation, validate that they match.
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Get the captcha settings (api keys).
             $wpmem_captcha = get_option('wpmembers_captcha');
             // If captcha is on, check the captcha.
             if ($wpmem->captcha == 1 && $wpmem_captcha['recaptcha']) {
                 // If there is no api key, the captcha never displayed to the end user.
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // Check to see if the recaptcha library has already been loaded by another plugin.
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once WPMEM_PATH . 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // The response from reCAPTCHA.
                 $resp = null;
                 // The error code from reCAPTCHA, if any.
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // Set the error code so that we can display it.
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // End check recaptcha.
             } elseif ($wpmem->captcha == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     // Validate Really Simple Captcha.
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer.
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user.
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity.
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // Clean up the tmp directory.
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error.
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             } elseif ($wpmem->captcha == 3 && $wpmem_captcha['recaptcha']) {
                 // Get the captcha response.
                 if (isset($_POST['g-recaptcha-response'])) {
                     $captcha = $_POST['g-recaptcha-response'];
                 }
                 // If there is no captcha value, return error.
                 if (!$captcha) {
                     $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                     return "empty";
                     exit;
                 }
                 // We need the private key for validation.
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // Validate the captcha.
                 $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $privatekey . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
                 // Decode the json response.
                 $response = json_decode($response, true);
                 // If captcha validation was unsuccessful.
                 if ($response['success'] == false) {
                     $wpmem_themsg = __('CAPTCHA was not valid.', 'wp-members');
                     return "empty";
                     exit;
                 }
             }
             // Check for user defined password.
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // Add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = isset($_REQUEST['wpmem_reg_page']) ? $_REQUEST['wpmem_reg_page'] : $_REQUEST['redirect_to'];
             /*
              * These native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username.
              * Value can be filtered with wpmem_register_data.
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'new');
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // If the _pre_register_data hook sends back an error message.
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // Main new user fields are ready.
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // Get any excluded meta fields.
             $excluded_meta = wpmem_get_excluded_meta('register');
             // Fields for wp_insert_user: user_url, first_name, last_name, description, jabber, aim, yim.
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // Inserts to wp_users table.
             $fields['ID'] = wp_insert_user($new_user_fields);
             // Set remaining fields to wp_usermeta table.
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // Capture IP address of user at registration.
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // Store the registration url.
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // Set user expiration, if used.
             if ($wpmem->use_exp == 1 && $wpmem->mod_reg != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once WPMEM_PATH . 'inc/email.php';
             /*
              * If this was successful, and you have email properly
              * configured, send a notification email to the user.
              */
             wpmem_inc_regemail($fields['ID'], $fields['password'], $wpmem->mod_reg, $wpmem_fields, $fields);
             // Notify admin of new reg, if needed.
             if ($wpmem->notify == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             /*
              * Doing a check for existing email is not the same as a new reg. check first to 
              * see if it's different, then check if it is a valid address and it exists.
              */
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // If form includes email confirmation, validate that they match.
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Add the user_ID to the fields array.
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'edit');
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             /*
              * If the _pre_update_data hook sends back an error message.
              * @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
              */
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // A list of fields that can be updated by wp_update_user.
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // If the field can be updated by wp_update_user.
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // If the field is password.
                         // If the field is password.
                         case 'password':
                             // Do nothing.
                             break;
                             // Everything else goes into wp_usermeta.
                         // Everything else goes into wp_usermeta.
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // Update wp_update_user fields.
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
function cbnet_check_comment_captcha($approved, $comment_data)
{
    if (!is_user_logged_in() && $comment_data['comment_type'] == '' && class_exists('ReallySimpleCaptcha')) {
        $cbnet_rscc_captcha = new ReallySimpleCaptcha();
        // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
        $cbnet_rscc_captcha_prefix = $_POST['comment_captcha_prefix'];
        // This variable holds the CAPTCHA response, entered by the user
        $cbnet_rscc_captcha_code = $_POST['comment_captcha_code'];
        // Validate the CAPTCHA response
        $cbnet_rscc_captcha_correct = $cbnet_rscc_captcha->check($cbnet_rscc_captcha_prefix, $cbnet_rscc_captcha_code);
        // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
        if (true != $cbnet_rscc_captcha_correct) {
            $approved = 'spam';
        }
        // clean up the tmp directory
        $cbnet_rscc_captcha->remove($cbnet_rscc_captcha_prefix);
        $cbnet_rscc_captcha->cleanup();
    }
    // Return $approved
    return $approved;
}
function wpcf7_init_captcha()
{
    static $captcha = null;
    if ($captcha) {
        return $captcha;
    }
    if (class_exists('ReallySimpleCaptcha')) {
        $captcha = new ReallySimpleCaptcha();
    } else {
        return false;
    }
    $dir = trailingslashit(wpcf7_captcha_tmp_dir());
    $captcha->tmp_dir = $dir;
    if (is_callable(array($captcha, 'make_tmp_dir'))) {
        $result = $captcha->make_tmp_dir();
        if (!$result) {
            return false;
        }
        return $captcha;
    }
    if (wp_mkdir_p($dir)) {
        $htaccess_file = $dir . '.htaccess';
        if (file_exists($htaccess_file)) {
            return $captcha;
        }
        if ($handle = @fopen($htaccess_file, 'w')) {
            fwrite($handle, 'Order deny,allow' . "\n");
            fwrite($handle, 'Deny from all' . "\n");
            fwrite($handle, '<Files ~ "^[0-9A-Za-z]+\\.(jpeg|gif|png)$">' . "\n");
            fwrite($handle, '    Allow from all' . "\n");
            fwrite($handle, '</Files>' . "\n");
            fclose($handle);
        }
    } else {
        return false;
    }
    return $captcha;
}
Пример #25
0
 function et_register_action()
 {
     global $wpdb, $user_ID;
     $captcha_instance = new ReallySimpleCaptcha();
     if (!$captcha_instance->check($_REQUEST['captcha-prefix'], $_REQUEST['captcha-word'])) {
         $return['status'] = 'error';
         $return['msg'] = __('The security code you entered did not match. Please try again.', ETHEME_DOMAIN);
         echo json_encode($return);
         die;
     }
     if (!empty($_GET['et_register'])) {
         //We shall SQL escape all inputs
         $username = esc_sql($_REQUEST['username']);
         if (empty($username)) {
             $return['status'] = 'error';
             $return['msg'] = __("User name should not be empty.", ETHEME_DOMAIN);
             echo json_encode($return);
             die;
         }
         $email = esc_sql($_REQUEST['email']);
         if (!preg_match("/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})\$/", $email)) {
             $return['status'] = 'error';
             $return['msg'] = __("Please enter a valid email.", ETHEME_DOMAIN);
             echo json_encode($return);
             die;
         }
         $pass = esc_sql($_REQUEST['et_pass']);
         $pass2 = esc_sql($_REQUEST['et_pass2']);
         if (empty($pass) || strlen($pass) < 5) {
             $return['status'] = 'error';
             $return['msg'] = __("Password should have more than 5 symbols", ETHEME_DOMAIN);
             echo json_encode($return);
             die;
         }
         if ($pass != $pass2) {
             $return['status'] = 'error';
             $return['msg'] = __("The passwords do not match", ETHEME_DOMAIN);
             echo json_encode($return);
             die;
         }
         $status = wp_create_user($username, $pass, $email);
         if (is_wp_error($status)) {
             $return['status'] = 'error';
             $return['msg'] = __("Username already exists. Please try another one.", ETHEME_DOMAIN);
             echo json_encode($return);
         } else {
             $from = get_bloginfo('name');
             $from_email = get_bloginfo('admin_email');
             $headers = 'From: ' . $from . " <" . $from_email . ">\r\n";
             $headers .= "MIME-Version: 1.0\r\n";
             $headers .= "Content-type: text/html; charset=utf-8" . PHP_EOL;
             $headers .= "Content-Transfer-Encoding: quoted-printable" . PHP_EOL;
             $subject = __("Registration successful", ETHEME_DOMAIN);
             $subject2admin = __("New user registration", ETHEME_DOMAIN);
             $message = et_registration_email($username);
             $message2admin = et_registration_admin_email($username);
             wp_mail($email, $subject, $message, $headers);
             wp_mail(get_option('admin_email'), $subject2admin, $message2admin, $headers);
             $return['status'] = 'success';
             $return['msg'] = __("Please check your email for login details.", ETHEME_DOMAIN);
             echo json_encode($return);
         }
         die;
     }
 }
Пример #26
0
?>
asktext<?php 
echo $number;
?>
"><?php 
echo stripslashes($_REQUEST[$number]['question']);
?>
</textarea>
            </label>
        </p>
        
        <?php 
if ($this->use_captcha()) {
    ?>
        	<?php 
    $captcha = new ReallySimpleCaptcha();
    ?>
            <?php 
    $captcha_word = $captcha->generate_random_word();
    ?>
        	<?php 
    $captcha_prefix = mt_rand();
    ?>
        	<p class="<?php 
    echo $this->pre;
    ?>
captcha">
            	<input type="hidden" name="<?php 
    echo $number;
    ?>
[captcha_prefix]" value="<?php 
Пример #27
0
 function ask()
 {
     global $wpfaqDb, $wpfaqGroup, $wpfaqQuestion, $user_ID;
     $number = $_REQUEST['uninumber'];
     $errors = false;
     $message = false;
     if (empty($_REQUEST)) {
         $errors[] = __('No data was posted', $this->plugin_name);
     }
     if (empty($number)) {
         $errors[] = __('No identification number was passed, please try again', $this->plugin_name);
     } else {
         if ($this->get_option('requireemail') == "Y") {
             if (empty($_REQUEST[$number]['email'])) {
                 $errors[] = __('Please fill in your email address', $this->plugin_name);
             } elseif (!$this->check_email($_REQUEST[$number]['email'])) {
                 $errors[] = __('Please fill in a valid email address', $this->plugin_name);
             }
         }
         if (empty($_REQUEST[$number]['question'])) {
             $errors[] = __('Please fill in a question', $this->plugin_name);
         }
         if (empty($_REQUEST[$number]['group_id'])) {
             $errors[] = __('No FAQ group was specified', $this->plugin_name);
         } else {
             $wpfaqDb->model = $wpfaqGroup->model;
             if (!($group = $wpfaqDb->find(array('id' => $_REQUEST[$number]['group_id'])))) {
                 $errors[] = __('FAQ group cannot be read', $this->plugin_name);
             }
         }
         if ($this->use_captcha()) {
             $captcha = new ReallySimpleCaptcha();
             if (empty($_REQUEST[$number]['captcha_code'])) {
                 $errors[] = __('Please fill in the code in the image.', $this->plugin_name);
             } elseif (!$captcha->check($_REQUEST[$number]['captcha_prefix'], $_REQUEST[$number]['captcha_code'])) {
                 $errors[] = __('Your code does not match the code in the image.', $this->plugin_name);
             }
         }
     }
     if (!$user_ID && $this->get_option('askregistered') == "Y") {
         $errors[] = __('Please login before submitting questions', $this->plugin_name);
     }
     if (empty($errors)) {
         $_REQUEST['content'] = __('Please fill in an answer', $this->plugin_name);
         $data = array('wpfaqQuestion' => array('question' => $_REQUEST[$number]['question'], 'answer' => __('Please fill in an answer', $this->plugin_name), 'approved' => "N", 'email' => $_REQUEST[$number]['email'], 'group_id' => $_REQUEST[$number]['group_id'], 'order' => "0"));
         $wpfaqDb->model = $wpfaqQuestion->model;
         if ($wpfaqDb->save($data, true)) {
             $question = $wpfaqDb->find(array('id' => $wpfaqQuestion->data->id));
             if ($this->get_option('adminnotify') == "Y") {
                 $to = $this->get_option('adminemail');
                 $subject = __('New FAQ Question', $this->plugin_name);
                 $email = $this->render('question', array('question' => $question), 'email', false);
                 $headers = 'Content-Type: text/html; charset="UTF-8"' . "\r\n";
                 $this->execute_mail($to, $subject, $email, $headers);
             }
             if (!empty($_REQUEST[$number]['email'])) {
                 $to = $_REQUEST[$number]['email'];
                 $subject = __('Question Asked', $this->plugin_name);
                 $email = $this->render('ask', array('question' => $question), 'email', false);
                 $headers = 'Content-Type: text/html; charset="UTF-8"' . "\r\n";
                 $this->execute_mail($to, $subject, $email, $headers);
             }
             $_REQUEST[$number] = false;
             $message = __('Your question has been submitted for answering', $this->plugin_name);
         } else {
             $errors[] = __('Your question cannot be saved. Please try again', $this->plugin_name);
         }
     }
     $this->render('askbox', array('number' => $number, 'group' => $group, 'errors' => $errors, 'message' => $message), 'default', true);
     return true;
 }
Пример #28
0
<?php

/*
 * Handles AJAX request from Gwolle-GB Captcha AJAX check.
 * Expects that the plugin ReallySimple Captcha is enabled.
 *
 * Uses GET variables for input data.
 *
 * Returns true or false, if the CAPTCHA is filled in correctly.
 */
// This variable holds the ABSPATH
$gwolle_gb_abspath = isset($_GET['abspath']) ? urldecode($_GET['abspath']) : false;
require $gwolle_gb_abspath . 'wp-load.php';
// Instantiate class
$gwolle_gb_captcha = new ReallySimpleCaptcha();
// This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
$gwolle_gb_captcha_prefix = isset($_GET['prefix']) ? $_GET['prefix'] : false;
// This variable holds the CAPTCHA response, entered by the user
$gwolle_gb_captcha_code = isset($_GET['code']) ? $_GET['code'] : false;
// This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
$gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code) ? 'true' : 'false';
// Return response
echo $gwolle_gb_captcha_correct;
Пример #29
0
                    <!-- END .opField -->
                    <div class="sam_field">
                        <textarea class="big_area" name="comment" cols="" rows=""></textarea>
                    </div>
                    <!-- END .sam_field -->
                </div>
                <!-- END .field_b -->
                <!-- END .pos_boxObz-->
                <div class="title_verif_b">
                    <span class="formBlack12"><?php 
        echo get_translation('contact_form_feedback_symbols');
        ?>
:</span>
                </div>
                <?php 
        $captcha_instance = new ReallySimpleCaptcha();
        $word = $captcha_instance->generate_random_word();
        $_SESSION['captcha_words'] = strtolower($word);
        $prefix = mt_rand();
        $image = $captcha_instance->generate_image($prefix, $word);
        ?>
                <!-- END .title_verif_b -->
                <div class="box_verif">
                    <img id="captchaImg" src="<?php 
        echo $image;
        ?>
" width="78" height="24">
                </div>
                <!-- end .box_verif -->
                <a class="chImg" href="javascript:;" onclick="contactObj.reloadCaptcha();"><?php 
        echo get_translation('contact_form_feedback_change_image');