/**
* Retrieve or display nonce hidden field for forms.
*
* The nonce field is used to validate that the contents of the form came from
* the location on the current site and not somewhere else. The nonce does not
* offer absolute protection, but should protect against most cases. It is very
* important to use nonce field in forms.
*
* If you set $echo to true and set $referer to true, then you will need to
* retrieve the {@link nxt_referer_field() nxt referer field}. If you have the
* $referer set to true and are echoing the nonce field, it will also echo the
* referer field.
*
* The $action and $name are optional, but if you want to have better security,
* it is strongly suggested to set those two parameters. It is easier to just
* call the function without any parameters, because validation of the nonce
* doesn't require any parameters, but since crackers know what the default is
* it won't be difficult for them to find a way around your nonce and cause
* damage.
*
* The input name will be whatever $name value you gave. The input value will be
* the nonce creation value.
*
* @package bbPress
* @subpackage Security
* @since 1.0
*
* @param string $action Optional. Action name.
* @param string $name Optional. Nonce name.
* @param bool $referer Optional, default true. Whether to set the referer field for validation.
* @param bool $echo Optional, default true. Whether to display or return hidden form field.
* @return string Nonce field.
*/
function bb_nonce_field($action = -1, $name = "_nxtnonce", $referer = true, $echo = true)
{
$name = esc_attr($name);
$nonce = bb_create_nonce($action);
$nonce_field = '<input type="hidden" id="' . $name . '" name="' . $name . '" value="' . $nonce . '" />';
if ($echo) {
echo $nonce_field;
}
if ($referer) {
nxt_referer_field($echo, 'previous');
}
return $nonce_field;
}
/**
* Attempts activation of plugin in a "sandbox" and redirects on success.
*
* A plugin that is already activated will not attempt to be activated again.
*
* The way it works is by setting the redirection to the error before trying to
* include the plugin file. If the plugin fails, then the redirection will not
* be overwritten with the success message. Also, the options will not be
* updated and the activation hook will not be called on plugin error.
*
* It should be noted that in no way the below code will actually prevent errors
* within the file. The code should not be used elsewhere to replicate the
* "sandbox", which uses redirection to work.
*
* If any errors are found or text is outputted, then it will be captured to
* ensure that the success redirection will update the error redirection.
*
* @since 1.0
*
* @param string $plugin Plugin path to main plugin file with plugin data.
* @param string $redirect Optional. URL to redirect to.
* @return nxt_Error|null nxt_Error on invalid file or null on success.
*/
function bb_activate_plugin($plugin, $redirect = '')
{
$active_plugins = (array) bb_get_option('active_plugins');
$plugin = bb_plugin_basename(trim($plugin));
$valid_path = bb_validate_plugin($plugin);
if (is_nxt_error($valid_path)) {
return $valid_path;
}
if (in_array($plugin, $active_plugins)) {
return false;
}
if (!empty($redirect)) {
// We'll override this later if the plugin can be included without fatal error
nxt_redirect(add_query_arg('_scrape_nonce', bb_create_nonce('scrape-plugin_' . $plugin), $redirect));
}
ob_start();
@(include $valid_path);
// Add to the active plugins array
$active_plugins[] = $plugin;
ksort($active_plugins);
bb_update_option('active_plugins', $active_plugins);
do_action('bb_activate_plugin_' . $plugin);
ob_end_clean();
return $valid_path;
}
*/
define('NOSPAMUSER_AGENT', ' | NoSpamUser/0.8');
if (!function_exists('add_action')) {
@(include_once dirname(dirname(dirname(__FILE__))) . '/bb-load.php' or exit);
if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST' && isset($_POST['nonce']) && bb_verify_nonce($_POST['nonce'], 'nospamuser-nonce-' . $_SERVER['REMOTE_ADDR'])) {
$settings = bb_get_option('nospamuser-settings');
if ($settings['recaptcha_mode'] == 'aggressive') {
exit;
}
if (!function_exists('recaptcha_check_answer')) {
// Compatibility with anything else that uses reCAPTCHA
require_once dirname(__FILE__) . '/recaptchalib.php';
}
$resp = recaptcha_check_answer($settings['recaptcha_priv'], $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if ($resp->is_valid) {
setcookie('nospamuser-override', bb_create_nonce('nospamuser-override-' . $_SERVER['REMOTE_ADDR']), bb_nonce_tick() * apply_filters('bb_nonce_life', 86400) / 2);
}
bb_safe_redirect(bb_get_uri('register.php', null, BB_URI_CONTEXT_BB_USER_FORMS + BB_URI_CONTEXT_HEADER));
}
exit;
}
function nospamuser_install()
{
bb_update_option('nospamuser-settings', wp_parse_args(bb_get_option('nospamuser-settings'), array('days' => 30, 'min_occur' => 5, 'max_occur' => 10, 'api_key' => '', 'recaptcha_mode' => 'aggressive', 'recapthca_pub' => '', 'recaptcha_priv' => '', 'stats_public' => 0)));
}
bb_register_plugin_activation_hook(__FILE__, 'nospamuser_install');
function nospamuser_admin_parse()
{
bb_check_admin_referer('nospamuser-admin');
$settings = bb_get_option('nospamuser-settings');
$success = array();