/**
* Check messages for external plugins
* @return array with checking result;
*/
function ct_test_message($nickname, $email, $ip, $text)
{
$checkjs = js_test_plugin('ct_checkjs', $_COOKIE, true);
$post_info['comment_type'] = 'feedback_plugin_check';
$post_info = json_encode($post_info);
$ct_base_call_result = ct_base_call(array('message' => $text, 'example' => null, 'sender_email' => $email, 'sender_nickname' => $nickname, 'post_info' => $post_info, 'sender_info' => get_sender_info(), 'checkjs' => $checkjs));
$ct_result = $ct_base_call_result['ct_result'];
$result = array('allow' => $ct_result->allow, 'comment' => $ct_result->comment);
return $result;
}
/**
* General test for any post data
*/
function ct_contact_form_validate_postdata()
{
global $pagenow, $cleantalk_executed, $cleantalk_url_exclusions;
if ($cleantalk_executed) {
return null;
}
if (defined('DOING_AJAX') && DOING_AJAX) {
return null;
}
if (isset($cleantalk_url_exclusions)) {
$ct_cnt = sizeof($cleantalk_url_exclusions);
} else {
$ct_cnt = 0;
}
@header("CtExclusions: " . $ct_cnt);
if ($_SERVER['REQUEST_METHOD'] != 'POST' || isset($_POST['log']) && isset($_POST['pwd']) && isset($pagenow) && $pagenow == 'wp-login.php' || isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action'] == 'lostpassword' || ct_check_array_keys($_POST) || (isset($pagenow) && $pagenow == 'wp-cron.php' || strpos($_SERVER['REQUEST_URI'], '/checkout/') !== false) || strpos($_SERVER['REQUEST_URI'], '/wp-admin/') !== false || strpos($_SERVER['REQUEST_URI'], 'wp-login.php') !== false || strpos($_SERVER['REQUEST_URI'], 'wp-comments-post.php') !== false || @strpos($_SERVER['HTTP_REFERER'], '/wp-admin/') !== false || check_url_exclusions()) {
return null;
}
$_POST = ct_filter_array($_POST);
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$post_info['comment_type'] = 'feedback_general_postdata';
$post_info = json_encode($post_info);
if ($post_info === false) {
$post_info = '';
}
$message = '';
ct_get_fields_any_postdata($message, $_POST);
if (strlen(trim($message)) < 10) {
return null;
}
$skip_params = array('ipn_track_id', 'txn_type', 'payment_status');
foreach ($skip_params as $key => $value) {
if (@array_key_exists($value, $_GET) || @array_key_exists($value, $_POST)) {
return null;
}
}
$ct_base_call_result = ct_base_call(array('message' => $message, 'example' => null, 'sender_email' => '', 'sender_nickname' => '', 'post_info' => $post_info, 'sender_info' => get_sender_info(), 'checkjs' => $checkjs));
$cleantalk_executed = true;
$ct = $ct_base_call_result['ct'];
$ct_result = $ct_base_call_result['ct_result'];
if ($ct_result->allow == 0) {
if (!(defined('DOING_AJAX') && DOING_AJAX)) {
global $ct_comment;
$ct_comment = $ct_result->comment;
if (isset($_POST['cma-action']) && $_POST['cma-action'] == 'add') {
$result = array('success' => 0, 'thread_id' => null, 'messages' => array($ct_result->comment));
header("Content-Type: application/json");
print json_encode($result);
die;
} else {
ct_die(null, null);
}
} else {
echo $ct_result->comment;
}
exit;
}
return null;
}
/**
* Admin action 'admin_init' - Add the admin settings and such
*/
function ct_admin_init()
{
global $ct_server_timeout, $show_ct_notice_autokey, $ct_notice_autokey_label, $ct_notice_autokey_value, $show_ct_notice_renew, $ct_notice_renew_label, $show_ct_notice_trial, $ct_notice_trial_label, $show_ct_notice_online, $ct_notice_online_label, $renew_notice_showtime, $trial_notice_showtime, $ct_plugin_name, $ct_options, $ct_data, $trial_notice_check_timeout, $account_notice_check_timeout, $ct_user_token_label, $cleantalk_plugin_version, $notice_check_timeout;
$ct_options = ct_get_options();
$ct_data = ct_get_data();
$current_version = @trim($ct_data['current_version']);
if ($current_version != $cleantalk_plugin_version) {
$ct_data['current_version'] = $cleantalk_plugin_version;
update_option('cleantalk_data', $ct_data);
$ct_base_call_result = ct_base_call(array('message' => 'This message is a test to check the connection to the CleanTalk servers. ', 'example' => null, 'sender_email' => '*****@*****.**', 'sender_nickname' => 'CleanTalk', 'post_info' => '', 'checkjs' => 1));
}
if (isset($_POST['option_page']) && $_POST['option_page'] == 'cleantalk_settings' && isset($_POST['cleantalk_settings']['apikey'])) {
$ct_options['apikey'] = $_POST['cleantalk_settings']['apikey'];
update_option('cleantalk_settings', $ct_options);
$ct_base_call_result = ct_base_call(array('message' => 'This message is a test to check the connection to the CleanTalk servers. ', 'example' => null, 'sender_email' => '*****@*****.**', 'sender_nickname' => 'CleanTalk', 'post_info' => '', 'checkjs' => 1));
}
if (@isset($_POST['cleantalk_settings']['spam_firewall']) && $_POST['cleantalk_settings']['spam_firewall'] == 1) {
cleantalk_update_sfw();
}
/*$show_ct_notice_trial = false;
if (isset($_COOKIE[$ct_notice_trial_label]))
{
if ($_COOKIE[$ct_notice_trial_label] == 1)
{
$show_ct_notice_trial = true;
}
}
$show_ct_notice_renew = false;
if (isset($_COOKIE[$ct_notice_renew_label]))
{
if ($_COOKIE[$ct_notice_renew_label] == 1)
{
$show_ct_notice_renew = true;
}
}*/
$show_ct_notice_autokey = false;
if (isset($_COOKIE[$ct_notice_autokey_label]) && !empty($_COOKIE[$ct_notice_autokey_label])) {
if (!empty($_COOKIE[$ct_notice_autokey_label])) {
$show_ct_notice_autokey = true;
$ct_notice_autokey_value = base64_decode($_COOKIE[$ct_notice_autokey_label]);
setcookie($ct_notice_autokey_label, '', 1, '/');
}
}
if (isset($_POST['get_apikey_auto'])) {
$email = get_option('admin_email');
$website = parse_url(get_option('siteurl'), PHP_URL_HOST);
$platform = 'wordpress';
if (!function_exists('getAutoKey')) {
require_once 'cleantalk.class.php';
}
$result = getAutoKey($email, $website, $platform);
if ($result) {
$ct_data['next_account_status_check'] = 0;
update_option('cleantalk_data', $ct_data);
$result = json_decode($result, true);
if (isset($result['data']) && is_array($result['data'])) {
$result = $result['data'];
}
if (isset($result['user_token'])) {
$ct_data['user_token'] = $result['user_token'];
update_option('cleantalk_data', $ct_data);
}
if (isset($result['auth_key']) && !empty($result['auth_key'])) {
$_POST['cleantalk_settings']['apikey'] = $result['auth_key'];
$ct_options['apikey'] = $result['auth_key'];
update_option('cleantalk_settings', $ct_options);
/*$ct_base_call_result = ct_base_call(array(
'message' => 'CleanTalk setup test',
'example' => null,
'sender_email' => '*****@*****.**',
'sender_nickname' => 'CleanTalk',
'post_info' => '',
'checkjs' => 1
)); */
} else {
setcookie($ct_notice_autokey_label, (string) base64_encode($result['error_message']), 0, '/');
}
} else {
setcookie($ct_notice_autokey_label, (string) base64_encode(sprintf(__('Unable to connect to %s.', 'cleantalk'), 'api.cleantalk.org')), 0, '/');
}
}
if (time() > $ct_data['next_account_status_check'] || isset($_POST['cleantalk_settings']['apikey'])) {
$result = false;
//if (true)
//{
if (!function_exists('noticePaidTill')) {
require_once 'cleantalk.class.php';
}
if (@isset($_POST['cleantalk_settings']['apikey'])) {
$result = noticePaidTill($_POST['cleantalk_settings']['apikey']);
} else {
$result = noticePaidTill($ct_options['apikey']);
}
if ($result) {
$result = json_decode($result, true);
if (isset($result['data']) && is_array($result['data'])) {
$result = $result['data'];
}
if (isset($result['spam_count'])) {
$ct_data['admin_blocked'] = $result['spam_count'];
}
if (isset($result['show_notice'])) {
if ($result['show_notice'] == 1 && isset($result['trial']) && $result['trial'] == 1) {
$notice_check_timeout = $trial_notice_check_timeout;
$show_ct_notice_trial = true;
$ct_data['show_ct_notice_trial'] = 1;
}
if ($result['show_notice'] == 1 && isset($result['renew']) && $result['renew'] == 1) {
$notice_check_timeout = $account_notice_check_timeout;
$show_ct_notice_renew = true;
$ct_data['show_ct_notice_renew'] = 1;
}
if ($result['show_notice'] == 0) {
$notice_check_timeout = $account_notice_check_timeout;
$ct_data['show_ct_notice_trial'] = 0;
$ct_data['show_ct_notice_renew'] = 0;
}
}
if (isset($result['user_token'])) {
$ct_data['user_token'] = $result['user_token'];
}
}
// Save next status request time
$ct_data['next_account_status_check'] = time() + 86400;
update_option('cleantalk_data', $ct_data);
//}
/*if ($result)
{
if($show_ct_notice_trial == true)
{
setcookie($ct_notice_trial_label, (string) $show_ct_notice_trial, strtotime("+$trial_notice_showtime minutes"), '/');
}
if($show_ct_notice_renew == true)
{
setcookie($ct_notice_renew_label, (string) $show_ct_notice_renew, strtotime("+$renew_notice_showtime minutes"), '/');
}
}*/
}
$show_ct_notice_online = '';
if (isset($_COOKIE[$ct_notice_online_label])) {
if ($_COOKIE[$ct_notice_online_label] === 'BAD_KEY') {
$show_ct_notice_online = 'N';
} else {
if (time() - $_COOKIE[$ct_notice_online_label] <= 5) {
$show_ct_notice_online = 'Y';
}
}
}
//ct_init_session();
if (stripos($_SERVER['REQUEST_URI'], 'options.php') !== false || stripos($_SERVER['REQUEST_URI'], 'options-general.php') !== false || stripos($_SERVER['REQUEST_URI'], 'network/settings.php') !== false) {
if (isset($ct_data['testing_failed']) && $ct_data['testing_failed'] == 1) {
$buttons_html = '
<style type="text/css">
#ct_button_check_comments, #ct_button_check_users {background: #999999;}
';
} else {
$buttons_html = '
<style type="text/css">
#ct_button_check_comments, #ct_button_check_users {background: #69dd69;}
';
}
$buttons_html .= '
#ct_button_check_comments, #ct_button_check_users {padding: 10px; color: #fff; border:0 none;
cursor:pointer;
-webkit-border-radius: 5px;
border-radius: 5px;
font-size: 12pt;
text-decoration:none;
margin-bottom:5px;
display:inline-block;
}
#ct_stats_banner
{
padding: 0px;
color: #000;
/*border:2px solid #e5e5e5;*/
font-size: 10pt;
text-decoration:none;
margin-bottom:5px;
display:inline-block;
}
</style>';
if (isset($ct_data['testing_failed']) && $ct_data['testing_failed'] == 1) {
/*$buttons_html.='<a href="#" id="ct_button_check_comments" onclick="alert('."'".__('Feature is disabled, because testing of access key is failed!', 'cleantalk')."'".')">'.__('Check comments', 'cleantalk').'</a>
<a href="#" id="ct_button_check_users" onclick="alert('."'".__('Feature is disabled, because testing of access key is failed!', 'cleantalk')."'".')">'.__('Check users', 'cleantalk').'</a><div class="clear"></div>';*/
} else {
/*$buttons_html.='<a href="edit-comments.php?page=ct_check_spam&do_check=1" style="font-size:10pt;font-weight:400;">'.__('Check comments', 'cleantalk').'</a><br />
<a href="users.php?page=ct_check_users&do_check=1" style="font-size:10pt;font-weight:400;">'.__('Check users', 'cleantalk').'</a><div class="clear"></div>';*/
}
register_setting('cleantalk_settings', 'cleantalk_settings', 'ct_settings_validate');
add_settings_section('cleantalk_settings_main', __($ct_plugin_name, 'cleantalk'), 'ct_section_settings_main', 'cleantalk');
add_settings_section('cleantalk_settings_state', "<hr>" . __('Protection is active', 'cleantalk'), 'ct_section_settings_state', 'cleantalk');
//add_settings_section('cleantalk_settings_autodel', "<hr>", 'ct_section_settings_autodel', 'cleantalk');
add_settings_section('cleantalk_settings_banner', "<hr></h3>", '', 'cleantalk');
add_settings_section('cleantalk_settings_anti_spam', "<a href='#' style='text-decoration:underline;font-size:10pt;font-weight:400;'>" . __('Advanced settings', 'cleantalk') . "</a>", 'ct_section_settings_anti_spam', 'cleantalk');
if (!defined('CLEANTALK_ACCESS_KEY')) {
add_settings_field('cleantalk_apikey', __('Access key', 'cleantalk'), 'ct_input_apikey', 'cleantalk', 'cleantalk_settings_main');
} else {
add_settings_field('cleantalk_apikey', '', 'ct_input_apikey', 'cleantalk', 'cleantalk_settings_main');
}
add_settings_field('cleantalk_remove_old_spam', __('Automatically delete spam comments', 'cleantalk'), 'ct_input_remove_old_spam', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_registrations_test', __('Registration forms', 'cleantalk'), 'ct_input_registrations_test', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_comments_test', __('Comments form', 'cleantalk'), 'ct_input_comments_test', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_contact_forms_test', __('Contact forms', 'cleantalk'), 'ct_input_contact_forms_test', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_general_contact_forms_test', __('Custom contact forms', 'cleantalk'), 'ct_input_general_contact_forms_test', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_general_postdata_test', __('Check all post data', 'cleantalk'), 'ct_input_general_postdata_test', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_show_adminbar', __('Show statistics in admin bar', 'cleantalk'), 'ct_input_show_adminbar', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_use_ajax', __('Use AJAX for JavaScript check', 'cleantalk'), 'ct_input_use_ajax', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_check_external', __('Protect external forms', 'cleantalk'), 'ct_input_check_external', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_check_comments_number', __("Don't check comments", 'cleantalk'), 'ct_input_check_comments_number', 'cleantalk', 'cleantalk_settings_anti_spam');
//add_settings_field('cleantalk_check_messages_number', __("Don't check messages", 'cleantalk'), 'ct_input_check_messages_number', 'cleantalk', 'cleantalk_settings_anti_spam');
add_settings_field('cleantalk_spam_firewall', __('', 'cleantalk'), 'ct_input_spam_firewall', 'cleantalk', 'cleantalk_settings_banner');
add_settings_field('cleantalk_collect_details', __('Collect details about browsers', 'cleantalk'), 'ct_input_collect_details', 'cleantalk', 'cleantalk_settings_banner');
add_settings_field('cleantalk_show_link', __('', 'cleantalk'), 'ct_input_show_link', 'cleantalk', 'cleantalk_settings_banner');
}
}
function ct_ajax_hook()
{
require_once CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php';
global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment, $ct_options, $ct_data;
$ct_options = ct_get_options();
$ct_data = ct_get_data();
$sender_email = null;
$message = '';
$nickname = null;
if (isset($_POST['user_login'])) {
$nickname = $_POST['user_login'];
} else {
$nickname = '';
}
if (isset($_POST['cscf']['confirm-email'])) {
$tmp = $_POST['cscf']['confirm-email'];
$_POST['cscf']['confirm-email'] = 1;
}
if (($_POST['action'] == 'request_appointment' || $_POST['action'] == 'send_message') && isset($_POST['target'])) {
$tmp = $_POST['target'];
$_POST['target'] = 1;
}
ct_get_fields($sender_email, $message, $_POST);
if (isset($_POST['cscf']['confirm-email'])) {
$_POST['cscf']['confirm-email'] = $tmp;
}
if (($_POST['action'] == 'request_appointment' || $_POST['action'] == 'send_message') && isset($_POST['target'])) {
$_POST['target'] = $tmp;
}
if ($sender_email != null) {
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$submit_time = submit_time_test();
$sender_info = get_sender_info();
$sender_info['post_checkjs_passed'] = $checkjs;
$sender_info = json_encode($sender_info);
if ($sender_info === false) {
$sender_info = '';
}
$ct_base_call_result = ct_base_call(array('message' => $message, 'example' => null, 'sender_email' => $sender_email, 'sender_nickname' => $nickname, 'sender_info' => $sender_info, 'post_info' => null, 'checkjs' => $checkjs));
$ct = $ct_base_call_result['ct'];
$ct_result = $ct_base_call_result['ct_result'];
if ($ct_result->allow == 0) {
if ($_POST['action'] == 'wpuf_submit_register') {
$result = array('success' => false, 'error' => $ct_result->comment);
@header('Content-Type: application/json; charset=' . get_option('blog_charset'));
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'mymail_form_submit') {
$result = array('success' => false, 'html' => $ct_result->comment);
@header('Content-Type: application/json; charset=' . get_option('blog_charset'));
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview') {
$result = array('result' => false, 'msgs' => array('updated' => array($ct_result->comment)));
//@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
print $_GET['callback'] . '(' . json_encode($result) . ');';
die;
} else {
if ($_POST['action'] == 'cs_registration_validation') {
$result = array("type" => "error", "message" => $ct_result->comment);
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'request_appointment' || $_POST['action'] == 'send_message') {
print $ct_result->comment;
die;
} else {
if ($_POST['action'] == 'zn_do_login') {
print '<div id="login_error">' . $ct_result->comment . '</div>';
die;
} else {
if ($_POST['action'] == 'vfb_submit') {
$result = array('result' => false, 'message' => $ct_result->comment);
@header('Content-Type: application/json; charset=' . get_option('blog_charset'));
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'cscf-submitform') {
$result = array('sent' => true, 'valid' => false, 'errorlist' => array('name' => $ct_result->comment));
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'woocommerce_checkout') {
print $ct_result->comment;
die;
} else {
if ($_POST['action'] == 'frm_entries_create') {
$result = array('112' => $ct_result->comment);
print json_encode($result);
die;
} else {
if (isset($_POST['cma-action']) && $_POST['cma-action'] == 'add') {
$result = array('success' => 0, 'thread_id' => null, 'messages' => array($ct_result->comment));
print json_encode($result);
die;
} else {
if ($_POST['action'] == 'td_mod_register') {
print json_encode(array('register', 0, $ct_result->comment));
die;
} else {
if ($_POST['action'] == 'tmpl_ajax_check_user_email') {
print "17,email";
die;
} else {
if ($_POST['action'] == 'tevolution_submit_from_preview' || $_POST['action'] == 'submit_form_recaptcha_validation') {
print $ct_result->comment;
die;
} else {
if ($_POST['action'] == 'ninja_forms_ajax_submit') {
print '{"form_id":' . $_POST['_form_id'] . ',"errors":false,"success":{"success_msg-Success":"' . $ct_result->comment . '"}}';
die;
} else {
print $ct_result->comment;
die;
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
function ct_theme_submit()
{
require_once CLEANTALK_PLUGIN_DIR . 'cleantalk-public.php';
global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment, $ct_options, $ct_data;
$ct_data = ct_get_data();
$ct_options = ct_get_options();
$sender_email = null;
$message = '';
if (isset($_POST['cscf']['confirm-email'])) {
$tmp = $_POST['cscf']['confirm-email'];
$_POST['cscf']['confirm-email'] = 1;
}
ct_get_fields($sender_email, $message, $_POST);
if (isset($_POST['cscf']['confirm-email'])) {
$_POST['cscf']['confirm-email'] = $tmp;
}
if ($sender_email != null) {
$checkjs = js_test('ct_checkjs', $_COOKIE, true);
$submit_time = submit_time_test();
$sender_info = get_sender_info();
$sender_info['post_checkjs_passed'] = $checkjs;
$sender_info = json_encode($sender_info);
if ($sender_info === false) {
$sender_info = '';
}
$ct_base_call_result = ct_base_call(array('message' => $message, 'example' => null, 'sender_email' => $sender_email, 'sender_nickname' => null, 'sender_info' => $sender_info, 'post_info' => null, 'checkjs' => $checkjs));
$ct = $ct_base_call_result['ct'];
$ct_result = $ct_base_call_result['ct_result'];
if ($ct_result->allow == 0) {
$result = array('sent' => true, 'valid' => false, 'errorlist' => array('name' => $ct_result->comment));
print json_encode($result);
die;
}
}
}
/**
* After options update
* @return array
*/
function ct_update_option($option_name)
{
global $show_ct_notice_online, $ct_notice_online_label, $ct_notice_trial_label, $trial_notice_showtime, $ct_options, $ct_data, $ct_server_timeout;
if ($option_name !== 'cleantalk_settings') {
return;
}
$api_key = $ct_options['apikey'];
if (isset($_POST['cleantalk_settings']['apikey'])) {
$api_key = trim($_POST['cleantalk_settings']['apikey']);
$ct_options['apikey'] = $api_key;
}
if (!ct_valid_key($api_key)) {
return;
}
$ct_base_call_result = ct_base_call(array('message' => 'CleanTalk connection test', 'example' => null, 'sender_email' => '*****@*****.**', 'sender_nickname' => 'CleanTalk', 'post_info' => '', 'checkjs' => 1));
$key_valid = true;
$app_server_error = false;
$ct_data['testing_failed'] = 0;
$request = array();
$request['method_name'] = 'notice_validate_key';
$request['auth_key'] = $api_key;
$url = 'https://api.cleantalk.org';
$result = sendRawRequest($url, $request);
if ($result) {
$result = json_decode($result, true);
if (isset($result['valid']) && $result['valid'] == 0) {
$key_valid = false;
$ct_data['testing_failed'] = 1;
}
}
if (!$result || !isset($result['valid'])) {
$app_server_error = true;
$ct_data['testing_failed'] = 1;
}
update_option('cleantalk_data', $ct_data);
if ($key_valid) {
// Removes cookie for server errors
if ($app_server_error) {
setcookie($ct_notice_online_label, '', 1, '/');
// time 1 is exactly in past even clients time() is wrong
unset($_COOKIE[$ct_notice_online_label]);
} else {
setcookie($ct_notice_online_label, (string) time(), strtotime("+14 days"), '/');
}
setcookie($ct_notice_trial_label, '0', strtotime("+{$trial_notice_showtime} minutes"), '/');
} else {
setcookie($ct_notice_online_label, 'BAD_KEY', 0, '/');
}
}