public function addComment() { $messageArray = array(); $isAnonymous = false; $uniqueId = isset($_POST['wpdiscuz_unique_id']) ? trim($_POST['wpdiscuz_unique_id']) : ''; $postId = isset($_POST['postId']) ? intval($_POST['postId']) : ''; if ($uniqueId && $postId) { do_action('wpdiscuz_add_comment'); if (function_exists('zerospam_get_key') && isset($_POST['wpdiscuz_zs']) && ($wpdiscuzZS = $_POST['wpdiscuz_zs'])) { $_POST['zerospam_key'] = $wpdiscuzZS == md5(zerospam_get_key()) ? zerospam_get_key() : ''; } $commentDepth = isset($_POST['wc_comment_depth']) && intval($_POST['wc_comment_depth']) ? intval($_POST['wc_comment_depth']) : 1; $isInSameContainer = '1'; $current_user = wp_get_current_user(); if ($commentDepth > $this->optionsSerialized->wordpressThreadCommentsDepth) { $commentDepth = $this->optionsSerialized->wordpressThreadCommentsDepth; $isInSameContainer = '0'; } else { if (!$this->optionsSerialized->wordpressThreadComments) { $isInSameContainer = '0'; } } $notificationType = isset($_POST['wpdiscuz_notification_type']) ? $_POST['wpdiscuz_notification_type'] : ''; if ($current_user && $this->helper->isShowCaptcha($current_user->ID) && !class_exists("wpDiscuzReCaptcha") && !$this->optionsSerialized->isGoodbyeCaptchaActive) { $captcha = isset($_POST['wc_captcha']) ? trim($_POST['wc_captcha']) : ''; if ($this->optionsSerialized->isCaptchaInSession) { if (!session_id()) { session_start(); } $cnonce = isset($_POST['cnonce']) ? trim($_POST['cnonce']) : ''; $sCaptcha = isset($_SESSION['wpdiscuzc'][$cnonce]) ? $_SESSION['wpdiscuzc'][$cnonce] : false; if (!$sCaptcha || md5(strtolower($captcha)) !== $sCaptcha) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } else { $key = isset($_POST['cnonce']) ? substr(trim($_POST['cnonce']), self::CAPTCHA_LENGTH) : ''; $fileName = isset($_POST['fileName']) ? substr(trim($_POST['fileName']), 0, strlen(trim($_POST['fileName'])) - 4) : ''; if (!$this->helper->checkCaptchaFile($key, $fileName, $captcha)) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } } $website_url = ''; if ($current_user && $current_user->ID) { $user = $current_user; $user_id = $current_user->ID; $name = $current_user->display_name; $email = $current_user->user_email; } else { $user_id = 0; $name = isset($_POST['wc_name']) ? filter_var($_POST['wc_name']) : ''; $email = isset($_POST['wc_email']) ? trim($_POST['wc_email']) : ''; $website_url = isset($_POST['wc_website']) ? trim($_POST['wc_website']) : ''; if ($website_url != '' && (strpos($website_url, 'http://') !== '' && strpos($website_url, 'http://') !== 0) && (strpos($website_url, 'https://') !== '' && strpos($website_url, 'https://') !== 0)) { $website_url = 'http://' . $website_url; } if (!$this->optionsSerialized->isNameFieldRequired) { $name = !$name ? $this->optionsSerialized->phrases['wc_anonymous'] : $name; } if (!$this->optionsSerialized->isEmailFieldRequired) { if (!$email) { $email = uniqid() . '@example.com'; $isAnonymous = true; } } } if ($website_url != '' && filter_var($website_url, FILTER_VALIDATE_URL) === false) { $messageArray['code'] = 'wc_error_url_text'; wp_die(json_encode($messageArray)); } if ($email != '' && filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $messageArray['code'] = 'wc_error_email_text'; wp_die(json_encode($messageArray)); } $comment_content = $this->helper->replaceCommentContentCode(stripslashes(trim($_POST['wc_comment']))); $comment_content = wp_kses($comment_content, $this->helper->wc_allowed_tags); $commentMinLength = intval($this->optionsSerialized->commentTextMinLength); $commentMaxLength = intval($this->optionsSerialized->commentTextMaxLength); $contentLength = function_exists('mb_strlen') ? mb_strlen($comment_content) : strlen($comment_content); if ($commentMinLength > 0 && $contentLength < $commentMinLength) { $messageArray['code'] = 'wc_msg_input_min_length'; wp_die(json_encode($messageArray)); } if ($commentMaxLength > 0 && $contentLength > $commentMaxLength) { $messageArray['code'] = 'wc_msg_input_max_length'; wp_die(json_encode($messageArray)); } if ($name && $email && $comment_content) { $author_ip = $this->helper->getRealIPAddr(); $uid_data = $this->helper->getUIDData($uniqueId); $comment_parent = $uid_data[0]; $wc_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $new_commentdata = array('user_id' => $user_id, 'comment_post_ID' => $postId, 'comment_parent' => $comment_parent, 'comment_author' => $name, 'comment_author_email' => $email, 'comment_content' => $comment_content, 'comment_author_url' => $website_url, 'comment_author_IP' => $author_ip, 'comment_agent' => $wc_user_agent, 'comment_type' => ''); $new_comment_id = wp_new_comment(wp_slash($new_commentdata)); $newComment = get_comment($new_comment_id); $held_moderate = 1; if ($newComment->comment_approved) { $held_moderate = 0; } if ($notificationType == WpdiscuzCore::SUBSCRIPTION_POST && class_exists('Prompt_Comment_Form_Handling') && $this->optionsSerialized->usePostmaticForCommentNotification) { $_POST[Prompt_Comment_Form_Handling::SUBSCRIBE_CHECKBOX_NAME] = 1; Prompt_Comment_Form_Handling::handle_form($new_comment_id, $newComment->comment_approved); } else { if (!$isAnonymous && $notificationType) { $noNeedMemberConfirm = $current_user->ID && $this->optionsSerialized->disableMemberConfirm; $noNeedGuestsConfirm = !$current_user->ID && $this->optionsSerialized->disableGuestsConfirm && $this->dbManager->hasConfirmedSubscription($email); if ($noNeedMemberConfirm || $noNeedGuestsConfirm) { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT, 1); } else { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT); $this->emailHelper->confirmEmailSender($postId, $email); } } } $messageArray['code'] = $uniqueId; $messageArray['redirect'] = $this->optionsSerialized->redirectPage; $messageArray['new_comment_id'] = $new_comment_id; $messageArray['user_name'] = $name; $messageArray['user_email'] = $email; $messageArray['is_main'] = $comment_parent ? 0 : 1; $messageArray['held_moderate'] = $held_moderate; $messageArray['is_in_same_container'] = $isInSameContainer; $messageArray['wc_all_comments_count_new'] = $this->dbManager->getCommentsCount($postId); $commentListArgs = $this->getCommentListArgs($postId); $commentListArgs['current_user'] = $current_user; $commentListArgs['addComment'] = $commentDepth; $messageArray['message'] = wp_list_comments($commentListArgs, array($newComment)); } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_msg_required_fields'; } $messageArray['callbackFunctions'] = array(); $messageArray = apply_filters('wpdiscuz_comment_post', $messageArray); wp_die(json_encode($messageArray)); }
function zerospam_is_valid() { if (!empty($_POST['zerospam_key']) && $_POST['zerospam_key'] == zerospam_get_key()) { return true; } return false; }
/** * Pre-process registration fields. * * Used to create custom validation rules on user registration. This fires * when the form is submitted but before user information is saved to the * database. * * @since 2.0.0 * * @link http://codex.wordpress.org/Plugin_API/Action_Reference/register_post */ public function preprocess_registration($errors, $sanitized_user_login, $user_email) { if (!isset($_POST['zerospam_key']) || $_POST['zerospam_key'] != zerospam_get_key()) { do_action('zero_spam_found_spam_registration', $errors, $sanitized_user_login, $user_email); if (isset($this->settings['log_spammers']) && '1' == $this->settings['log_spammers']) { zerospam_log_spam('registration'); } $errors->add('spam_error', __($this->settings['spammer_msg_registration'], 'zerospam')); } return $errors; }
public function getOptionsForJs() { $js_options = array(); $js_options['wc_hide_replies_text'] = $this->phrases['wc_hide_replies_text']; $js_options['wc_show_replies_text'] = $this->phrases['wc_show_replies_text']; $js_options['wc_msg_required_fields'] = $this->phrases['wc_msg_required_fields']; $js_options['wc_invalid_field'] = $this->phrases['wc_invalid_field']; $js_options['wc_invalid_captcha'] = $this->phrases['wc_invalid_captcha']; $js_options['wc_error_empty_text'] = $this->phrases['wc_error_empty_text']; $js_options['wc_error_url_text'] = $this->phrases['wc_error_url_text']; $js_options['wc_error_email_text'] = $this->phrases['wc_error_email_text']; $js_options['wc_login_to_vote'] = $this->phrases['wc_login_to_vote']; $js_options['wc_deny_voting_from_same_ip'] = $this->phrases['wc_deny_voting_from_same_ip']; $js_options['wc_self_vote'] = $this->phrases['wc_self_vote']; $js_options['wc_vote_only_one_time'] = $this->phrases['wc_vote_only_one_time']; $js_options['wc_voting_error'] = $this->phrases['wc_voting_error']; $js_options['wc_captcha_show_hide'] = $this->captchaShowHide; $js_options['wc_msg_comment_text_min_length'] = str_replace('%d%', $this->commentTextMinLength, $this->phrases['wc_msg_comment_text_min_length']); $js_options['wc_msg_comment_text_max_length'] = str_replace('%d%', $this->commentTextMaxLength, $this->phrases['wc_msg_comment_text_max_length']); $js_options['wc_held_for_moderate'] = $this->phrases['wc_held_for_moderate']; $js_options['wc_comment_edit_not_possible'] = $this->phrases['wc_comment_edit_not_possible']; $js_options['wc_comment_not_updated'] = $this->phrases['wc_comment_not_updated']; $js_options['wc_comment_not_edited'] = $this->phrases['wc_comment_not_edited']; $js_options['wc_new_comment_button_text'] = $this->phrases['wc_new_comment_button_text']; $js_options['wc_new_comments_button_text'] = $this->phrases['wc_new_comments_button_text']; $js_options['wc_new_reply_button_text'] = $this->phrases['wc_new_reply_button_text']; $js_options['wc_new_replies_button_text'] = $this->phrases['wc_new_replies_button_text']; $js_options['wc_captcha_show_hide_for_members'] = $this->captchaShowHideForMembers; $js_options['is_email_field_required'] = $this->isEmailFieldRequired; $js_options['is_user_logged_in'] = is_user_logged_in(); $js_options['commentListLoadType'] = $this->commentListLoadType; $js_options['commentListUpdateType'] = $this->commentListUpdateType; $js_options['commentListUpdateTimer'] = $this->commentListUpdateTimer; $js_options['liveUpdateGuests'] = $this->liveUpdateGuests; $js_options['wc_comment_bg_color'] = $this->commentBGColor; $js_options['wc_reply_bg_color'] = $this->replyBGColor; $js_options['wordpress_comment_order'] = $this->wordpressCommentOrder; $js_options['commentsVoteOrder'] = $this->showSortingButtons && $this->mostVotedByDefault; $js_options['wordpressThreadCommentsDepth'] = $this->wordpressThreadCommentsDepth; $js_options['wordpressIsPaginate'] = $this->wordpressIsPaginate; if ($this->storeCommenterData < 0) { $js_options['storeCommenterData'] = 100000; } else { if ($this->storeCommenterData == 0) { $js_options['storeCommenterData'] = null; } else { $js_options['storeCommenterData'] = $this->storeCommenterData; } } if (function_exists('zerospam_get_key')) { $js_options['wpdiscuz_zs'] = md5(zerospam_get_key()); } return $js_options; }
public function addComment() { $messageArray = array(); $commentData = filter_input(INPUT_POST, 'wpdiscuzAjaxData'); $isAnonymous = false; if ($commentData) { parse_str($commentData); $postId = isset($postId) ? intval(trim($postId)) : 0; if (function_exists('zerospam_get_key') && isset($wpdiscuz_zs)) { $_POST['zerospam_key'] = $wpdiscuz_zs == md5(zerospam_get_key()) ? zerospam_get_key() : ''; } if (wp_verify_nonce($wpdiscuz_comment_form_nonce, self::ACTION_FORM_NONCE) && isset($wpdiscuz_unique_id) && $wpdiscuz_unique_id && $postId) { $wpdiscuz_unique_id = filter_var($wpdiscuz_unique_id); $wc_comment_depth = isset($wc_comment_depth) && intval($wc_comment_depth) ? $wc_comment_depth : 1; $isInSameContainer = '1'; global $current_user; get_currentuserinfo(); if ($wc_comment_depth > $this->optionsSerialized->wordpressThreadCommentsDepth) { $wc_comment_depth = $this->optionsSerialized->wordpressThreadCommentsDepth; $isInSameContainer = '0'; } else { if (!$this->optionsSerialized->wordpressThreadComments) { $isInSameContainer = '0'; } } $notification_type = isset($wpdiscuz_notification_type) ? $wpdiscuz_notification_type : ''; if ($this->helper->isShowCaptcha($current_user->ID)) { $key = isset($cnonce) ? substr($cnonce, self::CAPTCHA_LENGTH) : ''; $fileName = isset($fileName) ? substr($fileName, 0, strlen($fileName) - 4) : ''; $captcha = isset($wc_captcha) ? $wc_captcha : ''; if (!$this->helper->checkCaptcha($key, $fileName, $captcha)) { $messageArray['code'] = 'wc_invalid_captcha'; wp_die(json_encode($messageArray)); } } $website_url = ''; if ($current_user->ID) { $user_id = $current_user->ID; $user = $current_user; $name = $current_user->display_name; $email = $current_user->user_email; } else { $user_id = 0; $name = isset($wc_name) ? filter_var($wc_name) : ''; $email = isset($wc_email) ? trim($wc_email) : ''; $website_url = isset($wc_website) ? trim($wc_website) : ''; if ($website_url != '' && (strpos($website_url, 'http://') !== '' && strpos($website_url, 'http://') !== 0) && (strpos($website_url, 'https://') !== '' && strpos($website_url, 'https://') !== 0)) { $website_url = 'http://' . $website_url; } if (!$this->optionsSerialized->isNameFieldRequired) { $name = !$name ? __('Anonymous', 'wpdiscuz') : $name; } if (!$this->optionsSerialized->isEmailFieldRequired) { if (!$email) { $email = 'anonymous_' . md5(uniqid() . time()) . '@example.com'; $isAnonymous = true; } } } if ($website_url != '' && filter_var($website_url, FILTER_VALIDATE_URL) === false) { $messageArray['code'] = 'wc_error_url_text'; wp_die(json_encode($messageArray)); } if ($email != '' && filter_var($email, FILTER_VALIDATE_EMAIL) === false) { $messageArray['code'] = 'wc_error_email_text'; wp_die(json_encode($messageArray)); } $comment_content = wp_kses(trim($wc_comment), $this->helper->wc_allowed_tags); $commentMinLength = intval($this->optionsSerialized->commentTextMinLength); $commentMaxLength = intval($this->optionsSerialized->commentTextMaxLength); $contentLength = function_exists('mb_strlen') ? mb_strlen($comment_content) : strlen($comment_content); if ($commentMinLength > 0 && $contentLength < $commentMinLength) { $messageArray['code'] = 'wc_msg_comment_text_min_length'; wp_die(json_encode($messageArray)); } if ($commentMaxLength > 0 && $contentLength > $commentMaxLength) { $messageArray['code'] = 'wc_msg_comment_text_max_length'; wp_die(json_encode($messageArray)); } if ($name && $email && $comment_content) { $author_ip = $this->helper->getRealIPAddr(); $uid_data = $this->helper->getUIDData($wpdiscuz_unique_id); $comment_parent = $uid_data[0]; $wc_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $new_commentdata = array('user_id' => $user_id, 'comment_post_ID' => $postId, 'comment_parent' => $comment_parent, 'comment_author' => $name, 'comment_author_email' => $email, 'comment_content' => $comment_content, 'comment_author_url' => $website_url, 'comment_author_IP' => $author_ip, 'comment_agent' => $wc_user_agent, 'comment_type' => ''); $new_comment_id = wp_new_comment($new_commentdata); $newComment = get_comment($new_comment_id); $held_moderate = 1; if ($newComment->comment_approved) { $held_moderate = 0; } if ($notification_type == WpdiscuzCore::SUBSCRIPTION_POST && class_exists('Prompt_Comment_Form_Handling') && $this->optionsSerialized->usePostmaticForCommentNotification) { $_POST[Prompt_Comment_Form_Handling::SUBSCRIBE_CHECKBOX_NAME] = 1; Prompt_Comment_Form_Handling::handle_form($new_comment_id, $newComment->comment_approved); } else { if (!$isAnonymous && $notification_type) { if ($current_user->ID && $this->optionsSerialized->disableMemberConfirm) { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT, 1); } else { $this->dbManager->addEmailNotification($new_comment_id, $postId, $email, self::SUBSCRIPTION_COMMENT); $this->emailHelper->confirmEmailSender($postId, $email); } } } $messageArray['code'] = $wpdiscuz_unique_id; $messageArray['redirect'] = $this->optionsSerialized->redirectPage; $messageArray['new_comment_id'] = $new_comment_id; $messageArray['user_name'] = $name; $messageArray['user_email'] = $email; $messageArray['is_main'] = $comment_parent ? 0 : 1; $messageArray['held_moderate'] = $held_moderate; $messageArray['is_in_same_container'] = $isInSameContainer; $messageArray['wc_all_comments_count_new'] = $this->dbManager->getCommentsCount($postId); $commentListArgs = $this->getCommentListArgs($postId); $commentListArgs['current_user'] = $current_user; $commentListArgs['addComment'] = $wc_comment_depth; $messageArray['message'] = wp_list_comments($commentListArgs, array($newComment)); } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_invalid_field'; } } else { $messageArray['code'] = 'wc_msg_required_fields'; } wp_die(json_encode($messageArray)); }
public function enqueue_scripts() { wp_localize_script('zerospam', 'zerospam', array('key' => zerospam_get_key())); wp_enqueue_script('zerospam'); }