示例#1
0
function rcl_check_register_captcha($errors)
{
    $rcl_captcha = new ReallySimpleCaptcha();
    $rcl_captcha_prefix = sanitize_text_field($_POST['rcl_captcha_prefix']);
    $rcl_captcha_code = sanitize_text_field($_POST['rcl_captcha_code']);
    $rcl_captcha_correct = false;
    $rcl_captcha_check = $rcl_captcha->check($rcl_captcha_prefix, $rcl_captcha_code);
    $rcl_captcha_correct = $rcl_captcha_check;
    $rcl_captcha->remove($rcl_captcha_prefix);
    $rcl_captcha->cleanup();
    if (!$rcl_captcha_correct) {
        $errors = new WP_Error();
        $errors->add('rcl_register_captcha', __('Field filled not right CAPTCHA!', 'wp-recall'));
    }
    return $errors;
}
示例#2
0
function mytheme_check_comment_captcha($comment_data)
{
    $comment_captcha = new ReallySimpleCaptcha();
    $comment_captcha_correct = false;
    $comment_captcha_prefix = $_POST['comment_captcha_prefix'];
    $comment_captcha_code = $_POST['comment_captcha_code'];
    $comment_captcha_check = $comment_captcha->check($comment_captcha_prefix, $comment_captcha_code);
    $comment_captcha_correct = $comment_captcha_check;
    //clean up
    $comment_captcha->remove($_POST['comment_captcha_prefix']);
    $comment_captcha->cleanup();
    if (!$comment_captcha_correct) {
        wp_die('You have entered an incorrect CAPTCHA value. try again.');
        break;
    }
    return $comment_data;
}
示例#3
0
 public static function get($args = array())
 {
     global $sb_captcha;
     if (empty($sb_captcha) && self::use_captcha()) {
         if (!is_array($args)) {
             $len = $args;
             $args = (array) $args;
             $args['len'] = $len;
         }
         $sb_captcha = new ReallySimpleCaptcha();
         $len = isset($args['len']) ? $args['len'] : 4;
         $bg = isset($args['bg']) ? (array) $args['bg'] : array();
         if (count($bg) > 0) {
             $sb_captcha->bg = $bg;
         }
         $sb_captcha->char_length = $len;
         $sb_captcha->cleanup(5);
     }
     return $sb_captcha;
 }
 /**
  * Register function
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // get the globals
     global $user_ID, $wpmem_themsg, $userdata;
     // check the nonce
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // add the user email to the $fields array for _data hooks
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // build the $fields array from $_POST data
     $wpmem_fields = get_option('wpmembers_fields');
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // we do have password as part of the registration form
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // check for required fields
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // multisite has different requirements
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 if (!$fields['username']) {
                     $wpmem_themsg = __('Sorry, username is a required field', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!validate_username($fields['username'])) {
                     $wpmem_themsg = __('The username cannot include non-alphanumeric characters.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return $wpmem_themsg;
                     exit;
                 }
                 if (username_exists($fields['username'])) {
                     return "user";
                     exit;
                 }
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
             }
             if ($wpmem_themsg) {
                 return "empty";
                 exit;
             }
             // if form contains password and email confirmation, validate that they match
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             $wpmem_captcha = get_option('wpmembers_captcha');
             // get the captcha settings (api keys)
             if (WPMEM_CAPTCHA == 1 && $wpmem_captcha['recaptcha']) {
                 // if captcha is on, check the captcha
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     // if there is no api key, the captcha never displayed to the end user
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // check to see if the recaptcha library has already been loaded by another plugin
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // the response from reCAPTCHA
                 $resp = null;
                 // the error code from reCAPTCHA, if any
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // set the error code so that we can display it
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // end check recaptcha
             } elseif (WPMEM_CAPTCHA == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     /** Validate Really Simple Captcha */
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // clean up the tmp directory
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             }
             // check for user defined password
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = $_REQUEST['redirect_to'];
             /**
              * these native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username. 
              * value can be filtered with wpmem_register_data
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // if the _pre_register_data hook sends back an error message
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // main new user fields are ready
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // get any excluded meta fields
             $excluded_meta = wpmem_get_excluded_meta('register');
             // user_url, first_name, last_name, description, jabber, aim, yim
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // inserts to wp_users table
             $fields['ID'] = wp_insert_user($new_user_fields);
             // set remaining fields to wp_usermeta table
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // capture IP address of user at registration
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // store the registration url
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // set user expiration, if used
             if (WPMEM_USE_EXP == 1 && WPMEM_MOD_REG != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once 'wp-members-email.php';
             // if this was successful, and you have email properly
             // configured, send a notification email to the user
             wpmem_inc_regemail($fields['ID'], $fields['password'], WPMEM_MOD_REG, $wpmem_fields, $fields);
             // notify admin of new reg, if needed;
             if (WPMEM_NOTIFY_ADMIN == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             // doing a check for existing email is not the same as a new reg. check first to
             // see if it's different, then check if it is a valid address and it exists.
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // if form includes email confirmation, validate that they match
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // add the user_ID to the fields array
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array $fields An array of the registration field data.
              */
             $fields = apply_filters('wpmem_register_data', $fields);
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             // if the _pre_update_data hook sends back an error message
             // @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // a list of fields that can be updated by wp_update_user
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // if the field is not excluded, update accordingly
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // if the field can be updated by wp_update_user
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             //wp_update_user( array( 'ID' => $user_ID, $meta[2] => $fields[$meta[2]] ) );
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // if the field is password
                         // if the field is password
                         case 'password':
                             // do nothing...
                             break;
                             // everything else goes into wp_usermeta
                         // everything else goes into wp_usermeta
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // update wp_update_user fields
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
示例#5
0
 /**
  * Register function.
  *
  * Handles registering new users and updating existing users.
  *
  * @since 2.2.1
  *
  * @param  string $toggle toggles the function between 'register' and 'update'.
  * @global int    $user_ID
  * @global string $wpmem_themsg
  * @global array  $userdata
  * @return string $wpmem_themsg|success|editsuccess
  */
 function wpmem_registration($toggle)
 {
     // Get the globals.
     global $user_ID, $wpmem, $wpmem_themsg, $userdata;
     // Check the nonce.
     if (defined('WPMEM_USE_NONCE')) {
         if (empty($_POST) || !wp_verify_nonce($_POST['wpmem-form-submit'], 'wpmem-validate-submit')) {
             $wpmem_themsg = __('There was an error processing the form.', 'wp-members');
             return;
         }
     }
     // Is this a registration or a user profile update?
     if ($toggle == 'register') {
         $fields['username'] = isset($_POST['log']) ? sanitize_user($_POST['log']) : '';
     }
     // Add the user email to the $fields array for _data hooks.
     $fields['user_email'] = isset($_POST['user_email']) ? $_POST['user_email'] : '';
     // Build the $fields array from $_POST data.
     $wpmem_fields = $wpmem->fields;
     // get_option( 'wpmembers_fields' );
     foreach ($wpmem_fields as $meta) {
         if ($meta[4] == 'y') {
             if ($meta[2] != 'password') {
                 $fields[$meta[2]] = isset($_POST[$meta[2]]) ? sanitize_text_field($_POST[$meta[2]]) : '';
             } else {
                 // We do have password as part of the registration form.
                 $fields['password'] = isset($_POST['password']) ? $_POST['password'] : '';
             }
         }
     }
     /**
      * Filter the submitted form field date prior to validation.
      *
      * @since 2.8.2
      *
      * @param array $fields An array of the posted form field data.
      */
     $fields = apply_filters('wpmem_pre_validate_form', $fields);
     // Check for required fields, reverse the array for logical error message order.
     $wpmem_fields_rev = array_reverse($wpmem_fields);
     foreach ($wpmem_fields_rev as $meta) {
         $pass_arr = array('password', 'confirm_password', 'password_confirm');
         $pass_chk = $toggle == 'update' && in_array($meta[2], $pass_arr) ? true : false;
         if ($meta[5] == 'y' && $pass_chk == false) {
             if (!$fields[$meta[2]]) {
                 $wpmem_themsg = sprintf(__('Sorry, %s is a required field.', 'wp-members'), $meta[1]);
             }
         }
     }
     switch ($toggle) {
         case "register":
             if (is_multisite()) {
                 // Multisite has different requirements.
                 $result = wpmu_validate_user_signup($fields['username'], $fields['user_email']);
                 $errors = $result['errors'];
                 if ($errors->errors) {
                     $wpmem_themsg = $errors->get_error_message();
                     return $wpmem_themsg;
                     exit;
                 }
             } else {
                 // Validate username and email fields.
                 $wpmem_themsg = email_exists($fields['user_email']) ? "email" : $wpmem_themsg;
                 $wpmem_themsg = username_exists($fields['username']) ? "user" : $wpmem_themsg;
                 $wpmem_themsg = !is_email($fields['user_email']) ? __('You must enter a valid email address.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !validate_username($fields['username']) ? __('The username cannot include non-alphanumeric characters.', 'wp-members') : $wpmem_themsg;
                 $wpmem_themsg = !$fields['username'] ? __('Sorry, username is a required field', 'wp-members') : $wpmem_themsg;
                 // If there is an error from username, email, or required field validation, stop registration and return the error.
                 if ($wpmem_themsg) {
                     return $wpmem_themsg;
                     exit;
                 }
             }
             // If form contains password and email confirmation, validate that they match.
             if (array_key_exists('confirm_password', $fields) && $fields['confirm_password'] != $fields['password']) {
                 $wpmem_themsg = __('Passwords did not match.', 'wp-members');
             }
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Get the captcha settings (api keys).
             $wpmem_captcha = get_option('wpmembers_captcha');
             // If captcha is on, check the captcha.
             if ($wpmem->captcha == 1 && $wpmem_captcha['recaptcha']) {
                 // If there is no api key, the captcha never displayed to the end user.
                 if ($wpmem_captcha['recaptcha']['public'] && $wpmem_captcha['recaptcha']['private']) {
                     if (!$_POST["recaptcha_response_field"]) {
                         // validate for empty captcha field
                         $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                         return "empty";
                         exit;
                     }
                 }
                 // Check to see if the recaptcha library has already been loaded by another plugin.
                 if (!function_exists('_recaptcha_qsencode')) {
                     require_once WPMEM_PATH . 'lib/recaptchalib.php';
                 }
                 $publickey = $wpmem_captcha['recaptcha']['public'];
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // The response from reCAPTCHA.
                 $resp = null;
                 // The error code from reCAPTCHA, if any.
                 $error = null;
                 if ($_POST["recaptcha_response_field"]) {
                     $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
                     if (!$resp->is_valid) {
                         // Set the error code so that we can display it.
                         global $wpmem_captcha_err;
                         $wpmem_captcha_err = $resp->error;
                         $wpmem_captcha_err = wpmem_get_captcha_err($wpmem_captcha_err);
                         return "captcha";
                         exit;
                     }
                 }
                 // End check recaptcha.
             } elseif ($wpmem->captcha == 2) {
                 if (defined('REALLYSIMPLECAPTCHA_VERSION')) {
                     // Validate Really Simple Captcha.
                     $wpmem_captcha = new ReallySimpleCaptcha();
                     // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer.
                     $wpmem_captcha_prefix = isset($_POST['captcha_prefix']) ? $_POST['captcha_prefix'] : '';
                     // This variable holds the CAPTCHA response, entered by the user.
                     $wpmem_captcha_code = isset($_POST['captcha_code']) ? $_POST['captcha_code'] : '';
                     // Check CAPTCHA validity.
                     $wpmem_captcha_correct = $wpmem_captcha->check($wpmem_captcha_prefix, $wpmem_captcha_code) ? true : false;
                     // Clean up the tmp directory.
                     $wpmem_captcha->remove($wpmem_captcha_prefix);
                     $wpmem_captcha->cleanup();
                     // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field), return an error.
                     if (!$wpmem_captcha_correct) {
                         $wpmem_themsg = wpmem_get_captcha_err('really-simple');
                         return "empty";
                         exit;
                     }
                 }
             } elseif ($wpmem->captcha == 3 && $wpmem_captcha['recaptcha']) {
                 // Get the captcha response.
                 if (isset($_POST['g-recaptcha-response'])) {
                     $captcha = $_POST['g-recaptcha-response'];
                 }
                 // If there is no captcha value, return error.
                 if (!$captcha) {
                     $wpmem_themsg = __('You must complete the CAPTCHA form.', 'wp-members');
                     return "empty";
                     exit;
                 }
                 // We need the private key for validation.
                 $privatekey = $wpmem_captcha['recaptcha']['private'];
                 // Validate the captcha.
                 $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . $privatekey . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
                 // Decode the json response.
                 $response = json_decode($response, true);
                 // If captcha validation was unsuccessful.
                 if ($response['success'] == false) {
                     $wpmem_themsg = __('CAPTCHA was not valid.', 'wp-members');
                     return "empty";
                     exit;
                 }
             }
             // Check for user defined password.
             $fields['password'] = !isset($_POST['password']) ? wp_generate_password() : $_POST['password'];
             // Add for _data hooks
             $fields['user_registered'] = gmdate('Y-m-d H:i:s');
             $fields['user_role'] = get_option('default_role');
             $fields['wpmem_reg_ip'] = $_SERVER['REMOTE_ADDR'];
             $fields['wpmem_reg_url'] = isset($_REQUEST['wpmem_reg_page']) ? $_REQUEST['wpmem_reg_page'] : $_REQUEST['redirect_to'];
             /*
              * These native fields are not installed by default, but if they
              * are added, use the $_POST value - otherwise, default to username.
              * Value can be filtered with wpmem_register_data.
              */
             $fields['user_nicename'] = isset($_POST['user_nicename']) ? sanitize_title($_POST['user_nicename']) : $fields['username'];
             $fields['display_name'] = isset($_POST['display_name']) ? sanitize_user($_POST['display_name']) : $fields['username'];
             $fields['nickname'] = isset($_POST['nickname']) ? sanitize_user($_POST['nickname']) : $fields['username'];
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'new');
             /**
              * Fires before any insertion/emails.
              *
              * This action is the final step in pre registering a user. This
              * can be used for attaching custom validation to the registration
              * process. It cannot be used for changing any user registration
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_pre_register_data', $fields);
             // If the _pre_register_data hook sends back an error message.
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // Main new user fields are ready.
             $new_user_fields = array('user_pass' => $fields['password'], 'user_login' => $fields['username'], 'user_nicename' => $fields['user_nicename'], 'user_email' => $fields['user_email'], 'display_name' => $fields['display_name'], 'nickname' => $fields['nickname'], 'user_registered' => $fields['user_registered'], 'role' => $fields['user_role']);
             // Get any excluded meta fields.
             $excluded_meta = wpmem_get_excluded_meta('register');
             // Fields for wp_insert_user: user_url, first_name, last_name, description, jabber, aim, yim.
             $new_user_fields_meta = array('user_url', 'first_name', 'last_name', 'description', 'jabber', 'aim', 'yim');
             foreach ($wpmem_fields as $meta) {
                 if (in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && !in_array($meta[2], $excluded_meta)) {
                         $new_user_fields[$meta[2]] = $fields[$meta[2]];
                     }
                 }
             }
             // Inserts to wp_users table.
             $fields['ID'] = wp_insert_user($new_user_fields);
             // Set remaining fields to wp_usermeta table.
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], $excluded_meta) && !in_array($meta[2], $new_user_fields_meta)) {
                     if ($meta[4] == 'y' && $meta[2] != 'user_email') {
                         update_user_meta($fields['ID'], $meta[2], $fields[$meta[2]]);
                     }
                 }
             }
             // Capture IP address of user at registration.
             update_user_meta($fields['ID'], 'wpmem_reg_ip', $fields['wpmem_reg_ip']);
             // Store the registration url.
             update_user_meta($fields['ID'], 'wpmem_reg_url', $fields['wpmem_reg_url']);
             // Set user expiration, if used.
             if ($wpmem->use_exp == 1 && $wpmem->mod_reg != 1) {
                 wpmem_set_exp($fields['ID']);
             }
             /**
              * Fires after user insertion but before email.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_register_data', $fields);
             require_once WPMEM_PATH . 'inc/email.php';
             /*
              * If this was successful, and you have email properly
              * configured, send a notification email to the user.
              */
             wpmem_inc_regemail($fields['ID'], $fields['password'], $wpmem->mod_reg, $wpmem_fields, $fields);
             // Notify admin of new reg, if needed.
             if ($wpmem->notify == 1) {
                 wpmem_notify_admin($fields['ID'], $wpmem_fields);
             }
             /**
              * Fires after registration is complete.
              *
              * @since 2.7.1
              */
             do_action('wpmem_register_redirect');
             // successful registration message
             return "success";
             exit;
             break;
         case "update":
             if ($wpmem_themsg) {
                 return "updaterr";
                 exit;
             }
             /*
              * Doing a check for existing email is not the same as a new reg. check first to 
              * see if it's different, then check if it is a valid address and it exists.
              */
             global $current_user;
             get_currentuserinfo();
             if ($fields['user_email'] != $current_user->user_email) {
                 if (email_exists($fields['user_email'])) {
                     return "email";
                     exit;
                 }
                 if (!is_email($fields['user_email'])) {
                     $wpmem_themsg = __('You must enter a valid email address.', 'wp-members');
                     return "updaterr";
                     exit;
                 }
             }
             // If form includes email confirmation, validate that they match.
             if (array_key_exists('confirm_email', $fields) && $fields['confirm_email'] != $fields['user_email']) {
                 $wpmem_themsg = __('Emails did not match.', 'wp-members');
             }
             // Add the user_ID to the fields array.
             $fields['ID'] = $user_ID;
             /**
              * Filter registration data after validation before data insertion.
              *
              * @since 2.8.2
              *
              * @param array  $fields An array of the registration field data.
              * @param string $toggle A switch to indicate the action (new|edit).
              */
             $fields = apply_filters('wpmem_register_data', $fields, 'edit');
             /**
              * Fires before data insertion.
              *
              * This action is the final step in pre updating a user. This
              * can be used for attaching custom validation to the update
              * process. It cannot be used for changing any user update
              * data. Use the wpmem_register_data filter for that.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted update data.
              */
             do_action('wpmem_pre_update_data', $fields);
             /*
              * If the _pre_update_data hook sends back an error message.
              * @todo - double check this. it should probably return "updaterr" and the hook should globalize wpmem_themsg
              */
             if ($wpmem_themsg) {
                 return $wpmem_themsg;
             }
             // A list of fields that can be updated by wp_update_user.
             $native_fields = array('user_nicename', 'user_url', 'user_email', 'display_name', 'nickname', 'first_name', 'last_name', 'description', 'role', 'jabber', 'aim', 'yim');
             $native_update = array('ID' => $user_ID);
             foreach ($wpmem_fields as $meta) {
                 // If the field is not excluded, update accordingly.
                 if (!in_array($meta[2], wpmem_get_excluded_meta('update'))) {
                     switch ($meta[2]) {
                         // If the field can be updated by wp_update_user.
                         case in_array($meta[2], $native_fields):
                             $fields[$meta[2]] = isset($fields[$meta[2]]) ? $fields[$meta[2]] : '';
                             $native_update[$meta[2]] = $fields[$meta[2]];
                             break;
                             // If the field is password.
                         // If the field is password.
                         case 'password':
                             // Do nothing.
                             break;
                             // Everything else goes into wp_usermeta.
                         // Everything else goes into wp_usermeta.
                         default:
                             if ($meta[4] == 'y') {
                                 update_user_meta($user_ID, $meta[2], $fields[$meta[2]]);
                             }
                             break;
                     }
                 }
             }
             // Update wp_update_user fields.
             wp_update_user($native_update);
             /**
              * Fires at the end of user update data insertion.
              *
              * @since 2.7.2
              *
              * @param array $fields The user's submitted registration data.
              */
             do_action('wpmem_post_update_data', $fields);
             return "editsuccess";
             exit;
             break;
     }
 }
function cbnet_check_comment_captcha($comment_data)
{
    if (!is_user_logged_in() && $comment_data['comment_type'] == '' && class_exists('ReallySimpleCaptcha')) {
        $cbnet_comment_captcha = new ReallySimpleCaptcha();
        // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
        $cbnet_comment_captcha_prefix = $_POST['comment_captcha_prefix'];
        // This variable holds the CAPTCHA response, entered by the user
        $cbnet_comment_captcha_code = $_POST['comment_captcha_code'];
        // This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
        $cbnet_comment_captcha_correct = false;
        // Validate the CAPTCHA response
        $cbnet_comment_captcha_check = $cbnet_comment_captcha->check($cbnet_comment_captcha_prefix, $cbnet_comment_captcha_code);
        // Set to 'true' if validation passes, and 'false' if validation fails
        $cbnet_comment_captcha_correct = $cbnet_comment_captcha_check;
        // clean up the tmp directory
        $cbnet_comment_captcha->remove($cbnet_comment_captcha_prefix);
        $cbnet_comment_captcha->cleanup();
        // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) don't process the comment.
        if (!$cbnet_comment_captcha_correct) {
            wp_die('You have entered an incorrect CAPTCHA value. Click the BACK button on your browser, and try again.');
            break;
        }
        // if CAPTCHA validation passes (correct value entered in CAPTCHA field), process the comment as per normal
        return $comment_data;
    } else {
        return $comment_data;
    }
}
function easy_t_check_captcha()
{
    if (!class_exists('ReallySimpleCaptcha') && !easy_testimonials_use_recaptcha()) {
        // captcha's cannot possibly be checked, so return true
        return true;
    } else {
        $captcha_correct = false;
        // false until proven correct
    }
    // look for + verify a reCAPTCHA first
    if (!empty($_POST["g-recaptcha-response"])) {
        if (!class_exists('EZT_ReCaptcha')) {
            require_once 'include/lib/ezt_recaptchalib.php';
        }
        $secret = get_option('easy_t_recaptcha_secret_key', '');
        $response = null;
        if (!empty($secret)) {
            $reCaptcha = new EZT_ReCaptcha($secret);
            $response = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]);
            $captcha_correct = $response != null && $response->success;
        }
    } else {
        if (!empty($_POST['captcha_prefix']) && class_exists('ReallySimpleCaptcha')) {
            $captcha = new ReallySimpleCaptcha();
            // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
            $captcha_prefix = $_POST['captcha_prefix'];
            // This variable holds the CAPTCHA response, entered by the user
            $captcha_code = $_POST['captcha_code'];
            // This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
            $captcha_correct = false;
            // Validate the CAPTCHA response
            $captcha_check = $captcha->check($captcha_prefix, $captcha_code);
            // Set to 'true' if validation passes, and 'false' if validation fails
            $captcha_correct = $captcha_check;
            // clean up the tmp directory
            $captcha->remove($captcha_prefix);
            $captcha->cleanup();
        }
    }
    return $captcha_correct;
}
示例#8
0
function gwolle_gb_frontend_posthandling()
{
    global $wpdb, $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    /*
     * Handle $_POST and check and save entry.
     */
    if (isset($_POST['gwolle_gb_function']) && $_POST['gwolle_gb_function'] == 'add_entry') {
        // Initialize errors
        $gwolle_gb_errors = false;
        $gwolle_gb_error_fields = array();
        // Initialize messages
        $gwolle_gb_messages = '';
        // Option to allow only logged-in users to post. Don't show the form if not logged-in.
        if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="require_login"><strong>' . __('Submitting a new guestbook entry is only allowed for logged-in users.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            return;
        }
        /*
         * Collect data from the Form
         */
        $gwolle_gb_data = array();
        $form_setting = gwolle_gb_get_setting('form');
        /* Name */
        if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_name'])) {
                $gwolle_gb_data['author_name'] = trim($_POST['gwolle_gb_author_name']);
                $gwolle_gb_data['author_name'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_name'], 'author_name');
                if ($gwolle_gb_data['author_name'] == "") {
                    if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'name';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'name';
                    // mandatory
                }
            }
        }
        /* City / Origin */
        if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_origin'])) {
                $gwolle_gb_data['author_origin'] = trim($_POST['gwolle_gb_author_origin']);
                $gwolle_gb_data['author_origin'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_origin'], 'author_origin');
                if ($gwolle_gb_data['author_origin'] == "") {
                    if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_origin';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_origin';
                    // mandatory
                }
            }
        }
        /* Email */
        if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
                if (filter_var($gwolle_gb_data['author_email'], FILTER_VALIDATE_EMAIL)) {
                    // Valid Email address.
                } else {
                    if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_email';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_email';
                    // mandatory
                }
            }
        }
        /* Website / Homepage */
        if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_website'])) {
                $gwolle_gb_data['author_website'] = trim($_POST['gwolle_gb_author_website']);
                $pattern = '/^http/';
                if (!preg_match($pattern, $gwolle_gb_data['author_website'], $matches)) {
                    $gwolle_gb_data['author_website'] = "http://" . $gwolle_gb_data['author_website'];
                }
                if (filter_var($gwolle_gb_data['author_website'], FILTER_VALIDATE_URL)) {
                    // Valid Website URL.
                } else {
                    if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_website';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_website';
                    // mandatory
                }
            }
        }
        /* Message */
        if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_content'])) {
                $gwolle_gb_data['content'] = trim($_POST['gwolle_gb_content']);
                if ($gwolle_gb_data['content'] == "") {
                    if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'content';
                        // mandatory
                    }
                } else {
                    $gwolle_gb_data['content'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['content'], 'content');
                }
            } else {
                if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'content';
                    // mandatory
                }
            }
        }
        /* Custom Anti-Spam */
        if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
            $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
            $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
            if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
                if (isset($_POST["gwolle_gb_antispam_answer"]) && trim($_POST["gwolle_gb_antispam_answer"]) == trim($antispam_answer)) {
                    //echo "You got it!";
                } else {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'antispam';
                    // mandatory
                }
            }
            if (isset($_POST["gwolle_gb_antispam_answer"])) {
                $gwolle_gb_data['antispam'] = trim($_POST['gwolle_gb_antispam_answer']);
            }
        }
        /* CAPTCHA */
        if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
            if (class_exists('ReallySimpleCaptcha')) {
                $gwolle_gb_captcha = new ReallySimpleCaptcha();
                // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                $gwolle_gb_captcha_prefix = $_POST['gwolle_gb_captcha_prefix'];
                // This variable holds the CAPTCHA response, entered by the user
                $gwolle_gb_captcha_code = $_POST['gwolle_gb_captcha_code'];
                // Validate the CAPTCHA response
                $gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code);
                // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
                if (true != $gwolle_gb_captcha_correct) {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'captcha';
                    // mandatory
                    //$gwolle_gb_messages .= '<p style="display_:none"><strong>' . $gwolle_gb_captcha_correct . '</strong></p>';
                } else {
                    // verified!
                    //$gwolle_gb_messages .= '<p class="error_fields"><strong>Verified.</strong></p>';
                }
                // clean up the tmp directory
                $gwolle_gb_captcha->remove($gwolle_gb_captcha_prefix);
                $gwolle_gb_captcha->cleanup();
            }
        }
        /* If there are errors, stop here and return false */
        if (is_array($gwolle_gb_error_fields) && !empty($gwolle_gb_error_fields)) {
            // There was no data filled in, even though that was mandatory.
            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            if (isset($gwolle_gb_error_fields)) {
                foreach ($gwolle_gb_error_fields as $field) {
                    switch ($field) {
                        case 'name':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your name is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_origin':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your origin is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_email':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your e-mail address is not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'author_website':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your website is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'content':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There is no message, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'antispam':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The anti-spam question was not answered correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                        case 'captcha':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The CAPTCHA was not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                            break;
                    }
                }
            }
            $gwolle_gb_messages .= '<p class="error_fields" style="display: none;">' . print_r($gwolle_gb_error_fields, true) . '</p>';
            return false;
            // no need to check and save
        }
        /* New Instance of gwolle_gb_entry. */
        $entry = new gwolle_gb_entry();
        /* Set the data in the instance */
        $set_data = $entry->set_data($gwolle_gb_data);
        if (!$set_data) {
            // Data is not set in the Instance, something happened
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="set_data"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
            return false;
        }
        /* Check for spam and set accordingly */
        $isspam = gwolle_gb_akismet($entry, 'comment-check');
        if ($isspam) {
            // Returned true, so considered spam
            $entry->set_isspam(true);
            // Is it wise to make them any wiser? Probably not...
            // $gwolle_gb_messages .= '<p><strong>' . __('Your guestbook entry is probably spam. A moderator will decide upon it.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
        }
        /* if Moderation is off, set it to "ischecked" */
        $user_id = get_current_user_id();
        // returns 0 if no current user
        if (get_option('gwolle_gb-moderate-entries', 'true') == 'true') {
            if (gwolle_gb_is_moderator($user_id)) {
                $entry->set_ischecked(true);
            } else {
                $entry->set_ischecked(false);
            }
        } else {
            // First set to checked
            $entry->set_ischecked(true);
            // Check for abusive content (too long words). Set it to unchecked, so manual moderation is needed.
            $maxlength = 100;
            $words = explode(" ", $entry->get_content());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
            $maxlength = 60;
            $words = explode(" ", $entry->get_author_name());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
        }
        /* Check for logged in user, and set the userid as author_id, just in case someone is also admin, or gets promoted some day */
        $entry->set_author_id($user_id);
        /*
         * Network Information
         */
        $entry->set_author_ip($_SERVER['REMOTE_ADDR']);
        $entry->set_author_host(gethostbyaddr($_SERVER['REMOTE_ADDR']));
        /*
         * Check for double post using email field and content.
         * Only if content is mandatory.
         */
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $entries = gwolle_gb_get_entries(array('email' => $entry->get_author_email()));
            if (is_array($entries) && !empty($entries)) {
                foreach ($entries as $entry_email) {
                    if ($entry_email->get_content() == $entry->get_content()) {
                        // Match is double entry
                        $gwolle_gb_errors = true;
                        $gwolle_gb_messages .= '<p class="double_post"><strong>' . __('Double post: An entry with the data you entered has already been saved.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
                        return false;
                    }
                }
            }
        }
        /*
         * Save the Entry
         */
        // $save = ""; // Testing mode
        $save = $entry->save();
        //if ( WP_DEBUG ) { echo "save: "; var_dump($save); }
        if ($save) {
            // We have been saved to the Database
            $gwolle_gb_messages .= '<p class="entry_saved">' . __('Thank you for your entry.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
            if ($entry->get_ischecked() == 0) {
                $gwolle_gb_messages .= '<p>' . __('We will review it and unlock it in a short while.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
            }
        }
        /*
         * Update Cache plugins
         */
        if ($entry->get_ischecked() == 1) {
            gwolle_gb_clear_cache();
        }
        /*
         * Send the Notification Mail to moderators that have subscribed (only when it is not Spam)
         */
        if (!$isspam) {
            $subscribers = array();
            $recipients = get_option('gwolle_gb-notifyByMail', array());
            if (count($recipients) > 0) {
                $recipients = explode(",", $recipients);
                foreach ($recipients as $recipient) {
                    if (is_numeric($recipient)) {
                        $userdata = get_userdata($recipient);
                        $subscribers[] = $userdata->user_email;
                    }
                }
            }
            @ini_set('sendmail_from', get_bloginfo('admin_mail'));
            // Set the Mail Content
            $mailTags = array('user_email', 'user_name', 'status', 'entry_management_url', 'blog_name', 'blog_url', 'wp_admin_url', 'entry_content', 'author_ip');
            $mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-adminMailContent', false));
            if (!$mail_body) {
                $mail_body = __("\nHello,\n\nThere is a new guestbook entry at '%blog_name%'.\nYou can check it at %entry_management_url%.\n\nHave a nice day.\nYour Gwolle-GB-Mailer\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry status: %status%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
            }
            // Set the Mail Headers
            $subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
            $header = "";
            if (get_option('gwolle_gb-mail-from', false)) {
                $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_option('gwolle_gb-mail-from') . ">\r\n";
            } else {
                $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
            }
            $header .= "Content-Type: text/plain; charset=UTF-8\r\n";
            // Encoding of the mail
            // Replace the tags from the mailtemplate with real data from the website and entry
            $info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
            $info['user_email'] = $entry->get_author_email();
            $info['blog_name'] = get_bloginfo('name');
            $info['blog_url'] = get_bloginfo('wpurl');
            $info['wp_admin_url'] = $info['blog_url'] . '/wp-admin';
            $info['entry_management_url'] = $info['wp_admin_url'] . '/admin.php?page=' . GWOLLE_GB_FOLDER . '/editor.php&entry_id=' . $entry->get_id();
            $info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
            $info['author_ip'] = $_SERVER['REMOTE_ADDR'];
            if ($entry->get_ischecked()) {
                $info['status'] = __('Checked', GWOLLE_GB_TEXTDOMAIN);
            } else {
                $info['status'] = __('Unchecked', GWOLLE_GB_TEXTDOMAIN);
            }
            // The last tags are bloginfo-based
            for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
                $mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
                $mail_body = gwolle_gb_format_values_for_mail($mail_body);
            }
            if (is_array($subscribers) && !empty($subscribers)) {
                foreach ($subscribers as $subscriber) {
                    wp_mail($subscriber, $subject, $mail_body, $header);
                }
            }
        }
        /*
         * Send Notification Mail to the author if set to true in an option
         */
        if (!$isspam) {
            if (get_option('gwolle_gb-mail_author', 'false') == 'true') {
                // Set the Mail Content
                $mailTags = array('user_email', 'user_name', 'blog_name', 'blog_url', 'entry_content');
                $mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-authorMailContent', false));
                if (!$mail_body) {
                    $mail_body = __("\nHello,\n\nYou have just posted a new guestbook entry at '%blog_name%'.\n\nHave a nice day.\nThe editors at %blog_name%.\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
                }
                // Set the Mail Headers
                $subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
                $header = "";
                if (get_option('gwolle_gb-mail-from', false)) {
                    $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . gwolle_gb_sanitize_output(get_option('gwolle_gb-mail-from')) . ">\r\n";
                } else {
                    $header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
                }
                $header .= "Content-Type: text/plain; charset=UTF-8\r\n";
                // Encoding of the mail
                // Replace the tags from the mailtemplate with real data from the website and entry
                $info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
                $info['user_email'] = $entry->get_author_email();
                $info['blog_name'] = get_bloginfo('name');
                $info['blog_url'] = get_bloginfo('wpurl');
                $info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
                for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
                    $mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
                    $mail_body = gwolle_gb_format_values_for_mail($mail_body);
                }
                wp_mail($entry->get_author_email(), $subject, $mail_body, $header);
            }
        }
        /*
         * No Log for the Entry needed, it has a default post date in the Entry itself.
         */
    }
}
示例#9
0
function gwolle_gb_frontend_posthandling()
{
    global $wpdb, $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
    /*
     * Handle $_POST and check and save entry.
     */
    if (isset($_POST['gwolle_gb_function']) && $_POST['gwolle_gb_function'] == 'add_entry') {
        // Initialize errors
        $gwolle_gb_errors = false;
        $gwolle_gb_error_fields = array();
        // Initialize messages
        $gwolle_gb_messages = '';
        // Option to allow only logged-in users to post. Don't show the form if not logged-in.
        if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="require_login"><strong>' . __('Submitting a new guestbook entry is only allowed for logged-in users.', 'gwolle-gb') . '</strong></p>';
            return;
        }
        /*
         * Collect data from the Form
         */
        $gwolle_gb_data = array();
        $form_setting = gwolle_gb_get_setting('form');
        /* Name */
        if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_name'])) {
                $gwolle_gb_data['author_name'] = trim($_POST['gwolle_gb_author_name']);
                $gwolle_gb_data['author_name'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_name'], 'author_name');
                if ($gwolle_gb_data['author_name'] == "") {
                    if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'name';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'name';
                    // mandatory
                }
            }
        }
        /* City / Origin */
        if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_origin'])) {
                $gwolle_gb_data['author_origin'] = trim($_POST['gwolle_gb_author_origin']);
                $gwolle_gb_data['author_origin'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_origin'], 'author_origin');
                if ($gwolle_gb_data['author_origin'] == "") {
                    if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_origin';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_origin';
                    // mandatory
                }
            }
        }
        /* Email */
        if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
                if (filter_var($gwolle_gb_data['author_email'], FILTER_VALIDATE_EMAIL)) {
                    // Valid Email address.
                } else {
                    if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_email';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_email';
                    // mandatory
                }
            }
        } else {
            if (isset($_POST['gwolle_gb_author_email'])) {
                $gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
            }
        }
        /* Website / Homepage */
        if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_author_website'])) {
                $gwolle_gb_data['author_website'] = trim($_POST['gwolle_gb_author_website']);
                $pattern = '/^http/';
                if (!preg_match($pattern, $gwolle_gb_data['author_website'], $matches)) {
                    $gwolle_gb_data['author_website'] = "http://" . $gwolle_gb_data['author_website'];
                }
                if (filter_var($gwolle_gb_data['author_website'], FILTER_VALIDATE_URL)) {
                    // Valid Website URL.
                } else {
                    if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'author_website';
                        // mandatory
                    }
                }
            } else {
                if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'author_website';
                    // mandatory
                }
            }
        }
        /* Message */
        if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
            if (isset($_POST['gwolle_gb_content'])) {
                $gwolle_gb_data['content'] = trim($_POST['gwolle_gb_content']);
                if ($gwolle_gb_data['content'] == "") {
                    if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                        $gwolle_gb_errors = true;
                        $gwolle_gb_error_fields[] = 'content';
                        // mandatory
                    }
                } else {
                    $gwolle_gb_data['content'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['content'], 'content');
                }
            } else {
                if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'content';
                    // mandatory
                }
            }
        }
        /* Custom Anti-Spam */
        if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
            $antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
            $antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
            if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
                if (isset($_POST["gwolle_gb_antispam_answer"]) && trim($_POST["gwolle_gb_antispam_answer"]) == trim($antispam_answer)) {
                    //echo "You got it!";
                } else {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'antispam';
                    // mandatory
                }
            }
            if (isset($_POST["gwolle_gb_antispam_answer"])) {
                $gwolle_gb_data['antispam'] = trim($_POST['gwolle_gb_antispam_answer']);
            }
        }
        /* CAPTCHA */
        if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
            if (class_exists('ReallySimpleCaptcha')) {
                $gwolle_gb_captcha = new ReallySimpleCaptcha();
                // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
                $gwolle_gb_captcha_prefix = $_POST['gwolle_gb_captcha_prefix'];
                // This variable holds the CAPTCHA response, entered by the user
                $gwolle_gb_captcha_code = $_POST['gwolle_gb_captcha_code'];
                // Validate the CAPTCHA response
                $gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code);
                // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
                if (true != $gwolle_gb_captcha_correct) {
                    $gwolle_gb_errors = true;
                    $gwolle_gb_error_fields[] = 'captcha';
                    // mandatory
                    //$gwolle_gb_messages .= '<p style="display_:none"><strong>' . $gwolle_gb_captcha_correct . '</strong></p>';
                } else {
                    // verified!
                    //$gwolle_gb_messages .= '<p class="error_fields"><strong>Verified.</strong></p>';
                }
                // clean up the tmp directory
                $gwolle_gb_captcha->remove($gwolle_gb_captcha_prefix);
                $gwolle_gb_captcha->cleanup();
            }
        }
        /* If there are errors, stop here and return false */
        if (is_array($gwolle_gb_error_fields) && !empty($gwolle_gb_error_fields)) {
            // There was no data filled in, even though that was mandatory.
            // $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There were errors submitting your guestbook entry.', 'gwolle-gb') . '</strong></p>';
            if (isset($gwolle_gb_error_fields)) {
                foreach ($gwolle_gb_error_fields as $field) {
                    switch ($field) {
                        case 'name':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>Des mots aussi beaux, ça mérite une signature non ?</strong></p>';
                            break;
                        case 'author_origin':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your origin is not filled in, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'author_email':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your e-mail address is not filled in correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'author_website':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your website is not filled in, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'content':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>Tu as oublié les mots doux ' . $gwolle_gb_data['author_name'] . ' :) !</strong></p>';
                            break;
                        case 'antispam':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The anti-spam question was not answered correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                        case 'captcha':
                            $gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The CAPTCHA was not filled in correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>';
                            break;
                    }
                }
            }
            $gwolle_gb_messages .= '<p class="error_fields" style="display: none;">' . print_r($gwolle_gb_error_fields, true) . '</p>';
            return false;
            // no need to check and save
        }
        /* New Instance of gwolle_gb_entry. */
        $entry = new gwolle_gb_entry();
        /* Set the data in the instance */
        $set_data = $entry->set_data($gwolle_gb_data);
        if (!$set_data) {
            // Data is not set in the Instance, something happened
            $gwolle_gb_errors = true;
            $gwolle_gb_messages .= '<p class="set_data"><strong>' . __('There were errors submitting your guestbook entry.', 'gwolle-gb') . '</strong></p>';
            return false;
        }
        /* Check for spam and set accordingly */
        $isspam = gwolle_gb_akismet($entry, 'comment-check');
        if ($isspam) {
            // Returned true, so considered spam
            $entry->set_isspam(true);
            // Is it wise to make them any wiser? Probably not...
            // $gwolle_gb_messages .= '<p><strong>' . __('Your guestbook entry is probably spam. A moderator will decide upon it.', 'gwolle-gb') . '</strong></p>';
        }
        /* if Moderation is off, set it to "ischecked" */
        $user_id = get_current_user_id();
        // returns 0 if no current user
        if (get_option('gwolle_gb-moderate-entries', 'true') == 'true') {
            if (gwolle_gb_is_moderator($user_id)) {
                $entry->set_ischecked(true);
            } else {
                $entry->set_ischecked(false);
            }
        } else {
            // First set to checked
            $entry->set_ischecked(true);
            // Check for abusive content (too long words). Set it to unchecked, so manual moderation is needed.
            $maxlength = 100;
            $words = explode(" ", $entry->get_content());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
            $maxlength = 60;
            $words = explode(" ", $entry->get_author_name());
            foreach ($words as $word) {
                if (strlen($word) > $maxlength) {
                    $entry->set_ischecked(false);
                    break;
                }
            }
        }
        $entry->set_ischecked(false);
        /* Check for logged in user, and set the userid as author_id, just in case someone is also admin, or gets promoted some day */
        $entry->set_author_id($user_id);
        /*
         * Network Information
         */
        $entry->set_author_ip($_SERVER['REMOTE_ADDR']);
        $entry->set_author_host(gethostbyaddr($_SERVER['REMOTE_ADDR']));
        /*
         * Book ID
         */
        if (isset($_POST['gwolle_gb_book_id'])) {
            $gwolle_gb_data['book_id'] = (int) $_POST['gwolle_gb_book_id'];
        }
        if ($gwolle_gb_data['book_id'] < 1) {
            $gwolle_gb_data['book_id'] = 1;
        }
        $entry->set_book_id($gwolle_gb_data['book_id']);
        /*
         * Check for double post using email field and content.
         * Only if content is mandatory.
         */
        if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
            $entries = gwolle_gb_get_entries(array('email' => $entry->get_author_email()));
            if (is_array($entries) && !empty($entries)) {
                foreach ($entries as $entry_email) {
                    if ($entry_email->get_content() == $entry->get_content()) {
                        // Match is double entry
                        $gwolle_gb_errors = true;
                        $gwolle_gb_messages .= '<p class="double_post"><strong>' . __('Double post: An entry with the data you entered has already been saved.', 'gwolle-gb') . '</strong></p>';
                        return false;
                    }
                }
            }
        }
        /*
         * Save the Entry
         */
        // $save = ""; // Testing mode
        $save = $entry->save();
        //if ( WP_DEBUG ) { echo "save: "; var_dump($save); }
        if ($save) {
            // We have been saved to the Database
            $gwolle_gb_messages .= '<p class="entry_saved">Merci pour ton message ' . $gwolle_gb_data['author_name'] . ' !</p>';
            if ($entry->get_ischecked() == 0) {
                $gwolle_gb_messages .= '<p>Il apparaîtra bientôt sur le site !</p>';
            }
        }
        /*
         * Update Cache plugins
         */
        if ($entry->get_ischecked() == 1) {
            gwolle_gb_clear_cache();
        }
        /*
         * Send the Notification Mail to moderators that have subscribed (only when it is not Spam)
         */
        gwolle_gb_mail_moderators($entry);
        /*
         * Send Notification Mail to the author if set to true in an option
         */
        gwolle_gb_mail_author($entry);
        /*
         * No Log for the Entry needed, it has a default post date in the Entry itself.
         */
    }
}
示例#10
0
function easy_t_check_captcha()
{
    $captcha = new ReallySimpleCaptcha();
    // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
    $captcha_prefix = $_POST['captcha_prefix'];
    // This variable holds the CAPTCHA response, entered by the user
    $captcha_code = $_POST['captcha_code'];
    // This variable will hold the result of the CAPTCHA validation. Set to 'false' until CAPTCHA validation passes
    $captcha_correct = false;
    // Validate the CAPTCHA response
    $captcha_check = $captcha->check($captcha_prefix, $captcha_code);
    // Set to 'true' if validation passes, and 'false' if validation fails
    $captcha_correct = $captcha_check;
    // clean up the tmp directory
    $captcha->remove($captcha_prefix);
    $captcha->cleanup();
    return $captcha_correct;
}
function cbnet_check_comment_captcha($approved, $comment_data)
{
    if (!is_user_logged_in() && $comment_data['comment_type'] == '' && class_exists('ReallySimpleCaptcha')) {
        $cbnet_rscc_captcha = new ReallySimpleCaptcha();
        // This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
        $cbnet_rscc_captcha_prefix = $_POST['comment_captcha_prefix'];
        // This variable holds the CAPTCHA response, entered by the user
        $cbnet_rscc_captcha_code = $_POST['comment_captcha_code'];
        // Validate the CAPTCHA response
        $cbnet_rscc_captcha_correct = $cbnet_rscc_captcha->check($cbnet_rscc_captcha_prefix, $cbnet_rscc_captcha_code);
        // If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
        if (true != $cbnet_rscc_captcha_correct) {
            $approved = 'spam';
        }
        // clean up the tmp directory
        $cbnet_rscc_captcha->remove($cbnet_rscc_captcha_prefix);
        $cbnet_rscc_captcha->cleanup();
    }
    // Return $approved
    return $approved;
}