[ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 3 // We plan to gradually remove all of the disabled lint rules below. 4 // phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotValidated 5 // phpcs:disable WordPress.Security.ValidatedSanitizedInput.MissingUnslash 6 // phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized 7 // phpcs:disable Squiz.PHP.DisallowMultipleAssignments.FoundInControlStructure 8 // phpcs:disable WordPress.Security.EscapeOutput.OutputNotEscaped 9 10 class Akismet_Admin { 11 const NONCE = 'akismet-update-key'; 12 13 private static $initiated = false; 14 private static $notices = array(); 15 private static $allowed = array( 16 'a' => array( 17 'href' => true, 18 'title' => true, 19 ), 20 'b' => array(), 21 'code' => array(), 22 'del' => array( 23 'datetime' => true, 24 ), 25 'em' => array(), 26 'i' => array(), 27 'q' => array( 28 'cite' => true, 29 ), 30 'strike' => array(), 31 'strong' => array(), 32 ); 33 34 /** 35 * List of pages where activation banner should be displayed. 36 * 37 * @var array 38 */ 39 private static $activation_banner_pages = array( 40 'edit-comments.php', 41 'options-discussion.php', 42 'plugins.php', 43 ); 44 45 public static function init() { 46 if ( ! self::$initiated ) { 47 self::init_hooks(); 48 } 49 50 if ( isset( $_POST['action'] ) && $_POST['action'] == 'enter-key' ) { 51 self::enter_api_key(); 52 } 53 } 54 55 public static function init_hooks() { 56 // The standalone stats page was removed in 3.0 for an all-in-one config and stats page. 57 // Redirect any links that might have been bookmarked or in browser history. 58 if ( isset( $_GET['page'] ) && 'akismet-stats-display' == $_GET['page'] ) { 59 wp_safe_redirect( esc_url_raw( self::get_page_url( 'stats' ) ), 301 ); 60 die; 61 } 62 63 self::$initiated = true; 64 65 add_action( 'admin_init', array( 'Akismet_Admin', 'admin_init' ) ); 66 add_action( 'admin_menu', array( 'Akismet_Admin', 'admin_menu' ), 5 ); // Priority 5, so it's called before Jetpack's admin_menu. 67 add_action( 'admin_notices', array( 'Akismet_Admin', 'display_notice' ) ); 68 add_action( 'admin_enqueue_scripts', array( 'Akismet_Admin', 'load_resources' ) ); 69 add_action( 'activity_box_end', array( 'Akismet_Admin', 'dashboard_stats' ) ); 70 add_action( 'rightnow_end', array( 'Akismet_Admin', 'rightnow_stats' ) ); 71 add_action( 'manage_comments_nav', array( 'Akismet_Admin', 'check_for_spam_button' ) ); 72 add_action( 'admin_action_akismet_recheck_queue', array( 'Akismet_Admin', 'recheck_queue' ) ); 73 add_action( 'wp_ajax_akismet_recheck_queue', array( 'Akismet_Admin', 'recheck_queue' ) ); 74 add_action( 'wp_ajax_comment_author_deurl', array( 'Akismet_Admin', 'remove_comment_author_url' ) ); 75 add_action( 'wp_ajax_comment_author_reurl', array( 'Akismet_Admin', 'add_comment_author_url' ) ); 76 add_action( 'jetpack_auto_activate_akismet', array( 'Akismet_Admin', 'connect_jetpack_user' ) ); 77 78 add_filter( 'plugin_action_links', array( 'Akismet_Admin', 'plugin_action_links' ), 10, 2 ); 79 add_filter( 'comment_row_actions', array( 'Akismet_Admin', 'comment_row_action' ), 10, 2 ); 80 81 add_filter( 'plugin_action_links_' . plugin_basename( plugin_dir_path( __FILE__ ) . 'akismet.php' ), array( 'Akismet_Admin', 'admin_plugin_settings_link' ) ); 82 83 add_filter( 'wxr_export_skip_commentmeta', array( 'Akismet_Admin', 'exclude_commentmeta_from_export' ), 10, 3 ); 84 85 add_filter( 'all_plugins', array( 'Akismet_Admin', 'modify_plugin_description' ) ); 86 87 // priority=1 because we need ours to run before core's comment anonymizer runs, and that's registered at priority=10 88 add_filter( 'wp_privacy_personal_data_erasers', array( 'Akismet_Admin', 'register_personal_data_eraser' ), 1 ); 89 } 90 91 public static function admin_init() { 92 if ( get_option( 'Activated_Akismet' ) ) { 93 delete_option( 'Activated_Akismet' ); 94 if ( ! headers_sent() ) { 95 $admin_url = self::get_page_url( 'init' ); 96 wp_redirect( $admin_url ); 97 } 98 } 99 100 load_plugin_textdomain( 'akismet' ); 101 add_meta_box( 'akismet-status', __( 'Comment History', 'akismet' ), array( 'Akismet_Admin', 'comment_status_meta_box' ), 'comment', 'normal' ); 102 103 if ( function_exists( 'wp_add_privacy_policy_content' ) ) { 104 wp_add_privacy_policy_content( 105 __( 'Akismet', 'akismet' ), 106 __( 'We collect information about visitors who comment on Sites that use our Akismet Anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter\'s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).', 'akismet' ) 107 ); 108 } 109 } 110 111 public static function admin_menu() { 112 if ( class_exists( 'Jetpack' ) ) { 113 add_action( 'jetpack_admin_menu', array( 'Akismet_Admin', 'load_menu' ) ); 114 } else { 115 self::load_menu(); 116 } 117 } 118 119 public static function admin_head() { 120 if ( ! current_user_can( 'manage_options' ) ) { 121 return; 122 } 123 } 124 125 public static function admin_plugin_settings_link( $links ) { 126 $settings_link = '<a href="' . esc_url( self::get_page_url() ) . '">' . __( 'Settings', 'akismet' ) . '</a>'; 127 array_unshift( $links, $settings_link ); 128 return $links; 129 } 130 131 public static function load_menu() { 132 if ( class_exists( 'Jetpack' ) ) { 133 $hook = add_submenu_page( 'jetpack', __( 'Akismet Anti-spam', 'akismet' ), __( 'Akismet Anti-spam', 'akismet' ), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) ); 134 } else { 135 $hook = add_options_page( __( 'Akismet Anti-spam', 'akismet' ), __( 'Akismet Anti-spam', 'akismet' ), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) ); 136 } 137 138 if ( $hook ) { 139 add_action( "load-$hook", array( 'Akismet_Admin', 'admin_help' ) ); 140 } 141 } 142 143 public static function load_resources() { 144 global $hook_suffix; 145 146 if ( in_array( 147 $hook_suffix, 148 apply_filters( 149 'akismet_admin_page_hook_suffixes', 150 array_merge( 151 array( 152 'index.php', // dashboard 153 'comment.php', 154 'post.php', 155 'settings_page_akismet-key-config', 156 'jetpack_page_akismet-key-config', 157 ), 158 self::$activation_banner_pages 159 ) 160 ) 161 ) ) { 162 $akismet_css_path = is_rtl() ? '_inc/rtl/akismet-rtl.css' : '_inc/akismet.css'; 163 wp_register_style( 'akismet', plugin_dir_url( __FILE__ ) . $akismet_css_path, array(), self::get_asset_file_version( $akismet_css_path ) ); 164 wp_enqueue_style( 'akismet' ); 165 166 wp_register_style( 'akismet-font-inter', plugin_dir_url( __FILE__ ) . '_inc/fonts/inter.css', array(), self::get_asset_file_version( '_inc/fonts/inter.css' ) ); 167 wp_enqueue_style( 'akismet-font-inter' ); 168 169 $akismet_admin_css_path = is_rtl() ? '_inc/rtl/akismet-admin-rtl.css' : '_inc/akismet-admin.css'; 170 wp_register_style( 'akismet-admin', plugin_dir_url( __FILE__ ) . $akismet_admin_css_path, array(), self::get_asset_file_version( $akismet_admin_css_path ) ); 171 wp_enqueue_style( 'akismet-admin' ); 172 173 // Enqueue the Akismet activation banner background separately so we can 174 // include the right path to the image. Shown on edit-comments.php and plugins.php. 175 if ( in_array( $hook_suffix, self::$activation_banner_pages, true ) ) { 176 $activation_banner_url = esc_url( 177 plugin_dir_url( __FILE__ ) . '_inc/img/akismet-activation-banner-elements.png' 178 ); 179 $inline_css = '.akismet-activate {' . PHP_EOL . 180 'background-image: url(' . $activation_banner_url . ');' . PHP_EOL . 181 '}'; 182 183 wp_add_inline_style( 'akismet-admin', $inline_css ); 184 } 185 186 wp_register_script( 'akismet.js', plugin_dir_url( __FILE__ ) . '_inc/akismet.js', array( 'jquery' ), self::get_asset_file_version( '_inc/akismet.js' ) ); 187 wp_enqueue_script( 'akismet.js' ); 188 189 wp_register_script( 'akismet-admin.js', plugin_dir_url( __FILE__ ) . '_inc/akismet-admin.js', array(), self::get_asset_file_version( '/_inc/akismet-admin.js' ) ); 190 wp_enqueue_script( 'akismet-admin.js' ); 191 192 $inline_js = array( 193 'comment_author_url_nonce' => wp_create_nonce( 'comment_author_url_nonce' ), 194 'strings' => array( 195 'Remove this URL' => __( 'Remove this URL', 'akismet' ), 196 'Removing...' => __( 'Removing...', 'akismet' ), 197 'URL removed' => __( 'URL removed', 'akismet' ), 198 '(undo)' => __( '(undo)', 'akismet' ), 199 'Re-adding...' => __( 'Re-adding...', 'akismet' ), 200 ), 201 ); 202 203 if ( isset( $_GET['akismet_recheck'] ) && wp_verify_nonce( $_GET['akismet_recheck'], 'akismet_recheck' ) ) { 204 $inline_js['start_recheck'] = true; 205 } 206 207 if ( apply_filters( 'akismet_enable_mshots', true ) ) { 208 $inline_js['enable_mshots'] = true; 209 } 210 211 wp_localize_script( 'akismet.js', 'WPAkismet', $inline_js ); 212 } 213 } 214 215 /** 216 * Add help to the Akismet page 217 * 218 * @return false if not the Akismet page 219 */ 220 public static function admin_help() { 221 $current_screen = get_current_screen(); 222 223 // Screen Content 224 if ( current_user_can( 'manage_options' ) ) { 225 if ( ! Akismet::get_api_key() || ( isset( $_GET['view'] ) && $_GET['view'] == 'start' ) ) { 226 // setup page 227 $current_screen->add_help_tab( 228 array( 229 'id' => 'overview', 230 'title' => __( 'Overview', 'akismet' ), 231 'content' => 232 '<p><strong>' . esc_html__( 'Akismet Setup', 'akismet' ) . '</strong></p>' . 233 '<p>' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.', 'akismet' ) . '</p>' . 234 '<p>' . esc_html__( 'On this page, you are able to set up the Akismet plugin.', 'akismet' ) . '</p>', 235 ) 236 ); 237 238 $current_screen->add_help_tab( 239 array( 240 'id' => 'setup-signup', 241 'title' => __( 'New to Akismet', 'akismet' ), 242 'content' => 243 '<p><strong>' . esc_html__( 'Akismet Setup', 'akismet' ) . '</strong></p>' . 244 '<p>' . esc_html__( 'You need to enter an API key to activate the Akismet service on your site.', 'akismet' ) . '</p>' . 245 /* translators: %s: a link to the signup page with the text 'Akismet.com'. */ 246 '<p>' . sprintf( __( 'Sign up for an account on %s to get an API Key.', 'akismet' ), '<a href="https://akismet.com/plugin-signup/" target="_blank">Akismet.com</a>' ) . '</p>', 247 ) 248 ); 249 250 $current_screen->add_help_tab( 251 array( 252 'id' => 'setup-manual', 253 'title' => __( 'Enter an API Key', 'akismet' ), 254 'content' => 255 '<p><strong>' . esc_html__( 'Akismet Setup', 'akismet' ) . '</strong></p>' . 256 '<p>' . esc_html__( 'If you already have an API key', 'akismet' ) . '</p>' . 257 '<ol>' . 258 '<li>' . esc_html__( 'Copy and paste the API key into the text field.', 'akismet' ) . '</li>' . 259 '<li>' . esc_html__( 'Click the Use this Key button.', 'akismet' ) . '</li>' . 260 '</ol>', 261 ) 262 ); 263 } elseif ( isset( $_GET['view'] ) && $_GET['view'] == 'stats' ) { 264 // stats page 265 $current_screen->add_help_tab( 266 array( 267 'id' => 'overview', 268 'title' => __( 'Overview', 'akismet' ), 269 'content' => 270 '<p><strong>' . esc_html__( 'Akismet Stats', 'akismet' ) . '</strong></p>' . 271 '<p>' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.', 'akismet' ) . '</p>' . 272 '<p>' . esc_html__( 'On this page, you are able to view stats on spam filtered on your site.', 'akismet' ) . '</p>', 273 ) 274 ); 275 } else { 276 // configuration page 277 $current_screen->add_help_tab( 278 array( 279 'id' => 'overview', 280 'title' => __( 'Overview', 'akismet' ), 281 'content' => 282 '<p><strong>' . esc_html__( 'Akismet Configuration', 'akismet' ) . '</strong></p>' . 283 '<p>' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.', 'akismet' ) . '</p>' . 284 '<p>' . esc_html__( 'On this page, you are able to update your Akismet settings and view spam stats.', 'akismet' ) . '</p>', 285 ) 286 ); 287 288 $current_screen->add_help_tab( 289 array( 290 'id' => 'settings', 291 'title' => __( 'Settings', 'akismet' ), 292 'content' => 293 '<p><strong>' . esc_html__( 'Akismet Configuration', 'akismet' ) . '</strong></p>' . 294 ( Akismet::predefined_api_key() ? '' : '<p><strong>' . esc_html__( 'API Key', 'akismet' ) . '</strong> - ' . esc_html__( 'Enter/remove an API key.', 'akismet' ) . '</p>' ) . 295 '<p><strong>' . esc_html__( 'Comments', 'akismet' ) . '</strong> - ' . esc_html__( 'Show the number of approved comments beside each comment author in the comments list page.', 'akismet' ) . '</p>' . 296 '<p><strong>' . esc_html__( 'Strictness', 'akismet' ) . '</strong> - ' . esc_html__( 'Choose to either discard the worst spam automatically or to always put all spam in spam folder.', 'akismet' ) . '</p>', 297 ) 298 ); 299 300 if ( ! Akismet::predefined_api_key() ) { 301 $current_screen->add_help_tab( 302 array( 303 'id' => 'account', 304 'title' => __( 'Account', 'akismet' ), 305 'content' => 306 '<p><strong>' . esc_html__( 'Akismet Configuration', 'akismet' ) . '</strong></p>' . 307 '<p><strong>' . esc_html__( 'Subscription Type', 'akismet' ) . '</strong> - ' . esc_html__( 'The Akismet subscription plan', 'akismet' ) . '</p>' . 308 '<p><strong>' . esc_html__( 'Status', 'akismet' ) . '</strong> - ' . esc_html__( 'The subscription status - active, cancelled or suspended', 'akismet' ) . '</p>', 309 ) 310 ); 311 } 312 } 313 } 314 315 // Help Sidebar 316 $current_screen->set_help_sidebar( 317 '<p><strong>' . esc_html__( 'For more information:', 'akismet' ) . '</strong></p>' . 318 '<p><a href="https://akismet.com/faq/" target="_blank">' . esc_html__( 'Akismet FAQ', 'akismet' ) . '</a></p>' . 319 '<p><a href="https://akismet.com/support/" target="_blank">' . esc_html__( 'Akismet Support', 'akismet' ) . '</a></p>' 320 ); 321 } 322 323 public static function enter_api_key() { 324 if ( ! current_user_can( 'manage_options' ) ) { 325 die( __( 'Cheatin’ uh?', 'akismet' ) ); 326 } 327 328 if ( ! wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) ) { 329 return false; 330 } 331 332 foreach ( array( 'akismet_strictness', 'akismet_show_user_comments_approved' ) as $option ) { 333 update_option( $option, isset( $_POST[ $option ] ) && (int) $_POST[ $option ] == 1 ? '1' : '0' ); 334 } 335 336 if ( ! empty( $_POST['akismet_comment_form_privacy_notice'] ) ) { 337 self::set_form_privacy_notice_option( $_POST['akismet_comment_form_privacy_notice'] ); 338 } else { 339 self::set_form_privacy_notice_option( 'hide' ); 340 } 341 342 if ( Akismet::predefined_api_key() ) { 343 return false; // shouldn't have option to save key if already defined 344 } 345 346 $new_key = preg_replace( '/[^a-f0-9]/i', '', $_POST['key'] ); 347 $old_key = Akismet::get_api_key(); 348 349 if ( empty( $new_key ) ) { 350 if ( ! empty( $old_key ) ) { 351 delete_option( 'wordpress_api_key' ); 352 self::$notices[] = 'new-key-empty'; 353 } 354 } elseif ( $new_key != $old_key ) { 355 self::save_key( $new_key ); 356 } 357 358 return true; 359 } 360 361 public static function save_key( $api_key ) { 362 $key_status = Akismet::verify_key( $api_key ); 363 364 if ( $key_status == 'valid' ) { 365 $akismet_user = self::get_akismet_user( $api_key ); 366 367 if ( $akismet_user ) { 368 if ( in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) ) ) { 369 update_option( 'wordpress_api_key', $api_key ); 370 } 371 372 if ( $akismet_user->status == 'active' ) { 373 self::$notices['status'] = 'new-key-valid'; 374 } elseif ( $akismet_user->status == 'notice' ) { 375 self::$notices['status'] = $akismet_user; 376 } else { 377 self::$notices['status'] = $akismet_user->status; 378 } 379 } else { 380 self::$notices['status'] = 'new-key-invalid'; 381 } 382 } elseif ( in_array( $key_status, array( 'invalid', 'failed' ) ) ) { 383 self::$notices['status'] = 'new-key-' . $key_status; 384 } 385 } 386 387 public static function dashboard_stats() { 388 if ( did_action( 'rightnow_end' ) ) { 389 return; // We already displayed this info in the "Right Now" section 390 } 391 392 if ( ! $count = get_option( 'akismet_spam_count' ) ) { 393 return; 394 } 395 396 global $submenu; 397 398 echo '<h3>' . esc_html( _x( 'Spam', 'comments', 'akismet' ) ) . '</h3>'; 399 400 echo '<p>' . sprintf( 401 /* translators: 1: Akismet website URL, 2: Comments page URL, 3: Number of spam comments. */ 402 _n( 403 '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comment</a>.', 404 '<a href="%1$s">Akismet</a> has protected your site from <a href="%2$s">%3$s spam comments</a>.', 405 $count, 406 'akismet' 407 ), 408 'https://akismet.com/wordpress/', 409 esc_url( add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( isset( $submenu['edit-comments.php'] ) ? 'edit-comments.php' : 'edit.php' ) ) ), 410 number_format_i18n( $count ) 411 ) . '</p>'; 412 } 413 414 // WP 2.5+ 415 public static function rightnow_stats() { 416 if ( $count = get_option( 'akismet_spam_count' ) ) { 417 $intro = sprintf( 418 /* translators: 1: Akismet website URL, 2: Number of spam comments. */ 419 _n( 420 '<a href="%1$s">Akismet</a> has protected your site from %2$s spam comment already. ', 421 '<a href="%1$s">Akismet</a> has protected your site from %2$s spam comments already. ', 422 $count, 423 'akismet' 424 ), 425 'https://akismet.com/wordpress/', 426 number_format_i18n( $count ) 427 ); 428 } else { 429 /* translators: %s: Akismet website URL. */ 430 $intro = sprintf( __( '<a href="%s">Akismet</a> blocks spam from getting to your blog. ', 'akismet' ), 'https://akismet.com/wordpress/' ); 431 } 432 433 $link = add_query_arg( array( 'comment_status' => 'spam' ), admin_url( 'edit-comments.php' ) ); 434 435 if ( $queue_count = self::get_spam_count() ) { 436 $queue_text = sprintf( 437 /* translators: 1: Number of comments, 2: Comments page URL. */ 438 _n( 439 'There’s <a href="%2$s">%1$s comment</a> in your spam queue right now.', 440 'There are <a href="%2$s">%1$s comments</a> in your spam queue right now.', 441 $queue_count, 442 'akismet' 443 ), 444 number_format_i18n( $queue_count ), 445 esc_url( $link ) 446 ); 447 } else { 448 /* translators: %s: Comments page URL. */ 449 $queue_text = sprintf( __( "There’s nothing in your <a href='%s'>spam queue</a> at the moment.", 'akismet' ), esc_url( $link ) ); 450 } 451 452 $text = $intro . '<br />' . $queue_text; 453 echo "<p class='akismet-right-now'>$text</p>\n"; 454 } 455 456 public static function check_for_spam_button( $comment_status ) { 457 // The "Check for Spam" button should only appear when the page might be showing 458 // a comment with comment_approved=0, which means an un-trashed, un-spammed, 459 // not-yet-moderated comment. 460 if ( 'all' != $comment_status && 'moderated' != $comment_status ) { 461 return; 462 } 463 464 $link = ''; 465 466 $comments_count = wp_count_comments(); 467 468 echo '</div>'; 469 echo '<div class="alignleft actions">'; 470 471 $classes = array( 472 'button-secondary', 473 'checkforspam', 474 'button-disabled', // Disable button until the page is loaded 475 ); 476 477 if ( $comments_count->moderated > 0 ) { 478 $classes[] = 'enable-on-load'; 479 480 if ( ! Akismet::get_api_key() ) { 481 $link = self::get_page_url(); 482 $classes[] = 'ajax-disabled'; 483 } 484 } 485 486 echo '<a 487 class="' . esc_attr( implode( ' ', $classes ) ) . '"' . 488 ( ! empty( $link ) ? ' href="' . esc_url( $link ) . '"' : '' ) . 489 /* translators: The placeholder is for showing how much of the process has completed, as a percent. e.g., "Checking for Spam (40%)" */ 490 ' data-progress-label="' . esc_attr( __( 'Checking for Spam (%1$s%)', 'akismet' ) ) . '" 491 data-success-url="' . esc_attr( 492 remove_query_arg( 493 array( 'akismet_recheck', 'akismet_recheck_error' ), 494 add_query_arg( 495 array( 496 'akismet_recheck_complete' => 1, 497 'recheck_count' => urlencode( '__recheck_count__' ), 498 'spam_count' => urlencode( '__spam_count__' ), 499 ) 500 ) 501 ) 502 ) . '" 503 data-failure-url="' . esc_attr( remove_query_arg( array( 'akismet_recheck', 'akismet_recheck_complete' ), add_query_arg( array( 'akismet_recheck_error' => 1 ) ) ) ) . '" 504 data-pending-comment-count="' . esc_attr( $comments_count->moderated ) . '" 505 data-nonce="' . esc_attr( wp_create_nonce( 'akismet_check_for_spam' ) ) . '" 506 ' . ( ! in_array( 'ajax-disabled', $classes ) ? 'onclick="return false;"' : '' ) . ' 507 >' . esc_html__( 'Check for Spam', 'akismet' ) . '</a>'; 508 echo '<span class="checkforspam-spinner"></span>'; 509 } 510 511 public static function recheck_queue() { 512 global $wpdb; 513 514 Akismet::fix_scheduled_recheck(); 515 516 if ( ! ( isset( $_GET['recheckqueue'] ) || ( isset( $_REQUEST['action'] ) && 'akismet_recheck_queue' == $_REQUEST['action'] ) ) ) { 517 return; 518 } 519 520 if ( ! wp_verify_nonce( $_POST['nonce'], 'akismet_check_for_spam' ) ) { 521 wp_send_json( 522 array( 523 'error' => __( 'You don’t have permission to do that.', 'akismet' ), 524 ) 525 ); 526 return; 527 } 528 529 $result_counts = self::recheck_queue_portion( empty( $_POST['offset'] ) ? 0 : $_POST['offset'], empty( $_POST['limit'] ) ? 100 : $_POST['limit'] ); 530 531 if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) { 532 wp_send_json( 533 array( 534 'counts' => $result_counts, 535 ) 536 ); 537 } else { 538 $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_url( 'edit-comments.php' ); 539 wp_safe_redirect( $redirect_to ); 540 exit; 541 } 542 } 543 544 public static function recheck_queue_portion( $start = 0, $limit = 100 ) { 545 global $wpdb; 546 547 $paginate = ''; 548 549 if ( $limit <= 0 ) { 550 $limit = 100; 551 } 552 553 if ( $start < 0 ) { 554 $start = 0; 555 } 556 557 $moderation = $wpdb->get_col( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_approved = '0' LIMIT %d OFFSET %d", $limit, $start ) ); 558 559 $result_counts = array( 560 'processed' => is_countable( $moderation ) ? count( $moderation ) : 0, 561 'spam' => 0, 562 'ham' => 0, 563 'error' => 0, 564 ); 565 566 foreach ( $moderation as $comment_id ) { 567 $api_response = Akismet::recheck_comment( $comment_id, 'recheck_queue' ); 568 569 if ( 'true' === $api_response ) { 570 ++$result_counts['spam']; 571 } elseif ( 'false' === $api_response ) { 572 ++$result_counts['ham']; 573 } else { 574 ++$result_counts['error']; 575 } 576 } 577 578 return $result_counts; 579 } 580 581 // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link 582 public static function remove_comment_author_url() { 583 if ( ! empty( $_POST['id'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) { 584 $comment_id = intval( $_POST['id'] ); 585 $comment = get_comment( $comment_id, ARRAY_A ); 586 if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) { 587 $comment['comment_author_url'] = ''; 588 do_action( 'comment_remove_author_url' ); 589 print( wp_update_comment( $comment ) ); 590 die(); 591 } 592 } 593 } 594 595 public static function add_comment_author_url() { 596 if ( ! empty( $_POST['id'] ) && ! empty( $_POST['url'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) { 597 $comment_id = intval( $_POST['id'] ); 598 $comment = get_comment( $comment_id, ARRAY_A ); 599 if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) { 600 $comment['comment_author_url'] = esc_url( $_POST['url'] ); 601 do_action( 'comment_add_author_url' ); 602 print( wp_update_comment( $comment ) ); 603 die(); 604 } 605 } 606 } 607 608 public static function comment_row_action( $a, $comment ) { 609 $akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true ); 610 if ( ! $akismet_result && get_comment_meta( $comment->comment_ID, 'akismet_skipped', true ) ) { 611 $akismet_result = 'skipped'; // Akismet chose to skip the comment-check request. 612 } 613 614 $akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true ); 615 $user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true ); 616 $comment_status = wp_get_comment_status( $comment->comment_ID ); 617 $desc = null; 618 if ( $akismet_error ) { 619 $desc = __( 'Awaiting spam check', 'akismet' ); 620 } elseif ( ! $user_result || $user_result == $akismet_result ) { 621 // Show the original Akismet result if the user hasn't overridden it, or if their decision was the same 622 if ( $akismet_result == 'true' && $comment_status != 'spam' && $comment_status != 'trash' ) { 623 $desc = __( 'Flagged as spam by Akismet', 'akismet' ); 624 } elseif ( $akismet_result == 'false' && $comment_status == 'spam' ) { 625 $desc = __( 'Cleared by Akismet', 'akismet' ); 626 } 627 } else { 628 $who = get_comment_meta( $comment->comment_ID, 'akismet_user', true ); 629 if ( $user_result == 'true' ) { 630 /* translators: %s: Username. */ 631 $desc = sprintf( __( 'Flagged as spam by %s', 'akismet' ), $who ); 632 } else { 633 /* translators: %s: Username. */ 634 $desc = sprintf( __( 'Un-spammed by %s', 'akismet' ), $who ); 635 } 636 } 637 638 // add a History item to the hover links, just after Edit 639 if ( $akismet_result && is_array( $a ) ) { 640 $b = array(); 641 foreach ( $a as $k => $item ) { 642 $b[ $k ] = $item; 643 if ( 644 $k == 'edit' 645 || $k == 'unspam' 646 ) { 647 $b['history'] = '<a href="comment.php?action=editcomment&c=' . $comment->comment_ID . '#akismet-status" title="' . esc_attr__( 'View comment history', 'akismet' ) . '"> ' . esc_html__( 'History', 'akismet' ) . '</a>'; 648 } 649 } 650 651 $a = $b; 652 } 653 654 if ( $desc ) { 655 echo '<span class="akismet-status" commentid="' . $comment->comment_ID . '"><a href="comment.php?action=editcomment&c=' . $comment->comment_ID . '#akismet-status" title="' . esc_attr__( 'View comment history', 'akismet' ) . '">' . esc_html( $desc ) . '</a></span>'; 656 } 657 658 $show_user_comments_option = get_option( 'akismet_show_user_comments_approved' ); 659 660 if ( $show_user_comments_option === false ) { 661 // Default to active if the user hasn't made a decision. 662 $show_user_comments_option = '1'; 663 } 664 665 $show_user_comments = apply_filters( 'akismet_show_user_comments_approved', $show_user_comments_option ); 666 $show_user_comments = $show_user_comments === 'false' ? false : $show_user_comments; // option used to be saved as 'false' / 'true' 667 668 if ( $show_user_comments ) { 669 $comment_count = Akismet::get_user_comments_approved( $comment->user_id, $comment->comment_author_email, $comment->comment_author, $comment->comment_author_url ); 670 $comment_count = intval( $comment_count ); 671 echo '<span class="akismet-user-comment-count" commentid="' . $comment->comment_ID . '" style="display:none;"><br><span class="akismet-user-comment-counts">'; 672 /* translators: %s: Number of comments. */ 673 echo sprintf( esc_html( _n( '%s approved', '%s approved', $comment_count, 'akismet' ) ), number_format_i18n( $comment_count ) ) . '</span></span>'; 674 } 675 676 return $a; 677 } 678 679 public static function comment_status_meta_box( $comment ) { 680 $history = Akismet::get_comment_history( $comment->comment_ID ); 681 682 if ( $history ) { 683 foreach ( $history as $row ) { 684 $message = ''; 685 686 if ( ! empty( $row['message'] ) ) { 687 // Old versions of Akismet stored the message as a literal string in the commentmeta. 688 // New versions don't do that for two reasons: 689 // 1) Save space. 690 // 2) The message can be translated into the current language of the blog, not stuck 691 // in the language of the blog when the comment was made. 692 $message = esc_html( $row['message'] ); 693 } elseif ( ! empty( $row['event'] ) ) { 694 // If possible, use a current translation. 695 switch ( $row['event'] ) { 696 case 'recheck-spam': 697 $message = esc_html( __( 'Akismet re-checked and caught this comment as spam.', 'akismet' ) ); 698 break; 699 case 'check-spam': 700 $message = esc_html( __( 'Akismet caught this comment as spam.', 'akismet' ) ); 701 break; 702 case 'recheck-ham': 703 $message = esc_html( __( 'Akismet re-checked and cleared this comment.', 'akismet' ) ); 704 break; 705 case 'check-ham': 706 $message = esc_html( __( 'Akismet cleared this comment.', 'akismet' ) ); 707 break; 708 case 'wp-blacklisted': 709 case 'wp-disallowed': 710 $message = sprintf( 711 /* translators: The placeholder is a WordPress PHP function name. */ 712 esc_html( __( 'Comment was caught by %s.', 'akismet' ) ), 713 function_exists( 'wp_check_comment_disallowed_list' ) ? '<code>wp_check_comment_disallowed_list</code>' : '<code>wp_blacklist_check</code>' 714 ); 715 break; 716 case 'report-spam': 717 if ( isset( $row['user'] ) ) { 718 /* translators: The placeholder is a username. */ 719 $message = esc_html( sprintf( __( '%s reported this comment as spam.', 'akismet' ), $row['user'] ) ); 720 } elseif ( ! $message ) { 721 $message = esc_html( __( 'This comment was reported as spam.', 'akismet' ) ); 722 } 723 break; 724 case 'report-ham': 725 if ( isset( $row['user'] ) ) { 726 /* translators: The placeholder is a username. */ 727 $message = esc_html( sprintf( __( '%s reported this comment as not spam.', 'akismet' ), $row['user'] ) ); 728 } elseif ( ! $message ) { 729 $message = esc_html( __( 'This comment was reported as not spam.', 'akismet' ) ); 730 } 731 break; 732 case 'cron-retry-spam': 733 $message = esc_html( __( 'Akismet caught this comment as spam during an automatic retry.', 'akismet' ) ); 734 break; 735 case 'cron-retry-ham': 736 $message = esc_html( __( 'Akismet cleared this comment during an automatic retry.', 'akismet' ) ); 737 break; 738 case 'check-error': 739 if ( isset( $row['meta'], $row['meta']['response'] ) ) { 740 /* translators: The placeholder is an error response returned by the API server. */ 741 $message = sprintf( esc_html( __( 'Akismet was unable to check this comment (response: %s) but will automatically retry later.', 'akismet' ) ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); 742 } else { 743 $message = esc_html( __( 'Akismet was unable to check this comment but will automatically retry later.', 'akismet' ) ); 744 } 745 break; 746 case 'recheck-error': 747 if ( isset( $row['meta'], $row['meta']['response'] ) ) { 748 /* translators: The placeholder is an error response returned by the API server. */ 749 $message = sprintf( esc_html( __( 'Akismet was unable to recheck this comment (response: %s).', 'akismet' ) ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); 750 } else { 751 $message = esc_html( __( 'Akismet was unable to recheck this comment.', 'akismet' ) ); 752 } 753 break; 754 case 'webhook-spam': 755 $message = esc_html( __( 'Akismet caught this comment as spam and updated its status via webhook.', 'akismet' ) ); 756 break; 757 case 'webhook-ham': 758 $message = esc_html( __( 'Akismet cleared this comment and updated its status via webhook.', 'akismet' ) ); 759 break; 760 case 'webhook-spam-noaction': 761 $message = esc_html( __( 'Akismet determined this comment was spam during a recheck. It did not update the comment status because it had already been modified by another user or plugin.', 'akismet' ) ); 762 break; 763 case 'webhook-ham-noaction': 764 $message = esc_html( __( 'Akismet cleared this comment during a recheck. It did not update the comment status because it had already been modified by another user or plugin.', 'akismet' ) ); 765 break; 766 case 'akismet-skipped': 767 $message = esc_html( __( 'This comment was not sent to Akismet when it was submitted because it was caught by something else.', 'akismet' ) ); 768 break; 769 case 'akismet-skipped-disallowed': 770 $message = esc_html( __( 'This comment was not sent to Akismet when it was submitted because it was caught by the comment disallowed list.', 'akismet' ) ); 771 break; 772 default: 773 if ( preg_match( '/^status-changed/', $row['event'] ) ) { 774 // Half of these used to be saved without the dash after 'status-changed'. 775 // See https://plugins.trac.wordpress.org/changeset/1150658/akismet/trunk 776 $new_status = preg_replace( '/^status-changed-?/', '', $row['event'] ); 777 /* translators: The placeholder is a short string (like 'spam' or 'approved') denoting the new comment status. */ 778 $message = sprintf( esc_html( __( 'Comment status was changed to %s', 'akismet' ) ), '<code>' . esc_html( $new_status ) . '</code>' ); 779 } elseif ( preg_match( '/^status-/', $row['event'] ) ) { 780 $new_status = preg_replace( '/^status-/', '', $row['event'] ); 781 782 if ( isset( $row['user'] ) ) { 783 /* translators: %1$s is a username; %2$s is a short string (like 'spam' or 'approved') denoting the new comment status. */ 784 $message = sprintf( esc_html( __( '%1$s changed the comment status to %2$s.', 'akismet' ) ), $row['user'], '<code>' . esc_html( $new_status ) . '</code>' ); 785 } 786 } 787 break; 788 } 789 } 790 791 if ( ! empty( $message ) ) { 792 echo '<p>'; 793 794 if ( isset( $row['time'] ) ) { 795 $time = gmdate( 'D d M Y @ h:i:s a', (int) $row['time'] ) . ' GMT'; 796 797 /* translators: The placeholder is an amount of time, like "7 seconds" or "3 days" returned by the function human_time_diff(). */ 798 $time_html = '<span style="color: #999;" alt="' . esc_attr( $time ) . '" title="' . esc_attr( $time ) . '">' . sprintf( esc_html__( '%s ago', 'akismet' ), human_time_diff( $row['time'] ) ) . '</span>'; 799 800 printf( 801 /* translators: %1$s is a human-readable time difference, like "3 hours ago", and %2$s is an already-translated phrase describing how a comment's status changed, like "This comment was reported as spam." */ 802 esc_html( __( '%1$s - %2$s', 'akismet' ) ), 803 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 804 $time_html, 805 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 806 $message 807 ); // esc_html() is done above so that we can use HTML in $message. 808 } else { 809 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped 810 echo $message; // esc_html() is done above so that we can use HTML in $message. 811 } 812 813 echo '</p>'; 814 } 815 } 816 } else { 817 echo '<p>'; 818 echo esc_html( __( 'No comment history.', 'akismet' ) ); 819 echo '</p>'; 820 } 821 } 822 823 public static function plugin_action_links( $links, $file ) { 824 if ( $file == plugin_basename( plugin_dir_url( __FILE__ ) . '/akismet.php' ) ) { 825 $links[] = '<a href="' . esc_url( self::get_page_url() ) . '">' . esc_html__( 'Settings', 'akismet' ) . '</a>'; 826 } 827 828 return $links; 829 } 830 831 // Total spam in queue 832 // get_option( 'akismet_spam_count' ) is the total caught ever 833 public static function get_spam_count( $type = false ) { 834 global $wpdb; 835 836 if ( ! $type ) { // total 837 $count = wp_cache_get( 'akismet_spam_count', 'widget' ); 838 if ( false === $count ) { 839 $count = wp_count_comments(); 840 $count = $count->spam; 841 wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 ); 842 } 843 return $count; 844 } elseif ( 'comments' == $type || 'comment' == $type ) { // comments 845 $type = ''; 846 } 847 848 return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam' AND comment_type = %s", $type ) ); 849 } 850 851 // Check connectivity between the WordPress blog and Akismet's servers. 852 // Returns an associative array of server IP addresses, where the key is the IP address, and value is true (available) or false (unable to connect). 853 public static function check_server_ip_connectivity() { 854 855 $servers = $ips = array(); 856 857 // Some web hosts may disable this function 858 if ( function_exists( 'gethostbynamel' ) ) { 859 860 $ips = gethostbynamel( 'rest.akismet.com' ); 861 if ( $ips && is_array( $ips ) && count( $ips ) ) { 862 $api_key = Akismet::get_api_key(); 863 864 foreach ( $ips as $ip ) { 865 $response = Akismet::verify_key( $api_key, $ip ); 866 // even if the key is invalid, at least we know we have connectivity 867 if ( $response == 'valid' || $response == 'invalid' ) { 868 $servers[ $ip ] = 'connected'; 869 } else { 870 $servers[ $ip ] = $response ? $response : 'unable to connect'; 871 } 872 } 873 } 874 } 875 876 return $servers; 877 } 878 879 // Simpler connectivity check 880 public static function check_server_connectivity( $cache_timeout = 86400 ) { 881 882 $debug = array(); 883 $debug['PHP_VERSION'] = PHP_VERSION; 884 $debug['WORDPRESS_VERSION'] = $GLOBALS['wp_version']; 885 $debug['AKISMET_VERSION'] = AKISMET_VERSION; 886 $debug['AKISMET__PLUGIN_DIR'] = AKISMET__PLUGIN_DIR; 887 $debug['SITE_URL'] = site_url(); 888 $debug['HOME_URL'] = home_url(); 889 890 $servers = get_option( 'akismet_available_servers' ); 891 if ( ( time() - get_option( 'akismet_connectivity_time' ) < $cache_timeout ) && $servers !== false ) { 892 $servers = self::check_server_ip_connectivity(); 893 update_option( 'akismet_available_servers', $servers ); 894 update_option( 'akismet_connectivity_time', time() ); 895 } 896 897 if ( wp_http_supports( array( 'ssl' ) ) ) { 898 $response = wp_remote_get( 'https://rest.akismet.com/1.1/test' ); 899 } else { 900 $response = wp_remote_get( 'http://rest.akismet.com/1.1/test' ); 901 } 902 903 $debug['gethostbynamel'] = function_exists( 'gethostbynamel' ) ? 'exists' : 'not here'; 904 $debug['Servers'] = $servers; 905 $debug['Test Connection'] = $response; 906 907 Akismet::log( $debug ); 908 909 if ( $response && 'connected' == wp_remote_retrieve_body( $response ) ) { 910 return true; 911 } 912 913 return false; 914 } 915 916 // Check the server connectivity and store the available servers in an option. 917 public static function get_server_connectivity( $cache_timeout = 86400 ) { 918 return self::check_server_connectivity( $cache_timeout ); 919 } 920 921 /** 922 * Find out whether any comments in the Pending queue have not yet been checked by Akismet. 923 * 924 * @return bool 925 */ 926 public static function are_any_comments_waiting_to_be_checked() { 927 return ! ! get_comments( 928 array( 929 // Exclude comments that are not pending. This would happen if someone manually approved or spammed a comment 930 // that was waiting to be checked. The akismet_error meta entry will eventually be removed by the cron recheck job. 931 'status' => 'hold', 932 933 // This is the commentmeta that is saved when a comment couldn't be checked. 934 'meta_key' => 'akismet_error', 935 936 // We only need to know whether at least one comment is waiting for a check. 937 'number' => 1, 938 ) 939 ); 940 } 941 942 public static function get_page_url( $page = 'config' ) { 943 944 $args = array( 'page' => 'akismet-key-config' ); 945 946 if ( $page == 'stats' ) { 947 $args = array( 948 'page' => 'akismet-key-config', 949 'view' => 'stats', 950 ); 951 } elseif ( $page == 'delete_key' ) { 952 $args = array( 953 'page' => 'akismet-key-config', 954 'view' => 'start', 955 'action' => 'delete-key', 956 '_wpnonce' => wp_create_nonce( self::NONCE ), 957 ); 958 } elseif ( $page === 'init' ) { 959 $args = array( 960 'page' => 'akismet-key-config', 961 'view' => 'start', 962 ); 963 } 964 965 return add_query_arg( $args, menu_page_url( 'akismet-key-config', false ) ); 966 } 967 968 public static function get_akismet_user( $api_key ) { 969 $akismet_user = false; 970 971 $request_args = array( 972 'key' => $api_key, 973 'blog' => get_option( 'home' ), 974 ); 975 976 $request_args = apply_filters( 'akismet_request_args', $request_args, 'get-subscription' ); 977 978 $subscription_verification = Akismet::http_post( Akismet::build_query( $request_args ), 'get-subscription' ); 979 980 if ( ! empty( $subscription_verification[1] ) ) { 981 if ( 'invalid' !== $subscription_verification[1] ) { 982 $akismet_user = json_decode( $subscription_verification[1] ); 983 } 984 } 985 986 return $akismet_user; 987 } 988 989 public static function get_stats( $api_key ) { 990 $stat_totals = array(); 991 992 foreach ( array( '6-months', 'all' ) as $interval ) { 993 $request_args = array( 994 'blog' => get_option( 'home' ), 995 'key' => $api_key, 996 'from' => $interval, 997 ); 998 999 $request_args = apply_filters( 'akismet_request_args', $request_args, 'get-stats' ); 1000 1001 $response = Akismet::http_post( Akismet::build_query( $request_args ), 'get-stats' ); 1002 1003 if ( ! empty( $response[1] ) ) { 1004 $data = json_decode( $response[1] ); 1005 /* 1006 * The json decoded response should be an object. If it's not an object, something's wrong, and the data 1007 * shouldn't be added to the stats_totals array. 1008 */ 1009 if ( is_object( $data ) ) { 1010 $stat_totals[ $interval ] = $data; 1011 } 1012 } 1013 } 1014 1015 return $stat_totals; 1016 } 1017 1018 public static function verify_wpcom_key( $api_key, $user_id, $extra = array() ) { 1019 $request_args = array_merge( 1020 array( 1021 'user_id' => $user_id, 1022 'api_key' => $api_key, 1023 'get_account_type' => 'true', 1024 ), 1025 $extra 1026 ); 1027 1028 $request_args = apply_filters( 'akismet_request_args', $request_args, 'verify-wpcom-key' ); 1029 1030 $akismet_account = Akismet::http_post( Akismet::build_query( $request_args ), 'verify-wpcom-key' ); 1031 1032 if ( ! empty( $akismet_account[1] ) ) { 1033 $akismet_account = json_decode( $akismet_account[1] ); 1034 } 1035 1036 Akismet::log( compact( 'akismet_account' ) ); 1037 1038 return $akismet_account; 1039 } 1040 1041 public static function connect_jetpack_user() { 1042 1043 if ( $jetpack_user = self::get_jetpack_user() ) { 1044 if ( isset( $jetpack_user['user_id'] ) && isset( $jetpack_user['api_key'] ) ) { 1045 $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'], array( 'action' => 'connect_jetpack_user' ) ); 1046 1047 if ( is_object( $akismet_user ) ) { 1048 self::save_key( $akismet_user->api_key ); 1049 return in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) ); 1050 } 1051 } 1052 } 1053 1054 return false; 1055 } 1056 1057 public static function display_alert() { 1058 Akismet::view( 1059 'notice', 1060 array( 1061 'type' => 'alert', 1062 'code' => (int) get_option( 'akismet_alert_code' ), 1063 'msg' => get_option( 'akismet_alert_msg' ), 1064 ) 1065 ); 1066 } 1067 1068 public static function get_usage_limit_alert_data() { 1069 return array( 1070 'type' => 'usage-limit', 1071 'code' => (int) get_option( 'akismet_alert_code' ), 1072 'msg' => get_option( 'akismet_alert_msg' ), 1073 'api_calls' => get_option( 'akismet_alert_api_calls' ), 1074 'usage_limit' => get_option( 'akismet_alert_usage_limit' ), 1075 'upgrade_plan' => get_option( 'akismet_alert_upgrade_plan' ), 1076 'upgrade_url' => get_option( 'akismet_alert_upgrade_url' ), 1077 'upgrade_type' => get_option( 'akismet_alert_upgrade_type' ), 1078 'upgrade_via_support' => get_option( 'akismet_alert_upgrade_via_support' ) === 'true', 1079 ); 1080 } 1081 1082 public static function display_usage_limit_alert() { 1083 Akismet::view( 'notice', self::get_usage_limit_alert_data() ); 1084 } 1085 1086 public static function display_spam_check_warning() { 1087 Akismet::fix_scheduled_recheck(); 1088 1089 if ( wp_next_scheduled( 'akismet_schedule_cron_recheck' ) > time() && self::are_any_comments_waiting_to_be_checked() ) { 1090 /* 1091 * The 'akismet_display_cron_disabled_notice' filter can be used to control whether the WP-Cron disabled notice is displayed. 1092 */ 1093 if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON && apply_filters( 'akismet_display_cron_disabled_notice', true ) ) { 1094 Akismet::view( 'notice', array( 'type' => 'spam-check-cron-disabled' ) ); 1095 } else { 1096 /* translators: The Akismet configuration page URL. */ 1097 $link_text = apply_filters( 'akismet_spam_check_warning_link_text', sprintf( __( 'Please check your <a href="%s">Akismet configuration</a> and contact your web host if problems persist.', 'akismet' ), esc_url( self::get_page_url() ) ) ); 1098 Akismet::view( 1099 'notice', 1100 array( 1101 'type' => 'spam-check', 1102 'link_text' => $link_text, 1103 ) 1104 ); 1105 } 1106 } 1107 } 1108 1109 public static function display_api_key_warning() { 1110 Akismet::view( 'notice', array( 'type' => 'plugin' ) ); 1111 } 1112 1113 public static function display_page() { 1114 if ( ! Akismet::get_api_key() || ( isset( $_GET['view'] ) && $_GET['view'] == 'start' ) ) { 1115 self::display_start_page(); 1116 } elseif ( isset( $_GET['view'] ) && $_GET['view'] == 'stats' ) { 1117 self::display_stats_page(); 1118 } else { 1119 self::display_configuration_page(); 1120 } 1121 } 1122 1123 public static function display_start_page() { 1124 if ( isset( $_GET['action'] ) ) { 1125 if ( $_GET['action'] == 'delete-key' ) { 1126 if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], self::NONCE ) ) { 1127 delete_option( 'wordpress_api_key' ); 1128 } 1129 } 1130 } 1131 1132 if ( $api_key = Akismet::get_api_key() && ( empty( self::$notices['status'] ) || 'existing-key-invalid' != self::$notices['status'] ) ) { 1133 self::display_configuration_page(); 1134 return; 1135 } 1136 1137 // the user can choose to auto connect their API key by clicking a button on the akismet done page 1138 // if jetpack, get verified api key by using connected wpcom user id 1139 // if no jetpack, get verified api key by using an akismet token 1140 1141 $akismet_user = false; 1142 1143 if ( isset( $_GET['token'] ) && preg_match( '/^(\d+)-[0-9a-f]{20}$/', $_GET['token'] ) ) { 1144 $akismet_user = self::verify_wpcom_key( '', '', array( 'token' => $_GET['token'] ) ); 1145 } elseif ( $jetpack_user = self::get_jetpack_user() ) { 1146 $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'] ); 1147 } 1148 1149 if ( isset( $_GET['action'] ) ) { 1150 if ( $_GET['action'] == 'save-key' ) { 1151 if ( is_object( $akismet_user ) ) { 1152 self::save_key( $akismet_user->api_key ); 1153 self::display_configuration_page(); 1154 return; 1155 } 1156 } 1157 } 1158 1159 Akismet::view( 'start', compact( 'akismet_user' ) ); 1160 1161 /* 1162 // To see all variants when testing. 1163 $akismet_user->status = 'no-sub'; 1164 Akismet::view( 'start', compact( 'akismet_user' ) ); 1165 $akismet_user->status = 'cancelled'; 1166 Akismet::view( 'start', compact( 'akismet_user' ) ); 1167 $akismet_user->status = 'suspended'; 1168 Akismet::view( 'start', compact( 'akismet_user' ) ); 1169 $akismet_user->status = 'other'; 1170 Akismet::view( 'start', compact( 'akismet_user' ) ); 1171 $akismet_user = false; 1172 */ 1173 } 1174 1175 public static function display_stats_page() { 1176 Akismet::view( 'stats' ); 1177 } 1178 1179 public static function display_configuration_page() { 1180 $api_key = Akismet::get_api_key(); 1181 $akismet_user = self::get_akismet_user( $api_key ); 1182 1183 if ( ! $akismet_user ) { 1184 // This could happen if the user's key became invalid after it was previously valid and successfully set up. 1185 self::$notices['status'] = 'existing-key-invalid'; 1186 self::display_start_page(); 1187 return; 1188 } 1189 1190 $stat_totals = self::get_stats( $api_key ); 1191 1192 // If unset, create the new strictness option using the old discard option to determine its default. 1193 // If the old option wasn't set, default to discarding the blatant spam. 1194 if ( get_option( 'akismet_strictness' ) === false ) { 1195 add_option( 'akismet_strictness', ( get_option( 'akismet_discard_month' ) === 'false' ? '0' : '1' ) ); 1196 } 1197 1198 // Sync the local "Total spam blocked" count with the authoritative count from the server. 1199 if ( isset( $stat_totals['all'], $stat_totals['all']->spam ) ) { 1200 update_option( 'akismet_spam_count', $stat_totals['all']->spam ); 1201 } 1202 1203 $notices = array(); 1204 1205 if ( empty( self::$notices ) ) { 1206 if ( ! empty( $stat_totals['all'] ) && isset( $stat_totals['all']->time_saved ) && $akismet_user->status == 'active' && $akismet_user->account_type == 'free-api-key' ) { 1207 1208 $time_saved = false; 1209 1210 if ( $stat_totals['all']->time_saved > 1800 ) { 1211 $total_in_minutes = round( $stat_totals['all']->time_saved / 60 ); 1212 $total_in_hours = round( $total_in_minutes / 60 ); 1213 $total_in_days = round( $total_in_hours / 8 ); 1214 $cleaning_up = __( 'Cleaning up spam takes time.', 'akismet' ); 1215 1216 if ( $total_in_days > 1 ) { 1217 /* translators: %s: Number of days. */ 1218 $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %s day!', 'Akismet has saved you %s days!', $total_in_days, 'akismet' ), number_format_i18n( $total_in_days ) ); 1219 } elseif ( $total_in_hours > 1 ) { 1220 /* translators: %s: Number of hours. */ 1221 $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d hour!', 'Akismet has saved you %d hours!', $total_in_hours, 'akismet' ), $total_in_hours ); 1222 } elseif ( $total_in_minutes >= 30 ) { 1223 /* translators: %s: Number of minutes. */ 1224 $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d minute!', 'Akismet has saved you %d minutes!', $total_in_minutes, 'akismet' ), $total_in_minutes ); 1225 } 1226 } 1227 1228 $notices[] = array( 1229 'type' => 'active-notice', 1230 'time_saved' => $time_saved, 1231 ); 1232 } 1233 } 1234 1235 if ( ! Akismet::predefined_api_key() && ! isset( self::$notices['status'] ) && in_array( $akismet_user->status, array( 'cancelled', 'suspended', 'missing', 'no-sub' ) ) ) { 1236 $notices[] = array( 'type' => $akismet_user->status ); 1237 } 1238 1239 $alert_code = get_option( 'akismet_alert_code' ); 1240 if ( isset( Akismet::$limit_notices[ $alert_code ] ) ) { 1241 $notices[] = self::get_usage_limit_alert_data(); 1242 } elseif ( $alert_code > 0 ) { 1243 $notices[] = array( 1244 'type' => 'alert', 1245 'code' => (int) get_option( 'akismet_alert_code' ), 1246 'msg' => get_option( 'akismet_alert_msg' ), 1247 ); 1248 } 1249 1250 /* 1251 * To see all variants when testing. 1252 * 1253 * You may also want to comment out the akismet_view_arguments filter in Akismet::view() 1254 * to ensure that you can see all of the notices (e.g. suspended, active-notice). 1255 */ 1256 // $notices[] = array( 'type' => 'active-notice', 'time_saved' => 'Cleaning up spam takes time. Akismet has saved you 1 minute!' ); 1257 // $notices[] = array( 'type' => 'plugin' ); 1258 // $notices[] = array( 'type' => 'notice', 'notice_header' => 'This is the notice header.', 'notice_text' => 'This is the notice text.' ); 1259 // $notices[] = array( 'type' => 'missing-functions' ); 1260 // $notices[] = array( 'type' => 'servers-be-down' ); 1261 // $notices[] = array( 'type' => 'active-dunning' ); 1262 // $notices[] = array( 'type' => 'cancelled' ); 1263 // $notices[] = array( 'type' => 'suspended' ); 1264 // $notices[] = array( 'type' => 'missing' ); 1265 // $notices[] = array( 'type' => 'no-sub' ); 1266 // $notices[] = array( 'type' => 'new-key-valid' ); 1267 // $notices[] = array( 'type' => 'new-key-invalid' ); 1268 // $notices[] = array( 'type' => 'existing-key-invalid' ); 1269 // $notices[] = array( 'type' => 'new-key-failed' ); 1270 // $notices[] = array( 'type' => 'usage-limit', 'api_calls' => '15000', 'usage_limit' => '10000', 'upgrade_plan' => 'Enterprise', 'upgrade_url' => 'https://akismet.com/account/', 'code' => 10502 ); 1271 // $notices[] = array( 'type' => 'spam-check', 'link_text' => 'Link text.' ); 1272 // $notices[] = array( 'type' => 'spam-check-cron-disabled' ); 1273 // $notices[] = array( 'type' => 'alert', 'code' => 123 ); 1274 // $notices[] = array( 'type' => 'alert', 'code' => Akismet::ALERT_CODE_COMMERCIAL ); 1275 1276 Akismet::log( compact( 'stat_totals', 'akismet_user' ) ); 1277 Akismet::view( 'config', compact( 'api_key', 'akismet_user', 'stat_totals', 'notices' ) ); 1278 } 1279 1280 public static function display_notice() { 1281 global $hook_suffix; 1282 1283 if ( in_array( $hook_suffix, array( 'jetpack_page_akismet-key-config', 'settings_page_akismet-key-config' ) ) ) { 1284 // This page manages the notices and puts them inline where they make sense. 1285 return; 1286 } 1287 1288 // To see notice variants while testing. 1289 // Akismet::view( 'notice', array( 'type' => 'spam-check-cron-disabled' ) ); 1290 // Akismet::view( 'notice', array( 'type' => 'spam-check' ) ); 1291 // Akismet::view( 'notice', array( 'type' => 'alert', 'code' => 123, 'msg' => 'Message' ) ); 1292 1293 if ( in_array( $hook_suffix, array( 'edit-comments.php' ) ) && (int) get_option( 'akismet_alert_code' ) > 0 ) { 1294 Akismet::verify_key( Akismet::get_api_key() ); // verify that the key is still in alert state 1295 1296 $alert_code = get_option( 'akismet_alert_code' ); 1297 if ( isset( Akismet::$limit_notices[ $alert_code ] ) ) { 1298 self::display_usage_limit_alert(); 1299 } elseif ( $alert_code > 0 ) { 1300 self::display_alert(); 1301 } 1302 } elseif ( in_array( $hook_suffix, self::$activation_banner_pages, true ) && ! Akismet::get_api_key() ) { 1303 // Show the "Set Up Akismet" banner on the comments and plugin pages if no API key has been set. 1304 self::display_api_key_warning(); 1305 } elseif ( $hook_suffix == 'edit-comments.php' && wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { 1306 self::display_spam_check_warning(); 1307 } 1308 1309 if ( isset( $_GET['akismet_recheck_complete'] ) ) { 1310 $recheck_count = (int) $_GET['recheck_count']; 1311 $spam_count = (int) $_GET['spam_count']; 1312 1313 if ( $recheck_count === 0 ) { 1314 $message = __( 'There were no comments to check. Akismet will only check comments awaiting moderation.', 'akismet' ); 1315 } else { 1316 /* translators: %s: Number of comments. */ 1317 $message = sprintf( _n( 'Akismet checked %s comment.', 'Akismet checked %s comments.', $recheck_count, 'akismet' ), number_format( $recheck_count ) ); 1318 $message .= ' '; 1319 1320 if ( $spam_count === 0 ) { 1321 $message .= __( 'No comments were caught as spam.', 'akismet' ); 1322 } else { 1323 /* translators: %s: Number of comments. */ 1324 $message .= sprintf( _n( '%s comment was caught as spam.', '%s comments were caught as spam.', $spam_count, 'akismet' ), number_format( $spam_count ) ); 1325 } 1326 } 1327 1328 echo '<div class="notice notice-success"><p>' . esc_html( $message ) . '</p></div>'; 1329 } elseif ( isset( $_GET['akismet_recheck_error'] ) ) { 1330 echo '<div class="notice notice-error"><p>' . esc_html( __( 'Akismet could not recheck your comments for spam.', 'akismet' ) ) . '</p></div>'; 1331 } 1332 } 1333 1334 public static function display_status() { 1335 if ( ! self::get_server_connectivity() ) { 1336 Akismet::view( 'notice', array( 'type' => 'servers-be-down' ) ); 1337 } elseif ( ! empty( self::$notices ) ) { 1338 foreach ( self::$notices as $index => $type ) { 1339 if ( is_object( $type ) ) { 1340 $notice_header = $notice_text = ''; 1341 1342 if ( property_exists( $type, 'notice_header' ) ) { 1343 $notice_header = wp_kses( $type->notice_header, self::$allowed ); 1344 } 1345 1346 if ( property_exists( $type, 'notice_text' ) ) { 1347 $notice_text = wp_kses( $type->notice_text, self::$allowed ); 1348 } 1349 1350 if ( property_exists( $type, 'status' ) ) { 1351 $type = wp_kses( $type->status, self::$allowed ); 1352 Akismet::view( 'notice', compact( 'type', 'notice_header', 'notice_text' ) ); 1353 1354 unset( self::$notices[ $index ] ); 1355 } 1356 } else { 1357 Akismet::view( 'notice', compact( 'type' ) ); 1358 1359 unset( self::$notices[ $index ] ); 1360 } 1361 } 1362 } 1363 } 1364 1365 private static function get_jetpack_user() { 1366 if ( ! class_exists( 'Jetpack' ) ) { 1367 return false; 1368 } 1369 1370 if ( defined( 'JETPACK__VERSION' ) && version_compare( JETPACK__VERSION, '7.7', '<' ) ) { 1371 // For version of Jetpack prior to 7.7. 1372 Jetpack::load_xml_rpc_client(); 1373 } 1374 1375 $xml = new Jetpack_IXR_ClientMulticall( array( 'user_id' => get_current_user_id() ) ); 1376 1377 $xml->addCall( 'wpcom.getUserID' ); 1378 $xml->addCall( 'akismet.getAPIKey' ); 1379 $xml->query(); 1380 1381 Akismet::log( compact( 'xml' ) ); 1382 1383 if ( ! $xml->isError() ) { 1384 $responses = $xml->getResponse(); 1385 if ( ( is_countable( $responses ) ? count( $responses ) : 0 ) > 1 ) { 1386 // Due to a quirk in how Jetpack does multi-calls, the response order 1387 // can't be trusted to match the call order. It's a good thing our 1388 // return values can be mostly differentiated from each other. 1389 $first_response_value = array_shift( $responses[0] ); 1390 $second_response_value = array_shift( $responses[1] ); 1391 1392 // If WPCOM ever reaches 100 billion users, this will fail. :-) 1393 if ( preg_match( '/^[a-f0-9]{12}$/i', $first_response_value ) ) { 1394 $api_key = $first_response_value; 1395 $user_id = (int) $second_response_value; 1396 } else { 1397 $api_key = $second_response_value; 1398 $user_id = (int) $first_response_value; 1399 } 1400 1401 return compact( 'api_key', 'user_id' ); 1402 } 1403 } 1404 return false; 1405 } 1406 1407 /** 1408 * Some commentmeta isn't useful in an export file. Suppress it (when supported). 1409 * 1410 * @param bool $exclude 1411 * @param string $key The meta key 1412 * @param object $meta The meta object 1413 * @return bool Whether to exclude this meta entry from the export. 1414 */ 1415 public static function exclude_commentmeta_from_export( $exclude, $key, $meta ) { 1416 if ( in_array( $key, array( 'akismet_as_submitted', 'akismet_rechecking', 'akismet_delayed_moderation_email' ) ) ) { 1417 return true; 1418 } 1419 1420 return $exclude; 1421 } 1422 1423 /** 1424 * When Akismet is active, remove the "Activate Akismet" step from the plugin description. 1425 */ 1426 public static function modify_plugin_description( $all_plugins ) { 1427 if ( isset( $all_plugins['akismet/akismet.php'] ) ) { 1428 if ( Akismet::get_api_key() ) { 1429 $all_plugins['akismet/akismet.php']['Description'] = __( 'Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. Your site is fully configured and being protected, even while you sleep.', 'akismet' ); 1430 } else { 1431 $all_plugins['akismet/akismet.php']['Description'] = __( 'Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started, just go to <a href="admin.php?page=akismet-key-config">your Akismet Settings page</a> to set up your API key.', 'akismet' ); 1432 } 1433 } 1434 1435 return $all_plugins; 1436 } 1437 1438 private static function set_form_privacy_notice_option( $state ) { 1439 if ( in_array( $state, array( 'display', 'hide' ) ) ) { 1440 update_option( 'akismet_comment_form_privacy_notice', $state ); 1441 } 1442 } 1443 1444 public static function register_personal_data_eraser( $erasers ) { 1445 $erasers['akismet'] = array( 1446 'eraser_friendly_name' => __( 'Akismet', 'akismet' ), 1447 'callback' => array( 'Akismet_Admin', 'erase_personal_data' ), 1448 ); 1449 1450 return $erasers; 1451 } 1452 1453 /** 1454 * When a user requests that their personal data be removed, Akismet has a duty to discard 1455 * any personal data we store outside of the comment itself. Right now, that is limited 1456 * to the copy of the comment we store in the akismet_as_submitted commentmeta. 1457 * 1458 * FWIW, this information would be automatically deleted after 15 days. 1459 * 1460 * @param $email_address string The email address of the user who has requested erasure. 1461 * @param $page int This function can (and will) be called multiple times to prevent timeouts, 1462 * so this argument is used for pagination. 1463 * @return array 1464 * @see https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-eraser-to-your-plugin/ 1465 */ 1466 public static function erase_personal_data( $email_address, $page = 1 ) { 1467 $items_removed = false; 1468 1469 $number = 50; 1470 $page = (int) $page; 1471 1472 $comments = get_comments( 1473 array( 1474 'author_email' => $email_address, 1475 'number' => $number, 1476 'paged' => $page, 1477 'order_by' => 'comment_ID', 1478 'order' => 'ASC', 1479 ) 1480 ); 1481 1482 foreach ( (array) $comments as $comment ) { 1483 $comment_as_submitted = get_comment_meta( $comment->comment_ID, 'akismet_as_submitted', true ); 1484 1485 if ( $comment_as_submitted ) { 1486 delete_comment_meta( $comment->comment_ID, 'akismet_as_submitted' ); 1487 $items_removed = true; 1488 } 1489 } 1490 1491 // Tell core if we have more comments to work on still 1492 $done = ( is_countable( $comments ) ? count( $comments ) : 0 ) < $number; 1493 1494 return array( 1495 'items_removed' => $items_removed, 1496 'items_retained' => false, // always false in this example 1497 'messages' => array(), // no messages in this example 1498 'done' => $done, 1499 ); 1500 } 1501 1502 /** 1503 * Return an array of HTML elements that are allowed in a notice. 1504 * 1505 * @return array 1506 */ 1507 public static function get_notice_kses_allowed_elements() { 1508 return self::$allowed; 1509 } 1510 1511 /** 1512 * Return a version to append to the URL of an asset file (e.g. CSS and images). 1513 * 1514 * @param string $relative_path Relative path to asset file 1515 * @return string 1516 */ 1517 public static function get_asset_file_version( $relative_path ) { 1518 1519 $full_path = AKISMET__PLUGIN_DIR . $relative_path; 1520 1521 // If the AKISMET_VERSION contains a lower-case letter, it's a development version (e.g. 5.3.1a2). 1522 // Use the file modified time in development. 1523 if ( preg_match( '/[a-z]/', AKISMET_VERSION ) && file_exists( $full_path ) ) { 1524 return filemtime( $full_path ); 1525 } 1526 1527 // Otherwise, use the AKISMET_VERSION. 1528 return AKISMET_VERSION; 1529 } 1530 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated : Sat Dec 21 08:20:01 2024 | Cross-referenced by PHPXref |