' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . - '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . - '' . esc_html__( 'On this page, you are able to set up the Akismet plugin.' , 'akismet') . '
', - ) - ); - - $current_screen->add_help_tab( - array( - 'id' => 'setup-signup', - 'title' => __( 'New to Akismet' , 'akismet'), - 'content' => - '' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . - '' . esc_html__( 'You need to enter an API key to activate the Akismet service on your site.' , 'akismet') . '
' . - '' . sprintf( __( 'Sign up for an account on %s to get an API Key.' , 'akismet'), 'Akismet.com' ) . '
', - ) - ); - - $current_screen->add_help_tab( - array( - 'id' => 'setup-manual', - 'title' => __( 'Enter an API Key' , 'akismet'), - 'content' => - '' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . - '' . esc_html__( 'If you already have an API key' , 'akismet') . '
' . - '- ' .
- '
- ' . esc_html__( 'Copy and paste the API key into the text field.' , 'akismet') . ' ' . - '
- ' . esc_html__( 'Click the Use this Key button.' , 'akismet') . ' ' . - '
' . esc_html__( 'Akismet Stats' , 'akismet') . '
' . - '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . - '' . esc_html__( 'On this page, you are able to view stats on spam filtered on your site.' , 'akismet') . '
', - ) - ); - } - else { - //configuration page - $current_screen->add_help_tab( - array( - 'id' => 'overview', - 'title' => __( 'Overview' , 'akismet'), - 'content' => - '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . - '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . - '' . esc_html__( 'On this page, you are able to update your Akismet settings and view spam stats.' , 'akismet') . '
', - ) - ); - - $current_screen->add_help_tab( - array( - 'id' => 'settings', - 'title' => __( 'Settings' , 'akismet'), - 'content' => - '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . - ( Akismet::predefined_api_key() ? '' : '' . esc_html__( 'API Key' , 'akismet') . ' - ' . esc_html__( 'Enter/remove an API key.' , 'akismet') . '
' ) . - '' . esc_html__( 'Comments' , 'akismet') . ' - ' . esc_html__( 'Show the number of approved comments beside each comment author in the comments list page.' , 'akismet') . '
' . - '' . esc_html__( 'Strictness' , 'akismet') . ' - ' . esc_html__( 'Choose to either discard the worst spam automatically or to always put all spam in spam folder.' , 'akismet') . '
', - ) - ); - - if ( ! Akismet::predefined_api_key() ) { - $current_screen->add_help_tab( - array( - 'id' => 'account', - 'title' => __( 'Account' , 'akismet'), - 'content' => - '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . - '' . esc_html__( 'Subscription Type' , 'akismet') . ' - ' . esc_html__( 'The Akismet subscription plan' , 'akismet') . '
' . - '' . esc_html__( 'Status' , 'akismet') . ' - ' . esc_html__( 'The subscription status - active, cancelled or suspended' , 'akismet') . '
', - ) - ); - } - } - } - - // Help Sidebar - $current_screen->set_help_sidebar( - '' . esc_html__( 'For more information:' , 'akismet') . '
' . - '' . esc_html__( 'Akismet FAQ' , 'akismet') . '
' . - '' . esc_html__( 'Akismet Support' , 'akismet') . '
' - ); - } - - public static function enter_api_key() { - if ( ! current_user_can( 'manage_options' ) ) { - die( __( 'Cheatin’ uh?', 'akismet' ) ); - } - - if ( !wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) ) - return false; - - foreach( array( 'akismet_strictness', 'akismet_show_user_comments_approved' ) as $option ) { - update_option( $option, isset( $_POST[$option] ) && (int) $_POST[$option] == 1 ? '1' : '0' ); - } - - if ( ! empty( $_POST['akismet_comment_form_privacy_notice'] ) ) { - self::set_form_privacy_notice_option( $_POST['akismet_comment_form_privacy_notice'] ); - } else { - self::set_form_privacy_notice_option( 'hide' ); - } - - if ( Akismet::predefined_api_key() ) { - return false; //shouldn't have option to save key if already defined - } - - $new_key = preg_replace( '/[^a-f0-9]/i', '', $_POST['key'] ); - $old_key = Akismet::get_api_key(); - - if ( empty( $new_key ) ) { - if ( !empty( $old_key ) ) { - delete_option( 'wordpress_api_key' ); - self::$notices[] = 'new-key-empty'; - } - } - elseif ( $new_key != $old_key ) { - self::save_key( $new_key ); - } - - return true; - } - - public static function save_key( $api_key ) { - $key_status = Akismet::verify_key( $api_key ); - - if ( $key_status == 'valid' ) { - $akismet_user = self::get_akismet_user( $api_key ); - - if ( $akismet_user ) { - if ( in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) ) ) - update_option( 'wordpress_api_key', $api_key ); - - if ( $akismet_user->status == 'active' ) - self::$notices['status'] = 'new-key-valid'; - elseif ( $akismet_user->status == 'notice' ) - self::$notices['status'] = $akismet_user; - else - self::$notices['status'] = $akismet_user->status; - } - else - self::$notices['status'] = 'new-key-invalid'; - } - elseif ( in_array( $key_status, array( 'invalid', 'failed' ) ) ) - self::$notices['status'] = 'new-key-'.$key_status; - } - - public static function dashboard_stats() { - if ( did_action( 'rightnow_end' ) ) { - return; // We already displayed this info in the "Right Now" section - } - - if ( !$count = get_option('akismet_spam_count') ) - return; - - global $submenu; - - echo '' . esc_html( _x( 'Spam', 'comments' , 'akismet') ) . '
'; - - echo ''.sprintf( _n( - 'Akismet has protected your site from %3$s spam comment.', - 'Akismet has protected your site from %3$s spam comments.', - $count - , 'akismet'), 'https://akismet.com/wordpress/', esc_url( add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( isset( $submenu['edit-comments.php'] ) ? 'edit-comments.php' : 'edit.php' ) ) ), number_format_i18n($count) ).'
'; - } - - // WP 2.5+ - public static function rightnow_stats() { - if ( $count = get_option('akismet_spam_count') ) { - $intro = sprintf( _n( - 'Akismet has protected your site from %2$s spam comment already. ', - 'Akismet has protected your site from %2$s spam comments already. ', - $count - , 'akismet'), 'https://akismet.com/wordpress/', number_format_i18n( $count ) ); - } else { - $intro = sprintf( __('Akismet blocks spam from getting to your blog. ', 'akismet'), 'https://akismet.com/wordpress/' ); - } - - $link = add_query_arg( array( 'comment_status' => 'spam' ), admin_url( 'edit-comments.php' ) ); - - if ( $queue_count = self::get_spam_count() ) { - $queue_text = sprintf( _n( - 'There’s %1$s comment in your spam queue right now.', - 'There are %1$s comments in your spam queue right now.', - $queue_count - , 'akismet'), number_format_i18n( $queue_count ), esc_url( $link ) ); - } else { - $queue_text = sprintf( __( "There’s nothing in your spam queue at the moment." , 'akismet'), esc_url( $link ) ); - } - - $text = $intro . '' . $queue_text; - echo "\n"; - } - - public static function check_for_spam_button( $comment_status ) { - // The "Check for Spam" button should only appear when the page might be showing - // a comment with comment_approved=0, which means an un-trashed, un-spammed, - // not-yet-moderated comment. - if ( 'all' != $comment_status && 'moderated' != $comment_status ) { - return; - } - - $link = ''; - - $comments_count = wp_count_comments(); - - echo ''; - echo '
';
-
- $classes = array(
- 'button-secondary',
- 'checkforspam',
- 'button-disabled' // Disable button until the page is loaded
- );
-
- if ( $comments_count->moderated > 0 ) {
- $classes[] = 'enable-on-load';
-
- if ( ! Akismet::get_api_key() ) {
- $link = add_query_arg( array( 'page' => 'akismet-key-config' ), class_exists( 'Jetpack' ) ? admin_url( 'admin.php' ) : admin_url( 'options-general.php' ) );
- $classes[] = 'ajax-disabled';
- }
- }
-
- echo '' . esc_html__('Check for Spam', 'akismet') . '';
- echo '';
- }
-
- public static function recheck_queue() {
- global $wpdb;
-
- Akismet::fix_scheduled_recheck();
-
- if ( ! ( isset( $_GET['recheckqueue'] ) || ( isset( $_REQUEST['action'] ) && 'akismet_recheck_queue' == $_REQUEST['action'] ) ) ) {
- return;
- }
-
- if ( ! wp_verify_nonce( $_POST['nonce'], 'akismet_check_for_spam' ) ) {
- wp_send_json( array(
- 'error' => __( "You don't have permission to do that."),
- ));
- return;
- }
-
- $result_counts = self::recheck_queue_portion( empty( $_POST['offset'] ) ? 0 : $_POST['offset'], empty( $_POST['limit'] ) ? 100 : $_POST['limit'] );
-
- if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
- wp_send_json( array(
- 'counts' => $result_counts,
- ));
- }
- else {
- $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_url( 'edit-comments.php' );
- wp_safe_redirect( $redirect_to );
- exit;
- }
- }
-
- public static function recheck_queue_portion( $start = 0, $limit = 100 ) {
- global $wpdb;
-
- $paginate = '';
-
- if ( $limit <= 0 ) {
- $limit = 100;
- }
-
- if ( $start < 0 ) {
- $start = 0;
- }
-
- $moderation = $wpdb->get_col( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_approved = '0' LIMIT %d OFFSET %d", $limit, $start ) );
-
- $result_counts = array(
- 'processed' => count( $moderation ),
- 'spam' => 0,
- 'ham' => 0,
- 'error' => 0,
- );
-
- foreach ( $moderation as $comment_id ) {
- $api_response = Akismet::recheck_comment( $comment_id, 'recheck_queue' );
-
- if ( 'true' === $api_response ) {
- ++$result_counts['spam'];
- }
- elseif ( 'false' === $api_response ) {
- ++$result_counts['ham'];
- }
- else {
- ++$result_counts['error'];
- }
- }
-
- return $result_counts;
- }
-
- // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link
- public static function remove_comment_author_url() {
- if ( !empty( $_POST['id'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
- $comment_id = intval( $_POST['id'] );
- $comment = get_comment( $comment_id, ARRAY_A );
- if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
- $comment['comment_author_url'] = '';
- do_action( 'comment_remove_author_url' );
- print( wp_update_comment( $comment ) );
- die();
- }
- }
- }
-
- public static function add_comment_author_url() {
- if ( !empty( $_POST['id'] ) && !empty( $_POST['url'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
- $comment_id = intval( $_POST['id'] );
- $comment = get_comment( $comment_id, ARRAY_A );
- if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
- $comment['comment_author_url'] = esc_url( $_POST['url'] );
- do_action( 'comment_add_author_url' );
- print( wp_update_comment( $comment ) );
- die();
- }
- }
- }
-
- public static function comment_row_action( $a, $comment ) {
- $akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
- $akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
- $user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);
- $comment_status = wp_get_comment_status( $comment->comment_ID );
- $desc = null;
- if ( $akismet_error ) {
- $desc = __( 'Awaiting spam check' , 'akismet');
- } elseif ( !$user_result || $user_result == $akismet_result ) {
- // Show the original Akismet result if the user hasn't overridden it, or if their decision was the same
- if ( $akismet_result == 'true' && $comment_status != 'spam' && $comment_status != 'trash' )
- $desc = __( 'Flagged as spam by Akismet' , 'akismet');
- elseif ( $akismet_result == 'false' && $comment_status == 'spam' )
- $desc = __( 'Cleared by Akismet' , 'akismet');
- } else {
- $who = get_comment_meta( $comment->comment_ID, 'akismet_user', true );
- if ( $user_result == 'true' )
- $desc = sprintf( __('Flagged as spam by %s', 'akismet'), $who );
- else
- $desc = sprintf( __('Un-spammed by %s', 'akismet'), $who );
- }
-
- // add a History item to the hover links, just after Edit
- if ( $akismet_result ) {
- $b = array();
- foreach ( $a as $k => $item ) {
- $b[ $k ] = $item;
- if (
- $k == 'edit'
- || $k == 'unspam'
- ) {
- $b['history'] = ' '. esc_html__('History', 'akismet') . '';
- }
- }
-
- $a = $b;
- }
-
- if ( $desc )
- echo '';
-
- $show_user_comments_option = get_option( 'akismet_show_user_comments_approved' );
-
- if ( $show_user_comments_option === false ) {
- // Default to active if the user hasn't made a decision.
- $show_user_comments_option = '1';
- }
-
- $show_user_comments = apply_filters( 'akismet_show_user_comments_approved', $show_user_comments_option );
- $show_user_comments = $show_user_comments === 'false' ? false : $show_user_comments; //option used to be saved as 'false' / 'true'
-
- if ( $show_user_comments ) {
- $comment_count = Akismet::get_user_comments_approved( $comment->user_id, $comment->comment_author_email, $comment->comment_author, $comment->comment_author_url );
- $comment_count = intval( $comment_count );
- echo '';
- }
-
- return $a;
- }
-
- public static function comment_status_meta_box( $comment ) {
- $history = Akismet::get_comment_history( $comment->comment_ID );
-
- if ( $history ) {
- foreach ( $history as $row ) {
- $time = date( 'D d M Y @ h:i:s a', $row['time'] ) . ' GMT';
-
- $message = '';
-
- if ( ! empty( $row['message'] ) ) {
- // Old versions of Akismet stored the message as a literal string in the commentmeta.
- // New versions don't do that for two reasons:
- // 1) Save space.
- // 2) The message can be translated into the current language of the blog, not stuck
- // in the language of the blog when the comment was made.
- $message = esc_html( $row['message'] );
- }
-
- // If possible, use a current translation.
- switch ( $row['event'] ) {
- case 'recheck-spam';
- $message = esc_html( __( 'Akismet re-checked and caught this comment as spam.', 'akismet' ) );
- break;
- case 'check-spam':
- $message = esc_html( __( 'Akismet caught this comment as spam.', 'akismet' ) );
- break;
- case 'recheck-ham':
- $message = esc_html( __( 'Akismet re-checked and cleared this comment.', 'akismet' ) );
- break;
- case 'check-ham':
- $message = esc_html( __( 'Akismet cleared this comment.', 'akismet' ) );
- break;
- case 'wp-blacklisted':
- $message = sprintf( esc_html( __( 'Comment was caught by %s.', 'akismet' ) ), '';
- }
- else if ( isset( $_GET['akismet_recheck_error'] ) ) {
- echo '';
- }
- }
-
- public static function display_status() {
- if ( ! self::get_server_connectivity() ) {
- Akismet::view( 'notice', array( 'type' => 'servers-be-down' ) );
- }
- else if ( ! empty( self::$notices ) ) {
- foreach ( self::$notices as $index => $type ) {
- if ( is_object( $type ) ) {
- $notice_header = $notice_text = '';
-
- if ( property_exists( $type, 'notice_header' ) ) {
- $notice_header = wp_kses( $type->notice_header, self::$allowed );
- }
-
- if ( property_exists( $type, 'notice_text' ) ) {
- $notice_text = wp_kses( $type->notice_text, self::$allowed );
- }
-
- if ( property_exists( $type, 'status' ) ) {
- $type = wp_kses( $type->status, self::$allowed );
- Akismet::view( 'notice', compact( 'type', 'notice_header', 'notice_text' ) );
-
- unset( self::$notices[ $index ] );
- }
- }
- else {
- Akismet::view( 'notice', compact( 'type' ) );
-
- unset( self::$notices[ $index ] );
- }
- }
- }
- }
-
- private static function get_jetpack_user() {
- if ( !class_exists('Jetpack') )
- return false;
-
- if ( defined( 'JETPACK__VERSION' ) && version_compare( JETPACK__VERSION, '7.7', '<' ) ) {
- // For version of Jetpack prior to 7.7.
- Jetpack::load_xml_rpc_client();
- }
-
- $xml = new Jetpack_IXR_ClientMulticall( array( 'user_id' => get_current_user_id() ) );
-
- $xml->addCall( 'wpcom.getUserID' );
- $xml->addCall( 'akismet.getAPIKey' );
- $xml->query();
-
- Akismet::log( compact( 'xml' ) );
-
- if ( !$xml->isError() ) {
- $responses = $xml->getResponse();
- if ( count( $responses ) > 1 ) {
- // Due to a quirk in how Jetpack does multi-calls, the response order
- // can't be trusted to match the call order. It's a good thing our
- // return values can be mostly differentiated from each other.
- $first_response_value = array_shift( $responses[0] );
- $second_response_value = array_shift( $responses[1] );
-
- // If WPCOM ever reaches 100 billion users, this will fail. :-)
- if ( preg_match( '/^[a-f0-9]{12}$/i', $first_response_value ) ) {
- $api_key = $first_response_value;
- $user_id = (int) $second_response_value;
- }
- else {
- $api_key = $second_response_value;
- $user_id = (int) $first_response_value;
- }
-
- return compact( 'api_key', 'user_id' );
- }
- }
- return false;
- }
-
- /**
- * Some commentmeta isn't useful in an export file. Suppress it (when supported).
- *
- * @param bool $exclude
- * @param string $key The meta key
- * @param object $meta The meta object
- * @return bool Whether to exclude this meta entry from the export.
- */
- public static function exclude_commentmeta_from_export( $exclude, $key, $meta ) {
- if ( in_array( $key, array( 'akismet_as_submitted', 'akismet_rechecking', 'akismet_delayed_moderation_email' ) ) ) {
- return true;
- }
-
- return $exclude;
- }
-
- /**
- * When Akismet is active, remove the "Activate Akismet" step from the plugin description.
- */
- public static function modify_plugin_description( $all_plugins ) {
- if ( isset( $all_plugins['akismet/akismet.php'] ) ) {
- if ( Akismet::get_api_key() ) {
- $all_plugins['akismet/akismet.php']['Description'] = __( 'Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. Your site is fully configured and being protected, even while you sleep.', 'akismet' );
- }
- else {
- $all_plugins['akismet/akismet.php']['Description'] = __( 'Used by millions, Akismet is quite possibly the best way in the world to protect your blog from spam. It keeps your site protected even while you sleep. To get started, just go to your Akismet Settings page to set up your API key.', 'akismet' );
- }
- }
-
- return $all_plugins;
- }
-
- private static function set_form_privacy_notice_option( $state ) {
- if ( in_array( $state, array( 'display', 'hide' ) ) ) {
- update_option( 'akismet_comment_form_privacy_notice', $state );
- }
- }
-
- public static function register_personal_data_eraser( $erasers ) {
- $erasers['akismet'] = array(
- 'eraser_friendly_name' => __( 'Akismet', 'akismet' ),
- 'callback' => array( 'Akismet_Admin', 'erase_personal_data' ),
- );
-
- return $erasers;
- }
-
- /**
- * When a user requests that their personal data be removed, Akismet has a duty to discard
- * any personal data we store outside of the comment itself. Right now, that is limited
- * to the copy of the comment we store in the akismet_as_submitted commentmeta.
- *
- * FWIW, this information would be automatically deleted after 15 days.
- *
- * @param $email_address string The email address of the user who has requested erasure.
- * @param $page int This function can (and will) be called multiple times to prevent timeouts,
- * so this argument is used for pagination.
- * @return array
- * @see https://developer.wordpress.org/plugins/privacy/adding-the-personal-data-eraser-to-your-plugin/
- */
- public static function erase_personal_data( $email_address, $page = 1 ) {
- $items_removed = false;
-
- $number = 50;
- $page = (int) $page;
-
- $comments = get_comments(
- array(
- 'author_email' => $email_address,
- 'number' => $number,
- 'paged' => $page,
- 'order_by' => 'comment_ID',
- 'order' => 'ASC',
- )
- );
-
- foreach ( (array) $comments as $comment ) {
- $comment_as_submitted = get_comment_meta( $comment->comment_ID, 'akismet_as_submitted', true );
-
- if ( $comment_as_submitted ) {
- delete_comment_meta( $comment->comment_ID, 'akismet_as_submitted' );
- $items_removed = true;
- }
- }
-
- // Tell core if we have more comments to work on still
- $done = count( $comments ) < $number;
-
- return array(
- 'items_removed' => $items_removed,
- 'items_retained' => false, // always false in this example
- 'messages' => array(), // no messages in this example
- 'done' => $done,
- );
- }
-}
diff --git a/wp-content/plugins/akismet/class.akismet-cli.php b/wp-content/plugins/akismet/class.akismet-cli.php
deleted file mode 100644
index 9cbe7a9..0000000
--- a/wp-content/plugins/akismet/class.akismet-cli.php
+++ /dev/null
@@ -1,185 +0,0 @@
-...
- * : The ID(s) of the comment(s) to check.
- *
- * [--noaction]
- * : Don't change the status of the comment. Just report what Akismet thinks it is.
- *
- * ## EXAMPLES
- *
- * wp akismet check 12345
- *
- * @alias comment-check
- */
- public function check( $args, $assoc_args ) {
- foreach ( $args as $comment_id ) {
- if ( isset( $assoc_args['noaction'] ) ) {
- // Check the comment, but don't reclassify it.
- $api_response = Akismet::check_db_comment( $comment_id, 'wp-cli' );
- }
- else {
- $api_response = Akismet::recheck_comment( $comment_id, 'wp-cli' );
- }
-
- if ( 'true' === $api_response ) {
- WP_CLI::line( sprintf( __( "Comment #%d is spam.", 'akismet' ), $comment_id ) );
- }
- else if ( 'false' === $api_response ) {
- WP_CLI::line( sprintf( __( "Comment #%d is not spam.", 'akismet' ), $comment_id ) );
- }
- else {
- if ( false === $api_response ) {
- WP_CLI::error( __( "Failed to connect to Akismet.", 'akismet' ) );
- }
- else if ( is_wp_error( $api_response ) ) {
- WP_CLI::warning( sprintf( __( "Comment #%d could not be checked.", 'akismet' ), $comment_id ) );
- }
- }
- }
- }
-
- /**
- * Recheck all comments in the Pending queue.
- *
- * ## EXAMPLES
- *
- * wp akismet recheck_queue
- *
- * @alias recheck-queue
- */
- public function recheck_queue() {
- $batch_size = 100;
- $start = 0;
-
- $total_counts = array();
-
- do {
- $result_counts = Akismet_Admin::recheck_queue_portion( $start, $batch_size );
-
- if ( $result_counts['processed'] > 0 ) {
- foreach ( $result_counts as $key => $count ) {
- if ( ! isset( $total_counts[ $key ] ) ) {
- $total_counts[ $key ] = $count;
- }
- else {
- $total_counts[ $key ] += $count;
- }
- }
- $start += $batch_size;
- $start -= $result_counts['spam']; // These comments will have been removed from the queue.
- }
- } while ( $result_counts['processed'] > 0 );
-
- WP_CLI::line( sprintf( _n( "Processed %d comment.", "Processed %d comments.", $total_counts['processed'], 'akismet' ), number_format( $total_counts['processed'] ) ) );
- WP_CLI::line( sprintf( _n( "%d comment moved to Spam.", "%d comments moved to Spam.", $total_counts['spam'], 'akismet' ), number_format( $total_counts['spam'] ) ) );
-
- if ( $total_counts['error'] ) {
- WP_CLI::line( sprintf( _n( "%d comment could not be checked.", "%d comments could not be checked.", $total_counts['error'], 'akismet' ), number_format( $total_counts['error'] ) ) );
- }
- }
-
- /**
- * Fetches stats from the Akismet API.
- *
- * ## OPTIONS
- *
- * []
- * : The time period for which to retrieve stats.
- * ---
- * default: all
- * options:
- * - days
- * - months
- * - all
- * ---
- *
- * [--format=]
- * : Allows overriding the output of the command when listing connections.
- * ---
- * default: table
- * options:
- * - table
- * - json
- * - csv
- * - yaml
- * - count
- * ---
- *
- * [--summary]
- * : When set, will display a summary of the stats.
- *
- * ## EXAMPLES
- *
- * wp akismet stats
- * wp akismet stats all
- * wp akismet stats days
- * wp akismet stats months
- * wp akismet stats all --summary
- */
- public function stats( $args, $assoc_args ) {
- $api_key = Akismet::get_api_key();
-
- if ( empty( $api_key ) ) {
- WP_CLI::error( __( 'API key must be set to fetch stats.', 'akismet' ) );
- }
-
- switch ( $args[0] ) {
- case 'days':
- $interval = '60-days';
- break;
- case 'months':
- $interval = '6-months';
- break;
- default:
- $interval = 'all';
- break;
- }
-
- $response = Akismet::http_post(
- Akismet::build_query( array(
- 'blog' => get_option( 'home' ),
- 'key' => $api_key,
- 'from' => $interval,
- ) ),
- 'get-stats'
- );
-
- if ( empty( $response[1] ) ) {
- WP_CLI::error( __( 'Currently unable to fetch stats. Please try again.', 'akismet' ) );
- }
-
- $response_body = json_decode( $response[1], true );
-
- if ( is_null( $response_body ) ) {
- WP_CLI::error( __( 'Stats response could not be decoded.', 'akismet' ) );
- }
-
- if ( isset( $assoc_args['summary'] ) ) {
- $keys = array(
- 'spam',
- 'ham',
- 'missed_spam',
- 'false_positives',
- 'accuracy',
- 'time_saved',
- );
-
- WP_CLI\Utils\format_items( $assoc_args['format'], array( $response_body ), $keys );
- }
- else {
- $stats = $response_body['breakdown'];
- WP_CLI\Utils\format_items( $assoc_args['format'], $stats, array_keys( end( $stats ) ) );
- }
- }
-}
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/class.akismet-rest-api.php b/wp-content/plugins/akismet/class.akismet-rest-api.php
deleted file mode 100644
index bf71998..0000000
--- a/wp-content/plugins/akismet/class.akismet-rest-api.php
+++ /dev/null
@@ -1,366 +0,0 @@
- WP_REST_Server::READABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'get_key' ),
- ), array(
- 'methods' => WP_REST_Server::EDITABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'set_key' ),
- 'args' => array(
- 'key' => array(
- 'required' => true,
- 'type' => 'string',
- 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
- 'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
- ),
- ),
- ), array(
- 'methods' => WP_REST_Server::DELETABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'delete_key' ),
- )
- ) );
-
- register_rest_route( 'akismet/v1', '/settings/', array(
- array(
- 'methods' => WP_REST_Server::READABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'get_settings' ),
- ),
- array(
- 'methods' => WP_REST_Server::EDITABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'set_boolean_settings' ),
- 'args' => array(
- 'akismet_strictness' => array(
- 'required' => false,
- 'type' => 'boolean',
- 'description' => __( 'If true, Akismet will automatically discard the worst spam automatically rather than putting it in the spam folder.', 'akismet' ),
- ),
- 'akismet_show_user_comments_approved' => array(
- 'required' => false,
- 'type' => 'boolean',
- 'description' => __( 'If true, show the number of approved comments beside each comment author in the comments list page.', 'akismet' ),
- ),
- ),
- )
- ) );
-
- register_rest_route( 'akismet/v1', '/stats', array(
- 'methods' => WP_REST_Server::READABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'get_stats' ),
- 'args' => array(
- 'interval' => array(
- 'required' => false,
- 'type' => 'string',
- 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_interval' ),
- 'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
- 'default' => 'all',
- ),
- ),
- ) );
-
- register_rest_route( 'akismet/v1', '/stats/(?P[\w+])', array(
- 'args' => array(
- 'interval' => array(
- 'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
- 'type' => 'string',
- ),
- ),
- array(
- 'methods' => WP_REST_Server::READABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'get_stats' ),
- )
- ) );
-
- register_rest_route( 'akismet/v1', '/alert', array(
- array(
- 'methods' => WP_REST_Server::READABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'remote_call_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'get_alert' ),
- 'args' => array(
- 'key' => array(
- 'required' => false,
- 'type' => 'string',
- 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
- 'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
- ),
- ),
- ),
- array(
- 'methods' => WP_REST_Server::EDITABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'remote_call_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'set_alert' ),
- 'args' => array(
- 'key' => array(
- 'required' => false,
- 'type' => 'string',
- 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
- 'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
- ),
- ),
- ),
- array(
- 'methods' => WP_REST_Server::DELETABLE,
- 'permission_callback' => array( 'Akismet_REST_API', 'remote_call_permission_callback' ),
- 'callback' => array( 'Akismet_REST_API', 'delete_alert' ),
- 'args' => array(
- 'key' => array(
- 'required' => false,
- 'type' => 'string',
- 'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
- 'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
- ),
- ),
- )
- ) );
- }
-
- /**
- * Get the current Akismet API key.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function get_key( $request = null ) {
- return rest_ensure_response( Akismet::get_api_key() );
- }
-
- /**
- * Set the API key, if possible.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function set_key( $request ) {
- if ( defined( 'WPCOM_API_KEY' ) ) {
- return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be changed via the API.', 'akismet' ), array( 'status'=> 409 ) ) );
- }
-
- $new_api_key = $request->get_param( 'key' );
-
- if ( ! self::key_is_valid( $new_api_key ) ) {
- return rest_ensure_response( new WP_Error( 'invalid_key', __( 'The value provided is not a valid and registered API key.', 'akismet' ), array( 'status' => 400 ) ) );
- }
-
- update_option( 'wordpress_api_key', $new_api_key );
-
- return self::get_key();
- }
-
- /**
- * Unset the API key, if possible.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function delete_key( $request ) {
- if ( defined( 'WPCOM_API_KEY' ) ) {
- return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be deleted.', 'akismet' ), array( 'status'=> 409 ) ) );
- }
-
- delete_option( 'wordpress_api_key' );
-
- return rest_ensure_response( true );
- }
-
- /**
- * Get the Akismet settings.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function get_settings( $request = null ) {
- return rest_ensure_response( array(
- 'akismet_strictness' => ( get_option( 'akismet_strictness', '1' ) === '1' ),
- 'akismet_show_user_comments_approved' => ( get_option( 'akismet_show_user_comments_approved', '1' ) === '1' ),
- ) );
- }
-
- /**
- * Update the Akismet settings.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function set_boolean_settings( $request ) {
- foreach ( array(
- 'akismet_strictness',
- 'akismet_show_user_comments_approved',
- ) as $setting_key ) {
-
- $setting_value = $request->get_param( $setting_key );
- if ( is_null( $setting_value ) ) {
- // This setting was not specified.
- continue;
- }
-
- // From 4.7+, WP core will ensure that these are always boolean
- // values because they are registered with 'type' => 'boolean',
- // but we need to do this ourselves for prior versions.
- $setting_value = Akismet_REST_API::parse_boolean( $setting_value );
-
- update_option( $setting_key, $setting_value ? '1' : '0' );
- }
-
- return self::get_settings();
- }
-
- /**
- * Parse a numeric or string boolean value into a boolean.
- *
- * @param mixed $value The value to convert into a boolean.
- * @return bool The converted value.
- */
- public static function parse_boolean( $value ) {
- switch ( $value ) {
- case true:
- case 'true':
- case '1':
- case 1:
- return true;
-
- case false:
- case 'false':
- case '0':
- case 0:
- return false;
-
- default:
- return (bool) $value;
- }
- }
-
- /**
- * Get the Akismet stats for a given time period.
- *
- * Possible `interval` values:
- * - all
- * - 60-days
- * - 6-months
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function get_stats( $request ) {
- $api_key = Akismet::get_api_key();
-
- $interval = $request->get_param( 'interval' );
-
- $stat_totals = array();
-
- $response = Akismet::http_post( Akismet::build_query( array( 'blog' => get_option( 'home' ), 'key' => $api_key, 'from' => $interval ) ), 'get-stats' );
-
- if ( ! empty( $response[1] ) ) {
- $stat_totals[$interval] = json_decode( $response[1] );
- }
-
- return rest_ensure_response( $stat_totals );
- }
-
- /**
- * Get the current alert code and message. Alert codes are used to notify the site owner
- * if there's a problem, like a connection issue between their site and the Akismet API,
- * invalid requests being sent, etc.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function get_alert( $request ) {
- return rest_ensure_response( array(
- 'code' => get_option( 'akismet_alert_code' ),
- 'message' => get_option( 'akismet_alert_msg' ),
- ) );
- }
-
- /**
- * Update the current alert code and message by triggering a call to the Akismet server.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function set_alert( $request ) {
- delete_option( 'akismet_alert_code' );
- delete_option( 'akismet_alert_msg' );
-
- // Make a request so the most recent alert code and message are retrieved.
- Akismet::verify_key( Akismet::get_api_key() );
-
- return self::get_alert( $request );
- }
-
- /**
- * Clear the current alert code and message.
- *
- * @param WP_REST_Request $request
- * @return WP_Error|WP_REST_Response
- */
- public static function delete_alert( $request ) {
- delete_option( 'akismet_alert_code' );
- delete_option( 'akismet_alert_msg' );
-
- return self::get_alert( $request );
- }
-
- private static function key_is_valid( $key ) {
- $response = Akismet::http_post(
- Akismet::build_query(
- array(
- 'key' => $key,
- 'blog' => get_option( 'home' )
- )
- ),
- 'verify-key'
- );
-
- if ( $response[1] == 'valid' ) {
- return true;
- }
-
- return false;
- }
-
- public static function privileged_permission_callback() {
- return current_user_can( 'manage_options' );
- }
-
- /**
- * For calls that Akismet.com makes to the site to clear outdated alert codes, use the API key for authorization.
- */
- public static function remote_call_permission_callback( $request ) {
- $local_key = Akismet::get_api_key();
-
- return $local_key && ( strtolower( $request->get_param( 'key' ) ) === strtolower( $local_key ) );
- }
-
- public static function sanitize_interval( $interval, $request, $param ) {
- $interval = trim( $interval );
-
- $valid_intervals = array( '60-days', '6-months', 'all', );
-
- if ( ! in_array( $interval, $valid_intervals ) ) {
- $interval = 'all';
- }
-
- return $interval;
- }
-
- public static function sanitize_key( $key, $request, $param ) {
- return trim( $key );
- }
-}
diff --git a/wp-content/plugins/akismet/class.akismet-widget.php b/wp-content/plugins/akismet/class.akismet-widget.php
deleted file mode 100644
index 55b0f35..0000000
--- a/wp-content/plugins/akismet/class.akismet-widget.php
+++ /dev/null
@@ -1,114 +0,0 @@
- __( 'Display the number of spam comments Akismet has caught' , 'akismet') )
- );
-
- if ( is_active_widget( false, false, $this->id_base ) ) {
- add_action( 'wp_head', array( $this, 'css' ) );
- }
- }
-
- function css() {
-?>
-
-
-
-
-
-
wp_blacklist_check' );
- break;
- case 'report-spam':
- if ( isset( $row['user'] ) ) {
- $message = esc_html( sprintf( __( '%s reported this comment as spam.', 'akismet' ), $row['user'] ) );
- }
- else if ( ! $message ) {
- $message = esc_html( __( 'This comment was reported as spam.', 'akismet' ) );
- }
- break;
- case 'report-ham':
- if ( isset( $row['user'] ) ) {
- $message = esc_html( sprintf( __( '%s reported this comment as not spam.', 'akismet' ), $row['user'] ) );
- }
- else if ( ! $message ) {
- $message = esc_html( __( 'This comment was reported as not spam.', 'akismet' ) );
- }
- break;
- case 'cron-retry-spam':
- $message = esc_html( __( 'Akismet caught this comment as spam during an automatic retry.' , 'akismet') );
- break;
- case 'cron-retry-ham':
- $message = esc_html( __( 'Akismet cleared this comment during an automatic retry.', 'akismet') );
- break;
- case 'check-error':
- if ( isset( $row['meta'], $row['meta']['response'] ) ) {
- $message = sprintf( esc_html( __( 'Akismet was unable to check this comment (response: %s) but will automatically retry later.', 'akismet') ), '' . esc_html( $row['meta']['response'] ) . '' );
- }
- else {
- $message = esc_html( __( 'Akismet was unable to check this comment but will automatically retry later.', 'akismet' ) );
- }
- break;
- case 'recheck-error':
- if ( isset( $row['meta'], $row['meta']['response'] ) ) {
- $message = sprintf( esc_html( __( 'Akismet was unable to recheck this comment (response: %s).', 'akismet') ), '' . esc_html( $row['meta']['response'] ) . '' );
- }
- else {
- $message = esc_html( __( 'Akismet was unable to recheck this comment.', 'akismet' ) );
- }
- break;
- default:
- if ( preg_match( '/^status-changed/', $row['event'] ) ) {
- // Half of these used to be saved without the dash after 'status-changed'.
- // See https://plugins.trac.wordpress.org/changeset/1150658/akismet/trunk
- $new_status = preg_replace( '/^status-changed-?/', '', $row['event'] );
- $message = sprintf( esc_html( __( 'Comment status was changed to %s', 'akismet' ) ), '' . esc_html( $new_status ) . '' );
- }
- else if ( preg_match( '/^status-/', $row['event'] ) ) {
- $new_status = preg_replace( '/^status-/', '', $row['event'] );
-
- if ( isset( $row['user'] ) ) {
- $message = sprintf( esc_html( __( '%1$s changed the comment status to %2$s.', 'akismet' ) ), $row['user'], '' . esc_html( $new_status ) . '' );
- }
- }
- break;
-
- }
-
- if ( ! empty( $message ) ) {
- echo ''; - echo '' . sprintf( esc_html__('%s ago', 'akismet'), human_time_diff( $row['time'] ) ) . ''; - echo ' - '; - echo $message; // esc_html() is done above so that we can use HTML in some messages. - echo '
'; - } - } - } - else { - echo ''; - echo esc_html( __( 'No comment history.', 'akismet' ) ); - echo '
'; - } - } - - public static function plugin_action_links( $links, $file ) { - if ( $file == plugin_basename( plugin_dir_url( __FILE__ ) . '/akismet.php' ) ) { - $links[] = ''.esc_html__( 'Settings' , 'akismet').''; - } - - return $links; - } - - // Total spam in queue - // get_option( 'akismet_spam_count' ) is the total caught ever - public static function get_spam_count( $type = false ) { - global $wpdb; - - if ( !$type ) { // total - $count = wp_cache_get( 'akismet_spam_count', 'widget' ); - if ( false === $count ) { - $count = wp_count_comments(); - $count = $count->spam; - wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 ); - } - return $count; - } elseif ( 'comments' == $type || 'comment' == $type ) { // comments - $type = ''; - } - - return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam' AND comment_type = %s", $type ) ); - } - - // Check connectivity between the WordPress blog and Akismet's servers. - // Returns an associative array of server IP addresses, where the key is the IP address, and value is true (available) or false (unable to connect). - public static function check_server_ip_connectivity() { - - $servers = $ips = array(); - - // Some web hosts may disable this function - if ( function_exists('gethostbynamel') ) { - - $ips = gethostbynamel( 'rest.akismet.com' ); - if ( $ips && is_array($ips) && count($ips) ) { - $api_key = Akismet::get_api_key(); - - foreach ( $ips as $ip ) { - $response = Akismet::verify_key( $api_key, $ip ); - // even if the key is invalid, at least we know we have connectivity - if ( $response == 'valid' || $response == 'invalid' ) - $servers[$ip] = 'connected'; - else - $servers[$ip] = $response ? $response : 'unable to connect'; - } - } - } - - return $servers; - } - - // Simpler connectivity check - public static function check_server_connectivity($cache_timeout = 86400) { - - $debug = array(); - $debug[ 'PHP_VERSION' ] = PHP_VERSION; - $debug[ 'WORDPRESS_VERSION' ] = $GLOBALS['wp_version']; - $debug[ 'AKISMET_VERSION' ] = AKISMET_VERSION; - $debug[ 'AKISMET__PLUGIN_DIR' ] = AKISMET__PLUGIN_DIR; - $debug[ 'SITE_URL' ] = site_url(); - $debug[ 'HOME_URL' ] = home_url(); - - $servers = get_option('akismet_available_servers'); - if ( (time() - get_option('akismet_connectivity_time') < $cache_timeout) && $servers !== false ) { - $servers = self::check_server_ip_connectivity(); - update_option('akismet_available_servers', $servers); - update_option('akismet_connectivity_time', time()); - } - - if ( wp_http_supports( array( 'ssl' ) ) ) { - $response = wp_remote_get( 'https://rest.akismet.com/1.1/test' ); - } - else { - $response = wp_remote_get( 'http://rest.akismet.com/1.1/test' ); - } - - $debug[ 'gethostbynamel' ] = function_exists('gethostbynamel') ? 'exists' : 'not here'; - $debug[ 'Servers' ] = $servers; - $debug[ 'Test Connection' ] = $response; - - Akismet::log( $debug ); - - if ( $response && 'connected' == wp_remote_retrieve_body( $response ) ) - return true; - - return false; - } - - // Check the server connectivity and store the available servers in an option. - public static function get_server_connectivity($cache_timeout = 86400) { - return self::check_server_connectivity( $cache_timeout ); - } - - /** - * Find out whether any comments in the Pending queue have not yet been checked by Akismet. - * - * @return bool - */ - public static function are_any_comments_waiting_to_be_checked() { - return !! get_comments( array( - // Exclude comments that are not pending. This would happen if someone manually approved or spammed a comment - // that was waiting to be checked. The akismet_error meta entry will eventually be removed by the cron recheck job. - 'status' => 'hold', - - // This is the commentmeta that is saved when a comment couldn't be checked. - 'meta_key' => 'akismet_error', - - // We only need to know whether at least one comment is waiting for a check. - 'number' => 1, - ) ); - } - - public static function get_page_url( $page = 'config' ) { - - $args = array( 'page' => 'akismet-key-config' ); - - if ( $page == 'stats' ) - $args = array( 'page' => 'akismet-key-config', 'view' => 'stats' ); - elseif ( $page == 'delete_key' ) - $args = array( 'page' => 'akismet-key-config', 'view' => 'start', 'action' => 'delete-key', '_wpnonce' => wp_create_nonce( self::NONCE ) ); - - $url = add_query_arg( $args, class_exists( 'Jetpack' ) ? admin_url( 'admin.php' ) : admin_url( 'options-general.php' ) ); - - return $url; - } - - public static function get_akismet_user( $api_key ) { - $akismet_user = false; - - $subscription_verification = Akismet::http_post( Akismet::build_query( array( 'key' => $api_key, 'blog' => get_option( 'home' ) ) ), 'get-subscription' ); - - if ( ! empty( $subscription_verification[1] ) ) { - if ( 'invalid' !== $subscription_verification[1] ) { - $akismet_user = json_decode( $subscription_verification[1] ); - } - } - - return $akismet_user; - } - - public static function get_stats( $api_key ) { - $stat_totals = array(); - - foreach( array( '6-months', 'all' ) as $interval ) { - $response = Akismet::http_post( Akismet::build_query( array( 'blog' => get_option( 'home' ), 'key' => $api_key, 'from' => $interval ) ), 'get-stats' ); - - if ( ! empty( $response[1] ) ) { - $stat_totals[$interval] = json_decode( $response[1] ); - } - } - - return $stat_totals; - } - - public static function verify_wpcom_key( $api_key, $user_id, $extra = array() ) { - $akismet_account = Akismet::http_post( Akismet::build_query( array_merge( array( - 'user_id' => $user_id, - 'api_key' => $api_key, - 'get_account_type' => 'true' - ), $extra ) ), 'verify-wpcom-key' ); - - if ( ! empty( $akismet_account[1] ) ) - $akismet_account = json_decode( $akismet_account[1] ); - - Akismet::log( compact( 'akismet_account' ) ); - - return $akismet_account; - } - - public static function connect_jetpack_user() { - - if ( $jetpack_user = self::get_jetpack_user() ) { - if ( isset( $jetpack_user['user_id'] ) && isset( $jetpack_user['api_key'] ) ) { - $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'], array( 'action' => 'connect_jetpack_user' ) ); - - if ( is_object( $akismet_user ) ) { - self::save_key( $akismet_user->api_key ); - return in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) ); - } - } - } - - return false; - } - - public static function display_alert() { - Akismet::view( 'notice', array( - 'type' => 'alert', - 'code' => (int) get_option( 'akismet_alert_code' ), - 'msg' => get_option( 'akismet_alert_msg' ) - ) ); - } - - public static function display_spam_check_warning() { - Akismet::fix_scheduled_recheck(); - - if ( wp_next_scheduled('akismet_schedule_cron_recheck') > time() && self::are_any_comments_waiting_to_be_checked() ) { - $link_text = apply_filters( 'akismet_spam_check_warning_link_text', sprintf( __( 'Please check your Akismet configuration and contact your web host if problems persist.', 'akismet'), esc_url( self::get_page_url() ) ) ); - Akismet::view( 'notice', array( 'type' => 'spam-check', 'link_text' => $link_text ) ); - } - } - - public static function display_api_key_warning() { - Akismet::view( 'notice', array( 'type' => 'plugin' ) ); - } - - public static function display_page() { - if ( !Akismet::get_api_key() || ( isset( $_GET['view'] ) && $_GET['view'] == 'start' ) ) - self::display_start_page(); - elseif ( isset( $_GET['view'] ) && $_GET['view'] == 'stats' ) - self::display_stats_page(); - else - self::display_configuration_page(); - } - - public static function display_start_page() { - if ( isset( $_GET['action'] ) ) { - if ( $_GET['action'] == 'delete-key' ) { - if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], self::NONCE ) ) - delete_option( 'wordpress_api_key' ); - } - } - - if ( $api_key = Akismet::get_api_key() && ( empty( self::$notices['status'] ) || 'existing-key-invalid' != self::$notices['status'] ) ) { - self::display_configuration_page(); - return; - } - - //the user can choose to auto connect their API key by clicking a button on the akismet done page - //if jetpack, get verified api key by using connected wpcom user id - //if no jetpack, get verified api key by using an akismet token - - $akismet_user = false; - - if ( isset( $_GET['token'] ) && preg_match('/^(\d+)-[0-9a-f]{20}$/', $_GET['token'] ) ) - $akismet_user = self::verify_wpcom_key( '', '', array( 'token' => $_GET['token'] ) ); - elseif ( $jetpack_user = self::get_jetpack_user() ) - $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'] ); - - if ( isset( $_GET['action'] ) ) { - if ( $_GET['action'] == 'save-key' ) { - if ( is_object( $akismet_user ) ) { - self::save_key( $akismet_user->api_key ); - self::display_configuration_page(); - return; - } - } - } - - Akismet::view( 'start', compact( 'akismet_user' ) ); - - /* - // To see all variants when testing. - $akismet_user->status = 'no-sub'; - Akismet::view( 'start', compact( 'akismet_user' ) ); - $akismet_user->status = 'cancelled'; - Akismet::view( 'start', compact( 'akismet_user' ) ); - $akismet_user->status = 'suspended'; - Akismet::view( 'start', compact( 'akismet_user' ) ); - $akismet_user->status = 'other'; - Akismet::view( 'start', compact( 'akismet_user' ) ); - $akismet_user = false; - */ - } - - public static function display_stats_page() { - Akismet::view( 'stats' ); - } - - public static function display_configuration_page() { - $api_key = Akismet::get_api_key(); - $akismet_user = self::get_akismet_user( $api_key ); - - if ( ! $akismet_user ) { - // This could happen if the user's key became invalid after it was previously valid and successfully set up. - self::$notices['status'] = 'existing-key-invalid'; - self::display_start_page(); - return; - } - - $stat_totals = self::get_stats( $api_key ); - - // If unset, create the new strictness option using the old discard option to determine its default. - // If the old option wasn't set, default to discarding the blatant spam. - if ( get_option( 'akismet_strictness' ) === false ) { - add_option( 'akismet_strictness', ( get_option( 'akismet_discard_month' ) === 'false' ? '0' : '1' ) ); - } - - // Sync the local "Total spam blocked" count with the authoritative count from the server. - if ( isset( $stat_totals['all'], $stat_totals['all']->spam ) ) { - update_option( 'akismet_spam_count', $stat_totals['all']->spam ); - } - - $notices = array(); - - if ( empty( self::$notices ) ) { - if ( ! empty( $stat_totals['all'] ) && isset( $stat_totals['all']->time_saved ) && $akismet_user->status == 'active' && $akismet_user->account_type == 'free-api-key' ) { - - $time_saved = false; - - if ( $stat_totals['all']->time_saved > 1800 ) { - $total_in_minutes = round( $stat_totals['all']->time_saved / 60 ); - $total_in_hours = round( $total_in_minutes / 60 ); - $total_in_days = round( $total_in_hours / 8 ); - $cleaning_up = __( 'Cleaning up spam takes time.' , 'akismet'); - - if ( $total_in_days > 1 ) - $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %s day!', 'Akismet has saved you %s days!', $total_in_days, 'akismet' ), number_format_i18n( $total_in_days ) ); - elseif ( $total_in_hours > 1 ) - $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d hour!', 'Akismet has saved you %d hours!', $total_in_hours, 'akismet' ), $total_in_hours ); - elseif ( $total_in_minutes >= 30 ) - $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d minute!', 'Akismet has saved you %d minutes!', $total_in_minutes, 'akismet' ), $total_in_minutes ); - } - - $notices[] = array( 'type' => 'active-notice', 'time_saved' => $time_saved ); - } - - if ( !empty( $akismet_user->limit_reached ) && in_array( $akismet_user->limit_reached, array( 'yellow', 'red' ) ) ) { - $notices[] = array( 'type' => 'limit-reached', 'level' => $akismet_user->limit_reached ); - } - } - - if ( !isset( self::$notices['status'] ) && in_array( $akismet_user->status, array( 'cancelled', 'suspended', 'missing', 'no-sub' ) ) ) { - $notices[] = array( 'type' => $akismet_user->status ); - } - - /* - // To see all variants when testing. - $notices[] = array( 'type' => 'active-notice', 'time_saved' => 'Cleaning up spam takes time. Akismet has saved you 1 minute!' ); - $notices[] = array( 'type' => 'plugin' ); - $notices[] = array( 'type' => 'spam-check', 'link_text' => 'Link text.' ); - $notices[] = array( 'type' => 'notice', 'notice_header' => 'This is the notice header.', 'notice_text' => 'This is the notice text.' ); - $notices[] = array( 'type' => 'missing-functions' ); - $notices[] = array( 'type' => 'servers-be-down' ); - $notices[] = array( 'type' => 'active-dunning' ); - $notices[] = array( 'type' => 'cancelled' ); - $notices[] = array( 'type' => 'suspended' ); - $notices[] = array( 'type' => 'missing' ); - $notices[] = array( 'type' => 'no-sub' ); - $notices[] = array( 'type' => 'new-key-valid' ); - $notices[] = array( 'type' => 'new-key-invalid' ); - $notices[] = array( 'type' => 'existing-key-invalid' ); - $notices[] = array( 'type' => 'new-key-failed' ); - $notices[] = array( 'type' => 'limit-reached', 'level' => 'yellow' ); - $notices[] = array( 'type' => 'limit-reached', 'level' => 'red' ); - */ - - Akismet::log( compact( 'stat_totals', 'akismet_user' ) ); - Akismet::view( 'config', compact( 'api_key', 'akismet_user', 'stat_totals', 'notices' ) ); - } - - public static function display_notice() { - global $hook_suffix; - - if ( in_array( $hook_suffix, array( 'jetpack_page_akismet-key-config', 'settings_page_akismet-key-config' ) ) ) { - // This page manages the notices and puts them inline where they make sense. - return; - } - - if ( in_array( $hook_suffix, array( 'edit-comments.php' ) ) && (int) get_option( 'akismet_alert_code' ) > 0 ) { - Akismet::verify_key( Akismet::get_api_key() ); //verify that the key is still in alert state - - if ( get_option( 'akismet_alert_code' ) > 0 ) - self::display_alert(); - } - elseif ( $hook_suffix == 'plugins.php' && !Akismet::get_api_key() ) { - self::display_api_key_warning(); - } - elseif ( $hook_suffix == 'edit-comments.php' && wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { - self::display_spam_check_warning(); - } - - if ( isset( $_GET['akismet_recheck_complete'] ) ) { - $recheck_count = (int) $_GET['recheck_count']; - $spam_count = (int) $_GET['spam_count']; - - if ( $recheck_count === 0 ) { - $message = __( 'There were no comments to check. Akismet will only check comments awaiting moderation.', 'akismet' ); - } - else { - $message = sprintf( _n( 'Akismet checked %s comment.', 'Akismet checked %s comments.', $recheck_count, 'akismet' ), number_format( $recheck_count ) ); - $message .= ' '; - - if ( $spam_count === 0 ) { - $message .= __( 'No comments were caught as spam.', 'akismet' ); - } - else { - $message .= sprintf( _n( '%s comment was caught as spam.', '%s comments were caught as spam.', $spam_count, 'akismet' ), number_format( $spam_count ) ); - } - } - - echo '' . esc_html( $message ) . '
' . esc_html( __( 'Akismet could not recheck your comments for spam.', 'akismet' ) ) . '
- - -
- - - - - - '', 'blog_charset' => '', 'blog_lang' => '', 'blog_ua' => '', 'comment_agent' => '', 'comment_author' => '', 'comment_author_IP' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => '', 'comment_date_gmt' => '', 'comment_tags' => '', 'comment_type' => '', 'guid' => '', 'is_test' => '', 'permalink' => '', 'reporter' => '', 'site_domain' => '', 'submit_referer' => '', 'submit_uri' => '', 'user_ID' => '', 'user_agent' => '', 'user_id' => '', 'user_ip' => '' ); - private static $is_rest_api_call = false; - - public static function init() { - if ( ! self::$initiated ) { - self::init_hooks(); - } - } - - /** - * Initializes WordPress hooks - */ - private static function init_hooks() { - self::$initiated = true; - - add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 ); - add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 ); - add_filter( 'rest_pre_insert_comment', array( 'Akismet', 'rest_auto_check_comment' ), 1 ); - - add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) ); - add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) ); - add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_orphaned_commentmeta' ) ); - add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) ); - - add_action( 'comment_form', array( 'Akismet', 'add_comment_nonce' ), 1 ); - - add_action( 'admin_head-edit-comments.php', array( 'Akismet', 'load_form_js' ) ); - add_action( 'comment_form', array( 'Akismet', 'load_form_js' ) ); - add_action( 'comment_form', array( 'Akismet', 'inject_ak_js' ) ); - add_filter( 'script_loader_tag', array( 'Akismet', 'set_form_js_async' ), 10, 3 ); - - add_filter( 'comment_moderation_recipients', array( 'Akismet', 'disable_moderation_emails_if_unreachable' ), 1000, 2 ); - add_filter( 'pre_comment_approved', array( 'Akismet', 'last_comment_status' ), 10, 2 ); - - add_action( 'transition_comment_status', array( 'Akismet', 'transition_comment_status' ), 10, 3 ); - - // Run this early in the pingback call, before doing a remote fetch of the source uri - add_action( 'xmlrpc_call', array( 'Akismet', 'pre_check_pingback' ) ); - - // Jetpack compatibility - add_filter( 'jetpack_options_whitelist', array( 'Akismet', 'add_to_jetpack_options_whitelist' ) ); - add_action( 'update_option_wordpress_api_key', array( 'Akismet', 'updated_option' ), 10, 2 ); - add_action( 'add_option_wordpress_api_key', array( 'Akismet', 'added_option' ), 10, 2 ); - - add_action( 'comment_form_after', array( 'Akismet', 'display_comment_form_privacy_notice' ) ); - } - - public static function get_api_key() { - return apply_filters( 'akismet_get_api_key', defined('WPCOM_API_KEY') ? constant('WPCOM_API_KEY') : get_option('wordpress_api_key') ); - } - - public static function check_key_status( $key, $ip = null ) { - return self::http_post( Akismet::build_query( array( 'key' => $key, 'blog' => get_option( 'home' ) ) ), 'verify-key', $ip ); - } - - public static function verify_key( $key, $ip = null ) { - // Shortcut for obviously invalid keys. - if ( strlen( $key ) != 12 ) { - return 'invalid'; - } - - $response = self::check_key_status( $key, $ip ); - - if ( $response[1] != 'valid' && $response[1] != 'invalid' ) - return 'failed'; - - return $response[1]; - } - - public static function deactivate_key( $key ) { - $response = self::http_post( Akismet::build_query( array( 'key' => $key, 'blog' => get_option( 'home' ) ) ), 'deactivate' ); - - if ( $response[1] != 'deactivated' ) - return 'failed'; - - return $response[1]; - } - - /** - * Add the akismet option to the Jetpack options management whitelist. - * - * @param array $options The list of whitelisted option names. - * @return array The updated whitelist - */ - public static function add_to_jetpack_options_whitelist( $options ) { - $options[] = 'wordpress_api_key'; - return $options; - } - - /** - * When the akismet option is updated, run the registration call. - * - * This should only be run when the option is updated from the Jetpack/WP.com - * API call, and only if the new key is different than the old key. - * - * @param mixed $old_value The old option value. - * @param mixed $value The new option value. - */ - public static function updated_option( $old_value, $value ) { - // Not an API call - if ( ! class_exists( 'WPCOM_JSON_API_Update_Option_Endpoint' ) ) { - return; - } - // Only run the registration if the old key is different. - if ( $old_value !== $value ) { - self::verify_key( $value ); - } - } - - /** - * Treat the creation of an API key the same as updating the API key to a new value. - * - * @param mixed $option_name Will always be "wordpress_api_key", until something else hooks in here. - * @param mixed $value The option value. - */ - public static function added_option( $option_name, $value ) { - if ( 'wordpress_api_key' === $option_name ) { - return self::updated_option( '', $value ); - } - } - - public static function rest_auto_check_comment( $commentdata ) { - self::$is_rest_api_call = true; - - return self::auto_check_comment( $commentdata ); - } - - public static function auto_check_comment( $commentdata ) { - // If no key is configured, then there's no point in doing any of this. - if ( ! self::get_api_key() ) { - return $commentdata; - } - - self::$last_comment_result = null; - - $comment = $commentdata; - - $comment['user_ip'] = self::get_ip_address(); - $comment['user_agent'] = self::get_user_agent(); - $comment['referrer'] = self::get_referer(); - $comment['blog'] = get_option( 'home' ); - $comment['blog_lang'] = get_locale(); - $comment['blog_charset'] = get_option('blog_charset'); - $comment['permalink'] = get_permalink( $comment['comment_post_ID'] ); - - if ( ! empty( $comment['user_ID'] ) ) { - $comment['user_role'] = Akismet::get_user_roles( $comment['user_ID'] ); - } - - /** See filter documentation in init_hooks(). */ - $akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); - $comment['akismet_comment_nonce'] = 'inactive'; - if ( $akismet_nonce_option == 'true' || $akismet_nonce_option == '' ) { - $comment['akismet_comment_nonce'] = 'failed'; - if ( isset( $_POST['akismet_comment_nonce'] ) && wp_verify_nonce( $_POST['akismet_comment_nonce'], 'akismet_comment_nonce_' . $comment['comment_post_ID'] ) ) - $comment['akismet_comment_nonce'] = 'passed'; - - // comment reply in wp-admin - if ( isset( $_POST['_ajax_nonce-replyto-comment'] ) && check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ) ) - $comment['akismet_comment_nonce'] = 'passed'; - - } - - if ( self::is_test_mode() ) - $comment['is_test'] = 'true'; - - foreach( $_POST as $key => $value ) { - if ( is_string( $value ) ) - $comment["POST_{$key}"] = $value; - } - - foreach ( $_SERVER as $key => $value ) { - if ( ! is_string( $value ) ) { - continue; - } - - if ( preg_match( "/^HTTP_COOKIE/", $key ) ) { - continue; - } - - // Send any potentially useful $_SERVER vars, but avoid sending junk we don't need. - if ( preg_match( "/^(HTTP_|REMOTE_ADDR|REQUEST_URI|DOCUMENT_URI)/", $key ) ) { - $comment[ "$key" ] = $value; - } - } - - $post = get_post( $comment['comment_post_ID'] ); - - if ( ! is_null( $post ) ) { - // $post can technically be null, although in the past, it's always been an indicator of another plugin interfering. - $comment[ 'comment_post_modified_gmt' ] = $post->post_modified_gmt; - } - - $response = self::http_post( Akismet::build_query( $comment ), 'comment-check' ); - - do_action( 'akismet_comment_check_response', $response ); - - $commentdata['comment_as_submitted'] = array_intersect_key( $comment, self::$comment_as_submitted_allowed_keys ); - $commentdata['akismet_result'] = $response[1]; - - if ( isset( $response[0]['x-akismet-pro-tip'] ) ) - $commentdata['akismet_pro_tip'] = $response[0]['x-akismet-pro-tip']; - - if ( isset( $response[0]['x-akismet-error'] ) ) { - // An error occurred that we anticipated (like a suspended key) and want the user to act on. - // Send to moderation. - self::$last_comment_result = '0'; - } - else if ( 'true' == $response[1] ) { - // akismet_spam_count will be incremented later by comment_is_spam() - self::$last_comment_result = 'spam'; - - $discard = ( isset( $commentdata['akismet_pro_tip'] ) && $commentdata['akismet_pro_tip'] === 'discard' && self::allow_discard() ); - - do_action( 'akismet_spam_caught', $discard ); - - if ( $discard ) { - // The spam is obvious, so we're bailing out early. - // akismet_result_spam() won't be called so bump the counter here - if ( $incr = apply_filters( 'akismet_spam_count_incr', 1 ) ) { - update_option( 'akismet_spam_count', get_option( 'akismet_spam_count' ) + $incr ); - } - - if ( self::$is_rest_api_call ) { - return new WP_Error( 'akismet_rest_comment_discarded', __( 'Comment discarded.', 'akismet' ) ); - } - else { - // Redirect back to the previous page, or failing that, the post permalink, or failing that, the homepage of the blog. - $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : ( $post ? get_permalink( $post ) : home_url() ); - wp_safe_redirect( esc_url_raw( $redirect_to ) ); - die(); - } - } - else if ( self::$is_rest_api_call ) { - // The way the REST API structures its calls, we can set the comment_approved value right away. - $commentdata['comment_approved'] = 'spam'; - } - } - - // if the response is neither true nor false, hold the comment for moderation and schedule a recheck - if ( 'true' != $response[1] && 'false' != $response[1] ) { - if ( !current_user_can('moderate_comments') ) { - // Comment status should be moderated - self::$last_comment_result = '0'; - } - - if ( ! wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { - wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); - do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] ); - } - - self::$prevent_moderation_email_for_these_comments[] = $commentdata; - } - - // Delete old comments daily - if ( ! wp_next_scheduled( 'akismet_scheduled_delete' ) ) { - wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' ); - } - - self::set_last_comment( $commentdata ); - self::fix_scheduled_recheck(); - - return $commentdata; - } - - public static function get_last_comment() { - return self::$last_comment; - } - - public static function set_last_comment( $comment ) { - if ( is_null( $comment ) ) { - self::$last_comment = null; - } - else { - // We filter it here so that it matches the filtered comment data that we'll have to compare against later. - // wp_filter_comment expects comment_author_IP - self::$last_comment = wp_filter_comment( - array_merge( - array( 'comment_author_IP' => self::get_ip_address() ), - $comment - ) - ); - } - } - - // this fires on wp_insert_comment. we can't update comment_meta when auto_check_comment() runs - // because we don't know the comment ID at that point. - public static function auto_check_update_meta( $id, $comment ) { - // wp_insert_comment() might be called in other contexts, so make sure this is the same comment - // as was checked by auto_check_comment - if ( is_object( $comment ) && !empty( self::$last_comment ) && is_array( self::$last_comment ) ) { - if ( self::matches_last_comment( $comment ) ) { - - load_plugin_textdomain( 'akismet' ); - - // normal result: true or false - if ( self::$last_comment['akismet_result'] == 'true' ) { - update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' ); - self::update_comment_history( $comment->comment_ID, '', 'check-spam' ); - if ( $comment->comment_approved != 'spam' ) - self::update_comment_history( - $comment->comment_ID, - '', - 'status-changed-'.$comment->comment_approved - ); - } - elseif ( self::$last_comment['akismet_result'] == 'false' ) { - update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' ); - self::update_comment_history( $comment->comment_ID, '', 'check-ham' ); - // Status could be spam or trash, depending on the WP version and whether this change applies: - // https://core.trac.wordpress.org/changeset/34726 - if ( $comment->comment_approved == 'spam' || $comment->comment_approved == 'trash' ) { - if ( wp_blacklist_check($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent) ) - self::update_comment_history( $comment->comment_ID, '', 'wp-blacklisted' ); - else - self::update_comment_history( $comment->comment_ID, '', 'status-changed-'.$comment->comment_approved ); - } - } // abnormal result: error - else { - update_comment_meta( $comment->comment_ID, 'akismet_error', time() ); - self::update_comment_history( - $comment->comment_ID, - '', - 'check-error', - array( 'response' => substr( self::$last_comment['akismet_result'], 0, 50 ) ) - ); - } - - // record the complete original data as submitted for checking - if ( isset( self::$last_comment['comment_as_submitted'] ) ) - update_comment_meta( $comment->comment_ID, 'akismet_as_submitted', self::$last_comment['comment_as_submitted'] ); - - if ( isset( self::$last_comment['akismet_pro_tip'] ) ) - update_comment_meta( $comment->comment_ID, 'akismet_pro_tip', self::$last_comment['akismet_pro_tip'] ); - } - } - } - - public static function delete_old_comments() { - global $wpdb; - - /** - * Determines how many comments will be deleted in each batch. - * - * @param int The default, as defined by AKISMET_DELETE_LIMIT. - */ - $delete_limit = apply_filters( 'akismet_delete_comment_limit', defined( 'AKISMET_DELETE_LIMIT' ) ? AKISMET_DELETE_LIMIT : 10000 ); - $delete_limit = max( 1, intval( $delete_limit ) ); - - /** - * Determines how many days a comment will be left in the Spam queue before being deleted. - * - * @param int The default number of days. - */ - $delete_interval = apply_filters( 'akismet_delete_comment_interval', 15 ); - $delete_interval = max( 1, intval( $delete_interval ) ); - - while ( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_id FROM {$wpdb->comments} WHERE DATE_SUB(NOW(), INTERVAL %d DAY) > comment_date_gmt AND comment_approved = 'spam' LIMIT %d", $delete_interval, $delete_limit ) ) ) { - if ( empty( $comment_ids ) ) - return; - - $wpdb->queries = array(); - - foreach ( $comment_ids as $comment_id ) { - do_action( 'delete_comment', $comment_id ); - do_action( 'akismet_batch_delete_count', __FUNCTION__ ); - } - - // Prepared as strings since comment_id is an unsigned BIGINT, and using %d will constrain the value to the maximum signed BIGINT. - $format_string = implode( ", ", array_fill( 0, count( $comment_ids ), '%s' ) ); - - $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->comments} WHERE comment_id IN ( " . $format_string . " )", $comment_ids ) ); - $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->commentmeta} WHERE comment_id IN ( " . $format_string . " )", $comment_ids ) ); - - clean_comment_cache( $comment_ids ); - do_action( 'akismet_delete_comment_batch', count( $comment_ids ) ); - } - - if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->comments ) ) // lucky number - $wpdb->query("OPTIMIZE TABLE {$wpdb->comments}"); - } - - public static function delete_old_comments_meta() { - global $wpdb; - - $interval = apply_filters( 'akismet_delete_commentmeta_interval', 15 ); - - # enforce a minimum of 1 day - $interval = absint( $interval ); - if ( $interval < 1 ) - $interval = 1; - - // akismet_as_submitted meta values are large, so expire them - // after $interval days regardless of the comment status - while ( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT m.comment_id FROM {$wpdb->commentmeta} as m INNER JOIN {$wpdb->comments} as c USING(comment_id) WHERE m.meta_key = 'akismet_as_submitted' AND DATE_SUB(NOW(), INTERVAL %d DAY) > c.comment_date_gmt LIMIT 10000", $interval ) ) ) { - if ( empty( $comment_ids ) ) - return; - - $wpdb->queries = array(); - - foreach ( $comment_ids as $comment_id ) { - delete_comment_meta( $comment_id, 'akismet_as_submitted' ); - do_action( 'akismet_batch_delete_count', __FUNCTION__ ); - } - - do_action( 'akismet_delete_commentmeta_batch', count( $comment_ids ) ); - } - - if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->commentmeta ) ) // lucky number - $wpdb->query("OPTIMIZE TABLE {$wpdb->commentmeta}"); - } - - // Clear out comments meta that no longer have corresponding comments in the database - public static function delete_orphaned_commentmeta() { - global $wpdb; - - $last_meta_id = 0; - $start_time = isset( $_SERVER['REQUEST_TIME_FLOAT'] ) ? $_SERVER['REQUEST_TIME_FLOAT'] : microtime( true ); - $max_exec_time = max( ini_get('max_execution_time') - 5, 3 ); - - while ( $commentmeta_results = $wpdb->get_results( $wpdb->prepare( "SELECT m.meta_id, m.comment_id, m.meta_key FROM {$wpdb->commentmeta} as m LEFT JOIN {$wpdb->comments} as c USING(comment_id) WHERE c.comment_id IS NULL AND m.meta_id > %d ORDER BY m.meta_id LIMIT 1000", $last_meta_id ) ) ) { - if ( empty( $commentmeta_results ) ) - return; - - $wpdb->queries = array(); - - $commentmeta_deleted = 0; - - foreach ( $commentmeta_results as $commentmeta ) { - if ( 'akismet_' == substr( $commentmeta->meta_key, 0, 8 ) ) { - delete_comment_meta( $commentmeta->comment_id, $commentmeta->meta_key ); - do_action( 'akismet_batch_delete_count', __FUNCTION__ ); - $commentmeta_deleted++; - } - - $last_meta_id = $commentmeta->meta_id; - } - - do_action( 'akismet_delete_commentmeta_batch', $commentmeta_deleted ); - - // If we're getting close to max_execution_time, quit for this round. - if ( microtime(true) - $start_time > $max_exec_time ) - return; - } - - if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->commentmeta ) ) // lucky number - $wpdb->query("OPTIMIZE TABLE {$wpdb->commentmeta}"); - } - - // how many approved comments does this author have? - public static function get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { - global $wpdb; - - if ( !empty( $user_id ) ) - return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE user_id = %d AND comment_approved = 1", $user_id ) ); - - if ( !empty( $comment_author_email ) ) - return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); - - return 0; - } - - // get the full comment history for a given comment, as an array in reverse chronological order - public static function get_comment_history( $comment_id ) { - $history = get_comment_meta( $comment_id, 'akismet_history', false ); - if ( empty( $history ) || empty( $history[ 0 ] ) ) { - return false; - } - - /* - // To see all variants when testing. - $history[] = array( 'time' => 445856401, 'message' => 'Old versions of Akismet stored the message as a literal string in the commentmeta.', 'event' => null ); - $history[] = array( 'time' => 445856402, 'event' => 'recheck-spam' ); - $history[] = array( 'time' => 445856403, 'event' => 'check-spam' ); - $history[] = array( 'time' => 445856404, 'event' => 'recheck-ham' ); - $history[] = array( 'time' => 445856405, 'event' => 'check-ham' ); - $history[] = array( 'time' => 445856406, 'event' => 'wp-blacklisted' ); - $history[] = array( 'time' => 445856407, 'event' => 'report-spam' ); - $history[] = array( 'time' => 445856408, 'event' => 'report-spam', 'user' => 'sam' ); - $history[] = array( 'message' => 'sam reported this comment as spam (hardcoded message).', 'time' => 445856400, 'event' => 'report-spam', 'user' => 'sam' ); - $history[] = array( 'time' => 445856409, 'event' => 'report-ham', 'user' => 'sam' ); - $history[] = array( 'message' => 'sam reported this comment as ham (hardcoded message).', 'time' => 445856400, 'event' => 'report-ham', 'user' => 'sam' ); // - $history[] = array( 'time' => 445856410, 'event' => 'cron-retry-spam' ); - $history[] = array( 'time' => 445856411, 'event' => 'cron-retry-ham' ); - $history[] = array( 'time' => 445856412, 'event' => 'check-error' ); // - $history[] = array( 'time' => 445856413, 'event' => 'check-error', 'meta' => array( 'response' => 'The server was taking a nap.' ) ); - $history[] = array( 'time' => 445856414, 'event' => 'recheck-error' ); // Should not generate a message. - $history[] = array( 'time' => 445856415, 'event' => 'recheck-error', 'meta' => array( 'response' => 'The server was taking a nap.' ) ); - $history[] = array( 'time' => 445856416, 'event' => 'status-changedtrash' ); - $history[] = array( 'time' => 445856417, 'event' => 'status-changedspam' ); - $history[] = array( 'time' => 445856418, 'event' => 'status-changedhold' ); - $history[] = array( 'time' => 445856419, 'event' => 'status-changedapprove' ); - $history[] = array( 'time' => 445856420, 'event' => 'status-changed-trash' ); - $history[] = array( 'time' => 445856421, 'event' => 'status-changed-spam' ); - $history[] = array( 'time' => 445856422, 'event' => 'status-changed-hold' ); - $history[] = array( 'time' => 445856423, 'event' => 'status-changed-approve' ); - $history[] = array( 'time' => 445856424, 'event' => 'status-trash', 'user' => 'sam' ); - $history[] = array( 'time' => 445856425, 'event' => 'status-spam', 'user' => 'sam' ); - $history[] = array( 'time' => 445856426, 'event' => 'status-hold', 'user' => 'sam' ); - $history[] = array( 'time' => 445856427, 'event' => 'status-approve', 'user' => 'sam' ); - */ - - usort( $history, array( 'Akismet', '_cmp_time' ) ); - return $history; - } - - /** - * Log an event for a given comment, storing it in comment_meta. - * - * @param int $comment_id The ID of the relevant comment. - * @param string $message The string description of the event. No longer used. - * @param string $event The event code. - * @param array $meta Metadata about the history entry. e.g., the user that reported or changed the status of a given comment. - */ - public static function update_comment_history( $comment_id, $message, $event=null, $meta=null ) { - global $current_user; - - $user = ''; - - $event = array( - 'time' => self::_get_microtime(), - 'event' => $event, - ); - - if ( is_object( $current_user ) && isset( $current_user->user_login ) ) { - $event['user'] = $current_user->user_login; - } - - if ( ! empty( $meta ) ) { - $event['meta'] = $meta; - } - - // $unique = false so as to allow multiple values per comment - $r = add_comment_meta( $comment_id, 'akismet_history', $event, false ); - } - - public static function check_db_comment( $id, $recheck_reason = 'recheck_queue' ) { - global $wpdb; - - if ( ! self::get_api_key() ) { - return new WP_Error( 'akismet-not-configured', __( 'Akismet is not configured. Please enter an API key.', 'akismet' ) ); - } - - $c = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $id ), ARRAY_A ); - - if ( ! $c ) { - return new WP_Error( 'invalid-comment-id', __( 'Comment not found.', 'akismet' ) ); - } - - $c['user_ip'] = $c['comment_author_IP']; - $c['user_agent'] = $c['comment_agent']; - $c['referrer'] = ''; - $c['blog'] = get_option( 'home' ); - $c['blog_lang'] = get_locale(); - $c['blog_charset'] = get_option('blog_charset'); - $c['permalink'] = get_permalink($c['comment_post_ID']); - $c['recheck_reason'] = $recheck_reason; - - $c['user_role'] = ''; - if ( ! empty( $c['user_ID'] ) ) { - $c['user_role'] = Akismet::get_user_roles( $c['user_ID'] ); - } - - if ( self::is_test_mode() ) - $c['is_test'] = 'true'; - - $response = self::http_post( Akismet::build_query( $c ), 'comment-check' ); - - if ( ! empty( $response[1] ) ) { - return $response[1]; - } - - return false; - } - - public static function recheck_comment( $id, $recheck_reason = 'recheck_queue' ) { - add_comment_meta( $id, 'akismet_rechecking', true ); - - $api_response = self::check_db_comment( $id, $recheck_reason ); - - delete_comment_meta( $id, 'akismet_rechecking' ); - - if ( is_wp_error( $api_response ) ) { - // Invalid comment ID. - } - else if ( 'true' === $api_response ) { - wp_set_comment_status( $id, 'spam' ); - update_comment_meta( $id, 'akismet_result', 'true' ); - delete_comment_meta( $id, 'akismet_error' ); - delete_comment_meta( $id, 'akismet_delayed_moderation_email' ); - Akismet::update_comment_history( $id, '', 'recheck-spam' ); - } - elseif ( 'false' === $api_response ) { - update_comment_meta( $id, 'akismet_result', 'false' ); - delete_comment_meta( $id, 'akismet_error' ); - delete_comment_meta( $id, 'akismet_delayed_moderation_email' ); - Akismet::update_comment_history( $id, '', 'recheck-ham' ); - } - else { - // abnormal result: error - update_comment_meta( $id, 'akismet_result', 'error' ); - Akismet::update_comment_history( - $id, - '', - 'recheck-error', - array( 'response' => substr( $api_response, 0, 50 ) ) - ); - } - - return $api_response; - } - - public static function transition_comment_status( $new_status, $old_status, $comment ) { - - if ( $new_status == $old_status ) - return; - - if ( 'spam' === $new_status || 'spam' === $old_status ) { - // Clear the cache of the "X comments in your spam queue" count on the dashboard. - wp_cache_delete( 'akismet_spam_count', 'widget' ); - } - - # we don't need to record a history item for deleted comments - if ( $new_status == 'delete' ) - return; - - if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) && !current_user_can( 'moderate_comments' ) ) - return; - - if ( defined('WP_IMPORTING') && WP_IMPORTING == true ) - return; - - // if this is present, it means the status has been changed by a re-check, not an explicit user action - if ( get_comment_meta( $comment->comment_ID, 'akismet_rechecking' ) ) - return; - - // Assumption alert: - // We want to submit comments to Akismet only when a moderator explicitly spams or approves it - not if the status - // is changed automatically by another plugin. Unfortunately WordPress doesn't provide an unambiguous way to - // determine why the transition_comment_status action was triggered. And there are several different ways by which - // to spam and unspam comments: bulk actions, ajax, links in moderation emails, the dashboard, and perhaps others. - // We'll assume that this is an explicit user action if certain POST/GET variables exist. - if ( - // status=spam: Marking as spam via the REST API or... - // status=unspam: I'm not sure. Maybe this used to be used instead of status=approved? Or the UI for removing from spam but not approving has been since removed?... - // status=approved: Unspamming via the REST API (Calypso) or... - ( isset( $_POST['status'] ) && in_array( $_POST['status'], array( 'spam', 'unspam', 'approved', ) ) ) - // spam=1: Clicking "Spam" underneath a comment in wp-admin and allowing the AJAX request to happen. - || ( isset( $_POST['spam'] ) && (int) $_POST['spam'] == 1 ) - // unspam=1: Clicking "Not Spam" underneath a comment in wp-admin and allowing the AJAX request to happen. Or, clicking "Undo" after marking something as spam. - || ( isset( $_POST['unspam'] ) && (int) $_POST['unspam'] == 1 ) - // comment_status=spam/unspam: It's unclear where this is happening. - || ( isset( $_POST['comment_status'] ) && in_array( $_POST['comment_status'], array( 'spam', 'unspam' ) ) ) - // action=spam: Choosing "Mark as Spam" from the Bulk Actions dropdown in wp-admin (or the "Spam it" link in notification emails). - // action=unspam: Choosing "Not Spam" from the Bulk Actions dropdown in wp-admin. - // action=spamcomment: Following the "Spam" link below a comment in wp-admin (not allowing AJAX request to happen). - // action=unspamcomment: Following the "Not Spam" link below a comment in wp-admin (not allowing AJAX request to happen). - || ( isset( $_GET['action'] ) && in_array( $_GET['action'], array( 'spam', 'unspam', 'spamcomment', 'unspamcomment', ) ) ) - // action=editedcomment: Editing a comment via wp-admin (and possibly changing its status). - || ( isset( $_POST['action'] ) && in_array( $_POST['action'], array( 'editedcomment' ) ) ) - // for=jetpack: Moderation via the WordPress app, Calypso, anything powered by the Jetpack connection. - || ( isset( $_GET['for'] ) && ( 'jetpack' == $_GET['for'] ) && ( ! defined( 'IS_WPCOM' ) || ! IS_WPCOM ) ) - // Certain WordPress.com API requests - || ( defined( 'REST_API_REQUEST' ) && REST_API_REQUEST ) - // WordPress.org REST API requests - || ( defined( 'REST_REQUEST' ) && REST_REQUEST ) - ) { - if ( $new_status == 'spam' && ( $old_status == 'approved' || $old_status == 'unapproved' || !$old_status ) ) { - return self::submit_spam_comment( $comment->comment_ID ); - } elseif ( $old_status == 'spam' && ( $new_status == 'approved' || $new_status == 'unapproved' ) ) { - return self::submit_nonspam_comment( $comment->comment_ID ); - } - } - - self::update_comment_history( $comment->comment_ID, '', 'status-' . $new_status ); - } - - public static function submit_spam_comment( $comment_id ) { - global $wpdb, $current_user, $current_site; - - $comment_id = (int) $comment_id; - - $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) ); - - if ( !$comment ) // it was deleted - return; - - if ( 'spam' != $comment->comment_approved ) - return; - - self::update_comment_history( $comment_id, '', 'report-spam' ); - - // If the user hasn't configured Akismet, there's nothing else to do at this point. - if ( ! self::get_api_key() ) { - return; - } - - // use the original version stored in comment_meta if available - $as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) ); - - if ( $as_submitted && is_array( $as_submitted ) && isset( $as_submitted['comment_content'] ) ) - $comment = (object) array_merge( (array)$comment, $as_submitted ); - - $comment->blog = get_option( 'home' ); - $comment->blog_lang = get_locale(); - $comment->blog_charset = get_option('blog_charset'); - $comment->permalink = get_permalink($comment->comment_post_ID); - - if ( is_object($current_user) ) - $comment->reporter = $current_user->user_login; - - if ( is_object($current_site) ) - $comment->site_domain = $current_site->domain; - - $comment->user_role = ''; - if ( ! empty( $comment->user_ID ) ) { - $comment->user_role = Akismet::get_user_roles( $comment->user_ID ); - } - - if ( self::is_test_mode() ) - $comment->is_test = 'true'; - - $post = get_post( $comment->comment_post_ID ); - - if ( ! is_null( $post ) ) { - $comment->comment_post_modified_gmt = $post->post_modified_gmt; - } - - $response = Akismet::http_post( Akismet::build_query( $comment ), 'submit-spam' ); - - update_comment_meta( $comment_id, 'akismet_user_result', 'true' ); - - if ( $comment->reporter ) { - update_comment_meta( $comment_id, 'akismet_user', $comment->reporter ); - } - - do_action('akismet_submit_spam_comment', $comment_id, $response[1]); - } - - public static function submit_nonspam_comment( $comment_id ) { - global $wpdb, $current_user, $current_site; - - $comment_id = (int) $comment_id; - - $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) ); - if ( !$comment ) // it was deleted - return; - - self::update_comment_history( $comment_id, '', 'report-ham' ); - - // If the user hasn't configured Akismet, there's nothing else to do at this point. - if ( ! self::get_api_key() ) { - return; - } - - // use the original version stored in comment_meta if available - $as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) ); - - if ( $as_submitted && is_array($as_submitted) && isset($as_submitted['comment_content']) ) - $comment = (object) array_merge( (array)$comment, $as_submitted ); - - $comment->blog = get_option( 'home' ); - $comment->blog_lang = get_locale(); - $comment->blog_charset = get_option('blog_charset'); - $comment->permalink = get_permalink( $comment->comment_post_ID ); - $comment->user_role = ''; - - if ( is_object($current_user) ) - $comment->reporter = $current_user->user_login; - - if ( is_object($current_site) ) - $comment->site_domain = $current_site->domain; - - if ( ! empty( $comment->user_ID ) ) { - $comment->user_role = Akismet::get_user_roles( $comment->user_ID ); - } - - if ( Akismet::is_test_mode() ) - $comment->is_test = 'true'; - - $post = get_post( $comment->comment_post_ID ); - - if ( ! is_null( $post ) ) { - $comment->comment_post_modified_gmt = $post->post_modified_gmt; - } - - $response = self::http_post( Akismet::build_query( $comment ), 'submit-ham' ); - - update_comment_meta( $comment_id, 'akismet_user_result', 'false' ); - - if ( $comment->reporter ) { - update_comment_meta( $comment_id, 'akismet_user', $comment->reporter ); - } - - do_action('akismet_submit_nonspam_comment', $comment_id, $response[1]); - } - - public static function cron_recheck() { - global $wpdb; - - $api_key = self::get_api_key(); - - $status = self::verify_key( $api_key ); - if ( get_option( 'akismet_alert_code' ) || $status == 'invalid' ) { - // since there is currently a problem with the key, reschedule a check for 6 hours hence - wp_schedule_single_event( time() + 21600, 'akismet_schedule_cron_recheck' ); - do_action( 'akismet_scheduled_recheck', 'key-problem-' . get_option( 'akismet_alert_code' ) . '-' . $status ); - return false; - } - - delete_option('akismet_available_servers'); - - $comment_errors = $wpdb->get_col( "SELECT comment_id FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error' LIMIT 100" ); - - load_plugin_textdomain( 'akismet' ); - - foreach ( (array) $comment_errors as $comment_id ) { - // if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck - $comment = get_comment( $comment_id ); - - if ( - ! $comment // Comment has been deleted - || strtotime( $comment->comment_date_gmt ) < strtotime( "-15 days" ) // Comment is too old. - || $comment->comment_approved !== "0" // Comment is no longer in the Pending queue - ) { - delete_comment_meta( $comment_id, 'akismet_error' ); - delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); - continue; - } - - add_comment_meta( $comment_id, 'akismet_rechecking', true ); - $status = self::check_db_comment( $comment_id, 'retry' ); - - $event = ''; - if ( $status == 'true' ) { - $event = 'cron-retry-spam'; - } elseif ( $status == 'false' ) { - $event = 'cron-retry-ham'; - } - - // If we got back a legit response then update the comment history - // other wise just bail now and try again later. No point in - // re-trying all the comments once we hit one failure. - if ( !empty( $event ) ) { - delete_comment_meta( $comment_id, 'akismet_error' ); - self::update_comment_history( $comment_id, '', $event ); - update_comment_meta( $comment_id, 'akismet_result', $status ); - // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. - $comment = get_comment( $comment_id ); - if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) { - if ( $status == 'true' ) { - wp_spam_comment( $comment_id ); - } elseif ( $status == 'false' ) { - // comment is good, but it's still in the pending queue. depending on the moderation settings - // we may need to change it to approved. - if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) ) - wp_set_comment_status( $comment_id, 1 ); - else if ( get_comment_meta( $comment_id, 'akismet_delayed_moderation_email', true ) ) - wp_notify_moderator( $comment_id ); - } - } - - delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); - } else { - // If this comment has been pending moderation for longer than MAX_DELAY_BEFORE_MODERATION_EMAIL, - // send a moderation email now. - if ( ( intval( gmdate( 'U' ) ) - strtotime( $comment->comment_date_gmt ) ) < self::MAX_DELAY_BEFORE_MODERATION_EMAIL ) { - delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); - wp_notify_moderator( $comment_id ); - } - - delete_comment_meta( $comment_id, 'akismet_rechecking' ); - wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); - do_action( 'akismet_scheduled_recheck', 'check-db-comment-' . $status ); - return; - } - delete_comment_meta( $comment_id, 'akismet_rechecking' ); - } - - $remaining = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'" ); - if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) { - wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); - do_action( 'akismet_scheduled_recheck', 'remaining' ); - } - } - - public static function fix_scheduled_recheck() { - $future_check = wp_next_scheduled( 'akismet_schedule_cron_recheck' ); - if ( !$future_check ) { - return; - } - - if ( get_option( 'akismet_alert_code' ) > 0 ) { - return; - } - - $check_range = time() + 1200; - if ( $future_check > $check_range ) { - wp_clear_scheduled_hook( 'akismet_schedule_cron_recheck' ); - wp_schedule_single_event( time() + 300, 'akismet_schedule_cron_recheck' ); - do_action( 'akismet_scheduled_recheck', 'fix-scheduled-recheck' ); - } - } - - public static function add_comment_nonce( $post_id ) { - /** - * To disable the Akismet comment nonce, add a filter for the 'akismet_comment_nonce' tag - * and return any string value that is not 'true' or '' (empty string). - * - * Don't return boolean false, because that implies that the 'akismet_comment_nonce' option - * has not been set and that Akismet should just choose the default behavior for that - * situation. - */ - - if ( ! self::get_api_key() ) { - return; - } - - $akismet_comment_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); - - if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' ) { - echo ''; - } - } - - public static function is_test_mode() { - return defined('AKISMET_TEST_MODE') && AKISMET_TEST_MODE; - } - - public static function allow_discard() { - if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) - return false; - if ( is_user_logged_in() ) - return false; - - return ( get_option( 'akismet_strictness' ) === '1' ); - } - - public static function get_ip_address() { - return isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : null; - } - - /** - * Do these two comments, without checking the comment_ID, "match"? - * - * @param mixed $comment1 A comment object or array. - * @param mixed $comment2 A comment object or array. - * @return bool Whether the two comments should be treated as the same comment. - */ - private static function comments_match( $comment1, $comment2 ) { - $comment1 = (array) $comment1; - $comment2 = (array) $comment2; - - // Set default values for these strings that we check in order to simplify - // the checks and avoid PHP warnings. - if ( ! isset( $comment1['comment_author'] ) ) { - $comment1['comment_author'] = ''; - } - - if ( ! isset( $comment2['comment_author'] ) ) { - $comment2['comment_author'] = ''; - } - - if ( ! isset( $comment1['comment_author_email'] ) ) { - $comment1['comment_author_email'] = ''; - } - - if ( ! isset( $comment2['comment_author_email'] ) ) { - $comment2['comment_author_email'] = ''; - } - - $comments_match = ( - isset( $comment1['comment_post_ID'], $comment2['comment_post_ID'] ) - && intval( $comment1['comment_post_ID'] ) == intval( $comment2['comment_post_ID'] ) - && ( - // The comment author length max is 255 characters, limited by the TINYTEXT column type. - // If the comment author includes multibyte characters right around the 255-byte mark, they - // may be stripped when the author is saved in the DB, so a 300+ char author may turn into - // a 253-char author when it's saved, not 255 exactly. The longest possible character is - // theoretically 6 bytes, so we'll only look at the first 248 bytes to be safe. - substr( $comment1['comment_author'], 0, 248 ) == substr( $comment2['comment_author'], 0, 248 ) - || substr( stripslashes( $comment1['comment_author'] ), 0, 248 ) == substr( $comment2['comment_author'], 0, 248 ) - || substr( $comment1['comment_author'], 0, 248 ) == substr( stripslashes( $comment2['comment_author'] ), 0, 248 ) - // Certain long comment author names will be truncated to nothing, depending on their encoding. - || ( ! $comment1['comment_author'] && strlen( $comment2['comment_author'] ) > 248 ) - || ( ! $comment2['comment_author'] && strlen( $comment1['comment_author'] ) > 248 ) - ) - && ( - // The email max length is 100 characters, limited by the VARCHAR(100) column type. - // Same argument as above for only looking at the first 93 characters. - substr( $comment1['comment_author_email'], 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 ) - || substr( stripslashes( $comment1['comment_author_email'] ), 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 ) - || substr( $comment1['comment_author_email'], 0, 93 ) == substr( stripslashes( $comment2['comment_author_email'] ), 0, 93 ) - // Very long emails can be truncated and then stripped if the [0:100] substring isn't a valid address. - || ( ! $comment1['comment_author_email'] && strlen( $comment2['comment_author_email'] ) > 100 ) - || ( ! $comment2['comment_author_email'] && strlen( $comment1['comment_author_email'] ) > 100 ) - ) - ); - - return $comments_match; - } - - // Does the supplied comment match the details of the one most recently stored in self::$last_comment? - public static function matches_last_comment( $comment ) { - return self::comments_match( self::$last_comment, $comment ); - } - - private static function get_user_agent() { - return isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : null; - } - - private static function get_referer() { - return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : null; - } - - // return a comma-separated list of role names for the given user - public static function get_user_roles( $user_id ) { - $roles = false; - - if ( !class_exists('WP_User') ) - return false; - - if ( $user_id > 0 ) { - $comment_user = new WP_User( $user_id ); - if ( isset( $comment_user->roles ) ) - $roles = join( ',', $comment_user->roles ); - } - - if ( is_multisite() && is_super_admin( $user_id ) ) { - if ( empty( $roles ) ) { - $roles = 'super_admin'; - } else { - $comment_user->roles[] = 'super_admin'; - $roles = join( ',', $comment_user->roles ); - } - } - - return $roles; - } - - // filter handler used to return a spam result to pre_comment_approved - public static function last_comment_status( $approved, $comment ) { - if ( is_null( self::$last_comment_result ) ) { - // We didn't have reason to store the result of the last check. - return $approved; - } - - // Only do this if it's the correct comment - if ( ! self::matches_last_comment( $comment ) ) { - self::log( "comment_is_spam mismatched comment, returning unaltered $approved" ); - return $approved; - } - - if ( 'trash' === $approved ) { - // If the last comment we checked has had its approval set to 'trash', - // then it failed the comment blacklist check. Let that blacklist override - // the spam check, since users have the (valid) expectation that when - // they fill out their blacklists, comments that match it will always - // end up in the trash. - return $approved; - } - - // bump the counter here instead of when the filter is added to reduce the possibility of overcounting - if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) - update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); - - return self::$last_comment_result; - } - - /** - * If Akismet is temporarily unreachable, we don't want to "spam" the blogger with - * moderation emails for comments that will be automatically cleared or spammed on - * the next retry. - * - * For comments that will be rechecked later, empty the list of email addresses that - * the moderation email would be sent to. - * - * @param array $emails An array of email addresses that the moderation email will be sent to. - * @param int $comment_id The ID of the relevant comment. - * @return array An array of email addresses that the moderation email will be sent to. - */ - public static function disable_moderation_emails_if_unreachable( $emails, $comment_id ) { - if ( ! empty( self::$prevent_moderation_email_for_these_comments ) && ! empty( $emails ) ) { - $comment = get_comment( $comment_id ); - - foreach ( self::$prevent_moderation_email_for_these_comments as $possible_match ) { - if ( self::comments_match( $possible_match, $comment ) ) { - update_comment_meta( $comment_id, 'akismet_delayed_moderation_email', true ); - return array(); - } - } - } - - return $emails; - } - - public static function _cmp_time( $a, $b ) { - return $a['time'] > $b['time'] ? -1 : 1; - } - - public static function _get_microtime() { - $mtime = explode( ' ', microtime() ); - return $mtime[1] + $mtime[0]; - } - - /** - * Make a POST request to the Akismet API. - * - * @param string $request The body of the request. - * @param string $path The path for the request. - * @param string $ip The specific IP address to hit. - * @return array A two-member array consisting of the headers and the response body, both empty in the case of a failure. - */ - public static function http_post( $request, $path, $ip=null ) { - - $akismet_ua = sprintf( 'WordPress/%s | Akismet/%s', $GLOBALS['wp_version'], constant( 'AKISMET_VERSION' ) ); - $akismet_ua = apply_filters( 'akismet_ua', $akismet_ua ); - - $content_length = strlen( $request ); - - $api_key = self::get_api_key(); - $host = self::API_HOST; - - if ( !empty( $api_key ) ) - $host = $api_key.'.'.$host; - - $http_host = $host; - // use a specific IP if provided - // needed by Akismet_Admin::check_server_connectivity() - if ( $ip && long2ip( ip2long( $ip ) ) ) { - $http_host = $ip; - } - - $http_args = array( - 'body' => $request, - 'headers' => array( - 'Content-Type' => 'application/x-www-form-urlencoded; charset=' . get_option( 'blog_charset' ), - 'Host' => $host, - 'User-Agent' => $akismet_ua, - ), - 'httpversion' => '1.0', - 'timeout' => 15 - ); - - $akismet_url = $http_akismet_url = "http://{$http_host}/1.1/{$path}"; - - /** - * Try SSL first; if that fails, try without it and don't try it again for a while. - */ - - $ssl = $ssl_failed = false; - - // Check if SSL requests were disabled fewer than X hours ago. - $ssl_disabled = get_option( 'akismet_ssl_disabled' ); - - if ( $ssl_disabled && $ssl_disabled < ( time() - 60 * 60 * 24 ) ) { // 24 hours - $ssl_disabled = false; - delete_option( 'akismet_ssl_disabled' ); - } - else if ( $ssl_disabled ) { - do_action( 'akismet_ssl_disabled' ); - } - - if ( ! $ssl_disabled && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) { - $akismet_url = set_url_scheme( $akismet_url, 'https' ); - - do_action( 'akismet_https_request_pre' ); - } - - $response = wp_remote_post( $akismet_url, $http_args ); - - Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) ); - - if ( $ssl && is_wp_error( $response ) ) { - do_action( 'akismet_https_request_failure', $response ); - - // Intermittent connection problems may cause the first HTTPS - // request to fail and subsequent HTTP requests to succeed randomly. - // Retry the HTTPS request once before disabling SSL for a time. - $response = wp_remote_post( $akismet_url, $http_args ); - - Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) ); - - if ( is_wp_error( $response ) ) { - $ssl_failed = true; - - do_action( 'akismet_https_request_failure', $response ); - - do_action( 'akismet_http_request_pre' ); - - // Try the request again without SSL. - $response = wp_remote_post( $http_akismet_url, $http_args ); - - Akismet::log( compact( 'http_akismet_url', 'http_args', 'response' ) ); - } - } - - if ( is_wp_error( $response ) ) { - do_action( 'akismet_request_failure', $response ); - - return array( '', '' ); - } - - if ( $ssl_failed ) { - // The request failed when using SSL but succeeded without it. Disable SSL for future requests. - update_option( 'akismet_ssl_disabled', time() ); - - do_action( 'akismet_https_disabled' ); - } - - $simplified_response = array( $response['headers'], $response['body'] ); - - self::update_alert( $simplified_response ); - - return $simplified_response; - } - - // given a response from an API call like check_key_status(), update the alert code options if an alert is present. - public static function update_alert( $response ) { - $code = $msg = null; - if ( isset( $response[0]['x-akismet-alert-code'] ) ) { - $code = $response[0]['x-akismet-alert-code']; - $msg = $response[0]['x-akismet-alert-msg']; - } - - // only call update_option() if the value has changed - if ( $code != get_option( 'akismet_alert_code' ) ) { - if ( ! $code ) { - delete_option( 'akismet_alert_code' ); - delete_option( 'akismet_alert_msg' ); - } - else { - update_option( 'akismet_alert_code', $code ); - update_option( 'akismet_alert_msg', $msg ); - } - } - } - - public static function load_form_js() { - if ( function_exists( 'is_amp_endpoint' ) && is_amp_endpoint() ) { - return; - } - - if ( ! self::get_api_key() ) { - return; - } - - wp_register_script( 'akismet-form', plugin_dir_url( __FILE__ ) . '_inc/form.js', array(), AKISMET_VERSION, true ); - wp_enqueue_script( 'akismet-form' ); - } - - /** - * Mark form.js as async. Because nothing depends on it, it can run at any time - * after it's loaded, and the browser won't have to wait for it to load to continue - * parsing the rest of the page. - */ - public static function set_form_js_async( $tag, $handle, $src ) { - if ( 'akismet-form' !== $handle ) { - return $tag; - } - - return preg_replace( '/^