' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . + '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . + '' . esc_html__( 'On this page, you are able to set up the Akismet plugin.' , 'akismet') . '
', + ) + ); + + $current_screen->add_help_tab( + array( + 'id' => 'setup-signup', + 'title' => __( 'New to Akismet' , 'akismet'), + 'content' => + '' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . + '' . esc_html__( 'You need to enter an API key to activate the Akismet service on your site.' , 'akismet') . '
' . + '' . sprintf( __( 'Sign up for an account on %s to get an API Key.' , 'akismet'), 'Akismet.com' ) . '
', + ) + ); + + $current_screen->add_help_tab( + array( + 'id' => 'setup-manual', + 'title' => __( 'Enter an API Key' , 'akismet'), + 'content' => + '' . esc_html__( 'Akismet Setup' , 'akismet') . '
' . + '' . esc_html__( 'If you already have an API key' , 'akismet') . '
' . + '- ' .
+ '
- ' . esc_html__( 'Copy and paste the API key into the text field.' , 'akismet') . ' ' . + '
- ' . esc_html__( 'Click the Use this Key button.' , 'akismet') . ' ' . + '
' . esc_html__( 'Akismet Stats' , 'akismet') . '
' . + '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . + '' . esc_html__( 'On this page, you are able to view stats on spam filtered on your site.' , 'akismet') . '
', + ) + ); + } + else { + //configuration page + $current_screen->add_help_tab( + array( + 'id' => 'overview', + 'title' => __( 'Overview' , 'akismet'), + 'content' => + '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . + '' . esc_html__( 'Akismet filters out spam, so you can focus on more important things.' , 'akismet') . '
' . + '' . esc_html__( 'On this page, you are able to enter/remove an API key, view account information and view spam stats.' , 'akismet') . '
', + ) + ); + + $current_screen->add_help_tab( + array( + 'id' => 'settings', + 'title' => __( 'Settings' , 'akismet'), + 'content' => + '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . + '' . esc_html__( 'API Key' , 'akismet') . ' - ' . esc_html__( 'Enter/remove an API key.' , 'akismet') . '
' . + '' . esc_html__( 'Comments' , 'akismet') . ' - ' . esc_html__( 'Show the number of approved comments beside each comment author in the comments list page.' , 'akismet') . '
' . + '' . esc_html__( 'Strictness' , 'akismet') . ' - ' . esc_html__( 'Choose to either discard the worst spam automatically or to always put all spam in spam folder.' , 'akismet') . '
', + ) + ); + + $current_screen->add_help_tab( + array( + 'id' => 'account', + 'title' => __( 'Account' , 'akismet'), + 'content' => + '' . esc_html__( 'Akismet Configuration' , 'akismet') . '
' . + '' . esc_html__( 'Subscription Type' , 'akismet') . ' - ' . esc_html__( 'The Akismet subscription plan' , 'akismet') . '
' . + '' . esc_html__( 'Status' , 'akismet') . ' - ' . esc_html__( 'The subscription status - active, cancelled or suspended' , 'akismet') . '
', + ) + ); + } + } + + // Help Sidebar + $current_screen->set_help_sidebar( + '' . esc_html__( 'For more information:' , 'akismet') . '
' . + '' . esc_html__( 'Akismet FAQ' , 'akismet') . '
' . + '' . esc_html__( 'Akismet Support' , 'akismet') . '
' + ); + } + + public static function enter_api_key() { + if ( function_exists('current_user_can') && !current_user_can('manage_options') ) + die(__('Cheatin’ uh?', 'akismet')); + + if ( !wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) ) + return false; + + foreach( array( 'akismet_strictness', 'akismet_show_user_comments_approved' ) as $option ) { + update_option( $option, isset( $_POST[$option] ) && (int) $_POST[$option] == 1 ? '1' : '0' ); + } + + if ( defined( 'WPCOM_API_KEY' ) ) + return false; //shouldn't have option to save key if already defined + + $new_key = preg_replace( '/[^a-f0-9]/i', '', $_POST['key'] ); + $old_key = Akismet::get_api_key(); + + if ( empty( $new_key ) ) { + if ( !empty( $old_key ) ) { + delete_option( 'wordpress_api_key' ); + self::$notices[] = 'new-key-empty'; + } + } + elseif ( $new_key != $old_key ) { + self::save_key( $new_key ); + } + + return true; + } + + public static function save_key( $api_key ) { + $key_status = Akismet::verify_key( $api_key ); + + if ( $key_status == 'valid' ) { + $akismet_user = self::get_akismet_user( $api_key ); + + if ( $akismet_user ) { + if ( in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) ) ) + update_option( 'wordpress_api_key', $api_key ); + + if ( $akismet_user->status == 'active' ) + self::$notices['status'] = 'new-key-valid'; + elseif ( $akismet_user->status == 'notice' ) + self::$notices['status'] = $akismet_user; + else + self::$notices['status'] = $akismet_user->status; + } + else + self::$notices['status'] = 'new-key-invalid'; + } + elseif ( in_array( $key_status, array( 'invalid', 'failed' ) ) ) + self::$notices['status'] = 'new-key-'.$key_status; + } + + public static function dashboard_stats() { + if ( !function_exists('did_action') || did_action( 'rightnow_end' ) ) + return; // We already displayed this info in the "Right Now" section + + if ( !$count = get_option('akismet_spam_count') ) + return; + + global $submenu; + + echo '' . esc_html( _x( 'Spam', 'comments' , 'akismet') ) . '
'; + + echo ''.sprintf( _n( + 'Akismet has protected your site from %3$s spam comment.', + 'Akismet has protected your site from %3$s spam comments.', + $count + , 'akismet'), 'https://akismet.com/wordpress/', esc_url( add_query_arg( array( 'page' => 'akismet-admin' ), admin_url( isset( $submenu['edit-comments.php'] ) ? 'edit-comments.php' : 'edit.php' ) ) ), number_format_i18n($count) ).'
'; + } + + // WP 2.5+ + public static function rightnow_stats() { + if ( $count = get_option('akismet_spam_count') ) { + $intro = sprintf( _n( + 'Akismet has protected your site from %2$s spam comment already. ', + 'Akismet has protected your site from %2$s spam comments already. ', + $count + , 'akismet'), 'https://akismet.com/wordpress/', number_format_i18n( $count ) ); + } else { + $intro = sprintf( __('Akismet blocks spam from getting to your blog. ', 'akismet'), 'https://akismet.com/wordpress/' ); + } + + $link = add_query_arg( array( 'comment_status' => 'spam' ), admin_url( 'edit-comments.php' ) ); + + if ( $queue_count = self::get_spam_count() ) { + $queue_text = sprintf( _n( + 'There’s %1$s comment in your spam queue right now.', + 'There are %1$s comments in your spam queue right now.', + $queue_count + , 'akismet'), number_format_i18n( $queue_count ), esc_url( $link ) ); + } else { + $queue_text = sprintf( __( "There’s nothing in your spam queue at the moment." , 'akismet'), esc_url( $link ) ); + } + + $text = $intro . '' . $queue_text; + echo "\n"; + } + + public static function check_for_spam_button( $comment_status ) { + // The "Check for Spam" button should only appear when the page might be showing + // a comment with comment_approved=0, which means an un-trashed, un-spammed, + // not-yet-moderated comment. + if ( 'all' != $comment_status && 'moderated' != $comment_status ) { + return; + } + + if ( function_exists('plugins_url') ) + $link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) ); + else + $link = add_query_arg( array( 'page' => 'akismet-admin', 'recheckqueue' => 'true', 'noheader' => 'true' ), admin_url( 'edit-comments.php' ) ); + + echo '
' . esc_html__('Check for Spam', 'akismet') . '';
+ }
+
+ public static function recheck_queue() {
+ global $wpdb;
+
+ Akismet::fix_scheduled_recheck();
+
+ if ( ! ( isset( $_GET['recheckqueue'] ) || ( isset( $_REQUEST['action'] ) && 'akismet_recheck_queue' == $_REQUEST['action'] ) ) )
+ return;
+
+ $paginate = '';
+ if ( isset( $_POST['limit'] ) && isset( $_POST['offset'] ) ) {
+ $paginate = $wpdb->prepare( " LIMIT %d OFFSET %d", array( $_POST['limit'], $_POST['offset'] ) );
+ }
+ $moderation = $wpdb->get_results( "SELECT * FROM {$wpdb->comments} WHERE comment_approved = '0'{$paginate}", ARRAY_A );
+
+ $result_counts = array(
+ 'spam' => 0,
+ 'ham' => 0,
+ 'error' => 0,
+ );
+
+ foreach ( (array) $moderation as $c ) {
+ $c['user_ip'] = $c['comment_author_IP'];
+ $c['user_agent'] = $c['comment_agent'];
+ $c['referrer'] = '';
+ $c['blog'] = get_bloginfo('url');
+ $c['blog_lang'] = get_locale();
+ $c['blog_charset'] = get_option('blog_charset');
+ $c['permalink'] = get_permalink($c['comment_post_ID']);
+
+ $c['user_role'] = '';
+ if ( isset( $c['user_ID'] ) )
+ $c['user_role'] = Akismet::get_user_roles($c['user_ID']);
+
+ if ( Akismet::is_test_mode() )
+ $c['is_test'] = 'true';
+
+ add_comment_meta( $c['comment_ID'], 'akismet_rechecking', true );
+
+ $response = Akismet::http_post( Akismet::build_query( $c ), 'comment-check' );
+
+ if ( 'true' == $response[1] ) {
+ wp_set_comment_status( $c['comment_ID'], 'spam' );
+ update_comment_meta( $c['comment_ID'], 'akismet_result', 'true' );
+ delete_comment_meta( $c['comment_ID'], 'akismet_error' );
+ delete_comment_meta( $c['comment_ID'], 'akismet_delayed_moderation_email' );
+ Akismet::update_comment_history( $c['comment_ID'], '', 'recheck-spam' );
+ ++$result_counts['spam'];
+ } elseif ( 'false' == $response[1] ) {
+ update_comment_meta( $c['comment_ID'], 'akismet_result', 'false' );
+ delete_comment_meta( $c['comment_ID'], 'akismet_error' );
+ delete_comment_meta( $c['comment_ID'], 'akismet_delayed_moderation_email' );
+ Akismet::update_comment_history( $c['comment_ID'], '', 'recheck-ham' );
+ ++$result_counts['ham'];
+ } else {
+ // abnormal result: error
+ update_comment_meta( $c['comment_ID'], 'akismet_result', 'error' );
+ Akismet::update_comment_history(
+ $c['comment_ID'],
+ '',
+ 'recheck-error',
+ array( 'response' => substr( $response[1], 0, 50 ) )
+ );
+ ++$result_counts['error'];
+ }
+
+ delete_comment_meta( $c['comment_ID'], 'akismet_rechecking' );
+ }
+ if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
+ wp_send_json( array(
+ 'processed' => count((array) $moderation),
+ 'counts' => $result_counts,
+ ));
+ }
+ else {
+ $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_url( 'edit-comments.php' );
+ wp_safe_redirect( $redirect_to );
+ exit;
+ }
+ }
+
+ // Adds an 'x' link next to author URLs, clicking will remove the author URL and show an undo link
+ public static function remove_comment_author_url() {
+ if ( !empty( $_POST['id'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
+ $comment = get_comment( intval( $_POST['id'] ), ARRAY_A );
+ if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
+ $comment['comment_author_url'] = '';
+ do_action( 'comment_remove_author_url' );
+ print( wp_update_comment( $comment ) );
+ die();
+ }
+ }
+ }
+
+ public static function add_comment_author_url() {
+ if ( !empty( $_POST['id'] ) && !empty( $_POST['url'] ) && check_admin_referer( 'comment_author_url_nonce' ) ) {
+ $comment = get_comment( intval( $_POST['id'] ), ARRAY_A );
+ if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
+ $comment['comment_author_url'] = esc_url( $_POST['url'] );
+ do_action( 'comment_add_author_url' );
+ print( wp_update_comment( $comment ) );
+ die();
+ }
+ }
+ }
+
+ public static function comment_row_action( $a, $comment ) {
+
+ // failsafe for old WP versions
+ if ( !function_exists('add_comment_meta') )
+ return $a;
+
+ $akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
+ $akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
+ $user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);
+ $comment_status = wp_get_comment_status( $comment->comment_ID );
+ $desc = null;
+ if ( $akismet_error ) {
+ $desc = __( 'Awaiting spam check' , 'akismet');
+ } elseif ( !$user_result || $user_result == $akismet_result ) {
+ // Show the original Akismet result if the user hasn't overridden it, or if their decision was the same
+ if ( $akismet_result == 'true' && $comment_status != 'spam' && $comment_status != 'trash' )
+ $desc = __( 'Flagged as spam by Akismet' , 'akismet');
+ elseif ( $akismet_result == 'false' && $comment_status == 'spam' )
+ $desc = __( 'Cleared by Akismet' , 'akismet');
+ } else {
+ $who = get_comment_meta( $comment->comment_ID, 'akismet_user', true );
+ if ( $user_result == 'true' )
+ $desc = sprintf( __('Flagged as spam by %s', 'akismet'), $who );
+ else
+ $desc = sprintf( __('Un-spammed by %s', 'akismet'), $who );
+ }
+
+ // add a History item to the hover links, just after Edit
+ if ( $akismet_result ) {
+ $b = array();
+ foreach ( $a as $k => $item ) {
+ $b[ $k ] = $item;
+ if (
+ $k == 'edit'
+ || ( $k == 'unspam' && $GLOBALS['wp_version'] >= 3.4 )
+ ) {
+ $b['history'] = ' '. esc_html__('History', 'akismet') . '';
+ }
+ }
+
+ $a = $b;
+ }
+
+ if ( $desc )
+ echo '';
+
+ $show_user_comments = apply_filters( 'akismet_show_user_comments_approved', get_option('akismet_show_user_comments_approved') );
+ $show_user_comments = $show_user_comments === 'false' ? false : $show_user_comments; //option used to be saved as 'false' / 'true'
+
+ if ( $show_user_comments ) {
+ $comment_count = Akismet::get_user_comments_approved( $comment->user_id, $comment->comment_author_email, $comment->comment_author, $comment->comment_author_url );
+ $comment_count = intval( $comment_count );
+ echo '';
+ }
+
+ return $a;
+ }
+
+ public static function comment_status_meta_box( $comment ) {
+ $history = Akismet::get_comment_history( $comment->comment_ID );
+
+ if ( $history ) {
+ echo '';
+ }
+ }
+
+ public static function plugin_action_links( $links, $file ) {
+ if ( $file == plugin_basename( plugin_dir_url( __FILE__ ) . '/akismet.php' ) ) {
+ $links[] = ''.esc_html__( 'Settings' , 'akismet').'';
+ }
+
+ return $links;
+ }
+
+ // Total spam in queue
+ // get_option( 'akismet_spam_count' ) is the total caught ever
+ public static function get_spam_count( $type = false ) {
+ global $wpdb;
+
+ if ( !$type ) { // total
+ $count = wp_cache_get( 'akismet_spam_count', 'widget' );
+ if ( false === $count ) {
+ if ( function_exists('wp_count_comments') ) {
+ $count = wp_count_comments();
+ $count = $count->spam;
+ } else {
+ $count = (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam'");
+ }
+ wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 );
+ }
+ return $count;
+ } elseif ( 'comments' == $type || 'comment' == $type ) { // comments
+ $type = '';
+ }
+
+ return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam' AND comment_type = %s", $type ) );
+ }
+
+ // Check connectivity between the WordPress blog and Akismet's servers.
+ // Returns an associative array of server IP addresses, where the key is the IP address, and value is true (available) or false (unable to connect).
+ public static function check_server_ip_connectivity() {
+
+ $servers = $ips = array();
+
+ // Some web hosts may disable this function
+ if ( function_exists('gethostbynamel') ) {
+
+ $ips = gethostbynamel( 'rest.akismet.com' );
+ if ( $ips && is_array($ips) && count($ips) ) {
+ $api_key = Akismet::get_api_key();
+
+ foreach ( $ips as $ip ) {
+ $response = Akismet::verify_key( $api_key, $ip );
+ // even if the key is invalid, at least we know we have connectivity
+ if ( $response == 'valid' || $response == 'invalid' )
+ $servers[$ip] = 'connected';
+ else
+ $servers[$ip] = $response ? $response : 'unable to connect';
+ }
+ }
+ }
+
+ return $servers;
+ }
+
+ // Simpler connectivity check
+ public static function check_server_connectivity($cache_timeout = 86400) {
+
+ $debug = array();
+ $debug[ 'PHP_VERSION' ] = PHP_VERSION;
+ $debug[ 'WORDPRESS_VERSION' ] = $GLOBALS['wp_version'];
+ $debug[ 'AKISMET_VERSION' ] = AKISMET_VERSION;
+ $debug[ 'AKISMET__PLUGIN_DIR' ] = AKISMET__PLUGIN_DIR;
+ $debug[ 'SITE_URL' ] = site_url();
+ $debug[ 'HOME_URL' ] = home_url();
+
+ $servers = get_option('akismet_available_servers');
+ if ( (time() - get_option('akismet_connectivity_time') < $cache_timeout) && $servers !== false ) {
+ $servers = self::check_server_ip_connectivity();
+ update_option('akismet_available_servers', $servers);
+ update_option('akismet_connectivity_time', time());
+ }
+
+ $response = wp_remote_get( 'http://rest.akismet.com/1.1/test' );
+
+ $debug[ 'gethostbynamel' ] = function_exists('gethostbynamel') ? 'exists' : 'not here';
+ $debug[ 'Servers' ] = $servers;
+ $debug[ 'Test Connection' ] = $response;
+
+ Akismet::log( $debug );
+
+ if ( $response && 'connected' == wp_remote_retrieve_body( $response ) )
+ return true;
+
+ return false;
+ }
+
+ // Check the server connectivity and store the available servers in an option.
+ public static function get_server_connectivity($cache_timeout = 86400) {
+ return self::check_server_connectivity( $cache_timeout );
+ }
+
+ public static function get_number_spam_waiting() {
+ global $wpdb;
+ return (int) $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'" );
+ }
+
+ public static function get_page_url( $page = 'config' ) {
+
+ $args = array( 'page' => 'akismet-key-config' );
+
+ if ( $page == 'stats' )
+ $args = array( 'page' => 'akismet-key-config', 'view' => 'stats' );
+ elseif ( $page == 'delete_key' )
+ $args = array( 'page' => 'akismet-key-config', 'view' => 'start', 'action' => 'delete-key', '_wpnonce' => wp_create_nonce( self::NONCE ) );
+
+ $url = add_query_arg( $args, class_exists( 'Jetpack' ) ? admin_url( 'admin.php' ) : admin_url( 'options-general.php' ) );
+
+ return $url;
+ }
+
+ public static function get_akismet_user( $api_key ) {
+ $akismet_user = false;
+
+ $subscription_verification = Akismet::http_post( Akismet::build_query( array( 'key' => $api_key, 'blog' => get_bloginfo( 'url' ) ) ), 'get-subscription' );
+
+ if ( ! empty( $subscription_verification[1] ) ) {
+ if ( 'invalid' !== $subscription_verification[1] ) {
+ $akismet_user = json_decode( $subscription_verification[1] );
+ }
+ }
+
+ return $akismet_user;
+ }
+
+ public static function get_stats( $api_key ) {
+ $stat_totals = array();
+
+ foreach( array( '6-months', 'all' ) as $interval ) {
+ $response = Akismet::http_post( Akismet::build_query( array( 'blog' => get_bloginfo( 'url' ), 'key' => $api_key, 'from' => $interval ) ), 'get-stats' );
+
+ if ( ! empty( $response[1] ) ) {
+ $stat_totals[$interval] = json_decode( $response[1] );
+ }
+ }
+
+ return $stat_totals;
+ }
+
+ public static function verify_wpcom_key( $api_key, $user_id, $extra = array() ) {
+ $akismet_account = Akismet::http_post( Akismet::build_query( array_merge( array(
+ 'user_id' => $user_id,
+ 'api_key' => $api_key,
+ 'get_account_type' => 'true'
+ ), $extra ) ), 'verify-wpcom-key' );
+
+ if ( ! empty( $akismet_account[1] ) )
+ $akismet_account = json_decode( $akismet_account[1] );
+
+ Akismet::log( compact( 'akismet_account' ) );
+
+ return $akismet_account;
+ }
+
+ public static function connect_jetpack_user() {
+
+ if ( $jetpack_user = self::get_jetpack_user() ) {
+ if ( isset( $jetpack_user['user_id'] ) && isset( $jetpack_user['api_key'] ) ) {
+ $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'], array( 'action' => 'connect_jetpack_user' ) );
+
+ if ( is_object( $akismet_user ) ) {
+ self::save_key( $akismet_user->api_key );
+ return in_array( $akismet_user->status, array( 'active', 'active-dunning', 'no-sub' ) );
+ }
+ }
+ }
+
+ return false;
+ }
+
+ public static function display_alert() {
+ Akismet::view( 'notice', array(
+ 'type' => 'alert',
+ 'code' => (int) get_option( 'akismet_alert_code' ),
+ 'msg' => get_option( 'akismet_alert_msg' )
+ ) );
+ }
+
+ public static function display_spam_check_warning() {
+ Akismet::fix_scheduled_recheck();
+
+ if ( wp_next_scheduled('akismet_schedule_cron_recheck') > time() && self::get_number_spam_waiting() > 0 ) {
+ $link_text = apply_filters( 'akismet_spam_check_warning_link_text', sprintf( __( 'Please check your Akismet configuration and contact your web host if problems persist.', 'akismet'), esc_url( self::get_page_url() ) ) );
+ Akismet::view( 'notice', array( 'type' => 'spam-check', 'link_text' => $link_text ) );
+ }
+ }
+
+ public static function display_invalid_version() {
+ Akismet::view( 'notice', array( 'type' => 'version' ) );
+ }
+
+ public static function display_api_key_warning() {
+ Akismet::view( 'notice', array( 'type' => 'plugin' ) );
+ }
+
+ public static function display_page() {
+ if ( !Akismet::get_api_key() || ( isset( $_GET['view'] ) && $_GET['view'] == 'start' ) )
+ self::display_start_page();
+ elseif ( isset( $_GET['view'] ) && $_GET['view'] == 'stats' )
+ self::display_stats_page();
+ else
+ self::display_configuration_page();
+ }
+
+ public static function display_start_page() {
+ if ( isset( $_GET['action'] ) ) {
+ if ( $_GET['action'] == 'delete-key' ) {
+ if ( isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], self::NONCE ) )
+ delete_option( 'wordpress_api_key' );
+ }
+ }
+
+ if ( $api_key = Akismet::get_api_key() && ( empty( self::$notices['status'] ) || 'existing-key-invalid' != self::$notices['status'] ) ) {
+ self::display_configuration_page();
+ return;
+ }
+
+ //the user can choose to auto connect their API key by clicking a button on the akismet done page
+ //if jetpack, get verified api key by using connected wpcom user id
+ //if no jetpack, get verified api key by using an akismet token
+
+ $akismet_user = false;
+
+ if ( isset( $_GET['token'] ) && preg_match('/^(\d+)-[0-9a-f]{20}$/', $_GET['token'] ) )
+ $akismet_user = self::verify_wpcom_key( '', '', array( 'token' => $_GET['token'] ) );
+ elseif ( $jetpack_user = self::get_jetpack_user() )
+ $akismet_user = self::verify_wpcom_key( $jetpack_user['api_key'], $jetpack_user['user_id'] );
+
+ if ( isset( $_GET['action'] ) ) {
+ if ( $_GET['action'] == 'save-key' ) {
+ if ( is_object( $akismet_user ) ) {
+ self::save_key( $akismet_user->api_key );
+ self::display_notice();
+ self::display_configuration_page();
+ return;
+ }
+ }
+ }
+
+ echo '
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/views/get.php b/wp-content/plugins/akismet/views/get.php
new file mode 100644
index 0000000..72a3b6e
--- /dev/null
+++ b/wp-content/plugins/akismet/views/get.php
@@ -0,0 +1,6 @@
+
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/views/notice.php b/wp-content/plugins/akismet/views/notice.php
new file mode 100644
index 0000000..8e6e508
--- /dev/null
+++ b/wp-content/plugins/akismet/views/notice.php
@@ -0,0 +1,123 @@
+
+'.esc_html__('Akismet', 'akismet').'
'; + + self::display_status(); + + Akismet::view( 'start', compact( 'akismet_user' ) ); + } + + public static function display_stats_page() { + Akismet::view( 'stats' ); + } + + public static function display_configuration_page() { + $api_key = Akismet::get_api_key(); + $akismet_user = self::get_akismet_user( $api_key ); + + if ( ! $akismet_user ) { + // This could happen if the user's key became invalid after it was previously valid and successfully set up. + self::$notices['status'] = 'existing-key-invalid'; + self::display_start_page(); + return; + } + + $stat_totals = self::get_stats( $api_key ); + + // If unset, create the new strictness option using the old discard option to determine its default + if ( get_option( 'akismet_strictness' ) === false ) + add_option( 'akismet_strictness', (get_option('akismet_discard_month') === 'true' ? '1' : '0') ); + + if ( empty( self::$notices ) ) { + //show status + if ( ! empty( $stat_totals['all'] ) && isset( $stat_totals['all']->time_saved ) && $akismet_user->status == 'active' && $akismet_user->account_type == 'free-api-key' ) { + + $time_saved = false; + + if ( $stat_totals['all']->time_saved > 1800 ) { + $total_in_minutes = round( $stat_totals['all']->time_saved / 60 ); + $total_in_hours = round( $total_in_minutes / 60 ); + $total_in_days = round( $total_in_hours / 8 ); + $cleaning_up = __( 'Cleaning up spam takes time.' , 'akismet'); + + if ( $total_in_days > 1 ) + $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %s day!', 'Akismet has saved you %s days!', $total_in_days, 'akismet' ), number_format_i18n( $total_in_days ) ); + elseif ( $total_in_hours > 1 ) + $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d hour!', 'Akismet has saved you %d hours!', $total_in_hours, 'akismet' ), $total_in_hours ); + elseif ( $total_in_minutes >= 30 ) + $time_saved = $cleaning_up . ' ' . sprintf( _n( 'Akismet has saved you %d minute!', 'Akismet has saved you %d minutes!', $total_in_minutes, 'akismet' ), $total_in_minutes ); + } + + Akismet::view( 'notice', array( 'type' => 'active-notice', 'time_saved' => $time_saved ) ); + } + + if ( !empty( $akismet_user->limit_reached ) && in_array( $akismet_user->limit_reached, array( 'yellow', 'red' ) ) ) { + Akismet::view( 'notice', array( 'type' => 'limit-reached', 'level' => $akismet_user->limit_reached ) ); + } + } + + if ( !isset( self::$notices['status'] ) && in_array( $akismet_user->status, array( 'cancelled', 'suspended', 'missing', 'no-sub' ) ) ) + Akismet::view( 'notice', array( 'type' => $akismet_user->status ) ); + + Akismet::log( compact( 'stat_totals', 'akismet_user' ) ); + Akismet::view( 'config', compact( 'api_key', 'akismet_user', 'stat_totals' ) ); + } + + public static function display_notice() { + global $hook_suffix; + + if ( in_array( $hook_suffix, array( 'jetpack_page_akismet-key-config', 'settings_page_akismet-key-config', 'edit-comments.php' ) ) && (int) get_option( 'akismet_alert_code' ) > 0 ) { + Akismet::verify_key( Akismet::get_api_key() ); //verify that the key is still in alert state + + if ( get_option( 'akismet_alert_code' ) > 0 ) + self::display_alert(); + } + elseif ( $hook_suffix == 'plugins.php' && !Akismet::get_api_key() ) { + self::display_api_key_warning(); + } + elseif ( $hook_suffix == 'edit-comments.php' && wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { + self::display_spam_check_warning(); + } + elseif ( in_array( $hook_suffix, array( 'jetpack_page_akismet-key-config', 'settings_page_akismet-key-config' ) ) && Akismet::get_api_key() ) { + self::display_status(); + } + } + + public static function display_status() { + $type = ''; + + if ( !self::get_server_connectivity() ) + $type = 'servers-be-down'; + + if ( !empty( $type ) ) + Akismet::view( 'notice', compact( 'type' ) ); + elseif ( !empty( self::$notices ) ) { + foreach ( self::$notices as $type ) { + if ( is_object( $type ) ) { + $notice_header = $notice_text = ''; + + if ( property_exists( $type, 'notice_header' ) ) + $notice_header = wp_kses( $type->notice_header, self::$allowed ); + + if ( property_exists( $type, 'notice_text' ) ) + $notice_text = wp_kses( $type->notice_text, self::$allowed ); + + if ( property_exists( $type, 'status' ) ) { + $type = wp_kses( $type->status, self::$allowed ); + Akismet::view( 'notice', compact( 'type', 'notice_header', 'notice_text' ) ); + } + } + else + Akismet::view( 'notice', compact( 'type' ) ); + } + } + } + + private static function get_jetpack_user() { + if ( !class_exists('Jetpack') ) + return false; + + Jetpack::load_xml_rpc_client(); + $xml = new Jetpack_IXR_ClientMulticall( array( 'user_id' => get_current_user_id() ) ); + + $xml->addCall( 'wpcom.getUserID' ); + $xml->addCall( 'akismet.getAPIKey' ); + $xml->query(); + + Akismet::log( compact( 'xml' ) ); + + if ( !$xml->isError() ) { + $responses = $xml->getResponse(); + if ( count( $responses ) > 1 ) { + $api_key = array_shift( $responses[0] ); + $user_id = (int) array_shift( $responses[1] ); + return compact( 'api_key', 'user_id' ); + } + } + return false; + } + + /** + * Some commentmeta isn't useful in an export file. Suppress it (when supported). + * + * @param bool $exclude + * @param string $key The meta key + * @param object $meta The meta object + * @return bool Whether to exclude this meta entry from the export. + */ + public static function exclude_commentmeta_from_export( $exclude, $key, $meta ) { + if ( in_array( $key, array( 'akismet_as_submitted', 'akismet_rechecking', 'akismet_delayed_moderation_email' ) ) ) { + return true; + } + + return $exclude; + } +} \ No newline at end of file diff --git a/wp-content/plugins/akismet/class.akismet-widget.php b/wp-content/plugins/akismet/class.akismet-widget.php new file mode 100644 index 0000000..a2c4f30 --- /dev/null +++ b/wp-content/plugins/akismet/class.akismet-widget.php @@ -0,0 +1,110 @@ + __( 'Display the number of spam comments Akismet has caught' , 'akismet') ) + ); + + if ( is_active_widget( false, false, $this->id_base ) ) { + add_action( 'wp_head', array( $this, 'css' ) ); + } + } + + function css() { +?> + + + + + ++ + +
+ + + + + + '', 'blog_charset' => '', 'blog_lang' => '', 'blog_ua' => '', 'comment_agent' => '', 'comment_author' => '', 'comment_author_IP' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => '', 'comment_date_gmt' => '', 'comment_tags' => '', 'comment_type' => '', 'guid' => '', 'is_test' => '', 'permalink' => '', 'reporter' => '', 'site_domain' => '', 'submit_referer' => '', 'submit_uri' => '', 'user_ID' => '', 'user_agent' => '', 'user_id' => '', 'user_ip' => '' ); + + public static function init() { + if ( ! self::$initiated ) { + self::init_hooks(); + } + } + + /** + * Initializes WordPress hooks + */ + private static function init_hooks() { + self::$initiated = true; + + add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 ); + add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 ); + add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) ); + add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) ); + add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) ); + + /** + * To disable the Akismet comment nonce, add a filter for the 'akismet_comment_nonce' tag + * and return any string value that is not 'true' or '' (empty string). + * + * Don't return boolean false, because that implies that the 'akismet_comment_nonce' option + * has not been set and that Akismet should just choose the default behavior for that + * situation. + */ + $akismet_comment_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); + + if ( $akismet_comment_nonce_option == 'true' || $akismet_comment_nonce_option == '' ) + add_action( 'comment_form', array( 'Akismet', 'add_comment_nonce' ), 1 ); + + add_action( 'admin_head-edit-comments.php', array( 'Akismet', 'load_form_js' ) ); + add_action( 'comment_form', array( 'Akismet', 'load_form_js' ) ); + add_action( 'comment_form', array( 'Akismet', 'inject_ak_js' ) ); + + add_filter( 'comment_moderation_recipients', array( 'Akismet', 'disable_moderation_emails_if_unreachable' ), 1000, 2 ); + add_filter( 'pre_comment_approved', array( 'Akismet', 'last_comment_status' ), 10, 2 ); + + add_action( 'transition_comment_status', array( 'Akismet', 'transition_comment_status' ), 10, 3 ); + + // Run this early in the pingback call, before doing a remote fetch of the source uri + add_action( 'xmlrpc_call', array( 'Akismet', 'pre_check_pingback' ) ); + + // Jetpack compatibility + add_filter( 'jetpack_options_whitelist', array( 'Akismet', 'add_to_jetpack_options_whitelist' ) ); + add_action( 'update_option_wordpress_api_key', array( 'Akismet', 'updated_option' ), 10, 2 ); + } + + public static function get_api_key() { + return apply_filters( 'akismet_get_api_key', defined('WPCOM_API_KEY') ? constant('WPCOM_API_KEY') : get_option('wordpress_api_key') ); + } + + public static function check_key_status( $key, $ip = null ) { + return self::http_post( Akismet::build_query( array( 'key' => $key, 'blog' => get_option('home') ) ), 'verify-key', $ip ); + } + + public static function verify_key( $key, $ip = null ) { + $response = self::check_key_status( $key, $ip ); + + if ( $response[1] != 'valid' && $response[1] != 'invalid' ) + return 'failed'; + + return $response[1]; + } + + public static function deactivate_key( $key ) { + $response = self::http_post( Akismet::build_query( array( 'key' => $key, 'blog' => get_option('home') ) ), 'deactivate' ); + + if ( $response[1] != 'deactivated' ) + return 'failed'; + + return $response[1]; + } + + /** + * Add the akismet option to the Jetpack options management whitelist. + * + * @param array $options The list of whitelisted option names. + * @return array The updated whitelist + */ + public static function add_to_jetpack_options_whitelist( $options ) { + $options[] = 'wordpress_api_key'; + return $options; + } + + /** + * When the akismet option is updated, run the registration call. + * + * This should only be run when the option is updated from the Jetpack/WP.com + * API call, and only if the new key is different than the old key. + * + * @param mixed $old_value The old option value. + * @param mixed $value The new option value. + */ + public static function updated_option( $old_value, $value ) { + // Not an API call + if ( ! class_exists( 'WPCOM_JSON_API_Update_Option_Endpoint' ) ) { + return; + } + // Only run the registration if the old key is different. + if ( $old_value !== $value ) { + self::verify_key( $value ); + } + } + + public static function auto_check_comment( $commentdata ) { + self::$last_comment_result = null; + + $comment = $commentdata; + + $comment['user_ip'] = self::get_ip_address(); + $comment['user_agent'] = self::get_user_agent(); + $comment['referrer'] = self::get_referer(); + $comment['blog'] = get_option('home'); + $comment['blog_lang'] = get_locale(); + $comment['blog_charset'] = get_option('blog_charset'); + $comment['permalink'] = get_permalink( $comment['comment_post_ID'] ); + + if ( !empty( $comment['user_ID'] ) ) + $comment['user_role'] = Akismet::get_user_roles( $comment['user_ID'] ); + + /** See filter documentation in init_hooks(). */ + $akismet_nonce_option = apply_filters( 'akismet_comment_nonce', get_option( 'akismet_comment_nonce' ) ); + $comment['akismet_comment_nonce'] = 'inactive'; + if ( $akismet_nonce_option == 'true' || $akismet_nonce_option == '' ) { + $comment['akismet_comment_nonce'] = 'failed'; + if ( isset( $_POST['akismet_comment_nonce'] ) && wp_verify_nonce( $_POST['akismet_comment_nonce'], 'akismet_comment_nonce_' . $comment['comment_post_ID'] ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + // comment reply in wp-admin + if ( isset( $_POST['_ajax_nonce-replyto-comment'] ) && check_ajax_referer( 'replyto-comment', '_ajax_nonce-replyto-comment' ) ) + $comment['akismet_comment_nonce'] = 'passed'; + + } + + if ( self::is_test_mode() ) + $comment['is_test'] = 'true'; + + foreach( $_POST as $key => $value ) { + if ( is_string( $value ) ) + $comment["POST_{$key}"] = $value; + } + + foreach ( $_SERVER as $key => $value ) { + if ( ! is_string( $value ) ) { + continue; + } + + if ( preg_match( "/^HTTP_COOKIE/", $key ) ) { + continue; + } + + // Send any potentially useful $_SERVER vars, but avoid sending junk we don't need. + if ( preg_match( "/^(HTTP_|REMOTE_ADDR|REQUEST_URI|DOCUMENT_URI)/", $key ) ) { + $comment[ "$key" ] = $value; + } + } + + $post = get_post( $comment['comment_post_ID'] ); + $comment[ 'comment_post_modified_gmt' ] = $post->post_modified_gmt; + + $response = self::http_post( Akismet::build_query( $comment ), 'comment-check' ); + + do_action( 'akismet_comment_check_response', $response ); + + $commentdata['comment_as_submitted'] = array_intersect_key( $comment, self::$comment_as_submitted_allowed_keys ); + $commentdata['akismet_result'] = $response[1]; + + if ( isset( $response[0]['x-akismet-pro-tip'] ) ) + $commentdata['akismet_pro_tip'] = $response[0]['x-akismet-pro-tip']; + + if ( isset( $response[0]['x-akismet-error'] ) ) { + // An error occurred that we anticipated (like a suspended key) and want the user to act on. + // Send to moderation. + self::$last_comment_result = '0'; + } + else if ( 'true' == $response[1] ) { + // akismet_spam_count will be incremented later by comment_is_spam() + self::$last_comment_result = 'spam'; + + $discard = ( isset( $commentdata['akismet_pro_tip'] ) && $commentdata['akismet_pro_tip'] === 'discard' && self::allow_discard() ); + + do_action( 'akismet_spam_caught', $discard ); + + if ( $discard ) { + // akismet_result_spam() won't be called so bump the counter here + if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) + update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); + $redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : get_permalink( $post ); + wp_safe_redirect( esc_url_raw( $redirect_to ) ); + die(); + } + } + + // if the response is neither true nor false, hold the comment for moderation and schedule a recheck + if ( 'true' != $response[1] && 'false' != $response[1] ) { + if ( !current_user_can('moderate_comments') ) { + // Comment status should be moderated + self::$last_comment_result = '0'; + } + if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_single_event') ) { + if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) { + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); + do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] ); + } + } + + self::$prevent_moderation_email_for_these_comments[] = $commentdata; + } + + if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_event') ) { + // WP 2.1+: delete old comments daily + if ( !wp_next_scheduled( 'akismet_scheduled_delete' ) ) + wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' ); + } + elseif ( (mt_rand(1, 10) == 3) ) { + // WP 2.0: run this one time in ten + self::delete_old_comments(); + } + + self::set_last_comment( $commentdata ); + self::fix_scheduled_recheck(); + + return $commentdata; + } + + public static function get_last_comment() { + return self::$last_comment; + } + + public static function set_last_comment( $comment ) { + if ( is_null( $comment ) ) { + self::$last_comment = null; + } + else { + // We filter it here so that it matches the filtered comment data that we'll have to compare against later. + // wp_filter_comment expects comment_author_IP + self::$last_comment = wp_filter_comment( + array_merge( + array( 'comment_author_IP' => self::get_ip_address() ), + $comment + ) + ); + } + } + + // this fires on wp_insert_comment. we can't update comment_meta when auto_check_comment() runs + // because we don't know the comment ID at that point. + public static function auto_check_update_meta( $id, $comment ) { + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + if ( !isset( self::$last_comment['comment_author_email'] ) ) + self::$last_comment['comment_author_email'] = ''; + + // wp_insert_comment() might be called in other contexts, so make sure this is the same comment + // as was checked by auto_check_comment + if ( is_object( $comment ) && !empty( self::$last_comment ) && is_array( self::$last_comment ) ) { + if ( self::matches_last_comment( $comment ) ) { + + load_plugin_textdomain( 'akismet' ); + + // normal result: true or false + if ( self::$last_comment['akismet_result'] == 'true' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' ); + self::update_comment_history( $comment->comment_ID, '', 'check-spam' ); + if ( $comment->comment_approved != 'spam' ) + self::update_comment_history( + $comment->comment_ID, + '', + 'status-changed-'.$comment->comment_approved + ); + } + elseif ( self::$last_comment['akismet_result'] == 'false' ) { + update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' ); + self::update_comment_history( $comment->comment_ID, '', 'check-ham' ); + // Status could be spam or trash, depending on the WP version and whether this change applies: + // https://core.trac.wordpress.org/changeset/34726 + if ( $comment->comment_approved == 'spam' || $comment->comment_approved == 'trash' ) { + if ( wp_blacklist_check($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent) ) + self::update_comment_history( $comment->comment_ID, '', 'wp-blacklisted' ); + else + self::update_comment_history( $comment->comment_ID, '', 'status-changed-'.$comment->comment_approved ); + } + } // abnormal result: error + else { + update_comment_meta( $comment->comment_ID, 'akismet_error', time() ); + self::update_comment_history( + $comment->comment_ID, + '', + 'check-error', + array( 'response' => substr( self::$last_comment['akismet_result'], 0, 50 ) ) + ); + } + + // record the complete original data as submitted for checking + if ( isset( self::$last_comment['comment_as_submitted'] ) ) + update_comment_meta( $comment->comment_ID, 'akismet_as_submitted', self::$last_comment['comment_as_submitted'] ); + + if ( isset( self::$last_comment['akismet_pro_tip'] ) ) + update_comment_meta( $comment->comment_ID, 'akismet_pro_tip', self::$last_comment['akismet_pro_tip'] ); + } + } + } + + public static function delete_old_comments() { + global $wpdb; + + /** + * Determines how many comments will be deleted in each batch. + * + * @param int The default, as defined by AKISMET_DELETE_LIMIT. + */ + $delete_limit = apply_filters( 'akismet_delete_comment_limit', defined( 'AKISMET_DELETE_LIMIT' ) ? AKISMET_DELETE_LIMIT : 10000 ); + $delete_limit = max( 1, intval( $delete_limit ) ); + + /** + * Determines how many days a comment will be left in the Spam queue before being deleted. + * + * @param int The default number of days. + */ + $delete_interval = apply_filters( 'akismet_delete_comment_interval', 15 ); + $delete_interval = max( 1, intval( $delete_interval ) ); + + while ( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT comment_id FROM {$wpdb->comments} WHERE DATE_SUB(NOW(), INTERVAL %d DAY) > comment_date_gmt AND comment_approved = 'spam' LIMIT %d", $delete_interval, $delete_limit ) ) ) { + if ( empty( $comment_ids ) ) + return; + + $wpdb->queries = array(); + + foreach ( $comment_ids as $comment_id ) { + do_action( 'delete_comment', $comment_id ); + } + + $comma_comment_ids = implode( ', ', array_map('intval', $comment_ids) ); + + $wpdb->query("DELETE FROM {$wpdb->comments} WHERE comment_id IN ( $comma_comment_ids )"); + $wpdb->query("DELETE FROM {$wpdb->commentmeta} WHERE comment_id IN ( $comma_comment_ids )"); + + clean_comment_cache( $comment_ids ); + } + + if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->comments ) ) // lucky number + $wpdb->query("OPTIMIZE TABLE {$wpdb->comments}"); + } + + public static function delete_old_comments_meta() { + global $wpdb; + + $interval = apply_filters( 'akismet_delete_commentmeta_interval', 15 ); + + # enfore a minimum of 1 day + $interval = absint( $interval ); + if ( $interval < 1 ) + $interval = 1; + + // akismet_as_submitted meta values are large, so expire them + // after $interval days regardless of the comment status + while ( $comment_ids = $wpdb->get_col( $wpdb->prepare( "SELECT m.comment_id FROM {$wpdb->commentmeta} as m INNER JOIN {$wpdb->comments} as c USING(comment_id) WHERE m.meta_key = 'akismet_as_submitted' AND DATE_SUB(NOW(), INTERVAL %d DAY) > c.comment_date_gmt LIMIT 10000", $interval ) ) ) { + if ( empty( $comment_ids ) ) + return; + + $wpdb->queries = array(); + + foreach ( $comment_ids as $comment_id ) { + delete_comment_meta( $comment_id, 'akismet_as_submitted' ); + } + } + + if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->commentmeta ) ) // lucky number + $wpdb->query("OPTIMIZE TABLE {$wpdb->commentmeta}"); + } + + // how many approved comments does this author have? + public static function get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { + global $wpdb; + + if ( !empty( $user_id ) ) + return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE user_id = %d AND comment_approved = 1", $user_id ) ); + + if ( !empty( $comment_author_email ) ) + return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); + + return 0; + } + + // get the full comment history for a given comment, as an array in reverse chronological order + public static function get_comment_history( $comment_id ) { + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $history = get_comment_meta( $comment_id, 'akismet_history', false ); + usort( $history, array( 'Akismet', '_cmp_time' ) ); + return $history; + } + + /** + * Log an event for a given comment, storing it in comment_meta. + * + * @param int $comment_id The ID of the relevant comment. + * @param string $message The string description of the event. No longer used. + * @param string $event The event code. + * @param array $meta Metadata about the history entry. e.g., the user that reported or changed the status of a given comment. + */ + public static function update_comment_history( $comment_id, $message, $event=null, $meta=null ) { + global $current_user; + + // failsafe for old WP versions + if ( !function_exists('add_comment_meta') ) + return false; + + $user = ''; + + $event = array( + 'time' => self::_get_microtime(), + 'event' => $event, + ); + + if ( is_object( $current_user ) && isset( $current_user->user_login ) ) { + $event['user'] = $current_user->user_login; + } + + if ( ! empty( $meta ) ) { + $event['meta'] = $meta; + } + + // $unique = false so as to allow multiple values per comment + $r = add_comment_meta( $comment_id, 'akismet_history', $event, false ); + } + + public static function check_db_comment( $id, $recheck_reason = 'recheck_queue' ) { + global $wpdb; + + $c = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $id ), ARRAY_A ); + if ( !$c ) + return; + + $c['user_ip'] = $c['comment_author_IP']; + $c['user_agent'] = $c['comment_agent']; + $c['referrer'] = ''; + $c['blog'] = get_option('home'); + $c['blog_lang'] = get_locale(); + $c['blog_charset'] = get_option('blog_charset'); + $c['permalink'] = get_permalink($c['comment_post_ID']); + $c['recheck_reason'] = $recheck_reason; + + if ( self::is_test_mode() ) + $c['is_test'] = 'true'; + + $response = self::http_post( Akismet::build_query( $c ), 'comment-check' ); + + return ( is_array( $response ) && ! empty( $response[1] ) ) ? $response[1] : false; + } + + + + public static function transition_comment_status( $new_status, $old_status, $comment ) { + + if ( $new_status == $old_status ) + return; + + # we don't need to record a history item for deleted comments + if ( $new_status == 'delete' ) + return; + + if ( !current_user_can( 'edit_post', $comment->comment_post_ID ) && !current_user_can( 'moderate_comments' ) ) + return; + + if ( defined('WP_IMPORTING') && WP_IMPORTING == true ) + return; + + // if this is present, it means the status has been changed by a re-check, not an explicit user action + if ( get_comment_meta( $comment->comment_ID, 'akismet_rechecking' ) ) + return; + + global $current_user; + $reporter = ''; + if ( is_object( $current_user ) ) + $reporter = $current_user->user_login; + + // Assumption alert: + // We want to submit comments to Akismet only when a moderator explicitly spams or approves it - not if the status + // is changed automatically by another plugin. Unfortunately WordPress doesn't provide an unambiguous way to + // determine why the transition_comment_status action was triggered. And there are several different ways by which + // to spam and unspam comments: bulk actions, ajax, links in moderation emails, the dashboard, and perhaps others. + // We'll assume that this is an explicit user action if certain POST/GET variables exist. + if ( ( isset( $_POST['status'] ) && in_array( $_POST['status'], array( 'spam', 'unspam' ) ) ) || + ( isset( $_POST['spam'] ) && (int) $_POST['spam'] == 1 ) || + ( isset( $_POST['unspam'] ) && (int) $_POST['unspam'] == 1 ) || + ( isset( $_POST['comment_status'] ) && in_array( $_POST['comment_status'], array( 'spam', 'unspam' ) ) ) || + ( isset( $_GET['action'] ) && in_array( $_GET['action'], array( 'spam', 'unspam', 'spamcomment', 'unspamcomment', ) ) ) || + ( isset( $_POST['action'] ) && in_array( $_POST['action'], array( 'editedcomment' ) ) ) || + ( isset( $_GET['for'] ) && ( 'jetpack' == $_GET['for'] ) ) // Moderation via WP.com notifications/WP app/etc. + ) { + if ( $new_status == 'spam' && ( $old_status == 'approved' || $old_status == 'unapproved' || !$old_status ) ) { + return self::submit_spam_comment( $comment->comment_ID ); + } elseif ( $old_status == 'spam' && ( $new_status == 'approved' || $new_status == 'unapproved' ) ) { + return self::submit_nonspam_comment( $comment->comment_ID ); + } + } + + self::update_comment_history( $comment->comment_ID, '', 'status-' . $new_status ); + } + + public static function submit_spam_comment( $comment_id ) { + global $wpdb, $current_user, $current_site; + + $comment_id = (int) $comment_id; + + $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) ); + + if ( !$comment ) // it was deleted + return; + + if ( 'spam' != $comment->comment_approved ) + return; + + // use the original version stored in comment_meta if available + $as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) ); + + if ( $as_submitted && is_array( $as_submitted ) && isset( $as_submitted['comment_content'] ) ) + $comment = (object) array_merge( (array)$comment, $as_submitted ); + + $comment->blog = get_bloginfo('url'); + $comment->blog_lang = get_locale(); + $comment->blog_charset = get_option('blog_charset'); + $comment->permalink = get_permalink($comment->comment_post_ID); + + if ( is_object($current_user) ) + $comment->reporter = $current_user->user_login; + + if ( is_object($current_site) ) + $comment->site_domain = $current_site->domain; + + $comment->user_role = ''; + if ( isset( $comment->user_ID ) ) + $comment->user_role = Akismet::get_user_roles( $comment->user_ID ); + + if ( self::is_test_mode() ) + $comment->is_test = 'true'; + + $post = get_post( $comment->comment_post_ID ); + $comment->comment_post_modified_gmt = $post->post_modified_gmt; + + $response = Akismet::http_post( Akismet::build_query( $comment ), 'submit-spam' ); + if ( $comment->reporter ) { + self::update_comment_history( $comment_id, '', 'report-spam' ); + update_comment_meta( $comment_id, 'akismet_user_result', 'true' ); + update_comment_meta( $comment_id, 'akismet_user', $comment->reporter ); + } + + do_action('akismet_submit_spam_comment', $comment_id, $response[1]); + } + + public static function submit_nonspam_comment( $comment_id ) { + global $wpdb, $current_user, $current_site; + + $comment_id = (int) $comment_id; + + $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) ); + if ( !$comment ) // it was deleted + return; + + // use the original version stored in comment_meta if available + $as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) ); + + if ( $as_submitted && is_array($as_submitted) && isset($as_submitted['comment_content']) ) + $comment = (object) array_merge( (array)$comment, $as_submitted ); + + $comment->blog = get_bloginfo('url'); + $comment->blog_lang = get_locale(); + $comment->blog_charset = get_option('blog_charset'); + $comment->permalink = get_permalink( $comment->comment_post_ID ); + $comment->user_role = ''; + + if ( is_object($current_user) ) + $comment->reporter = $current_user->user_login; + + if ( is_object($current_site) ) + $comment->site_domain = $current_site->domain; + + if ( isset( $comment->user_ID ) ) + $comment->user_role = Akismet::get_user_roles($comment->user_ID); + + if ( Akismet::is_test_mode() ) + $comment->is_test = 'true'; + + $post = get_post( $comment->comment_post_ID ); + $comment->comment_post_modified_gmt = $post->post_modified_gmt; + + $response = self::http_post( Akismet::build_query( $comment ), 'submit-ham' ); + if ( $comment->reporter ) { + self::update_comment_history( $comment_id, '', 'report-ham' ); + update_comment_meta( $comment_id, 'akismet_user_result', 'false' ); + update_comment_meta( $comment_id, 'akismet_user', $comment->reporter ); + } + + do_action('akismet_submit_nonspam_comment', $comment_id, $response[1]); + } + + public static function cron_recheck() { + global $wpdb; + + $api_key = self::get_api_key(); + + $status = self::verify_key( $api_key ); + if ( get_option( 'akismet_alert_code' ) || $status == 'invalid' ) { + // since there is currently a problem with the key, reschedule a check for 6 hours hence + wp_schedule_single_event( time() + 21600, 'akismet_schedule_cron_recheck' ); + do_action( 'akismet_scheduled_recheck', 'key-problem-' . get_option( 'akismet_alert_code' ) . '-' . $status ); + return false; + } + + delete_option('akismet_available_servers'); + + $comment_errors = $wpdb->get_col( "SELECT comment_id FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error' LIMIT 100" ); + + load_plugin_textdomain( 'akismet' ); + + foreach ( (array) $comment_errors as $comment_id ) { + // if the comment no longer exists, or is too old, remove the meta entry from the queue to avoid getting stuck + $comment = get_comment( $comment_id ); + if ( !$comment || strtotime( $comment->comment_date_gmt ) < strtotime( "-15 days" ) ) { + delete_comment_meta( $comment_id, 'akismet_error' ); + delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); + continue; + } + + add_comment_meta( $comment_id, 'akismet_rechecking', true ); + $status = self::check_db_comment( $comment_id, 'retry' ); + + $event = ''; + if ( $status == 'true' ) { + $event = 'cron-retry-spam'; + } elseif ( $status == 'false' ) { + $event = 'cron-retry-ham'; + } + + // If we got back a legit response then update the comment history + // other wise just bail now and try again later. No point in + // re-trying all the comments once we hit one failure. + if ( !empty( $event ) ) { + delete_comment_meta( $comment_id, 'akismet_error' ); + self::update_comment_history( $comment_id, '', $event ); + update_comment_meta( $comment_id, 'akismet_result', $status ); + // make sure the comment status is still pending. if it isn't, that means the user has already moved it elsewhere. + $comment = get_comment( $comment_id ); + if ( $comment && 'unapproved' == wp_get_comment_status( $comment_id ) ) { + if ( $status == 'true' ) { + wp_spam_comment( $comment_id ); + } elseif ( $status == 'false' ) { + // comment is good, but it's still in the pending queue. depending on the moderation settings + // we may need to change it to approved. + if ( check_comment($comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent, $comment->comment_type) ) + wp_set_comment_status( $comment_id, 1 ); + else if ( get_comment_meta( $comment_id, 'akismet_delayed_moderation_email', true ) ) + wp_notify_moderator( $comment_id ); + } + } + + delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); + } else { + // If this comment has been pending moderation for longer than MAX_DELAY_BEFORE_MODERATION_EMAIL, + // send a moderation email now. + if ( ( intval( gmdate( 'U' ) ) - strtotime( $comment->comment_date_gmt ) ) < self::MAX_DELAY_BEFORE_MODERATION_EMAIL ) { + delete_comment_meta( $comment_id, 'akismet_delayed_moderation_email' ); + wp_notify_moderator( $comment_id ); + } + + delete_comment_meta( $comment_id, 'akismet_rechecking' ); + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); + do_action( 'akismet_scheduled_recheck', 'check-db-comment-' . $status ); + return; + } + delete_comment_meta( $comment_id, 'akismet_rechecking' ); + } + + $remaining = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->commentmeta} WHERE meta_key = 'akismet_error'" ); + if ( $remaining && !wp_next_scheduled('akismet_schedule_cron_recheck') ) { + wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' ); + do_action( 'akismet_scheduled_recheck', 'remaining' ); + } + } + + public static function fix_scheduled_recheck() { + $future_check = wp_next_scheduled( 'akismet_schedule_cron_recheck' ); + if ( !$future_check ) { + return; + } + + if ( get_option( 'akismet_alert_code' ) > 0 ) { + return; + } + + $check_range = time() + 1200; + if ( $future_check > $check_range ) { + wp_clear_scheduled_hook( 'akismet_schedule_cron_recheck' ); + wp_schedule_single_event( time() + 300, 'akismet_schedule_cron_recheck' ); + do_action( 'akismet_scheduled_recheck', 'fix-scheduled-recheck' ); + } + } + + public static function add_comment_nonce( $post_id ) { + echo ''; + } + + public static function is_test_mode() { + return defined('AKISMET_TEST_MODE') && AKISMET_TEST_MODE; + } + + public static function allow_discard() { + if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) + return false; + if ( is_user_logged_in() ) + return false; + + return ( get_option( 'akismet_strictness' ) === '1' ); + } + + public static function get_ip_address() { + return isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : null; + } + + /** + * Do these two comments, without checking the comment_ID, "match"? + * + * @param mixed $comment1 A comment object or array. + * @param mixed $comment2 A comment object or array. + * @return bool Whether the two comments should be treated as the same comment. + */ + private static function comments_match( $comment1, $comment2 ) { + $comment1 = (array) $comment1; + $comment2 = (array) $comment2; + + $comments_match = ( + isset( $comment1['comment_post_ID'], $comment2['comment_post_ID'] ) + && intval( $comment1['comment_post_ID'] ) == intval( $comment2['comment_post_ID'] ) + && ( + // The comment author length max is 255 characters, limited by the TINYTEXT column type. + // If the comment author includes multibyte characters right around the 255-byte mark, they + // may be stripped when the author is saved in the DB, so a 300+ char author may turn into + // a 253-char author when it's saved, not 255 exactly. The longest possible character is + // theoretically 6 bytes, so we'll only look at the first 248 bytes to be safe. + substr( $comment1['comment_author'], 0, 248 ) == substr( $comment2['comment_author'], 0, 248 ) + || substr( stripslashes( $comment1['comment_author'] ), 0, 248 ) == substr( $comment2['comment_author'], 0, 248 ) + || substr( $comment1['comment_author'], 0, 248 ) == substr( stripslashes( $comment2['comment_author'] ), 0, 248 ) + // Certain long comment author names will be truncated to nothing, depending on their encoding. + || ( ! $comment1['comment_author'] && strlen( $comment2['comment_author'] ) > 248 ) + || ( ! $comment2['comment_author'] && strlen( $comment1['comment_author'] ) > 248 ) + ) + && ( + // The email max length is 100 characters, limited by the VARCHAR(100) column type. + // Same argument as above for only looking at the first 93 characters. + substr( $comment1['comment_author_email'], 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 ) + || substr( stripslashes( $comment1['comment_author_email'] ), 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 ) + || substr( $comment1['comment_author_email'], 0, 93 ) == substr( stripslashes( $comment2['comment_author_email'] ), 0, 93 ) + // Very long emails can be truncated and then stripped if the [0:100] substring isn't a valid address. + || ( ! $comment1['comment_author_email'] && strlen( $comment2['comment_author_email'] ) > 100 ) + || ( ! $comment2['comment_author_email'] && strlen( $comment1['comment_author_email'] ) > 100 ) + ) + ); + + return $comments_match; + } + + // Does the supplied comment match the details of the one most recently stored in self::$last_comment? + public static function matches_last_comment( $comment ) { + if ( is_object( $comment ) ) + $comment = (array) $comment; + + return self::comments_match( self::$last_comment, $comment ); + } + + private static function get_user_agent() { + return isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : null; + } + + private static function get_referer() { + return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : null; + } + + // return a comma-separated list of role names for the given user + public static function get_user_roles( $user_id ) { + $roles = false; + + if ( !class_exists('WP_User') ) + return false; + + if ( $user_id > 0 ) { + $comment_user = new WP_User( $user_id ); + if ( isset( $comment_user->roles ) ) + $roles = join( ',', $comment_user->roles ); + } + + if ( is_multisite() && is_super_admin( $user_id ) ) { + if ( empty( $roles ) ) { + $roles = 'super_admin'; + } else { + $comment_user->roles[] = 'super_admin'; + $roles = join( ',', $comment_user->roles ); + } + } + + return $roles; + } + + // filter handler used to return a spam result to pre_comment_approved + public static function last_comment_status( $approved, $comment ) { + if ( is_null( self::$last_comment_result ) ) { + // We didn't have reason to store the result of the last check. + return $approved; + } + + // Only do this if it's the correct comment + if ( ! self::matches_last_comment( $comment ) ) { + self::log( "comment_is_spam mismatched comment, returning unaltered $approved" ); + return $approved; + } + + // bump the counter here instead of when the filter is added to reduce the possibility of overcounting + if ( $incr = apply_filters('akismet_spam_count_incr', 1) ) + update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr ); + + return self::$last_comment_result; + } + + /** + * If Akismet is temporarily unreachable, we don't want to "spam" the blogger with + * moderation emails for comments that will be automatically cleared or spammed on + * the next retry. + * + * For comments that will be rechecked later, empty the list of email addresses that + * the moderation email would be sent to. + * + * @param array $emails An array of email addresses that the moderation email will be sent to. + * @param int $comment_id The ID of the relevant comment. + * @return array An array of email addresses that the moderation email will be sent to. + */ + public static function disable_moderation_emails_if_unreachable( $emails, $comment_id ) { + if ( ! empty( self::$prevent_moderation_email_for_these_comments ) && ! empty( $emails ) ) { + $comment = get_comment( $comment_id ); + + foreach ( self::$prevent_moderation_email_for_these_comments as $possible_match ) { + if ( self::comments_match( $possible_match, $comment ) ) { + update_comment_meta( $comment_id, 'akismet_delayed_moderation_email', true ); + return array(); + } + } + } + + return $emails; + } + + public static function _cmp_time( $a, $b ) { + return $a['time'] > $b['time'] ? -1 : 1; + } + + public static function _get_microtime() { + $mtime = explode( ' ', microtime() ); + return $mtime[1] + $mtime[0]; + } + + /** + * Make a POST request to the Akismet API. + * + * @param string $request The body of the request. + * @param string $path The path for the request. + * @param string $ip The specific IP address to hit. + * @return array A two-member array consisting of the headers and the response body, both empty in the case of a failure. + */ + public static function http_post( $request, $path, $ip=null ) { + + $akismet_ua = sprintf( 'WordPress/%s | Akismet/%s', $GLOBALS['wp_version'], constant( 'AKISMET_VERSION' ) ); + $akismet_ua = apply_filters( 'akismet_ua', $akismet_ua ); + + $content_length = strlen( $request ); + + $api_key = self::get_api_key(); + $host = self::API_HOST; + + if ( !empty( $api_key ) ) + $host = $api_key.'.'.$host; + + $http_host = $host; + // use a specific IP if provided + // needed by Akismet_Admin::check_server_connectivity() + if ( $ip && long2ip( ip2long( $ip ) ) ) { + $http_host = $ip; + } + + $http_args = array( + 'body' => $request, + 'headers' => array( + 'Content-Type' => 'application/x-www-form-urlencoded; charset=' . get_option( 'blog_charset' ), + 'Host' => $host, + 'User-Agent' => $akismet_ua, + ), + 'httpversion' => '1.0', + 'timeout' => 15 + ); + + $akismet_url = $http_akismet_url = "http://{$http_host}/1.1/{$path}"; + + /** + * Try SSL first; if that fails, try without it and don't try it again for a while. + */ + + $ssl = $ssl_failed = false; + + // Check if SSL requests were disabled fewer than X hours ago. + $ssl_disabled = get_option( 'akismet_ssl_disabled' ); + + if ( $ssl_disabled && $ssl_disabled < ( time() - 60 * 60 * 24 ) ) { // 24 hours + $ssl_disabled = false; + delete_option( 'akismet_ssl_disabled' ); + } + else if ( $ssl_disabled ) { + do_action( 'akismet_ssl_disabled' ); + } + + if ( ! $ssl_disabled && function_exists( 'wp_http_supports') && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) { + $akismet_url = set_url_scheme( $akismet_url, 'https' ); + + do_action( 'akismet_https_request_pre' ); + } + + $response = wp_remote_post( $akismet_url, $http_args ); + + Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) ); + + if ( $ssl && is_wp_error( $response ) ) { + do_action( 'akismet_https_request_failure', $response ); + + // Intermittent connection problems may cause the first HTTPS + // request to fail and subsequent HTTP requests to succeed randomly. + // Retry the HTTPS request once before disabling SSL for a time. + $response = wp_remote_post( $akismet_url, $http_args ); + + Akismet::log( compact( 'akismet_url', 'http_args', 'response' ) ); + + if ( is_wp_error( $response ) ) { + $ssl_failed = true; + + do_action( 'akismet_https_request_failure', $response ); + + do_action( 'akismet_http_request_pre' ); + + // Try the request again without SSL. + $response = wp_remote_post( $http_akismet_url, $http_args ); + + Akismet::log( compact( 'http_akismet_url', 'http_args', 'response' ) ); + } + } + + if ( is_wp_error( $response ) ) { + do_action( 'akismet_request_failure', $response ); + + return array( '', '' ); + } + + if ( $ssl_failed ) { + // The request failed when using SSL but succeeded without it. Disable SSL for future requests. + update_option( 'akismet_ssl_disabled', time() ); + + do_action( 'akismet_https_disabled' ); + } + + $simplified_response = array( $response['headers'], $response['body'] ); + + self::update_alert( $simplified_response ); + + return $simplified_response; + } + + // given a response from an API call like check_key_status(), update the alert code options if an alert is present. + private static function update_alert( $response ) { + $code = $msg = null; + if ( isset( $response[0]['x-akismet-alert-code'] ) ) { + $code = $response[0]['x-akismet-alert-code']; + $msg = $response[0]['x-akismet-alert-msg']; + } + + // only call update_option() if the value has changed + if ( $code != get_option( 'akismet_alert_code' ) ) { + if ( ! $code ) { + delete_option( 'akismet_alert_code' ); + delete_option( 'akismet_alert_msg' ); + } + else { + update_option( 'akismet_alert_code', $code ); + update_option( 'akismet_alert_msg', $msg ); + } + } + } + + public static function load_form_js() { + // WP < 3.3 can't enqueue a script this late in the game and still have it appear in the footer. + // Once we drop support for everything pre-3.3, this can change back to a single enqueue call. + wp_register_script( 'akismet-form', plugin_dir_url( __FILE__ ) . '_inc/form.js', array(), AKISMET_VERSION, true ); + add_action( 'wp_footer', array( 'Akismet', 'print_form_js' ) ); + add_action( 'admin_footer', array( 'Akismet', 'print_form_js' ) ); + } + + public static function print_form_js() { + wp_print_scripts( 'akismet-form' ); + } + + public static function inject_ak_js( $fields ) { + echo ''; + } + + private static function bail_on_activation( $message, $deactivate = true ) { +?> + + + + + + + + + + $plugin ) { + if ( $plugin === $akismet ) { + $plugins[$i] = false; + $update = true; + } + } + + if ( $update ) { + update_option( 'active_plugins', array_filter( $plugins ) ); + } + } + exit; + } + + public static function view( $name, array $args = array() ) { + $args = apply_filters( 'akismet_view_arguments', $args, $name ); + + foreach ( $args AS $key => $val ) { + $$key = $val; + } + + load_plugin_textdomain( 'akismet' ); + + $file = AKISMET__PLUGIN_DIR . 'views/'. $name . '.php'; + + include( $file ); + } + + /** + * Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook() + * @static + */ + public static function plugin_activation() { + if ( version_compare( $GLOBALS['wp_version'], AKISMET__MINIMUM_WP_VERSION, '<' ) ) { + load_plugin_textdomain( 'akismet' ); + + $message = ''.sprintf(esc_html__( 'Akismet %s requires WordPress %s or higher.' , 'akismet'), AKISMET_VERSION, AKISMET__MINIMUM_WP_VERSION ).' '.sprintf(__('Please upgrade WordPress to a current version, or downgrade to version 2.4 of the Akismet plugin.', 'akismet'), 'https://codex.wordpress.org/Upgrading_WordPress', 'https://wordpress.org/extend/plugins/akismet/download/'); + + Akismet::bail_on_activation( $message ); + } + } + + /** + * Removes all connection options + * @static + */ + public static function plugin_deactivation( ) { + return self::deactivate_key( self::get_api_key() ); + } + + /** + * Essentially a copy of WP's build_query but one that doesn't expect pre-urlencoded values. + * + * @param array $args An array of key => value pairs + * @return string A string ready for use as a URL query string. + */ + public static function build_query( $args ) { + return _http_build_query( $args, '', '&' ); + } + + /** + * Log debugging info to the error log. + * + * Enabled when WP_DEBUG_LOG is enabled (and WP_DEBUG, since according to + * core, "WP_DEBUG_DISPLAY and WP_DEBUG_LOG perform no function unless + * WP_DEBUG is true), but can be disabled via the akismet_debug_log filter. + * + * @param mixed $akismet_debug The data to log. + */ + public static function log( $akismet_debug ) { + if ( apply_filters( 'akismet_debug_log', defined( 'WP_DEBUG' ) && WP_DEBUG && defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) ) { + error_log( print_r( compact( 'akismet_debug' ), true ) ); + } + } + + public static function pre_check_pingback( $method ) { + if ( $method !== 'pingback.ping' ) + return; + + global $wp_xmlrpc_server; + + if ( !is_object( $wp_xmlrpc_server ) ) + return false; + + // Lame: tightly coupled with the IXR class. + $args = $wp_xmlrpc_server->message->params; + + if ( !empty( $args[1] ) ) { + $post_id = url_to_postid( $args[1] ); + + // If this gets through the pre-check, make sure we properly identify the outbound request as a pingback verification + Akismet::pingback_forwarded_for( null, $args[0] ); + add_filter( 'http_request_args', array( 'Akismet', 'pingback_forwarded_for' ), 10, 2 ); + + $comment = array( + 'comment_author_url' => $args[0], + 'comment_post_ID' => $post_id, + 'comment_author' => '', + 'comment_author_email' => '', + 'comment_content' => '', + 'comment_type' => 'pingback', + 'akismet_pre_check' => '1', + 'comment_pingback_target' => $args[1], + ); + + $comment = Akismet::auto_check_comment( $comment ); + + if ( isset( $comment['akismet_result'] ) && 'true' == $comment['akismet_result'] ) { + // Lame: tightly coupled with the IXR classes. Unfortunately the action provides no context and no way to return anything. + $wp_xmlrpc_server->error( new IXR_Error( 0, 'Invalid discovery target' ) ); + } + } + } + + public static function pingback_forwarded_for( $r, $url ) { + static $urls = array(); + + // Call this with $r == null to prime the callback to add headers on a specific URL + if ( is_null( $r ) && !in_array( $url, $urls ) ) { + $urls[] = $url; + } + + // Add X-Pingback-Forwarded-For header, but only for requests to a specific URL (the apparent pingback source) + if ( is_array( $r ) && is_array( $r['headers'] ) && !isset( $r['headers']['X-Pingback-Forwarded-For'] ) && in_array( $url, $urls ) ) { + $remote_ip = preg_replace( '/[^a-fx0-9:.,]/i', '', $_SERVER['REMOTE_ADDR'] ); + + // Note: this assumes REMOTE_ADDR is correct, and it may not be if a reverse proxy or CDN is in use + $r['headers']['X-Pingback-Forwarded-For'] = $remote_ip; + + // Also identify the request as a pingback verification in the UA string so it appears in logs + $r['user-agent'] .= '; verifying pingback from ' . $remote_ip; + } + + return $r; + } + + /** + * Ensure that we are loading expected scalar values from akismet_as_submitted commentmeta. + * + * @param mixed $meta_value + * @return mixed + */ + private static function sanitize_comment_as_submitted( $meta_value ) { + if ( empty( $meta_value ) ) { + return $meta_value; + } + + $meta_value = (array) $meta_value; + + foreach ( $meta_value as $key => $value ) { + if ( ! isset( self::$comment_as_submitted_allowed_keys[$key] ) || ! is_scalar( $value ) ) { + unset( $meta_value[$key] ); + } + } + + return $meta_value; + } +} diff --git a/wp-content/plugins/akismet/index.php b/wp-content/plugins/akismet/index.php new file mode 100644 index 0000000..cf879a5 --- /dev/null +++ b/wp-content/plugins/akismet/index.php @@ -0,0 +1,2 @@ + + + + +
+
+ spam > 0 ) : ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ -
+
- + + spam );?> + spam, 'akismet' ) ); ?> + +
- + + spam );?> + spam, 'akismet' ) ); ?> + +
- + + accuracy; ?>% + missed_spam, 'akismet' ), number_format( $stat_totals['all']->missed_spam ) ); ?> + | + false_positives, 'akismet' ), number_format( $stat_totals['all']->false_positives ) ); ?> + +
+
+
+
+
+
+
+
+
+
+
++ +
https://akismet.com/errors/' . $code . '' ); + + ?> +
+
+
+
+
++ +
+
+
+
+
+gethostbynamel function. Akismet cannot work correctly until this is fixed. Please contact your web host or firewall administrator and give them this information about Akismet’s system requirements.', 'akismet'), 'https://blog.akismet.com/akismet-hosting-faq/'); ?>
+
+
+
+
+our guide about firewalls.', 'akismet'), 'https://blog.akismet.com/akismet-hosting-faq/'); ?>
+
+
+
+
+update your payment details.', 'akismet'), 'https://akismet.com/account/'); ?>
+
+
+
+
+Akismet account page to reactivate your subscription.', 'akismet'), 'https://akismet.com/account/'); ?>
+
+
+
+
+Akismet support for assistance.', 'akismet'), 'https://akismet.com/contact/'); ?>
+
+
+
+
+contributing a token amount.', 'akismet'), 'https://akismet.com/account/upgrade/'); ?>
+
+
+
+
+Akismet support for assistance.', 'akismet'), 'https://akismet.com/contact/'); ?>
+
+
+
+
+
+ sign into your account and choose one.', 'akismet'), 'https://akismet.com/account/upgrade/' ); ?>
+
+ contact our support team with any questions.', 'akismet' ), 'https://akismet.com/contact/' ); ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+our guide about firewalls and check your server configuration.', 'akismet'), 'https://blog.akismet.com/akismet-hosting-faq/'); ?>
+
+
+
+
+ contact our support team with any questions.', 'akismet' ), 'https://akismet.com/contact/'); ?> + + +
+
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/views/start.php b/wp-content/plugins/akismet/views/start.php
new file mode 100644
index 0000000..75eb032
--- /dev/null
+++ b/wp-content/plugins/akismet/views/start.php
@@ -0,0 +1,97 @@
+
+ purchase additional Pro subscriptions or upgrade to an Enterprise subscription that allows the use of Akismet on unlimited sites.', 'akismet' ), 'https://docs.akismet.com/billing/add-more-sites/' ); ?>
+
+ contact our support team with any questions.', 'akismet' ), 'https://akismet.com/contact/'); ?>
+
+ upgrade to an Enterprise subscription, which covers an unlimited number of sites.', 'akismet'), 'https://akismet.com/account/upgrade/' ); ?>
++ contact our support team with any questions.', 'akismet' ), 'https://akismet.com/contact/'); ?> + + +
status, array( 'active', 'active-dunning', 'no-sub', 'missing', 'cancelled', 'suspended' ) ) ) :
+ if ( in_array( $akismet_user->status, array( 'no-sub', 'missing' ) ) ) :?>
+
+
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/views/stats.php b/wp-content/plugins/akismet/views/stats.php
new file mode 100644
index 0000000..1ca7661
--- /dev/null
+++ b/wp-content/plugins/akismet/views/stats.php
@@ -0,0 +1,4 @@
+
\ No newline at end of file
diff --git a/wp-content/plugins/akismet/views/strict.php b/wp-content/plugins/akismet/views/strict.php
new file mode 100644
index 0000000..83d7a50
--- /dev/null
+++ b/wp-content/plugins/akismet/views/strict.php
@@ -0,0 +1,17 @@
+
diff --git a/wp-content/plugins/akismet/wrapper.php b/wp-content/plugins/akismet/wrapper.php
new file mode 100644
index 0000000..a77d4ce
--- /dev/null
+++ b/wp-content/plugins/akismet/wrapper.php
@@ -0,0 +1,213 @@
+Hello, Dolly in the upper right of your admin screen on every page.
+Author: Matt Mullenweg
+Version: 1.6
+Author URI: http://ma.tt/
+*/
+
+function hello_dolly_get_lyric() {
+ /** These are the lyrics to Hello Dolly */
+ $lyrics = "Hello, Dolly
+Well, hello, Dolly
+It's so nice to have you back where you belong
+You're lookin' swell, Dolly
+I can tell, Dolly
+You're still glowin', you're still crowin'
+You're still goin' strong
+We feel the room swayin'
+While the band's playin'
+One of your old favourite songs from way back when
+So, take her wrap, fellas
+Find her an empty lap, fellas
+Dolly'll never go away again
+Hello, Dolly
+Well, hello, Dolly
+It's so nice to have you back where you belong
+You're lookin' swell, Dolly
+I can tell, Dolly
+You're still glowin', you're still crowin'
+You're still goin' strong
+We feel the room swayin'
+While the band's playin'
+One of your old favourite songs from way back when
+Golly, gee, fellas
+Find her a vacant knee, fellas
+Dolly'll never go away
+Dolly'll never go away
+Dolly'll never go away again";
+
+ // Here we split it into lines
+ $lyrics = explode( "\n", $lyrics );
+
+ // And then randomly choose a line
+ return wptexturize( $lyrics[ mt_rand( 0, count( $lyrics ) - 1 ) ] );
+}
+
+// This just echoes the chosen line, we'll position it later
+function hello_dolly() {
+ $chosen = hello_dolly_get_lyric();
+ echo "
+
+status == 'cancelled' ) :?>
+
+
+
+ user_email ); ?>
+
+
+
+
+status == 'suspended' ) : ?>
+
+
+
+
+
+
+ user_email ); ?>
+
+
+
+
+
+
+
+ user_email ); ?>
+
+
+
+
+
+
+
+
+ __( 'Sign up with a different email address' , 'akismet'), 'classes' => array( 'right', 'button', 'button-secondary' ) ) ); ?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ __( 'Get your API key' , 'akismet'), 'classes' => array( 'right', 'button', 'button-primary' ) ) ); ?>
+
+
+
+
+
+
+
+$chosen
"; +} + +// Now we set that function up to execute when the admin_notices action is called +add_action( 'admin_notices', 'hello_dolly' ); + +// We need some CSS to position the paragraph +function dolly_css() { + // This makes sure that the positioning is also good for right-to-left languages + $x = is_rtl() ? 'left' : 'right'; + + echo " + + "; +} + +add_action( 'admin_head', 'dolly_css' ); + +?> diff --git a/wp-content/plugins/index.php b/wp-content/plugins/index.php new file mode 100644 index 0000000..6220032 --- /dev/null +++ b/wp-content/plugins/index.php @@ -0,0 +1,2 @@ +, 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: limit-login-attempts 1.3\n" +"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n" +"POT-Creation-Date: 2009-01-28 17:17+0000\n" +"PO-Revision-Date: 2009-06-11 18:42+0200\n" +"Last-Translator: Hristo Chakarovtag between + * them. + */ + $msgs = explode("
\n", $content); + + if (strlen(end($msgs)) == 0) { + /* remove last entry empty string */ + array_pop($msgs); + } + + $count = count($msgs); + $my_warn_count = $limit_login_my_error_shown ? 1 : 0; + + if ($limit_login_nonempty_credentials && $count > $my_warn_count) { + /* Replace error message, including ours if necessary */ + $content = __('ERROR: Incorrect username or password.', 'limit-login-attempts') . "
\n"; + if ($limit_login_my_error_shown) { + $content .= "
\n" . limit_login_get_message() . "
\n"; + } + return $content; + } elseif ($count <= 1) { + return $content; + } + + $new = ''; + while ($count-- > 0) { + $new .= array_shift($msgs) . "
\n"; + if ($count > 0) { + $new .= "
\n"; + } + } + + return $new; +} + + +/* Add a message to login page when necessary */ +function limit_login_add_error_message() { + global $error, $limit_login_my_error_shown; + + if (!should_limit_login_show_msg() || $limit_login_my_error_shown) { + return; + } + + $msg = limit_login_get_message(); + + if ($msg != '') { + $limit_login_my_error_shown = true; + $error .= $msg; + } + + return; +} + + +/* Keep track of if user or password are empty, to filter errors correctly */ +function limit_login_track_credentials($user, $password) { + global $limit_login_nonempty_credentials; + + $limit_login_nonempty_credentials = (!empty($user) && !empty($password)); +} + + +/* + * Admin stuff + */ + +/* Make a guess if we are behind a proxy or not */ +function limit_login_guess_proxy() { + return isset($_SERVER[LIMIT_LOGIN_PROXY_ADDR]) + ? LIMIT_LOGIN_PROXY_ADDR : LIMIT_LOGIN_DIRECT_ADDR; +} + + +/* Only change var if option exists */ +function limit_login_get_option($option, $var_name) { + $a = get_option($option); + + if ($a !== false) { + global $limit_login_options; + + $limit_login_options[$var_name] = $a; + } +} + + +/* Setup global variables from options */ +function limit_login_setup_options() { + limit_login_get_option('limit_login_client_type', 'client_type'); + limit_login_get_option('limit_login_allowed_retries', 'allowed_retries'); + limit_login_get_option('limit_login_lockout_duration', 'lockout_duration'); + limit_login_get_option('limit_login_valid_duration', 'valid_duration'); + limit_login_get_option('limit_login_cookies', 'cookies'); + limit_login_get_option('limit_login_lockout_notify', 'lockout_notify'); + limit_login_get_option('limit_login_allowed_lockouts', 'allowed_lockouts'); + limit_login_get_option('limit_login_long_duration', 'long_duration'); + limit_login_get_option('limit_login_notify_email_after', 'notify_email_after'); + + limit_login_sanitize_variables(); +} + + +/* Update options in db from global variables */ +function limit_login_update_options() { + update_option('limit_login_client_type', limit_login_option('client_type')); + update_option('limit_login_allowed_retries', limit_login_option('allowed_retries')); + update_option('limit_login_lockout_duration', limit_login_option('lockout_duration')); + update_option('limit_login_allowed_lockouts', limit_login_option('allowed_lockouts')); + update_option('limit_login_long_duration', limit_login_option('long_duration')); + update_option('limit_login_valid_duration', limit_login_option('valid_duration')); + update_option('limit_login_lockout_notify', limit_login_option('lockout_notify')); + update_option('limit_login_notify_email_after', limit_login_option('notify_email_after')); + update_option('limit_login_cookies', limit_login_option('cookies') ? '1' : '0'); +} + + +/* Make sure the variables make sense -- simple integer */ +function limit_login_sanitize_simple_int($var_name) { + global $limit_login_options; + + $limit_login_options[$var_name] = max(1, intval(limit_login_option($var_name))); +} + + +/* Make sure the variables make sense */ +function limit_login_sanitize_variables() { + global $limit_login_options; + + limit_login_sanitize_simple_int('allowed_retries'); + limit_login_sanitize_simple_int('lockout_duration'); + limit_login_sanitize_simple_int('valid_duration'); + limit_login_sanitize_simple_int('allowed_lockouts'); + limit_login_sanitize_simple_int('long_duration'); + + $limit_login_options['cookies'] = !!limit_login_option('cookies'); + + $notify_email_after = max(1, intval(limit_login_option('notify_email_after'))); + $limit_login_options['notify_email_after'] = min(limit_login_option('allowed_lockouts'), $notify_email_after); + + $args = explode(',', limit_login_option('lockout_notify')); + $args_allowed = explode(',', LIMIT_LOGIN_LOCKOUT_NOTIFY_ALLOWED); + $new_args = array(); + foreach ($args as $a) { + if (in_array($a, $args_allowed)) { + $new_args[] = $a; + } + } + $limit_login_options['lockout_notify'] = implode(',', $new_args); + + if ( limit_login_option('client_type') != LIMIT_LOGIN_DIRECT_ADDR + && limit_login_option('client_type') != LIMIT_LOGIN_PROXY_ADDR ) { + $limit_login_options['client_type'] = LIMIT_LOGIN_DIRECT_ADDR; + } +} + + +/* Add admin options page */ +function limit_login_admin_menu() { + global $wp_version; + + // Modern WP? + if (version_compare($wp_version, '3.0', '>=')) { + add_options_page('Limit Login Attempts', 'Limit Login Attempts', 'manage_options', 'limit-login-attempts', 'limit_login_option_page'); + return; + } + + // Older WPMU? + if (function_exists("get_current_site")) { + add_submenu_page('wpmu-admin.php', 'Limit Login Attempts', 'Limit Login Attempts', 9, 'limit-login-attempts', 'limit_login_option_page'); + return; + } + + // Older WP + add_options_page('Limit Login Attempts', 'Limit Login Attempts', 9, 'limit-login-attempts', 'limit_login_option_page'); +} + + +/* Show log on admin page */ +function limit_login_show_log($log) { + if (!is_array($log) || count($log) == 0) { + return; + } + + echo('
' + . __('Cleared IP log', 'limit-login-attempts') + . '
' + . __('Reset lockout count', 'limit-login-attempts') + . '
' + . __('Cleared current lockouts', 'limit-login-attempts') + . '
' + . __('Options changed', 'limit-login-attempts') + . '
'; + + $client_type_warning = ''; + if ($client_type != $client_type_guess) { + $faq = 'http://wordpress.org/extend/plugins/limit-login-attempts/faq/'; + + $client_type_warning = '
' . sprintf(__('Current setting appears to be invalid. Please make sure it is correct. Further information can be found here','limit-login-attempts'), $faq); + } + + $v = explode(',', limit_login_option('lockout_notify')); + $log_checked = in_array('log', $v) ? ' checked ' : ''; + $email_checked = in_array('email', $v) ? ' checked ' : ''; + ?> +
+
+
+
+
+
+ 0) {
+ ?>
+
+
+
+
+
\ No newline at end of file
diff --git a/wp-content/plugins/limit-login-attempts/limit-login-attempts.pot b/wp-content/plugins/limit-login-attempts/limit-login-attempts.pot
new file mode 100644
index 0000000..49eed1b
--- /dev/null
+++ b/wp-content/plugins/limit-login-attempts/limit-login-attempts.pot
@@ -0,0 +1,265 @@
+# Copyright (C) 2012 Limit Login Attempts
+# This file is distributed under the same license as the Limit Login Attempts package.
+msgid ""
+msgstr ""
+"Project-Id-Version: Limit Login Attempts 1.7.0\n"
+"Report-Msgid-Bugs-To: http://wordpress.org/tag/limit-login-attempts\n"
+"POT-Creation-Date: 2012-05-20 10:43:32+00:00\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"PO-Revision-Date: 2012-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME
+
+
+
+
+
+
+ © All Rights Reserved Milo template.
', + ), + ), + ), +); \ No newline at end of file diff --git a/wp-content/themes/milo/default_section_data/header.php b/wp-content/themes/milo/default_section_data/header.php new file mode 100644 index 0000000..e70b4f7 --- /dev/null +++ b/wp-content/themes/milo/default_section_data/header.php @@ -0,0 +1,35 @@ +get('default header-logo-use') ) { + $defaultLogo = $query->get('default header-logo'); +} + + +$data = array ( + 'sections' => + array ( + '0-|-navigation' => + array ( + 'navigation' => + array ( + 'logo' => + array ( + 'image' => $defaultLogo, + 'image_is_retina' => '0', + ), + 'navigation-menu-id' => '', + 'color-type' => '', + 'search' => + array ( + 'show' => '1', + 'placeholder' => 'Enter your keyword here and then press enter...', + ), + ), + ), + ), +); \ No newline at end of file diff --git a/wp-content/themes/milo/footer.php b/wp-content/themes/milo/footer.php new file mode 100644 index 0000000..1f821cf --- /dev/null +++ b/wp-content/themes/milo/footer.php @@ -0,0 +1,33 @@ + Layouts. + * + * Typically here will be printed (but it depends at you of course) + * - Footer with social icons + * - footer with widgets + * - bottom footer with message + */ +?> +getThemeFrameworkFactory()->getLayoutsNamespaceFactory()->getLayoutPrinter() + ->printLayoutAfterContent() + ->printLayoutFooter(); +?> + + + + + + + + + +