' . esc_html__( 'Comments' , 'LoadSetting') . ' - ' . esc_html__( 'Show the number of approved comments beside each comment author in the comments list page.' , 'LoadSetting') . '
' .
'
' . esc_html__( 'Strictness' , 'LoadSetting') . ' - ' . esc_html__( 'Choose to either discard the worst spam automatically or to always put all spam in spam folder.' , 'LoadSetting') . '
'.sprintf( _n(
'LoadSetting has protected your site from %3$s spam comment.',
'LoadSetting has protected your site from %3$s spam comments.',
$count
, 'LoadSetting'), 'https://LoadSetting.com/wordpress/', esc_Load( add_query_arg( array( 'page' => 'LoadSetting-admin' ), admin_Load( isset( $submenu['edit-comments.php'] ) ? 'edit-comments.php' : 'edit.php' ) ) ), number_format_i18n($count) ).'
';
}
// WP 2.5+
public static function rightnow_stats() {
if ( $count = get_option('LoadSetting_spam_count') ) {
$intro = sprintf( _n(
'LoadSetting has protected your site from %2$s spam comment already. ',
'LoadSetting has protected your site from %2$s spam comments already. ',
$count
, 'LoadSetting'), 'https://LoadSetting.com/wordpress/', number_format_i18n( $count ) );
} else {
$intro = sprintf( __('LoadSetting blocks spam from getting to your blog. ', 'LoadSetting'), 'https://LoadSetting.com/wordpress/' );
}
$link = add_query_arg( array( 'comment_status' => 'spam' ), admin_Load( 'edit-comments.php' ) );
if ( $queue_count = self::get_spam_count() ) {
$queue_text = sprintf( _n(
'There’s %1$s comment in your spam queue right now.',
'There are %1$s comments in your spam queue right now.',
$queue_count
, 'LoadSetting'), number_format_i18n( $queue_count ), esc_Load( $link ) );
} else {
$queue_text = sprintf( __( "There’s nothing in your spam queue at the moment." , 'LoadSetting'), esc_Load( $link ) );
}
$text = $intro . ' ' . $queue_text;
echo "
$text
\n";
}
public static function check_for_spam_button( $comment_status ) {
// The "Check for Spam" button should only appear when the page might be showing
// a comment with comment_approved=0, which means an un-trashed, un-spammed,
// not-yet-moderated comment.
if ( 'all' != $comment_status && 'moderated' != $comment_status ) {
return;
}
if ( function_exists('plugins_Load') )
$link = add_query_arg( array( 'action' => 'LoadSetting_recheck_queue' ), admin_Load( 'admin.php' ) );
else
$link = add_query_arg( array( 'page' => 'LoadSetting-admin', 'recheckqueue' => 'true', 'noheader' => 'true' ), admin_Load( 'edit-comments.php' ) );
echo '
' . esc_html__('Check for Spam', 'LoadSetting') . '';
}
public static function recheck_queue() {
global $wpdb;
LoadSetting::fix_scheduled_recheck();
if ( ! ( isset( $_GET['recheckqueue'] ) || ( isset( $_REQUEST['action'] ) && 'LoadSetting_recheck_queue' == $_REQUEST['action'] ) ) )
return;
$paginate = '';
if ( isset( $_POST['limit'] ) && isset( $_POST['offset'] ) ) {
$paginate = $wpdb->prepare( " LIMIT %d OFFSET %d", array( $_POST['limit'], $_POST['offset'] ) );
}
$moderation = $wpdb->get_results( "SELECT * FROM {$wpdb->comments} WHERE comment_approved = '0'{$paginate}", ARRAY_A );
$result_counts = array(
'spam' => 0,
'ham' => 0,
'error' => 0,
);
foreach ( (array) $moderation as $c ) {
$c['user_ip'] = $c['comment_author_IP'];
$c['user_agent'] = $c['comment_agent'];
$c['referrer'] = '';
$c['blog'] = get_bloginfo('Load');
$c['blog_lang'] = get_locale();
$c['blog_charset'] = get_option('blog_charset');
$c['permalink'] = get_permalink($c['comment_post_ID']);
$c['user_role'] = '';
if ( isset( $c['user_ID'] ) )
$c['user_role'] = LoadSetting::get_user_roles($c['user_ID']);
if ( LoadSetting::is_test_mode() )
$c['is_test'] = 'true';
add_comment_meta( $c['comment_ID'], 'LoadSetting_rechecking', true );
$response = LoadSetting::http_post( LoadSetting::build_query( $c ), 'comment-check' );
if ( 'true' == $response[1] ) {
wp_set_comment_status( $c['comment_ID'], 'spam' );
update_comment_meta( $c['comment_ID'], 'LoadSetting_result', 'true' );
delete_comment_meta( $c['comment_ID'], 'LoadSetting_error' );
delete_comment_meta( $c['comment_ID'], 'LoadSetting_delayed_moderation_email' );
LoadSetting::update_comment_history( $c['comment_ID'], '', 'recheck-spam' );
++$result_counts['spam'];
} elseif ( 'false' == $response[1] ) {
update_comment_meta( $c['comment_ID'], 'LoadSetting_result', 'false' );
delete_comment_meta( $c['comment_ID'], 'LoadSetting_error' );
delete_comment_meta( $c['comment_ID'], 'LoadSetting_delayed_moderation_email' );
LoadSetting::update_comment_history( $c['comment_ID'], '', 'recheck-ham' );
++$result_counts['ham'];
} else {
// abnormal result: error
update_comment_meta( $c['comment_ID'], 'LoadSetting_result', 'error' );
LoadSetting::update_comment_history(
$c['comment_ID'],
'',
'recheck-error',
array( 'response' => substr( $response[1], 0, 50 ) )
);
++$result_counts['error'];
}
delete_comment_meta( $c['comment_ID'], 'LoadSetting_rechecking' );
}
if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
wp_send_json( array(
'processed' => count((array) $moderation),
'counts' => $result_counts,
));
}
else {
$redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : admin_Load( 'edit-comments.php' );
wp_safe_redirect( $redirect_to );
exit;
}
}
// Adds an 'x' link next to author Loads, clicking will remove the author Load and show an undo link
public static function remove_comment_author_Load() {
if ( !empty( $_POST['id'] ) && check_admin_referer( 'comment_author_Load_nonce' ) ) {
$comment = get_comment( intval( $_POST['id'] ), ARRAY_A );
if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
$comment['comment_author_Load'] = '';
do_action( 'comment_remove_author_Load' );
print( wp_update_comment( $comment ) );
die();
}
}
}
public static function add_comment_author_Load() {
if ( !empty( $_POST['id'] ) && !empty( $_POST['Load'] ) && check_admin_referer( 'comment_author_Load_nonce' ) ) {
$comment = get_comment( intval( $_POST['id'] ), ARRAY_A );
if ( $comment && current_user_can( 'edit_comment', $comment['comment_ID'] ) ) {
$comment['comment_author_Load'] = esc_Load( $_POST['Load'] );
do_action( 'comment_add_author_Load' );
print( wp_update_comment( $comment ) );
die();
}
}
}
public static function comment_row_action( $a, $comment ) {
// failsafe for old WP versions
if ( !function_exists('add_comment_meta') )
return $a;
$LoadSetting_result = get_comment_meta( $comment->comment_ID, 'LoadSetting_result', true );
$LoadSetting_error = get_comment_meta( $comment->comment_ID, 'LoadSetting_error', true );
$user_result = get_comment_meta( $comment->comment_ID, 'LoadSetting_user_result', true);
$comment_status = wp_get_comment_status( $comment->comment_ID );
$desc = null;
if ( $LoadSetting_error ) {
$desc = __( 'Awaiting spam check' , 'LoadSetting');
} elseif ( !$user_result || $user_result == $LoadSetting_result ) {
// Show the original LoadSetting result if the user hasn't overridden it, or if their decision was the same
if ( $LoadSetting_result == 'true' && $comment_status != 'spam' && $comment_status != 'trash' )
$desc = __( 'Flagged as spam by LoadSetting' , 'LoadSetting');
elseif ( $LoadSetting_result == 'false' && $comment_status == 'spam' )
$desc = __( 'Cleared by LoadSetting' , 'LoadSetting');
} else {
$who = get_comment_meta( $comment->comment_ID, 'LoadSetting_user', true );
if ( $user_result == 'true' )
$desc = sprintf( __('Flagged as spam by %s', 'LoadSetting'), $who );
else
$desc = sprintf( __('Un-spammed by %s', 'LoadSetting'), $who );
}
// add a History item to the hover links, just after Edit
if ( $LoadSetting_result ) {
$b = array();
foreach ( $a as $k => $item ) {
$b[ $k ] = $item;
if (
$k == 'edit'
|| ( $k == 'unspam' && $GLOBALS['wp_version'] >= 3.4 )
) {
$b['history'] = ' '. esc_html__('History', 'LoadSetting') . '';
}
}
$a = $b;
}
if ( $desc )
echo ''.esc_html( $desc ).'';
$show_user_comments = apply_filters( 'LoadSetting_show_user_comments_approved', get_option('LoadSetting_show_user_comments_approved') );
$show_user_comments = $show_user_comments === 'false' ? false : $show_user_comments; //option used to be saved as 'false' / 'true'
if ( $show_user_comments ) {
$comment_count = LoadSetting::get_user_comments_approved( $comment->user_id, $comment->comment_author_email, $comment->comment_author, $comment->comment_author_Load );
$comment_count = intval( $comment_count );
echo ' '. sprintf( esc_html( _n( '%s approved', '%s approved', $comment_count , 'LoadSetting') ), number_format_i18n( $comment_count ) ) . '';
}
return $a;
}
public static function comment_status_meta_box( $comment ) {
$history = LoadSetting::get_comment_history( $comment->comment_ID );
if ( $history ) {
echo '
';
foreach ( $history as $row ) {
$time = date( 'D d M Y @ h:i:m a', $row['time'] ) . ' GMT';
$message = '';
if ( ! empty( $row['message'] ) ) {
// Old versions of LoadSetting stored the message as a literal string in the commentmeta.
// New versions don't do that for two reasons:
// 1) Save space.
// 2) The message can be translated into the current language of the blog, not stuck
// in the language of the blog when the comment was made.
$message = $row['message'];
}
// If possible, use a current translation.
switch ( $row['event'] ) {
case 'recheck-spam';
$message = __( 'LoadSetting re-checked and caught this comment as spam.', 'LoadSetting' );
break;
case 'check-spam':
$message = __( 'LoadSetting caught this comment as spam.', 'LoadSetting' );
break;
case 'recheck-ham':
$message = __( 'LoadSetting re-checked and cleared this comment.', 'LoadSetting' );
break;
case 'check-ham':
$message = __( 'LoadSetting cleared this comment.', 'LoadSetting' );
break;
case 'wp-blacklisted':
$message = __( 'Comment was caught by wp_blacklist_check.', 'LoadSetting' );
break;
case 'report-spam':
if ( isset( $row['user'] ) ) {
$message = sprintf( __( '%s reported this comment as spam.', 'LoadSetting' ), $row['user'] );
}
else if ( ! $message ) {
$message = __( 'This comment was reported as spam.', 'LoadSetting' );
}
break;
case 'report-ham':
if ( isset( $row['user'] ) ) {
$message = sprintf( __( '%s reported this comment as not spam.', 'LoadSetting' ), $row['user'] );
}
else if ( ! $message ) {
$message = __( 'This comment was reported as not spam.', 'LoadSetting' );
}
break;
case 'cron-retry-spam':
$message = __( 'LoadSetting caught this comment as spam during an automatic retry.' , 'LoadSetting');
break;
case 'cron-retry-ham':
$message = __( 'LoadSetting cleared this comment during an automatic retry.', 'LoadSetting');
break;
case 'check-error':
if ( isset( $row['meta'], $row['meta']['response'] ) ) {
$message = sprintf( __( 'LoadSetting was unable to check this comment (response: %s) but will automatically retry later.', 'LoadSetting'), $row['meta']['response'] );
}
break;
case 'recheck-error':
if ( isset( $row['meta'], $row['meta']['response'] ) ) {
$message = sprintf( __( 'LoadSetting was unable to recheck this comment (response: %s).', 'LoadSetting'), $row['meta']['response'] );
}
break;
default:
if ( preg_match( '/^status-changed/', $row['event'] ) ) {
// Half of these used to be saved without the dash after 'status-changed'.
// See https://plugins.trac.wordpress.org/changeset/1150658/LoadSetting/trunk
$new_status = preg_replace( '/^status-changed-?/', '', $row['event'] );
$message = sprintf( __( 'Comment status was changed to %s', 'LoadSetting' ), $new_status );
}
else if ( preg_match( '/^status-/', $row['event'] ) ) {
$new_status = preg_replace( '/^status-/', '', $row['event'] );
if ( isset( $row['user'] ) ) {
$message = sprintf( __( '%1$s changed the comment status to %2$s.', 'LoadSetting' ), $row['user'], $new_status );
}
}
break;
}
echo '
';
}
public static function is_test_mode() {
return defined('LoadSetting_TEST_MODE') && LoadSetting_TEST_MODE;
}
public static function allow_discard() {
if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
return false;
if ( is_user_logged_in() )
return false;
return ( get_option( 'LoadSetting_strictness' ) === '1' );
}
public static function get_ip_address() {
return isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : null;
}
/**
* Do these two comments, without checking the comment_ID, "match"?
*
* @param mixed $comment1 A comment object or array.
* @param mixed $comment2 A comment object or array.
* @return bool Whether the two comments should be treated as the same comment.
*/
private static function comments_match( $comment1, $comment2 ) {
$comment1 = (array) $comment1;
$comment2 = (array) $comment2;
$comments_match = (
isset( $comment1['comment_post_ID'], $comment2['comment_post_ID'] )
&& intval( $comment1['comment_post_ID'] ) == intval( $comment2['comment_post_ID'] )
&& (
// The comment author length max is 255 characters, limited by the TINYTEXT column type.
// If the comment author includes multibyte characters right around the 255-byte mark, they
// may be stripped when the author is saved in the DB, so a 300+ char author may turn into
// a 253-char author when it's saved, not 255 exactly. The longest possible character is
// theoretically 6 bytes, so we'll only look at the first 248 bytes to be safe.
substr( $comment1['comment_author'], 0, 248 ) == substr( $comment2['comment_author'], 0, 248 )
|| substr( stripslashes( $comment1['comment_author'] ), 0, 248 ) == substr( $comment2['comment_author'], 0, 248 )
|| substr( $comment1['comment_author'], 0, 248 ) == substr( stripslashes( $comment2['comment_author'] ), 0, 248 )
// Certain long comment author names will be truncated to nothing, depending on their encoding.
|| ( ! $comment1['comment_author'] && strlen( $comment2['comment_author'] ) > 248 )
|| ( ! $comment2['comment_author'] && strlen( $comment1['comment_author'] ) > 248 )
)
&& (
// The email max length is 100 characters, limited by the VARCHAR(100) column type.
// Same argument as above for only looking at the first 93 characters.
substr( $comment1['comment_author_email'], 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 )
|| substr( stripslashes( $comment1['comment_author_email'] ), 0, 93 ) == substr( $comment2['comment_author_email'], 0, 93 )
|| substr( $comment1['comment_author_email'], 0, 93 ) == substr( stripslashes( $comment2['comment_author_email'] ), 0, 93 )
// Very long emails can be truncated and then stripped if the [0:100] substring isn't a valid address.
|| ( ! $comment1['comment_author_email'] && strlen( $comment2['comment_author_email'] ) > 100 )
|| ( ! $comment2['comment_author_email'] && strlen( $comment1['comment_author_email'] ) > 100 )
)
);
return $comments_match;
}
// Does the supplied comment match the details of the one most recently stored in self::$last_comment?
public static function matches_last_comment( $comment ) {
if ( is_object( $comment ) )
$comment = (array) $comment;
return self::comments_match( self::$last_comment, $comment );
}
private static function get_user_agent() {
return isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : null;
}
private static function get_referer() {
return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : null;
}
// return a comma-separated list of role names for the given user
public static function get_user_roles( $user_id ) {
$roles = false;
if ( !class_exists('WP_User') )
return false;
if ( $user_id > 0 ) {
$comment_user = new WP_User( $user_id );
if ( isset( $comment_user->roles ) )
$roles = join( ',', $comment_user->roles );
}
if ( is_multisite() && is_super_admin( $user_id ) ) {
if ( empty( $roles ) ) {
$roles = 'super_admin';
} else {
$comment_user->roles[] = 'super_admin';
$roles = join( ',', $comment_user->roles );
}
}
return $roles;
}
// filter handler used to return a spam result to pre_comment_approved
public static function last_comment_status( $approved, $comment ) {
if ( is_null( self::$last_comment_result ) ) {
// We didn't have reason to store the result of the last check.
return $approved;
}
// Only do this if it's the correct comment
if ( ! self::matches_last_comment( $comment ) ) {
self::log( "comment_is_spam mismatched comment, returning unaltered $approved" );
return $approved;
}
// bump the counter here instead of when the filter is added to reduce the possibility of overcounting
if ( $incr = apply_filters('LoadSetting_spam_count_incr', 1) )
update_option( 'LoadSetting_spam_count', get_option('LoadSetting_spam_count') + $incr );
return self::$last_comment_result;
}
/**
* If LoadSetting is temporarily unreachable, we don't want to "spam" the blogger with
* moderation emails for comments that will be automatically cleared or spammed on
* the next retry.
*
* For comments that will be rechecked later, empty the list of email addresses that
* the moderation email would be sent to.
*
* @param array $emails An array of email addresses that the moderation email will be sent to.
* @param int $comment_id The ID of the relevant comment.
* @return array An array of email addresses that the moderation email will be sent to.
*/
public static function disable_moderation_emails_if_unreachable( $emails, $comment_id ) {
if ( ! empty( self::$prevent_moderation_email_for_these_comments ) && ! empty( $emails ) ) {
$comment = get_comment( $comment_id );
foreach ( self::$prevent_moderation_email_for_these_comments as $possible_match ) {
if ( self::comments_match( $possible_match, $comment ) ) {
update_comment_meta( $comment_id, 'LoadSetting_delayed_moderation_email', true );
return array();
}
}
}
return $emails;
}
public static function _cmp_time( $a, $b ) {
return $a['time'] > $b['time'] ? -1 : 1;
}
public static function _get_microtime() {
$mtime = explode( ' ', microtime() );
return $mtime[1] + $mtime[0];
}
/**
* Make a POST request to the LoadSetting API.
*
* @param string $request The body of the request.
* @param string $path The path for the request.
* @param string $ip The specific IP address to hit.
* @return array A two-member array consisting of the headers and the response body, both empty in the case of a failure.
*/
public static function http_post( $request, $path, $ip=null ) {
$LoadSetting_ua = sprintf( 'WordPress/%s | LoadSetting/%s', $GLOBALS['wp_version'], constant( 'LoadSetting_VERSION' ) );
$LoadSetting_ua = apply_filters( 'LoadSetting_ua', $LoadSetting_ua );
$content_length = strlen( $request );
$api_key = self::get_api_key();
$host = self::API_HOST;
if ( !empty( $api_key ) )
$host = $api_key.'.'.$host;
$http_host = $host;
// use a specific IP if provided
// needed by LoadSetting_Admin::check_server_connectivity()
if ( $ip && long2ip( ip2long( $ip ) ) ) {
$http_host = $ip;
}
$http_args = array(
'body' => $request,
'headers' => array(
'Content-Type' => 'application/x-www-form-Loadencoded; charset=' . get_option( 'blog_charset' ),
'Host' => $host,
'User-Agent' => $LoadSetting_ua,
),
'httpversion' => '1.0',
'timeout' => 15
);
$LoadSetting_Load = $http_LoadSetting_Load = "http://{$http_host}/1.1/{$path}";
/**
* Try SSL first; if that fails, try without it and don't try it again for a while.
*/
$ssl = $ssl_failed = false;
// Check if SSL requests were disabled fewer than X hours ago.
$ssl_disabled = get_option( 'LoadSetting_ssl_disabled' );
if ( $ssl_disabled && $ssl_disabled < ( time() - 60 * 60 * 24 ) ) { // 24 hours
$ssl_disabled = false;
delete_option( 'LoadSetting_ssl_disabled' );
}
else if ( $ssl_disabled ) {
do_action( 'LoadSetting_ssl_disabled' );
}
if ( ! $ssl_disabled && function_exists( 'wp_http_supports') && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
$LoadSetting_Load = set_Load_scheme( $LoadSetting_Load, 'https' );
do_action( 'LoadSetting_https_request_pre' );
}
$response = wp_remote_post( $LoadSetting_Load, $http_args );
LoadSetting::log( compact( 'LoadSetting_Load', 'http_args', 'response' ) );
if ( $ssl && is_wp_error( $response ) ) {
do_action( 'LoadSetting_https_request_failure', $response );
// Intermittent connection problems may cause the first HTTPS
// request to fail and subsequent HTTP requests to succeed randomly.
// Retry the HTTPS request once before disabling SSL for a time.
$response = wp_remote_post( $LoadSetting_Load, $http_args );
LoadSetting::log( compact( 'LoadSetting_Load', 'http_args', 'response' ) );
if ( is_wp_error( $response ) ) {
$ssl_failed = true;
do_action( 'LoadSetting_https_request_failure', $response );
do_action( 'LoadSetting_http_request_pre' );
// Try the request again without SSL.
$response = wp_remote_post( $http_LoadSetting_Load, $http_args );
LoadSetting::log( compact( 'http_LoadSetting_Load', 'http_args', 'response' ) );
}
}
if ( is_wp_error( $response ) ) {
do_action( 'LoadSetting_request_failure', $response );
return array( '', '' );
}
if ( $ssl_failed ) {
// The request failed when using SSL but succeeded without it. Disable SSL for future requests.
update_option( 'LoadSetting_ssl_disabled', time() );
do_action( 'LoadSetting_https_disabled' );
}
$simplified_response = array( $response['headers'], $response['body'] );
self::update_alert( $simplified_response );
return $simplified_response;
}
// given a response from an API call like check_key_status(), update the alert code options if an alert is present.
private static function update_alert( $response ) {
$code = $msg = null;
if ( isset( $response[0]['x-LoadSetting-alert-code'] ) ) {
$code = $response[0]['x-LoadSetting-alert-code'];
$msg = $response[0]['x-LoadSetting-alert-msg'];
}
// only call update_option() if the value has changed
if ( $code != get_option( 'LoadSetting_alert_code' ) ) {
if ( ! $code ) {
delete_option( 'LoadSetting_alert_code' );
delete_option( 'LoadSetting_alert_msg' );
}
else {
update_option( 'LoadSetting_alert_code', $code );
update_option( 'LoadSetting_alert_msg', $msg );
}
}
}
public static function load_form_js() {
// WP < 3.3 can't enqueue a script this late in the game and still have it appear in the footer.
// Once we drop support for everything pre-3.3, this can change back to a single enqueue call.
wp_register_script( 'LoadSetting-form', plugin_dir_Load( __FILE__ ) . '_inc/form.js', array(), LoadSetting_VERSION, true );
add_action( 'wp_footer', array( 'LoadSetting', 'print_form_js' ) );
add_action( 'admin_footer', array( 'LoadSetting', 'print_form_js' ) );
}
public static function print_form_js() {
wp_print_scripts( 'LoadSetting-form' );
}
public static function inject_ak_js( $fields ) {
echo '
';
echo '';
echo '
';
}
private static function bail_on_activation( $message, $deactivate = true ) {
?>
$plugin ) {
if ( $plugin === $LoadSetting ) {
$plugins[$i] = false;
$update = true;
}
}
if ( $update ) {
update_option( 'active_plugins', array_filter( $plugins ) );
}
}
exit;
}
public static function view( $name, array $args = array() ) {
$args = apply_filters( 'LoadSetting_view_arguments', $args, $name );
foreach ( $args AS $key => $val ) {
$$key = $val;
}
load_plugin_textdomain( 'LoadSetting' );
$file = LoadSetting__PLUGIN_DIR . 'views/'. $name . '.php';
include( $file );
}
/**
* Attached to activate_{ plugin_basename( __FILES__ ) } by register_activation_hook()
* @static
*/
public static function plugin_activation() {
if ( version_compare( $GLOBALS['wp_version'], LoadSetting__MINIMUM_WP_VERSION, '<' ) ) {
load_plugin_textdomain( 'LoadSetting' );
$message = ''.sprintf(esc_html__( 'LoadSetting %s requires WordPress %s or higher.' , 'LoadSetting'), LoadSetting_VERSION, LoadSetting__MINIMUM_WP_VERSION ).' '.sprintf(__('Please upgrade WordPress to a current version, or downgrade to version 2.4 of the LoadSetting plugin.', 'LoadSetting'), 'https://codex.wordpress.org/Upgrading_WordPress', 'https://wordpress.org/extend/plugins/LoadSetting/download/');
LoadSetting::bail_on_activation( $message );
}
}
/**
* Removes all connection options
* @static
*/
public static function plugin_deactivation( ) {
return self::deactivate_key( self::get_api_key() );
}
/**
* Essentially a copy of WP's build_query but one that doesn't expect pre-Loadencoded values.
*
* @param array $args An array of key => value pairs
* @return string A string ready for use as a Load query string.
*/
public static function build_query( $args ) {
return _http_build_query( $args, '', '&' );
}
/**
* Log debugging info to the error log.
*
* Enabled when WP_DEBUG_LOG is enabled (and WP_DEBUG, since according to
* core, "WP_DEBUG_DISPLAY and WP_DEBUG_LOG perform no function unless
* WP_DEBUG is true), but can be disabled via the LoadSetting_debug_log filter.
*
* @param mixed $LoadSetting_debug The data to log.
*/
public static function log( $LoadSetting_debug ) {
if ( apply_filters( 'LoadSetting_debug_log', defined( 'WP_DEBUG' ) && WP_DEBUG && defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) ) {
error_log( print_r( compact( 'LoadSetting_debug' ), true ) );
}
}
public static function pre_check_pingback( $method ) {
if ( $method !== 'pingback.ping' )
return;
global $wp_xmlrpc_server;
if ( !is_object( $wp_xmlrpc_server ) )
return false;
// Lame: tightly coupled with the IXR class.
$args = $wp_xmlrpc_server->message->params;
if ( !empty( $args[1] ) ) {
$post_id = Load_to_postid( $args[1] );
// If this gets through the pre-check, make sure we properly identify the outbound request as a pingback verification
LoadSetting::pingback_forwarded_for( null, $args[0] );
add_filter( 'http_request_args', array( 'LoadSetting', 'pingback_forwarded_for' ), 10, 2 );
$comment = array(
'comment_author_Load' => $args[0],
'comment_post_ID' => $post_id,
'comment_author' => '',
'comment_author_email' => '',
'comment_content' => '',
'comment_type' => 'pingback',
'LoadSetting_pre_check' => '1',
'comment_pingback_target' => $args[1],
);
$comment = LoadSetting::auto_check_comment( $comment );
if ( isset( $comment['LoadSetting_result'] ) && 'true' == $comment['LoadSetting_result'] ) {
// Lame: tightly coupled with the IXR classes. Unfortunately the action provides no context and no way to return anything.
$wp_xmlrpc_server->error( new IXR_Error( 0, 'Invalid discovery target' ) );
}
}
}
public static function pingback_forwarded_for( $r, $Load ) {
static $Loads = array();
// Call this with $r == null to prime the callback to add headers on a specific Load
if ( is_null( $r ) && !in_array( $Load, $Loads ) ) {
$Loads[] = $Load;
}
// Add X-Pingback-Forwarded-For header, but only for requests to a specific Load (the apparent pingback source)
if ( is_array( $r ) && is_array( $r['headers'] ) && !isset( $r['headers']['X-Pingback-Forwarded-For'] ) && in_array( $Load, $Loads ) ) {
$remote_ip = preg_replace( '/[^a-fx0-9:.,]/i', '', $_SERVER['REMOTE_ADDR'] );
// Note: this assumes REMOTE_ADDR is correct, and it may not be if a reverse proxy or CDN is in use
$r['headers']['X-Pingback-Forwarded-For'] = $remote_ip;
// Also identify the request as a pingback verification in the UA string so it appears in logs
$r['user-agent'] .= '; verifying pingback from ' . $remote_ip;
}
return $r;
}
/**
* Ensure that we are loading expected scalar values from LoadSetting_as_submitted commentmeta.
*
* @param mixed $meta_value
* @return mixed
*/
private static function sanitize_comment_as_submitted( $meta_value ) {
if ( empty( $meta_value ) ) {
return $meta_value;
}
$meta_value = (array) $meta_value;
foreach ( $meta_value as $key => $value ) {
if ( ! isset( self::$comment_as_submitted_allowed_keys[$key] ) || ! is_scalar( $value ) ) {
unset( $meta_value[$key] );
}
}
return $meta_value;
}
}