Stop Sploggers. It is very important to use WangGuard at least for a week, reporting your site's unwanted users as sploggers from the Users panel. WangGuard will learn at that time to protect your site from sploggers in a much more effective way. WangGuard protects each web site in a personalized way using information provided by Administrators who report sploggers world-wide, that's why it's very important that you report your sploggers to WangGuard. The longer you use WangGuard, the more effective it will become.
Version: 1.5.4
Author: WangGuard
Author URI: http://www.wangguard.com
License: GPL2
*/
/* Copyright 2010 WangGuard (email : info@wangguard.com)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, version 2, as
published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
define('WANGGUARD_VERSION', '1.5.4');
define('WANGGUARD_PLUGIN_FILE', 'wangguard/wangguard-admin.php');
define('WANGGUARD_README_URL', 'http://plugins.trac.wordpress.org/browser/wangguard/trunk/readme.txt?format=txt');
//error_reporting(E_ALL);
//ini_set("display_errors", 1);
//Which file are we are getting called from?
$wuangguard_parent = basename($_SERVER['SCRIPT_NAME']);
$wangguard_is_network_admin = function_exists("is_multisite") && function_exists( 'is_network_admin' );
if ($wangguard_is_network_admin)
$wangguard_is_network_admin = is_multisite();
include_once 'wangguard-xml.php';
include_once 'wangguard-core.php';
$wangguard_api_key = wangguard_get_option('wangguard_api_key');
$wangguard_cronjob_run_options = array(
"daily"=> __('Once a day', 'wangguard'),
"wangguard_3days"=> __('Every 3 days', 'wangguard'),
"wangguard_5days"=> __('Every 5 days', 'wangguard'),
"wangguard_weekly"=> __('Weekly', 'wangguard'),
"wangguard_2weeks"=> __('Two Weeks', 'wangguard')
);
$wangguard_cronjob_actions_options = array(
"f"=>__('Flag detected Sploggers as Sploggers and Spam users', 'wangguard') ,
"d"=>__('Delete detected Sploggers', 'wangguard')
);
$wangguard_cronjob_lookup_options = array(
"7"=>__('Week', 'wangguard') ,
"5"=>__('5 days', 'wangguard'),
"3"=>__('3 days', 'wangguard'),
"1"=>__('1 day', 'wangguard')
);
/********************************************************************/
/*** CONFIG BEGINS ***/
/********************************************************************/
include_once 'wangguard-conf.php';
include_once 'wangguard-queue.php';
include_once 'wangguard-wizard.php';
include_once 'wangguard-cronjobs.php';
include_once 'wangguard-stats.php';
include_once 'wangguard-users.php';
/********************************************************************/
/*** CONFIG ENDS ***/
/********************************************************************/
/********************************************************************/
/*** ADD & VALIDATE SECURITY QUESTIONS ON REGISTER BEGINS ***/
/********************************************************************/
// for wp regular
add_action('register_form','wangguard_add_hfield_1' , rand(1,10));
add_action('register_form','wangguard_add_hfield_2' , rand(1,10));
add_action('register_form','wangguard_add_hfield_3' , rand(1,10));
add_action('register_form','wangguard_add_hfield_4' , rand(1,10));
add_action('register_form','wangguard_register_add_question');
add_action('register_post','wangguard_signup_validate',10,3);
$wangguard_add_mu_filter_actions = true;
if (defined('BP_VERSION')) {
if (version_compare(BP_VERSION, '1.1') >= 0) {
$wangguard_add_mu_filter_actions = false;
$wangguard_bp_hook = "bp_after_account_details_fields";
// for buddypress 1.1 only
add_action($wangguard_bp_hook,'wangguard_add_hfield_1' , rand(1,10));
add_action($wangguard_bp_hook,'wangguard_add_hfield_2' , rand(1,10));
add_action($wangguard_bp_hook,'wangguard_add_hfield_3' , rand(1,10));
add_action($wangguard_bp_hook,'wangguard_add_hfield_4' , rand(1,10));
add_action('bp_before_registration_submit_buttons', 'wangguard_register_add_question_bp11');
add_action('bp_signup_validate', 'wangguard_signup_validate_bp11' );
}
}
if ($wangguard_add_mu_filter_actions) {
// for wpmu and (buddypress versions before 1.1)
add_action('signup_extra_fields','wangguard_add_hfield_1' , rand(1,10));
add_action('signup_extra_fields','wangguard_add_hfield_2' , rand(1,10));
add_action('signup_extra_fields','wangguard_add_hfield_3' , rand(1,10));
add_action('signup_extra_fields','wangguard_add_hfield_4' , rand(1,10));
add_action('signup_extra_fields', 'wangguard_register_add_question_mu' );
add_filter('wpmu_validate_user_signup', 'wangguard_wpmu_signup_validate_mu');
}
/**
* Checks MX record for an email domain's
*
* @param type $email
* @return boolean
*/
function wangguard_mx_record_is_ok($email) {
//checks if an associated MX record is found on the server's DNS for the email domain
//option is activated and getmxrr() function exists?
$wangguard_mx_ok = function_exists('getmxrr');
if ( !$wangguard_mx_ok || wangguard_get_option("wangguard-verify-dns-mx")!='1')
return true;
$email = explode("@" , $email);
if( count($email) != 2 )
return true;
$mxr = array();
$ret = getmxrr($email[1] , $mxr);
return $ret && count($mxr);
}
/**
* Cleans username from an email address
*/
function wangguard_get_clean_gmail_username($email) {
//Cleans dots and + from gmail.com and googlemail.com addresses, lowercases the username and returns it. Returns false otherwise.
$email = explode("@" , $email);
if( count($email) != 2 )
return false;
$email[1] = strtolower($email[1]);
if ( ($email[1] == "gmail.com") || ($email[1] == "googlemail.com") ) {
$email[0] = str_replace(".", "" , $email[0]);
//if the gmail address has a plus sign, remove from it to the end as gmail ignores that
if ( strpos( $email[0] , "+") !== false) {
$email[0] = substr($email[0] , 0 , strpos( $email[0] , "+"));
}
return strtolower($email[0]);
}
else
return false;
}
/**
* Checks wheter an alias of an email already exists
*
* @global type $wpdb
* @param type $email
* @return boolean
*/
function wangguard_email_aliases_exists($email) {
global $wpdb;
//option is activated?
if ( wangguard_get_option("wangguard-verify-gmail")!='1')
return false;
//cleans the email
$guser = wangguard_get_clean_gmail_username($email);
if ($guser !== false) {
//if the email already exists, WP catches it, there's no need for WangGuard to check for aliases
if (email_exists($email))
return false;
//get gmail.com and googlemail.com registered users
$gmailaddresses = $wpdb->get_results("select user_email from {$wpdb->users} where LOWER(user_email) LIKE '%@gmail.com' OR LOWER(user_email) LIKE '%@googlemail.com'");
if (!empty ($gmailaddresses)) {
foreach ($gmailaddresses as $r) {
$existing = wangguard_get_clean_gmail_username($r->user_email);
if ($existing == $guser)
return true;
}
}
}
return false;
}
$wangguard_NonceHName = 'wangguard-hidden-field-check';
$wangguard_NonceFName = 'wangguard-hidden-display-check';
$wangguard_NoncePName = 'wangguard-hidden-position-check';
$wangguard_NonceCName = 'wangguard-hidden-check-check';
$wangguard_HPrefix = 'user_';
$wangguard_FPrefix = 'newuser_';
/**
* Get a random string
*/
function wangguard_randomstring($rndLen) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$str = '';
$strlen = strlen($chars);
for ($i=0; $i < $rndLen; $i++)
{
$str .= substr($chars, mt_rand(0, $strlen - 1), 1);
}
return $str;
}
function wangguard_add_hfield_1() {
global $wangguard_NonceHName , $wangguard_HPrefix;
$nonceAct = $wangguard_NonceHName;
$nonceValue = wp_create_nonce( $nonceAct );
$fieldID = wangguard_randomstring(mt_rand(6,10));
$nonce_field = '';
echo $nonce_field;
}
function wangguard_add_hfield_2() {
global $wangguard_NonceFName , $wangguard_FPrefix;
$style = wangguard_randomstring(mt_rand(6,10));
$fieldID = wangguard_randomstring(mt_rand(6,10));
echo '';
$nonceAct = $wangguard_NonceFName;
$nonceValue = wp_create_nonce( $nonceAct );
$nonce_field = '';
echo $nonce_field;
}
function wangguard_add_hfield_3() {
global $wangguard_NoncePName;
$style = wangguard_randomstring(mt_rand(6,10));
$fieldID = wangguard_randomstring(mt_rand(6,10));
echo '';
$nonceAct = $wangguard_NoncePName;
$nonceValue = wp_create_nonce( $nonceAct );
$nonce_field = '
';
echo $nonce_field;
}
function wangguard_add_hfield_4() {
global $wangguard_NonceCName;
$style = wangguard_randomstring(mt_rand(6,10));
$fieldID = wangguard_randomstring(mt_rand(6,10));
echo '';
$nonceAct = $wangguard_NonceCName;
$nonceValue = wp_create_nonce( $nonceAct );
$nonce_field = '';
echo $nonce_field;
}
/**
* WangGuard nonce
*/
function wangguard_get_nonce_value($action) {
$user = wp_get_current_user();
$uid = (int) $user->ID;
$i = wp_nonce_tick();
return substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10);
}
/**
* Validates if there is suspicius activity on signup
*
* @global string $wangguard_NonceHName
* @global string $wangguard_HPrefix
* @global string $wangguard_NonceFName
* @global string $wangguard_FPrefix
* @global string $wangguard_NoncePName
* @global string $wangguard_NonceCName
* @param type $userEmail
* @return boolean
*/
function wangguard_validate_hfields($userEmail) {
global $wangguard_NonceHName , $wangguard_HPrefix;
global $wangguard_NonceFName , $wangguard_FPrefix;
global $wangguard_NoncePName;
global $wangguard_NonceCName;
$hNonce = wangguard_get_nonce_value($wangguard_NonceHName);
$fNonce = wangguard_get_nonce_value($wangguard_NonceFName);
$pNonce = wangguard_get_nonce_value($wangguard_NoncePName);
$cNonce = wangguard_get_nonce_value($wangguard_NonceCName);
$validated =
empty ($_POST[$wangguard_HPrefix.$hNonce]) &&
empty ($_POST[$wangguard_FPrefix.$fNonce]) &&
empty ($_POST[$pNonce]) &&
empty ($_POST[$cNonce]);
if (!$validated) {
wangguard_report_email($userEmail , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP() , true);
}
return $validated;
}
//*********** WPMU ***********
/**
* Adds a security question if any exists
*
* @global type $wpdb
* @param type $errors
*/
function wangguard_register_add_question_mu($errors) {
global $wpdb;
$table_name = $wpdb->base_prefix . "wangguardquestions";
//Get one random question from the question table
$qrs = $wpdb->get_row("select * from $table_name order by RAND() LIMIT 1");
if (!is_null($qrs)) {
$question = $qrs->Question;
$questionID = $qrs->id;
$html = '
';
echo $html;
if ( $errmsg = $errors->get_error_message('wangguardquestansw') ) {
echo '
'.$errmsg.'
';
}
$html = '
';
echo $html;
}
}
/**
* Validates security question
*
* @global type $wangguard_bp_validated
* @param type $param
* @return array
*/
function wangguard_wpmu_signup_validate_mu($param) {
global $wangguard_bp_validated;
if ( strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false ) {
return $param;
}
//BP1.1+ calls the new BP filter first (wangguard_signup_validate_bp11) and then the legacy MU filters (this one), if the BP new 1.1+ filter has been already called, silently return
if ($wangguard_bp_validated)
return $param;
$errors = $param['errors'];
if (!wangguard_validate_hfields($_POST['user_email'])) {
$errors->add('user_name', __('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
return $param;
}
$answerOK = wangguard_question_repliedOK();
//If at least a question exists on the questions table, then check the provided answer
if (!$answerOK)
$errors->add('wangguardquestansw', __('ERROR: The answer to the security question is invalid.', 'wangguard'));
else {
//check domain against the list of selected blocked domains
$blocked = wangguard_is_domain_blocked($param['user_email']);
if ($blocked) {
$errors->add('user_email', __('ERROR: Domain not allowed.', 'wangguard'));
}
else {
$reported = wangguard_is_email_reported_as_sp($param['user_email'] , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP());
if ($reported)
$errors->add('user_email', __('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
else if (wangguard_email_aliases_exists($param['user_email']))
$errors->add('user_email', __('ERROR: Duplicate alias email found by WangGuard.', 'wangguard'));
else if (!wangguard_mx_record_is_ok($param['user_email']))
$errors->add('user_email', __("ERROR: WangGuard couldn't find an MX record associated with your email domain.", 'wangguard'));
}
}
return $param;
}
//*********** WPMU ***********
//*********** BP1.1+ ***********
/**
* Adds a security question if any exists
*
* @global type $wpdb
* @return array
*/
function wangguard_register_add_question_bp11(){
global $wpdb;
if ( strpos($_SERVER['PHP_SELF'], 'wp-admin') !== false ) {
return $param;
}
$table_name = $wpdb->base_prefix . "wangguardquestions";
//Get one random question from the question table
$qrs = $wpdb->get_row("select * from $table_name order by RAND() LIMIT 1");
if (!is_null($qrs)) {
$question = $qrs->Question;
$questionID = $qrs->id;
$html = '
';
echo $html;
}
}
function wangguard_fix_bp_slashes_maybe($str) {
if (defined('BP_VERSION')) {
if ( version_compare(BP_VERSION, '1.5.5') < 0 )
$str = addslashes($str);
return $str;
}
else
return $str;
}
/**
* Validates security question
*
* @global type $bp
* @global boolean $wangguard_bp_validated
*/
function wangguard_signup_validate_bp11() {
global $bp;
global $wangguard_bp_validated;
$wangguard_bp_validated = true;
if (!wangguard_validate_hfields($_POST['signup_email'])) {
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe (__('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
return;
}
$answerOK = wangguard_question_repliedOK();
//If at least a question exists on the questions table, then check the provided answer
if (!$answerOK)
$bp->signup->errors['wangguardquestansw'] = wangguard_fix_bp_slashes_maybe (__('ERROR: The answer to the security question is invalid.', 'wangguard'));
else {
//check domain against the list of selected blocked domains
$blocked = wangguard_is_domain_blocked($_REQUEST['signup_email']);
if ($blocked) {
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe( __("ERROR: Domain not allowed.", 'wangguard'));
}
else {
$reported = wangguard_is_email_reported_as_sp($_REQUEST['signup_email'] , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP());
if ($reported)
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe (__('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
else if (wangguard_email_aliases_exists($_REQUEST['signup_email']))
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe (__('ERROR: Duplicate alias email found by WangGuard.', 'wangguard'));
else if (!wangguard_mx_record_is_ok($_REQUEST['signup_email']))
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe( __("ERROR: WangGuard couldn't find an MX record associated with your email domain.", 'wangguard'));
}
}
if (isset ($bp->signup->errors['signup_email']))
$bp->signup->errors['signup_email'] = wangguard_fix_bp_slashes_maybe($bp->signup->errors['signup_email']);
}
//*********** BP1.1+ ***********
//*********** WP REGULAR ***********
/**
* Adds a security question if any exists
*
* @global type $wpdb
*/
function wangguard_register_add_question(){
global $wpdb;
$table_name = $wpdb->base_prefix . "wangguardquestions";
//Get one random question from the question table
$qrs = $wpdb->get_row("select * from $table_name order by RAND() LIMIT 1");
if (!is_null($qrs)) {
$question = $qrs->Question;
$questionID = $qrs->id;
if ( ! defined( 'APP_FRAMEWORK_DIR' ) ){
$html = '
';}
echo $html;}
}
}
/**
* Validates security question
*
* @param type $user_name
* @param type $user_email
* @param type $errors
*/
function wangguard_signup_validate($user_name , $user_email,$errors){
if (!wangguard_validate_hfields($_POST['user_email'])) {
$errors->add('user_login',__('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
return;
}
$answerOK = wangguard_question_repliedOK();
//If at least a question exists on the questions table, then check the provided answer
if (!$answerOK)
$errors->add('wangguard_error',__('ERROR: The answer to the security question is invalid.', 'wangguard'));
else {
//check domain against the list of selected blocked domains
$blocked = wangguard_is_domain_blocked($_REQUEST['user_email']);
if ($blocked) {
$errors->add('wangguard_error',__('ERROR: Domain not allowed.', 'wangguard'));
}
else {
$reported = wangguard_is_email_reported_as_sp($_REQUEST['user_email'] , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP() , true);
if ($reported)
$errors->add('wangguard_error',__('ERROR: Banned by WangGuard Is a mistake?.', 'wangguard'));
else if (wangguard_email_aliases_exists($_REQUEST['user_email']))
$errors->add('wangguard_error', __('ERROR: Duplicate alias email found by WangGuard.', 'wangguard'));
else if (!wangguard_mx_record_is_ok($_REQUEST['user_email']))
$errors->add('wangguard_error', __("ERROR: WangGuard couldn't find an MX record associated with your email domain.", 'wangguard'));
}
}
}
//*********** WP REGULAR ***********
/**
* Checks if a domain for an email address is selected to be blocked on the "Blocked domains" configuration screen
*
* @param type $email
*/
function wangguard_is_domain_blocked($email) {
$parts = explode("@", $email);
//if email is not well formed, return TRUE, this should never happens as WP already checks for a valid email format
if (count($parts) != 2)
return true;
$domain = strtolower($parts[1]);
$selectedDomains = maybe_unserialize( wangguard_get_option('blocked-list-domains') );
if (!is_array($selectedDomains)) $selectedDomains = array();
//matches exact domain?
if (isset($selectedDomains[$domain]))
return true;
$domainParts = explode(".", $domain);
if (count($domainParts) > 1) {
$subdomcheck = $domainParts[count($domainParts)-1];
//check for the top level domain
if (isset($selectedDomains["*." . $subdomcheck]))
return true;
//n-level domains
$from = count($domainParts)-2;
for ($i = $from ; $i>=0 ; $i-- ) {
$subdomcheck = $domainParts[$i] . "." . $subdomcheck;
if (isset($selectedDomains["*." . $subdomcheck]))
return true;
}
}
else
//malformed domain
return true;
return false;
}
/**
* Verifies the email against WangGuard service
*
* @global type $wpdb
* @global type $wangguard_api_key
* @global type $wangguard_user_check_status
* @param type $email
* @param type $clientIP
* @param type $callingFromRegularWPHook regular WP hook sends true on this param
* @return boolean
*/
function wangguard_is_email_reported_as_sp($email , $clientIP , $ProxyIP , $callingFromRegularWPHook = false) {
global $wpdb;
global $wangguard_api_key;
global $wangguard_user_check_status;
if (empty ($wangguard_api_key))
return false;
$wangguard_user_check_status = "not-checked";
if ( wangguard_get_option("wangguard-do-not-check-client-ip")=='1') {
$clientIP = '';
$ProxyIP = '';
}
$response = wangguard_http_post("wg=$wangguard_api_key".$email."".$clientIP."".$ProxyIP."", 'query-email.php');
$responseArr = XML_unserialize($response);
wangguard_stats_update("check");
if ( is_array($responseArr)) {
if (($responseArr['out']['cod'] == '10') || ($responseArr['out']['cod'] == '11')) {
wangguard_stats_update("detected");
return true;
}
else {
if ($responseArr['out']['cod'] == '20')
$wangguard_user_check_status = 'checked';
elseif ($responseArr['out']['cod'] == '100')
$wangguard_user_check_status = 'error:' . __('Your WangGuard API KEY is invalid.', 'wangguard');
else
$wangguard_user_check_status = 'error:'.$responseArr['out']['cod'];
}
}
return false;
}
/**
* Verifies the security question, used from the WP, WPMU and BP validation functions
* @global type $wpdb
* @return boolean
*/
function wangguard_question_repliedOK() {
//WP 3.2.1 multisite introduces a new two step registration, on step 2 we don't have to check the security question as it was checked in the step 1
if (@$_POST['stage'] == 'validate-blog-signup') {
if (!wp_verify_nonce($_POST['_signup_form'] , 'signup_form_' . $_POST['signup_form_id']))
return false;
else
return true;
}
global $wpdb;
$table_name = $wpdb->base_prefix . "wangguardquestions";
//How many questions are created?
$questionCount = $wpdb->get_col("select count(*) as q from $table_name");
$answerOK = true;
//If at least a question exists on the questions table, then check the provided answer
if ($questionCount[0]) {
$questionID = intval($_REQUEST['wangguardquest']);
$answer = $_REQUEST['wangguardquestansw'];
$qrs = $wpdb->get_row( $wpdb->prepare("select * from $table_name where id = %d" , $questionID));
if (!is_null($qrs)) {
if (mb_strtolower( $_REQUEST['wangguardquestansw'] ) == mb_strtolower( $qrs->Answer ) ) {
$wpdb->query( $wpdb->prepare("update $table_name set RepliedOK = RepliedOK + 1 where id = %d" , $questionID ) );
}
else {
$answerOK = false;
$wpdb->query( $wpdb->prepare("update $table_name set RepliedWRONG = RepliedWRONG + 1 where id = %d" , $questionID ) );
}
}
else {
$answerOK = false;
$wpdb->query( $wpdb->prepare("update $table_name set RepliedWRONG = RepliedWRONG + 1 where id = %d" , $questionID ) );
}
}
return $answerOK;
}
/********************************************************************/
/*** ADD & VALIDATE SECURITY QUESTIONS ON REGISTER ENDS ***/
/********************************************************************/
/********************************************************************/
/*** USER REGISTATION & DELETE FILTERS BEGINS ***/
/********************************************************************/
// user register and delete actions
add_action('user_register','wangguard_plugin_user_register');
add_action('bp_complete_signup','wangguard_plugin_bp_complete_signup');
add_action('bp_core_activated_user','wangguard_bp_core_activated_user' , 10 , 3);
add_action('wpmu_activate_user','wangguard_wpmu_activate_user' , 10 , 3);
add_action('delete_user','wangguard_plugin_user_delete');
add_action('wpmu_delete_user','wangguard_plugin_user_delete');
add_action('make_spam_user','wangguard_make_spam_user');
add_action('make_ham_user','wangguard_make_ham_user');
add_action('bp_core_action_set_spammer_status','wangguard_bp_core_action_set_spammer_status' , 10 , 2);
/**
* Save the status of the verification upon BP signups
*
* @global type $wpdb
* @global type $wangguard_user_check_status
*/
function wangguard_plugin_bp_complete_signup() {
global $wpdb;
global $wangguard_user_check_status;
$table_name = $wpdb->base_prefix . "wangguardsignupsstatus";
//delete just in case a previous record from a user which didn't activate the account is there
$wpdb->query( $wpdb->prepare("delete from $table_name where signup_username = '%s'" , $_POST['signup_username']));
//Insert the new signup record
$wpdb->query( $wpdb->prepare("insert into $table_name(signup_username , user_status , user_ip , user_proxy_ip) values ('%s' , '%s' , '%s' , '%s')" , $_POST['signup_username'] , $wangguard_user_check_status , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP() ) );
}
/**
* Account activated on BP hook
*
* @global type $wpdb
* @global type $wangguard_api_key
* @global type $wangguard_user_check_status
* @param type $userid
* @param type $key
* @param type $user
*/
function wangguard_bp_core_activated_user($userid, $key, $user) {
global $wpdb;
global $wangguard_api_key;
global $wangguard_user_check_status;
wangguard_plugin_user_register($userid);
}
/**
* Account activated on WPMU hook
*
* @global type $wpdb
* @global type $wangguard_api_key
* @global type $wangguard_user_check_status
* @param type $userid
* @param type $password
* @param type $meta
*/
function wangguard_wpmu_activate_user($userid, $password, $meta) {
global $wpdb;
global $wangguard_api_key;
global $wangguard_user_check_status;
wangguard_plugin_user_register($userid);
}
/**
* Saves the status of the verification against WangGuard service upon user registration
*
* @global type $wpdb
* @global type $wangguard_user_check_status
* @param type $userid
*/
function wangguard_plugin_user_register($userid) {
global $wpdb;
global $wangguard_user_check_status;
if (empty ($wangguard_user_check_status)) {
$user = new WP_User($userid);
$table_name = $wpdb->base_prefix . "wangguardsignupsstatus";
//if there a status on the signups table?
$user_status = $wpdb->get_var( $wpdb->prepare("select user_status from $table_name where signup_username = '%s'" , $user->user_login));
//delete the signup status
$wpdb->query( $wpdb->prepare("delete from $table_name where signup_username = '%s'" , $user->user_login));
//If not empty, overrides the status with the signup status
if (!empty ($user_status))
$wangguard_user_check_status = $user_status;
}
$table_name = $wpdb->base_prefix . "wangguarduserstatus";
$user_status = $wpdb->get_var( $wpdb->prepare("select ID from $table_name where ID = %d" , $userid));
if (is_null($user_status))
//insert the new status
$wpdb->query( $wpdb->prepare("insert into $table_name(ID , user_status , user_ip , user_proxy_ip) values (%d , '%s' , '%s' , '%s')" , $userid , $wangguard_user_check_status , wangguard_getRemoteIP() , wangguard_getRemoteProxyIP() ) );
else
//update the new status
$wpdb->query( $wpdb->prepare("update $table_name set user_status = '%s' where ID = %d" , $wangguard_user_check_status , $userid ) );
}
/**
* Deletes the status of a user from the WangGuard status tracking table
*
* @global type $wpdb
* @param type $userid
*/
function wangguard_plugin_user_delete($userid) {
global $wpdb;
$user = new WP_User($userid);
//delete the signup status
$table_name = $wpdb->base_prefix . "wangguardsignupsstatus";
$wpdb->query( $wpdb->prepare("delete from $table_name where signup_username = '%s'" , $user->user_login));
//delete the user status
$table_name = $wpdb->base_prefix . "wangguarduserstatus";
$wpdb->query( $wpdb->prepare("delete from $table_name where ID = %d" , $userid ) );
//delete the user from the moderation queue
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("delete from $table_name where ID = %d" , $userid ) );
//delete the user reports from the moderation queue
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("delete from $table_name where reported_by_ID = %d" , $userid ) );
}
/**
* User has been reported as spam, send to WangGuard
* @global type $wpdb
* @param type $userid
*/
function wangguard_make_spam_user($userid) {
global $wpdb;
//flag a user
//get the recordset of the user to flag
$wpusersRs = $wpdb->get_col( $wpdb->prepare("select ID from $wpdb->users where ID = %d" , $userid ) );
wangguard_report_users($wpusersRs , "email" , false);
}
/**
* User has been reported as safe, rollback on WangGuard
* @global type $wpdb
* @param type $userid
*/
function wangguard_make_ham_user($userid) {
global $wpdb;
//flag a user
//get the recordset of the user to make as safe
$wpusersRs = $wpdb->get_col( $wpdb->prepare("select ID from $wpdb->users where ID = %d" , $userid ) );
wangguard_rollback_report($wpusersRs);
}
/**
* Updates WangGuard user staus when a user is flagged as spam or ham
* @param type $userid
* @param type $is_spam
*/
function wangguard_bp_core_action_set_spammer_status($userid , $is_spam) {
if ($is_spam)
wangguard_make_spam_user ($userid);
else
wangguard_make_ham_user ($userid);
}
/********************************************************************/
/*** USER REGISTATION & DELETE FILTERS ENDS ***/
/********************************************************************/
/********************************************************************/
/*** AJAX FRONT HANDLERS BEGINS ***/
/********************************************************************/
add_action('wp_head', 'wangguard_ajax_front_setup');
add_action('wp_ajax_wangguard_ajax_front_handler', 'wangguard_ajax_front_callback');
/**
* Front end ajax functions
*
* @global type $wuangguard_parent
*/
function wangguard_ajax_front_setup() {
global $wuangguard_parent;
if (!is_user_logged_in()) return;?>
base_prefix . "wangguardreportqueue";
$Count = $wpdb->get_col( $wpdb->prepare("select count(*) as q from $table_name where ID = %d" , $userid) );
return $Count[0] > 0;
}
/**
* Checks whether a blog is reported on queue
*
* @global type $wpdb
* @param type $blogid
* @return boolean
*/
function wangguard_is_blog_reported($blogid) {
global $wpdb;
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$Count = $wpdb->get_col( $wpdb->prepare("select count(*) as q from $table_name where blog_id = %d" , $blogid) );
return $Count[0] > 0;
}
/**
* Front end AJAX handler
*
* @global type $wpdb
*/
function wangguard_ajax_front_callback() {
global $wpdb;
if (!is_user_logged_in()) return;
//add user ID or blog ID to the
$object = $_REQUEST['object'];
$nonce = $_REQUEST['wpnonce'];
if ( !wp_verify_nonce( $nonce, 'wangguardreport' ) )
die();
$thisUserID = get_current_user_id();
if ($object == "user") {
$userid = (int)$_REQUEST['userid'];
if (empty ($userid)) die();
if (wangguard_is_user_reported($userid)) die("0");
$user_object = new WP_User($userid);
//do not add admins as reported
if ( wangguard_is_admin($user_object) ) die("0");
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("insert into $table_name(ID , blog_id , reported_by_ID) values (%d , NULL , %d)" , $userid , $thisUserID ) );
echo "0";
}
elseif ($object == "blog") {
$blogid = (int)$_REQUEST['blogid'];
if (empty ($blogid)) die();
if (wangguard_is_blog_reported($blogid)) die("0");
$isMainBlog = false;
if (isset ($current_site)) {
$isMainBlog = ($blogid != $current_site->blog_id); // main blog not a spam !
}
elseif (defined("BP_ROOT_BLOG")) {
$isMainBlog = ( 1 == $blogid || BP_ROOT_BLOG == $blogid );
}
else
$isMainBlog = ($blogid == 1);
//do not report main blog
if ($isMainBlog) die("0");
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("insert into $table_name(ID , blog_id , reported_by_ID) values (NULL , %d , %d)" , $blogid , $thisUserID ) );
echo "0";
}
die();
}
/********************************************************************/
/*** AJAX FRONT HANDLERS ENDS ***/
/********************************************************************/
/********************************************************************/
/*** AJAX ADMIN HANDLERS BEGINS ***/
/********************************************************************/
add_action('admin_head', 'wangguard_ajax_setup');
add_action('wp_ajax_wangguard_ajax_handler', 'wangguard_ajax_callback');
add_action('wp_ajax_wangguard_ajax_recheck', 'wangguard_ajax_recheck_callback');
add_action('wp_ajax_wangguard_ajax_questionadd', 'wangguard_ajax_questionadd');
add_action('wp_ajax_wangguard_ajax_questiondelete', 'wangguard_ajax_questiondelete');
add_action('wp_ajax_wangguard_ajax_cronjobadd', 'wangguard_ajax_cronjobadd');
add_action('wp_ajax_wangguard_ajax_cronjobdelete', 'wangguard_ajax_cronjobdelete');
add_action('wp_ajax_wangguard_ajax_ip_info', 'wangguard_ajax_ip_info');
/**
* Admin side AJAX functions
*
* @global type $wuangguard_parent
* @global type $wuangguard_parent
* @global type $wuangguard_parent
*/
function wangguard_ajax_setup() {
global $wuangguard_parent;
if (!current_user_can('level_10')) return;
?>
base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("delete from $table_name where blog_id = '%d'" , $blogid ) );
echo "0";
break;
case "queue_user_remove":
//remove user from queue
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("delete from $table_name where ID = '%d'" , $userid ) );
echo "0";
break;
case "domain":
//flag domain
$userDomain = new WP_User($userid);
$domain = wangguard_extract_domain($userDomain->user_email);
$domain = '%@' . str_replace(array("%" , "_"), array("\\%" , "\\_"), $domain);
//get the recordset of the users to flag
$wpusersRs = $wpdb->get_col( $wpdb->prepare("select ID from $wpdb->users where user_email LIKE '%s'" , $domain ) );
echo wangguard_report_users($wpusersRs , $scope);
break;
case "blog":
//flag domain
$blogid = intval($_POST['blogid']);
$blog_prefix = $wpdb->get_blog_prefix( $blogid );
$authors = $wpdb->get_results( "SELECT user_id, meta_value as caps FROM $wpdb->users u, $wpdb->usermeta um WHERE u.ID = um.user_id AND meta_key = '{$blog_prefix}capabilities'" );
$authorsArray = array();
foreach( (array)$authors as $author ) {
$caps = maybe_unserialize( $author->caps );
if ( !isset( $caps['administrator'] ) ) continue;
$authorsArray[] = $author->user_id;
}
echo wangguard_report_users($authorsArray , "email");
break;
case "rollback-email":
$wpusersRs = $wpdb->get_col( $wpdb->prepare("select ID from $wpdb->users where ID = %d" , $userid ) );
echo wangguard_rollback_report($wpusersRs);
break;
default:
//flag a user
//get the recordset of the user to flag
$wpusersRs = $wpdb->get_col( $wpdb->prepare("select ID from $wpdb->users where ID = %d" , $userid ) );
echo wangguard_report_users($wpusersRs , $scope);
break;
}
die();
}
/**
* Add question handler
*
* @global type $wpdb
*/
function wangguard_ajax_questionadd() {
global $wpdb;
if (!current_user_can('level_10')) die();
$q = trim($_POST['q']);
$a = trim($_POST['a']);
if (get_magic_quotes_gpc()) {
$q = stripslashes($q);
$a = stripslashes($a);
}
if (empty ($q) || empty ($a)) {
echo "0";
die();
}
$table_name = $wpdb->base_prefix . "wangguardquestions";
$wpdb->insert( $table_name , array( 'Question'=>$q , "Answer"=>$a) , array('%s','%s') );
echo $wpdb->insert_id;
die();
}
/**
* Delete question handler
*
* @global type $wpdb
*/
function wangguard_ajax_questiondelete() {
global $wpdb;
if (!current_user_can('level_10')) die();
$questid = intval($_POST['questid']);
$table_name = $wpdb->base_prefix . "wangguardquestions";
$wpdb->query( $wpdb->prepare("delete from $table_name where id = %d" , $questid) );
echo $questid;
die();
}
/**
* Executes an scheduled job
* @param int $cronid
*/
function wangguard_cronjob_runner($cronid) {
global $wpdb , $wangguard_api_key , $wangguard_cronjob_actions_options, $wangguard_is_network_admin;
if (wangguard_is_multisite()) {
$spamFieldName = "spam";
}
else {
$spamFieldName = "user_status";
}
//get job ID
$cronid = (int)$cronid;
$cronjobs_table_name = $wpdb->base_prefix . "wangguardcronjobs";
$wgcron = $wpdb->get_results("select * from $cronjobs_table_name where id = $cronid");
if (!isset($wgcron[0]))
return;
//init vars
$cronjob = $wgcron[0];
$checkedUsers = $detectedSploggers = 0;
$cleanUsers = array();
$sploggersUsers = array();
$message = 'WangGuard Cron Job # '.$cronid . "\n\n";
//setup cron args
$args = array((int)$cronjob->id);
//delete the job, prevents being locked and runned again, WP should re schedule it
$timestamp = wp_next_scheduled( 'wangguard_cronjob_runner' , $args );
wp_unschedule_event($timestamp, 'wangguard_cronjob_runner' , $args );
//store last run time
$wpdb->query("update $cronjobs_table_name set LastRun = CURRENT_TIMESTAMP where id = $cronid");
//re schedule the job at the configured time
$timestampNextRun = wangguard_get_next_schedule($cronjob->RunOn , $cronjob->RunAt );
wp_schedule_single_event( $timestampNextRun, 'wangguard_cronjob_runner' , $args);
$humanizedNextRun = date(get_option('date_format') . ' ' . get_option('time_format'), $timestampNextRun);
//api key is valid?
$valid = wangguard_verify_key($wangguard_api_key);
if (($valid == 'failed') || ($valid == 'invalid')) {
$message .= __('Your WangGuard API KEY is invalid.', 'wangguard');
}
else {
$userStatusTable = $wpdb->base_prefix . "wangguarduserstatus";
$message .= __("Action", 'wangguard') . ": " . $wangguard_cronjob_actions_options[$cronjob->Action] . "\n\n";
$timeFrom = mktime(0,0,0,date('n'),date('j'),date('Y')) - ($cronjob->UsersTF * 86400);
set_time_limit(300);
$goodUsers = $wpdb->get_col("select ID from $wpdb->users where user_registered >= FROM_UNIXTIME( $timeFrom )");
if (count($goodUsers)) {
$message .= sprintf(__("Verifying %d new users since",'wangguard') , count($goodUsers)) . ' ' . date(get_option('date_format') , $timeFrom) . "\n\n";
foreach ($goodUsers as $userid) {
$user_check_status = "-";
set_time_limit(30);
$user_object = new WP_User($userid);
//get the WangGuard user status, if status is force-checked then ignore the user
$user_status = $wpdb->get_var( $wpdb->prepare("select user_status from $userStatusTable where ID = %d" , $userid));
if ($user_status == 'force-checked') {
$user_check_status = "force-checked";
}
else {
//verify the user only if it's not already flagged
$user_check_status = (($user_status != "reported") ? wangguard_verify_user($user_object) : "reported");
}
$checkedUsers++;
if ($user_check_status == "reported") {
//user was detected as splogger
$detectedSploggers++;
$sploggersUsers[] = $user_object->display_name . " (" . $user_object->user_email . ")";
//what to do with this user
switch ($cronjob->Action) {
case "f":
//Flag detected Sploggers as Sploggers and Spam users --------------------------------------------------------------------------------
if (function_exists("update_user_status"))
update_user_status($userid, $spamFieldName, 1); //when flagging the user as spam, the wangguard hook is called to report the user
else
$wpdb->query( $wpdb->prepare("update $wpdb->users set $spamFieldName = 1 where ID = %d" , $userid ) );
break;
case "d":
//Delete detected Sploggers ----------------------------------------------------------------------------------------------------------
wangguard_delete_user_and_blogs($userid);
break;
}
}
else {
$cleanUsers[] = $user_object->display_name . " (" . $user_object->user_email . ")";
}
}
if (count($cleanUsers))
$message .= __("--- Verified Users ---",'wangguard') . "\n" . implode("\n", $cleanUsers) . "\n\n";
if (count($sploggersUsers))
$message .= __("--- Detected Sploggers ---",'wangguard') . "\n" . implode("\n", $sploggersUsers) . "\n\n";
}
else {
$message .= __("No new users to verify since ",'wangguard') . date(get_option('date_format') , $timeFrom);
}
}
//bottom link
$urlFunc = "admin_url";
if ($wangguard_is_network_admin && function_exists("network_admin_url"))
$urlFunc = "network_admin_url";
$site_url = $urlFunc( "admin.php?page=wangguard_users" );
$message .= "\n\n" . __("Next run","wangguard") . $humanizedNextRun;
$message .= "\n\n" . __("Click here to manage users: ","wangguard") . "\n" . $site_url;
$message .= "\n\nWangGuard - www.wangguard.com";
//Notify admin
$admin_email = get_site_option( 'admin_email' );
if ( $admin_email == '' )
$admin_email = 'support@' . $_SERVER['SERVER_NAME'];
$from_name = get_site_option( 'site_name' ) == '' ? 'WordPress' : esc_html( get_site_option( 'site_name' ) );
$message_headers = "From: \"{$from_name}\" <{$admin_email}>\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
if ( empty( $current_site->site_name ) )
$current_site->site_name = 'WordPress';
$subject = sprintf('WangGuard Cron Job # '.$cronid . ' - '.__('Verified: %d - Sploggers: %d'), $checkedUsers, $detectedSploggers);
@wp_mail($admin_email, $subject, $message, $message_headers);
}
add_action('wangguard_cronjob_runner', 'wangguard_cronjob_runner');
function wangguard_delete_user_and_blogs($userid) {
global $wpdb;
if (function_exists("get_blogs_of_user") && function_exists("update_blog_status") && (method_exists ($wpdb , 'get_blog_prefix'))) {
$blogs = get_blogs_of_user( $userid, true );
if (is_array($blogs))
foreach ( (array) $blogs as $key => $details ) {
$isMainBlog = false;
if (isset ($current_site)) {
$isMainBlog = ($details->userblog_id != $current_site->blog_id); // main blog not a spam !
}
elseif (defined("BP_ROOT_BLOG")) {
$isMainBlog = ( 1 == $details->userblog_id || BP_ROOT_BLOG == $details->userblog_id );
}
else
$isMainBlog = ($details->userblog_id == 1);
$userIsAuthor = false;
if (!$isMainBlog) {
//Only works on WP 3+
$blog_prefix = $wpdb->get_blog_prefix( $details->userblog_id );
$authorcaps = $wpdb->get_var( sprintf("SELECT meta_value as caps FROM $wpdb->users u, $wpdb->usermeta um WHERE u.ID = %d and u.ID = um.user_id AND meta_key = '{$blog_prefix}capabilities'" , $userid ));
$caps = maybe_unserialize( $authorcaps );
$userIsAuthor = ( isset( $caps['administrator'] ) );
}
//Update blog to spam if the user is the author and its not the main blog
if ((!$isMainBlog) && $userIsAuthor) {
@update_blog_status( $details->userblog_id, 'spam', '1' );
//remove blog from queue
$table_name = $wpdb->base_prefix . "wangguardreportqueue";
$wpdb->query( $wpdb->prepare("delete from $table_name where blog_id = '%d'" , $details->userblog_id ) );
}
}
}
if (wangguard_is_multisite () && function_exists("wpmu_delete_user"))
wpmu_delete_user($userid);
else {
if (!function_exists('wp_delete_user'))
@include_once( ABSPATH . 'wp-admin/includes/user.php' );
wp_delete_user($userid);
}
}
function wangguard_cron_add_schedules( $schedules ) {
// Adds once weekly to the existing schedules.
$schedules['wangguard_3days'] = array(
'interval' => 259200,
'display' => __( 'Every 3 days' , "wangguard" )
);
$schedules['wangguard_5days'] = array(
'interval' => 432000,
'display' => __( 'Every 5 days' , "wangguard" )
);
$schedules['wangguard_weekly'] = array(
'interval' => 604800,
'display' => __( 'Weekly' , "wangguard" )
);
$schedules['wangguard_2weeks'] = array(
'interval' => 1209600,
'display' => __( 'Two Weeks' , "wangguard" )
);
return $schedules;
}
add_filter( 'cron_schedules', 'wangguard_cron_add_schedules' );
/**
* Add cron job handler
*
* @global type $wpdb
*/
function wangguard_ajax_cronjobadd() {
global $wpdb;
global $wangguard_cronjob_run_options , $wangguard_cronjob_actions_options , $wangguard_cronjob_lookup_options;
if (!current_user_can('level_10')) die();
$r = trim($_POST['r']);
$a = trim($_POST['a']);
$w = trim($_POST['w']);
$t1 = (int)trim($_POST['t1']);
$t2 = (int)trim($_POST['t2']);
if (get_magic_quotes_gpc()) {
$r = stripslashes($r);
$a = stripslashes($a);
$w = stripslashes($w);
}
if (!isset($wangguard_cronjob_run_options[$r]) || !isset($wangguard_cronjob_actions_options[$a]) || !isset($wangguard_cronjob_lookup_options[$w])) {
echo "0";
die();
}
$runAtTime = str_pad($t1,2,"0",STR_PAD_LEFT) . ":" . str_pad($t2,2,"0",STR_PAD_LEFT);
$table_name = $wpdb->base_prefix . "wangguardcronjobs";
$wpdb->insert( $table_name , array( 'RunOn'=>$r , "RunAt"=>$runAtTime , "Action"=>$a , "UsersTF"=>$w) , array('%s','%s','%s') );
$args = array((int)$wpdb->insert_id);
$ret = wp_schedule_single_event( wangguard_get_next_schedule('now' , $runAtTime ), 'wangguard_cronjob_runner' , $args);
if ($ret === FALSE) {
//if cron job couldn't be added, remove it from DB
$wpdb->query( $wpdb->prepare("delete from $table_name where id = %d" , $wpdb->insert_id) );
echo 0;
}
else {
$timestamp = wp_next_scheduled( 'wangguard_cronjob_runner' , $args );
$date = date(get_option('date_format') . ' ' . get_option('time_format'), $timestamp);
?>
: insert_id?>
: @
:
:
: -
:
$scheduledTime) {
//if the scheduled time for today has passed, schedule it for tomorrow
$scheduledTime = strtotime("+1 day" , $scheduledTime);
}
}
else {
$schedules = wp_get_schedules();
if (isset($schedules[$recurrence])) {
$interval = $schedules[$recurrence]['interval'];
echo "$interval";
$scheduledTime = strtotime("+{$interval} seconds" , $scheduledTime);
}
}
return $scheduledTime;
}
/**
* Delete cron job handler
*
* @global type $wpdb
*/
function wangguard_ajax_cronjobdelete() {
global $wpdb;
if (!current_user_can('level_10')) die();
$cronid = intval($_POST['cronid']);
$table_name = $wpdb->base_prefix . "wangguardcronjobs";
$wpdb->query( $wpdb->prepare("delete from $table_name where id = %d" , $cronid) );
$args = array((int)$cronid);
$timestamp = wp_next_scheduled( 'wangguard_cronjob_runner' , $args );
wp_unschedule_event($timestamp, 'wangguard_cronjob_runner' , $args );
echo $cronid;
die();
}
/**
* Recheck user on WangGuard handler
*
* @global type $wpdb
* @global type $wangguard_api_key
*/
function wangguard_ajax_recheck_callback() {
global $wpdb;
global $wangguard_api_key;
if (!current_user_can('level_10')) die();
$userid = intval($_POST['userid']);
$valid = wangguard_verify_key($wangguard_api_key);
if ($valid == 'failed') {
echo "-2";
die();
}
else if ($valid == 'invalid') {
echo "-1";
die();
}
$user_object = new WP_User($userid);
if (empty ($user_object->user_email)) {
echo "0";
die();
}
if ( wangguard_is_admin($user_object) ) {
echo ''. __('No status', 'wangguard') .'';
die();
}
$user_check_status = wangguard_verify_user($user_object);
if ($user_check_status == "reported") {
echo ''. __('Reported as Splogger', 'wangguard') .'';
}
elseif ($user_check_status == "checked") {
echo ''. __('Checked', 'wangguard') .'';
}
elseif (substr($user_check_status,0,5) == "error") {
echo ''. __('Error', 'wangguard') . " - " . substr($user_check_status,6) . '';
}
else
return ''. __('Not checked', 'wangguard') .'';
die();
}
/**
* Get an IP information from WG server
* @global type $wangguard_api_key
*/
function wangguard_ajax_ip_info() {
global $wangguard_api_key;
if (!current_user_can('level_10')) die();
$ip = $_POST['ip'];
$lang = substr(WPLANG, 0,2);
$response = wangguard_http_post("wg=$wangguard_api_key".$ip."".$lang."", 'get-ip-info.php');
echo $response;
die();
}
/********************************************************************/
/*** AJAX ADMIN HANDLERS ENDS ***/
/********************************************************************/
/********************************************************************/
/*** BP FRONTEND REPORT BUTTONS BEGINS ***/
/********************************************************************/
/**
* Hook to insert the report user on BP comment
*
* @global type $bp
* @global type $user_ID
* @param string $link
* @param type $args
* @param type $comment
* @param type $post
* @return string
*/
function wangguard_bp_comment_reply_link($link , $args, $comment, $post='') {
global $bp , $user_ID;
$userid = $comment->user_id;
if (!$bp) return $link;
$user_object = new WP_User($userid);
if (empty ($user_object->ID)) return $link;
if ($user_ID == $user_object->ID) return $link;
if (wangguard_is_admin($user_object)) return $link;
$link .= ''.__('Report user', 'wangguard').'';
return $link;
}
/**
* Hook to insert the report user on BP blog post and activity
*
* @global type $l10n
* @global type $post
* @param type $id
* @param type $type
*/
function wangguard_bp_report_button($id = '', $type = '') {
if (!is_user_logged_in())
return;
if ( !$type && !is_single() )
$type = 'activity';
elseif ( !$type && is_single() )
$type = 'blogpost';
if (function_exists("is_textdomain_loaded")) {
if (!is_textdomain_loaded("wangguard"))
load_textdomain ("wangguard", PLUGINDIR . "/wangguard/languages/wangguard-".WPLANG.".mo");
}
else {
global $l10n;
if (!isset( $l10n['wangguard']))
load_textdomain ("wangguard", PLUGINDIR . " /wangguard/languages/wangguard-".WPLANG.".mo");
}
if ( $type == 'activity' ) :
$activity = bp_activity_get_specific( array( 'activity_ids' => bp_get_activity_id() ) );
if ( !empty( $activity['activities'][0] ) ) :
$user_id = $activity['activities'][0]->user_id;
$user_object = new WP_User($user_id);
if (empty ($user_object->ID)) return;
if (!wangguard_is_admin($user_object)) :
if ( true || !bp_like_is_liked( bp_get_activity_id(), 'activity' ) ) : ?>
post_author)) return;
$user_id = $post->post_author;
$user_object = new WP_User($user_id);
if (empty ($user_object->ID)) return;
if (!wangguard_is_admin($user_object)) :
if (true || !bp_like_is_liked( $id, 'blogpost' ) ) : ?>
displayed_user->id);
if (empty ($user_object->ID)) return;
if (wangguard_is_admin($user_object)) return;
echo bp_get_button( array(
'id' => 'wangguard_report_user',
'component' => 'members',
'must_be_logged_in' => true,
'block_self' => true,
'wrapper_id' => 'wangguard_report_user-button',
'link_href' => "javascript:void(0)",
'link_class' => 'wangguard-user-report wangguard-user-report-id-' . $user_object->ID,
'link_title' => __('Report user', 'wangguard'),
'link_text' => __('Report user', 'wangguard')
) );
}
if (wangguard_get_option ("wangguard-enable-bp-report-btn")==1) {
add_action( 'bp_member_header_actions', 'wangguard_bp_report_button_header' , 20 );
}
/********************************************************************/
/*** BP FRONTEND REPORT BUTTONS ENDS ***/
/********************************************************************/
/********************************************************************/
/*** ADMIN BAR REPORT BEGIN ***/
/********************************************************************/
/**
* Add WangGuard to BP admin bar
*
* @global type $current_blog
* @global type $wangguard_is_network_admin
* @global type $wp_version
*/
function wangguard_add_bp_admin_bar_menus() {
global $current_blog , $wangguard_is_network_admin;
if (!is_user_logged_in())
return;
$urlFunc = "admin_url";
if ($wangguard_is_network_admin && function_exists("network_admin_url"))
$urlFunc = "network_admin_url";
if (function_exists("is_super_admin"))
$showAdmin = is_super_admin();
else
$showAdmin = current_user_can('level_10');
global $wp_version;
$cur_wp_version = preg_replace('/-.*$/', '', $wp_version);
$WP_List_TableClassSupported = version_compare($cur_wp_version , '3.1.0' , ">=");
$queueEnabled = ((wangguard_get_option("wangguard-enable-bp-report-blog") == 1) || (wangguard_get_option ("wangguard-enable-bp-report-btn")==1)) && $WP_List_TableClassSupported;
// This is a blog, render a menu with links to all authors
if ($showAdmin) {
echo '