Commit cc766acd authored by lucha's avatar lucha
Browse files

[auto] plugin: akismet 4.0

parent 48be0298
......@@ -162,8 +162,14 @@ jQuery( function ( $ ) {
var recheck_count = 0;
function akismet_check_for_spam(offset, limit) {
var check_for_spam_buttons = $( '.checkforspam' );
// We show the percentage complete down to one decimal point so even queues with 100k
// pending comments will show some progress pretty quickly.
var percentage_complete = Math.round( ( recheck_count / check_for_spam_buttons.data( 'pending-comment-count' ) ) * 1000 ) / 10;
// Update the progress counter on the "Check for Spam" button.
$( '.checkforspam-progress' ).text( $( '.checkforspam' ).data( 'progress-label-format' ).replace( '%1$s', offset ) );
$( '.checkforspam-progress' ).text( check_for_spam_buttons.data( 'progress-label-format' ).replace( '%1$s', percentage_complete ) );
$.post(
ajaxurl,
......@@ -177,7 +183,7 @@ jQuery( function ( $ ) {
spam_count += result.counts.spam;
if (result.counts.processed < limit) {
window.location.href = $( '.checkforspam' ).data( 'success-url' ).replace( '__recheck_count__', recheck_count ).replace( '__spam_count__', spam_count );
window.location.href = check_for_spam_buttons.data( 'success-url' ).replace( '__recheck_count__', recheck_count ).replace( '__spam_count__', spam_count );
}
else {
// Account for comments that were caught as spam and moved out of the queue.
......
......@@ -6,7 +6,7 @@
Plugin Name: Akismet Anti-Spam
Plugin URI: https://akismet.com/
Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
Version: 3.3.4
Version: 4.0
Author: Automattic
Author URI: https://automattic.com/wordpress-plugins/
License: GPLv2 or later
......@@ -37,8 +37,8 @@ if ( !function_exists( 'add_action' ) ) {
exit;
}
define( 'AKISMET_VERSION', '3.3.4' );
define( 'AKISMET__MINIMUM_WP_VERSION', '3.7' );
define( 'AKISMET_VERSION', '4.0' );
define( 'AKISMET__MINIMUM_WP_VERSION', '4.0' );
define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'AKISMET_DELETE_LIMIT', 100000 );
......@@ -47,9 +47,12 @@ register_deactivation_hook( __FILE__, array( 'Akismet', 'plugin_deactivation' )
require_once( AKISMET__PLUGIN_DIR . 'class.akismet.php' );
require_once( AKISMET__PLUGIN_DIR . 'class.akismet-widget.php' );
require_once( AKISMET__PLUGIN_DIR . 'class.akismet-rest-api.php' );
add_action( 'init', array( 'Akismet', 'init' ) );
add_action( 'rest_api_init', array( 'Akismet_REST_API', 'init' ) );
if ( is_admin() || ( defined( 'WP_CLI' ) && WP_CLI ) ) {
require_once( AKISMET__PLUGIN_DIR . 'class.akismet-admin.php' );
add_action( 'init', array( 'Akismet_Admin', 'init' ) );
......
......@@ -91,12 +91,14 @@ class Akismet_Admin {
}
public static function load_menu() {
if ( class_exists( 'Jetpack' ) )
if ( class_exists( 'Jetpack' ) ) {
$hook = add_submenu_page( 'jetpack', __( 'Akismet' , 'akismet'), __( 'Akismet' , 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
else
}
else {
$hook = add_options_page( __('Akismet', 'akismet'), __('Akismet', 'akismet'), 'manage_options', 'akismet-key-config', array( 'Akismet_Admin', 'display_page' ) );
if ( version_compare( $GLOBALS['wp_version'], '3.3', '>=' ) ) {
}
if ( $hook ) {
add_action( "load-$hook", array( 'Akismet_Admin', 'admin_help' ) );
}
}
......@@ -248,8 +250,9 @@ class Akismet_Admin {
}
public static function enter_api_key() {
if ( function_exists('current_user_can') && !current_user_can('manage_options') )
die(__('Cheatin&#8217; uh?', 'akismet'));
if ( ! current_user_can( 'manage_options' ) ) {
die( __( 'Cheatin&#8217; uh?', 'akismet' ) );
}
if ( !wp_verify_nonce( $_POST['_wpnonce'], self::NONCE ) )
return false;
......@@ -303,8 +306,9 @@ class Akismet_Admin {
}
public static function dashboard_stats() {
if ( !function_exists('did_action') || did_action( 'rightnow_end' ) )
if ( did_action( 'rightnow_end' ) ) {
return; // We already displayed this info in the "Right Now" section
}
if ( !$count = get_option('akismet_spam_count') )
return;
......@@ -356,19 +360,19 @@ class Akismet_Admin {
return;
}
if ( function_exists('plugins_url') )
$link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );
else
$link = add_query_arg( array( 'page' => 'akismet-admin', 'recheckqueue' => 'true', 'noheader' => 'true' ), admin_url( 'edit-comments.php' ) );
$link = add_query_arg( array( 'action' => 'akismet_recheck_queue' ), admin_url( 'admin.php' ) );
$comments_count = wp_count_comments();
echo '</div>';
echo '<div class="alignleft">';
echo '<a
class="button-secondary checkforspam"
href="' . esc_url( $link ) . '"
data-active-label="' . esc_attr( __( 'Checking for Spam', 'akismet' ) ) . '"
data-progress-label-format="' . esc_attr( __( '(%1$s...)', 'akismet' ) ) . '"
data-progress-label-format="' . esc_attr( __( '(%1$s%)', 'akismet' ) ) . '"
data-success-url="' . esc_attr( remove_query_arg( 'akismet_recheck', add_query_arg( array( 'akismet_recheck_complete' => 1, 'recheck_count' => urlencode( '__recheck_count__' ), 'spam_count' => urlencode( '__spam_count__' ) ) ) ) ) . '"
data-pending-comment-count="' . esc_attr( $comments_count->moderated ) . '"
>';
echo '<span class="akismet-label">' . esc_html__('Check for Spam', 'akismet') . '</span>';
echo '<span class="checkforspam-progress"></span>';
......@@ -467,11 +471,6 @@ class Akismet_Admin {
}
public static function comment_row_action( $a, $comment ) {
// failsafe for old WP versions
if ( !function_exists('add_comment_meta') )
return $a;
$akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
$akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
$user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);
......@@ -500,7 +499,7 @@ class Akismet_Admin {
$b[ $k ] = $item;
if (
$k == 'edit'
|| ( $k == 'unspam' && $GLOBALS['wp_version'] >= 3.4 )
|| $k == 'unspam'
) {
$b['history'] = '<a href="comment.php?action=editcomment&amp;c='.$comment->comment_ID.'#akismet-status" title="'. esc_attr__( 'View comment history' , 'akismet') . '"> '. esc_html__('History', 'akismet') . '</a>';
}
......@@ -645,12 +644,8 @@ class Akismet_Admin {
if ( !$type ) { // total
$count = wp_cache_get( 'akismet_spam_count', 'widget' );
if ( false === $count ) {
if ( function_exists('wp_count_comments') ) {
$count = wp_count_comments();
$count = $count->spam;
} else {
$count = (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM {$wpdb->comments} WHERE comment_approved = 'spam'");
}
$count = wp_count_comments();
$count = $count->spam;
wp_cache_set( 'akismet_spam_count', $count, 'widget', 3600 );
}
return $count;
......@@ -706,7 +701,7 @@ class Akismet_Admin {
update_option('akismet_connectivity_time', time());
}
if ( function_exists( 'wp_http_supports' ) && ( wp_http_supports( array( 'ssl' ) ) ) ) {
if ( wp_http_supports( array( 'ssl' ) ) ) {
$response = wp_remote_get( 'https://rest.akismet.com/1.1/test' );
}
else {
......
<?php
class Akismet_REST_API {
/**
* Register the REST API routes.
*/
public static function init() {
if ( ! function_exists( 'register_rest_route' ) ) {
// The REST API wasn't integrated into core until 4.4, and we support 4.0+ (for now).
return false;
}
register_rest_route( 'akismet/v1', '/key', array(
array(
'methods' => WP_REST_Server::READABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'get_key' ),
), array(
'methods' => WP_REST_Server::EDITABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'set_key' ),
'args' => array(
'key' => array(
'required' => true,
'type' => 'string',
'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_key' ),
'description' => __( 'A 12-character Akismet API key. Available at akismet.com/get/', 'akismet' ),
),
),
), array(
'methods' => WP_REST_Server::DELETABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'delete_key' ),
)
) );
register_rest_route( 'akismet/v1', '/settings/', array(
array(
'methods' => WP_REST_Server::READABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'get_settings' ),
),
array(
'methods' => WP_REST_Server::EDITABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'set_boolean_settings' ),
'args' => array(
'akismet_strictness' => array(
'required' => false,
'type' => 'boolean',
'description' => __( 'If true, Akismet will automatically discard the worst spam automatically rather than putting it in the spam folder.', 'akismet' ),
),
'akismet_show_user_comments_approved' => array(
'required' => false,
'type' => 'boolean',
'description' => __( 'If true, show the number of approved comments beside each comment author in the comments list page.', 'akismet' ),
),
),
)
) );
register_rest_route( 'akismet/v1', '/stats', array(
'methods' => WP_REST_Server::READABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'get_stats' ),
'args' => array(
'interval' => array(
'required' => false,
'type' => 'string',
'sanitize_callback' => array( 'Akismet_REST_API', 'sanitize_interval' ),
'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
'default' => 'all',
),
),
) );
register_rest_route( 'akismet/v1', '/stats/(?P<interval>[\w+])', array(
'args' => array(
'interval' => array(
'description' => __( 'The time period for which to retrieve stats. Options: 60-days, 6-months, all', 'akismet' ),
'type' => 'string',
),
),
array(
'methods' => WP_REST_Server::READABLE,
'permission_callback' => array( 'Akismet_REST_API', 'privileged_permission_callback' ),
'callback' => array( 'Akismet_REST_API', 'get_stats' ),
)
) );
}
/**
* Get the current Akismet API key.
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function get_key( $request = null ) {
return rest_ensure_response( Akismet::get_api_key() );
}
/**
* Set the API key, if possible.
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function set_key( $request ) {
if ( defined( 'WPCOM_API_KEY' ) ) {
return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be changed via the API.', 'akismet' ), array( 'status'=> 409 ) ) );
}
$new_api_key = $request->get_param( 'key' );
if ( ! self::key_is_valid( $new_api_key ) ) {
return rest_ensure_response( new WP_Error( 'invalid_key', __( 'The value provided is not a valid and registered API key.', 'akismet' ), array( 'status' => 400 ) ) );
}
update_option( 'wordpress_api_key', $new_api_key );
return self::get_key();
}
/**
* Unset the API key, if possible.
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function delete_key( $request ) {
if ( defined( 'WPCOM_API_KEY' ) ) {
return rest_ensure_response( new WP_Error( 'hardcoded_key', __( 'This site\'s API key is hardcoded and cannot be deleted.', 'akismet' ), array( 'status'=> 409 ) ) );
}
delete_option( 'wordpress_api_key' );
return rest_ensure_response( true );
}
/**
* Get the Akismet settings.
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function get_settings( $request = null ) {
return rest_ensure_response( array(
'akismet_strictness' => ( get_option( 'akismet_strictness', '1' ) === '1' ),
'akismet_show_user_comments_approved' => ( get_option( 'akismet_show_user_comments_approved', '1' ) === '1' ),
) );
}
/**
* Update the Akismet settings.
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function set_boolean_settings( $request ) {
foreach ( array(
'akismet_strictness',
'akismet_show_user_comments_approved',
) as $setting_key ) {
$setting_value = $request->get_param( $setting_key );
if ( is_null( $setting_value ) ) {
// This setting was not specified.
continue;
}
// From 4.7+, WP core will ensure that these are always boolean
// values because they are registered with 'type' => 'boolean',
// but we need to do this ourselves for prior versions.
$setting_value = Akismet_REST_API::parse_boolean( $setting_value );
update_option( $setting_key, $setting_value ? '1' : '0' );
}
return self::get_settings();
}
/**
* Parse a numeric or string boolean value into a boolean.
*
* @param mixed $value The value to convert into a boolean.
* @return bool The converted value.
*/
public static function parse_boolean( $value ) {
switch ( $value ) {
case true:
case 'true':
case '1':
case 1:
return true;
case false:
case 'false':
case '0':
case 0:
return false;
default:
return (bool) $value;
}
}
/**
* Get the Akismet stats for a given time period.
*
* Possible `interval` values:
* - all
* - 60-days
* - 6-months
*
* @param WP_REST_Request $request
* @return WP_Error|WP_REST_Response
*/
public static function get_stats( $request ) {
$api_key = Akismet::get_api_key();
$interval = $request->get_param( 'interval' );
$stat_totals = array();
$response = Akismet::http_post( Akismet::build_query( array( 'blog' => get_option( 'home' ), 'key' => $api_key, 'from' => $interval ) ), 'get-stats' );
if ( ! empty( $response[1] ) ) {
$stat_totals[$interval] = json_decode( $response[1] );
}
return rest_ensure_response( $stat_totals );
}
private static function key_is_valid( $key ) {
$response = Akismet::http_post(
Akismet::build_query(
array(
'key' => $key,
'blog' => get_option( 'home' )
)
),
'verify-key'
);
if ( $response[1] == 'valid' ) {
return true;
}
return false;
}
public static function privileged_permission_callback() {
return current_user_can( 'manage_options' );
}
public static function sanitize_interval( $interval, $request, $param ) {
$interval = trim( $interval );
$valid_intervals = array( '60-days', '6-months', 'all', );
if ( ! in_array( $interval, $valid_intervals ) ) {
$interval = 'all';
}
return $interval;
}
public static function sanitize_key( $key, $request, $param ) {
return trim( $key );
}
}
......@@ -10,7 +10,8 @@ class Akismet {
private static $prevent_moderation_email_for_these_comments = array();
private static $last_comment_result = null;
private static $comment_as_submitted_allowed_keys = array( 'blog' => '', 'blog_charset' => '', 'blog_lang' => '', 'blog_ua' => '', 'comment_agent' => '', 'comment_author' => '', 'comment_author_IP' => '', 'comment_author_email' => '', 'comment_author_url' => '', 'comment_content' => '', 'comment_date_gmt' => '', 'comment_tags' => '', 'comment_type' => '', 'guid' => '', 'is_test' => '', 'permalink' => '', 'reporter' => '', 'site_domain' => '', 'submit_referer' => '', 'submit_uri' => '', 'user_ID' => '', 'user_agent' => '', 'user_id' => '', 'user_ip' => '' );
private static $is_rest_api_call = false;
public static function init() {
if ( ! self::$initiated ) {
self::init_hooks();
......@@ -25,6 +26,8 @@ class Akismet {
add_action( 'wp_insert_comment', array( 'Akismet', 'auto_check_update_meta' ), 10, 2 );
add_filter( 'preprocess_comment', array( 'Akismet', 'auto_check_comment' ), 1 );
add_filter( 'rest_pre_insert_comment', array( 'Akismet', 'rest_auto_check_comment' ), 1 );
add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments' ) );
add_action( 'akismet_scheduled_delete', array( 'Akismet', 'delete_old_comments_meta' ) );
add_action( 'akismet_schedule_cron_recheck', array( 'Akismet', 'cron_recheck' ) );
......@@ -104,6 +107,12 @@ class Akismet {
self::verify_key( $value );
}
}
public static function rest_auto_check_comment( $commentdata ) {
self::$is_rest_api_call = true;
return self::auto_check_comment( $commentdata );
}
public static function auto_check_comment( $commentdata ) {
self::$last_comment_result = null;
......@@ -190,14 +199,25 @@ class Akismet {
do_action( 'akismet_spam_caught', $discard );
if ( $discard ) {
// The spam is obvious, so we're bailing out early.
// akismet_result_spam() won't be called so bump the counter here
if ( $incr = apply_filters('akismet_spam_count_incr', 1) )
update_option( 'akismet_spam_count', get_option('akismet_spam_count') + $incr );
// The spam is obvious, so we're bailing out early. Redirect back to the previous page,
// or failing that, the post permalink, or failing that, the homepage of the blog.
$redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : ( $post ? get_permalink( $post ) : home_url() );
wp_safe_redirect( esc_url_raw( $redirect_to ) );
die();
if ( $incr = apply_filters( 'akismet_spam_count_incr', 1 ) ) {
update_option( 'akismet_spam_count', get_option( 'akismet_spam_count' ) + $incr );
}
if ( self::$is_rest_api_call ) {
return new WP_Error( 'akismet_rest_comment_discarded', __( 'Comment discarded.', 'akismet' ) );
}
else {
// Redirect back to the previous page, or failing that, the post permalink, or failing that, the homepage of the blog.
$redirect_to = isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : ( $post ? get_permalink( $post ) : home_url() );
wp_safe_redirect( esc_url_raw( $redirect_to ) );
die();
}
}
else if ( self::$is_rest_api_call ) {
// The way the REST API structures its calls, we can set the comment_approved value right away.
$commentdata['comment_approved'] = 'spam';
}
}
......@@ -207,26 +227,20 @@ class Akismet {
// Comment status should be moderated
self::$last_comment_result = '0';
}
if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_single_event') ) {
if ( !wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] );
}
if ( ! wp_next_scheduled( 'akismet_schedule_cron_recheck' ) ) {
wp_schedule_single_event( time() + 1200, 'akismet_schedule_cron_recheck' );
do_action( 'akismet_scheduled_recheck', 'invalid-response-' . $response[1] );
}
self::$prevent_moderation_email_for_these_comments[] = $commentdata;
}
if ( function_exists('wp_next_scheduled') && function_exists('wp_schedule_event') ) {
// WP 2.1+: delete old comments daily
if ( !wp_next_scheduled( 'akismet_scheduled_delete' ) )
wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' );
}
elseif ( (mt_rand(1, 10) == 3) ) {
// WP 2.0: run this one time in ten
self::delete_old_comments();
// Delete old comments daily
if ( ! wp_next_scheduled( 'akismet_scheduled_delete' ) ) {
wp_schedule_event( time(), 'daily', 'akismet_scheduled_delete' );
}
self::set_last_comment( $commentdata );
self::fix_scheduled_recheck();
......@@ -256,11 +270,6 @@ class Akismet {
// this fires on wp_insert_comment. we can't update comment_meta when auto_check_comment() runs
// because we don't know the comment ID at that point.
public static function auto_check_update_meta( $id, $comment ) {
// failsafe for old WP versions
if ( !function_exists('add_comment_meta') )
return false;
// wp_insert_comment() might be called in other contexts, so make sure this is the same comment
// as was checked by auto_check_comment
if ( is_object( $comment ) && !empty( self::$last_comment ) && is_array( self::$last_comment ) ) {
......@@ -398,11 +407,6 @@ class Akismet {
// get the full comment history for a given comment, as an array in reverse chronological order
public static function get_comment_history( $comment_id ) {
// failsafe for old WP versions
if ( !function_exists('add_comment_meta') )
return false;
$history = get_comment_meta( $comment_id, 'akismet_history', false );
usort( $history, array( 'Akismet', '_cmp_time' ) );
return $history;
......@@ -419,10 +423,6 @@ class Akismet {
public static function update_comment_history( $comment_id, $message, $event=null, $meta=null ) {
global $current_user;
// failsafe for old WP versions
if ( !function_exists('add_comment_meta') )
return false;
$user = '';
$event = array(
......@@ -1024,7 +1024,7 @@ class Akismet {
do_action( 'akismet_ssl_disabled' );
}
if ( ! $ssl_disabled && function_exists( 'wp_http_supports') && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
if ( ! $ssl_disabled && ( $ssl = wp_http_supports( array( 'ssl' ) ) ) ) {
$akismet_url = set_url_scheme( $akismet_url, 'https' );
do_action( 'akismet_https_request_pre' );
......
=== Akismet ===
Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs
Tags: akismet, comments, spam, antispam, anti-spam, anti spam, comment moderation, comment spam, contact form spam, spam comments
Requires at least: 3.7
Requires at least: 4.0
Tested up to: 4.8.1
Stable tag: 3.3.4
Stable tag: 4.0
License: GPLv2 or later
Akismet checks your comments and contact form submissions against our global database of spam to protect you and your site from malicious content.
......@@ -30,7 +30,16 @@ Upload the Akismet plugin to your blog, Activate it, then enter your [Akismet.co
== Changelog ==
= 4.0 =
*Release Date - 19 September 2017*
* Added REST API endpoints for configuring Akismet and retrieving stats.
* Increased the minimum supported WordPress version to 4.0.