summaryrefslogtreecommitdiffstats
path: root/wp-content/plugins
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-19 04:51:22 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-09-19 04:51:22 +0000
commitfc0a79914946dac00ccd51b1aacffe267de7210e (patch)
tree1403384efbfe8f8776ff60aaa40f7d535c02c822 /wp-content/plugins
parentReleasing progress-linux version 6.5.5+dfsg1-1~progress7.99u1. (diff)
downloadwordpress-fc0a79914946dac00ccd51b1aacffe267de7210e.tar.xz
wordpress-fc0a79914946dac00ccd51b1aacffe267de7210e.zip
Merging upstream version 6.6.1+dfsg1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'wp-content/plugins')
-rw-r--r--wp-content/plugins/akismet/akismet.php16
-rw-r--r--wp-content/plugins/akismet/class.akismet-admin.php53
-rw-r--r--wp-content/plugins/akismet/class.akismet.php282
-rw-r--r--wp-content/plugins/akismet/readme.txt12
-rw-r--r--wp-content/plugins/akismet/views/config.php88
-rw-r--r--wp-content/plugins/akismet/views/notice.php44
-rw-r--r--wp-content/plugins/akismet/views/setup.php2
7 files changed, 265 insertions, 232 deletions
diff --git a/wp-content/plugins/akismet/akismet.php b/wp-content/plugins/akismet/akismet.php
index b62fddd..bca9a4a 100644
--- a/wp-content/plugins/akismet/akismet.php
+++ b/wp-content/plugins/akismet/akismet.php
@@ -6,7 +6,7 @@
Plugin Name: Akismet Anti-spam: Spam Protection
Plugin URI: https://akismet.com/
Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. Akismet Anti-spam keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key.
-Version: 5.3.2
+Version: 5.3.3
Requires at least: 5.8
Requires PHP: 5.6.20
Author: Automattic - Anti-spam Team
@@ -39,7 +39,7 @@ if ( !function_exists( 'add_action' ) ) {
exit;
}
-define( 'AKISMET_VERSION', '5.3.2' );
+define( 'AKISMET_VERSION', '5.3.3' );
define( 'AKISMET__MINIMUM_WP_VERSION', '5.8' );
define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'AKISMET_DELETE_LIMIT', 10000 );
@@ -47,22 +47,22 @@ define( 'AKISMET_DELETE_LIMIT', 10000 );
register_activation_hook( __FILE__, array( 'Akismet', 'plugin_activation' ) );
register_deactivation_hook( __FILE__, array( 'Akismet', 'plugin_deactivation' ) );
-require_once( AKISMET__PLUGIN_DIR . 'class.akismet.php' );
-require_once( AKISMET__PLUGIN_DIR . 'class.akismet-widget.php' );
-require_once( AKISMET__PLUGIN_DIR . 'class.akismet-rest-api.php' );
+require_once AKISMET__PLUGIN_DIR . 'class.akismet.php';
+require_once AKISMET__PLUGIN_DIR . 'class.akismet-widget.php';
+require_once AKISMET__PLUGIN_DIR . 'class.akismet-rest-api.php';
add_action( 'init', array( 'Akismet', 'init' ) );
add_action( 'rest_api_init', array( 'Akismet_REST_API', 'init' ) );
if ( is_admin() || ( defined( 'WP_CLI' ) && WP_CLI ) ) {
- require_once( AKISMET__PLUGIN_DIR . 'class.akismet-admin.php' );
+ require_once AKISMET__PLUGIN_DIR . 'class.akismet-admin.php';
add_action( 'init', array( 'Akismet_Admin', 'init' ) );
}
//add wrapper class around deprecated akismet functions that are referenced elsewhere
-require_once( AKISMET__PLUGIN_DIR . 'wrapper.php' );
+require_once AKISMET__PLUGIN_DIR . 'wrapper.php';
if ( defined( 'WP_CLI' ) && WP_CLI ) {
- require_once( AKISMET__PLUGIN_DIR . 'class.akismet-cli.php' );
+ require_once AKISMET__PLUGIN_DIR . 'class.akismet-cli.php';
}
diff --git a/wp-content/plugins/akismet/class.akismet-admin.php b/wp-content/plugins/akismet/class.akismet-admin.php
index dd39104..d1dabcf 100644
--- a/wp-content/plugins/akismet/class.akismet-admin.php
+++ b/wp-content/plugins/akismet/class.akismet-admin.php
@@ -533,9 +533,13 @@ class Akismet_Admin {
}
public static function comment_row_action( $a, $comment ) {
- $akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
+ $akismet_result = get_comment_meta( $comment->comment_ID, 'akismet_result', true );
+ if ( ! $akismet_result && get_comment_meta( $comment->comment_ID, 'akismet_skipped', true ) ) {
+ $akismet_result = 'skipped'; // Akismet chose to skip the comment-check request.
+ }
+
$akismet_error = get_comment_meta( $comment->comment_ID, 'akismet_error', true );
- $user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true);
+ $user_result = get_comment_meta( $comment->comment_ID, 'akismet_user_result', true );
$comment_status = wp_get_comment_status( $comment->comment_ID );
$desc = null;
if ( $akismet_error ) {
@@ -679,6 +683,12 @@ class Akismet_Admin {
case 'webhook-ham-noaction':
$message = esc_html( __( 'Akismet cleared this comment during a recheck. It did not update the comment status because it had already been modified by another user or plugin.', 'akismet' ) );
break;
+ case 'akismet-skipped':
+ $message = esc_html( __( 'This comment was not sent to Akismet when it was submitted because it was caught by something else.', 'akismet' ) );
+ break;
+ case 'akismet-skipped-disallowed':
+ $message = esc_html( __( 'This comment was not sent to Akismet when it was submitted because it was caught by the comment disallowed list.', 'akismet' ) );
+ break;
default:
if ( preg_match( '/^status-changed/', $row['event'] ) ) {
// Half of these used to be saved without the dash after 'status-changed'.
@@ -897,7 +907,14 @@ class Akismet_Admin {
$response = Akismet::http_post( Akismet::build_query( $request_args ), 'get-stats' );
if ( ! empty( $response[1] ) ) {
- $stat_totals[$interval] = json_decode( $response[1] );
+ $data = json_decode( $response[1] );
+ /*
+ * The json decoded response should be an object. If it's not an object, something's wrong, and the data
+ * shouldn't be added to the stats_totals array.
+ */
+ if ( is_object( $data ) ) {
+ $stat_totals[ $interval ] = $data;
+ }
}
}
@@ -952,14 +969,15 @@ class Akismet_Admin {
public static function get_usage_limit_alert_data() {
return array(
- 'type' => 'usage-limit',
- 'code' => (int) get_option( 'akismet_alert_code' ),
- 'msg' => get_option( 'akismet_alert_msg' ),
- 'api_calls' => get_option( 'akismet_alert_api_calls' ),
- 'usage_limit' => get_option( 'akismet_alert_usage_limit' ),
- 'upgrade_plan' => get_option( 'akismet_alert_upgrade_plan' ),
- 'upgrade_url' => get_option( 'akismet_alert_upgrade_url' ),
- 'upgrade_type' => get_option( 'akismet_alert_upgrade_type' ),
+ 'type' => 'usage-limit',
+ 'code' => (int) get_option( 'akismet_alert_code' ),
+ 'msg' => get_option( 'akismet_alert_msg' ),
+ 'api_calls' => get_option( 'akismet_alert_api_calls' ),
+ 'usage_limit' => get_option( 'akismet_alert_usage_limit' ),
+ 'upgrade_plan' => get_option( 'akismet_alert_upgrade_plan' ),
+ 'upgrade_url' => get_option( 'akismet_alert_upgrade_url' ),
+ 'upgrade_type' => get_option( 'akismet_alert_upgrade_type' ),
+ 'upgrade_via_support' => get_option( 'akismet_alert_upgrade_via_support' ) === 'true',
);
}
@@ -1107,6 +1125,12 @@ class Akismet_Admin {
$alert_code = get_option( 'akismet_alert_code' );
if ( isset( Akismet::$limit_notices[ $alert_code ] ) ) {
$notices[] = self::get_usage_limit_alert_data();
+ } elseif ( $alert_code > 0 ) {
+ $notices[] = array(
+ 'type' => 'alert',
+ 'code' => (int) get_option( 'akismet_alert_code' ),
+ 'msg' => get_option( 'akismet_alert_msg' ),
+ );
}
/*
@@ -1117,7 +1141,6 @@ class Akismet_Admin {
*/
// $notices[] = array( 'type' => 'active-notice', 'time_saved' => 'Cleaning up spam takes time. Akismet has saved you 1 minute!' );
// $notices[] = array( 'type' => 'plugin' );
- // $notices[] = array( 'type' => 'spam-check', 'link_text' => 'Link text.' );
// $notices[] = array( 'type' => 'notice', 'notice_header' => 'This is the notice header.', 'notice_text' => 'This is the notice text.' );
// $notices[] = array( 'type' => 'missing-functions' );
// $notices[] = array( 'type' => 'servers-be-down' );
@@ -1131,6 +1154,7 @@ class Akismet_Admin {
// $notices[] = array( 'type' => 'existing-key-invalid' );
// $notices[] = array( 'type' => 'new-key-failed' );
// $notices[] = array( 'type' => 'usage-limit', 'api_calls' => '15000', 'usage_limit' => '10000', 'upgrade_plan' => 'Enterprise', 'upgrade_url' => 'https://akismet.com/account/', 'code' => 10502 );
+ // $notices[] = array( 'type' => 'spam-check', 'link_text' => 'Link text.' );
// $notices[] = array( 'type' => 'spam-check-cron-disabled' );
// $notices[] = array( 'type' => 'alert', 'code' => 123 );
@@ -1146,6 +1170,11 @@ class Akismet_Admin {
return;
}
+ // To see notice variants while testing.
+ // Akismet::view( 'notice', array( 'type' => 'spam-check-cron-disabled' ) );
+ // Akismet::view( 'notice', array( 'type' => 'spam-check' ) );
+ // Akismet::view( 'notice', array( 'type' => 'alert', 'code' => 123, 'msg' => 'Message' ) );
+
if ( in_array( $hook_suffix, array( 'edit-comments.php' ) ) && (int) get_option( 'akismet_alert_code' ) > 0 ) {
Akismet::verify_key( Akismet::get_api_key() ); //verify that the key is still in alert state
diff --git a/wp-content/plugins/akismet/class.akismet.php b/wp-content/plugins/akismet/class.akismet.php
index 7a89f61..0367d21 100644
--- a/wp-content/plugins/akismet/class.akismet.php
+++ b/wp-content/plugins/akismet/class.akismet.php
@@ -53,7 +53,7 @@ class Akismet {
add_action( 'transition_comment_status', array( 'Akismet', 'transition_comment_status' ), 10, 3 );
// Run this early in the pingback call, before doing a remote fetch of the source uri
- add_action( 'xmlrpc_call', array( 'Akismet', 'pre_check_pingback' ) );
+ add_action( 'xmlrpc_call', array( 'Akismet', 'pre_check_pingback' ), 10, 3 );
// Jetpack compatibility
add_filter( 'jetpack_options_whitelist', array( 'Akismet', 'add_to_jetpack_options_whitelist' ) );
@@ -224,6 +224,21 @@ class Akismet {
self::$last_comment_result = null;
+ // Skip the Akismet check if the comment matches the Disallowed Keys list.
+ if ( function_exists( 'wp_check_comment_disallowed_list' ) ) {
+ $comment_author = isset( $commentdata['comment_author'] ) ? $commentdata['comment_author'] : '';
+ $comment_author_email = isset( $commentdata['comment_author_email'] ) ? $commentdata['comment_author_email'] : '';
+ $comment_author_url = isset( $commentdata['comment_author_url'] ) ? $commentdata['comment_author_url'] : '';
+ $comment_content = isset( $commentdata['comment_content'] ) ? $commentdata['comment_content'] : '';
+ $comment_author_ip = isset( $commentdata['comment_author_IP'] ) ? $commentdata['comment_author_IP'] : '';
+ $comment_agent = isset( $commentdata['comment_agent'] ) ? $commentdata['comment_agent'] : '';
+
+ if ( wp_check_comment_disallowed_list( $comment_author, $comment_author_email, $comment_author_url, $comment_content, $comment_author_ip, $comment_agent ) ) {
+ self::set_last_comment( $commentdata );
+ return $commentdata;
+ }
+ }
+
$comment = $commentdata;
$comment['user_ip'] = self::get_ip_address();
@@ -427,7 +442,7 @@ class Akismet {
load_plugin_textdomain( 'akismet' );
// normal result: true or false
- if ( self::$last_comment['akismet_result'] == 'true' ) {
+ if ( isset( self::$last_comment['akismet_result'] ) && self::$last_comment['akismet_result'] == 'true' ) {
update_comment_meta( $comment->comment_ID, 'akismet_result', 'true' );
self::update_comment_history( $comment->comment_ID, '', 'check-spam' );
if ( $comment->comment_approved != 'spam' ) {
@@ -437,7 +452,7 @@ class Akismet {
'status-changed-' . $comment->comment_approved
);
}
- } elseif ( self::$last_comment['akismet_result'] == 'false' ) {
+ } elseif ( isset( self::$last_comment['akismet_result'] ) && self::$last_comment['akismet_result'] == 'false' ) {
update_comment_meta( $comment->comment_ID, 'akismet_result', 'false' );
self::update_comment_history( $comment->comment_ID, '', 'check-ham' );
// Status could be spam or trash, depending on the WP version and whether this change applies:
@@ -449,12 +464,26 @@ class Akismet {
} else {
self::update_comment_history( $comment->comment_ID, '', 'status-changed-' . $comment->comment_approved );
}
- } else if ( function_exists( 'wp_blacklist_check' ) && wp_blacklist_check( $comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent ) ) {
- self::update_comment_history( $comment->comment_ID, '', 'wp-blacklisted' );
} else {
self::update_comment_history( $comment->comment_ID, '', 'status-changed-' . $comment->comment_approved );
}
}
+ } elseif ( ! isset( self::$last_comment['akismet_result'] ) ) {
+ // akismet_result isn't set, so the comment wasn't sent to Akismet.
+ update_comment_meta( $comment->comment_ID, 'akismet_skipped', 'true' );
+ $caught_by_disallowed_list = false;
+
+ if ( function_exists( 'wp_check_comment_disallowed_list' ) ) {
+ $caught_by_disallowed_list = wp_check_comment_disallowed_list( $comment->comment_author, $comment->comment_author_email, $comment->comment_author_url, $comment->comment_content, $comment->comment_author_IP, $comment->comment_agent );
+ }
+
+ if ( $caught_by_disallowed_list ) {
+ self::update_comment_history( $comment->comment_ID, '', 'wp-disallowed' );
+ self::update_comment_history( $comment->comment_ID, '', 'akismet-skipped-disallowed' );
+ } else {
+ // Add a generic skipped history item.
+ self::update_comment_history( $comment->comment_ID, '', 'akismet-skipped' );
+ }
} else {
// abnormal result: error
update_comment_meta( $comment->comment_ID, 'akismet_error', time() );
@@ -887,13 +916,16 @@ class Akismet {
$comment_id = (int) $comment_id;
- $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) );
+ $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ), ARRAY_A );
- if ( !$comment ) // it was deleted
+ if ( ! $comment ) {
+ // it was deleted
return;
+ }
- if ( 'spam' != $comment->comment_approved )
+ if ( 'spam' != $comment['comment_approved'] ) {
return;
+ }
self::update_comment_history( $comment_id, '', 'report-spam' );
@@ -905,32 +937,36 @@ class Akismet {
// use the original version stored in comment_meta if available
$as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) );
- if ( $as_submitted && is_array( $as_submitted ) && isset( $as_submitted['comment_content'] ) )
- $comment = (object) array_merge( (array)$comment, $as_submitted );
+ if ( $as_submitted && is_array( $as_submitted ) && isset( $as_submitted['comment_content'] ) ) {
+ $comment = array_merge( $comment, $as_submitted );
+ }
- $comment->blog = get_option( 'home' );
- $comment->blog_lang = get_locale();
- $comment->blog_charset = get_option('blog_charset');
- $comment->permalink = get_permalink($comment->comment_post_ID);
+ $comment['blog'] = get_option( 'home' );
+ $comment['blog_lang'] = get_locale();
+ $comment['blog_charset'] = get_option( 'blog_charset' );
+ $comment['permalink'] = get_permalink( $comment['comment_post_ID'] );
- if ( is_object($current_user) )
- $comment->reporter = $current_user->user_login;
+ if ( is_object( $current_user ) ) {
+ $comment['reporter'] = $current_user->user_login;
+ }
- if ( is_object($current_site) )
- $comment->site_domain = $current_site->domain;
+ if ( is_object( $current_site ) ) {
+ $comment['site_domain'] = $current_site->domain;
+ }
- $comment->user_role = '';
- if ( ! empty( $comment->user_ID ) ) {
- $comment->user_role = Akismet::get_user_roles( $comment->user_ID );
+ $comment['user_role'] = '';
+ if ( ! empty( $comment['user_ID'] ) ) {
+ $comment['user_role'] = self::get_user_roles( $comment['user_ID'] );
}
- if ( self::is_test_mode() )
- $comment->is_test = 'true';
+ if ( self::is_test_mode() ) {
+ $comment['is_test'] = 'true';
+ }
- $post = get_post( $comment->comment_post_ID );
+ $post = get_post( $comment['comment_post_ID'] );
if ( ! is_null( $post ) ) {
- $comment->comment_post_modified_gmt = $post->post_modified_gmt;
+ $comment['comment_post_modified_gmt'] = $post->post_modified_gmt;
}
$comment = apply_filters( 'akismet_request_args', $comment, 'submit-spam' );
@@ -939,8 +975,8 @@ class Akismet {
update_comment_meta( $comment_id, 'akismet_user_result', 'true' );
- if ( $comment->reporter ) {
- update_comment_meta( $comment_id, 'akismet_user', $comment->reporter );
+ if ( $comment['reporter'] ) {
+ update_comment_meta( $comment_id, 'akismet_user', $comment['reporter'] );
}
do_action('akismet_submit_spam_comment', $comment_id, $response[1]);
@@ -951,9 +987,12 @@ class Akismet {
$comment_id = (int) $comment_id;
- $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ) );
- if ( !$comment ) // it was deleted
+ $comment = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->comments} WHERE comment_ID = %d", $comment_id ), ARRAY_A );
+
+ if ( ! $comment ) {
+ // it was deleted
return;
+ }
self::update_comment_history( $comment_id, '', 'report-ham' );
@@ -965,32 +1004,36 @@ class Akismet {
// use the original version stored in comment_meta if available
$as_submitted = self::sanitize_comment_as_submitted( get_comment_meta( $comment_id, 'akismet_as_submitted', true ) );
- if ( $as_submitted && is_array($as_submitted) && isset($as_submitted['comment_content']) )
- $comment = (object) array_merge( (array)$comment, $as_submitted );
+ if ( $as_submitted && is_array( $as_submitted ) && isset( $as_submitted['comment_content'] ) ) {
+ $comment = array_merge( $comment, $as_submitted );
+ }
- $comment->blog = get_option( 'home' );
- $comment->blog_lang = get_locale();
- $comment->blog_charset = get_option('blog_charset');
- $comment->permalink = get_permalink( $comment->comment_post_ID );
- $comment->user_role = '';
+ $comment['blog'] = get_option( 'home' );
+ $comment['blog_lang'] = get_locale();
+ $comment['blog_charset'] = get_option( 'blog_charset' );
+ $comment['permalink'] = get_permalink( $comment['comment_post_ID'] );
+ $comment['user_role'] = '';
- if ( is_object($current_user) )
- $comment->reporter = $current_user->user_login;
+ if ( is_object( $current_user ) ) {
+ $comment['reporter'] = $current_user->user_login;
+ }
- if ( is_object($current_site) )
- $comment->site_domain = $current_site->domain;
+ if ( is_object( $current_site ) ) {
+ $comment['site_domain'] = $current_site->domain;
+ }
- if ( ! empty( $comment->user_ID ) ) {
- $comment->user_role = Akismet::get_user_roles( $comment->user_ID );
+ if ( ! empty( $comment['user_ID'] ) ) {
+ $comment['user_role'] = self::get_user_roles( $comment['user_ID'] );
}
- if ( Akismet::is_test_mode() )
- $comment->is_test = 'true';
+ if ( self::is_test_mode() ) {
+ $comment['is_test'] = 'true';
+ }
- $post = get_post( $comment->comment_post_ID );
+ $post = get_post( $comment['comment_post_ID'] );
if ( ! is_null( $post ) ) {
- $comment->comment_post_modified_gmt = $post->post_modified_gmt;
+ $comment['comment_post_modified_gmt'] = $post->post_modified_gmt;
}
$comment = apply_filters( 'akismet_request_args', $comment, 'submit-ham' );
@@ -999,8 +1042,8 @@ class Akismet {
update_comment_meta( $comment_id, 'akismet_user_result', 'false' );
- if ( $comment->reporter ) {
- update_comment_meta( $comment_id, 'akismet_user', $comment->reporter );
+ if ( $comment['reporter'] ) {
+ update_comment_meta( $comment_id, 'akismet_user', $comment['reporter'] );
}
do_action('akismet_submit_nonspam_comment', $comment_id, $response[1]);
@@ -1424,8 +1467,16 @@ class Akismet {
}
$simplified_response = array( $response['headers'], $response['body'] );
-
- self::update_alert( $simplified_response );
+
+ $alert_code_check_paths = array(
+ 'verify-key',
+ 'comment-check',
+ 'get-stats',
+ );
+
+ if ( in_array( $path, $alert_code_check_paths ) ) {
+ self::update_alert( $simplified_response );
+ }
return $simplified_response;
}
@@ -1442,6 +1493,7 @@ class Akismet {
'upgrade-plan',
'upgrade-url',
'upgrade-type',
+ 'upgrade-via-support',
);
foreach ( $alert_header_names as $alert_header_name ) {
@@ -1679,126 +1731,60 @@ p {
}
}
- public static function pre_check_pingback( $method ) {
- $pingback_args = array();
- if ( $method !== 'pingback.ping' )
+ /**
+ * Check pingbacks for spam before they're saved to the DB.
+ *
+ * @param string $method The XML-RPC method that was called.
+ * @param array $args This and the $server arg are marked as optional since plugins might still be
+ * calling do_action( 'xmlrpc_action', [...] ) without the arguments that were added in WP 5.7.
+ * @param wp_xmlrpc_server $server
+ */
+ public static function pre_check_pingback( $method, $args = array(), $server = null ) {
+ if ( $method !== 'pingback.ping' ) {
return;
+ }
- // A lot of this code is tightly coupled with the IXR class because the xmlrpc_call action doesn't pass along any information besides the method name.
- // This ticket should hopefully fix that: https://core.trac.wordpress.org/ticket/52524
- // Until that happens, when it's a system.multicall, pre_check_pingback will be called once for every internal pingback call.
- // Keep track of how many times this function has been called so we know which call to reference in the XML.
- static $call_count = 0;
-
- $call_count++;
-
- global $wp_xmlrpc_server;
-
- if ( !is_object( $wp_xmlrpc_server ) )
- return false;
-
- $is_multicall = false;
- $multicall_count = 0;
-
- if ( 'system.multicall' === $wp_xmlrpc_server->message->methodName ) {
- $is_multicall = true;
-
- if ( 0 === $call_count ) {
- // Only pass along the number of entries in the multicall the first time we see it.
- $multicall_count = is_countable( $wp_xmlrpc_server->message->params ) ? count( $wp_xmlrpc_server->message->params ) : 0;
- }
-
- /*
- * $wp_xmlrpc_server->message looks like this:
- *
- (
- [message] =>
- [messageType] => methodCall
- [faultCode] =>
- [faultString] =>
- [methodName] => system.multicall
- [params] => Array
- (
- [0] => Array
- (
- [methodName] => pingback.ping
- [params] => Array
- (
- [0] => http://www.example.net/?p=1 // Site that created the pingback.
- [1] => https://www.example.com/?p=1 // Post being pingback'd on this site.
- )
- )
- [1] => Array
- (
- [methodName] => pingback.ping
- [params] => Array
- (
- [0] => http://www.example.net/?p=1 // Site that created the pingback.
- [1] => https://www.example.com/?p=2 // Post being pingback'd on this site.
- )
- )
- )
- )
- */
-
- // Use the params from the nth pingback.ping call in the multicall.
- $pingback_calls_found = 0;
+ /*
+ * $args looks like this:
+ *
+ * Array
+ * (
+ * [0] => http://www.example.net/?p=1 // Site that created the pingback.
+ * [1] => https://www.example.com/?p=2 // Post being pingback'd on this site.
+ * )
+ */
- foreach ( $wp_xmlrpc_server->message->params as $xmlrpc_action ) {
- if ( 'pingback.ping' === $xmlrpc_action['methodName'] ) {
- $pingback_calls_found++;
- }
+ if ( ! is_null( $server ) && ! empty( $args[1] ) ) {
+ $is_multicall = false;
+ $multicall_count = 0;
- if ( $call_count === $pingback_calls_found ) {
- $pingback_args = $xmlrpc_action['params'];
- break;
- }
+ if ( 'system.multicall' === $server->message->methodName ) {
+ $is_multicall = true;
+ $multicall_count = is_countable( $server->message->params ) ? count( $server->message->params ) : 0;
}
- } else {
- /*
- * $wp_xmlrpc_server->message looks like this:
- *
- (
- [message] =>
- [messageType] => methodCall
- [faultCode] =>
- [faultString] =>
- [methodName] => pingback.ping
- [params] => Array
- (
- [0] => http://www.example.net/?p=1 // Site that created the pingback.
- [1] => https://www.example.com/?p=2 // Post being pingback'd on this site.
- )
- )
- */
- $pingback_args = $wp_xmlrpc_server->message->params;
- }
- if ( ! empty( $pingback_args[1] ) ) {
- $post_id = url_to_postid( $pingback_args[1] );
+ $post_id = url_to_postid( $args[1] );
// If pingbacks aren't open on this post, we'll still check whether this request is part of a potential DDOS,
// but indicate to the server that pingbacks are indeed closed so we don't include this request in the user's stats,
// since the user has already done their part by disabling pingbacks.
$pingbacks_closed = false;
-
+
$post = get_post( $post_id );
-
+
if ( ! $post || ! pings_open( $post ) ) {
$pingbacks_closed = true;
}
- // Note: If is_multicall is true and multicall_count=0, then we know this is at least the 2nd pingback we've processed in this multicall.
-
$comment = array(
- 'comment_author_url' => $pingback_args[0],
+ 'comment_author_url' => $args[0],
'comment_post_ID' => $post_id,
'comment_author' => '',
'comment_author_email' => '',
'comment_content' => '',
'comment_type' => 'pingback',
'akismet_pre_check' => '1',
- 'comment_pingback_target' => $pingback_args[1],
+ 'comment_pingback_target' => $args[1],
'pingbacks_closed' => $pingbacks_closed ? '1' : '0',
'is_multicall' => $is_multicall,
'multicall_count' => $multicall_count,
@@ -1808,7 +1794,7 @@ p {
if ( isset( $comment['akismet_result'] ) && 'true' == $comment['akismet_result'] ) {
// Sad: tightly coupled with the IXR classes. Unfortunately the action provides no context and no way to return anything.
- $wp_xmlrpc_server->error( new IXR_Error( 0, 'Invalid discovery target' ) );
+ $server->error( new IXR_Error( 0, 'Invalid discovery target' ) );
// Also note that if this was part of a multicall, a spam result will prevent the subsequent calls from being executed.
// This is probably fine, but it raises the bar for what should be acceptable as a false positive.
diff --git a/wp-content/plugins/akismet/readme.txt b/wp-content/plugins/akismet/readme.txt
index 37e57be..9b19fbb 100644
--- a/wp-content/plugins/akismet/readme.txt
+++ b/wp-content/plugins/akismet/readme.txt
@@ -1,9 +1,9 @@
=== Akismet Anti-spam: Spam Protection ===
Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs, procifer, stephdau, kbrownkd, bluefuton, akismetantispam
-Tags: comments, spam, antispam, anti-spam, contact form, anti spam, comment moderation, comment spam, contact form spam, spam comments
+Tags: comments, spam, antispam, anti-spam, contact form
Requires at least: 5.8
Tested up to: 6.5.3
-Stable tag: 5.3.2
+Stable tag: 5.3.3
License: GPLv2 or later
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
@@ -32,6 +32,14 @@ Upload the Akismet plugin to your blog, activate it, and then enter your Akismet
== Changelog ==
+= 5.3.3 =
+*Release Date - 10 July 2024*
+
+* Make setup step clearer for new users.
+* Remove the stats section from the configuration page if the site has been revoked from the key.
+* Skip the Akismet comment check when the comment matches something in the disallowed list.
+* Prompt users on legacy plans to contact Akismet support for upgrades.
+
= 5.3.2 =
*Release Date - 21 March 2024*
diff --git a/wp-content/plugins/akismet/views/config.php b/wp-content/plugins/akismet/views/config.php
index b9e4457..23ad5c7 100644
--- a/wp-content/plugins/akismet/views/config.php
+++ b/wp-content/plugins/akismet/views/config.php
@@ -20,55 +20,57 @@ $kses_allow_link_href = array(
<?php } ?>
<?php if ( ! empty( $notices ) ) { ?>
<?php foreach ( $notices as $notice ) { ?>
- <?php Akismet::view( 'notice', $notice ); ?>
+ <?php Akismet::view( 'notice', array_merge( $notice, array( 'parent_view' => $name ) ) ); ?>
<?php } ?>
<?php } ?>
- <div class="akismet-card">
- <div class="akismet-section-header">
- <h2 class="akismet-section-header__label">
- <span><?php esc_html_e( 'Statistics', 'akismet' ); ?></span>
- </h2>
+ <?php if ( isset( $stat_totals['all'] ) && isset( $stat_totals['6-months'] ) ) : ?>
+ <div class="akismet-card">
+ <div class="akismet-section-header">
+ <h2 class="akismet-section-header__label">
+ <span><?php esc_html_e( 'Statistics', 'akismet' ); ?></span>
+ </h2>
- <div class="akismet-section-header__actions">
- <a href="<?php echo esc_url( Akismet_Admin::get_page_url( 'stats' ) ); ?>">
- <?php esc_html_e( 'Detailed stats', 'akismet' ); ?>
- </a>
- </div>
- </div> <!-- close akismet-section-header -->
+ <div class="akismet-section-header__actions">
+ <a href="<?php echo esc_url( Akismet_Admin::get_page_url( 'stats' ) ); ?>">
+ <?php esc_html_e( 'Detailed stats', 'akismet' ); ?>
+ </a>
+ </div>
+ </div> <!-- close akismet-section-header -->
- <div class="akismet-new-snapshot">
- <?php /* name attribute on iframe is used as a cache-buster here to force Firefox to load the new style charts: https://bugzilla.mozilla.org/show_bug.cgi?id=356558 */ ?>
- <div class="akismet-new-snapshot__chart">
- <iframe id="stats-iframe" allowtransparency="true" scrolling="no" frameborder="0" style="width: 100%; height: 220px; overflow: hidden;" src="<?php echo esc_url( sprintf( 'https://tools.akismet.com/1.0/snapshot.php?blog=%s&token=%s&height=200&locale=%s&is_redecorated=1', rawurlencode( get_option( 'home' ) ), rawurlencode( Akismet::get_access_token() ), get_locale() ) ); ?>" name="<?php echo esc_attr( 'snapshot-' . filemtime( __FILE__ ) ); ?>" title="<?php echo esc_attr__( 'Akismet stats' ); ?>"></iframe>
- </div>
- <ul class="akismet-new-snapshot__list">
- <li class="akismet-new-snapshot__item">
- <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'Past six months', 'akismet' ); ?></h3>
- <span class="akismet-new-snapshot__number"><?php echo number_format( $stat_totals['6-months']->spam ); ?></span>
- <span class="akismet-new-snapshot__text"><?php echo esc_html( _n( 'Spam blocked', 'Spam blocked', $stat_totals['6-months']->spam, 'akismet' ) ); ?></span>
- </li>
- <li class="akismet-new-snapshot__item">
- <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'All time', 'akismet' ); ?></h3>
- <span class="akismet-new-snapshot__number"><?php echo number_format( $stat_totals['all']->spam ); ?></span>
- <span class="akismet-new-snapshot__text"><?php echo esc_html( _n( 'Spam blocked', 'Spam blocked', $stat_totals['all']->spam, 'akismet' ) ); ?></span>
- </li>
- <li class="akismet-new-snapshot__item">
- <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'Accuracy', 'akismet' ); ?></h3>
- <span class="akismet-new-snapshot__number"><?php echo floatval( $stat_totals['all']->accuracy ); ?>%</span>
- <span class="akismet-new-snapshot__text">
- <?php
- /* translators: %s: number of spam missed by Akismet */
- echo esc_html( sprintf( _n( '%s missed spam', '%s missed spam', $stat_totals['all']->missed_spam, 'akismet' ), number_format( $stat_totals['all']->missed_spam ) ) ) . ', ';
- /* translators: %s: number of false positive spam flagged by Akismet */
- echo esc_html( sprintf( _n( '%s false positive', '%s false positives', $stat_totals['all']->false_positives, 'akismet' ), number_format( $stat_totals['all']->false_positives ) ) );
- ?>
- </span>
- </li>
- </ul>
- </div> <!-- close akismet-new-snapshot -->
+ <div class="akismet-new-snapshot">
+ <?php /* name attribute on iframe is used as a cache-buster here to force Firefox to load the new style charts: https://bugzilla.mozilla.org/show_bug.cgi?id=356558 */ ?>
+ <div class="akismet-new-snapshot__chart">
+ <iframe id="stats-iframe" allowtransparency="true" scrolling="no" frameborder="0" style="width: 100%; height: 220px; overflow: hidden;" src="<?php echo esc_url( sprintf( 'https://tools.akismet.com/1.0/snapshot.php?blog=%s&token=%s&height=200&locale=%s&is_redecorated=1', rawurlencode( get_option( 'home' ) ), rawurlencode( Akismet::get_access_token() ), get_locale() ) ); ?>" name="<?php echo esc_attr( 'snapshot-' . filemtime( __FILE__ ) ); ?>" title="<?php echo esc_attr__( 'Akismet stats' ); ?>"></iframe>
+ </div>
- </div> <!-- close akismet-card -->
+ <ul class="akismet-new-snapshot__list">
+ <li class="akismet-new-snapshot__item">
+ <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'Past six months', 'akismet' ); ?></h3>
+ <span class="akismet-new-snapshot__number"><?php echo number_format( $stat_totals['6-months']->spam ); ?></span>
+ <span class="akismet-new-snapshot__text"><?php echo esc_html( _n( 'Spam blocked', 'Spam blocked', $stat_totals['6-months']->spam, 'akismet' ) ); ?></span>
+ </li>
+ <li class="akismet-new-snapshot__item">
+ <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'All time', 'akismet' ); ?></h3>
+ <span class="akismet-new-snapshot__number"><?php echo number_format( $stat_totals['all']->spam ); ?></span>
+ <span class="akismet-new-snapshot__text"><?php echo esc_html( _n( 'Spam blocked', 'Spam blocked', $stat_totals['all']->spam, 'akismet' ) ); ?></span>
+ </li>
+ <li class="akismet-new-snapshot__item">
+ <h3 class="akismet-new-snapshot__header"><?php esc_html_e( 'Accuracy', 'akismet' ); ?></h3>
+ <span class="akismet-new-snapshot__number"><?php echo floatval( $stat_totals['all']->accuracy ); ?>%</span>
+ <span class="akismet-new-snapshot__text">
+ <?php
+ /* translators: %s: number of spam missed by Akismet */
+ echo esc_html( sprintf( _n( '%s missed spam', '%s missed spam', $stat_totals['all']->missed_spam, 'akismet' ), number_format( $stat_totals['all']->missed_spam ) ) ) . ', ';
+ /* translators: %s: number of false positive spam flagged by Akismet */
+ echo esc_html( sprintf( _n( '%s false positive', '%s false positives', $stat_totals['all']->false_positives, 'akismet' ), number_format( $stat_totals['all']->false_positives ) ) );
+ ?>
+ </span>
+ </li>
+ </ul>
+ </div> <!-- close akismet-new-snapshot -->
+ </div> <!-- close akismet-card -->
+ <?php endif; ?>
<?php if ( $akismet_user ) : ?>
<div class="akismet-card">
diff --git a/wp-content/plugins/akismet/views/notice.php b/wp-content/plugins/akismet/views/notice.php
index 466a322..be10ab2 100644
--- a/wp-content/plugins/akismet/views/notice.php
+++ b/wp-content/plugins/akismet/views/notice.php
@@ -9,9 +9,12 @@ $kses_allow_link = array(
);
$kses_allow_strong = array( 'strong' => true );
+if ( ! isset( $type ) ) {
+ $type = false; // phpcs:ignore WordPress.WP.GlobalVariablesOverride.Prohibited
+}
+
/*
- * Some notices (plugin, spam-check, spam-check-cron-disabled, alert and usage-limit) are shown elsewhere in wp-admin,
- * so look different to the standard notices.
+ * Some notices (plugin, spam-check, spam-check-cron-disabled, alert and usage-limit) are also shown elsewhere in wp-admin, so have different classes applied so that they match the standard WordPress notice format.
*/
?>
<?php if ( $type === 'plugin' ) : ?>
@@ -37,25 +40,27 @@ $kses_allow_strong = array( 'strong' => true );
</div>
<?php elseif ( $type === 'spam-check' ) : ?>
-<div class="notice notice-warning">
- <p><strong><?php esc_html_e( 'Akismet has detected a problem.', 'akismet' ); ?></strong></p>
- <p><?php esc_html_e( 'Some comments have not yet been checked for spam by Akismet. They have been temporarily held for moderation and will automatically be rechecked later.', 'akismet' ); ?></p>
- <?php if ( $link_text ) : ?>
- <p><?php echo wp_kses( $link_text, $kses_allow_link ); ?></p>
- <?php endif; ?>
-</div>
+ <?php // This notice is only displayed on edit-comments.php. ?>
+ <div class="notice notice-warning">
+ <p><strong><?php esc_html_e( 'Akismet has detected a problem.', 'akismet' ); ?></strong></p>
+ <p><?php esc_html_e( 'Some comments have not yet been checked for spam by Akismet. They have been temporarily held for moderation and will automatically be rechecked later.', 'akismet' ); ?></p>
+ <?php if ( ! empty( $link_text ) ) : ?>
+ <p><?php echo wp_kses( $link_text, $kses_allow_link ); ?></p>
+ <?php endif; ?>
+ </div>
<?php elseif ( $type === 'spam-check-cron-disabled' ) : ?>
-<div class="notice notice-warning">
- <p><strong><?php esc_html_e( 'Akismet has detected a problem.', 'akismet' ); ?></strong></p>
- <p><?php esc_html_e( 'WP-Cron has been disabled using the DISABLE_WP_CRON constant. Comment rechecks may not work properly.', 'akismet' ); ?></p>
-</div>
-
+ <?php // This notice is only displayed on edit-comments.php. ?>
+ <div class="notice notice-warning">
+ <p><strong><?php esc_html_e( 'Akismet has detected a problem.', 'akismet' ); ?></strong></p>
+ <p><?php esc_html_e( 'WP-Cron has been disabled using the DISABLE_WP_CRON constant. Comment rechecks may not work properly.', 'akismet' ); ?></p>
+ </div>
+
<?php elseif ( $type === 'alert' ) : ?>
-<div class="error">
+<div class="<?php echo isset( $parent_view ) && $parent_view === 'config' ? 'akismet-alert is-bad' : 'error'; ?>">
<?php /* translators: The placeholder is an error code returned by Akismet. */ ?>
<p><strong><?php printf( esc_html__( 'Akismet error code: %s', 'akismet' ), esc_html( $code ) ); ?></strong></p>
- <p><?php echo esc_html( $msg ); ?></p>
+ <p><?php echo isset( $msg ) ? esc_html( $msg ) : ''; ?></p>
<p>
<?php
/* translators: the placeholder is a clickable URL that leads to more information regarding an error code. */
@@ -307,8 +312,11 @@ $kses_allow_strong = array( 'strong' => true );
<div class="akismet-usage-limit-cta">
<a href="<?php echo esc_attr( $upgrade_url ); ?>" class="button" target="_blank">
<?php
- // If only a qty upgrade is required, show a more generic message.
- if ( ! empty( $upgrade_type ) && 'qty' === $upgrade_type ) {
+ if ( isset( $upgrade_via_support ) && $upgrade_via_support ) {
+ // Direct user to contact support.
+ esc_html_e( 'Contact Akismet support', 'akismet' );
+ } elseif ( ! empty( $upgrade_type ) && 'qty' === $upgrade_type ) {
+ // If only a qty upgrade is required, show a more generic message.
esc_html_e( 'Upgrade your subscription level', 'akismet' );
} else {
echo esc_html(
diff --git a/wp-content/plugins/akismet/views/setup.php b/wp-content/plugins/akismet/views/setup.php
index 5078009..f4ddaf1 100644
--- a/wp-content/plugins/akismet/views/setup.php
+++ b/wp-content/plugins/akismet/views/setup.php
@@ -1,4 +1,4 @@
<div class="akismet-setup-instructions">
<p><?php esc_html_e( 'Set up your Akismet account to enable spam filtering on this site.', 'akismet' ); ?></p>
- <?php Akismet::view( 'get', array( 'text' => __( 'Set up your Akismet account' , 'akismet' ), 'classes' => array( 'akismet-button', 'akismet-is-primary' ) ) ); ?>
+ <?php Akismet::view( 'get', array( 'text' => __( 'Choose an Akismet plan', 'akismet' ), 'classes' => array( 'akismet-button', 'akismet-is-primary' ) ) ); ?>
</div>