PluginProbe ʕ •ᴥ•ʔ
AI Engine – The Chatbot, AI Framework & MCP for WordPress / 3.3.0
AI Engine – The Chatbot, AI Framework & MCP for WordPress v3.3.0
3.5.7 3.5.6 3.5.5 3.5.4 3.5.3 3.5.2 3.5.1 3.5.0 3.4.9 3.4.8 3.4.7 0.2.1 1.6.91 0.2.2 1.6.92 0.2.3 1.6.93 0.2.4 1.6.94 0.2.5 1.6.95 0.2.6 1.6.96 0.2.7 1.6.97 0.2.8 1.6.98 0.2.9 1.6.99 0.3.0 1.7.0 0.3.1 1.7.1 0.3.2 1.7.2 0.3.3 1.7.3 0.3.4 1.7.4 0.3.5 1.7.5 0.3.6 1.7.6 0.4.0 1.7.7 0.4.1 1.7.8 0.4.2 1.7.9 0.4.3 1.8.0 0.4.4 1.8.1 0.4.5 1.8.2 0.4.6 1.8.3 0.4.7 1.8.4 0.4.8 1.8.5 0.4.9 1.8.6 0.5.0 1.8.7 0.5.1 1.8.8 0.5.2 1.8.9 0.5.3 1.9.0 0.5.4 1.9.1 0.5.5 1.9.2 0.5.6 1.9.3 0.5.7 1.9.4 0.5.8 1.9.5 0.5.9 1.9.6 0.6.0 1.9.7 0.6.1 1.9.8 0.6.2 1.9.81 0.6.3 1.9.82 0.6.4 1.9.83 0.6.5 1.9.84 0.6.6 1.9.85 0.6.7 1.9.86 0.6.8 1.9.87 0.6.9 1.9.88 0.7.0 1.9.89 0.7.1 1.9.90 0.7.2 1.9.91 0.7.3 1.9.92 0.7.4 1.9.93 0.7.5 1.9.94 0.7.6 1.9.95 0.7.7 1.9.96 0.7.8 1.9.97 0.7.9 1.9.98 0.8.0 1.9.99 0.8.1 2.0.0 0.8.2 2.0.1 0.8.3 2.0.2 0.8.4 2.0.3 0.8.5 2.0.4 0.8.6 2.0.5 0.8.7 2.0.6 0.8.8 2.0.7 0.8.9 2.0.8 0.9.0 2.0.9 0.9.2 2.1.0 0.9.3 2.1.1 0.9.4 2.1.2 0.9.5 2.1.3 0.9.6 2.1.4 0.9.7 2.1.5 0.9.8 2.1.6 0.9.81 2.1.7 0.9.82 2.1.8 0.9.83 2.1.9 0.9.84 2.2.0 0.9.85 2.2.1 0.9.86 2.2.2 0.9.87 2.2.3 0.9.88 2.2.4 0.9.89 2.2.5 0.9.9 2.2.51 0.9.91 2.2.52 0.9.92 2.2.53 0.9.93 2.2.54 0.9.94 2.2.56 0.9.95 2.2.57 0.9.96 2.2.6 0.9.97 2.2.60 0.9.98 2.2.61 0.9.99 2.2.62 1.0.0 2.2.63 1.0.01 2.2.70 1.0.1 2.2.80 1.0.2 2.2.81 1.0.3 2.2.90 1.0.4 2.2.91 1.0.5 2.2.92 1.0.6 2.2.93 1.0.7 2.2.94 1.0.8 2.2.95 1.0.9 2.3.0 1.1.0 2.3.1 1.1.1 2.3.2 1.1.2 2.3.3 1.1.3 2.3.4 1.1.4 2.3.5 1.1.5 2.3.6 1.1.6 2.3.7 1.1.7 2.3.8 1.1.8 2.3.9 1.1.9 2.4.0 1.2.0 2.4.1 1.2.1 2.4.2 1.2.2 2.4.3 1.2.21 2.4.4 1.2.3 2.4.5 1.2.30 2.4.6 1.3.0 2.4.7 1.3.1 2.4.8 1.3.2 2.4.9 1.3.3 2.5.0 1.3.31 2.5.1 1.3.32 2.5.2 1.3.33 2.5.3 1.3.34 2.5.4 1.3.35 2.5.5 1.3.36 2.5.6 1.3.37 2.5.7 1.3.38 2.5.8 1.3.39 2.5.9 1.3.40 2.6.0 1.3.41 2.6.1 1.3.42 2.6.2 1.3.43 2.6.3 1.3.44 2.6.5 1.3.45 2.6.6 1.3.46 2.6.7 1.3.47 2.6.8 1.3.48 2.6.9 1.3.49 2.7.0 1.3.50 2.7.1 1.3.51 2.7.2 1.3.52 2.7.3 1.3.53 2.7.4 1.3.54 2.7.5 1.3.56 2.7.6 1.3.57 2.7.7 1.3.58 2.7.8 1.3.59 2.7.9 1.3.60 2.8.0 1.3.61 2.8.1 1.3.62 2.8.2 1.3.63 2.8.3 1.3.64 2.8.4 1.3.65 2.8.5 1.3.66 2.8.6 1.3.67 2.8.7 1.3.68 2.8.8 1.3.69 2.8.9 1.3.70 2.9.0 1.3.71 2.9.1 1.3.72 2.9.2 1.3.73 2.9.3 1.3.74 2.9.4 1.3.75 2.9.5 1.3.76 2.9.6 1.3.77 2.9.7 1.3.78 2.9.8 1.3.79 2.9.9 1.3.80 3.0.0 1.3.81 3.0.1 1.3.82 3.0.2 1.3.83 3.0.3 1.3.84 3.0.4 1.3.85 3.0.5 1.3.86 3.0.6 1.3.87 3.0.7 1.3.88 3.0.8 1.3.89 3.0.9 1.3.90 3.1.0 1.3.91 3.1.1 1.3.92 3.1.2 1.3.93 3.1.3 1.3.94 3.1.4 1.3.95 3.1.5 1.3.96 3.1.6 1.3.97 3.1.7 1.3.98 3.1.8 1.3.99 3.1.9 1.4.0 3.2.0 1.4.1 3.2.1 1.4.2 3.2.2 1.4.3 3.2.3 1.4.4 3.2.4 1.4.5 3.2.5 1.4.6 3.2.6 1.4.7 3.2.7 1.4.8 3.2.8 1.4.9 3.2.9 1.5.0 3.3.0 1.5.1 3.3.1 1.5.2 3.3.2 1.5.3 3.3.3 1.5.4 3.3.4 1.5.5 3.3.5 1.5.6 3.3.6 1.5.7 3.3.7 1.5.8 3.3.8 1.5.9 3.3.9 1.6.0 3.4.0 1.6.1 3.4.1 1.6.2 3.4.2 1.6.3 3.4.3 1.6.5 3.4.4 1.6.51 3.4.5 1.6.52 3.4.6 1.6.53 1.6.54 1.6.55 1.6.56 1.6.57 1.6.58 1.6.59 1.6.60 1.6.61 1.6.62 1.6.63 1.6.64 1.6.65 1.6.66 1.6.67 1.6.68 trunk 1.6.69 0.0.1 1.6.70 0.0.2 1.6.71 0.0.3 1.6.72 0.0.4 1.6.73 0.0.5 1.6.74 0.0.6 1.6.75 0.0.7 1.6.76 0.0.8 1.6.77 0.0.9 1.6.78 0.1.0 1.6.79 0.1.1 1.6.81 0.1.2 1.6.82 0.1.3 1.6.83 0.1.4 1.6.84 0.1.5 1.6.85 0.1.6 1.6.86 0.1.7 1.6.87 0.1.8 1.6.88 0.1.9 1.6.89 0.2.0 1.6.90
ai-engine / classes / modules / chatbot.php
ai-engine / classes / modules Last commit date
advisor.php 7 months ago chatbot.php 6 months ago discussions.php 6 months ago files.php 6 months ago forms-manager.php 10 months ago gdpr.php 11 months ago search.php 1 year ago security.php 1 year ago tasks-examples.php 6 months ago tasks.php 7 months ago wand.php 7 months ago
chatbot.php
1300 lines
1 <?php
2
3 // Params for the chatbot (front and server)
4 define( 'MWAI_CHATBOT_FRONT_PARAMS', [ 'id', 'customId', 'aiName', 'userName', 'guestName', 'aiAvatar', 'userAvatar', 'guestAvatar', 'aiAvatarUrl', 'userAvatarUrl', 'guestAvatarUrl', 'textSend', 'textClear', 'imageUpload', 'fileUpload', 'multiUpload', 'maxUploads', 'fileUploads', 'fileSearch', 'allowedMimeTypes', 'mode', 'textInputPlaceholder', 'textInputMaxLength', 'textCompliance', 'startSentence', 'localMemory', 'themeId', 'window', 'icon', 'iconText', 'iconTextDelay', 'iconAlt', 'iconPosition', 'centerOpen', 'width', 'openDelay', 'iconBubble', 'windowAnimation', 'fullscreen', 'copyButton', 'headerSubtitle', 'popupTitle', 'containerType', 'headerType', 'messagesType', 'inputType', 'footerType', 'talkMode' ] );
5
6 define( 'MWAI_CHATBOT_SERVER_PARAMS', [ 'id', 'envId', 'scope', 'mode', 'contentAware', 'context', 'startSentence', 'embeddingsEnvId', 'embeddingsIndex', 'embeddingsNamespace', 'assistantId', 'instructions', 'resolution', 'voice', 'talkMode', 'model', 'temperature', 'maxTokens', 'contextMaxLength', 'maxResults', 'apiKey', 'functions', 'mcpServers', 'tools', 'historyStrategy', 'previousResponseId', 'parentBotId', 'crossSite', 'promptId', 'promptVariables', 'reasoningEffort', 'verbosity' ] );
7
8 // Params for the discussions (front and server)
9 define( 'MWAI_DISCUSSIONS_FRONT_PARAMS', [ 'themeId', 'textNewChat' ] );
10 define( 'MWAI_DISCUSSIONS_SERVER_PARAMS', [ 'customId' ] );
11
12 class Meow_MWAI_Modules_Chatbot {
13 private $core = null;
14 private $namespace = 'mwai-ui/v1';
15 private $siteWideChatId = null;
16
17 public function __construct() {
18 global $mwai_core;
19 $this->core = $mwai_core;
20 $this->siteWideChatId = $this->core->get_option( 'botId' );
21
22 add_shortcode( 'mwai_chatbot', [ $this, 'chat_shortcode' ] );
23 add_action( 'rest_api_init', [ $this, 'rest_api_init' ] );
24 add_action( 'wp_enqueue_scripts', [ $this, 'register_scripts' ] );
25 add_action( 'admin_enqueue_scripts', [ $this, 'register_scripts' ] );
26 if ( $this->core->get_option( 'chatbot_discussions' ) ) {
27 add_shortcode( 'mwai_discussions', [ $this, 'chatbot_discussions' ] );
28 }
29 }
30
31 public function register_scripts() {
32 // Load JS
33 $physical_file = trailingslashit( MWAI_PATH ) . 'app/chatbot.js';
34 $cache_buster = file_exists( $physical_file ) ? filemtime( $physical_file ) : MWAI_VERSION;
35 wp_register_script( 'mwai_chatbot', trailingslashit( MWAI_URL )
36 . 'app/chatbot.js', [ 'wp-element' ], $cache_buster, false );
37
38 // Actual loading of the scripts
39 $hasSiteWideChat = $this->siteWideChatId && $this->siteWideChatId !== 'none';
40
41 // Don't load chatbot scripts on the Site Editor to avoid conflicts
42 $current_screen = function_exists( 'get_current_screen' ) ? get_current_screen() : null;
43 $is_site_editor = $current_screen && $current_screen->base === 'site-editor';
44
45 if ( ( is_admin() && !$is_site_editor ) || $hasSiteWideChat ) {
46 $themeId = null;
47 if ( $hasSiteWideChat ) {
48 $bot = $this->core->get_chatbot( $this->siteWideChatId );
49 if ( $bot && isset( $bot['themeId'] ) ) {
50 $themeId = $bot['themeId'];
51 }
52 }
53 $this->enqueue_scripts( is_admin() ? null : $themeId );
54 if ( $hasSiteWideChat ) {
55 // Chatbot Injection
56 add_action( 'wp_footer', [ $this, 'inject_chat' ] );
57 }
58 }
59 }
60
61 public function enqueue_scripts( $themeId = null ) {
62 wp_enqueue_script( 'mwai_chatbot' );
63 if ( $this->core->get_option( 'syntax_highlight' ) ) {
64 wp_enqueue_script( 'mwai_highlight' );
65 }
66 if ( $themeId ) {
67 $this->core->enqueue_theme( $themeId );
68 }
69 else {
70 $this->core->enqueue_themes();
71 }
72 }
73
74 /**
75 * Helper method to create REST responses with automatic token refresh
76 *
77 * @param array $data The response data
78 * @param int $status HTTP status code
79 * @return WP_REST_Response
80 */
81 protected function create_rest_response( $data, $status = 200 ) {
82 // Always check if we need to provide a new nonce
83 $current_nonce = $this->core->get_nonce( true );
84 $request_nonce = isset( $_SERVER['HTTP_X_WP_NONCE'] ) ? $_SERVER['HTTP_X_WP_NONCE'] : null;
85
86 // Check if nonce is approaching expiration (WordPress nonces last 12-24 hours)
87 // We'll refresh if the nonce is older than 10 hours to be safe
88 $should_refresh = false;
89
90 if ( $request_nonce ) {
91 // Try to determine the age of the nonce
92 // WordPress uses a tick system where each tick is 12 hours
93 // If we're in the second half of the nonce's life, refresh it
94 $time = time();
95 $nonce_tick = wp_nonce_tick();
96
97 // Verify if the nonce is still valid but getting old
98 $verify = wp_verify_nonce( $request_nonce, 'wp_rest' );
99 if ( $verify === 2 ) {
100 // Nonce is valid but was generated 12-24 hours ago
101 $should_refresh = true;
102 // Log will be written when token is included in response
103 }
104 }
105
106 // If the nonce has changed or should be refreshed, include the new one
107 if ( $should_refresh || ( $request_nonce && $current_nonce !== $request_nonce ) ) {
108 $data['new_token'] = $current_nonce;
109
110 // Log if server debug mode is enabled
111 if ( $this->core->get_option( 'server_debug_mode' ) ) {
112 error_log( '[AI Engine] Token refresh: Nonce refreshed (12-24 hours old)' );
113 }
114 }
115
116 return new WP_REST_Response( $data, $status );
117 }
118
119 public function rest_api_init() {
120 register_rest_route( $this->namespace, '/chats/submit', [
121 'methods' => 'POST',
122 'callback' => [ $this, 'rest_chat' ],
123 'permission_callback' => [ $this->core, 'check_rest_nonce' ]
124 ] );
125 }
126
127 public function basics_security_check( $botId, $customId, $newMessage, $newFileId ) {
128 if ( !$botId && !$customId ) {
129 Meow_MWAI_Logging::warn( 'The query was rejected - no botId nor id was specified.' );
130 return false;
131 }
132
133 if ( $newFileId ) {
134 return true;
135 }
136
137 // Handle null or convert to string for strlen
138 $messageStr = $newMessage === null ? '' : (string) $newMessage;
139 $length = strlen( $messageStr );
140 if ( $length < 1 ) {
141 Meow_MWAI_Logging::warn( 'The query was rejected - message was too short.' );
142 return false;
143 }
144 return true;
145 }
146
147 public function build_final_res( $botId, $newMessage, $newFileId, $params, $reply, $images, $actions, $usage, $responseId = null ) {
148 $filterParams = [
149 'step' => 'reply',
150 'botId' => $botId,
151 'reply' => $reply,
152 'images' => $images,
153 'newMessage' => $newMessage,
154 'newFileId' => $newFileId,
155 'params' => $params,
156 'usage' => $usage,
157 'messages' => $params['messages'] ?? [],
158 'isNewConversation' => empty( $params['messages'] ) || count( $params['messages'] ) <= 1,
159 ];
160 $actions = apply_filters( 'mwai_chatbot_actions', $actions, $filterParams );
161 $blocks = apply_filters( 'mwai_chatbot_blocks', [], $filterParams );
162 $shortcuts = apply_filters( 'mwai_chatbot_shortcuts', [], $filterParams );
163 $actions = $this->sanitize_actions( $actions );
164 $blocks = $this->sanitize_blocks( $blocks );
165 $shortcuts = $this->sanitize_shortcuts( $shortcuts );
166 $result = [
167 'success' => true,
168 'reply' => $reply,
169 'images' => $images,
170 'actions' => $actions,
171 'shortcuts' => $shortcuts,
172 'blocks' => $blocks,
173 'usage' => $usage
174 ];
175
176 // Add response ID if available
177 if ( !empty( $responseId ) ) {
178 $result['responseId'] = $responseId;
179 }
180
181 // Check if token needs refresh
182 $current_nonce = $this->core->get_nonce( true );
183 $request_nonce = isset( $_SERVER['HTTP_X_WP_NONCE'] ) ? $_SERVER['HTTP_X_WP_NONCE'] : null;
184
185 $should_refresh = false;
186 if ( $request_nonce ) {
187 $verify = wp_verify_nonce( $request_nonce, 'wp_rest' );
188 if ( $verify === 2 ) {
189 // Nonce is valid but was generated 12-24 hours ago
190 $should_refresh = true;
191 }
192 }
193
194 if ( $should_refresh || ( $request_nonce && $current_nonce !== $request_nonce ) ) {
195 $result['new_token'] = $current_nonce;
196 }
197
198 return $result;
199 }
200
201 public function rest_chat( $request ) {
202 $params = $request->get_json_params();
203 $botId = $params['botId'] ?? null;
204 $customId = $params['customId'] ?? null;
205 $stream = $params['stream'] ?? false;
206 $newMessage = trim( $params['newMessage'] ?? '' );
207 $newFileId = $params['newFileId'] ?? null;
208 $newFileIds = $params['newFileIds'] ?? [];
209 $crossSite = $params['crossSite'] ?? false;
210
211 if ( !$this->basics_security_check( $botId, $customId, $newMessage, $newFileId ) ) {
212 return $this->create_rest_response( [
213 'success' => false,
214 'message' => apply_filters( 'mwai_ai_exception', 'Sorry, your query has been rejected.' )
215 ], 403 );
216 }
217
218 try {
219 $data = $this->chat_submit( $botId, $newMessage, $newFileId, $params, $stream, $newFileIds );
220 $final_res = $this->build_final_res(
221 $botId,
222 $newMessage,
223 $newFileId,
224 $params,
225 $data['reply'],
226 $data['images'],
227 $data['actions'],
228 $data['usage'],
229 $data['responseId'] ?? null
230 );
231 return $this->create_rest_response( $final_res, 200 );
232 }
233 catch ( Exception $e ) {
234 $message = apply_filters( 'mwai_ai_exception', $e->getMessage() );
235
236 // If we're in streaming mode, send the error through the stream
237 if ( $stream ) {
238 // Log the error
239 error_log( '[AI Engine Chatbot Error] ' . $e->getMessage() . ' in ' . $e->getFile() . ':' . $e->getLine() );
240
241 // Send error event through stream
242 $errorData = [
243 'type' => 'error',
244 'data' => 'Oops! Something went wrong on the server. Please try again, and if you are the site developer, check the PHP Error Logs for details.'
245 ];
246 echo 'data: ' . json_encode( $errorData ) . "\n\n";
247 if ( ob_get_level() > 0 ) {
248 ob_end_flush();
249 }
250 flush();
251 die();
252 }
253
254 // For non-streaming, return normal error response
255 return $this->create_rest_response( [
256 'success' => false,
257 'message' => $message
258 ], 500 );
259 }
260 }
261
262 private function sanitize_items( $items, $supported_types, $type_name ) {
263 if ( empty( $items ) ) {
264 return $items;
265 }
266 $sanitized_items = [];
267 foreach ( $items as $item ) {
268 if ( isset( $supported_types[$item['type']] ) ) {
269 $is_valid = true;
270 foreach ( $supported_types[$item['type']] as $param ) {
271 if ( !isset( $item['data'][$param] ) ) {
272 $is_valid = false;
273 Meow_MWAI_Logging::warn( "The query was rejected - missing required parameter '{$param}' for {$type_name} type: {$item['type']}." );
274 break;
275 }
276 }
277 if ( $is_valid ) {
278 $sanitized_items[] = $item;
279 }
280 }
281 else {
282 Meow_MWAI_Logging::warn( "The query was rejected - unsupported {$type_name} type: {$item['type']}." );
283 }
284 }
285 return $sanitized_items;
286 }
287
288 public function sanitize_actions( $actions ) {
289 $supported_action_types = [
290 'function' => ['name', 'args'],
291 'javascript' => ['snippet'],
292 ];
293 return $this->sanitize_items( $actions, $supported_action_types, 'action' );
294 }
295
296 public function sanitize_blocks( $blocks ) {
297 $supported_block_types = [
298 'content' => ['html'],
299 ];
300 return $this->sanitize_items( $blocks, $supported_block_types, 'block' );
301 }
302
303 public function sanitize_shortcuts( $shortcuts ) {
304 $supported_shortcut_types = [
305 'message' => ['label', 'message'],
306 'action' => ['label', 'message', 'action'],
307 'callback' => ['label', 'onClick'],
308 ];
309 return $this->sanitize_items( $shortcuts, $supported_shortcut_types, 'shortcut' );
310 }
311
312 #region Messages Integrity Check
313
314 public function messages_integrity_diff( $messages1, $messages2 ) {
315 // Ensure both parameters are arrays
316 if ( !is_array( $messages1 ) ) {
317 $messages1 = [];
318 }
319 if ( !is_array( $messages2 ) ) {
320 $messages2 = [];
321 }
322
323 // Collect messages with role not 'user' from messages1
324 $messagesList1 = [];
325 foreach ( $messages1 as $msg ) {
326 $role = isset( $msg->role ) ? $msg->role : ( isset( $msg['role'] ) ? $msg['role'] : null );
327 $content = isset( $msg->content ) ? $msg->content : ( isset( $msg['content'] ) ? $msg['content'] : null );
328 if ( $role && $role != 'user' ) {
329 $messageData = [ 'role' => $role, 'content' => $content ];
330 $messagesList1[] = $messageData;
331 }
332 }
333
334 // Collect messages with role not 'user' from messages2
335 $messagesList2 = [];
336 foreach ( $messages2 as $msg ) {
337 $role = isset( $msg->role ) ? $msg->role : ( isset( $msg['role'] ) ? $msg['role'] : null );
338 $content = isset( $msg->content ) ? $msg->content : ( isset( $msg['content'] ) ? $msg['content'] : null );
339 if ( $role && $role != 'user' ) {
340 $messageData = [ 'role' => $role, 'content' => $content ];
341 $messagesList2[] = $messageData;
342 }
343 }
344
345 // Count occurrences of each message in messagesList1
346 $counts1 = [];
347 foreach ( $messagesList1 as $msg ) {
348 $key = serialize( $msg );
349 if ( isset( $counts1[ $key ] ) ) {
350 $counts1[ $key ]++;
351 }
352 else {
353 $counts1[ $key ] = 1;
354 }
355 }
356
357 // Count occurrences of each message in messagesList2
358 $counts2 = [];
359 foreach ( $messagesList2 as $msg ) {
360 $key = serialize( $msg );
361 if ( isset( $counts2[ $key ] ) ) {
362 $counts2[ $key ]++;
363 }
364 else {
365 $counts2[ $key ] = 1;
366 }
367 }
368
369 // Compare counts to find unmatched messages
370 $all_keys = array_unique( array_merge( array_keys( $counts1 ), array_keys( $counts2 ) ) );
371
372 $diffs = [];
373 foreach ( $all_keys as $key ) {
374 $count1 = isset( $counts1[ $key ] ) ? $counts1[ $key ] : 0;
375 $count2 = isset( $counts2[ $key ] ) ? $counts2[ $key ] : 0;
376 if ( $count1 != $count2 ) {
377 $message = unserialize( $key );
378 $diffs[] = [
379 'message' => $message,
380 'count_in_messages1' => $count1,
381 'count_in_messages2' => $count2
382 ];
383 }
384 }
385
386 return $diffs;
387 }
388
389 private function calculate_messages_checksum( $messages ) {
390 $messages_to_hash = [];
391 foreach ( $messages as $msg ) {
392 $role = is_array( $msg ) ? ( $msg['role'] ?? '' ) : ( is_object( $msg ) ? ( $msg->role ?? '' ) : '' );
393 $content = is_array( $msg ) ? ( $msg['content'] ?? '' ) : ( is_object( $msg ) ? ( $msg->content ?? '' ) : '' );
394 if ( in_array( $role, ['assistant', 'system'] ) ) {
395 $messages_to_hash[] = [ 'role' => $role, 'content' => $content ];
396 }
397 }
398 return md5( json_encode( $messages_to_hash ) );
399 }
400
401 #endregion
402
403 public function chat_submit( $botId, $newMessage, $newFileId = null, $params = [], $stream = false, $newFileIds = [] ) {
404 $query = null; // Initialize query variable to avoid undefined variable errors
405 try {
406 $chatbot = null;
407 $customId = $params['customId'] ?? null;
408
409 // Custom Chatbot
410 if ( $customId ) {
411 $chatbot = get_transient( 'mwai_custom_chatbot_' . $customId );
412 }
413 // Registered Chatbot
414 if ( !$chatbot && $botId ) {
415 $chatbot = $this->core->get_chatbot( $botId );
416 }
417 // Fall back to default chatbot if no chatbot found yet
418 if ( !$chatbot ) {
419 $chatbot = $this->core->get_chatbot( 'default' );
420 }
421
422 if ( !$chatbot ) {
423 Meow_MWAI_Logging::warn( 'The query was rejected - no chatbot was found.' );
424 throw new Exception( 'Sorry, your query has been rejected.' );
425 }
426
427 $textInputMaxLength = $chatbot['textInputMaxLength'] ?? null;
428 if ( $textInputMaxLength && $this->core->safe_strlen( $newMessage ) > (int) $textInputMaxLength ) {
429 Meow_MWAI_Logging::warn( 'The query was rejected - message was too long.' );
430 throw new Exception( 'Sorry, your query has been rejected.' );
431 }
432
433 // We need to check the integrity of the messages sent by the client.
434 // This is important to ensure that the messages are not tampered with.
435
436 // Messages Integrity Check with Checksums
437 $chatId = $params['chatId'] ?? 'default';
438 $checksum_key = 'mwai_chatbot_checksum_' . $chatId;
439 $stored_checksum = get_transient( $checksum_key );
440 $client_messages = $params['messages'] ?? [];
441 $client_checksum = $this->calculate_messages_checksum( $client_messages );
442 if ( $stored_checksum && $stored_checksum !== $client_checksum ) {
443 Meow_MWAI_Logging::warn( 'Integrity Check: Messages integrity check failed. Assistant or system messages sent by the client do not match stored messages. Please enable the Discussions module for better logs.' );
444 }
445
446 // Messages Integrity Check with Discussions
447 if ( $this->core->get_option( 'chatbot_discussions' ) && $this->core->discussions && isset( $params['chatId'] ) ) {
448 $discussion = $this->core->discussions->get_discussion( $botId ? $botId : $customId, $params['chatId'] );
449 if ( $discussion ) {
450 $messages = $discussion['messages'];
451 $clientMessages = isset( $params['messages'] ) ? $params['messages'] : [];
452 $diffs = $this->messages_integrity_diff( $messages, $clientMessages );
453 if ( count( $diffs ) > 0 ) {
454 Meow_MWAI_Logging::warn( "Integrity Check: It seems the messages in the discussion #{$discussion['id']} do not match the ones sent by the client." );
455 }
456
457 // Maintain conversation state for Responses API by loading previousResponseId
458 // This enables stateful conversations where only new messages are sent
459 if ( empty( $params['previousResponseId'] ) && !empty( $discussion['extra'] ) ) {
460 $extra = json_decode( $discussion['extra'], true );
461 if ( !empty( $extra['responseId'] ) ) {
462 // Response IDs expire after 30 days per OpenAI's policy
463 // Check if the stored response is still valid
464 $responseDate = !empty( $extra['responseDate'] ) ? strtotime( $extra['responseDate'] ) : 0;
465 $thirtyDaysAgo = time() - ( 30 * 24 * 60 * 60 );
466
467 if ( $responseDate > $thirtyDaysAgo ) {
468 // Use the stored response ID for stateful conversation
469 $params['previousResponseId'] = $extra['responseId'];
470 }
471 }
472 }
473 }
474 else {
475 // No discussion yet? We still need to check the startSentence.
476 $startSentence = isset( $chatbot['startSentence'] ) ? $chatbot['startSentence'] : null;
477 $messages = [];
478 if ( !empty( $startSentence ) ) {
479 $messages[] = [ 'role' => 'assistant', 'content' => $startSentence ];
480 }
481 $clientMessages = isset( $params['messages'] ) ? $params['messages'] : [];
482 $diffs = $this->messages_integrity_diff( $messages, $clientMessages );
483 if ( count( $diffs ) > 0 ) {
484 Meow_MWAI_Logging::warn( 'Integrity Check: It seems the messages in the discussion do not match the ones sent by the client: ' . json_encode( $diffs ) );
485 }
486 }
487 }
488
489 // Create QueryText
490 $context = null;
491 $streamCallback = null;
492 $mode = $chatbot['mode'] ?? 'chat';
493
494 if ( $mode === 'images' ) {
495 // Check for uploaded files
496 $fileForImage = null;
497 if ( !empty( $newFileIds ) && is_array( $newFileIds ) ) {
498 $fileForImage = $newFileIds[0];
499 }
500 elseif ( !empty( $newFileId ) ) {
501 $fileForImage = $newFileId;
502 }
503
504 // If there's an uploaded file, use EditImage query instead
505 if ( !empty( $fileForImage ) ) {
506 $query = new Meow_MWAI_Query_EditImage( $newMessage );
507
508 // Handle the uploaded image
509 $url = $this->core->files->get_url( $fileForImage );
510 $mimeType = $this->core->files->get_mime_type( $fileForImage );
511 $isIMG = in_array( $mimeType, [ 'image/jpeg', 'image/png', 'image/gif', 'image/webp' ] );
512
513 if ( $isIMG ) {
514 $query->add_file( Meow_MWAI_Query_DroppedFile::from_url( $url, 'analysis', $mimeType ) );
515 $fileId = $this->core->files->get_id_from_refId( $fileForImage );
516 $this->core->files->update_purpose( $fileId, 'analysis' );
517 }
518 }
519 else {
520 $query = new Meow_MWAI_Query_Image( $newMessage );
521 }
522
523 // Handle Params
524 $newParams = [];
525 foreach ( $chatbot as $key => $value ) {
526 $newParams[$key] = $value;
527 }
528 if ( is_array( $params ) ) {
529 foreach ( $params as $key => $value ) {
530 $newParams[$key] = $value;
531 }
532 }
533
534 // Map 'environment' field to 'envId' for compatibility
535 if ( isset( $newParams['environment'] ) && !isset( $newParams['envId'] ) ) {
536 $newParams['envId'] = $newParams['environment'];
537 }
538
539 $params = apply_filters( 'mwai_chatbot_params', $newParams );
540 $params['scope'] = empty( $params['scope'] ) ? 'chatbot' : $params['scope'];
541
542 // Debug log for embeddings
543 if ( !empty( $params['embeddingsEnvId'] ) ) {
544 Meow_MWAI_Logging::log( 'Chatbot: Setting embeddingsEnvId on query: ' . $params['embeddingsEnvId'] );
545 }
546 else {
547 // Log all params to debug
548 $paramKeys = array_keys( $params );
549 Meow_MWAI_Logging::log( 'Chatbot: No embeddingsEnvId found. Available params: ' . implode( ', ', $paramKeys ) );
550 }
551
552 $query->inject_params( $params );
553 }
554 else {
555 $query = $mode === 'assistant' ? new Meow_MWAI_Query_Assistant( $newMessage ) :
556 new Meow_MWAI_Query_Text( $newMessage, 4096 );
557
558 // Handle Params
559 $newParams = [];
560 foreach ( $chatbot as $key => $value ) {
561 $newParams[$key] = $value;
562 }
563 if ( is_array( $params ) ) {
564 foreach ( $params as $key => $value ) {
565 $newParams[$key] = $value;
566 }
567 }
568
569 // Map 'environment' field to 'envId' for compatibility
570 if ( isset( $newParams['environment'] ) && !isset( $newParams['envId'] ) ) {
571 $newParams['envId'] = $newParams['environment'];
572 }
573
574 $params = apply_filters( 'mwai_chatbot_params', $newParams );
575 $params['scope'] = empty( $params['scope'] ) ? 'chatbot' : $params['scope'];
576
577 // Debug log for embeddings
578 if ( !empty( $params['embeddingsEnvId'] ) ) {
579 Meow_MWAI_Logging::log( 'Chatbot: Setting embeddingsEnvId on query: ' . $params['embeddingsEnvId'] );
580 }
581 else {
582 // Log all params to debug
583 $paramKeys = array_keys( $params );
584 Meow_MWAI_Logging::log( 'Chatbot: No embeddingsEnvId found. Available params: ' . implode( ', ', $paramKeys ) );
585 }
586
587 // In Prompt mode, clear out features that are not supported before injecting params
588 if ( $mode === 'prompt' ) {
589 // Clear embeddings/context settings
590 unset( $params['embeddingsEnvId'] );
591 unset( $params['embeddingsIndex'] );
592 unset( $params['embeddingsNamespace'] );
593 unset( $params['contentAware'] );
594 unset( $params['context'] );
595
596 // Clear function calling and MCP servers
597 unset( $params['functions'] );
598 unset( $params['mcpServers'] );
599
600 // Clear tools
601 unset( $params['tools'] );
602
603 // Clear temperature, reasoning, verbosity as they're configured in the prompt
604 unset( $params['temperature'] );
605 unset( $params['reasoningEffort'] );
606 unset( $params['verbosity'] );
607 unset( $params['maxTokens'] );
608 }
609
610 $query->inject_params( $params );
611
612 // Handle Prompt mode specifics
613 if ( $mode === 'prompt' && !empty( $params['promptId'] ) ) {
614 $promptData = [ 'id' => $params['promptId'] ];
615 $query->setExtraParam( 'prompt', $promptData );
616 }
617
618 $storeId = null;
619 if ( $mode === 'assistant' ) {
620 $chatId = $params['chatId'] ?? null;
621 if ( !empty( $chatId ) && $this->core->discussions ) {
622 $discussion = $this->core->discussions->get_discussion( $query->botId, $chatId );
623 if ( isset( $discussion['storeId'] ) ) {
624 $storeId = $discussion['storeId'];
625 $query->setStoreId( $storeId );
626 }
627 }
628 }
629
630 // Support for Multiple Uploaded Files
631 $filesToProcess = [];
632 if ( !empty( $newFileIds ) && is_array( $newFileIds ) ) {
633 $filesToProcess = $newFileIds;
634 }
635 elseif ( !empty( $newFileId ) ) {
636 $filesToProcess[] = $newFileId;
637 }
638
639 // Support for Uploaded Image/Files
640 if ( !empty( $filesToProcess ) ) {
641 // Process all files for multi-upload support
642 foreach ( $filesToProcess as $fileToProcess ) {
643 // Get extension and mime type
644 $isImage = $this->core->files->is_image( $fileToProcess );
645
646 if ( $mode === 'assistant' && !$isImage ) {
647 // DEPRECATED: Assistants API and File Search are deprecated
648 // After August 26, 2026, this entire block should be removed
649 error_log( '[AI Engine] WARNING: Assistant File Search is deprecated and will be removed after August 26, 2026. Consider using regular chat with PDF uploads instead.' );
650
651 $url = $this->core->files->get_path( $fileToProcess );
652 $data = $this->core->files->get_data( $fileToProcess );
653 $openai = Meow_MWAI_Engines_Factory::get_openai( $this->core, $query->envId );
654 $filename = basename( $url );
655
656 // Upload the file
657 $file = $openai->upload_file( $filename, $data, 'assistants' );
658
659 // Create a store
660 if ( empty( $storeId ) ) {
661 $chatbotName = 'mwai_' . strtolower( !empty( $chatbot['name'] ) ? $chatbot['name'] : 'default' );
662 if ( !empty( $query->chatId ) ) {
663 $chatbotName .= '_' . $query->chatId;
664 }
665 $metadata = [];
666 if ( !empty( $chatbot['assistantId'] ) ) {
667 $metadata['assistantId'] = $chatbot['assistantId'];
668 }
669 if ( !empty( $query->chatId ) ) {
670 $metadata['chatId'] = $query->chatId;
671 }
672 $expiry = $this->core->get_option( 'image_expires' );
673 $storeId = $openai->create_vector_store( $chatbotName, $expiry, $metadata );
674 $query->setStoreId( $storeId );
675 }
676
677 // Add the file to the store - wait a moment for store to be ready
678 sleep( 1 );
679 $storeFileId = $openai->add_vector_store_file( $storeId, $file['id'] );
680
681 if ( empty( $storeFileId ) ) {
682 throw new Exception( 'Failed to add file to vector store.' );
683 }
684
685 // Update the local file with the OpenAI RefId, StoreId and StoreFileId
686 $openAiRefId = $file['id'];
687 $internalFileId = $this->core->files->get_id_from_refId( $fileToProcess );
688 $this->core->files->update_refId( $internalFileId, $openAiRefId );
689 $this->core->files->update_envId( $internalFileId, $query->envId );
690 $this->core->files->update_purpose( $internalFileId, 'analysis' );
691 $this->core->files->add_metadata( $internalFileId, 'assistant_storeId', $storeId );
692 $this->core->files->add_metadata( $internalFileId, 'assistant_storeFileId', $storeFileId );
693 $fileToProcess = $openAiRefId;
694 $scope = $params['fileSearch'];
695 if ( $scope === 'discussion' || $scope === 'user' || $scope === 'assistant' ) {
696 $id = $this->core->files->get_id_from_refId( $fileToProcess );
697 $this->core->files->add_metadata( $id, 'assistant_scope', $scope );
698 }
699 }
700 else {
701 // Keep track of the internal file ID (before any OpenAI processing)
702 // Important: $fileToProcess is our internal database refId, not OpenAI's file_id
703 $internalRefId = $fileToProcess;
704 $url = $this->core->files->get_url( $internalRefId );
705 $mimeType = $this->core->files->get_mime_type( $internalRefId );
706 $isIMG = in_array( $mimeType, [ 'image/jpeg', 'image/png', 'image/gif', 'image/webp' ] );
707
708 // Create DroppedFile object - provider-agnostic approach
709 // Images use URL (can be sent as base64 or URL in messages)
710 // PDFs use refId (engines will upload to their Files API as needed)
711 if ( $isIMG ) {
712 $droppedFile = Meow_MWAI_Query_DroppedFile::from_url( $url, 'analysis', $mimeType );
713 }
714 else {
715 // For PDFs and documents, use refId so engines can access file data directly
716 $droppedFile = Meow_MWAI_Query_DroppedFile::from_refId( $internalRefId, 'analysis', $mimeType );
717 }
718
719 // IMPORTANT: Always use add_file() to add to attachedFiles array
720 // This is the unified approach for both single and multi-file uploads
721 // Engines will check attachedFiles array first, then fall back to attachedFile (legacy)
722 $query->add_file( $droppedFile );
723
724 // Update metadata using the internal refId (not OpenAI file ID)
725 $fileId = $this->core->files->get_id_from_refId( $internalRefId );
726 $this->core->files->update_envId( $fileId, $query->envId );
727 $this->core->files->update_purpose( $fileId, 'analysis' );
728 $this->core->files->add_metadata( $fileId, 'query_envId', $query->envId );
729 $this->core->files->add_metadata( $fileId, 'query_session', $query->session );
730 }
731 }
732 }
733
734 // Takeover
735 $takeoverAnswer = apply_filters( 'mwai_chatbot_takeover', null, $query, $params );
736 if ( !empty( $takeoverAnswer ) ) {
737 $rawText = apply_filters( 'mwai_chatbot_reply', $takeoverAnswer, $query, $params, [] );
738 return [
739 'reply' => $rawText,
740 'chatId' => $this->core->fix_chat_id( $query, $params ),
741 'images' => null,
742 'actions' => [],
743 'usage' => null
744 ];
745 }
746
747 // Moderation
748 $moderationEnabled = $this->core->get_option( 'module_moderation' ) &&
749 $this->core->get_option( 'shortcode_chat_moderation' );
750 if ( $moderationEnabled ) {
751 global $mwai;
752 $isFlagged = $mwai->moderationCheck( $query->get_message() );
753 if ( $isFlagged ) {
754 throw new Exception( 'Sorry, your message has been rejected by moderation.' );
755 }
756 }
757
758 // Setup streaming if enabled (before embeddings to capture those events)
759 $streamCallback = null;
760 $debugEvents = [];
761
762 if ( $stream ) {
763 $streamCallback = function ( $reply ) use ( $query ) {
764 // Support both legacy string data and new Event objects
765 if ( is_string( $reply ) ) {
766 $this->core->stream_push( [ 'type' => 'live', 'data' => $reply ], $query );
767 }
768 else {
769 $this->core->stream_push( $reply, $query );
770 }
771 };
772 if ( headers_sent( $filename, $linenum ) ) {
773 throw new Exception( "Headers already sent in $filename on line $linenum. Cannot start streaming." );
774 }
775 header( 'Cache-Control: no-cache' );
776 header( 'Content-Type: text/event-stream' );
777 // This is useful to disable buffering in nginx through headers.
778 header( 'X-Accel-Buffering: no' );
779 ob_implicit_flush( true );
780 if ( ob_get_level() > 0 ) {
781 ob_end_flush();
782 }
783 }
784 else if ( $this->core->get_option( 'module_devtools' ) && $this->core->get_option( 'debug_mode' ) ) {
785 // For non-streaming debug mode, collect events
786 $streamCallback = function ( $event ) use ( &$debugEvents ) {
787 if ( is_object( $event ) && method_exists( $event, 'toArray' ) ) {
788 $debugEvents[] = $event->toArray();
789 }
790 };
791 }
792
793 // Awareness & Embeddings
794 $context = $this->core->retrieve_context( $params, $query, $streamCallback );
795 if ( !empty( $context ) ) {
796 $query->set_context( $context['content'] );
797 }
798
799 // Function Aware
800 $query = apply_filters( 'mwai_chatbot_query', $query, $params );
801 }
802
803 // Process Query
804
805 $reply = $this->core->run_query( $query, $streamCallback, true );
806 $rawText = $reply->result;
807 $extra = [];
808 if ( $context ) {
809 $extra = [ 'embeddings' => isset( $context['embeddings'] ) ? $context['embeddings'] : null ];
810 }
811 // Store response ID for Responses API stateful conversations
812 // CRITICAL: Must store even when function calls are present
813 // This enables the feedback query to use previous_response_id
814 if ( !empty( $reply->id ) ) {
815 $extra['responseId'] = $reply->id;
816 $extra['responseDate'] = gmdate( 'Y-m-d H:i:s' ); // Track age for 30-day expiry
817 }
818 $rawText = apply_filters( 'mwai_chatbot_reply', $rawText, $query, $params, $extra );
819
820 // Integrity Check: We need to store the checksum of the messages sent by the client.
821 $stored_messages = $client_messages;
822 $stored_messages[] = [ 'role' => 'user', 'content' => $newMessage ];
823 $stored_messages[] = [ 'role' => 'assistant', 'content' => $rawText ];
824 $stored_checksum = $this->calculate_messages_checksum( $stored_messages );
825 set_transient( $checksum_key, $stored_checksum, 60 * 60 * 24 * 30 );
826
827 // Actions
828 $actions = [];
829 if ( $reply->needClientActions ) {
830 foreach ( $reply->needClientActions as $action ) {
831 $actions[] = [
832 'type' => 'function',
833 'data' => [
834 'name' => $action['function']->name,
835 'args' => $action['arguments']
836 ]
837 ];
838 }
839 }
840
841 $restRes = [
842 'reply' => $rawText,
843 'chatId' => $this->core->fix_chat_id( $query, $params ),
844 'images' => $reply->get_type() === 'images' ? $reply->results : null,
845 'actions' => $actions,
846 'usage' => $reply->usage
847 ];
848
849 // Add debug events if collected
850 if ( !empty( $debugEvents ) ) {
851 $restRes['debugEvents'] = $debugEvents;
852 }
853
854 // Add response ID if available (for Responses API)
855 if ( !empty( $reply->id ) ) {
856 $restRes['responseId'] = $reply->id;
857 }
858
859 // Process Reply
860 if ( $stream ) {
861 $final_res = $this->build_final_res(
862 $botId,
863 $newMessage,
864 $newFileId,
865 $params,
866 $restRes['reply'],
867 $restRes['images'],
868 $restRes['actions'],
869 $restRes['usage'],
870 $restRes['responseId'] ?? null
871 );
872 $this->core->stream_push( [ 'type' => 'end', 'data' => json_encode( $final_res ) ], $query );
873 die();
874 }
875 else {
876 return $restRes;
877 }
878
879 }
880 catch ( Exception $e ) {
881 $message = apply_filters( 'mwai_ai_exception', $e->getMessage() );
882 if ( $stream ) {
883 $this->core->stream_push( [ 'type' => 'error', 'data' => $message ], $query );
884 die();
885 }
886 else {
887 throw $e;
888 }
889 }
890 }
891
892 public function inject_chat() {
893 $params = $this->core->get_chatbot( $this->siteWideChatId );
894 $clean_params = [];
895 if ( !empty( $params ) ) {
896 $clean_params['window'] = true;
897 $clean_params['id'] = $this->siteWideChatId;
898 echo $this->chat_shortcode( $clean_params );
899 }
900 return null;
901 }
902
903 public function build_front_params( $botId, $customId, $crossSite = false ) {
904 $frontSystem = [
905 'botId' => ( $customId && $customId !== '' ) ? null : sanitize_text_field( $botId ),
906 'customId' => ( $customId && $customId !== '' ) ? sanitize_text_field( $customId ) : null,
907 'userData' => $this->core->get_user_data(),
908 'sessionId' => $this->core->get_session_id(),
909 // IMPORTANT: REST nonce handling differs by user state:
910 // - Logged-in users: get_nonce() returns a user-specific nonce created in current session context
911 // - Logged-out users: get_nonce() returns null, they'll fetch via /start_session endpoint
912 // This prevents rest_cookie_invalid_nonce errors for logged-in users by ensuring the nonce
913 // matches their authentication context from the start.
914 'restNonce' => $crossSite ? null : $this->core->get_nonce(),
915 'contextId' => get_the_ID(),
916 'pluginUrl' => MWAI_URL,
917 'restUrl' => untrailingslashit( get_rest_url() ),
918 'stream' => $this->core->get_option( 'ai_streaming' ),
919 'debugMode' => $this->core->get_option( 'module_devtools' ) && $this->core->get_option( 'debug_mode' ),
920 'eventLogs' => $this->core->get_option( 'event_logs' ),
921 'speech_recognition' => $this->core->get_option( 'speech_recognition' ),
922 'speech_synthesis' => $this->core->get_option( 'speech_synthesis' ),
923 'typewriter' => $this->core->get_option( 'chatbot_typewriter' ),
924 'crossSite' => $crossSite
925 ];
926 return $frontSystem;
927 }
928
929 public function resolveBotInfo( &$atts ) {
930 $chatbot = null;
931 $botId = $atts['id'] ?? null;
932 $customId = $atts['custom_id'] ?? null;
933 $parentBotId = null;
934
935 if ( !$botId && !$customId ) {
936 $botId = 'default';
937 }
938 if ( $botId ) {
939 $chatbot = $this->core->get_chatbot( $botId );
940 if ( !$chatbot ) {
941 $botId = $botId ?: 'N/A';
942 $safe_botId = esc_html( $botId );
943 return [
944 'error' => "AI Engine: Chatbot '{$safe_botId}' not found. If you meant to set an ID for your custom chatbot, please use 'custom_id' instead of 'id'.",
945 ];
946 }
947 }
948 $chatbot = $chatbot ?: $this->core->get_chatbot( 'default' );
949
950 if ( !empty( $customId ) ) {
951 if ( $botId !== null ) {
952 $parentBotId = $botId;
953 $botId = null;
954 }
955 }
956
957 unset( $atts['id'] );
958 return [
959 'chatbot' => $chatbot,
960 'botId' => $botId,
961 'customId' => $customId,
962 'parentBotId' => $parentBotId
963 ];
964 }
965
966 public function chat_shortcode( $atts ) {
967 $atts = empty( $atts ) ? [] : $atts;
968
969 foreach ( $atts as $key => $value ) {
970 $atts[ $key ] = urldecode( $value );
971 }
972
973 // Let the user override the chatbot params
974 $atts = apply_filters( 'mwai_chatbot_params', $atts );
975
976 // Resolve the bot info
977 $resolvedBot = $this->resolveBotInfo( $atts );
978 if ( isset( $resolvedBot['error'] ) ) {
979 return $resolvedBot['error'];
980 }
981 $chatbot = $resolvedBot['chatbot'];
982 $botId = $resolvedBot['botId'];
983 $customId = $resolvedBot['customId'];
984 $parentBotId = $resolvedBot['parentBotId'];
985
986 // Rename the keys of the atts into camelCase to match the internal params system.
987 $atts = array_map( function ( $key, $value ) {
988 $key = str_replace( '_', ' ', $key );
989 $key = ucwords( $key );
990 $key = str_replace( ' ', '', $key );
991 $key = lcfirst( $key );
992 return [ $key => $value ];
993 }, array_keys( $atts ), $atts );
994 $atts = array_merge( ...$atts );
995
996 if ( !empty( $parentBotId ) ) {
997 $atts['parentBotId'] = $parentBotId;
998 }
999
1000 $frontParams = [];
1001 // Define text parameters that need sanitization (excluding those that support HTML)
1002 $textParams = ['aiName', 'userName', 'guestName', 'textSend', 'textClear', 'textInputPlaceholder',
1003 'startSentence', 'iconText', 'iconAlt', 'headerSubtitle', 'popupTitle', 'allowedMimeTypes'];
1004 // Parameters that support HTML content
1005 $htmlParams = ['textCompliance'];
1006 // Boolean parameters that need special handling
1007 $booleanParams = ['window', 'copyButton', 'fullscreen', 'localMemory', 'iconBubble', 'centerOpen',
1008 'imageUpload', 'fileUpload', 'multiUpload', 'fileSearch'];
1009
1010 foreach ( MWAI_CHATBOT_FRONT_PARAMS as $param ) {
1011 // Let's go through the overriden or custom params first (the ones passed in the shortcode)
1012 if ( isset( $atts[$param] ) ) {
1013 if ( $param === 'localMemory' ) {
1014 $frontParams[$param] = $atts[$param] === 'true';
1015 }
1016 else if ( in_array( $param, $textParams ) ) {
1017 // Sanitize text parameters to prevent XSS
1018 $frontParams[$param] = sanitize_text_field( $atts[$param] );
1019 }
1020 else if ( in_array( $param, $htmlParams ) ) {
1021 // For HTML parameters, use wp_kses_post to allow safe HTML
1022 $frontParams[$param] = wp_kses_post( $atts[$param] );
1023 }
1024 else if ( in_array( $param, $booleanParams ) ) {
1025 // Convert to proper boolean
1026 // Handle various boolean representations from shortcode attributes
1027 $value = $atts[$param];
1028 if ( is_bool( $value ) ) {
1029 $frontParams[$param] = $value;
1030 }
1031 else if ( is_string( $value ) ) {
1032 $frontParams[$param] = !empty( $value ) && $value !== 'false' && $value !== '0' && $value !== 'no';
1033 }
1034 else {
1035 $frontParams[$param] = !empty( $value );
1036 }
1037 }
1038 else {
1039 $frontParams[$param] = $atts[$param];
1040 }
1041 }
1042 // If not, let's use the chatbot's default values
1043 else if ( isset( $chatbot[$param] ) ) {
1044 if ( in_array( $param, $booleanParams ) ) {
1045 // Convert to proper boolean for chatbot defaults too
1046 // Handle various boolean representations
1047 $value = $chatbot[$param];
1048
1049 if ( is_bool( $value ) ) {
1050 $frontParams[$param] = $value;
1051 }
1052 else if ( is_string( $value ) ) {
1053 $frontParams[$param] = !empty( $value ) && $value !== 'false' && $value !== '0';
1054 }
1055 else {
1056 $frontParams[$param] = !empty( $value );
1057 }
1058 }
1059 else {
1060 $frontParams[$param] = $chatbot[$param];
1061 }
1062 }
1063
1064 // Apply the placeholders
1065 if ( in_array( $param, ['startSentence', 'iconText'] ) ) {
1066 $frontParams[$param] = $this->core->do_placeholders( $frontParams[$param] );
1067 }
1068 }
1069
1070 // Ensure upload params are synced
1071 // fileUpload (checkbox) determines if uploads are enabled
1072 // maxUploads (number) determines how many files can be uploaded
1073 $fileUploadEnabled = !empty( $frontParams['fileUpload'] ) || !empty( $frontParams['imageUpload'] );
1074 $maxFiles = isset( $frontParams['maxUploads'] ) ? max( 1, (int) $frontParams['maxUploads'] ) : 1;
1075
1076 // Sync all params for backward compatibility
1077 $frontParams['fileUpload'] = $fileUploadEnabled;
1078 $frontParams['imageUpload'] = $fileUploadEnabled;
1079 $frontParams['fileUploads'] = $fileUploadEnabled ? $maxFiles : 0;
1080 $frontParams['multiUpload'] = $fileUploadEnabled && $maxFiles > 1;
1081 $frontParams['maxUploads'] = $maxFiles;
1082
1083 // Server Params
1084 // NOTE: We don't need the server params for the chatbot if there are no overrides, it means
1085 // we are using the default or a specific chatbot.
1086 $isSiteWide = $this->siteWideChatId && $botId === $this->siteWideChatId;
1087
1088 // Parameters that are purely visual/UI and shouldn't trigger custom ID
1089 $visualOnlyParams = [
1090 // Bot selectors
1091 'id', 'custom_id',
1092 // System-added params
1093 'crossSite',
1094 // Visual/UI parameters that don't affect AI behavior
1095 'aiName', 'userName', 'guestName', // Display names
1096 'aiAvatar', 'userAvatar', 'guestAvatar', 'aiAvatarUrl', 'userAvatarUrl', 'guestAvatarUrl', // Avatars
1097 'textSend', 'textClear', 'textInputPlaceholder', 'textCompliance', // UI text labels
1098 'textInputMaxLength', // Input constraint (visual)
1099 'themeId', // Theme selection
1100 'window', 'icon', 'iconText', 'iconTextDelay', 'iconAlt', 'iconPosition', // Window/icon settings
1101 'centerOpen', 'width', 'openDelay', 'iconBubble', 'windowAnimation', 'fullscreen', // Window behavior
1102 'copyButton', 'headerSubtitle', 'popupTitle', // UI features
1103 'containerType', 'headerType', 'messagesType', 'inputType', 'footerType' // UI style variants
1104 ];
1105
1106 // Remove visual-only params from override detection
1107 $attsForOverrideCheck = array_diff_key( $atts, array_flip( $visualOnlyParams ) );
1108
1109 // Only these front params affect behavior and should trigger custom ID:
1110 // - mode: chat vs. prompt mode
1111 // - startSentence: initial AI message
1112 // - localMemory: affects data persistence
1113 // - imageUpload, fileUpload, multiUpload, fileSearch: affect capabilities
1114 $behavioralFrontParams = ['mode', 'startSentence', 'localMemory', 'imageUpload', 'fileUpload', 'multiUpload', 'fileSearch'];
1115
1116 $hasServerOverrides = count( array_intersect( array_keys( $attsForOverrideCheck ), MWAI_CHATBOT_SERVER_PARAMS ) ) > 0;
1117 $hasBehavioralFrontOverrides = count( array_intersect( array_keys( $attsForOverrideCheck ), $behavioralFrontParams ) ) > 0;
1118 $hasOverrides = !$isSiteWide && ( $hasServerOverrides || $hasBehavioralFrontOverrides );
1119
1120 $serverParams = [];
1121 if ( $hasOverrides ) {
1122 // Server parameters don't need sanitization as they're processed server-side
1123 // and not rendered in HTML. They may contain code, HTML, etc. for AI context.
1124 foreach ( MWAI_CHATBOT_SERVER_PARAMS as $param ) {
1125 if ( isset( $atts[$param] ) ) {
1126 $serverParams[$param] = $atts[$param];
1127 }
1128 else {
1129 // For custom chatbots, don't inherit embeddingsEnvId from the default chatbot
1130 if ( $param === 'embeddingsEnvId' && !empty( $customId ) ) {
1131 $serverParams[$param] = '';
1132 }
1133 else {
1134 $serverParams[$param] = $chatbot[$param] ?? null;
1135 }
1136 }
1137 }
1138 }
1139
1140 // Front Params
1141 $frontSystem = $this->build_front_params( $botId, $customId );
1142
1143 // Clean Params
1144 $frontParams = $this->clean_params( $frontParams );
1145 $frontSystem = $this->clean_params( $frontSystem );
1146 $serverParams = $this->clean_params( $serverParams );
1147
1148 // Server-side: Keep the System Params
1149 if ( $hasOverrides ) {
1150 if ( empty( $customId ) ) {
1151 $customId = md5( json_encode( $serverParams ) );
1152 $frontSystem['customId'] = $customId;
1153 }
1154 set_transient( 'mwai_custom_chatbot_' . $customId, $serverParams, 60 * 60 * 24 );
1155 }
1156
1157 // Retrieve the actions, shortcuts, and blocks we want to inject at the beginning
1158 $filterParams = [
1159 'step' => 'init',
1160 'botId' => $botId,
1161 'params' => array_merge( $frontParams, $frontSystem, $serverParams )
1162 ];
1163 $actions = apply_filters( 'mwai_chatbot_actions', [], $filterParams );
1164 $blocks = apply_filters( 'mwai_chatbot_blocks', [], $filterParams );
1165 $shortcuts = apply_filters( 'mwai_chatbot_shortcuts', [], $filterParams );
1166 $frontSystem['actions'] = $this->sanitize_actions( $actions );
1167 $frontSystem['blocks'] = $this->sanitize_blocks( $blocks );
1168 $frontSystem['shortcuts'] = $this->sanitize_shortcuts( $shortcuts );
1169
1170 // Client-side: Prepare JSON for Front Params and System Params
1171 $theme = isset( $frontParams['themeId'] ) ? $this->core->get_theme( $frontParams['themeId'] ) : null;
1172 $jsonFrontParams = htmlspecialchars( json_encode( $frontParams ), ENT_QUOTES, 'UTF-8' );
1173 $jsonFrontSystem = htmlspecialchars( json_encode( $frontSystem ), ENT_QUOTES, 'UTF-8' );
1174 $jsonFrontTheme = htmlspecialchars( json_encode( $theme ), ENT_QUOTES, 'UTF-8' );
1175 //$jsonAttributes = htmlspecialchars(json_encode($atts), ENT_QUOTES, 'UTF-8');
1176
1177 $this->enqueue_scripts( $frontParams['themeId'] ?? null );
1178
1179 return "<div class='mwai-chatbot-container' data-params='{$jsonFrontParams}' data-system='{$jsonFrontSystem}' data-theme='{$jsonFrontTheme}'></div>";
1180 }
1181
1182 public function chatbot_discussions( $atts ) {
1183 $atts = empty( $atts ) ? [] : $atts;
1184
1185 // Resolve the bot info
1186 $resolvedBot = $this->resolveBotInfo( $atts );
1187 if ( isset( $resolvedBot['error'] ) ) {
1188 return $resolvedBot['error'];
1189 }
1190 $chatbot = $resolvedBot['chatbot'];
1191 $botId = $resolvedBot['botId'];
1192 $customId = $resolvedBot['customId'];
1193
1194 // Rename the keys of the atts into camelCase to match the internal params system.
1195 $atts = array_map( function ( $key, $value ) {
1196 $key = str_replace( '_', ' ', $key );
1197 $key = ucwords( $key );
1198 $key = str_replace( ' ', '', $key );
1199 $key = lcfirst( $key );
1200 return [ $key => $value ];
1201 }, array_keys( $atts ), $atts );
1202 $atts = array_merge( ...$atts );
1203
1204 // Front Params
1205 $frontParams = [];
1206 // All discussion params are text params that need sanitization
1207 $textParams = ['textNewChat'];
1208
1209 foreach ( MWAI_DISCUSSIONS_FRONT_PARAMS as $param ) {
1210 if ( isset( $atts[$param] ) ) {
1211 // Sanitize text parameters
1212 $frontParams[$param] = in_array( $param, $textParams ) ? sanitize_text_field( $atts[$param] ) : $atts[$param];
1213 }
1214 else if ( isset( $chatbot[$param] ) ) {
1215 $frontParams[$param] = $chatbot[$param];
1216 }
1217 }
1218
1219 // Server Params
1220 $serverParams = [];
1221 foreach ( MWAI_DISCUSSIONS_SERVER_PARAMS as $param ) {
1222 if ( isset( $atts[$param] ) ) {
1223 $serverParams[$param] = $atts[$param];
1224 }
1225 }
1226
1227 // Front System
1228 $frontSystem = $this->build_front_params( $botId, $customId );
1229 // Get refresh interval from settings
1230 $refresh_interval = $this->core->get_option( 'chatbot_discussions_refresh_interval' );
1231 if ( $refresh_interval === 'Never' ) {
1232 $frontSystem['refreshInterval'] = 0;
1233 }
1234 elseif ( $refresh_interval === 'Manual' ) {
1235 $frontSystem['refreshInterval'] = -1;
1236 }
1237 elseif ( is_numeric( $refresh_interval ) ) {
1238 $frontSystem['refreshInterval'] = intval( $refresh_interval ) * 1000; // Convert to milliseconds
1239 }
1240 else {
1241 $frontSystem['refreshInterval'] = 5000; // Default to 5 seconds
1242 }
1243 $frontSystem['refreshInterval'] = apply_filters( 'mwai_discussions_refresh_interval', $frontSystem['refreshInterval'] );
1244
1245 // Get paging setting
1246 $paging_option = $this->core->get_option( 'chatbot_discussions_paging' );
1247 if ( $paging_option === 'None' ) {
1248 $frontSystem['paging'] = 0; // No pagination
1249 }
1250 else {
1251 $frontSystem['paging'] = is_numeric( $paging_option ) ? intval( $paging_option ) : 10; // Default to 10
1252 }
1253
1254 // Get metadata settings
1255 $frontSystem['metadata'] = [
1256 'enabled' => $this->core->get_option( 'chatbot_discussions_metadata_enabled' ),
1257 'startDate' => $this->core->get_option( 'chatbot_discussions_metadata_start_date' ),
1258 'lastUpdate' => $this->core->get_option( 'chatbot_discussions_metadata_last_update' ),
1259 'messageCount' => $this->core->get_option( 'chatbot_discussions_metadata_message_count' )
1260 ];
1261
1262 // Clean Params
1263 $frontParams = $this->clean_params( $frontParams );
1264 $frontSystem = $this->clean_params( $frontSystem );
1265 $serverParams = $this->clean_params( $serverParams );
1266
1267 $theme = isset( $frontParams['themeId'] ) ? $this->core->get_theme( $frontParams['themeId'] ) : null;
1268 $jsonFrontParams = htmlspecialchars( json_encode( $frontParams ), ENT_QUOTES, 'UTF-8' );
1269 $jsonFrontSystem = htmlspecialchars( json_encode( $frontSystem ), ENT_QUOTES, 'UTF-8' );
1270 $jsonFrontTheme = htmlspecialchars( json_encode( $theme ), ENT_QUOTES, 'UTF-8' );
1271
1272 return "<div class='mwai-discussions-container' data-params='{$jsonFrontParams}' data-system='{$jsonFrontSystem}' data-theme='{$jsonFrontTheme}'></div>";
1273 }
1274
1275 public function clean_params( &$params ) {
1276 foreach ( $params as $param => $value ) {
1277 if ( $param === 'restNonce' ) {
1278 continue;
1279 }
1280 // Skip only if value is null or an array - but not if it's false or 0
1281 if ( is_null( $value ) || is_array( $value ) ) {
1282 continue;
1283 }
1284 // Handle empty strings
1285 if ( $value === '' ) {
1286 continue;
1287 }
1288 $lowerCaseValue = is_string( $value ) ? strtolower( $value ) : '';
1289 if ( $lowerCaseValue === 'true' || $lowerCaseValue === 'false' || is_bool( $value ) ) {
1290 $params[$param] = filter_var( $value, FILTER_VALIDATE_BOOLEAN );
1291 }
1292 else if ( is_numeric( $value ) ) {
1293 $params[$param] = filter_var( $value, FILTER_VALIDATE_FLOAT );
1294 }
1295 }
1296 return $params;
1297 }
1298
1299 }
1300