class-email-encoder-bundle-ajax.php
6 years ago
class-email-encoder-bundle-helpers.php
6 years ago
class-email-encoder-bundle-run-admin.php
6 years ago
class-email-encoder-bundle-run.php
6 years ago
class-email-encoder-bundle-settings.php
6 years ago
class-email-encoder-bundle-validate.php
6 years ago
index.php
6 years ago
class-email-encoder-bundle-validate.php
917 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Class Email_Encoder_Validate |
| 5 | * |
| 6 | * The main validation functionality for the plugin. |
| 7 | * Here is where the logic happens. |
| 8 | * |
| 9 | * @since 2.0.0 |
| 10 | * @package EEB |
| 11 | * @author Ironikus <info@ironikus.com> |
| 12 | */ |
| 13 | |
| 14 | class Email_Encoder_Validate{ |
| 15 | |
| 16 | /** |
| 17 | * The main page name for our admin page |
| 18 | * |
| 19 | * @var string |
| 20 | * @since 2.0.0 |
| 21 | */ |
| 22 | private $page_name; |
| 23 | |
| 24 | /** |
| 25 | * The main page title for our admin page |
| 26 | * |
| 27 | * @var string |
| 28 | * @since 2.0.0 |
| 29 | */ |
| 30 | private $page_title; |
| 31 | |
| 32 | /** |
| 33 | * Our Email_Encoder_Run constructor. |
| 34 | */ |
| 35 | function __construct(){ |
| 36 | $this->page_name = EEB()->settings->get_page_name(); |
| 37 | $this->page_title = EEB()->settings->get_page_title(); |
| 38 | $this->final_outout_buffer_hook = EEB()->settings->get_final_outout_buffer_hook(); |
| 39 | $this->at_identifier = EEB()->settings->get_at_identifier(); |
| 40 | } |
| 41 | |
| 42 | /** |
| 43 | * ###################### |
| 44 | * ### |
| 45 | * #### FILTERS |
| 46 | * ### |
| 47 | * ###################### |
| 48 | */ |
| 49 | |
| 50 | /** |
| 51 | * The main page filter function |
| 52 | * |
| 53 | * @param string $content - the content that needs to be filtered |
| 54 | * @param bool $convertPlainEmails - wether plain emails should be preserved or not |
| 55 | * @return string - The filtered content |
| 56 | */ |
| 57 | public function filter_page( $content, $protect_using ){ |
| 58 | |
| 59 | $content = $this->filter_soft_dom_attributes( $content, 'char_encode' ); |
| 60 | |
| 61 | $htmlSplit = preg_split( '/(<body(([^>]*)>))/is', $content, null, PREG_SPLIT_DELIM_CAPTURE ); |
| 62 | |
| 63 | if ( count( $htmlSplit ) < 4 ) { |
| 64 | return $content; |
| 65 | } |
| 66 | |
| 67 | switch( $protect_using ){ |
| 68 | case 'with_javascript': |
| 69 | case 'without_javascript': |
| 70 | case 'char_encode': |
| 71 | $head_encoding_method = 'char_encode'; |
| 72 | break; |
| 73 | default: |
| 74 | $head_encoding_method = 'default'; |
| 75 | break; |
| 76 | } |
| 77 | |
| 78 | //Filter head area |
| 79 | $filtered_head = $this->filter_plain_emails( $htmlSplit[0], null, $head_encoding_method ); |
| 80 | |
| 81 | //Filter body |
| 82 | //Soft attributes always need to be protected using only the char encode method since otherwise the logic breaks |
| 83 | $filtered_body = $this->filter_soft_attributes( $htmlSplit[4], 'char_encode' ); |
| 84 | $filtered_body = $this->filter_content( $filtered_body, $protect_using ); |
| 85 | |
| 86 | $filtered_content = $filtered_head . $htmlSplit[1] . $filtered_body; |
| 87 | |
| 88 | //Revalidate filtered emails that should not bbe encoded |
| 89 | $filtered_content = $this->temp_encode_at_symbol( $filtered_content, true ); |
| 90 | |
| 91 | return $filtered_content; |
| 92 | } |
| 93 | |
| 94 | /** |
| 95 | * Filter content |
| 96 | * |
| 97 | * @param string $content |
| 98 | * @param integer $protect_using |
| 99 | * @return string |
| 100 | */ |
| 101 | public function filter_content( $content, $protect_using ){ |
| 102 | $filtered = $content; |
| 103 | $self = $this; |
| 104 | $encode_mailtos = (bool) EEB()->settings->get_setting( 'encode_mailtos', true, 'filter_body' ); |
| 105 | $convert_plain_to_image = (bool) EEB()->settings->get_setting( 'convert_plain_to_image', true, 'filter_body' ); |
| 106 | |
| 107 | //Soft attributes always need to be protected using only the char encode method since otherwise the logic breaks |
| 108 | $filtered = $this->filter_soft_attributes( $filtered, 'char_encode' ); |
| 109 | |
| 110 | switch( $protect_using ){ |
| 111 | case 'char_encode': |
| 112 | $filtered = $this->filter_plain_emails( $filtered, null, 'char_encode' ); |
| 113 | break; |
| 114 | case 'strong_method': |
| 115 | $filtered = $this->filter_plain_emails( $filtered ); |
| 116 | break; |
| 117 | case 'without_javascript': |
| 118 | $filtered = $this->filter_input_fields( $filtered, $protect_using ); |
| 119 | $filtered = $this->filter_mailto_links( $filtered, 'without_javascript' ); |
| 120 | |
| 121 | if( $convert_plain_to_image ){ |
| 122 | $replace_by = 'convert_image'; |
| 123 | } else { |
| 124 | $replace_by = 'use_css'; |
| 125 | } |
| 126 | |
| 127 | if( $encode_mailtos ){ |
| 128 | if( ! ( function_exists( 'et_fb_enabled' ) && et_fb_enabled() ) ){ |
| 129 | $filtered = $this->filter_plain_emails( $filtered, function ( $match ) use ( $self ) { |
| 130 | return $self->create_protected_mailto( $match[0], array( 'href' => 'mailto:' . $match[0] ), 'without_javascript' ); |
| 131 | }, $replace_by); |
| 132 | } else { |
| 133 | $filtered = $this->filter_plain_emails( $filtered, null, $replace_by ); |
| 134 | } |
| 135 | } else { |
| 136 | $filtered = $this->filter_plain_emails( $filtered, null, $replace_by ); |
| 137 | } |
| 138 | |
| 139 | break; |
| 140 | case 'with_javascript': |
| 141 | $filtered = $this->filter_input_fields( $filtered, $protect_using ); |
| 142 | $filtered = $this->filter_mailto_links( $filtered ); |
| 143 | |
| 144 | if( $convert_plain_to_image ){ |
| 145 | $replace_by = 'convert_image'; |
| 146 | } else { |
| 147 | $replace_by = 'use_javascript'; |
| 148 | } |
| 149 | |
| 150 | if( $encode_mailtos ){ |
| 151 | if( ! ( function_exists( 'et_fb_enabled' ) && et_fb_enabled() ) ){ |
| 152 | $filtered = $this->filter_plain_emails( $filtered, function ( $match ) use ( $self ) { |
| 153 | return $self->create_protected_mailto( $match[0], array( 'href' => 'mailto:' . $match[0] ), 'with_javascript' ); |
| 154 | }, $replace_by); |
| 155 | } else { |
| 156 | $filtered = $this->filter_plain_emails( $filtered, null, $replace_by ); |
| 157 | } |
| 158 | } else { |
| 159 | $filtered = $this->filter_plain_emails( $filtered, null, $replace_by ); |
| 160 | } |
| 161 | |
| 162 | break; |
| 163 | } |
| 164 | |
| 165 | //Revalidate filtered emails that should not bbe encoded |
| 166 | $filtered = $this->temp_encode_at_symbol( $filtered, true ); |
| 167 | |
| 168 | return $filtered; |
| 169 | } |
| 170 | |
| 171 | /** |
| 172 | * Emails will be replaced by '*protected email*' |
| 173 | * @param string $content |
| 174 | * @param string|callable $replace_by Optional |
| 175 | * @param string $protection_method Optional |
| 176 | * @param mixed $show_encoded_check Optional |
| 177 | * @return string |
| 178 | */ |
| 179 | public function filter_plain_emails($content, $replace_by = null, $protection_method = 'default', $show_encoded_check = 'default' ){ |
| 180 | |
| 181 | if( $show_encoded_check === 'default' ){ |
| 182 | $show_encoded_check = (bool) EEB()->settings->get_setting( 'show_encoded_check', true ); |
| 183 | } |
| 184 | |
| 185 | if ( $replace_by === null ) { |
| 186 | $replace_by = __( EEB()->settings->get_setting( 'protection_text', true ), 'email-encoder-bundle' ); |
| 187 | } |
| 188 | |
| 189 | $self = $this; |
| 190 | |
| 191 | return preg_replace_callback( EEB()->settings->get_email_regex(), function ( $matches ) use ( $replace_by, $protection_method, $show_encoded_check, $self ) { |
| 192 | // workaround to skip responsive image names containing @ |
| 193 | $extention = strtolower( $matches[4] ); |
| 194 | $excludedList = array('.jpg', '.jpeg', '.png', '.gif'); |
| 195 | |
| 196 | if ( in_array( $extention, $excludedList ) ) { |
| 197 | return $matches[0]; |
| 198 | } |
| 199 | |
| 200 | if ( is_callable( $replace_by ) ) { |
| 201 | return call_user_func( $replace_by, $matches, $protection_method ); |
| 202 | } |
| 203 | |
| 204 | if( $protection_method === 'char_encode' ){ |
| 205 | $protected_return = antispambot( $matches[0] ); |
| 206 | } elseif( $protection_method === 'convert_image' ){ |
| 207 | |
| 208 | $image_link = $self->generate_email_image_url( $matches[0] ); |
| 209 | if( ! empty( $image_link ) ){ |
| 210 | $protected_return = '<img src="' . $image_link . '" />'; |
| 211 | } else { |
| 212 | $protected_return = antispambot( $matches[0] ); |
| 213 | } |
| 214 | |
| 215 | } elseif( $protection_method === 'use_javascript' ){ |
| 216 | $protection_text = __( EEB()->settings->get_setting( 'protection_text', true ), 'email-encoder-bundle' ); |
| 217 | $protected_return = $this->dynamic_js_email_encoding( $matches[0], $protection_text ); |
| 218 | } elseif( $protection_method === 'use_css' ){ |
| 219 | $protection_text = __( EEB()->settings->get_setting( 'protection_text', true ), 'email-encoder-bundle' ); |
| 220 | $protected_return = $this->encode_email_css( $matches[0], $protection_text ); |
| 221 | } else { |
| 222 | $protected_return = $replace_by; |
| 223 | } |
| 224 | |
| 225 | // mark link as successfullly encoded (for admin users) |
| 226 | if ( current_user_can( EEB()->settings->get_admin_cap( 'frontend-display-security-check' ) ) && $show_encoded_check ) { |
| 227 | $protected_return .= '<i class="eeb-encoded dashicons-before dashicons-lock" title="' . __( 'Email encoded successfully!', 'email-encoder-bundle' ) . '"></i>'; |
| 228 | } |
| 229 | |
| 230 | return $protected_return; |
| 231 | |
| 232 | }, $content ); |
| 233 | } |
| 234 | |
| 235 | /** |
| 236 | * Filter passed input fields |
| 237 | * |
| 238 | * @param string $content |
| 239 | * @return string |
| 240 | */ |
| 241 | public function filter_input_fields( $content, $encoding_method = 'default' ){ |
| 242 | $self = $this; |
| 243 | $strong_encoding = (bool) EEB()->settings->get_setting( 'input_strong_protection', true, 'filter_body' ); |
| 244 | |
| 245 | $callback_encode_input_fields = function ( $match ) use ( $self, $encoding_method, $strong_encoding ) { |
| 246 | $input = $match[0]; |
| 247 | $email = $match[2]; |
| 248 | |
| 249 | //Only allow strong encoding if javascript is supported |
| 250 | if( $encoding_method === 'without_javascript' ){ |
| 251 | $strong_encoding = false; |
| 252 | } |
| 253 | |
| 254 | return $self->encode_input_field( $input, $email, $strong_encoding ); |
| 255 | }; |
| 256 | |
| 257 | $regexpInputField = '/<input([^>]*)value=["\'][\s+]*' . EEB()->settings->get_email_regex( true ) . '[\s+]*["\']([^>]*)>/is'; |
| 258 | |
| 259 | return preg_replace_callback( $regexpInputField, $callback_encode_input_fields, $content ); |
| 260 | } |
| 261 | |
| 262 | /** |
| 263 | * @param string $content |
| 264 | * @return string |
| 265 | */ |
| 266 | public function filter_mailto_links( $content, $protection_method = null ){ |
| 267 | $self = $this; |
| 268 | |
| 269 | $callbackEncodeMailtoLinks = function ( $match ) use ( $self, $protection_method ) { |
| 270 | $attrs = shortcode_parse_atts( $match[1] ); |
| 271 | return $self->create_protected_mailto( $match[4], $attrs, $protection_method ); |
| 272 | }; |
| 273 | |
| 274 | $regexpMailtoLink = '/<a[\s+]*(([^>]*)href=["\']mailto\:([^>]*)["\'])>(.*?)<\/a[\s+]*>/is'; |
| 275 | |
| 276 | return preg_replace_callback( $regexpMailtoLink, $callbackEncodeMailtoLinks, $content ); |
| 277 | } |
| 278 | |
| 279 | /** |
| 280 | * Emails will be replaced by '*protected email*' |
| 281 | * |
| 282 | * @param string $content |
| 283 | * @return string |
| 284 | */ |
| 285 | public function filter_rss( $content, $protection_type ){ |
| 286 | |
| 287 | if( $protection_type === 'strong_method' ) { |
| 288 | $filtered = $this->filter_plain_emails( $content ); |
| 289 | } else { |
| 290 | $filtered = $this->filter_plain_emails( $content, null, 'char_encode' ); |
| 291 | } |
| 292 | |
| 293 | return $filtered; |
| 294 | } |
| 295 | |
| 296 | /** |
| 297 | * Filter plain emails using soft attributes |
| 298 | * |
| 299 | * @param string $content - the content that should be soft filtered |
| 300 | * @param string $protection_method - The method (E.g. char_encode) |
| 301 | * @return string |
| 302 | */ |
| 303 | public function filter_soft_attributes( $content, $protection_method ){ |
| 304 | $soft_attributes = EEB()->settings->get_soft_attribute_regex(); |
| 305 | |
| 306 | foreach( $soft_attributes as $ident => $regex ){ |
| 307 | |
| 308 | $array = array(); |
| 309 | preg_match_all( $regex, $content, $array ) ; |
| 310 | |
| 311 | foreach( $array as $single ){ |
| 312 | $content = str_replace( $single, $this->filter_plain_emails( $single, null, $protection_method, false ), $content ); |
| 313 | } |
| 314 | |
| 315 | } |
| 316 | |
| 317 | return $content; |
| 318 | } |
| 319 | |
| 320 | /** |
| 321 | * Filter plain emails using soft dom attributes |
| 322 | * |
| 323 | * @param string $content - the content that should be soft filtered |
| 324 | * @param string $protection_method - The method (E.g. char_encode) |
| 325 | * @return string |
| 326 | */ |
| 327 | public function filter_soft_dom_attributes( $content, $protection_method ){ |
| 328 | |
| 329 | $no_script_tags = (bool) EEB()->settings->get_setting( 'no_script_tags', true, 'filter_body' ); |
| 330 | $no_attribute_validation = (bool) EEB()->settings->get_setting( 'no_attribute_validation', true, 'filter_body' ); |
| 331 | |
| 332 | if( class_exists( 'DOMDocument' ) ){ |
| 333 | $dom = new DOMDocument(); |
| 334 | @$dom->loadHTML($content); |
| 335 | |
| 336 | //Filter html attributes |
| 337 | if( ! $no_attribute_validation ){ |
| 338 | $allNodes = $dom->getElementsByTagName('*'); |
| 339 | foreach( $allNodes as $snote ){ |
| 340 | if( $snote->hasAttributes() ) { |
| 341 | foreach( $snote->attributes as $attr ) { |
| 342 | if( $attr->nodeName == 'href' || $attr->nodeName == 'src' ){ |
| 343 | continue; |
| 344 | } |
| 345 | |
| 346 | if( strpos( $attr->nodeValue, '@' ) !== FALSE ){ |
| 347 | $single_tags = array(); |
| 348 | preg_match_all( '/' . $attr->nodeName . '="([^"]*)"/i', $content, $single_tags ); |
| 349 | |
| 350 | foreach( $single_tags as $single ){ |
| 351 | $content = str_replace( $single, $this->filter_plain_emails( $single, null, $protection_method, false ), $content ); |
| 352 | } |
| 353 | } |
| 354 | } |
| 355 | } |
| 356 | } |
| 357 | } |
| 358 | |
| 359 | //Soft-encode scripts |
| 360 | $script = $dom->getElementsByTagName('script'); |
| 361 | if( ! $no_script_tags ){ |
| 362 | foreach($script as $item){ |
| 363 | $content = str_replace( $item->nodeValue, $this->filter_plain_emails( $item->nodeValue, null, $protection_method, false ), $content ); |
| 364 | } |
| 365 | } else { |
| 366 | foreach($script as $item){ |
| 367 | $content = str_replace( $item->nodeValue, $this->temp_encode_at_symbol( $item->nodeValue ), $content ); |
| 368 | } |
| 369 | } |
| 370 | } |
| 371 | |
| 372 | return $content; |
| 373 | } |
| 374 | |
| 375 | /** |
| 376 | * ###################### |
| 377 | * ### |
| 378 | * #### ENCODINGS |
| 379 | * ### |
| 380 | * ###################### |
| 381 | */ |
| 382 | |
| 383 | public function temp_encode_at_symbol( $content, $decode = false ){ |
| 384 | if( $decode ){ |
| 385 | return str_replace( $this->at_identifier, '@', $content ); |
| 386 | } |
| 387 | |
| 388 | return str_replace( '@', $this->at_identifier, $content ); |
| 389 | } |
| 390 | |
| 391 | /** |
| 392 | * ASCII method |
| 393 | * |
| 394 | * @param string $value |
| 395 | * @param string $protection_text |
| 396 | * @return string |
| 397 | */ |
| 398 | public function encode_ascii($value, $protection_text) { |
| 399 | $mail_link = $value; |
| 400 | |
| 401 | // first encode, so special chars can be supported |
| 402 | $mail_link = EEB()->helpers->encode_uri_components( $mail_link ); |
| 403 | |
| 404 | $mail_letters = ''; |
| 405 | |
| 406 | for ($i = 0; $i < strlen($mail_link); $i ++) { |
| 407 | $l = substr($mail_link, $i, 1); |
| 408 | |
| 409 | if (strpos($mail_letters, $l) === false) { |
| 410 | $p = rand(0, strlen($mail_letters)); |
| 411 | $mail_letters = substr($mail_letters, 0, $p) . |
| 412 | $l . substr($mail_letters, $p, strlen($mail_letters)); |
| 413 | } |
| 414 | } |
| 415 | |
| 416 | $mail_letters_enc = str_replace("\\", "\\\\", $mail_letters); |
| 417 | $mail_letters_enc = str_replace("\"", "\\\"", $mail_letters_enc); |
| 418 | |
| 419 | $mail_indices = ''; |
| 420 | for ($i = 0; $i < strlen($mail_link); $i ++) { |
| 421 | $index = strpos($mail_letters, substr($mail_link, $i, 1)); |
| 422 | $index += 48; |
| 423 | $mail_indices .= chr($index); |
| 424 | } |
| 425 | |
| 426 | $mail_indices = str_replace("\\", "\\\\", $mail_indices); |
| 427 | $mail_indices = str_replace("\"", "\\\"", $mail_indices); |
| 428 | |
| 429 | $element_id = 'eeb-' . mt_rand( 0, 1000000 ) . '-' . mt_rand(0, 1000000); |
| 430 | |
| 431 | return '<span id="'. $element_id . '"></span>' |
| 432 | . '<script type="text/javascript">' |
| 433 | . '(function(){' |
| 434 | . 'var ml="'. $mail_letters_enc .'",mi="'. $mail_indices .'",o="";' |
| 435 | . 'for(var j=0,l=mi.length;j<l;j++){' |
| 436 | . 'o+=ml.charAt(mi.charCodeAt(j)-48);' |
| 437 | . '}document.getElementById("' . $element_id . '").innerHTML = decodeURIComponent(o);' // decode at the end, this way special chars can be supported |
| 438 | . '}());' |
| 439 | . '</script><noscript>' |
| 440 | . $protection_text |
| 441 | . '</noscript>'; |
| 442 | } |
| 443 | |
| 444 | /** |
| 445 | * Escape encoding method |
| 446 | * |
| 447 | * @param string $value |
| 448 | * @param string $protection_text |
| 449 | * @return string |
| 450 | */ |
| 451 | public function encode_escape( $value, $protection_text ) { |
| 452 | $element_id = 'eeb-' . mt_rand( 0, 1000000 ) . '-' . mt_rand( 0, 1000000 ); |
| 453 | $string = '\'' . $value . '\''; |
| 454 | |
| 455 | //Validate escape sequences |
| 456 | $string = preg_replace('/\s+/S', " ", $string); |
| 457 | |
| 458 | // break string into array of characters, we can't use string_split because its php5 only |
| 459 | $split = preg_split( '||', $string ); |
| 460 | $out = '<span id="'. $element_id . '"></span>' |
| 461 | . '<script type="text/javascript">' . 'document.getElementById("' . $element_id . '").innerHTML = ev' . 'al(decodeURIComponent("'; |
| 462 | |
| 463 | foreach( $split as $c ) { |
| 464 | // preg split will return empty first and last characters, check for them and ignore |
| 465 | if( ! empty( $c ) || $c === '0' ) { |
| 466 | $out .= '%' . dechex( ord( $c ) ); |
| 467 | } |
| 468 | } |
| 469 | |
| 470 | $out .= '"))' . '</script><noscript>' |
| 471 | . $protection_text |
| 472 | . '</noscript>'; |
| 473 | |
| 474 | return $out; |
| 475 | } |
| 476 | |
| 477 | /** |
| 478 | * Encode email in input field |
| 479 | * @param string $input |
| 480 | * @param string $email |
| 481 | * @return string |
| 482 | */ |
| 483 | public function encode_input_field( $input, $email, $strongEncoding = false ){ |
| 484 | |
| 485 | $show_encoded_check = (bool) EEB()->settings->get_setting( 'show_encoded_check', true ); |
| 486 | |
| 487 | if ( $strongEncoding === false ) { |
| 488 | // encode email with entities (default wp method) |
| 489 | $sub_return = str_replace( $email, antispambot( $email ), $input ); |
| 490 | |
| 491 | if ( current_user_can( EEB()->settings->get_admin_cap( 'frontend-display-security-check' ) ) && $show_encoded_check ) { |
| 492 | $sub_return .= '<i class="eeb-encoded dashicons-before dashicons-lock" title="' . __( 'Email encoded successfully!', 'email-encoder-bundle' ) . '"></i>'; |
| 493 | } |
| 494 | |
| 495 | return $sub_return; |
| 496 | } |
| 497 | |
| 498 | // add data-enc-email after "<input" |
| 499 | $inputWithDataAttr = substr( $input, 0, 6 ); |
| 500 | $inputWithDataAttr .= ' data-enc-email="' . $this->get_encoded_email( $email ) . '"'; |
| 501 | $inputWithDataAttr .= substr( $input, 6 ); |
| 502 | |
| 503 | // mark link as successfullly encoded (for admin users) |
| 504 | if ( current_user_can( EEB()->settings->get_admin_cap( 'frontend-display-security-check' ) ) && $show_encoded_check ) { |
| 505 | $inputWithDataAttr .= '<i class="eeb-encoded dashicons-before dashicons-lock" title="' . __( 'Email encoded successfully!', 'email-encoder-bundle' ) . '"></i>'; |
| 506 | } |
| 507 | |
| 508 | // remove email from value attribute |
| 509 | $encInput = str_replace( $email, '', $inputWithDataAttr ); |
| 510 | |
| 511 | return $encInput; |
| 512 | } |
| 513 | |
| 514 | /** |
| 515 | * Get encoded email, used for data-attribute (translate by javascript) |
| 516 | * |
| 517 | * @param string $email |
| 518 | * @return string |
| 519 | */ |
| 520 | public function get_encoded_email( $email ){ |
| 521 | $encEmail = $email; |
| 522 | |
| 523 | // decode entities |
| 524 | $encEmail = html_entity_decode( $encEmail ); |
| 525 | |
| 526 | // rot13 encoding |
| 527 | $encEmail = str_rot13( $encEmail ); |
| 528 | |
| 529 | // replace @ |
| 530 | $encEmail = str_replace( '@', '[at]', $encEmail ); |
| 531 | |
| 532 | return $encEmail; |
| 533 | } |
| 534 | |
| 535 | /** |
| 536 | * Create a protected email |
| 537 | * |
| 538 | * @param string $display |
| 539 | * @param array $attrs Optional |
| 540 | * @return string |
| 541 | */ |
| 542 | public function create_protected_mailto( $display, $attrs = array(), $protection_method = null ){ |
| 543 | $email = ''; |
| 544 | $class_ori = ( empty( $attrs['class'] ) ) ? '' : $attrs['class']; |
| 545 | $custom_class = (string) EEB()->settings->get_setting( 'class_name', true ); |
| 546 | $show_encoded_check = (string) EEB()->settings->get_setting( 'show_encoded_check', true ); |
| 547 | |
| 548 | // set user-defined class |
| 549 | if ( $custom_class && strpos( $class_ori, $custom_class ) === FALSE ) { |
| 550 | $attrs['class'] = ( empty( $attrs['class'] ) ) ? $custom_class : $attrs['class'] . ' ' . $custom_class; |
| 551 | } |
| 552 | |
| 553 | // check title for email address |
| 554 | if ( ! empty( $attrs['title'] ) ) { |
| 555 | $attrs['title'] = $this->filter_plain_emails( $attrs['title'], '{{email}}' ); // {{email}} will be replaced in javascript |
| 556 | } |
| 557 | |
| 558 | // set ignore to data-attribute to prevent being processed by WPEL plugin |
| 559 | $attrs['data-wpel-link'] = 'ignore'; |
| 560 | |
| 561 | // create element code |
| 562 | $link = '<a '; |
| 563 | |
| 564 | foreach ( $attrs AS $key => $value ) { |
| 565 | if ( strtolower( $key ) == 'href' ) { |
| 566 | if( $protection_method === 'without_javascript' ){ |
| 567 | $link .= $key . '="' . antispambot( $value ) . '" '; |
| 568 | } else { |
| 569 | // get email from href |
| 570 | $email = substr($value, 7); |
| 571 | |
| 572 | $encoded_email = $this->get_encoded_email( $email ); |
| 573 | |
| 574 | // set attrs |
| 575 | $link .= 'href="javascript:;" '; |
| 576 | $link .= 'data-enc-email="' . $encoded_email . '" '; |
| 577 | } |
| 578 | |
| 579 | } else { |
| 580 | $link .= $key . '="' . $value . '" '; |
| 581 | } |
| 582 | } |
| 583 | |
| 584 | // remove last space |
| 585 | $link = substr( $link, 0, -1 ); |
| 586 | |
| 587 | $link .= '>'; |
| 588 | |
| 589 | $link .= ( preg_match( EEB()->settings->get_email_regex(), $display) > 0 ) ? $this->get_protected_display( $display, $protection_method ) : $display; |
| 590 | |
| 591 | $link .= '</a>'; |
| 592 | |
| 593 | // filter |
| 594 | $link = apply_filters( 'eeb_mailto', $link, $display, $email, $attrs ); |
| 595 | |
| 596 | // just in case there are still email addresses f.e. within title-tag |
| 597 | $link = $this->filter_plain_emails( $link, null, 'char_encode' ); |
| 598 | |
| 599 | // mark link as successfullly encoded (for admin users) |
| 600 | if ( current_user_can( EEB()->settings->get_admin_cap( 'frontend-display-security-check' ) ) && $show_encoded_check ) { |
| 601 | $link .= '<i class="eeb-encoded dashicons-before dashicons-lock" title="' . __( 'Email encoded successfully!', 'email-encoder-bundle' ) . '"></i>'; |
| 602 | } |
| 603 | |
| 604 | |
| 605 | return $link; |
| 606 | } |
| 607 | |
| 608 | /** |
| 609 | * Create protected display combining these 3 methods: |
| 610 | * - reversing string |
| 611 | * - adding no-display spans with dummy values |
| 612 | * - using the wp antispambot function |
| 613 | * |
| 614 | * @param string|array $display |
| 615 | * @return string Protected display |
| 616 | */ |
| 617 | public function get_protected_display( $display, $protection_method = null ){ |
| 618 | |
| 619 | $convert_plain_to_image = (bool) EEB()->settings->get_setting( 'convert_plain_to_image', true, 'filter_body' ); |
| 620 | $protection_text = __( EEB()->settings->get_setting( 'protection_text', true ), 'email-encoder-bundle' ); |
| 621 | |
| 622 | // get display out of array (result of preg callback) |
| 623 | if ( is_array( $display ) ) { |
| 624 | $display = $display[0]; |
| 625 | } |
| 626 | |
| 627 | if( $convert_plain_to_image ){ |
| 628 | return '<img src="' . $this->generate_email_image_url( $display ) . '" />'; |
| 629 | } |
| 630 | |
| 631 | if( $protection_method !== 'without_javascript' ){ |
| 632 | return $this->dynamic_js_email_encoding( $display, $protection_text ); |
| 633 | } |
| 634 | |
| 635 | return $this->encode_email_css( $display ); |
| 636 | |
| 637 | } |
| 638 | |
| 639 | /** |
| 640 | * Dynamic email encoding with certain javascript methods |
| 641 | * |
| 642 | * @param string $email |
| 643 | * @param string $protection_text |
| 644 | * @return the encoded email |
| 645 | */ |
| 646 | public function dynamic_js_email_encoding( $email, $protection_text = null ){ |
| 647 | $return = $email; |
| 648 | $rand = apply_filters( 'eeb/validate/random_encoding', rand(0,2), $email, $protection_text ); |
| 649 | |
| 650 | switch( $rand ){ |
| 651 | case 2: |
| 652 | $return = $this->encode_escape( $return, $protection_text ); |
| 653 | break; |
| 654 | case 1: |
| 655 | $return = $this->encode_ascii( $return, $protection_text ); |
| 656 | break; |
| 657 | default: |
| 658 | $return = $this->encode_ascii( $return, $protection_text ); |
| 659 | break; |
| 660 | } |
| 661 | |
| 662 | return $return; |
| 663 | } |
| 664 | |
| 665 | public function encode_email_css( $display ){ |
| 666 | $deactivate_rtl = (bool) EEB()->settings->get_setting( 'deactivate_rtl', true, 'filter_body' ); |
| 667 | |
| 668 | $stripped_display = strip_tags( $display ); |
| 669 | $stripped_display = html_entity_decode( $stripped_display ); |
| 670 | |
| 671 | $length = strlen( $stripped_display ); |
| 672 | $interval = ceil( min( 5, $length / 2 ) ); |
| 673 | $offset = 0; |
| 674 | $dummy_data = time(); |
| 675 | $protected = ''; |
| 676 | $protection_classes = 'eeb'; |
| 677 | |
| 678 | if( $deactivate_rtl ){ |
| 679 | $rev = $stripped_display; |
| 680 | $protection_classes .= ' eeb-nrtl'; |
| 681 | } else { |
| 682 | // reverse string ( will be corrected with CSS ) |
| 683 | $rev = strrev( $stripped_display ); |
| 684 | $protection_classes .= ' eeb-rtl'; |
| 685 | } |
| 686 | |
| 687 | |
| 688 | while ( $offset < $length ) { |
| 689 | $protected .= '<span class="eeb-sd">' . antispambot( substr( $rev, $offset, $interval ) ) . '</span>'; |
| 690 | |
| 691 | // setup dummy content |
| 692 | $protected .= '<span class="eeb-nodis">' . $dummy_data . '</span>'; |
| 693 | $offset += $interval; |
| 694 | } |
| 695 | |
| 696 | $protected = '<span class="' . $protection_classes . '">' . $protected . '</span>'; |
| 697 | |
| 698 | return $protected; |
| 699 | } |
| 700 | |
| 701 | public function email_to_image( $email, $image_string_color = 'default', $image_background_color = 'default', $alpha_string = 0, $alpha_fill = 127, $font_size = 4 ){ |
| 702 | |
| 703 | $setting_image_string_color = (string) EEB()->settings->get_setting( 'image_color', true, 'image_settings' ); |
| 704 | $setting_image_background_color = (string) EEB()->settings->get_setting( 'image_background_color', true, 'image_settings' ); |
| 705 | $image_text_opacity = (int) EEB()->settings->get_setting( 'image_text_opacity', true, 'image_settings' ); |
| 706 | $image_background_opacity = (int) EEB()->settings->get_setting( 'image_background_opacity', true, 'image_settings' ); |
| 707 | $image_font_size = (int) EEB()->settings->get_setting( 'image_font_size', true, 'image_settings' ); |
| 708 | |
| 709 | if( $image_background_color === 'default' ){ |
| 710 | $image_background_color = $setting_image_background_color; |
| 711 | } else { |
| 712 | $image_background_color = '0,0,0'; |
| 713 | } |
| 714 | |
| 715 | $colors = explode( ',', $image_background_color ); |
| 716 | $bg_red = $colors[0]; |
| 717 | $bg_green = $colors[1]; |
| 718 | $bg_blue = $colors[2]; |
| 719 | |
| 720 | if( $image_string_color === 'default' ){ |
| 721 | $image_string_color = $setting_image_string_color; |
| 722 | } else { |
| 723 | $image_string_color = '0,0,0'; |
| 724 | } |
| 725 | |
| 726 | $colors = explode( ',', $image_string_color ); |
| 727 | $string_red = $colors[0]; |
| 728 | $string_green = $colors[1]; |
| 729 | $string_blue = $colors[2]; |
| 730 | |
| 731 | if( ! empty( $image_text_opacity ) && $image_text_opacity >= 0 && $image_text_opacity <= 127 ){ |
| 732 | $alpha_string = intval( $image_text_opacity ); |
| 733 | } |
| 734 | |
| 735 | if( ! empty( $image_background_opacity ) && $image_background_opacity >= 0 && $image_background_opacity <= 127 ){ |
| 736 | $alpha_fill = intval( $image_background_opacity ); |
| 737 | } |
| 738 | |
| 739 | if( ! empty( $image_font_size ) && $image_font_size >= 1 && $image_font_size <= 5 ){ |
| 740 | $font_size = intval( $image_font_size ); |
| 741 | } |
| 742 | |
| 743 | $img = imagecreatetruecolor( imagefontwidth( $font_size ) * strlen( $email ), imagefontheight( $font_size ) ); |
| 744 | imagesavealpha( $img, true ); |
| 745 | imagefill( $img, 0, 0, imagecolorallocatealpha ($img, $bg_red, $bg_green, $bg_blue, $alpha_fill ) ); |
| 746 | imagestring( $img, $font_size, 0, 0, $email, imagecolorallocatealpha( $img, $string_red, $string_green, $string_blue, $alpha_string ) ); |
| 747 | ob_start(); |
| 748 | imagepng( $img ); |
| 749 | imagedestroy( $img ); |
| 750 | |
| 751 | return ob_get_clean (); |
| 752 | } |
| 753 | |
| 754 | public function generate_email_signature( $email, $secret ) { |
| 755 | |
| 756 | if( ! $secret ){ |
| 757 | return false; |
| 758 | } |
| 759 | |
| 760 | $hash_signature = apply_filters( 'eeb/validate/email_signature', 'sha256', $email ); |
| 761 | |
| 762 | return base64_encode( hash_hmac( $hash_signature, $email, $secret, true ) ); |
| 763 | } |
| 764 | |
| 765 | public function generate_email_image_url( $email ) { |
| 766 | |
| 767 | if( empty( $email ) || ! is_email( $email ) ){ |
| 768 | return false; |
| 769 | } |
| 770 | |
| 771 | $secret = EEB()->settings->get_email_image_secret(); |
| 772 | $signature = $this->generate_email_signature( $email, $secret ); |
| 773 | $url = home_url() . '?eeb_mail=' . urlencode( base64_encode( $email ) ) . '&eeb_hash=' . urlencode( $signature ); |
| 774 | |
| 775 | $url = apply_filters( 'eeb/validate/generate_email_image_url', $url, $email ); |
| 776 | |
| 777 | return $url; |
| 778 | } |
| 779 | |
| 780 | /** |
| 781 | * ###################### |
| 782 | * ### |
| 783 | * #### ENCODER FORM |
| 784 | * ### |
| 785 | * ###################### |
| 786 | */ |
| 787 | |
| 788 | /** |
| 789 | * Get the encoder form (to use as a demo, like on the options page) |
| 790 | * @return string |
| 791 | */ |
| 792 | public function get_encoder_form() { |
| 793 | $powered_by_setting = (bool) EEB()->settings->get_setting( 'powered_by', true, 'encoder_form' ); |
| 794 | $display_encoder_form = (bool) EEB()->settings->get_setting( 'display_encoder_form', true, 'encoder_form' ); |
| 795 | |
| 796 | //shorten circle |
| 797 | if( ! $display_encoder_form ){ |
| 798 | return apply_filters('eeb_form_content_inactive', '' ); |
| 799 | } |
| 800 | |
| 801 | $powered_by = ''; |
| 802 | if ($powered_by_setting) { |
| 803 | $powered_by .= '<p class="powered-by">' . __('Powered by free', 'email-encoder-bundle') . ' <a rel="external" href="https://wordpress.org/plugins/email-encoder-bundle/">Email Encoder</a></p>'; |
| 804 | } |
| 805 | |
| 806 | $smethods = array( |
| 807 | 'rot13' => __( 'Rot13 (Javascript)', 'email-encoder-bundle' ), |
| 808 | 'escape' => __( 'Escape (Javascript)', 'email-encoder-bundle' ), |
| 809 | 'encode' => __( 'Encode (HTML)', 'email-encoder-bundle' ), |
| 810 | ); |
| 811 | $method_options = ''; |
| 812 | $selected = false; |
| 813 | foreach( $smethods as $method_name => $name ) { |
| 814 | $method_options .= '<option value="' . $method_name . '"' . ( ($selected === false ) ? ' selected="selected"' : '') . '>' . $name . '</option>'; |
| 815 | $selected = true; |
| 816 | } |
| 817 | |
| 818 | $labels = array( |
| 819 | 'email' => __( 'Email Address:', 'email-encoder-bundle' ), |
| 820 | 'display' => __( 'Display Text:', 'email-encoder-bundle' ), |
| 821 | 'mailto' => __( 'Mailto Link:', 'email-encoder-bundle' ), |
| 822 | 'method' => __( 'Encoding Method:', 'email-encoder-bundle' ), |
| 823 | 'create_link' => __( 'Create Protected Mail Link >>', 'email-encoder-bundle' ), |
| 824 | 'output' => __( 'Protected Mail Link (code):', 'email-encoder-bundle' ), |
| 825 | 'powered_by' => $powered_by, |
| 826 | ); |
| 827 | |
| 828 | extract($labels); |
| 829 | |
| 830 | $form = <<<FORM |
| 831 | <div class="eeb-form"> |
| 832 | <form> |
| 833 | <fieldset> |
| 834 | <div class="input"> |
| 835 | <table> |
| 836 | <tbody> |
| 837 | <tr> |
| 838 | <th><label for="eeb-email">{$email}</label></th> |
| 839 | <td><input type="text" class="regular-text" id="eeb-email" name="eeb-email" /></td> |
| 840 | </tr> |
| 841 | <tr> |
| 842 | <th><label for="eeb-display">{$display}</label></th> |
| 843 | <td><input type="text" class="regular-text" id="eeb-display" name="eeb-display" /></td> |
| 844 | </tr> |
| 845 | <tr> |
| 846 | <th>{$mailto}</th> |
| 847 | <td><span class="eeb-example"></span></td> |
| 848 | </tr> |
| 849 | <tr> |
| 850 | <th><label for="eeb-encode-method">{$method}</label></th> |
| 851 | <td><select id="eeb-encode-method" name="eeb-encode-method" class="postform"> |
| 852 | {$method_options} |
| 853 | </select> |
| 854 | <input type="button" id="eeb-ajax-encode" name="eeb-ajax-encode" value="{$create_link}" /> |
| 855 | </td> |
| 856 | </tr> |
| 857 | </tbody> |
| 858 | </table> |
| 859 | </div> |
| 860 | <div class="eeb-output"> |
| 861 | <table> |
| 862 | <tbody> |
| 863 | <tr> |
| 864 | <th><label for="eeb-encoded-output">{$output}</label></th> |
| 865 | <td><textarea class="large-text node" id="eeb-encoded-output" name="eeb-encoded-output" cols="50" rows="4"></textarea></td> |
| 866 | </tr> |
| 867 | </tbody> |
| 868 | </table> |
| 869 | </div> |
| 870 | {$powered_by} |
| 871 | </fieldset> |
| 872 | </form> |
| 873 | </div> |
| 874 | FORM; |
| 875 | |
| 876 | // apply filters |
| 877 | $form = apply_filters('eeb_form_content', $form, $labels, $powered_by_setting ); |
| 878 | |
| 879 | return $form; |
| 880 | } |
| 881 | |
| 882 | |
| 883 | public function is_post_excluded( $post_id = null ){ |
| 884 | |
| 885 | $skip_posts = (string) EEB()->settings->get_setting( 'skip_posts', true ); |
| 886 | if( ! empty( $skip_posts ) ){ |
| 887 | |
| 888 | if( empty( $post_id ) ){ |
| 889 | global $post; |
| 890 | $post_id = $post->ID; |
| 891 | } else { |
| 892 | $post_id = intval( $post_id ); |
| 893 | } |
| 894 | |
| 895 | $exclude_pages = explode( ',', $skip_posts ); |
| 896 | |
| 897 | if( is_array( $exclude_pages ) ){ |
| 898 | $exclude_pages_validated = array(); |
| 899 | |
| 900 | foreach( $exclude_pages as $spost_id ){ |
| 901 | $spost_id = trim($spost_id); |
| 902 | if( is_numeric( $spost_id ) ){ |
| 903 | $exclude_pages_validated[] = intval( $spost_id ); |
| 904 | } |
| 905 | } |
| 906 | |
| 907 | if ( in_array( $post_id, $exclude_pages_validated ) ) { |
| 908 | return true; |
| 909 | } |
| 910 | } |
| 911 | |
| 912 | } |
| 913 | |
| 914 | return false; |
| 915 | } |
| 916 | } |
| 917 |