' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_captcha_empty_error'] ); } elseif ( 'invalid' === $err ) { $error = new WP_Error( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_invalid_captcha_error'] ); } captcha_booster_user_log_in_fails( $username, $ip_address ); return $error; } elseif ( isset( $_REQUEST['ux_txt_captcha_challenge_field'] ) && isset( $_SESSION['captcha_code'] ) ) { // @codingStandardsIgnoreLine 'enable' === $captcha_array['case_sensitive'] ? $captcha_challenge_field = trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) : $captcha_challenge_field = strtolower( trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) ); // WPCS: input var ok, CSRF ok, sanitization okay. 'enable' === $captcha_array['case_sensitive'] ? $captcha_code[] = $_SESSION['captcha_code'] : $captcha_code[] = array_map( 'strtolower', $_SESSION['captcha_code'] ); // @codingStandardsIgnoreLine if ( in_array( $captcha_challenge_field, $captcha_code[0], true ) ) { $userdata = get_user_by( 'login', $username ); $user_email_data = get_user_by( 'email', $username ); if ( ( $userdata && wp_check_password( $password, $userdata->user_pass ) ) || ( $user_email_data && wp_check_password( $password, $user_email_data->user_pass ) ) ) { captcha_booster_user_log_in_success( $username, $ip_address ); return $user; } else { captcha_booster_user_log_in_fails( $username, $ip_address ); } } } else { if ( isset( $_REQUEST['log'] ) && isset( $_REQUEST['pwd'] ) ) { // WPCS: CSRF ok, input var ok. /* captcha was not found in _REQUEST */ $error = new WP_Error( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_captcha_empty_error'] ); return $error; } else { /* it is not a submit */ return $user; } } } /** * Function to dislpay error for lost-password form. * * @param string $user . */ function captcha_booster_lostpassword_check( $user ) { global $wpdb, $errors, $error_data_array; $err = captcha_booster_errors(); if ( $err ) { if ( null === $errors ) { $errors = new WP_Error(); // @codingStandardsIgnoreLine } if ( 'empty' === $err ) { $error = new WP_Error( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_captcha_empty_error'] ); } elseif ( 'invalid' === $err ) { $error = new WP_Error( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_invalid_captcha_error'] ); } return $error; } return $user; } /** * Function to display error for registration form. * * @param string $user . * @param string $email . * @param string $errors . */ function captcha_booster_register_check( $user, $email, $errors ) { global $wpdb, $error_data_array; $err = captcha_booster_errors(); if ( $err ) { if ( is_multisite() ) { if ( 'empty' === $err ) { wp_die( '' . esc_attr( __( 'ERROR', 'wp-captcha-booster' ) ) . ': ' . esc_attr( $error_data_array['for_captcha_empty_error'] ) ); } elseif ( 'invalid' === $err ) { wp_die( '' . esc_attr( __( 'ERROR', 'wp-captcha-booster' ) ) . ': ' . esc_attr( $error_data_array['for_invalid_captcha_error'] ) ); } } else { if ( 'empty' === $err ) { $errors->add( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_captcha_empty_error'] ); } elseif ( 'invalid' === $err ) { $errors->add( 'captcha_wrong', '' . __( 'ERROR', 'wp-captcha-booster' ) . ': ' . $error_data_array['for_invalid_captcha_error'] ); } } } } /** * Function to display error for comment form. */ function captcha_booster_comment_check() { global $wpdb, $error_data_array; $err = captcha_booster_errors(); if ( $err ) { if ( 'empty' === $err ) { wp_die( esc_attr( $error_data_array['for_captcha_empty_error'] ) ); } elseif ( 'invalid' === $err ) { wp_die( esc_attr( $error_data_array['for_invalid_captcha_error'] ) ); } } else { return; } } /** * Function to display captcha on admin comment form. */ function captcha_booster_comment_form() { global $wpdb, $current_user, $user_role_permission, $display_setting; if ( file_exists( CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-setting.php' ) ) { include_once CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-setting.php'; } if ( is_user_logged_in() ) { if ( is_super_admin() ) { $cpb_role = 'administrator'; } else { $cpb_role = $wpdb->prefix . 'capabilities'; $current_user->role = array_keys( $current_user->$cpb_role ); $cpb_role = $current_user->role[0]; } if ( ( 'administrator' === $cpb_role && '1' === $display_setting[8] ) || ( 'administrator' !== $cpb_role && '0' === $display_setting[10] ) ) { if ( file_exists( CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-frontend.php' ) ) { include CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-frontend.php'; } } } else { if ( file_exists( CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-frontend.php' ) ) { include CAPTCHA_BOOSTER_DIR_PATH . 'includes/captcha-frontend.php'; } } } /** * Function to check error for login page and return error type. * * @param int $errors . */ function captcha_booster_login_errors( $errors = null ) { global $wpdb, $captcha_array; if ( isset( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) { // WPCS: CSRF ok. 'enable' === $captcha_array['case_sensitive'] ? $captcha_challenge_field = trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) : $captcha_challenge_field = strtolower( trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) ); // WPCS: CSRF ok, input var ok, sanitization okay. if ( strlen( $captcha_challenge_field ) <= 0 ) { $errors = 'empty'; $captcha_meta_settings['captcha_status'] = 0; } else { if ( isset( $_SESSION['captcha_code'] ) ) {// @codingStandardsIgnoreLine 'enable' === $captcha_array['case_sensitive'] ? $code[] = $_SESSION['captcha_code'] : $code[] = array_map( 'strtolower', $_SESSION['captcha_code'] ); // @codingStandardsIgnoreLine if ( ! in_array( $captcha_challenge_field, $code[0], true ) ) { $errors = 'invalid'; $captcha_meta_settings['captcha_status'] = 0; } else { $captcha_meta_settings['captcha_status'] = 1; } } } } return $errors; } /** * Function to check captcha error and return error type. * * @param int $errors . */ function captcha_booster_errors( $errors = null ) { global $wpdb, $captcha_array; if ( isset( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) { 'enable' === $captcha_array['case_sensitive'] ? $captcha_challenge_field = trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) : $captcha_challenge_field = strtolower( trim( esc_attr( wp_unslash( $_REQUEST['ux_txt_captcha_challenge_field'] ) ) ) ); // WPCS: input var ok, CSRF ok, sanitization okay. if ( strlen( $captcha_challenge_field ) <= 0 ) { $errors = 'empty'; $captcha_meta_settings['captcha_status'] = 0; } else { if ( isset( $_SESSION['captcha_code'] ) ) { // @codingStandardsIgnoreLine 'enable' === $captcha_array['case_sensitive'] ? $code[] = $_SESSION['captcha_code'] : $code[] = array_map( 'strtolower', $_SESSION['captcha_code'] ); // @codingStandardsIgnoreLine if ( ! in_array( $captcha_challenge_field, $code[0], true ) ) { $errors = 'invalid'; $captcha_meta_settings['captcha_status'] = 0; } else { $captcha_meta_settings['captcha_status'] = 1; } } } } return $errors; }