<?php

[0] Fix | Delete

[1] Fix | Delete

if ( ! class_exists( 'WPCF7_Service' ) ) {

[2] Fix | Delete

return;

[3] Fix | Delete

}

[4] Fix | Delete

[5] Fix | Delete

class WPCF7_RECAPTCHA extends WPCF7_Service {

[6] Fix | Delete

[7] Fix | Delete

private static $instance;

[8] Fix | Delete

private $sitekeys;

[9] Fix | Delete

private $last_score;

[10] Fix | Delete

[11] Fix | Delete

[12] Fix | Delete

public static function get_instance() {

[13] Fix | Delete

if ( empty( self::$instance ) ) {

[14] Fix | Delete

self::$instance = new self;

[15] Fix | Delete

}

[16] Fix | Delete

[17] Fix | Delete

return self::$instance;

[18] Fix | Delete

}

[19] Fix | Delete

[20] Fix | Delete

[21] Fix | Delete

private function __construct() {

[22] Fix | Delete

$this->sitekeys = WPCF7::get_option( 'recaptcha' );

[23] Fix | Delete

}

[24] Fix | Delete

[25] Fix | Delete

[26] Fix | Delete

public function get_title() {

[27] Fix | Delete

return __( 'reCAPTCHA', 'contact-form-7' );

[28] Fix | Delete

}

[29] Fix | Delete

[30] Fix | Delete

[31] Fix | Delete

public function is_active() {

[32] Fix | Delete

$sitekey = $this->get_sitekey();

[33] Fix | Delete

$secret = $this->get_secret( $sitekey );

[34] Fix | Delete

return $sitekey && $secret;

[35] Fix | Delete

}

[36] Fix | Delete

[37] Fix | Delete

[38] Fix | Delete

public function get_categories() {

[39] Fix | Delete

return array( 'spam_protection' );

[40] Fix | Delete

}

[41] Fix | Delete

[42] Fix | Delete

[43] Fix | Delete

public function icon() {

[44] Fix | Delete

}

[45] Fix | Delete

[46] Fix | Delete

[47] Fix | Delete

public function link() {

[48] Fix | Delete

echo wpcf7_link(

[49] Fix | Delete

'https://www.google.com/recaptcha/intro/index.html',

[50] Fix | Delete

'google.com/recaptcha'

[51] Fix | Delete

);

[52] Fix | Delete

}

[53] Fix | Delete

[54] Fix | Delete

[55] Fix | Delete

public function get_global_sitekey() {

[56] Fix | Delete

static $sitekey = '';

[57] Fix | Delete

[58] Fix | Delete

if ( $sitekey ) {

[59] Fix | Delete

return $sitekey;

[60] Fix | Delete

}

[61] Fix | Delete

[62] Fix | Delete

if ( defined( 'WPCF7_RECAPTCHA_SITEKEY' ) ) {

[63] Fix | Delete

$sitekey = WPCF7_RECAPTCHA_SITEKEY;

[64] Fix | Delete

}

[65] Fix | Delete

[66] Fix | Delete

$sitekey = apply_filters( 'wpcf7_recaptcha_sitekey', $sitekey );

[67] Fix | Delete

[68] Fix | Delete

return $sitekey;

[69] Fix | Delete

}

[70] Fix | Delete

[71] Fix | Delete

[72] Fix | Delete

public function get_global_secret() {

[73] Fix | Delete

static $secret = '';

[74] Fix | Delete

[75] Fix | Delete

if ( $secret ) {

[76] Fix | Delete

return $secret;

[77] Fix | Delete

}

[78] Fix | Delete

[79] Fix | Delete

if ( defined( 'WPCF7_RECAPTCHA_SECRET' ) ) {

[80] Fix | Delete

$secret = WPCF7_RECAPTCHA_SECRET;

[81] Fix | Delete

}

[82] Fix | Delete

[83] Fix | Delete

$secret = apply_filters( 'wpcf7_recaptcha_secret', $secret );

[84] Fix | Delete

[85] Fix | Delete

return $secret;

[86] Fix | Delete

}

[87] Fix | Delete

[88] Fix | Delete

[89] Fix | Delete

public function get_sitekey() {

[90] Fix | Delete

if ( $this->get_global_sitekey() and $this->get_global_secret() ) {

[91] Fix | Delete

return $this->get_global_sitekey();

[92] Fix | Delete

}

[93] Fix | Delete

[94] Fix | Delete

if ( empty( $this->sitekeys )

[95] Fix | Delete

or ! is_array( $this->sitekeys ) ) {

[96] Fix | Delete

return false;

[97] Fix | Delete

}

[98] Fix | Delete

[99] Fix | Delete

$sitekeys = array_keys( $this->sitekeys );

[100] Fix | Delete

[101] Fix | Delete

return $sitekeys[0];

[102] Fix | Delete

}

[103] Fix | Delete

[104] Fix | Delete

[105] Fix | Delete

public function get_secret( $sitekey ) {

[106] Fix | Delete

if ( $this->get_global_sitekey() and $this->get_global_secret() ) {

[107] Fix | Delete

return $this->get_global_secret();

[108] Fix | Delete

}

[109] Fix | Delete

[110] Fix | Delete

$sitekeys = (array) $this->sitekeys;

[111] Fix | Delete

[112] Fix | Delete

if ( isset( $sitekeys[$sitekey] ) ) {

[113] Fix | Delete

return $sitekeys[$sitekey];

[114] Fix | Delete

} else {

[115] Fix | Delete

return false;

[116] Fix | Delete

}

[117] Fix | Delete

}

[118] Fix | Delete

[119] Fix | Delete

[120] Fix | Delete

protected function log( $url, $request, $response ) {

[121] Fix | Delete

wpcf7_log_remote_request( $url, $request, $response );

[122] Fix | Delete

}

[123] Fix | Delete

[124] Fix | Delete

[125] Fix | Delete

public function verify( $token ) {

[126] Fix | Delete

$is_human = false;

[127] Fix | Delete

[128] Fix | Delete

if ( empty( $token ) or ! $this->is_active() ) {

[129] Fix | Delete

return $is_human;

[130] Fix | Delete

}

[131] Fix | Delete

[132] Fix | Delete

$endpoint = 'https://www.google.com/recaptcha/api/siteverify';

[133] Fix | Delete

[134] Fix | Delete

if ( apply_filters( 'wpcf7_use_recaptcha_net', false ) ) {

[135] Fix | Delete

$endpoint = 'https://www.recaptcha.net/recaptcha/api/siteverify';

[136] Fix | Delete

}

[137] Fix | Delete

[138] Fix | Delete

$sitekey = $this->get_sitekey();

[139] Fix | Delete

$secret = $this->get_secret( $sitekey );

[140] Fix | Delete

[141] Fix | Delete

$request = array(

[142] Fix | Delete

'body' => array(

[143] Fix | Delete

'secret' => $secret,

[144] Fix | Delete

'response' => $token,

[145] Fix | Delete

),

[146] Fix | Delete

);

[147] Fix | Delete

[148] Fix | Delete

$response = wp_remote_post( sanitize_url( $endpoint ), $request );

[149] Fix | Delete

[150] Fix | Delete

if ( 200 != wp_remote_retrieve_response_code( $response ) ) {

[151] Fix | Delete

if ( WP_DEBUG ) {

[152] Fix | Delete

$this->log( $endpoint, $request, $response );

[153] Fix | Delete

}

[154] Fix | Delete

[155] Fix | Delete

return $is_human;

[156] Fix | Delete

}

[157] Fix | Delete

[158] Fix | Delete

$response_body = wp_remote_retrieve_body( $response );

[159] Fix | Delete

$response_body = json_decode( $response_body, true );

[160] Fix | Delete

[161] Fix | Delete

$this->last_score = $score = isset( $response_body['score'] )

[162] Fix | Delete

? $response_body['score']

[163] Fix | Delete

: 0;

[164] Fix | Delete

[165] Fix | Delete

$threshold = $this->get_threshold();

[166] Fix | Delete

$is_human = $threshold < $score;

[167] Fix | Delete

[168] Fix | Delete

$is_human = apply_filters( 'wpcf7_recaptcha_verify_response',

[169] Fix | Delete

$is_human, $response_body );

[170] Fix | Delete

[171] Fix | Delete

if ( $submission = WPCF7_Submission::get_instance() ) {

[172] Fix | Delete

$submission->push( 'recaptcha', array(

[173] Fix | Delete

'version' => '3.0',

[174] Fix | Delete

'threshold' => $threshold,

[175] Fix | Delete

'response' => $response_body,

[176] Fix | Delete

) );

[177] Fix | Delete

}

[178] Fix | Delete

[179] Fix | Delete

return $is_human;

[180] Fix | Delete

}

[181] Fix | Delete

[182] Fix | Delete

[183] Fix | Delete

public function get_threshold() {

[184] Fix | Delete

return apply_filters( 'wpcf7_recaptcha_threshold', 0.50 );

[185] Fix | Delete

}

[186] Fix | Delete

[187] Fix | Delete

[188] Fix | Delete

public function get_last_score() {

[189] Fix | Delete

return $this->last_score;

[190] Fix | Delete

}

[191] Fix | Delete

[192] Fix | Delete

[193] Fix | Delete

protected function menu_page_url( $args = '' ) {

[194] Fix | Delete

$args = wp_parse_args( $args, array() );

[195] Fix | Delete

[196] Fix | Delete

$url = menu_page_url( 'wpcf7-integration', false );

[197] Fix | Delete

$url = add_query_arg( array( 'service' => 'recaptcha' ), $url );

[198] Fix | Delete

[199] Fix | Delete

if ( ! empty( $args ) ) {

[200] Fix | Delete

$url = add_query_arg( $args, $url );

[201] Fix | Delete

}

[202] Fix | Delete

[203] Fix | Delete

return $url;

[204] Fix | Delete

}

[205] Fix | Delete

[206] Fix | Delete

[207] Fix | Delete

protected function save_data() {

[208] Fix | Delete

WPCF7::update_option( 'recaptcha', $this->sitekeys );

[209] Fix | Delete

}

[210] Fix | Delete

[211] Fix | Delete

[212] Fix | Delete

protected function reset_data() {

[213] Fix | Delete

$this->sitekeys = null;

[214] Fix | Delete

$this->save_data();

[215] Fix | Delete

}

[216] Fix | Delete

[217] Fix | Delete

[218] Fix | Delete

public function load( $action = '' ) {

[219] Fix | Delete

if ( 'setup' == $action and 'POST' == $_SERVER['REQUEST_METHOD'] ) {

[220] Fix | Delete

check_admin_referer( 'wpcf7-recaptcha-setup' );

[221] Fix | Delete

[222] Fix | Delete

if ( ! empty( $_POST['reset'] ) ) {

[223] Fix | Delete

$this->reset_data();

[224] Fix | Delete

$redirect_to = $this->menu_page_url( 'action=setup' );

[225] Fix | Delete

} else {

[226] Fix | Delete

$sitekey = trim( $_POST['sitekey'] ?? '' );

[227] Fix | Delete

$secret = trim( $_POST['secret'] ?? '' );

[228] Fix | Delete

[229] Fix | Delete

if ( $sitekey and $secret ) {

[230] Fix | Delete

$this->sitekeys = array( $sitekey => $secret );

[231] Fix | Delete

$this->save_data();

[232] Fix | Delete

[233] Fix | Delete

$redirect_to = $this->menu_page_url( array(

[234] Fix | Delete

'message' => 'success',

[235] Fix | Delete

) );

[236] Fix | Delete

} else {

[237] Fix | Delete

$redirect_to = $this->menu_page_url( array(

[238] Fix | Delete

'action' => 'setup',

[239] Fix | Delete

'message' => 'invalid',

[240] Fix | Delete

) );

[241] Fix | Delete

}

[242] Fix | Delete

}

[243] Fix | Delete

[244] Fix | Delete

if ( WPCF7::get_option( 'recaptcha_v2_v3_warning' ) ) {

[245] Fix | Delete

WPCF7::update_option( 'recaptcha_v2_v3_warning', false );

[246] Fix | Delete

}

[247] Fix | Delete

[248] Fix | Delete

wp_safe_redirect( $redirect_to );

[249] Fix | Delete

exit();

[250] Fix | Delete

}

[251] Fix | Delete

}

[252] Fix | Delete

[253] Fix | Delete

[254] Fix | Delete

public function admin_notice( $message = '' ) {

[255] Fix | Delete

if ( 'invalid' == $message ) {

[256] Fix | Delete

echo sprintf(

[257] Fix | Delete

'<div class="notice notice-error"><p><strong>%1$s</strong>: %2$s</p></div>',

[258] Fix | Delete

esc_html( __( "Error", 'contact-form-7' ) ),

[259] Fix | Delete

esc_html( __( "Invalid key values.", 'contact-form-7' ) ) );

[260] Fix | Delete

}

[261] Fix | Delete

[262] Fix | Delete

if ( 'success' == $message ) {

[263] Fix | Delete

echo sprintf( '<div class="notice notice-success"><p>%s</p></div>',

[264] Fix | Delete

esc_html( __( 'Settings saved.', 'contact-form-7' ) ) );

[265] Fix | Delete

}

[266] Fix | Delete

}

[267] Fix | Delete

[268] Fix | Delete

[269] Fix | Delete

public function display( $action = '' ) {

[270] Fix | Delete

echo sprintf(

[271] Fix | Delete

'<p>%s</p>',

[272] Fix | Delete

esc_html( __( "reCAPTCHA protects you against spam and other types of automated abuse. With Contact Form 7&#8217;s reCAPTCHA integration module, you can block abusive form submissions by spam bots.", 'contact-form-7' ) )

[273] Fix | Delete

);

[274] Fix | Delete

[275] Fix | Delete

echo sprintf(

[276] Fix | Delete

'<p><strong>%s</strong></p>',

[277] Fix | Delete

wpcf7_link(

[278] Fix | Delete

__( 'https://contactform7.com/recaptcha/', 'contact-form-7' ),

[279] Fix | Delete

__( 'reCAPTCHA (v3)', 'contact-form-7' )

[280] Fix | Delete

)

[281] Fix | Delete

);

[282] Fix | Delete

[283] Fix | Delete

if ( $this->is_active() ) {

[284] Fix | Delete

echo sprintf(

[285] Fix | Delete

'<p class="dashicons-before dashicons-yes">%s</p>',

[286] Fix | Delete

esc_html( __( "reCAPTCHA is active on this site.", 'contact-form-7' ) )

[287] Fix | Delete

);

[288] Fix | Delete

}

[289] Fix | Delete

[290] Fix | Delete

if ( 'setup' == $action ) {

[291] Fix | Delete

$this->display_setup();

[292] Fix | Delete

} else {

[293] Fix | Delete

echo sprintf(

[294] Fix | Delete

'<p><a href="%1$s" class="button">%2$s</a></p>',

[295] Fix | Delete

esc_url( $this->menu_page_url( 'action=setup' ) ),

[296] Fix | Delete

esc_html( __( 'Setup Integration', 'contact-form-7' ) )

[297] Fix | Delete

);

[298] Fix | Delete

}

[299] Fix | Delete

}

[300] Fix | Delete

[301] Fix | Delete

[302] Fix | Delete

private function display_setup() {

[303] Fix | Delete

$sitekey = $this->is_active() ? $this->get_sitekey() : '';

[304] Fix | Delete

$secret = $this->is_active() ? $this->get_secret( $sitekey ) : '';

[305] Fix | Delete

[306] Fix | Delete

?>

[307] Fix | Delete

<form method="post" action="<?php echo esc_url( $this->menu_page_url( 'action=setup' ) ); ?>">

[308] Fix | Delete

<?php wp_nonce_field( 'wpcf7-recaptcha-setup' ); ?>

[309] Fix | Delete

<table class="form-table">

[310] Fix | Delete

<tbody>

[311] Fix | Delete

<tr>

[312] Fix | Delete

<th scope="row"><label for="sitekey"><?php echo esc_html( __( 'Site Key', 'contact-form-7' ) ); ?></label></th>

[313] Fix | Delete

<td><?php

[314] Fix | Delete

if ( $this->is_active() ) {

[315] Fix | Delete

echo esc_html( $sitekey );

[316] Fix | Delete

echo sprintf(

[317] Fix | Delete

'<input type="hidden" value="%1$s" id="sitekey" name="sitekey" />',

[318] Fix | Delete

esc_attr( $sitekey )

[319] Fix | Delete

);

[320] Fix | Delete

} else {

[321] Fix | Delete

echo sprintf(

[322] Fix | Delete

'<input type="text" aria-required="true" value="%1$s" id="sitekey" name="sitekey" class="regular-text code" />',

[323] Fix | Delete

esc_attr( $sitekey )

[324] Fix | Delete

);

[325] Fix | Delete

}

[326] Fix | Delete

?></td>

[327] Fix | Delete

</tr>

[328] Fix | Delete

<tr>

[329] Fix | Delete

<th scope="row"><label for="secret"><?php echo esc_html( __( 'Secret Key', 'contact-form-7' ) ); ?></label></th>

[330] Fix | Delete

<td><?php

[331] Fix | Delete

if ( $this->is_active() ) {

[332] Fix | Delete

echo esc_html( wpcf7_mask_password( $secret, 4, 4 ) );

[333] Fix | Delete

echo sprintf(

[334] Fix | Delete

'<input type="hidden" value="%1$s" id="secret" name="secret" />',

[335] Fix | Delete

esc_attr( $secret )

[336] Fix | Delete

);

[337] Fix | Delete

} else {

[338] Fix | Delete

echo sprintf(

[339] Fix | Delete

'<input type="text" aria-required="true" value="%1$s" id="secret" name="secret" class="regular-text code" />',

[340] Fix | Delete

esc_attr( $secret )

[341] Fix | Delete

);

[342] Fix | Delete

}

[343] Fix | Delete

?></td>

[344] Fix | Delete

</tr>

[345] Fix | Delete

</tbody>

[346] Fix | Delete

</table>

[347] Fix | Delete

<?php

[348] Fix | Delete

if ( $this->is_active() ) {

[349] Fix | Delete

if ( $this->get_global_sitekey() and $this->get_global_secret() ) {

[350] Fix | Delete

// nothing

[351] Fix | Delete

} else {

[352] Fix | Delete

submit_button(

[353] Fix | Delete

_x( 'Remove Keys', 'API keys', 'contact-form-7' ),

[354] Fix | Delete

'small', 'reset'

[355] Fix | Delete

);

[356] Fix | Delete

}

[357] Fix | Delete

} else {

[358] Fix | Delete

submit_button( __( 'Save Changes', 'contact-form-7' ) );

[359] Fix | Delete

}

[360] Fix | Delete

?>

[361] Fix | Delete

</form>

[362] Fix | Delete

<?php

[363] Fix | Delete

}

[364] Fix | Delete

}

[365] Fix | Delete

[366] Fix | Delete