commit: d70aabe9576a2aa12d55e8649f04c3a853de902a Author: Yury German <blueknight <AT> gentoo <DOT> org> AuthorDate: Wed Jun 15 16:23:54 2022 +0000 Commit: Yury German <blueknight <AT> gentoo <DOT> org> CommitDate: Wed Jun 15 16:23:54 2022 +0000 URL: https://gitweb.gentoo.org/proj/blogs-gentoo.git/commit/?id=d70aabe9
update akismet 4.2.4 Signed-off-by: Yury German <blueknight <AT> gentoo.org> plugins/akismet/akismet.php | 6 +- plugins/akismet/class.akismet-admin.php | 184 +++++++++++++++++--------------- plugins/akismet/class.akismet.php | 80 +++++++++++--- plugins/akismet/readme.txt | 28 ++++- plugins/akismet/views/config.php | 6 +- plugins/akismet/views/connect-jp.php | 4 +- plugins/akismet/views/get.php | 6 +- plugins/akismet/views/stats.php | 2 +- 8 files changed, 203 insertions(+), 113 deletions(-) diff --git a/plugins/akismet/akismet.php b/plugins/akismet/akismet.php index 2175a913..e6b45ba7 100644 --- a/plugins/akismet/akismet.php +++ b/plugins/akismet/akismet.php @@ -6,7 +6,7 @@ Plugin Name: Akismet Anti-Spam Plugin URI: https://akismet.com/ Description: Used by millions, Akismet is quite possibly the best way in the world to <strong>protect your blog from spam</strong>. It keeps your site protected even while you sleep. To get started: activate the Akismet plugin and then go to your Akismet Settings page to set up your API key. -Version: 4.2.1 +Version: 4.2.4 Author: Automattic Author URI: https://automattic.com/wordpress-plugins/ License: GPLv2 or later @@ -37,10 +37,10 @@ if ( !function_exists( 'add_action' ) ) { exit; } -define( 'AKISMET_VERSION', '4.2.1' ); +define( 'AKISMET_VERSION', '4.2.4' ); define( 'AKISMET__MINIMUM_WP_VERSION', '5.0' ); define( 'AKISMET__PLUGIN_DIR', plugin_dir_path( __FILE__ ) ); -define( 'AKISMET_DELETE_LIMIT', 100000 ); +define( 'AKISMET_DELETE_LIMIT', 10000 ); register_activation_hook( __FILE__, array( 'Akismet', 'plugin_activation' ) ); register_deactivation_hook( __FILE__, array( 'Akismet', 'plugin_deactivation' ) ); diff --git a/plugins/akismet/class.akismet-admin.php b/plugins/akismet/class.akismet-admin.php index c6cb1355..3b6badfc 100644 --- a/plugins/akismet/class.akismet-admin.php +++ b/plugins/akismet/class.akismet-admin.php @@ -434,7 +434,7 @@ class Akismet_Admin { if ( ! wp_verify_nonce( $_POST['nonce'], 'akismet_check_for_spam' ) ) { wp_send_json( array( - 'error' => __( "You don't have permission to do that."), + 'error' => __( 'You don’t have permission to do that.', 'akismet' ), )); return; } @@ -584,10 +584,8 @@ class Akismet_Admin { if ( $history ) { foreach ( $history as $row ) { - $time = date( 'D d M Y @ h:i:s a', $row['time'] ) . ' GMT'; - $message = ''; - + if ( ! empty( $row['message'] ) ) { // Old versions of Akismet stored the message as a literal string in the commentmeta. // New versions don't do that for two reasons: @@ -595,96 +593,112 @@ class Akismet_Admin { // 2) The message can be translated into the current language of the blog, not stuck // in the language of the blog when the comment was made. $message = esc_html( $row['message'] ); - } - - // If possible, use a current translation. - switch ( $row['event'] ) { - case 'recheck-spam'; - $message = esc_html( __( 'Akismet re-checked and caught this comment as spam.', 'akismet' ) ); - break; - case 'check-spam': - $message = esc_html( __( 'Akismet caught this comment as spam.', 'akismet' ) ); - break; - case 'recheck-ham': - $message = esc_html( __( 'Akismet re-checked and cleared this comment.', 'akismet' ) ); - break; - case 'check-ham': - $message = esc_html( __( 'Akismet cleared this comment.', 'akismet' ) ); - break; - case 'wp-blacklisted': - case 'wp-disallowed': - $message = sprintf( - /* translators: The placeholder is a WordPress PHP function name. */ - esc_html( __( 'Comment was caught by %s.', 'akismet' ) ), - function_exists( 'wp_check_comment_disallowed_list' ) ? '<code>wp_check_comment_disallowed_list</code>' : '<code>wp_blacklist_check</code>' - ); - break; - case 'report-spam': - if ( isset( $row['user'] ) ) { - $message = esc_html( sprintf( __( '%s reported this comment as spam.', 'akismet' ), $row['user'] ) ); - } - else if ( ! $message ) { - $message = esc_html( __( 'This comment was reported as spam.', 'akismet' ) ); - } - break; - case 'report-ham': - if ( isset( $row['user'] ) ) { - $message = esc_html( sprintf( __( '%s reported this comment as not spam.', 'akismet' ), $row['user'] ) ); - } - else if ( ! $message ) { - $message = esc_html( __( 'This comment was reported as not spam.', 'akismet' ) ); - } - break; - case 'cron-retry-spam': - $message = esc_html( __( 'Akismet caught this comment as spam during an automatic retry.' , 'akismet') ); - break; - case 'cron-retry-ham': - $message = esc_html( __( 'Akismet cleared this comment during an automatic retry.', 'akismet') ); - break; - case 'check-error': - if ( isset( $row['meta'], $row['meta']['response'] ) ) { - $message = sprintf( esc_html( __( 'Akismet was unable to check this comment (response: %s) but will automatically retry later.', 'akismet') ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); - } - else { - $message = esc_html( __( 'Akismet was unable to check this comment but will automatically retry later.', 'akismet' ) ); - } - break; - case 'recheck-error': - if ( isset( $row['meta'], $row['meta']['response'] ) ) { - $message = sprintf( esc_html( __( 'Akismet was unable to recheck this comment (response: %s).', 'akismet') ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); - } - else { - $message = esc_html( __( 'Akismet was unable to recheck this comment.', 'akismet' ) ); - } - break; - default: - if ( preg_match( '/^status-changed/', $row['event'] ) ) { - // Half of these used to be saved without the dash after 'status-changed'. - // See https://plugins.trac.wordpress.org/changeset/1150658/akismet/trunk - $new_status = preg_replace( '/^status-changed-?/', '', $row['event'] ); - $message = sprintf( esc_html( __( 'Comment status was changed to %s', 'akismet' ) ), '<code>' . esc_html( $new_status ) . '</code>' ); - } - else if ( preg_match( '/^status-/', $row['event'] ) ) { - $new_status = preg_replace( '/^status-/', '', $row['event'] ); - + } else if ( ! empty( $row['event'] ) ) { + // If possible, use a current translation. + switch ( $row['event'] ) { + case 'recheck-spam': + $message = esc_html( __( 'Akismet re-checked and caught this comment as spam.', 'akismet' ) ); + break; + case 'check-spam': + $message = esc_html( __( 'Akismet caught this comment as spam.', 'akismet' ) ); + break; + case 'recheck-ham': + $message = esc_html( __( 'Akismet re-checked and cleared this comment.', 'akismet' ) ); + break; + case 'check-ham': + $message = esc_html( __( 'Akismet cleared this comment.', 'akismet' ) ); + break; + case 'wp-blacklisted': + case 'wp-disallowed': + $message = sprintf( + /* translators: The placeholder is a WordPress PHP function name. */ + esc_html( __( 'Comment was caught by %s.', 'akismet' ) ), + function_exists( 'wp_check_comment_disallowed_list' ) ? '<code>wp_check_comment_disallowed_list</code>' : '<code>wp_blacklist_check</code>' + ); + break; + case 'report-spam': if ( isset( $row['user'] ) ) { - $message = sprintf( esc_html( __( '%1$s changed the comment status to %2$s.', 'akismet' ) ), $row['user'], '<code>' . esc_html( $new_status ) . '</code>' ); + /* translators: The placeholder is a username. */ + $message = esc_html( sprintf( __( '%s reported this comment as spam.', 'akismet' ), $row['user'] ) ); + } else if ( ! $message ) { + $message = esc_html( __( 'This comment was reported as spam.', 'akismet' ) ); } - } - break; - + break; + case 'report-ham': + if ( isset( $row['user'] ) ) { + /* translators: The placeholder is a username. */ + $message = esc_html( sprintf( __( '%s reported this comment as not spam.', 'akismet' ), $row['user'] ) ); + } else if ( ! $message ) { + $message = esc_html( __( 'This comment was reported as not spam.', 'akismet' ) ); + } + break; + case 'cron-retry-spam': + $message = esc_html( __( 'Akismet caught this comment as spam during an automatic retry.', 'akismet' ) ); + break; + case 'cron-retry-ham': + $message = esc_html( __( 'Akismet cleared this comment during an automatic retry.', 'akismet' ) ); + break; + case 'check-error': + if ( isset( $row['meta'], $row['meta']['response'] ) ) { + /* translators: The placeholder is an error response returned by the API server. */ + $message = sprintf( esc_html( __( 'Akismet was unable to check this comment (response: %s) but will automatically retry later.', 'akismet' ) ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); + } else { + $message = esc_html( __( 'Akismet was unable to check this comment but will automatically retry later.', 'akismet' ) ); + } + break; + case 'recheck-error': + if ( isset( $row['meta'], $row['meta']['response'] ) ) { + /* translators: The placeholder is an error response returned by the API server. */ + $message = sprintf( esc_html( __( 'Akismet was unable to recheck this comment (response: %s).', 'akismet' ) ), '<code>' . esc_html( $row['meta']['response'] ) . '</code>' ); + } else { + $message = esc_html( __( 'Akismet was unable to recheck this comment.', 'akismet' ) ); + } + break; + default: + if ( preg_match( '/^status-changed/', $row['event'] ) ) { + // Half of these used to be saved without the dash after 'status-changed'. + // See https://plugins.trac.wordpress.org/changeset/1150658/akismet/trunk + $new_status = preg_replace( '/^status-changed-?/', '', $row['event'] ); + /* translators: The placeholder is a short string (like 'spam' or 'approved') denoting the new comment status. */ + $message = sprintf( esc_html( __( 'Comment status was changed to %s', 'akismet' ) ), '<code>' . esc_html( $new_status ) . '</code>' ); + } else if ( preg_match( '/^status-/', $row['event'] ) ) { + $new_status = preg_replace( '/^status-/', '', $row['event'] ); + + if ( isset( $row['user'] ) ) { + /* translators: %1$s is a username; %2$s is a short string (like 'spam' or 'approved') denoting the new comment status. */ + $message = sprintf( esc_html( __( '%1$s changed the comment status to %2$s.', 'akismet' ) ), $row['user'], '<code>' . esc_html( $new_status ) . '</code>' ); + } + } + break; + } } if ( ! empty( $message ) ) { echo '<p>'; - echo '<span style="color: #999;" alt="' . $time . '" title="' . $time . '">' . sprintf( esc_html__('%s ago', 'akismet'), human_time_diff( $row['time'] ) ) . '</span>'; - echo ' - '; - echo $message; // esc_html() is done above so that we can use HTML in some messages. + + if ( isset( $row['time'] ) ) { + $time = gmdate( 'D d M Y @ h:i:s a', $row['time'] ) . ' GMT'; + + /* translators: The placeholder is an amount of time, like "7 seconds" or "3 days" returned by the function human_time_diff(). */ + $time_html = '<span style="color: #999;" alt="' . esc_attr( $time ) . '" title="' . esc_attr( $time ) . '">' . sprintf( esc_html__( '%s ago', 'akismet' ), human_time_diff( $row['time'] ) ) . '</span>'; + + echo sprintf( + /* translators: %1$s is a human-readable time difference, like "3 hours ago", and %2$s is an already-translated phrase describing how a comment's status changed, like "This comment was reported as spam." */ + esc_html( __( '%1$s - %2$s', 'akismet' ) ), + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + $time_html, + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + $message + ); // esc_html() is done above so that we can use HTML in $message. + } else { + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped + echo $message; // esc_html() is done above so that we can use HTML in $message. + } + echo '</p>'; } } - } - else { + } else { echo '<p>'; echo esc_html( __( 'No comment history.', 'akismet' ) ); echo '</p>'; diff --git a/plugins/akismet/class.akismet.php b/plugins/akismet/class.akismet.php index 1681d0e1..3ca53391 100644 --- a/plugins/akismet/class.akismet.php +++ b/plugins/akismet/class.akismet.php @@ -64,6 +64,14 @@ class Akismet { add_filter( 'wpcf7_form_elements', array( 'Akismet', 'append_custom_form_fields' ) ); add_filter( 'wpcf7_akismet_parameters', array( 'Akismet', 'prepare_custom_form_values' ) ); + // Formidable Forms + add_filter( 'frm_filter_final_form', array( 'Akismet', 'inject_custom_form_fields' ) ); + add_filter( 'frm_akismet_values', array( 'Akismet', 'prepare_custom_form_values' ) ); + + // Fluent Forms + add_filter( 'fluentform_form_element_start', array( 'Akismet', 'output_custom_form_fields' ) ); + add_filter( 'fluentform_akismet_fields', array( 'Akismet', 'prepare_custom_form_values' ), 10, 2 ); + add_action( 'update_option_wordpress_api_key', array( 'Akismet', 'updated_option' ), 10, 2 ); add_action( 'add_option_wordpress_api_key', array( 'Akismet', 'added_option' ), 10, 2 ); @@ -410,8 +418,12 @@ class Akismet { $wpdb->queries = array(); + $comments = array(); + foreach ( $comment_ids as $comment_id ) { - do_action( 'delete_comment', $comment_id ); + $comments[ $comment_id ] = get_comment( $comment_id ); + + do_action( 'delete_comment', $comment_id, $comments[ $comment_id ] ); do_action( 'akismet_batch_delete_count', __FUNCTION__ ); } @@ -421,12 +433,13 @@ class Akismet { $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->comments} WHERE comment_id IN ( " . $format_string . " )", $comment_ids ) ); $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->commentmeta} WHERE comment_id IN ( " . $format_string . " )", $comment_ids ) ); - clean_comment_cache( $comment_ids ); - do_action( 'akismet_delete_comment_batch', count( $comment_ids ) ); - foreach ( $comment_ids as $comment_id ) { - do_action( 'deleted_comment', $comment_id ); + do_action( 'deleted_comment', $comment_id, $comments[ $comment_id ] ); + unset( $comments[ $comment_id ] ); } + + clean_comment_cache( $comment_ids ); + do_action( 'akismet_delete_comment_batch', count( $comment_ids ) ); } if ( apply_filters( 'akismet_optimize_table', ( mt_rand(1, 5000) == 11), $wpdb->comments ) ) // lucky number @@ -504,11 +517,38 @@ class Akismet { public static function get_user_comments_approved( $user_id, $comment_author_email, $comment_author, $comment_author_url ) { global $wpdb; - if ( !empty( $user_id ) ) - return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE user_id = %d AND comment_approved = 1", $user_id ) ); + /** + * Which comment types should be ignored when counting a user's approved comments? + * + * Some plugins add entries to the comments table that are not actual + * comments that could have been checked by Akismet. Allow these comments + * to be excluded from the "approved comment count" query in order to + * avoid artificially inflating the approved comment count. + * + * @param array $comment_types An array of comment types that won't be considered + * when counting a user's approved comments. + * + * @since 4.2.2 + */ + $excluded_comment_types = apply_filters( 'akismet_excluded_comment_types', array() ); + + $comment_type_where = ''; - if ( !empty( $comment_author_email ) ) - return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1", $comment_author_email, $comment_author, $comment_author_url ) ); + if ( is_array( $excluded_comment_types ) && ! empty( $excluded_comment_types ) ) { + $excluded_comment_types = array_unique( $excluded_comment_types ); + + foreach ( $excluded_comment_types as $excluded_comment_type ) { + $comment_type_where .= $wpdb->prepare( ' AND comment_type <> %s ', $excluded_comment_type ); + } + } + + if ( ! empty( $user_id ) ) { + return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE user_id = %d AND comment_approved = 1" . $comment_type_where, $user_id ) ); + } + + if ( ! empty( $comment_author_email ) ) { + return (int) $wpdb->get_var( $wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->comments} WHERE comment_author_email = %s AND comment_author = %s AND comment_author_url = %s AND comment_approved = 1" . $comment_type_where, $comment_author_email, $comment_author, $comment_author_url ) ); + } return 0; } @@ -1327,8 +1367,14 @@ class Akismet { $fields .= '<label>Δ<textarea name="' . $prefix . 'hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label>'; if ( ! function_exists( 'amp_is_request' ) || ! amp_is_request() ) { - $fields .= '<input type="hidden" id="ak_js" name="' . $prefix . 'js" value="' . mt_rand( 0, 250 ) . '"/>'; - $fields .= '<script>document.getElementById( "ak_js" ).setAttribute( "value", ( new Date() ).getTime() );</script>'; + // Keep track of how many ak_js fields are in this page so that we don't re-use + // the same ID. + static $field_count = 0; + + $field_count++; + + $fields .= '<input type="hidden" id="ak_js_' . $field_count . '" name="' . $prefix . 'js" value="' . mt_rand( 0, 250 ) . '"/>'; + $fields .= '<script>document.getElementById( "ak_js_' . $field_count . '" ).setAttribute( "value", ( new Date() ).getTime() );</script>'; } $fields .= '</p>'; @@ -1357,9 +1403,16 @@ class Akismet { * Ensure that any Akismet-added form fields are included in the comment-check call. * * @param array $form + * @param array $data Some plugins will supply the POST data via the filter, since they don't + * read it directly from $_POST. * @return array $form */ - public static function prepare_custom_form_values( $form ) { + public static function prepare_custom_form_values( $form, $data = null ) { + if ( is_null( $data ) ) { + // phpcs:ignore WordPress.Security.NonceVerification.Missing + $data = $_POST; + } + $prefix = 'ak_'; // Contact Form 7 uses _wpcf7 as a prefix to know which fields to exclude from comment_content. @@ -1367,8 +1420,7 @@ class Akismet { $prefix = '_wpcf7_ak_'; } - // phpcs:ignore WordPress.Security.NonceVerification.Missing - foreach ( $_POST as $key => $val ) { + foreach ( $data as $key => $val ) { if ( 0 === strpos( $key, $prefix ) ) { $form[ 'POST_ak_' . substr( $key, strlen( $prefix ) ) ] = $val; } diff --git a/plugins/akismet/readme.txt b/plugins/akismet/readme.txt index 0058c338..198e7933 100644 --- a/plugins/akismet/readme.txt +++ b/plugins/akismet/readme.txt @@ -2,8 +2,8 @@ Contributors: matt, ryan, andy, mdawaffe, tellyworth, josephscott, lessbloat, eoigal, cfinke, automattic, jgs, procifer, stephdau Tags: comments, spam, antispam, anti-spam, contact form, anti spam, comment moderation, comment spam, contact form spam, spam comments Requires at least: 5.0 -Tested up to: 5.8 -Stable tag: 4.2.1 +Tested up to: 6.0 +Stable tag: 4.2.4 License: GPLv2 or later The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce. @@ -30,6 +30,28 @@ Upload the Akismet plugin to your blog, activate it, and then enter your Akismet == Changelog == += 4.2.4 = +*Release Date - 20 May 2022* + +* Improved translator instructions for comment history. +* Bumped the "Tested up to" tag to WP 6.0. + += 4.2.3 = +*Release Date - 25 April 2022* + +* Improved compatibility with Fluent Forms +* Fixed missing translation domains +* Updated stats URL. +* Improved accessibility of elements on the config page. + += 4.2.2 = +*Release Date - 24 January 2022* + +* Improved compatibility with Formidable Forms +* Fixed a bug that could cause issues when multiple contact forms appear on one page. +* Updated delete_comment and deleted_comment actions to pass two arguments to match WordPress core since 4.9.0. +* Added a filter that allows comment types to be excluded when counting users' approved comments. + = 4.2.1 = *Release Date - 1 October 2021* @@ -85,6 +107,6 @@ Upload the Akismet plugin to your blog, activate it, and then enter your Akismet *Release Date - 4 June 2020* * Disable "Check for Spam" button until the page is loaded to avoid errors with clicking through to queue recheck endpoint directly. -* Add filter "akismet_enable_mshots" to allow disabling screenshot popups on the edit comments admin page. +* Added filter "akismet_enable_mshots" to allow disabling screenshot popups on the edit comments admin page. For older changelog entries, please see the [additional changelog.txt file](https://plugins.svn.wordpress.org/akismet/trunk/changelog.txt) delivered with the plugin. diff --git a/plugins/akismet/views/config.php b/plugins/akismet/views/config.php index df24b91d..0aa1ac93 100644 --- a/plugins/akismet/views/config.php +++ b/plugins/akismet/views/config.php @@ -35,7 +35,7 @@ </div> <div class="akismet-new-snapshot"> - <iframe allowtransparency="true" scrolling="no" frameborder="0" style="width: 100%; height: 220px; overflow: hidden;" src="<?php printf( '//akismet.com/web/1.0/snapshot.php?blog=%s&api_key=%s&height=200&locale=%s', urlencode( get_option( 'home' ) ), Akismet::get_api_key(), get_locale() );?>"></iframe> + <iframe allowtransparency="true" scrolling="no" frameborder="0" style="width: 100%; height: 220px; overflow: hidden;" src="<?php echo esc_url( sprintf( 'https://tools.akismet.com/1.0/snapshot.php?blog=%s&api_key=%s&height=200&locale=%s', urlencode( get_option( 'home' ) ), Akismet::get_api_key(), get_locale() ) ); ?>"></iframe> <ul> <li> <h3><?php esc_html_e( 'Past six months' , 'akismet');?></h3> @@ -73,7 +73,9 @@ <tbody> <?php if ( ! Akismet::predefined_api_key() ) { ?> <tr> - <th class="akismet-api-key" width="10%" align="left" scope="row"><?php esc_html_e('API Key', 'akismet');?></th> + <th class="akismet-api-key" width="10%" align="left" scope="row"> + <label for="key"><?php esc_html_e( 'API Key', 'akismet' ); ?></label> + </th> <td width="5%"/> <td align="left"> <span class="api-key"><input id="key" name="key" type="text" size="15" value="<?php echo esc_attr( get_option('wordpress_api_key') ); ?>" class="<?php echo esc_attr( 'regular-text code ' . $akismet_user->status ); ?>"></span> diff --git a/plugins/akismet/views/connect-jp.php b/plugins/akismet/views/connect-jp.php index 5b33999a..401cc754 100644 --- a/plugins/akismet/views/connect-jp.php +++ b/plugins/akismet/views/connect-jp.php @@ -62,8 +62,8 @@ <?php Akismet::view( 'setup' );?> </div> <div class="centered akismet-toggles"> - <a href="#" class="toggle-jp-connect"><?php esc_html_e( 'Connect with Jetpack' ); ?></a> - <a href="#" class="toggle-ak-connect"><?php esc_html_e( 'Set up a different account' ); ?></a> + <a href="#" class="toggle-jp-connect"><?php esc_html_e( 'Connect with Jetpack', 'akismet' ); ?></a> + <a href="#" class="toggle-ak-connect"><?php esc_html_e( 'Set up a different account', 'akismet' ); ?></a> </div> </div> <br/> diff --git a/plugins/akismet/views/get.php b/plugins/akismet/views/get.php index b1abe0eb..e9fa3f9a 100644 --- a/plugins/akismet/views/get.php +++ b/plugins/akismet/views/get.php @@ -2,11 +2,11 @@ //phpcs:disable VariableAnalysis // There are "undefined" variables here because they're defined in the code that includes this file as a template. - ?> + <form name="akismet_activate" action="https://akismet.com/get/"; method="POST" target="_blank"> <input type="hidden" name="passback_url" value="<?php echo esc_url( Akismet_Admin::get_page_url() ); ?>"/> <input type="hidden" name="blog" value="<?php echo esc_url( get_option( 'home' ) ); ?>"/> <input type="hidden" name="redirect" value="<?php echo isset( $redirect ) ? $redirect : 'plugin-signup'; ?>"/> - <input type="submit" class="<?php echo isset( $classes ) && count( $classes ) > 0 ? implode( ' ', $classes ) : 'akismet-button';?>" value="<?php echo esc_attr( $text ); ?>"/> -</form> \ No newline at end of file + <button type="submit" class="<?php echo isset( $classes ) && count( $classes ) > 0 ? esc_attr( implode( ' ', $classes ) ) : 'akismet-button'; ?>" value="<?php echo esc_attr( $text ); ?>"><?php echo esc_attr( $text ) . '<span class="screen-reader-text">' . esc_html__( '(opens in a new tab)', 'akismet' ) . '</span>'; ?></button> +</form> diff --git a/plugins/akismet/views/stats.php b/plugins/akismet/views/stats.php index 81d82ce4..4e982a26 100644 --- a/plugins/akismet/views/stats.php +++ b/plugins/akismet/views/stats.php @@ -7,5 +7,5 @@ </div> </div> </div> - <iframe src="<?php echo esc_url( sprintf( '//akismet.com/web/1.0/user-stats.php?blog=%s&api_key=%s&locale=%s', urlencode( get_option( 'home' ) ), Akismet::get_api_key(), get_locale() ) ); ?>" width="100%" height="2500px" frameborder="0"></iframe> + <iframe src="<?php echo esc_url( sprintf( 'https://tools.akismet.com/1.0/user-stats.php?blog=%s&api_key=%s&locale=%s', urlencode( get_option( 'home' ) ), esc_attr( Akismet::get_api_key() ), esc_attr( get_locale() ) ) ); ?>" width="100%" height="2500px" frameborder="0"></iframe> </div> \ No newline at end of file
