<?php
/* ------------------------------------------------------------------------------------
*  COPYRIGHT AND TRADEMARK NOTICE
*  Copyright 2016-2019 Arnan de Gans. All Rights Reserved.
*  ADROTATE is a trademark of Arnan de Gans.

*  COPYRIGHT NOTICES AND ALL THE COMMENTS SHOULD REMAIN INTACT.
*  By using this code you agree to indemnify Arnan de Gans from any
*  liability that might arise from it's use.
------------------------------------------------------------------------------------ */

/*-------------------------------------------------------------
 Name:      AJdG Solutions API Library
 Version:	2.0 (for Analytics Spam Blocker)
---------------------------------------------------------------
 Changelog:
---------------------------------------------------------------
 Dec/12/2018 - 2.0
 * Better security
 * Faster responses
 * Stats sharing
 
 Oct/25/2016 - 1.0
 * Initial version
-------------------------------------------------------------*/

function asb_api_activate() {
	if(wp_verify_nonce($_POST['asb_nonce_register'], 'asb_nonce_register')) {
		asb_api_response('register');
		asb_api_response('check');

		asb_return('analytics-spam-blocker', 400);
		exit;
	} else {
		asb_nonce_error();
		exit;
	}
}

function asb_api_deactivate() {
	asb_api_response('unregister', true);
}

function asb_api_blocklist_update() {
	asb_api_response('check');
}

function asb_report_submit() {
	if(wp_verify_nonce($_POST['asb_nonce_report'],'asb_nonce_report')) {
		$report['name'] = $report['email'] = $report['votes'] = $report['domain'] = '';
		if(isset($_POST['asb_report_username'])) $report['name'] = $_POST['asb_report_username'];
		if(isset($_POST['asb_report_email'])) $report['email'] = $_POST['asb_report_email'];
		if(isset($_POST['asb_report_votes'])) $report['votes'] = $_POST['asb_report_votes'];
		if(isset($_POST['asb_report_domain'])) $report['domain'] = $_POST['asb_report_domain'];

		// Cleanup
		$report['name'] = sanitize_text_field(trim($report['name'], "\t\n "));		
		$report['email'] = sanitize_email(trim(strtolower($report['email'])));
		$report['votes'] = esc_attr(trim($report['votes']));
		$report['domain'] = esc_url_raw(trim(strtolower($report['domain']), "\t\n "));
		$report['domain'] = parse_url($report['domain']);
		$report['domain'] = $report['domain']['host'];
		$report['domain'] = rtrim($report['domain'], '%20'); // Experimental

		// Process and response
		if(strlen($report['name']) < 1 OR strlen($report['email']) < 1 OR strlen($report['domain']) < 1) {
			asb_return('analytics-spam-blocker', 401); // Incomplete form
		} else if(!preg_match("/^([-a-z0-9]{2,253})\.([a-z\.]{2,63})$/", $report['domain'])) {
			asb_return('analytics-spam-blocker', 403); // Invalid domain
		} else if(!preg_match("/^([a-z0-9_\.-]+)@([\da-z\.-]+)\.([a-z\.]{2,63})$/", $report['email'])) {
			asb_return('analytics-spam-blocker', 404); // Invalid email
		} else {
			asb_api_response('report', false, $report);
			asb_return('analytics-spam-blocker', 402);
			exit;
		}
	} else {
		adrotate_nonce_error();
		exit;
	}
}

function asb_api_response($request = '', $uninstall = false, $report = false) {

	$now = current_time('timestamp');
	$subscription = get_option('asb_subscription');
	$args = array('headers' => array('User-Agent' => 'Analytics Spam Blocker;' . get_option('siteurl')), 'sslverify' => false);

	$instance = ($request == 'register') ? 'reg' : $subscription['instance'];
	$auth = base64_encode($instance.':'.get_option('siteurl'));

	if($request == 'register') { 
		$do = '&do=reg';
	} else if($request == 'unregister') {
		$do = '&do=unreg';
	} else if($request == 'check') {
		$do = '&do=chk';
	} else if($request == 'report') {
		$report = base64_encode(serialize($report));
		$do = '&do=rep&report='.$report;
	} else { //Everything else
		$do = '';
	}
	
	$raw_response = wp_remote_get('https://ajdg.solutions/api/spam-blocker/2/?auth='.$auth.$do, $args);

	if($uninstall) return;
	
    if(!is_wp_error($raw_response)) {	
	    $response = json_decode($raw_response['body'], true);
		$result['status'] = $response['status'];
		
	    if($result['status'] == "reg") { // Registration
			$result['instance'] = (isset($response['instance'])) ? $response['instance'] : '';
			$result['registered'] = $now;

			update_option('asb_subscription', $result);
			update_option('asb_error', false);

			asb_schedule_updates();
			unset($response, $result);

			asb_return('analytics-spam-blocker', 200);
			exit;
	    } else if($result['status'] == "chk") { // Fetched new domains
			$current = get_option('asb_domains');
			$result['updated'] = (isset($response['updated'])) ? $response['updated'] : 0;
			$result['domains'] = (isset($response['domains'])) ? $response['domains'] : $current['domains'];
			$result['stats'] = (isset($response['stats'])) ? $response['stats'] : array('active_subscribers' => 'n/a', 'active_sites' => 'n/a', 'reported_sites' => 'n/a', 'reports_submitted' => 'n/a', 'reports_user' => 'n/a');

			// Maybe update htaccess
			if($result['updated'] > $current['updated']) asb_edit_htaccess($result['domains']);

			// Get stats
			$stats = $result['stats'];
			unset($result['stats']);

			update_option('asb_domains', $result);
			update_option('asb_stats', $stats);
			update_option('asb_error', false);
			unset($response, $current, $result, $stats);
	    } else if($result['status'] == "rep") { // Reported domain
			update_option('asb_error', false);
			unset($response, $reports);

			asb_return('analytics-spam-blocker', 201);
			exit;
		} else { // Everything else
			$result['error'] = $response['error'].' ('.date_i18n(get_option('date_format')." H:i", $now).')';

			update_option('asb_error', $result);
			unset($response, $result);
		}
	} else {
		$result['status'] = $raw_response->get_error_code();
		$result['error'] = $raw_response->get_error_message().' ('.date_i18n(get_option('date_format')." H:i", $now).')';
		update_option('asb_error', $result);
	}
}
?>