Headline
CVE-2023-5241: Diff [2967435:2977505] for chatbot/trunk – WordPress Plugin Repository
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append “<?php” to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php.
Legend:
Unmodified
Added
Removed
chatbot/trunk/functions.php
r2967435
r2977505
1219
1219
die();
1220
1220
}
1221
// Order Status part.
1222
add\_action('wp\_ajax\_qcld\_wb\_chatbot\_check\_user', 'qcld\_wb\_chatbot\_check\_user');
1223
add\_action('wp\_ajax\_nopriv\_qcld\_wb\_chatbot\_check\_user', 'qcld\_wb\_chatbot\_check\_user');
1224
function qcld\_wb\_chatbot\_check\_user(){
1225
global $wpcommerce;
1226
$user\_name = trim(sanitize\_text\_field($\_POST\['user\_name'\]));
1227
$response = array();
1228
$response\['message'\] = "";
1229
if (username\_exists($user\_name)) {
1230
if (get\_option('qlcd\_wp\_chatbot\_order\_user') == 'login') {
1231
$response\['status'\] = "success";
1232
$response\['message'\] .= wp\_kses\_post(wpb\_randmom\_message\_handle(unserialize(get\_option('qlcd\_wp\_chatbot\_order\_username\_thanks'))));
1233
$response\['html'\] .= '<p>' . wp\_kses\_post(wpb\_randmom\_message\_handle(unserialize(get\_option('qlcd\_wp\_chatbot\_order\_username\_password')))) . '</p>';
1234
} else if (get\_option('qlcd\_wp\_chatbot\_order\_user') == 'not\_login') {
1235
$response = get\_order\_by\_username($user\_name);
1236
}
1237
} else {
1238
$response\['status'\] = "fail";
1239
$response\['message'\] .= '<strong>' . $user\_name . '</strong> ' . wp\_kses\_post(wpb\_randmom\_message\_handle(unserialize(get\_option('qlcd\_wp\_chatbot\_order\_username\_not\_exist'))));
1240
}
1241
wp\_send\_json($response);
1242
die();
1243
}
1221
// Order Status part. removed
1222
1244
1223
function wpb\_randmom\_message\_handle($items){
1245
1224
return $items\[rand(0, count($items) - 1)\];
…
…
1758
1737
1759
1738
//User login on Checkout page.
1760
add\_action('wp\_ajax\_qcld\_wb\_chatbot\_checkout\_user\_login', 'qcld\_wb\_chatbot\_checkout\_user\_login');
1761
add\_action('wp\_ajax\_nopriv\_qcld\_wb\_chatbot\_checkout\_user\_login', 'qcld\_wb\_chatbot\_checkout\_user\_login');
1762
function qcld\_wb\_chatbot\_checkout\_user\_login(){
1763
// Nonce is checked, get the POST data and sign user on
1764
$info = array();
1765
//$info\['nonce'\] = $\_POST\['nonce\_val'\];
1766
$info\['user\_login'\] = trim(sanitize\_text\_field($\_POST\['user\_name'\]));
1767
$info\['user\_password'\] = trim(sanitize\_text\_field($\_POST\['user\_pass'\]));
1768
$info\['remember'\] = true;
1769
$user\_signon = wp\_signon($info, false);
1770
// $response=$info;
1771
$response = array();
1772
if (is\_wp\_error($user\_signon)) {
1773
// $response\['status'\] = "fail";
1774
$response = "no";
1775
} else {
1776
$response = "yes";
1777
}
1778
wp\_send\_json($response);
1779
}
1739
// add\_action('wp\_ajax\_qcld\_wb\_chatbot\_checkout\_user\_login', 'qcld\_wb\_chatbot\_checkout\_user\_login');
1740
// add\_action('wp\_ajax\_nopriv\_qcld\_wb\_chatbot\_checkout\_user\_login', 'qcld\_wb\_chatbot\_checkout\_user\_login');
1741
// function qcld\_wb\_chatbot\_checkout\_user\_login(){
1742
// // Nonce is checked, get the POST data and sign user on
1743
// $info = array();
1744
// //$info\['nonce'\] = $\_POST\['nonce\_val'\];
1745
// $info\['user\_login'\] = trim(sanitize\_text\_field($\_POST\['user\_name'\]));
1746
// $info\['user\_password'\] = trim(sanitize\_text\_field($\_POST\['user\_pass'\]));
1747
// $info\['remember'\] = true;
1748
// $user\_signon = wp\_signon($info, false);
1749
// // $response=$info;
1750
// $response = array();
1751
// if (is\_wp\_error($user\_signon)) {
1752
// // $response\['status'\] = "fail";
1753
// $response = "no";
1754
// } else {
1755
// $response = "yes";
1756
// }
1757
// wp\_send\_json($response);
1758
// }
1780
1759
// Load template for App Order Thank You page url
1781
1760
function wp\_chatbot\_load\_app\_template($template){
chatbot/trunk/includes/class-wpbot-gc-download.php
r2967435
r2977505
46
46
47
47
public function downloadgc(){
48
$gcdirectory = QCLD\_wpCHATBOT\_GC\_DIRNAME;
48
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
49
if (! wp\_verify\_nonce($nonce,'wp\_chatbot')) {
50
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
51
wp\_die();
49
52
50
if ( ! is\_dir( $gcdirectory ) ) {
51
$this->create\_folder( $gcdirectory );
52
}
53
if(!file\_exists($gcdirectory.'/index.php')){
54
$this->create\_file( $gcdirectory.'/index.php' );
53
}else{
54
$gcdirectory = QCLD\_wpCHATBOT\_GC\_DIRNAME;
55
56
if ( ! is\_dir( $gcdirectory ) ) {
57
$this->create\_folder( $gcdirectory );
58
}
59
if(!file\_exists($gcdirectory.'/index.php')){
60
$this->create\_file( $gcdirectory.'/index.php' );
61
}
62
63
if(is\_dir($gcdirectory)){
64
65
$zipFile = $gcdirectory."/".$this->filename; // Local Zip File Path
66
$zipResource = fopen($zipFile, "w");
67
// Get The Zip File From Server
68
$ch = curl\_init();
69
curl\_setopt($ch, CURLOPT\_URL, $this->download\_url);
70
curl\_setopt($ch, CURLOPT\_FAILONERROR, true);
71
curl\_setopt($ch, CURLOPT\_HEADER, 0);
72
curl\_setopt($ch, CURLOPT\_FOLLOWLOCATION, true);
73
curl\_setopt($ch, CURLOPT\_AUTOREFERER, true);
74
curl\_setopt($ch, CURLOPT\_BINARYTRANSFER,true);
75
curl\_setopt($ch, CURLOPT\_TIMEOUT, 10);
76
curl\_setopt($ch, CURLOPT\_SSL\_VERIFYHOST, 0);
77
curl\_setopt($ch, CURLOPT\_SSL\_VERIFYPEER, 0);
78
curl\_setopt($ch, CURLOPT\_FILE, $zipResource);
79
$page = curl\_exec($ch);
80
if(!$page) {
81
$response = array('status'=>'error','content'=> curl\_error($ch));
82
echo wp\_send\_json($response);
83
wp\_die();
84
}
85
curl\_close($ch);
86
$response = array('status'=>'success','content'=> 'File downloaded successfully');
87
}else{
88
$response = array('status'=>'error','content'=> 'Server does not allow to create files and folders');
89
}
90
91
echo wp\_send\_json($response);
92
wp\_die();
55
93
}
56
57
if(is\_dir($gcdirectory)){
58
59
$zipFile = $gcdirectory."/".$this->filename; // Local Zip File Path
60
$zipResource = fopen($zipFile, "w");
61
// Get The Zip File From Server
62
$ch = curl\_init();
63
curl\_setopt($ch, CURLOPT\_URL, $this->download\_url);
64
curl\_setopt($ch, CURLOPT\_FAILONERROR, true);
65
curl\_setopt($ch, CURLOPT\_HEADER, 0);
66
curl\_setopt($ch, CURLOPT\_FOLLOWLOCATION, true);
67
curl\_setopt($ch, CURLOPT\_AUTOREFERER, true);
68
curl\_setopt($ch, CURLOPT\_BINARYTRANSFER,true);
69
curl\_setopt($ch, CURLOPT\_TIMEOUT, 10);
70
curl\_setopt($ch, CURLOPT\_SSL\_VERIFYHOST, 0);
71
curl\_setopt($ch, CURLOPT\_SSL\_VERIFYPEER, 0);
72
curl\_setopt($ch, CURLOPT\_FILE, $zipResource);
73
$page = curl\_exec($ch);
74
if(!$page) {
75
$response = array('status'=>'error','content'=> curl\_error($ch));
76
echo wp\_send\_json($response);
77
wp\_die();
78
}
79
curl\_close($ch);
80
$response = array('status'=>'success','content'=> 'File downloaded successfully');
81
}else{
82
$response = array('status'=>'error','content'=> 'Server does not allow to create files and folders');
83
}
84
85
echo wp\_send\_json($response);
86
wp\_die();
87
94
}
88
95
89
96
function extractgc(){
90
$gcdirectory = QCLD\_wpCHATBOT\_GC\_DIRNAME;
91
$gcfilename = QCLD\_wpCHATBOT\_GC\_DIRNAME.'/'.$this->filename;
92
/\* Open the Zip file \*/
93
$zip = new ZipArchive;
94
$extractPath = "path\_to\_extract";
95
if($zip->open($gcfilename) != "true"){
96
$response = array('status'=>'error','content'=> 'File Not Found!');
97
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
98
if (! wp\_verify\_nonce($nonce,'wp\_chatbot')) {
99
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
100
wp\_die();
101
102
}else{
103
$gcdirectory = QCLD\_wpCHATBOT\_GC\_DIRNAME;
104
$gcfilename = QCLD\_wpCHATBOT\_GC\_DIRNAME.'/'.$this->filename;
105
/\* Open the Zip file \*/
106
$zip = new ZipArchive;
107
$extractPath = "path\_to\_extract";
108
if($zip->open($gcfilename) != "true"){
109
$response = array('status'=>'error','content'=> 'File Not Found!');
110
echo wp\_send\_json($response);
111
wp\_die();
112
}
113
/\* Extract Zip File \*/
114
$zip->extractTo($gcdirectory);
115
$zip->close();
116
@unlink($gcfilename);
117
$response = array('status'=>'success','content'=> 'Files Extracted successfully!');
97
118
echo wp\_send\_json($response);
98
119
wp\_die();
99
}
100
/\* Extract Zip File \*/
101
$zip->extractTo($gcdirectory);
102
$zip->close();
103
@unlink($gcfilename);
104
$response = array('status'=>'success','content'=> 'Files Extracted successfully!');
105
echo wp\_send\_json($response);
106
wp\_die();
107
120
}
108
121
}
109
122
}
chatbot/trunk/includes/class-wpwbot-cache.php
r2967435
r2977505
35
35
global $wpdb;
36
36
$this->cache\_table\_name = $wpdb->prefix . QCLD\_wpCHATBOT\_CACHE\_TABLE;
37
add\_action( 'aws\_cache\_clear', array( $this, 'clear\_cache' ) );
38
add\_action( 'wp\_ajax\_aws-clear-cache', array( $this, 'clear\_cache' ) );
39
37
}
40
38
/\*\*
…
…
116
114
return $result;
117
115
}
118
/\*
119
\* Clear cached terms
120
\*/
121
public function clear\_cache() {
122
global $wpdb;
123
if ( ! $this->is\_cache\_table\_not\_exist() ) {
124
125
$terms = "aws\_search\_term\_%";
126
$where = $wpdb->prepare( " name LIKE %s", $terms );
127
$sql = "DELETE FROM {$this->cache\_table\_name}
128
WHERE {$where}
129
";
130
$wpdb->query( $sql );
131
132
}
133
134
}
116
135
117
}
136
118
endif;
chatbot/trunk/includes/class-wpwbot-table.php
r2967435
r2977505
34
34
\* Reindex plugin table
35
35
\*/
36
public function reindex\_table( $return = false ) {
37
global $wpdb;
38
$index\_meta = get\_option( 'wp\_chatbot\_index\_meta', false );
39
$status = false;
40
// No current index going on. Let's start over
41
if ( false === $index\_meta ) {
42
$status = 'start';
43
$index\_meta = array(
44
'offset' => 0,
45
'start' => true,
36
public function reindex\_table( $return) {
37
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
38
if (! wp\_verify\_nonce($nonce,'wp\_chatbot')) {
39
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
40
wp\_die();
41
42
}else{
43
global $wpdb;
44
$index\_meta = get\_option( 'wp\_chatbot\_index\_meta', false );
45
$status = false;
46
// No current index going on. Let's start over
47
if ( false === $index\_meta ) {
48
$status = 'start';
49
$index\_meta = array(
50
'offset' => 0,
51
'start' => true,
52
);
53
$wpdb->query("DROP TABLE IF EXISTS {$this->table\_name}");
54
$this->create\_table();
55
$index\_meta\['found\_posts'\] = $this->get\_number\_of\_products();
56
} else if ( ! empty( $index\_meta\['site\_stack'\] ) && $index\_meta\['offset'\] >= $index\_meta\['found\_posts'\] ) {
57
$status = 'start';
58
$index\_meta\['start'\] = true;
59
$index\_meta\['offset'\] = 0;
60
$index\_meta\['current\_site'\] = array\_shift( $index\_meta\['site\_stack'\] );
61
} else {
62
$index\_meta\['start'\] = false;
63
}
64
$index\_meta = apply\_filters( 'wp\_chatbot\_index\_meta', $index\_meta );
65
$posts\_per\_page = apply\_filters( 'wp\_chatbot\_index\_posts\_per\_page', 30 );
66
$args = array(
67
'posts\_per\_page' => $posts\_per\_page,
68
'fields' => 'ids',
69
'post\_type' => 'product',
70
'post\_status' => 'publish',
71
'offset' => $index\_meta\['offset'\],
72
'ignore\_sticky\_posts' => true,
73
'suppress\_filters' => true,
74
'no\_found\_rows' => 1,
75
'orderby' => 'ID',
76
'order' => 'DESC',
46
77
);
47
$wpdb->query("DROP TABLE IF EXISTS {$this->table\_name}");
48
$this->create\_table();
49
$index\_meta\['found\_posts'\] = $this->get\_number\_of\_products();
50
} else if ( ! empty( $index\_meta\['site\_stack'\] ) && $index\_meta\['offset'\] >= $index\_meta\['found\_posts'\] ) {
51
$status = 'start';
52
$index\_meta\['start'\] = true;
53
$index\_meta\['offset'\] = 0;
54
$index\_meta\['current\_site'\] = array\_shift( $index\_meta\['site\_stack'\] );
55
} else {
56
$index\_meta\['start'\] = false;
57
}
58
$index\_meta = apply\_filters( 'wp\_chatbot\_index\_meta', $index\_meta );
59
$posts\_per\_page = apply\_filters( 'wp\_chatbot\_index\_posts\_per\_page', 30 );
60
$args = array(
61
'posts\_per\_page' => $posts\_per\_page,
62
'fields' => 'ids',
63
'post\_type' => 'product',
64
'post\_status' => 'publish',
65
'offset' => $index\_meta\['offset'\],
66
'ignore\_sticky\_posts' => true,
67
'suppress\_filters' => true,
68
'no\_found\_rows' => 1,
69
'orderby' => 'ID',
70
'order' => 'DESC',
71
);
72
$posts = get\_posts( $args );
73
if ( $status !== 'start' ) {
74
if ( $posts && count( $posts ) > 0 ) {
75
$queued\_posts = array();
76
foreach( $posts as $post\_id ) {
77
$queued\_posts\[\] = absint( $post\_id );
78
$posts = get\_posts( $args );
79
if ( $status !== 'start' ) {
80
if ( $posts && count( $posts ) > 0 ) {
81
$queued\_posts = array();
82
foreach( $posts as $post\_id ) {
83
$queued\_posts\[\] = absint( $post\_id );
84
}
85
$this->fill\_table( $queued\_posts );
86
$index\_meta\['offset'\] = absint( $index\_meta\['offset'\] + $posts\_per\_page );
87
if ( $index\_meta\['offset'\] >= $index\_meta\['found\_posts'\] ) {
88
$index\_meta\['offset'\] = $index\_meta\['found\_posts'\];
89
}
90
update\_option( 'wp\_chatbot\_index\_meta', $index\_meta );
91
} else {
92
// We are done (with this site)
93
$index\_meta\['offset'\] = (int) count( $posts );
94
delete\_option( 'wp\_chatbot\_index\_meta' );
95
update\_option( 'wp\_chatbot\_index\_count', 1 );
78
96
}
79
$this->fill\_table( $queued\_posts );
80
$index\_meta\['offset'\] = absint( $index\_meta\['offset'\] + $posts\_per\_page );
81
if ( $index\_meta\['offset'\] >= $index\_meta\['found\_posts'\] ) {
82
$index\_meta\['offset'\] = $index\_meta\['found\_posts'\];
83
}
97
} else {
84
98
update\_option( 'wp\_chatbot\_index\_meta', $index\_meta );
99
}
100
if ( $return ) {
101
return $index\_meta;
85
102
} else {
86
// We are done (with this site)
87
$index\_meta\['offset'\] = (int) count( $posts );
88
delete\_option( 'wp\_chatbot\_index\_meta' );
89
update\_option( 'wp\_chatbot\_index\_count', 1 );
90
}
91
} else {
92
update\_option( 'wp\_chatbot\_index\_meta', $index\_meta );
93
}
94
if ( $return ) {
95
return $index\_meta;
96
} else {
97
wp\_send\_json\_success( $index\_meta );
103
wp\_send\_json\_success( $index\_meta );
104
}
98
105
}
99
106
}
…
…
243
250
\*/
244
251
public function cancel\_reindex() {
245
delete\_option( 'wp\_chatbot\_index\_meta' );
246
wp\_send\_json\_success( 'Deleted!' );
252
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
253
if (! wp\_verify\_nonce($nonce,'wp\_chatbot')) {
254
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
255
wp\_die();
256
257
}else{
258
delete\_option( 'wp\_chatbot\_index\_meta' );
259
wp\_send\_json\_success( 'Deleted!' );
260
}
247
261
}
248
262
/\*
chatbot/trunk/includes/openai/admin/settings.php
r2967435
r2977505
72
72
</div>
73
73
</div>
74
<div class="<?php esc\_attr\_e( 'mb-3','wpbot');?>">
75
<div class="">
76
<label><?php esc\_html\_e('Conversation continuity Only works in promt Q/A, Chat and friend chat'); ?></label>
77
</div>
78
<div class="<?php esc\_attr\_e( 'form-check form-switch my-4','wpbot');?>">
79
<input class="<?php esc\_attr\_e( 'form-check-input','wpbot');?>" type="checkbox" <?php echo (get\_option( 'conversation\_continuity') == 1) ? esc\_attr( 'checked') : '';?> role="switch" value="" id="<?php esc\_attr\_e( 'conversation\_continuity','wpbot');?>">
80
<label class="<?php esc\_attr\_e( 'form-check-label','wpbot');?>" for="<?php esc\_attr\_e( 'conversation\_continuity','wpbot');?>"><?php esc\_html\_e( 'Enable conversation continuity','wpbot'); ?></label>
81
</div>
82
</div>
74
83
75
84
76
<div class="<?php esc\_attr\_e( 'mb-3','wpbot');?>">
chatbot/trunk/includes/openai/qcld-bot-openai.php
r2967435
r2977505
61
61
$this->includes();
62
62
add\_action('wp\_ajax\_openai\_settings\_option', \[$this, 'openai\_settings\_option\_callback'\]);
63
add\_action('wp\_ajax\_openai\_file\_upload', \[$this, 'openai\_file\_upload\_callback'\]);
64
63
add\_action('wp\_ajax\_openai\_response',\[$this,'openai\_response\_callback'\]);
65
add\_action('wp\_ajax\_openai\_file\_list',\[$this,'openai\_file\_list\_callback'\]);
66
add\_action('wp\_ajax\_openai\_finetune\_list', \[$this,'openai\_finetune\_list'\]);
67
add\_action('wp\_ajax\_openai\_file\_delete',\[$this,'openai\_file\_delete\_callback'\]);
68
64
add\_action('wp\_ajax\_nopriv\_openai\_response', \[$this, 'openai\_response\_callback'\]);
69
add\_action('wp\_ajax\_openai\_ft\_model\_create', \[$this, 'openai\_ft\_model\_create'\]);
70
add\_action('wp\_ajax\_openai\_ft\_model\_delete', \[$this, 'openai\_ft\_model\_delete'\]);
71
add\_action('wp\_ajax\_qcld\_openai\_post\_data\_converter\_count', \[$this,'qcld\_openai\_post\_data\_converter\_count'\]);
72
add\_action('wp\_ajax\_qcld\_openai\_post\_data\_converter', \[$this,'qcld\_openai\_post\_data\_converter'\]);
73
add\_action('wp\_ajax\_qcld\_openai\_upload\_pagetraining\_file',\[$this, 'qcld\_openai\_upload\_pagetraining\_file'\]);
74
65
add\_action('wp\_ajax\_qcld\_openai\_image\_generate',\[$this, 'qcld\_openai\_image\_generate'\]);
75
66
add\_action('wp\_ajax\_openai\_keyword\_suggestion\_content',\[$this,'openai\_keyword\_suggestion\_content'\]);
76
67
add\_action('wp\_ajax\_qcld\_openai\_image\_generate\_url',\[$this,'qcld\_seo\_image\_generate\_url\_functions'\]);
77
add\_action('wp\_ajax\_qcld\_openai\_file\_dowload',\[$this,'qcld\_openai\_file\_dowload'\]);
78
add\_action('wp\_ajax\_qcld\_openai\_delete\_training\_file',\[$this,'qcld\_openai\_delete\_training\_file'\]);
79
68
80
69
if (is\_admin() && !empty($\_GET\["page"\]) && (($\_GET\["page"\] == "openai-panel\_dashboard") || ($\_GET\["page"\] == "openai-panel\_file") || ($\_GET\["page"\] == "openai-panel\_help"))) {
…
…
141
130
142
131
}
143
public function openai\_file\_delete\_callback(){
144
$file\_id = sanitize\_text\_field($\_POST\['file\_id'\]);
145
$url = 'https://api.openai.com/v1/files/'. $file\_id;
146
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
147
$ch = curl\_init();
148
curl\_setopt($ch, CURLOPT\_URL, $url);
149
curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, 1);
150
curl\_setopt($ch, CURLOPT\_CUSTOMREQUEST, 'DELETE');
151
$headers = array(
152
$apt\_key,
153
);
154
curl\_setopt($ch, CURLOPT\_HTTPHEADER, $headers);
155
$result = curl\_exec($ch);
156
if (curl\_errno($ch)) {
157
echo 'Error:' . curl\_error($ch);
158
}
159
curl\_close($ch);
160
wp\_send\_json( json\_decode($result));
161
wp\_die();
162
}
163
public function openai\_ft\_model\_create(){
164
$file\_id = sanitize\_text\_field($\_POST\['file\_id'\]);
165
$ft\_suffix = sanitize\_text\_field($\_POST\['ft\_suffix'\]);
166
$ft\_engines = sanitize\_text\_field($\_POST\['ft\_engines'\]);
167
$rel = $this->openai\_finetune\_create($file\_id,$ft\_suffix,$ft\_engines);
168
// print\_r(wp\_send\_json(\[$rel\]));wp\_die();
169
echo wp\_send\_json(\[$rel\]);
170
wp\_die();
171
}
172
public function qcld\_openai\_file\_dowload(){
173
174
// -H "Authorization: Bearer $OPENAI\_API\_KEY" > results.csv
175
176
$file\_id = sanitize\_text\_field($\_POST\['file\_id'\]);
177
$url = 'https://api.openai.com/v1/files/'.$file\_id;
178
$url1 = 'https://api.openai.com/v1/files/'.$file\_id. '/content';
179
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
180
$headers = array(
181
"Content-Type: application/json",
182
$apt\_key,
183
);
184
$headers1 = array(
185
"Content-Type: file.jsonl",
186
$apt\_key,
187
);
188
$curl = curl\_init();
189
curl\_setopt($curl, CURLOPT\_URL, $url);
190
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
191
curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
192
$result = json\_decode(curl\_exec($curl));
193
curl\_close($curl);
194
$ch = curl\_init();
195
curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, 1);
196
curl\_setopt($ch, CURLOPT\_URL, $url1);
197
curl\_setopt($ch, CURLOPT\_HTTPHEADER, $headers);
198
curl\_setopt($ch, CURLOPT\_CUSTOMREQUEST, 'GET');
199
//curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
200
$res = curl\_exec($ch);
201
if (curl\_errno($ch)) {
202
echo 'Error:' . curl\_error($ch);
203
}
204
curl\_close($ch);
205
// var\_dump($res);
206
if(!empty($result)){
207
$response\['status'\] = 'success';
208
$response\['fileinfo'\] = $result;
209
$response\['filedata'\] = $res;
210
211
}
212
echo wp\_send\_json(\[$response\]);
213
wp\_die();
214
215
}
132
216
133
public function buildFormBody( $fields, $boundary )
217
134
{
…
…
235
152
}
236
153
237
public function openai\_file\_list\_callback(){
238
$url = 'https://api.openai.com/v1/files';
239
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
240
$curl = curl\_init();
241
curl\_setopt($curl, CURLOPT\_URL, $url);
242
$headers = array(
243
"Content-Type: application/json",
244
$apt\_key,
245
);
246
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
247
curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
248
$response = curl\_exec($curl);
249
curl\_close($curl);
250
wp\_send\_json( json\_decode($response));
251
wp\_die();
252
}
253
154
public function qcld\_sanitize\_text\_or\_array\_field($array\_or\_string) {
254
155
if( is\_string($array\_or\_string) ){
…
…
267
168
return $array\_or\_string;
268
169
}
269
public function qcld\_openai\_post\_data\_converter\_count()
270
{
271
global $wpdb;
272
$qcldopenai\_result = array('status' => 'error');
273
if(isset($\_POST\['data'\]) && is\_array($\_POST\['data'\])){
274
$types = Self::qcld\_sanitize\_text\_or\_array\_field($\_POST\['data'\]);
275
$sql = "SELECT COUNT(\*) FROM ".$wpdb->posts." WHERE post\_status='publish' AND post\_type IN ('".implode("','",$types)."')";
276
$qcldopenai\_result\['count'\] = $wpdb->get\_var($sql);
277
$qcldopenai\_result\['status'\] = 'success';
278
$qcldopenai\_result\['types'\] = $types;
279
}
280
else $qcldopenai\_result\['msg'\] = 'Please select least one data to convert';
281
282
$this->qcld\_openai\_post\_data\_converter($qcldopenai\_result);
283
}
284
285
public function qcld\_openai\_post\_data\_converter($result)
286
{
287
$qcldopenai\_result = array('status' => 'error','msg' => 'Something went wrong');
288
global $wpdb;
289
if(
290
isset($result\['types'\])
291
&& is\_array($result\['types'\])
292
){
293
$types = Self::qcld\_sanitize\_text\_or\_array\_field($result\['types'\]);
294
295
$qcldopenai\_total = sanitize\_text\_field($\_POST\['total'\]);
296
$qcldopenai\_per\_page = sanitize\_text\_field($\_POST\['per\_page'\]);
297
$qcldopenai\_page = isset($\_POST\['page'\]) && !empty($\_POST\['page'\]) ? sanitize\_text\_field($\_POST\['page'\]) : 1;
298
if(isset($\_POST\['file'\]) && !empty($\_POST\['file'\])){
299
$qcldopenai\_file = sanitize\_text\_field($\_POST\['file'\]);
300
}else{
301
$qcldopenai\_file = md5(time()).'.jsonl';
302
}
303
if(isset($\_POST\['id'\]) && !empty($\_POST\['id'\])){
304
$qcldopenai\_convert\_id = sanitize\_text\_field($\_POST\['id'\]);
305
}else{
306
$qcldopenai\_convert\_id = wp\_insert\_post(array(
307
'post\_title' => $qcldopenai\_file,
308
'post\_type' => 'qcldopenai\_convert',
309
'post\_status' => 'publish'
310
));
311
} try {
312
$upload = wp\_upload\_dir();
313
$upload\_dir = $upload\['basedir'\] . '/' . 'qcldopenai\_site\_training';
314
$permissions = 0755;
315
$oldmask = umask(0);
316
if (!is\_dir($upload\_dir)){
317
mkdir($upload\_dir, $permissions);
318
$umask = umask($oldmask);
319
$chmod = chmod($upload\_dir, $permissions);
320
}
321
$gcdirpath = WP\_CONTENT\_DIR.'/qcldopenai\_site\_training';
322
$qcldopenai\_json\_file = fopen(wp\_upload\_dir()\['basedir'\] .'/qcldopenai\_site\_training/'.basename($qcldopenai\_file), "w");
323
$qcldopenai\_content = '';
324
$sql = "SELECT post\_title, post\_content FROM ".$wpdb->posts." WHERE post\_status='publish' AND post\_type IN ('".implode("','",$types)."') ORDER BY post\_date";
325
$qcldopenai\_data = $wpdb->get\_results($sql);
326
if($qcldopenai\_data && is\_array($qcldopenai\_data) && count($qcldopenai\_data)){
327
foreach($qcldopenai\_data as $item){
328
$tag\_less\_content = wp\_strip\_all\_tags($item->post\_content);
329
$vc\_tag\_less = preg\_replace("/\\\[(\\/\*)?vc\_(.\*?)\\\]/", '', $tag\_less\_content);
330
$clean\_html\_body = preg\_replace('/\\xc2\\xa0/', '', $vc\_tag\_less);
331
$completion\_string = str\_replace(array("\\n","\\r","\\t"," "), ' ', $clean\_html\_body);
332
$completion\_string = wp\_trim\_words( $completion\_string,500);
333
334
$tag\_less\_title = wp\_strip\_all\_tags($item->post\_title);
335
$clean\_html\_title = preg\_replace('/\\xc2\\xa0/', '', $tag\_less\_title);
336
$title\_string = str\_replace(array("\\n","\\r","\\t"," "), ' ', $clean\_html\_title);
337
$title\_string = wp\_trim\_words( $title\_string,50);
338
$data = array(
339
"prompt" => $title\_string.' ->',
340
"completion" => $completion\_string
341
);
342
fwrite($qcldopenai\_json\_file, json\_encode($data) . PHP\_EOL);
170
171
172
173
public function qcld\_openai\_image\_generate(){
174
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
175
if (! wp\_verify\_nonce($nonce,'wp\_chatbot')) {
176
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
177
wp\_die();
178
179
}else{
180
$qcld\_seo\_result = array(
181
'status' => 'error',
182
'msg' => 'Something went wrong',
183
);
184
$OPENAI\_API\_KEY = get\_option('open\_ai\_api\_key');
185
$qcld\_seo\_prompt = isset( $\_POST\['qcld\_seo\_prompt'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_prompt'\] ) : '';
186
$qcld\_seo\_artist = isset( $\_POST\['qcld\_seo\_artist'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_artist'\] ) : 'Painter';
187
$qcld\_seo\_art\_style = isset( $\_POST\['qcld\_seo\_art\_style'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_art\_style'\] ) : 'Style';
188
$qcld\_seo\_photography\_style = isset( $\_POST\['qcld\_seo\_photography\_style'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_photography\_style'\] ) : 'Photography Style';
189
$qcld\_seo\_lighting = isset( $\_POST\['qcld\_seo\_lighting'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_lighting'\] ) : 'Lighting';
190
$qcld\_seo\_subject = isset( $\_POST\['qcld\_seo\_subject'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_subject'\] ) : 'Subject';
191
$qcld\_seo\_camera\_settings = isset( $\_POST\['qcld\_seo\_camera\_settings'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_camera\_settings'\] ) : 'Camera Settings';
192
$qcld\_seo\_composition = isset( $\_POST\['qcld\_seo\_composition'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_composition'\] ) : 'Composition';
193
$qcld\_seo\_resolution = isset( $\_POST\['qcld\_seo\_resolution'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_resolution'\] ) : 'Resolution';
194
$qcld\_seo\_color = isset( $\_POST\['qcld\_seo\_color'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_color'\] ) : 'Color';
195
$qcld\_seo\_special\_effects = isset( $\_POST\['qcld\_seo\_special\_effects'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_special\_effects'\] ) : 'Special Effects';
196
$qcld\_seo\_img\_size = isset( $\_POST\['qcld\_seo\_img\_size'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_img\_size'\] ) : '512x512';
197
$qcld\_seo\_num\_images = isset( $\_POST\['qcld\_seo\_num\_images'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_num\_images'\] ) : 1;
198
$qcld\_seo\_num\_images = isset( $qcld\_seo\_num\_images ) ? (int) $qcld\_seo\_num\_images : 6;
199
if (!empty($qcld\_seo\_prompt)) {
200
// Get the prompt from the form
201
$prompt = $qcld\_seo\_prompt;
202
$img\_size = $qcld\_seo\_img\_size;
203
$num\_images = $qcld\_seo\_num\_images;
204
// convert num\_images to an integer
205
$num\_images = (int) $num\_images;
206
$prompt\_elements = array(
207
'artist' => $qcld\_seo\_artist,
208
'art\_style' => $qcld\_seo\_art\_style,
209
'photography\_style' => $qcld\_seo\_photography\_style,
210
'composition' => $qcld\_seo\_composition,
211
'resolution' => $qcld\_seo\_resolution,
212
'color' => $qcld\_seo\_color,
213
'special\_effects' => $qcld\_seo\_special\_effects,
214
'lighting' => $qcld\_seo\_lighting,
215
'subject' => $qcld\_seo\_subject,
216
'camera\_settings' => $qcld\_seo\_camera\_settings,
217
);
218
foreach ($prompt\_elements as $key => $value) {
219
if ($\_POST\[$key\] != "None") {
220
$prompt = $prompt . ". " . $value . ": " . $\_POST\[$key\];
343
221
}
344
222
}
345
fclose($qcldopenai\_json\_file);
346
$qcldopenai\_result\['file'\] = $qcldopenai\_file;
347
$qcldopenai\_result\['id'\] = $qcldopenai\_convert\_id;
348
$qcldopenai\_result\['status'\] = 'success';
349
} catch (\\Exception $exception){
350
$qcldopenai\_result\['msg'\] = $exception->getMessage();
351
}
352
}
353
else $qcldopenai\_result\['msg'\] = 'Please select least one data to convert';
354
wp\_send\_json($qcldopenai\_result);
355
}
356
357
public function openai\_ft\_model\_delete(){
358
$ft\_id = sanitize\_text\_field($\_POST\['ft\_id'\]);
359
$url = 'https://api.openai.com/v1/models/' . $ft\_id;
360
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
361
$curl = curl\_init();
362
$headers = array(
363
"Content-Type: multipart/form-data",
364
$apt\_key,
365
);
366
curl\_setopt($curl, CURLOPT\_URL, $url);
367
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
368
curl\_setopt($curl, CURLOPT\_CUSTOMREQUEST, 'DELETE');
369
curl\_setopt($curl, CURLOPT\_POST, true);
370
$res = json\_decode(curl\_exec ($curl));
371
curl\_close ($curl);
372
echo wp\_send\_json(\[$rel\]);
373
wp\_die();
374
375
}
376
public function qcld\_openai\_upload\_pagetraining\_file(){
377
378
if(
379
isset($\_POST\['filename'\])
380
&& !empty($\_POST\['filename'\])
381
){
382
$filename = sanitize\_text\_field($\_POST\['filename'\]);
383
$line = isset($\_POST\['line'\]) && !empty($\_POST\['line'\]) ? sanitize\_text\_field($\_POST\['line'\]) : 0;
384
$file = wp\_upload\_dir()\['basedir'\].'/qcldopenai\_site\_training/'.$filename;
385
if(file\_exists($file)){
386
$qcld\_openai\_lines = file($file);
387
$fileo = '@'. wp\_upload\_dir()\['basedir'\].'/qcldopenai\_site\_training/'.$filename;
388
$split\_file = wp\_upload\_dir()\['basedir'\].'/qcldopenai\_site\_training/'.$filename;
389
$qcld\_openai\_json\_file = fopen($split\_file, "a");
390
$qcld\_openai\_content = '';
391
for($i = $line; $i <= count($qcld\_openai\_lines);$i++){
392
if($i == count($qcld\_openai\_lines)){
393
$qcld\_openai\_content .= $qcld\_openai\_lines\[$i\];
394
$qcld\_openai\_result\['next'\] = 'DONE';
395
}
396
else{
397
if(mb\_strlen($qcld\_openai\_content, '8bit') > $this->wpaicg\_max\_file\_size){
398
$qcld\_openai\_result\['next'\] = $i+1;
399
break;
400
}
401
else{
402
$qcld\_openai\_content .= $qcld\_openai\_lines\[$i\];
403
}
404
}
405
}
406
fwrite($qcld\_openai\_json\_file,$qcld\_openai\_content);
407
fclose($qcld\_openai\_json\_file);
408
$url = 'https://api.openai.com/v1/files';
409
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
223
// Send the request to OpenAI
224
$request\_body = \[
225
"prompt" => $prompt,
226
"n" => $num\_images,
227
"size" => $img\_size,
228
"response\_format" => "url",
229
\];
230
$data = json\_encode($request\_body);
231
$url = "https://api.openai.com/v1/images/generations";
232
$apt\_key = "Authorization: Bearer ". $OPENAI\_API\_KEY;
410
233
$curl = curl\_init($url);
411
$c\_file = curl\_file\_create($split\_file, mime\_content\_type($split\_file),basename($split\_file));
412
$data = array(
413
'purpose' => 'fine-tune',
414
'file' => $c\_file,
415
);
416
234
curl\_setopt($curl, CURLOPT\_URL, $url);
417
235
curl\_setopt($curl, CURLOPT\_POST, true);
418
$headers = array(
419
"Content-Type: multipart/form-data",
420
$apt\_key,
236
curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
237
$headers = array(
238
"Content-Type: application/json",
239
$apt\_key ,
421
240
);
422
$init = curl\_init();
423
curl\_setopt($init, CURLOPT\_URL,$url);
424
curl\_setopt($init, CURLOPT\_HTTPHEADER, $headers);
425
curl\_setopt($init, CURLOPT\_POSTFIELDS, $data);
426
curl\_setopt($init, CURLOPT\_RETURNTRANSFER, true);
427
$res = json\_decode(curl\_exec ($init));
428
429
curl\_close ($init);
430
if(!empty($res->error)){
431
$response\['status'\] = 'error';
432
$response\['message'\] = $res->error->message;
241
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
242
curl\_setopt($curl, CURLOPT\_POSTFIELDS, $data);
243
$result = curl\_exec($curl);
244
curl\_close($curl);
245
246
// we need to catch the error here
247
$img\_result = json\_decode( $result );
248
249
$image\_grid = '<div class="qcld\_image\_grid">';
250
for ($i = 0; $i < $num\_images; $i++) {
251
$image\_grid .= '<div class="qcld\_image-grid\_wrap qcld\_botopenai\_generate\_image\_download"> ';
252
$image\_grid .= '<img class="qcld\_image-item" src=' . esc\_html($img\_result->data\[$i\]->url) . '>';
253
$image\_grid .= '<div class="qcld\_seo\_download" data-img="' . esc\_html($img\_result->data\[$i\]->url) . '"><button class="btn btn-success">Add to media libary</button></div>';
254
$image\_grid .= '</div>';
433
255
}
434
435
if(!empty($res->status)){
436
$response\['status'\] = 'success';
437
$response\['message'\] = 'Successfully Created file' . $res->id ;
438
439
}
440
echo wp\_send\_json(\[$response\]);
441
wp\_die();
442
} else {
443
if(!empty($res->status)){
444
$response\['status'\] = 'error';
445
$response\['message'\] = 'The file has been removed from wp-uploads';
446
}
447
}
256
$image\_grid .= '</div>';
257
$qcld\_seo\_result\['status'\] = 'success';
258
$qcld\_seo\_result\['html'\] = $image\_grid;
259
260
}
261
262
wp\_send\_json( $qcld\_seo\_result );
448
263
}
449
264
}
450
public function openai\_file\_upload\_callback(){
451
$uploadedfile = $\_FILES\['file'\];
452
$url = 'https://api.openai.com/v1/files';
453
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
454
$curl = curl\_init($url);
455
curl\_setopt($curl, CURLOPT\_URL, $url);
456
curl\_setopt($curl, CURLOPT\_POST, true);
457
$headers = array(
458
"Content-Type: multipart/form-data",
459
$apt\_key,
460
);
461
if (function\_exists('curl\_file\_create')) {
462
$tmp\_file = curl\_file\_create($uploadedfile\['tmp\_name'\], 'jsonl', $uploadedfile\['name'\]);
463
} else {
464
$tmp\_file = open($uploadedfile\['tmp\_name'\]);
465
}
466
467
$data = array('file'=> $tmp\_file,'purpose'=> 'fine-tune');
468
$init = curl\_init();
469
//function parameteres
470
curl\_setopt($init, CURLOPT\_URL,$url);
471
curl\_setopt($init, CURLOPT\_HTTPHEADER, $headers);
472
curl\_setopt($init, CURLOPT\_POSTFIELDS, $data);
473
curl\_setopt($init, CURLOPT\_RETURNTRANSFER, true);
474
$res = json\_decode(curl\_exec ($init));
475
476
curl\_close ($init);
477
if(!empty($res->error)){
478
$response\['status'\] = 'error';
479
$response\['message'\] = $res->error->message;
480
}
481
482
if(!empty($res->status)){
483
$response\['status'\] = 'success';
484
$response\['message'\] = 'Successfully Created file' . $res->id ;
485
486
}
487
echo wp\_send\_json(\[$response\]);
488
wp\_die();
489
}
490
public function qcld\_openai\_image\_generate(){
491
492
$qcld\_seo\_result = array(
493
'status' => 'error',
494
'msg' => 'Something went wrong',
495
);
496
$OPENAI\_API\_KEY = get\_option('open\_ai\_api\_key');
497
$qcld\_seo\_prompt = isset( $\_POST\['qcld\_seo\_prompt'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_prompt'\] ) : '';
498
$qcld\_seo\_artist = isset( $\_POST\['qcld\_seo\_artist'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_artist'\] ) : 'Painter';
499
$qcld\_seo\_art\_style = isset( $\_POST\['qcld\_seo\_art\_style'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_art\_style'\] ) : 'Style';
500
$qcld\_seo\_photography\_style = isset( $\_POST\['qcld\_seo\_photography\_style'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_photography\_style'\] ) : 'Photography Style';
501
$qcld\_seo\_lighting = isset( $\_POST\['qcld\_seo\_lighting'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_lighting'\] ) : 'Lighting';
502
$qcld\_seo\_subject = isset( $\_POST\['qcld\_seo\_subject'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_subject'\] ) : 'Subject';
503
$qcld\_seo\_camera\_settings = isset( $\_POST\['qcld\_seo\_camera\_settings'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_camera\_settings'\] ) : 'Camera Settings';
504
$qcld\_seo\_composition = isset( $\_POST\['qcld\_seo\_composition'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_composition'\] ) : 'Composition';
505
$qcld\_seo\_resolution = isset( $\_POST\['qcld\_seo\_resolution'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_resolution'\] ) : 'Resolution';
506
$qcld\_seo\_color = isset( $\_POST\['qcld\_seo\_color'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_color'\] ) : 'Color';
507
$qcld\_seo\_special\_effects = isset( $\_POST\['qcld\_seo\_special\_effects'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_special\_effects'\] ) : 'Special Effects';
508
$qcld\_seo\_img\_size = isset( $\_POST\['qcld\_seo\_img\_size'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_img\_size'\] ) : '512x512';
509
$qcld\_seo\_num\_images = isset( $\_POST\['qcld\_seo\_num\_images'\] ) ? sanitize\_text\_field( $\_POST\['qcld\_seo\_num\_images'\] ) : 1;
510
$qcld\_seo\_num\_images = isset( $qcld\_seo\_num\_images ) ? (int) $qcld\_seo\_num\_images : 6;
511
if (!empty($qcld\_seo\_prompt)) {
512
// Get the prompt from the form
513
$prompt = $qcld\_seo\_prompt;
514
$img\_size = $qcld\_seo\_img\_size;
515
$num\_images = $qcld\_seo\_num\_images;
516
// convert num\_images to an integer
517
$num\_images = (int) $num\_images;
518
$prompt\_elements = array(
519
'artist' => $qcld\_seo\_artist,
520
'art\_style' => $qcld\_seo\_art\_style,
521
'photography\_style' => $qcld\_seo\_photography\_style,
522
'composition' => $qcld\_seo\_composition,
523
'resolution' => $qcld\_seo\_resolution,
524
'color' => $qcld\_seo\_color,
525
'special\_effects' => $qcld\_seo\_special\_effects,
526
'lighting' => $qcld\_seo\_lighting,
527
'subject' => $qcld\_seo\_subject,
528
'camera\_settings' => $qcld\_seo\_camera\_settings,
529
);
530
foreach ($prompt\_elements as $key => $value) {
531
if ($\_POST\[$key\] != "None") {
532
$prompt = $prompt . ". " . $value . ": " . $\_POST\[$key\];
533
}
534
}
535
// Send the request to OpenAI
536
$request\_body = \[
537
"prompt" => $prompt,
538
"n" => $num\_images,
539
"size" => $img\_size,
540
"response\_format" => "url",
541
\];
542
$data = json\_encode($request\_body);
543
$url = "https://api.openai.com/v1/images/generations";
544
$apt\_key = "Authorization: Bearer ". $OPENAI\_API\_KEY;
545
$curl = curl\_init($url);
546
curl\_setopt($curl, CURLOPT\_URL, $url);
547
curl\_setopt($curl, CURLOPT\_POST, true);
548
curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
549
$headers = array(
550
"Content-Type: application/json",
551
$apt\_key ,
552
);
553
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
554
curl\_setopt($curl, CURLOPT\_POSTFIELDS, $data);
555
$result = curl\_exec($curl);
556
curl\_close($curl);
557
558
// we need to catch the error here
559
$img\_result = json\_decode( $result );
560
561
$image\_grid = '<div class="qcld\_image\_grid">';
562
for ($i = 0; $i < $num\_images; $i++) {
563
$image\_grid .= '<div class="qcld\_image-grid\_wrap qcld\_botopenai\_generate\_image\_download"> ';
564
$image\_grid .= '<img class="qcld\_image-item" src=' . esc\_html($img\_result->data\[$i\]->url) . '>';
565
$image\_grid .= '<div class="qcld\_seo\_download" data-img="' . esc\_html($img\_result->data\[$i\]->url) . '"><button class="btn btn-success">Add to media libary</button></div>';
566
$image\_grid .= '</div>';
567
}
568
$image\_grid .= '</div>';
569
$qcld\_seo\_result\['status'\] = 'success';
570
$qcld\_seo\_result\['html'\] = $image\_grid;
571
572
}
573
574
wp\_send\_json( $qcld\_seo\_result );
575
}
576
public function qcld\_openai\_delete\_training\_file(){
577
$file = sanitize\_text\_field($\_POST\['file'\]);
578
$qcld\_seo\_result = array(
579
'status' => 'error',
580
'msg' => 'Something went wrong',
581
);
582
if (is\_file($file)) {
583
584
chmod($file, 0777);
585
586
if (unlink($file)) {
587
$result = 'File deleted';
588
$qcld\_seo\_result\['html'\] = $result;
589
} else {
590
$result = 'Cannot remove that file';
591
$qcld\_seo\_result\['html'\] = $result;
592
}
593
594
} else {
595
$result = 'File does not exist';
596
$qcld\_seo\_result\['html'\] = $result;
597
}
598
599
wp\_send\_json( $qcld\_seo\_result );
600
wp\_die();
601
602
}
603
public function openai\_finetune\_create($file\_id,$ft\_suffix,$ft\_engines){
604
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
605
$headers = array(
606
"Content-Type: application/json",
607
$apt\_key,
608
);
609
$curl = curl\_init();
610
$qcld\_openai\_suffix = isset($ft\_suffix) ? $ft\_suffix : get\_option('qcld\_openai\_suffix');
611
$openai\_engines = isset($ft\_engines) ? $ft\_engines : get\_option('openai\_engines');
612
$base\_engine = explode('-',$openai\_engines);
613
$data = json\_encode(array('training\_file'=>$file\_id,'model' => $base\_engine\[1\], 'suffix' => $qcld\_openai\_suffix ));
614
$url = "https://api.openai.com/v1/fine-tunes";
615
curl\_setopt($curl, CURLOPT\_URL, $url);
616
curl\_setopt($curl, CURLOPT\_HTTPHEADER, $headers);
617
curl\_setopt($curl, CURLOPT\_POST, true);
618
curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, true);
619
curl\_setopt($curl, CURLOPT\_POSTFIELDS, $data);
620
$result = json\_decode(curl\_exec($curl));
621
curl\_close($curl);
622
return $result;
623
}
624
public function openai\_finetune\_list(){
625
626
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
627
$headers = array(
628
"Content-Type: application/json",
629
$apt\_key,
630
);
631
$curl\_ft = curl\_init();
632
//$data = json\_encode(array('training\_file'=>$file\_id));
633
634
$url = "https://api.openai.com/v1/fine-tunes";
635
curl\_setopt($curl\_ft, CURLOPT\_URL, $url);
636
curl\_setopt($curl\_ft, CURLOPT\_HTTPHEADER, $headers);
637
curl\_setopt($curl\_ft, CURLOPT\_RETURNTRANSFER, true);
638
$result = json\_decode(curl\_exec($curl\_ft));
639
$ft\_arry = \[\];
640
foreach($result->data as $value ){
641
if(($value->training\_files\[0\]->status != 'deleted') && ($value->result\_files\[0\]->status != 'deleted') ){
642
$ft\_arry\[\] = \[$value->id,$value->fine\_tuned\_model,$value->status,$value->training\_files\[0\]->filename,$value->training\_files\[0\]->id\];
643
}
644
}
645
curl\_close($curl\_ft);
646
wp\_send\_json( $ft\_arry);
647
wp\_die();
648
649
650
}
651
public function openai\_retrive\_fine\_tune($keyword){
652
653
$apt\_key = "Authorization: Bearer ". get\_option('open\_ai\_api\_key');
654
$headers = array(
655
"Content-Type: application/json",
656
$apt\_key,
657
);
658
$curl = curl\_init();
659
$max\_tokens = (int)get\_option( 'openai\_max\_tokens');
660
$temp = (float)get\_option( 'openai\_temperature');
661
$frequency\_penalty = (float)get\_option( 'frequency\_penalty');
662
$presence\_penalty = (float)get\_option( 'presence\_penalty');
663
$engines = explode('-',get\_option( 'openai\_engines'));
664
665
$data = json\_encode(array(
666
'prompt'=>$keyword,
667
'model'=> get\_option( 'qcld\_openai\_custom\_model'),
668
"max\_tokens" => $max\_tokens,
669
"temperature" => $temp,
670
"top\_p" => 1,
671
"presence\_penalty" => $frequency\_penalty,
672
"frequency\_penalty"=> $presence\_penalty,
673
"best\_of"=> 1,
674
));
675
$url = "https://api.openai.com/v1/completions";
676
677
$ch = curl\_init();
678
679
curl\_setopt($ch, CURLOPT\_URL, 'https://api.openai.com/v1/completions');
680
// curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, 1);
681
// curl\_setopt($ch, CURLOPT\_POST, 1);
682
curl\_setopt($ch, CURLOPT\_RETURNTRANSFER, true);
683
curl\_setopt($ch, CURLOPT\_CUSTOMREQUEST, 'POST');
684
curl\_setopt($ch, CURLOPT\_HTTPHEADER, $headers);
685
curl\_setopt($ch, CURLOPT\_POSTFIELDS, $data);
686
687
$result = (curl\_exec($ch));
688
$result = str\_replace("#","",$result );
689
return $result;
690
if (curl\_errno($ch)) {
691
echo 'Error:' . curl\_error($ch);
692
}
693
curl\_close($ch);
694
695
}
265
696
266
public function response\_form\_file($keyword){
697
267
$max\_tokens = (int)get\_option( 'openai\_max\_tokens');
…
…
825
395
$gptkeyword = \[\];
826
396
$keyword = sanitize\_text\_field($\_POST\['keyword'\]);
827
$response\_files = $this->openai\_retrive\_fine\_tune($keyword);
397
828
398
$response\_file = json\_decode($response\_files, true);
829
399
$gptkeywords = \[\];
830
if(empty($response\_file\['choices'\]\[0\]\["text"\])){
831
832
$engines = explode('-',get\_option( 'openai\_engines'));
833
if($engines\[0\] == 'gpt'){
834
835
if(empty($\_COOKIE\["last\_five\_prompt"\])){
836
array\_push($gptkeyword, array(
837
"role" => "user",
838
"content" => $keyword
839
));
840
setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeyword)) , time() + (60000), "/");
841
}else{
842
$data = ($\_COOKIE\['last\_five\_prompt'\]);
843
$data = (base64\_decode($data));
844
$gptkeyword = maybe\_unserialize($data);
845
if(is\_array($gptkeyword)){
846
array\_push( $gptkeyword, array(
847
"role" => "user",
848
"content" => $keyword
849
));
850
setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeyword)) , time() + (60000), "/");
851
}
852
}
853
400
$engines = explode('-',get\_option( 'openai\_engines'));
401
if($engines\[0\] == 'gpt'){
402
403
// if(empty($\_COOKIE\["last\_five\_prompt"\])){
404
array\_push($gptkeyword, array(
405
"role" => "user",
406
"content" => $keyword
407
));
408
setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeyword)) , time() + (60000), "/");
409
// }else{
410
// $data = ($\_COOKIE\['last\_five\_prompt'\]);
411
// $data = (base64\_decode($data));
412
// $gptkeyword = maybe\_unserialize($data);
413
// if(is\_array($gptkeyword)){
414
// array\_push( $gptkeyword, array(
415
// "role" => "user",
416
// "content" => $keyword
417
// ));
418
// setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeyword)) , time() + (60000), "/");
419
// }
420
// }
421
854
422
if((!empty(get\_option('openai\_include\_keyword')) || !empty(get\_option('openai\_exclude\_keyword'))) && (get\_option('qcld\_openai\_relevant\_enabled') == '1') ){
855
423
$prompts = $this->include\_exclude\_prompt($keyword);
…
…
858
426
"role" => "user",
859
427
"content" => $prompts,
860
));
428
));
861
429
}else if((!empty(get\_option('openai\_include\_keyword')) || !empty(get\_option('openai\_exclude\_keyword'))) && (get\_option('qcld\_openai\_relevant\_enabled') == '0')){
862
if($this->qcld\_include\_keyword\_exist($keyword) == false){
430
if($this->qcld\_include\_keyword\_exist($keyword) == false){
863
431
$response\['message'\] = 'Sorry, No result found!';
864
432
echo json\_encode($response);
865
wp\_die();
433
wp\_die();
866
434
}else{
867
435
array\_push($gptkeyword, array(
868
436
"role" => "user",
869
437
"content" => $keyword
870
));
438
));
871
439
}
872
440
873
441
}
874
875
$res = $OpenAI->gptcomplete(
876
$gptkeyword
877
);
878
$mess = json\_decode($res);
879
$response\['message'\] = $mess->choices\[0\]->message->content;
880
if($response\['message'\] == 'DUH.' || $response\['message'\] == 'DUH'){
881
$response\['message'\] = 'Sorry, No result found!';
882
}
883
if(get\_option('conversation\_continuity') == 1){
884
$data = ($\_COOKIE\['last\_five\_prompt'\]);
885
$data = (base64\_decode($data));
886
$gptkeywords = maybe\_unserialize($data);
887
if(is\_array($gptkeywords)){
888
array\_push( $gptkeywords, array(
889
"role" => "assistant",
890
"content" => $response\['message'\]
891
));
892
setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeywords)) , time() + (60000), "/");
893
}
894
}
895
896
}else{
897
if(((get\_option('openai\_include\_keyword') != '') || (get\_option('openai\_exclude\_keyword') != '')) && (get\_option('qcld\_openai\_relevant\_enabled') == '1') ){
898
$prompts = $this->include\_exclude\_prompt($keyword);
899
}else if(((get\_option('openai\_include\_keyword') != '') || (get\_option('openai\_exclude\_keyword') != '')) && (get\_option('qcld\_openai\_relevant\_enabled') == '0')){
900
if($this->qcld\_include\_keyword\_exist($keyword) == false){
901
$response\['message'\] = "Sorry, No result found!";
902
echo json\_encode($response);
903
wp\_die();
904
}else{
905
$prompts = $this->get\_prompt($keyword);
906
}
442
443
$res = $OpenAI->gptcomplete(
444
$gptkeyword
445
);
446
$mess = json\_decode($res);
447
$response\['message'\] = $mess->choices\[0\]->message->content;
448
if($response\['message'\] == 'DUH.' || $response\['message'\] == 'DUH'){
449
$response\['message'\] = 'Sorry, No result found!';
450
}
451
// if(get\_option('conversation\_continuity') == 1){
452
// $data = ($\_COOKIE\['last\_five\_prompt'\]);
453
// $data = (base64\_decode($data));
454
// $gptkeywords = maybe\_unserialize($data);
455
// if(is\_array($gptkeywords)){
456
// array\_push( $gptkeywords, array(
457
// "role" => "assistant",
458
// "content" => $response\['message'\]
459
// ));
460
// setcookie('last\_five\_prompt', base64\_encode(maybe\_serialize($gptkeywords)) , time() + (60000), "/");
461
// }
462
// }
463
464
}else{
465
466
if(((get\_option('openai\_include\_keyword') != '') || (get\_option('openai\_exclude\_keyword') != '')) && (get\_option('qcld\_openai\_relevant\_enabled') == '1') ){
467
$prompts = $this->include\_exclude\_prompt($keyword);
468
}else if(((get\_option('openai\_include\_keyword') != '') || (get\_option('openai\_exclude\_keyword') != '')) && (get\_option('qcld\_openai\_relevant\_enabled') == '0')){
469
470
if($this->qcld\_include\_keyword\_exist($keyword) == false){
471
$response\['message'\] = "Sorry, No result found!";
472
echo json\_encode($response);
473
wp\_die();
907
474
}else{
908
475
$prompts = $this->get\_prompt($keyword);
909
476
}
910
$prompt =$prompts;
911
$res = $OpenAI->complete(
912
$prompt
913
);
914
915
$mess = json\_decode($res);
916
$response\['message'\] = $mess->choices\[0\]->text;
917
if($response\['message'\] == 'DUH.' || $response\['message'\] == 'DUH'){
918
$response\['message'\] = 'Sorry, No result found!';
919
}
920
if(get\_option('conversation\_continuity') == 1){
921
$lasfivecookie = $\_COOKIE\["last\_five\_prompt"\] . $response\['message'\] . '###';
922
$response\['cookie'\] = $\_COOKIE\["last\_five\_prompt"\];
923
}
924
}
925
}else{
926
$response\['message'\] = $response\_file\['choices'\]\[0\]\["text"\];
927
}
477
}else{
478
$prompts = $this->get\_prompt($keyword);
479
}
480
$prompt =$prompts;
481
$res = $OpenAI->complete(
482
$prompt
483
);
484
485
$mess = json\_decode($res);
486
$response\['message'\] = $mess->choices\[0\]->text;
487
if($response\['message'\] == 'DUH.' || $response\['message'\] == 'DUH'){
488
$response\['message'\] = 'Sorry, No result found!';
489
}
490
if(get\_option('conversation\_continuity') == 1){
491
$lasfivecookie = $\_COOKIE\["last\_five\_prompt"\] . $response\['message'\] . '###';
492
$response\['cookie'\] = $\_COOKIE\["last\_five\_prompt"\];
493
}
494
}
495
928
496
echo json\_encode($response);
929
497
wp\_die();
chatbot/trunk/includes/openai/qcld_wp_OpenAI.php
r2967435
r2977505
66
66
"temperature" => 0
67
67
);
68
68
69
$header = \[
69
70
'Content-Type: application/json',
chatbot/trunk/js/qcld-wp-chatbot-admin.js
r2967435
r2977505
160
160
$('#qc\_wpbot\_gc\_download').on('click', function(e){
161
161
e.preventDefault();
162
163
162
$.ajax(
164
163
{
…
…
166
165
// Change to 'GET' if you need.
167
166
url: ajax\_object.ajax\_url, data: {
168
'action': 'qcld\_wp\_chatbot\_gc\_client\_download'
167
'action': 'qcld\_wp\_chatbot\_gc\_client\_download',
168
'nonce': ajax\_object.ajax\_nonce,
169
169
},
170
170
beforeSend: function()
…
…
182
182
// Change to 'GET' if you need.
183
183
url: ajax\_object.ajax\_url, data: {
184
'action': 'qcld\_wp\_chatbot\_gc\_client\_extract'
184
'action': 'qcld\_wp\_chatbot\_gc\_client\_extract',
185
'nonce': ajax\_object.ajax\_nonce
185
186
},
186
187
beforeSend: function()
…
…
488
489
'action': 'qcld\_wp\_df\_api\_call',
489
490
'dfquery': 'hi',
491
'nonce': ajax\_object.ajax\_nonce,
490
492
'sessionid': 'wpwBot\_df\_201sdf8071'
491
493
},
…
…
736
738
data: {
737
739
738
action: 'qcld-wp-chabot-reindex'
740
action: 'qcld-wp-chabot-reindex',
741
'nonce': ajax\_object.ajax\_nonce
739
742
740
743
},
…
…
840
843
url: ajax\_object.ajax\_url,
841
844
data: {
842
action: 'qcld-wp-chabot-cancel-index'
845
action: 'qcld-wp-chabot-cancel-index',
846
'nonce': ajax\_object.ajax\_nonce
843
847
}
844
848
});
…
…
1142
1146
});
1143
1147
}
1144
$('#post\_conversion\_files').on('click','.qcld\_convert\_upload',function(){
1145
var filename = $('.qcld\_convert\_upload').attr('data-file');
1146
var lines = $('.qcld\_convert\_upload').attr('data-lines');
1147
1148
$.ajax({
1149
url: ajax\_object.ajax\_url,
1150
type: "POST",
1151
dataType: "JSON",
1152
data: {
1153
action : 'qcld\_openai\_upload\_pagetraining\_file',
1154
data: lines,
1155
filename: filename,
1156
},
1157
success: function(res) {
1158
location.reload();
1159
setTimeout(() => {
1160
jQuery('a\[href$="#wp-chatbot-openai-training-model"\]').trigger('click');
1161
}, 5000);
1162
}
1163
});
1164
1165
})
1148
1166
1149
$("#wp-chatbot-data\_post\_converter").on('click','.qcld\_convert\_data', function(){
1167
1150
var list = $("input\[name='wp\_chatbot\_data\_converter\_list\[\]'\]:checked").map(function () {
…
…
1342
1325
qcld\_seo\_img\_size: qcld\_seo\_img\_size,
1343
1326
qcld\_seo\_num\_images: qcld\_seo\_num\_images,
1344
action: 'qcld\_openai\_image\_generate'
1327
action: 'qcld\_openai\_image\_generate',
1328
nonce: ajax\_object.ajax\_url,
1345
1329
};
1346
1330
chatbot/trunk/js/qcld-wp-chatbot-plugin.js
r2967435
r2977505
295
295
});
296
296
}else{
297
console.log(globalwpw.settings.obj)
297
298
return jQuery.post(globalwpw.settings.obj.ajax\_url, {
298
299
'action': 'qcld\_wp\_df\_api\_call',
299
300
'dfquery': text,
301
'nonce': globalwpw.settings.obj.ajax\_nonce,
300
302
'sessionid': localStorage.getItem('botsessionid')?localStorage.getItem('botsessionid'):'wpwBot\_df\_2018071'
301
303
});
…
…
1187
1189
},
1188
1190
site\_search:function(msg){
1189
msg = wpwKits.filterStopWords(msg);
1190
var data = {'action':'wpbo\_search\_site','name':globalwpw.hasNameCookie,'keyword':msg};
1191
msg1 = wpwKits.filterStopWords(msg);
1192
var data = {'action':'wpbo\_search\_site','name':globalwpw.hasNameCookie,'keyword':msg1};
1191
1193
wpwKits.ajax(data).done(function (res) {
1192
1194
var json=$.parseJSON(res);
chatbot/trunk/qcld-wpwbot-search.php
r2967435
r2977505
86
86
$response\['status'\] = 'fail';
87
87
}
88
//var\_dump($total\_post);wp\_die();
89
88
$response\['html'\] .= '<p>'.$msg.'</p>';
90
89
$response\['html'\] .= $responses;
…
…
174
173
175
174
$status = array('status'=>'fail', 'multiple'=>false);
175
$field = "ID";
176
176
if(($strid != '') && empty($response\_result)){
177
$results = $wpdb->get\_results("SELECT \* FROM \`$table\` WHERE \`ID\` = ".$strid);
177
$results = $wpdb->get\_results($wpdb->prepare("SELECT \* FROM %i WHERE %i = %d",$table,$field,$strid));
178
178
if(!empty($results)){
179
179
foreach($results as $result){
…
…
184
184
}
185
185
}
186
187
$results = $wpdb->get\_results("SELECT \`id\`, \`query\`, \`response\` FROM \`$table\` WHERE 1 and \`query\` = '".$keyword."'");
186
$field = "query";
187
$sql\_text = $wpdb->prepare("SELECT \`id\`, \`query\`, \`response\` FROM %i WHERE 1 and %i = %s", $table, $field,$keyword);
188
$results = $wpdb->get\_results($sql\_text);
189
188
190
189
191
if(!empty($results)){
…
…
194
196
}
195
197
}
198
199
$field = "category";
196
200
if(empty($response\_result)){
197
$results = $wpdb->get\_results("SELECT \`id\`, \`query\`, \`response\` FROM \`$table\` WHERE 1 and \`category\` = '".$keyword."'");
201
$sql = $wpdb->prepare("SELECT \`id\`, \`query\`, \`response\` FROM %i WHERE 1 and %i = %s", $table,$field, $keyword);
202
$results = $wpdb->get\_results($sql );
198
203
199
204
…
…
232
237
$sql = "ALTER TABLE \`{$table}\` ADD FULLTEXT($qfields);";
233
238
$wpdb->query( $sql );
234
$sql\_text = "SELECT \`id\`, \`query\`, \`response\`, MATCH($qfields) AGAINST('".$keyword."' IN NATURAL LANGUAGE MODE) as score FROM $table WHERE MATCH($qfields) AGAINST('".$keyword."' IN NATURAL LANGUAGE MODE) order by score desc limit 15";
239
240
$sql\_text = $wpdb->prepare("SELECT \`id\`, \`query\`, \`response\`, MATCH($qfields) AGAINST(%s IN NATURAL LANGUAGE MODE) as score FROM %i WHERE MATCH($qfields) AGAINST(%s IN NATURAL LANGUAGE MODE) order by score desc limit 15",$keyword,$table,$keyword);
235
241
$results = $wpdb->get\_results($sql\_text);
236
237
242
$weight = get\_option('qc\_bot\_str\_weight')!=''?get\_option('qc\_bot\_str\_weight'):'0.4';
243
238
244
if(!empty($results)){
239
245
foreach($results as $result){
…
…
244
250
}
245
251
}
246
252
$field = "keyword";
247
253
if( empty( $response\_result ) ){
248
$results = $wpdb->get\_results("SELECT \* FROM \`$table\` WHERE \`keyword\` REGEXP '".$keyword."'");
254
$results = $wpdb->get\_results($wpdb->prepare("SELECT \* FROM %i WHERE %i REGEXP %s", $table,$field,$keyword));
255
256
249
257
if(!empty($results)){
250
258
foreach($results as $result){
chatbot/trunk/qcld-wpwbot.php
r2967435
r2977505
5
5
\* Description: ChatBot is a native WordPress ChatBot plugin to provide quick support and email functionality.
6
6
\* Donate link: https://www.quantumcloud.com
7
\* Version: 4.8.9
7
\* Version: 4.9.1
8
8
\* @author QuantumCloud
9
9
\* Author: QuantumCloud
…
…
19
19
20
20
if (!defined('ABSPATH')) exit; // Exit if accessed directly
21
define('QCLD\_wpCHATBOT\_VERSION', '4.8.9');
21
define('QCLD\_wpCHATBOT\_VERSION', '4.9.1');
22
22
define('QCLD\_wpCHATBOT\_REQUIRED\_wpCOMMERCE\_VERSION', 2.2);
23
23
define('QCLD\_wpCHATBOT\_PLUGIN\_DIR\_PATH', plugin\_dir\_path(\_\_FILE\_\_));
chatbot/trunk/qcld_df_api.php
r2967435
r2977505
79
79
add\_action('wp\_ajax\_nopriv\_qcld\_wp\_df\_api\_call', 'qcld\_wp\_df\_api\_call');
80
80
function qcld\_wp\_df\_api\_call(){
81
$session\_id = 'asd2342sde';
82
$language = get\_option('qlcd\_wp\_chatbot\_dialogflow\_agent\_language');
83
//project ID
84
$project\_ID = get\_option('qlcd\_wp\_chatbot\_dialogflow\_project\_id');
85
// Service Account Key json file
86
$JsonFileContents = get\_option('qlcd\_wp\_chatbot\_dialogflow\_project\_key');
87
if($project\_ID==''){
88
echo json\_encode(array('error'=>'Project ID is empty'));exit;
89
}
90
if($JsonFileContents==''){
91
echo json\_encode(array('error'=>'Key is empty'));exit;
92
}
93
if(!isset($\_POST\['dfquery'\]) || $\_POST\['dfquery'\]==''){
94
echo json\_encode(array('error'=>'Query text is not added!'));exit;
95
}
96
$query = sanitize\_text\_field($\_POST\['dfquery'\]);
97
if(isset($\_POST\['sessionid'\]) && $\_POST\['sessionid'\]!=''){
98
$session\_id = sanitize\_text\_field($\_POST\['sessionid'\]);
99
}
100
101
102
if(file\_exists(QCLD\_wpCHATBOT\_GC\_DIRNAME.'/autoload.php')){
103
104
require(QCLD\_wpCHATBOT\_GC\_DIRNAME.'/autoload.php');
105
106
$client = new \\Google\_Client();
107
$client->useApplicationDefaultCredentials();
108
$client->setScopes (\['https://www.googleapis.com/auth/dialogflow'\]);
109
// Convert to array
110
$array = json\_decode($JsonFileContents, true);
111
$client->setAuthConfig($array);
112
113
try {
114
$httpClient = $client->authorize();
115
$apiUrl = "https://dialogflow.googleapis.com/v2/projects/{$project\_ID}/agent/sessions/{$session\_id}:detectIntent";
116
117
$response = $httpClient->request('POST', $apiUrl, \[
118
'json' => \['queryInput' => \['text' => \['text' => $query, 'languageCode' => $language\]\],
119
'queryParams' => \['timeZone' => ''\]\]
120
\]);
121
122
$contents = $response->getBody()->getContents();
123
echo $contents;exit;
124
125
}catch(Exception $e) {
126
echo json\_encode(array('error'=>$e->getMessage()));exit;
127
}
81
$nonce = sanitize\_text\_field($\_POST\['nonce'\]);
82
if ((! wp\_verify\_nonce($nonce,'wp\_chatbot')) && ( ! wp\_verify\_nonce($nonce,'qcsecretbotnonceval123qc'))) {
83
wp\_send\_json(array('success' => false, 'msg' => esc\_html\_\_('Failed in Security check', 'sm')));
84
wp\_die();
128
85
129
86
}else{
130
echo json\_encode(array('error'=>'API client not found'));exit;
87
$session\_id = 'asd2342sde';
88
$language = get\_option('qlcd\_wp\_chatbot\_dialogflow\_agent\_language');
89
//project ID
90
$project\_ID = get\_option('qlcd\_wp\_chatbot\_dialogflow\_project\_id');
91
// Service Account Key json file
92
$JsonFileContents = get\_option('qlcd\_wp\_chatbot\_dialogflow\_project\_key');
93
if($project\_ID==''){
94
echo json\_encode(array('error'=>'Project ID is empty'));exit;
95
}
96
if($JsonFileContents==''){
97
echo json\_encode(array('error'=>'Key is empty'));exit;
98
}
99
if(!isset($\_POST\['dfquery'\]) || $\_POST\['dfquery'\]==''){
100
echo json\_encode(array('error'=>'Query text is not added!'));exit;
101
}
102
$query = sanitize\_text\_field($\_POST\['dfquery'\]);
103
if(isset($\_POST\['sessionid'\]) && $\_POST\['sessionid'\]!=''){
104
$session\_id = sanitize\_text\_field($\_POST\['sessionid'\]);
105
}
106
107
108
if(file\_exists(QCLD\_wpCHATBOT\_GC\_DIRNAME.'/autoload.php')){
109
110
require(QCLD\_wpCHATBOT\_GC\_DIRNAME.'/autoload.php');
111
112
$client = new \\Google\_Client();
113
$client->useApplicationDefaultCredentials();
114
$client->setScopes (\['https://www.googleapis.com/auth/dialogflow'\]);
115
// Convert to array
116
$array = json\_decode($JsonFileContents, true);
117
$client->setAuthConfig($array);
118
119
try {
120
$httpClient = $client->authorize();
121
$apiUrl = "https://dialogflow.googleapis.com/v2/projects/{$project\_ID}/agent/sessions/{$session\_id}:detectIntent";
122
123
$response = $httpClient->request('POST', $apiUrl, \[
124
'json' => \['queryInput' => \['text' => \['text' => $query, 'languageCode' => $language\]\],
125
'queryParams' => \['timeZone' => ''\]\]
126
\]);
127
128
$contents = $response->getBody()->getContents();
129
echo $contents;exit;
130
131
}catch(Exception $e) {
132
echo json\_encode(array('error'=>$e->getMessage()));exit;
133
}
134
135
}else{
136
echo json\_encode(array('error'=>'API client not found'));exit;
137
}
138
die();
131
139
}
132
die();
133
140
}
chatbot/trunk/readme.txt
r2967435
r2977505
5
5
Requires at least: 4.6
6
6
Tested up to: 6.3
7
Stable tag: 4.8.9
7
Stable tag: 4.9.1
8
8
Requires PHP: 5.6
9
9
License: GPLv2 or later
…
…
399
399
\== Changelog ==
400
400
401
\= 4.9.1 =
402
\# Improved security
403
\# Removed unnecessary functions
404
405
401
406
\= 4.8.9 =
402
407
\# Minor UI Update
chatbot/trunk/templates/app-templates/app-checkout.php
r2967435
r2977505
13
13
?>
14
14
<script>
15
jQuery(function ($) {
16
var ajaxurl = '<?php echo admin\_url('admin-ajax.php'); ?>';
17
$("#wp-chatbot-app-checkout-container").parents("body").addClass("wpchatbot-app-checkout");
18
$(document).on('click', '.wpcommerce-form-login input\[type="submit"\]', function (event) {
19
event.preventDefault();
20
var validatorDom=$('.wpcommerce-form-login>p').first();
21
var validate="";
22
var NonceName=$('#\_wpnonce').attr('name');
23
var NonceVal=$('#\_wpnonce').val();
24
var userName=$('#username').val();
25
var password=$('#password').val();
26
if(userName=="" || password=="" ){
27
validate+='<p style="color:red"> User name & Password are required. </p>';
28
}
29
if(validate==""){
30
var data = {'action': 'qcld\_wb\_chatbot\_checkout\_user\_login','user\_name': userName,'user\_pass': password,'nonce\_name': NonceName,'nonce\_val':NonceVal};
31
jQuery.post(ajaxurl, data, function (response) {
32
if(response=='yes'){
33
window.location.reload(true);
34
}else{
35
validatorDom.html('<p style="color:red"> User name Or Password or both are incorrect. </p>');
36
setTimeout(function () {
37
validatorDom.html('');
38
},5000);
39
}
40
});
41
}else{
42
validatorDom.html(validate);
43
setTimeout(function () {
44
validatorDom.html('');
45
},5000);
46
}
47
});
48
});
15
// jQuery(function ($) {
16
// var ajaxurl = '<?php // echo admin\_url('admin-ajax.php'); ?>';
17
// var nonce = '<?php // wp\_create\_nonce('login\_nonce'); ?>';
18
// $("#wp-chatbot-app-checkout-container").parents("body").addClass("wpchatbot-app-checkout");
19
// $(document).on('click', '.wpcommerce-form-login input\[type="submit"\]', function (event) {
20
// event.preventDefault();
21
// var validatorDom=$('.wpcommerce-form-login>p').first();
22
// var validate="";
23
// var NonceName=$('#\_wpnonce').attr('name');
24
// var NonceVal=$('#\_wpnonce').val();
25
// var userName=$('#username').val();
26
// var password=$('#password').val();
27
// if(userName=="" || password=="" ){
28
// validate+='<p style="color:red"> User name & Password are required. </p>';
29
// }
30
// if(validate==""){
31
// var data = {'action': 'qcld\_wb\_chatbot\_checkout\_user\_login','user\_name': userName,'user\_pass': password,'nonce\_name': NonceName,'nonce\_val':NonceVal};
32
// jQuery.post(ajaxurl, data, function (response) {
33
// if(response=='yes'){
34
// window.location.reload(true);
35
// }else{
36
// validatorDom.html('<p style="color:red"> User name Or Password or both are incorrect. </p>');
37
// setTimeout(function () {
38
// validatorDom.html('');
39
// },5000);
40
// }
41
// });
42
// }else{
43
// validatorDom.html(validate);
44
// setTimeout(function () {
45
// validatorDom.html('');
46
// },5000);
47
// }
48
// });
49
// });
49
50
</script>
Note: See TracChangeset for help on using the changeset viewer.
Related news
WordPress AI ChatBot 4.8.9 SQL Injection / Traversal / File Deletion
WordPress AI ChatBot plugin versions 4.8.9 and below suffer from arbitrary file deletion, remote SQL injection, and directory traversal vulnerabilities.