Compare commits
No commits in common. "c95bdf0ae579fa50f9414ffe37eb9a8279794f58" and "9270e457c6bdb6dcd91cc816bc871e56775c9ef8" have entirely different histories.
c95bdf0ae5
...
9270e457c6
@ -2,10 +2,9 @@
|
||||
/**
|
||||
* Plugin Name: antisocial-safety
|
||||
* Description: Secures attachment uploads and comments with the OpenAI moderation endpoint
|
||||
* Version: 1.7
|
||||
* Version: 1.6
|
||||
*/
|
||||
|
||||
|
||||
// Prevent direct access to the file
|
||||
if (!defined('ABSPATH')) {
|
||||
exit;
|
||||
@ -55,14 +54,9 @@ function oai_moderate_attachment($post_ID) {
|
||||
if ($result['flagged']) {
|
||||
// Mark as flagged
|
||||
update_post_meta($post_ID, '_oai_moderation_flagged', true);
|
||||
|
||||
// Delete the flagged attachment
|
||||
wp_delete_attachment($post_ID, true);
|
||||
|
||||
// Set a transient to show an admin notice
|
||||
set_transient('oai_flagged_upload_notice', __('An uploaded image was flagged by OpenAI Moderation and has been removed.', 'antisocial-safety'), 10);
|
||||
|
||||
// Optionally, you can log this event or take other actions
|
||||
} else {
|
||||
// Remove any previous flag
|
||||
delete_post_meta($post_ID, '_oai_moderation_flagged');
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -99,7 +93,7 @@ function oai_moderate_image($image_url) {
|
||||
|
||||
if (is_wp_error($response)) {
|
||||
// For graceful failure, return an empty array
|
||||
return array('error' => $response->get_error_message());
|
||||
return array();
|
||||
}
|
||||
|
||||
$body = wp_remote_retrieve_body($response);
|
||||
@ -113,14 +107,22 @@ function oai_moderate_image($image_url) {
|
||||
}
|
||||
}
|
||||
|
||||
// Display admin notice if an upload was flagged and removed
|
||||
add_action('admin_notices', 'oai_flagged_upload_admin_notice');
|
||||
// Hook into 'template_redirect' to block access to flagged attachments
|
||||
add_action('template_redirect', 'oai_block_flagged_attachments');
|
||||
|
||||
function oai_flagged_upload_admin_notice() {
|
||||
if ($message = get_transient('oai_flagged_upload_notice')) {
|
||||
echo '<div class="notice notice-warning is-dismissible">
|
||||
<p>' . esc_html($message) . '</p>
|
||||
</div>';
|
||||
function oai_block_flagged_attachments() {
|
||||
if (is_attachment()) {
|
||||
global $post;
|
||||
if ($post) {
|
||||
$flagged = get_post_meta($post->ID, '_oai_moderation_flagged', true);
|
||||
if ($flagged) {
|
||||
// Send 403 Forbidden header and exit
|
||||
status_header(403);
|
||||
nocache_headers();
|
||||
// Optionally, display a message
|
||||
wp_die(__('You are not allowed to access this content.', 'oai'), __('Forbidden', 'oai'), array('response' => 403));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -229,7 +231,7 @@ function oai_moderate_text($text) {
|
||||
|
||||
if (is_wp_error($response)) {
|
||||
// For graceful failure, return an empty array
|
||||
return array('error' => $response->get_error_message());
|
||||
return array();
|
||||
}
|
||||
|
||||
$body = wp_remote_retrieve_body($response);
|
||||
@ -243,47 +245,6 @@ function oai_moderate_text($text) {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Anonymizer Functionality
|
||||
*/
|
||||
|
||||
// Hook into 'wp_handle_upload_prefilter' to anonymize filenames if enabled
|
||||
add_filter('wp_handle_upload_prefilter', 'oai_anonymize_filename');
|
||||
|
||||
function oai_anonymize_filename($file) {
|
||||
// Check if anonymizer is enabled
|
||||
$anonymizer_enabled = get_option('oai_enable_anonymizer', false);
|
||||
if (!$anonymizer_enabled) {
|
||||
return $file;
|
||||
}
|
||||
|
||||
// Get the file extension
|
||||
$file_info = pathinfo($file['name']);
|
||||
$extension = isset($file_info['extension']) ? '.' . strtolower($file_info['extension']) : '';
|
||||
|
||||
// Generate a unique 10-digit filename
|
||||
$new_filename = oai_generate_unique_filename($extension);
|
||||
|
||||
// Replace the original filename with the new anonymized filename
|
||||
$file['name'] = $new_filename;
|
||||
|
||||
return $file;
|
||||
}
|
||||
|
||||
function oai_generate_unique_filename($extension) {
|
||||
$upload_dir = wp_upload_dir();
|
||||
$base_dir = trailingslashit($upload_dir['basedir']);
|
||||
|
||||
do {
|
||||
// Generate a random number between 0000000000 and 9999999999
|
||||
$random_number = str_pad(mt_rand(0, 9999999999), 10, '0', STR_PAD_LEFT);
|
||||
$new_filename = $random_number . $extension;
|
||||
$file_path = $base_dir . $new_filename;
|
||||
} while (file_exists($file_path));
|
||||
|
||||
return $new_filename;
|
||||
}
|
||||
|
||||
/**
|
||||
* Admin Columns for Media and Comments
|
||||
*/
|
||||
@ -291,19 +252,18 @@ function oai_generate_unique_filename($extension) {
|
||||
// Add a custom column to the media library
|
||||
add_filter('manage_media_columns', 'oai_add_media_column');
|
||||
function oai_add_media_column($columns) {
|
||||
$columns['oai_moderation'] = __('Moderation', 'antisocial-safety');
|
||||
$columns['oai_moderation'] = __('Moderation', 'oai');
|
||||
return $columns;
|
||||
}
|
||||
|
||||
add_action('manage_media_custom_column', 'oai_media_column_content', 10, 2);
|
||||
function oai_media_column_content($column_name, $post_ID) {
|
||||
if ($column_name == 'oai_moderation') {
|
||||
$moderation_result = get_post_meta($post_ID, '_oai_moderation_result', true);
|
||||
$flagged = get_post_meta($post_ID, '_oai_moderation_flagged', true);
|
||||
if ($flagged) {
|
||||
echo '<span style="color:red;">' . __('Flagged', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:red;">' . __('Flagged', 'oai') . '</span>';
|
||||
} else {
|
||||
echo '<span style="color:green;">' . __('OK', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:green;">' . __('OK', 'oai') . '</span>';
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -311,7 +271,7 @@ function oai_media_column_content($column_name, $post_ID) {
|
||||
// Add a custom column to the comments list
|
||||
add_filter('manage_edit-comments_columns', 'oai_add_comments_column');
|
||||
function oai_add_comments_column($columns) {
|
||||
$columns['oai_moderation'] = __('Moderation', 'antisocial-safety');
|
||||
$columns['oai_moderation'] = __('Moderation', 'oai');
|
||||
return $columns;
|
||||
}
|
||||
|
||||
@ -320,11 +280,11 @@ function oai_comments_column_content($column_name, $comment_ID) {
|
||||
if ($column_name == 'oai_moderation') {
|
||||
$flagged = get_comment_meta($comment_ID, '_oai_moderation_flagged', true);
|
||||
if ($flagged === 'pending') {
|
||||
echo '<span style="color:orange;">' . __('Pending Approval', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:orange;">' . __('Pending Approval', 'oai') . '</span>';
|
||||
} elseif ($flagged === 'flagged') {
|
||||
echo '<span style="color:red;">' . __('Flagged', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:red;">' . __('Flagged', 'oai') . '</span>';
|
||||
} else {
|
||||
echo '<span style="color:green;">' . __('OK', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:green;">' . __('OK', 'oai') . '</span>';
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -347,22 +307,22 @@ function oai_attachment_fields($form_fields, $post) {
|
||||
|
||||
if ($flagged) {
|
||||
$form_fields['oai_moderation'] = array(
|
||||
'label' => __('OpenAI Moderation', 'antisocial-safety'),
|
||||
'label' => __('OpenAI Moderation', 'oai'),
|
||||
'input' => 'html',
|
||||
'html' => '<span style="color:red;">' . __('This attachment was flagged by OpenAI Moderation and has been removed.', 'antisocial-safety') . '</span>',
|
||||
'helps' => __('Flagged content is blocked from being served to users.', 'antisocial-safety'),
|
||||
'html' => '<span style="color:red;">' . __('This attachment has been flagged by OpenAI Moderation.', 'oai') . '</span>',
|
||||
'helps' => __('Flagged content is blocked from being served to users.', 'oai'),
|
||||
);
|
||||
} else {
|
||||
$form_fields['oai_moderation'] = array(
|
||||
'label' => __('OpenAI Moderation', 'antisocial-safety'),
|
||||
'label' => __('OpenAI Moderation', 'oai'),
|
||||
'input' => 'html',
|
||||
'html' => '<span style="color:green;">' . __('This attachment passed OpenAI Moderation.', 'antisocial-safety') . '</span>',
|
||||
'html' => '<span style="color:green;">' . __('This attachment passed OpenAI Moderation.', 'oai') . '</span>',
|
||||
);
|
||||
}
|
||||
|
||||
if ($moderation_result) {
|
||||
$form_fields['oai_moderation_result'] = array(
|
||||
'label' => __('Moderation Details', 'antisocial-safety'),
|
||||
'label' => __('Moderation Details', 'oai'),
|
||||
'input' => 'html',
|
||||
'html' => '<pre>' . esc_html(print_r($moderation_result, true)) . '</pre>',
|
||||
);
|
||||
@ -376,7 +336,7 @@ add_action('add_meta_boxes_comment', 'oai_add_comment_meta_box');
|
||||
function oai_add_comment_meta_box() {
|
||||
add_meta_box(
|
||||
'oai_comment_moderation',
|
||||
__('OpenAI Moderation Details', 'antisocial-safety'),
|
||||
__('OpenAI Moderation Details', 'oai'),
|
||||
'oai_comment_moderation_meta_box',
|
||||
'comment',
|
||||
'normal',
|
||||
@ -395,20 +355,20 @@ function oai_comment_moderation_meta_box($comment) {
|
||||
$flagged = get_comment_meta($comment->comment_ID, '_oai_moderation_flagged', true);
|
||||
|
||||
if ($flagged) {
|
||||
echo '<p><strong>' . __('Status:', 'antisocial-safety') . '</strong> ';
|
||||
echo '<p><strong>' . __('Status:', 'oai') . '</strong> ';
|
||||
if ($flagged === 'pending') {
|
||||
echo '<span style="color:orange;">' . __('Pending Approval', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:orange;">' . __('Pending Approval', 'oai') . '</span>';
|
||||
} elseif ($flagged === 'flagged') {
|
||||
echo '<span style="color:red;">' . __('Flagged', 'antisocial-safety') . '</span>';
|
||||
echo '<span style="color:red;">' . __('Flagged', 'oai') . '</span>';
|
||||
}
|
||||
echo '</p>';
|
||||
|
||||
if ($moderation_result) {
|
||||
echo '<h4>' . __('Moderation Details', 'antisocial-safety') . '</h4>';
|
||||
echo '<h4>' . __('Moderation Details', 'oai') . '</h4>';
|
||||
echo '<pre>' . esc_html(print_r($moderation_result, true)) . '</pre>';
|
||||
}
|
||||
} else {
|
||||
echo '<p><span style="color:green;">' . __('This comment passed OpenAI Moderation.', 'antisocial-safety') . '</span></p>';
|
||||
echo '<p><span style="color:green;">' . __('This comment passed OpenAI Moderation.', 'oai') . '</span></p>';
|
||||
}
|
||||
}
|
||||
|
||||
@ -421,8 +381,8 @@ add_action('admin_menu', 'oai_add_admin_menu');
|
||||
|
||||
function oai_add_admin_menu() {
|
||||
add_options_page(
|
||||
__('OpenAI Moderation', 'antisocial-safety'),
|
||||
__('OpenAI Moderation', 'antisocial-safety'),
|
||||
__('OpenAI Moderation', 'oai'),
|
||||
__('OpenAI Moderation', 'oai'),
|
||||
'manage_options',
|
||||
'openai-moderation',
|
||||
'oai_options_page'
|
||||
@ -432,7 +392,7 @@ function oai_add_admin_menu() {
|
||||
function oai_options_page() {
|
||||
?>
|
||||
<div class="wrap">
|
||||
<h1><?php esc_html_e('OpenAI Moderation Settings', 'antisocial-safety'); ?></h1>
|
||||
<h1><?php esc_html_e('OpenAI Moderation Settings', 'oai'); ?></h1>
|
||||
<form method="post" action="options.php">
|
||||
<?php
|
||||
settings_fields('oai_options_group');
|
||||
@ -449,34 +409,25 @@ add_action('admin_init', 'oai_settings_init');
|
||||
|
||||
function oai_settings_init() {
|
||||
register_setting('oai_options_group', 'oai_api_key');
|
||||
register_setting('oai_options_group', 'oai_enable_anonymizer');
|
||||
|
||||
add_settings_section(
|
||||
'oai_settings_section',
|
||||
__('OpenAI API Settings', 'antisocial-safety'),
|
||||
__('OpenAI API Settings', 'oai'),
|
||||
'oai_settings_section_callback',
|
||||
'openai-moderation'
|
||||
);
|
||||
|
||||
add_settings_field(
|
||||
'oai_api_key_field',
|
||||
__('OpenAI API Key', 'antisocial-safety'),
|
||||
__('OpenAI API Key', 'oai'),
|
||||
'oai_api_key_render',
|
||||
'openai-moderation',
|
||||
'oai_settings_section'
|
||||
);
|
||||
|
||||
add_settings_field(
|
||||
'oai_enable_anonymizer_field',
|
||||
__('Enable Filename Anonymizer', 'antisocial-safety'),
|
||||
'oai_enable_anonymizer_render',
|
||||
'openai-moderation',
|
||||
'oai_settings_section'
|
||||
);
|
||||
}
|
||||
|
||||
function oai_settings_section_callback() {
|
||||
echo '<p>' . esc_html__('Enter your OpenAI API key to enable moderation. You can also toggle the filename anonymizer below.', 'antisocial-safety') . '</p>';
|
||||
echo '<p>' . esc_html__('Enter your OpenAI API key to enable moderation.', 'oai') . '</p>';
|
||||
}
|
||||
|
||||
function oai_api_key_render() {
|
||||
@ -486,14 +437,6 @@ function oai_api_key_render() {
|
||||
<?php
|
||||
}
|
||||
|
||||
function oai_enable_anonymizer_render() {
|
||||
$enabled = get_option('oai_enable_anonymizer', false);
|
||||
?>
|
||||
<input type="checkbox" name="oai_enable_anonymizer" value="1" <?php checked(1, $enabled, true); ?> />
|
||||
<label for="oai_enable_anonymizer"><?php esc_html_e('Rename uploaded files to unique 10-digit random numbers.', 'antisocial-safety'); ?></label>
|
||||
<?php
|
||||
}
|
||||
|
||||
// Display admin notice if API key is not set
|
||||
add_action('admin_notices', 'oai_admin_notices');
|
||||
|
||||
@ -511,7 +454,7 @@ function oai_admin_notices() {
|
||||
$api_key = get_option('oai_api_key');
|
||||
if (!$api_key) {
|
||||
echo '<div class="notice notice-warning is-dismissible">
|
||||
<p>' . __('OpenAI API key is not set. Moderation features are disabled until you enter a valid API key.', 'antisocial-safety') . '</p>
|
||||
<p>' . __('OpenAI API key is not set. Moderation features are disabled until you enter a valid API key.', 'oai') . '</p>
|
||||
</div>';
|
||||
}
|
||||
}
|
||||
}
|
@ -8,7 +8,7 @@ it keeps your site clean by blocking offensive or illegal images and comments be
|
||||
|
||||
## features
|
||||
|
||||
- **attachment moderation**: images are checked during upload. flagged images are blocked. optionally, anonymize file names.
|
||||
- **attachment moderation**: images are checked during upload. flagged images are blocked from being accessed.
|
||||
- **comment moderation**: comments are reviewed before they're saved. flagged comments are set to unapproved.
|
||||
- **admin integration**: see moderation status directly in your media library and comments list. detailed info available in edit screens.
|
||||
- **easy setup**: just add your openai api key in the settings.
|
||||
@ -24,7 +24,7 @@ it keeps your site clean by blocking offensive or illegal images and comments be
|
||||
### attachment moderation
|
||||
|
||||
- when an image is uploaded, the plugin sends it to openai's moderation api using the `omni-moderation-latest` model.
|
||||
- if the image is flagged in any of the abuse categories, the attachment does not get created.
|
||||
- if the image is flagged, the plugin blocks access to it by sending a 403 forbidden response when someone tries to view it.
|
||||
|
||||
### comment moderation
|
||||
|
||||
@ -34,6 +34,7 @@ it keeps your site clean by blocking offensive or illegal images and comments be
|
||||
### backend functionality
|
||||
|
||||
- hooks into `add_attachment` to moderate images upon upload.
|
||||
- uses `template_redirect` to block access to flagged attachments.
|
||||
- hooks into `preprocess_comment` and `pre_comment_approved` to moderate comments before saving.
|
||||
- stores moderation results in post and comment meta.
|
||||
- adds custom columns in admin screens to display moderation status.
|
||||
|
Loading…
Reference in New Issue
Block a user