Changeset 3384159

Timestamp:

10/24/2025 04:34:01 PM (5 months ago)

Author:

estebandezafra

Message:

update ver 1.2.1

Location:

axiachat-ai/trunk

Files:

• assets/css/aichat-frontend.css (modified) (1 diff)
• axiachat-ai.php (modified) (5 diffs)
• includes/class-aichat-ajax.php (modified) (6 diffs)
• includes/contexto-functions.php (modified) (1 diff)
• readme.txt (modified) (2 diffs)

axiachat-ai/trunk/assets/css/aichat-frontend.css

@@ -395 +395 @@
 
 .aichat-gdpr-overlay{ position:absolute; inset:0; background:rgba(0,0,0,.6); display:flex; align-items:center; justify-content:center; z-index:20; font-family:inherit; padding:1rem; } .aichat-gdpr-box{ background:#fff; color:#222; border-radius:8px; padding:1rem 1.25rem; max-width:320px; width:100%; box-shadow:0 4px 16px rgba(0,0,0,.25); font-size:14px; line-height:1.4; } .aichat-gdpr-box .aichat-gdpr-text{margin-bottom:.75rem;} .aichat-gdpr-box .aichat-gdpr-accept{ background:#0073aa; color:#fff; border:0; padding:.5rem .9rem; border-radius:4px; cursor:pointer; font-size:14px; } .aichat-gdpr-box .aichat-gdpr-accept:hover{background:#005f8a;}
+
+/* Enlace compacto estilizado para Google Calendar (prettified server-side) */
+.aichat-gcal-link {
+  display: inline-flex;
+  align-items: center;
+  gap: 6px;
+  padding: 6px 10px;
+  border-radius: 6px;
+  background: #e8f0fe;       /* azul muy claro */
+  color: #1a73e8;            /* azul Google-like */
+  text-decoration: none;
+  font-weight: 600;
+}
+.aichat-gcal-link:hover {
+  filter: brightness(.97);
+  text-decoration: underline;
+}

axiachat-ai/trunk/axiachat-ai.php

@@ -4 +4 @@
  * Plugin URI:        https://wpbotwriter.com/axiachat-ai
  * Description:       A customizable AI chatbot for WordPress with contextual embeddings, multi‑provider support and upcoming action rules.
- * Version:           1.2.0
+ * Version:           1.2.1
  * Requires at least: 5.0
  * Requires PHP:      7.4
@@ -20 +20 @@
 
 // Definir constantes del plugin
-define( 'AICHAT_VERSION', '1.2.0' );
+define( 'AICHAT_VERSION', '1.2.1' );
 define( 'AICHAT_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
 define( 'AICHAT_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
-define('AICHAT_DEBUG', true);
+define('AICHAT_DEBUG', false);
 define('AICHAT_DEBUG_SYS_MAXLEN', 0); // sin truncado
 
@@ -920 +920 @@
 }
 
+if ( ! function_exists('aichat_normalize_origin') ) {
+  /**
+   * Normaliza un valor origin o URL a la forma scheme://host[:port]
+   */
+  function aichat_normalize_origin( $origin ) {
+    if ( ! $origin ) { return ''; }
+    $parts = wp_parse_url( $origin );
+    if ( ! $parts || empty( $parts['scheme'] ) || empty( $parts['host'] ) ) { return ''; }
+    $scheme = strtolower( $parts['scheme'] );
+    $host   = strtolower( $parts['host'] );
+    $port   = isset( $parts['port'] ) ? ':' . $parts['port'] : '';
+    return $scheme . '://' . $host . $port;
+  }
+}
+
+if ( ! function_exists('aichat_collect_embed_allowed_origins') ) {
+  /**
+   * Devuelve lista de origins permitidos (normalizados) combinando defaults + opción almacenada
+   */
+  function aichat_collect_embed_allowed_origins() {
+    $defaults = [];
+    $candidates = [ get_home_url(), get_site_url() ];
+    if ( is_multisite() ) {
+      $candidates[] = network_home_url();
+      $candidates[] = network_site_url();
+    }
+    foreach ( $candidates as $candidate ) {
+      $norm = aichat_normalize_origin( $candidate );
+      if ( $norm !== '' ) { $defaults[] = $norm; }
+    }
+
+    $raw_opt = get_option( 'aichat_embed_allowed_origins', '' );
+    if ( is_string( $raw_opt ) ) {
+      $allowed_custom = preg_split( '/\r\n|\r|\n/', $raw_opt );
+    } else {
+      $allowed_custom = (array) $raw_opt;
+    }
+    $normalized_custom = [];
+    foreach ( $allowed_custom as $entry ) {
+      $entry = trim( (string) $entry );
+      if ( $entry === '' ) { continue; }
+      $norm = aichat_normalize_origin( $entry );
+      if ( $norm !== '' ) { $normalized_custom[] = $norm; }
+    }
+
+    $merged = array_unique( array_merge( $defaults, $normalized_custom ) );
+    return apply_filters( 'aichat_embed_allowed_origins', $merged, $defaults, $normalized_custom );
+  }
+}
+
 // ========== EMBED (Script) Nonce endpoint & origin allowlist ==========
 // Simple JSON endpoint: /?aichat_embed_nonce=1  --> { nonce:"..." }
@@ -928 +978 @@
   header('Content-Type: application/json; charset=utf-8');
   $origin = isset($_SERVER['HTTP_ORIGIN']) ? sanitize_text_field( wp_unslash( $_SERVER['HTTP_ORIGIN'] ) ) : '';
-  $raw_opt = get_option('aichat_embed_allowed_origins', '');
-  if (is_string($raw_opt)) { $allowed = preg_split('/\r\n|\r|\n/', $raw_opt); } else { $allowed = (array)$raw_opt; }
-  $allowed_norm = [];
-  foreach($allowed as $o){ $o = trim($o); if ($o==='') continue; $allowed_norm[] = rtrim($o,'/'); }
-  $ok = true;
-  if ($origin) { $norm_origin = rtrim($origin,'/'); if (!in_array($norm_origin,$allowed_norm,true)) { $ok = false; } }
-  if (! $ok) { echo wp_json_encode(['error'=>'origin_not_allowed']); exit; }
-  if ($origin) { header('Access-Control-Allow-Origin: '.$origin); header('Vary: Origin'); }
+  $allowed_norm = aichat_collect_embed_allowed_origins();
+  $norm_origin = $origin ? aichat_normalize_origin( $origin ) : '';
+  if ( $origin && ( $norm_origin === '' || ! in_array( $norm_origin, $allowed_norm, true ) ) ) {
+    echo wp_json_encode(['error'=>'origin_not_allowed']);
+    exit;
+  }
+  if ( $origin ) {
+    header('Access-Control-Allow-Origin: '.$origin);
+    header('Vary: Origin');
+  }
 
   $nonce = wp_create_nonce('aichat_ajax');
@@ -1002 +1054 @@
   }
 
-  // Compare against site home to allow first-party even if not listed (avoid breaking admin pages served from same domain).
-  $site_base = rtrim( get_home_url(), '/' );
-  $norm_origin = rtrim( $origin, '/' );
-  if ( strtolower($norm_origin) === strtolower($site_base) ) {
-    // First-party; no need to consult embed allowlist.
-    return;
-  }
-
-  // Cross-origin: enforce allowlist
-  $raw_opt = get_option('aichat_embed_allowed_origins', '');
-  if ( is_string($raw_opt) ) {
-    $allowed = preg_split('/\r\n|\r|\n/', $raw_opt);
-  } else { $allowed = (array) $raw_opt; }
-  $allowed_norm = [];
-  foreach ( $allowed as $o ) {
-    $o = trim($o);
-    if ($o === '') continue;
-    $allowed_norm[] = rtrim($o,'/');
-  }
+  $norm_origin = aichat_normalize_origin( $origin );
+  if ( $norm_origin === '' ) {
+    wp_send_json_error( [ 'message' => 'Invalid origin header' ], 400 );
+  }
+
+  // Enforce allowlist (incluye defaults por dominio actual)
+  $allowed_norm = aichat_collect_embed_allowed_origins();
   if ( ! in_array( $norm_origin, $allowed_norm, true ) ) {
     wp_send_json_error( [ 'message' => 'Embedding origin not allowed' ], 403 );

axiachat-ai/trunk/includes/class-aichat-ajax.php

@@ -251 +251 @@
             if ( ! empty( $intercept['abort'] ) ) {
                 $answer = isset($intercept['immediate_response']) ? (string)$intercept['immediate_response'] : __( 'No response available.', 'axiachat-ai' );
-                $answer = $this->sanitize_answer_html( aichat_replace_link_placeholder( $answer ) );
+                // Reemplazo [LINK] y embellecer enlaces conocidos antes de sanear
+                $answer = aichat_replace_link_placeholder( $answer );
+                if ( function_exists('aichat_pretty_known_links') ) { $answer = aichat_pretty_known_links( $answer ); }
+                $answer = $this->sanitize_answer_html( $answer );
                 if ( get_option( 'aichat_logging_enabled', 1 ) ) {
                     $this->maybe_log_conversation( get_current_user_id(), $session, $bot['slug'], $page_id, $message, $answer, $model, $provider, null, null, null, null );
@@ -340 +343 @@
                 }
                 // Sanitizar y log opcional
-                $answer = $this->sanitize_answer_html( aichat_replace_link_placeholder( $answer ) );
+                $answer = aichat_replace_link_placeholder( $answer );
+                if ( function_exists('aichat_pretty_known_links') ) { $answer = aichat_pretty_known_links( $answer ); }
+                $answer = $this->sanitize_answer_html( $answer );
                 if ( get_option( 'aichat_logging_enabled', 1 ) ) {
                     $this->maybe_log_conversation( get_current_user_id(), $session, $bot_slug, $page_id, $message, $answer, $model, $provider, null, null, null, null );
@@ -636 +641 @@
             }
 
-            // 6) Reemplazo [LINK]
+            // 6) Reemplazo [LINK] y embellecer enlaces conocidos
             $answer = aichat_replace_link_placeholder( $answer );
+            if ( function_exists('aichat_pretty_known_links') ) {
+                $answer = aichat_pretty_known_links( $answer );
+            }
 
             // 6.1) Sanitizar HTML permitido (permitimos <a>, <strong>, <em>, listas, etc.)
@@ -974 +982 @@
             }
             $final_text = aichat_replace_link_placeholder( $final_text );
+            if ( function_exists('aichat_pretty_known_links') ) { $final_text = aichat_pretty_known_links( $final_text ); }
             $final_text = $this->sanitize_answer_html( $final_text );
 
@@ -1385 +1394 @@
             if ($answer === '') return new WP_Error('aichat_empty_answer','Empty answer');
             $answer = aichat_replace_link_placeholder( $answer );
+            // Convert known plain URLs (e.g., Google Calendar) into compact, safe anchors
+            if ( function_exists('aichat_pretty_known_links') ) {
+                $answer = aichat_pretty_known_links( $answer );
+            }
             $answer = $this->sanitize_answer_html( $answer );
 
@@ -1567 +1580 @@
         protected function sanitize_answer_html( $html ) {
             $allowed = [
-                'a'      => [ 'href' => true, 'target' => true, 'rel' => true, 'title' => true ],
+                'a'      => [ 'href' => true, 'target' => true, 'rel' => true, 'title' => true, 'class' => true ],
                 'strong' => [], 'em' => [], 'b' => [], 'i' => [],
                 'br'     => [], 'p' => [], 'ul' => [], 'ol' => [], 'li' => [],

axiachat-ai/trunk/includes/contexto-functions.php

@@ -814 +814 @@
     return $out;
 }
+
+/**
+ * Reemplaza URLs conocidas en texto plano por enlaces compactos y seguros.
+ * Por ahora: Google Calendar "render?action=TEMPLATE".
+ *
+ * - Solo actúa sobre texto plano; si detecta etiquetas <a>, no modifica para evitar anidar anchors.
+ * - Allowlist estricto por dominio y ruta.
+ * - Devuelve el mismo texto si no hay coincidencias.
+ */
+function aichat_pretty_known_links( $text ){
+    $s = (string)$text;
+    if ($s === '') return $s;
+    // Si ya hay anchors, ser conservadores y no modificar
+    if (stripos($s, '<a') !== false) return $s;
+
+    // Buscar URLs de Google Calendar render
+    $label = function_exists('apply_filters') ? apply_filters('aichat_gcal_link_label', __('Google Calendar','axiachat-ai')) : __('Google Calendar','axiachat-ai');
+    $pattern = '/\bhttps:\/\/calendar\.google\.com\/calendar\/render\?[^\s<]+/i';
+    $s = preg_replace_callback($pattern, function($m) use ($label){
+        $url = $m[0];
+        // Validación adicional: requerir action=TEMPLATE en query
+        if (stripos($url, 'action=TEMPLATE') === false) { return $url; }
+        // Componer anchor con target seguro
+        $href = esc_url($url);
+        $title = esc_attr__('Add to Google Calendar','axiachat-ai');
+        return '<a class="aichat-gcal-link" href="'.$href.'" target="_blank" rel="noopener nofollow" title="'.$title.'">'.esc_html($label).'</a>';
+    }, $s);
+
+    return $s;
+}

axiachat-ai/trunk/readme.txt

@@ -1 @@
-=== AxiaChat AI ===
+=== AxiaChat AI – Free AI Chatbot for WordPress (Answers Customers Automatically) ===
 Contributors: estebandezafra
 Tags: chatbot, ai, openai, chat, assistant
@@ -5 +5 @@
 Tested up to: 6.8
 Requires PHP: 7.4
-Stable tag: 1.2.0
+Stable tag: 1.2.1
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html