Title: webbernaut's Replies | WordPress.org --- # webbernaut [ ](https://wordpress.org/support/users/webbernaut/) * [Profile](https://wordpress.org/support/users/webbernaut/) * [Topics Started](https://wordpress.org/support/users/webbernaut/topics/) * [Replies Created](https://wordpress.org/support/users/webbernaut/replies/) * [Reviews Written](https://wordpress.org/support/users/webbernaut/reviews/) * [Topics Replied To](https://wordpress.org/support/users/webbernaut/replied-to/) * [Engagements](https://wordpress.org/support/users/webbernaut/engagements/) * [Favorites](https://wordpress.org/support/users/webbernaut/favorites/) Search replies: ## Forum Replies Created Viewing 15 replies - 1 through 15 (of 46 total) 1 [2](https://wordpress.org/support/users/webbernaut/replies/page/2/?output_format=md) [3](https://wordpress.org/support/users/webbernaut/replies/page/3/?output_format=md) [4](https://wordpress.org/support/users/webbernaut/replies/page/4/?output_format=md) [→](https://wordpress.org/support/users/webbernaut/replies/page/2/?output_format=md) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Paid Memberships Pro - Content Restriction, User Registration, & Paid Subscriptions] Stripe Card Failed but customer gets created (Spammer)](https://wordpress.org/support/topic/stripe-card-failed-but-customer-gets-created-spammer/) * Thread Starter [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [2 years, 7 months ago](https://wordpress.org/support/topic/stripe-card-failed-but-customer-gets-created-spammer/#post-17139489) * I will try disconnecting and reconnecting for new API Creds. But I want to make sure I am clear on your response. * > By default, PMPro will create a user *before* they are redirected to Stripe > to make payment. * PMPro by default creates a WordPress user before the plugin sends a create Stripe user request, correct? * > If you are getting unexpected requests to your Stripe API without having users > created, bots might be pinging the API directly. * Meaning if no WordPress user is being created but a Stripe new customer is created they are hitting/spamming the Stripe API directly? Wouldn’t there need to be some callback through WordPress to confirm that, like a nounce, this seems like a CSRF issue… * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Add phone number encryption](https://wordpress.org/support/topic/add-phone-number-encryption/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [2 years, 11 months ago](https://wordpress.org/support/topic/add-phone-number-encryption/#post-16907295) * Great suggestion. I have some code base for this already I am using else where which I can hopefully incorporate into this plugin some time in the future. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Multisite doesn’t work](https://wordpress.org/support/topic/multisite-doesnt-work-5/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years ago](https://wordpress.org/support/topic/multisite-doesnt-work-5/#post-16819767) * Just pushed an update v 1.9.4. This should resolve your issue of not being able to add an email on the multisites. If you have any other multisite issues let me know. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Multisite doesn’t work](https://wordpress.org/support/topic/multisite-doesnt-work-5/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years ago](https://wordpress.org/support/topic/multisite-doesnt-work-5/#post-16813950) * Thank you for bringing this to my attention. I haven’t actually testing this on a Multisite environment. After spinning one up. Looks like the global variable of $pagenow is not accessible in a Multisite instance. * I am using this variable to check if the user is on the settings page to load the admin script that handles the add email buttons. (to avoid loading it on all pages unnecessarily) * I will rework the settings page check to not depend on $pagenow. Give me a couple days to push out an update that should work for you. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Suggestion for new implementation](https://wordpress.org/support/topic/suggestion-for-new-implementation/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 1 month ago](https://wordpress.org/support/topic/suggestion-for-new-implementation/#post-16686844) * Marking resolved as this is a feature request. Hopefully my solution worked for you. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Hide Cloak menu for Subscibers](https://wordpress.org/support/topic/hide-cloak-menu-for-subscibers/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 1 month ago](https://wordpress.org/support/topic/hide-cloak-menu-for-subscibers/#post-16686812) * New version has been released and includes Admin access only. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Doesn’t work with 6.2](https://wordpress.org/support/topic/doesnt-work-with-6-2/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 1 month ago](https://wordpress.org/support/topic/doesnt-work-with-6-2/#post-16686805) * Sorry for the delay in response, WordPress isn’t sending me notifications I happened to just check the plugin stats and saw your message. * Your trouble shooting has pointed me in the right direction. Thanks for that. The $wpdb->prepare was behaving different than expected. * And your solution did fix the problem, but it was putting the variables/emails inside the raw SQL statement instead of retaining the placeholder that prepare is intended. So my modified version is slightly different keeping the placeholder being passed to prepare statement. * Iv’e just pushed an update version 1.9.3, you should find this working for you. * And if you are curious the slight changes I made it’s basically these three lines( similar to your approach but retaining the placeholder array): * ```wp-block-code $placeholders = array_fill( 0, count( $emails ), '%s' ); //output multiple %s for placeholders for prepare statement $placeholders = implode( ', ', $placeholders ); $query = $wpdb->prepare( "SELECT option_name, option_value FROM {$table} WHERE option_name IN ({$placeholders})", ...$emails ); // ...$emails unpacks array for placeholder ``` * Forum: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) In reply to: [Title is not visible while editing in Gutenberg / Kadence Theme](https://wordpress.org/support/topic/title-is-not-visible-while-editing-in-gutenberg-kadence-theme/) * [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 1 month ago](https://wordpress.org/support/topic/title-is-not-visible-while-editing-in-gutenberg-kadence-theme/#post-16663267) * Same issue here, assigning position:relative fixed it for me which alludes to z-index not taking effect since it needs a position assigned in order to work. * ```wp-block-code .wp-block.wp-block-post-title.block-editor-block-list__block.editor-post-title.editor-post-title__input { position: relative; } ``` * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Hide Cloak menu for Subscibers](https://wordpress.org/support/topic/hide-cloak-menu-for-subscibers/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 4 months ago](https://wordpress.org/support/topic/hide-cloak-menu-for-subscibers/#post-16467774) * Unfortunately WordPress has locked this plugin for review due to short code sanitation issues for non admin back end users so I can not update any code until the review is finished. * The patch that was issued is waiting on the review process. I will include this feature in the new version that will be available if and when WordPress finalizes their review. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Cloak Front End Email] Suggestion for new implementation](https://wordpress.org/support/topic/suggestion-for-new-implementation/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [3 years, 6 months ago](https://wordpress.org/support/topic/suggestion-for-new-implementation/#post-16287091) * Hi lbreme, Having an email with a mailto link is the best user experience. ( it’s generally bad UI to force website visitors to copy and paste when they should be able to just click and it auto launch their email client) * Im assuming you want it plain text so it is styled like your other paragraph text? If this is the case, css would be the best implementation to do that. * Each email has a custom html class assigned to it so you could add css styles to your style sheet for each specific one (you would have to inspect the code in the browser to see what class is added, it’s dynamic so will depend on the email). * Or you can set the global style using the below CSS. You can drop this code into the custom css module inside WordPress. * `Appearance > Customize > Additional CSS` * (set color to your body default or paragraph default, cursor will render a standard cursor with auto to remove the hand which indicates a clickable element, you might need to adjust a tag hovers all this depends on your theme, the second style will remove any auto underline on link hover) * `.cfe-wrapper a {color:#000; cursor:auto;}` * `.cfe-wrapper a:hover {text-decoration:none;}` * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Paid Memberships Pro - Content Restriction, User Registration, & Paid Subscriptions] Shortcode inside Advanced Settings : Message](https://wordpress.org/support/topic/shortcode-inside-advanced-settings-message/) * Thread Starter [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [4 years, 5 months ago](https://wordpress.org/support/topic/shortcode-inside-advanced-settings-message/#post-15202448) * [@ritlance](https://wordpress.org/support/users/ritlance/) Not sure if you worked your way through this but here is a little help if you haven’t. * If you follow the hook link it will take you to the github source. [https://github.com/strangerstudios/paid-memberships-pro/blob/master/includes/functions.php](https://github.com/strangerstudios/paid-memberships-pro/blob/master/includes/functions.php) * Here you can see how it’s used in the code written by paidmembership pro themselves. * On line 1925: `function pmpro_get_no_access_message( $content, $level_ids, $ level_names = NULL )` * Inside that function on line 1958: You will see the filter text function being used. Not a member and not logged in are probably what you are looking for. As you can see they just add the text inside Advanced Settings. `stripslashes( pmpro_getOption(' nonmembertext' ) )` * So you can actually add your own text/function to replace this. * Inside your theme functions.php (custom theme or child theme) you declare your own function that you then apply to the filter. You can have two different outputs for non member and not logged in or just apply the same to both. A quick example is below. Hope this helps! * ``` function custom_pmpro_non_member_text () { ...code goes here for the output you want or this could just be plain html or you can probably echo do_shortcode('shortcode') ... } add_filter( 'pmpro_non_member_text_filter', 'custom_pmpro_non_member_text' ); add_filter( 'pmpro_not_logged_in_text_filter', 'custom_pmpro_non_member_text' ); ``` * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[MainWP Child - Securely Connects to the MainWP Dashboard to Manage Multiple Sites] OWASP3 Blocks settings page](https://wordpress.org/support/topic/owasp3-blocks-settings-page/) * Thread Starter [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [4 years, 6 months ago](https://wordpress.org/support/topic/owasp3-blocks-settings-page/#post-15140496) * Ive submitted a ticket at your website Ticket #7720 * Forum: [Reviews](https://wordpress.org/support/forum/reviews/) In reply to: [[Cloak Front End Email] Not a cloaking plugin](https://wordpress.org/support/topic/not-a-cloaking-plugin/) * Plugin Author [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [4 years, 9 months ago](https://wordpress.org/support/topic/not-a-cloaking-plugin/#post-14820169) * Axxies, Below is a good article for you to read up on. It explains what Cloudflare, a very well know security company uses for their own email cloaking. * [https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation-](https://support.cloudflare.com/hc/en-us/articles/200170016-What-is-Email-Address-Obfuscation-) * The Cloak Front End Email plugin follows the same methodology. The email addresses are not in the source code of the website. Therefore any programing language that is doing a request to the site will scrape the source code of a website and since the email is not embedded in the source your emails will not be leaked. * Source code will look like this: `loading… ` * I actually have quite a bit experience with web scraping and this is why I developed this plugin. To help protect against email harvesting. * As a side note, the cloaking methodology of [at] or [dot] can easily be scrape as you just have to tweak your regular expression that looks for @ and . to match these alternatives. These methods are actually less secure in terms of they still leak your email just in a different format. And a well versed programmer that is scraping sites for emails will just include those variations. * Im not sure if WordPress allows changing a review star count but hopefully after this information you can make a better informed review on this plugin. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WPScan - WordPress Security Scanner] HTTPS/ SSL warning message](https://wordpress.org/support/topic/https-ssl-warning-message/) * [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [5 years, 5 months ago](https://wordpress.org/support/topic/https-ssl-warning-message/#post-13889697) * Although this could be a cloudflare/proxy issue with is_ssl() in that file. Most of the sites are behind cloudflare. * > “WordPress is_ssl() doesn’t work behind some load balancers.” * [https://developer.wordpress.org/reference/functions/is_ssl/#comment-1093](https://developer.wordpress.org/reference/functions/is_ssl/#comment-1093) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WPScan - WordPress Security Scanner] HTTPS/ SSL warning message](https://wordpress.org/support/topic/https-ssl-warning-message/) * [webbernaut](https://wordpress.org/support/users/webbernaut/) * (@webbernaut) * [5 years, 5 months ago](https://wordpress.org/support/topic/https-ssl-warning-message/#post-13889693) * Having the same issue on multiple sites. All have https setup and redirect any http to https in htaccess. But getting email notifications about HTTPS communication warning. * I don’t think this code is working as intended. security-checks > https > check. php Viewing 15 replies - 1 through 15 (of 46 total) 1 [2](https://wordpress.org/support/users/webbernaut/replies/page/2/?output_format=md) [3](https://wordpress.org/support/users/webbernaut/replies/page/3/?output_format=md) [4](https://wordpress.org/support/users/webbernaut/replies/page/4/?output_format=md) [→](https://wordpress.org/support/users/webbernaut/replies/page/2/?output_format=md)