Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3428885

Timestamp:

12/29/2025 08:00:39 AM (3 months ago)

Author:

wpiko

Message:

Fixed "Access denied" errors caused by cached expired WordPress nonces
Added automatic nonce refresh mechanism - chatbot now seamlessly retries failed requests with fresh nonces
Improved resilience for sites using page caching plugins (WP Rocket, LiteSpeed, W3 Total Cache, etc.)
Rate-limited nonce refresh endpoint to prevent abuse

Location:

wpiko-chatbot

Files:

: 70 added
: 3 edited

tags/1.0.9 (added)
tags/1.0.9/admin (added)
tags/1.0.9/admin/admin-page.php (added)
tags/1.0.9/admin/css (added)
tags/1.0.9/admin/css/admin-style.css (added)
tags/1.0.9/admin/css/ai-configuration.css (added)
tags/1.0.9/admin/css/conversation-mobile-style.css (added)
tags/1.0.9/admin/css/conversation-style.css (added)
tags/1.0.9/admin/css/dashboard-style.css (added)
tags/1.0.9/admin/css/file-management.css (added)
tags/1.0.9/admin/css/modal-style.css (added)
tags/1.0.9/admin/css/plugin-header.css (added)
tags/1.0.9/admin/css/transcript-styles.css (added)
tags/1.0.9/admin/includes (added)
tags/1.0.9/admin/includes/plugin-header.php (added)
tags/1.0.9/admin/js (added)
tags/1.0.9/admin/js/admin-script.js (added)
tags/1.0.9/admin/js/conversations.js (added)
tags/1.0.9/admin/js/dashboard.js (added)
tags/1.0.9/admin/js/file-management.js (added)
tags/1.0.9/admin/js/files-list.js (added)
tags/1.0.9/admin/js/modal-handlers.js (added)
tags/1.0.9/admin/js/models-info.js (added)
tags/1.0.9/admin/js/responses-api.js (added)
tags/1.0.9/admin/sections (added)
tags/1.0.9/admin/sections/ai-configuration-section.php (added)
tags/1.0.9/admin/sections/api-key-section.php (added)
tags/1.0.9/admin/sections/chatbot-menu-section.php (added)
tags/1.0.9/admin/sections/chatbot-style-section.php (added)
tags/1.0.9/admin/sections/conversations-section.php (added)
tags/1.0.9/admin/sections/dashboard-section.php (added)
tags/1.0.9/admin/sections/error-messages-section.php (added)
tags/1.0.9/admin/sections/floating-chatbot-section.php (added)
tags/1.0.9/admin/sections/questions-section.php (added)
tags/1.0.9/admin/sections/shortcode-chatbot-section.php (added)
tags/1.0.9/admin/templates (added)
tags/1.0.9/admin/templates/admin-wrapper.php (added)
tags/1.0.9/admin/templates/file-management.php (added)
tags/1.0.9/assets (added)
tags/1.0.9/assets/images (added)
tags/1.0.9/assets/images/chatbot-icon.png (added)
tags/1.0.9/chatbot-interface.php (added)
tags/1.0.9/css (added)
tags/1.0.9/css/frontend-transcript-styles.css (added)
tags/1.0.9/css/wpiko-chatbot.css (added)
tags/1.0.9/includes (added)
tags/1.0.9/includes/api-helpers.php (added)
tags/1.0.9/includes/cache-management.php (added)
tags/1.0.9/includes/conversation-handler.php (added)
tags/1.0.9/includes/conversation-translation.php (added)
tags/1.0.9/includes/files-list-handler.php (added)
tags/1.0.9/includes/floating-chatbot.php (added)
tags/1.0.9/includes/instructions-handler.php (added)
tags/1.0.9/includes/logging.php (added)
tags/1.0.9/includes/markdown-handler.php (added)
tags/1.0.9/includes/nonce-refresh.php (added)
tags/1.0.9/includes/responses-api.php (added)
tags/1.0.9/includes/sound-functions.php (added)
tags/1.0.9/includes/transcript-generator.php (added)
tags/1.0.9/index.php (added)
tags/1.0.9/js (added)
tags/1.0.9/js/chatbot-sound.js (added)
tags/1.0.9/js/howler.min.js (added)
tags/1.0.9/js/wpiko-chatbot.js (added)
tags/1.0.9/readme.txt (added)
tags/1.0.9/sounds (added)
tags/1.0.9/sounds/error-notification.wav (added)
tags/1.0.9/sounds/message-notification.wav (added)
tags/1.0.9/wpiko-chatbot.php (added)
trunk/includes/nonce-refresh.php (added)
trunk/js/wpiko-chatbot.js (modified) (1 diff)
trunk/readme.txt (modified) (4 diffs)
trunk/wpiko-chatbot.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

wpiko-chatbot/trunk/js/wpiko-chatbot.js

-                      r3406566
+                      r3428885
             hidePreMadeQuestions();
+            // Use the retry-enabled message sending
+            sendMessageWithRetry(message, userEmail, userName, false);
+        }
+    }
+    /**
+     * Refresh the nonce from the server
+     * @returns {Promise} Resolves with the new nonce, or rejects on error
+     */
+    function refreshNonce() {
+        return new Promise(function(resolve, reject) {
             jQuery.ajax({
                 url: wpikoChatbot.ajax_url,
                 type: 'post',
                 timeout: 90000, // 90 second timeout - gives server time to respond but prevents infinite wait
+                timeout: 10000,
                 data: {
+                    action: 'wpiko_chatbot_send_message',
+                    message: message,
+                    thread_id: threadId,
+                    security: wpikoChatbot.nonce,
+                    user_email: userEmail,
+                    user_name: userName
+                    action: 'wpiko_chatbot_refresh_nonce'
                 },
+                success: function (response) {
+                    removeLoadingIndicator();
+                    if (response.success === false) {
+                        console.error('Error in chatbot response:', response);
+                        if (response.data && response.data.debug) {
+                            console.error('OpenAI debug:', response.data.debug);
+                success: function(response) {
+                    if (response.success && response.data && response.data.nonce) {
+                        // Update the global nonce
+                        wpikoChatbot.nonce = response.data.nonce;
+                        // Update contact form nonce if available
+                        if (response.data.contact_form_nonce) {
+                            wpikoChatbot.contact_form_nonce = response.data.contact_form_nonce;
+                        }
+                        var msg = response.data && response.data.message ? response.data.message : 'An error occurred while processing your request. Please try again later.';
+                        // If admin-only debug is present, append status code for quicker triage (UI stays generic otherwise)
+                        if (response.data && response.data.debug && response.data.debug.status) {
+                            msg += ' (code: ' + response.data.debug.status + ')';
+                        }
+                        appendMessage('error', msg, (response.data && response.data.type) || 'general_error');
+                        updateChatbotStatus(false);
+                        console.log('WPiko Chatbot: Nonce refreshed successfully');
+                        resolve(response.data.nonce);
                     } else {
+                        appendMessage('bot', response.data.response);
+                        if (response.data.thread_id) {
+                            threadId = response.data.thread_id;
+                            sessionStorage.setItem('wpiko_chatbot_thread_id', threadId);
+                        }
+                        updateChatbotStatus(true);
+                        reject(new Error('Invalid nonce refresh response'));
+                    }
                 },
+                error: function (xhr, status, error) {
+                    console.error('AJAX error:', status, error);
+                    console.error('Response Text:', xhr.responseText);
+                    removeLoadingIndicator();
+                    let errorMessage = 'An unexpected error occurred. Please try again later.';
+                    let errorType = 'general_error';
+                    // Handle specific error types with actionable messages
+                    if (status === 'timeout') {
+                        errorMessage = 'The request timed out. The server may be busy or your connection is slow. Please try again.';
+                        errorType = 'timeout_error';
+                    } else if (status === 'abort') {
+                        errorMessage = 'The request was cancelled. Please try again.';
+                        errorType = 'abort_error';
+                    } else if (xhr.status === 0) {
+                        errorMessage = 'Unable to connect to the server. Please check your internet connection and try again.';
+                        errorType = 'network_error';
+                    } else if (xhr.status === 403) {
+                        errorMessage = 'Access denied. Please refresh the page and try again.';
+                        errorType = 'auth_error';
+                    } else if (xhr.status === 429) {
+                        errorMessage = 'Too many requests. Please wait a moment before trying again.';
+                        errorType = 'rate_limit_error';
+                    } else if (xhr.status >= 500) {
+                        errorMessage = 'The server encountered an error. Please try again in a few moments.';
+                        errorType = 'server_error';
+                    } else if (xhr.responseJSON && xhr.responseJSON.data) {
+                        if (typeof xhr.responseJSON.data === 'object' && xhr.responseJSON.data.message) {
+                            errorMessage = xhr.responseJSON.data.message;
+                            errorType = xhr.responseJSON.data.type || 'general_error';
+                        } else if (typeof xhr.responseJSON.data === 'string') {
+                            errorMessage = xhr.responseJSON.data;
+                        }
+                    } else if (xhr.status !== 200 && xhr.status !== 0) {
+                        errorMessage = 'Error: Failed to send your message. Please try again later. (Status: ' + xhr.status + ')';
+                    }
+                    appendMessage('error', errorMessage, errorType);
+                    updateChatbotStatus();
+                },
+                complete: function() {
+                    removeLoadingIndicator();
+                error: function(xhr, status, error) {
+                    console.error('WPiko Chatbot: Failed to refresh nonce:', error);
+                    reject(error);
+                }
             });
+        }
+        });
+    }
+    /**
+     * Send message with automatic retry on nonce expiration (403 error)
+     * @param {string} message - The message to send
+     * @param {string} userEmail - User's email
+     * @param {string} userName - User's name
+     * @param {boolean} isRetry - Whether this is a retry attempt
+     */
+    function sendMessageWithRetry(message, userEmail, userName, isRetry) {
+        jQuery.ajax({
+            url: wpikoChatbot.ajax_url,
+            type: 'post',
+            timeout: 90000, // 90 second timeout - gives server time to respond but prevents infinite wait
+            data: {
+                action: 'wpiko_chatbot_send_message',
+                message: message,
+                thread_id: threadId,
+                security: wpikoChatbot.nonce,
+                user_email: userEmail,
+                user_name: userName
+            },
+            success: function (response) {
+                removeLoadingIndicator();
+                if (response.success === false) {
+                    console.error('Error in chatbot response:', response);
+                    if (response.data && response.data.debug) {
+                        console.error('OpenAI debug:', response.data.debug);
+                    }
+                    var msg = response.data && response.data.message ? response.data.message : 'An error occurred while processing your request. Please try again later.';
+                    // If admin-only debug is present, append status code for quicker triage (UI stays generic otherwise)
+                    if (response.data && response.data.debug && response.data.debug.status) {
+                        msg += ' (code: ' + response.data.debug.status + ')';
+                    }
+                    appendMessage('error', msg, (response.data && response.data.type) || 'general_error');
+                    updateChatbotStatus(false);
+                } else {
+                    appendMessage('bot', response.data.response);
+                    if (response.data.thread_id) {
+                        threadId = response.data.thread_id;
+                        sessionStorage.setItem('wpiko_chatbot_thread_id', threadId);
+                    }
+                    updateChatbotStatus(true);
+                }
+            },
+            error: function (xhr, status, error) {
+                // Check if this is a 403 error (nonce expired) and we haven't retried yet
+                if (xhr.status === 403 && !isRetry) {
+                    console.log('WPiko Chatbot: Nonce may be expired, attempting to refresh...');
+                    // Try to refresh the nonce and retry the request
+                    refreshNonce()
+                        .then(function() {
+                            console.log('WPiko Chatbot: Retrying message with new nonce...');
+                            sendMessageWithRetry(message, userEmail, userName, true);
+                        })
+                        .catch(function() {
+                            // Nonce refresh failed, show error to user
+                            removeLoadingIndicator();
+                            appendMessage('error', 'Session expired. Please refresh the page and try again.', 'auth_error');
+                            updateChatbotStatus();
+                        });
+                    return;
+                }
+                console.error('AJAX error:', status, error);
+                console.error('Response Text:', xhr.responseText);
+                removeLoadingIndicator();
+                let errorMessage = 'An unexpected error occurred. Please try again later.';
+                let errorType = 'general_error';
+                // Handle specific error types with actionable messages
+                if (status === 'timeout') {
+                    errorMessage = 'The request timed out. The server may be busy or your connection is slow. Please try again.';
+                    errorType = 'timeout_error';
+                } else if (status === 'abort') {
+                    errorMessage = 'The request was cancelled. Please try again.';
+                    errorType = 'abort_error';
+                } else if (xhr.status === 0) {
+                    errorMessage = 'Unable to connect to the server. Please check your internet connection and try again.';
+                    errorType = 'network_error';
+                } else if (xhr.status === 403) {
+                    // This only triggers if retry also failed
+                    errorMessage = 'Access denied. Please refresh the page and try again.';
+                    errorType = 'auth_error';
+                } else if (xhr.status === 429) {
+                    errorMessage = 'Too many requests. Please wait a moment before trying again.';
+                    errorType = 'rate_limit_error';
+                } else if (xhr.status >= 500) {
+                    errorMessage = 'The server encountered an error. Please try again in a few moments.';
+                    errorType = 'server_error';
+                } else if (xhr.responseJSON && xhr.responseJSON.data) {
+                    if (typeof xhr.responseJSON.data === 'object' && xhr.responseJSON.data.message) {
+                        errorMessage = xhr.responseJSON.data.message;
+                        errorType = xhr.responseJSON.data.type || 'general_error';
+                    } else if (typeof xhr.responseJSON.data === 'string') {
+                        errorMessage = xhr.responseJSON.data;
+                    }
+                } else if (xhr.status !== 200 && xhr.status !== 0) {
+                    errorMessage = 'Error: Failed to send your message. Please try again later. (Status: ' + xhr.status + ')';
+                }
+                appendMessage('error', errorMessage, errorType);
+                updateChatbotStatus();
+            },
+            complete: function() {
+                removeLoadingIndicator();
+            }
+        });
+    }

wpiko-chatbot/trunk/readme.txt

-                      r3426080
+                      r3428885
 Requires at least: 6.0
 Tested up to: 6.9
 Stable tag: 1.0.8
+Stable tag: 1.0.9
 Requires PHP: 7.0
 License: GPL-2.0+
 …
 == Description ==
 WPiko AI Chatbot brings OpenAI’s latest models to your WordPress site for instant, accurate answers, lead capture, and automated support—without monthly fees. It’s fast, flexible, and designed for real business outcomes like resolving FAQs, assisting shoppers, and qualifying leads.
+WPiko AI Chatbot brings OpenAI's latest models to your WordPress site for instant, accurate answers, lead capture, and automated support—without monthly fees. It's fast, flexible, and designed for real business outcomes like resolving FAQs, assisting shoppers, and qualifying leads.
 https://www.youtube.com/watch?v=CCgrX_wZCg4
 …
 ### 📱 Mobile-Friendly
 WPiko’s chatbot adapts seamlessly to phones, tablets, and desktops. Touch‑friendly buttons, adjustable dimensions, and compatibility with common themes and page builders ensure a smooth experience without covering key UI elements. The admin includes a mobile‑friendly navigation.
+WPiko's chatbot adapts seamlessly to phones, tablets, and desktops. Touch‑friendly buttons, adjustable dimensions, and compatibility with common themes and page builders ensure a smooth experience without covering key UI elements. The admin includes a mobile‑friendly navigation.
 ### ✅ Get Started with WPiko Chatbot Today
 …
 . Engage visitors with a sleek, customizable chat interface that matches your brand and provides instant responses to common questions.
 . Easily configure your chatbot's personality, knowledge base, and behavior through an intuitive AI training interface powered by OpenAI technology.
 . Review and analyze conversations to understand customer needs, improve your AI’s responses, and refine your support strategy.
+. Review and analyze conversations to understand customer needs, improve your AI's responses, and refine your support strategy.
 . Transform your chatbot into a direct communication channel with the built-in contact form. Allow visitors to reach out without leaving the chat interface.
 . Gain valuable visitor insights through detailed analytics including conversation metrics, geographic data, and user engagement patterns.
 == Changelog ==
+= 1.0.9 =
+* Fixed "Access denied" errors caused by cached expired WordPress nonces
+* Added automatic nonce refresh mechanism - chatbot now seamlessly retries failed requests with fresh nonces
+* Improved resilience for sites using page caching plugins (WP Rocket, LiteSpeed, W3 Total Cache, etc.)
+* Rate-limited nonce refresh endpoint to prevent abuse
 = 1.0.8 =

wpiko-chatbot/trunk/wpiko-chatbot.php

-                      r3426080
+                      r3428885
  * Plugin URI: https://wpiko.com/chatbot
  * Description: A WordPress plugin that integrates OpenAI's AI models to create an intelligent chatbot for WordPress websites.
  * Version: 1.0.8
+ * Version: 1.0.9
  * Author: WPiko
  * Author URI: https://wpiko.com
 …
 define('WPIKO_CHATBOT_PLUGIN_DIR', plugin_dir_path(__FILE__));
 define('WPIKO_CHATBOT_PLUGIN_URL', plugin_dir_url(__FILE__));
 define('WPIKO_CHATBOT_VERSION', '1.0.8');
+define('WPIKO_CHATBOT_VERSION', '1.0.9');
 // Ensures that the default options is set
 …
 require_once WPIKO_CHATBOT_PLUGIN_DIR . 'includes/instructions-handler.php';
 require_once WPIKO_CHATBOT_PLUGIN_DIR . 'includes/cache-management.php';
+require_once WPIKO_CHATBOT_PLUGIN_DIR . 'includes/nonce-refresh.php';
 require_once WPIKO_CHATBOT_PLUGIN_DIR . 'includes/conversation-translation.php';

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 3428885

Legend:

wpiko-chatbot/trunk/js/wpiko-chatbot.js

wpiko-chatbot/trunk/readme.txt

wpiko-chatbot/trunk/wpiko-chatbot.php

Download in other formats: