Spam protection, AntiSpam, FireWall by CleanTalk - Version 2.42

Version Description

2014-04-29 = * Fixed: JavaScript anti-spam test for comments.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 2.42
Comparing to
See all releases

Code changes from version 2.41 to 2.42

Files changed (2) hide show
  1. cleantalk.php +45 -86
  2. readme.txt +50 -7
cleantalk.php CHANGED
@@ -3,12 +3,12 @@
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
- Version: 2.41
7
  Author: СleanTalk <welcome@cleantalk.ru>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
- $ct_agent_version = 'wordpress-241';
12
  $ct_checkjs_frm = 'ct_checkjs_frm';
13
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
14
  $ct_session_request_id_label = 'request_id';
@@ -51,9 +51,6 @@ $trial_notice_check_timeout = 10;
51
  // COOKIE label for WP Landing Page proccessing result
52
  $ct_wplp_result_label = 'ct_wplp_result';
53
 
54
- // JetPack comment form loaded
55
- $ct_jp_comments = false;
56
-
57
  // Init action.
58
  add_action('init', 'ct_init', 1);
59
 
@@ -123,8 +120,7 @@ function ct_init() {
123
  (class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)) ||
124
  (defined('LANDINGPAGES_CURRENT_VERSION'))
125
  ) {
126
- add_action('wp_footer', 'ct_footer_add_cookie');
127
- $ct_jp_comments = true;
128
  }
129
 
130
  //intercept WordPress Landing Pages POST
@@ -373,10 +369,7 @@ function ct_comment_form() {
373
  return false;
374
  }
375
 
376
- ct_add_hidden_fields2('ct_checkjs');
377
-
378
- ct_init_session();
379
- $_SESSION['formtime'] = time();
380
 
381
  return null;
382
  }
@@ -424,9 +417,8 @@ ctSetCookie("%s", "%s");
424
  ';
425
  $html = sprintf($html, $field_name, $ct_checkjs_key);
426
  } else {
427
-
428
- $field_id = $field_name . '_' . md5(rand(0, 1000));
429
- $html = '
430
  <input type="hidden" id="%s" name="%s" value="%s" />
431
  <script type="text/javascript">
432
  // <![CDATA[
@@ -443,52 +435,6 @@ document.getElementById("%s").value = document.getElementById("%s").value.replac
443
  }
444
  }
445
 
446
- /**
447
- * Adds hidden filed to define avaialbility of client's JavaScript
448
- * @param int $post_id Post ID, not used
449
- */
450
- function ct_add_hidden_fields2($field_name = 'ct_checkjs', $return_string = false) {
451
- global $ct_checkjs_def;
452
-
453
- $field_id = $field_name . '_' . md5(rand(0, 1000));
454
- $field_id_div = 'div_' . $field_id;
455
- $html = '
456
- <div id="%s">
457
- <span style="font-weight: bold;">Fill current <span style="color: red;">y_e_a_r</a>:</span>
458
- <input type="text" id="%s" name="%s" value="%s" maxlength="4" size="4" style="width: 5em;" />
459
- </div>
460
- <script type="text/javascript">
461
- // <![CDATA[
462
- var date = new Date();
463
-
464
- document.getElementById("%s").value = date.getFullYear();
465
- if (document.getElementById("%s").value != %d) {
466
- document.getElementById("%s").style.display = \'none\';
467
- }
468
- // ]]>
469
- </script>
470
- ';
471
- $html = sprintf(
472
- $html,
473
- $field_id_div,
474
- $field_id,
475
- $field_name,
476
- $ct_checkjs_def,
477
- $field_id,
478
- $field_id,
479
- $ct_checkjs_def,
480
- $field_id_div
481
- );
482
-
483
- if ($return_string === true) {
484
- return $html;
485
- } else {
486
- echo $html;
487
- }
488
-
489
- return null;
490
- }
491
-
492
  /**
493
  * Is enable for user group
494
  * @return boolean
@@ -547,7 +493,7 @@ function ct_frm_validate_entry ($errors, $values) {
547
  return false;
548
  }
549
 
550
- $checkjs = js_test($ct_checkjs_frm);
551
 
552
  $post_info['comment_type'] = 'feedback';
553
  $post_info = json_encode($post_info);
@@ -591,7 +537,7 @@ function ct_preprocess_comment($comment) {
591
  // this action is called just when WP process POST request (adds new comment)
592
  // this action is called by wp-comments-post.php
593
  // after processing WP makes redirect to post page with comment's form by GET request (see above)
594
- global $wpdb, $current_user, $comment_post_id, $ct_agent_version, $ct_comment_done, $ct_approved_request_id_label, $ct_jp_comments;
595
 
596
  $options = ct_get_options();
597
  if (ct_is_user_enable() === false || $options['comments_test'] == 0 || $ct_comment_done) {
@@ -630,12 +576,8 @@ function ct_preprocess_comment($comment) {
630
  $comment_post_id = $comment['comment_post_ID'];
631
 
632
  $post = get_post($comment_post_id);
633
-
634
- $simple_mode = true;
635
- if ($ct_jp_comments)
636
- $simple_mode = false;
637
 
638
- $checkjs = js_test('ct_checkjs', $simple_mode);
639
 
640
  $example = null;
641
 
@@ -753,15 +695,37 @@ function ct_die_extended($comment_body) {
753
  *
754
  *
755
  */
756
- function js_test($field_name = 'ct_checkjs', $simple_mode = false) {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
757
  $checkjs = null;
758
  $js_field = null;
759
 
760
- if (isset($_REQUEST[$field_name]))
761
- $js_field = $_REQUEST[$field_name];
762
 
763
  if ($js_field !== null) {
764
- if($js_field == ct_get_checkjs_value($simple_mode)) {
765
  $checkjs = 1;
766
  } else {
767
  $checkjs = 0;
@@ -1041,15 +1005,10 @@ function ct_plugin_active($plugin_name){
1041
  * Get ct_get_checkjs_value
1042
  * @return string
1043
  */
1044
- function ct_get_checkjs_value($simple_mode = false) {
1045
- if ($simple_mode) {
1046
- $return = date("Y");
1047
- } else {
1048
- $options = ct_get_options();
1049
- $return = md5($options['apikey'] . '+' . get_option('admin_email'));
1050
- }
1051
 
1052
- return $return;
1053
  }
1054
 
1055
  /**
@@ -1143,7 +1102,7 @@ function ct_registration_errors($errors, $sanitized_user_login = null, $user_ema
1143
  return $errors;
1144
  }
1145
 
1146
- $checkjs = js_test($ct_checkjs_register_form);
1147
 
1148
  require_once('cleantalk.class.php');
1149
 
@@ -1290,7 +1249,7 @@ function ct_contact_form_is_spam($form) {
1290
  if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1291
  $js_field_name = $k;
1292
  }
1293
- $checkjs = js_test($js_field_name);
1294
 
1295
  $sender_info = array(
1296
  'sender_url' => @$form['comment_author_url']
@@ -1367,7 +1326,7 @@ function ct_wpcf7_spam($spam) {
1367
  return $spam;
1368
  }
1369
 
1370
- $checkjs = js_test($ct_checkjs_cf7);
1371
 
1372
  $post_info['comment_type'] = 'feedback';
1373
  $post_info = json_encode($post_info);
@@ -1441,7 +1400,7 @@ function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
1441
  if ($options['contact_forms_test'] == 0)
1442
  return $form_errors;
1443
 
1444
- $checkjs = js_test('ct_checkjs');
1445
 
1446
  $post_info['comment_type'] = 'feedback';
1447
  $post_info = json_encode($post_info);
@@ -1789,9 +1748,9 @@ function ct_check_wplp(){
1789
  if ($options['contact_forms_test'] == 0)
1790
  return;
1791
 
1792
- $checkjs = js_test('ct_checkjs');
1793
- if (null === $checkjs)
1794
- $checkjs = 0;
1795
 
1796
  $post_info['comment_type'] = 'feedback';
1797
  $post_info = json_encode($post_info);
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
+ Version: 2.42
7
  Author: СleanTalk <welcome@cleantalk.ru>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
+ $ct_agent_version = 'wordpress-242';
12
  $ct_checkjs_frm = 'ct_checkjs_frm';
13
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
14
  $ct_session_request_id_label = 'request_id';
51
  // COOKIE label for WP Landing Page proccessing result
52
  $ct_wplp_result_label = 'ct_wplp_result';
53
 
 
 
 
54
  // Init action.
55
  add_action('init', 'ct_init', 1);
56
 
120
  (class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)) ||
121
  (defined('LANDINGPAGES_CURRENT_VERSION'))
122
  ) {
123
+ add_action('wp_footer', 'ct_footer_add_cookie');
 
124
  }
125
 
126
  //intercept WordPress Landing Pages POST
369
  return false;
370
  }
371
 
372
+ ct_add_hidden_fields(0, 'ct_checkjs', false, false);
 
 
 
373
 
374
  return null;
375
  }
417
  ';
418
  $html = sprintf($html, $field_name, $ct_checkjs_key);
419
  } else {
420
+ $field_id = $field_name . '_' . md5(rand(0, 1000));
421
+ $html = '
 
422
  <input type="hidden" id="%s" name="%s" value="%s" />
423
  <script type="text/javascript">
424
  // <![CDATA[
435
  }
436
  }
437
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
438
  /**
439
  * Is enable for user group
440
  * @return boolean
493
  return false;
494
  }
495
 
496
+ $checkjs = js_test_post($ct_checkjs_frm);
497
 
498
  $post_info['comment_type'] = 'feedback';
499
  $post_info = json_encode($post_info);
537
  // this action is called just when WP process POST request (adds new comment)
538
  // this action is called by wp-comments-post.php
539
  // after processing WP makes redirect to post page with comment's form by GET request (see above)
540
+ global $wpdb, $current_user, $comment_post_id, $ct_agent_version, $ct_comment_done, $ct_approved_request_id_label;
541
 
542
  $options = ct_get_options();
543
  if (ct_is_user_enable() === false || $options['comments_test'] == 0 || $ct_comment_done) {
576
  $comment_post_id = $comment['comment_post_ID'];
577
 
578
  $post = get_post($comment_post_id);
 
 
 
 
579
 
580
+ $checkjs = js_test_post('ct_checkjs');
581
 
582
  $example = null;
583
 
695
  *
696
  *
697
  */
698
+ function js_test_post($field_name = 'ct_checkjs') {
699
+ $checkjs = null;
700
+ $js_field = null;
701
+
702
+ if (isset($_POST[$field_name]))
703
+ $js_field = $_POST[$field_name];
704
+
705
+ if ($js_field !== null) {
706
+ if($js_field == ct_get_checkjs_value()) {
707
+ $checkjs = 1;
708
+ } else {
709
+ $checkjs = 0;
710
+ }
711
+ }
712
+
713
+ return $checkjs;
714
+ }
715
+
716
+ /**
717
+ *
718
+ *
719
+ */
720
+ function js_test_cookie($field_name = 'ct_checkjs') {
721
  $checkjs = null;
722
  $js_field = null;
723
 
724
+ if (isset($_COOKIE[$field_name]))
725
+ $js_field = $_COOKIE[$field_name];
726
 
727
  if ($js_field !== null) {
728
+ if($js_field == ct_get_checkjs_value()) {
729
  $checkjs = 1;
730
  } else {
731
  $checkjs = 0;
1005
  * Get ct_get_checkjs_value
1006
  * @return string
1007
  */
1008
+ function ct_get_checkjs_value() {
1009
+ $options = ct_get_options();
 
 
 
 
 
1010
 
1011
+ return md5($options['apikey'] . '+' . get_option('admin_email'));
1012
  }
1013
 
1014
  /**
1102
  return $errors;
1103
  }
1104
 
1105
+ $checkjs = js_test_post($ct_checkjs_register_form);
1106
 
1107
  require_once('cleantalk.class.php');
1108
 
1249
  if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
1250
  $js_field_name = $k;
1251
  }
1252
+ $checkjs = js_test_cookie($js_field_name);
1253
 
1254
  $sender_info = array(
1255
  'sender_url' => @$form['comment_author_url']
1326
  return $spam;
1327
  }
1328
 
1329
+ $checkjs = js_test_post($ct_checkjs_cf7);
1330
 
1331
  $post_info['comment_type'] = 'feedback';
1332
  $post_info = json_encode($post_info);
1400
  if ($options['contact_forms_test'] == 0)
1401
  return $form_errors;
1402
 
1403
+ $checkjs = js_test_post('ct_checkjs');
1404
 
1405
  $post_info['comment_type'] = 'feedback';
1406
  $post_info = json_encode($post_info);
1748
  if ($options['contact_forms_test'] == 0)
1749
  return;
1750
 
1751
+ $checkjs = js_test_cookie('ct_checkjs');
1752
+ if (null === $checkjs)
1753
+ $checkjs = 0;
1754
 
1755
  $post_info['comment_type'] = 'feedback';
1756
  $post_info = json_encode($post_info);
readme.txt CHANGED
@@ -1,35 +1,47 @@
1
  === Anti-spam by CleanTalk ===
2
  Contributors: znaeff, shagimuratov
3
- Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklists, math, signup, formidable, bot, spam bots, спам, quiz
4
  Requires at least: 3.0
5
- Tested up to: 3.9
6
- Stable tag: 2.40
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
- No spam comments, no spam registrations, no spam contact emails.
11
 
12
  == Description ==
13
- We have developed anti-spam CleanTalk that would provide **maximum protection from spam** and you can provide for your visitors **a simple and convenient form of comments/registrations without annoying CAPTCHAs and puzzles**. Used to detect spam multistage test that allows us to block up to 100% of spam bots.
14
 
15
  = Anti-spam features =
16
  1. Stops spam bots comments.
17
  1. Stops spam bots signups.
18
  1. Stops spam bots contacts emails.
19
  1. Stops spam pingbacks, trackbacks.
20
- 1. No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
21
 
22
  = Anti-spam protection =
23
  * WordPress, JetPack comments.
24
- * WordPress, BuddyPress, bbPress signups.
25
  * Formiadble forms, Contact form 7, JetPack Contact form.
26
  * WooCommerce review form.
27
  * Fast Secure Contact form.
28
  * WordPress Landing Pages.
29
 
30
  = Anti spam plugin info =
 
 
 
 
 
 
31
  The plugin developers had a long time experience in front-end, backend and server-side PHP programming, client side JavaScript and HTML programming. We were looking for an anti spam tool which is strong for spam bots and invisible to visitors, but nothing matched their criteria. So, we are started an anti-spam project called CleanTalk.
32
 
 
 
 
 
 
 
 
33
  = Additional features =
34
  * Online, daily and weekly anti spam reports traffic VS spam.
35
  * Apps for iPhone, Android to control anti spam service, comments, signups, contacts. With traffic and spam statistics for last 7 days.
@@ -81,6 +93,20 @@ Use other antispam plugins not necessarily, because CleanTalk stops up to 100% o
81
  = The plugin WordPress MultiUser (WPMU or WordPress network) compatible? =
82
  The plugin is WordPress MultiUser (WPMU or WordPress network) compatible. Each blog in multisite environment has individual anit spam options for spam bots protection.
83
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
84
  == Other notes ==
85
 
86
  = Troubleshooting Guide =
@@ -106,6 +132,14 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
106
  1. Anti spam stopped spam bot at the registration form.
107
 
108
  == Changelog ==
 
 
 
 
 
 
 
 
109
 
110
  = 2.40 2014-04-25 =
111
  * New: Fast Secure Contact form support.
@@ -279,6 +313,15 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
279
  * First version
280
 
281
  == Upgrade Notice ==
 
 
 
 
 
 
 
 
 
282
  = 2.38 2014-03-27 =
283
  * Fixed: Registraion form submit time spam test.
284
 
1
  === Anti-spam by CleanTalk ===
2
  Contributors: znaeff, shagimuratov
3
+ Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklists, math, signup, formidable, bot, spam bots, спам, quiz, spammy, капча, s2member
4
  Requires at least: 3.0
5
+ Tested up to: 3.9.1
6
+ Stable tag: 2.44
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
+ No spam comments, no spam registrations, no spam contact emails in WordPress.
11
 
12
  == Description ==
13
+ No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
14
 
15
  = Anti-spam features =
16
  1. Stops spam bots comments.
17
  1. Stops spam bots signups.
18
  1. Stops spam bots contacts emails.
19
  1. Stops spam pingbacks, trackbacks.
 
20
 
21
  = Anti-spam protection =
22
  * WordPress, JetPack comments.
23
+ * WordPress, BuddyPress, bbPress, S2Member signups.
24
  * Formiadble forms, Contact form 7, JetPack Contact form.
25
  * WooCommerce review form.
26
  * Fast Secure Contact form.
27
  * WordPress Landing Pages.
28
 
29
  = Anti spam plugin info =
30
+ CleanTalk is an antispam protection **4 in 1 for WordPress** that protects login, comment, contact and WooCommerce forms all at once. You don't need to install separate antispam plugins for each form. This allows your blog to work faster and save resources. After installation **you will forget about spam**, CleanTalk plugin will do all the work. You won't have to deal with spam, CleanTalk will do this for you automatically.
31
+
32
+ CleanTalk is a transparent antispam protection, we provide detailed statistics of all entering comments and logins. You can always be sure that **there are no errors**. We have developed a mobile app for you to see antispam statistics wherever whenever.
33
+
34
+ We have developed anti-spam for WordPress that would provide **maximum protection from spam** and you can provide for your visitors **a simple and convenient form of comments/registrations without annoying CAPTCHAs and puzzles**. Used to detect spam multistage test that allows us to block up to 100% of spam bots.
35
+
36
  The plugin developers had a long time experience in front-end, backend and server-side PHP programming, client side JavaScript and HTML programming. We were looking for an anti spam tool which is strong for spam bots and invisible to visitors, but nothing matched their criteria. So, we are started an anti-spam project called CleanTalk.
37
 
38
+ The CleanTalk is premium anti-spam for WordPress, please look at the <a href="http://cleantalk.org/price">pricing</a>. We try to provide the service at the highest level and we can not afford to offer a free version of our service, as this will immediately affect the quality of providing anti spam protection. Paying for a year of service, you save a lot more and get:
39
+
40
+ * Up to 100% protection from spam bots.
41
+ * Simple and convenient form of commenting/registrations without captcha.
42
+ * Always actual and regular updates.
43
+ * Technical support.
44
+
45
  = Additional features =
46
  * Online, daily and weekly anti spam reports traffic VS spam.
47
  * Apps for iPhone, Android to control anti spam service, comments, signups, contacts. With traffic and spam statistics for last 7 days.
93
  = The plugin WordPress MultiUser (WPMU or WordPress network) compatible? =
94
  The plugin is WordPress MultiUser (WPMU or WordPress network) compatible. Each blog in multisite environment has individual anit spam options for spam bots protection.
95
 
96
+ = After the installation I noticed in the statistics that the number of spam attacks had increased =
97
+ There are a few reasons for this:
98
+
99
+ * With the indexing of your web-site by the search systems, appearance of external links and better search results position, your web-site attracts more and more spambots.
100
+ * Non-transparent protection systems like CAPTCHA or question/answer, that don't have spam attacks statistics, don't let you see the whole picture, or the picture is incomplete.
101
+ * Counting methods for spam attacks and spambots are different for different systems, which explains the diversity. We seek to provide detailed statistics.
102
+
103
+ = Why my dummy "spam" comment passed to the WordPress? =
104
+ The plugin has several options to detect spam bots and humans. If you just post spammy text like this,
105
+
106
+ "I want to sell something", "Buy something here.." and etc
107
+
108
+ The comments will be passed, becuase the plugin detect sender as a human. So, use special email *stop_email@example.com* to test anti-spam or wait a few days to see how the plugin works.
109
+
110
  == Other notes ==
111
 
112
  = Troubleshooting Guide =
132
  1. Anti spam stopped spam bot at the registration form.
133
 
134
  == Changelog ==
135
+ = 2.44 2014-05-12 =
136
+ * Added: Anti-spam protection for S2Member framework. 
137
+ * Improved: JavaScript anti-spam test. 
138
+ * Improved: Plugin load time for backend and frontend.
139
+ * Fixed: PHP warning mb_convert_encoding()
140
+
141
+ = 2.42 2014-04-29 =
142
+ * Fixed: JavaScript anti-spam test for comments. 
143
 
144
  = 2.40 2014-04-25 =
145
  * New: Fast Secure Contact form support.
313
  * First version
314
 
315
  == Upgrade Notice ==
316
+ = 2.44 2014-05-12 =
317
+ * Added: Anti-spam protection for S2Member framework. 
318
+ * Improved: Plugin load time for backend and frontend.
319
+ * Improved: JavaScript anti-spam test. 
320
+ * Fixed: PHP warning mb_convert_encoding()
321
+
322
+ = 2.42 2014-04-29 =
323
+ * Fixed: JavaScript anti-spam test for comments.
324
+  
325
  = 2.38 2014-03-27 =
326
  * Fixed: Registraion form submit time spam test.
327