Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

2014-08-06 = * Added anti spam protection for signups posted via WooCommerce order form. * Improved anti spam protection for Contact Form 7.
* Improved anti spam protection for registrations. Now the plugin looking for JavaScript antispam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes. * Updated PHP API. No the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.

Download this release

Release Info

Developer	shagimuratov
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	2.58
Comparing to
See all releases

Code changes from version 2.57 to 2.58

Files changed (4) hide show

cleantalk-admin.php +2 -2
cleantalk.class.php +38 -5
cleantalk.php +46 -36
readme.txt +17 -4

cleantalk-admin.php CHANGED Viewed

	@@ -176,7 +176,7 @@ function ct_input_comments_test() {
176	echo "<input type='radio' id='cleantalk_comments_test1' name='cleantalk_settings[comments_test]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_comments_test1'> " . __('Yes') . "</label>";
177	echo '     ';
178	echo "<input type='radio' id='cleantalk_comments_test0' name='cleantalk_settings[comments_test]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_comments_test0'> " . __('No') . "</label>";
179	- admin_addDescriptionsFields(__('WordPress, JetPack', 'cleantalk'));
180	}
181
182	/**
	@@ -189,7 +189,7 @@ function ct_input_registrations_test() {
189	echo "<input type='radio' id='cleantalk_registrations_test1' name='cleantalk_settings[registrations_test]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_registrations_test1'> " . __('Yes') . "</label>";
190	echo '     ';
191	echo "<input type='radio' id='cleantalk_registrations_test0' name='cleantalk_settings[registrations_test]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_registrations_test0'> " . __('No') . "</label>";
192	- admin_addDescriptionsFields(__('WordPress, BuddyPress, bbPress, S2Member', 'cleantalk'));
193	}
194
195	/**


176	echo "<input type='radio' id='cleantalk_comments_test1' name='cleantalk_settings[comments_test]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_comments_test1'> " . __('Yes') . "</label>";
177	echo '     ';
178	echo "<input type='radio' id='cleantalk_comments_test0' name='cleantalk_settings[comments_test]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_comments_test0'> " . __('No') . "</label>";
179	+ admin_addDescriptionsFields(__('WordPress, JetPack, WooCommerce', 'cleantalk'));
180	}
181
182	/**

189	echo "<input type='radio' id='cleantalk_registrations_test1' name='cleantalk_settings[registrations_test]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_registrations_test1'> " . __('Yes') . "</label>";
190	echo '     ';
191	echo "<input type='radio' id='cleantalk_registrations_test0' name='cleantalk_settings[registrations_test]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_registrations_test0'> " . __('No') . "</label>";
192	+ admin_addDescriptionsFields(__('WordPress, BuddyPress, bbPress, S2Member, WooCommerce', 'cleantalk'));
193	}
194
195	/**

cleantalk.class.php CHANGED Viewed

@@ -2,7 +2,7 @@
             /**
              * Cleantalk base class
+             *
-            -
             * @version 1.26
              * @package Cleantalk
              * @subpackage Base
              * @author Сleantalk team (welcome@cleantalk.ru)
@@ -872,16 +872,49 @@ class Cleantalk {
                     return $message;
+                }
-            -
                /*
-            -
                   Get user IP behind proxy server
                 */
                 public function ct_session_ip( $data_ip ) {
-            -
                    if ($data_ip == '127.0.0.1' && isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $_SERVER['HTTP_X_FORWARDED_FOR'])) {
-            -
                        $data_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+                    }
                     return $data_ip;
+                }
                 /**
                 * Function to check response time


2	/**
3	* Cleantalk base class
4	*
5	+ * @version 1.28
6	* @package Cleantalk
7	* @subpackage Base
8	* @author Сleantalk team (welcome@cleantalk.ru)

872	return $message;
873	}
874
875	+ /**
876	+ * Get user IP behind proxy server
877	*/
878	public function ct_session_ip( $data_ip ) {
879	+ if (!preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $data_ip)) {
880	+ return $data_ip;
881	+ }
882	+
883	+ if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $_SERVER['HTTP_X_FORWARDED_FOR'])) {
884	+ $private_src_ip = false;
885	+ $private_nets = array(
886	+ '10.0.0.0/8',
887	+ '127.0.0.0/8',
888	+ '176.16.0.0/12',
889	+ '192.168.0.0/16',
890	+ );
891	+
892	+ foreach ($private_nets as $v) {
893	+
894	+ // Private IP found
895	+ if ($private_src_ip) {
896	+ continue;
897	+ }
898	+
899	+ if ($this->net_match($v, $data_ip)) {
900	+ $private_src_ip = true;
901	+ }
902	+ }
903	+ if ($private_src_ip) {
904	+ $data_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
905	+ }
906	}
907
908	return $data_ip;
909	}
910	+
911	+ /**
912	+ * From http://php.net/manual/en/function.ip2long.php#82397
913	+ */
914	+ public function net_match($CIDR,$IP) {
915	+ list ($net, $mask) = explode ('/', $CIDR);
916	+ return ( ip2long ($IP) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($net);
917	+ }
918
919	/**
920	* Function to check response time

cleantalk.php CHANGED Viewed

	@@ -3,14 +3,14 @@
3	Plugin Name: Anti-spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6	- Version: 2.57
7	Author: СleanTalk <welcome@cleantalk.ru>
8	Author URI: http://cleantalk.org
9	*/
10
11	define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
13	- $ct_agent_version = 'wordpress-~~257~~';
14	$ct_plugin_name = 'Anti-spam by CleanTalk';
15	$ct_checkjs_frm = 'ct_checkjs_frm';
16	$ct_checkjs_register_form = 'ct_checkjs_register_form';
	@@ -122,6 +122,9 @@ add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
122
123	// Login form - for notifications only
124	add_filter('login_message', 'ct_login_message');



125
126	if (is_admin()) {
127	require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-admin.php');
	@@ -162,8 +165,9 @@ function ct_init() {
162	(class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)) \|\|
163	(defined('LANDINGPAGES_CURRENT_VERSION'))
164	\|\| (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION'))

165	) {
166	- add_action('wp_footer', 'ct_footer_add_cookie');
167	}
168	if (
169	(class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules))
	@@ -273,7 +277,8 @@ function ct_feedback($hash, $message = null, $allow) {
273	if (empty($hash)) {
274	$hash = $ct->getCleantalkCommentHash($message);
275	}
276	-

277	if ($message !== null) {
278	$resultMessage = $ct->delCleantalkComment($message);
279	}
	@@ -443,10 +448,6 @@ function ct_footer_add_cookie() {
443	return false;
444	}
445
446	- $options = ct_get_options();
447	- if ($options['comments_test'] == 0) {
448	- return false;
449	- }
450	ct_add_hidden_fields(null, 'ct_checkjs', false, true);
451
452	return null;
	@@ -1082,6 +1083,13 @@ function ct_registration_errors($errors, $sanitized_user_login = null, $user_ema
1082
1083	$checkjs = js_test($ct_checkjs_register_form, $_POST);
1084







1085	require_once('cleantalk.class.php');
1086
1087	$blog_lang = substr(get_locale(), 0, 2);
	@@ -1309,14 +1317,14 @@ function ct_wpcf7_spam($spam) {
1309	if ($sender_email === null && preg_match("/^\S+@\S+\.\S+$/", $v)) {
1310	$sender_email = $v;
1311	}
1312	- if ($message === '' && preg_match("/-message$/", $k)) {
1313	$message = $v;
1314	}
1315	if ($sender_nickname === null && preg_match("/-name$/", $k)) {
1316	$sender_nickname = $v;
1317	}
1318	}
1319	-
1320	$ct_base_call_result = ct_base_call(array(
1321	'message' => $message,
1322	'example' => null,
	@@ -1440,19 +1448,16 @@ function ct_check_wplp(){
1440	global $ct_wplp_result_label;
1441	if (!isset($_COOKIE[$ct_wplp_result_label])) {
1442	// First AJAX submit of WPLP form
1443	- $options = ct_get_options();
1444	- if ($options['contact_forms_test'] == 0)
1445	- return;
1446
1447	- $checkjs = js_test('ct_checkjs', $_COOKIE);
1448	-
1449	- if (null === $checkjs)
1450	- $checkjs = 0;
1451
1452	- $post_info['comment_type'] = 'feedback';
1453	- $post_info = json_encode($post_info);
1454	- if ($post_info === false)
1455	- $post_info = '';
1456
1457	$sender_email = '';
1458	foreach ($_POST as $v) {
	@@ -1467,28 +1472,28 @@ function ct_check_wplp(){
1467	$form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
1468	if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
1469	$message = $form_input_values['null'];
1470	- }else if(array_key_exists('null', $_POST)){
1471	$message = $_POST['null'];
1472	}
1473
1474	- $ct_base_call_result = ct_base_call(array(
1475	- 'message' => $message,
1476	- 'example' => null,
1477	- 'sender_email' => $sender_email,
1478	- 'sender_nickname' => null,
1479	- 'post_info' => $post_info,
1480	- 'checkjs' => $checkjs
1481	- ));
1482	- $ct = $ct_base_call_result['ct'];
1483	- $ct_result = $ct_base_call_result['ct_result'];
1484	-
1485	- if ($ct_result->spam == 1) {
1486	$cleantalk_comment = $ct_result->comment;
1487	- } else {
1488	$cleantalk_comment = 'OK';
1489	}
1490
1491	- setcookie($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
1492	} else {
1493	// Next POST/AJAX submit(s) of same WPLP form
1494	$cleantalk_comment = $_COOKIE[$ct_wplp_result_label];
	@@ -1580,4 +1585,9 @@ function ct_s2member_registration_test() {
1580	return true;
1581	}
1582





1583	?>


3	Plugin Name: Anti-spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6	+ Version: 2.58
7	Author: СleanTalk <welcome@cleantalk.ru>
8	Author URI: http://cleantalk.org
9	*/
10
11	define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
13	+ $ct_agent_version = 'wordpress-258';
14	$ct_plugin_name = 'Anti-spam by CleanTalk';
15	$ct_checkjs_frm = 'ct_checkjs_frm';
16	$ct_checkjs_register_form = 'ct_checkjs_register_form';

122
123	// Login form - for notifications only
124	add_filter('login_message', 'ct_login_message');
125	+
126	+ // WooCoomerse signups
127	+ add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
128
129	if (is_admin()) {
130	require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-admin.php');

165	(class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)) \|\|
166	(defined('LANDINGPAGES_CURRENT_VERSION'))
167	\|\| (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION'))
168	+ \|\| (defined('WOOCOMMERCE_VERSION'))
169	) {
170	+ add_action('wp_footer', 'ct_footer_add_cookie', 1);
171	}
172	if (
173	(class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules))

277	if (empty($hash)) {
278	$hash = $ct->getCleantalkCommentHash($message);
279	}
280	+
281	+ $resultMessage = null;
282	if ($message !== null) {
283	$resultMessage = $ct->delCleantalkComment($message);
284	}

448	return false;
449	}
450




451	ct_add_hidden_fields(null, 'ct_checkjs', false, true);
452
453	return null;

1083
1084	$checkjs = js_test($ct_checkjs_register_form, $_POST);
1085
1086	+ //
1087	+ // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1088	+ //
1089	+ if ($checkjs === null) {
1090	+ $checkjs = js_test('ct_checkjs', $_COOKIE);
1091	+ }
1092	+
1093	require_once('cleantalk.class.php');
1094
1095	$blog_lang = substr(get_locale(), 0, 2);

1317	if ($sender_email === null && preg_match("/^\S+@\S+\.\S+$/", $v)) {
1318	$sender_email = $v;
1319	}
1320	+ if ($message === '' && preg_match("/(\-message\|\wmessage\w)$/", $k)) {
1321	$message = $v;
1322	}
1323	if ($sender_nickname === null && preg_match("/-name$/", $k)) {
1324	$sender_nickname = $v;
1325	}
1326	}
1327	+
1328	$ct_base_call_result = ct_base_call(array(
1329	'message' => $message,
1330	'example' => null,

1448	global $ct_wplp_result_label;
1449	if (!isset($_COOKIE[$ct_wplp_result_label])) {
1450	// First AJAX submit of WPLP form
1451	+ $options = ct_get_options();
1452	+ if ($options['contact_forms_test'] == 0)
1453	+ return;
1454
1455	+ $checkjs = js_test('ct_checkjs', $_COOKIE);



1456
1457	+ $post_info['comment_type'] = 'feedback';
1458	+ $post_info = json_encode($post_info);
1459	+ if ($post_info === false)
1460	+ $post_info = '';
1461
1462	$sender_email = '';
1463	foreach ($_POST as $v) {

1472	$form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
1473	if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
1474	$message = $form_input_values['null'];
1475	+ } else if (array_key_exists('null', $_POST)) {
1476	$message = $_POST['null'];
1477	}
1478
1479	+ $ct_base_call_result = ct_base_call(array(
1480	+ 'message' => $message,
1481	+ 'example' => null,
1482	+ 'sender_email' => $sender_email,
1483	+ 'sender_nickname' => null,
1484	+ 'post_info' => $post_info,
1485	+ 'checkjs' => $checkjs
1486	+ ));
1487	+ $ct = $ct_base_call_result['ct'];
1488	+ $ct_result = $ct_base_call_result['ct_result'];
1489	+
1490	+ if ($ct_result->spam == 1) {
1491	$cleantalk_comment = $ct_result->comment;
1492	+ } else {
1493	$cleantalk_comment = 'OK';
1494	}
1495
1496	+ setcookie($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
1497	} else {
1498	// Next POST/AJAX submit(s) of same WPLP form
1499	$cleantalk_comment = $_COOKIE[$ct_wplp_result_label];

1585	return true;
1586	}
1587
1588	+ function ct_woocommerce_register_post ($username, $email, $validation_errors) {
1589	+ var_dump($username, $email); exit;
1590	+ return $validation_errors;
1591	+ };
1592	+
1593	?>

readme.txt CHANGED Viewed

	@@ -1,13 +1,13 @@
1	=== Anti-spam by CleanTalk ===
2	Contributors: znaeff, shagimuratov
3	- Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7
4	Requires at least: 3.0
5	Tested up to: 4.0
6	- Stable tag: 2.57
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
10	- ~~SPAM~~ ~~defender~~ for WordPress - no spam comments, no spam registrations, no spam contact emails, no spam trackbacks.
11
12	== Description ==
13	No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
	@@ -26,7 +26,7 @@ No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam b
26	* Fast Secure Contact form.
27	* WordPress Landing Pages.
28
29	- = ~~SPAM~~ ~~defender~~ for WordPress - no spam comments, no spam registrations, no spam contact emails, no spam trackbacks =
30	Spam is one of the most irritating factors. Spam become every year more and conventional anti spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.
31
32	= Anti spam plugin info =
	@@ -143,6 +143,13 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
143	1. Anti spam stopped spam bot at the registration form.
144
145	== Changelog ==







146	= 2.57 2014-07-29 =
147	* Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
148	* Fixed sign remove logic for approved comments. Previous version doesn't cut sign for comments approved via AJAX call in WordPress backend.
	@@ -361,6 +368,12 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
361	* First version
362
363	== Upgrade Notice ==






364	= 2.57 2014-07-29 =
365	* Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
366	* Fixed sign remove logic for approved comments. Previous version doesn't cut sign for comments approved via AJAX call in WordPress backend.


1	=== Anti-spam by CleanTalk ===
2	Contributors: znaeff, shagimuratov
3	+ Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7, form
4	Requires at least: 3.0
5	Tested up to: 4.0
6	+ Stable tag: 2.58
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
10	+ Cloud, premium antispam for WordPress. No spam comments, no spam registrations, no spam contact emails, no spam trackbacks.
11
12	== Description ==
13	No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.

26	* Fast Secure Contact form.
27	* WordPress Landing Pages.
28
29	+ = Cloud antispam for WordPress. no spam comments, no spam registrations, no spam contact emails, no spam trackbacks =
30	Spam is one of the most irritating factors. Spam become every year more and conventional anti spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.
31
32	= Anti spam plugin info =

143	1. Anti spam stopped spam bot at the registration form.
144
145	== Changelog ==
146	+ = 2.58 2014-08-06 =
147	+ * Added anti spam protection for signups posted via WooCommerce order form.
148	+ * Improved anti spam protection for Contact Form 7.
149	+ * Improved anti spam protection for registrations. Now the plugin looking for JavaScript antispam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
150	+ * Updated PHP API. No the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
151	+
152	+
153	= 2.57 2014-07-29 =
154	* Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
155	* Fixed sign remove logic for approved comments. Previous version doesn't cut sign for comments approved via AJAX call in WordPress backend.

368	* First version
369
370	== Upgrade Notice ==
371	+ = 2.58 2014-08-06 =
372	+ * Added anti spam protection for signups posted via WooCommerce order form.
373	+ * Improved anti spam protection for Contact Form 7.
374	+ * Improved anti spam protection for registrations. Now the plugin looking for JavaScript antispam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
375	+ * Updated PHP API. No the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
376	+
377	= 2.57 2014-07-29 =
378	* Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
379	* Fixed sign remove logic for approved comments. Previous version doesn't cut sign for comments approved via AJAX call in WordPress backend.

Spam protection, AntiSpam, FireWall by CleanTalk - Version 2.58

Version Description

Release Info

Code changes from version 2.57 to 2.58