Spam protection, AntiSpam, FireWall by CleanTalk - Version 2.59

Version Description

2014-08-14 = * Added antispam protection for bbPress guests toptics/replies. * Improved antispam protection for JComments comment form. * Updated PHP API. Now the plugin can resolve senders IP via proxies chain. The plugin uses first IP address from chain.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 2.59
Comparing to
See all releases

Code changes from version 2.58 to 2.59

Files changed (3) hide show
  1. cleantalk.class.php +14 -6
  2. cleantalk.php +70 -8
  3. readme.txt +27 -14
cleantalk.class.php CHANGED
@@ -2,7 +2,7 @@
2
  /**
3
  * Cleantalk base class
4
  *
5
- * @version 1.28
6
  * @package Cleantalk
7
  * @subpackage Base
8
  * @author Сleantalk team (welcome@cleantalk.ru)
@@ -397,8 +397,8 @@ class Cleantalk {
397
  * Use https connection to servers
398
  * @var bool
399
  */
400
- public $ssl_on = false;
401
-
402
  /**
403
  * Function checks whether it is possible to publish the message
404
  * @param CleantalkRequest $request
@@ -876,11 +876,18 @@ class Cleantalk {
876
  * Get user IP behind proxy server
877
  */
878
  public function ct_session_ip( $data_ip ) {
879
- if (!preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $data_ip)) {
880
  return $data_ip;
881
  }
 
 
 
 
 
 
 
 
882
 
883
- if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $_SERVER['HTTP_X_FORWARDED_FOR'])) {
884
  $private_src_ip = false;
885
  $private_nets = array(
886
  '10.0.0.0/8',
@@ -901,7 +908,8 @@ class Cleantalk {
901
  }
902
  }
903
  if ($private_src_ip) {
904
- $data_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 
905
  }
906
  }
907
 
2
  /**
3
  * Cleantalk base class
4
  *
5
+ * @version 1.29
6
  * @package Cleantalk
7
  * @subpackage Base
8
  * @author Сleantalk team (welcome@cleantalk.ru)
397
  * Use https connection to servers
398
  * @var bool
399
  */
400
+ public $ssl_on = false;
401
+
402
  /**
403
  * Function checks whether it is possible to publish the message
404
  * @param CleantalkRequest $request
876
  * Get user IP behind proxy server
877
  */
878
  public function ct_session_ip( $data_ip ) {
879
+ if (!$data_ip || !preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $data_ip)) {
880
  return $data_ip;
881
  }
882
+ if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
883
+
884
+ $forwarded_ip = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']);
885
+
886
+ // Looking for first value in the list, it should be sender real IP address
887
+ if (!preg_match("/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/", $forwarded_ip[0])) {
888
+ return $data_ip;
889
+ }
890
 
 
891
  $private_src_ip = false;
892
  $private_nets = array(
893
  '10.0.0.0/8',
908
  }
909
  }
910
  if ($private_src_ip) {
911
+ // Taking first IP from the list HTTP_X_FORWARDED_FOR
912
+ $data_ip = $forwarded_ip[0];
913
  }
914
  }
915
 
cleantalk.php CHANGED
@@ -3,14 +3,14 @@
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
- Version: 2.58
7
  Author: СleanTalk <welcome@cleantalk.ru>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
  define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
 
13
- $ct_agent_version = 'wordpress-258';
14
  $ct_plugin_name = 'Anti-spam by CleanTalk';
15
  $ct_checkjs_frm = 'ct_checkjs_frm';
16
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
@@ -18,7 +18,7 @@ $ct_session_request_id_label = 'request_id';
18
  $ct_session_register_ok_label = 'register_ok';
19
 
20
  $ct_checkjs_cf7 = 'ct_checkjs_cf7';
21
- $ct_cf7_comment = 'This is a spam!';
22
 
23
  $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
24
  $ct_jpcf_patched = false;
@@ -125,6 +125,12 @@ add_filter('login_message', 'ct_login_message');
125
 
126
  // WooCoomerse signups
127
  add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
 
 
 
 
 
 
128
 
129
  if (is_admin()) {
130
  require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-admin.php');
@@ -424,8 +430,6 @@ function ct_base_call($params = array()) {
424
  * Adds hidden filed to comment form
425
  */
426
  function ct_comment_form($post_id) {
427
- global $ct_jp_comments;
428
-
429
  if (ct_is_user_enable() === false) {
430
  return false;
431
  }
@@ -606,6 +610,54 @@ function ct_frm_validate_entry ($errors, $values) {
606
  return $errors;
607
  }
608
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
609
  /**
610
  * Public filter 'preprocess_comment' - Checks comment by cleantalk server
611
  * @param mixed[] $comment Comment data array
@@ -647,15 +699,23 @@ function ct_preprocess_comment($comment) {
647
 
648
  $post = get_post($comment_post_id);
649
 
650
- $checkjs = js_test('ct_checkjs', $_POST);
651
-
652
  $example = null;
653
 
654
  $sender_info = array(
655
  'sender_url' => @$comment['comment_author_url']
656
  );
 
 
 
 
 
 
 
 
 
 
 
657
 
658
- $post_info['comment_type'] = $comment['comment_type'];
659
  $post_info['post_url'] = ct_post_url(null, $comment_post_id);
660
 
661
  $post_info = json_encode($post_info);
@@ -1340,10 +1400,12 @@ function ct_wpcf7_spam($spam) {
1340
  $spam = true;
1341
  $ct_cf7_comment = $ct_result->comment;
1342
  add_filter('wpcf7_display_message', 'ct_wpcf7_display_message', 10, 2);
 
1343
  }
1344
 
1345
  return $spam;
1346
  }
 
1347
  /**
1348
  * Changes CF7 status message
1349
  * @param string $hook URL of hooked page
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
+ Version: 2.59
7
  Author: СleanTalk <welcome@cleantalk.ru>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
  define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
 
13
+ $ct_agent_version = 'wordpress-259';
14
  $ct_plugin_name = 'Anti-spam by CleanTalk';
15
  $ct_checkjs_frm = 'ct_checkjs_frm';
16
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
18
  $ct_session_register_ok_label = 'register_ok';
19
 
20
  $ct_checkjs_cf7 = 'ct_checkjs_cf7';
21
+ $ct_cf7_comment = '';
22
 
23
  $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
24
  $ct_jpcf_patched = false;
125
 
126
  // WooCoomerse signups
127
  add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
128
+
129
+ // bbPress
130
+ add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
131
+ add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
132
+ add_action('bbp_theme_before_topic_form_content', 'ct_comment_form');
133
+ add_action('bbp_theme_before_reply_form_content', 'ct_comment_form');
134
 
135
  if (is_admin()) {
136
  require_once(CLEANTALK_PLUGIN_DIR . 'cleantalk-admin.php');
430
  * Adds hidden filed to comment form
431
  */
432
  function ct_comment_form($post_id) {
 
 
433
  if (ct_is_user_enable() === false) {
434
  return false;
435
  }
610
  return $errors;
611
  }
612
 
613
+ /**
614
+ * Public filter 'bbp_*' - Checks topics, replies by cleantalk
615
+ * @param mixed[] $comment Comment string
616
+ * @return mixed[] $comment Comment string
617
+ */
618
+ function ct_bbp_new_pre_content ($comment) {
619
+ // wp_die('123', 'Blacklisted', array('back_link' => true));
620
+ // bbp_add_error('bbp_reply_content', __('Sorry, but you have been detected as spam', 'cleantalk' ));
621
+ $options = ct_get_options();
622
+ if (ct_is_user_enable() === false || $options['comments_test'] == 0 || is_user_logged_in()) {
623
+ return $comment;
624
+ }
625
+
626
+ $checkjs = js_test('ct_checkjs', $_POST);
627
+
628
+ $example = null;
629
+
630
+ $sender_info = array(
631
+ 'sender_url' => isset($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : null
632
+ );
633
+
634
+ $post_info['comment_type'] = 'bbpress_comment';
635
+ $post_info['post_url'] = bbp_get_topic_permalink();
636
+
637
+ $post_info = json_encode($post_info);
638
+ if ($post_info === false) {
639
+ $post_info = '';
640
+ }
641
+
642
+ $ct_base_call_result = ct_base_call(array(
643
+ 'message' => $comment,
644
+ 'example' => $example,
645
+ 'sender_email' => isset($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : null,
646
+ 'sender_nickname' => isset($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : null,
647
+ 'post_info' => $post_info,
648
+ 'checkjs' => $checkjs,
649
+ 'sender_info' => $sender_info
650
+ ));
651
+ $ct = $ct_base_call_result['ct'];
652
+ $ct_result = $ct_base_call_result['ct_result'];
653
+
654
+ if ($ct_result->stop_queue == 1 || $ct_result->spam == 1) {
655
+ bbp_add_error('bbp_reply_content', $ct_result->comment);
656
+ }
657
+
658
+ return $comment;
659
+ }
660
+
661
  /**
662
  * Public filter 'preprocess_comment' - Checks comment by cleantalk server
663
  * @param mixed[] $comment Comment data array
699
 
700
  $post = get_post($comment_post_id);
701
 
 
 
702
  $example = null;
703
 
704
  $sender_info = array(
705
  'sender_url' => @$comment['comment_author_url']
706
  );
707
+
708
+ //
709
+ // JetPack comments logic
710
+ //
711
+ if ($ct_jp_comments) {
712
+ $post_info['comment_type'] = 'jetpack_comment';
713
+ $checkjs = js_test('ct_checkjs', $_COOKIE);
714
+ } else {
715
+ $post_info['comment_type'] = $comment['comment_type'];
716
+ $checkjs = js_test('ct_checkjs', $_POST);
717
+ }
718
 
 
719
  $post_info['post_url'] = ct_post_url(null, $comment_post_id);
720
 
721
  $post_info = json_encode($post_info);
1400
  $spam = true;
1401
  $ct_cf7_comment = $ct_result->comment;
1402
  add_filter('wpcf7_display_message', 'ct_wpcf7_display_message', 10, 2);
1403
+
1404
  }
1405
 
1406
  return $spam;
1407
  }
1408
+
1409
  /**
1410
  * Changes CF7 status message
1411
  * @param string $hook URL of hooked page
readme.txt CHANGED
@@ -1,13 +1,13 @@
1
- === Anti-spam by CleanTalk ===
2
  Contributors: znaeff, shagimuratov
3
  Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7, form
4
  Requires at least: 3.0
5
  Tested up to: 4.0
6
- Stable tag: 2.58
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
- Cloud, premium antispam for WordPress. No spam comments, no spam registrations, no spam contact emails, no spam trackbacks.
11
 
12
  == Description ==
13
  No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
@@ -21,9 +21,8 @@ No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam b
21
  = Spam protection =
22
  * WordPress, JetPack comments.
23
  * WordPress, BuddyPress, bbPress, S2Member signups.
24
- * Formiadble forms, Contact form 7, JetPack Contact form.
25
  * WooCommerce review form.
26
- * Fast Secure Contact form.
27
  * WordPress Landing Pages.
28
 
29
  = Cloud antispam for WordPress. no spam comments, no spam registrations, no spam contact emails, no spam trackbacks =
@@ -38,14 +37,21 @@ We have developed anti-spam for WordPress that would provide **maximum protectio
38
 
39
  The anti spam method offered by CleanTalk allows to switch from the methods that trouble the communication (CAPTCHA, question-answer etc.) to a more convenient one.
40
 
41
- The plugin developers had a long time experience in front-end, backend and server-side PHP programming, client side JavaScript and HTML programming. We were looking for an anti spam tool which is strong for spam bots and invisible to visitors, but nothing matched their criteria. So, we are started an anti-spam project called CleanTalk.
42
-
43
  The CleanTalk is premium anti spam for WordPress, please look at the <a href="http://cleantalk.org/price">pricing</a>. We try to provide the service at the highest level and we can not afford to offer a free version of our service, as this will immediately affect the quality of providing anti spam protection. Paying for a year of service, you save a lot more and get:
44
-
45
- * Up to 100% protection from spam bots.
46
- * Simple and convenient form of commenting/registrations without captcha.
47
- * Always actual and regular updates.
48
- * Technical support.
 
 
 
 
 
 
 
 
 
49
 
50
  = Additional features =
51
  * Online, daily and weekly anti spam reports traffic VS spam.
@@ -143,12 +149,16 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
143
  1. Anti spam stopped spam bot at the registration form.
144
 
145
  == Changelog ==
 
 
 
 
 
146
  = 2.58 2014-08-06 =
147
  * Added anti spam protection for signups posted via WooCommerce order form.
148
  * Improved anti spam protection for Contact Form 7.
149
  * Improved anti spam protection for registrations. Now the plugin looking for JavaScript antispam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
150
- * Updated PHP API. No the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
151
-
152
 
153
  = 2.57 2014-07-29 =
154
  * Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
@@ -368,6 +378,9 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
368
  * First version
369
 
370
  == Upgrade Notice ==
 
 
 
371
  = 2.58 2014-08-06 =
372
  * Added anti spam protection for signups posted via WooCommerce order form.
373
  * Improved anti spam protection for Contact Form 7.
1
+ === Anti-spam by CleanTalk (No CAPTCHA) ===
2
  Contributors: znaeff, shagimuratov
3
  Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7, form
4
  Requires at least: 3.0
5
  Tested up to: 4.0
6
+ Stable tag: 2.59
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
+ Cloud, premium antispam for WordPress. No captcha, no spam comments, no spam registrations, no spam contact emails, no spam trackbacks.
11
 
12
  == Description ==
13
  No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
21
  = Spam protection =
22
  * WordPress, JetPack comments.
23
  * WordPress, BuddyPress, bbPress, S2Member signups.
24
+ * Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form.
25
  * WooCommerce review form.
 
26
  * WordPress Landing Pages.
27
 
28
  = Cloud antispam for WordPress. no spam comments, no spam registrations, no spam contact emails, no spam trackbacks =
37
 
38
  The anti spam method offered by CleanTalk allows to switch from the methods that trouble the communication (CAPTCHA, question-answer etc.) to a more convenient one.
39
 
 
 
40
  The CleanTalk is premium anti spam for WordPress, please look at the <a href="http://cleantalk.org/price">pricing</a>. We try to provide the service at the highest level and we can not afford to offer a free version of our service, as this will immediately affect the quality of providing anti spam protection. Paying for a year of service, you save a lot more and get:
41
+
42
+ * 100% protection against spambots
43
+ * Time and resources saving
44
+ * More registrations/comments/visitors
45
+ * Protect several websites at once at different CMS
46
+ * Easy to install and use
47
+ * Traffic acquisition and user loyalty
48
+ * 24/7 technical support
49
+ * Clear statistics
50
+ * No captcha, puzzles, etc.
51
+ * Free mobile app
52
+
53
+ = How to Protect Sites from Bots? =
54
+ The most popular method is CAPTCHA -- the annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts Concerning the Need for CAPTCHA?
55
 
56
  = Additional features =
57
  * Online, daily and weekly anti spam reports traffic VS spam.
149
  1. Anti spam stopped spam bot at the registration form.
150
 
151
  == Changelog ==
152
+ = 2.59 2014-08-14 =
153
+ * Added antispam protection for bbPress guests toptics/replies.
154
+ * Improved antispam protection for JComments comment form.
155
+ * Updated PHP API. Now the plugin can resolve senders IP via proxies chain. The plugin uses first IP address from chain.
156
+
157
  = 2.58 2014-08-06 =
158
  * Added anti spam protection for signups posted via WooCommerce order form.
159
  * Improved anti spam protection for Contact Form 7.
160
  * Improved anti spam protection for registrations. Now the plugin looking for JavaScript antispam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
161
+ * Updated PHP API. Now the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
 
162
 
163
  = 2.57 2014-07-29 =
164
  * Improved anti spam protection for comments. The plugin now proccessing website url in the comments form.
378
  * First version
379
 
380
  == Upgrade Notice ==
381
+ = 2.59 2014-08-14 =
382
+ Antispam protection for bbPress guests posts. Improvement for JetPack comments and PHP API update.
383
+
384
  = 2.58 2014-08-06 =
385
  * Added anti spam protection for signups posted via WooCommerce order form.
386
  * Improved anti spam protection for Contact Form 7.