Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

2015-01-29 = * Support of Contact Form 7 versions before 3.0.0. * Fixed global JS-vars. * Fixed online notice cookie logics. * Optimized filters for FSCF, WooCommerce, JetPack. * Optomized option getting.

Download this release

Release Info

Developer	shagimuratov
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	4.15
Comparing to
See all releases

Code changes from version 4.14 to 4.15

Files changed (3) hide show

cleantalk-admin.php +18 -22
cleantalk.php +152 -135
readme.txt +46 -25

cleantalk-admin.php CHANGED Viewed

	@@ -86,21 +86,17 @@ function ct_admin_init() {
86	}
87
88	if ($result) {
89	- setcookie($ct_notice_trial_label, (~~int~~) $show_ct_notice_trial, strtotime("+$trial_notice_showtime minutes"), '/');
90	}
91	}
92
93	$show_ct_notice_online = '';
94	if (isset($_COOKIE[$ct_notice_online_label])) {
95	- if ($_COOKIE[$ct_notice_online_label] ~~!==~~ '0' ~~&& time(~~) ~~- $_COOKIE[$ct_notice_online_label] <= 5)~~ {


96	$show_ct_notice_online = 'Y';
97	- } else {
98	- $show_ct_notice_online = '';
99	}
100	-
101	- if ($_COOKIE[$ct_notice_online_label] === '0') {
102	- $show_ct_notice_online = 'N';
103	- }
104	}
105
106	ct_init_session();
	@@ -208,12 +204,13 @@ function ct_input_general_contact_forms_test() {
208	* @return null
209	*/
210	function ct_input_remove_old_spam() {
211	- $~~options = ct_get_options()~~;
212	- ~~$value = $options['remove_old_spam'];~~

213	echo "<input type='radio' id='cleantalk_remove_old_spam1' name='cleantalk_settings[remove_old_spam]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_remove_old_spam1'> " . __('Yes') . "</label>";
214	echo '     ';
215	echo "<input type='radio' id='cleantalk_remove_old_spam0' name='cleantalk_settings[remove_old_spam]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_remove_old_spam0'> " . __('No') . "</label>";
216	- admin_addDescriptionsFields(sprintf(__('Delete spam comments older than %d days.', 'cleantalk'), $~~options~~['spam_store_days']));
217	}
218
219	/**
	@@ -265,16 +262,15 @@ input[type=submit] {padding: 10px; background: #3399FF; color: #fff; border:0 no
265	* @return bool
266	*/
267	function admin_notice_message(){
268	- global $show_ct_notice_trial, $show_ct_notice_online, $ct_plugin_name;
269
270	- $options = ct_get_options();
271	$user_token = '';
272	- if (isset($~~options~~['user_token']) && $~~options~~['user_token'] != '') {
273	- $user_token = '&user_token=' . $~~options~~['user_token'];
274	}
275
276	$show_notice = true;
277	- if ($show_notice && ct_valid_key($~~options~~['apikey']) === false) {
278	echo '<div class="updated"><h3>' . sprintf(__("Please enter Access Key in %s settings to enable anti spam protection!", 'cleantalk'), "<a href=\"options-general.php?page=cleantalk\">CleanTalk plugin</a>") . '</h3></div>';
279	$show_notice = false;
280	}
	@@ -314,9 +310,9 @@ function admin_addDescriptionsFields($descr = '') {
314	* Test API key
315	*/
316	function ct_valid_key($apikey = null) {

317	if ($apikey === null) {
318	- $~~options~~ = ~~ct_get_options()~~;
319	- $apikey = $options['apikey'];
320	}
321
322	return ($apikey === 'enter key' \|\| $apikey === '') ? false : true;
	@@ -510,14 +506,14 @@ function ct_update_option($option_name) {
510	if ($key_valid) {
511	// Removes cookie for server errors
512	if ($app_server_error) {
513	- setcookie($ct_notice_online_label, ~~null~~, -1, '/');
514	unset($_COOKIE[$ct_notice_online_label]);
515	} else {
516	- setcookie($ct_notice_online_label, time(), strtotime("+14 days"), '/');
517	}
518	- setcookie($ct_notice_trial_label, ~~(int)~~ 0, strtotime("+$trial_notice_showtime minutes"), '/');
519	} else {
520	- setcookie($ct_notice_online_label, 0, ~~null~~, '/');
521	}
522	}
523


86	}
87
88	if ($result) {
89	+ setcookie($ct_notice_trial_label, (string) $show_ct_notice_trial, strtotime("+$trial_notice_showtime minutes"), '/');
90	}
91	}
92
93	$show_ct_notice_online = '';
94	if (isset($_COOKIE[$ct_notice_online_label])) {
95	+ if ($_COOKIE[$ct_notice_online_label] === 'BAD_KEY') {
96	+ $show_ct_notice_online = 'N';
97	+ } else if (time() - $_COOKIE[$ct_notice_online_label] <= 5) {
98	$show_ct_notice_online = 'Y';


99	}




100	}
101
102	ct_init_session();

204	* @return null
205	*/
206	function ct_input_remove_old_spam() {
207	+ global $ct_options;
208	+
209	+ $value = $ct_options['remove_old_spam'];
210	echo "<input type='radio' id='cleantalk_remove_old_spam1' name='cleantalk_settings[remove_old_spam]' value='1' " . ($value == '1' ? 'checked' : '') . " /><label for='cleantalk_remove_old_spam1'> " . __('Yes') . "</label>";
211	echo '     ';
212	echo "<input type='radio' id='cleantalk_remove_old_spam0' name='cleantalk_settings[remove_old_spam]' value='0' " . ($value == '0' ? 'checked' : '') . " /><label for='cleantalk_remove_old_spam0'> " . __('No') . "</label>";
213	+ admin_addDescriptionsFields(sprintf(__('Delete spam comments older than %d days.', 'cleantalk'), $ct_options['spam_store_days']));
214	}
215
216	/**

262	* @return bool
263	*/
264	function admin_notice_message(){
265	+ global $show_ct_notice_trial, $show_ct_notice_online, $ct_plugin_name, $ct_options;
266

267	$user_token = '';
268	+ if (isset($ct_options['user_token']) && $ct_options['user_token'] != '') {
269	+ $user_token = '&user_token=' . $ct_options['user_token'];
270	}
271
272	$show_notice = true;
273	+ if ($show_notice && ct_valid_key($ct_options['apikey']) === false) {
274	echo '<div class="updated"><h3>' . sprintf(__("Please enter Access Key in %s settings to enable anti spam protection!", 'cleantalk'), "<a href=\"options-general.php?page=cleantalk\">CleanTalk plugin</a>") . '</h3></div>';
275	$show_notice = false;
276	}

310	* Test API key
311	*/
312	function ct_valid_key($apikey = null) {
313	+ global $ct_options;
314	if ($apikey === null) {
315	+ $apikey = $ct_options['apikey'];

316	}
317
318	return ($apikey === 'enter key' \|\| $apikey === '') ? false : true;

506	if ($key_valid) {
507	// Removes cookie for server errors
508	if ($app_server_error) {
509	+ setcookie($ct_notice_online_label, '', 1, '/'); // time 1 is exactly in past even clients time() is wrong
510	unset($_COOKIE[$ct_notice_online_label]);
511	} else {
512	+ setcookie($ct_notice_online_label, (string) time(), strtotime("+14 days"), '/');
513	}
514	+ setcookie($ct_notice_trial_label, '0', strtotime("+$trial_notice_showtime minutes"), '/');
515	} else {
516	+ setcookie($ct_notice_online_label, 'BAD_KEY', 0, '/');
517	}
518	}
519

cleantalk.php CHANGED Viewed

	@@ -3,14 +3,14 @@
3	Plugin Name: Anti-spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, captcha less, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	- Version: 4.14
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10
11	define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
13	- $ct_agent_version = 'wordpress-~~414~~';
14	$ct_plugin_name = 'Anti-spam by CleanTalk';
15	$ct_checkjs_frm = 'ct_checkjs_frm';
16	$ct_checkjs_register_form = 'ct_checkjs_register_form';
	@@ -118,24 +118,9 @@ add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
118	add_action('bp_before_registration_submit_buttons','ct_register_form');
119	add_filter('bp_signup_validate', 'ct_registration_errors');
120
121	- // Contact Form7
122	- add_filter('wpcf7_form_elements', 'ct_wpcf7_form_elements');
123	- add_filter('wpcf7_spam', 'ct_wpcf7_spam');
124	-
125	- // JetPack Contact form
126	- add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
127	- add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
128	-
129	- // Fast Secure contact form
130	- add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
131	- add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
132	-
133	// Login form - for notifications only
134	add_filter('login_message', 'ct_login_message');
135
136	- // WooCoomerse signups
137	- add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);
138	-
139	// bbPress
140	add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
141	add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
	@@ -158,7 +143,12 @@ add_action('ct_hourly_event_hook', 'ct_do_this_hourly');
158	* On the scheduled action hook, run the function.
159	*/
160	function ct_do_this_hourly() {
161	- // ~~do something every hour~~





162	delete_spam_comments();
163	ct_send_feedback();
164	}
	@@ -191,7 +181,9 @@ if (is_admin()) {
191	* @return mixed[] Array of options
192	*/
193	function ct_init() {
194	- global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $ct_formtime_label, $ct_direct_post;


195
196	ct_init_session();
197
	@@ -202,26 +194,53 @@ function ct_init() {
202	} else {
203	$_SESSION[$ct_formtime_label] = time();
204	}
205	-
206
207	- ~~add_action('comment_form',~~ ~~'ct_comment_form');~~




208
209	- ~~$jetpack_active_modules~~ = ~~get_option('jetpack_active_modules');~~
210	- if (
211	- (~~class_exists(~~'~~Jetpack~~', ~~false) && $jetpack_active_modules && in_array(~~'~~comments~~', ~~$jetpack_active_modules~~))
212	- \|\| (defined('LANDINGPAGES_CURRENT_VERSION'))
213	- \|\| (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION'))
214	- \|\| (defined('WOOCOMMERCE_VERSION'))
215	- \|\| (defined('WPCF7_VERSION'))
216	- ) {
217	- add_action('wp_footer', 'ct_footer_add_cookie', 1);
218	}
219	- ~~if (~~
220	- ~~(class_exists(~~ ~~'Jetpack',~~ ~~false)~~ ~~&& $jetpack_active_modules && in_array('comments', $jetpack_active_modules))~~
221	- ) {
222	- ~~$ct_jp_comments = true;~~


















223	}
224












225	//intercept WordPress Landing Pages POST
226	if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
227	if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)
	@@ -245,18 +264,15 @@ function ct_init() {
245	}
246
247	//
248	- // Load JS code to website footer ~~for contact forms~~
249	//



250	if (ct_is_user_enable()) {
251	ct_cookies_test();
252
253	- $~~options~~ = ~~get_option(~~'~~cleantalk_settings~~');
254	- if (isset($options['general_contact_forms_test']) && $options['general_contact_forms_test'] == 1) {
255	-
256	- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
257	- add_action('wp_footer', 'ct_footer_add_cookie', 1);
258	- }
259	-
260	ct_contact_form_validate();
261	}
262	}
	@@ -335,15 +351,15 @@ function ct_hash($new_hash = '') {
335	* @return string comment_content w\o cleantalk resume
336	*/
337	function ct_feedback($hash, $message = null, $allow) {

338
339	require_once('cleantalk.class.php');
340	- $options = ct_get_options();
341
342	$config = get_option('cleantalk_server');
343
344	$ct = new Cleantalk();
345	$ct->work_url = $config['ct_work_url'];
346	- $ct->server_url = $~~options~~['server'];
347	$ct->server_ttl = $config['ct_server_ttl'];
348	$ct->server_changed = $config['ct_server_changed'];
349
	@@ -372,6 +388,7 @@ function ct_feedback($hash, $message = null, $allow) {
372	* @return bool
373	*/
374	function ct_send_feedback($feedback_request = null) {

375
376	if (empty($feedback_request) && isset($_SESSION['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $_SESSION['feedback_request'])) {
377	$feedback_request = $_SESSION['feedback_request'];
	@@ -380,18 +397,16 @@ function ct_send_feedback($feedback_request = null) {
380
381	if ($feedback_request !== null) {
382	require_once('cleantalk.class.php');
383	- $options = ct_get_options();
384	-
385	$config = get_option('cleantalk_server');
386
387	$ct = new Cleantalk();
388	$ct->work_url = $config['ct_work_url'];
389	- $ct->server_url = $~~options~~['server'];
390	$ct->server_ttl = $config['ct_server_ttl'];
391	$ct->server_changed = $config['ct_server_changed'];
392
393	$ct_request = new CleantalkRequest();
394	- $ct_request->auth_key = $~~options~~['apikey'];
395	$ct_request->feedback = $feedback_request;
396
397	$ct->sendFeedback($ct_request);
	@@ -462,7 +477,7 @@ function ct_cookies_test ($test = false) {
462	* @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
463	*/
464	function ct_base_call($params = array()) {
465	- global $wpdb, $ct_agent_version, $ct_formtime_label;
466
467	require_once('cleantalk.class.php');
468
	@@ -477,18 +492,17 @@ function ct_base_call($params = array()) {
477	$sender_info = '';
478
479	$config = get_option('cleantalk_server');
480	- $options = ct_get_options();
481
482	$ct = new Cleantalk();
483	$ct->work_url = $config['ct_work_url'];
484	- $ct->server_url = $~~options~~['server'];
485	$ct->server_ttl = $config['ct_server_ttl'];
486	$ct->server_changed = $config['ct_server_changed'];
487	- $ct->ssl_on = $~~options~~['ssl_on'];
488
489	$ct_request = new CleantalkRequest();
490
491	- $ct_request->auth_key = $~~options~~['apikey'];
492	$ct_request->message = $params['message'];
493	$ct_request->example = $params['example'];
494	$ct_request->sender_email = $params['sender_email'];
	@@ -523,12 +537,13 @@ function ct_base_call($params = array()) {
523	* Adds hidden filed to comment form
524	*/
525	function ct_comment_form($post_id) {


526	if (ct_is_user_enable() === false) {
527	return false;
528	}
529
530	- $~~options~~ = ~~ct_get_options(~~);
531	- if ($options['comments_test'] == 0) {
532	return false;
533	}
534
	@@ -577,9 +592,7 @@ ctSetCookie("%s", "%s", "%s");
577	$html = '
578	<input type="hidden" id="%s" name="%s" value="%s" />
579	<script type="text/javascript">
580	- var ct_input_name = \'%s\';
581	- var ct_input_value = document.getElementById(ct_input_name).value;
582	- setTimeout(function(){ document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, %s); }, 1000);
583	</script>
584	';
585	$html = sprintf($html, $field_id, $field_name, $ct_checkjs_def, $field_id, $ct_input_challenge);
	@@ -621,10 +634,9 @@ function ct_is_user_enable() {
621	* return null;
622	*/
623	function ct_frm_entries_footer_scripts($fields, $form) {
624	- global $current_user, $ct_checkjs_frm;
625
626	- $~~options~~ = ~~ct_get_options(~~);
627	- if ($options['contact_forms_test'] == 0) {
628	return false;
629	}
630
	@@ -647,10 +659,9 @@ function ct_frm_entries_footer_scripts($fields, $form) {
647	* return @array with errors if spam has found
648	*/
649	function ct_frm_validate_entry ($errors, $values) {
650	- global $wpdb, $current_user, $ct_agent_version, $ct_checkjs_frm;
651
652	- $~~options~~ = ~~ct_get_options(~~);
653	- if ($options['contact_forms_test'] == 0) {
654	return false;
655	}
656
	@@ -695,9 +706,9 @@ function ct_frm_validate_entry ($errors, $values) {
695	* @return mixed[] $comment Comment string
696	*/
697	function ct_bbp_new_pre_content ($comment) {

698
699	- $~~options~~ = ~~ct_get_options~~();
700	- if (ct_is_user_enable() === false \|\| $options['comments_test'] == 0 \|\| is_user_logged_in()) {
701	return $comment;
702	}
703
	@@ -748,10 +759,9 @@ function ct_preprocess_comment($comment) {
748	// this action is called just when WP process POST request (adds new comment)
749	// this action is called by wp-comments-post.php
750	// after processing WP makes redirect to post page with comment's form by GET request (see above)
751	- global $wpdb, $current_user, $comment_post_id, $ct_agent_version, $ct_comment_done, $ct_approved_request_id_label, $ct_jp_comments;
752
753	- $~~options~~ = ~~ct_get_options(~~);
754	- if (ct_is_user_enable() === false \|\| $options['comments_test'] == 0 \|\| $ct_comment_done) {
755	return $comment;
756	}
757
	@@ -800,7 +810,7 @@ function ct_preprocess_comment($comment) {
800	}
801
802	$example = null;
803	- if ($~~options~~['relevance_test']) {
804	$post = get_post($comment_post_id);
805	if ($post !== null){
806	$example['title'] = $post->post_title;
	@@ -909,6 +919,7 @@ function ct_die_extended($comment_body) {
909	*
910	*/
911	function js_test($field_name = 'ct_checkjs', $data = null, $random_key = false) {

912
913	$checkjs = null;
914	$js_post_value = null;
	@@ -923,9 +934,8 @@ function js_test($field_name = 'ct_checkjs', $data = null, $random_key = false)
923	// Random key check
924	//
925	if ($random_key) {
926	- $options = ct_get_options();
927
928	- $keys = $~~options~~['js_keys'];
929	if (isset($keys[$js_post_value])) {
930	$checkjs = 1;
931	} else {
	@@ -1082,10 +1092,10 @@ function ct_plugin_active($plugin_name){
1082	* @return string
1083	*/
1084	function ct_get_checkjs_value($random_key = false) {
1085	- $~~options = ct_get_options()~~;
1086
1087	if ($random_key) {
1088	- $keys = $~~options~~['js_keys'];
1089	$keys_checksum = md5(json_encode($keys));
1090
1091	$key = null;
	@@ -1093,7 +1103,7 @@ function ct_get_checkjs_value($random_key = false) {
1093	foreach ($keys as $k => $t) {
1094
1095	// Removing key if it's to old
1096	- if (time() - $t > $~~options~~['js_keys_store_days'] * 86400) {
1097	unset($keys[$k]);
1098	continue;
1099	}
	@@ -1105,17 +1115,17 @@ function ct_get_checkjs_value($random_key = false) {
1105	}
1106
1107	// Get new key if the latest key is too old
1108	- if (time() - $latest_key_time > $~~options~~['js_key_lifetime']) {
1109	$key = rand();
1110	$keys[$key] = time();
1111	}
1112
1113	if (md5(json_encode($keys)) != $keys_checksum) {
1114	- $~~options~~['js_keys'] = $keys;
1115	- update_option('cleantalk_settings', $~~options~~);
1116	}
1117	} else {
1118	- $key = md5($~~options~~['apikey'] . '+' . get_option('admin_email'));
1119	}
1120
1121	return $key;
	@@ -1127,10 +1137,9 @@ function ct_get_checkjs_value($random_key = false) {
1127	* @return null
1128	*/
1129	function ct_register_form() {
1130	- global $ct_checkjs_register_form;
1131
1132	- $~~options~~ = ~~ct_get_options(~~);
1133	- if ($options['registrations_test'] == 0) {
1134	return false;
1135	}
1136
	@@ -1144,10 +1153,9 @@ function ct_register_form() {
1144	* @return null
1145	*/
1146	function ct_login_message($message) {
1147	- global $errors, $ct_session_register_ok_label;
1148
1149	- $~~options~~ = ~~ct_get_options(~~);
1150	- if ($options['registrations_test'] != 0) {
1151	if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) {
1152	if (isset($_SESSION[$ct_session_register_ok_label])) {
1153	unset($_SESSION[$ct_session_register_ok_label]);
	@@ -1208,15 +1216,14 @@ function ct_register_post($sanitized_user_login = null, $user_email = null, $err
1208	* @return array with errors
1209	*/
1210	function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1211	- global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment;
1212
1213	// Go out if a registrered user action
1214	if (ct_is_user_enable() === false) {
1215	return $errors;
1216	}
1217
1218	- $~~options~~ = ~~ct_get_options(~~);
1219	- if ($options['registrations_test'] == 0) {
1220	return $errors;
1221	}
1222
	@@ -1275,14 +1282,14 @@ function ct_registration_errors($errors, $sanitized_user_login = null, $user_ema
1275	$config = get_option('cleantalk_server');
1276	$ct = new Cleantalk();
1277	$ct->work_url = $config['ct_work_url'];
1278	- $ct->server_url = $~~options~~['server'];
1279
1280	$ct->server_ttl = $config['ct_server_ttl'];
1281	$ct->server_changed = $config['ct_server_changed'];
1282	- $ct->ssl_on = $~~options~~['ssl_on'];
1283
1284	$ct_request = new CleantalkRequest();
1285	- $ct_request->auth_key = $~~options~~['apikey'];
1286	$ct_request->sender_email = $user_email;
1287	$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
1288	$ct_request->sender_nickname = $sanitized_user_login;
	@@ -1304,7 +1311,7 @@ function ct_registration_errors($errors, $sanitized_user_login = null, $user_ema
1304
1305	$ct_signup_done = true;
1306
1307	- if ($ct_result->errno != 0 && $~~options~~['notice_api_errors']) {
1308	ct_send_error_notice($ct_result->comment);
1309	return $errors;
1310	}
	@@ -1353,10 +1360,9 @@ function ct_user_register($user_id) {
1353	* Test for JetPack contact form
1354	*/
1355	function ct_grunion_contact_form_field_html($r, $field_label) {
1356	- global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields;
1357
1358	- $~~options~~ = ~~ct_get_options~~();
1359	- if ($options['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match("/[text\|email]/i", $r)) {
1360
1361	// Looking for element name prefix
1362	$name_patched = false;
	@@ -1377,11 +1383,9 @@ function ct_grunion_contact_form_field_html($r, $field_label) {
1377	* Test for JetPack contact form
1378	*/
1379	function ct_contact_form_is_spam($form) {
1380	- global $ct_checkjs_jpcf;
1381
1382	- $~~options~~ = ~~ct_get_options(~~);
1383	-
1384	- if ($options['contact_forms_test'] == 0) {
1385	return null;
1386	}
1387
	@@ -1441,10 +1445,9 @@ function ct_contact_form_is_spam($form) {
1441	* Inserts anti-spam hidden to CF7
1442	*/
1443	function ct_wpcf7_form_elements($html) {
1444	- global $wpdb, $current_user, $ct_checkjs_cf7;
1445
1446	- $~~options~~ = ~~ct_get_options(~~);
1447	- if ($options['contact_forms_test'] == 0) {
1448	return $html;
1449	}
1450
	@@ -1456,15 +1459,19 @@ function ct_wpcf7_form_elements($html) {
1456	/**
1457	* Test CF7 message for spam
1458	*/
1459	- function ct_wpcf7_spam($~~spam~~) {
1460	- global $wpdb, $current_user, $ct_agent_version, $ct_checkjs_cf7, $ct_cf7_comment;
1461
1462	- ~~$options~~ = ~~ct_get_options(~~);
1463	- if ($~~spam~~ === true)
1464	- return $~~spam~~;




1465
1466	- if ($~~options~~['contact_forms_test'] == 0) {
1467	- return $~~spam~~;
1468	}
1469
1470	$checkjs = js_test('ct_checkjs', $_COOKIE, true);
	@@ -1516,20 +1523,24 @@ function ct_wpcf7_spam($spam) {
1516	$ct_result = $ct_base_call_result['ct_result'];
1517
1518	if ($ct_result->spam == 1) {
1519	- ~~$spam~~ = ~~true;~~




1520	$ct_cf7_comment = $ct_result->comment;
1521	add_filter('wpcf7_display_message', 'ct_wpcf7_display_message', 10, 2);
1522
1523	}
1524
1525	- return $~~spam~~;
1526	}
1527
1528	/**
1529	* Changes CF7 status message
1530	* @param string $hook URL of hooked page
1531	*/
1532	- function ct_wpcf7_display_message($message, $status) {
1533	global $ct_cf7_comment;
1534
1535	if ($status == 'spam') {
	@@ -1551,11 +1562,12 @@ function ct_si_contact_display_after_fields($string = '', $style = '', $form_err
1551	* Test for Fast Secure contact form
1552	*/
1553	function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {


1554	if (!empty($form_errors))
1555	return $form_errors;
1556
1557	- $~~options~~ = ~~ct_get_options(~~);
1558	- if ($options['contact_forms_test'] == 0)
1559	return $form_errors;
1560
1561	$checkjs = js_test('ct_checkjs', $_POST, true);
	@@ -1626,11 +1638,10 @@ function ct_comment_text($comment_text) {
1626	* Checks WordPress Landing Pages raw $_POST values
1627	*/
1628	function ct_check_wplp(){
1629	- global $ct_wplp_result_label;
1630	if (!isset($_COOKIE[$ct_wplp_result_label])) {
1631	// First AJAX submit of WPLP form
1632	- $~~options~~ = ~~ct_get_options(~~);
1633	- if ($options['contact_forms_test'] == 0)
1634	return;
1635
1636	$checkjs = js_test('ct_checkjs', $_COOKIE, true);
	@@ -1688,10 +1699,9 @@ function ct_check_wplp(){
1688	* @return array with errors
1689	*/
1690	function ct_s2member_registration_test() {
1691	- global $ct_agent_version, $ct_post_data_label, $ct_post_data_authnet_label, $ct_formtime_label;
1692
1693	- $~~options~~ = ~~ct_get_options(~~);
1694	- if ($options['registrations_test'] == 0) {
1695	return null;
1696	}
1697
	@@ -1725,14 +1735,14 @@ function ct_s2member_registration_test() {
1725
1726	$ct = new Cleantalk();
1727	$ct->work_url = $config['ct_work_url'];
1728	- $ct->server_url = $~~options~~['server'];
1729	$ct->server_ttl = $config['ct_server_ttl'];
1730	$ct->server_changed = $config['ct_server_changed'];
1731	- $ct->ssl_on = $~~options~~['ssl_on'];
1732
1733	$ct_request = new CleantalkRequest();
1734
1735	- $ct_request->auth_key = $~~options~~['apikey'];
1736	$ct_request->sender_email = $sender_email;
1737	$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
1738	$ct_request->sender_nickname = $sender_nickname;
	@@ -1888,7 +1898,7 @@ function ct_get_data_from_submit($value = null, $field_name = null) {
1888	* @return array
1889	*/
1890	function get_sender_info() {
1891	- global $ct_direct_post;
1892
1893	$php_session = session_id() != '' ? 1 : 0;
1894
	@@ -1907,21 +1917,29 @@ function get_sender_info() {
1907	}
1908	}
1909
1910	- $~~options~~ = ~~ct_get_options~~();
1911	- ~~unset(~~$~~options~~['~~js_keys~~']);
1912	- ~~unset(~~$~~options~~['~~js_keys_store_days~~']);
1913	- ~~unset(~~$~~options~~['~~js_key_lifetime~~']);







1914
1915	return $sender_info = array(

1916	'cms_lang' => substr(get_locale(), 0, 2),
1917	- 'REFFERRER' => @$_SERVER['HTTP_REFERER'],
1918	- 'USER_AGENT' => @$_SERVER['HTTP_USER_AGENT'],
1919	'php_session' => $php_session,
1920	'cookies_enabled' => ct_cookies_test(true),
1921	'direct_post' => $ct_direct_post,
1922	'checkjs_data_post' => $checkjs_data_post,
1923	'checkjs_data_cookies' => $checkjs_data_cookies,
1924	- 'ct_options' => json_encode($~~options~~),
1925	);
1926	}
1927
	@@ -1930,13 +1948,12 @@ function get_sender_info() {
1930	* @return null
1931	*/
1932	function delete_spam_comments() {
1933	- global $pagenow;
1934
1935	- $~~options~~ = ~~ct_get_options(~~);
1936	- if ($options['remove_old_spam'] == 1) {
1937	$last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
1938	foreach ($last_comments as $c) {
1939	- if (time() - strtotime($c->comment_date_gmt) > 86400 * $~~options~~['spam_store_days']) {
1940	// Force deletion old spam comments
1941	wp_delete_comment($c->comment_ID, true);
1942	}


3	Plugin Name: Anti-spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, captcha less, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	+ Version: 4.15
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10
11	define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
13	+ $ct_agent_version = 'wordpress-415';
14	$ct_plugin_name = 'Anti-spam by CleanTalk';
15	$ct_checkjs_frm = 'ct_checkjs_frm';
16	$ct_checkjs_register_form = 'ct_checkjs_register_form';

118	add_action('bp_before_registration_submit_buttons','ct_register_form');
119	add_filter('bp_signup_validate', 'ct_registration_errors');
120












121	// Login form - for notifications only
122	add_filter('login_message', 'ct_login_message');
123



124	// bbPress
125	add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
126	add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);

143	* On the scheduled action hook, run the function.
144	*/
145	function ct_do_this_hourly() {
146	+ global $ct_options;
147	+ // do something every hour
148	+
149	+ if (!isset($ct_options))
150	+ $ct_options = ct_get_options();
151	+
152	delete_spam_comments();
153	ct_send_feedback();
154	}

181	* @return mixed[] Array of options
182	*/
183	function ct_init() {
184	+ global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $ct_formtime_label, $ct_direct_post, $ct_options;
185	+
186	+ $ct_options = ct_get_options();
187
188	ct_init_session();
189

194	} else {
195	$_SESSION[$ct_formtime_label] = time();
196	}

197
198	+ // Fast Secure contact form
199	+ if(defined('FSCF_VERSION')){
200	+ add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
201	+ add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
202	+ }
203
204	+ // WooCoomerse signups
205	+ if(class_exists('WooCommerce')){
206	+ add_filter('woocommerce_register_post', 'ct_register_post', 1, 3);






207	}
208	+
209	+ // JetPack Contact form
210	+ $jetpack_active_modules = false;
211	+ if(defined('JETPACK__VERSION')){
212	+ $jetpack_active_modules = get_option('jetpack_active_modules');
213	+ if (
214	+ (class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules))
215	+ ) {
216	+ add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
217	+ add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
218	+ $ct_jp_comments = true;
219	+ }
220	+ }
221	+
222	+ // Contact Form7
223	+ if(defined('WPCF7_VERSION')){
224	+ add_filter('wpcf7_form_elements', 'ct_wpcf7_form_elements');
225	+ if(WPCF7_VERSION >= '3.0.0'){
226	+ add_filter('wpcf7_spam', 'ct_wpcf7_spam');
227	+ }else{
228	+ add_filter('wpcf7_acceptance', 'ct_wpcf7_spam');
229	+ }
230	}
231
232	+ add_action('comment_form', 'ct_comment_form');
233	+
234	+ # if (
235	+ # ($ct_jp_comments === true)
236	+ # \|\| (defined('LANDINGPAGES_CURRENT_VERSION'))
237	+ # \|\| (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION'))
238	+ # \|\| (defined('WOOCOMMERCE_VERSION'))
239	+ # \|\| (defined('WPCF7_VERSION'))
240	+ # ) {
241	+ # add_action('wp_footer', 'ct_footer_add_cookie', 1);
242	+ # }
243	+
244	//intercept WordPress Landing Pages POST
245	if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
246	if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)

264	}
265
266	//
267	+ // Load JS code to website footer
268	//
269	+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
270	+ add_action('wp_footer', 'ct_footer_add_cookie', 1);
271	+ }
272	if (ct_is_user_enable()) {
273	ct_cookies_test();
274
275	+ if (isset($ct_options['general_contact_forms_test']) && $ct_options['general_contact_forms_test'] == 1) {






276	ct_contact_form_validate();
277	}
278	}

351	* @return string comment_content w\o cleantalk resume
352	*/
353	function ct_feedback($hash, $message = null, $allow) {
354	+ global $ct_options;
355
356	require_once('cleantalk.class.php');

357
358	$config = get_option('cleantalk_server');
359
360	$ct = new Cleantalk();
361	$ct->work_url = $config['ct_work_url'];
362	+ $ct->server_url = $ct_options['server'];
363	$ct->server_ttl = $config['ct_server_ttl'];
364	$ct->server_changed = $config['ct_server_changed'];
365

388	* @return bool
389	*/
390	function ct_send_feedback($feedback_request = null) {
391	+ global $ct_options;
392
393	if (empty($feedback_request) && isset($_SESSION['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $_SESSION['feedback_request'])) {
394	$feedback_request = $_SESSION['feedback_request'];

397
398	if ($feedback_request !== null) {
399	require_once('cleantalk.class.php');


400	$config = get_option('cleantalk_server');
401
402	$ct = new Cleantalk();
403	$ct->work_url = $config['ct_work_url'];
404	+ $ct->server_url = $ct_options['server'];
405	$ct->server_ttl = $config['ct_server_ttl'];
406	$ct->server_changed = $config['ct_server_changed'];
407
408	$ct_request = new CleantalkRequest();
409	+ $ct_request->auth_key = $ct_options['apikey'];
410	$ct_request->feedback = $feedback_request;
411
412	$ct->sendFeedback($ct_request);

477	* @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
478	*/
479	function ct_base_call($params = array()) {
480	+ global $wpdb, $ct_agent_version, $ct_formtime_label, $ct_options;
481
482	require_once('cleantalk.class.php');
483

492	$sender_info = '';
493
494	$config = get_option('cleantalk_server');

495
496	$ct = new Cleantalk();
497	$ct->work_url = $config['ct_work_url'];
498	+ $ct->server_url = $ct_options['server'];
499	$ct->server_ttl = $config['ct_server_ttl'];
500	$ct->server_changed = $config['ct_server_changed'];
501	+ $ct->ssl_on = $ct_options['ssl_on'];
502
503	$ct_request = new CleantalkRequest();
504
505	+ $ct_request->auth_key = $ct_options['apikey'];
506	$ct_request->message = $params['message'];
507	$ct_request->example = $params['example'];
508	$ct_request->sender_email = $params['sender_email'];

537	* Adds hidden filed to comment form
538	*/
539	function ct_comment_form($post_id) {
540	+ global $ct_options;
541	+
542	if (ct_is_user_enable() === false) {
543	return false;
544	}
545
546	+ if ($ct_options['comments_test'] == 0) {

547	return false;
548	}
549

592	$html = '
593	<input type="hidden" id="%s" name="%s" value="%s" />
594	<script type="text/javascript">
595	+ setTimeout(function(){var ct_input_name = \'%s\';var ct_input_value = document.getElementById(ct_input_name).value;document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, %s); }, 1000);


596	</script>
597	';
598	$html = sprintf($html, $field_id, $field_name, $ct_checkjs_def, $field_id, $ct_input_challenge);

634	* return null;
635	*/
636	function ct_frm_entries_footer_scripts($fields, $form) {
637	+ global $current_user, $ct_checkjs_frm, $ct_options;
638
639	+ if ($ct_options['contact_forms_test'] == 0) {

640	return false;
641	}
642

659	* return @array with errors if spam has found
660	*/
661	function ct_frm_validate_entry ($errors, $values) {
662	+ global $wpdb, $current_user, $ct_agent_version, $ct_checkjs_frm, $ct_options;
663
664	+ if ($ct_options['contact_forms_test'] == 0) {

665	return false;
666	}
667

706	* @return mixed[] $comment Comment string
707	*/
708	function ct_bbp_new_pre_content ($comment) {
709	+ global $ct_options;
710
711	+ if (ct_is_user_enable() === false \|\| $ct_options['comments_test'] == 0 \|\| is_user_logged_in()) {

712	return $comment;
713	}
714

759	// this action is called just when WP process POST request (adds new comment)
760	// this action is called by wp-comments-post.php
761	// after processing WP makes redirect to post page with comment's form by GET request (see above)
762	+ global $wpdb, $current_user, $comment_post_id, $ct_agent_version, $ct_comment_done, $ct_approved_request_id_label, $ct_jp_comments, $ct_options;
763
764	+ if (ct_is_user_enable() === false \|\| $ct_options['comments_test'] == 0 \|\| $ct_comment_done) {

765	return $comment;
766	}
767

810	}
811
812	$example = null;
813	+ if ($ct_options['relevance_test']) {
814	$post = get_post($comment_post_id);
815	if ($post !== null){
816	$example['title'] = $post->post_title;

919	*
920	*/
921	function js_test($field_name = 'ct_checkjs', $data = null, $random_key = false) {
922	+ global $ct_options;
923
924	$checkjs = null;
925	$js_post_value = null;

934	// Random key check
935	//
936	if ($random_key) {

937
938	+ $keys = $ct_options['js_keys'];
939	if (isset($keys[$js_post_value])) {
940	$checkjs = 1;
941	} else {

1092	* @return string
1093	*/
1094	function ct_get_checkjs_value($random_key = false) {
1095	+ global $ct_options;
1096
1097	if ($random_key) {
1098	+ $keys = $ct_options['js_keys'];
1099	$keys_checksum = md5(json_encode($keys));
1100
1101	$key = null;

1103	foreach ($keys as $k => $t) {
1104
1105	// Removing key if it's to old
1106	+ if (time() - $t > $ct_options['js_keys_store_days'] * 86400) {
1107	unset($keys[$k]);
1108	continue;
1109	}

1115	}
1116
1117	// Get new key if the latest key is too old
1118	+ if (time() - $latest_key_time > $ct_options['js_key_lifetime']) {
1119	$key = rand();
1120	$keys[$key] = time();
1121	}
1122
1123	if (md5(json_encode($keys)) != $keys_checksum) {
1124	+ $ct_options['js_keys'] = $keys;
1125	+ update_option('cleantalk_settings', $ct_options);
1126	}
1127	} else {
1128	+ $key = md5($ct_options['apikey'] . '+' . get_option('admin_email'));
1129	}
1130
1131	return $key;

1137	* @return null
1138	*/
1139	function ct_register_form() {
1140	+ global $ct_checkjs_register_form, $ct_options;
1141
1142	+ if ($ct_options['registrations_test'] == 0) {

1143	return false;
1144	}
1145

1153	* @return null
1154	*/
1155	function ct_login_message($message) {
1156	+ global $errors, $ct_session_register_ok_label, $ct_options;
1157
1158	+ if ($ct_options['registrations_test'] != 0) {

1159	if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ) {
1160	if (isset($_SESSION[$ct_session_register_ok_label])) {
1161	unset($_SESSION[$ct_session_register_ok_label]);

1216	* @return array with errors
1217	*/
1218	function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1219	+ global $ct_agent_version, $ct_checkjs_register_form, $ct_session_request_id_label, $ct_session_register_ok_label, $bp, $ct_signup_done, $ct_formtime_label, $ct_negative_comment, $ct_options;
1220
1221	// Go out if a registrered user action
1222	if (ct_is_user_enable() === false) {
1223	return $errors;
1224	}
1225
1226	+ if ($ct_options['registrations_test'] == 0) {

1227	return $errors;
1228	}
1229

1282	$config = get_option('cleantalk_server');
1283	$ct = new Cleantalk();
1284	$ct->work_url = $config['ct_work_url'];
1285	+ $ct->server_url = $ct_options['server'];
1286
1287	$ct->server_ttl = $config['ct_server_ttl'];
1288	$ct->server_changed = $config['ct_server_changed'];
1289	+ $ct->ssl_on = $ct_options['ssl_on'];
1290
1291	$ct_request = new CleantalkRequest();
1292	+ $ct_request->auth_key = $ct_options['apikey'];
1293	$ct_request->sender_email = $user_email;
1294	$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
1295	$ct_request->sender_nickname = $sanitized_user_login;

1311
1312	$ct_signup_done = true;
1313
1314	+ if ($ct_result->errno != 0 && $ct_options['notice_api_errors']) {
1315	ct_send_error_notice($ct_result->comment);
1316	return $errors;
1317	}

1360	* Test for JetPack contact form
1361	*/
1362	function ct_grunion_contact_form_field_html($r, $field_label) {
1363	+ global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields, $ct_options;
1364
1365	+ if ($ct_options['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match("/[text\|email]/i", $r)) {

1366
1367	// Looking for element name prefix
1368	$name_patched = false;

1383	* Test for JetPack contact form
1384	*/
1385	function ct_contact_form_is_spam($form) {
1386	+ global $ct_checkjs_jpcf, $ct_options;
1387
1388	+ if ($ct_options['contact_forms_test'] == 0) {


1389	return null;
1390	}
1391

1445	* Inserts anti-spam hidden to CF7
1446	*/
1447	function ct_wpcf7_form_elements($html) {
1448	+ global $wpdb, $current_user, $ct_checkjs_cf7, $ct_options;
1449
1450	+ if ($ct_options['contact_forms_test'] == 0) {

1451	return $html;
1452	}
1453

1459	/**
1460	* Test CF7 message for spam
1461	*/
1462	+ function ct_wpcf7_spam($param) {
1463	+ global $wpdb, $current_user, $ct_agent_version, $ct_checkjs_cf7, $ct_cf7_comment, $ct_options;
1464
1465	+ if (WPCF7_VERSION >= '3.0.0') {
1466	+ if($param === true)
1467	+ return $param;
1468	+ }else{
1469	+ if($param == false)
1470	+ return $param;
1471	+ }
1472
1473	+ if ($ct_options['contact_forms_test'] == 0) {
1474	+ return $param;
1475	}
1476
1477	$checkjs = js_test('ct_checkjs', $_COOKIE, true);

1523	$ct_result = $ct_base_call_result['ct_result'];
1524
1525	if ($ct_result->spam == 1) {
1526	+ if (WPCF7_VERSION >= '3.0.0') {
1527	+ $param = true;
1528	+ }else{
1529	+ $param = false;
1530	+ }
1531	$ct_cf7_comment = $ct_result->comment;
1532	add_filter('wpcf7_display_message', 'ct_wpcf7_display_message', 10, 2);
1533
1534	}
1535
1536	+ return $param;
1537	}
1538
1539	/**
1540	* Changes CF7 status message
1541	* @param string $hook URL of hooked page
1542	*/
1543	+ function ct_wpcf7_display_message($message, $status = 'spam') {
1544	global $ct_cf7_comment;
1545
1546	if ($status == 'spam') {

1562	* Test for Fast Secure contact form
1563	*/
1564	function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
1565	+ global $ct_options;
1566	+
1567	if (!empty($form_errors))
1568	return $form_errors;
1569
1570	+ if ($ct_options['contact_forms_test'] == 0)

1571	return $form_errors;
1572
1573	$checkjs = js_test('ct_checkjs', $_POST, true);

1638	* Checks WordPress Landing Pages raw $_POST values
1639	*/
1640	function ct_check_wplp(){
1641	+ global $ct_wplp_result_label, $ct_options;
1642	if (!isset($_COOKIE[$ct_wplp_result_label])) {
1643	// First AJAX submit of WPLP form
1644	+ if ($ct_options['contact_forms_test'] == 0)

1645	return;
1646
1647	$checkjs = js_test('ct_checkjs', $_COOKIE, true);

1699	* @return array with errors
1700	*/
1701	function ct_s2member_registration_test() {
1702	+ global $ct_agent_version, $ct_post_data_label, $ct_post_data_authnet_label, $ct_formtime_label, $ct_options;
1703
1704	+ if ($ct_options['registrations_test'] == 0) {

1705	return null;
1706	}
1707

1735
1736	$ct = new Cleantalk();
1737	$ct->work_url = $config['ct_work_url'];
1738	+ $ct->server_url = $ct_options['server'];
1739	$ct->server_ttl = $config['ct_server_ttl'];
1740	$ct->server_changed = $config['ct_server_changed'];
1741	+ $ct->ssl_on = $ct_options['ssl_on'];
1742
1743	$ct_request = new CleantalkRequest();
1744
1745	+ $ct_request->auth_key = $ct_options['apikey'];
1746	$ct_request->sender_email = $sender_email;
1747	$ct_request->sender_ip = $ct->ct_session_ip($_SERVER['REMOTE_ADDR']);
1748	$ct_request->sender_nickname = $sender_nickname;

1898	* @return array
1899	*/
1900	function get_sender_info() {
1901	+ global $ct_direct_post, $ct_options;
1902
1903	$php_session = session_id() != '' ? 1 : 0;
1904

1917	}
1918	}
1919
1920	+ $options2server = array( // Options for sending to server for support information
1921	+ 'apikey' => $ct_options['apikey'],
1922	+ 'registrations_test' => $ct_options['registrations_test'],
1923	+ 'comments_test' => $ct_options['comments_test'],
1924	+ 'contact_forms_test' => $ct_options['contact_forms_test'],
1925	+ 'general_contact_forms_test' => $ct_options['general_contact_forms_test'],
1926	+ 'remove_old_spam' => $ct_options['remove_old_spam'],
1927	+ 'autoPubRevelantMess' => $ct_options['autoPubRevelantMess'],
1928	+ 'spam_store_days' => $ct_options['spam_store_days'],
1929	+ 'ssl_on' => $ct_options['ssl_on'],
1930	+ );
1931
1932	return $sender_info = array(
1933	+ 'page_url' => htmlspecialchars(@$_SERVER['SERVER_NAME'].@$_SERVER['REQUEST_URI']),
1934	'cms_lang' => substr(get_locale(), 0, 2),
1935	+ 'REFFERRER' => htmlspecialchars(@$_SERVER['HTTP_REFERER']),
1936	+ 'USER_AGENT' => htmlspecialchars(@$_SERVER['HTTP_USER_AGENT']),
1937	'php_session' => $php_session,
1938	'cookies_enabled' => ct_cookies_test(true),
1939	'direct_post' => $ct_direct_post,
1940	'checkjs_data_post' => $checkjs_data_post,
1941	'checkjs_data_cookies' => $checkjs_data_cookies,
1942	+ 'ct_options' => json_encode($options2server),
1943	);
1944	}
1945

1948	* @return null
1949	*/
1950	function delete_spam_comments() {
1951	+ global $pagenow, $ct_options;
1952
1953	+ if ($ct_options['remove_old_spam'] == 1) {

1954	$last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
1955	foreach ($last_comments as $c) {
1956	+ if (time() - strtotime($c->comment_date_gmt) > 86400 * $ct_options['spam_store_days']) {
1957	// Force deletion old spam comments
1958	wp_delete_comment($c->comment_ID, true);
1959	}

readme.txt CHANGED Viewed

	@@ -1,13 +1,13 @@
1	=== Anti-spam by CleanTalk (no CAPTCHA) ===
2	Contributors: znaeff, shagimuratov
3	- Tags: Akismet, anti spam, antispam, bbpress spam, buddypress spam, capcha, captcha antispam, cf7 spam, comments spam, contact form spam, fast secure contact form spam, form, Formidable spam, jetpack spam, landing pages, math, registration spam, s2member, signup spam, spam, spammers, spammy, WooCommerce spam, wordpress spam, booking spam, order spam
4	Requires at least: 3.0
5	Tested up to: 4.1
6	- Stable tag: 4.14
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
10	- Max power, all-in-one, premium anti-spam plugin. No ~~comment~~ & ~~registration~~ spam, no contact spam, protects any forms. Just install and forget.
11
12	== Description ==
13	No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
	@@ -23,7 +23,7 @@ No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam b
23	= Spam protection =
24	* WordPress, JetPack comments.
25	* WordPress, BuddyPress, bbPress, S2Member, WooCommerce registrations.
26	- * Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form, Ninja forms, Landing pages and any themes/custom contact form.
27	* WooCommerce review form.
28	* WordPress Landing Pages.
29	* Any WordPress form (with enabled anti-spam option 'Custom contact forms').
	@@ -32,7 +32,7 @@ No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam b
32	Spam is one of the most irritating factors. Spam become every year more and conventional anti spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.
33
34	= Anti spam plugin info =
35	- CleanTalk is an anti spam protection 4 in 1 for WordPress that protects login, ~~comment~~, contact and WooCommerce forms all at once. You don't need to install separate anti spam plugins for each form. This allows your blog to work faster and save resources. After installation you will forget about spam, CleanTalk plugin will do all the work. You won't have to deal with spam, CleanTalk will do this for you automatically.
36
37	CleanTalk is a transparent anti spam protection, we provide detailed statistics of all entering comments and logins. You can always be sure that there are no errors. We have developed a mobile app for you to see anti spam statistics wherever.
38
	@@ -42,7 +42,7 @@ The anti spam method offered by CleanTalk allows to switch from the methods that
42
43	The CleanTalk is premium anti spam for WordPress, please look at the <a href="http://cleantalk.org/price">pricing</a>. We try to provide anti spam service at the highest level and we can not afford to offer a free version of our service, as this will immediately affect the quality of providing anti spam protection. Paying for a year of anti spam service, you save a lot more and get:
44
45	- * 100% protection against spam bots
46	* Time and resources saving
47	* More registrations/comments/visitors
48	* Protect several websites at once at different CMS
	@@ -54,7 +54,7 @@ The CleanTalk is premium anti spam for WordPress, please look at the <a href="ht
54	* Free mobile app to control anti spam function at your website.
55
56	= How to protect sites from spam bots without CAPTCHA? =
57	- The most popular method is CAPTCHA -- the annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won~~â€™~~t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again.
58	Sometimes CAPTCHA reminds doodle 2x year old child. For users with vision problems captcha is just an insurmountable obstacle. Users hate captcha. Captcha for users means "hate". Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to bring it up to 95% reject further attempts.
59	At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts Concerning the Need for CAPTCHA?
60
	@@ -64,17 +64,24 @@ At the sight of CAPTCHA and after input errors, many visitors leave the resource
64	* Anti spam apps for most popular CMS on cleantalk.org.
65
66	= We recommend =
67	- * Audience engagement plugin <a href="http://wordpress.org/plugins/feedweb/">Feedweb</a>





68
69	== Installation ==
70	1. Download, install and activate the plugin.
71	- 1. Get Access key <a href="~~http~~://cleantalk.org/register?platform=wordpress" target="_blank">~~http~~://cleantalk.org/register</a>
72	1. Enter Access key at the plugin settings.
73	- 1. Make dummy spam comment with email stop_email@example.com. ~~You should see notice,~~
74
75	- ~~*~~ ~~Forbidden.~~ ~~Sender~~ blacklisted. Request number . Antispam service cleantalk.org. *
76
77	- ~~The~~ ~~setup~~ is ~~done! You can control anti spam plugin by <a href="http://cleantalk~~.~~org/my"~~ ~~target="_blank">Control~~ ~~panel</a>~~ ~~at the~~ cleantalk.org ~~or use <a href="https://play~~.~~google.com/store/apps/details?id=org.cleantalk.app">Android</a>,~~ ~~<a href="https://itunes.apple.com/us/app/cleantalk/id825479913?mt=8">iPhone</a> anti spam app.~~


78
79	== Frequently Asked Questions ==
80
	@@ -84,19 +91,18 @@ Spam comments moves to SPAM folder or you can set option to silent ban spam comm
84	= How does the plugin stop spam? =
85	Plugin uses several simple tests to stop spammers.
86
87	- 1. JavaScript anti spam test. 99% spam bots doesn't have all JavaScript functions support. So, the plugin has code which can run normal visitor and can't run the spam bot.
88	1. Checks by Email, IP, domains at spam activities list. The plugin online use spam activity database at cleantalk.org, which are consist more then 1 billion records about spam activity IPs, Email, Domains and ASN. If the senders IP or Email matches with database, the sender gets some spam scores. To reduce false/positive rate the plugin doesn't use only blacklist test to ban spammers. The sender will be banned only if multiple spam test failed.
89	- 1. Comment submit time. Spam bots usually send post immediately after page load, because spam bots not really fill the web form, they are only send $_POST data to the blog. The normal visitor ~~send~~ the data within several seconds or minutes.
90	- 1. Relevance test for the comments. Spam bots posts send to the blog comments which are not matched with article by relevance, so the plugin can filter spam bots with offtop filter.
91
92	- = Will anti spam protects my theme? =
93	- Yes, it will. The ~~plugin~~ compatible with any WordPress themes.
94
95	- = How can I test anti spam protection? =
96	- Please use email stop_email@example.com for comments, contacts or signups. Also you can see ~~comments~~ ~~processed by plugin~~ for last 7 days at <a href="http://cleantalk.org/my/show_requests">Control panel</a> or look at folder "Spam" for banned comments.
97
98	= Is the plugin effective against spam bots? =
99	- Plugin Anti-spam by CleanTalk stops up to 100% of spam comments, spam signups (registrations) ~~and~~ spam contact emails.
100
101	= What about pingback, trackback spam? =
102	Plugin by default pass pingbacks without any checks. All trackbacks will be blocked if the sender have spam activity.
	@@ -104,11 +110,11 @@ Plugin by default pass pingbacks without any checks. All trackbacks will be bloc
104	= Can I use CleanTalk with Akismet? =
105	Sure, you can use CleanTalk with Akismet. In this case probably you will have bigger false/positive rate (when legitimate comments/signups denies), but you will have stronger antispam protection at website.
106
107	- = Should I use another anti spam plugins? =
108	CleanTalk stops up to 100% of spam bots, so you can disable other anti spam plugins (especially CAPTCHA like anti spam plugins). In some cases several anti-spam plugins can conflict, so it will be better use just one plugin.
109
110	= The plugin WordPress MultiUser (WPMU or WordPress network) compatible? =
111	- The plugin is WordPress MultiUser (WPMU or WordPress network) compatible. Each blog in multisite environment has individual ~~anit~~ spam options for spam bots protection.
112
113	= After the installation I noticed in the statistics that the number of spam attacks had increased =
114	There are a few reasons for this:
	@@ -124,8 +130,14 @@ The plugin has several options to detect spam bots and humans. If you just post
124
125	The comments will be passed, becuase the plugin detect sender as a human. So, use special email stop_email@example.com to test anti-spam or wait a few days to see how the plugin works.
126



127	= Can I use CleanTalk with cache plugins? =
128	- CleanTalk doesn't use static HTML code into templates, so all ~~anit~~ spam functions will works correctly with any WordPress cache plugins.



129
130	== Other notes ==
131
	@@ -136,8 +148,7 @@ If you're having trouble getting things to work after installing the plugin, her
136
137	1. If you haven't yet, please upgrade plugin to the latest version.
138	1. If you have error '* Forbidden. Enable JavaScript. Anti-spam service cleantalk.org. *' please check JavaScript support in your browser and do JavaScript test at this page <a href="http://cleantalk.org/checkout-javascript-support">Check out JavaScript support</a>.
139	- 1. If you have spam comments, signups or contacts please check the Access key at plugin settings. The key should be same as you can find in service <a href="https://cleantalk.org/my/">~~Control panel~~</a>.
140	- 1. If you have spam contact emails after plugin installation, please check your plugin with list of supported contact forms (see section Anti-spam protection).
141
142	= CAPTCHA =
143	The annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won’t discern these symbols, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource from visitors. Spam bots can automatically recognize Captcha.
	@@ -160,6 +171,13 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
160	1. Setup Android/iOS app to have push notices when new legitiamte comments/registrations or contactcs appears on the website.
161
162	== Changelog ==







163	= 4.14 2015-01-19 =
164	* Removed deprecated option from comment approvement code.
165	* New API key URL.
	@@ -470,6 +488,9 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
470	* First version
471
472	== Upgrade Notice ==



473	= 4.14 2015-01-19 =
474	Removed deprecated option from comment approvement code.
475


1	=== Anti-spam by CleanTalk (no CAPTCHA) ===
2	Contributors: znaeff, shagimuratov
3	+ Tags: Akismet, anti spam, antispam, bbpress spam, buddypress spam, capcha, captcha antispam, cf7 spam, comments spam, contact form spam, fast secure contact form spam, form, Formidable spam, jetpack spam, landing pages, math, registration spam, s2member, signup spam, spam, spammers, spammy, WooCommerce spam, wordpress spam, booking spam, order spam, subscriptions spam, comments, gravity spam, gravity forms spam
4	Requires at least: 3.0
5	Tested up to: 4.1
6	+ Stable tag: 4.15
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
10	+ Max power, all-in-one, premium anti-spam plugin. No comments & registrations spam, no contact spam, protects any forms. Just install and forget.
11
12	== Description ==
13	No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.

23	= Spam protection =
24	* WordPress, JetPack comments.
25	* WordPress, BuddyPress, bbPress, S2Member, WooCommerce registrations.
26	+ * Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form, Ninja forms, Landing pages, Gravity forms and any themes/custom contact form.
27	* WooCommerce review form.
28	* WordPress Landing Pages.
29	* Any WordPress form (with enabled anti-spam option 'Custom contact forms').

32	Spam is one of the most irritating factors. Spam become every year more and conventional anti spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.
33
34	= Anti spam plugin info =
35	+ CleanTalk is an anti spam protection 4 in 1 for WordPress that protects login, comments, contact and WooCommerce forms all at once. You don't need to install separate anti spam plugins for each form. This allows your blog to work faster and save resources. After installation you will forget about spam, CleanTalk plugin will do all the work. You won't have to deal with spam, CleanTalk will do this for you automatically.
36
37	CleanTalk is a transparent anti spam protection, we provide detailed statistics of all entering comments and logins. You can always be sure that there are no errors. We have developed a mobile app for you to see anti spam statistics wherever.
38

42
43	The CleanTalk is premium anti spam for WordPress, please look at the <a href="http://cleantalk.org/price">pricing</a>. We try to provide anti spam service at the highest level and we can not afford to offer a free version of our service, as this will immediately affect the quality of providing anti spam protection. Paying for a year of anti spam service, you save a lot more and get:
44
45	+ * Up to 100% protection against spam bots
46	* Time and resources saving
47	* More registrations/comments/visitors
48	* Protect several websites at once at different CMS

54	* Free mobile app to control anti spam function at your website.
55
56	= How to protect sites from spam bots without CAPTCHA? =
57	+ The most popular method is CAPTCHA -- the annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won't discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again.
58	Sometimes CAPTCHA reminds doodle 2x year old child. For users with vision problems captcha is just an insurmountable obstacle. Users hate captcha. Captcha for users means "hate". Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to bring it up to 95% reject further attempts.
59	At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts Concerning the Need for CAPTCHA?
60

64	* Anti spam apps for most popular CMS on cleantalk.org.
65
66	= We recommend =
67	+ Audience engagement plugin <a href="http://wordpress.org/plugins/feedweb/">Feedweb</a>
68	+
69	+ Max power, all-in-one, premium anti-spam plugin.
70	+ No comments & registrations spam, no contact spam, protects any forms.
71	+ Just install and forget.
72	+
73
74	== Installation ==
75	1. Download, install and activate the plugin.
76	+ 1. Get Access key <a href="https://cleantalk.org/register?platform=wordpress" target="_blank">https://cleantalk.org/register</a>
77	1. Enter Access key at the plugin settings.
78	+ 1. Make dummy spam comment with email stop_email@example.com.
79
80	+ You should see notice,
81
82	+ * Forbidden. Sender blacklisted. Antispam service cleantalk.org. *
83	+
84	+ The setup is done! You can control anti spam plugin by <a href="https://cleantalk.org/my" target="_blank">Dashboard</a> at the cleantalk.org or use <a href="https://play.google.com/store/apps/details?id=org.cleantalk.app">Android</a>, <a href="https://itunes.apple.com/us/app/cleantalk/id825479913?mt=8">iPhone</a> anti spam app.
85
86	== Frequently Asked Questions ==
87

91	= How does the plugin stop spam? =
92	Plugin uses several simple tests to stop spammers.
93
94	+ 1. JavaScript anti-spam test. 99% spam bots doesn't have all JavaScript functions support. So, the plugin has code which can run normal visitor and can't run the spam bot.
95	1. Checks by Email, IP, domains at spam activities list. The plugin online use spam activity database at cleantalk.org, which are consist more then 1 billion records about spam activity IPs, Email, Domains and ASN. If the senders IP or Email matches with database, the sender gets some spam scores. To reduce false/positive rate the plugin doesn't use only blacklist test to ban spammers. The sender will be banned only if multiple spam test failed.
96	+ 1. Comment submit time. Spam bots usually send post immediately after page load, because spam bots not really fill the web form, they are only send $_POST data to the blog. The normal visitor sends the data within several seconds or minutes.

97
98	+ = Will anti-spam protects my theme? =
99	+ Yes, it will. The Anti-spam by CleanTalk compatible with any WordPress themes.
100
101	+ = How can I test anti-spam protection? =
102	+ Please use email stop_email@example.com for comments, contacts or signups to see how the anti-spam protection works. Also you can see logs for last 7 days at <a href="http://cleantalk.org/my/show_requests">Control panel</a> or look at folder "Spam" for banned comments.
103
104	= Is the plugin effective against spam bots? =
105	+ Plugin Anti-spam by CleanTalk stops up to 100% of spam comments, spam signups (registrations), spam contact emails, spam subscriptions, spam bookings or spam orders.
106
107	= What about pingback, trackback spam? =
108	Plugin by default pass pingbacks without any checks. All trackbacks will be blocked if the sender have spam activity.

110	= Can I use CleanTalk with Akismet? =
111	Sure, you can use CleanTalk with Akismet. In this case probably you will have bigger false/positive rate (when legitimate comments/signups denies), but you will have stronger antispam protection at website.
112
113	+ = Should I use another anti-spam plugins? =
114	CleanTalk stops up to 100% of spam bots, so you can disable other anti spam plugins (especially CAPTCHA like anti spam plugins). In some cases several anti-spam plugins can conflict, so it will be better use just one plugin.
115
116	= The plugin WordPress MultiUser (WPMU or WordPress network) compatible? =
117	+ The plugin is WordPress MultiUser (WPMU or WordPress network) compatible. Each blog in multisite environment has individual anti-spam options for spam bots protection.
118
119	= After the installation I noticed in the statistics that the number of spam attacks had increased =
120	There are a few reasons for this:

130
131	The comments will be passed, becuase the plugin detect sender as a human. So, use special email stop_email@example.com to test anti-spam or wait a few days to see how the plugin works.
132
133	+ = Is it free or paid? =
134	+ The plugin is paid, you have two weeks free trial to test anti-spam for comments, registrations, bookings, contacts or orders. When the trial is finished, you can renew the subscription for 1 year or deactivate anti-spam plugin.
135	+
136	= Can I use CleanTalk with cache plugins? =
137	+ Anti-spam by CleanTalk doesn't use static HTML code into templates, so all anti-spam functions will works correctly with any WordPress cache plugins.
138	+
139	+ = Does the plugin protects against spam bots at contact forms with third-party services? =
140	+ If your contact or subscribe form sends data to third-party servers (like mailchimp.com and etc.) the plugin will not protect your form. Because the plugin protects against spam bots only forms wihc are sends data directly to your WordPress website.
141
142	== Other notes ==
143

148
149	1. If you haven't yet, please upgrade plugin to the latest version.
150	1. If you have error '* Forbidden. Enable JavaScript. Anti-spam service cleantalk.org. *' please check JavaScript support in your browser and do JavaScript test at this page <a href="http://cleantalk.org/checkout-javascript-support">Check out JavaScript support</a>.
151	+ 1. If you have spam comments, signups or contacts please check the Access key at plugin settings. The key should be same as you can find in service <a href="https://cleantalk.org/my/">Dashboard</a>.

152
153	= CAPTCHA =
154	The annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won’t discern these symbols, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource from visitors. Spam bots can automatically recognize Captcha.

171	1. Setup Android/iOS app to have push notices when new legitiamte comments/registrations or contactcs appears on the website.
172
173	== Changelog ==
174	+ = 4.15 2015-01-29 =
175	+ * Support of Contact Form 7 versions before 3.0.0.
176	+ * Fixed global JS-vars.
177	+ * Fixed online notice cookie logics.
178	+ * Optimized filters for FSCF, WooCommerce, JetPack.
179	+ * Optomized option getting.
180	+
181	= 4.14 2015-01-19 =
182	* Removed deprecated option from comment approvement code.
183	* New API key URL.

488	* First version
489
490	== Upgrade Notice ==
491	+ = 4.15 2015-01-29 =
492	+ Support of Contact Form 7 versions before 3.0.0, fixed global JS-vars and online notice cookie logics.
493	+
494	= 4.14 2015-01-19 =
495	Removed deprecated option from comment approvement code.
496

Spam protection, AntiSpam, FireWall by CleanTalk - Version 4.15

Version Description

Release Info

Code changes from version 4.14 to 4.15