Spam protection, AntiSpam, FireWall by CleanTalk - Version 4.6

Version Description

2014-11-11 = * Improved anti spam protection on BuddyPress registrations. * Improved anti spam protection on contact forms. * Removed plugin sign from pending, spam comments. To get details about a comment please use Dashboard at cleantalk.org. * Improved Access key validation function. * Added protection for bbPress comments via stop list. Stop list function is a list to reject comments by prefiled words. To fill the list please use Dashboard at cleantalk.org.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 4.6
Comparing to
See all releases

Code changes from version 4.5 to 4.6

Files changed (3) hide show
  1. cleantalk-admin.php +59 -16
  2. cleantalk.php +17 -16
  3. readme.txt +18 -3
cleantalk-admin.php CHANGED
@@ -2,6 +2,9 @@
2
 
3
  $ct_plugin_basename = 'cleantalk-spam-protect/cleantalk.php';
4
 
 
 
 
5
  /**
6
  * Admin action 'admin_enqueue_scripts' - Enqueue admin script of reloading admin page after needed AJAX events
7
  * @param string $hook URL of hooked page
@@ -478,7 +481,7 @@ if (!function_exists ( 'ct_plugin_action_links')) {
478
  * @return array
479
  */
480
  function ct_update_option($option_name) {
481
- global $show_ct_notice_online, $ct_notice_online_label, $ct_notice_trial_label, $trial_notice_showtime, $ct_account_status_check;
482
 
483
  if($option_name !== 'cleantalk_settings') {
484
  return;
@@ -488,23 +491,63 @@ function ct_update_option($option_name) {
488
  if ($ct_account_status_check > 0 && time() - $ct_account_status_check < 5) {
489
  return;
490
  }
 
 
 
 
 
 
 
 
 
 
 
 
491
 
492
- $ct_base_call_result = ct_base_call(array(
493
- 'message' => 'CleanTalk setup comment',
494
- 'example' => null,
495
- 'sender_email' => 'stop_email@example.com',
496
- 'sender_nickname' => 'CleanTalk',
497
- 'post_info' => '',
498
- 'checkjs' => 1
499
- ));
500
- $ct = $ct_base_call_result['ct'];
501
- $ct_result = $ct_base_call_result['ct_result'];
502
-
503
- if ($ct_result->inactive == 1) {
504
- setcookie($ct_notice_online_label, 0, null, '/');
505
- } else {
506
- setcookie($ct_notice_online_label, time(), strtotime("+14 days"), '/');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
507
  setcookie($ct_notice_trial_label, (int) 0, strtotime("+$trial_notice_showtime minutes"), '/');
 
 
508
  }
509
  }
510
 
2
 
3
  $ct_plugin_basename = 'cleantalk-spam-protect/cleantalk.php';
4
 
5
+ // Timeout to get app server
6
+ $ct_server_timeout = 2;
7
+
8
  /**
9
  * Admin action 'admin_enqueue_scripts' - Enqueue admin script of reloading admin page after needed AJAX events
10
  * @param string $hook URL of hooked page
481
  * @return array
482
  */
483
  function ct_update_option($option_name) {
484
+ global $show_ct_notice_online, $ct_notice_online_label, $ct_notice_trial_label, $trial_notice_showtime, $ct_account_status_check, $ct_options, $ct_server_timeout;
485
 
486
  if($option_name !== 'cleantalk_settings') {
487
  return;
491
  if ($ct_account_status_check > 0 && time() - $ct_account_status_check < 5) {
492
  return;
493
  }
494
+
495
+ $key_valid = true;
496
+ $app_server_error = false;
497
+ if (function_exists('curl_init') && function_exists('json_decode')) {
498
+ $api_key = $ct_options['apikey'];
499
+ if (isset($_POST['cleantalk_settings']['apikey'])) {
500
+ $api_key = $_POST['cleantalk_settings']['apikey'];
501
+ }
502
+
503
+ if (!ct_valid_key($api_key)) {
504
+ return null;
505
+ }
506
 
507
+ $url = 'https://cleantalk.org/app_notice';
508
+ $server_timeout = $ct_server_timeout;
509
+
510
+ $data['auth_key'] = $api_key;
511
+ $data['param'] = 'notice_validate_key';
512
+
513
+ $ch = curl_init();
514
+ curl_setopt($ch, CURLOPT_URL, $url);
515
+ curl_setopt($ch, CURLOPT_TIMEOUT, $server_timeout);
516
+ curl_setopt($ch, CURLOPT_POST, true);
517
+ curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
518
+
519
+ // receive server response ...
520
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
521
+ // resolve 'Expect: 100-continue' issue
522
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:'));
523
+
524
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
525
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
526
+
527
+ $result = curl_exec($ch);
528
+ curl_close($ch);
529
+ if ($result) {
530
+ $result = json_decode($result, true);
531
+ if (isset($result['valid']) && $result['valid'] == 0) {
532
+ $key_valid = false;
533
+ }
534
+ }
535
+ if (!$result || !isset($result['valid'])) {
536
+ $app_server_error = true;
537
+ }
538
+ }
539
+
540
+ if ($key_valid) {
541
+ // Removes cookie for server errors
542
+ if ($app_server_error) {
543
+ setcookie($ct_notice_online_label, null, -1, '/');
544
+ unset($_COOKIE[$ct_notice_online_label]);
545
+ } else {
546
+ setcookie($ct_notice_online_label, time(), strtotime("+14 days"), '/');
547
+ }
548
  setcookie($ct_notice_trial_label, (int) 0, strtotime("+$trial_notice_showtime minutes"), '/');
549
+ } else {
550
+ setcookie($ct_notice_online_label, 0, null, '/');
551
  }
552
  }
553
 
cleantalk.php CHANGED
@@ -3,14 +3,14 @@
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
- Version: 4.5
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
  define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
 
13
- $ct_agent_version = 'wordpress-45';
14
  $ct_plugin_name = 'Anti-spam by CleanTalk';
15
  $ct_checkjs_frm = 'ct_checkjs_frm';
16
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
@@ -541,7 +541,7 @@ function ct_footer_add_cookie() {
541
  return false;
542
  }
543
 
544
- ct_add_hidden_fields(null, 'ct_checkjs', false, true);
545
 
546
  return null;
547
  }
@@ -699,7 +699,10 @@ function ct_bbp_new_pre_content ($comment) {
699
  return $comment;
700
  }
701
 
702
- $checkjs = js_test('ct_checkjs', $_COOKIE);
 
 
 
703
 
704
  $example = null;
705
 
@@ -727,7 +730,7 @@ function ct_bbp_new_pre_content ($comment) {
727
  $ct = $ct_base_call_result['ct'];
728
  $ct_result = $ct_base_call_result['ct_result'];
729
 
730
- if ($ct_result->stop_queue == 1 || $ct_result->spam == 1) {
731
  bbp_add_error('bbp_reply_content', $ct_result->comment);
732
  }
733
 
@@ -782,7 +785,7 @@ function ct_preprocess_comment($comment) {
782
  //
783
  if ($ct_jp_comments) {
784
  $post_info['comment_type'] = 'jetpack_comment';
785
- $checkjs = js_test('ct_checkjs', $_COOKIE);
786
  } else {
787
  $post_info['comment_type'] = $comment['comment_type'];
788
  $checkjs = js_test('ct_checkjs', $_POST, true);
@@ -840,7 +843,6 @@ function ct_preprocess_comment($comment) {
840
  ct_hash($ct_result->id);
841
 
842
  if ($ct_result->spam == 1) {
843
- $comment['comment_content'] = $ct->addCleantalkComment($comment['comment_content'], $ct_result->comment);
844
  add_filter('pre_comment_approved', 'ct_set_comment_spam');
845
 
846
  global $ct_comment;
@@ -868,7 +870,6 @@ function ct_preprocess_comment($comment) {
868
  add_action('comment_post', 'ct_mark_red', 11, 2);
869
  }
870
 
871
- $comment['comment_content'] = $ct->addCleantalkComment($comment['comment_content'], $ct_result->comment);
872
  add_filter('pre_comment_approved', 'ct_set_not_approved');
873
  }
874
 
@@ -1260,7 +1261,7 @@ function ct_registration_errors($errors, $sanitized_user_login = null, $user_ema
1260
  // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1261
  //
1262
  if ($checkjs === null) {
1263
- $checkjs = js_test('ct_checkjs', $_COOKIE);
1264
  $sender_info['cookie_checkjs_passed'] = $checkjs;
1265
  }
1266
 
@@ -1365,7 +1366,7 @@ function ct_grunion_contact_form_field_html($r, $field_label) {
1365
  }
1366
  }
1367
 
1368
- $r .= ct_add_hidden_fields(null, $ct_checkjs_jpcf, true);
1369
  $ct_jpcf_patched = true;
1370
  }
1371
 
@@ -1446,7 +1447,7 @@ function ct_wpcf7_form_elements($html) {
1446
  return $html;
1447
  }
1448
 
1449
- $html .= ct_add_hidden_fields(null, $ct_checkjs_cf7, true);
1450
 
1451
  return $html;
1452
  }
@@ -1465,7 +1466,7 @@ function ct_wpcf7_spam($spam) {
1465
  return $spam;
1466
  }
1467
 
1468
- $checkjs = js_test('ct_checkjs', $_COOKIE);
1469
  if($checkjs != 1){
1470
  $checkjs = js_test($ct_checkjs_cf7, $_POST);
1471
  }
@@ -1541,7 +1542,7 @@ function ct_wpcf7_display_message($message, $status) {
1541
  * Inserts anti-spam hidden to Fast Secure contact form
1542
  */
1543
  function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
1544
- $string .= ct_add_hidden_fields(null, 'ct_checkjs', true);
1545
  return $string;
1546
  }
1547
 
@@ -1631,7 +1632,7 @@ function ct_check_wplp(){
1631
  if ($options['contact_forms_test'] == 0)
1632
  return;
1633
 
1634
- $checkjs = js_test('ct_checkjs', $_COOKIE);
1635
 
1636
  $post_info['comment_type'] = 'feedback';
1637
  $post_info = json_encode($post_info);
@@ -1695,7 +1696,7 @@ function ct_s2member_registration_test() {
1695
 
1696
  $submit_time = submit_time_test();
1697
 
1698
- $checkjs = js_test('ct_checkjs', $_COOKIE);
1699
 
1700
  require_once('cleantalk.class.php');
1701
 
@@ -1774,7 +1775,7 @@ function ct_contact_form_validate () {
1774
  return null;
1775
  }
1776
 
1777
- $checkjs = js_test('ct_checkjs', $_COOKIE);
1778
 
1779
  $post_info['comment_type'] = 'feedback_general_contact_form';
1780
  $post_info = json_encode($post_info);
3
  Plugin Name: Anti-spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Cloud antispam for comments, registrations and contacts. The plugin doesn't use CAPTCHA, Q&A, math, counting animals or quiz to stop spam bots.
6
+ Version: 4.6
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
  define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
12
 
13
+ $ct_agent_version = 'wordpress-46';
14
  $ct_plugin_name = 'Anti-spam by CleanTalk';
15
  $ct_checkjs_frm = 'ct_checkjs_frm';
16
  $ct_checkjs_register_form = 'ct_checkjs_register_form';
541
  return false;
542
  }
543
 
544
+ ct_add_hidden_fields(true, 'ct_checkjs', false, true);
545
 
546
  return null;
547
  }
699
  return $comment;
700
  }
701
 
702
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
703
+ if ($checkjs === null) {
704
+ $checkjs = js_test('ct_checkjs', $_POST, true);
705
+ }
706
 
707
  $example = null;
708
 
730
  $ct = $ct_base_call_result['ct'];
731
  $ct_result = $ct_base_call_result['ct_result'];
732
 
733
+ if ($ct_result->stop_queue == 1 || $ct_result->spam == 1 || ($ct_result->allow == 0 && $ct_result->stop_words !== null)) {
734
  bbp_add_error('bbp_reply_content', $ct_result->comment);
735
  }
736
 
785
  //
786
  if ($ct_jp_comments) {
787
  $post_info['comment_type'] = 'jetpack_comment';
788
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
789
  } else {
790
  $post_info['comment_type'] = $comment['comment_type'];
791
  $checkjs = js_test('ct_checkjs', $_POST, true);
843
  ct_hash($ct_result->id);
844
 
845
  if ($ct_result->spam == 1) {
 
846
  add_filter('pre_comment_approved', 'ct_set_comment_spam');
847
 
848
  global $ct_comment;
870
  add_action('comment_post', 'ct_mark_red', 11, 2);
871
  }
872
 
 
873
  add_filter('pre_comment_approved', 'ct_set_not_approved');
874
  }
875
 
1261
  // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1262
  //
1263
  if ($checkjs === null) {
1264
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
1265
  $sender_info['cookie_checkjs_passed'] = $checkjs;
1266
  }
1267
 
1366
  }
1367
  }
1368
 
1369
+ $r .= ct_add_hidden_fields(true, $ct_checkjs_jpcf, true);
1370
  $ct_jpcf_patched = true;
1371
  }
1372
 
1447
  return $html;
1448
  }
1449
 
1450
+ $html .= ct_add_hidden_fields(true, $ct_checkjs_cf7, true);
1451
 
1452
  return $html;
1453
  }
1466
  return $spam;
1467
  }
1468
 
1469
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
1470
  if($checkjs != 1){
1471
  $checkjs = js_test($ct_checkjs_cf7, $_POST);
1472
  }
1542
  * Inserts anti-spam hidden to Fast Secure contact form
1543
  */
1544
  function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
1545
+ $string .= ct_add_hidden_fields(true, 'ct_checkjs', true);
1546
  return $string;
1547
  }
1548
 
1632
  if ($options['contact_forms_test'] == 0)
1633
  return;
1634
 
1635
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
1636
 
1637
  $post_info['comment_type'] = 'feedback';
1638
  $post_info = json_encode($post_info);
1696
 
1697
  $submit_time = submit_time_test();
1698
 
1699
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
1700
 
1701
  require_once('cleantalk.class.php');
1702
 
1775
  return null;
1776
  }
1777
 
1778
+ $checkjs = js_test('ct_checkjs', $_COOKIE, true);
1779
 
1780
  $post_info['comment_type'] = 'feedback_general_contact_form';
1781
  $post_info = json_encode($post_info);
readme.txt CHANGED
@@ -1,13 +1,13 @@
1
- === Anti-spam by CleanTalk ===
2
  Contributors: znaeff, shagimuratov
3
  Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7, akismet
4
  Requires at least: 3.0
5
  Tested up to: 4.0
6
- Stable tag: 4.5
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
- No captcha, no spam comments, no spam registrations, no spam contact emails and no spam bots. Cloud, CAPTCHA less, premium antispam for WordPress.
11
 
12
  == Description ==
13
  No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
@@ -50,6 +50,11 @@ The CleanTalk is premium anti spam for WordPress, please look at the <a href="ht
50
  * No captcha, puzzles, etc.
51
  * Free mobile app to control anti spam function at your website.
52
 
 
 
 
 
 
53
  = Additional features =
54
  * Online, daily and weekly anti spam reports traffic VS spam.
55
  * Apps for iPhone, Android to control anti spam service, comments, signups, contacts. With traffic and spam statistics for last 7 days.
@@ -148,6 +153,13 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
148
  1. Anti spam stopped spam bot at the CAPTCHA less registration form.
149
 
150
  == Changelog ==
 
 
 
 
 
 
 
151
  = 4.5 2014-11-04 =
152
  * Fixed CF7 JavaScript bug.
153
  * Fixed rejects in bbPress guests comments.
@@ -417,6 +429,9 @@ WordPress 3.0 at least. PHP 4, 5 with CURL or file_get_contents() function and e
417
  * First version
418
 
419
  == Upgrade Notice ==
 
 
 
420
  = 4.5 2014-11-04 =
421
  Bug fixes for Contact form 7 and bbPress guests posting.
422
 
1
+ === Anti-spam by CleanTalk (no CAPTCHA) ===
2
  Contributors: znaeff, shagimuratov
3
  Tags: antispam, anti-spam, anti spam, spam, spammers, captcha, comments, registration, contact form, blacklist, math, signup, formidable, bot, spam bots, spammy, s2member, wordpress, support, BuddyPress, bbpress, landing pages, fast secure contact form, WooCommerce, jetpack, cf7, akismet
4
  Requires at least: 3.0
5
  Tested up to: 4.0
6
+ Stable tag: 4.6
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
10
+ No spam comments, no spam registrations, no spam emails, no captcha and no spam bots. Cloud, CAPTCHA less, premium anti-spam for WordPress.
11
 
12
  == Description ==
13
  No CAPTCHA, no questions, no counting animals, no puzzles, no math and no spam bots.
50
  * No captcha, puzzles, etc.
51
  * Free mobile app to control anti spam function at your website.
52
 
53
+ = How to protect sites from spam bots without CAPTCHA? =
54
+ The most popular method is CAPTCHA -- the annoying picture with curved and sloping symbols, which are offered to the visitor to fill in. It is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if one wants to speak out, he has to fill in these symbols time after time, making mistakes and starting once again.
55
+ Sometimes CAPTCHA reminds doodle 2x year old child. For users with vision problems captcha is just an insurmountable obstacle. Users hate captcha. Captcha for users means "hate". Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to bring it up to 95% reject further attempts.
56
+ At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts Concerning the Need for CAPTCHA?
57
+
58
  = Additional features =
59
  * Online, daily and weekly anti spam reports traffic VS spam.
60
  * Apps for iPhone, Android to control anti spam service, comments, signups, contacts. With traffic and spam statistics for last 7 days.
153
  1. Anti spam stopped spam bot at the CAPTCHA less registration form.
154
 
155
  == Changelog ==
156
+ = 4.6 2014-11-11 =
157
+ * Improved anti spam protection on BuddyPress registrations.
158
+ * Improved anti spam protection on contact forms.
159
+ * Removed plugin sign from pending, spam comments. To get details about a comment please use Dashboard at cleantalk.org.
160
+ * Improved Access key validation function.
161
+ * Added protection for bbPress comments via stop list. Stop list function is a list to reject comments by prefiled words. To fill the list please use Dashboard at cleantalk.org.
162
+
163
  = 4.5 2014-11-04 =
164
  * Fixed CF7 JavaScript bug.
165
  * Fixed rejects in bbPress guests comments.
429
  * First version
430
 
431
  == Upgrade Notice ==
432
+ = 4.6 2014-11-11 =
433
+ Minor changes in anti spam logic for BuddyPress registrations, contact forms and bbPress guest posting.
434
+
435
  = 4.5 2014-11-04 =
436
  Bug fixes for Contact form 7 and bbPress guests posting.
437