Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

February 14 2019 = * Fix: Http_only flag for backend cookies. * Fix: Spam filtration improved. * New: IP detection improved. * Fix: SpamFirewall update speeded up. * New: False positives with caching solutions decreased. * New: Opportunity to use Wordpress HTTP API to connect with Cloud.

Download this release

Release Info

Developer	Safronik
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	5.115
Comparing to
See all releases

Code changes from version 5.114 to 5.115

Files changed (13) hide show

cleantalk.php +11 -7
inc/cleantalk-admin.php +3 -3
inc/cleantalk-ajax.php +1 -0
inc/cleantalk-common.php +11 -0
inc/cleantalk-public.php +66 -45
inc/cleantalk-settings.php +6 -7
js/apbct-public--gdpr.js +3 -3
js/apbct-public.js +44 -0
lib/Cleantalk.php +62 -34
lib/CleantalkHelper.php +26 -7
lib/CleantalkSFW_Base.php +9 -9
lib/CleantalkState.php +1 -0
readme.txt +17 -1

cleantalk.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	- Version: 5.~~114~~
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
	@@ -78,6 +78,8 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
78	$apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
79
80	}


81
82	/** @todo HARDCODE FIX */
83	if($apbct->plugin_version === '1.0.0')
	@@ -758,18 +760,20 @@ function apbct_cookie(){
758	'cookies_names' => array(),
759	'check_value' => $apbct->api_key,
760	);
761	-


762	// Submit time
763	if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
764	$apbct_timestamp = time();
765	- setcookie('apbct_timestamp', $apbct_timestamp, 0, '/');
766	$cookie_test_value['cookies_names'][] = 'apbct_timestamp';
767	$cookie_test_value['check_value'] .= $apbct_timestamp;
768	}
769
770	// Pervious referer
771	if(!empty($_SERVER['HTTP_REFERER'])){
772	- setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0, '/');
773	$cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
774	$cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
775	}
	@@ -779,20 +783,20 @@ function apbct_cookie(){
779	$site_landing_timestamp = $_COOKIE['apbct_site_landing_ts'];
780	}else{
781	$site_landing_timestamp = time();
782	- setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/');
783	}
784	$cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
785	$cookie_test_value['check_value'] .= $site_landing_timestamp;
786
787	// Page hits
788	$page_hits = isset($_COOKIE['apbct_page_hits']) && apbct_cookies_test() ? $_COOKIE['apbct_page_hits'] + 1 : 1;
789	- setcookie('apbct_page_hits', $page_hits, 0, '/');
790	$cookie_test_value['cookies_names'][] = 'apbct_page_hits';
791	$cookie_test_value['check_value'] .= $page_hits;
792
793	// Cookies test
794	$cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
795	- setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/');
796
797	$apbct->flags__cookies_setuped = true;
798


3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	+ Version: 5.115
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/

78	$apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
79
80	}
81	+
82	+ add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax'); // Passing JS key to frontend
83
84	/** @todo HARDCODE FIX */
85	if($apbct->plugin_version === '1.0.0')

760	'cookies_names' => array(),
761	'check_value' => $apbct->api_key,
762	);
763	+
764	+ $domain = parse_url(get_option('siteurl'),PHP_URL_HOST);
765	+
766	// Submit time
767	if(empty($_POST['ct_multipage_form'])){ // Do not start/reset page timer if it is multipage form (Gravitiy forms))
768	$apbct_timestamp = time();
769	+ setcookie('apbct_timestamp', $apbct_timestamp, 0, '/', $domain, false, true);
770	$cookie_test_value['cookies_names'][] = 'apbct_timestamp';
771	$cookie_test_value['check_value'] .= $apbct_timestamp;
772	}
773
774	// Pervious referer
775	if(!empty($_SERVER['HTTP_REFERER'])){
776	+ setcookie('apbct_prev_referer', $_SERVER['HTTP_REFERER'], 0, '/', $domain, false, true);
777	$cookie_test_value['cookies_names'][] = 'apbct_prev_referer';
778	$cookie_test_value['check_value'] .= $_SERVER['HTTP_REFERER'];
779	}

783	$site_landing_timestamp = $_COOKIE['apbct_site_landing_ts'];
784	}else{
785	$site_landing_timestamp = time();
786	+ setcookie('apbct_site_landing_ts', $site_landing_timestamp, 0, '/', $domain, false, true);
787	}
788	$cookie_test_value['cookies_names'][] = 'apbct_site_landing_ts';
789	$cookie_test_value['check_value'] .= $site_landing_timestamp;
790
791	// Page hits
792	$page_hits = isset($_COOKIE['apbct_page_hits']) && apbct_cookies_test() ? $_COOKIE['apbct_page_hits'] + 1 : 1;
793	+ setcookie('apbct_page_hits', $page_hits, 0, '/', $domain, false, true);
794	$cookie_test_value['cookies_names'][] = 'apbct_page_hits';
795	$cookie_test_value['check_value'] .= $page_hits;
796
797	// Cookies test
798	$cookie_test_value['check_value'] = md5($cookie_test_value['check_value']);
799	+ setcookie('apbct_cookies_test', urlencode(json_encode($cookie_test_value)), 0, '/', $domain, false, true);
800
801	$apbct->flags__cookies_setuped = true;
802

inc/cleantalk-admin.php CHANGED Viewed

	@@ -197,7 +197,6 @@ function apbct_admin__plugin_action_links($links, $file) {
197	*/
198	function apbct_admin__register_plugin_links($links, $file){
199
200	-
201	global $apbct;
202
203	//Return if it's not our plugin
	@@ -220,6 +219,7 @@ function apbct_admin__register_plugin_links($links, $file){
220	.__('Translate', 'cleantalk')
221	.'</a>';
222

223	$links[] = '<a class="ct_meta_links ct_faq_links" href="http://wordpress.org/plugins/cleantalk-spam-protect/faq/" target="_blank">' . __( 'FAQ','cleantalk' ) . '</a>';
224	$links[] = '<a class="ct_meta_links ct_support_links"href="https://wordpress.org/support/plugin/cleantalk-spam-protect" target="_blank">' . __( 'Support','cleantalk' ) . '</a>';
225	$trial = apbct_admin__badge__get_premium(false);
	@@ -304,7 +304,7 @@ function apbct_admin__enqueue_scripts($hook){
304	if($hook == 'comments_page_ct_check_spam'){
305	wp_enqueue_script('ct_comments_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-comments-checkspam.js'), array(), APBCT_VERSION);
306	wp_localize_script( 'jquery', 'ctCommentsCheck', array(
307	- 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
308	'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
309	'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
310	'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,
	@@ -354,7 +354,7 @@ function apbct_admin__enqueue_scripts($hook){
354	if($hook == 'users_page_ct_check_users'){
355	wp_enqueue_script('ct_users_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-users-checkspam.js'), array(), APBCT_VERSION);
356	wp_localize_script( 'jquery', 'ctUsersCheck', array(
357	- 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
358	'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
359	'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
360	'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,


197	*/
198	function apbct_admin__register_plugin_links($links, $file){
199

200	global $apbct;
201
202	//Return if it's not our plugin

219	.__('Translate', 'cleantalk')
220	.'</a>';
221
222	+ $links[] = '<a class="ct_meta_links" href="'.$apbct->settings_link.'" target="_blank">' . __( 'Start here','cleantalk' ) . '</a>';
223	$links[] = '<a class="ct_meta_links ct_faq_links" href="http://wordpress.org/plugins/cleantalk-spam-protect/faq/" target="_blank">' . __( 'FAQ','cleantalk' ) . '</a>';
224	$links[] = '<a class="ct_meta_links ct_support_links"href="https://wordpress.org/support/plugin/cleantalk-spam-protect" target="_blank">' . __( 'Support','cleantalk' ) . '</a>';
225	$trial = apbct_admin__badge__get_premium(false);

304	if($hook == 'comments_page_ct_check_spam'){
305	wp_enqueue_script('ct_comments_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-comments-checkspam.js'), array(), APBCT_VERSION);
306	wp_localize_script( 'jquery', 'ctCommentsCheck', array(
307	+ 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
308	'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
309	'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
310	'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,

354	if($hook == 'users_page_ct_check_users'){
355	wp_enqueue_script('ct_users_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-users-checkspam.js'), array(), APBCT_VERSION);
356	wp_localize_script( 'jquery', 'ctUsersCheck', array(
357	+ 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
358	'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
359	'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
360	'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,

inc/cleantalk-ajax.php CHANGED Viewed

	@@ -274,6 +274,7 @@ function ct_ajax_hook($message_obj = false, $additional = false)
274	'the_champ_user_auth', // Super Socializer
275	'simbatfa-init-otp', //Two-Factor Auth
276	'wppb_msf_check_required_fields', //ProfileBuilder skip step checking

277	);
278
279	//General post_info for all ajax calls


274	'the_champ_user_auth', // Super Socializer
275	'simbatfa-init-otp', //Two-Factor Auth
276	'wppb_msf_check_required_fields', //ProfileBuilder skip step checking
277	+ 'boss_we_login', //Login form
278	);
279
280	//General post_info for all ajax calls

inc/cleantalk-common.php CHANGED Viewed

	@@ -105,6 +105,7 @@ function apbct_base_call($params = array(), $reg_flag = false){
105
106	$ct = new Cleantalk();
107

108	$ct->ssl_on = $apbct->settings['ssl_on'];
109	$ct->ssl_path = APBCT_CASERT_PATH;
110	$ct->server_url = $apbct->settings['server'];
	@@ -240,6 +241,16 @@ function apbct_visibile_fields__process($visible_fields) {
240	return $visible_fields;
241	}
242










243	/**
244	* Get ct_get_checkjs_value
245	* @return string


105
106	$ct = new Cleantalk();
107
108	+ $ct->use_bultin_api = $apbct->settings['use_buitin_http_api'] ? true : false;
109	$ct->ssl_on = $apbct->settings['ssl_on'];
110	$ct->ssl_path = APBCT_CASERT_PATH;
111	$ct->server_url = $apbct->settings['server'];

241	return $visible_fields;
242	}
243
244	+ /*
245	+ * Outputs JS key for AJAX-use only. Stops script.
246	+ */
247	+ function apbct_js_keys__get__ajax(){
248	+ if(!$direct_call) check_ajax_referer('ct_secret_stuff');
249	+ die(json_encode(array(
250	+ 'js_key' => ct_get_checkjs_value((bool)$_POST['random_key'])
251	+ )));
252	+ }
253	+
254	/**
255	* Get ct_get_checkjs_value
256	* @return string

inc/cleantalk-public.php CHANGED Viewed

	@@ -329,7 +329,7 @@ function ct_validate_ccf_submission($value, $field_id, $required){
329	$post_info['comment_type'] = 'feedback_custom_contact_forms';
330	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
331
332	- $checkjs = !apbct_js_test('ct_checkjs', $_COOKIE, true)
333	? apbct_js_test('ct_checkjs', $_COOKIE, true)
334	: apbct_js_test('ct_checkjs', $_POST, true);
335
	@@ -377,7 +377,7 @@ function ct_woocommerce_wishlist_check($args){
377	$post_info['comment_type'] = 'feedback';
378	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
379
380	- $checkjs = !apbct_js_test('ct_checkjs', $_COOKIE, true)
381	? apbct_js_test('ct_checkjs', $_COOKIE, true)
382	: apbct_js_test('ct_checkjs', $_POST, true);
383
	@@ -527,7 +527,7 @@ function apbct_integration__buddyPres__private_msg_check( $bp_message_obj){
527	'comment_type' => 'buddypress_comment',
528	'post_url' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
529	),
530	- 'checkjs' => !apbct_js_test('ct_checkjs', $_COOKIE, true)
531	? apbct_js_test('ct_checkjs', $_COOKIE, true)
532	: apbct_js_test('ct_checkjs', $_POST, true),
533	'sender_info' => array('sender_url' => null),
	@@ -564,7 +564,7 @@ function ct_pirate_forms_check(){
564	if($subject != '')
565	$message = array_merge(array('subject' => $subject), $message);
566
567	- $post_info['comment_type'] = '~~feedback_pirate_contact_form~~';
568	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
569
570	//Making a call
	@@ -629,13 +629,14 @@ function apbct_hook__wp_footer() {
629	* Adds hidden filed to define avaialbility of client's JavaScript
630	* @param bool $random_key switch on generation random key for every page load
631	*/
632	- function ct_add_hidden_fields($random_key = false, $field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false) {
633
634	global $ct_checkjs_def, $apbct;
635
636	$ct_checkjs_key = ct_get_checkjs_value($random_key);
637	$field_id_hash = md5(rand(0, 1000));
638

639	if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
640
641	$html = "<script type='text/javascript'>
	@@ -644,9 +645,28 @@ function ct_add_hidden_fields($random_key = false, $field_name = 'ct_checkjs', $
644	}
645	ctSetCookie('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
646	</script>";



647
648	- } ~~else~~ {


649














650	// Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
651	if($no_print)
652	return;
	@@ -663,7 +683,7 @@ function ct_add_hidden_fields($random_key = false, $field_name = 'ct_checkjs', $
663	}
664	}, 1000);
665	</script>";
666	- };
667
668	// Simplify JS code and Fixing issue with wpautop()
669	$html = str_replace(array("\n","\r","\t"),'', $html);
	@@ -759,7 +779,7 @@ function ct_frm_validate_entry ($errors, $values) {
759	} unset($value);
760	$message = array_flip($message);
761
762	- $checkjs = !apbct_js_test('ct_checkjs', $_COOKIE, true)
763	? apbct_js_test('ct_checkjs', $_COOKIE, true)
764	: apbct_js_test('ct_checkjs', $_POST, true);
765
	@@ -768,7 +788,7 @@ function ct_frm_validate_entry ($errors, $values) {
768	'message' => $message,
769	'sender_email' => $sender_email,
770	'sender_nickname' => $sender_nickname,
771	- 'post_info' => array('comment_type' => '~~contact_form_formidable~~'),
772	'checkjs' => $checkjs
773	)
774	);
	@@ -800,11 +820,9 @@ function ct_bbp_get_topic($topic){
800	* @return mixed[] $comment Comment string
801	*/
802	function ct_bbp_new_pre_content ($comment) {

803	global $apbct, $current_user, $ct_bbp_topic;
804
805	-
806	-
807	-
808	if ( !$apbct->settings['comments_test']) {
809	return $comment;
810	}
	@@ -814,7 +832,7 @@ function ct_bbp_new_pre_content ($comment) {
814	in_array("administrator", $current_user->roles))
815	return $comment;
816
817	- $checkjs = !apbct_js_test('ct_checkjs', $_COOKIE, true)
818	? apbct_js_test('ct_checkjs', $_COOKIE, true)
819	: apbct_js_test('ct_checkjs', $_POST, true);
820
	@@ -917,7 +935,7 @@ function ct_preprocess_comment($comment) {
917	// Comment type
918	$post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
919
920	- $checkjs = !apbct_js_test('ct_checkjs', $_COOKIE, true)
921	? apbct_js_test('ct_checkjs', $_COOKIE, true)
922	: apbct_js_test('ct_checkjs', $_POST, true);
923
	@@ -1246,16 +1264,14 @@ function ct_plugin_active($plugin_name){
1246	* @return null
1247	*/
1248	function ct_register_form() {
1249	- global $ct_checkjs_register_form, $apbct;
1250	-
1251

1252
1253	-
1254	if ($apbct->settings['registrations_test'] == 0) {
1255	return false;
1256	}
1257
1258	- ct_add_hidden_fields(true, $ct_checkjs_register_form, false);
1259
1260	return null;
1261	}
	@@ -1371,17 +1387,16 @@ function ct_test_message($nickname, $email, $ip, $text){
1371	* @return array with checking result;
1372	*/
1373	function ct_test_registration($nickname, $email, $ip){

1374	global $ct_checkjs_register_form, $apbct;
1375
1376	-
1377	-
1378	- $~~checkjs~~ = ~~apbct_js_test(~~$~~ct_checkjs_register_form, $_POST, true)~~;
1379	- ~~$sender_info['post_checkjs_passed'] = $checkjs;~~
1380	- // ~~This~~ ~~hack~~ ~~can~~ be ~~helpfull when plugin uses with untested themes&signups plugins.~~
1381	- if ~~(!$~~checkjs~~) {~~
1382	- ~~$checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true);~~
1383	- $sender_info['cookie_checkjs_passed'] = $checkjs;
1384	- }
1385
1386	//Making a call
1387	$base_call_result = apbct_base_call(
	@@ -1537,8 +1552,8 @@ function apbct_registration__Wordpress__changeMailNotification($wp_new_user_noti
1537	$wp_new_user_notification_email_admin['message'] = PHP_EOL
1538	.__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk')
1539	."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1540	- ."\n" . 'IP: ' . ~~'https://cleantalk.org/blacklists/' .~~ $apbct->sender_ip ~~. '?utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'~~
1541	- ."\n" . 'Email: ' . ~~'https://cleantalk.org/blacklists/' .~~ $apbct->sender_email ~~. '?utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'~~
1542	.PHP_EOL . PHP_EOL .
1543	__('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
1544	.'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'
	@@ -1655,7 +1670,7 @@ function ct_contact_form_is_spam($form) {
1655	'message' => $message,
1656	'sender_email' => $sender_email,
1657	'sender_nickname' => $sender_nickname,
1658	- 'post_info' => array('comment_type' => '~~contact_form_grunion~~'),
1659	'sender_info' => array('sender_url' => @$form['comment_author_url']),
1660	'checkjs' => apbct_js_test($js_field_name, $_POST, true),
1661	)
	@@ -1690,7 +1705,7 @@ function ct_contact_form_is_spam_jetpack($is_spam,$form) {
1690	'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
1691	'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
1692	'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
1693	- 'post_info' => array('comment_type' => '~~contact_form_grunion~~'),
1694	'sender_info' => array('sender_url' => @$form['comment_author_url']),
1695	)
1696	);
	@@ -1768,7 +1783,7 @@ function apbct_form__contactForm7__testSpam($param) {
1768	'message' => $message,
1769	'sender_email' => $sender_email,
1770	'sender_nickname' => $sender_nickname,
1771	- 'post_info' => array('comment_type' => '~~contact_form_cf7~~'),
1772	'checkjs' => $checkjs,
1773	)
1774	);
	@@ -1782,7 +1797,6 @@ function apbct_form__contactForm7__testSpam($param) {
1782	$apbct->sender_ip = CleantalkHelper::ip_get(array('real'));
1783	add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
1784	}
1785	-
1786
1787	if ($ct_result->allow == 0) {
1788
	@@ -1823,7 +1837,7 @@ function apbct_form__contactForm7__changeMailNotification($component){
1823	global $apbct;
1824
1825	$component['body'] =
1826	- __('CleanTalk AntiSpam: This message is spam. ~~You could check it at cleantalk.org.~~', 'cleantalk')
1827	.PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1828	.PHP_EOL . 'IP: ' . $apbct->sender_ip
1829	.PHP_EOL . 'Email: ' . $apbct->sender_email
	@@ -1878,7 +1892,7 @@ function apbct_form__ninjaForms__testSpam() {
1878	'message' => $message,
1879	'sender_email' => $sender_email,
1880	'sender_nickname' => $sender_nickname,
1881	- 'post_info' => array('comment_type' => '~~contact_form_ninja_froms~~'),
1882	'checkjs' => $checkjs,
1883	)
1884	);
	@@ -1923,8 +1937,8 @@ function apbct_form__ninjaForms__changeMailNotification($message, $data, $action
1923	.PHP_EOL
1924	.__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
1925	.PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1926	- .PHP_EOL . 'IP: ' . ~~'https://cleantalk.org/blacklists/' .~~ $apbct->sender_ip ~~. '?utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_spam_passed'~~
1927	- .PHP_EOL . 'Email: ' . ~~'https://cleantalk.org/blacklists/' .~~ $apbct->sender_email ~~. '?utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_spam_passed'~~
1928	.PHP_EOL .
1929	__('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
1930	'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token
	@@ -2026,7 +2040,7 @@ function apbct_form__WPForms__testSpam() {
2026	'message' => $message,
2027	'sender_email' => $sender_email,
2028	'sender_nickname' => $sender_nickname,
2029	- 'post_info' => array('comment_type' => '~~contact_form_wp_forms~~'),
2030	'checkjs' => $checkjs,
2031	)
2032	);
	@@ -2121,7 +2135,7 @@ function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
2121	'message' => $message,
2122	'sender_email' => $sender_email,
2123	'sender_nickname' => $sender_nickname,
2124	- 'post_info' => array('comment_type' => '~~contact_form_fscf~~'),
2125	'checkjs' => apbct_js_test('ct_checkjs', $_POST, true),
2126	)
2127	);
	@@ -2197,7 +2211,7 @@ function ct_check_wplp(){
2197	array(
2198	'message' => $message,
2199	'sender_email' => $sender_email,
2200	- 'post_info' => array('comment_type' => '~~contact_form_wplp~~'),
2201	)
2202	);
2203
	@@ -2290,7 +2304,7 @@ function apbct_form__gravityForms__testSpam($is_spam, $form, $entry) {
2290	'message' => $message,
2291	'sender_email' => $sender_email,
2292	'sender_nickname' => $sender_nickname,
2293	- 'post_info' => array('comment_type' => '~~contact_form_gravity_forms~~'),
2294	'checkjs' => $checkjs,
2295	)
2296	);
	@@ -2387,11 +2401,12 @@ function ct_contact_form_validate() {
2387	isset($_POST['comment_post_ID']) \|\| // The comment form
2388	isset($_GET['for']) \|\|
2389	(isset($_POST['log'], $_POST['pwd'])) \|\| //WooCommerce Sensei login form fix



2390	(isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) \|\| //CF7 fix)
2391	(isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) \|\|//Mobile Assistant Connector fix
2392	isset($_POST['gform_submit']) \|\| //Gravity form
2393	- (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) \|\| //WooCommerce recovery password form
2394	- (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) \|\| //WooCommerce login form
2395	strpos($_SERVER['REQUEST_URI'], 'wc-ajax=get_refreshed_fragments') !== false \|\|
2396	(isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) \|\|
2397	(isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) \|\|
	@@ -2399,7 +2414,8 @@ function ct_contact_form_validate() {
2399	(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'my-dashboard/') !== false) \|\| // ticket_id=7885
2400	isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) \|\| // ticket_id=9122
2401	(isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') \|\| // WPForms
2402	- (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') // JetPack

2403	) {
2404	return null;
2405	}
	@@ -2723,12 +2739,17 @@ function ct_enqueue_scripts_public($hook){
2723	// Differnt JS params
2724	wp_enqueue_script('ct_public', APBCT_URL_PATH.'/js/apbct-public.js', array('jquery'), APBCT_VERSION, false /in header/);
2725





2726	// GDPR script
2727	if($apbct->settings['gdpr_enabled']){
2728
2729	wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.js', array('jquery', 'ct_public'), APBCT_VERSION, false /in header/);
2730
2731	- wp_localize_script('ct_public_gdpr', '~~ctPublic~~', array(
2732	'gdpr_forms' => array(),
2733	'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk'),
2734	));


329	$post_info['comment_type'] = 'feedback_custom_contact_forms';
330	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
331
332	+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true)
333	? apbct_js_test('ct_checkjs', $_COOKIE, true)
334	: apbct_js_test('ct_checkjs', $_POST, true);
335

377	$post_info['comment_type'] = 'feedback';
378	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
379
380	+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true)
381	? apbct_js_test('ct_checkjs', $_COOKIE, true)
382	: apbct_js_test('ct_checkjs', $_POST, true);
383

527	'comment_type' => 'buddypress_comment',
528	'post_url' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null,
529	),
530	+ 'checkjs' => apbct_js_test('ct_checkjs', $_COOKIE, true)
531	? apbct_js_test('ct_checkjs', $_COOKIE, true)
532	: apbct_js_test('ct_checkjs', $_POST, true),
533	'sender_info' => array('sender_url' => null),

564	if($subject != '')
565	$message = array_merge(array('subject' => $subject), $message);
566
567	+ $post_info['comment_type'] = 'contact_form_wordpress_feedback_pirate';
568	$post_info['post_url'] = $_SERVER['HTTP_REFERER'];
569
570	//Making a call

629	* Adds hidden filed to define avaialbility of client's JavaScript
630	* @param bool $random_key switch on generation random key for every page load
631	*/
632	+ function ct_add_hidden_fields($random_key = false, $field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false, $ajax = true) {
633
634	global $ct_checkjs_def, $apbct;
635
636	$ct_checkjs_key = ct_get_checkjs_value($random_key);
637	$field_id_hash = md5(rand(0, 1000));
638
639	+ // Using only cookies
640	if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
641
642	$html = "<script type='text/javascript'>

645	}
646	ctSetCookie('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
647	</script>";
648	+
649	+ // Using AJAX to get key
650	+ }elseif($apbct->settings['use_ajax'] && $ajax){
651
652	+ // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
653	+ if($no_print)
654	+ return;
655
656	+ $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
657	+ $field_id = $field_name . '_' . $field_id_hash;
658	+ $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
659	+ <script type='text/javascript'>
660	+ setTimeout(function(){
661	+ apbct_sendAJAXRequest(
662	+ {action: 'apbct_js_keys__get', random_key: $random_key},
663	+ {callback: apbct_js_keys__set_input_value, input_name: '{$field_id}'}
664	+ );
665	+ }, 1000);
666	+ </script>";
667	+
668	+ // Set KEY from backend
669	+ }else{
670	// Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
671	if($no_print)
672	return;

683	}
684	}, 1000);
685	</script>";
686	+ }
687
688	// Simplify JS code and Fixing issue with wpautop()
689	$html = str_replace(array("\n","\r","\t"),'', $html);

779	} unset($value);
780	$message = array_flip($message);
781
782	+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true)
783	? apbct_js_test('ct_checkjs', $_COOKIE, true)
784	: apbct_js_test('ct_checkjs', $_POST, true);
785

788	'message' => $message,
789	'sender_email' => $sender_email,
790	'sender_nickname' => $sender_nickname,
791	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_formidable'),
792	'checkjs' => $checkjs
793	)
794	);

820	* @return mixed[] $comment Comment string
821	*/
822	function ct_bbp_new_pre_content ($comment) {
823	+
824	global $apbct, $current_user, $ct_bbp_topic;
825



826	if ( !$apbct->settings['comments_test']) {
827	return $comment;
828	}

832	in_array("administrator", $current_user->roles))
833	return $comment;
834
835	+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true)
836	? apbct_js_test('ct_checkjs', $_COOKIE, true)
837	: apbct_js_test('ct_checkjs', $_POST, true);
838

935	// Comment type
936	$post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
937
938	+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true)
939	? apbct_js_test('ct_checkjs', $_COOKIE, true)
940	: apbct_js_test('ct_checkjs', $_POST, true);
941

1264	* @return null
1265	*/
1266	function ct_register_form() {


1267
1268	+ global $ct_checkjs_register_form, $apbct;
1269

1270	if ($apbct->settings['registrations_test'] == 0) {
1271	return false;
1272	}
1273
1274	+ ct_add_hidden_fields(true, $ct_checkjs_register_form, false, false, false, false);
1275
1276	return null;
1277	}

1387	* @return array with checking result;
1388	*/
1389	function ct_test_registration($nickname, $email, $ip){
1390	+
1391	global $ct_checkjs_register_form, $apbct;
1392
1393	+ if(apbct_js_test($ct_checkjs_register_form, $_POST, true)){
1394	+ $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST, true);
1395	+ $sender_info['post_checkjs_passed'] = $checkjs;
1396	+ }else{
1397	+ $checkjs = $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true);
1398	+ $sender_info['cookie_checkjs_passed'] = $checkjs;
1399	+ }


1400
1401	//Making a call
1402	$base_call_result = apbct_base_call(

1552	$wp_new_user_notification_email_admin['message'] = PHP_EOL
1553	.__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk')
1554	."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1555	+ ."\n" . 'IP: ' . $apbct->sender_ip
1556	+ ."\n" . 'Email: ' . $apbct->sender_email
1557	.PHP_EOL . PHP_EOL .
1558	__('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
1559	.'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'

1670	'message' => $message,
1671	'sender_email' => $sender_email,
1672	'sender_nickname' => $sender_nickname,
1673	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1674	'sender_info' => array('sender_url' => @$form['comment_author_url']),
1675	'checkjs' => apbct_js_test($js_field_name, $_POST, true),
1676	)

1705	'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
1706	'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
1707	'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
1708	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
1709	'sender_info' => array('sender_url' => @$form['comment_author_url']),
1710	)
1711	);

1783	'message' => $message,
1784	'sender_email' => $sender_email,
1785	'sender_nickname' => $sender_nickname,
1786	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
1787	'checkjs' => $checkjs,
1788	)
1789	);

1797	$apbct->sender_ip = CleantalkHelper::ip_get(array('real'));
1798	add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
1799	}

1800
1801	if ($ct_result->allow == 0) {
1802

1837	global $apbct;
1838
1839	$component['body'] =
1840	+ __('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
1841	.PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1842	.PHP_EOL . 'IP: ' . $apbct->sender_ip
1843	.PHP_EOL . 'Email: ' . $apbct->sender_email

1892	'message' => $message,
1893	'sender_email' => $sender_email,
1894	'sender_nickname' => $sender_nickname,
1895	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_ninja_froms'),
1896	'checkjs' => $checkjs,
1897	)
1898	);

1937	.PHP_EOL
1938	.__('CleanTalk AntiSpam: This message is spam.', 'cleantalk')
1939	.PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk')
1940	+ .PHP_EOL . 'IP: ' . $apbct->sender_ip
1941	+ .PHP_EOL . 'Email: ' . $apbct->sender_email
1942	.PHP_EOL .
1943	__('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
1944	'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token

2040	'message' => $message,
2041	'sender_email' => $sender_email,
2042	'sender_nickname' => $sender_nickname,
2043	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2044	'checkjs' => $checkjs,
2045	)
2046	);

2135	'message' => $message,
2136	'sender_email' => $sender_email,
2137	'sender_nickname' => $sender_nickname,
2138	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_fscf'),
2139	'checkjs' => apbct_js_test('ct_checkjs', $_POST, true),
2140	)
2141	);

2211	array(
2212	'message' => $message,
2213	'sender_email' => $sender_email,
2214	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wplp'),
2215	)
2216	);
2217

2304	'message' => $message,
2305	'sender_email' => $sender_email,
2306	'sender_nickname' => $sender_nickname,
2307	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_gravity_forms'),
2308	'checkjs' => $checkjs,
2309	)
2310	);

2401	isset($_POST['comment_post_ID']) \|\| // The comment form
2402	isset($_GET['for']) \|\|
2403	(isset($_POST['log'], $_POST['pwd'])) \|\| //WooCommerce Sensei login form fix
2404	+ (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) \|\| // WooCommerce recovery password form
2405	+ (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) \|\| // WooCommerce login form
2406	+ (isset($_POST['wc-api']) && strtolower($_POST['wc-api']) == 'wc_gateway_systempay') \|\| // Woo Systempay payment plugin
2407	(isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) \|\| //CF7 fix)
2408	(isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) \|\|//Mobile Assistant Connector fix
2409	isset($_POST['gform_submit']) \|\| //Gravity form


2410	strpos($_SERVER['REQUEST_URI'], 'wc-ajax=get_refreshed_fragments') !== false \|\|
2411	(isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) \|\|
2412	(isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) \|\|

2414	(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'],'my-dashboard/') !== false) \|\| // ticket_id=7885
2415	isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) \|\| // ticket_id=9122
2416	(isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') \|\| // WPForms
2417	+ (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') \|\| // JetPack
2418	+ (isset($_POST['action']) && $_POST['action'] == 'bbp-update-user') //BBP update user info page
2419	) {
2420	return null;
2421	}

2739	// Differnt JS params
2740	wp_enqueue_script('ct_public', APBCT_URL_PATH.'/js/apbct-public.js', array('jquery'), APBCT_VERSION, false /in header/);
2741
2742	+ wp_localize_script('ct_public', 'ctPublic', array(
2743	+ '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
2744	+ '_ajax_url' => admin_url('admin-ajax.php'),
2745	+ ));
2746	+
2747	// GDPR script
2748	if($apbct->settings['gdpr_enabled']){
2749
2750	wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.js', array('jquery', 'ct_public'), APBCT_VERSION, false /in header/);
2751
2752	+ wp_localize_script('ct_public_gdpr', 'ctPublicGDPR', array(
2753	'gdpr_forms' => array(),
2754	'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk'),
2755	));

inc/cleantalk-settings.php CHANGED Viewed

	@@ -115,11 +115,11 @@ function apbct_settings__add_page() {
115	'default_params' => array(),
116	'description' => '',
117	'html_before' => '<hr><br>'
118	- .~~($apbct->api_key ?~~ '<span id="ct_adv_showhide">'
119	.'<a href="#" class="apbct_color--gray" onclick="event.preventDefault(); apbct_show_hide_elem(\'#apbct_settings__davanced_settings\');">'
120	.__('Advanced settings', 'cleantalk')
121	.'</a>'
122	- .'</span>' ~~: '')~~
123	.'<div id="apbct_settings__davanced_settings" style="display: none;">',
124	'html_after' => '',
125	'fields' => array(
	@@ -278,7 +278,7 @@ function apbct_settings__add_page() {
278	'gdpr_enabled' => array(
279	'type' => 'checkbox',
280	'title' => __('Allow to add GDPR notice via shortcode', 'cleantalk'),
281	- 'description' => __('Adds small checkbox under ~~the~~ form. To add it you should ~~you~~ use shortcode on the page ~~with a form~~: [cleantalk_gdpr_form id="FORM_ID"]', 'cleantalk'),
282	'childrens' => array('gdpr_text'),
283	),
284	'gdpr_text' => array(
	@@ -345,7 +345,7 @@ function apbct_settings_page() {
345	apbct_settings__error__output();
346
347	// Top info
348	- if(!$apbct->white_label ~~&& $apbct->api_key~~){
349	echo '<div style="float: right; padding: 15px 15px 5px 15px; font-size: 13px; position: relative; top: -55px; background: #f1f1f1;">';
350
351	echo __('CleanTalk\'s tech support:', 'cleantalk')
	@@ -581,8 +581,7 @@ function apbct_settings__field__state(){
581	.__('Contact forms', 'cleantalk');
582	echo '<img class="apbct_status_icon" src="'.($apbct->settings['general_contact_forms_test']==1 \|\| $apbct->moderate_ip ? $img : $img_no).'"/>'
583	.__('Custom contact forms', 'cleantalk');
584	- if($apbct->~~api_key~~)
585	- echo '<img class="apbct_status_icon" src="'.($apbct->data['moderate'] == 1 \|\| $apbct->moderate_ip ? $img : $img_no).'"/>'
586	.'<a style="color: black" href="https://blog.cleantalk.org/real-time-email-address-existence-validation/">'.__('Validate email for existence', 'cleantalk').'</a>';
587
588	// SFW + current network count
	@@ -946,7 +945,7 @@ function apbct_settings__validate($settings) {
946	// Server error when notice_validate_key
947	}else{
948	$apbct->data['key_is_ok'] = false;
949	- $apbct->~~save~~(~~'data'~~);
950	$apbct->error_add('key_invalid', $result);
951	}
952


115	'default_params' => array(),
116	'description' => '',
117	'html_before' => '<hr><br>'
118	+ .'<span id="ct_adv_showhide">'
119	.'<a href="#" class="apbct_color--gray" onclick="event.preventDefault(); apbct_show_hide_elem(\'#apbct_settings__davanced_settings\');">'
120	.__('Advanced settings', 'cleantalk')
121	.'</a>'
122	+ .'</span>'
123	.'<div id="apbct_settings__davanced_settings" style="display: none;">',
124	'html_after' => '',
125	'fields' => array(

278	'gdpr_enabled' => array(
279	'type' => 'checkbox',
280	'title' => __('Allow to add GDPR notice via shortcode', 'cleantalk'),
281	+ 'description' => __(' Adds small checkbox under your website form. To add it you should use the shortcode on the form\'s page: [cleantalk_gdpr_form id="FORM_ID"]', 'cleantalk'),
282	'childrens' => array('gdpr_text'),
283	),
284	'gdpr_text' => array(

345	apbct_settings__error__output();
346
347	// Top info
348	+ if(!$apbct->white_label){
349	echo '<div style="float: right; padding: 15px 15px 5px 15px; font-size: 13px; position: relative; top: -55px; background: #f1f1f1;">';
350
351	echo __('CleanTalk\'s tech support:', 'cleantalk')

581	.__('Contact forms', 'cleantalk');
582	echo '<img class="apbct_status_icon" src="'.($apbct->settings['general_contact_forms_test']==1 \|\| $apbct->moderate_ip ? $img : $img_no).'"/>'
583	.__('Custom contact forms', 'cleantalk');
584	+ echo '<img class="apbct_status_icon" src="'.($apbct->data['moderate'] == 1 \|\| $apbct->moderate_ip ? $img : $img_no).'"/>'

585	.'<a style="color: black" href="https://blog.cleantalk.org/real-time-email-address-existence-validation/">'.__('Validate email for existence', 'cleantalk').'</a>';
586
587	// SFW + current network count

945	// Server error when notice_validate_key
946	}else{
947	$apbct->data['key_is_ok'] = false;
948	+ $apbct->saveData();
949	$apbct->error_add('key_invalid', $result);
950	}
951

js/apbct-public--gdpr.js CHANGED Viewed

	@@ -1,8 +1,8 @@
1	jQuery(document).ready(function(){
2
3	- if(!~~ctPublic~~.gdpr_forms) return;
4
5	- ~~ctPublic~~.gdpr_forms.forEach(function(item, i, arr){
6
7	var elem = jQuery('#'+item+', .'+item);
8
	@@ -25,7 +25,7 @@ jQuery(document).ready(function(){
25	// Adding notice
26	if(elem.is('form') \|\| elem.attr('role') === 'form'){
27	elem.append('<input id="apbct_gdpr_'+i+'" type="checkbox" required="required " style="display: inline; margin-right: 10px;">')
28	- .append('<label style="display: inline;" for="apbct_gdpr_'+i+'">'+~~ctPublic~~.gdpr_text+'</label>');
29	}
30	});
31


1	jQuery(document).ready(function(){
2
3	+ if(!ctPublicGDPR.gdpr_forms) return;
4
5	+ ctPublicGDPR.gdpr_forms.forEach(function(item, i, arr){
6
7	var elem = jQuery('#'+item+', .'+item);
8

25	// Adding notice
26	if(elem.is('form') \|\| elem.attr('role') === 'form'){
27	elem.append('<input id="apbct_gdpr_'+i+'" type="checkbox" required="required " style="display: inline; margin-right: 10px;">')
28	+ .append('<label style="display: inline;" for="apbct_gdpr_'+i+'">'+ctPublicGDPR.gdpr_text+'</label>');
29	}
30	});
31

js/apbct-public.js CHANGED Viewed

@@ -164,6 +164,50 @@ jQuery(document).ajaxComplete(function(event, xhr, settings) {
+            	}
             });
             //(function(open) {
             //    XMLHttpRequest.prototype.open = function(method, url, async, user, pass) {
             //        this.addEventListener("readystatechange", function() {


164	}
165	});
166
167	+ function apbct_js_keys__set_input_value(result, data, params, obj){
168	+ console.log(result);
169	+ console.log(data);
170	+ console.log(params);
171	+ if (document.getElementById(params.input_name) !== null) {
172	+ var ct_input_value = document.getElementById(params.input_name).value;
173	+ document.getElementById(params.input_name).value = document.getElementById(params.input_name).value.replace(ct_input_value, result.js_key);
174	+ }
175	+ }
176	+
177	+ function apbct_sendAJAXRequest(data, params, obj){
178	+
179	+ // Default params
180	+ var callback = params.callback \|\| null;
181	+ var notJson = params.notJson \|\| null;
182	+ var timeout = params.timeout \|\| 15000;
183	+ var obj = obj \|\| null;
184	+
185	+ data._ajax_nonce = ctPublic._ajax_nonce;
186	+
187	+ jQuery.ajax({
188	+ type: "POST",
189	+ url: ctPublic._ajax_url,
190	+ data: data,
191	+ success: function(result){
192	+ if(!notJson) result = JSON.parse(result);
193	+ if(result.error){
194	+
195	+ }else{
196	+ if(callback)
197	+ callback(result, data, params, obj);
198	+ }
199	+ },
200	+ error: function(jqXHR, textStatus, errorThrown){
201	+ console.log('APBCT_AJAX_ERROR');
202	+ console.log(data);
203	+ console.log(jqXHR);
204	+ console.log(textStatus);
205	+ console.log(errorThrown);
206	+ },
207	+ timeout: timeout
208	+ });
209	+ }
210	+
211	//(function(open) {
212	// XMLHttpRequest.prototype.open = function(method, url, async, user, pass) {
213	// this.addEventListener("readystatechange", function() {

lib/Cleantalk.php CHANGED Viewed

@@ -5,6 +5,11 @@
              */
             class Cleantalk {
                 /**
             	* Maximum data size in bytes
             	* @var int
@@ -229,7 +234,7 @@ class Cleantalk {
                  * @return boolean|\CleantalkResponse
                  */
                 private function sendRequest($data = null, $url, $server_timeout = 3)
-            -
            	{
                     // Convert to array
                     $data = (array)json_decode(json_encode($data), true);
@@ -242,52 +247,75 @@ class Cleantalk {
             		$data = $tmp_data;
             		unset($key, $value, $tmp_data);
-            -
                    // Convert to JSON
-            -
                    $data = json_encode($data);
                     if (isset($this->api_version)) {
                         $url = $url . $this->api_version;
+                    }
-            -
                    // Switching to secure connection
-            -
                    if ($this->ssl_on && !preg_match("/^https:/", $url)){
-            -
                        $url = preg_replace("/^(http)/i", "$1s", $url);
-            -
                    }
                     $result = false;
                     $curl_error = null;
-            -
            		if(function_exists('curl_init')) {
-            -
                        $ch = curl_init();
-            -
                        curl_setopt($ch, CURLOPT_URL, $url);
-            -
                        curl_setopt($ch, CURLOPT_TIMEOUT, $server_timeout);
-            -
                        curl_setopt($ch, CURLOPT_POST, 1);
-            -
                        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
-            -
                        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // receive server response ...
-            -
                        curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:')); // resolve 'Expect: 100-continue' issue
-            -
                        curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); // see http://stackoverflow.com/a/23322368
-            -
-            -
                        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Disabling CA cert verivication and
-            -
            			curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);     // Disabling common name verification
-            -
                        if ($this->ssl_on && $this->ssl_path != '') {
-            -
            				curl_setopt($ch, CURLOPT_CAINFO, $this->ssl_path);
-            -
                        }
-            -
                        $result = curl_exec($ch);
-            -
                        if (!$result) {
-            -
                            $curl_error = curl_error($ch);
-            -
            				// Use SSL next time, if error occurs.
-            -
            				if(!$this->ssl_on){
-            -
            					$this->ssl_on = true;
-            -
            					$args = func_get_args();
-            -
            					return $this->sendRequest($args[0], $args[1], $server_timeout);
+            				}
-            -
                        }
-            -
-            -
                        curl_close($ch);
-            -
                    }
                     if (!$result) {
                         $allow_url_fopen = ini_get('allow_url_fopen');


5	*/
6	class Cleantalk {
7
8	+ /*
9	+ * Use Wordpress built-in API
10	+ */
11	+ public $use_bultin_api = false;
12	+
13	/**
14	* Maximum data size in bytes
15	* @var int

234	* @return boolean\|\CleantalkResponse
235	*/
236	private function sendRequest($data = null, $url, $server_timeout = 3)
237	+ {
238	// Convert to array
239	$data = (array)json_decode(json_encode($data), true);
240

247	$data = $tmp_data;
248	unset($key, $value, $tmp_data);
249
250	+ // Convert to JSON
251	+ $data = json_encode($data);
252
253	if (isset($this->api_version)) {
254	$url = $url . $this->api_version;
255	}
256




257
258	$result = false;
259	$curl_error = null;
260	+
261	+ if($this->use_bultin_api){
262
263	+ $args = array(
264	+ 'body' => $data,
265	+ 'timeout' => $server_timeout,
266	+ 'user-agent' => CLEANTALK_AGENT.' '.get_bloginfo( 'url' ),
267	+ );
268	+
269	+ $result = wp_remote_post($url, $args);
270	+
271	+ if( is_wp_error( $result ) ) {
272	+ $errors = $result->get_error_message();
273	+ $result = false;
274	+ }else{
275	+ $result = wp_remote_retrieve_body($result);
276	+ }
277
278	+ }else{









279



280
281	+ // Switching to secure connection
282	+ if ($this->ssl_on && !preg_match("/^https:/", $url)){
283	+ $url = preg_replace("/^(http)/i", "$1s", $url);
284	+ }
285	+
286	+ if(function_exists('curl_init')) {
287	+
288	+ $ch = curl_init();
289	+
290	+ curl_setopt($ch, CURLOPT_URL, $url);
291	+ curl_setopt($ch, CURLOPT_TIMEOUT, $server_timeout);
292	+ curl_setopt($ch, CURLOPT_POST, 1);
293	+ curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
294	+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // receive server response ...
295	+ curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect:')); // resolve 'Expect: 100-continue' issue
296	+ curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); // see http://stackoverflow.com/a/23322368
297	+
298	+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // Disabling CA cert verivication and
299	+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // Disabling common name verification
300	+
301	+ if ($this->ssl_on && $this->ssl_path != '') {
302	+ curl_setopt($ch, CURLOPT_CAINFO, $this->ssl_path);
303	}
304	+
305	+ $result = curl_exec($ch);
306	+ if (!$result) {
307	+ $curl_error = curl_error($ch);
308	+ // Use SSL next time, if error occurs.
309	+ if(!$this->ssl_on){
310	+ $this->ssl_on = true;
311	+ $args = func_get_args();
312	+ return $this->sendRequest($args[0], $args[1], $server_timeout);
313	+ }
314	+ }
315	+
316	+ curl_close($ch);
317	+ }
318	+ }
319
320	if (!$result) {
321	$allow_url_fopen = ini_get('allow_url_fopen');

lib/CleantalkHelper.php CHANGED Viewed

	@@ -91,22 +91,37 @@ class CleantalkHelper
91	$ips['real'] = $_SERVER['REMOTE_ADDR'];
92
93	// Cloud Flare
94	- if(isset($headers['Cf-Connecting-Ip'])){
95	- if(self::ip_mask_match($ips['real'], self::$cdn_pool['cloud_flare']['ipv4'])){
96	$ips['real'] = $headers['Cf-Connecting-Ip'];
97	- }








98	// Incapsula proxy
99	}elseif(isset($headers['Incap-Client-Ip'])){
100	$ips['real'] = $headers['Incap-Client-Ip'];
101	- ~~// Private networks. Looking for X-Forwarded-For and X-Real-Ip~~
102	- }~~elseif(self::ip_mask_match($ips['real'], self::$private_networks)){~~





103	if(isset($headers['X-Forwarded-For'])){
104	$tmp = explode(",", trim($headers['X-Forwarded-For']));
105	$ips['real']= trim($tmp[0]);


106	}elseif(isset($headers['X-Real-Ip'])){
107	$tmp = explode(",", trim($headers['X-Real-Ip']));
108	$ips['real']= trim($tmp[0]);
109	- }
110	}
111	}
112
	@@ -130,7 +145,11 @@ class CleantalkHelper
130	? reset($result)
131	: null);
132	}
133	-




134	/*
135	* Check if the IP belong to mask. Recursivly if array given
136	* @param ip string


91	$ips['real'] = $_SERVER['REMOTE_ADDR'];
92
93	// Cloud Flare
94	+ if(isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
95	+ // if(self::ip_mask_match($ips['real'], self::$cdn_pool['cloud_flare']['ipv4'])){
96	$ips['real'] = $headers['Cf-Connecting-Ip'];
97	+
98	+ // Sucury
99	+ }elseif(isset($headers['X-Sucuri-Clientip'], $headers['X-Sucuri-Country'])){
100	+ $ips['real'] = $headers['X-Sucuri-Clientip'];
101	+
102	+ // OVH
103	+ }elseif(isset($headers['X-Cdn-Any-Ip'], $headers['Remote-Ip'])){
104	+ $ips['real'] = $headers['Remote-Ip'];
105	+
106	// Incapsula proxy
107	}elseif(isset($headers['Incap-Client-Ip'])){
108	$ips['real'] = $headers['Incap-Client-Ip'];
109	+
110	+ }
111	+
112	+ // Is private network
113	+ if(self::ip__is_private_network($ips['real']) \|\| isset($headers['X-Gt-Clientip'])){
114	+
115	+ // X-Forwarded-For
116	if(isset($headers['X-Forwarded-For'])){
117	$tmp = explode(",", trim($headers['X-Forwarded-For']));
118	$ips['real']= trim($tmp[0]);
119	+
120	+ // X-Real-Ip
121	}elseif(isset($headers['X-Real-Ip'])){
122	$tmp = explode(",", trim($headers['X-Real-Ip']));
123	$ips['real']= trim($tmp[0]);
124	+ }
125	}
126	}
127

145	? reset($result)
146	: null);
147	}
148	+
149	+ static function ip__is_private_network($ip){
150	+ return self::ip_mask_match($ip, self::$private_networks);
151	+ }
152	+
153	/*
154	* Check if the IP belong to mask. Recursivly if array given
155	* @param ip string

lib/CleantalkSFW_Base.php CHANGED Viewed

	@@ -171,19 +171,19 @@ class CleantalkSFW_Base
171	$this->db->query("DELETE FROM ".$this->data_table.";", true);
172
173	// Cast result to int
174	- foreach($result as $value){
175	- $value[0] = ~~intval~~($value[0]);
176	- $value[1] = ~~intval~~($value[1]);


177	} unset($value);
178
179	- $query="INSERT INTO ".$this->data_table." VALUES ";

180	for($i=0, $arr_count = count($result); $i < $arr_count; $i++){
181	- if($i ~~== count(~~$~~result)-~~1){
182	- $query.="(".$result[$i][0].",".$result[$i][1].");";
183	- }else{
184	- $query.="(".$result[$i][0].",".$result[$i][1]."), ";
185	- }
186	}

187	$this->db->query($query, true);
188
189	return true;


171	$this->db->query("DELETE FROM ".$this->data_table.";", true);
172
173	// Cast result to int
174	+ foreach($result as &$value){
175	+ $value[0] = preg_replace('/[^\d]*/', '', $value[0]);
176	+ $value[1] = preg_replace('/[^\d]*/', '', $value[0]);
177	+ $value[0] = empty($value[0]) ? 0 : $value[0];
178	+ $value[1] = empty($value[1]) ? 0 : $value[1];
179	} unset($value);
180
181	+ $query = "INSERT INTO ".$this->data_table." VALUES ";
182	+
183	for($i=0, $arr_count = count($result); $i < $arr_count; $i++){
184	+ $query.="(".$result[$i][0].",".$result[$i][1]."),";




185	}
186	+ $query = substr($query, 0, -1).';';
187	$this->db->query($query, true);
188
189	return true;

lib/CleantalkState.php CHANGED Viewed

	@@ -48,6 +48,7 @@ class CleantalkState
48	'use_ajax' => 1,
49	'general_postdata_test' => 0, //CAPD
50	'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.

51	'ssl_on' => 0, // Secure connection to servers
52	'use_buitin_http_api' => 0, // Using Wordpress HTTP built in API
53


48	'use_ajax' => 1,
49	'general_postdata_test' => 0, //CAPD
50	'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.
51	+ 'alternative_sessions'=> 0, // AJAX Sessions.
52	'ssl_on' => 0, // Secure connection to servers
53	'use_buitin_http_api' => 0, // Using Wordpress HTTP built in API
54

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: safronik
3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 5.0
6	- Stable tag: 5.~~114~~
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
	@@ -558,6 +558,14 @@ If your website has forms that send data to external sources, you can enable opt
558	10. Website's options.
559
560	== Changelog ==








561	= 5.114 January 31 2019 =
562	* New: Setting "Use Wordpress HTTP API" as alternative to CURL. Disabled by default.
563	* Fix: Formidable: Adding small JS check when adding JS_key.
	@@ -1786,6 +1794,14 @@ If your website has forms that send data to external sources, you can enable opt
1786	* First version
1787
1788	== Upgrade Notice ==








1789	= 5.114 January 31 2019 =
1790	* New: Setting "Use Wordpress HTTP API" as alternative to CURL. Disabled by default.
1791	* Fix: Formidable: Adding small JS check when adding JS_key.


3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 5.0
6	+ Stable tag: 5.115
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.

558	10. Website's options.
559
560	== Changelog ==
561	+ = 5.115 February 14 2019 =
562	+ * Fix: Http_only flag for backend cookies.
563	+ * Fix: Spam filtration improved.
564	+ * New: IP detection improved.
565	+ * Fix: SpamFirewall update speeded up.
566	+ * New: False positives with caching solutions decreased.
567	+ * New: Opportunity to use Wordpress HTTP API to connect with Cloud.
568	+
569	= 5.114 January 31 2019 =
570	* New: Setting "Use Wordpress HTTP API" as alternative to CURL. Disabled by default.
571	* Fix: Formidable: Adding small JS check when adding JS_key.

1794	* First version
1795
1796	== Upgrade Notice ==
1797	+ = 5.115 February 14 2019 =
1798	+ * Fix: Http_only flag for backend cookies.
1799	+ * Fix: Spam filtration improved.
1800	+ * New: IP detection improved.
1801	+ * Fix: SpamFirewall update speeded up.
1802	+ * New: False positives with caching solutions decreased.
1803	+ * New: Opportunity to use Wordpress HTTP API to connect with Cloud.
1804	+
1805	= 5.114 January 31 2019 =
1806	* New: Setting "Use Wordpress HTTP API" as alternative to CURL. Disabled by default.
1807	* Fix: Formidable: Adding small JS check when adding JS_key.

Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.115

Version Description

Release Info

Code changes from version 5.114 to 5.115