Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.115.2

Version Description

February 27 2019 = * Fix: False positives spam detection in WP Forms and Contact Form 7.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.115.2
Comparing to
See all releases

Code changes from version 5.115.1 to 5.115.2

Files changed (5) hide show
  1. cleantalk.php +24 -5
  2. inc/cleantalk-common.php +2 -2
  3. inc/cleantalk-public.php +1 -1
  4. lib/CleantalkHelper.php +2 -35
  5. readme.txt +8 -2
cleantalk.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.115.1
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
@@ -78,8 +78,10 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
78
  $apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
79
 
80
  }
81
-
82
- add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax'); // Passing JS key to frontend
 
 
83
 
84
  /** @todo HARDCODE FIX */
85
  if($apbct->plugin_version === '1.0.0')
@@ -348,7 +350,10 @@ function apbct_remote_call__perform()
348
  $apbct->save('remote_calls');
349
 
350
  if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
351
-
 
 
 
352
  // Close renew banner
353
  if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){
354
  $apbct->data['notice_trial'] = 0;
@@ -382,7 +387,7 @@ function apbct_remote_call__perform()
382
  */
383
  function apbct_sfw__check()
384
  {
385
- global $apbct, $cleantalk_url_exclusions;
386
 
387
  // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
388
  if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
@@ -394,6 +399,10 @@ function apbct_sfw__check()
394
  }
395
  }
396
 
 
 
 
 
397
  include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW_Base.php");
398
  include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php");
399
 
@@ -430,6 +439,16 @@ function apbct_sfw__check()
430
 
431
  if($is_sfw_check){
432
  $sfw->ip_check();
 
 
 
 
 
 
 
 
 
 
433
  if($sfw->result){
434
  $sfw->logs__update($sfw->blocked_ip, 'blocked');
435
  $apbct->data['sfw_counter']['blocked']++;
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.115.2
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
78
  $apbct->settings['apikey'] = defined('CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $apbct->settings['apikey'];
79
 
80
  }
81
+
82
+ // Passing JS key to frontend
83
+ add_action('wp_ajax_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
84
+ add_action('wp_ajax_nopriv_apbct_js_keys__get', 'apbct_js_keys__get__ajax');
85
 
86
  /** @todo HARDCODE FIX */
87
  if($apbct->plugin_version === '1.0.0')
350
  $apbct->save('remote_calls');
351
 
352
  if(strtolower($_GET['spbc_remote_call_token']) == strtolower(md5($apbct->api_key))){
353
+
354
+ // Flag to let plugin know that Remote Call is running.
355
+ $apbct->rc_running = true;
356
+
357
  // Close renew banner
358
  if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){
359
  $apbct->data['notice_trial'] = 0;
387
  */
388
  function apbct_sfw__check()
389
  {
390
+ global $apbct, $spbc, $cleantalk_url_exclusions;
391
 
392
  // Turn off the SpamFireWall if current url in the exceptions list and WordPress core pages
393
  if (!empty($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
399
  }
400
  }
401
 
402
+ // Turn off the SpamFireWall if Remote Call is in progress
403
+ if($apbct->rc_running || (!empty($spbc) && $spbc->rc_running))
404
+ return;
405
+
406
  include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW_Base.php");
407
  include_once(CLEANTALK_PLUGIN_DIR . "lib/CleantalkSFW.php");
408
 
439
 
440
  if($is_sfw_check){
441
  $sfw->ip_check();
442
+ if($sfw->result){
443
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name'])){
444
+ $resolved = gethostbyaddr($sfw->blocked_ip);
445
+ if($resolved && preg_match('/cleantalk\.org/', $resolved) === 1 || $resolved === 'back'){
446
+ $sfw->result = false;
447
+ $sfw->passed_ip = $sfw->blocked_ip;
448
+ }
449
+ }
450
+ }
451
+
452
  if($sfw->result){
453
  $sfw->logs__update($sfw->blocked_ip, 'blocked');
454
  $apbct->data['sfw_counter']['blocked']++;
inc/cleantalk-common.php CHANGED
@@ -169,7 +169,7 @@ function apbct_get_sender_info() {
169
 
170
  if (count($_POST) > 0) {
171
  foreach ($_POST as $k => $v) {
172
- if (preg_match("/^ct_check.+/", $k)) {
173
  $checkjs_data_post = $v;
174
  }
175
  }
@@ -244,7 +244,7 @@ function apbct_visibile_fields__process($visible_fields) {
244
  /*
245
  * Outputs JS key for AJAX-use only. Stops script.
246
  */
247
- function apbct_js_keys__get__ajax(){
248
  if(!$direct_call) check_ajax_referer('ct_secret_stuff');
249
  die(json_encode(array(
250
  'js_key' => ct_get_checkjs_value((bool)$_POST['random_key'])
169
 
170
  if (count($_POST) > 0) {
171
  foreach ($_POST as $k => $v) {
172
+ if (preg_match("/^(ct_check|checkjs).+/", $k)) {
173
  $checkjs_data_post = $v;
174
  }
175
  }
244
  /*
245
  * Outputs JS key for AJAX-use only. Stops script.
246
  */
247
+ function apbct_js_keys__get__ajax($direct_call = false){
248
  if(!$direct_call) check_ajax_referer('ct_secret_stuff');
249
  die(json_encode(array(
250
  'js_key' => ct_get_checkjs_value((bool)$_POST['random_key'])
inc/cleantalk-public.php CHANGED
@@ -2040,7 +2040,7 @@ function apbct_form__WPForms__testSpam() {
2040
  'message' => $message,
2041
  'sender_email' => $sender_email,
2042
  'sender_nickname' => $sender_nickname,
2043
- 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2044
  'checkjs' => $checkjs,
2045
  )
2046
  );
2040
  'message' => $message,
2041
  'sender_email' => $sender_email,
2042
  'sender_nickname' => $sender_nickname,
2043
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2044
  'checkjs' => $checkjs,
2045
  )
2046
  );
lib/CleantalkHelper.php CHANGED
@@ -2,38 +2,6 @@
2
 
3
  class CleantalkHelper
4
  {
5
- private static $cdn_pool = array(
6
- 'cloud_flare' => array(
7
- 'ipv4' => array(
8
- '103.21.244.0/22',
9
- '103.22.200.0/22',
10
- '103.31.4.0/22',
11
- '104.16.0.0/12',
12
- '108.162.192.0/18',
13
- '131.0.72.0/22',
14
- '141.101.64.0/18',
15
- '162.158.0.0/15',
16
- '172.64.0.0/13',
17
- '173.245.48.0/20',
18
- '185.93.231.18/20', // User fix
19
- '185.220.101.46/20', // User fix
20
- '188.114.96.0/20',
21
- '190.93.240.0/20',
22
- '197.234.240.0/22',
23
- '198.41.128.0/17',
24
- ),
25
- 'ipv6' => array(
26
- '2400:cb00::/32',
27
- '2405:8100::/32',
28
- '2405:b500::/32',
29
- '2606:4700::/32',
30
- '2803:f800::/32',
31
- '2c0f:f248::/32',
32
- '2a06:98c0::/29',
33
- ),
34
- ),
35
- );
36
-
37
  private static $private_networks = array(
38
  '10.0.0.0/8',
39
  '100.64.0.0/10',
@@ -78,10 +46,9 @@ class CleantalkHelper
78
 
79
  // Cloud Flare
80
  if(isset($ips['cloud_flare'])){
81
- if(isset($headers['Cf-Connecting-Ip'])){
82
- if(self::ip_mask_match($ips['remote_addr'], self::$cdn_pool['cloud_flare']['ipv4'])){
83
  $ips['cloud_flare'] = $headers['Cf-Connecting-Ip'];
84
- }
85
  }
86
  }
87
 
2
 
3
  class CleantalkHelper
4
  {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
5
  private static $private_networks = array(
6
  '10.0.0.0/8',
7
  '100.64.0.0/10',
46
 
47
  // Cloud Flare
48
  if(isset($ips['cloud_flare'])){
49
+ if(isset($headers['Cf-Connecting-Ip'], $headers['Cf-Ipcountry'], $headers['Cf-Ray'])){
50
+ // if(self::ip_mask_match($ips['remote_addr'], self::$cdn_pool['cloud_flare']['ipv4'])){
51
  $ips['cloud_flare'] = $headers['Cf-Connecting-Ip'];
 
52
  }
53
  }
54
 
readme.txt CHANGED
@@ -3,14 +3,14 @@ Contributors: safronik
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.1
6
- Stable tag: 5.115.1
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
10
 
11
  == Description ==
12
 
13
- **Supports: Contact Form 7, Ninja Forms, Gravity Forms, MailChimp, Formidable forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress, Fast Secure Contact form, S2Member, MailPoet, any WordPress registrations & contact forms and themes. Just setup and forget the spam!**
14
 
15
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.
16
 
@@ -558,6 +558,9 @@ If your website has forms that send data to external sources, you can enable opt
558
  10. Website's options.
559
 
560
  == Changelog ==
 
 
 
561
  = 5.115.1 February 16 2019 =
562
  * Fix: SpamFireWall's false positives.
563
 
@@ -1797,6 +1800,9 @@ If your website has forms that send data to external sources, you can enable opt
1797
  * First version
1798
 
1799
  == Upgrade Notice ==
 
 
 
1800
  = 5.115.1 February 16 2019 =
1801
  * Fix: SpamFireWall's false positives.
1802
 
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.1
6
+ Stable tag: 5.115.2
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
10
 
11
  == Description ==
12
 
13
+ **Supports: Contact Form 7, Contact Form by WPForms, Ninja Forms, Gravity Forms, MailChimp, Formidable forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress, Fast Secure Contact form, S2Member, MailPoet, any WordPress registrations & contact forms and themes. Just setup and forget the spam!**
14
 
15
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.
16
 
558
  10. Website's options.
559
 
560
  == Changelog ==
561
+ = 5.115.2 February 27 2019 =
562
+ * Fix: False positives spam detection in WP Forms and Contact Form 7.
563
+
564
  = 5.115.1 February 16 2019 =
565
  * Fix: SpamFireWall's false positives.
566
 
1800
  * First version
1801
 
1802
  == Upgrade Notice ==
1803
+ = 5.115.2 February 27 2019 =
1804
+ * Fix: False positives spam detection in WP Forms and Contact Form 7.
1805
+
1806
  = 5.115.1 February 16 2019 =
1807
  * Fix: SpamFireWall's false positives.
1808