Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

March 6 2019 = * Spam filtration quality improved. * New: Storing visited URLs. * New: Check before validation Contact Form 7, Comments, Jetpack comments. * New: Get validation result for Contact Form 7, Comments, Jetpack comments. * Fix: ES add subscriber. * Fix: IP detection.

Download this release

Release Info

Developer	Safronik
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	5.116
Comparing to
See all releases

Code changes from version 5.115.2 to 5.116

Files changed (10) hide show

cleantalk.php +127 -5
inc/cleantalk-ajax.php +9 -0
inc/cleantalk-common.php +10 -0
inc/cleantalk-public.php +100 -5
inc/cleantalk-settings.php +13 -0
inc/cleantalk-updater.php +18 -0
inc/cleantalk-users.php +1 -1
lib/CleantalkHelper.php +1 -1
lib/CleantalkState.php +4 -0
readme.txt +17 -1

cleantalk.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	- Version: 5.~~115.2~~
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
	@@ -31,6 +31,10 @@ define('APBCT_SETTINGS', 'cleantalk_settings'); //Option name wi
31	define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
32	define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
33




34	// Different params
35	define('APBCT_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
36
	@@ -93,7 +97,7 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
93	// Database constants
94	define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
95	define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
96	- // define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
97	define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
98	define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
99
	@@ -118,8 +122,11 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
118	// Set cookie only for unauthorized users and for non-AJAX requests
119	if (!is_admin()){
120	add_action('wp','apbct_cookie', 2);
121	- if (~~empty($_POST) && empty($_GET[~~'~~action~~']))

122	apbct_cookie();


123	}
124
125	// Early checks
	@@ -301,6 +308,7 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
301	// Comments
302	add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
303	add_filter('comment_text', 'ct_comment_text' );

304
305	// Registrations
306	add_action('register_form', 'ct_register_form');
	@@ -483,6 +491,14 @@ function apbct_activation( $network ) {
483	PRIMARY KEY (`ip`))
484	ENGINE = MYISAM;';
485








486	if($network && !defined('CLEANTALK_ACCESS_KEY')){
487	$initial_blog = get_current_blog_id();
488	$blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));
	@@ -490,6 +506,7 @@ function apbct_activation( $network ) {
490	switch_to_blog($blog);
491	$wpdb->query(sprintf($sfw_data_query, $wpdb->prefix . 'cleantalk_sfw')); // Table for SpamFireWall data
492	$wpdb->query(sprintf($sfw_log_query, $wpdb->prefix . 'cleantalk_sfw_logs')); // Table for SpamFireWall logs

493	// Cron tasks
494	CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
495	CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
	@@ -513,6 +530,7 @@ function apbct_activation( $network ) {
513
514	$wpdb->query(sprintf($sfw_data_query, APBCT_TBL_FIREWALL_DATA)); // Table for SpamFireWall data
515	$wpdb->query(sprintf($sfw_log_query, APBCT_TBL_FIREWALL_LOG)); // Table for SpamFireWall logs

516	ct_sfw_update(); // Updating SFW
517	ct_account_status_check(null, false);
518	}
	@@ -536,8 +554,17 @@ function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id
536	`all_entries` INT NOT NULL,
537	`blocked_entries` INT NOT NULL,
538	`entries_timestamp` INT NOT NULL,
539	- PRIMARY KEY (`ip`))








540	ENGINE = MYISAM;';

541	// Cron tasks
542	CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
543	CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()
	@@ -548,6 +575,7 @@ function apbct_activation__new_blog($blog_id, $user_id, $domain, $path, $site_id
548	CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
549	$wpdb->query(sprintf($sfw_data_query, $wpdb->prefx)); // Table for SpamFireWall data
550	$wpdb->query(sprintf($sfw_log_query, $wpdb->prefx)); // Table for SpamFireWall logs

551	ct_sfw_update(); // Updating SFW
552	ct_account_status_check(null, false);
553	restore_current_blog();
	@@ -568,13 +596,15 @@ function apbct_deactivation( $network ) {
568	switch_to_blog($blog);
569	$wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
570	$wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs

571	// Deleting cron entries
572	delete_option('cleantalk_cron');
573	}
574	switch_to_blog($initial_blog);
575	}else{
576	- $wpdb->query('DROP TABLE IF EXISTS `'. APBCT_TBL_FIREWALL_DATA .'`;'); // Deleting SFW data
577	$wpdb->query('DROP TABLE IF EXISTS `'. APBCT_TBL_FIREWALL_LOG .'`;'); // Deleting SFW logs

578	// Deleting cron entries
579	delete_option('cleantalk_cron');
580	}
	@@ -821,6 +851,98 @@ function apbct_cookie(){
821
822	}
823




























































































824	/**
825	* Cookies test for sender
826	* Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES


3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	+ Version: 5.116
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/

31	define('APBCT_NETWORK_SETTINGS', 'cleantalk_network_settings'); //Option name with plugin network settings.
32	define('APBCT_DEBUG', 'cleantalk_debug'); //Option name with a debug data. Empty by default.
33
34	+ // Sessions
35	+ define('APBCT_SEESION__LIVE_TIME', 86400*3);
36	+ define('APBCT_SEESION__CHANCE_TO_CLEAN', 5);
37	+
38	// Different params
39	define('APBCT_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
40

97	// Database constants
98	define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
99	define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
100	+ define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
101	define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
102	define('APBCT_WRITE_LIMIT', 5000); // Write limit for firewall data.
103

122	// Set cookie only for unauthorized users and for non-AJAX requests
123	if (!is_admin()){
124	add_action('wp','apbct_cookie', 2);
125	+ add_action('wp','apbct_store__urls', 2);
126	+ if (empty($_POST) && empty($_GET['action'])){
127	apbct_cookie();
128	+ apbct_store__urls();
129	+ }
130	}
131
132	// Early checks

308	// Comments
309	add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
310	add_filter('comment_text', 'ct_comment_text' );
311	+ add_filter('wp_die_handler', 'apbct_comment__sanitize_data__before_wp_die', 1); // Check comments after validation
312
313	// Registrations
314	add_action('register_form', 'ct_register_form');

491	PRIMARY KEY (`ip`))
492	ENGINE = MYISAM;';
493
494	+ $session_table = 'CREATE TABLE IF NOT EXISTS `%s` (
495	+ `id` VARCHAR(64) NOT NULL,
496	+ `name` TEXT NULL,
497	+ `value` TEXT NULL,
498	+ `last_update` DATETIME NOT NULL DEFAULT NOW(),
499	+ PRIMARY KEY (`id`, `name`(10)))
500	+ ENGINE = MYISAM;';
501	+
502	if($network && !defined('CLEANTALK_ACCESS_KEY')){
503	$initial_blog = get_current_blog_id();
504	$blogs = array_keys($wpdb->get_results('SELECT blog_id FROM '. $wpdb->blogs, OBJECT_K));

506	switch_to_blog($blog);
507	$wpdb->query(sprintf($sfw_data_query, $wpdb->prefix . 'cleantalk_sfw')); // Table for SpamFireWall data
508	$wpdb->query(sprintf($sfw_log_query, $wpdb->prefix . 'cleantalk_sfw_logs')); // Table for SpamFireWall logs
509	+ $wpdb->query(sprintf($session_table, $wpdb->prefix . 'cleantalk_sessions')); // Table for session data
510	// Cron tasks
511	CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
512	CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()

530
531	$wpdb->query(sprintf($sfw_data_query, APBCT_TBL_FIREWALL_DATA)); // Table for SpamFireWall data
532	$wpdb->query(sprintf($sfw_log_query, APBCT_TBL_FIREWALL_LOG)); // Table for SpamFireWall logs
533	+ $wpdb->query(sprintf($session_table, APBCT_TBL_SESSIONS)); // Table for SpamFireWall logs
534	ct_sfw_update(); // Updating SFW
535	ct_account_status_check(null, false);
536	}

554	`all_entries` INT NOT NULL,
555	`blocked_entries` INT NOT NULL,
556	`entries_timestamp` INT NOT NULL,
557	+ PRIMARY KEY (`id`, `name`(10)))
558	+ ENGINE = MYISAM;';
559	+
560	+ $session__query = 'CREATE TABLE IF NOT EXISTS `%s` (
561	+ `id` VARCHAR(64) NOT NULL,
562	+ `name` TEXT NULL,
563	+ `value` TEXT NULL,
564	+ `last_update` DATETIME NOT NULL DEFAULT NOW(),
565	+ PRIMARY KEY (`id`))
566	ENGINE = MYISAM;';
567	+
568	// Cron tasks
569	CleantalkCron::addTask('check_account_status', 'ct_account_status_check', 3600, time()+1800); // Checks account status
570	CleantalkCron::addTask('delete_spam_comments', 'ct_delete_spam_comments', 3600, time()+3500); // Formerly ct_hourly_event_hook()

575	CleantalkCron::addTask('send_connection_report','ct_mail_send_connection_report', 86400, time()+3500); // Send connection report to welcome@cleantalk.org
576	$wpdb->query(sprintf($sfw_data_query, $wpdb->prefx)); // Table for SpamFireWall data
577	$wpdb->query(sprintf($sfw_log_query, $wpdb->prefx)); // Table for SpamFireWall logs
578	+ $wpdb->query(sprintf($session__query, $wpdb->prefx)); // Table for SpamFireWall logs
579	ct_sfw_update(); // Updating SFW
580	ct_account_status_check(null, false);
581	restore_current_blog();

596	switch_to_blog($blog);
597	$wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw`;'); // Deleting SFW data
598	$wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sfw_logs`;'); // Deleting SFW logs
599	+ $wpdb->query('DROP TABLE IF EXISTS `'. $wpdb->prefix.'cleantalk_sessions`;'); // Deleting session table
600	// Deleting cron entries
601	delete_option('cleantalk_cron');
602	}
603	switch_to_blog($initial_blog);
604	}else{
605	+ $wpdb->query('DROP TABLE IF EXISTS `'. APBCT_TBL_FIREWALL_DATA .'`;'); // Deleting SFW data
606	$wpdb->query('DROP TABLE IF EXISTS `'. APBCT_TBL_FIREWALL_LOG .'`;'); // Deleting SFW logs
607	+ $wpdb->query('DROP TABLE IF EXISTS `'. APBCT_TBL_SESSIONS .'`;'); // Deleting session table
608	// Deleting cron entries
609	delete_option('cleantalk_cron');
610	}

851
852	}
853
854	+ function apbct_alt_session__id__get(){
855	+ $id = CleantalkHelper::ip_get(array('real')).filter_input(INPUT_SERVER, 'HTTP_USER_AGENT').filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE');
856	+ return hash('sha256', $id);
857	+ }
858	+
859	+ function apbct_alt_sessions__remove_old(){
860	+ if(rand(0, 1000) < APBCT_SEESION__CHANCE_TO_CLEAN){
861	+ global $wpdb;
862	+ $wpdb->query(
863	+ 'DELETE
864	+ FROM `'. APBCT_TBL_SESSIONS .'`
865	+ WHERE last_update < NOW() - INTERVAL '. APBCT_SEESION__LIVE_TIME .' SECOND;'
866	+ );
867	+ }
868	+ }
869	+
870	+ function apbct_alt_session__save($name, $value){
871	+
872	+ global $wpdb;
873	+
874	+ $session_id = apbct_alt_session__id__get();
875	+
876	+ $wpdb->query(
877	+ $wpdb->prepare(
878	+ 'INSERT INTO '. APBCT_TBL_SESSIONS .'
879	+ (id, name, value)
880	+ VALUES (%s, %s, %s)
881	+ ON DUPLICATE KEY UPDATE
882	+ value = %s,
883	+ last_update = NOW()',
884	+ $session_id, $name, $value, $value
885	+ )
886	+ );
887	+ }
888	+
889	+ function apbct_alt_session__get($name){
890	+ global $wpdb;
891	+ $session_id = apbct_alt_session__id__get();
892	+ $result = $wpdb->get_row(
893	+ $wpdb->prepare(
894	+ 'SELECT value
895	+ FROM `'. APBCT_TBL_SESSIONS .'`
896	+ WHERE id = %s AND name = %s;',
897	+ $session_id, $name
898	+ ),
899	+ OBJECT
900	+ );
901	+
902	+ $result = isset($result->value)
903	+ ? strpos($result->value, '{') === 0
904	+ ? (array)json_decode($result->value, true) // JSON
905	+ : $result->value
906	+ : false;
907	+
908	+ return $result ? $result : null;
909	+ }
910	+
911	+ function apbct_store__urls(){
912	+
913	+ global $apbct;
914	+
915	+ if($apbct->settings['store_urls'] && empty($apbct->flags__url_stored)){
916	+
917	+ $current_url = filter_input(INPUT_SERVER, 'HTTP_HOST').filter_input(INPUT_SERVER, 'REQUEST_URI');
918	+
919	+ $urls = $apbct->settings['store_urls__sessions']
920	+ ? (array)apbct_alt_session__get('apbct_urls')
921	+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
922	+
923	+ $urls[$current_url][] = time();
924	+
925	+ $urls[$current_url] = count($urls[$current_url]) > 10 ? array_slice($urls[$current_url], 1, 10) : $urls[$current_url];
926	+ $urls = count($urls) > 10 ? array_slice($urls, 1, 10) : $urls;
927	+
928	+ $apbct->settings['store_urls__sessions']
929	+ ? apbct_alt_session__save('apbct_urls', json_encode($urls))
930	+ : setcookie('apbct_urls', json_encode($urls), time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
931	+
932	+ $site_referer = $apbct->settings['store_urls__sessions']
933	+ ? (array)apbct_alt_session__get('apbct_site_referer')
934	+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_site_referer'), true);
935	+
936	+ if(!$site_referer)
937	+ $apbct->settings['store_urls__sessions']
938	+ ? apbct_alt_session__save('apbct_site_referer', $current_url)
939	+ : setcookie('apbct_site_referer', $current_url, time()+86400*3, '/', parse_url(get_option('siteurl'),PHP_URL_HOST), false, true);
940	+
941	+ $apbct->flags__url_stored = true;
942	+
943	+ }
944	+ }
945	+
946	/**
947	* Cookies test for sender
948	* Also checks for valid timestamp in $_COOKIE['apbct_timestamp'] and other apbct_ COOKIES

inc/cleantalk-ajax.php CHANGED Viewed

	@@ -544,6 +544,15 @@ function ct_ajax_hook($message_obj = false, $additional = false)
544	elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
545	throw new Exception($ct_result->comment);
546	}









547	//Convertplug. Strpos because action value dynamically changes and depends on mailing service
548	elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
549	$result = Array(


544	elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
545	throw new Exception($ct_result->comment);
546	}
547	+ //ES Add subscriber
548	+ elseif(isset($_POST['action']) && $_POST['action'] == 'es_add_subscriber')
549	+ {
550	+ $result = Array(
551	+ 'error' => 'unexpected-error',
552	+ );
553	+ print json_encode($result);
554	+ die();
555	+ }
556	//Convertplug. Strpos because action value dynamically changes and depends on mailing service
557	elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
558	$result = Array(

inc/cleantalk-common.php CHANGED Viewed

	@@ -182,6 +182,14 @@ function apbct_get_sender_info() {
182	: 0
183	: null;
184








185	return array(
186	'remote_addr' => CleantalkHelper::ip_get(array('remote_addr'), false),
187	'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,
	@@ -208,6 +216,8 @@ function apbct_get_sender_info() {
208	'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
209	'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? apbct_visibile_fields__process($_COOKIE['apbct_visible_fields']) : null,
210	// Misc


211	//'validate_email_existence' => $apbct->settings['validate_email_existence'],
212	// Debug stuff
213	'amp_detected' => $amp_detected,


182	: 0
183	: null;
184
185	+ $site_referer = $apbct->settings['store_urls__sessions']
186	+ ? apbct_alt_session__get('apbct_site_referer')
187	+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_site_referer'), true);
188	+
189	+ $urls = $apbct->settings['store_urls__sessions']
190	+ ? apbct_alt_session__get('apbct_urls')
191	+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
192	+
193	return array(
194	'remote_addr' => CleantalkHelper::ip_get(array('remote_addr'), false),
195	'REFFERRER' => isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : null,

216	'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
217	'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? apbct_visibile_fields__process($_COOKIE['apbct_visible_fields']) : null,
218	// Misc
219	+ 'site_referer' => !empty($site_referer) ? $site_referer : null,
220	+ 'source_url' => !empty($urls) ? json_encode($urls) : null,
221	//'validate_email_existence' => $apbct->settings['validate_email_existence'],
222	// Debug stuff
223	'amp_detected' => $amp_detected,

inc/cleantalk-public.php CHANGED Viewed

@@ -140,6 +140,7 @@ function apbct_init() {
                 // Contact Form7
             		if(defined('WPCF7_VERSION')){
             			add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
             			add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
+            		}
@@ -863,6 +864,62 @@ function ct_bbp_new_pre_content ($comment) {
                 return $comment;
+            }
             /**
              * Public filter 'preprocess_comment' - Checks comment by cleantalk server
              * @param 	mixed[] $comment Comment data array
@@ -971,7 +1028,15 @@ function ct_preprocess_comment($comment) {
             			'sender_nickname' => $comment['comment_author'],
             			'post_info'       => $post_info,
             			'checkjs'         => $checkjs,
-            -
            			'sender_info'     => array('sender_url' => @$comment['comment_author_url']),
+            		)
             	);
                 $ct_result = $base_call_result['ct_result'];
@@ -1004,7 +1069,7 @@ function ct_preprocess_comment($comment) {
             		$err_text .= '<script>setTimeout("history.back()", 5000);</script>';
             		// Terminate. Definitely spam.
-            -
            		if($ct_result->stop_queue == 1)
             			wp_die($err_text, 'Blacklisted', array('back_link' => true));
             		// Terminate by user's setting.
@@ -1745,6 +1810,24 @@ function apbct_form__contactForm7__addField($html) {
                 return $html;
+            }
             /**
              * Test CF7 message for spam
              */
@@ -1758,7 +1841,8 @@ function apbct_form__contactForm7__testSpam($param) {
             		$param === true && WPCF7_VERSION >= '3.0.0' ||
             		$apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() || // Skip processing for logged in users.
             		check_url_exclusions() ||
-            -
            		check_ip_exclusions()
             	){
             		return $param;
+            	}
@@ -1783,10 +1867,19 @@ function apbct_form__contactForm7__testSpam($param) {
             			'message'         => $message,
             			'sender_email'    => $sender_email,
             			'sender_nickname' => $sender_nickname,
-            -
            			'post_info'       => array('comment_type' => 'contact_form_wordpress_cf7'),
             			'checkjs'         => $checkjs,
+            		)
             	);
                 $ct_result = $base_call_result['ct_result'];
             	// Change mail notification if license is out of date
@@ -1808,7 +1901,9 @@ function apbct_form__contactForm7__testSpam($param) {
             		$param = WPCF7_VERSION >= '3.0.0' ? true : false;
+                }
-            -
                 return $param;
+            }


140	// Contact Form7
141	if(defined('WPCF7_VERSION')){
142	add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
143	+ add_filter('wpcf7_validate', 'apbct_form__contactForm7__tesSpam__before_validate', 999, 2);
144	add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
145	}
146

864	return $comment;
865	}
866
867	+ function apbct_comment__sanitize_data__before_wp_die($function){
868	+
869	+ global $apbct;
870	+
871	+ $comment_data = wp_unslash($_POST);
872	+
873	+ $user_ID = 0;
874	+
875	+ $comment_type = '';
876	+
877	+ $comment_content = isset($comment_data['comment']) ? (string) $comment_data['comment'] : null;
878	+ $comment_parent = isset($comment_data['comment_parent']) ? (int) absint($comment_data['comment_parent']) : null;
879	+
880	+ $comment_author = isset($comment_data['author']) ? (string) trim(strip_tags($comment_data['author'])) : null;
881	+ $comment_author_email = isset($comment_data['email']) ? (string) trim($comment_data['email']) : null;
882	+ $comment_author_url = isset($comment_data['url']) ? (string) trim($comment_data['url']) : null;
883	+ $comment_post_ID = isset($comment_data['comment_post_ID']) ? (int) $comment_data['comment_post_ID'] : null;
884	+
885	+ if(isset($comment_content, $comment_parent)){
886	+
887	+ $user = wp_get_current_user();
888	+
889	+ if($user->exists()){
890	+ $comment_author = empty($user->display_name) ? $user->user_login : $user->display_name;
891	+ $comment_author_email = $user->user_email;
892	+ $comment_author_url = $user->user_url;
893	+ $user_ID = $user->ID;
894	+ }
895	+
896	+ $apbct->comment_data = compact(
897	+ 'comment_post_ID',
898	+ 'comment_author',
899	+ 'comment_author_email',
900	+ 'comment_author_url',
901	+ 'comment_content',
902	+ 'comment_type',
903	+ 'comment_parent',
904	+ 'user_ID'
905	+ );
906	+
907	+ $function = 'apbct_comment__check_via_wp_die';
908	+
909	+ }
910	+
911	+ return $function;
912	+ }
913	+
914	+ function apbct_comment__check_via_wp_die($message, $title, $args){
915	+ if($title == __('Comment Submission Failure')){
916	+ global $apbct;
917	+ $apbct->validation_error = $message;
918	+ ct_preprocess_comment($apbct->comment_data);
919	+ }
920	+ _default_wp_die_handler($message, $title, $args);
921	+ }
922	+
923	/**
924	* Public filter 'preprocess_comment' - Checks comment by cleantalk server
925	* @param mixed[] $comment Comment data array

1028	'sender_nickname' => $comment['comment_author'],
1029	'post_info' => $post_info,
1030	'checkjs' => $checkjs,
1031	+ 'sender_info' => array(
1032	+ 'sender_url' => @$comment['comment_author_url'],
1033	+ 'form_validation' => !isset($apbct->validation_error)
1034	+ ? null
1035	+ : json_encode(array(
1036	+ 'validation_notice' => $apbct->validation_error,
1037	+ 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
1038	+ ))
1039	+ ),
1040	)
1041	);
1042	$ct_result = $base_call_result['ct_result'];

1069	$err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1070
1071	// Terminate. Definitely spam.
1072	+ if($ct_result->stop_queue == 1)
1073	wp_die($err_text, 'Blacklisted', array('back_link' => true));
1074
1075	// Terminate by user's setting.

1810	return $html;
1811	}
1812
1813	+ /**
1814	+ * Test spam for Contact Fomr 7 (CF7) right before validation
1815	+ *
1816	+ * @global SpbcState $apbct
1817	+ * @param type $result
1818	+ * @param type $tags
1819	+ * @return type
1820	+ */
1821	+ function apbct_form__contactForm7__tesSpam__before_validate($result, $tags) {
1822	+ global $apbct;
1823	+ $invalid_fields = $result->get_invalid_fields();
1824	+ if(!empty($invalid_fields) && is_array($invalid_fields)){
1825	+ $apbct->validation_error = $invalid_fields[key($invalid_fields)]['reason'];
1826	+ apbct_form__contactForm7__testSpam(false);
1827	+ }
1828	+ return $result;
1829	+ }
1830	+
1831	/**
1832	* Test CF7 message for spam
1833	*/

1841	$param === true && WPCF7_VERSION >= '3.0.0' \|\|
1842	$apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() \|\| // Skip processing for logged in users.
1843	check_url_exclusions() \|\|
1844	+ check_ip_exclusions() \|\|
1845	+ isset($apbct->cf7_checked)
1846	){
1847	return $param;
1848	}

1867	'message' => $message,
1868	'sender_email' => $sender_email,
1869	'sender_nickname' => $sender_nickname,

1870	'checkjs' => $checkjs,
1871	+ 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
1872	+ 'sender_info' => array(
1873	+ 'form_validation' => !isset($apbct->validation_error)
1874	+ ? null
1875	+ : json_encode(array(
1876	+ 'validation_notice' => $apbct->validation_error,
1877	+ 'page_url' => filter_input(INPUT_SERVER, 'HTTP_HOST') . filter_input(INPUT_SERVER, 'REQUEST_URI'),
1878	+ ))
1879	+ ),
1880	)
1881	);
1882	+
1883	$ct_result = $base_call_result['ct_result'];
1884
1885	// Change mail notification if license is out of date

1901	$param = WPCF7_VERSION >= '3.0.0' ? true : false;
1902
1903	}
1904	+
1905	+ $apbct->cf7_checked = true;
1906	+
1907	return $param;
1908	}
1909

inc/cleantalk-settings.php CHANGED Viewed

@@ -288,6 +288,19 @@ function apbct_settings__add_page() {
             					'parent'      => 'gdpr_enabled',
             					'class'       => 'apbct_settings-field_wrapper--sub',
             				),
             			),
             		),
             	);


288	'parent' => 'gdpr_enabled',
289	'class' => 'apbct_settings-field_wrapper--sub',
290	),
291	+ 'store_urls' => array(
292	+ 'type' => 'checkbox',
293	+ 'title' => __('Store visited URLs', 'cleantalk'),
294	+ 'description' => __("Plugin stores last 10 visited URLs (HTTP REFFERERS) before visitor submits form on the site. You can see stored visited URLS for each visitor in your Dashboard. Turn the option on to improve Anti-Spam protection.", 'cleantalk'),
295	+ 'childrens' => array('store_urls__sessions'),
296	+ ),
297	+ 'store_urls__sessions' => array(
298	+ 'type' => 'checkbox',
299	+ 'title' => __('Use cookies less sessions', 'cleantalk'),
300	+ 'description' => __('Doesn\'t use cookie or PHP sessions. Collect data for all type of bots.', 'cleantalk'),
301	+ 'parent' => 'store_urls',
302	+ 'class' => 'apbct_settings-field_wrapper--sub',
303	+ ),
304	),
305	),
306	);

inc/cleantalk-updater.php CHANGED Viewed

@@ -158,4 +158,22 @@ function apbct_update_to_5_110_0(){
             function apbct_update_to_5_115_1(){
             	ct_sfw_update();
+            }


158
159	function apbct_update_to_5_115_1(){
160	ct_sfw_update();
161	+ }
162	+
163	+ function apbct_update_to_5_116_0(){
164	+
165	+ global $apbct, $wpdb;
166	+
167	+ $apbct->settings['store_urls'] = 0;
168	+ $apbct->settings['store_urls__sessions'] = 0;
169	+ $apbct->saveSettings();
170	+
171	+ $wpdb->query('CREATE TABLE IF NOT EXISTS `'. APBCT_TBL_SESSIONS .'` (
172	+ `id` VARCHAR(64) NOT NULL,
173	+ `name` TEXT NULL,
174	+ `value` TEXT NULL,
175	+ `last_update` DATETIME NOT NULL DEFAULT NOW(),
176	+ PRIMARY KEY (`id`, `name`(10)))
177	+ ENGINE = MYISAM;'
178	+ );
179	}

inc/cleantalk-users.php CHANGED Viewed

	@@ -618,7 +618,7 @@ function ct_ajax_delete_all_users()
618
619	global $wpdb;
620
621	- $r = $wpdb->get_results("select count(*) as cnt from $wpdb->usermeta where meta_key='ct_marked_as_spam';");
622	$count_all = $r ? $r[0]->cnt : 0;
623
624	$args = array(


618
619	global $wpdb;
620
621	+ $r = $wpdb->get_results("select count(*) as cnt from $wpdb->usermeta where meta_key='ct_marked_as_spam';", ARRAY_A);
622	$count_all = $r ? $r[0]->cnt : 0;
623
624	$args = array(

lib/CleantalkHelper.php CHANGED Viewed

	@@ -77,7 +77,7 @@ class CleantalkHelper
77	}
78
79	// Is private network
80	- if(self::ip__is_private_network($ips['real']) \|\| isset($headers['X-Gt-Clientip'])){
81
82	// X-Forwarded-For
83	if(isset($headers['X-Forwarded-For'])){


77	}
78
79	// Is private network
80	+ if(self::ip__is_private_network($ips['real']) \|\| isset($headers['X-Gt-Clientip']) \|\| (isset($_SERVER['SERVER_ADDR']) && $ips['real'] == $_SERVER['SERVER_ADDR'])){
81
82	// X-Forwarded-For
83	if(isset($headers['X-Forwarded-For'])){

lib/CleantalkState.php CHANGED Viewed

	@@ -71,6 +71,10 @@ class CleantalkState
71	// GDPR
72	'gdpr_enabled' => 0,
73	'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',




74	);
75
76	public $def_data = array(


71	// GDPR
72	'gdpr_enabled' => 0,
73	'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',
74	+
75	+ // Msic
76	+ 'store_urls' => 1,
77	+ 'store_urls__sessions' => 1,
78	);
79
80	public $def_data = array(

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: safronik
3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 5.1
6	- Stable tag: 5.~~115.2~~
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
	@@ -558,6 +558,14 @@ If your website has forms that send data to external sources, you can enable opt
558	10. Website's options.
559
560	== Changelog ==








561	= 5.115.2 February 27 2019 =
562	* Fix: False positives spam detection in WP Forms and Contact Form 7.
563
	@@ -1800,6 +1808,14 @@ If your website has forms that send data to external sources, you can enable opt
1800	* First version
1801
1802	== Upgrade Notice ==








1803	= 5.115.2 February 27 2019 =
1804	* Fix: False positives spam detection in WP Forms and Contact Form 7.
1805


3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 5.1
6	+ Stable tag: 5.116
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.

558	10. Website's options.
559
560	== Changelog ==
561	+ = 5.116 March 6 2019 =
562	+ * Spam filtration quality improved.
563	+ * New: Storing visited URLs.
564	+ * New: Check before validation Contact Form 7, Comments, Jetpack comments.
565	+ * New: Get validation result for Contact Form 7, Comments, Jetpack comments.
566	+ * Fix: ES add subscriber.
567	+ * Fix: IP detection.
568	+
569	= 5.115.2 February 27 2019 =
570	* Fix: False positives spam detection in WP Forms and Contact Form 7.
571

1808	* First version
1809
1810	== Upgrade Notice ==
1811	+ = 5.116 March 6 2019 =
1812	+ * Spam filtration quality improved.
1813	+ * New: Storing visited URLs.
1814	+ * New: Check before validation Contact Form 7, Comments, Jetpack comments.
1815	+ * New: Get validation result for Contact Form 7, Comments, Jetpack comments.
1816	+ * Fix: ES add subscriber.
1817	+ * Fix: IP detection.
1818	+
1819	= 5.115.2 February 27 2019 =
1820	* Fix: False positives spam detection in WP Forms and Contact Form 7.
1821

Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.116

Version Description

Release Info

Code changes from version 5.115.2 to 5.116