Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.149

Version Description

Nov 19 2020 = * Fix: External forms protection fixed. * Fix: check for array in spam_stat collect. * Fix: Spam Firewall. Operating with IPs on 32 bit systems. * Fix: Skip WFU ask_server request. * Fix: AC user agents support fixed. * New: Hook 'apbct_pre_block_page' added. * Fix: Woocommerce ajax internal. * Fix: skip redirect ajax login. * Fix: SFW updating return statement added. * Fix: Skip reset pass checking. * Fix: replace current_action() to current_filter(). * Upd: AMP support description updated. * Fix: SQL injection fixed.

Download this release

Release Info

Developer glomberg
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.149
Comparing to
See all releases

Code changes from version 5.148 to 5.149

Files changed (13) hide show
  1. cleantalk.php +7 -7
  2. inc/cleantalk-admin.php +5 -3
  3. inc/cleantalk-ajax.php +4 -1
  4. inc/cleantalk-common.php +1062 -1062
  5. inc/cleantalk-public.php +3950 -3947
  6. inc/cleantalk-settings.php +1752 -1752
  7. js/cleantalk_external.min.js +1 -1
  8. js/cleantalk_external.min.js.map +1 -1
  9. lib/Cleantalk/Antispam/Integrations.php +1 -1
  10. lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php +271 -263
  11. lib/Cleantalk/ApbctWP/Firewall/AntiCrawler.php +248 -249
  12. lib/Cleantalk/ApbctWP/Firewall/SFW.php +548 -547
  13. readme.txt +17 -2
cleantalk.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.148
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
@@ -1058,7 +1058,7 @@ function ct_sfw_update($api_key = '', $immediate = false){
1058
  $apbct->save('stats');
1059
 
1060
  if ( $url_count >= $current_url ) {
1061
- \Cleantalk\ApbctWP\Helper::http__request(
1062
  get_option('siteurl'),
1063
  array(
1064
  'spbc_remote_call_token' => md5($api_key),
@@ -1736,7 +1736,7 @@ function apbct_cookie(){
1736
  // Prevent headers sent error
1737
  if(headers_sent($file, $line)){
1738
  $apbct->headers_sent = true;
1739
- $apbct->headers_sent__hook = current_action();
1740
  $apbct->headers_sent__where = $file.':'.$line;
1741
  return false;
1742
  }
@@ -1989,10 +1989,10 @@ function apbct_log($message = 'empty', $func = null, $params = array())
1989
  if(is_array($message) or is_object($message))
1990
  $message = print_r($message, true);
1991
 
1992
- if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
1993
- if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1994
- if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1995
- if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1996
 
1997
  update_option(APBCT_DEBUG, $debug);
1998
  }
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.149
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
1058
  $apbct->save('stats');
1059
 
1060
  if ( $url_count >= $current_url ) {
1061
+ return \Cleantalk\ApbctWP\Helper::http__request(
1062
  get_option('siteurl'),
1063
  array(
1064
  'spbc_remote_call_token' => md5($api_key),
1736
  // Prevent headers sent error
1737
  if(headers_sent($file, $line)){
1738
  $apbct->headers_sent = true;
1739
+ $apbct->headers_sent__hook = current_filter();
1740
  $apbct->headers_sent__where = $file.':'.$line;
1741
  return false;
1742
  }
1989
  if(is_array($message) or is_object($message))
1990
  $message = print_r($message, true);
1991
 
1992
+ if($message) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_filter())."_FUNCTION_".strval($func)] = $message;
1993
+ if($cron) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_filter())."_FUNCTION_".strval($func).'_cron'] = $apbct->cron;
1994
+ if($data) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_filter())."_FUNCTION_".strval($func).'_data'] = $apbct->data;
1995
+ if($settings) $debug[date("H:i:s", microtime(true))."_ACTION_".strval(current_filter())."_FUNCTION_".strval($func).'_settings'] = $apbct->settings;
1996
 
1997
  update_option(APBCT_DEBUG, $debug);
1998
  }
inc/cleantalk-admin.php CHANGED
@@ -292,9 +292,11 @@ function apbct_admin__enqueue_scripts($hook){
292
  if(!empty($apbct->data['brief_data']['error']))
293
  $apbct->data['brief_data'] = array_merge($apbct->data['brief_data'], $apbct->def_data['brief_data']);
294
 
295
- foreach( $apbct->data['brief_data']['spam_stat'] as $key => $value ){
296
- $to_chart[] = array( $key, $value );
297
- } unset( $key, $value );
 
 
298
 
299
  wp_localize_script( 'ct_admin_js_widget_dashboard', 'apbctDashboardWidget', array(
300
  'data' => $to_chart,
292
  if(!empty($apbct->data['brief_data']['error']))
293
  $apbct->data['brief_data'] = array_merge($apbct->data['brief_data'], $apbct->def_data['brief_data']);
294
 
295
+ if (isset($apbct->data['brief_data']['spam_stat']) && is_array($apbct->data['brief_data']['spam_stat'])) {
296
+ foreach( $apbct->data['brief_data']['spam_stat'] as $key => $value ){
297
+ $to_chart[] = array( $key, $value );
298
+ } unset( $key, $value );
299
+ }
300
 
301
  wp_localize_script( 'ct_admin_js_widget_dashboard', 'apbctDashboardWidget', array(
302
  'data' => $to_chart,
inc/cleantalk-ajax.php CHANGED
@@ -317,6 +317,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
317
  'post_woo_ml_email_cookie', //Woocommerce system
318
  'ig_es_draft_broadcast', //Icegram broadcast ajax
319
  'simplefilelistpro_edit_job', //Simple File List editing current job
 
 
 
320
  );
321
 
322
  // Skip test if
@@ -329,7 +332,7 @@ function ct_ajax_hook($message_obj = false, $additional = false)
329
  (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
330
  isset($_POST['quform_submit']) || //QForms multi-paged form skip
331
  // QAEngine Theme fix
332
- ( strval(current_action()) != 'et_pre_insert_answer' &&
333
  (
334
  (isset($message_obj['author']) && intval($message_obj['author']) == 0) ||
335
  (isset($message_obj['post_author']) && intval($message_obj['post_author']) == 0)
317
  'post_woo_ml_email_cookie', //Woocommerce system
318
  'ig_es_draft_broadcast', //Icegram broadcast ajax
319
  'simplefilelistpro_edit_job', //Simple File List editing current job
320
+ 'wfu_ajax_action_ask_server', //WFU skip ask server
321
+ 'wcap_save_guest_data', //WooCommerce skip
322
+ 'ajaxlogin', //Skip ajax login redirect
323
  );
324
 
325
  // Skip test if
332
  (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
333
  isset($_POST['quform_submit']) || //QForms multi-paged form skip
334
  // QAEngine Theme fix
335
+ ( strval(current_filter()) != 'et_pre_insert_answer' &&
336
  (
337
  (isset($message_obj['author']) && intval($message_obj['author']) == 0) ||
338
  (isset($message_obj['post_author']) && intval($message_obj['post_author']) == 0)
inc/cleantalk-common.php CHANGED
@@ -1,1063 +1,1063 @@
1
- <?php
2
-
3
- use Cleantalk\Antispam\Cleantalk;
4
- use Cleantalk\Antispam\CleantalkRequest;
5
- use Cleantalk\Antispam\CleantalkResponse;
6
- use Cleantalk\Variables\Cookie;
7
-
8
- function apbct_array( $array ){
9
- return new \Cleantalk\Common\Arr( $array );
10
- }
11
-
12
- $ct_checkjs_frm = 'ct_checkjs_frm';
13
- $ct_checkjs_register_form = 'ct_checkjs_register_form';
14
-
15
- $apbct_cookie_request_id_label = 'request_id';
16
- $apbct_cookie_register_ok_label = 'register_ok';
17
-
18
- $ct_checkjs_cf7 = 'ct_checkjs_cf7';
19
- $ct_cf7_comment = '';
20
-
21
- $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
22
- $ct_jpcf_patched = false;
23
- $ct_jpcf_fields = array('name', 'email');
24
-
25
- // Comment already proccessed
26
- $ct_comment_done = false;
27
-
28
- // Comment already proccessed
29
- $ct_signup_done = false;
30
-
31
- //Contains registration error
32
- $ct_registration_error_comment = false;
33
-
34
- // Default value for JS test
35
- $ct_checkjs_def = 0;
36
-
37
- // COOKIE label to store request id for last approved
38
- $ct_approved_request_id_label = 'ct_approved_request_id';
39
-
40
- // Last request id approved for publication
41
- $ct_approved_request_id = null;
42
-
43
- // Trial notice show time in minutes
44
- $trial_notice_showtime = 10;
45
-
46
- // Renew notice show time in minutes
47
- $renew_notice_showtime = 10;
48
-
49
- // COOKIE label for WP Landing Page proccessing result
50
- $ct_wplp_result_label = 'ct_wplp_result';
51
-
52
- // Flag indicates active JetPack comments
53
- $ct_jp_comments = false;
54
-
55
- // WP admin email notice interval in seconds
56
- $ct_admin_notoice_period = 21600;
57
-
58
- // Sevice negative comment to visitor.
59
- // It uses for BuddyPress registrations to avoid double checks
60
- $ct_negative_comment = null;
61
-
62
- // Set globals to NULL to avoid massive DB requests. Globals will be set when needed only and by accessors only.
63
- $ct_server = NULL;
64
- $admin_email = NULL;
65
-
66
- /**
67
- * Public action 'plugins_loaded' - Loads locale, see http://codex.wordpress.org/Function_Reference/load_plugin_textdomain
68
- */
69
- function apbct_plugin_loaded() {
70
- $dir=plugin_basename( dirname( __FILE__ ) ) . '/../i18n';
71
- $loaded=load_plugin_textdomain('cleantalk-spam-protect', false, $dir);
72
- }
73
-
74
- /**
75
- * Inner function - Request's wrapper for anything
76
- * @param array Array of parameters:
77
- * 'message' - string
78
- * 'example' - string
79
- * 'checkjs' - int
80
- * 'sender_email' - string
81
- * 'sender_nickname' - string
82
- * 'sender_info' - array
83
- * 'post_info' - string
84
- * @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
85
- */
86
- function apbct_base_call($params = array(), $reg_flag = false){
87
-
88
- global $apbct, $cleantalk_executed;
89
-
90
- // URL, IP, Role exclusions
91
- if( ! $cleantalk_executed && apbct_exclusions_check() ){
92
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
93
- return array( 'ct_result' => new CleantalkResponse() );
94
- }
95
- $cleantalk_executed = true;
96
-
97
- // Request id rotation
98
- $plugin_request_id__lifetime = 2;
99
- $tmp = array();
100
- foreach( $apbct->plugin_request_ids as $request_id => $request_time ){
101
- if( time() - $request_time < $plugin_request_id__lifetime )
102
- $tmp[ $request_id ] = $request_time;
103
- }
104
- $apbct->plugin_request_ids = $tmp;
105
- $apbct->save('plugin_request_ids');
106
-
107
- // Skip duplicate requests
108
- if( key_exists( $apbct->plugin_request_id, $apbct->plugin_request_ids ) ){
109
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
110
- return array( 'ct_result' => new CleantalkResponse() );
111
- }
112
-
113
- $apbct->plugin_request_ids = array_merge($apbct->plugin_request_ids, array($apbct->plugin_request_id => time() ) );
114
- $apbct->save('plugin_request_ids');
115
-
116
- $sender_info = !empty($params['sender_info'])
117
- ? \Cleantalk\ApbctWP\Helper::array_merge__save_numeric_keys__recursive(apbct_get_sender_info(), (array)$params['sender_info'])
118
- : apbct_get_sender_info();
119
-
120
- // Fields exclusions
121
- if( ! empty( $params['message'] ) && is_array( $params['message'] ) ){
122
-
123
- $params['message'] = apbct_array( $params['message'] )
124
- ->get_keys( $apbct->settings['exclusions__fields'], $apbct->settings['exclusions__fields__use_regexp'] )
125
- ->delete();
126
- }
127
-
128
- // Reversed url exclusions. Pass everything except one.
129
- if( ! apbct_exclusions_check__url__reversed() ){
130
- return array(
131
- 'ct' => false,
132
- 'ct_result' => new CleantalkResponse( null, null )
133
- );
134
- }
135
-
136
- $default_params = array(
137
-
138
- // IPs
139
- 'sender_ip' => defined('CT_TEST_IP') ? CT_TEST_IP : (isset($params['sender_ip']) ? $params['sender_ip'] : \Cleantalk\ApbctWP\Helper::ip__get(array('real'), false)),
140
- 'x_forwarded_for' => \Cleantalk\ApbctWP\Helper::ip__get(array('x_forwarded_for'), false),
141
- 'x_real_ip' => \Cleantalk\ApbctWP\Helper::ip__get(array('x_real_ip'), false),
142
-
143
- // Misc
144
- 'auth_key' => $apbct->api_key,
145
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE) ? 1 : apbct_js_test('ct_checkjs', $_POST),
146
-
147
- 'agent' => APBCT_AGENT,
148
- 'sender_info' => $sender_info,
149
- 'submit_time' => apbct_get_submit_time(),
150
- );
151
-
152
- // Send $_SERVER if couldn't find IP
153
- if(empty($default_params['sender_ip']))
154
- $default_params['sender_info']['server_info'] = $_SERVER;
155
-
156
- $ct_request = new CleantalkRequest(
157
- \Cleantalk\ApbctWP\Helper::array_merge__save_numeric_keys__recursive($default_params, $params)
158
- );
159
-
160
- $ct = new Cleantalk();
161
-
162
- $ct->use_bultin_api = $apbct->settings['use_buitin_http_api'] ? true : false;
163
- $ct->ssl_on = $apbct->settings['ssl_on'];
164
- $ct->ssl_path = APBCT_CASERT_PATH;
165
-
166
- // Options store url without shceme because of DB error with ''://'
167
- $config = ct_get_server();
168
- $ct->server_url = APBCT_MODERATE_URL;
169
- $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
170
- $ct->server_ttl = $config['ct_server_ttl'];
171
- $ct->server_changed = $config['ct_server_changed'];
172
-
173
- $start = microtime(true);
174
- $ct_result = $reg_flag
175
- ? @$ct->isAllowUser($ct_request)
176
- : @$ct->isAllowMessage($ct_request);
177
- $exec_time = microtime(true) - $start;
178
-
179
- // Statistics
180
- // Average request time
181
- apbct_statistics__rotate($exec_time);
182
- // Last request
183
- $apbct->stats['last_request']['time'] = time();
184
- $apbct->stats['last_request']['server'] = $ct->work_url;
185
- $apbct->save('stats');
186
-
187
- // Connection reports
188
- if ($ct_result->errno === 0 && empty($ct_result->errstr))
189
- $apbct->data['connection_reports']['success']++;
190
- else
191
- {
192
- $apbct->data['connection_reports']['negative']++;
193
- $apbct->data['connection_reports']['negative_report'][] = array(
194
- 'date' => date("Y-m-d H:i:s"),
195
- 'page_url' => apbct_get_server_variable( 'REQUEST_URI' ),
196
- 'lib_report' => $ct_result->errstr,
197
- 'work_url' => $ct->work_url,
198
- );
199
-
200
- if(count($apbct->data['connection_reports']['negative_report']) > 20)
201
- $apbct->data['connection_reports']['negative_report'] = array_slice($apbct->data['connection_reports']['negative_report'], -20, 20);
202
-
203
- }
204
-
205
- if ($ct->server_change) {
206
- update_option(
207
- 'cleantalk_server',
208
- array(
209
- 'ct_work_url' => $ct->work_url,
210
- 'ct_server_ttl' => $ct->server_ttl,
211
- 'ct_server_changed' => time(),
212
- )
213
- );
214
- }
215
-
216
- $ct_result = ct_change_plugin_resonse($ct_result, $ct_request->js_on);
217
-
218
- // Restart submit form counter for failed requests
219
- if ($ct_result->allow == 0){
220
- apbct_cookie(); // Setting page timer and cookies
221
- ct_add_event('no');
222
- }else{
223
- ct_add_event('yes');
224
- }
225
-
226
- //Strip tags from comment
227
- $ct_result->comment = strip_tags($ct_result->comment, '<p><a><br>');
228
-
229
- // Set cookies if it's not.
230
- if(empty($apbct->flags__cookies_setuped))
231
- apbct_cookie();
232
-
233
- return array('ct' => $ct, 'ct_result' => $ct_result);
234
-
235
- }
236
-
237
- function apbct_exclusions_check($func = null){
238
-
239
- global $apbct, $cleantalk_executed;
240
-
241
- // Common exclusions
242
- if(
243
- apbct_exclusions_check__ip() ||
244
- apbct_exclusions_check__url() ||
245
- apbct_is_user_role_in( $apbct->settings['exclusions__roles'] ) ||
246
- $cleantalk_executed
247
- )
248
- return true;
249
-
250
- // Personal exclusions
251
- switch ($func){
252
- case 'ct_contact_form_validate_postdata':
253
- if(
254
- (defined( 'DOING_AJAX' ) && DOING_AJAX) ||
255
- apbct_array( $_POST )->get_keys( 'members_search_submit' )->result()
256
- )
257
- return true;
258
- break;
259
- case 'ct_contact_form_validate':
260
- if(
261
- apbct_array( $_POST )->get_keys( 'members_search_submit' )->result()
262
- )
263
- return true;
264
- break;
265
- default:
266
- return false;
267
- break;
268
- }
269
-
270
- return false;
271
- }
272
-
273
- function apbct_exclusions_check__url__reversed(){
274
- return defined( 'APBCT_URL_EXCLUSIONS__REVERSED' ) && ! \Cleantalk\Variables\Server::has_string( 'REQUEST_URI', APBCT_URL_EXCLUSIONS__REVERSED )
275
- ? false
276
- : true;
277
- }
278
-
279
- /**
280
- * Checks if reuqest URI is in exclusion list
281
- *
282
- * @return bool
283
- */
284
- function apbct_exclusions_check__url() {
285
-
286
- global $apbct;
287
-
288
- if ( ! empty( $apbct->settings['exclusions__urls'] ) ) {
289
-
290
- if( strpos( $apbct->settings['exclusions__urls'], "\r\n" ) !== false ) {
291
- $exclusions = explode( "\r\n", $apbct->settings['exclusions__urls'] );
292
- } elseif( strpos( $apbct->settings['exclusions__urls'], "\n" ) !== false ) {
293
- $exclusions = explode( "\n", $apbct->settings['exclusions__urls'] );
294
- } else {
295
- $exclusions = explode( ',', $apbct->settings['exclusions__urls'] );
296
- }
297
-
298
- // Fix for AJAX forms
299
- $haystack = apbct_get_server_variable( 'REQUEST_URI' ) == '/wp-admin/admin-ajax.php' && ! apbct_get_server_variable( 'HTTP_REFERER' )
300
- ? apbct_get_server_variable( 'HTTP_REFERER' )
301
- : \Cleantalk\Variables\Server::get('HTTP_HOST') . apbct_get_server_variable( 'REQUEST_URI' );
302
-
303
- foreach ( $exclusions as $exclusion ) {
304
- if (
305
- ($apbct->settings['exclusions__urls__use_regexp'] && preg_match( '@' . $exclusion . '@', $haystack ) === 1) ||
306
- stripos( $haystack, $exclusion ) !== false
307
- ){
308
- return true;
309
- }
310
- }
311
- return false;
312
- }
313
- }
314
- /**
315
- * @deprecated 5.128 Using IP white-lists instead
316
- * @deprecated since 18.09.2019
317
- * Checks if sender_ip is in exclusion list
318
- *
319
- * @return bool
320
- */
321
- function apbct_exclusions_check__ip(){
322
-
323
- global $cleantalk_ip_exclusions;
324
-
325
- if( apbct_get_server_variable( 'REMOTE_ADDR' ) ){
326
-
327
- if( \Cleantalk\ApbctWP\Helper::ip__is_cleantalks( apbct_get_server_variable( 'REMOTE_ADDR' ) ) ){
328
- return true;
329
- }
330
-
331
- if( ! empty( $cleantalk_ip_exclusions ) && is_array( $cleantalk_ip_exclusions ) ){
332
- foreach ( $cleantalk_ip_exclusions as $exclusion ){
333
- if( stripos( apbct_get_server_variable( 'REMOTE_ADDR' ), $exclusion ) !== false ){
334
- return true;
335
- }
336
- }
337
- }
338
- }
339
-
340
- return false;
341
- }
342
-
343
- /**
344
- * Inner function - Default data array for senders
345
- * @return array
346
- */
347
- function apbct_get_sender_info() {
348
-
349
- global $apbct;
350
-
351
- // Validate cookie from the backend
352
- $cookie_is_ok = apbct_cookies_test();
353
-
354
- $referer_previous = $apbct->settings['set_cookies__sessions']
355
- ? apbct_alt_session__get('apbct_prev_referer')
356
- : filter_input(INPUT_COOKIE, 'apbct_prev_referer');
357
-
358
- $site_landing_ts = $apbct->settings['set_cookies__sessions']
359
- ? apbct_alt_session__get('apbct_site_landing_ts')
360
- : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
361
-
362
- $page_hits = $apbct->settings['set_cookies__sessions']
363
- ? apbct_alt_session__get('apbct_page_hits')
364
- : filter_input(INPUT_COOKIE, 'apbct_page_hits');
365
-
366
- if (count($_POST) > 0) {
367
- foreach ($_POST as $k => $v) {
368
- if (preg_match("/^(ct_check|checkjs).+/", $k)) {
369
- $checkjs_data_post = $v;
370
- }
371
- }
372
- }
373
-
374
- // AMP check
375
- $amp_detected = apbct_get_server_variable( 'HTTP_REFERER' )
376
- ? strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '/amp/') !== false || strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '?amp=1') !== false || strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '&amp=1') !== false
377
- ? 1
378
- : 0
379
- : null;
380
-
381
- $site_referer = $apbct->settings['store_urls__sessions']
382
- ? apbct_alt_session__get('apbct_site_referer')
383
- : filter_input(INPUT_COOKIE, 'apbct_site_referer');
384
-
385
- $urls = $apbct->settings['store_urls__sessions']
386
- ? (array)apbct_alt_session__get('apbct_urls')
387
- : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
388
-
389
- // Visible fields processing
390
- $visible_fields = apbct_visibile_fields__process( Cookie::get('apbct_visible_fields') );
391
-
392
- return array(
393
- 'plugin_request_id' => $apbct->plugin_request_id,
394
- 'wpms' => is_multisite() ? 'yes' : 'no',
395
- 'remote_addr' => \Cleantalk\ApbctWP\Helper::ip__get(array('remote_addr'), false),
396
- 'REFFERRER' => apbct_get_server_variable( 'HTTP_REFERER' ),
397
- 'USER_AGENT' => apbct_get_server_variable( 'HTTP_USER_AGENT' ),
398
- 'page_url' => apbct_get_server_variable( 'SERVER_NAME' ) . apbct_get_server_variable( 'REQUEST_URI' ),
399
- 'cms_lang' => substr(get_locale(), 0, 2),
400
- 'ct_options' => json_encode($apbct->settings),
401
- 'fields_number' => sizeof($_POST),
402
- 'direct_post' => $cookie_is_ok === null && apbct_is_post() ? 1 : 0,
403
- // Raw data to validated JavaScript test in the cloud
404
- 'checkjs_data_cookies' => !empty($_COOKIE['ct_checkjs']) ? $_COOKIE['ct_checkjs'] : null,
405
- 'checkjs_data_post' => !empty($checkjs_data_post) ? $checkjs_data_post : null,
406
- // PHP cookies
407
- 'cookies_enabled' => $cookie_is_ok,
408
- 'REFFERRER_PREVIOUS' => !empty($referer_previous) && $cookie_is_ok ? $referer_previous : null,
409
- 'site_landing_ts' => !empty($site_landing_ts) && $cookie_is_ok ? $site_landing_ts : null,
410
- 'page_hits' => !empty($page_hits) ? $page_hits : null,
411
- // JS cookies
412
- 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info']), true) : null,
413
- 'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
414
- 'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
415
- 'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,
416
- 'page_set_timestamp' => !empty($_COOKIE['ct_ps_timestamp']) ? $_COOKIE['ct_ps_timestamp'] : null,
417
- 'form_visible_inputs' => !empty($visible_fields['visible_fields_count']) ? $visible_fields['visible_fields_count'] : null,
418
- 'apbct_visible_fields' => !empty($visible_fields['visible_fields']) ? $visible_fields['visible_fields'] : null,
419
- // Misc
420
- 'site_referer' => !empty($site_referer) ? $site_referer : null,
421
- 'source_url' => !empty($urls) ? json_encode($urls) : null,
422
- // Debug stuff
423
- 'amp_detected' => $amp_detected,
424
- 'hook' => current_action() ? current_action() : 'no_hook',
425
- 'headers_sent' => !empty($apbct->headers_sent) ? $apbct->headers_sent : false,
426
- 'headers_sent__hook' => !empty($apbct->headers_sent__hook) ? $apbct->headers_sent__hook : 'no_hook',
427
- 'headers_sent__where' => !empty($apbct->headers_sent__where) ? $apbct->headers_sent__where : false,
428
- 'request_type' => apbct_get_server_variable('REQUEST_METHOD') ? apbct_get_server_variable('REQUEST_METHOD') : 'UNKNOWN',
429
- );
430
- }
431
-
432
- /**
433
- * Process visible fields for specific form to match the fields from request
434
- *
435
- * @param string $visible_fields JSON string
436
- *
437
- * @return array
438
- */
439
- function apbct_visibile_fields__process( $visible_fields ) {
440
-
441
- $fields_collection = json_decode( $visible_fields, true );
442
-
443
- if( ! empty( $fields_collection ) ) {
444
- foreach ($fields_collection as $current_fields) {
445
- if( isset( $current_fields['visible_fields'] ) && isset( $current_fields['visible_fields_count'] ) ) {
446
-
447
- $fields = explode( ' ', $current_fields['visible_fields'] );
448
-
449
- // This fields belong this request
450
- // @ToDo we have to implement a logic to find form fields (fields names, fields count) in serialized/nested/encoded items. not only $_POST.
451
- if( count( array_intersect( array_keys($_POST), $fields ) ) > 0 ) {
452
- // WP Forms visible fields formatting
453
- if(strpos($visible_fields, 'wpforms') !== false){
454
- $visible_fields = preg_replace(
455
- array('/\[/', '/\]/'),
456
- '',
457
- str_replace(
458
- '][',
459
- '_',
460
- str_replace(
461
- 'wpforms[fields]',
462
- '',
463
- $visible_fields
464
- )
465
- )
466
- );
467
- }
468
-
469
- return $current_fields;
470
-
471
- }
472
- }
473
- }
474
- }
475
-
476
- return array();
477
- }
478
-
479
- /*
480
- * Outputs JS key for AJAX-use only. Stops script.
481
- */
482
- function apbct_js_keys__get__ajax( $direct_call = false ){
483
-
484
- die(json_encode(array(
485
- 'js_key' => ct_get_checkjs_value()
486
- )));
487
-
488
- }
489
-
490
- /**
491
- * Get ct_get_checkjs_value
492
- *
493
- * @param bool $random_key
494
- *
495
- * @return int|string|null
496
- */
497
- function ct_get_checkjs_value(){
498
-
499
- global $apbct;
500
-
501
- // Use static JS keys
502
- if($apbct->settings['use_static_js_key'] == 1){
503
-
504
- $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
505
-
506
- // Auto detecting. Detected.
507
- }elseif(
508
- $apbct->settings['use_static_js_key'] == - 1 &&
509
- ( apbct_is_cache_plugins_exists() ||
510
- ( apbct_is_post() && $apbct->data['cache_detected'] == 1 )
511
- )
512
- ){
513
- $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
514
- if( apbct_is_cache_plugins_exists() )
515
- $apbct->data['cache_detected'] = 1;
516
-
517
- // Using dynamic JS keys
518
- }else{
519
-
520
- $keys = $apbct->data['js_keys'];
521
- $keys_checksum = md5(json_encode($keys));
522
-
523
- $key = null;
524
- $latest_key_time = 0;
525
-
526
- foreach ($keys as $k => $t) {
527
-
528
- // Removing key if it's to old
529
- if (time() - $t > $apbct->data['js_keys_store_days'] * 86400 * 7) {
530
- unset($keys[$k]);
531
- continue;
532
- }
533
-
534
- if ($t > $latest_key_time) {
535
- $latest_key_time = $t;
536
- $key = $k;
537
- }
538
- }
539
-
540
- // Set new key if the latest key is too old
541
- if (time() - $latest_key_time > $apbct->data['js_key_lifetime']) {
542
- $key = rand();
543
- $keys[$key] = time();
544
- }
545
-
546
- // Save keys if they were changed
547
- if (md5(json_encode($keys)) != $keys_checksum) {
548
- $apbct->data['js_keys'] = $keys;
549
- // $apbct->saveData();
550
- }
551
-
552
- $apbct->data['cache_detected'] = 0;
553
- }
554
-
555
- $apbct->saveData();
556
-
557
- return $key;
558
- }
559
-
560
- function apbct_is_cache_plugins_exists(){
561
- return
562
- defined('WP_ROCKET_VERSION') || // WPRocket
563
- defined('LSCWP_DIR') || // LiteSpeed Cache
564
- defined('WPFC_WP_CONTENT_BASENAME') || // WP Fastest Cache
565
- defined('W3TC') || // W3 Total Cache
566
- defined('WPO_VERSION') || // WP-Optimize – Clean, Compress, Cache
567
- defined('AUTOPTIMIZE_PLUGIN_VERSION') || // Autoptimize
568
- defined('WPCACHEHOME') || // WP Super Cache
569
- defined('WPHB_VERSION') || // Hummingbird – Speed up, Cache, Optimize Your CSS and JS
570
- defined('CE_FILE') || // Cache Enabler – WordPress Cache
571
- class_exists('\RedisObjectCache') || // Redis Object Cache
572
- defined('SiteGround_Optimizer\VERSION') || // SG Optimizer
573
- class_exists('\WP_Rest_Cache_Plugin\Includes\Plugin'); // WP REST Cache
574
- }
575
-
576
- /**
577
- * Inner function - Current site admin e-mail
578
- * @return string Admin e-mail
579
- */
580
- function ct_get_admin_email() {
581
- global $admin_email;
582
- if(!isset($admin_email))
583
- {
584
- $admin_email = get_option('admin_email');
585
- }
586
- return $admin_email;
587
- }
588
-
589
- /**
590
- * Inner function - Current Cleantalk working server info
591
- * @return mixed[] Array of server data
592
- */
593
- function ct_get_server($force=false) {
594
- global $ct_server;
595
- if(!$force && isset($ct_server) && isset($ct_server['ct_work_url']) && !empty($ct_server['ct_work_url'])){
596
-
597
- return $ct_server;
598
-
599
- }else{
600
-
601
- $ct_server = get_option('cleantalk_server');
602
- if (!is_array($ct_server)){
603
- $ct_server = array(
604
- 'ct_work_url' => NULL,
605
- 'ct_server_ttl' => NULL,
606
- 'ct_server_changed' => NULL
607
- );
608
- }
609
- return $ct_server;
610
- }
611
- }
612
-
613
- /**
614
- * Inner function - Stores ang returns cleantalk hash of current comment
615
- * @param string New hash or NULL
616
- * @return string New hash or current hash depending on parameter
617
- */
618
- function ct_hash($new_hash = '') {
619
- /**
620
- * Current hash
621
- */
622
- static $hash;
623
-
624
- if (!empty($new_hash)) {
625
- $hash = $new_hash;
626
- }
627
- return $hash;
628
- }
629
-
630
- /**
631
- * Inner function - Write manual moderation results to PHP sessions
632
- * @param string $hash Cleantalk comment hash
633
- * @param string $message comment_content
634
- * @param int $allow flag good comment (1) or bad (0)
635
- * @return string comment_content w\o cleantalk resume
636
- */
637
- function ct_feedback($hash, $allow) {
638
- global $apbct;
639
-
640
- $ct_feedback = $hash . ':' . $allow . ';';
641
- if($apbct->data['feedback_request'])
642
- $apbct->data['feedback_request'] = $ct_feedback;
643
- else
644
- $apbct->data['feedback_request'] .= $ct_feedback;
645
-
646
- $apbct->saveData();
647
- }
648
-
649
- /**
650
- * Inner function - Sends the results of moderation
651
- * Scheduled in 3600 seconds!
652
- * @param string $feedback_request
653
- * @return bool
654
- */
655
- function ct_send_feedback($feedback_request = null) {
656
-
657
- global $apbct;
658
-
659
- if (empty($feedback_request) && isset($apbct->data['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $apbct->data['feedback_request'])){
660
- $feedback_request = $apbct->data['feedback_request'];
661
- $apbct->data['feedback_request'] = '';
662
- $apbct->saveData();
663
- }
664
-
665
- if ($feedback_request !== null) {
666
-
667
- $ct_request = new CleantalkRequest(array(
668
- // General
669
- 'auth_key' => $apbct->api_key,
670
- // Additional
671
- 'feedback' => $feedback_request,
672
- ));
673
-
674
- $ct = new Cleantalk();
675
-
676
- // Server URL handling
677
- $config = ct_get_server();
678
- $ct->server_url = APBCT_MODERATE_URL;
679
- $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
680
- $ct->server_ttl = $config['ct_server_ttl'];
681
- $ct->server_changed = $config['ct_server_changed'];
682
-
683
- $ct->sendFeedback($ct_request);
684
-
685
- if ($ct->server_change) {
686
- update_option(
687
- 'cleantalk_server',
688
- array(
689
- 'ct_work_url' => $ct->work_url,
690
- 'ct_server_ttl' => $ct->server_ttl,
691
- 'ct_server_changed' => time(),
692
- )
693
- );
694
- }
695
-
696
- return true;
697
- }
698
-
699
- return false;
700
- }
701
-
702
- /**
703
- * Delete old spam comments
704
- * Scheduled in 3600 seconds!
705
- * @return null
706
- */
707
- function ct_delete_spam_comments() {
708
-
709
- global $apbct;
710
-
711
- if ($apbct->settings['remove_old_spam'] == 1) {
712
- $last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
713
- foreach ($last_comments as $c) {
714
- $comment_date_gmt = strtotime($c->comment_date_gmt);
715
- if ($comment_date_gmt && is_numeric($comment_date_gmt)) {
716
- if (time() - $comment_date_gmt > 86400 * $apbct->data['spam_store_days']) {
717
- // Force deletion old spam comments
718
- wp_delete_comment($c->comment_ID, true);
719
- }
720
- }
721
- }
722
- }
723
-
724
- return null;
725
- }
726
-
727
- /*
728
- * Get data from an ARRAY recursively
729
- * @return array
730
- */
731
- function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
732
-
733
- //Skip request if fields exists
734
- $skip_params = array(
735
- 'ipn_track_id', // PayPal IPN #
736
- 'txn_type', // PayPal transaction type
737
- 'payment_status', // PayPal payment status
738
- 'ccbill_ipn', // CCBill IPN
739
- 'ct_checkjs', // skip ct_checkjs field
740
- 'api_mode', // DigiStore-API
741
- 'loadLastCommentId' // Plugin: WP Discuz. ticket_id=5571
742
- );
743
-
744
- // Fields to replace with ****
745
- $obfuscate_params = array(
746
- 'password',
747
- 'pass',
748
- 'pwd',
749
- 'pswd'
750
- );
751
-
752
- // Skip feilds with these strings and known service fields
753
- $skip_fields_with_strings = array(
754
- // Common
755
- 'ct_checkjs', //Do not send ct_checkjs
756
- 'nonce', //nonce for strings such as 'rsvp_nonce_name'
757
- 'security',
758
- // 'action',
759
- 'http_referer',
760
- 'referer-page',
761
- 'timestamp',
762
- 'captcha',
763
- // Formidable Form
764
- 'form_key',
765
- 'submit_entry',
766
- // Custom Contact Forms
767
- 'form_id',
768
- 'ccf_form',
769
- 'form_page',
770
- // Qu Forms
771
- 'iphorm_uid',
772
- 'form_url',
773
- 'post_id',
774
- 'iphorm_ajax',
775
- 'iphorm_id',
776
- // Fast SecureContact Froms
777
- 'fs_postonce_1',
778
- 'fscf_submitted',
779
- 'mailto_id',
780
- 'si_contact_action',
781
- // Ninja Forms
782
- 'formData_id',
783
- 'formData_settings',
784
- 'formData_fields_\d+_id',
785
- 'formData_fields_\d+_files.*',
786
- // E_signature
787
- 'recipient_signature',
788
- 'output_\d+_\w{0,2}',
789
- // Contact Form by Web-Settler protection
790
- '_formId',
791
- '_returnLink',
792
- // Social login and more
793
- '_save',
794
- '_facebook',
795
- '_social',
796
- 'user_login-',
797
- // Contact Form 7
798
- '_wpcf7',
799
- 'ebd_settings',
800
- 'ebd_downloads_',
801
- 'ecole_origine',
802
- 'signature',
803
- // Ultimate Form Builder
804
- 'form_data_%d_name',
805
- );
806
-
807
- // Reset $message if we have a sign-up data
808
- $skip_message_post = array(
809
- 'edd_action', // Easy Digital Downloads
810
- );
811
-
812
- if( apbct_array( array( $_POST, $_GET ) )->get_keys( $skip_params )->result() )
813
- $contact = false;
814
-
815
- if(count($arr)){
816
-
817
- foreach($arr as $key => $value){
818
-
819
- if(gettype($value) == 'string'){
820
-
821
- $tmp = strpos($value, '\\') !== false ? stripslashes($value) : $value;
822
- $decoded_json_value = json_decode($tmp, true);
823
-
824
- // Decoding JSON
825
- if($decoded_json_value !== null){
826
- $value = $decoded_json_value;
827
-
828
- // Ajax Contact Forms. Get data from such strings:
829
- // acfw30_name %% Blocked~acfw30_email %% s@cleantalk.org
830
- // acfw30_textarea %% msg
831
- }elseif(preg_match('/^\S+\s%%\s\S+.+$/', $value)){
832
- $value = explode('~', $value);
833
- foreach ($value as &$val){
834
- $tmp = explode(' %% ', $val);
835
- $val = array($tmp[0] => $tmp[1]);
836
- }
837
- }
838
- }
839
-
840
- if(!is_array($value) && !is_object($value)){
841
-
842
- if (in_array($key, $skip_params, true) && $key != 0 && $key != '' || preg_match("/^ct_checkjs/", $key))
843
- $contact = false;
844
-
845
- if($value === '')
846
- continue;
847
-
848
- // Skipping fields names with strings from (array)skip_fields_with_strings
849
- foreach($skip_fields_with_strings as $needle){
850
- if (preg_match("/".$needle."/", $prev_name.$key) == 1){
851
- continue(2);
852
- }
853
- }unset($needle);
854
-
855
- // Obfuscating params
856
- foreach($obfuscate_params as $needle){
857
- if (strpos($key, $needle) !== false){
858
- $value = ct_obfuscate_param($value);
859
- continue(2);
860
- }
861
- }unset($needle);
862
-
863
- $value_for_email = trim( strip_shortcodes( $value ) ); // Removes shortcodes to do better spam filtration on server side.
864
-
865
- // Email
866
- if ( ! $email && preg_match( "/^\S+@\S+\.\S+$/", $value_for_email ) ) {
867
- $email = $value_for_email;
868
-
869
- // Removes whitespaces
870
- $value = urldecode( trim( strip_shortcodes( $value ) ) ); // Fully cleaned message
871
-
872
- // Names
873
- }elseif (preg_match("/name/i", $key)){
874
-
875
- preg_match("/((name.?)?(your|first|for)(.?name)?)/", $key, $match_forename);
876
- preg_match("/((name.?)?(last|family|second|sur)(.?name)?)/", $key, $match_surname);
877
- preg_match("/(name.?)?(nick|user)(.?name)?/", $key, $match_nickname);
878
-
879
- if(count($match_forename) > 1)
880
- $nickname['first'] = $value;
881
- elseif(count($match_surname) > 1)
882
- $nickname['last'] = $value;
883
- elseif(count($match_nickname) > 1)
884
- $nickname['nick'] = $value;
885
- else
886
- $message[$prev_name.$key] = $value;
887
-
888
- // Subject
889
- }elseif ($subject === null && preg_match("/subject/i", $key)){
890
- $subject = $value;
891
-
892
- // Message
893
- }else{
894
- $message[$prev_name.$key] = $value;
895
- }
896
-
897
- }elseif(!is_object($value)){
898
-
899
- $prev_name_original = $prev_name;
900
- $prev_name = ($prev_name === '' ? $key.'_' : $prev_name.$key.'_');
901
-
902
- $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
903
-
904
- $message = $temp['message'];
905
- $email = ($temp['email'] ? $temp['email'] : null);
906
- $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
907
- $subject = ($temp['subject'] ? $temp['subject'] : null);
908
- if($contact === true)
909
- $contact = ($temp['contact'] === false ? false : true);
910
- $prev_name = $prev_name_original;
911
- }
912
- } unset($key, $value);
913
- }
914
-
915
- foreach ($skip_message_post as $v) {
916
- if (isset($_POST[$v])) {
917
- $message = null;
918
- break;
919
- }
920
- } unset($v);
921
-
922
- //If top iteration, returns compiled name field. Example: "Nickname Firtsname Lastname".
923
- if($prev_name === ''){
924
- if(!empty($nickname)){
925
- $nickname_str = '';
926
- foreach($nickname as $value){
927
- $nickname_str .= ($value ? $value." " : "");
928
- }unset($value);
929
- }
930
- $nickname = $nickname_str;
931
- }
932
-
933
- $return_param = array(
934
- 'email' => $email,
935
- 'nickname' => $nickname,
936
- 'subject' => $subject,
937
- 'contact' => $contact,
938
- 'message' => $message
939
- );
940
- return $return_param;
941
- }
942
-
943
- /**
944
- * Masks a value with asterisks (*)
945
- * @return string
946
- */
947
- function ct_obfuscate_param($value = null) {
948
- if ($value && (!is_object($value) || !is_array($value))) {
949
- $length = strlen($value);
950
- $value = str_repeat('*', $length);
951
- }
952
-
953
- return $value;
954
- }
955
-
956
- //New ct_get_fields_any_postdata
957
- function ct_get_fields_any_postdata($arr, $message=array()){
958
- $skip_params = array(
959
- 'ipn_track_id', // PayPal IPN #
960
- 'txn_type', // PayPal transaction type
961
- 'payment_status', // PayPal payment status
962
- );
963
-
964
- foreach($arr as $key => $value){
965
- if(!is_array($value)){
966
- if($value == '')
967
- continue;
968
- if (!(in_array($key, $skip_params) || preg_match("/^ct_checkjs/", $key)) && $value!='')
969
- $message[$key] = $value;
970
- }else{
971
- $temp = ct_get_fields_any_postdata($value);
972
- $message = (count($temp) == 0 ? $message : array_merge($message, $temp));
973
- }
974
- }
975
- return $message;
976
- }
977
-
978
- /**
979
- * Checks if given string is valid regular expression
980
- *
981
- * @param string $regexp
982
- *
983
- * @return bool
984
- */
985
- function apbct_is_regexp($regexp){
986
- return @preg_match('/' . $regexp . '/', null) !== false;
987
- }
988
-
989
- function cleantalk_debug($key,$value)
990
- {
991
- if(isset($_COOKIE) && isset($_COOKIE['cleantalk_debug']))
992
- {
993
- @header($key.": ".$value);
994
- }
995
- }
996
-
997
- /**
998
- * Function changes CleanTalk result object if an error occurred.
999
- * @return object
1000
- */
1001
- function ct_change_plugin_resonse($ct_result = null, $checkjs = null) {
1002
-
1003
- global $apbct;
1004
-
1005
- if (!$ct_result) {
1006
- return $ct_result;
1007
- }
1008
-
1009
- if(@intval($ct_result->errno) != 0)
1010
- {
1011
- if($checkjs === null || $checkjs != 1)
1012
- {
1013
- $ct_result->allow = 0;
1014
- $ct_result->spam = 1;
1015
- $ct_result->comment = sprintf('We\'ve got an issue: %s. Forbidden. Please, enable Javascript. %s.',
1016
- $ct_result->comment,
1017
- $apbct->plugin_name
1018
- );
1019
- }
1020
- else
1021
- {
1022
- $ct_result->allow = 1;
1023
- $ct_result->comment = 'Allow';
1024
- }
1025
- }
1026
-
1027
- return $ct_result;
1028
- }
1029
-
1030
- /**
1031
- * Does ey has correct symbols? Checks against regexp ^[a-z\d]{3,15}$
1032
- * @param api_key
1033
- * @return bool
1034
- */
1035
- function apbct_api_key__is_correct($api_key = null)
1036
- {
1037
- global $apbct;
1038
- $api_key = $api_key !== null ? $api_key : $apbct->api_key;
1039
- return $api_key && preg_match('/^[a-z\d]{3,15}$/', $api_key) ? true : false;
1040
- }
1041
-
1042
- function apbct_add_async_attribute($tag, $handle, $src) {
1043
-
1044
- global $apbct;
1045
-
1046
- if(
1047
- $handle === 'ct_public' ||
1048
- $handle === 'ct_public_gdpr' ||
1049
- $handle === 'ct_debug_js' ||
1050
- $handle === 'ct_public_admin_js' ||
1051
- $handle === 'ct_internal' ||
1052
- $handle === 'ct_external' ||
1053
- $handle === 'ct_nocache'
1054
- ){
1055
- if( $apbct->settings['async_js'] )
1056
- $tag = str_replace( ' src', ' async="async" src', $tag );
1057
-
1058
- if( class_exists('Cookiebot_WP') )
1059
- $tag = str_replace( ' src', ' data-cookieconsent="ignore" src', $tag );
1060
- }
1061
-
1062
- return $tag;
1063
  }
1
+ <?php
2
+
3
+ use Cleantalk\Antispam\Cleantalk;
4
+ use Cleantalk\Antispam\CleantalkRequest;
5
+ use Cleantalk\Antispam\CleantalkResponse;
6
+ use Cleantalk\Variables\Cookie;
7
+
8
+ function apbct_array( $array ){
9
+ return new \Cleantalk\Common\Arr( $array );
10
+ }
11
+
12
+ $ct_checkjs_frm = 'ct_checkjs_frm';
13
+ $ct_checkjs_register_form = 'ct_checkjs_register_form';
14
+
15
+ $apbct_cookie_request_id_label = 'request_id';
16
+ $apbct_cookie_register_ok_label = 'register_ok';
17
+
18
+ $ct_checkjs_cf7 = 'ct_checkjs_cf7';
19
+ $ct_cf7_comment = '';
20
+
21
+ $ct_checkjs_jpcf = 'ct_checkjs_jpcf';
22
+ $ct_jpcf_patched = false;
23
+ $ct_jpcf_fields = array('name', 'email');
24
+
25
+ // Comment already proccessed
26
+ $ct_comment_done = false;
27
+
28
+ // Comment already proccessed
29
+ $ct_signup_done = false;
30
+
31
+ //Contains registration error
32
+ $ct_registration_error_comment = false;
33
+
34
+ // Default value for JS test
35
+ $ct_checkjs_def = 0;
36
+
37
+ // COOKIE label to store request id for last approved
38
+ $ct_approved_request_id_label = 'ct_approved_request_id';
39
+
40
+ // Last request id approved for publication
41
+ $ct_approved_request_id = null;
42
+
43
+ // Trial notice show time in minutes
44
+ $trial_notice_showtime = 10;
45
+
46
+ // Renew notice show time in minutes
47
+ $renew_notice_showtime = 10;
48
+
49
+ // COOKIE label for WP Landing Page proccessing result
50
+ $ct_wplp_result_label = 'ct_wplp_result';
51
+
52
+ // Flag indicates active JetPack comments
53
+ $ct_jp_comments = false;
54
+
55
+ // WP admin email notice interval in seconds
56
+ $ct_admin_notoice_period = 21600;
57
+
58
+ // Sevice negative comment to visitor.
59
+ // It uses for BuddyPress registrations to avoid double checks
60
+ $ct_negative_comment = null;
61
+
62
+ // Set globals to NULL to avoid massive DB requests. Globals will be set when needed only and by accessors only.
63
+ $ct_server = NULL;
64
+ $admin_email = NULL;
65
+
66
+ /**
67
+ * Public action 'plugins_loaded' - Loads locale, see http://codex.wordpress.org/Function_Reference/load_plugin_textdomain
68
+ */
69
+ function apbct_plugin_loaded() {
70
+ $dir=plugin_basename( dirname( __FILE__ ) ) . '/../i18n';
71
+ $loaded=load_plugin_textdomain('cleantalk-spam-protect', false, $dir);
72
+ }
73
+
74
+ /**
75
+ * Inner function - Request's wrapper for anything
76
+ * @param array Array of parameters:
77
+ * 'message' - string
78
+ * 'example' - string
79
+ * 'checkjs' - int
80
+ * 'sender_email' - string
81
+ * 'sender_nickname' - string
82
+ * 'sender_info' - array
83
+ * 'post_info' - string
84
+ * @return array array('ct'=> Cleantalk, 'ct_result' => CleantalkResponse)
85
+ */
86
+ function apbct_base_call($params = array(), $reg_flag = false){
87
+
88
+ global $apbct, $cleantalk_executed;
89
+
90
+ // URL, IP, Role exclusions
91
+ if( ! $cleantalk_executed && apbct_exclusions_check() ){
92
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
93
+ return array( 'ct_result' => new CleantalkResponse() );
94
+ }
95
+ $cleantalk_executed = true;
96
+
97
+ // Request id rotation
98
+ $plugin_request_id__lifetime = 2;
99
+ $tmp = array();
100
+ foreach( $apbct->plugin_request_ids as $request_id => $request_time ){
101
+ if( time() - $request_time < $plugin_request_id__lifetime )
102
+ $tmp[ $request_id ] = $request_time;
103
+ }
104
+ $apbct->plugin_request_ids = $tmp;
105
+ $apbct->save('plugin_request_ids');
106
+
107
+ // Skip duplicate requests
108
+ if( key_exists( $apbct->plugin_request_id, $apbct->plugin_request_ids ) ){
109
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
110
+ return array( 'ct_result' => new CleantalkResponse() );
111
+ }
112
+
113
+ $apbct->plugin_request_ids = array_merge($apbct->plugin_request_ids, array($apbct->plugin_request_id => time() ) );
114
+ $apbct->save('plugin_request_ids');
115
+
116
+ $sender_info = !empty($params['sender_info'])
117
+ ? \Cleantalk\ApbctWP\Helper::array_merge__save_numeric_keys__recursive(apbct_get_sender_info(), (array)$params['sender_info'])
118
+ : apbct_get_sender_info();
119
+
120
+ // Fields exclusions
121
+ if( ! empty( $params['message'] ) && is_array( $params['message'] ) ){
122
+
123
+ $params['message'] = apbct_array( $params['message'] )
124
+ ->get_keys( $apbct->settings['exclusions__fields'], $apbct->settings['exclusions__fields__use_regexp'] )
125
+ ->delete();
126
+ }
127
+
128
+ // Reversed url exclusions. Pass everything except one.
129
+ if( ! apbct_exclusions_check__url__reversed() ){
130
+ return array(
131
+ 'ct' => false,
132
+ 'ct_result' => new CleantalkResponse( null, null )
133
+ );
134
+ }
135
+
136
+ $default_params = array(
137
+
138
+ // IPs
139
+ 'sender_ip' => defined('CT_TEST_IP') ? CT_TEST_IP : (isset($params['sender_ip']) ? $params['sender_ip'] : \Cleantalk\ApbctWP\Helper::ip__get(array('real'), false)),
140
+ 'x_forwarded_for' => \Cleantalk\ApbctWP\Helper::ip__get(array('x_forwarded_for'), false),
141
+ 'x_real_ip' => \Cleantalk\ApbctWP\Helper::ip__get(array('x_real_ip'), false),
142
+
143
+ // Misc
144
+ 'auth_key' => $apbct->api_key,
145
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE) ? 1 : apbct_js_test('ct_checkjs', $_POST),
146
+
147
+ 'agent' => APBCT_AGENT,
148
+ 'sender_info' => $sender_info,
149
+ 'submit_time' => apbct_get_submit_time(),
150
+ );
151
+
152
+ // Send $_SERVER if couldn't find IP
153
+ if(empty($default_params['sender_ip']))
154
+ $default_params['sender_info']['server_info'] = $_SERVER;
155
+
156
+ $ct_request = new CleantalkRequest(
157
+ \Cleantalk\ApbctWP\Helper::array_merge__save_numeric_keys__recursive($default_params, $params)
158
+ );
159
+
160
+ $ct = new Cleantalk();
161
+
162
+ $ct->use_bultin_api = $apbct->settings['use_buitin_http_api'] ? true : false;
163
+ $ct->ssl_on = $apbct->settings['ssl_on'];
164
+ $ct->ssl_path = APBCT_CASERT_PATH;
165
+
166
+ // Options store url without shceme because of DB error with ''://'
167
+ $config = ct_get_server();
168
+ $ct->server_url = APBCT_MODERATE_URL;
169
+ $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
170
+ $ct->server_ttl = $config['ct_server_ttl'];
171
+ $ct->server_changed = $config['ct_server_changed'];
172
+
173
+ $start = microtime(true);
174
+ $ct_result = $reg_flag
175
+ ? @$ct->isAllowUser($ct_request)
176
+ : @$ct->isAllowMessage($ct_request);
177
+ $exec_time = microtime(true) - $start;
178
+
179
+ // Statistics
180
+ // Average request time
181
+ apbct_statistics__rotate($exec_time);
182
+ // Last request
183
+ $apbct->stats['last_request']['time'] = time();
184
+ $apbct->stats['last_request']['server'] = $ct->work_url;
185
+ $apbct->save('stats');
186
+
187
+ // Connection reports
188
+ if ($ct_result->errno === 0 && empty($ct_result->errstr))
189
+ $apbct->data['connection_reports']['success']++;
190
+ else
191
+ {
192
+ $apbct->data['connection_reports']['negative']++;
193
+ $apbct->data['connection_reports']['negative_report'][] = array(
194
+ 'date' => date("Y-m-d H:i:s"),
195
+ 'page_url' => apbct_get_server_variable( 'REQUEST_URI' ),
196
+ 'lib_report' => $ct_result->errstr,
197
+ 'work_url' => $ct->work_url,
198
+ );
199
+
200
+ if(count($apbct->data['connection_reports']['negative_report']) > 20)
201
+ $apbct->data['connection_reports']['negative_report'] = array_slice($apbct->data['connection_reports']['negative_report'], -20, 20);
202
+
203
+ }
204
+
205
+ if ($ct->server_change) {
206
+ update_option(
207
+ 'cleantalk_server',
208
+ array(
209
+ 'ct_work_url' => $ct->work_url,
210
+ 'ct_server_ttl' => $ct->server_ttl,
211
+ 'ct_server_changed' => time(),
212
+ )
213
+ );
214
+ }
215
+
216
+ $ct_result = ct_change_plugin_resonse($ct_result, $ct_request->js_on);
217
+
218
+ // Restart submit form counter for failed requests
219
+ if ($ct_result->allow == 0){
220
+ apbct_cookie(); // Setting page timer and cookies
221
+ ct_add_event('no');
222
+ }else{
223
+ ct_add_event('yes');
224
+ }
225
+
226
+ //Strip tags from comment
227
+ $ct_result->comment = strip_tags($ct_result->comment, '<p><a><br>');
228
+
229
+ // Set cookies if it's not.
230
+ if(empty($apbct->flags__cookies_setuped))
231
+ apbct_cookie();
232
+
233
+ return array('ct' => $ct, 'ct_result' => $ct_result);
234
+
235
+ }
236
+
237
+ function apbct_exclusions_check($func = null){
238
+
239
+ global $apbct, $cleantalk_executed;
240
+
241
+ // Common exclusions
242
+ if(
243
+ apbct_exclusions_check__ip() ||
244
+ apbct_exclusions_check__url() ||
245
+ apbct_is_user_role_in( $apbct->settings['exclusions__roles'] ) ||
246
+ $cleantalk_executed
247
+ )
248
+ return true;
249
+
250
+ // Personal exclusions
251
+ switch ($func){
252
+ case 'ct_contact_form_validate_postdata':
253
+ if(
254
+ (defined( 'DOING_AJAX' ) && DOING_AJAX) ||
255
+ apbct_array( $_POST )->get_keys( 'members_search_submit' )->result()
256
+ )
257
+ return true;
258
+ break;
259
+ case 'ct_contact_form_validate':
260
+ if(
261
+ apbct_array( $_POST )->get_keys( 'members_search_submit' )->result()
262
+ )
263
+ return true;
264
+ break;
265
+ default:
266
+ return false;
267
+ break;
268
+ }
269
+
270
+ return false;
271
+ }
272
+
273
+ function apbct_exclusions_check__url__reversed(){
274
+ return defined( 'APBCT_URL_EXCLUSIONS__REVERSED' ) && ! \Cleantalk\Variables\Server::has_string( 'REQUEST_URI', APBCT_URL_EXCLUSIONS__REVERSED )
275
+ ? false
276
+ : true;
277
+ }
278
+
279
+ /**
280
+ * Checks if reuqest URI is in exclusion list
281
+ *
282
+ * @return bool
283
+ */
284
+ function apbct_exclusions_check__url() {
285
+
286
+ global $apbct;
287
+
288
+ if ( ! empty( $apbct->settings['exclusions__urls'] ) ) {
289
+
290
+ if( strpos( $apbct->settings['exclusions__urls'], "\r\n" ) !== false ) {
291
+ $exclusions = explode( "\r\n", $apbct->settings['exclusions__urls'] );
292
+ } elseif( strpos( $apbct->settings['exclusions__urls'], "\n" ) !== false ) {
293
+ $exclusions = explode( "\n", $apbct->settings['exclusions__urls'] );
294
+ } else {
295
+ $exclusions = explode( ',', $apbct->settings['exclusions__urls'] );
296
+ }
297
+
298
+ // Fix for AJAX forms
299
+ $haystack = apbct_get_server_variable( 'REQUEST_URI' ) == '/wp-admin/admin-ajax.php' && ! apbct_get_server_variable( 'HTTP_REFERER' )
300
+ ? apbct_get_server_variable( 'HTTP_REFERER' )
301
+ : \Cleantalk\Variables\Server::get('HTTP_HOST') . apbct_get_server_variable( 'REQUEST_URI' );
302
+
303
+ foreach ( $exclusions as $exclusion ) {
304
+ if (
305
+ ($apbct->settings['exclusions__urls__use_regexp'] && preg_match( '@' . $exclusion . '@', $haystack ) === 1) ||
306
+ stripos( $haystack, $exclusion ) !== false
307
+ ){
308
+ return true;
309
+ }
310
+ }
311
+ return false;
312
+ }
313
+ }
314
+ /**
315
+ * @deprecated 5.128 Using IP white-lists instead
316
+ * @deprecated since 18.09.2019
317
+ * Checks if sender_ip is in exclusion list
318
+ *
319
+ * @return bool
320
+ */
321
+ function apbct_exclusions_check__ip(){
322
+
323
+ global $cleantalk_ip_exclusions;
324
+
325
+ if( apbct_get_server_variable( 'REMOTE_ADDR' ) ){
326
+
327
+ if( \Cleantalk\ApbctWP\Helper::ip__is_cleantalks( apbct_get_server_variable( 'REMOTE_ADDR' ) ) ){
328
+ return true;
329
+ }
330
+
331
+ if( ! empty( $cleantalk_ip_exclusions ) && is_array( $cleantalk_ip_exclusions ) ){
332
+ foreach ( $cleantalk_ip_exclusions as $exclusion ){
333
+ if( stripos( apbct_get_server_variable( 'REMOTE_ADDR' ), $exclusion ) !== false ){
334
+ return true;
335
+ }
336
+ }
337
+ }
338
+ }
339
+
340
+ return false;
341
+ }
342
+
343
+ /**
344
+ * Inner function - Default data array for senders
345
+ * @return array
346
+ */
347
+ function apbct_get_sender_info() {
348
+
349
+ global $apbct;
350
+
351
+ // Validate cookie from the backend
352
+ $cookie_is_ok = apbct_cookies_test();
353
+
354
+ $referer_previous = $apbct->settings['set_cookies__sessions']
355
+ ? apbct_alt_session__get('apbct_prev_referer')
356
+ : filter_input(INPUT_COOKIE, 'apbct_prev_referer');
357
+
358
+ $site_landing_ts = $apbct->settings['set_cookies__sessions']
359
+ ? apbct_alt_session__get('apbct_site_landing_ts')
360
+ : filter_input(INPUT_COOKIE, 'apbct_site_landing_ts');
361
+
362
+ $page_hits = $apbct->settings['set_cookies__sessions']
363
+ ? apbct_alt_session__get('apbct_page_hits')
364
+ : filter_input(INPUT_COOKIE, 'apbct_page_hits');
365
+
366
+ if (count($_POST) > 0) {
367
+ foreach ($_POST as $k => $v) {
368
+ if (preg_match("/^(ct_check|checkjs).+/", $k)) {
369
+ $checkjs_data_post = $v;
370
+ }
371
+ }
372
+ }
373
+
374
+ // AMP check
375
+ $amp_detected = apbct_get_server_variable( 'HTTP_REFERER' )
376
+ ? strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '/amp/') !== false || strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '?amp=1') !== false || strpos(apbct_get_server_variable( 'HTTP_REFERER' ), '&amp=1') !== false
377
+ ? 1
378
+ : 0
379
+ : null;
380
+
381
+ $site_referer = $apbct->settings['store_urls__sessions']
382
+ ? apbct_alt_session__get('apbct_site_referer')
383
+ : filter_input(INPUT_COOKIE, 'apbct_site_referer');
384
+
385
+ $urls = $apbct->settings['store_urls__sessions']
386
+ ? (array)apbct_alt_session__get('apbct_urls')
387
+ : (array)json_decode(filter_input(INPUT_COOKIE, 'apbct_urls'), true);
388
+
389
+ // Visible fields processing
390
+ $visible_fields = apbct_visibile_fields__process( Cookie::get('apbct_visible_fields') );
391
+
392
+ return array(
393
+ 'plugin_request_id' => $apbct->plugin_request_id,
394
+ 'wpms' => is_multisite() ? 'yes' : 'no',
395
+ 'remote_addr' => \Cleantalk\ApbctWP\Helper::ip__get(array('remote_addr'), false),
396
+ 'REFFERRER' => apbct_get_server_variable( 'HTTP_REFERER' ),
397
+ 'USER_AGENT' => apbct_get_server_variable( 'HTTP_USER_AGENT' ),
398
+ 'page_url' => apbct_get_server_variable( 'SERVER_NAME' ) . apbct_get_server_variable( 'REQUEST_URI' ),
399
+ 'cms_lang' => substr(get_locale(), 0, 2),
400
+ 'ct_options' => json_encode($apbct->settings),
401
+ 'fields_number' => sizeof($_POST),
402
+ 'direct_post' => $cookie_is_ok === null && apbct_is_post() ? 1 : 0,
403
+ // Raw data to validated JavaScript test in the cloud
404
+ 'checkjs_data_cookies' => !empty($_COOKIE['ct_checkjs']) ? $_COOKIE['ct_checkjs'] : null,
405
+ 'checkjs_data_post' => !empty($checkjs_data_post) ? $checkjs_data_post : null,
406
+ // PHP cookies
407
+ 'cookies_enabled' => $cookie_is_ok,
408
+ 'REFFERRER_PREVIOUS' => !empty($referer_previous) && $cookie_is_ok ? $referer_previous : null,
409
+ 'site_landing_ts' => !empty($site_landing_ts) && $cookie_is_ok ? $site_landing_ts : null,
410
+ 'page_hits' => !empty($page_hits) ? $page_hits : null,
411
+ // JS cookies
412
+ 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info']), true) : null,
413
+ 'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
414
+ 'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
415
+ 'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,
416
+ 'page_set_timestamp' => !empty($_COOKIE['ct_ps_timestamp']) ? $_COOKIE['ct_ps_timestamp'] : null,
417
+ 'form_visible_inputs' => !empty($visible_fields['visible_fields_count']) ? $visible_fields['visible_fields_count'] : null,
418
+ 'apbct_visible_fields' => !empty($visible_fields['visible_fields']) ? $visible_fields['visible_fields'] : null,
419
+ // Misc
420
+ 'site_referer' => !empty($site_referer) ? $site_referer : null,
421
+ 'source_url' => !empty($urls) ? json_encode($urls) : null,
422
+ // Debug stuff
423
+ 'amp_detected' => $amp_detected,
424
+ 'hook' => current_filter() ? current_filter() : 'no_hook',
425
+ 'headers_sent' => !empty($apbct->headers_sent) ? $apbct->headers_sent : false,
426
+ 'headers_sent__hook' => !empty($apbct->headers_sent__hook) ? $apbct->headers_sent__hook : 'no_hook',
427
+ 'headers_sent__where' => !empty($apbct->headers_sent__where) ? $apbct->headers_sent__where : false,
428
+ 'request_type' => apbct_get_server_variable('REQUEST_METHOD') ? apbct_get_server_variable('REQUEST_METHOD') : 'UNKNOWN',
429
+ );
430
+ }
431
+
432
+ /**
433
+ * Process visible fields for specific form to match the fields from request
434
+ *
435
+ * @param string $visible_fields JSON string
436
+ *
437
+ * @return array
438
+ */
439
+ function apbct_visibile_fields__process( $visible_fields ) {
440
+
441
+ $fields_collection = json_decode( $visible_fields, true );
442
+
443
+ if( ! empty( $fields_collection ) ) {
444
+ foreach ($fields_collection as $current_fields) {
445
+ if( isset( $current_fields['visible_fields'] ) && isset( $current_fields['visible_fields_count'] ) ) {
446
+
447
+ $fields = explode( ' ', $current_fields['visible_fields'] );
448
+
449
+ // This fields belong this request
450
+ // @ToDo we have to implement a logic to find form fields (fields names, fields count) in serialized/nested/encoded items. not only $_POST.
451
+ if( count( array_intersect( array_keys($_POST), $fields ) ) > 0 ) {
452
+ // WP Forms visible fields formatting
453
+ if(strpos($visible_fields, 'wpforms') !== false){
454
+ $visible_fields = preg_replace(
455
+ array('/\[/', '/\]/'),
456
+ '',
457
+ str_replace(
458
+ '][',
459
+ '_',
460
+ str_replace(
461
+ 'wpforms[fields]',
462
+ '',
463
+ $visible_fields
464
+ )
465
+ )
466
+ );
467
+ }
468
+
469
+ return $current_fields;
470
+
471
+ }
472
+ }
473
+ }
474
+ }
475
+
476
+ return array();
477
+ }
478
+
479
+ /*
480
+ * Outputs JS key for AJAX-use only. Stops script.
481
+ */
482
+ function apbct_js_keys__get__ajax( $direct_call = false ){
483
+
484
+ die(json_encode(array(
485
+ 'js_key' => ct_get_checkjs_value()
486
+ )));
487
+
488
+ }
489
+
490
+ /**
491
+ * Get ct_get_checkjs_value
492
+ *
493
+ * @param bool $random_key
494
+ *
495
+ * @return int|string|null
496
+ */
497
+ function ct_get_checkjs_value(){
498
+
499
+ global $apbct;
500
+
501
+ // Use static JS keys
502
+ if($apbct->settings['use_static_js_key'] == 1){
503
+
504
+ $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
505
+
506
+ // Auto detecting. Detected.
507
+ }elseif(
508
+ $apbct->settings['use_static_js_key'] == - 1 &&
509
+ ( apbct_is_cache_plugins_exists() ||
510
+ ( apbct_is_post() && $apbct->data['cache_detected'] == 1 )
511
+ )
512
+ ){
513
+ $key = hash('sha256', $apbct->api_key.ct_get_admin_email().$apbct->salt);
514
+ if( apbct_is_cache_plugins_exists() )
515
+ $apbct->data['cache_detected'] = 1;
516
+
517
+ // Using dynamic JS keys
518
+ }else{
519
+
520
+ $keys = $apbct->data['js_keys'];
521
+ $keys_checksum = md5(json_encode($keys));
522
+
523
+ $key = null;
524
+ $latest_key_time = 0;
525
+
526
+ foreach ($keys as $k => $t) {
527
+
528
+ // Removing key if it's to old
529
+ if (time() - $t > $apbct->data['js_keys_store_days'] * 86400 * 7) {
530
+ unset($keys[$k]);
531
+ continue;
532
+ }
533
+
534
+ if ($t > $latest_key_time) {
535
+ $latest_key_time = $t;
536
+ $key = $k;
537
+ }
538
+ }
539
+
540
+ // Set new key if the latest key is too old
541
+ if (time() - $latest_key_time > $apbct->data['js_key_lifetime']) {
542
+ $key = rand();
543
+ $keys[$key] = time();
544
+ }
545
+
546
+ // Save keys if they were changed
547
+ if (md5(json_encode($keys)) != $keys_checksum) {
548
+ $apbct->data['js_keys'] = $keys;
549
+ // $apbct->saveData();
550
+ }
551
+
552
+ $apbct->data['cache_detected'] = 0;
553
+ }
554
+
555
+ $apbct->saveData();
556
+
557
+ return $key;
558
+ }
559
+
560
+ function apbct_is_cache_plugins_exists(){
561
+ return
562
+ defined('WP_ROCKET_VERSION') || // WPRocket
563
+ defined('LSCWP_DIR') || // LiteSpeed Cache
564
+ defined('WPFC_WP_CONTENT_BASENAME') || // WP Fastest Cache
565
+ defined('W3TC') || // W3 Total Cache
566
+ defined('WPO_VERSION') || // WP-Optimize – Clean, Compress, Cache
567
+ defined('AUTOPTIMIZE_PLUGIN_VERSION') || // Autoptimize
568
+ defined('WPCACHEHOME') || // WP Super Cache
569
+ defined('WPHB_VERSION') || // Hummingbird – Speed up, Cache, Optimize Your CSS and JS
570
+ defined('CE_FILE') || // Cache Enabler – WordPress Cache
571
+ class_exists('\RedisObjectCache') || // Redis Object Cache
572
+ defined('SiteGround_Optimizer\VERSION') || // SG Optimizer
573
+ class_exists('\WP_Rest_Cache_Plugin\Includes\Plugin'); // WP REST Cache
574
+ }
575
+
576
+ /**
577
+ * Inner function - Current site admin e-mail
578
+ * @return string Admin e-mail
579
+ */
580
+ function ct_get_admin_email() {
581
+ global $admin_email;
582
+ if(!isset($admin_email))
583
+ {
584
+ $admin_email = get_option('admin_email');
585
+ }
586
+ return $admin_email;
587
+ }
588
+
589
+ /**
590
+ * Inner function - Current Cleantalk working server info
591
+ * @return mixed[] Array of server data
592
+ */
593
+ function ct_get_server($force=false) {
594
+ global $ct_server;
595
+ if(!$force && isset($ct_server) && isset($ct_server['ct_work_url']) && !empty($ct_server['ct_work_url'])){
596
+
597
+ return $ct_server;
598
+
599
+ }else{
600
+
601
+ $ct_server = get_option('cleantalk_server');
602
+ if (!is_array($ct_server)){
603
+ $ct_server = array(
604
+ 'ct_work_url' => NULL,
605
+ 'ct_server_ttl' => NULL,
606
+ 'ct_server_changed' => NULL
607
+ );
608
+ }
609
+ return $ct_server;
610
+ }
611
+ }
612
+
613
+ /**
614
+ * Inner function - Stores ang returns cleantalk hash of current comment
615
+ * @param string New hash or NULL
616
+ * @return string New hash or current hash depending on parameter
617
+ */
618
+ function ct_hash($new_hash = '') {
619
+ /**
620
+ * Current hash
621
+ */
622
+ static $hash;
623
+
624
+ if (!empty($new_hash)) {
625
+ $hash = $new_hash;
626
+ }
627
+ return $hash;
628
+ }
629
+
630
+ /**
631
+ * Inner function - Write manual moderation results to PHP sessions
632
+ * @param string $hash Cleantalk comment hash
633
+ * @param string $message comment_content
634
+ * @param int $allow flag good comment (1) or bad (0)
635
+ * @return string comment_content w\o cleantalk resume
636
+ */
637
+ function ct_feedback($hash, $allow) {
638
+ global $apbct;
639
+
640
+ $ct_feedback = $hash . ':' . $allow . ';';
641
+ if($apbct->data['feedback_request'])
642
+ $apbct->data['feedback_request'] = $ct_feedback;
643
+ else
644
+ $apbct->data['feedback_request'] .= $ct_feedback;
645
+
646
+ $apbct->saveData();
647
+ }
648
+
649
+ /**
650
+ * Inner function - Sends the results of moderation
651
+ * Scheduled in 3600 seconds!
652
+ * @param string $feedback_request
653
+ * @return bool
654
+ */
655
+ function ct_send_feedback($feedback_request = null) {
656
+
657
+ global $apbct;
658
+
659
+ if (empty($feedback_request) && isset($apbct->data['feedback_request']) && preg_match("/^[a-z0-9\;\:]+$/", $apbct->data['feedback_request'])){
660
+ $feedback_request = $apbct->data['feedback_request'];
661
+ $apbct->data['feedback_request'] = '';
662
+ $apbct->saveData();
663
+ }
664
+
665
+ if ($feedback_request !== null) {
666
+
667
+ $ct_request = new CleantalkRequest(array(
668
+ // General
669
+ 'auth_key' => $apbct->api_key,
670
+ // Additional
671
+ 'feedback' => $feedback_request,
672
+ ));
673
+
674
+ $ct = new Cleantalk();
675
+
676
+ // Server URL handling
677
+ $config = ct_get_server();
678
+ $ct->server_url = APBCT_MODERATE_URL;
679
+ $ct->work_url = preg_match('/http:\/\/.+/', $config['ct_work_url']) ? $config['ct_work_url'] : null;
680
+ $ct->server_ttl = $config['ct_server_ttl'];
681
+ $ct->server_changed = $config['ct_server_changed'];
682
+
683
+ $ct->sendFeedback($ct_request);
684
+
685
+ if ($ct->server_change) {
686
+ update_option(
687
+ 'cleantalk_server',
688
+ array(
689
+ 'ct_work_url' => $ct->work_url,
690
+ 'ct_server_ttl' => $ct->server_ttl,
691
+ 'ct_server_changed' => time(),
692
+ )
693
+ );
694
+ }
695
+
696
+ return true;
697
+ }
698
+
699
+ return false;
700
+ }
701
+
702
+ /**
703
+ * Delete old spam comments
704
+ * Scheduled in 3600 seconds!
705
+ * @return null
706
+ */
707
+ function ct_delete_spam_comments() {
708
+
709
+ global $apbct;
710
+
711
+ if ($apbct->settings['remove_old_spam'] == 1) {
712
+ $last_comments = get_comments(array('status' => 'spam', 'number' => 1000, 'order' => 'ASC'));
713
+ foreach ($last_comments as $c) {
714
+ $comment_date_gmt = strtotime($c->comment_date_gmt);
715
+ if ($comment_date_gmt && is_numeric($comment_date_gmt)) {
716
+ if (time() - $comment_date_gmt > 86400 * $apbct->data['spam_store_days']) {
717
+ // Force deletion old spam comments
718
+ wp_delete_comment($c->comment_ID, true);
719
+ }
720
+ }
721
+ }
722
+ }
723
+
724
+ return null;
725
+ }
726
+
727
+ /*
728
+ * Get data from an ARRAY recursively
729
+ * @return array
730
+ */
731
+ function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
732
+
733
+ //Skip request if fields exists
734
+ $skip_params = array(
735
+ 'ipn_track_id', // PayPal IPN #
736
+ 'txn_type', // PayPal transaction type
737
+ 'payment_status', // PayPal payment status
738
+ 'ccbill_ipn', // CCBill IPN
739
+ 'ct_checkjs', // skip ct_checkjs field
740
+ 'api_mode', // DigiStore-API
741
+ 'loadLastCommentId' // Plugin: WP Discuz. ticket_id=5571
742
+ );
743
+
744
+ // Fields to replace with ****
745
+ $obfuscate_params = array(
746
+ 'password',
747
+ 'pass',
748
+ 'pwd',
749
+ 'pswd'
750
+ );
751
+
752
+ // Skip feilds with these strings and known service fields
753
+ $skip_fields_with_strings = array(
754
+ // Common
755
+ 'ct_checkjs', //Do not send ct_checkjs
756
+ 'nonce', //nonce for strings such as 'rsvp_nonce_name'
757
+ 'security',
758
+ // 'action',
759
+ 'http_referer',
760
+ 'referer-page',
761
+ 'timestamp',
762
+ 'captcha',
763
+ // Formidable Form
764
+ 'form_key',
765
+ 'submit_entry',
766
+ // Custom Contact Forms
767
+ 'form_id',
768
+ 'ccf_form',
769
+ 'form_page',
770
+ // Qu Forms
771
+ 'iphorm_uid',
772
+ 'form_url',
773
+ 'post_id',
774
+ 'iphorm_ajax',
775
+ 'iphorm_id',
776
+ // Fast SecureContact Froms
777
+ 'fs_postonce_1',
778
+ 'fscf_submitted',
779
+ 'mailto_id',
780
+ 'si_contact_action',
781
+ // Ninja Forms
782
+ 'formData_id',
783
+ 'formData_settings',
784
+ 'formData_fields_\d+_id',
785
+ 'formData_fields_\d+_files.*',
786
+ // E_signature
787
+ 'recipient_signature',
788
+ 'output_\d+_\w{0,2}',
789
+ // Contact Form by Web-Settler protection
790
+ '_formId',
791
+ '_returnLink',
792
+ // Social login and more
793
+ '_save',
794
+ '_facebook',
795
+ '_social',
796
+ 'user_login-',
797
+ // Contact Form 7
798
+ '_wpcf7',
799
+ 'ebd_settings',
800
+ 'ebd_downloads_',
801
+ 'ecole_origine',
802
+ 'signature',
803
+ // Ultimate Form Builder
804
+ 'form_data_%d_name',
805
+ );
806
+
807
+ // Reset $message if we have a sign-up data
808
+ $skip_message_post = array(
809
+ 'edd_action', // Easy Digital Downloads
810
+ );
811
+
812
+ if( apbct_array( array( $_POST, $_GET ) )->get_keys( $skip_params )->result() )
813
+ $contact = false;
814
+
815
+ if(count($arr)){
816
+
817
+ foreach($arr as $key => $value){
818
+
819
+ if(gettype($value) == 'string'){
820
+
821
+ $tmp = strpos($value, '\\') !== false ? stripslashes($value) : $value;
822
+ $decoded_json_value = json_decode($tmp, true);
823
+
824
+ // Decoding JSON
825
+ if($decoded_json_value !== null){
826
+ $value = $decoded_json_value;
827
+
828
+ // Ajax Contact Forms. Get data from such strings:
829
+ // acfw30_name %% Blocked~acfw30_email %% s@cleantalk.org
830
+ // acfw30_textarea %% msg
831
+ }elseif(preg_match('/^\S+\s%%\s\S+.+$/', $value)){
832
+ $value = explode('~', $value);
833
+ foreach ($value as &$val){
834
+ $tmp = explode(' %% ', $val);
835
+ $val = array($tmp[0] => $tmp[1]);
836
+ }
837
+ }
838
+ }
839
+
840
+ if(!is_array($value) && !is_object($value)){
841
+
842
+ if (in_array($key, $skip_params, true) && $key != 0 && $key != '' || preg_match("/^ct_checkjs/", $key))
843
+ $contact = false;
844
+
845
+ if($value === '')
846
+ continue;
847
+
848
+ // Skipping fields names with strings from (array)skip_fields_with_strings
849
+ foreach($skip_fields_with_strings as $needle){
850
+ if (preg_match("/".$needle."/", $prev_name.$key) == 1){
851
+ continue(2);
852
+ }
853
+ }unset($needle);
854
+
855
+ // Obfuscating params
856
+ foreach($obfuscate_params as $needle){
857
+ if (strpos($key, $needle) !== false){
858
+ $value = ct_obfuscate_param($value);
859
+ continue(2);
860
+ }
861
+ }unset($needle);
862
+
863
+ $value_for_email = trim( strip_shortcodes( $value ) ); // Removes shortcodes to do better spam filtration on server side.
864
+
865
+ // Email
866
+ if ( ! $email && preg_match( "/^\S+@\S+\.\S+$/", $value_for_email ) ) {
867
+ $email = $value_for_email;
868
+
869
+ // Removes whitespaces
870
+ $value = urldecode( trim( strip_shortcodes( $value ) ) ); // Fully cleaned message
871
+
872
+ // Names
873
+ }elseif (preg_match("/name/i", $key)){
874
+
875
+ preg_match("/((name.?)?(your|first|for)(.?name)?)/", $key, $match_forename);
876
+ preg_match("/((name.?)?(last|family|second|sur)(.?name)?)/", $key, $match_surname);
877
+ preg_match("/(name.?)?(nick|user)(.?name)?/", $key, $match_nickname);
878
+
879
+ if(count($match_forename) > 1)
880
+ $nickname['first'] = $value;
881
+ elseif(count($match_surname) > 1)
882
+ $nickname['last'] = $value;
883
+ elseif(count($match_nickname) > 1)
884
+ $nickname['nick'] = $value;
885
+ else
886
+ $message[$prev_name.$key] = $value;
887
+
888
+ // Subject
889
+ }elseif ($subject === null && preg_match("/subject/i", $key)){
890
+ $subject = $value;
891
+
892
+ // Message
893
+ }else{
894
+ $message[$prev_name.$key] = $value;
895
+ }
896
+
897
+ }elseif(!is_object($value)){
898
+
899
+ $prev_name_original = $prev_name;
900
+ $prev_name = ($prev_name === '' ? $key.'_' : $prev_name.$key.'_');
901
+
902
+ $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
903
+
904
+ $message = $temp['message'];
905
+ $email = ($temp['email'] ? $temp['email'] : null);
906
+ $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
907
+ $subject = ($temp['subject'] ? $temp['subject'] : null);
908
+ if($contact === true)
909
+ $contact = ($temp['contact'] === false ? false : true);
910
+ $prev_name = $prev_name_original;
911
+ }
912
+ } unset($key, $value);
913
+ }
914
+
915
+ foreach ($skip_message_post as $v) {
916
+ if (isset($_POST[$v])) {
917
+ $message = null;
918
+ break;
919
+ }
920
+ } unset($v);
921
+
922
+ //If top iteration, returns compiled name field. Example: "Nickname Firtsname Lastname".
923
+ if($prev_name === ''){
924
+ if(!empty($nickname)){
925
+ $nickname_str = '';
926
+ foreach($nickname as $value){
927
+ $nickname_str .= ($value ? $value." " : "");
928
+ }unset($value);
929
+ }
930
+ $nickname = $nickname_str;
931
+ }
932
+
933
+ $return_param = array(
934
+ 'email' => $email,
935
+ 'nickname' => $nickname,
936
+ 'subject' => $subject,
937
+ 'contact' => $contact,
938
+ 'message' => $message
939
+ );
940
+ return $return_param;
941
+ }
942
+
943
+ /**
944
+ * Masks a value with asterisks (*)
945
+ * @return string
946
+ */
947
+ function ct_obfuscate_param($value = null) {
948
+ if ($value && (!is_object($value) || !is_array($value))) {
949
+ $length = strlen($value);
950
+ $value = str_repeat('*', $length);
951
+ }
952
+
953
+ return $value;
954
+ }
955
+
956
+ //New ct_get_fields_any_postdata
957
+ function ct_get_fields_any_postdata($arr, $message=array()){
958
+ $skip_params = array(
959
+ 'ipn_track_id', // PayPal IPN #
960
+ 'txn_type', // PayPal transaction type
961
+ 'payment_status', // PayPal payment status
962
+ );
963
+
964
+ foreach($arr as $key => $value){
965
+ if(!is_array($value)){
966
+ if($value == '')
967
+ continue;
968
+ if (!(in_array($key, $skip_params) || preg_match("/^ct_checkjs/", $key)) && $value!='')
969
+ $message[$key] = $value;
970
+ }else{
971
+ $temp = ct_get_fields_any_postdata($value);
972
+ $message = (count($temp) == 0 ? $message : array_merge($message, $temp));
973
+ }
974
+ }
975
+ return $message;
976
+ }
977
+
978
+ /**
979
+ * Checks if given string is valid regular expression
980
+ *
981
+ * @param string $regexp
982
+ *
983
+ * @return bool
984
+ */
985
+ function apbct_is_regexp($regexp){
986
+ return @preg_match('/' . $regexp . '/', null) !== false;
987
+ }
988
+
989
+ function cleantalk_debug($key,$value)
990
+ {
991
+ if(isset($_COOKIE) && isset($_COOKIE['cleantalk_debug']))
992
+ {
993
+ @header($key.": ".$value);
994
+ }
995
+ }
996
+
997
+ /**
998
+ * Function changes CleanTalk result object if an error occurred.
999
+ * @return object
1000
+ */
1001
+ function ct_change_plugin_resonse($ct_result = null, $checkjs = null) {
1002
+
1003
+ global $apbct;
1004
+
1005
+ if (!$ct_result) {
1006
+ return $ct_result;
1007
+ }
1008
+
1009
+ if(@intval($ct_result->errno) != 0)
1010
+ {
1011
+ if($checkjs === null || $checkjs != 1)
1012
+ {
1013
+ $ct_result->allow = 0;
1014
+ $ct_result->spam = 1;
1015
+ $ct_result->comment = sprintf('We\'ve got an issue: %s. Forbidden. Please, enable Javascript. %s.',
1016
+ $ct_result->comment,
1017
+ $apbct->plugin_name
1018
+ );
1019
+ }
1020
+ else
1021
+ {
1022
+ $ct_result->allow = 1;
1023
+ $ct_result->comment = 'Allow';
1024
+ }
1025
+ }
1026
+
1027
+ return $ct_result;
1028
+ }
1029
+
1030
+ /**
1031
+ * Does ey has correct symbols? Checks against regexp ^[a-z\d]{3,15}$
1032
+ * @param api_key
1033
+ * @return bool
1034
+ */
1035
+ function apbct_api_key__is_correct($api_key = null)
1036
+ {
1037
+ global $apbct;
1038
+ $api_key = $api_key !== null ? $api_key : $apbct->api_key;
1039
+ return $api_key && preg_match('/^[a-z\d]{3,15}$/', $api_key) ? true : false;
1040
+ }
1041
+
1042
+ function apbct_add_async_attribute($tag, $handle, $src) {
1043
+
1044
+ global $apbct;
1045
+
1046
+ if(
1047
+ $handle === 'ct_public' ||
1048
+ $handle === 'ct_public_gdpr' ||
1049
+ $handle === 'ct_debug_js' ||
1050
+ $handle === 'ct_public_admin_js' ||
1051
+ $handle === 'ct_internal' ||
1052
+ $handle === 'ct_external' ||
1053
+ $handle === 'ct_nocache'
1054
+ ){
1055
+ if( $apbct->settings['async_js'] )
1056
+ $tag = str_replace( ' src', ' async="async" src', $tag );
1057
+
1058
+ if( class_exists('Cookiebot_WP') )
1059
+ $tag = str_replace( ' src', ' data-cookieconsent="ignore" src', $tag );
1060
+ }
1061
+
1062
+ return $tag;
1063
  }
inc/cleantalk-public.php CHANGED
@@ -1,3947 +1,3950 @@
1
- <?php
2
-
3
- /**
4
- * Init functions
5
- * @return mixed[] Array of options
6
- */
7
- function apbct_init() {
8
-
9
- global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $apbct, $test_external_forms, $cleantalk_executed, $wpdb;
10
-
11
- //Check internal forms with such "action" http://wordpress.loc/contact-us/some_script.php
12
- if((isset($_POST['action']) && $_POST['action'] == 'ct_check_internal') &&
13
- $apbct->settings['check_internal']
14
- ){
15
- $ct_result = ct_contact_form_validate();
16
- if($ct_result == null){
17
- echo 'true';
18
- die();
19
- }else{
20
- echo $ct_result;
21
- die();
22
- }
23
- }
24
-
25
- //fix for EPM registration form
26
- if(isset($_POST) && isset($_POST['reg_email']) && shortcode_exists( 'epm_registration_form' ))
27
- {
28
- unset($_POST['ct_checkjs_register_form']);
29
- }
30
-
31
- if(isset($_POST['_wpnonce-et-pb-contact-form-submitted']))
32
- {
33
- add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
34
- }
35
-
36
- if($apbct->settings['check_external']){
37
-
38
- // Fixing form and directs it this site
39
- if($apbct->settings['check_external__capture_buffer'] && !is_admin() && !apbct_is_ajax() && !apbct_is_post() && apbct_is_user_enable() && !(defined('DOING_CRON') && DOING_CRON) && !(defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)){
40
-
41
- if (defined('CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL') && is_string(CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL)) {
42
- $catch_buffer = false;
43
- $urls = explode(',', CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL);
44
- foreach ($urls as $url) {
45
- if (apbct_is_in_uri($url))
46
- $catch_buffer = true;
47
- }
48
- }else{
49
- $catch_buffer = true;
50
- }
51
-
52
- if( $catch_buffer ){
53
- add_action('wp', 'apbct_buffer__start');
54
- add_action('shutdown', 'apbct_buffer__end', 0);
55
- add_action('shutdown', 'apbct_buffer__output', 2);
56
- }
57
- }
58
-
59
- // Check and redirecct
60
- if( apbct_is_post()
61
- && isset($_POST['cleantalk_hidden_method'])
62
- && isset($_POST['cleantalk_hidden_action'])
63
- ){
64
- $action = htmlspecialchars($_POST['cleantalk_hidden_action']);
65
- $method = htmlspecialchars($_POST['cleantalk_hidden_method']);
66
- unset($_POST['cleantalk_hidden_action']);
67
- unset($_POST['cleantalk_hidden_method']);
68
- ct_contact_form_validate();
69
- if(!apbct_is_ajax()){
70
- print "<html><body><form method='$method' action='$action'>";
71
- ct_print_form($_POST, '');
72
- print "</form></body></html>";
73
- print "<script " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
74
- if(document.forms[0].submit !== 'undefined'){
75
- var objects = document.getElementsByName('submit');
76
- if(objects.length > 0)
77
- document.forms[0].removeChild(objects[0]);
78
- }
79
- document.forms[0].submit();
80
- </script>";
81
- die();
82
- }
83
- }
84
- }
85
-
86
- if(isset($_POST['quform_ajax'], $_POST['quform_csrf_token'], $_POST['quform_form_id'])){
87
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
88
- ct_ajax_hook();
89
- }
90
-
91
- /**hooks for cm answers pro */
92
- if(defined('CMA_PLUGIN_FILE')){
93
- add_action( 'wp', 'ct_ajax_hook',1 );
94
- }
95
-
96
- //hook for Anonymous Post
97
- if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
98
- add_action('wp', 'ct_contact_form_validate_postdata',1);
99
-
100
- if($apbct->settings['general_contact_forms_test'] == 1 && empty($_POST['ct_checkjs_cf7'])){
101
- add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
102
- //add_action('init','ct_contact_form_validate',1);
103
- ct_contact_form_validate();
104
- if(isset($_POST['reg_redirect_link'])&&isset($_POST['tmpl_registration_nonce_field']))
105
- {
106
- unset($_POST['ct_checkjs_register_form']);
107
- ct_contact_form_validate();
108
- }
109
- /*if(isset($_GET['ait-action'])&&$_GET['ait-action']=='register')
110
- {
111
- $tmp=$_POST['redirect_to'];
112
- unset($_POST['redirect_to']);
113
- ct_contact_form_validate();
114
- $_POST['redirect_to']=$tmp;
115
- }*/
116
- }
117
-
118
- if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
119
- add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
120
-
121
- //add_action('wp_footer','ct_ajaxurl');
122
-
123
- // Fast Secure contact form
124
- if(defined('FSCF_VERSION')){
125
- add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
126
- add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
127
- }
128
-
129
- // WooCommerce registration
130
- if(class_exists('WooCommerce')){
131
- add_filter( 'woocommerce_registration_errors', 'ct_registration_errors', 1, 3 );
132
- if ($apbct->settings['wc_checkout_test'] == 1) {
133
- add_filter('woocommerce_checkout_process', 'ct_woocommerce_checkout_check', 1, 3);
134
- }
135
- if( isset($_REQUEST['wc-ajax']) && $_REQUEST['wc-ajax'] == 'checkout' && empty( $apbct->settings['wc_register_from_order'] ) ){
136
- remove_filter( 'woocommerce_registration_errors', 'ct_registration_errors', 1 );
137
- }
138
- }
139
-
140
- // WooCommerce whishlist
141
- if(class_exists('WC_Wishlists_Wishlist'))
142
- add_filter('wc_wishlists_create_list_args', 'ct_woocommerce_wishlist_check', 1, 1);
143
-
144
-
145
- // JetPack Contact form
146
- $jetpack_active_modules = false;
147
- if(defined('JETPACK__VERSION'))
148
- {
149
- if(isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form' ){
150
- if(JETPACK__VERSION=='3.4-beta')
151
- {
152
- add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
153
- }
154
- else if(JETPACK__VERSION=='3.4-beta2'||JETPACK__VERSION>='3.4')
155
- {
156
- add_filter('jetpack_contact_form_is_spam', 'ct_contact_form_is_spam_jetpack',50,2);
157
- }
158
- else
159
- {
160
- add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
161
- }
162
- $jetpack_active_modules = get_option('jetpack_active_modules');
163
- if ((class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)))
164
- {
165
- $ct_jp_comments = true;
166
- }
167
- }else
168
- add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
169
- }
170
-
171
- // WP Maintenance Mode (wpmm)
172
- add_action('wpmm_head', 'apbct_form__wpmm__addField', 1);
173
-
174
- // Contact Form7
175
- if(defined('WPCF7_VERSION')){
176
- add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
177
- add_filter('wpcf7_validate', 'apbct_form__contactForm7__tesSpam__before_validate', 999, 2);
178
- add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
179
- }
180
-
181
- // Formidable
182
- add_filter( 'frm_entries_before_create', 'apbct_rorm__formidable__testSpam', 10, 2 );
183
- add_action( 'frm_entries_footer_scripts', 'apbct_rorm__formidable__footerScripts', 20, 2 );
184
-
185
- // BuddyPress
186
- if(class_exists('BuddyPress')){
187
- add_action('bp_before_registration_submit_buttons','ct_register_form',1);
188
- add_action('messages_message_before_save', 'apbct_integration__buddyPres__private_msg_check', 1);
189
- add_filter('bp_signup_validate', 'ct_registration_errors',1);
190
- add_filter('bp_signup_validate', 'ct_check_registration_erros', 999999);
191
- }
192
-
193
- if(defined('PROFILEPRESS_SYSTEM_FILE_PATH')){
194
- add_filter('pp_registration_validation', 'ct_registration_errors_ppress', 11, 2);
195
- }
196
-
197
-
198
- // bbPress
199
- if(class_exists('bbPress')){
200
- add_filter('bbp_new_topic_pre_title', 'ct_bbp_get_topic', 1);
201
- add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
202
- add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
203
- add_action('bbp_theme_before_topic_form_content', 'ct_comment_form');
204
- add_action('bbp_theme_before_reply_form_content', 'ct_comment_form');
205
- }
206
-
207
- //Custom Contact Forms
208
- if(defined('CCF_VERSION'))
209
- add_filter('ccf_field_validator', 'ct_ccf', 1, 4);
210
-
211
- add_action('comment_form', 'ct_comment_form');
212
-
213
- // intercept WordPress Landing Pages POST
214
- if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
215
- if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)
216
- ct_check_wplp();
217
- }else if(array_key_exists('inbound_submitted', $_POST) && $_POST['inbound_submitted'] == '1'){ // Final submit
218
- ct_check_wplp();
219
- }
220
- }
221
-
222
- // S2member. intercept POST
223
- if (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION')){
224
- $post_keys = array_keys($_POST);
225
- foreach($post_keys as $post_key){
226
-
227
- // Detect POST keys like /s2member_pro.*registration/
228
- if(strpos($post_key, 's2member') !== false && strpos($post_key, 'registration') !== false){
229
- ct_s2member_registration_test($post_key);
230
- break;
231
- }
232
- }
233
- }
234
-
235
- // New user approve hack
236
- // https://wordpress.org/plugins/new-user-approve/
237
- if (ct_plugin_active('new-user-approve/new-user-approve.php')) {
238
- add_action('register_post', 'ct_register_post', 1, 3);
239
- }
240
-
241
- // Wilcity theme registration validation fix
242
- add_filter( 'wilcity/filter/wiloke-listing-tools/validate-before-insert-account', 'apbct_wilcity_reg_validation', 10, 2 );
243
-
244
-
245
- // Gravity forms
246
- if (defined('GF_MIN_WP_VERSION')) {
247
- add_filter('gform_get_form_filter', 'apbct_form__gravityForms__addField', 10, 2);
248
- add_filter('gform_entry_is_spam', 'apbct_form__gravityForms__testSpam', 999, 3);
249
- add_filter('gform_confirmation', 'apbct_form__gravityForms__showResponse', 999, 4 );
250
- }
251
-
252
- //Pirate forms
253
- if(defined('PIRATE_FORMS_VERSION')){
254
- if(isset($_POST['pirate-forms-contact-name']) && $_POST['pirate-forms-contact-name'] && isset($_POST['pirate-forms-contact-email']) && $_POST['pirate-forms-contact-email'])
255
- apbct_form__piratesForm__testSpam();
256
- }
257
-
258
- // WPForms
259
- // Adding fields
260
- add_action('wpforms_frontend_output', 'apbct_form__WPForms__addField', 1000, 5);
261
- // Gathering data to validate
262
- add_filter('wpforms_process_before_filter', 'apbct_from__WPForms__gatherData', 100, 2);
263
- // Do spam check
264
- add_filter('wpforms_process_initial_errors', 'apbct_form__WPForms__showResponse', 100, 2);
265
-
266
- // QForms integration
267
- add_filter( 'quform_post_validate', 'ct_quform_post_validate', 10, 2 );
268
-
269
- // Ultimate Members
270
- if (class_exists('UM')) {
271
- add_action('um_main_register_fields','ct_register_form',100); // Add hidden fileds
272
- add_action( 'um_submit_form_register', 'apbct_registration__UltimateMembers__check', 9, 1 ); // Check submition
273
- }
274
-
275
- // Paid Memberships Pro integration
276
- add_filter( 'pmpro_required_user_fields', function( $pmpro_required_user_fields ){
277
-
278
- if(
279
- ! empty( $pmpro_required_user_fields['username'] ) &&
280
- ! empty( $pmpro_required_user_fields['bemail'] ) &&
281
- ! empty( $pmpro_required_user_fields['bconfirmemail'] ) &&
282
- $pmpro_required_user_fields['bemail'] == $pmpro_required_user_fields['bconfirmemail']
283
- ) {
284
- $check = ct_test_registration( $pmpro_required_user_fields['username'], $pmpro_required_user_fields['bemail'], apbct_get_server_variable( 'REMOTE_ADDR' ) );
285
- if( $check['allow'] == 0 ) {
286
- pmpro_setMessage( $check['comment'], 'pmpro_error' );
287
- }
288
- }
289
-
290
- return $pmpro_required_user_fields;
291
-
292
- } );
293
-
294
- //
295
- // Load JS code to website footer
296
- //
297
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
298
- add_action('wp_head', 'apbct_hook__wp_head__set_cookie__ct_checkjs', 1);
299
- add_action('wp_footer', 'apbct_hook__wp_footer', 1);
300
- }
301
-
302
- if ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) {
303
- ct_contact_form_validate();
304
- }
305
-
306
- if (apbct_is_user_enable()) {
307
-
308
- if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
309
- add_action( 'init', 'ct_contact_form_validate', 999 );
310
- }
311
- if( apbct_is_post() &&
312
- $apbct->settings['general_postdata_test'] == 1 &&
313
- !isset($_POST['ct_checkjs_cf7']) &&
314
- !is_admin() &&
315
- !apbct_is_user_role_in(array('administrator', 'moderator'))
316
- ){
317
- ct_contact_form_validate_postdata();
318
- }
319
- }
320
- }
321
-
322
- function apbct_buffer__start(){
323
- ob_start();
324
- }
325
-
326
- function apbct_buffer__end(){
327
-
328
- if(!ob_get_level())
329
- return;
330
-
331
- global $apbct;
332
- $apbct->buffer = ob_get_contents();
333
- ob_end_clean();
334
- }
335
-
336
- /**
337
- * Outputs changed buffer
338
- *
339
- * @global $apbct
340
- */
341
- function apbct_buffer__output(){
342
-
343
- global $apbct, $wp;
344
-
345
- if(empty($apbct->buffer))
346
- return;
347
-
348
- $site_url = get_option('siteurl');
349
- $site__host = parse_url($site_url, PHP_URL_HOST);
350
-
351
- $dom = new DOMDocument();
352
- @$dom->loadHTML($apbct->buffer);
353
-
354
- $forms = $dom->getElementsByTagName('form');
355
-
356
- foreach($forms as $form){
357
-
358
- $action = $form->getAttribute('action');
359
- $action = $action ? $action : $site_url;
360
- $action__host = parse_url($action, PHP_URL_HOST);
361
-
362
- // Check if the form directed to the third party site
363
- if($site__host != $action__host){
364
-
365
- $method = $form->getAttribute('method');
366
- $method = $method ? $method : 'get';
367
- // Directs form to our site
368
- $form->setAttribute('method', 'POST');
369
- $form->setAttribute('action', home_url(add_query_arg(array(), $wp->request)));
370
-
371
- // Add cleantalk_hidden_action
372
- $new_input = $dom->createElement('input');
373
- $new_input->setAttribute('type', 'hidden');
374
- $new_input->setAttribute('name', 'cleantalk_hidden_action');
375
- $new_input->setAttribute('value', $action);
376
- $form->appendChild($new_input);
377
-
378
- // Add cleantalk_hidden_method
379
- $new_input = $dom->createElement('input');
380
- $new_input->setAttribute('type', 'hidden');
381
- $new_input->setAttribute('name', 'cleantalk_hidden_method');
382
- $new_input->setAttribute('value', $method);
383
- $form->appendChild($new_input);
384
-
385
- }
386
-
387
- } unset($form);
388
-
389
- $html = $dom->getElementsByTagName('html');
390
-
391
- $output = gettype($html) == 'object' && isset($html[0], $html[0]->childNodes, $html[0]->childNodes[0])
392
- ? $dom->saveHTML()
393
- : $apbct->buffer;
394
-
395
- echo $output;
396
- die();
397
- }
398
-
399
- // MailChimp Premium for Wordpress
400
- function ct_add_mc4wp_error_message($messages){
401
-
402
- $messages['ct_mc4wp_response'] = array(
403
- 'type' => 'error',
404
- 'text' => 'Your message looks like spam.'
405
- );
406
- return $messages;
407
- }
408
- add_filter( 'mc4wp_form_messages', 'ct_add_mc4wp_error_message' );
409
-
410
- /*
411
- * Function to set validate fucntion for CCF form
412
- * Input - Сonsistently each form field
413
- * Returns - String. Validate function
414
- */
415
- function ct_ccf($callback, $value, $field_id, $type){
416
- /*
417
- if($type == 'name')
418
- $ct_global_temporary_data['name'] = $value;
419
- elseif($type == 'email')
420
- $ct_global_temporary_data['email'] = $value;
421
- else
422
- $ct_global_temporary_data[] = $value;
423
- //*/
424
- return 'ct_validate_ccf_submission';
425
- }
426
- /*
427
- * Validate function for CCF form. Gatheering data. Multiple calls.
428
- * Input - void. Global $ct_global_temporary_data
429
- * Returns - String. CleanTalk comment.
430
- */
431
- $ct_global_temporary_data = array();
432
- function ct_validate_ccf_submission($value, $field_id, $required){
433
- global $ct_global_temporary_data, $apbct;
434
-
435
-
436
-
437
- //If the check for contact forms enabled
438
- if(!$apbct->settings['contact_forms_test']) {
439
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
440
- return true;
441
- }
442
-
443
- //If the check for logged in users enabled
444
- if($apbct->settings['protect_logged_in'] == 1 && is_user_logged_in()) {
445
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
446
- return true;
447
- }
448
-
449
-
450
- //Accumulate data
451
- $ct_global_temporary_data[] = $value;
452
-
453
- //If it's the last field of the form
454
- (!isset($ct_global_temporary_data['count']) ? $ct_global_temporary_data['count'] = 1 : $ct_global_temporary_data['count']++);
455
- $form_id = $_POST['form_id'];
456
- if($ct_global_temporary_data['count'] != count(get_post_meta( $form_id, 'ccf_attached_fields', true ))) {
457
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
458
- return true;
459
- }
460
-
461
- unset($ct_global_temporary_data['count']);
462
-
463
- //Getting request params
464
- $ct_temp_msg_data = ct_get_fields_any($_POST);
465
-
466
- unset($ct_global_temporary_data);
467
-
468
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
469
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
470
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
471
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
472
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
473
-
474
- if ($subject != '')
475
- $message['subject'] = $subject;
476
-
477
- $post_info['comment_type'] = 'feedback_custom_contact_forms';
478
- $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
479
-
480
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
481
- ? apbct_js_test('ct_checkjs', $_COOKIE)
482
- : apbct_js_test('ct_checkjs', $_POST);
483
-
484
- //Making a call
485
- $base_call_result = apbct_base_call(
486
- array(
487
- 'message' => $message,
488
- 'sender_email' => $sender_email,
489
- 'sender_nickname' => $sender_nickname,
490
- 'post_info' => $post_info,
491
- 'js_on' => $checkjs,
492
- 'sender_info' => array('sender_url' => null),
493
- )
494
- );
495
-
496
- $ct_result = $base_call_result['ct_result'];
497
-
498
- return $ct_result->allow == 0 ? $ct_result->comment : true;;
499
- }
500
-
501
- function ct_woocommerce_wishlist_check($args){
502
- global $apbct;
503
-
504
-
505
-
506
- //Protect logged in users
507
- if($args['wishlist_status'])
508
- if($apbct->settings['protect_logged_in'] == 0) {
509
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
510
- return $args;
511
- }
512
-
513
-
514
- //If the IP is a Google bot
515
- $hostname = gethostbyaddr( apbct_get_server_variable( 'REMOTE_ADDR' ) );
516
- if(!strpos($hostname, 'googlebot.com')) {
517
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
518
- return $args;
519
- }
520
-
521
-
522
- //Getting request params
523
- $message = '';
524
- $subject = '';
525
- $email = $args['wishlist_owner_email'];
526
- if($args['wishlist_first_name']!='' || $args['wishlist_last_name']!='')
527
- $nickname = trim($args['wishlist_first_name']." ".$args['wishlist_last_name']);
528
- else
529
- $nickname = '';
530
-
531
- $post_info['comment_type'] = 'feedback';
532
- $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
533
-
534
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
535
- ? apbct_js_test('ct_checkjs', $_COOKIE)
536
- : apbct_js_test('ct_checkjs', $_POST);
537
-
538
- //Making a call
539
- $base_call_result = apbct_base_call(
540
- array(
541
- 'message' => $subject." ".$message,
542
- 'sender_email' => $email,
543
- 'sender_nickname' => $nickname,
544
- 'post_info' => $post_info,
545
- 'js_on' => $checkjs,
546
- 'sender_info' => array('sender_url' => null),
547
- )
548
- );
549
-
550
- $ct_result = $base_call_result['ct_result'];
551
-
552
- if ($ct_result->allow == 0)
553
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
554
- else
555
- return $args;
556
- }
557
-
558
- function apbct_integration__buddyPres__getTemplateName( $located, $template_name, $template_names, $template_locations, $load, $require_once ) {
559
- global $apbct;
560
- preg_match("/\/([a-z-_]+)\/buddypress-functions\.php$/", $located, $matches);
561
- $apbct->buddy_press_tmpl = isset($matches[1]) ? $matches[1] : 'unknown';
562
- }
563
-
564
- /**
565
- * Test BuddyPress activity for spam (post update only)
566
- *
567
- * @global SpbcState $apbct
568
- * @param bool $is_spam
569
- * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
570
- * @return boolean Spam flag
571
- */
572
- function apbct_integration__buddyPres__activityWall( $is_spam, $activity_obj = null ){
573
-
574
- global $apbct;
575
-
576
- $allowed_post_actions = array('post_update', 'new_activity_comment');
577
-
578
- if( ! in_array(\Cleantalk\Variables\Post::get('action'), $allowed_post_actions) ||
579
- $activity_obj === null ||
580
- ! \Cleantalk\Variables\Post::get('action') ||
581
- $activity_obj->privacy == 'media' ||
582
- apbct_exclusions_check()
583
- ) {
584
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
585
- return false;
586
- }
587
-
588
- $curr_user = get_user_by('id', $activity_obj->user_id);
589
-
590
- //Making a call
591
- $base_call_result = apbct_base_call(
592
- array(
593
- 'message' => is_string($activity_obj->content) ? $activity_obj->content : '',
594
- 'sender_email' => $curr_user->data->user_email,
595
- 'sender_nickname' => $curr_user->data->user_login,
596
- 'post_info' => array(
597
- 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ),
598
- 'comment_type' => 'buddypress_activitywall',
599
- ),
600
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
601
- 'sender_info' => array('sender_url' => null),
602
- )
603
- );
604
-
605
- $ct_result = $base_call_result['ct_result'];
606
-
607
- if ($ct_result->allow == 0){
608
- add_action('bp_activity_after_save', 'apbct_integration__buddyPres__activityWall_showResponse', 1, 1);
609
- $apbct->spam_notification = $ct_result->comment;
610
- return true;
611
- }else
612
- return $is_spam;
613
- }
614
-
615
- /**
616
- * Outputs message to AJAX frontend handler
617
- *
618
- * @global SpbcState $apbct
619
- * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
620
- */
621
- function apbct_integration__buddyPres__activityWall_showResponse( $activity_obj ){
622
-
623
- global $apbct;
624
-
625
- // Legacy template
626
- if($apbct->buddy_press_tmpl === 'bp-legacy'){
627
- die('<div id="message" class="error bp-ajax-message"><p>'. $apbct->spam_notification .'</p></div>');
628
- // Nouveau tamplate and others
629
- }else{
630
- @header( 'Content-Type: application/json; charset=' . get_option('blog_charset'));
631
- die(json_encode(array(
632
- 'success' => false,
633
- 'data' => array('message' => $apbct->spam_notification),
634
- )));
635
- }
636
- }
637
-
638
- /**
639
- * Public function - Tests new private messages (dialogs)
640
- *
641
- * @global SpbcState $apbct
642
- * @param type $bp_message_obj
643
- * @return void|array with errors if spam has found
644
- */
645
- function apbct_integration__buddyPres__private_msg_check( $bp_message_obj){
646
-
647
- global $apbct;
648
-
649
- //Check for enabled option
650
- if(
651
- $apbct->settings['bp_private_messages'] == 0 ||
652
- apbct_exclusions_check()
653
- ) {
654
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
655
- return;
656
- }
657
-
658
-
659
- //Check for quantity of comments
660
- $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER')
661
- ? CLEANTALK_CHECK_COMMENTS_NUMBER
662
- : 3;
663
-
664
- if($apbct->settings['check_comments_number']){
665
- $args = array(
666
- 'user_id' => $bp_message_obj->sender_id,
667
- 'box' => 'sentbox',
668
- 'type' => 'all',
669
- 'limit' => $comments_check_number,
670
- 'page' => null,
671
- 'search_terms' => '',
672
- 'meta_query' => array()
673
- );
674
- $sentbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
675
- $cnt_sentbox_msgs = $sentbox_msgs['total'];
676
- $args['box'] = 'inbox';
677
- $inbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
678
- $cnt_inbox_msgs = $inbox_msgs['total'];
679
-
680
- if(($cnt_inbox_msgs + $cnt_sentbox_msgs) >= $comments_check_number)
681
- $is_max_comments = true;
682
- }
683
-
684
- if(!empty($is_max_comments)) {
685
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
686
- return;
687
- }
688
-
689
-
690
- $sender_user_obj = get_user_by('id', $bp_message_obj->sender_id);
691
-
692
- //Making a call
693
- $base_call_result = apbct_base_call(
694
- array(
695
- 'message' => $bp_message_obj->subject." ".$bp_message_obj->message,
696
- 'sender_email' => $sender_user_obj->data->user_email,
697
- 'sender_nickname' => $sender_user_obj->data->user_login,
698
- 'post_info' => array(
699
- 'comment_type' => 'buddypress_comment',
700
- 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ),
701
- ),
702
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE)
703
- ? apbct_js_test('ct_checkjs', $_COOKIE)
704
- : apbct_js_test('ct_checkjs', $_POST),
705
- 'sender_info' => array('sender_url' => null),
706
- )
707
- );
708
-
709
- $ct_result = $base_call_result['ct_result'];
710
-
711
- if ($ct_result->allow == 0)
712
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
713
- }
714
-
715
- /**
716
- * Adds hiden filed to deafualt serach form
717
- *
718
- * @param $form string
719
- * @return string
720
- */
721
- function apbct_forms__search__addField( $form ){
722
- global $apbct;
723
- if($apbct->settings['search_test'] == 1){
724
- $js_filed = ct_add_hidden_fields('ct_checkjs_search_default', true, false, false, false);
725
- $form = str_replace('</form>', $js_filed, $form);
726
- }
727
- return $form;
728
- }
729
-
730
- /**
731
- * Test default search string for spam
732
- *
733
- * @param $search string
734
- * @return string
735
- */
736
- function apbct_forms__search__testSpam( $search ){
737
-
738
- global $apbct, $cleantalk_executed;
739
-
740
- if(
741
- empty($search) ||
742
- $cleantalk_executed ||
743
- $apbct->settings['search_test'] == 0 ||
744
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
745
- ){
746
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
747
- return $search;
748
- }
749
-
750
- if(apbct_is_user_logged_in())
751
- $user = wp_get_current_user();
752
-
753
- $base_call_result = apbct_base_call(
754
- array(
755
- 'message' => $search,
756
- 'sender_email' => !empty($user) ? $user->user_email : null,
757
- 'sender_nickname' => !empty($user) ? $user->user_login : null,
758
- 'post_info' => array('comment_type' => 'site_search_wordpress'),
759
- //'js_on' => apbct_js_test('ct_checkjs_search_default', $_GET, true),
760
- )
761
- );
762
- $ct_result = $base_call_result['ct_result'];
763
-
764
- $cleantalk_executed = true;
765
-
766
- if ($ct_result->allow == 0){
767
- die($ct_result->comment);
768
- }
769
-
770
- return $search;
771
- }
772
-
773
- function apbct_search_add_noindex() {
774
-
775
- global $apbct;
776
-
777
- if(
778
- ! is_search() || // If it is search results
779
- $apbct->settings['search_test'] == 0 ||
780
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
781
- ){
782
- return ;
783
- }
784
-
785
- echo '<!-- meta by Cleantalk AntiSpam Protection plugin -->' . "\n";
786
- echo '<meta name="robots" content="noindex,nofollow" />' . "\n";
787
-
788
- }
789
-
790
- /**
791
- * Test woocommerce checkout form for spam
792
- *
793
- */
794
- function ct_woocommerce_checkout_check() {
795
-
796
- //Getting request params
797
- $ct_temp_msg_data = ct_get_fields_any($_POST);
798
-
799
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
800
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
801
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
802
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
803
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
804
-
805
- if($subject != '')
806
- $message = array_merge(array('subject' => $subject), $message);
807
-
808
- $post_info['comment_type'] = 'order';
809
- $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
810
-
811
- //Making a call
812
- $base_call_result = apbct_base_call(
813
- array(
814
- 'message' => $message,
815
- 'sender_email' => $sender_email,
816
- 'sender_nickname' => $sender_nickname,
817
- 'post_info' => $post_info,
818
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
819
- 'sender_info' => array('sender_url' => null),
820
- )
821
- );
822
-
823
- $ct_result = $base_call_result['ct_result'];
824
-
825
- if ($ct_result->allow == 0) {
826
- wp_send_json(array(
827
- 'result' => 'failure',
828
- 'messages' => "<ul class=\"woocommerce-error\"><li>".$ct_result->comment."</li></ul>",
829
- 'refresh' => 'false',
830
- 'reload' => 'false'
831
- ));
832
- }
833
- }
834
-
835
- /**
836
- * Public function - Tests for Pirate contact froms
837
- * return NULL
838
- */
839
- function apbct_form__piratesForm__testSpam(){
840
-
841
- global $apbct;
842
-
843
- //Check for enabled option
844
- if( !$apbct->settings['contact_forms_test']) {
845
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
846
- return;
847
- }
848
-
849
-
850
- //Getting request params
851
- $ct_temp_msg_data = ct_get_fields_any($_POST);
852
-
853
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
854
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
855
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
856
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
857
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
858
-
859
- if($subject != '')
860
- $message = array_merge(array('subject' => $subject), $message);
861
-
862
- $post_info['comment_type'] = 'contact_form_wordpress_feedback_pirate';
863
- $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
864
-
865
- //Making a call
866
- $base_call_result = apbct_base_call(
867
- array(
868
- 'message' => $message,
869
- 'sender_email' => $sender_email,
870
- 'sender_nickname' => $sender_nickname,
871
- 'post_info' => $post_info,
872
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
873
- 'sender_info' => array('sender_url' => null),
874
- )
875
- );
876
-
877
- $ct_result = $base_call_result['ct_result'];
878
-
879
- if ($ct_result->allow == 0)
880
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
881
- }
882
-
883
- /**
884
- * Adds hidden filed to comment form
885
- */
886
- function ct_comment_form($post_id){
887
-
888
- global $apbct;
889
-
890
- if (apbct_is_user_enable() === false) {
891
- return false;
892
- }
893
-
894
- if ( !$apbct->settings['comments_test']) {
895
- return false;
896
- }
897
-
898
- ct_add_hidden_fields('ct_checkjs', false, false);
899
-
900
- return null;
901
- }
902
-
903
- /**
904
- * Adds cookie script filed to head
905
- */
906
- function apbct_hook__wp_head__set_cookie__ct_checkjs() {
907
-
908
- ct_add_hidden_fields('ct_checkjs', false, true, true);
909
-
910
- return null;
911
- }
912
-
913
- /**
914
- * Adds cookie script filed to footer
915
- */
916
- function apbct_hook__wp_footer() {
917
-
918
- //ct_add_hidden_fields(true, 'ct_checkjs', false, true, true);
919
-
920
- return null;
921
- }
922
-
923
- /**
924
- * Adds hidden filed to define avaialbility of client's JavaScript
925
- * @param bool $random_key switch on generation random key for every page load
926
- */
927
- function ct_add_hidden_fields($field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false, $ajax = true) {
928
-
929
- global $ct_checkjs_def, $apbct;
930
-
931
- $ct_checkjs_key = ct_get_checkjs_value();
932
- $field_id_hash = md5(rand(0, 1000));
933
-
934
- // Using only cookies
935
- if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
936
-
937
- $html = "<script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
938
- function ctSetCookie___from_backend(c_name, value) {
939
- document.cookie = c_name + \"=\" + encodeURIComponent(value) + \"; path=/; samesite=lax\";
940
- }
941
- ctSetCookie___from_backend('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
942
- </script>";
943
-
944
- // Using AJAX to get key
945
- }elseif($apbct->settings['use_ajax'] && $ajax){
946
-
947
- // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
948
- if($no_print)
949
- return;
950
-
951
- $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
952
- $field_id = $field_name . '_' . $field_id_hash;
953
- $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
954
- <script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
955
- window.addEventListener('DOMContentLoaded', function () {
956
- setTimeout(function(){
957
- apbct_public_sendAJAX(
958
- {action: 'apbct_js_keys__get'},
959
- {callback: apbct_js_keys__set_input_value, input_name: '{$field_id}',silent: true, no_nonce: true}
960
- );
961
- }, 1000);
962
- });
963
- </script>";
964
-
965
- // Set KEY from backend
966
- }else{
967
- // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
968
- if($no_print)
969
- return;
970
-
971
- $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
972
- $field_id = $field_name . '_' . $field_id_hash;
973
- $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
974
- <script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
975
- setTimeout(function(){
976
- var ct_input_name = '{$field_id}';
977
- if (document.getElementById(ct_input_name) !== null) {
978
- var ct_input_value = document.getElementById(ct_input_name).value;
979
- document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, {$ct_input_challenge});
980
- }
981
- }, 1000);
982
- </script>";
983
- }
984
-
985
- // Simplify JS code and Fixing issue with wpautop()
986
- $html = str_replace(array("\n","\r","\t"),'', $html);
987
-
988
- if ($return_string === true) {
989
- return $html;
990
- } else {
991
- echo $html;
992
- }
993
- }
994
-
995
- /**
996
- * Public function - Insert JS code for spam tests
997
- * return null;
998
- */
999
- function apbct_rorm__formidable__footerScripts($fields, $form) {
1000
-
1001
- global $apbct, $ct_checkjs_frm;
1002
-
1003
- if ( !$apbct->settings['contact_forms_test'])
1004
- return false;
1005
-
1006
- $ct_checkjs_key = ct_get_checkjs_value();
1007
- $ct_frm_base_name = 'form_';
1008
- $ct_frm_name = $ct_frm_base_name . $form->form_key;
1009
-
1010
- echo "var input = document.createElement('input');
1011
- input.setAttribute('type', 'hidden');
1012
- input.setAttribute('name', '$ct_checkjs_frm');
1013
- input.setAttribute('value', '$ct_checkjs_key');
1014
- for (i = 0; i < document.forms.length; i++) {
1015
- if (typeof document.forms[i].id == 'string'){
1016
- if(document.forms[i].id.search('$ct_frm_name') != -1) {
1017
- document.forms[i].appendChild(input);
1018
- }
1019
- }
1020
- }";
1021
-
1022
- /* Excessive cookie set
1023
- $js_code = ct_add_hidden_fields(true, 'ct_checkjs', true, true);
1024
- $js_code = strip_tags($js_code); // Removing <script> tag
1025
- echo $js_code;
1026
- //*/
1027
- }
1028
-
1029
- /**
1030
- * Public function - Test Formidable data for spam activity
1031
- * @param $errors
1032
- * @param $form
1033
- *
1034
- * @return array with errors if spam has found
1035
- */
1036
- function apbct_rorm__formidable__testSpam ( $errors, $form ) {
1037
-
1038
- global $apbct;
1039
-
1040
- if ( !$apbct->settings['contact_forms_test']) {
1041
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1042
- return $errors;
1043
- }
1044
-
1045
- // Skip processing for logged in users.
1046
- if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in()) {
1047
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1048
- return $errors;
1049
- }
1050
-
1051
- $ct_temp_msg_data = ct_get_fields_any($_POST['item_meta']);
1052
-
1053
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
1054
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
1055
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
1056
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
1057
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
1058
-
1059
- // Adding 'input_meta[]' to every field /Formidable fix/
1060
- $message = array_flip($message);
1061
- foreach($message as &$value){
1062
- $value = 'item_meta['.$value.']';
1063
- } unset($value);
1064
- $message = array_flip($message);
1065
-
1066
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1067
- ? apbct_js_test('ct_checkjs', $_COOKIE)
1068
- : apbct_js_test('ct_checkjs', $_POST);
1069
-
1070
- $base_call_result = apbct_base_call(
1071
- array(
1072
- 'message' => $message,
1073
- 'sender_email' => $sender_email,
1074
- 'sender_nickname' => $sender_nickname,
1075
- 'post_info' => array('comment_type' => 'contact_form_wordpress_formidable'),
1076
- 'js_on' => $checkjs
1077
- )
1078
- );
1079
- $ct_result = $base_call_result['ct_result'];
1080
-
1081
- if ($ct_result->allow == 0) {
1082
- $errors['ct_error'] = '<br /><b>' . $ct_result->comment . '</b><br /><br />';
1083
- }
1084
-
1085
- return $errors;
1086
- }
1087
-
1088
- /**
1089
- * Public filter 'bbp_*' - Get new topic name to global $ct_bbp_topic
1090
- * @param mixed[] $comment Comment string
1091
- * @return mixed[] $comment Comment string
1092
- */
1093
- function ct_bbp_get_topic($topic){
1094
- global $ct_bbp_topic;
1095
-
1096
- $ct_bbp_topic=$topic;
1097
-
1098
- return $topic;
1099
- }
1100
-
1101
- /**
1102
- * Public filter 'bbp_*' - Checks topics, replies by cleantalk
1103
- * @param mixed[] $comment Comment string
1104
- * @return mixed[] $comment Comment string
1105
- */
1106
- function ct_bbp_new_pre_content ($comment) {
1107
-
1108
- global $apbct, $current_user;
1109
-
1110
- if ( !$apbct->settings['comments_test']) {
1111
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1112
- return $comment;
1113
- }
1114
-
1115
- // Skip processing for logged in users and admin.
1116
- if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in() ||
1117
- apbct_exclusions_check()
1118
- ) {
1119
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1120
- return $comment;
1121
- }
1122
-
1123
-
1124
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1125
- ? apbct_js_test('ct_checkjs', $_COOKIE)
1126
- : apbct_js_test('ct_checkjs', $_POST);
1127
-
1128
- $post_info['comment_type'] = 'bbpress_comment';
1129
- $post_info['post_url'] = bbp_get_topic_permalink();
1130
-
1131
- if( is_user_logged_in() ) {
1132
- $sender_email = $current_user->user_email;
1133
- $sender_nickname = $current_user->display_name;
1134
- } else {
1135
- $sender_email = isset($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : null;
1136
- $sender_nickname = isset($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : null;
1137
- }
1138
-
1139
- $base_call_result = apbct_base_call(
1140
- array(
1141
- 'message' => $comment,
1142
- 'sender_email' => $sender_email,
1143
- 'sender_nickname' => $sender_nickname,
1144
- 'post_info' => $post_info,
1145
- 'js_on' => $checkjs,
1146
- 'sender_info' => array('sender_url' => isset($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : null),
1147
- )
1148
- );
1149
- $ct_result = $base_call_result['ct_result'];
1150
-
1151
- if ($ct_result->allow == 0) {
1152
- bbp_add_error('bbp_reply_content', $ct_result->comment);
1153
- }
1154
-
1155
- return $comment;
1156
- }
1157
-
1158
- function apbct_comment__sanitize_data__before_wp_die($function){
1159
-
1160
- global $apbct;
1161
-
1162
- $comment_data = wp_unslash($_POST);
1163
-
1164
- $user_ID = 0;
1165
-
1166
- $comment_type = '';
1167
-
1168
- $comment_content = isset($comment_data['comment']) ? (string) $comment_data['comment'] : null;
1169
- $comment_parent = isset($comment_data['comment_parent']) ? (int) absint($comment_data['comment_parent']) : null;
1170
-
1171
- $comment_author = isset($comment_data['author']) ? (string) trim(strip_tags($comment_data['author'])) : null;
1172
- $comment_author_email = isset($comment_data['email']) ? (string) trim($comment_data['email']) : null;
1173
- $comment_author_url = isset($comment_data['url']) ? (string) trim($comment_data['url']) : null;
1174
- $comment_post_ID = isset($comment_data['comment_post_ID']) ? (int) $comment_data['comment_post_ID'] : null;
1175
-
1176
- if(isset($comment_content, $comment_parent)){
1177
-
1178
- $user = function_exists('apbct_wp_get_current_user') ? apbct_wp_get_current_user() : null;
1179
-
1180
- if($user && $user->exists()){
1181
- $comment_author = empty($user->display_name) ? $user->user_login : $user->display_name;
1182
- $comment_author_email = $user->user_email;
1183
- $comment_author_url = $user->user_url;
1184
- $user_ID = $user->ID;
1185
- }
1186
-
1187
- $apbct->comment_data = compact(
1188
- 'comment_post_ID',
1189
- 'comment_author',
1190
- 'comment_author_email',
1191
- 'comment_author_url',
1192
- 'comment_content',
1193
- 'comment_type',
1194
- 'comment_parent',
1195
- 'user_ID'
1196
- );
1197
-
1198
- $function = 'apbct_comment__check_via_wp_die';
1199
-
1200
- }
1201
-
1202
- return $function;
1203
- }
1204
-
1205
- function apbct_comment__check_via_wp_die($message, $title, $args){
1206
- if($title == __('Comment Submission Failure')){
1207
- global $apbct;
1208
- $apbct->validation_error = $message;
1209
- ct_preprocess_comment($apbct->comment_data);
1210
- }
1211
- _default_wp_die_handler($message, $title, $args);
1212
- }
1213
-
1214
- /**
1215
- * Public filter 'preprocess_comment' - Checks comment by cleantalk server
1216
- * @param mixed[] $comment Comment data array
1217
- * @return mixed[] New data array of comment
1218
- */
1219
- function ct_preprocess_comment($comment) {
1220
- // this action is called just when WP process POST request (adds new comment)
1221
- // this action is called by wp-comments-post.php
1222
- // after processing WP makes redirect to post page with comment's form by GET request (see above)
1223
- global $current_user, $comment_post_id, $ct_comment_done, $ct_jp_comments, $apbct;
1224
-
1225
- // Send email notification for chosen groups of users
1226
- if($apbct->settings['comment_notify'] && !empty($apbct->settings['comment_notify__roles']) && $apbct->data['moderate']){
1227
-
1228
- add_filter('notify_post_author', 'apbct_comment__Wordpress__doNotify', 100, 2);
1229
-
1230
- $users = get_users(array(
1231
- 'role__in' => $apbct->settings['comment_notify__roles'],
1232
- 'fileds' => array('user_email')
1233
- ));
1234
-
1235
- if($users){
1236
- add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotificationGroups', 100, 2);
1237
- add_filter('comment_notification_recipients', 'apbct_comment__Wordpress__changeMailNotificationRecipients', 100, 2);
1238
- foreach($users as $user){
1239
- $emails[] = $user->user_email;
1240
- }
1241
- $apbct->comment_notification_recipients = json_encode($emails);
1242
- }
1243
- }
1244
-
1245
- // Skip processing admin.
1246
- if (in_array("administrator", $current_user->roles)){
1247
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1248
- return $comment;
1249
- }
1250
-
1251
-
1252
- $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1253
-
1254
- if($apbct->settings['check_comments_number']){
1255
- $args = array(
1256
- 'author_email' => $comment['comment_author_email'],
1257
- 'status' => 'approve',
1258
- 'count' => false,
1259
- 'number' => $comments_check_number,
1260
- );
1261
- $cnt = count(get_comments($args));
1262
- $is_max_comments = $cnt >= $comments_check_number ? true : false;
1263
- }
1264
-
1265
- if (
1266
- ($comment['comment_type']!='trackback') &&
1267
- (
1268
- apbct_is_user_enable() === false ||
1269
- $apbct->settings['comments_test'] == 0 ||
1270
- $ct_comment_done ||
1271
- (isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'],'page=wysija_campaigns&action=editTemplate')!==false) ||
1272
- (isset($is_max_comments) && $is_max_comments) ||
1273
- (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false)
1274
- )
1275
- )
1276
- {
1277
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1278
- return $comment;
1279
- }
1280
-
1281
- $local_blacklists = apbct_wp_blacklist_check(
1282
- $comment['comment_author'],
1283
- $comment['comment_author_email'],
1284
- $comment['comment_author_url'],
1285
- $comment['comment_content'],
1286
- apbct_get_server_variable( 'REMOTE_ADDR' ),
1287
- apbct_get_server_variable( 'HTTP_USER_AGENT' )
1288
- );
1289
-
1290
- // Go out if author in local blacklists
1291
- if ($comment['comment_type']!='trackback' && $local_blacklists === true) {
1292
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1293
- return $comment;
1294
- }
1295
-
1296
- // Skip pingback anti-spam test
1297
- /*if ($comment['comment_type'] == 'pingback') {
1298
- return $comment;
1299
- }*/
1300
-
1301
- $ct_comment_done = true;
1302
-
1303
- $comment_post_id = $comment['comment_post_ID'];
1304
-
1305
- // JetPack comments logic
1306
- $post_info['comment_type'] = $ct_jp_comments ? 'jetpack_comment' : $comment['comment_type'];
1307
- $post_info['post_url'] = ct_post_url(null, $comment_post_id);
1308
-
1309
- // Comment type
1310
- $post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
1311
-
1312
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1313
- ? apbct_js_test('ct_checkjs', $_COOKIE)
1314
- : apbct_js_test('ct_checkjs', $_POST);
1315
-
1316
-
1317
- $example = null;
1318
- if ($apbct->data['relevance_test']) {
1319
- $post = get_post($comment_post_id);
1320
- if ($post !== null){
1321
- $example['title'] = $post->post_title;
1322
- $example['body'] = $post->post_content;
1323
- $example['comments'] = null;
1324
-
1325
- $last_comments = get_comments(array('status' => 'approve', 'number' => 10, 'post_id' => $comment_post_id));
1326
- foreach ($last_comments as $post_comment){
1327
- $example['comments'] .= "\n\n" . $post_comment->comment_content;
1328
- }
1329
-
1330
- $example = json_encode($example);
1331
- }
1332
-
1333
- // Use plain string format if've failed with JSON
1334
- if ($example === false || $example === null){
1335
- $example = ($post->post_title !== null) ? $post->post_title : '';
1336
- $example .= ($post->post_content !== null) ? "\n\n" . $post->post_content : '';
1337
- }
1338
- }
1339
-
1340
- $base_call_result = apbct_base_call(
1341
- array(
1342
- 'message' => $comment['comment_content'],
1343
- 'example' => $example,
1344
- 'sender_email' => $comment['comment_author_email'],
1345
- 'sender_nickname' => $comment['comment_author'],
1346
- 'post_info' => $post_info,
1347
- 'js_on' => $checkjs,
1348
- 'sender_info' => array(
1349
- 'sender_url' => @$comment['comment_author_url'],
1350
- 'form_validation' => !isset($apbct->validation_error)
1351
- ? null
1352
- : json_encode(array(
1353
- 'validation_notice' => $apbct->validation_error,
1354
- 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
1355
- ))
1356
- ),
1357
- )
1358
- );
1359
- $ct_result = $base_call_result['ct_result'];
1360
-
1361
- ct_hash($ct_result->id);
1362
-
1363
- //Don't check trusted users
1364
- if (isset($comment['comment_author_email'])){
1365
- $approved_comments = get_comments(array('status' => 'approve', 'count' => true, 'author_email' => $comment['comment_author_email']));
1366
- $new_user = $approved_comments == 0 ? true : false;
1367
- }
1368
-
1369
- // Change comment flow only for new authors
1370
- if (!empty($new_user) || $ct_result->stop_words !== null || $ct_result->spam == 1)
1371
- add_action('comment_post', 'ct_set_meta', 10, 2);
1372
-
1373
- if($ct_result->allow){ // Pass if allowed
1374
- if(get_option('comment_moderation') === '1') // Wordpress moderation flag
1375
- add_filter('pre_comment_approved', 'ct_set_not_approved', 999, 2);
1376
- else
1377
- add_filter('pre_comment_approved', 'ct_set_approved', 999, 2);
1378
- // Modify the email notification
1379
- add_filter('comment_notification_text', 'apbct_comment__wordpress__show_blacklists', 100, 2); // Add two blacklist links: by email and IP
1380
- }else{
1381
-
1382
- global $ct_comment, $ct_stop_words;
1383
-
1384
- $ct_comment = $ct_result->comment;
1385
- $ct_stop_words = $ct_result->stop_words;
1386
-
1387
- $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_result->comment;
1388
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1389
-
1390
- // Terminate. Definitely spam.
1391
- if($ct_result->stop_queue == 1)
1392
- wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1393
-
1394
- // Terminate by user's setting.
1395
- if($ct_result->spam == 3)
1396
- wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1397
-
1398
- // Trash comment.
1399
- if($ct_result->spam == 2){
1400
- add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1401
- add_action('comment_post', 'ct_wp_trash_comment', 997, 2);
1402
- }
1403
-
1404
- // Spam comment
1405
- if($ct_result->spam == 1)
1406
- add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1407
-
1408
- // Move to pending folder. Contains stop_words.
1409
- if($ct_result->stop_words){
1410
- add_filter('pre_comment_approved', 'ct_set_not_approved', 998, 2);
1411
- add_action('comment_post', 'ct_mark_red', 998, 2);
1412
- }
1413
-
1414
- add_action('comment_post', 'ct_die', 999, 2);
1415
- }
1416
-
1417
- if($apbct->settings['remove_comments_links'] == 1){
1418
- $comment['comment_content'] = preg_replace("~(http|https|ftp|ftps)://(.*?)(\s|\n|[,.?!](\s|\n)|$)~", '[Link deleted]', $comment['comment_content']);
1419
- }
1420
-
1421
- // Change mail notification if license is out of date
1422
- if($apbct->data['moderate'] == 0){
1423
- $apbct->sender_email = $comment['comment_author_email'];
1424
- $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
1425
- add_filter('comment_moderation_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment sent to moderation
1426
- add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment approved
1427
- }
1428
-
1429
- return $comment;
1430
- }
1431
-
1432
- /**
1433
- * Changes whether notify admin/athor or not.
1434
- *
1435
- * @param bool $maybe_notify notify flag
1436
- * @param int $comment_ID Comment id
1437
- * @return bool flag
1438
- */
1439
- function apbct_comment__Wordpress__doNotify($maybe_notify, $comment_ID){
1440
- return true;
1441
- }
1442
-
1443
- /**
1444
- * Add notification setting link
1445
- *
1446
- * @param string $notify_message
1447
- * @param integer $comment_id
1448
- *
1449
- * @return string
1450
- */
1451
- function apbct_comment__Wordpress__changeMailNotificationGroups($notify_message, $comment_id){
1452
- return $notify_message
1453
- .PHP_EOL
1454
- .'---'.PHP_EOL
1455
- .'Manage notifications settings: '.get_site_url().'/wp-admin/options-general.php?page=cleantalk';
1456
- }
1457
-
1458
- /**
1459
- * Change email notification recipients
1460
- *
1461
- * @param array $emails
1462
- * @param integer $comment_id
1463
- *
1464
- * @return array
1465
- * @global SpbcState $apbct
1466
- */
1467
- function apbct_comment__Wordpress__changeMailNotificationRecipients($emails, $comment_id){
1468
- global $apbct;
1469
- return array_unique(array_merge($emails, (array)json_decode($apbct->comment_notification_recipients, true)));
1470
- }
1471
-
1472
- /**
1473
- * Changes email notification for spam comment for native Wordpress comment system
1474
- *
1475
- * @param string $notify_message Body of email notification
1476
- * @param int $comment_id Comment id
1477
- * @return string Body for email notification
1478
- */
1479
- function apbct_comment__Wordpress__changeMailNotification($notify_message, $comment_id){
1480
-
1481
- global $apbct;
1482
-
1483
- $notify_message =
1484
- PHP_EOL
1485
- .__('CleanTalk AntiSpam: This message is possible spam.', 'cleantalk-spam-protect')
1486
- ."\n".__('You could check it in CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
1487
- ."\n".'IP: https://cleantalk.org/blacklists/' . $apbct->sender_ip
1488
- ."\n".'Email: https://cleantalk.org/blacklists/' . $apbct->sender_email
1489
- ."\n".PHP_EOL . sprintf(
1490
- __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
1491
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_comment_passed'
1492
- .($apbct->data['user_token']
1493
- ? '&iser_token='.$apbct->data['user_token']
1494
- : ''
1495
- )
1496
- )
1497
- .PHP_EOL . '---'
1498
- .PHP_EOL
1499
- .PHP_EOL
1500
- .$notify_message;
1501
-
1502
- return $notify_message;
1503
-
1504
- }
1505
-
1506
- function apbct_comment__wordpress__show_blacklists( $notify_message, $comment_id ) {
1507
-
1508
- $comment_details = get_comments( array( 'comment__in' => $comment_id ) );
1509
- $comment_details = $comment_details[0];
1510
-
1511
- if( isset( $comment_details->comment_author_email ) ) {
1512
-
1513
- $black_list_link = 'https://cleantalk.org/blacklists/';
1514
-
1515
- $links = PHP_EOL;
1516
- $links .= esc_html__( 'Check for spam:', 'cleantalk-spam-protect');
1517
- $links .= PHP_EOL;
1518
- $links .= $black_list_link . $comment_details->comment_author_email;
1519
- $links .= PHP_EOL;
1520
- if( ! empty( $comment_details->comment_author_IP ) ) {
1521
- $links .= $black_list_link . $comment_details->comment_author_IP;
1522
- $links .= PHP_EOL;
1523
- }
1524
-
1525
- return $notify_message . $links;
1526
-
1527
- }
1528
-
1529
- return $notify_message;
1530
-
1531
- }
1532
-
1533
- /**
1534
- * Set die page with Cleantalk comment.
1535
- * @global array $ct_comment
1536
- $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_comment;
1537
- * @param type $comment_status
1538
- */
1539
- function ct_die($comment_id, $comment_status) {
1540
-
1541
- global $ct_comment;
1542
-
1543
- $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_comment;
1544
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1545
- if(isset($_POST['et_pb_contact_email']))
1546
- {
1547
- $mes='<div id="et_pb_contact_form_1" class="et_pb_contact_form_container clearfix"><h1 class="et_pb_contact_main_title">Blacklisted</h1><div class="et-pb-contact-message"><p>'.$ct_comment.'</p></div></div>';
1548
- wp_die($mes, 'Blacklisted', array('back_link' => true,'response'=>200));
1549
- }
1550
- else
1551
- {
1552
- wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1553
- }
1554
- }
1555
-
1556
- /**
1557
- * Set die page with Cleantalk comment from parameter.
1558
- * @param type $comment_body
1559
- */
1560
- function ct_die_extended($comment_body) {
1561
-
1562
- $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $comment_body;
1563
- $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1564
- wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1565
- }
1566
-
1567
- /**
1568
- * Validates JavaScript anti-spam test
1569
- *
1570
- * @param string $field_name filed to serach in data
1571
- * @param null $data Data to search in
1572
- * @param bool $random_key
1573
- *
1574
- * @return int|null
1575
- */
1576
- function apbct_js_test($field_name = 'ct_checkjs', $data = null) {
1577
-
1578
- global $apbct;
1579
-
1580
- $out = null;
1581
-
1582
- if($data && isset($data[$field_name])){
1583
-
1584
- $js_key = trim($data[$field_name]);
1585
-
1586
- // Check static key
1587
- if(
1588
- $apbct->settings['use_static_js_key'] == 1 ||
1589
- ( $apbct->settings['use_static_js_key'] == - 1 &&
1590
- ( apbct_is_cache_plugins_exists() ||
1591
- ( apbct_is_post() && isset($apbct->data['cache_detected']) && $apbct->data['cache_detected'] == 1 )
1592
- )
1593
- )
1594
- ){
1595
- $out = ct_get_checkjs_value() === $js_key ? 1 : 0;
1596
-
1597
- // Random key check
1598
- }else{
1599
- $out = array_key_exists( $js_key, $apbct->js_keys ) ? 1 : 0;
1600
- }
1601
- }
1602
-
1603
- return $out;
1604
- }
1605
-
1606
- /**
1607
- * Get post url
1608
- * @param int $comment_id
1609
- * @param int $comment_post_id
1610
- * @return string|bool
1611
- */
1612
- function ct_post_url($comment_id = null, $comment_post_id) {
1613
-
1614
- if (empty($comment_post_id))
1615
- return null;
1616
-
1617
- if ($comment_id === null) {
1618
- $last_comment = get_comments('number=1');
1619
- $comment_id = isset($last_comment[0]->comment_ID) ? (int) $last_comment[0]->comment_ID + 1 : 1;
1620
- }
1621
- $permalink = get_permalink($comment_post_id);
1622
-
1623
- $post_url = null;
1624
- if ($permalink !== null)
1625
- $post_url = $permalink . '#comment-' . $comment_id;
1626
-
1627
- return $post_url;
1628
- }
1629
-
1630
- /**
1631
- * Public filter 'pre_comment_approved' - Mark comment unapproved always
1632
- * @return int Zero
1633
- */
1634
- function ct_set_not_approved() {
1635
- return 0;
1636
- }
1637
-
1638
- /**
1639
- * @author Artem Leontiev
1640
- * Public filter 'pre_comment_approved' - Mark comment approved if it's not 'spam' only
1641
- * @return int 1
1642
- */
1643
- function ct_set_approved($approved, $comment) {
1644
- if ($approved == 'spam'){
1645
- return $approved;
1646
- } else {
1647
- return 1;
1648
- }
1649
- }
1650
-
1651
- /**
1652
- * Public filter 'pre_comment_approved' - Mark comment unapproved always
1653
- * @return int Zero
1654
- */
1655
- function ct_set_comment_spam() {
1656
- return 'spam';
1657
- }
1658
-
1659
- /**
1660
- * Public action 'comment_post' - Store cleantalk hash in comment meta 'ct_hash'
1661
- * @param int $comment_id Comment ID
1662
- * @param mixed $comment_status Approval status ("spam", or 0/1), not used
1663
- */
1664
- function ct_set_meta($comment_id, $comment_status) {
1665
- global $comment_post_id;
1666
- $hash1 = ct_hash();
1667
- if (!empty($hash1)) {
1668
- update_comment_meta($comment_id, 'ct_hash', $hash1);
1669
- if (function_exists('base64_encode') && isset($comment_status) && $comment_status != 'spam') {
1670
- $post_url = ct_post_url($comment_id, $comment_post_id);
1671
- $post_url = base64_encode($post_url);
1672
- if ($post_url === false)
1673
- return false;
1674
- // 01 - URL to approved comment
1675
- $feedback_request = $hash1 . ':' . '01' . ':' . $post_url . ';';
1676
- ct_send_feedback($feedback_request);
1677
- }
1678
- }
1679
- return true;
1680
- }
1681
-
1682
- /**
1683
- * Mark bad words
1684
- * @global string $ct_stop_words
1685
- * @param int $comment_id
1686
- * @param int $comment_status Not use
1687
- */
1688
- function ct_mark_red($comment_id, $comment_status) {
1689
- global $ct_stop_words;
1690
-
1691
- $comment = get_comment($comment_id, 'ARRAY_A');
1692
- $message = $comment['comment_content'];
1693
- foreach (explode(':', $ct_stop_words) as $word) {
1694
- $message = preg_replace("/($word)/ui", '<font rel="cleantalk" color="#FF1000">' . "$1" . '</font>', $message);
1695
-
1696
- }
1697
- $comment['comment_content'] = $message;
1698
- kses_remove_filters();
1699
- wp_update_comment($comment);
1700
- }
1701
-
1702
- //
1703
- //Send post to trash
1704
- //
1705
- function ct_wp_trash_comment($comment_id, $comment_status){
1706
- wp_trash_comment($comment_id);
1707
- }
1708
-
1709
- /**
1710
- * Tests plugin activation status
1711
- * @return bool
1712
- */
1713
- function ct_plugin_active($plugin_name){
1714
- foreach (get_option('active_plugins') as $k => $v) {
1715
- if ($plugin_name == $v)
1716
- return true;
1717
- }
1718
- return false;
1719
- }
1720
-
1721
- /**
1722
- * Insert a hidden field to registration form
1723
- * @return null
1724
- */
1725
- function ct_register_form() {
1726
-
1727
- global $ct_checkjs_register_form, $apbct;
1728
-
1729
- if ($apbct->settings['registrations_test'] == 0) {
1730
- return false;
1731
- }
1732
-
1733
- ct_add_hidden_fields($ct_checkjs_register_form, false, false, false, false);
1734
-
1735
- return null;
1736
- }
1737
-
1738
- function apbct_login__scripts(){
1739
- global $apbct;
1740
-
1741
- // Differnt JS params
1742
- wp_enqueue_script( 'ct_public', APBCT_URL_PATH . '/js/apbct-public.min.js', array( 'jquery' ), APBCT_VERSION, false /*in header*/ );
1743
-
1744
- wp_localize_script('ct_public', 'ctPublic', array(
1745
- '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
1746
- '_ajax_url' => admin_url('admin-ajax.php'),
1747
- ));
1748
-
1749
- $apbct->public_script_loaded = true;
1750
- }
1751
-
1752
- /**
1753
- * Adds notification text to login form - to inform about approved registration
1754
- * @return null
1755
- */
1756
- function ct_login_message($message) {
1757
-
1758
- global $errors, $apbct, $apbct_cookie_register_ok_label;
1759
-
1760
- if ($apbct->settings['registrations_test'] != 0){
1761
- if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ){
1762
- if (isset($_COOKIE[$apbct_cookie_register_ok_label])){
1763
- if(is_wp_error($errors)){
1764
- $errors->add('ct_message',sprintf(__('Registration approved by %s.', 'cleantalk-spam-protect'), '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk</b>'), 'message');
1765
- }
1766
- }
1767
- }
1768
- }
1769
- return $message;
1770
- }
1771
-
1772
- /**
1773
- * Test users registration for pPress
1774
- * @return array with errors
1775
- */
1776
- function ct_registration_errors_ppress($reg_errors, $form_id) {
1777
-
1778
- $email = $_POST['reg_email'];
1779
- $login = $_POST['reg_username'];
1780
-
1781
- $reg_errors = ct_registration_errors($reg_errors, $login, $email);
1782
-
1783
- return $reg_errors;
1784
- }
1785
-
1786
- /**
1787
- * Test users registration for multisite enviroment
1788
- * @return array with errors
1789
- */
1790
- function ct_registration_errors_wpmu($errors) {
1791
- global $ct_signup_done;
1792
-
1793
- //
1794
- // Multisite actions
1795
- //
1796
- $sanitized_user_login = null;
1797
- if (isset($errors['user_name'])) {
1798
- $sanitized_user_login = $errors['user_name'];
1799
- $wpmu = true;
1800
- }
1801
- $user_email = null;
1802
- if (isset($errors['user_email'])) {
1803
- $user_email = $errors['user_email'];
1804
- $wpmu = true;
1805
- }
1806
-
1807
- if ($wpmu && isset($errors['errors']->errors) && count($errors['errors']->errors) > 0) {
1808
- return $errors;
1809
- }
1810
-
1811
- $errors['errors'] = ct_registration_errors($errors['errors'], $sanitized_user_login, $user_email);
1812
-
1813
- // Show CleanTalk errors in user_name field
1814
- if (isset($errors['errors']->errors['ct_error'])) {
1815
- $errors['errors']->errors['user_name'] = $errors['errors']->errors['ct_error'];
1816
- unset($errors['errors']->errors['ct_error']);
1817
- }
1818
-
1819
- return $errors;
1820
- }
1821
-
1822
- /**
1823
- * Shell for action register_post
1824
- * @return array with errors
1825
- */
1826
- function ct_register_post($sanitized_user_login = null, $user_email = null, $errors) {
1827
- return ct_registration_errors($errors, $sanitized_user_login, $user_email);
1828
- }
1829
-
1830
- /**
1831
- * Check messages for external plugins
1832
- * @return array with checking result;
1833
- */
1834
-
1835
- function ct_test_message($nickname, $email, $ip, $text){
1836
-
1837
- $base_call_result = apbct_base_call(
1838
- array(
1839
- 'message' => $text,
1840
- 'sender_email' => $email,
1841
- 'sender_nickname' => $nickname,
1842
- 'post_info' => array('comment_type' => 'feedback_plugin_check'),
1843
- 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
1844
- )
1845
- );
1846
-
1847
- $ct_result = $base_call_result['ct_result'];
1848
-
1849
- $result=Array(
1850
- 'allow' => $ct_result->allow,
1851
- 'comment' => $ct_result->comment,
1852
- );
1853
- return $result;
1854
- }
1855
-
1856
- /**
1857
- * Check registrations for external plugins
1858
- * @return array with checking result;
1859
- */
1860
- function ct_test_registration($nickname, $email, $ip){
1861
-
1862
- global $ct_checkjs_register_form, $apbct;
1863
-
1864
- if(apbct_js_test($ct_checkjs_register_form, $_POST)){
1865
- $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1866
- $sender_info['post_checkjs_passed'] = $checkjs;
1867
- }else{
1868
- $checkjs = $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1869
- $sender_info['cookie_checkjs_passed'] = $checkjs;
1870
- }
1871
-
1872
- //Making a call
1873
- $base_call_result = apbct_base_call(
1874
- array(
1875
- 'sender_ip' => $ip,
1876
- 'sender_email' => $email,
1877
- 'sender_nickname' => $nickname,
1878
- 'sender_info' => $sender_info,
1879
- 'js_on' => $checkjs,
1880
- ),
1881
- true
1882
- );
1883
- $ct_result = $base_call_result['ct_result'];
1884
-
1885
- $result = array(
1886
- 'allow' => $ct_result->allow,
1887
- 'comment' => $ct_result->comment,
1888
- );
1889
- return $result;
1890
- }
1891
-
1892
- /**
1893
- * Test users registration
1894
- *
1895
- * @param $errors
1896
- * @param null $sanitized_user_login
1897
- * @param null $user_email
1898
- *
1899
- * @return void with errors
1900
- */
1901
- function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1902
-
1903
- global $ct_checkjs_register_form, $apbct_cookie_request_id_label, $apbct_cookie_register_ok_label, $bp, $ct_signup_done, $ct_negative_comment, $apbct, $ct_registration_error_comment, $cleantalk_executed;
1904
-
1905
- // Go out if a registrered user action
1906
- if (apbct_is_user_enable() === false) {
1907
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1908
- return $errors;
1909
- }
1910
-
1911
- if ($apbct->settings['registrations_test'] == 0) {
1912
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1913
- return $errors;
1914
- }
1915
-
1916
- // The function already executed
1917
- // It happens when used ct_register_post();
1918
- if ($ct_signup_done && is_object($errors) && count($errors->errors) > 0) {
1919
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1920
- return $errors;
1921
- }
1922
-
1923
- // Facebook registration
1924
- if ($sanitized_user_login === null && isset($_POST['FB_userdata'])){
1925
- $sanitized_user_login = $_POST['FB_userdata']['name'];
1926
- $facebook = true;
1927
- }
1928
- if ($user_email === null && isset($_POST['FB_userdata'])){
1929
- $user_email = $_POST['FB_userdata']['email'];
1930
- $facebook = true;
1931
- }
1932
-
1933
- // BuddyPress actions
1934
- $buddypress = false;
1935
- if ($sanitized_user_login === null && isset($_POST['signup_username'])) {
1936
- $sanitized_user_login = $_POST['signup_username'];
1937
- $buddypress = true;
1938
- }
1939
- if ($user_email === null && isset($_POST['signup_email'])) {
1940
- $user_email = $_POST['signup_email'];
1941
- $buddypress = true;
1942
- }
1943
-
1944
- //
1945
- // Break tests because we already have servers response
1946
- //
1947
- if ($buddypress && $ct_signup_done) {
1948
- if ($ct_negative_comment) {
1949
- $bp->signup->errors['signup_username'] = $ct_negative_comment;
1950
- }
1951
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1952
- return $errors;
1953
- }
1954
-
1955
-
1956
- if(current_filter() == 'woocommerce_registration_errors'){
1957
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1958
- $checkjs_post = null;
1959
- $checkjs_cookie = $checkjs;
1960
- }else{
1961
- // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1962
- $checkjs_post = apbct_js_test($ct_checkjs_register_form, $_POST);
1963
- $checkjs_cookie = apbct_js_test('ct_checkjs', $_COOKIE);
1964
- $checkjs = $checkjs_cookie ? $checkjs_cookie : $checkjs_post;
1965
- }
1966
-
1967
- $sender_info = array(
1968
- 'post_checkjs_passed' => $checkjs_post,
1969
- 'cookie_checkjs_passed' => $checkjs_cookie,
1970
- 'form_validation' => ! empty( $errors )
1971
- ? json_encode( array(
1972
- 'validation_notice' => $errors->get_error_message(),
1973
- 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
1974
- ) )
1975
- : null,
1976
- );
1977
-
1978
- $base_call_result = apbct_base_call(
1979
- array(
1980
- 'sender_email' => $user_email,
1981
- 'sender_nickname' => $sanitized_user_login,
1982
- 'sender_info' => $sender_info,
1983
- 'js_on' => $checkjs,
1984
- ),
1985
- true
1986
- );
1987
- $ct_result = $base_call_result['ct_result'];
1988
-
1989
- // Change mail notification if license is out of date
1990
- if($apbct->data['moderate'] == 0 &&
1991
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
1992
- ){
1993
- $apbct->sender_email = $user_email;
1994
- $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
1995
- add_filter('wp_new_user_notification_email_admin', 'apbct_registration__Wordpress__changeMailNotification', 100, 3);
1996
- }
1997
-
1998
- $ct_signup_done = true;
1999
-
2000
- $ct_result = ct_change_plugin_resonse($ct_result, $checkjs);
2001
-
2002
- $cleantalk_executed = true;
2003
-
2004
- if ($ct_result->inactive != 0) {
2005
- ct_send_error_notice($ct_result->comment);
2006
- return $errors;
2007
- }
2008
-
2009
- if ($ct_result->allow == 0) {
2010
-
2011
- if ($buddypress === true) {
2012
- $bp->signup->errors['signup_username'] = $ct_result->comment;
2013
- }elseif(!empty($facebook)){
2014
- $_POST['FB_userdata']['email'] = '';
2015
- $_POST['FB_userdata']['name'] = '';
2016
- return;
2017
- }else{
2018
- if(is_wp_error($errors))
2019
- $errors->add('ct_error', $ct_result->comment);
2020
- $ct_negative_comment = $ct_result->comment;
2021
- }
2022
-
2023
- $ct_registration_error_comment = $ct_result->comment;
2024
-
2025
- } else {
2026
- if ($ct_result->id !== null) {
2027
- \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_register_ok_label, $ct_result->id, time()+10, '/');
2028
- \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_request_id_label, $ct_result->id, time()+10, '/');
2029
- }
2030
- }
2031
-
2032
- return $errors;
2033
- }
2034
-
2035
- /**
2036
- * Changes email notification for newly registred user
2037
- *
2038
- * @param string $wp_new_user_notification_email_admin Body of email notification
2039
- * @param array $user User inof
2040
- * @param string $blogname Blog name
2041
- * @return string Body for email notification
2042
- */
2043
- function apbct_registration__Wordpress__changeMailNotification($wp_new_user_notification_email_admin, $user, $blogname){
2044
-
2045
- global $apbct;
2046
-
2047
- $wp_new_user_notification_email_admin['message'] = PHP_EOL
2048
- .__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk-spam-protect')
2049
- ."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2050
- ."\n" . 'IP: ' . $apbct->sender_ip
2051
- ."\n" . 'Email: ' . $apbct->sender_email
2052
- .PHP_EOL . PHP_EOL .
2053
- __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
2054
- .'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'
2055
- .($apbct->data['user_token']
2056
- ? '&iser_token='.$apbct->data['user_token']
2057
- : ''
2058
- )
2059
- .PHP_EOL . '---'
2060
- .PHP_EOL
2061
- .$wp_new_user_notification_email_admin['message'];
2062
-
2063
- return $wp_new_user_notification_email_admin;
2064
-
2065
-
2066
- }
2067
-
2068
- /**
2069
- * Checks Ultimate Members registration for spam
2070
- *
2071
- * @param $args forms arguments with names and values
2072
- *
2073
- * @return mixed
2074
- *
2075
- */
2076
- function apbct_registration__UltimateMembers__check( $args ){
2077
-
2078
- if ( isset( UM()->form()->errors ) ) {
2079
- $sender_info['previous_form_validation'] = true;
2080
- $sender_info['validation_notice'] = json_encode( UM()->form()->errors );
2081
- }
2082
-
2083
- global $apbct, $cleantalk_executed;
2084
-
2085
- if ($apbct->settings['registrations_test'] == 0) {
2086
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2087
- return $args;
2088
- }
2089
-
2090
-
2091
- $checkjs = apbct_js_test('ct_checkjs_register_form', $args);
2092
- $sender_info['post_checkjs_passed'] = $checkjs;
2093
-
2094
- // This hack can be helpfull when plugin uses with untested themes&signups plugins.
2095
- if ($checkjs == 0) {
2096
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2097
- $sender_info['cookie_checkjs_passed'] = $checkjs;
2098
- }
2099
-
2100
- $base_call_result = apbct_base_call(
2101
- array(
2102
- 'sender_email' => $args['user_email'],
2103
- 'sender_nickname' => $args['user_login'],
2104
- 'sender_info' => $sender_info,
2105
- 'js_on' => $checkjs,
2106
- ),
2107
- true
2108
- );
2109
- $ct_result = $base_call_result['ct_result'];
2110
-
2111
- $cleantalk_executed = true;
2112
-
2113
- if ($ct_result->inactive != 0) {
2114
- ct_send_error_notice($ct_result->comment);
2115
- return $args;
2116
- }
2117
-
2118
- if ($ct_result->allow == 0)
2119
- UM()->form()->add_error('user_password', $ct_result->comment );
2120
-
2121
- return $args;
2122
- }
2123
-
2124
- /**
2125
- * Checks registration error and set it if it was dropped
2126
- * @return errors
2127
- */
2128
- function ct_check_registration_erros($errors, $sanitized_user_login = null, $user_email = null) {
2129
- global $bp, $ct_registration_error_comment;
2130
-
2131
- if($ct_registration_error_comment){
2132
-
2133
- if(isset($bp))
2134
- if(method_exists($bp, 'signup'))
2135
- if(method_exists($bp->signup, 'errors'))
2136
- if(isset($bp->signup->errors['signup_username']))
2137
- if($bp->signup->errors['signup_username'] != $ct_registration_error_comment)
2138
- $bp->signup->errors['signup_username'] = $ct_registration_error_comment;
2139
-
2140
- if(isset($errors))
2141
- if(method_exists($errors, 'errors'))
2142
- if(isset($errors->errors['ct_error']))
2143
- if($errors->errors['ct_error'][0] != $ct_registration_error_comment)
2144
- $errors->add('ct_error', $ct_registration_error_comment);
2145
-
2146
- }
2147
- return $errors;
2148
- }
2149
-
2150
- /**
2151
- * Set user meta (ct_hash) for successed registration
2152
- * @return null
2153
- */
2154
- function apbct_user_register($user_id) {
2155
- global $apbct_cookie_request_id_label;
2156
- if (isset($_COOKIE[$apbct_cookie_request_id_label])) {
2157
- if(update_user_meta($user_id, 'ct_hash', $_COOKIE[$apbct_cookie_request_id_label])){
2158
- \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_request_id_label, '0', 1, '/');
2159
- }
2160
- }
2161
- }
2162
-
2163
-
2164
- /**
2165
- * Test for JetPack contact form
2166
- */
2167
- function ct_grunion_contact_form_field_html($r, $field_label) {
2168
-
2169
- global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields, $apbct;
2170
-
2171
- if ($apbct->settings['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match( "/(text|email)/i", $r)) {
2172
-
2173
- // Looking for element name prefix
2174
- $name_patched = false;
2175
- foreach ($ct_jpcf_fields as $v) {
2176
- if ($name_patched === false && preg_match("/(g\d-)$v/", $r, $matches)) {
2177
- $ct_checkjs_jpcf = $matches[1] . $ct_checkjs_jpcf;
2178
- $name_patched = true;
2179
- }
2180
- }
2181
-
2182
- $r .= ct_add_hidden_fields($ct_checkjs_jpcf, true);
2183
- $ct_jpcf_patched = true;
2184
- }
2185
-
2186
- return $r;
2187
- }
2188
- /**
2189
- * Test for JetPack contact form
2190
- */
2191
- function ct_contact_form_is_spam($form) {
2192
-
2193
- global $ct_checkjs_jpcf, $apbct;
2194
-
2195
- if ($apbct->settings['contact_forms_test'] == 0) {
2196
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2197
- return null;
2198
- }
2199
-
2200
- $js_field_name = $ct_checkjs_jpcf;
2201
- foreach ($_POST as $k => $v) {
2202
- if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
2203
- $js_field_name = $k;
2204
- }
2205
-
2206
- $sender_email = null;
2207
- $sender_nickname = null;
2208
- $message = '';
2209
- if (isset($form['comment_author_email']))
2210
- $sender_email = $form['comment_author_email'];
2211
-
2212
- if (isset($form['comment_author']))
2213
- $sender_nickname = $form['comment_author'];
2214
-
2215
- if (isset($form['comment_content']))
2216
- $message = $form['comment_content'];
2217
-
2218
- $base_call_result = apbct_base_call(
2219
- array(
2220
- 'message' => $message,
2221
- 'sender_email' => $sender_email,
2222
- 'sender_nickname' => $sender_nickname,
2223
- 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
2224
- 'sender_info' => array('sender_url' => @$form['comment_author_url']),
2225
- 'js_on' => apbct_js_test($js_field_name, $_POST),
2226
- )
2227
- );
2228
- $ct_result = $base_call_result['ct_result'];
2229
-
2230
- if ($ct_result->allow == 0) {
2231
- global $ct_comment;
2232
- $ct_comment = $ct_result->comment;
2233
- ct_die(null, null);
2234
- exit;
2235
- }
2236
-
2237
- return (bool) !$ct_result->allow;
2238
- }
2239
-
2240
- function ct_contact_form_is_spam_jetpack($is_spam,$form) {
2241
- global $ct_checkjs_jpcf, $apbct;
2242
-
2243
- if ($apbct->settings['contact_forms_test'] == 0) {
2244
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2245
- return null;
2246
- }
2247
-
2248
- $js_field_name = $ct_checkjs_jpcf;
2249
- foreach ($_POST as $k => $v) {
2250
- if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
2251
- $js_field_name = $k;
2252
- }
2253
-
2254
- $base_call_result = apbct_base_call(
2255
- array(
2256
- 'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
2257
- 'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
2258
- 'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
2259
- 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
2260
- 'sender_info' => array('sender_url' => @$form['comment_author_url']),
2261
- )
2262
- );
2263
- $ct_result = $base_call_result['ct_result'];
2264
-
2265
- if ($ct_result->allow == 0) {
2266
- global $ct_comment;
2267
- $ct_comment = $ct_result->comment;
2268
- ct_die(null, null);
2269
- exit;
2270
- }
2271
-
2272
- return (bool) !$ct_result->allow;
2273
- }
2274
-
2275
- /**
2276
- * Inserts anti-spam hidden to WP Maintenance Mode (wpmm)
2277
- */
2278
- function apbct_form__wpmm__addField(){
2279
- ct_add_hidden_fields('ct_checkjs', false, true, true);
2280
- }
2281
-
2282
- /**
2283
- * Inserts anti-spam hidden to CF7
2284
- */
2285
- function apbct_form__contactForm7__addField($html) {
2286
- global $ct_checkjs_cf7, $apbct;
2287
-
2288
-
2289
-
2290
- if ($apbct->settings['contact_forms_test'] == 0) {
2291
- return $html;
2292
- }
2293
-
2294
- $html .= ct_add_hidden_fields($ct_checkjs_cf7, true);
2295
-
2296
- return $html;
2297
- }
2298
-
2299
- /**
2300
- * Test spam for Contact Fomr 7 (CF7) right before validation
2301
- *
2302
- * @global SpbcState $apbct
2303
- * @param type $result
2304
- * @param type $tags
2305
- * @return type
2306
- */
2307
- function apbct_form__contactForm7__tesSpam__before_validate($result = null, $tags = null) {
2308
- global $apbct;
2309
-
2310
- if ($result && method_exists($result, 'get_invalid_fields')){
2311
- $invalid_fields = $result->get_invalid_fields();
2312
- if(!empty($invalid_fields) && is_array($invalid_fields)){
2313
- $apbct->validation_error = $invalid_fields[key($invalid_fields)]['reason'];
2314
- apbct_form__contactForm7__testSpam(false);
2315
- }
2316
- }
2317
-
2318
- return $result;
2319
- }
2320
-
2321
- /**
2322
- * Test CF7 message for spam
2323
- */
2324
- function apbct_form__contactForm7__testSpam($param) {
2325
-
2326
- global $ct_checkjs_cf7, $apbct;
2327
-
2328
- if(
2329
- $apbct->settings['contact_forms_test'] == 0 ||
2330
- $param == false && WPCF7_VERSION < '3.0.0' ||
2331
- $param === true && WPCF7_VERSION >= '3.0.0' ||
2332
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() || // Skip processing for logged in users.
2333
- apbct_exclusions_check__url() ||
2334
- apbct_exclusions_check__ip() ||
2335
- isset($apbct->cf7_checked)
2336
- ){
2337
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2338
- return $param;
2339
- }
2340
-
2341
- $checkjs = apbct_js_test($ct_checkjs_cf7, $_POST)
2342
- ? apbct_js_test($ct_checkjs_cf7, $_POST)
2343
- : apbct_js_test('ct_checkjs', $_COOKIE);
2344
-
2345
- $ct_temp_msg_data = ct_get_fields_any($_POST);
2346
-
2347
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2348
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2349
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2350
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2351
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2352
- if ($subject != '') {
2353
- $message = array_merge(array('subject' => $subject), $message);
2354
- }
2355
-
2356
- $base_call_result = apbct_base_call(
2357
- array(
2358
- 'message' => $message,
2359
- 'sender_email' => $sender_email,
2360
- 'sender_nickname' => $sender_nickname,
2361
- 'js_on' => $checkjs,
2362
- 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
2363
- 'sender_info' => array(
2364
- 'form_validation' => !isset($apbct->validation_error)
2365
- ? null
2366
- : json_encode(array(
2367
- 'validation_notice' => $apbct->validation_error,
2368
- 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
2369
- ))
2370
- ),
2371
- )
2372
- );
2373
-
2374
- $ct_result = $base_call_result['ct_result'];
2375
-
2376
- // Change mail notification if license is out of date
2377
- if($apbct->data['moderate'] == 0 &&
2378
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2379
- ){
2380
- $apbct->sender_email = $sender_email;
2381
- $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2382
- add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
2383
- }
2384
-
2385
- if ($ct_result->allow == 0) {
2386
-
2387
- global $ct_cf7_comment;
2388
- $ct_cf7_comment = $ct_result->comment;
2389
-
2390
- add_filter('wpcf7_display_message', 'apbct_form__contactForm7__showResponse', 10, 2);
2391
-
2392
- $param = WPCF7_VERSION >= '3.0.0' ? true : false;
2393
-
2394
- }
2395
-
2396
- $apbct->cf7_checked = true;
2397
-
2398
- return $param;
2399
- }
2400
-
2401
- /**
2402
- * Changes CF7 status message
2403
- * @param string $hook URL of hooked page
2404
- */
2405
- function apbct_form__contactForm7__showResponse($message, $status = 'spam') {
2406
- global $ct_cf7_comment;
2407
-
2408
- if ($status == 'spam') {
2409
- $message = $ct_cf7_comment;
2410
- }
2411
-
2412
- return $message;
2413
- }
2414
-
2415
- /**
2416
- * Changes email notification for succes subscription for Contact Form 7
2417
- *
2418
- * @param array $component Arguments for email notification
2419
- * @return array Arguments for email notification
2420
- */
2421
- function apbct_form__contactForm7__changeMailNotification($component){
2422
-
2423
- global $apbct;
2424
-
2425
- $component['body'] =
2426
- __('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2427
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2428
- .PHP_EOL . 'IP: ' . $apbct->sender_ip
2429
- .PHP_EOL . 'Email: ' . $apbct->sender_email
2430
- .PHP_EOL . sprintf(
2431
- __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
2432
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=cf7_activate_antispam&user_token='.$apbct->user_token
2433
- )
2434
- .PHP_EOL . '---' . PHP_EOL . PHP_EOL
2435
- .$component['body'];
2436
-
2437
- return (array) $component;
2438
- }
2439
-
2440
- /**
2441
- * Test Ninja Forms message for spam
2442
- *
2443
- * @global SpbcState $apbct
2444
- * @return void
2445
- */
2446
- function apbct_form__ninjaForms__testSpam() {
2447
-
2448
- global $apbct, $cleantalk_executed;
2449
-
2450
- if( $cleantalk_executed ){
2451
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2452
- return;
2453
- }
2454
-
2455
- $cleantalk_executed = true;
2456
-
2457
- if(
2458
- $apbct->settings['contact_forms_test'] == 0
2459
- || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2460
- || apbct_exclusions_check__url()
2461
- ){
2462
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2463
- return;
2464
- }
2465
-
2466
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2467
-
2468
- // Choosing between POST and GET
2469
- $params = ct_get_fields_any(isset($_GET['ninja_forms_ajax_submit']) || isset($_GET['nf_ajax_submit']) ? $_GET : $_POST);
2470
-
2471
- $sender_email = ($params['email'] ? $params['email'] : '');
2472
- $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2473
- $subject = ($params['subject'] ? $params['subject'] : '');
2474
- $message = ($params['message'] ? $params['message'] : array());
2475
- if ($subject != '') {
2476
- $message = array_merge(array('subject' => $subject), $message);
2477
- }
2478
-
2479
- //Ninja Forms xml fix
2480
- foreach ($message as $key => $value){
2481
- if (strpos($value, '<xml>') !== false)
2482
- unset($message[$key]);
2483
- }
2484
-
2485
- $base_call_result = apbct_base_call(
2486
- array(
2487
- 'message' => $message,
2488
- 'sender_email' => $sender_email,
2489
- 'sender_nickname' => $sender_nickname,
2490
- 'post_info' => array('comment_type' => 'contact_form_wordpress_ninja_froms'),
2491
- 'js_on' => $checkjs,
2492
- )
2493
- );
2494
- $ct_result = $base_call_result['ct_result'];
2495
-
2496
- // Change mail notification if license is out of date
2497
- if($apbct->data['moderate'] == 0 &&
2498
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2499
- ){
2500
- $apbct->sender_email = $sender_email;
2501
- $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2502
- add_filter('ninja_forms_action_email_message', 'apbct_form__ninjaForms__changeMailNotification', 1, 3);
2503
- }
2504
-
2505
- if ($ct_result->allow == 0) {
2506
-
2507
- // We have to use GLOBAL variable to transfer the comment to apbct_form__ninjaForms__changeResponse() function :(
2508
- $apbct->response = $ct_result->comment;
2509
- add_action( 'ninja_forms_before_response', 'apbct_form__ninjaForms__changeResponse', 10, 1 );
2510
- add_action( 'ninja_forms_action_email_send', 'apbct_form__ninjaForms__stopEmail', 1, 5 ); // Prevent mail notification
2511
- add_action( 'ninja_forms_save_submission', 'apbct_form__ninjaForms__preventSubmission', 1, 2 ); // Prevent mail notification
2512
- }
2513
- }
2514
-
2515
- function apbct_form__ninjaForms__preventSubmission($some, $form_id){
2516
- return false;
2517
- }
2518
-
2519
- function apbct_form__ninjaForms__stopEmail($some, $action_settings, $message, $headers, $attachments){
2520
- global $apbct;
2521
- throw new Exception($apbct->response);
2522
- }
2523
-
2524
- function apbct_form__ninjaForms__changeResponse( $data ) {
2525
-
2526
- global $apbct;
2527
-
2528
- // Show error message below field found by ID
2529
- if(array_key_exists('email', $data['fields_by_key'])){
2530
- // Find ID of EMAIL field
2531
- $nf_field_id = $data['fields_by_key']['email']['id'];
2532
- }else{
2533
- // Find ID of last field (usually SUBMIT)
2534
- $fields_keys = array_keys($data['fields']);
2535
- $nf_field_id = array_pop($fields_keys);
2536
- }
2537
-
2538
- // Below is modified NJ logic
2539
- $error = array(
2540
- 'fields' => array(
2541
- $nf_field_id => $apbct->response,
2542
- ),
2543
- );
2544
-
2545
- $response = array( 'data' => $data, 'errors' => $error, 'debug' => '' );
2546
-
2547
- die(wp_json_encode( $response, JSON_FORCE_OBJECT ));
2548
-
2549
- }
2550
-
2551
- function apbct_form__seedprod_coming_soon__testSpam() {
2552
-
2553
- global $apbct;
2554
-
2555
- if(
2556
- $apbct->settings['contact_forms_test'] == 0
2557
- || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2558
- || apbct_exclusions_check__url()
2559
- ){
2560
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2561
- return;
2562
- }
2563
-
2564
- $ct_temp_msg_data = ct_get_fields_any($_REQUEST);
2565
-
2566
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2567
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2568
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2569
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2570
- if ($subject != '') {
2571
- $message = array_merge(array('subject' => $subject), $message);
2572
- }
2573
-
2574
- $post_info['comment_type'] = 'contact_form_wordpress_seedprod_coming_soon';
2575
-
2576
- $base_call_result = apbct_base_call(
2577
- array(
2578
- 'message' => $message,
2579
- 'sender_email' => $sender_email,
2580
- 'sender_nickname' => $sender_nickname,
2581
- 'post_info' => $post_info,
2582
- )
2583
- );
2584
-
2585
- $ct_result = $base_call_result['ct_result'];
2586
- if ($ct_result->allow == 0) {
2587
- global $ct_comment;
2588
- $ct_comment = $ct_result->comment;
2589
-
2590
- $response = array(
2591
- 'status' => 200,
2592
- 'html' => "<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>"
2593
- );
2594
-
2595
- echo sanitize_text_field($_GET['callback']) . '(' . json_encode($response) . ')';
2596
- exit();
2597
- }
2598
-
2599
- }
2600
-
2601
- /**
2602
- * Changes email notification for succes subscription for Ninja Forms
2603
- *
2604
- * @param string $message Body of email notification
2605
- * @return string Body for email notification
2606
- */
2607
- function apbct_form__ninjaForms__changeMailNotification($message, $data, $action_settings){
2608
-
2609
- global $apbct;
2610
-
2611
- if($action_settings['to'] !== $apbct->sender_email){
2612
-
2613
- $message .= wpautop(PHP_EOL . '---'
2614
- .PHP_EOL
2615
- .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2616
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2617
- .PHP_EOL . 'IP: ' . $apbct->sender_ip
2618
- .PHP_EOL . 'Email: ' . $apbct->sender_email
2619
- .PHP_EOL .
2620
- __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
2621
- 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token
2622
- );
2623
- }
2624
-
2625
- return $message;
2626
- }
2627
-
2628
- /**
2629
- * Inserts anti-spam hidden to WPForms
2630
- *
2631
- * @global SpbcState $apbct
2632
- * @return void
2633
- */
2634
- function apbct_form__WPForms__addField($form_data, $some, $title, $description, $errors) {
2635
-
2636
- global $apbct;
2637
-
2638
- if($apbct->settings['contact_forms_test'] == 1)
2639
- ct_add_hidden_fields('checkjs_wpforms', false);
2640
-
2641
- }
2642
-
2643
- /**
2644
- * Gather fields data from submission and store it
2645
- *
2646
- * @param array $entry
2647
- * @param $form
2648
- *
2649
- * @return array
2650
- * @global SpbcState $apbct
2651
- */
2652
- function apbct_from__WPForms__gatherData($entry, $form){
2653
-
2654
- global $apbct;
2655
-
2656
- $data = array();
2657
- foreach($entry['fields'] as $key => $val){
2658
- $true_key = strtolower(str_replace(' ', '_', $form['fields'][$key]['label']));
2659
- $true_key = $true_key ? $true_key : $key;
2660
- $data[$true_key] = $val;
2661
- } unset($key, $val);
2662
-
2663
- $apbct->form_data = $data;
2664
-
2665
- return $entry;
2666
- }
2667
-
2668
- /**
2669
- * Adding error to form entry if message is spam
2670
- * Call spam test from here
2671
- *
2672
- * @param array $errors
2673
- * @param array $form_data
2674
- * @return array
2675
- */
2676
- function apbct_form__WPForms__showResponse($errors, $form_data) {
2677
-
2678
- if(empty($errors) || ( isset($form_data['id'], $errors[$form_data['id']]) && !count($errors[$form_data['id']]) ) ){
2679
-
2680
- $spam_comment = apbct_form__WPForms__testSpam();
2681
-
2682
- $filed_id = $form_data && !empty($form_data['fields']) && is_array($form_data['fields'])
2683
- ? key($form_data['fields'])
2684
- : 0;
2685
-
2686
- if($spam_comment)
2687
- $errors[ $form_data['id'] ][ $filed_id ] = $spam_comment;
2688
-
2689
- }
2690
-
2691
- return $errors;
2692
- }
2693
-
2694
- /**
2695
- * Test WPForms message for spam
2696
- * Doesn't hooked anywhere.
2697
- * Called directly from apbct_form__WPForms__showResponse()
2698
- *
2699
- * @global SpbcState $apbct
2700
- * @global array $apbct->form_data Contains form data
2701
- * @param array $errors Array of errors to write false result in
2702
- * @return void|array|null
2703
- */
2704
- function apbct_form__WPForms__testSpam() {
2705
-
2706
- global $apbct;
2707
-
2708
- if(
2709
- $apbct->settings['contact_forms_test'] == 0 ||
2710
- $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
2711
- ){
2712
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2713
- return;
2714
- }
2715
-
2716
- $checkjs = apbct_js_test('checkjs_wpforms', $_POST);
2717
-
2718
- $params = ct_get_fields_any($apbct->form_data);
2719
-
2720
- $sender_email = ($params['email'] ? $params['email'] : '');
2721
- $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2722
- $subject = ($params['subject'] ? $params['subject'] : '');
2723
- $message = ($params['message'] ? $params['message'] : array());
2724
- if ($subject != '') {
2725
- $message = array_merge(array('subject' => $subject), $message);
2726
- }
2727
-
2728
- $base_call_result = apbct_base_call(
2729
- array(
2730
- 'message' => $message,
2731
- 'sender_email' => $sender_email,
2732
- 'sender_nickname' => $sender_nickname,
2733
- 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2734
- 'js_on' => $checkjs,
2735
- )
2736
- );
2737
- $ct_result = $base_call_result['ct_result'];
2738
-
2739
- // Change mail notification if license is out of date
2740
- if($apbct->data['moderate'] == 0 &&
2741
- ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2742
- ){
2743
- $apbct->sender_email = $sender_email;
2744
- $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2745
- add_filter('wpforms_email_message', 'apbct_form__WPForms__changeMailNotification', 100, 2);
2746
- }
2747
-
2748
- if ($ct_result->allow == 0){
2749
- return $ct_result->comment;
2750
- }
2751
-
2752
- return null;
2753
-
2754
- }
2755
-
2756
- /**
2757
- * Changes email notification for succes subscription for Ninja Forms
2758
- *
2759
- * @param string $message Body of email notification
2760
- * @param WPForms_WP_Emails $wpforms_email WPForms email class object
2761
- * @return string Body for email notification
2762
- */
2763
- function apbct_form__WPForms__changeMailNotification($message, $wpforms_email){
2764
-
2765
- global $apbct;
2766
-
2767
- $message = str_replace('</html>', '', $message);
2768
- $message = str_replace('</body>', '', $message);
2769
- $message .= wpautop(PHP_EOL . '---'
2770
- .PHP_EOL
2771
- .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2772
- .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2773
- .PHP_EOL . 'IP: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_ip . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_ip . '</a>'
2774
- .PHP_EOL . 'Email: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_email . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_email . '</a>'
2775
- .PHP_EOL . sprintf(
2776
- __('Activate protection in your %sAnti-Spam Dashboard%s.', 'clentalk'),
2777
- '<a href="https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_activate_antispam" target="_blank">',
2778
- '</a>'
2779
- ))
2780
- .'</body></html>';
2781
-
2782
- return $message;
2783
-
2784
- }
2785
-
2786
- /*
2787
- * QuForms check spam
2788
- * works with singl-paged forms
2789
- * and with multi-paged forms - check only last step of the forms
2790
- */
2791
- function ct_quform_post_validate($result, $form) {
2792
-
2793
- if ( $form->hasPages() ) {
2794
- $comment_type = 'contact_form_wordpress_quforms_multipage';
2795
- } else {
2796
- $comment_type = 'contact_form_wordpress_quforms_singlepage';
2797
- }
2798
-
2799
- $ct_temp_msg_data = ct_get_fields_any( $form->getValues() );
2800
- // @ToDo If we have several emails at the form - will be used only the first detected!
2801
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2802
-
2803
- $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2804
- $base_call_result = apbct_base_call(
2805
- array(
2806
- 'message' => $form->getValues(),
2807
- 'sender_email' => $sender_email,
2808
- 'post_info' => array('comment_type' => $comment_type),
2809
- 'js_on' => $checkjs,
2810
- )
2811
- );
2812
-
2813
- $ct_result = $base_call_result['ct_result'];
2814
- if ($ct_result->allow == 0) {
2815
- die(json_encode(array('type' => 'error', 'apbct' => array('blocked' => true, 'comment' => $ct_result->comment))));
2816
- } else {
2817
- return $result;
2818
- }
2819
-
2820
- return $result;
2821
-
2822
- }
2823
-
2824
- /**
2825
- * Inserts anti-spam hidden to Fast Secure contact form
2826
- */
2827
- function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
2828
- $string .= ct_add_hidden_fields('ct_checkjs', true);
2829
- return $string;
2830
- }
2831
-
2832
- /**
2833
- * Test for Fast Secure contact form
2834
- */
2835
- function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
2836
- global $apbct, $cleantalk_executed;
2837
-
2838
- if (!empty($form_errors)) {
2839
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2840
- return $form_errors;
2841
- }
2842
-
2843
-
2844
- if ($apbct->settings['contact_forms_test'] == 0) {
2845
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2846
- return $form_errors;
2847
- }
2848
-
2849
- // Skip processing because data already processed.
2850
- if ($cleantalk_executed) {
2851
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2852
- return $form_errors;
2853
- }
2854
-
2855
- //getting info from custom fields
2856
- $ct_temp_msg_data = ct_get_fields_any($_POST);
2857
-
2858
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2859
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2860
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2861
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2862
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2863
- if($subject != '') {
2864
- $message['subject'] = $subject;
2865
- }
2866
-
2867
- $base_call_result = apbct_base_call(
2868
- array(
2869
- 'message' => $message,
2870
- 'sender_email' => $sender_email,
2871
- 'sender_nickname' => $sender_nickname,
2872
- 'post_info' => array('comment_type' => 'contact_form_wordpress_fscf'),
2873
- 'js_on' => apbct_js_test('ct_checkjs', $_POST),
2874
- )
2875
- );
2876
-
2877
- $ct_result = $base_call_result['ct_result'];
2878
-
2879
- $cleantalk_executed = true;
2880
-
2881
- if ($ct_result->allow == 0) {
2882
- global $ct_comment;
2883
- $ct_comment = $ct_result->comment;
2884
- ct_die(null, null);
2885
- exit;
2886
- }
2887
-
2888
- return $form_errors;
2889
- }
2890
-
2891
- /**
2892
- * Notice for commentators which comment has automatically approved by plugin
2893
- * @param string $hook URL of hooked page
2894
- */
2895
- function ct_comment_text($comment_text) {
2896
- global $comment, $ct_approved_request_id_label;
2897
-
2898
- if (isset($_COOKIE[$ct_approved_request_id_label]) && isset($comment->comment_ID)) {
2899
- $ct_hash = get_comment_meta($comment->comment_ID, 'ct_hash', true);
2900
-
2901
- if ($ct_hash !== '' && $_COOKIE[$ct_approved_request_id_label] == $ct_hash) {
2902
- $comment_text .= '<br /><br /> <em class="comment-awaiting-moderation">' . __('Comment approved. Anti-spam by CleanTalk.', 'cleantalk-spam-protect') . '</em>';
2903
- }
2904
- }
2905
-
2906
- return $comment_text;
2907
- }
2908
-
2909
-
2910
- /**
2911
- * Checks WordPress Landing Pages raw $_POST values
2912
- */
2913
- function ct_check_wplp(){
2914
-
2915
- global $ct_wplp_result_label, $apbct;
2916
-
2917
- if (!isset($_COOKIE[$ct_wplp_result_label])) {
2918
- // First AJAX submit of WPLP form
2919
- if ($apbct->settings['contact_forms_test'] == 0) {
2920
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2921
- return;
2922
- }
2923
-
2924
- $post_info['comment_type'] = 'feedback';
2925
- $post_info = json_encode($post_info);
2926
- if ($post_info === false)
2927
- $post_info = '';
2928
-
2929
- $sender_email = '';
2930
- foreach ($_POST as $v) {
2931
- if (preg_match("/^\S+@\S+\.\S+$/", $v)) {
2932
- $sender_email = $v;
2933
- break;
2934
- }
2935
- }
2936
-
2937
- $message = '';
2938
- if(array_key_exists('form_input_values', $_POST)){
2939
- $form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
2940
- if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
2941
- $message = $form_input_values['null'];
2942
- } else if (array_key_exists('null', $_POST)) {
2943
- $message = $_POST['null'];
2944
- }
2945
-
2946
- $base_call_result = apbct_base_call(
2947
- array(
2948
- 'message' => $message,
2949
- 'sender_email' => $sender_email,
2950
- 'post_info' => array('comment_type' => 'contact_form_wordpress_wplp'),
2951
- )
2952
- );
2953
-
2954
- $ct_result = $base_call_result['ct_result'];
2955
-
2956
- if ($ct_result->allow == 0) {
2957
- $cleantalk_comment = $ct_result->comment;
2958
- } else {
2959
- $cleantalk_comment = 'OK';
2960
- }
2961
-
2962
- \Cleantalk\Common\Helper::apbct_cookie__set($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
2963
- } else {
2964
- // Next POST/AJAX submit(s) of same WPLP form
2965
- $cleantalk_comment = $_COOKIE[$ct_wplp_result_label];
2966
- }
2967
- if ($cleantalk_comment !== 'OK')
2968
- ct_die_extended($cleantalk_comment);
2969
- }
2970
-
2971
- /**
2972
- * Places a hidding field to Gravity forms.
2973
- * @return string
2974
- */
2975
- function apbct_form__gravityForms__addField($form_string, $form){
2976
- $ct_hidden_field = 'ct_checkjs';
2977
-
2978
- // Do not add a hidden field twice.
2979
- if (preg_match("/$ct_hidden_field/", $form_string)) {
2980
- return $form_string;
2981
- }
2982
-
2983
- $search = "</form>";
2984
-
2985
- // Adding JS code
2986
- $js_code = ct_add_hidden_fields($ct_hidden_field, true, false);
2987
- $form_string = str_replace($search, $js_code . $search, $form_string);
2988
-
2989
- // Adding field for multipage form. Look for cleantalk.php -> apbct_cookie();
2990
- $append_string = isset($form['lastPageButton']) ? "<input type='hidden' name='ct_multipage_form' value='yes'>" : '';
2991
- $form_string = str_replace($search, $append_string.$search, $form_string);
2992
-
2993
- return $form_string;
2994
- }
2995
-
2996
- /**
2997
- * Gravity forms anti-spam test.
2998
- * @return boolean
2999
- */
3000
- function apbct_form__gravityForms__testSpam($is_spam, $form, $entry) {
3001
-
3002
- global $apbct, $cleantalk_executed, $ct_gform_is_spam, $ct_gform_response;
3003
-
3004
- if (
3005
- $apbct->settings['contact_forms_test'] == 0 ||
3006
- $is_spam ||
3007
- $cleantalk_executed // Return unchanged result if the submission was already tested.
3008
- ) {
3009
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3010
- return $is_spam;
3011
- }
3012
-
3013
- $ct_temp = array();
3014
- foreach($entry as $key => $value){
3015
- if(is_numeric($key))
3016
- $ct_temp[$key]=$value;
3017
- } unset($key, $value);
3018
-
3019
- $ct_temp_msg_data = ct_get_fields_any($ct_temp);
3020
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3021
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3022
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3023
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3024
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3025
-
3026
- // Adding 'input_' to every field /Gravity Forms fix/
3027
- $tmp = $message;
3028
- $message = array();
3029
- foreach($tmp as $key => $value){
3030
- $message[ 'input_' . $key] = $value;
3031
- } unset( $key, $value, $tmp );
3032
-
3033
- if($subject != '')
3034
- $message['subject'] = $subject;
3035
-
3036
- $checkjs = apbct_js_test('ct_checkjs', $_POST)
3037
- ? apbct_js_test('ct_checkjs', $_POST)
3038
- : apbct_js_test('ct_checkjs', $_COOKIE);
3039
-
3040
- $base_call_result = apbct_base_call(
3041
- array(
3042
- 'message' => $message,
3043
- 'sender_email' => $sender_email,
3044
- 'sender_nickname' => $sender_nickname,
3045
- 'post_info' => array('comment_type' => 'contact_form_wordpress_gravity_forms'),
3046
- 'js_on' => $checkjs,
3047
- )
3048
- );
3049
-
3050
- $ct_result = $base_call_result['ct_result'];
3051
- if ($ct_result->allow == 0) {
3052
- $is_spam = true;
3053
- $ct_gform_is_spam = true;
3054
- $ct_gform_response = $ct_result->comment;
3055
- }
3056
-
3057
- return $is_spam;
3058
- }
3059
-
3060
- function apbct_form__gravityForms__showResponse( $confirmation, $form, $entry, $ajax ){
3061
-
3062
- global $ct_gform_is_spam, $ct_gform_response;
3063
-
3064
- if(!empty($ct_gform_is_spam)){
3065
- $confirmation = '<a id="gf_'.$form['id'].'" class="gform_anchor" ></a><div id="gform_confirmation_wrapper_'.$form['id'].'" class="gform_confirmation_wrapper "><div id="gform_confirmation_message_'.$form['id'].'" class="gform_confirmation_message_'.$form['id'].' gform_confirmation_message"><font style="color: red">'.$ct_gform_response.'</font></div></div>';
3066
- }
3067
-
3068
- return $confirmation;
3069
- }
3070
-
3071
- /**
3072
- * Test S2member registration
3073
- * @return array with errors
3074
- */
3075
- function ct_s2member_registration_test($post_key) {
3076
-
3077
- global $apbct;
3078
-
3079
- if ($apbct->settings['registrations_test'] == 0) {
3080
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3081
- return null;
3082
- }
3083
-
3084
- $sender_email = isset($_POST[$post_key]['email']) ? sanitize_email($_POST[$post_key]['email']) : null;
3085
- $sender_nickname = isset($_POST[$post_key]['username']) ? sanitize_email($_POST[$post_key]['username']) : null;
3086
-
3087
- //Making a call
3088
- $base_call_result = apbct_base_call(
3089
- array(
3090
- 'sender_email' => $sender_email,
3091
- 'sender_nickname' => $sender_nickname,
3092
- ),
3093
- true
3094
- );
3095
- $ct_result = $base_call_result['ct_result'];
3096
-
3097
- if ($ct_result->allow == 0) {
3098
- ct_die_extended($ct_result->comment);
3099
- }
3100
-
3101
- return true;
3102
- }
3103
-
3104
- function apbct_form__the7_contact_form() {
3105
-
3106
- global $cleantalk_executed;
3107
-
3108
- if ( check_ajax_referer( 'dt_contact_form', 'nonce', false ) && isset($_POST) ) {
3109
-
3110
- $post_info['comment_type'] = 'contact_the7_theme_contact_form';
3111
-
3112
- $ct_temp_msg_data = ct_get_fields_any($_POST);
3113
-
3114
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3115
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3116
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3117
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3118
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3119
- if ($subject != '') {
3120
- $message = array_merge(array('subject' => $subject), $message);
3121
- }
3122
-
3123
- // Skip submission if no data found
3124
- if ($sender_email === ''|| !$contact_form) {
3125
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3126
- return false;
3127
- }
3128
- $cleantalk_executed = true;
3129
-
3130
- $base_call_result = apbct_base_call(
3131
- array(
3132
- 'message' => $message,
3133
- 'sender_email' => $sender_email,
3134
- 'sender_nickname' => $sender_nickname,
3135
- 'post_info' => $post_info,
3136
- )
3137
- );
3138
-
3139
- $ct_result = $base_call_result['ct_result'];
3140
- if ($ct_result->allow == 0) {
3141
-
3142
- $response = json_encode(
3143
- array(
3144
- 'success' => false ,
3145
- 'errors' => $ct_result->comment,
3146
- 'nonce' => wp_create_nonce( 'dt_contact_form' )
3147
- )
3148
- );
3149
-
3150
- // response output
3151
- header( "Content-Type: application/json" );
3152
- echo $response;
3153
-
3154
- // IMPORTANT: don't forget to "exit"
3155
- exit;
3156
-
3157
- }
3158
-
3159
- }
3160
-
3161
- }
3162
-
3163
- function apbct_form__elementor_pro__testSpam() {
3164
-
3165
- global $apbct, $cleantalk_executed;
3166
-
3167
- if(
3168
- $apbct->settings['contact_forms_test'] == 0
3169
- || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
3170
- || apbct_exclusions_check__url()
3171
- ){
3172
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3173
- return;
3174
- }
3175
-
3176
- $ct_temp_msg_data = ct_get_fields_any($_POST);
3177
-
3178
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3179
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3180
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3181
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3182
- if ($subject != '') {
3183
- $message = array_merge(array('subject' => $subject), $message);
3184
- }
3185
-
3186
- $post_info['comment_type'] = 'contact_form_wordpress_elementor_pro';
3187
-
3188
- $cleantalk_executed = true;
3189
- $base_call_result = apbct_base_call(
3190
- array(
3191
- 'message' => $message,
3192
- 'sender_email' => $sender_email,
3193
- 'sender_nickname' => $sender_nickname,
3194
- 'post_info' => $post_info,
3195
- )
3196
- );
3197
-
3198
- $ct_result = $base_call_result['ct_result'];
3199
-
3200
- if ($ct_result->allow == 0) {
3201
-
3202
- wp_send_json_error( array(
3203
- 'message' => $ct_result->comment,
3204
- 'data' => array()
3205
- ) );
3206
-
3207
- }
3208
-
3209
- }
3210
-
3211
- // INEVIO theme integration
3212
- function apbct_form__inevio__testSpam() {
3213
-
3214
- global $apbct, $cleantalk_executed;
3215
-
3216
- $theme = wp_get_theme();
3217
- if(
3218
- stripos( $theme->get( 'Name' ), 'INEVIO' ) === false ||
3219
- $apbct->settings['contact_forms_test'] == 0 ||
3220
- ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) || // Skip processing for logged in users.
3221
- apbct_exclusions_check__url()
3222
- ) {
3223
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3224
- return false;
3225
- }
3226
- $form_data = array();
3227
- parse_str($_POST['data'], $form_data);
3228
-
3229
- $name = isset($form_data['name']) ? $form_data['name'] : '';
3230
- $email = isset($form_data['email']) ? $form_data['email'] : '';
3231
- $message = isset($form_data['message']) ? $form_data['message'] : '';
3232
-
3233
- $post_info['comment_type'] = 'contact_form_wordpress_inevio_theme';
3234
-
3235
- $cleantalk_executed = true;
3236
- $base_call_result = apbct_base_call(
3237
- array(
3238
- 'message' => $message,
3239
- 'sender_email' => $email,
3240
- 'sender_nickname' => $name,
3241
- 'post_info' => $post_info,
3242
- )
3243
- );
3244
-
3245
- $ct_result = $base_call_result['ct_result'];
3246
-
3247
- if ( $ct_result->allow == 0 ) {
3248
- die(json_encode(array('apbct' => array('blocked' => true, 'comment' => $ct_result->comment,))));
3249
- }
3250
-
3251
- return true;
3252
-
3253
- }
3254
-
3255
- /**
3256
- * General test for any contact form
3257
- */
3258
- function ct_contact_form_validate() {
3259
-
3260
- global $pagenow,$cleantalk_executed ,$apbct, $ct_checkjs_frm;
3261
-
3262
- // Exclusios common function
3263
- if ( apbct_exclusions_check(__FUNCTION__) ) {
3264
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3265
- return null;
3266
- }
3267
-
3268
- if (@sizeof($_POST)==0 ||
3269
- (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
3270
- (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
3271
- (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
3272
- apbct_is_in_referer( 'lostpassword' ) ||
3273
- apbct_is_in_referer( 'lost-password' ) || //Skip lost-password form check
3274
- (apbct_is_in_uri('/wp-admin/') && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
3275
- apbct_is_in_uri('wp-login.php') ||
3276
- apbct_is_in_uri('wp-comments-post.php') ||
3277
- apbct_is_in_uri('?provider=facebook&') ||
3278
- apbct_is_in_uri('reset-password/') || // Ticket #13668. Password reset.
3279
- apbct_is_in_referer( '/wp-admin/') ||
3280
- apbct_is_in_uri('/login/') ||
3281
- apbct_is_in_uri( '/my-account/edit-account/') || // WooCommerce edit account page
3282
- apbct_is_in_uri( '/my-account/edit-address/') || // WooCommerce edit account page
3283
- (isset($_POST['action']) && $_POST['action'] == 'save_account_details') || // WooCommerce edit account action
3284
- apbct_is_in_uri( '/peepsoajax/profilefieldsajax.validate_register') ||
3285
- isset($_GET['ptype']) && $_GET['ptype']=='login' ||
3286
- isset($_POST['ct_checkjs_register_form']) ||
3287
- (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
3288
- $apbct->settings['general_contact_forms_test'] == 0 ||
3289
- isset($_POST['bbp_topic_content']) ||
3290
- isset($_POST['bbp_reply_content']) ||
3291
- isset($_POST['fscf_submitted']) ||
3292
- apbct_is_in_uri('/wc-api/') ||
3293
- isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit']) ||
3294
- isset($_POST[$ct_checkjs_frm]) && $apbct->settings['contact_forms_test'] == 1 ||// Formidable forms
3295
- ( isset($_POST['comment_post_ID']) && ! isset($_POST['comment-submit'] ) ) || // The comment form && ! DW Question & Answer
3296
- isset($_GET['for']) ||
3297
- (isset($_POST['log'], $_POST['pwd'])) || //WooCommerce Sensei login form fix
3298
- (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || // WooCommerce recovery password form
3299
- ((isset($_POST['woocommerce-login-nonce']) || isset($_POST['_wpnonce'])) && isset($_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || // WooCommerce login form
3300
- (isset($_POST['wc-api']) && strtolower($_POST['wc-api']) == 'wc_gateway_systempay') || // Woo Systempay payment plugin
3301
- apbct_is_in_uri( 'wc-api=WC_Gateway_Realex_Redirect') || // Woo Realex payment Gateway plugin
3302
- (isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) || //CF7 fix)
3303
- (isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) ||//Mobile Assistant Connector fix
3304
- isset($_POST['gform_submit']) || //Gravity form
3305
- apbct_is_in_uri( 'wc-ajax=get_refreshed_fragments') ||
3306
- (isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) ||
3307
- (isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) ||
3308
- (apbct_is_in_uri( 'bizuno.php') && !empty($_POST['bizPass'])) ||
3309
- apbct_is_in_referer( 'my-dashboard/' ) || // ticket_id=7885
3310
- isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) || // ticket_id=9122
3311
- (isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') || // WPForms
3312
- (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') || // JetPack
3313
- (isset($_POST['action']) && $_POST['action'] == 'bbp-update-user') || //BBP update user info page
3314
- apbct_is_in_referer( '?wc-api=WC_Gateway_Transferuj' ) || //WC Gateway
3315
- (isset($_GET['mbr'], $_GET['amp;appname'], $_GET['amp;master'])) || // ticket_id=10773
3316
- (isset($_POST['call_function']) && $_POST['call_function'] == 'push_notification_settings') || // Skip mobile requests (push settings)
3317
- apbct_is_in_uri('membership-login') || // Skip login form
3318
- (isset($_GET['cookie-state-change'])) || //skip GDPR plugin
3319
- ( apbct_get_server_variable( 'HTTP_USER_AGENT' ) == 'MailChimp' && apbct_is_in_uri( 'mc4wp-sync-api/webhook-listener') ) || // Mailchimp webhook skip
3320
- apbct_is_in_uri('researcher-log-in') || // Skip login form
3321
- apbct_is_in_uri('admin_aspcms/_system/AspCms_SiteSetting.asp?action=saves') || // Skip admin save callback
3322
- apbct_is_in_uri('?profile_tab=postjobs') || // Skip post vacancies
3323
- (isset($_POST['btn_insert_post_type_hotel']) && $_POST['btn_insert_post_type_hotel'] == 'SUBMIT HOTEL') || // Skip adding hotel
3324
- (isset($_POST['action']) && $_POST['action'] == 'updraft_savesettings') || // Updraft save settings
3325
- isset($_POST['quform_submit']) || //QForms multi-paged form skip
3326
- (isset($_POST['wpum_form']) && $_POST['wpum_form'] == 'login') || //WPUM login skip
3327
- isset($_POST['password']) || // Exception for login form. From Analysis uid=406596
3328
- (isset($_POST['action']) && $_POST['action'] == 'wilcity_reset_password') || // Exception for reset password form. From Analysis uid=430898
3329
- (isset($_POST['action']) && $_POST['action'] == 'wilcity_login') || // Exception for login form. From Analysis uid=430898
3330
- (isset($_POST['qcfsubmit'])) || //Exception for submit quick forms - duplicates with qcfvalidate
3331
- apbct_is_in_uri('tin-canny-learndash-reporting/src/h5p-xapi/process-xapi-statement.php?v=asd') || //Skip Tin Canny plugin
3332
- ( isset( $_POST['na'], $_POST['ts'], $_POST['nhr'] ) && !apbct_is_in_uri( '?na=s' ) ) || // The Newsletter Plugin double requests fix. Ticket #14772
3333
- (isset($_POST['spl_action']) && $_POST['spl_action'] == 'register') || //Skip interal action with empty params
3334
- (isset($_POST['action']) && $_POST['action'] == 'bwfan_insert_abandoned_cart' && apbct_is_in_uri( 'my-account/edit-address' )) || //Skip edit account
3335
- apbct_is_in_uri('login-1') || //Skip login form
3336
- apbct_is_in_uri('recuperacao-de-senha-2') || //Skip form reset password
3337
- apbct_is_in_uri('membermouse/api/request.php') && isset($_POST['membership_level_id'],$_POST['apikey'],$_POST['apisecret']) || // Membermouse API
3338
- ( isset( $_POST['AppKey'] ) && ( isset( $_POST['cbAP'] ) && $_POST['cbAP'] == 'Caspio' ) ) || // Caspio exclusion (ticket #16444)
3339
- isset($_POST['wpforms_id'], $_POST['wpforms_author']) || //Skip wpforms
3340
- ( isset( $_POST['somfrp_action'], $_POST['submitted'] ) && $_POST['somfrp_action'] == 'somfrp_lost_pass' ) || // Frontend Reset Password exclusion
3341
- ( isset( $_POST['action'] ) && $_POST['action'] == 'dokan_save_account_details' ) ||
3342
- \Cleantalk\Variables\Post::get('action') === 'frm_get_lookup_text_value' // Exception for Formidable multilevel form
3343
- ) {
3344
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3345
- return null;
3346
- }
3347
-
3348
- //Skip woocommerce checkout
3349
- if (apbct_is_in_uri('wc-ajax=update_order_review') ||
3350
- apbct_is_in_uri('wc-ajax=checkout') ||
3351
- !empty($_POST['woocommerce_checkout_place_order']) ||
3352
- apbct_is_in_uri('wc-ajax=wc_ppec_start_checkout') ||
3353
- apbct_is_in_referer('wc-ajax=update_order_review')
3354
- )
3355
- {
3356
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3357
- return null;
3358
- }
3359
-
3360
- //Skip woocommerce add_to_cart
3361
- if( ! empty( $_POST['add-to-cart'] ) )
3362
- {
3363
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3364
- return null;
3365
- }
3366
-
3367
- // Do not execute anti-spam test for logged in users.
3368
- if (isset($_COOKIE[LOGGED_IN_COOKIE]) && $apbct->settings['protect_logged_in'] != 1) {
3369
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3370
- return null;
3371
- }
3372
- //Skip WP Fusion web hooks
3373
- if ( apbct_is_in_uri('wpf_action') && apbct_is_in_uri('access_key') && isset( $_GET['access_key'] ) ) {
3374
- if( function_exists( 'wp_fusion' ) ) {
3375
- $key = wp_fusion()->settings->get('access_key');
3376
- if ( $key == $_GET['access_key'] ) {
3377
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3378
- return null;
3379
- }
3380
- }
3381
- }
3382
- //Skip system fields for divi
3383
- if (strpos( \Cleantalk\Variables\Post::get('action'), 'et_pb_contactform_submit') === 0) {
3384
- foreach ($_POST as $key => $value) {
3385
- if (strpos($key, 'et_pb_contact_email_fields') === 0) {
3386
- unset($_POST[$key]);
3387
- }
3388
- }
3389
- }
3390
- $post_info['comment_type'] = 'feedback_general_contact_form';
3391
-
3392
- $ct_temp_msg_data = ct_get_fields_any($_POST);
3393
-
3394
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3395
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3396
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3397
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3398
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3399
- if ($subject != '') {
3400
- $message = array_merge(array('subject' => $subject), $message);
3401
- }
3402
-
3403
- // Skip submission if no data found
3404
- if ($sender_email === ''|| !$contact_form) {
3405
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3406
- return false;
3407
- }
3408
- $cleantalk_executed=true;
3409
-
3410
- if(isset($_POST['TellAFriend_Link'])){
3411
- $tmp = $_POST['TellAFriend_Link'];
3412
- unset($_POST['TellAFriend_Link']);
3413
- }
3414
-
3415
- $base_call_result = apbct_base_call(
3416
- array(
3417
- 'message' => $message,
3418
- 'sender_email' => $sender_email,
3419
- 'sender_nickname' => $sender_nickname,
3420
- 'post_info' => $post_info,
3421
- 'sender_info' => array( 'sender_email' => urlencode( $sender_email ) ),
3422
- )
3423
- );
3424
-
3425
- if(isset($_POST['TellAFriend_Link'])){
3426
- $_POST['TellAFriend_Link']=$tmp;
3427
- }
3428
-
3429
- $ct_result = $base_call_result['ct_result'];
3430
- if ($ct_result->allow == 0) {
3431
-
3432
- // Recognize contact form an set it's name to $contact_form to use later
3433
- $contact_form = null;
3434
- foreach($_POST as $param => $value){
3435
- if(strpos($param, 'et_pb_contactform_submit') === 0){
3436
- $contact_form = 'contact_form_divi_theme';
3437
- $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
3438
- }
3439
- if(strpos($param, 'avia_generated_form') === 0){
3440
- $contact_form = 'contact_form_enfold_theme';
3441
- $contact_form_additional = str_replace('avia_generated_form', '', $param);
3442
- }
3443
- if(!empty($contact_form))
3444
- break;
3445
- }
3446
-
3447
- $ajax_call = false;
3448
- if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
3449
- ) {
3450
- $ajax_call = true;
3451
- }
3452
- if ($ajax_call) {
3453
- echo $ct_result->comment;
3454
- } else {
3455
-
3456
- global $ct_comment;
3457
- $ct_comment = $ct_result->comment;
3458
- if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add'){
3459
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3460
- header("Content-Type: application/json");
3461
- print json_encode($result);
3462
- die();
3463
-
3464
- }else if(isset($_POST['TellAFriend_email'])){
3465
- echo $ct_result->comment;
3466
- die();
3467
-
3468
- }else if(isset($_POST['gform_submit'])){ // Gravity forms submission
3469
- $response = sprintf("<!DOCTYPE html><html><head><meta charset='UTF-8' /></head><body class='GF_AJAX_POSTBACK'><div id='gform_confirmation_wrapper_1' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_1' class='gform_confirmation_message_1
3470
- gform_confirmation_message'>%s</div></div></body></html>",
3471
- $ct_result->comment
3472
- );
3473
- echo $response;
3474
- die();
3475
-
3476
- }elseif(isset($_POST['action']) && $_POST['action'] == 'ct_check_internal'){
3477
- return $ct_result->comment;
3478
-
3479
- }elseif(isset($_POST['vfb-submit']) && defined('VFB_VERSION')){
3480
- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
3481
- // Caldera Contact Forms
3482
- }elseif(isset($_POST['action']) && $_POST['action'] == 'cf_process_ajax_submit'){
3483
- print json_encode("<h3 style='color: red;'><red>".$ct_result->comment);
3484
- die();
3485
- // Mailster
3486
- }elseif(isset($_POST['_referer'], $_POST['formid'], $_POST['email'])){
3487
- $return = array(
3488
- 'success' => false,
3489
- 'html' => '<p>' . $ct_result->comment . '</p>',
3490
- );
3491
- print json_encode($return);
3492
- die();
3493
- // Divi Theme Contact Form. Using $contact_form
3494
- }elseif(!empty($contact_form) && $contact_form == 'contact_form_divi_theme'){
3495
- echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
3496
- die();
3497
- // Enfold Theme Contact Form. Using $contact_form
3498
- }elseif(!empty($contact_form) && $contact_form == 'contact_form_enfold_theme'){
3499
- echo "<div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1' style='display: block;'><div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1'><h3 class='avia-form-success'>Antispam by CleanTalk: ".$ct_result->comment."</h3><a href='.'><-Back</a></div></div>";
3500
- die();
3501
- }else{
3502
- ct_die(null, null);
3503
- }
3504
- }
3505
- exit;
3506
- }
3507
-
3508
- return null;
3509
- }
3510
-
3511
- /**
3512
- * General test for any post data
3513
- */
3514
- function ct_contact_form_validate_postdata() {
3515
-
3516
- global $apbct, $pagenow,$cleantalk_executed;
3517
-
3518
- // Exclusios common function
3519
- if ( apbct_exclusions_check(__FUNCTION__) ) {
3520
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3521
- return null;
3522
- }
3523
-
3524
- if (@sizeof($_POST)==0 ||
3525
- (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
3526
- (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
3527
- (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
3528
- apbct_is_in_uri('/checkout/') ||
3529
- /* WooCommerce Service Requests - skip them */
3530
- isset($_GET['wc-ajax']) && (
3531
- $_GET['wc-ajax']=='checkout' ||
3532
- $_GET['wc-ajax']=='get_refreshed_fragments' ||
3533
- $_GET['wc-ajax']=='apply_coupon' ||
3534
- $_GET['wc-ajax']=='remove_coupon' ||
3535
- $_GET['wc-ajax']=='update_shipping_method' ||
3536
- $_GET['wc-ajax']=='get_cart_totals' ||
3537
- $_GET['wc-ajax']=='update_order_review' ||
3538
- $_GET['wc-ajax']=='add_to_cart' ||
3539
- $_GET['wc-ajax']=='remove_from_cart' ||
3540
- $_GET['wc-ajax']=='get_variation' ||
3541
- $_GET['wc-ajax']=='get_customer_location'
3542
- ) ||
3543
- /* END: WooCommerce Service Requests */
3544
- apbct_is_in_uri('/wp-admin/') ||
3545
- apbct_is_in_uri('wp-login.php') ||
3546
- apbct_is_in_uri('wp-comments-post.php') ||
3547
- apbct_is_in_referer('/wp-admin/') ||
3548
- apbct_is_in_uri('/login/') ||
3549
- apbct_is_in_uri('?provider=facebook&') ||
3550
- isset($_GET['ptype']) && $_GET['ptype']=='login' ||
3551
- isset($_POST['ct_checkjs_register_form']) ||
3552
- (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
3553
- $apbct->settings['general_contact_forms_test']==0 ||
3554
- isset($_POST['bbp_topic_content']) ||
3555
- isset($_POST['bbp_reply_content']) ||
3556
- isset($_POST['fscf_submitted']) ||
3557
- isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit'])||
3558
- apbct_is_in_uri('/wc-api/') ||
3559
- (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || //WooCommerce recovery password form
3560
- (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || //WooCommerce login form
3561
- (isset($_POST['provider'], $_POST['authcode']) && $_POST['provider'] == 'Two_Factor_Totp') || //TwoFactor authorization
3562
- (isset($_GET['wc-ajax']) && $_GET['wc-ajax'] == 'sa_wc_buy_now_get_ajax_buy_now_button') || //BuyNow add to cart
3563
- apbct_is_in_uri('/wp-json/wpstatistics/v1/hit') || //WPStatistics
3564
- (isset($_POST['ihcaction']) && $_POST['ihcaction'] == 'login') || //Skip login form
3565
- (isset($_POST['action']) && $_POST['action'] == 'infinite_scroll') || //Scroll
3566
- isset($_POST['gform_submit']) || //Skip gravity checking because of direct integration
3567
- (isset($_POST['lrm_action']) && $_POST['lrm_action'] == 'login') || //Skip login form
3568
- apbct_is_in_uri( 'xmlrpc.php?for=jetpack' )
3569
- ) {
3570
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3571
- return null;
3572
- }
3573
-
3574
- $message = ct_get_fields_any_postdata($_POST);
3575
-
3576
- // ???
3577
- if(strlen(json_encode($message))<10) {
3578
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3579
- return null;
3580
- }
3581
-
3582
-
3583
- // Skip if request contains params
3584
- $skip_params = array(
3585
- 'ipn_track_id', // PayPal IPN #
3586
- 'txn_type', // PayPal transaction type
3587
- 'payment_status', // PayPal payment status
3588
- );
3589
- foreach($skip_params as $key=>$value){
3590
- if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST)) {
3591
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3592
- return null;
3593
- }
3594
- }
3595
-
3596
- $base_call_result = apbct_base_call(
3597
- array(
3598
- 'message' => $message,
3599
- 'post_info' => array('comment_type' => 'feedback_general_postdata'),
3600
- )
3601
- );
3602
-
3603
- $cleantalk_executed=true;
3604
-
3605
- $ct_result = $base_call_result['ct_result'];
3606
-
3607
- if ($ct_result->allow == 0) {
3608
-
3609
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
3610
- global $ct_comment;
3611
- $ct_comment = $ct_result->comment;
3612
- if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add')
3613
- {
3614
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3615
- header("Content-Type: application/json");
3616
- print json_encode($result);
3617
- die();
3618
- }
3619
- else
3620
- {
3621
- ct_die(null, null);
3622
- }
3623
- } else {
3624
- echo $ct_result->comment;
3625
- }
3626
- exit;
3627
- }
3628
-
3629
- return null;
3630
- }
3631
-
3632
-
3633
- /**
3634
- * Inner function - Finds and returns pattern in string
3635
- * @return null|bool
3636
- */
3637
- function ct_get_data_from_submit($value = null, $field_name = null) {
3638
- if (!$value || !$field_name || !is_string($value)) {
3639
- return false;
3640
- }
3641
- if (preg_match("/[a-z0-9_\-]*" . $field_name. "[a-z0-9_\-]*$/", $value)) {
3642
- return true;
3643
- }
3644
- }
3645
-
3646
- /**
3647
- * Sends error notice to admin
3648
- * @return null
3649
- */
3650
- function ct_send_error_notice ($comment = '') {
3651
- global $ct_admin_notoice_period, $apbct;
3652
-
3653
- $timelabel_reg = intval( get_option('cleantalk_timelabel_reg') );
3654
- if(time() - $ct_admin_notoice_period > $timelabel_reg){
3655
- update_option('cleantalk_timelabel_reg', time());
3656
-
3657
- $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3658
- $message = __('Attention, please!', 'cleantalk-spam-protect') . "\r\n\r\n";
3659
- $message .= sprintf(__('"%s" plugin error on your site "%s":', 'cleantalk-spam-protect'), $apbct->plugin_name, $blogname) . "\r\n\r\n";
3660
- $message .= preg_replace('/^(.*?)<a.*?"(.*?)".*?>(.*?)<.a>(.*)$/', '$1. $3: $2?user_token='. $apbct->user_token .' $4', $comment) . "\r\n\r\n";
3661
- @wp_mail(ct_get_admin_email(), sprintf(__('[%s] "%s" error!', 'cleantalk-spam-protect'), $apbct->plugin_name, $blogname), $message);
3662
- }
3663
-
3664
- return null;
3665
- }
3666
-
3667
- /**
3668
- * Prints form for "protect externals
3669
- *
3670
- * @param $arr
3671
- * @param $k
3672
- */
3673
- function ct_print_form( $arr, $k ){
3674
-
3675
- // Fix for pages04.net forms
3676
- if( isset( $arr['formSourceName'] ) ){
3677
- $tmp = array();
3678
- foreach( $arr as $key => $val ){
3679
- $tmp_key = str_replace( '_', '+', $key );
3680
- $tmp[$tmp_key] = $val;
3681
- }
3682
- $arr = $tmp;
3683
- unset( $tmp, $key, $tmp_key, $val );
3684
- }
3685
-
3686
- foreach( $arr as $key => $value ){
3687
-
3688
- if( ! is_array( $value ) ){
3689
- print '<textarea
3690
- name="' . ( $k == '' ? $key : $k . '[' . $key . ']' ) . '"
3691
- style="display:none;">' . htmlspecialchars( $value )
3692
- . '</textarea>';
3693
- }else{
3694
- ct_print_form( $value, $k == '' ? $key : $k . '[' . $key . ']' );
3695
- }
3696
-
3697
- }
3698
-
3699
- }
3700
-
3701
- /**
3702
- * Attaches public scripts and styles.
3703
- */
3704
- function ct_enqueue_scripts_public($hook){
3705
-
3706
- global $current_user, $apbct;
3707
-
3708
- if (apbct_exclusions_check__url()) {
3709
- return;
3710
- }
3711
-
3712
- if($apbct->settings['registrations_test'] || $apbct->settings['comments_test'] || $apbct->settings['contact_forms_test'] || $apbct->settings['general_contact_forms_test'] || $apbct->settings['wc_checkout_test'] || $apbct->settings['check_external'] || $apbct->settings['check_internal'] || $apbct->settings['bp_private_messages'] || $apbct->settings['general_postdata_test']){
3713
-
3714
- if( ! $apbct->public_script_loaded ) {
3715
-
3716
- // Differnt JS params
3717
- wp_enqueue_script( 'ct_public', APBCT_URL_PATH . '/js/apbct-public.min.js', array( 'jquery' ), APBCT_VERSION, false /*in header*/ );
3718
-
3719
- wp_localize_script('ct_public', 'ctPublic', array(
3720
- '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
3721
- '_ajax_url' => admin_url('admin-ajax.php'),
3722
- ));
3723
- }
3724
-
3725
- // GDPR script
3726
- if($apbct->settings['gdpr_enabled']){
3727
-
3728
- wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.min.js', array('jquery', 'ct_public'), APBCT_VERSION, false /*in header*/);
3729
-
3730
- wp_localize_script('ct_public_gdpr', 'ctPublicGDPR', array(
3731
- 'gdpr_forms' => array(),
3732
- 'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk-spam-protect'),
3733
- ));
3734
- }
3735
-
3736
- }
3737
-
3738
- if(!defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') || (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') && CLEANTALK_AJAX_USE_FOOTER_HEADER)){
3739
- if($apbct->settings['use_ajax'] && ! apbct_is_in_uri('.xml') && ! apbct_is_in_uri('.xsl')){
3740
- if( ! apbct_is_in_uri('jm-ajax') ){
3741
-
3742
- // Use AJAX for JavaScript check
3743
- if($apbct->settings['use_ajax']){
3744
-
3745
- wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/js/cleantalk_nocache.min.js'), array(), APBCT_VERSION, false /*in header*/);
3746
-
3747
- wp_localize_script('ct_nocache', 'ctNocache', array(
3748
- 'ajaxurl' => admin_url('admin-ajax.php'),
3749
- 'info_flag' => $apbct->settings['collect_details'] && $apbct->settings['set_cookies'] ? true : false,
3750
- 'set_cookies_flag' => $apbct->settings['set_cookies'] ? false : true,
3751
- 'blog_home' => get_home_url().'/',
3752
- ));
3753
- }
3754
-
3755
- // External forms check
3756
- if($apbct->settings['check_external'])
3757
- wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/js/cleantalk_external.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3758
-
3759
- // Internal forms check
3760
- if($apbct->settings['check_internal'])
3761
- wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/js/cleantalk_internal.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3762
-
3763
- }
3764
- }
3765
- }
3766
-
3767
- // Show controls for commentaries
3768
- if(in_array("administrator", $current_user->roles)){
3769
-
3770
- if($apbct->settings['manage_comments_on_public_page']){
3771
-
3772
- $ajax_nonce = wp_create_nonce( "ct_secret_nonce" );
3773
-
3774
- wp_enqueue_style ('ct_public_admin_css', plugins_url('/cleantalk-spam-protect/css/cleantalk-public-admin.min.css'), array(), APBCT_VERSION, 'all');
3775
- wp_enqueue_script('ct_public_admin_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-public-admin.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3776
-
3777
- wp_localize_script('ct_public_admin_js', 'ctPublicAdmin', array(
3778
- 'ct_ajax_nonce' => $ajax_nonce,
3779
- 'ajaxurl' => admin_url('admin-ajax.php'),
3780
- 'ct_feedback_error' => __('Error occurred while sending feedback.', 'cleantalk-spam-protect'),
3781
- 'ct_feedback_no_hash' => __('Feedback wasn\'t sent. There is no associated request.', 'cleantalk-spam-protect'),
3782
- 'ct_feedback_msg' => sprintf(__("Feedback has been sent to %sCleanTalk Dashboard%s.", 'cleantalk-spam-protect'), $apbct->user_token ? "<a target='_blank' href=https://cleantalk.org/my/show_requests?user_token={$apbct->user_token}&cp_mode=antispam>" : '', $apbct->user_token ? "</a>" : ''),
3783
- ));
3784
-
3785
- }
3786
- }
3787
-
3788
- // Debug
3789
- if($apbct->settings['debug_ajax']){
3790
- wp_enqueue_script('ct_debug_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-debug-ajax.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3791
-
3792
- wp_localize_script('ct_debug_js', 'apbctDebug', array(
3793
- 'reload' => false,
3794
- 'reload_time' => 10000,
3795
- ));
3796
- }
3797
- }
3798
-
3799
- /**
3800
- * Reassign callbackback function for the bootom of comment output.
3801
- */
3802
- function ct_wp_list_comments_args($options){
3803
-
3804
- global $current_user, $apbct;
3805
-
3806
- if(in_array("administrator", $current_user->roles)){
3807
- if($apbct->settings['manage_comments_on_public_page']) {
3808
- $theme = wp_get_theme();
3809
- $apbct->active_theme = $theme->get( 'Name' );
3810
- $options['end-callback'] = 'ct_comments_output';
3811
- }
3812
- }
3813
-
3814
- return $options;
3815
- }
3816
-
3817
- /**
3818
- * Callback function for the bootom comment output.
3819
- */
3820
- function ct_comments_output($curr_comment, $param2, $wp_list_comments_args){
3821
-
3822
- global $apbct;
3823
-
3824
- $email = $curr_comment->comment_author_email;
3825
- $ip = $curr_comment->comment_author_IP;
3826
- $id = $curr_comment->comment_ID;
3827
-
3828
- $settings_link = '/wp-admin/'.(is_network_admin() ? "settings.php?page=cleantalk" : "options-general.php?page=cleantalk");
3829
-
3830
- echo "<div class='ct_comment_info'><div class ='ct_comment_titles'>";
3831
- echo "<p class='ct_comment_info_title'>".__('Sender info', 'cleantalk-spam-protect')."</p>";
3832
-
3833
- echo "<p class='ct_comment_logo_title'>
3834
- ".__('by', 'cleantalk-spam-protect')
3835
- ." <a href='{$settings_link}' target='_blank'><img class='ct_comment_logo_img' src='".plugins_url()."/cleantalk-spam-protect/inc/images/logo_color.png'></a>"
3836
- ." <a href='{$settings_link}' target='_blank'>CleanTalk</a>"
3837
- ."</p></div>";
3838
- // Outputs email if exists
3839
- if($email)
3840
- echo "<a href='https://cleantalk.org/blacklists/$email' target='_blank' title='https://cleantalk.org/blacklists/$email'>"
3841
- ."$email"
3842
- ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3843
- ."</a>";
3844
- else
3845
- echo __('No email', 'cleantalk-spam-protect');
3846
- echo "&nbsp;|&nbsp;";
3847
-
3848
- // Outputs IP if exists
3849
- if($ip)
3850
- echo "<a href='https://cleantalk.org/blacklists/$ip' target='_blank' title='https://cleantalk.org/blacklists/$ip'>"
3851
- ."$ip"
3852
- ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3853
- ."</a>";
3854
- else
3855
- echo __('No IP', 'cleantalk-spam-protect');
3856
- echo '&nbsp;|&nbsp;';
3857
-
3858
- echo "<span commentid='$id' class='ct_this_is ct_this_is_spam' href='#'>".__('Mark as spam', 'cleantalk-spam-protect')."</span>";
3859
- echo "<span commentid='$id' class='ct_this_is ct_this_is_not_spam ct_hidden' href='#'>".__('Unspam', 'cleantalk-spam-protect')."</span>";
3860
- echo "<p class='ct_feedback_wrap'>";
3861
- echo "<span class='ct_feedback_result ct_feedback_result_spam'>".__('Marked as spam.', 'cleantalk-spam-protect')."</span>";
3862
- echo "<span class='ct_feedback_result ct_feedback_result_not_spam'>".__('Marked as not spam.', 'cleantalk-spam-protect')."</span>";
3863
- echo "&nbsp;<span class='ct_feedback_msg'><span>";
3864
- echo "</p>";
3865
-
3866
- echo "</div>";
3867
-
3868
- // @todo research what such themes and make exception for them
3869
- $ending_tag = $wp_list_comments_args['style'];
3870
- if( in_array( $apbct->active_theme, array( 'Paperio', 'Twenty Twenty' ) ) ){
3871
- $ending_tag = is_null($wp_list_comments_args['style']) ? 'div' : $wp_list_comments_args['style'];
3872
- };
3873
-
3874
- // Ending comment output
3875
- echo "</{$ending_tag}>";
3876
- }
3877
-
3878
- /**
3879
- * Callback function for the bootom comment output.
3880
- *
3881
- * attrs = array()
3882
- */
3883
- function apbct_shrotcode_handler__GDPR_public_notice__form( $attrs ){
3884
-
3885
- $out = '';
3886
-
3887
- if(isset($attrs['id']))
3888
- $out .= 'ctPublicGDPR.gdpr_forms.push("'.$attrs['id'].'");';
3889
-
3890
- if(isset($attrs['text']))
3891
- $out .= 'ctPublicGDPR.gdpr_text = "'.$attrs['text'].'";';
3892
-
3893
- $out = '<script ' . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . '>'.$out.'</script>';
3894
- return $out;
3895
- }
3896
-
3897
- /**
3898
- * Filters the 'status' array before register the user
3899
- * using only by WICITY theme
3900
- *
3901
- * @param $success array array( 'status' => 'success' )
3902
- * @param $data array ['username'] ['password'] ['email']
3903
- * @return array array( 'status' => 'error' ) or array( 'status' => 'success' ) by default
3904
- */
3905
- function apbct_wilcity_reg_validation( $success, $data ) {
3906
- $check = ct_test_registration( $data['username'], $data['email'], '' );
3907
- if( $check['allow'] == 0 ) {
3908
- return array( 'status' => 'error' );
3909
- }
3910
- return $success;
3911
- }
3912
-
3913
- // Enfold Theme contact form
3914
- function apbct_form__enfold_contact_form__test_spam( $send, $new_post, $form_params, $obj ){
3915
-
3916
- global $cleantalk_executed;
3917
-
3918
- $url_decoded_data = array();
3919
- foreach( $new_post as $key => $value ) {
3920
- $url_decoded_data[$key] = urldecode($value);
3921
- }
3922
-
3923
- $data = ct_get_fields_any( $url_decoded_data );
3924
-
3925
- $base_call_result = apbct_base_call(
3926
- array(
3927
- 'message' => !empty( $data['message'] ) ? json_encode( $data['message'] ) : '',
3928
- 'sender_email' => !empty( $data['email'] ) ? $data['email'] : '',
3929
- 'sender_nickname' => !empty( $data['nickname'] ) ? $data['nickname'] : '',
3930
- 'post_info' => array(
3931
- 'comment_type' => 'contact_form_wordpress_enfold'
3932
- ),
3933
- )
3934
- );
3935
-
3936
- $ct_result = $base_call_result['ct_result'];
3937
-
3938
- $cleantalk_executed = true;
3939
-
3940
- if( $ct_result->allow == 0 ) {
3941
- $obj->submit_error = $ct_result->comment;
3942
- return null;
3943
- }
3944
-
3945
- return $send;
3946
-
3947
- }
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * Init functions
5
+ * @return mixed[] Array of options
6
+ */
7
+ function apbct_init() {
8
+
9
+ global $ct_wplp_result_label, $ct_jp_comments, $ct_post_data_label, $ct_post_data_authnet_label, $apbct, $test_external_forms, $cleantalk_executed, $wpdb;
10
+
11
+ //Check internal forms with such "action" http://wordpress.loc/contact-us/some_script.php
12
+ if((isset($_POST['action']) && $_POST['action'] == 'ct_check_internal') &&
13
+ $apbct->settings['check_internal']
14
+ ){
15
+ $ct_result = ct_contact_form_validate();
16
+ if($ct_result == null){
17
+ echo 'true';
18
+ die();
19
+ }else{
20
+ echo $ct_result;
21
+ die();
22
+ }
23
+ }
24
+
25
+ //fix for EPM registration form
26
+ if(isset($_POST) && isset($_POST['reg_email']) && shortcode_exists( 'epm_registration_form' ))
27
+ {
28
+ unset($_POST['ct_checkjs_register_form']);
29
+ }
30
+
31
+ if(isset($_POST['_wpnonce-et-pb-contact-form-submitted']))
32
+ {
33
+ add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
34
+ }
35
+
36
+ if($apbct->settings['check_external']){
37
+
38
+ // Fixing form and directs it this site
39
+ if($apbct->settings['check_external__capture_buffer'] && !is_admin() && !apbct_is_ajax() && !apbct_is_post() && apbct_is_user_enable() && !(defined('DOING_CRON') && DOING_CRON) && !(defined('XMLRPC_REQUEST') && XMLRPC_REQUEST)){
40
+
41
+ if (defined('CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL') && is_string(CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL)) {
42
+ $catch_buffer = false;
43
+ $urls = explode(',', CLEANTALK_CAPTURE_BUFFER_SPECIFIC_URL);
44
+ foreach ($urls as $url) {
45
+ if (apbct_is_in_uri($url))
46
+ $catch_buffer = true;
47
+ }
48
+ }else{
49
+ $catch_buffer = true;
50
+ }
51
+
52
+ if( $catch_buffer ){
53
+ add_action('wp', 'apbct_buffer__start');
54
+ add_action('shutdown', 'apbct_buffer__end', 0);
55
+ add_action('shutdown', 'apbct_buffer__output', 2);
56
+ }
57
+ }
58
+
59
+ // Check and redirecct
60
+ if( apbct_is_post()
61
+ && isset($_POST['cleantalk_hidden_method'])
62
+ && isset($_POST['cleantalk_hidden_action'])
63
+ ){
64
+ $action = htmlspecialchars($_POST['cleantalk_hidden_action']);
65
+ $method = htmlspecialchars($_POST['cleantalk_hidden_method']);
66
+ unset($_POST['cleantalk_hidden_action']);
67
+ unset($_POST['cleantalk_hidden_method']);
68
+ ct_contact_form_validate();
69
+ if(!apbct_is_ajax()){
70
+ print "<html><body><form method='$method' action='$action'>";
71
+ ct_print_form($_POST, '');
72
+ print "</form></body></html>";
73
+ print "<script " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
74
+ if(document.forms[0].submit !== 'undefined'){
75
+ var objects = document.getElementsByName('submit');
76
+ if(objects.length > 0)
77
+ document.forms[0].removeChild(objects[0]);
78
+ }
79
+ document.forms[0].submit();
80
+ </script>";
81
+ die();
82
+ }
83
+ }
84
+ }
85
+
86
+ if(isset($_POST['quform_ajax'], $_POST['quform_csrf_token'], $_POST['quform_form_id'])){
87
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
88
+ ct_ajax_hook();
89
+ }
90
+
91
+ /**hooks for cm answers pro */
92
+ if(defined('CMA_PLUGIN_FILE')){
93
+ add_action( 'wp', 'ct_ajax_hook',1 );
94
+ }
95
+
96
+ //hook for Anonymous Post
97
+ if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
98
+ add_action('wp', 'ct_contact_form_validate_postdata',1);
99
+
100
+ if($apbct->settings['general_contact_forms_test'] == 1 && empty($_POST['ct_checkjs_cf7'])){
101
+ add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
102
+ //add_action('init','ct_contact_form_validate',1);
103
+ ct_contact_form_validate();
104
+ if(isset($_POST['reg_redirect_link'])&&isset($_POST['tmpl_registration_nonce_field']))
105
+ {
106
+ unset($_POST['ct_checkjs_register_form']);
107
+ ct_contact_form_validate();
108
+ }
109
+ /*if(isset($_GET['ait-action'])&&$_GET['ait-action']=='register')
110
+ {
111
+ $tmp=$_POST['redirect_to'];
112
+ unset($_POST['redirect_to']);
113
+ ct_contact_form_validate();
114
+ $_POST['redirect_to']=$tmp;
115
+ }*/
116
+ }
117
+
118
+ if($apbct->settings['general_postdata_test'] == 1 && empty($_POST['ct_checkjs_cf7']))
119
+ add_action('CMA_custom_post_type_nav', 'ct_contact_form_validate_postdata',1);
120
+
121
+ //add_action('wp_footer','ct_ajaxurl');
122
+
123
+ // Fast Secure contact form
124
+ if(defined('FSCF_VERSION')){
125
+ add_filter('si_contact_display_after_fields', 'ct_si_contact_display_after_fields');
126
+ add_filter('si_contact_form_validate', 'ct_si_contact_form_validate');
127
+ }
128
+
129
+ // WooCommerce registration
130
+ if(class_exists('WooCommerce')){
131
+ add_filter( 'woocommerce_registration_errors', 'ct_registration_errors', 1, 3 );
132
+ if ($apbct->settings['wc_checkout_test'] == 1) {
133
+ add_filter('woocommerce_checkout_process', 'ct_woocommerce_checkout_check', 1, 3);
134
+ }
135
+ if( isset($_REQUEST['wc-ajax']) && $_REQUEST['wc-ajax'] == 'checkout' && empty( $apbct->settings['wc_register_from_order'] ) ){
136
+ remove_filter( 'woocommerce_registration_errors', 'ct_registration_errors', 1 );
137
+ }
138
+ }
139
+
140
+ // WooCommerce whishlist
141
+ if(class_exists('WC_Wishlists_Wishlist'))
142
+ add_filter('wc_wishlists_create_list_args', 'ct_woocommerce_wishlist_check', 1, 1);
143
+
144
+
145
+ // JetPack Contact form
146
+ $jetpack_active_modules = false;
147
+ if(defined('JETPACK__VERSION'))
148
+ {
149
+ if(isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form' ){
150
+ if(JETPACK__VERSION=='3.4-beta')
151
+ {
152
+ add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
153
+ }
154
+ else if(JETPACK__VERSION=='3.4-beta2'||JETPACK__VERSION>='3.4')
155
+ {
156
+ add_filter('jetpack_contact_form_is_spam', 'ct_contact_form_is_spam_jetpack',50,2);
157
+ }
158
+ else
159
+ {
160
+ add_filter('contact_form_is_spam', 'ct_contact_form_is_spam');
161
+ }
162
+ $jetpack_active_modules = get_option('jetpack_active_modules');
163
+ if ((class_exists( 'Jetpack', false) && $jetpack_active_modules && in_array('comments', $jetpack_active_modules)))
164
+ {
165
+ $ct_jp_comments = true;
166
+ }
167
+ }else
168
+ add_filter('grunion_contact_form_field_html', 'ct_grunion_contact_form_field_html', 10, 2);
169
+ }
170
+
171
+ // WP Maintenance Mode (wpmm)
172
+ add_action('wpmm_head', 'apbct_form__wpmm__addField', 1);
173
+
174
+ // Contact Form7
175
+ if(defined('WPCF7_VERSION')){
176
+ add_filter('wpcf7_form_elements', 'apbct_form__contactForm7__addField');
177
+ add_filter('wpcf7_validate', 'apbct_form__contactForm7__tesSpam__before_validate', 999, 2);
178
+ add_filter(WPCF7_VERSION >= '3.0.0' ? 'wpcf7_spam' : 'wpcf7_acceptance', 'apbct_form__contactForm7__testSpam');
179
+ }
180
+
181
+ // Formidable
182
+ add_filter( 'frm_entries_before_create', 'apbct_rorm__formidable__testSpam', 10, 2 );
183
+ add_action( 'frm_entries_footer_scripts', 'apbct_rorm__formidable__footerScripts', 20, 2 );
184
+
185
+ // BuddyPress
186
+ if(class_exists('BuddyPress')){
187
+ add_action('bp_before_registration_submit_buttons','ct_register_form',1);
188
+ add_action('messages_message_before_save', 'apbct_integration__buddyPres__private_msg_check', 1);
189
+ add_filter('bp_signup_validate', 'ct_registration_errors',1);
190
+ add_filter('bp_signup_validate', 'ct_check_registration_erros', 999999);
191
+ }
192
+
193
+ if(defined('PROFILEPRESS_SYSTEM_FILE_PATH')){
194
+ add_filter('pp_registration_validation', 'ct_registration_errors_ppress', 11, 2);
195
+ }
196
+
197
+
198
+ // bbPress
199
+ if(class_exists('bbPress')){
200
+ add_filter('bbp_new_topic_pre_title', 'ct_bbp_get_topic', 1);
201
+ add_filter('bbp_new_topic_pre_content', 'ct_bbp_new_pre_content', 1);
202
+ add_filter('bbp_new_reply_pre_content', 'ct_bbp_new_pre_content', 1);
203
+ add_action('bbp_theme_before_topic_form_content', 'ct_comment_form');
204
+ add_action('bbp_theme_before_reply_form_content', 'ct_comment_form');
205
+ }
206
+
207
+ //Custom Contact Forms
208
+ if(defined('CCF_VERSION'))
209
+ add_filter('ccf_field_validator', 'ct_ccf', 1, 4);
210
+
211
+ add_action('comment_form', 'ct_comment_form');
212
+
213
+ // intercept WordPress Landing Pages POST
214
+ if (defined('LANDINGPAGES_CURRENT_VERSION') && !empty($_POST)){
215
+ if(array_key_exists('action', $_POST) && $_POST['action'] === 'inbound_store_lead'){ // AJAX action(s)
216
+ ct_check_wplp();
217
+ }else if(array_key_exists('inbound_submitted', $_POST) && $_POST['inbound_submitted'] == '1'){ // Final submit
218
+ ct_check_wplp();
219
+ }
220
+ }
221
+
222
+ // S2member. intercept POST
223
+ if (defined('WS_PLUGIN__S2MEMBER_PRO_VERSION')){
224
+ $post_keys = array_keys($_POST);
225
+ foreach($post_keys as $post_key){
226
+
227
+ // Detect POST keys like /s2member_pro.*registration/
228
+ if(strpos($post_key, 's2member') !== false && strpos($post_key, 'registration') !== false){
229
+ ct_s2member_registration_test($post_key);
230
+ break;
231
+ }
232
+ }
233
+ }
234
+
235
+ // New user approve hack
236
+ // https://wordpress.org/plugins/new-user-approve/
237
+ if (ct_plugin_active('new-user-approve/new-user-approve.php')) {
238
+ add_action('register_post', 'ct_register_post', 1, 3);
239
+ }
240
+
241
+ // Wilcity theme registration validation fix
242
+ add_filter( 'wilcity/filter/wiloke-listing-tools/validate-before-insert-account', 'apbct_wilcity_reg_validation', 10, 2 );
243
+
244
+
245
+ // Gravity forms
246
+ if (defined('GF_MIN_WP_VERSION')) {
247
+ add_filter('gform_get_form_filter', 'apbct_form__gravityForms__addField', 10, 2);
248
+ add_filter('gform_entry_is_spam', 'apbct_form__gravityForms__testSpam', 999, 3);
249
+ add_filter('gform_confirmation', 'apbct_form__gravityForms__showResponse', 999, 4 );
250
+ }
251
+
252
+ //Pirate forms
253
+ if(defined('PIRATE_FORMS_VERSION')){
254
+ if(isset($_POST['pirate-forms-contact-name']) && $_POST['pirate-forms-contact-name'] && isset($_POST['pirate-forms-contact-email']) && $_POST['pirate-forms-contact-email'])
255
+ apbct_form__piratesForm__testSpam();
256
+ }
257
+
258
+ // WPForms
259
+ // Adding fields
260
+ add_action('wpforms_frontend_output', 'apbct_form__WPForms__addField', 1000, 5);
261
+ // Gathering data to validate
262
+ add_filter('wpforms_process_before_filter', 'apbct_from__WPForms__gatherData', 100, 2);
263
+ // Do spam check
264
+ add_filter('wpforms_process_initial_errors', 'apbct_form__WPForms__showResponse', 100, 2);
265
+
266
+ // QForms integration
267
+ add_filter( 'quform_post_validate', 'ct_quform_post_validate', 10, 2 );
268
+
269
+ // Ultimate Members
270
+ if (class_exists('UM')) {
271
+ add_action('um_main_register_fields','ct_register_form',100); // Add hidden fileds
272
+ add_action( 'um_submit_form_register', 'apbct_registration__UltimateMembers__check', 9, 1 ); // Check submition
273
+ }
274
+
275
+ // Paid Memberships Pro integration
276
+ add_filter( 'pmpro_required_user_fields', function( $pmpro_required_user_fields ){
277
+
278
+ if(
279
+ ! empty( $pmpro_required_user_fields['username'] ) &&
280
+ ! empty( $pmpro_required_user_fields['bemail'] ) &&
281
+ ! empty( $pmpro_required_user_fields['bconfirmemail'] ) &&
282
+ $pmpro_required_user_fields['bemail'] == $pmpro_required_user_fields['bconfirmemail']
283
+ ) {
284
+ $check = ct_test_registration( $pmpro_required_user_fields['username'], $pmpro_required_user_fields['bemail'], apbct_get_server_variable( 'REMOTE_ADDR' ) );
285
+ if( $check['allow'] == 0 ) {
286
+ pmpro_setMessage( $check['comment'], 'pmpro_error' );
287
+ }
288
+ }
289
+
290
+ return $pmpro_required_user_fields;
291
+
292
+ } );
293
+
294
+ //
295
+ // Load JS code to website footer
296
+ //
297
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
298
+ add_action('wp_head', 'apbct_hook__wp_head__set_cookie__ct_checkjs', 1);
299
+ add_action('wp_footer', 'apbct_hook__wp_footer', 1);
300
+ }
301
+
302
+ if ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) {
303
+ ct_contact_form_validate();
304
+ }
305
+
306
+ if (apbct_is_user_enable()) {
307
+
308
+ if ($apbct->settings['general_contact_forms_test'] == 1 && !isset($_POST['comment_post_ID']) && !isset($_GET['for'])){
309
+ add_action( 'init', 'ct_contact_form_validate', 999 );
310
+ }
311
+ if( apbct_is_post() &&
312
+ $apbct->settings['general_postdata_test'] == 1 &&
313
+ !isset($_POST['ct_checkjs_cf7']) &&
314
+ !is_admin() &&
315
+ !apbct_is_user_role_in(array('administrator', 'moderator'))
316
+ ){
317
+ ct_contact_form_validate_postdata();
318
+ }
319
+ }
320
+ }
321
+
322
+ function apbct_buffer__start(){
323
+ ob_start();
324
+ }
325
+
326
+ function apbct_buffer__end(){
327
+
328
+ if(!ob_get_level())
329
+ return;
330
+
331
+ global $apbct;
332
+ $apbct->buffer = ob_get_contents();
333
+ ob_end_clean();
334
+ }
335
+
336
+ /**
337
+ * Outputs changed buffer
338
+ *
339
+ * @global $apbct
340
+ */
341
+ function apbct_buffer__output(){
342
+
343
+ global $apbct, $wp;
344
+
345
+ if(empty($apbct->buffer))
346
+ return;
347
+
348
+ $site_url = get_option('siteurl');
349
+ $site__host = parse_url($site_url, PHP_URL_HOST);
350
+
351
+ $dom = new DOMDocument();
352
+ @$dom->loadHTML($apbct->buffer);
353
+
354
+ $forms = $dom->getElementsByTagName('form');
355
+
356
+ foreach($forms as $form){
357
+
358
+ $action = $form->getAttribute('action');
359
+ $action = $action ? $action : $site_url;
360
+ $action__host = parse_url($action, PHP_URL_HOST);
361
+
362
+ // Check if the form directed to the third party site
363
+ if($site__host != $action__host){
364
+
365
+ $method = $form->getAttribute('method');
366
+ $method = $method ? $method : 'get';
367
+ // Directs form to our site
368
+ $form->setAttribute('method', 'POST');
369
+ $form->setAttribute('action', home_url(add_query_arg(array(), $wp->request)));
370
+
371
+ // Add cleantalk_hidden_action
372
+ $new_input = $dom->createElement('input');
373
+ $new_input->setAttribute('type', 'hidden');
374
+ $new_input->setAttribute('name', 'cleantalk_hidden_action');
375
+ $new_input->setAttribute('value', $action);
376
+ $form->appendChild($new_input);
377
+
378
+ // Add cleantalk_hidden_method
379
+ $new_input = $dom->createElement('input');
380
+ $new_input->setAttribute('type', 'hidden');
381
+ $new_input->setAttribute('name', 'cleantalk_hidden_method');
382
+ $new_input->setAttribute('value', $method);
383
+ $form->appendChild($new_input);
384
+
385
+ }
386
+
387
+ } unset($form);
388
+
389
+ $html = $dom->getElementsByTagName('html');
390
+
391
+ $output = gettype($html) == 'object' && isset($html[0], $html[0]->childNodes, $html[0]->childNodes[0])
392
+ ? $dom->saveHTML()
393
+ : $apbct->buffer;
394
+
395
+ echo $output;
396
+ die();
397
+ }
398
+
399
+ // MailChimp Premium for Wordpress
400
+ function ct_add_mc4wp_error_message($messages){
401
+
402
+ $messages['ct_mc4wp_response'] = array(
403
+ 'type' => 'error',
404
+ 'text' => 'Your message looks like spam.'
405
+ );
406
+ return $messages;
407
+ }
408
+ add_filter( 'mc4wp_form_messages', 'ct_add_mc4wp_error_message' );
409
+
410
+ /*
411
+ * Function to set validate fucntion for CCF form
412
+ * Input - Сonsistently each form field
413
+ * Returns - String. Validate function
414
+ */
415
+ function ct_ccf($callback, $value, $field_id, $type){
416
+ /*
417
+ if($type == 'name')
418
+ $ct_global_temporary_data['name'] = $value;
419
+ elseif($type == 'email')
420
+ $ct_global_temporary_data['email'] = $value;
421
+ else
422
+ $ct_global_temporary_data[] = $value;
423
+ //*/
424
+ return 'ct_validate_ccf_submission';
425
+ }
426
+ /*
427
+ * Validate function for CCF form. Gatheering data. Multiple calls.
428
+ * Input - void. Global $ct_global_temporary_data
429
+ * Returns - String. CleanTalk comment.
430
+ */
431
+ $ct_global_temporary_data = array();
432
+ function ct_validate_ccf_submission($value, $field_id, $required){
433
+ global $ct_global_temporary_data, $apbct;
434
+
435
+
436
+
437
+ //If the check for contact forms enabled
438
+ if(!$apbct->settings['contact_forms_test']) {
439
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
440
+ return true;
441
+ }
442
+
443
+ //If the check for logged in users enabled
444
+ if($apbct->settings['protect_logged_in'] == 1 && is_user_logged_in()) {
445
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
446
+ return true;
447
+ }
448
+
449
+
450
+ //Accumulate data
451
+ $ct_global_temporary_data[] = $value;
452
+
453
+ //If it's the last field of the form
454
+ (!isset($ct_global_temporary_data['count']) ? $ct_global_temporary_data['count'] = 1 : $ct_global_temporary_data['count']++);
455
+ $form_id = $_POST['form_id'];
456
+ if($ct_global_temporary_data['count'] != count(get_post_meta( $form_id, 'ccf_attached_fields', true ))) {
457
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
458
+ return true;
459
+ }
460
+
461
+ unset($ct_global_temporary_data['count']);
462
+
463
+ //Getting request params
464
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
465
+
466
+ unset($ct_global_temporary_data);
467
+
468
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
469
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
470
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
471
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
472
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
473
+
474
+ if ($subject != '')
475
+ $message['subject'] = $subject;
476
+
477
+ $post_info['comment_type'] = 'feedback_custom_contact_forms';
478
+ $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
479
+
480
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
481
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
482
+ : apbct_js_test('ct_checkjs', $_POST);
483
+
484
+ //Making a call
485
+ $base_call_result = apbct_base_call(
486
+ array(
487
+ 'message' => $message,
488
+ 'sender_email' => $sender_email,
489
+ 'sender_nickname' => $sender_nickname,
490
+ 'post_info' => $post_info,
491
+ 'js_on' => $checkjs,
492
+ 'sender_info' => array('sender_url' => null),
493
+ )
494
+ );
495
+
496
+ $ct_result = $base_call_result['ct_result'];
497
+
498
+ return $ct_result->allow == 0 ? $ct_result->comment : true;;
499
+ }
500
+
501
+ function ct_woocommerce_wishlist_check($args){
502
+ global $apbct;
503
+
504
+
505
+
506
+ //Protect logged in users
507
+ if($args['wishlist_status'])
508
+ if($apbct->settings['protect_logged_in'] == 0) {
509
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
510
+ return $args;
511
+ }
512
+
513
+
514
+ //If the IP is a Google bot
515
+ $hostname = gethostbyaddr( apbct_get_server_variable( 'REMOTE_ADDR' ) );
516
+ if(!strpos($hostname, 'googlebot.com')) {
517
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
518
+ return $args;
519
+ }
520
+
521
+
522
+ //Getting request params
523
+ $message = '';
524
+ $subject = '';
525
+ $email = $args['wishlist_owner_email'];
526
+ if($args['wishlist_first_name']!='' || $args['wishlist_last_name']!='')
527
+ $nickname = trim($args['wishlist_first_name']." ".$args['wishlist_last_name']);
528
+ else
529
+ $nickname = '';
530
+
531
+ $post_info['comment_type'] = 'feedback';
532
+ $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
533
+
534
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
535
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
536
+ : apbct_js_test('ct_checkjs', $_POST);
537
+
538
+ //Making a call
539
+ $base_call_result = apbct_base_call(
540
+ array(
541
+ 'message' => $subject." ".$message,
542
+ 'sender_email' => $email,
543
+ 'sender_nickname' => $nickname,
544
+ 'post_info' => $post_info,
545
+ 'js_on' => $checkjs,
546
+ 'sender_info' => array('sender_url' => null),
547
+ )
548
+ );
549
+
550
+ $ct_result = $base_call_result['ct_result'];
551
+
552
+ if ($ct_result->allow == 0)
553
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
554
+ else
555
+ return $args;
556
+ }
557
+
558
+ function apbct_integration__buddyPres__getTemplateName( $located, $template_name, $template_names, $template_locations, $load, $require_once ) {
559
+ global $apbct;
560
+ preg_match("/\/([a-z-_]+)\/buddypress-functions\.php$/", $located, $matches);
561
+ $apbct->buddy_press_tmpl = isset($matches[1]) ? $matches[1] : 'unknown';
562
+ }
563
+
564
+ /**
565
+ * Test BuddyPress activity for spam (post update only)
566
+ *
567
+ * @global SpbcState $apbct
568
+ * @param bool $is_spam
569
+ * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
570
+ * @return boolean Spam flag
571
+ */
572
+ function apbct_integration__buddyPres__activityWall( $is_spam, $activity_obj = null ){
573
+
574
+ global $apbct;
575
+
576
+ $allowed_post_actions = array('post_update', 'new_activity_comment');
577
+
578
+ if( ! in_array(\Cleantalk\Variables\Post::get('action'), $allowed_post_actions) ||
579
+ $activity_obj === null ||
580
+ ! \Cleantalk\Variables\Post::get('action') ||
581
+ $activity_obj->privacy == 'media' ||
582
+ apbct_exclusions_check()
583
+ ) {
584
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
585
+ return false;
586
+ }
587
+
588
+ $curr_user = get_user_by('id', $activity_obj->user_id);
589
+
590
+ //Making a call
591
+ $base_call_result = apbct_base_call(
592
+ array(
593
+ 'message' => is_string($activity_obj->content) ? $activity_obj->content : '',
594
+ 'sender_email' => $curr_user->data->user_email,
595
+ 'sender_nickname' => $curr_user->data->user_login,
596
+ 'post_info' => array(
597
+ 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ),
598
+ 'comment_type' => 'buddypress_activitywall',
599
+ ),
600
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
601
+ 'sender_info' => array('sender_url' => null),
602
+ )
603
+ );
604
+
605
+ $ct_result = $base_call_result['ct_result'];
606
+
607
+ if ($ct_result->allow == 0){
608
+ add_action('bp_activity_after_save', 'apbct_integration__buddyPres__activityWall_showResponse', 1, 1);
609
+ $apbct->spam_notification = $ct_result->comment;
610
+ return true;
611
+ }else
612
+ return $is_spam;
613
+ }
614
+
615
+ /**
616
+ * Outputs message to AJAX frontend handler
617
+ *
618
+ * @global SpbcState $apbct
619
+ * @param BP_Activity_Activity $activity_obj Activity object (\plugins\buddypress\bp-activity\classes\class-bp-activity-activity.php)
620
+ */
621
+ function apbct_integration__buddyPres__activityWall_showResponse( $activity_obj ){
622
+
623
+ global $apbct;
624
+
625
+ // Legacy template
626
+ if($apbct->buddy_press_tmpl === 'bp-legacy'){
627
+ die('<div id="message" class="error bp-ajax-message"><p>'. $apbct->spam_notification .'</p></div>');
628
+ // Nouveau tamplate and others
629
+ }else{
630
+ @header( 'Content-Type: application/json; charset=' . get_option('blog_charset'));
631
+ die(json_encode(array(
632
+ 'success' => false,
633
+ 'data' => array('message' => $apbct->spam_notification),
634
+ )));
635
+ }
636
+ }
637
+
638
+ /**
639
+ * Public function - Tests new private messages (dialogs)
640
+ *
641
+ * @global SpbcState $apbct
642
+ * @param type $bp_message_obj
643
+ * @return void|array with errors if spam has found
644
+ */
645
+ function apbct_integration__buddyPres__private_msg_check( $bp_message_obj){
646
+
647
+ global $apbct;
648
+
649
+ //Check for enabled option
650
+ if(
651
+ $apbct->settings['bp_private_messages'] == 0 ||
652
+ apbct_exclusions_check()
653
+ ) {
654
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
655
+ return;
656
+ }
657
+
658
+
659
+ //Check for quantity of comments
660
+ $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER')
661
+ ? CLEANTALK_CHECK_COMMENTS_NUMBER
662
+ : 3;
663
+
664
+ if($apbct->settings['check_comments_number']){
665
+ $args = array(
666
+ 'user_id' => $bp_message_obj->sender_id,
667
+ 'box' => 'sentbox',
668
+ 'type' => 'all',
669
+ 'limit' => $comments_check_number,
670
+ 'page' => null,
671
+ 'search_terms' => '',
672
+ 'meta_query' => array()
673
+ );
674
+ $sentbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
675
+ $cnt_sentbox_msgs = $sentbox_msgs['total'];
676
+ $args['box'] = 'inbox';
677
+ $inbox_msgs = BP_Messages_Thread::get_current_threads_for_user($args);
678
+ $cnt_inbox_msgs = $inbox_msgs['total'];
679
+
680
+ if(($cnt_inbox_msgs + $cnt_sentbox_msgs) >= $comments_check_number)
681
+ $is_max_comments = true;
682
+ }
683
+
684
+ if(!empty($is_max_comments)) {
685
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
686
+ return;
687
+ }
688
+
689
+
690
+ $sender_user_obj = get_user_by('id', $bp_message_obj->sender_id);
691
+
692
+ //Making a call
693
+ $base_call_result = apbct_base_call(
694
+ array(
695
+ 'message' => $bp_message_obj->subject." ".$bp_message_obj->message,
696
+ 'sender_email' => $sender_user_obj->data->user_email,
697
+ 'sender_nickname' => $sender_user_obj->data->user_login,
698
+ 'post_info' => array(
699
+ 'comment_type' => 'buddypress_comment',
700
+ 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ),
701
+ ),
702
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE)
703
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
704
+ : apbct_js_test('ct_checkjs', $_POST),
705
+ 'sender_info' => array('sender_url' => null),
706
+ )
707
+ );
708
+
709
+ $ct_result = $base_call_result['ct_result'];
710
+
711
+ if ($ct_result->allow == 0)
712
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
713
+ }
714
+
715
+ /**
716
+ * Adds hiden filed to deafualt serach form
717
+ *
718
+ * @param $form string
719
+ * @return string
720
+ */
721
+ function apbct_forms__search__addField( $form ){
722
+ global $apbct;
723
+ if($apbct->settings['search_test'] == 1){
724
+ $js_filed = ct_add_hidden_fields('ct_checkjs_search_default', true, false, false, false);
725
+ $form = str_replace('</form>', $js_filed, $form);
726
+ }
727
+ return $form;
728
+ }
729
+
730
+ /**
731
+ * Test default search string for spam
732
+ *
733
+ * @param $search string
734
+ * @return string
735
+ */
736
+ function apbct_forms__search__testSpam( $search ){
737
+
738
+ global $apbct, $cleantalk_executed;
739
+
740
+ if(
741
+ empty($search) ||
742
+ $cleantalk_executed ||
743
+ $apbct->settings['search_test'] == 0 ||
744
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
745
+ ){
746
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
747
+ return $search;
748
+ }
749
+
750
+ if(apbct_is_user_logged_in())
751
+ $user = wp_get_current_user();
752
+
753
+ $base_call_result = apbct_base_call(
754
+ array(
755
+ 'message' => $search,
756
+ 'sender_email' => !empty($user) ? $user->user_email : null,
757
+ 'sender_nickname' => !empty($user) ? $user->user_login : null,
758
+ 'post_info' => array('comment_type' => 'site_search_wordpress'),
759
+ //'js_on' => apbct_js_test('ct_checkjs_search_default', $_GET, true),
760
+ )
761
+ );
762
+ $ct_result = $base_call_result['ct_result'];
763
+
764
+ $cleantalk_executed = true;
765
+
766
+ if ($ct_result->allow == 0){
767
+ die($ct_result->comment);
768
+ }
769
+
770
+ return $search;
771
+ }
772
+
773
+ function apbct_search_add_noindex() {
774
+
775
+ global $apbct;
776
+
777
+ if(
778
+ ! is_search() || // If it is search results
779
+ $apbct->settings['search_test'] == 0 ||
780
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
781
+ ){
782
+ return ;
783
+ }
784
+
785
+ echo '<!-- meta by Cleantalk AntiSpam Protection plugin -->' . "\n";
786
+ echo '<meta name="robots" content="noindex,nofollow" />' . "\n";
787
+
788
+ }
789
+
790
+ /**
791
+ * Test woocommerce checkout form for spam
792
+ *
793
+ */
794
+ function ct_woocommerce_checkout_check() {
795
+
796
+ //Getting request params
797
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
798
+
799
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
800
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
801
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
802
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
803
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
804
+
805
+ if($subject != '')
806
+ $message = array_merge(array('subject' => $subject), $message);
807
+
808
+ $post_info['comment_type'] = 'order';
809
+ $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
810
+
811
+ //Making a call
812
+ $base_call_result = apbct_base_call(
813
+ array(
814
+ 'message' => $message,
815
+ 'sender_email' => $sender_email,
816
+ 'sender_nickname' => $sender_nickname,
817
+ 'post_info' => $post_info,
818
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
819
+ 'sender_info' => array('sender_url' => null),
820
+ )
821
+ );
822
+
823
+ $ct_result = $base_call_result['ct_result'];
824
+
825
+ if ($ct_result->allow == 0) {
826
+ wp_send_json(array(
827
+ 'result' => 'failure',
828
+ 'messages' => "<ul class=\"woocommerce-error\"><li>".$ct_result->comment."</li></ul>",
829
+ 'refresh' => 'false',
830
+ 'reload' => 'false'
831
+ ));
832
+ }
833
+ }
834
+
835
+ /**
836
+ * Public function - Tests for Pirate contact froms
837
+ * return NULL
838
+ */
839
+ function apbct_form__piratesForm__testSpam(){
840
+
841
+ global $apbct;
842
+
843
+ //Check for enabled option
844
+ if( !$apbct->settings['contact_forms_test']) {
845
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
846
+ return;
847
+ }
848
+
849
+
850
+ //Getting request params
851
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
852
+
853
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
854
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
855
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
856
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
857
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
858
+
859
+ if($subject != '')
860
+ $message = array_merge(array('subject' => $subject), $message);
861
+
862
+ $post_info['comment_type'] = 'contact_form_wordpress_feedback_pirate';
863
+ $post_info['post_url'] = apbct_get_server_variable( 'HTTP_REFERER' );
864
+
865
+ //Making a call
866
+ $base_call_result = apbct_base_call(
867
+ array(
868
+ 'message' => $message,
869
+ 'sender_email' => $sender_email,
870
+ 'sender_nickname' => $sender_nickname,
871
+ 'post_info' => $post_info,
872
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
873
+ 'sender_info' => array('sender_url' => null),
874
+ )
875
+ );
876
+
877
+ $ct_result = $base_call_result['ct_result'];
878
+
879
+ if ($ct_result->allow == 0)
880
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
881
+ }
882
+
883
+ /**
884
+ * Adds hidden filed to comment form
885
+ */
886
+ function ct_comment_form($post_id){
887
+
888
+ global $apbct;
889
+
890
+ if (apbct_is_user_enable() === false) {
891
+ return false;
892
+ }
893
+
894
+ if ( !$apbct->settings['comments_test']) {
895
+ return false;
896
+ }
897
+
898
+ ct_add_hidden_fields('ct_checkjs', false, false);
899
+
900
+ return null;
901
+ }
902
+
903
+ /**
904
+ * Adds cookie script filed to head
905
+ */
906
+ function apbct_hook__wp_head__set_cookie__ct_checkjs() {
907
+
908
+ ct_add_hidden_fields('ct_checkjs', false, true, true);
909
+
910
+ return null;
911
+ }
912
+
913
+ /**
914
+ * Adds cookie script filed to footer
915
+ */
916
+ function apbct_hook__wp_footer() {
917
+
918
+ //ct_add_hidden_fields(true, 'ct_checkjs', false, true, true);
919
+
920
+ return null;
921
+ }
922
+
923
+ /**
924
+ * Adds hidden filed to define avaialbility of client's JavaScript
925
+ * @param bool $random_key switch on generation random key for every page load
926
+ */
927
+ function ct_add_hidden_fields($field_name = 'ct_checkjs', $return_string = false, $cookie_check = false, $no_print = false, $ajax = true) {
928
+
929
+ global $ct_checkjs_def, $apbct;
930
+
931
+ $ct_checkjs_key = ct_get_checkjs_value();
932
+ $field_id_hash = md5(rand(0, 1000));
933
+
934
+ // Using only cookies
935
+ if ($cookie_check && $apbct->settings['set_cookies'] == 1) {
936
+
937
+ $html = "<script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
938
+ function ctSetCookie___from_backend(c_name, value) {
939
+ document.cookie = c_name + \"=\" + encodeURIComponent(value) + \"; path=/; samesite=lax\";
940
+ }
941
+ ctSetCookie___from_backend('{$field_name}', '{$ct_checkjs_key}', '{$ct_checkjs_def}');
942
+ </script>";
943
+
944
+ // Using AJAX to get key
945
+ }elseif($apbct->settings['use_ajax'] && $ajax){
946
+
947
+ // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
948
+ if($no_print)
949
+ return;
950
+
951
+ $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
952
+ $field_id = $field_name . '_' . $field_id_hash;
953
+ $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
954
+ <script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
955
+ window.addEventListener('DOMContentLoaded', function () {
956
+ setTimeout(function(){
957
+ apbct_public_sendAJAX(
958
+ {action: 'apbct_js_keys__get'},
959
+ {callback: apbct_js_keys__set_input_value, input_name: '{$field_id}',silent: true, no_nonce: true}
960
+ );
961
+ }, 1000);
962
+ });
963
+ </script>";
964
+
965
+ // Set KEY from backend
966
+ }else{
967
+ // Fix only for wp_footer -> apbct_hook__wp_head__set_cookie__ct_checkjs()
968
+ if($no_print)
969
+ return;
970
+
971
+ $ct_input_challenge = sprintf("'%s'", $ct_checkjs_key);
972
+ $field_id = $field_name . '_' . $field_id_hash;
973
+ $html = "<input type='hidden' id='{$field_id}' name='{$field_name}' value='{$ct_checkjs_def}' />
974
+ <script type='text/javascript' " . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . ">
975
+ setTimeout(function(){
976
+ var ct_input_name = '{$field_id}';
977
+ if (document.getElementById(ct_input_name) !== null) {
978
+ var ct_input_value = document.getElementById(ct_input_name).value;
979
+ document.getElementById(ct_input_name).value = document.getElementById(ct_input_name).value.replace(ct_input_value, {$ct_input_challenge});
980
+ }
981
+ }, 1000);
982
+ </script>";
983
+ }
984
+
985
+ // Simplify JS code and Fixing issue with wpautop()
986
+ $html = str_replace(array("\n","\r","\t"),'', $html);
987
+
988
+ if ($return_string === true) {
989
+ return $html;
990
+ } else {
991
+ echo $html;
992
+ }
993
+ }
994
+
995
+ /**
996
+ * Public function - Insert JS code for spam tests
997
+ * return null;
998
+ */
999
+ function apbct_rorm__formidable__footerScripts($fields, $form) {
1000
+
1001
+ global $apbct, $ct_checkjs_frm;
1002
+
1003
+ if ( !$apbct->settings['contact_forms_test'])
1004
+ return false;
1005
+
1006
+ $ct_checkjs_key = ct_get_checkjs_value();
1007
+ $ct_frm_base_name = 'form_';
1008
+ $ct_frm_name = $ct_frm_base_name . $form->form_key;
1009
+
1010
+ echo "var input = document.createElement('input');
1011
+ input.setAttribute('type', 'hidden');
1012
+ input.setAttribute('name', '$ct_checkjs_frm');
1013
+ input.setAttribute('value', '$ct_checkjs_key');
1014
+ for (i = 0; i < document.forms.length; i++) {
1015
+ if (typeof document.forms[i].id == 'string'){
1016
+ if(document.forms[i].id.search('$ct_frm_name') != -1) {
1017
+ document.forms[i].appendChild(input);
1018
+ }
1019
+ }
1020
+ }";
1021
+
1022
+ /* Excessive cookie set
1023
+ $js_code = ct_add_hidden_fields(true, 'ct_checkjs', true, true);
1024
+ $js_code = strip_tags($js_code); // Removing <script> tag
1025
+ echo $js_code;
1026
+ //*/
1027
+ }
1028
+
1029
+ /**
1030
+ * Public function - Test Formidable data for spam activity
1031
+ * @param $errors
1032
+ * @param $form
1033
+ *
1034
+ * @return array with errors if spam has found
1035
+ */
1036
+ function apbct_rorm__formidable__testSpam ( $errors, $form ) {
1037
+
1038
+ global $apbct;
1039
+
1040
+ if ( !$apbct->settings['contact_forms_test']) {
1041
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1042
+ return $errors;
1043
+ }
1044
+
1045
+ // Skip processing for logged in users.
1046
+ if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in()) {
1047
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1048
+ return $errors;
1049
+ }
1050
+
1051
+ $ct_temp_msg_data = ct_get_fields_any($_POST['item_meta']);
1052
+
1053
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
1054
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
1055
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
1056
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
1057
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
1058
+
1059
+ // Adding 'input_meta[]' to every field /Formidable fix/
1060
+ $message = array_flip($message);
1061
+ foreach($message as &$value){
1062
+ $value = 'item_meta['.$value.']';
1063
+ } unset($value);
1064
+ $message = array_flip($message);
1065
+
1066
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1067
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
1068
+ : apbct_js_test('ct_checkjs', $_POST);
1069
+
1070
+ $base_call_result = apbct_base_call(
1071
+ array(
1072
+ 'message' => $message,
1073
+ 'sender_email' => $sender_email,
1074
+ 'sender_nickname' => $sender_nickname,
1075
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_formidable'),
1076
+ 'js_on' => $checkjs
1077
+ )
1078
+ );
1079
+ $ct_result = $base_call_result['ct_result'];
1080
+
1081
+ if ($ct_result->allow == 0) {
1082
+ $errors['ct_error'] = '<br /><b>' . $ct_result->comment . '</b><br /><br />';
1083
+ }
1084
+
1085
+ return $errors;
1086
+ }
1087
+
1088
+ /**
1089
+ * Public filter 'bbp_*' - Get new topic name to global $ct_bbp_topic
1090
+ * @param mixed[] $comment Comment string
1091
+ * @return mixed[] $comment Comment string
1092
+ */
1093
+ function ct_bbp_get_topic($topic){
1094
+ global $ct_bbp_topic;
1095
+
1096
+ $ct_bbp_topic=$topic;
1097
+
1098
+ return $topic;
1099
+ }
1100
+
1101
+ /**
1102
+ * Public filter 'bbp_*' - Checks topics, replies by cleantalk
1103
+ * @param mixed[] $comment Comment string
1104
+ * @return mixed[] $comment Comment string
1105
+ */
1106
+ function ct_bbp_new_pre_content ($comment) {
1107
+
1108
+ global $apbct, $current_user;
1109
+
1110
+ if ( !$apbct->settings['comments_test']) {
1111
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1112
+ return $comment;
1113
+ }
1114
+
1115
+ // Skip processing for logged in users and admin.
1116
+ if ( !$apbct->settings['protect_logged_in'] && is_user_logged_in() ||
1117
+ apbct_exclusions_check()
1118
+ ) {
1119
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1120
+ return $comment;
1121
+ }
1122
+
1123
+
1124
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1125
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
1126
+ : apbct_js_test('ct_checkjs', $_POST);
1127
+
1128
+ $post_info['comment_type'] = 'bbpress_comment';
1129
+ $post_info['post_url'] = bbp_get_topic_permalink();
1130
+
1131
+ if( is_user_logged_in() ) {
1132
+ $sender_email = $current_user->user_email;
1133
+ $sender_nickname = $current_user->display_name;
1134
+ } else {
1135
+ $sender_email = isset($_POST['bbp_anonymous_email']) ? $_POST['bbp_anonymous_email'] : null;
1136
+ $sender_nickname = isset($_POST['bbp_anonymous_name']) ? $_POST['bbp_anonymous_name'] : null;
1137
+ }
1138
+
1139
+ $base_call_result = apbct_base_call(
1140
+ array(
1141
+ 'message' => $comment,
1142
+ 'sender_email' => $sender_email,
1143
+ 'sender_nickname' => $sender_nickname,
1144
+ 'post_info' => $post_info,
1145
+ 'js_on' => $checkjs,
1146
+ 'sender_info' => array('sender_url' => isset($_POST['bbp_anonymous_website']) ? $_POST['bbp_anonymous_website'] : null),
1147
+ )
1148
+ );
1149
+ $ct_result = $base_call_result['ct_result'];
1150
+
1151
+ if ($ct_result->allow == 0) {
1152
+ bbp_add_error('bbp_reply_content', $ct_result->comment);
1153
+ }
1154
+
1155
+ return $comment;
1156
+ }
1157
+
1158
+ function apbct_comment__sanitize_data__before_wp_die($function){
1159
+
1160
+ global $apbct;
1161
+
1162
+ $comment_data = wp_unslash($_POST);
1163
+
1164
+ $user_ID = 0;
1165
+
1166
+ $comment_type = '';
1167
+
1168
+ $comment_content = isset($comment_data['comment']) ? (string) $comment_data['comment'] : null;
1169
+ $comment_parent = isset($comment_data['comment_parent']) ? (int) absint($comment_data['comment_parent']) : null;
1170
+
1171
+ $comment_author = isset($comment_data['author']) ? (string) trim(strip_tags($comment_data['author'])) : null;
1172
+ $comment_author_email = isset($comment_data['email']) ? (string) trim($comment_data['email']) : null;
1173
+ $comment_author_url = isset($comment_data['url']) ? (string) trim($comment_data['url']) : null;
1174
+ $comment_post_ID = isset($comment_data['comment_post_ID']) ? (int) $comment_data['comment_post_ID'] : null;
1175
+
1176
+ if(isset($comment_content, $comment_parent)){
1177
+
1178
+ $user = function_exists('apbct_wp_get_current_user') ? apbct_wp_get_current_user() : null;
1179
+
1180
+ if($user && $user->exists()){
1181
+ $comment_author = empty($user->display_name) ? $user->user_login : $user->display_name;
1182
+ $comment_author_email = $user->user_email;
1183
+ $comment_author_url = $user->user_url;
1184
+ $user_ID = $user->ID;
1185
+ }
1186
+
1187
+ $apbct->comment_data = compact(
1188
+ 'comment_post_ID',
1189
+ 'comment_author',
1190
+ 'comment_author_email',
1191
+ 'comment_author_url',
1192
+ 'comment_content',
1193
+ 'comment_type',
1194
+ 'comment_parent',
1195
+ 'user_ID'
1196
+ );
1197
+
1198
+ $function = 'apbct_comment__check_via_wp_die';
1199
+
1200
+ }
1201
+
1202
+ return $function;
1203
+ }
1204
+
1205
+ function apbct_comment__check_via_wp_die($message, $title, $args){
1206
+ if($title == __('Comment Submission Failure')){
1207
+ global $apbct;
1208
+ $apbct->validation_error = $message;
1209
+ ct_preprocess_comment($apbct->comment_data);
1210
+ }
1211
+ _default_wp_die_handler($message, $title, $args);
1212
+ }
1213
+
1214
+ /**
1215
+ * Public filter 'preprocess_comment' - Checks comment by cleantalk server
1216
+ * @param mixed[] $comment Comment data array
1217
+ * @return mixed[] New data array of comment
1218
+ */
1219
+ function ct_preprocess_comment($comment) {
1220
+ // this action is called just when WP process POST request (adds new comment)
1221
+ // this action is called by wp-comments-post.php
1222
+ // after processing WP makes redirect to post page with comment's form by GET request (see above)
1223
+ global $current_user, $comment_post_id, $ct_comment_done, $ct_jp_comments, $apbct;
1224
+
1225
+ // Send email notification for chosen groups of users
1226
+ if($apbct->settings['comment_notify'] && !empty($apbct->settings['comment_notify__roles']) && $apbct->data['moderate']){
1227
+
1228
+ add_filter('notify_post_author', 'apbct_comment__Wordpress__doNotify', 100, 2);
1229
+
1230
+ $users = get_users(array(
1231
+ 'role__in' => $apbct->settings['comment_notify__roles'],
1232
+ 'fileds' => array('user_email')
1233
+ ));
1234
+
1235
+ if($users){
1236
+ add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotificationGroups', 100, 2);
1237
+ add_filter('comment_notification_recipients', 'apbct_comment__Wordpress__changeMailNotificationRecipients', 100, 2);
1238
+ foreach($users as $user){
1239
+ $emails[] = $user->user_email;
1240
+ }
1241
+ $apbct->comment_notification_recipients = json_encode($emails);
1242
+ }
1243
+ }
1244
+
1245
+ // Skip processing admin.
1246
+ if (in_array("administrator", $current_user->roles)){
1247
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1248
+ return $comment;
1249
+ }
1250
+
1251
+
1252
+ $comments_check_number = defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3;
1253
+
1254
+ if($apbct->settings['check_comments_number']){
1255
+ $args = array(
1256
+ 'author_email' => $comment['comment_author_email'],
1257
+ 'status' => 'approve',
1258
+ 'count' => false,
1259
+ 'number' => $comments_check_number,
1260
+ );
1261
+ $cnt = count(get_comments($args));
1262
+ $is_max_comments = $cnt >= $comments_check_number ? true : false;
1263
+ }
1264
+
1265
+ if (
1266
+ ($comment['comment_type']!='trackback') &&
1267
+ (
1268
+ apbct_is_user_enable() === false ||
1269
+ $apbct->settings['comments_test'] == 0 ||
1270
+ $ct_comment_done ||
1271
+ (isset($_SERVER['HTTP_REFERER']) && stripos($_SERVER['HTTP_REFERER'],'page=wysija_campaigns&action=editTemplate')!==false) ||
1272
+ (isset($is_max_comments) && $is_max_comments) ||
1273
+ (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['REQUEST_URI'],'/wp-admin/')!==false)
1274
+ )
1275
+ )
1276
+ {
1277
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1278
+ return $comment;
1279
+ }
1280
+
1281
+ $local_blacklists = apbct_wp_blacklist_check(
1282
+ $comment['comment_author'],
1283
+ $comment['comment_author_email'],
1284
+ $comment['comment_author_url'],
1285
+ $comment['comment_content'],
1286
+ apbct_get_server_variable( 'REMOTE_ADDR' ),
1287
+ apbct_get_server_variable( 'HTTP_USER_AGENT' )
1288
+ );
1289
+
1290
+ // Go out if author in local blacklists
1291
+ if ($comment['comment_type']!='trackback' && $local_blacklists === true) {
1292
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1293
+ return $comment;
1294
+ }
1295
+
1296
+ // Skip pingback anti-spam test
1297
+ /*if ($comment['comment_type'] == 'pingback') {
1298
+ return $comment;
1299
+ }*/
1300
+
1301
+ $ct_comment_done = true;
1302
+
1303
+ $comment_post_id = $comment['comment_post_ID'];
1304
+
1305
+ // JetPack comments logic
1306
+ $post_info['comment_type'] = $ct_jp_comments ? 'jetpack_comment' : $comment['comment_type'];
1307
+ $post_info['post_url'] = ct_post_url(null, $comment_post_id);
1308
+
1309
+ // Comment type
1310
+ $post_info['comment_type'] = empty($post_info['comment_type']) ? 'general_comment' : $post_info['comment_type'];
1311
+
1312
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE)
1313
+ ? apbct_js_test('ct_checkjs', $_COOKIE)
1314
+ : apbct_js_test('ct_checkjs', $_POST);
1315
+
1316
+
1317
+ $example = null;
1318
+ if ($apbct->data['relevance_test']) {
1319
+ $post = get_post($comment_post_id);
1320
+ if ($post !== null){
1321
+ $example['title'] = $post->post_title;
1322
+ $example['body'] = $post->post_content;
1323
+ $example['comments'] = null;
1324
+
1325
+ $last_comments = get_comments(array('status' => 'approve', 'number' => 10, 'post_id' => $comment_post_id));
1326
+ foreach ($last_comments as $post_comment){
1327
+ $example['comments'] .= "\n\n" . $post_comment->comment_content;
1328
+ }
1329
+
1330
+ $example = json_encode($example);
1331
+ }
1332
+
1333
+ // Use plain string format if've failed with JSON
1334
+ if ($example === false || $example === null){
1335
+ $example = ($post->post_title !== null) ? $post->post_title : '';
1336
+ $example .= ($post->post_content !== null) ? "\n\n" . $post->post_content : '';
1337
+ }
1338
+ }
1339
+
1340
+ $base_call_result = apbct_base_call(
1341
+ array(
1342
+ 'message' => $comment['comment_content'],
1343
+ 'example' => $example,
1344
+ 'sender_email' => $comment['comment_author_email'],
1345
+ 'sender_nickname' => $comment['comment_author'],
1346
+ 'post_info' => $post_info,
1347
+ 'js_on' => $checkjs,
1348
+ 'sender_info' => array(
1349
+ 'sender_url' => @$comment['comment_author_url'],
1350
+ 'form_validation' => !isset($apbct->validation_error)
1351
+ ? null
1352
+ : json_encode(array(
1353
+ 'validation_notice' => $apbct->validation_error,
1354
+ 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
1355
+ ))
1356
+ ),
1357
+ )
1358
+ );
1359
+ $ct_result = $base_call_result['ct_result'];
1360
+
1361
+ ct_hash($ct_result->id);
1362
+
1363
+ //Don't check trusted users
1364
+ if (isset($comment['comment_author_email'])){
1365
+ $approved_comments = get_comments(array('status' => 'approve', 'count' => true, 'author_email' => $comment['comment_author_email']));
1366
+ $new_user = $approved_comments == 0 ? true : false;
1367
+ }
1368
+
1369
+ // Change comment flow only for new authors
1370
+ if (!empty($new_user) || $ct_result->stop_words !== null || $ct_result->spam == 1)
1371
+ add_action('comment_post', 'ct_set_meta', 10, 2);
1372
+
1373
+ if($ct_result->allow){ // Pass if allowed
1374
+ if(get_option('comment_moderation') === '1') // Wordpress moderation flag
1375
+ add_filter('pre_comment_approved', 'ct_set_not_approved', 999, 2);
1376
+ else
1377
+ add_filter('pre_comment_approved', 'ct_set_approved', 999, 2);
1378
+ // Modify the email notification
1379
+ add_filter('comment_notification_text', 'apbct_comment__wordpress__show_blacklists', 100, 2); // Add two blacklist links: by email and IP
1380
+ }else{
1381
+
1382
+ global $ct_comment, $ct_stop_words;
1383
+
1384
+ $ct_comment = $ct_result->comment;
1385
+ $ct_stop_words = $ct_result->stop_words;
1386
+
1387
+ $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_result->comment;
1388
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1389
+
1390
+ // Terminate. Definitely spam.
1391
+ if($ct_result->stop_queue == 1)
1392
+ wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1393
+
1394
+ // Terminate by user's setting.
1395
+ if($ct_result->spam == 3)
1396
+ wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1397
+
1398
+ // Trash comment.
1399
+ if($ct_result->spam == 2){
1400
+ add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1401
+ add_action('comment_post', 'ct_wp_trash_comment', 997, 2);
1402
+ }
1403
+
1404
+ // Spam comment
1405
+ if($ct_result->spam == 1)
1406
+ add_filter('pre_comment_approved', 'ct_set_comment_spam', 997, 2);
1407
+
1408
+ // Move to pending folder. Contains stop_words.
1409
+ if($ct_result->stop_words){
1410
+ add_filter('pre_comment_approved', 'ct_set_not_approved', 998, 2);
1411
+ add_action('comment_post', 'ct_mark_red', 998, 2);
1412
+ }
1413
+
1414
+ add_action('comment_post', 'ct_die', 999, 2);
1415
+ }
1416
+
1417
+ if($apbct->settings['remove_comments_links'] == 1){
1418
+ $comment['comment_content'] = preg_replace("~(http|https|ftp|ftps)://(.*?)(\s|\n|[,.?!](\s|\n)|$)~", '[Link deleted]', $comment['comment_content']);
1419
+ }
1420
+
1421
+ // Change mail notification if license is out of date
1422
+ if($apbct->data['moderate'] == 0){
1423
+ $apbct->sender_email = $comment['comment_author_email'];
1424
+ $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
1425
+ add_filter('comment_moderation_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment sent to moderation
1426
+ add_filter('comment_notification_text', 'apbct_comment__Wordpress__changeMailNotification', 100, 2); // Comment approved
1427
+ }
1428
+
1429
+ return $comment;
1430
+ }
1431
+
1432
+ /**
1433
+ * Changes whether notify admin/athor or not.
1434
+ *
1435
+ * @param bool $maybe_notify notify flag
1436
+ * @param int $comment_ID Comment id
1437
+ * @return bool flag
1438
+ */
1439
+ function apbct_comment__Wordpress__doNotify($maybe_notify, $comment_ID){
1440
+ return true;
1441
+ }
1442
+
1443
+ /**
1444
+ * Add notification setting link
1445
+ *
1446
+ * @param string $notify_message
1447
+ * @param integer $comment_id
1448
+ *
1449
+ * @return string
1450
+ */
1451
+ function apbct_comment__Wordpress__changeMailNotificationGroups($notify_message, $comment_id){
1452
+ return $notify_message
1453
+ .PHP_EOL
1454
+ .'---'.PHP_EOL
1455
+ .'Manage notifications settings: '.get_site_url().'/wp-admin/options-general.php?page=cleantalk';
1456
+ }
1457
+
1458
+ /**
1459
+ * Change email notification recipients
1460
+ *
1461
+ * @param array $emails
1462
+ * @param integer $comment_id
1463
+ *
1464
+ * @return array
1465
+ * @global SpbcState $apbct
1466
+ */
1467
+ function apbct_comment__Wordpress__changeMailNotificationRecipients($emails, $comment_id){
1468
+ global $apbct;
1469
+ return array_unique(array_merge($emails, (array)json_decode($apbct->comment_notification_recipients, true)));
1470
+ }
1471
+
1472
+ /**
1473
+ * Changes email notification for spam comment for native Wordpress comment system
1474
+ *
1475
+ * @param string $notify_message Body of email notification
1476
+ * @param int $comment_id Comment id
1477
+ * @return string Body for email notification
1478
+ */
1479
+ function apbct_comment__Wordpress__changeMailNotification($notify_message, $comment_id){
1480
+
1481
+ global $apbct;
1482
+
1483
+ $notify_message =
1484
+ PHP_EOL
1485
+ .__('CleanTalk AntiSpam: This message is possible spam.', 'cleantalk-spam-protect')
1486
+ ."\n".__('You could check it in CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
1487
+ ."\n".'IP: https://cleantalk.org/blacklists/' . $apbct->sender_ip
1488
+ ."\n".'Email: https://cleantalk.org/blacklists/' . $apbct->sender_email
1489
+ ."\n".PHP_EOL . sprintf(
1490
+ __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
1491
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_comment_passed'
1492
+ .($apbct->data['user_token']
1493
+ ? '&iser_token='.$apbct->data['user_token']
1494
+ : ''
1495
+ )
1496
+ )
1497
+ .PHP_EOL . '---'
1498
+ .PHP_EOL
1499
+ .PHP_EOL
1500
+ .$notify_message;
1501
+
1502
+ return $notify_message;
1503
+
1504
+ }
1505
+
1506
+ function apbct_comment__wordpress__show_blacklists( $notify_message, $comment_id ) {
1507
+
1508
+ $comment_details = get_comments( array( 'comment__in' => $comment_id ) );
1509
+ $comment_details = $comment_details[0];
1510
+
1511
+ if( isset( $comment_details->comment_author_email ) ) {
1512
+
1513
+ $black_list_link = 'https://cleantalk.org/blacklists/';
1514
+
1515
+ $links = PHP_EOL;
1516
+ $links .= esc_html__( 'Check for spam:', 'cleantalk-spam-protect');
1517
+ $links .= PHP_EOL;
1518
+ $links .= $black_list_link . $comment_details->comment_author_email;
1519
+ $links .= PHP_EOL;
1520
+ if( ! empty( $comment_details->comment_author_IP ) ) {
1521
+ $links .= $black_list_link . $comment_details->comment_author_IP;
1522
+ $links .= PHP_EOL;
1523
+ }
1524
+
1525
+ return $notify_message . $links;
1526
+
1527
+ }
1528
+
1529
+ return $notify_message;
1530
+
1531
+ }
1532
+
1533
+ /**
1534
+ * Set die page with Cleantalk comment.
1535
+ * @global array $ct_comment
1536
+ $err_text = '<center><b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ' . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_comment;
1537
+ * @param type $comment_status
1538
+ */
1539
+ function ct_die($comment_id, $comment_status) {
1540
+
1541
+ global $ct_comment;
1542
+
1543
+ do_action( 'apbct_pre_block_page', $ct_comment );
1544
+
1545
+ $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $ct_comment;
1546
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1547
+ if(isset($_POST['et_pb_contact_email']))
1548
+ {
1549
+ $mes='<div id="et_pb_contact_form_1" class="et_pb_contact_form_container clearfix"><h1 class="et_pb_contact_main_title">Blacklisted</h1><div class="et-pb-contact-message"><p>'.$ct_comment.'</p></div></div>';
1550
+ wp_die($mes, 'Blacklisted', array('back_link' => true,'response'=>200));
1551
+ }
1552
+ else
1553
+ {
1554
+ wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1555
+ }
1556
+ }
1557
+
1558
+ /**
1559
+ * Set die page with Cleantalk comment from parameter.
1560
+ * @param type $comment_body
1561
+ */
1562
+ function ct_die_extended($comment_body) {
1563
+
1564
+ $err_text = '<center>' . ((defined('CLEANTALK_DISABLE_BLOCKING_TITLE') && CLEANTALK_DISABLE_BLOCKING_TITLE == true) ? '' : '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk.</b> ') . __('Spam protection', 'cleantalk-spam-protect') . "</center><br><br>\n" . $comment_body;
1565
+ $err_text .= '<script>setTimeout("history.back()", 5000);</script>';
1566
+ wp_die($err_text, 'Blacklisted', array('response' => 200, 'back_link' => true));
1567
+ }
1568
+
1569
+ /**
1570
+ * Validates JavaScript anti-spam test
1571
+ *
1572
+ * @param string $field_name filed to serach in data
1573
+ * @param null $data Data to search in
1574
+ * @param bool $random_key
1575
+ *
1576
+ * @return int|null
1577
+ */
1578
+ function apbct_js_test($field_name = 'ct_checkjs', $data = null) {
1579
+
1580
+ global $apbct;
1581
+
1582
+ $out = null;
1583
+
1584
+ if($data && isset($data[$field_name])){
1585
+
1586
+ $js_key = trim($data[$field_name]);
1587
+
1588
+ // Check static key
1589
+ if(
1590
+ $apbct->settings['use_static_js_key'] == 1 ||
1591
+ ( $apbct->settings['use_static_js_key'] == - 1 &&
1592
+ ( apbct_is_cache_plugins_exists() ||
1593
+ ( apbct_is_post() && isset($apbct->data['cache_detected']) && $apbct->data['cache_detected'] == 1 )
1594
+ )
1595
+ )
1596
+ ){
1597
+ $out = ct_get_checkjs_value() === $js_key ? 1 : 0;
1598
+
1599
+ // Random key check
1600
+ }else{
1601
+ $out = array_key_exists( $js_key, $apbct->js_keys ) ? 1 : 0;
1602
+ }
1603
+ }
1604
+
1605
+ return $out;
1606
+ }
1607
+
1608
+ /**
1609
+ * Get post url
1610
+ * @param int $comment_id
1611
+ * @param int $comment_post_id
1612
+ * @return string|bool
1613
+ */
1614
+ function ct_post_url($comment_id = null, $comment_post_id) {
1615
+
1616
+ if (empty($comment_post_id))
1617
+ return null;
1618
+
1619
+ if ($comment_id === null) {
1620
+ $last_comment = get_comments('number=1');
1621
+ $comment_id = isset($last_comment[0]->comment_ID) ? (int) $last_comment[0]->comment_ID + 1 : 1;
1622
+ }
1623
+ $permalink = get_permalink($comment_post_id);
1624
+
1625
+ $post_url = null;
1626
+ if ($permalink !== null)
1627
+ $post_url = $permalink . '#comment-' . $comment_id;
1628
+
1629
+ return $post_url;
1630
+ }
1631
+
1632
+ /**
1633
+ * Public filter 'pre_comment_approved' - Mark comment unapproved always
1634
+ * @return int Zero
1635
+ */
1636
+ function ct_set_not_approved() {
1637
+ return 0;
1638
+ }
1639
+
1640
+ /**
1641
+ * @author Artem Leontiev
1642
+ * Public filter 'pre_comment_approved' - Mark comment approved if it's not 'spam' only
1643
+ * @return int 1
1644
+ */
1645
+ function ct_set_approved($approved, $comment) {
1646
+ if ($approved == 'spam'){
1647
+ return $approved;
1648
+ } else {
1649
+ return 1;
1650
+ }
1651
+ }
1652
+
1653
+ /**
1654
+ * Public filter 'pre_comment_approved' - Mark comment unapproved always
1655
+ * @return int Zero
1656
+ */
1657
+ function ct_set_comment_spam() {
1658
+ return 'spam';
1659
+ }
1660
+
1661
+ /**
1662
+ * Public action 'comment_post' - Store cleantalk hash in comment meta 'ct_hash'
1663
+ * @param int $comment_id Comment ID
1664
+ * @param mixed $comment_status Approval status ("spam", or 0/1), not used
1665
+ */
1666
+ function ct_set_meta($comment_id, $comment_status) {
1667
+ global $comment_post_id;
1668
+ $hash1 = ct_hash();
1669
+ if (!empty($hash1)) {
1670
+ update_comment_meta($comment_id, 'ct_hash', $hash1);
1671
+ if (function_exists('base64_encode') && isset($comment_status) && $comment_status != 'spam') {
1672
+ $post_url = ct_post_url($comment_id, $comment_post_id);
1673
+ $post_url = base64_encode($post_url);
1674
+ if ($post_url === false)
1675
+ return false;
1676
+ // 01 - URL to approved comment
1677
+ $feedback_request = $hash1 . ':' . '01' . ':' . $post_url . ';';
1678
+ ct_send_feedback($feedback_request);
1679
+ }
1680
+ }
1681
+ return true;
1682
+ }
1683
+
1684
+ /**
1685
+ * Mark bad words
1686
+ * @global string $ct_stop_words
1687
+ * @param int $comment_id
1688
+ * @param int $comment_status Not use
1689
+ */
1690
+ function ct_mark_red($comment_id, $comment_status) {
1691
+ global $ct_stop_words;
1692
+
1693
+ $comment = get_comment($comment_id, 'ARRAY_A');
1694
+ $message = $comment['comment_content'];
1695
+ foreach (explode(':', $ct_stop_words) as $word) {
1696
+ $message = preg_replace("/($word)/ui", '<font rel="cleantalk" color="#FF1000">' . "$1" . '</font>', $message);
1697
+
1698
+ }
1699
+ $comment['comment_content'] = $message;
1700
+ kses_remove_filters();
1701
+ wp_update_comment($comment);
1702
+ }
1703
+
1704
+ //
1705
+ //Send post to trash
1706
+ //
1707
+ function ct_wp_trash_comment($comment_id, $comment_status){
1708
+ wp_trash_comment($comment_id);
1709
+ }
1710
+
1711
+ /**
1712
+ * Tests plugin activation status
1713
+ * @return bool
1714
+ */
1715
+ function ct_plugin_active($plugin_name){
1716
+ foreach (get_option('active_plugins') as $k => $v) {
1717
+ if ($plugin_name == $v)
1718
+ return true;
1719
+ }
1720
+ return false;
1721
+ }
1722
+
1723
+ /**
1724
+ * Insert a hidden field to registration form
1725
+ * @return null
1726
+ */
1727
+ function ct_register_form() {
1728
+
1729
+ global $ct_checkjs_register_form, $apbct;
1730
+
1731
+ if ($apbct->settings['registrations_test'] == 0) {
1732
+ return false;
1733
+ }
1734
+
1735
+ ct_add_hidden_fields($ct_checkjs_register_form, false, false, false, false);
1736
+
1737
+ return null;
1738
+ }
1739
+
1740
+ function apbct_login__scripts(){
1741
+ global $apbct;
1742
+
1743
+ // Differnt JS params
1744
+ wp_enqueue_script( 'ct_public', APBCT_URL_PATH . '/js/apbct-public.min.js', array( 'jquery' ), APBCT_VERSION, false /*in header*/ );
1745
+
1746
+ wp_localize_script('ct_public', 'ctPublic', array(
1747
+ '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
1748
+ '_ajax_url' => admin_url('admin-ajax.php'),
1749
+ ));
1750
+
1751
+ $apbct->public_script_loaded = true;
1752
+ }
1753
+
1754
+ /**
1755
+ * Adds notification text to login form - to inform about approved registration
1756
+ * @return null
1757
+ */
1758
+ function ct_login_message($message) {
1759
+
1760
+ global $errors, $apbct, $apbct_cookie_register_ok_label;
1761
+
1762
+ if ($apbct->settings['registrations_test'] != 0){
1763
+ if( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] ){
1764
+ if (isset($_COOKIE[$apbct_cookie_register_ok_label])){
1765
+ if(is_wp_error($errors)){
1766
+ $errors->add('ct_message',sprintf(__('Registration approved by %s.', 'cleantalk-spam-protect'), '<b style="color: #49C73B;">Clean</b><b style="color: #349ebf;">Talk</b>'), 'message');
1767
+ }
1768
+ }
1769
+ }
1770
+ }
1771
+ return $message;
1772
+ }
1773
+
1774
+ /**
1775
+ * Test users registration for pPress
1776
+ * @return array with errors
1777
+ */
1778
+ function ct_registration_errors_ppress($reg_errors, $form_id) {
1779
+
1780
+ $email = $_POST['reg_email'];
1781
+ $login = $_POST['reg_username'];
1782
+
1783
+ $reg_errors = ct_registration_errors($reg_errors, $login, $email);
1784
+
1785
+ return $reg_errors;
1786
+ }
1787
+
1788
+ /**
1789
+ * Test users registration for multisite enviroment
1790
+ * @return array with errors
1791
+ */
1792
+ function ct_registration_errors_wpmu($errors) {
1793
+ global $ct_signup_done;
1794
+
1795
+ //
1796
+ // Multisite actions
1797
+ //
1798
+ $sanitized_user_login = null;
1799
+ if (isset($errors['user_name'])) {
1800
+ $sanitized_user_login = $errors['user_name'];
1801
+ $wpmu = true;
1802
+ }
1803
+ $user_email = null;
1804
+ if (isset($errors['user_email'])) {
1805
+ $user_email = $errors['user_email'];
1806
+ $wpmu = true;
1807
+ }
1808
+
1809
+ if ($wpmu && isset($errors['errors']->errors) && count($errors['errors']->errors) > 0) {
1810
+ return $errors;
1811
+ }
1812
+
1813
+ $errors['errors'] = ct_registration_errors($errors['errors'], $sanitized_user_login, $user_email);
1814
+
1815
+ // Show CleanTalk errors in user_name field
1816
+ if (isset($errors['errors']->errors['ct_error'])) {
1817
+ $errors['errors']->errors['user_name'] = $errors['errors']->errors['ct_error'];
1818
+ unset($errors['errors']->errors['ct_error']);
1819
+ }
1820
+
1821
+ return $errors;
1822
+ }
1823
+
1824
+ /**
1825
+ * Shell for action register_post
1826
+ * @return array with errors
1827
+ */
1828
+ function ct_register_post($sanitized_user_login = null, $user_email = null, $errors) {
1829
+ return ct_registration_errors($errors, $sanitized_user_login, $user_email);
1830
+ }
1831
+
1832
+ /**
1833
+ * Check messages for external plugins
1834
+ * @return array with checking result;
1835
+ */
1836
+
1837
+ function ct_test_message($nickname, $email, $ip, $text){
1838
+
1839
+ $base_call_result = apbct_base_call(
1840
+ array(
1841
+ 'message' => $text,
1842
+ 'sender_email' => $email,
1843
+ 'sender_nickname' => $nickname,
1844
+ 'post_info' => array('comment_type' => 'feedback_plugin_check'),
1845
+ 'js_on' => apbct_js_test('ct_checkjs', $_COOKIE),
1846
+ )
1847
+ );
1848
+
1849
+ $ct_result = $base_call_result['ct_result'];
1850
+
1851
+ $result=Array(
1852
+ 'allow' => $ct_result->allow,
1853
+ 'comment' => $ct_result->comment,
1854
+ );
1855
+ return $result;
1856
+ }
1857
+
1858
+ /**
1859
+ * Check registrations for external plugins
1860
+ * @return array with checking result;
1861
+ */
1862
+ function ct_test_registration($nickname, $email, $ip){
1863
+
1864
+ global $ct_checkjs_register_form, $apbct;
1865
+
1866
+ if(apbct_js_test($ct_checkjs_register_form, $_POST)){
1867
+ $checkjs = apbct_js_test($ct_checkjs_register_form, $_POST);
1868
+ $sender_info['post_checkjs_passed'] = $checkjs;
1869
+ }else{
1870
+ $checkjs = $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1871
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
1872
+ }
1873
+
1874
+ //Making a call
1875
+ $base_call_result = apbct_base_call(
1876
+ array(
1877
+ 'sender_ip' => $ip,
1878
+ 'sender_email' => $email,
1879
+ 'sender_nickname' => $nickname,
1880
+ 'sender_info' => $sender_info,
1881
+ 'js_on' => $checkjs,
1882
+ ),
1883
+ true
1884
+ );
1885
+ $ct_result = $base_call_result['ct_result'];
1886
+
1887
+ $result = array(
1888
+ 'allow' => $ct_result->allow,
1889
+ 'comment' => $ct_result->comment,
1890
+ );
1891
+ return $result;
1892
+ }
1893
+
1894
+ /**
1895
+ * Test users registration
1896
+ *
1897
+ * @param $errors
1898
+ * @param null $sanitized_user_login
1899
+ * @param null $user_email
1900
+ *
1901
+ * @return void with errors
1902
+ */
1903
+ function ct_registration_errors($errors, $sanitized_user_login = null, $user_email = null) {
1904
+
1905
+ global $ct_checkjs_register_form, $apbct_cookie_request_id_label, $apbct_cookie_register_ok_label, $bp, $ct_signup_done, $ct_negative_comment, $apbct, $ct_registration_error_comment, $cleantalk_executed;
1906
+
1907
+ // Go out if a registrered user action
1908
+ if (apbct_is_user_enable() === false) {
1909
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1910
+ return $errors;
1911
+ }
1912
+
1913
+ if ($apbct->settings['registrations_test'] == 0) {
1914
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1915
+ return $errors;
1916
+ }
1917
+
1918
+ // The function already executed
1919
+ // It happens when used ct_register_post();
1920
+ if ($ct_signup_done && is_object($errors) && count($errors->errors) > 0) {
1921
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1922
+ return $errors;
1923
+ }
1924
+
1925
+ // Facebook registration
1926
+ if ($sanitized_user_login === null && isset($_POST['FB_userdata'])){
1927
+ $sanitized_user_login = $_POST['FB_userdata']['name'];
1928
+ $facebook = true;
1929
+ }
1930
+ if ($user_email === null && isset($_POST['FB_userdata'])){
1931
+ $user_email = $_POST['FB_userdata']['email'];
1932
+ $facebook = true;
1933
+ }
1934
+
1935
+ // BuddyPress actions
1936
+ $buddypress = false;
1937
+ if ($sanitized_user_login === null && isset($_POST['signup_username'])) {
1938
+ $sanitized_user_login = $_POST['signup_username'];
1939
+ $buddypress = true;
1940
+ }
1941
+ if ($user_email === null && isset($_POST['signup_email'])) {
1942
+ $user_email = $_POST['signup_email'];
1943
+ $buddypress = true;
1944
+ }
1945
+
1946
+ //
1947
+ // Break tests because we already have servers response
1948
+ //
1949
+ if ($buddypress && $ct_signup_done) {
1950
+ if ($ct_negative_comment) {
1951
+ $bp->signup->errors['signup_username'] = $ct_negative_comment;
1952
+ }
1953
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
1954
+ return $errors;
1955
+ }
1956
+
1957
+
1958
+ if(current_filter() == 'woocommerce_registration_errors'){
1959
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
1960
+ $checkjs_post = null;
1961
+ $checkjs_cookie = $checkjs;
1962
+ }else{
1963
+ // This hack can be helpfull when plugin uses with untested themes&signups plugins.
1964
+ $checkjs_post = apbct_js_test($ct_checkjs_register_form, $_POST);
1965
+ $checkjs_cookie = apbct_js_test('ct_checkjs', $_COOKIE);
1966
+ $checkjs = $checkjs_cookie ? $checkjs_cookie : $checkjs_post;
1967
+ }
1968
+
1969
+ $sender_info = array(
1970
+ 'post_checkjs_passed' => $checkjs_post,
1971
+ 'cookie_checkjs_passed' => $checkjs_cookie,
1972
+ 'form_validation' => ! empty( $errors )
1973
+ ? json_encode( array(
1974
+ 'validation_notice' => $errors->get_error_message(),
1975
+ 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
1976
+ ) )
1977
+ : null,
1978
+ );
1979
+
1980
+ $base_call_result = apbct_base_call(
1981
+ array(
1982
+ 'sender_email' => $user_email,
1983
+ 'sender_nickname' => $sanitized_user_login,
1984
+ 'sender_info' => $sender_info,
1985
+ 'js_on' => $checkjs,
1986
+ ),
1987
+ true
1988
+ );
1989
+ $ct_result = $base_call_result['ct_result'];
1990
+
1991
+ // Change mail notification if license is out of date
1992
+ if($apbct->data['moderate'] == 0 &&
1993
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
1994
+ ){
1995
+ $apbct->sender_email = $user_email;
1996
+ $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
1997
+ add_filter('wp_new_user_notification_email_admin', 'apbct_registration__Wordpress__changeMailNotification', 100, 3);
1998
+ }
1999
+
2000
+ $ct_signup_done = true;
2001
+
2002
+ $ct_result = ct_change_plugin_resonse($ct_result, $checkjs);
2003
+
2004
+ $cleantalk_executed = true;
2005
+
2006
+ if ($ct_result->inactive != 0) {
2007
+ ct_send_error_notice($ct_result->comment);
2008
+ return $errors;
2009
+ }
2010
+
2011
+ if ($ct_result->allow == 0) {
2012
+
2013
+ if ($buddypress === true) {
2014
+ $bp->signup->errors['signup_username'] = $ct_result->comment;
2015
+ }elseif(!empty($facebook)){
2016
+ $_POST['FB_userdata']['email'] = '';
2017
+ $_POST['FB_userdata']['name'] = '';
2018
+ return;
2019
+ }else{
2020
+ if(is_wp_error($errors))
2021
+ $errors->add('ct_error', $ct_result->comment);
2022
+ $ct_negative_comment = $ct_result->comment;
2023
+ }
2024
+
2025
+ $ct_registration_error_comment = $ct_result->comment;
2026
+
2027
+ } else {
2028
+ if ($ct_result->id !== null) {
2029
+ \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_register_ok_label, $ct_result->id, time()+10, '/');
2030
+ \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_request_id_label, $ct_result->id, time()+10, '/');
2031
+ }
2032
+ }
2033
+
2034
+ return $errors;
2035
+ }
2036
+
2037
+ /**
2038
+ * Changes email notification for newly registred user
2039
+ *
2040
+ * @param string $wp_new_user_notification_email_admin Body of email notification
2041
+ * @param array $user User inof
2042
+ * @param string $blogname Blog name
2043
+ * @return string Body for email notification
2044
+ */
2045
+ function apbct_registration__Wordpress__changeMailNotification($wp_new_user_notification_email_admin, $user, $blogname){
2046
+
2047
+ global $apbct;
2048
+
2049
+ $wp_new_user_notification_email_admin['message'] = PHP_EOL
2050
+ .__('CleanTalk AntiSpam: This registration is spam.', 'cleantalk-spam-protect')
2051
+ ."\n" . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2052
+ ."\n" . 'IP: ' . $apbct->sender_ip
2053
+ ."\n" . 'Email: ' . $apbct->sender_email
2054
+ .PHP_EOL . PHP_EOL .
2055
+ __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk')
2056
+ .'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wp_spam_registration_passed'
2057
+ .($apbct->data['user_token']
2058
+ ? '&iser_token='.$apbct->data['user_token']
2059
+ : ''
2060
+ )
2061
+ .PHP_EOL . '---'
2062
+ .PHP_EOL
2063
+ .$wp_new_user_notification_email_admin['message'];
2064
+
2065
+ return $wp_new_user_notification_email_admin;
2066
+
2067
+
2068
+ }
2069
+
2070
+ /**
2071
+ * Checks Ultimate Members registration for spam
2072
+ *
2073
+ * @param $args forms arguments with names and values
2074
+ *
2075
+ * @return mixed
2076
+ *
2077
+ */
2078
+ function apbct_registration__UltimateMembers__check( $args ){
2079
+
2080
+ if ( isset( UM()->form()->errors ) ) {
2081
+ $sender_info['previous_form_validation'] = true;
2082
+ $sender_info['validation_notice'] = json_encode( UM()->form()->errors );
2083
+ }
2084
+
2085
+ global $apbct, $cleantalk_executed;
2086
+
2087
+ if ($apbct->settings['registrations_test'] == 0) {
2088
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2089
+ return $args;
2090
+ }
2091
+
2092
+
2093
+ $checkjs = apbct_js_test('ct_checkjs_register_form', $args);
2094
+ $sender_info['post_checkjs_passed'] = $checkjs;
2095
+
2096
+ // This hack can be helpfull when plugin uses with untested themes&signups plugins.
2097
+ if ($checkjs == 0) {
2098
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2099
+ $sender_info['cookie_checkjs_passed'] = $checkjs;
2100
+ }
2101
+
2102
+ $base_call_result = apbct_base_call(
2103
+ array(
2104
+ 'sender_email' => $args['user_email'],
2105
+ 'sender_nickname' => $args['user_login'],
2106
+ 'sender_info' => $sender_info,
2107
+ 'js_on' => $checkjs,
2108
+ ),
2109
+ true
2110
+ );
2111
+ $ct_result = $base_call_result['ct_result'];
2112
+
2113
+ $cleantalk_executed = true;
2114
+
2115
+ if ($ct_result->inactive != 0) {
2116
+ ct_send_error_notice($ct_result->comment);
2117
+ return $args;
2118
+ }
2119
+
2120
+ if ($ct_result->allow == 0)
2121
+ UM()->form()->add_error('user_password', $ct_result->comment );
2122
+
2123
+ return $args;
2124
+ }
2125
+
2126
+ /**
2127
+ * Checks registration error and set it if it was dropped
2128
+ * @return errors
2129
+ */
2130
+ function ct_check_registration_erros($errors, $sanitized_user_login = null, $user_email = null) {
2131
+ global $bp, $ct_registration_error_comment;
2132
+
2133
+ if($ct_registration_error_comment){
2134
+
2135
+ if(isset($bp))
2136
+ if(method_exists($bp, 'signup'))
2137
+ if(method_exists($bp->signup, 'errors'))
2138
+ if(isset($bp->signup->errors['signup_username']))
2139
+ if($bp->signup->errors['signup_username'] != $ct_registration_error_comment)
2140
+ $bp->signup->errors['signup_username'] = $ct_registration_error_comment;
2141
+
2142
+ if(isset($errors))
2143
+ if(method_exists($errors, 'errors'))
2144
+ if(isset($errors->errors['ct_error']))
2145
+ if($errors->errors['ct_error'][0] != $ct_registration_error_comment)
2146
+ $errors->add('ct_error', $ct_registration_error_comment);
2147
+
2148
+ }
2149
+ return $errors;
2150
+ }
2151
+
2152
+ /**
2153
+ * Set user meta (ct_hash) for successed registration
2154
+ * @return null
2155
+ */
2156
+ function apbct_user_register($user_id) {
2157
+ global $apbct_cookie_request_id_label;
2158
+ if (isset($_COOKIE[$apbct_cookie_request_id_label])) {
2159
+ if(update_user_meta($user_id, 'ct_hash', $_COOKIE[$apbct_cookie_request_id_label])){
2160
+ \Cleantalk\Common\Helper::apbct_cookie__set($apbct_cookie_request_id_label, '0', 1, '/');
2161
+ }
2162
+ }
2163
+ }
2164
+
2165
+
2166
+ /**
2167
+ * Test for JetPack contact form
2168
+ */
2169
+ function ct_grunion_contact_form_field_html($r, $field_label) {
2170
+
2171
+ global $ct_checkjs_jpcf, $ct_jpcf_patched, $ct_jpcf_fields, $apbct;
2172
+
2173
+ if ($apbct->settings['contact_forms_test'] == 1 && $ct_jpcf_patched === false && preg_match( "/(text|email)/i", $r)) {
2174
+
2175
+ // Looking for element name prefix
2176
+ $name_patched = false;
2177
+ foreach ($ct_jpcf_fields as $v) {
2178
+ if ($name_patched === false && preg_match("/(g\d-)$v/", $r, $matches)) {
2179
+ $ct_checkjs_jpcf = $matches[1] . $ct_checkjs_jpcf;
2180
+ $name_patched = true;
2181
+ }
2182
+ }
2183
+
2184
+ $r .= ct_add_hidden_fields($ct_checkjs_jpcf, true);
2185
+ $ct_jpcf_patched = true;
2186
+ }
2187
+
2188
+ return $r;
2189
+ }
2190
+ /**
2191
+ * Test for JetPack contact form
2192
+ */
2193
+ function ct_contact_form_is_spam($form) {
2194
+
2195
+ global $ct_checkjs_jpcf, $apbct;
2196
+
2197
+ if ($apbct->settings['contact_forms_test'] == 0) {
2198
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2199
+ return null;
2200
+ }
2201
+
2202
+ $js_field_name = $ct_checkjs_jpcf;
2203
+ foreach ($_POST as $k => $v) {
2204
+ if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
2205
+ $js_field_name = $k;
2206
+ }
2207
+
2208
+ $sender_email = null;
2209
+ $sender_nickname = null;
2210
+ $message = '';
2211
+ if (isset($form['comment_author_email']))
2212
+ $sender_email = $form['comment_author_email'];
2213
+
2214
+ if (isset($form['comment_author']))
2215
+ $sender_nickname = $form['comment_author'];
2216
+
2217
+ if (isset($form['comment_content']))
2218
+ $message = $form['comment_content'];
2219
+
2220
+ $base_call_result = apbct_base_call(
2221
+ array(
2222
+ 'message' => $message,
2223
+ 'sender_email' => $sender_email,
2224
+ 'sender_nickname' => $sender_nickname,
2225
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
2226
+ 'sender_info' => array('sender_url' => @$form['comment_author_url']),
2227
+ 'js_on' => apbct_js_test($js_field_name, $_POST),
2228
+ )
2229
+ );
2230
+ $ct_result = $base_call_result['ct_result'];
2231
+
2232
+ if ($ct_result->allow == 0) {
2233
+ global $ct_comment;
2234
+ $ct_comment = $ct_result->comment;
2235
+ ct_die(null, null);
2236
+ exit;
2237
+ }
2238
+
2239
+ return (bool) !$ct_result->allow;
2240
+ }
2241
+
2242
+ function ct_contact_form_is_spam_jetpack($is_spam,$form) {
2243
+ global $ct_checkjs_jpcf, $apbct;
2244
+
2245
+ if ($apbct->settings['contact_forms_test'] == 0) {
2246
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2247
+ return null;
2248
+ }
2249
+
2250
+ $js_field_name = $ct_checkjs_jpcf;
2251
+ foreach ($_POST as $k => $v) {
2252
+ if (preg_match("/^.+$ct_checkjs_jpcf$/", $k))
2253
+ $js_field_name = $k;
2254
+ }
2255
+
2256
+ $base_call_result = apbct_base_call(
2257
+ array(
2258
+ 'message' => isset($form['comment_content']) ? $form['comment_content'] : '',
2259
+ 'sender_email' => isset($form['comment_author_email']) ? $form['comment_author_email'] : null,
2260
+ 'sender_nickname' => isset($form['comment_author']) ? $form['comment_author'] : null,
2261
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_grunion'),
2262
+ 'sender_info' => array('sender_url' => @$form['comment_author_url']),
2263
+ )
2264
+ );
2265
+ $ct_result = $base_call_result['ct_result'];
2266
+
2267
+ if ($ct_result->allow == 0) {
2268
+ global $ct_comment;
2269
+ $ct_comment = $ct_result->comment;
2270
+ ct_die(null, null);
2271
+ exit;
2272
+ }
2273
+
2274
+ return (bool) !$ct_result->allow;
2275
+ }
2276
+
2277
+ /**
2278
+ * Inserts anti-spam hidden to WP Maintenance Mode (wpmm)
2279
+ */
2280
+ function apbct_form__wpmm__addField(){
2281
+ ct_add_hidden_fields('ct_checkjs', false, true, true);
2282
+ }
2283
+
2284
+ /**
2285
+ * Inserts anti-spam hidden to CF7
2286
+ */
2287
+ function apbct_form__contactForm7__addField($html) {
2288
+ global $ct_checkjs_cf7, $apbct;
2289
+
2290
+
2291
+
2292
+ if ($apbct->settings['contact_forms_test'] == 0) {
2293
+ return $html;
2294
+ }
2295
+
2296
+ $html .= ct_add_hidden_fields($ct_checkjs_cf7, true);
2297
+
2298
+ return $html;
2299
+ }
2300
+
2301
+ /**
2302
+ * Test spam for Contact Fomr 7 (CF7) right before validation
2303
+ *
2304
+ * @global SpbcState $apbct
2305
+ * @param type $result
2306
+ * @param type $tags
2307
+ * @return type
2308
+ */
2309
+ function apbct_form__contactForm7__tesSpam__before_validate($result = null, $tags = null) {
2310
+ global $apbct;
2311
+
2312
+ if ($result && method_exists($result, 'get_invalid_fields')){
2313
+ $invalid_fields = $result->get_invalid_fields();
2314
+ if(!empty($invalid_fields) && is_array($invalid_fields)){
2315
+ $apbct->validation_error = $invalid_fields[key($invalid_fields)]['reason'];
2316
+ apbct_form__contactForm7__testSpam(false);
2317
+ }
2318
+ }
2319
+
2320
+ return $result;
2321
+ }
2322
+
2323
+ /**
2324
+ * Test CF7 message for spam
2325
+ */
2326
+ function apbct_form__contactForm7__testSpam($param) {
2327
+
2328
+ global $ct_checkjs_cf7, $apbct;
2329
+
2330
+ if(
2331
+ $apbct->settings['contact_forms_test'] == 0 ||
2332
+ $param == false && WPCF7_VERSION < '3.0.0' ||
2333
+ $param === true && WPCF7_VERSION >= '3.0.0' ||
2334
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() || // Skip processing for logged in users.
2335
+ apbct_exclusions_check__url() ||
2336
+ apbct_exclusions_check__ip() ||
2337
+ isset($apbct->cf7_checked)
2338
+ ){
2339
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2340
+ return $param;
2341
+ }
2342
+
2343
+ $checkjs = apbct_js_test($ct_checkjs_cf7, $_POST)
2344
+ ? apbct_js_test($ct_checkjs_cf7, $_POST)
2345
+ : apbct_js_test('ct_checkjs', $_COOKIE);
2346
+
2347
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
2348
+
2349
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2350
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2351
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2352
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2353
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2354
+ if ($subject != '') {
2355
+ $message = array_merge(array('subject' => $subject), $message);
2356
+ }
2357
+
2358
+ $base_call_result = apbct_base_call(
2359
+ array(
2360
+ 'message' => $message,
2361
+ 'sender_email' => $sender_email,
2362
+ 'sender_nickname' => $sender_nickname,
2363
+ 'js_on' => $checkjs,
2364
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_cf7'),
2365
+ 'sender_info' => array(
2366
+ 'form_validation' => !isset($apbct->validation_error)
2367
+ ? null
2368
+ : json_encode(array(
2369
+ 'validation_notice' => $apbct->validation_error,
2370
+ 'page_url' => apbct_get_server_variable( 'HTTP_HOST' ) . apbct_get_server_variable( 'REQUEST_URI' ),
2371
+ ))
2372
+ ),
2373
+ )
2374
+ );
2375
+
2376
+ $ct_result = $base_call_result['ct_result'];
2377
+
2378
+ // Change mail notification if license is out of date
2379
+ if($apbct->data['moderate'] == 0 &&
2380
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2381
+ ){
2382
+ $apbct->sender_email = $sender_email;
2383
+ $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2384
+ add_filter('wpcf7_mail_components', 'apbct_form__contactForm7__changeMailNotification');
2385
+ }
2386
+
2387
+ if ($ct_result->allow == 0) {
2388
+
2389
+ global $ct_cf7_comment;
2390
+ $ct_cf7_comment = $ct_result->comment;
2391
+
2392
+ add_filter('wpcf7_display_message', 'apbct_form__contactForm7__showResponse', 10, 2);
2393
+
2394
+ $param = WPCF7_VERSION >= '3.0.0' ? true : false;
2395
+
2396
+ }
2397
+
2398
+ $apbct->cf7_checked = true;
2399
+
2400
+ return $param;
2401
+ }
2402
+
2403
+ /**
2404
+ * Changes CF7 status message
2405
+ * @param string $hook URL of hooked page
2406
+ */
2407
+ function apbct_form__contactForm7__showResponse($message, $status = 'spam') {
2408
+ global $ct_cf7_comment;
2409
+
2410
+ if ($status == 'spam') {
2411
+ $message = $ct_cf7_comment;
2412
+ }
2413
+
2414
+ return $message;
2415
+ }
2416
+
2417
+ /**
2418
+ * Changes email notification for succes subscription for Contact Form 7
2419
+ *
2420
+ * @param array $component Arguments for email notification
2421
+ * @return array Arguments for email notification
2422
+ */
2423
+ function apbct_form__contactForm7__changeMailNotification($component){
2424
+
2425
+ global $apbct;
2426
+
2427
+ $component['body'] =
2428
+ __('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2429
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2430
+ .PHP_EOL . 'IP: ' . $apbct->sender_ip
2431
+ .PHP_EOL . 'Email: ' . $apbct->sender_email
2432
+ .PHP_EOL . sprintf(
2433
+ __('Activate protection in your Anti-Spam Dashboard: %s.', 'clentalk'),
2434
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=cf7_activate_antispam&user_token='.$apbct->user_token
2435
+ )
2436
+ .PHP_EOL . '---' . PHP_EOL . PHP_EOL
2437
+ .$component['body'];
2438
+
2439
+ return (array) $component;
2440
+ }
2441
+
2442
+ /**
2443
+ * Test Ninja Forms message for spam
2444
+ *
2445
+ * @global SpbcState $apbct
2446
+ * @return void
2447
+ */
2448
+ function apbct_form__ninjaForms__testSpam() {
2449
+
2450
+ global $apbct, $cleantalk_executed;
2451
+
2452
+ if( $cleantalk_executed ){
2453
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2454
+ return;
2455
+ }
2456
+
2457
+ $cleantalk_executed = true;
2458
+
2459
+ if(
2460
+ $apbct->settings['contact_forms_test'] == 0
2461
+ || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2462
+ || apbct_exclusions_check__url()
2463
+ ){
2464
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2465
+ return;
2466
+ }
2467
+
2468
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2469
+
2470
+ // Choosing between POST and GET
2471
+ $params = ct_get_fields_any(isset($_GET['ninja_forms_ajax_submit']) || isset($_GET['nf_ajax_submit']) ? $_GET : $_POST);
2472
+
2473
+ $sender_email = ($params['email'] ? $params['email'] : '');
2474
+ $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2475
+ $subject = ($params['subject'] ? $params['subject'] : '');
2476
+ $message = ($params['message'] ? $params['message'] : array());
2477
+ if ($subject != '') {
2478
+ $message = array_merge(array('subject' => $subject), $message);
2479
+ }
2480
+
2481
+ //Ninja Forms xml fix
2482
+ foreach ($message as $key => $value){
2483
+ if (strpos($value, '<xml>') !== false)
2484
+ unset($message[$key]);
2485
+ }
2486
+
2487
+ $base_call_result = apbct_base_call(
2488
+ array(
2489
+ 'message' => $message,
2490
+ 'sender_email' => $sender_email,
2491
+ 'sender_nickname' => $sender_nickname,
2492
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_ninja_froms'),
2493
+ 'js_on' => $checkjs,
2494
+ )
2495
+ );
2496
+ $ct_result = $base_call_result['ct_result'];
2497
+
2498
+ // Change mail notification if license is out of date
2499
+ if($apbct->data['moderate'] == 0 &&
2500
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2501
+ ){
2502
+ $apbct->sender_email = $sender_email;
2503
+ $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2504
+ add_filter('ninja_forms_action_email_message', 'apbct_form__ninjaForms__changeMailNotification', 1, 3);
2505
+ }
2506
+
2507
+ if ($ct_result->allow == 0) {
2508
+
2509
+ // We have to use GLOBAL variable to transfer the comment to apbct_form__ninjaForms__changeResponse() function :(
2510
+ $apbct->response = $ct_result->comment;
2511
+ add_action( 'ninja_forms_before_response', 'apbct_form__ninjaForms__changeResponse', 10, 1 );
2512
+ add_action( 'ninja_forms_action_email_send', 'apbct_form__ninjaForms__stopEmail', 1, 5 ); // Prevent mail notification
2513
+ add_action( 'ninja_forms_save_submission', 'apbct_form__ninjaForms__preventSubmission', 1, 2 ); // Prevent mail notification
2514
+ }
2515
+ }
2516
+
2517
+ function apbct_form__ninjaForms__preventSubmission($some, $form_id){
2518
+ return false;
2519
+ }
2520
+
2521
+ function apbct_form__ninjaForms__stopEmail($some, $action_settings, $message, $headers, $attachments){
2522
+ global $apbct;
2523
+ throw new Exception($apbct->response);
2524
+ }
2525
+
2526
+ function apbct_form__ninjaForms__changeResponse( $data ) {
2527
+
2528
+ global $apbct;
2529
+
2530
+ // Show error message below field found by ID
2531
+ if(array_key_exists('email', $data['fields_by_key'])){
2532
+ // Find ID of EMAIL field
2533
+ $nf_field_id = $data['fields_by_key']['email']['id'];
2534
+ }else{
2535
+ // Find ID of last field (usually SUBMIT)
2536
+ $fields_keys = array_keys($data['fields']);
2537
+ $nf_field_id = array_pop($fields_keys);
2538
+ }
2539
+
2540
+ // Below is modified NJ logic
2541
+ $error = array(
2542
+ 'fields' => array(
2543
+ $nf_field_id => $apbct->response,
2544
+ ),
2545
+ );
2546
+
2547
+ $response = array( 'data' => $data, 'errors' => $error, 'debug' => '' );
2548
+
2549
+ die(wp_json_encode( $response, JSON_FORCE_OBJECT ));
2550
+
2551
+ }
2552
+
2553
+ function apbct_form__seedprod_coming_soon__testSpam() {
2554
+
2555
+ global $apbct;
2556
+
2557
+ if(
2558
+ $apbct->settings['contact_forms_test'] == 0
2559
+ || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
2560
+ || apbct_exclusions_check__url()
2561
+ ){
2562
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2563
+ return;
2564
+ }
2565
+
2566
+ $ct_temp_msg_data = ct_get_fields_any($_REQUEST);
2567
+
2568
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2569
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2570
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2571
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2572
+ if ($subject != '') {
2573
+ $message = array_merge(array('subject' => $subject), $message);
2574
+ }
2575
+
2576
+ $post_info['comment_type'] = 'contact_form_wordpress_seedprod_coming_soon';
2577
+
2578
+ $base_call_result = apbct_base_call(
2579
+ array(
2580
+ 'message' => $message,
2581
+ 'sender_email' => $sender_email,
2582
+ 'sender_nickname' => $sender_nickname,
2583
+ 'post_info' => $post_info,
2584
+ )
2585
+ );
2586
+
2587
+ $ct_result = $base_call_result['ct_result'];
2588
+ if ($ct_result->allow == 0) {
2589
+ global $ct_comment;
2590
+ $ct_comment = $ct_result->comment;
2591
+
2592
+ $response = array(
2593
+ 'status' => 200,
2594
+ 'html' => "<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>"
2595
+ );
2596
+
2597
+ echo sanitize_text_field($_GET['callback']) . '(' . json_encode($response) . ')';
2598
+ exit();
2599
+ }
2600
+
2601
+ }
2602
+
2603
+ /**
2604
+ * Changes email notification for succes subscription for Ninja Forms
2605
+ *
2606
+ * @param string $message Body of email notification
2607
+ * @return string Body for email notification
2608
+ */
2609
+ function apbct_form__ninjaForms__changeMailNotification($message, $data, $action_settings){
2610
+
2611
+ global $apbct;
2612
+
2613
+ if($action_settings['to'] !== $apbct->sender_email){
2614
+
2615
+ $message .= wpautop(PHP_EOL . '---'
2616
+ .PHP_EOL
2617
+ .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2618
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2619
+ .PHP_EOL . 'IP: ' . $apbct->sender_ip
2620
+ .PHP_EOL . 'Email: ' . $apbct->sender_email
2621
+ .PHP_EOL .
2622
+ __('Activate protection in your Anti-Spam Dashboard: ', 'clentalk').
2623
+ 'https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=ninjaform_activate_antispam'.$apbct->user_token
2624
+ );
2625
+ }
2626
+
2627
+ return $message;
2628
+ }
2629
+
2630
+ /**
2631
+ * Inserts anti-spam hidden to WPForms
2632
+ *
2633
+ * @global SpbcState $apbct
2634
+ * @return void
2635
+ */
2636
+ function apbct_form__WPForms__addField($form_data, $some, $title, $description, $errors) {
2637
+
2638
+ global $apbct;
2639
+
2640
+ if($apbct->settings['contact_forms_test'] == 1)
2641
+ ct_add_hidden_fields('checkjs_wpforms', false);
2642
+
2643
+ }
2644
+
2645
+ /**
2646
+ * Gather fields data from submission and store it
2647
+ *
2648
+ * @param array $entry
2649
+ * @param $form
2650
+ *
2651
+ * @return array
2652
+ * @global SpbcState $apbct
2653
+ */
2654
+ function apbct_from__WPForms__gatherData($entry, $form){
2655
+
2656
+ global $apbct;
2657
+
2658
+ $data = array();
2659
+ foreach($entry['fields'] as $key => $val){
2660
+ $true_key = strtolower(str_replace(' ', '_', $form['fields'][$key]['label']));
2661
+ $true_key = $true_key ? $true_key : $key;
2662
+ $data[$true_key] = $val;
2663
+ } unset($key, $val);
2664
+
2665
+ $apbct->form_data = $data;
2666
+
2667
+ return $entry;
2668
+ }
2669
+
2670
+ /**
2671
+ * Adding error to form entry if message is spam
2672
+ * Call spam test from here
2673
+ *
2674
+ * @param array $errors
2675
+ * @param array $form_data
2676
+ * @return array
2677
+ */
2678
+ function apbct_form__WPForms__showResponse($errors, $form_data) {
2679
+
2680
+ if(empty($errors) || ( isset($form_data['id'], $errors[$form_data['id']]) && !count($errors[$form_data['id']]) ) ){
2681
+
2682
+ $spam_comment = apbct_form__WPForms__testSpam();
2683
+
2684
+ $filed_id = $form_data && !empty($form_data['fields']) && is_array($form_data['fields'])
2685
+ ? key($form_data['fields'])
2686
+ : 0;
2687
+
2688
+ if($spam_comment)
2689
+ $errors[ $form_data['id'] ][ $filed_id ] = $spam_comment;
2690
+
2691
+ }
2692
+
2693
+ return $errors;
2694
+ }
2695
+
2696
+ /**
2697
+ * Test WPForms message for spam
2698
+ * Doesn't hooked anywhere.
2699
+ * Called directly from apbct_form__WPForms__showResponse()
2700
+ *
2701
+ * @global SpbcState $apbct
2702
+ * @global array $apbct->form_data Contains form data
2703
+ * @param array $errors Array of errors to write false result in
2704
+ * @return void|array|null
2705
+ */
2706
+ function apbct_form__WPForms__testSpam() {
2707
+
2708
+ global $apbct;
2709
+
2710
+ if(
2711
+ $apbct->settings['contact_forms_test'] == 0 ||
2712
+ $apbct->settings['protect_logged_in'] != 1 && is_user_logged_in() // Skip processing for logged in users.
2713
+ ){
2714
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2715
+ return;
2716
+ }
2717
+
2718
+ $checkjs = apbct_js_test('checkjs_wpforms', $_POST);
2719
+
2720
+ $params = ct_get_fields_any($apbct->form_data);
2721
+
2722
+ $sender_email = ($params['email'] ? $params['email'] : '');
2723
+ $sender_nickname = ($params['nickname'] ? $params['nickname'] : '');
2724
+ $subject = ($params['subject'] ? $params['subject'] : '');
2725
+ $message = ($params['message'] ? $params['message'] : array());
2726
+ if ($subject != '') {
2727
+ $message = array_merge(array('subject' => $subject), $message);
2728
+ }
2729
+
2730
+ $base_call_result = apbct_base_call(
2731
+ array(
2732
+ 'message' => $message,
2733
+ 'sender_email' => $sender_email,
2734
+ 'sender_nickname' => $sender_nickname,
2735
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wp_forms'),
2736
+ 'js_on' => $checkjs,
2737
+ )
2738
+ );
2739
+ $ct_result = $base_call_result['ct_result'];
2740
+
2741
+ // Change mail notification if license is out of date
2742
+ if($apbct->data['moderate'] == 0 &&
2743
+ ($ct_result->fast_submit == 1 || $ct_result->blacklisted == 1 || $ct_result->js_disabled == 1)
2744
+ ){
2745
+ $apbct->sender_email = $sender_email;
2746
+ $apbct->sender_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'));
2747
+ add_filter('wpforms_email_message', 'apbct_form__WPForms__changeMailNotification', 100, 2);
2748
+ }
2749
+
2750
+ if ($ct_result->allow == 0){
2751
+ return $ct_result->comment;
2752
+ }
2753
+
2754
+ return null;
2755
+
2756
+ }
2757
+
2758
+ /**
2759
+ * Changes email notification for succes subscription for Ninja Forms
2760
+ *
2761
+ * @param string $message Body of email notification
2762
+ * @param WPForms_WP_Emails $wpforms_email WPForms email class object
2763
+ * @return string Body for email notification
2764
+ */
2765
+ function apbct_form__WPForms__changeMailNotification($message, $wpforms_email){
2766
+
2767
+ global $apbct;
2768
+
2769
+ $message = str_replace('</html>', '', $message);
2770
+ $message = str_replace('</body>', '', $message);
2771
+ $message .= wpautop(PHP_EOL . '---'
2772
+ .PHP_EOL
2773
+ .__('CleanTalk AntiSpam: This message is spam.', 'cleantalk-spam-protect')
2774
+ .PHP_EOL . __('CleanTalk\'s anti-spam database:', 'cleantalk-spam-protect')
2775
+ .PHP_EOL . 'IP: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_ip . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_ip . '</a>'
2776
+ .PHP_EOL . 'Email: ' . '<a href="https://cleantalk.org/blacklists/' . $apbct->sender_email . '?utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_spam_passed" target="_blank">' . $apbct->sender_email . '</a>'
2777
+ .PHP_EOL . sprintf(
2778
+ __('Activate protection in your %sAnti-Spam Dashboard%s.', 'clentalk'),
2779
+ '<a href="https://cleantalk.org/my/?cp_mode=antispam&utm_source=newsletter&utm_medium=email&utm_campaign=wpforms_activate_antispam" target="_blank">',
2780
+ '</a>'
2781
+ ))
2782
+ .'</body></html>';
2783
+
2784
+ return $message;
2785
+
2786
+ }
2787
+
2788
+ /*
2789
+ * QuForms check spam
2790
+ * works with singl-paged forms
2791
+ * and with multi-paged forms - check only last step of the forms
2792
+ */
2793
+ function ct_quform_post_validate($result, $form) {
2794
+
2795
+ if ( $form->hasPages() ) {
2796
+ $comment_type = 'contact_form_wordpress_quforms_multipage';
2797
+ } else {
2798
+ $comment_type = 'contact_form_wordpress_quforms_singlepage';
2799
+ }
2800
+
2801
+ $ct_temp_msg_data = ct_get_fields_any( $form->getValues() );
2802
+ // @ToDo If we have several emails at the form - will be used only the first detected!
2803
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2804
+
2805
+ $checkjs = apbct_js_test('ct_checkjs', $_COOKIE);
2806
+ $base_call_result = apbct_base_call(
2807
+ array(
2808
+ 'message' => $form->getValues(),
2809
+ 'sender_email' => $sender_email,
2810
+ 'post_info' => array('comment_type' => $comment_type),
2811
+ 'js_on' => $checkjs,
2812
+ )
2813
+ );
2814
+
2815
+ $ct_result = $base_call_result['ct_result'];
2816
+ if ($ct_result->allow == 0) {
2817
+ die(json_encode(array('type' => 'error', 'apbct' => array('blocked' => true, 'comment' => $ct_result->comment))));
2818
+ } else {
2819
+ return $result;
2820
+ }
2821
+
2822
+ return $result;
2823
+
2824
+ }
2825
+
2826
+ /**
2827
+ * Inserts anti-spam hidden to Fast Secure contact form
2828
+ */
2829
+ function ct_si_contact_display_after_fields($string = '', $style = '', $form_errors = array(), $form_id_num = 0) {
2830
+ $string .= ct_add_hidden_fields('ct_checkjs', true);
2831
+ return $string;
2832
+ }
2833
+
2834
+ /**
2835
+ * Test for Fast Secure contact form
2836
+ */
2837
+ function ct_si_contact_form_validate($form_errors = array(), $form_id_num = 0) {
2838
+ global $apbct, $cleantalk_executed;
2839
+
2840
+ if (!empty($form_errors)) {
2841
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2842
+ return $form_errors;
2843
+ }
2844
+
2845
+
2846
+ if ($apbct->settings['contact_forms_test'] == 0) {
2847
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2848
+ return $form_errors;
2849
+ }
2850
+
2851
+ // Skip processing because data already processed.
2852
+ if ($cleantalk_executed) {
2853
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2854
+ return $form_errors;
2855
+ }
2856
+
2857
+ //getting info from custom fields
2858
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
2859
+
2860
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2861
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2862
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2863
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
2864
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
2865
+ if($subject != '') {
2866
+ $message['subject'] = $subject;
2867
+ }
2868
+
2869
+ $base_call_result = apbct_base_call(
2870
+ array(
2871
+ 'message' => $message,
2872
+ 'sender_email' => $sender_email,
2873
+ 'sender_nickname' => $sender_nickname,
2874
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_fscf'),
2875
+ 'js_on' => apbct_js_test('ct_checkjs', $_POST),
2876
+ )
2877
+ );
2878
+
2879
+ $ct_result = $base_call_result['ct_result'];
2880
+
2881
+ $cleantalk_executed = true;
2882
+
2883
+ if ($ct_result->allow == 0) {
2884
+ global $ct_comment;
2885
+ $ct_comment = $ct_result->comment;
2886
+ ct_die(null, null);
2887
+ exit;
2888
+ }
2889
+
2890
+ return $form_errors;
2891
+ }
2892
+
2893
+ /**
2894
+ * Notice for commentators which comment has automatically approved by plugin
2895
+ * @param string $hook URL of hooked page
2896
+ */
2897
+ function ct_comment_text($comment_text) {
2898
+ global $comment, $ct_approved_request_id_label;
2899
+
2900
+ if (isset($_COOKIE[$ct_approved_request_id_label]) && isset($comment->comment_ID)) {
2901
+ $ct_hash = get_comment_meta($comment->comment_ID, 'ct_hash', true);
2902
+
2903
+ if ($ct_hash !== '' && $_COOKIE[$ct_approved_request_id_label] == $ct_hash) {
2904
+ $comment_text .= '<br /><br /> <em class="comment-awaiting-moderation">' . __('Comment approved. Anti-spam by CleanTalk.', 'cleantalk-spam-protect') . '</em>';
2905
+ }
2906
+ }
2907
+
2908
+ return $comment_text;
2909
+ }
2910
+
2911
+
2912
+ /**
2913
+ * Checks WordPress Landing Pages raw $_POST values
2914
+ */
2915
+ function ct_check_wplp(){
2916
+
2917
+ global $ct_wplp_result_label, $apbct;
2918
+
2919
+ if (!isset($_COOKIE[$ct_wplp_result_label])) {
2920
+ // First AJAX submit of WPLP form
2921
+ if ($apbct->settings['contact_forms_test'] == 0) {
2922
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
2923
+ return;
2924
+ }
2925
+
2926
+ $post_info['comment_type'] = 'feedback';
2927
+ $post_info = json_encode($post_info);
2928
+ if ($post_info === false)
2929
+ $post_info = '';
2930
+
2931
+ $sender_email = '';
2932
+ foreach ($_POST as $v) {
2933
+ if (preg_match("/^\S+@\S+\.\S+$/", $v)) {
2934
+ $sender_email = $v;
2935
+ break;
2936
+ }
2937
+ }
2938
+
2939
+ $message = '';
2940
+ if(array_key_exists('form_input_values', $_POST)){
2941
+ $form_input_values = json_decode(stripslashes($_POST['form_input_values']), true);
2942
+ if (is_array($form_input_values) && array_key_exists('null', $form_input_values))
2943
+ $message = $form_input_values['null'];
2944
+ } else if (array_key_exists('null', $_POST)) {
2945
+ $message = $_POST['null'];
2946
+ }
2947
+
2948
+ $base_call_result = apbct_base_call(
2949
+ array(
2950
+ 'message' => $message,
2951
+ 'sender_email' => $sender_email,
2952
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_wplp'),
2953
+ )
2954
+ );
2955
+
2956
+ $ct_result = $base_call_result['ct_result'];
2957
+
2958
+ if ($ct_result->allow == 0) {
2959
+ $cleantalk_comment = $ct_result->comment;
2960
+ } else {
2961
+ $cleantalk_comment = 'OK';
2962
+ }
2963
+
2964
+ \Cleantalk\Common\Helper::apbct_cookie__set($ct_wplp_result_label, $cleantalk_comment, strtotime("+5 seconds"), '/');
2965
+ } else {
2966
+ // Next POST/AJAX submit(s) of same WPLP form
2967
+ $cleantalk_comment = $_COOKIE[$ct_wplp_result_label];
2968
+ }
2969
+ if ($cleantalk_comment !== 'OK')
2970
+ ct_die_extended($cleantalk_comment);
2971
+ }
2972
+
2973
+ /**
2974
+ * Places a hidding field to Gravity forms.
2975
+ * @return string
2976
+ */
2977
+ function apbct_form__gravityForms__addField($form_string, $form){
2978
+ $ct_hidden_field = 'ct_checkjs';
2979
+
2980
+ // Do not add a hidden field twice.
2981
+ if (preg_match("/$ct_hidden_field/", $form_string)) {
2982
+ return $form_string;
2983
+ }
2984
+
2985
+ $search = "</form>";
2986
+
2987
+ // Adding JS code
2988
+ $js_code = ct_add_hidden_fields($ct_hidden_field, true, false);
2989
+ $form_string = str_replace($search, $js_code . $search, $form_string);
2990
+
2991
+ // Adding field for multipage form. Look for cleantalk.php -> apbct_cookie();
2992
+ $append_string = isset($form['lastPageButton']) ? "<input type='hidden' name='ct_multipage_form' value='yes'>" : '';
2993
+ $form_string = str_replace($search, $append_string.$search, $form_string);
2994
+
2995
+ return $form_string;
2996
+ }
2997
+
2998
+ /**
2999
+ * Gravity forms anti-spam test.
3000
+ * @return boolean
3001
+ */
3002
+ function apbct_form__gravityForms__testSpam($is_spam, $form, $entry) {
3003
+
3004
+ global $apbct, $cleantalk_executed, $ct_gform_is_spam, $ct_gform_response;
3005
+
3006
+ if (
3007
+ $apbct->settings['contact_forms_test'] == 0 ||
3008
+ $is_spam ||
3009
+ $cleantalk_executed // Return unchanged result if the submission was already tested.
3010
+ ) {
3011
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3012
+ return $is_spam;
3013
+ }
3014
+
3015
+ $ct_temp = array();
3016
+ foreach($entry as $key => $value){
3017
+ if(is_numeric($key))
3018
+ $ct_temp[$key]=$value;
3019
+ } unset($key, $value);
3020
+
3021
+ $ct_temp_msg_data = ct_get_fields_any($ct_temp);
3022
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3023
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3024
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3025
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3026
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3027
+
3028
+ // Adding 'input_' to every field /Gravity Forms fix/
3029
+ $tmp = $message;
3030
+ $message = array();
3031
+ foreach($tmp as $key => $value){
3032
+ $message[ 'input_' . $key] = $value;
3033
+ } unset( $key, $value, $tmp );
3034
+
3035
+ if($subject != '')
3036
+ $message['subject'] = $subject;
3037
+
3038
+ $checkjs = apbct_js_test('ct_checkjs', $_POST)
3039
+ ? apbct_js_test('ct_checkjs', $_POST)
3040
+ : apbct_js_test('ct_checkjs', $_COOKIE);
3041
+
3042
+ $base_call_result = apbct_base_call(
3043
+ array(
3044
+ 'message' => $message,
3045
+ 'sender_email' => $sender_email,
3046
+ 'sender_nickname' => $sender_nickname,
3047
+ 'post_info' => array('comment_type' => 'contact_form_wordpress_gravity_forms'),
3048
+ 'js_on' => $checkjs,
3049
+ )
3050
+ );
3051
+
3052
+ $ct_result = $base_call_result['ct_result'];
3053
+ if ($ct_result->allow == 0) {
3054
+ $is_spam = true;
3055
+ $ct_gform_is_spam = true;
3056
+ $ct_gform_response = $ct_result->comment;
3057
+ }
3058
+
3059
+ return $is_spam;
3060
+ }
3061
+
3062
+ function apbct_form__gravityForms__showResponse( $confirmation, $form, $entry, $ajax ){
3063
+
3064
+ global $ct_gform_is_spam, $ct_gform_response;
3065
+
3066
+ if(!empty($ct_gform_is_spam)){
3067
+ $confirmation = '<a id="gf_'.$form['id'].'" class="gform_anchor" ></a><div id="gform_confirmation_wrapper_'.$form['id'].'" class="gform_confirmation_wrapper "><div id="gform_confirmation_message_'.$form['id'].'" class="gform_confirmation_message_'.$form['id'].' gform_confirmation_message"><font style="color: red">'.$ct_gform_response.'</font></div></div>';
3068
+ }
3069
+
3070
+ return $confirmation;
3071
+ }
3072
+
3073
+ /**
3074
+ * Test S2member registration
3075
+ * @return array with errors
3076
+ */
3077
+ function ct_s2member_registration_test($post_key) {
3078
+
3079
+ global $apbct;
3080
+
3081
+ if ($apbct->settings['registrations_test'] == 0) {
3082
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3083
+ return null;
3084
+ }
3085
+
3086
+ $sender_email = isset($_POST[$post_key]['email']) ? sanitize_email($_POST[$post_key]['email']) : null;
3087
+ $sender_nickname = isset($_POST[$post_key]['username']) ? sanitize_email($_POST[$post_key]['username']) : null;
3088
+
3089
+ //Making a call
3090
+ $base_call_result = apbct_base_call(
3091
+ array(
3092
+ 'sender_email' => $sender_email,
3093
+ 'sender_nickname' => $sender_nickname,
3094
+ ),
3095
+ true
3096
+ );
3097
+ $ct_result = $base_call_result['ct_result'];
3098
+
3099
+ if ($ct_result->allow == 0) {
3100
+ ct_die_extended($ct_result->comment);
3101
+ }
3102
+
3103
+ return true;
3104
+ }
3105
+
3106
+ function apbct_form__the7_contact_form() {
3107
+
3108
+ global $cleantalk_executed;
3109
+
3110
+ if ( check_ajax_referer( 'dt_contact_form', 'nonce', false ) && isset($_POST) ) {
3111
+
3112
+ $post_info['comment_type'] = 'contact_the7_theme_contact_form';
3113
+
3114
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
3115
+
3116
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3117
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3118
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3119
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3120
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3121
+ if ($subject != '') {
3122
+ $message = array_merge(array('subject' => $subject), $message);
3123
+ }
3124
+
3125
+ // Skip submission if no data found
3126
+ if ($sender_email === ''|| !$contact_form) {
3127
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3128
+ return false;
3129
+ }
3130
+ $cleantalk_executed = true;
3131
+
3132
+ $base_call_result = apbct_base_call(
3133
+ array(
3134
+ 'message' => $message,
3135
+ 'sender_email' => $sender_email,
3136
+ 'sender_nickname' => $sender_nickname,
3137
+ 'post_info' => $post_info,
3138
+ )
3139
+ );
3140
+
3141
+ $ct_result = $base_call_result['ct_result'];
3142
+ if ($ct_result->allow == 0) {
3143
+
3144
+ $response = json_encode(
3145
+ array(
3146
+ 'success' => false ,
3147
+ 'errors' => $ct_result->comment,
3148
+ 'nonce' => wp_create_nonce( 'dt_contact_form' )
3149
+ )
3150
+ );
3151
+
3152
+ // response output
3153
+ header( "Content-Type: application/json" );
3154
+ echo $response;
3155
+
3156
+ // IMPORTANT: don't forget to "exit"
3157
+ exit;
3158
+
3159
+ }
3160
+
3161
+ }
3162
+
3163
+ }
3164
+
3165
+ function apbct_form__elementor_pro__testSpam() {
3166
+
3167
+ global $apbct, $cleantalk_executed;
3168
+
3169
+ if(
3170
+ $apbct->settings['contact_forms_test'] == 0
3171
+ || ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) // Skip processing for logged in users.
3172
+ || apbct_exclusions_check__url()
3173
+ ){
3174
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3175
+ return;
3176
+ }
3177
+
3178
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
3179
+
3180
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3181
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3182
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3183
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3184
+ if ($subject != '') {
3185
+ $message = array_merge(array('subject' => $subject), $message);
3186
+ }
3187
+
3188
+ $post_info['comment_type'] = 'contact_form_wordpress_elementor_pro';
3189
+
3190
+ $cleantalk_executed = true;
3191
+ $base_call_result = apbct_base_call(
3192
+ array(
3193
+ 'message' => $message,
3194
+ 'sender_email' => $sender_email,
3195
+ 'sender_nickname' => $sender_nickname,
3196
+ 'post_info' => $post_info,
3197
+ )
3198
+ );
3199
+
3200
+ $ct_result = $base_call_result['ct_result'];
3201
+
3202
+ if ($ct_result->allow == 0) {
3203
+
3204
+ wp_send_json_error( array(
3205
+ 'message' => $ct_result->comment,
3206
+ 'data' => array()
3207
+ ) );
3208
+
3209
+ }
3210
+
3211
+ }
3212
+
3213
+ // INEVIO theme integration
3214
+ function apbct_form__inevio__testSpam() {
3215
+
3216
+ global $apbct, $cleantalk_executed;
3217
+
3218
+ $theme = wp_get_theme();
3219
+ if(
3220
+ stripos( $theme->get( 'Name' ), 'INEVIO' ) === false ||
3221
+ $apbct->settings['contact_forms_test'] == 0 ||
3222
+ ($apbct->settings['protect_logged_in'] != 1 && is_user_logged_in()) || // Skip processing for logged in users.
3223
+ apbct_exclusions_check__url()
3224
+ ) {
3225
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3226
+ return false;
3227
+ }
3228
+ $form_data = array();
3229
+ parse_str($_POST['data'], $form_data);
3230
+
3231
+ $name = isset($form_data['name']) ? $form_data['name'] : '';
3232
+ $email = isset($form_data['email']) ? $form_data['email'] : '';
3233
+ $message = isset($form_data['message']) ? $form_data['message'] : '';
3234
+
3235
+ $post_info['comment_type'] = 'contact_form_wordpress_inevio_theme';
3236
+
3237
+ $cleantalk_executed = true;
3238
+ $base_call_result = apbct_base_call(
3239
+ array(
3240
+ 'message' => $message,
3241
+ 'sender_email' => $email,
3242
+ 'sender_nickname' => $name,
3243
+ 'post_info' => $post_info,
3244
+ )
3245
+ );
3246
+
3247
+ $ct_result = $base_call_result['ct_result'];
3248
+
3249
+ if ( $ct_result->allow == 0 ) {
3250
+ die(json_encode(array('apbct' => array('blocked' => true, 'comment' => $ct_result->comment,))));
3251
+ }
3252
+
3253
+ return true;
3254
+
3255
+ }
3256
+
3257
+ /**
3258
+ * General test for any contact form
3259
+ */
3260
+ function ct_contact_form_validate() {
3261
+
3262
+ global $pagenow,$cleantalk_executed ,$apbct, $ct_checkjs_frm;
3263
+
3264
+ // Exclusios common function
3265
+ if ( apbct_exclusions_check(__FUNCTION__) ) {
3266
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3267
+ return null;
3268
+ }
3269
+
3270
+ if (@sizeof($_POST)==0 ||
3271
+ (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
3272
+ (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
3273
+ (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
3274
+ apbct_is_in_referer( 'lostpassword' ) ||
3275
+ apbct_is_in_referer( 'lost-password' ) || //Skip lost-password form check
3276
+ (apbct_is_in_uri('/wp-admin/') && (empty($_POST['your-phone']) && empty($_POST['your-email']) && empty($_POST['your-message']))) || //Bitrix24 Contact
3277
+ apbct_is_in_uri('wp-login.php') ||
3278
+ apbct_is_in_uri('wp-comments-post.php') ||
3279
+ apbct_is_in_uri('?provider=facebook&') ||
3280
+ apbct_is_in_uri('reset-password/') || // Ticket #13668. Password reset.
3281
+ apbct_is_in_referer( '/wp-admin/') ||
3282
+ apbct_is_in_uri('/login/') ||
3283
+ apbct_is_in_uri( '/my-account/edit-account/') || // WooCommerce edit account page
3284
+ apbct_is_in_uri( '/my-account/edit-address/') || // WooCommerce edit account page
3285
+ (isset($_POST['action']) && $_POST['action'] == 'save_account_details') || // WooCommerce edit account action
3286
+ apbct_is_in_uri( '/peepsoajax/profilefieldsajax.validate_register') ||
3287
+ isset($_GET['ptype']) && $_GET['ptype']=='login' ||
3288
+ isset($_POST['ct_checkjs_register_form']) ||
3289
+ (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
3290
+ $apbct->settings['general_contact_forms_test'] == 0 ||
3291
+ isset($_POST['bbp_topic_content']) ||
3292
+ isset($_POST['bbp_reply_content']) ||
3293
+ isset($_POST['fscf_submitted']) ||
3294
+ apbct_is_in_uri('/wc-api/') ||
3295
+ isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit']) ||
3296
+ isset($_POST[$ct_checkjs_frm]) && $apbct->settings['contact_forms_test'] == 1 ||// Formidable forms
3297
+ ( isset($_POST['comment_post_ID']) && ! isset($_POST['comment-submit'] ) ) || // The comment form && ! DW Question & Answer
3298
+ isset($_GET['for']) ||
3299
+ (isset($_POST['log'], $_POST['pwd'])) || //WooCommerce Sensei login form fix
3300
+ (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || // WooCommerce recovery password form
3301
+ ((isset($_POST['woocommerce-login-nonce']) || isset($_POST['_wpnonce'])) && isset($_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || // WooCommerce login form
3302
+ (isset($_POST['wc-api']) && strtolower($_POST['wc-api']) == 'wc_gateway_systempay') || // Woo Systempay payment plugin
3303
+ apbct_is_in_uri( 'wc-api=WC_Gateway_Realex_Redirect') || // Woo Realex payment Gateway plugin
3304
+ (isset($_POST['_wpcf7'], $_POST['_wpcf7_version'], $_POST['_wpcf7_locale'])) || //CF7 fix)
3305
+ (isset($_POST['hash'], $_POST['device_unique_id'], $_POST['device_name'])) ||//Mobile Assistant Connector fix
3306
+ isset($_POST['gform_submit']) || //Gravity form
3307
+ apbct_is_in_uri( 'wc-ajax=get_refreshed_fragments') ||
3308
+ (isset($_POST['ccf_form']) && intval($_POST['ccf_form']) == 1) ||
3309
+ (isset($_POST['contact_tags']) && strpos($_POST['contact_tags'], 'MBR:') !== false) ||
3310
+ (apbct_is_in_uri( 'bizuno.php') && !empty($_POST['bizPass'])) ||
3311
+ apbct_is_in_referer( 'my-dashboard/' ) || // ticket_id=7885
3312
+ isset($_POST['slm_action'], $_POST['license_key'], $_POST['secret_key'], $_POST['registered_domain']) || // ticket_id=9122
3313
+ (isset($_POST['wpforms']['submit']) && $_POST['wpforms']['submit'] == 'wpforms-submit') || // WPForms
3314
+ (isset($_POST['action']) && $_POST['action'] == 'grunion-contact-form') || // JetPack
3315
+ (isset($_POST['action']) && $_POST['action'] == 'bbp-update-user') || //BBP update user info page
3316
+ apbct_is_in_referer( '?wc-api=WC_Gateway_Transferuj' ) || //WC Gateway
3317
+ (isset($_GET['mbr'], $_GET['amp;appname'], $_GET['amp;master'])) || // ticket_id=10773
3318
+ (isset($_POST['call_function']) && $_POST['call_function'] == 'push_notification_settings') || // Skip mobile requests (push settings)
3319
+ apbct_is_in_uri('membership-login') || // Skip login form
3320
+ (isset($_GET['cookie-state-change'])) || //skip GDPR plugin
3321
+ ( apbct_get_server_variable( 'HTTP_USER_AGENT' ) == 'MailChimp' && apbct_is_in_uri( 'mc4wp-sync-api/webhook-listener') ) || // Mailchimp webhook skip
3322
+ apbct_is_in_uri('researcher-log-in') || // Skip login form
3323
+ apbct_is_in_uri('admin_aspcms/_system/AspCms_SiteSetting.asp?action=saves') || // Skip admin save callback
3324
+ apbct_is_in_uri('?profile_tab=postjobs') || // Skip post vacancies
3325
+ (isset($_POST['btn_insert_post_type_hotel']) && $_POST['btn_insert_post_type_hotel'] == 'SUBMIT HOTEL') || // Skip adding hotel
3326
+ (isset($_POST['action']) && $_POST['action'] == 'updraft_savesettings') || // Updraft save settings
3327
+ isset($_POST['quform_submit']) || //QForms multi-paged form skip
3328
+ (isset($_POST['wpum_form']) && $_POST['wpum_form'] == 'login') || //WPUM login skip
3329
+ isset($_POST['password']) || // Exception for login form. From Analysis uid=406596
3330
+ (isset($_POST['action']) && $_POST['action'] == 'wilcity_reset_password') || // Exception for reset password form. From Analysis uid=430898
3331
+ (isset($_POST['action']) && $_POST['action'] == 'wilcity_login') || // Exception for login form. From Analysis uid=430898
3332
+ (isset($_POST['qcfsubmit'])) || //Exception for submit quick forms - duplicates with qcfvalidate
3333
+ apbct_is_in_uri('tin-canny-learndash-reporting/src/h5p-xapi/process-xapi-statement.php?v=asd') || //Skip Tin Canny plugin
3334
+ ( isset( $_POST['na'], $_POST['ts'], $_POST['nhr'] ) && !apbct_is_in_uri( '?na=s' ) ) || // The Newsletter Plugin double requests fix. Ticket #14772
3335
+ (isset($_POST['spl_action']) && $_POST['spl_action'] == 'register') || //Skip interal action with empty params
3336
+ (isset($_POST['action']) && $_POST['action'] == 'bwfan_insert_abandoned_cart' && apbct_is_in_uri( 'my-account/edit-address' )) || //Skip edit account
3337
+ apbct_is_in_uri('login-1') || //Skip login form
3338
+ apbct_is_in_uri('recuperacao-de-senha-2') || //Skip form reset password
3339
+ apbct_is_in_uri('membermouse/api/request.php') && isset($_POST['membership_level_id'],$_POST['apikey'],$_POST['apisecret']) || // Membermouse API
3340
+ ( isset( $_POST['AppKey'] ) && ( isset( $_POST['cbAP'] ) && $_POST['cbAP'] == 'Caspio' ) ) || // Caspio exclusion (ticket #16444)
3341
+ isset($_POST['wpforms_id'], $_POST['wpforms_author']) || //Skip wpforms
3342
+ ( isset( $_POST['somfrp_action'], $_POST['submitted'] ) && $_POST['somfrp_action'] == 'somfrp_lost_pass' ) || // Frontend Reset Password exclusion
3343
+ ( isset( $_POST['action'] ) && $_POST['action'] == 'dokan_save_account_details' ) ||
3344
+ \Cleantalk\Variables\Post::get('action') === 'frm_get_lookup_text_value' || // Exception for Formidable multilevel form
3345
+ ( isset( $_POST['ihcaction'] ) && $_POST['ihcaction'] == 'reset_pass') //Reset pass exclusion
3346
+ ) {
3347
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3348
+ return null;
3349
+ }
3350
+
3351
+ //Skip woocommerce checkout
3352
+ if (apbct_is_in_uri('wc-ajax=update_order_review') ||
3353
+ apbct_is_in_uri('wc-ajax=checkout') ||
3354
+ !empty($_POST['woocommerce_checkout_place_order']) ||
3355
+ apbct_is_in_uri('wc-ajax=wc_ppec_start_checkout') ||
3356
+ apbct_is_in_referer('wc-ajax=update_order_review')
3357
+ )
3358
+ {
3359
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3360
+ return null;
3361
+ }
3362
+
3363
+ //Skip woocommerce add_to_cart
3364
+ if( ! empty( $_POST['add-to-cart'] ) )
3365
+ {
3366
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3367
+ return null;
3368
+ }
3369
+
3370
+ // Do not execute anti-spam test for logged in users.
3371
+ if (isset($_COOKIE[LOGGED_IN_COOKIE]) && $apbct->settings['protect_logged_in'] != 1) {
3372
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3373
+ return null;
3374
+ }
3375
+ //Skip WP Fusion web hooks
3376
+ if ( apbct_is_in_uri('wpf_action') && apbct_is_in_uri('access_key') && isset( $_GET['access_key'] ) ) {
3377
+ if( function_exists( 'wp_fusion' ) ) {
3378
+ $key = wp_fusion()->settings->get('access_key');
3379
+ if ( $key == $_GET['access_key'] ) {
3380
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3381
+ return null;
3382
+ }
3383
+ }
3384
+ }
3385
+ //Skip system fields for divi
3386
+ if (strpos( \Cleantalk\Variables\Post::get('action'), 'et_pb_contactform_submit') === 0) {
3387
+ foreach ($_POST as $key => $value) {
3388
+ if (strpos($key, 'et_pb_contact_email_fields') === 0) {
3389
+ unset($_POST[$key]);
3390
+ }
3391
+ }
3392
+ }
3393
+ $post_info['comment_type'] = 'feedback_general_contact_form';
3394
+
3395
+ $ct_temp_msg_data = ct_get_fields_any($_POST);
3396
+
3397
+ $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
3398
+ $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
3399
+ $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
3400
+ $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
3401
+ $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
3402
+ if ($subject != '') {
3403
+ $message = array_merge(array('subject' => $subject), $message);
3404
+ }
3405
+
3406
+ // Skip submission if no data found
3407
+ if ($sender_email === ''|| !$contact_form) {
3408
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3409
+ return false;
3410
+ }
3411
+ $cleantalk_executed=true;
3412
+
3413
+ if(isset($_POST['TellAFriend_Link'])){
3414
+ $tmp = $_POST['TellAFriend_Link'];
3415
+ unset($_POST['TellAFriend_Link']);
3416
+ }
3417
+
3418
+ $base_call_result = apbct_base_call(
3419
+ array(
3420
+ 'message' => $message,
3421
+ 'sender_email' => $sender_email,
3422
+ 'sender_nickname' => $sender_nickname,
3423
+ 'post_info' => $post_info,
3424
+ 'sender_info' => array( 'sender_email' => urlencode( $sender_email ) ),
3425
+ )
3426
+ );
3427
+
3428
+ if(isset($_POST['TellAFriend_Link'])){
3429
+ $_POST['TellAFriend_Link']=$tmp;
3430
+ }
3431
+
3432
+ $ct_result = $base_call_result['ct_result'];
3433
+ if ($ct_result->allow == 0) {
3434
+
3435
+ // Recognize contact form an set it's name to $contact_form to use later
3436
+ $contact_form = null;
3437
+ foreach($_POST as $param => $value){
3438
+ if(strpos($param, 'et_pb_contactform_submit') === 0){
3439
+ $contact_form = 'contact_form_divi_theme';
3440
+ $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
3441
+ }
3442
+ if(strpos($param, 'avia_generated_form') === 0){
3443
+ $contact_form = 'contact_form_enfold_theme';
3444
+ $contact_form_additional = str_replace('avia_generated_form', '', $param);
3445
+ }
3446
+ if(!empty($contact_form))
3447
+ break;
3448
+ }
3449
+
3450
+ $ajax_call = false;
3451
+ if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
3452
+ ) {
3453
+ $ajax_call = true;
3454
+ }
3455
+ if ($ajax_call) {
3456
+ echo $ct_result->comment;
3457
+ } else {
3458
+
3459
+ global $ct_comment;
3460
+ $ct_comment = $ct_result->comment;
3461
+ if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add'){
3462
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3463
+ header("Content-Type: application/json");
3464
+ print json_encode($result);
3465
+ die();
3466
+
3467
+ }else if(isset($_POST['TellAFriend_email'])){
3468
+ echo $ct_result->comment;
3469
+ die();
3470
+
3471
+ }else if(isset($_POST['gform_submit'])){ // Gravity forms submission
3472
+ $response = sprintf("<!DOCTYPE html><html><head><meta charset='UTF-8' /></head><body class='GF_AJAX_POSTBACK'><div id='gform_confirmation_wrapper_1' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_1' class='gform_confirmation_message_1
3473
+ gform_confirmation_message'>%s</div></div></body></html>",
3474
+ $ct_result->comment
3475
+ );
3476
+ echo $response;
3477
+ die();
3478
+
3479
+ }elseif(isset($_POST['action']) && $_POST['action'] == 'ct_check_internal'){
3480
+ return $ct_result->comment;
3481
+
3482
+ }elseif(isset($_POST['vfb-submit']) && defined('VFB_VERSION')){
3483
+ wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk-spam-protect')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
3484
+ // Caldera Contact Forms
3485
+ }elseif(isset($_POST['action']) && $_POST['action'] == 'cf_process_ajax_submit'){
3486
+ print json_encode("<h3 style='color: red;'><red>".$ct_result->comment);
3487
+ die();
3488
+ // Mailster
3489
+ }elseif(isset($_POST['_referer'], $_POST['formid'], $_POST['email'])){
3490
+ $return = array(
3491
+ 'success' => false,
3492
+ 'html' => '<p>' . $ct_result->comment . '</p>',
3493
+ );
3494
+ print json_encode($return);
3495
+ die();
3496
+ // Divi Theme Contact Form. Using $contact_form
3497
+ }elseif(!empty($contact_form) && $contact_form == 'contact_form_divi_theme'){
3498
+ echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
3499
+ die();
3500
+ // Enfold Theme Contact Form. Using $contact_form
3501
+ }elseif(!empty($contact_form) && $contact_form == 'contact_form_enfold_theme'){
3502
+ echo "<div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1' style='display: block;'><div id='ajaxresponse_1' class='ajaxresponse ajaxresponse_1'><h3 class='avia-form-success'>Antispam by CleanTalk: ".$ct_result->comment."</h3><a href='.'><-Back</a></div></div>";
3503
+ die();
3504
+ }else{
3505
+ ct_die(null, null);
3506
+ }
3507
+ }
3508
+ exit;
3509
+ }
3510
+
3511
+ return null;
3512
+ }
3513
+
3514
+ /**
3515
+ * General test for any post data
3516
+ */
3517
+ function ct_contact_form_validate_postdata() {
3518
+
3519
+ global $apbct, $pagenow,$cleantalk_executed;
3520
+
3521
+ // Exclusios common function
3522
+ if ( apbct_exclusions_check(__FUNCTION__) ) {
3523
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3524
+ return null;
3525
+ }
3526
+
3527
+ if (@sizeof($_POST)==0 ||
3528
+ (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
3529
+ (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
3530
+ (isset($pagenow) && $pagenow == 'wp-login.php' && isset($_GET['action']) && $_GET['action']=='lostpassword') ||
3531
+ apbct_is_in_uri('/checkout/') ||
3532
+ /* WooCommerce Service Requests - skip them */
3533
+ isset($_GET['wc-ajax']) && (
3534
+ $_GET['wc-ajax']=='checkout' ||
3535
+ $_GET['wc-ajax']=='get_refreshed_fragments' ||
3536
+ $_GET['wc-ajax']=='apply_coupon' ||
3537
+ $_GET['wc-ajax']=='remove_coupon' ||
3538
+ $_GET['wc-ajax']=='update_shipping_method' ||
3539
+ $_GET['wc-ajax']=='get_cart_totals' ||
3540
+ $_GET['wc-ajax']=='update_order_review' ||
3541
+ $_GET['wc-ajax']=='add_to_cart' ||
3542
+ $_GET['wc-ajax']=='remove_from_cart' ||
3543
+ $_GET['wc-ajax']=='get_variation' ||
3544
+ $_GET['wc-ajax']=='get_customer_location'
3545
+ ) ||
3546
+ /* END: WooCommerce Service Requests */
3547
+ apbct_is_in_uri('/wp-admin/') ||
3548
+ apbct_is_in_uri('wp-login.php') ||
3549
+ apbct_is_in_uri('wp-comments-post.php') ||
3550
+ apbct_is_in_referer('/wp-admin/') ||
3551
+ apbct_is_in_uri('/login/') ||
3552
+ apbct_is_in_uri('?provider=facebook&') ||
3553
+ isset($_GET['ptype']) && $_GET['ptype']=='login' ||
3554
+ isset($_POST['ct_checkjs_register_form']) ||
3555
+ (isset($_POST['signup_username']) && isset($_POST['signup_password_confirm']) && isset($_POST['signup_submit']) ) ||
3556
+ $apbct->settings['general_contact_forms_test']==0 ||
3557
+ isset($_POST['bbp_topic_content']) ||
3558
+ isset($_POST['bbp_reply_content']) ||
3559
+ isset($_POST['fscf_submitted']) ||
3560
+ isset($_POST['log']) && isset($_POST['pwd']) && isset($_POST['wp-submit'])||
3561
+ apbct_is_in_uri('/wc-api/') ||
3562
+ (isset($_POST['wc_reset_password'], $_POST['_wpnonce'], $_POST['_wp_http_referer'])) || //WooCommerce recovery password form
3563
+ (isset($_POST['woocommerce-login-nonce'], $_POST['login'], $_POST['password'], $_POST['_wp_http_referer'])) || //WooCommerce login form
3564
+ (isset($_POST['provider'], $_POST['authcode']) && $_POST['provider'] == 'Two_Factor_Totp') || //TwoFactor authorization
3565
+ (isset($_GET['wc-ajax']) && $_GET['wc-ajax'] == 'sa_wc_buy_now_get_ajax_buy_now_button') || //BuyNow add to cart
3566
+ apbct_is_in_uri('/wp-json/wpstatistics/v1/hit') || //WPStatistics
3567
+ (isset($_POST['ihcaction']) && $_POST['ihcaction'] == 'login') || //Skip login form
3568
+ (isset($_POST['action']) && $_POST['action'] == 'infinite_scroll') || //Scroll
3569
+ isset($_POST['gform_submit']) || //Skip gravity checking because of direct integration
3570
+ (isset($_POST['lrm_action']) && $_POST['lrm_action'] == 'login') || //Skip login form
3571
+ apbct_is_in_uri( 'xmlrpc.php?for=jetpack' )
3572
+ ) {
3573
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3574
+ return null;
3575
+ }
3576
+
3577
+ $message = ct_get_fields_any_postdata($_POST);
3578
+
3579
+ // ???
3580
+ if(strlen(json_encode($message))<10) {
3581
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3582
+ return null;
3583
+ }
3584
+
3585
+
3586
+ // Skip if request contains params
3587
+ $skip_params = array(
3588
+ 'ipn_track_id', // PayPal IPN #
3589
+ 'txn_type', // PayPal transaction type
3590
+ 'payment_status', // PayPal payment status
3591
+ );
3592
+ foreach($skip_params as $key=>$value){
3593
+ if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST)) {
3594
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3595
+ return null;
3596
+ }
3597
+ }
3598
+
3599
+ $base_call_result = apbct_base_call(
3600
+ array(
3601
+ 'message' => $message,
3602
+ 'post_info' => array('comment_type' => 'feedback_general_postdata'),
3603
+ )
3604
+ );
3605
+
3606
+ $cleantalk_executed=true;
3607
+
3608
+ $ct_result = $base_call_result['ct_result'];
3609
+
3610
+ if ($ct_result->allow == 0) {
3611
+
3612
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
3613
+ global $ct_comment;
3614
+ $ct_comment = $ct_result->comment;
3615
+ if(isset($_POST['cma-action'])&&$_POST['cma-action']=='add')
3616
+ {
3617
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
3618
+ header("Content-Type: application/json");
3619
+ print json_encode($result);
3620
+ die();
3621
+ }
3622
+ else
3623
+ {
3624
+ ct_die(null, null);
3625
+ }
3626
+ } else {
3627
+ echo $ct_result->comment;
3628
+ }
3629
+ exit;
3630
+ }
3631
+
3632
+ return null;
3633
+ }
3634
+
3635
+
3636
+ /**
3637
+ * Inner function - Finds and returns pattern in string
3638
+ * @return null|bool
3639
+ */
3640
+ function ct_get_data_from_submit($value = null, $field_name = null) {
3641
+ if (!$value || !$field_name || !is_string($value)) {
3642
+ return false;
3643
+ }
3644
+ if (preg_match("/[a-z0-9_\-]*" . $field_name. "[a-z0-9_\-]*$/", $value)) {
3645
+ return true;
3646
+ }
3647
+ }
3648
+
3649
+ /**
3650
+ * Sends error notice to admin
3651
+ * @return null
3652
+ */
3653
+ function ct_send_error_notice ($comment = '') {
3654
+ global $ct_admin_notoice_period, $apbct;
3655
+
3656
+ $timelabel_reg = intval( get_option('cleantalk_timelabel_reg') );
3657
+ if(time() - $ct_admin_notoice_period > $timelabel_reg){
3658
+ update_option('cleantalk_timelabel_reg', time());
3659
+
3660
+ $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
3661
+ $message = __('Attention, please!', 'cleantalk-spam-protect') . "\r\n\r\n";
3662
+ $message .= sprintf(__('"%s" plugin error on your site "%s":', 'cleantalk-spam-protect'), $apbct->plugin_name, $blogname) . "\r\n\r\n";
3663
+ $message .= preg_replace('/^(.*?)<a.*?"(.*?)".*?>(.*?)<.a>(.*)$/', '$1. $3: $2?user_token='. $apbct->user_token .' $4', $comment) . "\r\n\r\n";
3664
+ @wp_mail(ct_get_admin_email(), sprintf(__('[%s] "%s" error!', 'cleantalk-spam-protect'), $apbct->plugin_name, $blogname), $message);
3665
+ }
3666
+
3667
+ return null;
3668
+ }
3669
+
3670
+ /**
3671
+ * Prints form for "protect externals
3672
+ *
3673
+ * @param $arr
3674
+ * @param $k
3675
+ */
3676
+ function ct_print_form( $arr, $k ){
3677
+
3678
+ // Fix for pages04.net forms
3679
+ if( isset( $arr['formSourceName'] ) ){
3680
+ $tmp = array();
3681
+ foreach( $arr as $key => $val ){
3682
+ $tmp_key = str_replace( '_', '+', $key );
3683
+ $tmp[$tmp_key] = $val;
3684
+ }
3685
+ $arr = $tmp;
3686
+ unset( $tmp, $key, $tmp_key, $val );
3687
+ }
3688
+
3689
+ foreach( $arr as $key => $value ){
3690
+
3691
+ if( ! is_array( $value ) ){
3692
+ print '<textarea
3693
+ name="' . ( $k == '' ? $key : $k . '[' . $key . ']' ) . '"
3694
+ style="display:none;">' . htmlspecialchars( $value )
3695
+ . '</textarea>';
3696
+ }else{
3697
+ ct_print_form( $value, $k == '' ? $key : $k . '[' . $key . ']' );
3698
+ }
3699
+
3700
+ }
3701
+
3702
+ }
3703
+
3704
+ /**
3705
+ * Attaches public scripts and styles.
3706
+ */
3707
+ function ct_enqueue_scripts_public($hook){
3708
+
3709
+ global $current_user, $apbct;
3710
+
3711
+ if (apbct_exclusions_check__url()) {
3712
+ return;
3713
+ }
3714
+
3715
+ if($apbct->settings['registrations_test'] || $apbct->settings['comments_test'] || $apbct->settings['contact_forms_test'] || $apbct->settings['general_contact_forms_test'] || $apbct->settings['wc_checkout_test'] || $apbct->settings['check_external'] || $apbct->settings['check_internal'] || $apbct->settings['bp_private_messages'] || $apbct->settings['general_postdata_test']){
3716
+
3717
+ if( ! $apbct->public_script_loaded ) {
3718
+
3719
+ // Differnt JS params
3720
+ wp_enqueue_script( 'ct_public', APBCT_URL_PATH . '/js/apbct-public.min.js', array( 'jquery' ), APBCT_VERSION, false /*in header*/ );
3721
+
3722
+ wp_localize_script('ct_public', 'ctPublic', array(
3723
+ '_ajax_nonce' => wp_create_nonce('ct_secret_stuff'),
3724
+ '_ajax_url' => admin_url('admin-ajax.php'),
3725
+ ));
3726
+ }
3727
+
3728
+ // GDPR script
3729
+ if($apbct->settings['gdpr_enabled']){
3730
+
3731
+ wp_enqueue_script('ct_public_gdpr', APBCT_URL_PATH.'/js/apbct-public--gdpr.min.js', array('jquery', 'ct_public'), APBCT_VERSION, false /*in header*/);
3732
+
3733
+ wp_localize_script('ct_public_gdpr', 'ctPublicGDPR', array(
3734
+ 'gdpr_forms' => array(),
3735
+ 'gdpr_text' => $apbct->settings['gdpr_text'] ? $apbct->settings['gdpr_text'] : __('By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.', 'cleantalk-spam-protect'),
3736
+ ));
3737
+ }
3738
+
3739
+ }
3740
+
3741
+ if(!defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') || (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') && CLEANTALK_AJAX_USE_FOOTER_HEADER)){
3742
+ if($apbct->settings['use_ajax'] && ! apbct_is_in_uri('.xml') && ! apbct_is_in_uri('.xsl')){
3743
+ if( ! apbct_is_in_uri('jm-ajax') ){
3744
+
3745
+ // Use AJAX for JavaScript check
3746
+ if($apbct->settings['use_ajax']){
3747
+
3748
+ wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/js/cleantalk_nocache.min.js'), array(), APBCT_VERSION, false /*in header*/);
3749
+
3750
+ wp_localize_script('ct_nocache', 'ctNocache', array(
3751
+ 'ajaxurl' => admin_url('admin-ajax.php'),
3752
+ 'info_flag' => $apbct->settings['collect_details'] && $apbct->settings['set_cookies'] ? true : false,
3753
+ 'set_cookies_flag' => $apbct->settings['set_cookies'] ? false : true,
3754
+ 'blog_home' => get_home_url().'/',
3755
+ ));
3756
+ }
3757
+
3758
+ // External forms check
3759
+ if($apbct->settings['check_external'])
3760
+ wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/js/cleantalk_external.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3761
+
3762
+ // Internal forms check
3763
+ if($apbct->settings['check_internal'])
3764
+ wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/js/cleantalk_internal.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3765
+
3766
+ }
3767
+ }
3768
+ }
3769
+
3770
+ // Show controls for commentaries
3771
+ if(in_array("administrator", $current_user->roles)){
3772
+
3773
+ if($apbct->settings['manage_comments_on_public_page']){
3774
+
3775
+ $ajax_nonce = wp_create_nonce( "ct_secret_nonce" );
3776
+
3777
+ wp_enqueue_style ('ct_public_admin_css', plugins_url('/cleantalk-spam-protect/css/cleantalk-public-admin.min.css'), array(), APBCT_VERSION, 'all');
3778
+ wp_enqueue_script('ct_public_admin_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-public-admin.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3779
+
3780
+ wp_localize_script('ct_public_admin_js', 'ctPublicAdmin', array(
3781
+ 'ct_ajax_nonce' => $ajax_nonce,
3782
+ 'ajaxurl' => admin_url('admin-ajax.php'),
3783
+ 'ct_feedback_error' => __('Error occurred while sending feedback.', 'cleantalk-spam-protect'),
3784
+ 'ct_feedback_no_hash' => __('Feedback wasn\'t sent. There is no associated request.', 'cleantalk-spam-protect'),
3785
+ 'ct_feedback_msg' => sprintf(__("Feedback has been sent to %sCleanTalk Dashboard%s.", 'cleantalk-spam-protect'), $apbct->user_token ? "<a target='_blank' href=https://cleantalk.org/my/show_requests?user_token={$apbct->user_token}&cp_mode=antispam>" : '', $apbct->user_token ? "</a>" : ''),
3786
+ ));
3787
+
3788
+ }
3789
+ }
3790
+
3791
+ // Debug
3792
+ if($apbct->settings['debug_ajax']){
3793
+ wp_enqueue_script('ct_debug_js', plugins_url('/cleantalk-spam-protect/js/cleantalk-debug-ajax.min.js'), array('jquery'), APBCT_VERSION, false /*in header*/);
3794
+
3795
+ wp_localize_script('ct_debug_js', 'apbctDebug', array(
3796
+ 'reload' => false,
3797
+ 'reload_time' => 10000,
3798
+ ));
3799
+ }
3800
+ }
3801
+
3802
+ /**
3803
+ * Reassign callbackback function for the bootom of comment output.
3804
+ */
3805
+ function ct_wp_list_comments_args($options){
3806
+
3807
+ global $current_user, $apbct;
3808
+
3809
+ if(in_array("administrator", $current_user->roles)){
3810
+ if($apbct->settings['manage_comments_on_public_page']) {
3811
+ $theme = wp_get_theme();
3812
+ $apbct->active_theme = $theme->get( 'Name' );
3813
+ $options['end-callback'] = 'ct_comments_output';
3814
+ }
3815
+ }
3816
+
3817
+ return $options;
3818
+ }
3819
+
3820
+ /**
3821
+ * Callback function for the bootom comment output.
3822
+ */
3823
+ function ct_comments_output($curr_comment, $param2, $wp_list_comments_args){
3824
+
3825
+ global $apbct;
3826
+
3827
+ $email = $curr_comment->comment_author_email;
3828
+ $ip = $curr_comment->comment_author_IP;
3829
+ $id = $curr_comment->comment_ID;
3830
+
3831
+ $settings_link = '/wp-admin/'.(is_network_admin() ? "settings.php?page=cleantalk" : "options-general.php?page=cleantalk");
3832
+
3833
+ echo "<div class='ct_comment_info'><div class ='ct_comment_titles'>";
3834
+ echo "<p class='ct_comment_info_title'>".__('Sender info', 'cleantalk-spam-protect')."</p>";
3835
+
3836
+ echo "<p class='ct_comment_logo_title'>
3837
+ ".__('by', 'cleantalk-spam-protect')
3838
+ ." <a href='{$settings_link}' target='_blank'><img class='ct_comment_logo_img' src='".plugins_url()."/cleantalk-spam-protect/inc/images/logo_color.png'></a>"
3839
+ ." <a href='{$settings_link}' target='_blank'>CleanTalk</a>"
3840
+ ."</p></div>";
3841
+ // Outputs email if exists
3842
+ if($email)
3843
+ echo "<a href='https://cleantalk.org/blacklists/$email' target='_blank' title='https://cleantalk.org/blacklists/$email'>"
3844
+ ."$email"
3845
+ ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3846
+ ."</a>";
3847
+ else
3848
+ echo __('No email', 'cleantalk-spam-protect');
3849
+ echo "&nbsp;|&nbsp;";
3850
+
3851
+ // Outputs IP if exists
3852
+ if($ip)
3853
+ echo "<a href='https://cleantalk.org/blacklists/$ip' target='_blank' title='https://cleantalk.org/blacklists/$ip'>"
3854
+ ."$ip"
3855
+ ."&nbsp;<img src='".plugins_url()."/cleantalk-spam-protect/inc/images/new_window.gif' border='0' style='float:none; box-shadow: transparent 0 0 0 !important;'/>"
3856
+ ."</a>";
3857
+ else
3858
+ echo __('No IP', 'cleantalk-spam-protect');
3859
+ echo '&nbsp;|&nbsp;';
3860
+
3861
+ echo "<span commentid='$id' class='ct_this_is ct_this_is_spam' href='#'>".__('Mark as spam', 'cleantalk-spam-protect')."</span>";
3862
+ echo "<span commentid='$id' class='ct_this_is ct_this_is_not_spam ct_hidden' href='#'>".__('Unspam', 'cleantalk-spam-protect')."</span>";
3863
+ echo "<p class='ct_feedback_wrap'>";
3864
+ echo "<span class='ct_feedback_result ct_feedback_result_spam'>".__('Marked as spam.', 'cleantalk-spam-protect')."</span>";
3865
+ echo "<span class='ct_feedback_result ct_feedback_result_not_spam'>".__('Marked as not spam.', 'cleantalk-spam-protect')."</span>";
3866
+ echo "&nbsp;<span class='ct_feedback_msg'><span>";
3867
+ echo "</p>";
3868
+
3869
+ echo "</div>";
3870
+
3871
+ // @todo research what such themes and make exception for them
3872
+ $ending_tag = $wp_list_comments_args['style'];
3873
+ if( in_array( $apbct->active_theme, array( 'Paperio', 'Twenty Twenty' ) ) ){
3874
+ $ending_tag = is_null($wp_list_comments_args['style']) ? 'div' : $wp_list_comments_args['style'];
3875
+ };
3876
+
3877
+ // Ending comment output
3878
+ echo "</{$ending_tag}>";
3879
+ }
3880
+
3881
+ /**
3882
+ * Callback function for the bootom comment output.
3883
+ *
3884
+ * attrs = array()
3885
+ */
3886
+ function apbct_shrotcode_handler__GDPR_public_notice__form( $attrs ){
3887
+
3888
+ $out = '';
3889
+
3890
+ if(isset($attrs['id']))
3891
+ $out .= 'ctPublicGDPR.gdpr_forms.push("'.$attrs['id'].'");';
3892
+
3893
+ if(isset($attrs['text']))
3894
+ $out .= 'ctPublicGDPR.gdpr_text = "'.$attrs['text'].'";';
3895
+
3896
+ $out = '<script ' . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . '>'.$out.'</script>';
3897
+ return $out;
3898
+ }
3899
+
3900
+ /**
3901
+ * Filters the 'status' array before register the user
3902
+ * using only by WICITY theme
3903
+ *
3904
+ * @param $success array array( 'status' => 'success' )
3905
+ * @param $data array ['username'] ['password'] ['email']
3906
+ * @return array array( 'status' => 'error' ) or array( 'status' => 'success' ) by default
3907
+ */
3908
+ function apbct_wilcity_reg_validation( $success, $data ) {
3909
+ $check = ct_test_registration( $data['username'], $data['email'], '' );
3910
+ if( $check['allow'] == 0 ) {
3911
+ return array( 'status' => 'error' );
3912
+ }
3913
+ return $success;
3914
+ }
3915
+
3916
+ // Enfold Theme contact form
3917
+ function apbct_form__enfold_contact_form__test_spam( $send, $new_post, $form_params, $obj ){
3918
+
3919
+ global $cleantalk_executed;
3920
+
3921
+ $url_decoded_data = array();
3922
+ foreach( $new_post as $key => $value ) {
3923
+ $url_decoded_data[$key] = urldecode($value);
3924
+ }
3925
+
3926
+ $data = ct_get_fields_any( $url_decoded_data );
3927
+
3928
+ $base_call_result = apbct_base_call(
3929
+ array(
3930
+ 'message' => !empty( $data['message'] ) ? json_encode( $data['message'] ) : '',
3931
+ 'sender_email' => !empty( $data['email'] ) ? $data['email'] : '',
3932
+ 'sender_nickname' => !empty( $data['nickname'] ) ? $data['nickname'] : '',
3933
+ 'post_info' => array(
3934
+ 'comment_type' => 'contact_form_wordpress_enfold'
3935
+ ),
3936
+ )
3937
+ );
3938
+
3939
+ $ct_result = $base_call_result['ct_result'];
3940
+
3941
+ $cleantalk_executed = true;
3942
+
3943
+ if( $ct_result->allow == 0 ) {
3944
+ $obj->submit_error = $ct_result->comment;
3945
+ return null;
3946
+ }
3947
+
3948
+ return $send;
3949
+
3950
+ }
inc/cleantalk-settings.php CHANGED
@@ -1,1753 +1,1753 @@
1
- <?php
2
-
3
- /**
4
- * Admin action 'admin_menu' - Add the admin options page
5
- */
6
- function apbct_settings_add_page() {
7
-
8
- global $apbct, $pagenow;
9
-
10
- $parent_slug = is_network_admin() ? 'settings.php' : 'options-general.php';
11
- $callback = is_network_admin() ? 'apbct_settings__display__network' : 'apbct_settings__display';
12
-
13
- // Adding settings page
14
- add_submenu_page(
15
- $parent_slug,
16
- $apbct->plugin_name.' '.__('settings'),
17
- $apbct->plugin_name,
18
- 'manage_options',
19
- 'cleantalk',
20
- $callback
21
- );
22
-
23
- if(!in_array($pagenow, array('options.php', 'options-general.php', 'settings.php', 'admin.php')))
24
- return;
25
-
26
- register_setting('cleantalk_settings', 'cleantalk_settings', 'apbct_settings__validate');
27
-
28
- $fields = array();
29
- $fields = apbct_settings__set_fileds($fields);
30
- $fields = APBCT_WPMS && is_main_site() ? apbct_settings__set_fileds__network($fields) : $fields;
31
- apbct_settings__add_groups_and_fields($fields);
32
-
33
- }
34
-
35
- function apbct_settings__set_fileds( $fields ){
36
- global $apbct;
37
-
38
- $fields = array(
39
-
40
- 'main' => array(
41
- 'title' => '',
42
- 'default_params' => array(),
43
- 'description' => '',
44
- 'html_before' => '',
45
- 'html_after' => '',
46
- 'fields' => array(
47
- 'action_buttons' => array(
48
- 'callback' => 'apbct_settings__field__action_buttons',
49
- ),
50
- 'connection_reports' => array(
51
- 'callback' => 'apbct_settings__field__statistics',
52
- ),
53
- 'api_key' => array(
54
- 'display' => !$apbct->white_label || is_main_site(),
55
- 'callback' => 'apbct_settings__field__apikey',
56
- ),
57
- ),
58
- ),
59
-
60
- 'state' => array(
61
- 'title' => '',
62
- 'default_params' => array(),
63
- 'description' => '',
64
- 'html_before' => '<hr style="width: 100%;">',
65
- 'html_after' => '',
66
- 'fields' => array(
67
- 'state' => array(
68
- 'callback' => 'apbct_settings__field__state',
69
- ),
70
- ),
71
- ),
72
-
73
- 'debug' => array(
74
- 'title' => '',
75
- 'default_params' => array(),
76
- 'description' => '',
77
- 'html_before' => '',
78
- 'html_after' => '',
79
- 'fields' => array(
80
- 'state' => array(
81
- 'callback' => 'apbct_settings__field__debug',
82
- ),
83
- ),
84
- ),
85
-
86
- // Different
87
- 'different' => array(
88
- 'title' => '',
89
- 'default_params' => array(),
90
- 'description' => '',
91
- 'html_before' => '<hr>',
92
- 'html_after' => '',
93
- 'fields' => array(
94
- 'spam_firewall' => array(
95
- 'type' => 'checkbox',
96
- 'title' => __('SpamFireWall', 'cleantalk-spam-protect'),
97
- 'description' => __("This option allows to filter spam bots before they access website. Also reduces CPU usage on hosting server and accelerates pages load time.", 'cleantalk-spam-protect'),
98
- 'childrens' => array('sfw__anti_flood', 'sfw__anti_crawler'),
99
- ),
100
- 'sfw__anti_flood' => array(
101
- 'type' => 'checkbox',
102
- 'title' => __('Anti-Flood', 'cleantalk-spam-protect'),
103
- 'class' => 'apbct_settings-field_wrapper--sub',
104
- 'parent' => 'spam_firewall',
105
- 'childrens' => array('sfw__anti_flood__view_limit',),
106
- 'description' => __('Shows SpamFireWall page for bot which are trying to scan your website. Look for the page limit setting below.', 'cleantalk-spam-protect'),
107
- ),
108
- 'sfw__anti_crawler' => array(
109
- 'type' => 'checkbox',
110
- 'title' => __('Anti-Crawler', 'cleantalk-spam-protect'),
111
- 'class' => 'apbct_settings-field_wrapper--sub',
112
- 'parent' => 'spam_firewall',
113
- 'description' => __('Plugin shows SpamFireWall stop page for any bot, except allowed bots (Google, Yahoo and etc).', 'cleantalk-spam-protect'),
114
- ),
115
- ),
116
- ),
117
-
118
- // Forms protection
119
- 'forms_protection' => array(
120
- 'title' => __('Forms to protect', 'cleantalk-spam-protect'),
121
- 'default_params' => array(),
122
- 'description' => '',
123
- 'html_before' => '<hr><br>'
124
- .'<span id="ct_adv_showhide">'
125
- .'<a href="#" class="apbct_color--gray" onclick="event.preventDefault(); apbct_show_hide_elem(\'apbct_settings__davanced_settings\');">'
126
- .__('Advanced settings', 'cleantalk-spam-protect')
127
- .'</a>'
128
- .'</span>'
129
- .'<div id="apbct_settings__davanced_settings" style="display: none;">',
130
- 'html_after' => '',
131
- 'fields' => array(
132
- 'registrations_test' => array(
133
- 'title' => __('Registration Forms', 'cleantalk-spam-protect'),
134
- 'description' => __('WordPress, BuddyPress, bbPress, S2Member, WooCommerce.', 'cleantalk-spam-protect'),
135
- ),
136
- 'comments_test' => array(
137
- 'title' => __('Comments form', 'cleantalk-spam-protect'),
138
- 'description' => __('WordPress, JetPack, WooCommerce.', 'cleantalk-spam-protect'),
139
- ),
140
- 'contact_forms_test' => array(
141
- 'title' => __('Contact forms', 'cleantalk-spam-protect'),
142
- 'description' => __('Contact Form 7, Formidable forms, JetPack, Fast Secure Contact Form, WordPress Landing Pages, Gravity Forms.', 'cleantalk-spam-protect'),
143
- ),
144
- 'general_contact_forms_test' => array(
145
- 'title' => __('Custom contact forms', 'cleantalk-spam-protect'),
146
- 'description' => __('Anti spam test for any WordPress themes or contacts forms.', 'cleantalk-spam-protect'),
147
- ),
148
- 'search_test' => array(
149
- 'title' => __('Test default Wordpress search form for spam', 'cleantalk-spam-protect'),
150
- 'description' => __('Spam protection for Search form.', 'cleantalk-spam-protect')
151
- . (!$apbct->white_label || is_main_site()
152
- ? sprintf(__('Read more about %sspam protection for Search form%s on our blog. “noindex” tag will be placed in meta derictive on search page.', 'cleantalk-spam-protect'),
153
- '<a href="https://blog.cleantalk.org/how-to-protect-website-search-from-spambots/" target="_blank">',
154
- '</a>'
155
- )
156
- : ''
157
- )
158
- ),
159
- 'check_external' => array(
160
- 'title' => __('Protect external forms', 'cleantalk-spam-protect'),
161
- 'description' => __('Turn this option on to protect forms on your WordPress that send data to third-part servers (like MailChimp).', 'cleantalk-spam-protect'),
162
- 'childrens' => array('check_external__capture_buffer'),
163
- ),
164
- 'check_external__capture_buffer' => array(
165
- 'title' => __('Capture buffer', 'cleantalk-spam-protect'),
166
- 'description' => __('This setting gives you more sophisticated and strengthened protection for external forms. But it could break plugins which use a buffer like Ninja Forms.', 'cleantalk-spam-protect'),
167
- 'class' => 'apbct_settings-field_wrapper--sub',
168
- 'parent' => 'check_external',
169
- ),
170
- 'check_internal' => array(
171
- 'title' => __('Protect internal forms', 'cleantalk-spam-protect'),
172
- 'description' => __('This option will enable protection for custom (hand-made) AJAX forms with PHP scripts handlers on your WordPress.', 'cleantalk-spam-protect'),
173
- ),
174
- ),
175
- ),
176
-
177
- // Comments and Messages
178
- 'wc' => array(
179
- 'title' => __('WooCommerce', 'cleantalk-spam-protect'),
180
- 'fields' => array(
181
- 'wc_checkout_test' => array(
182
- 'title' => __('WooCommerce checkout form', 'cleantalk-spam-protect'),
183
- 'description' => __('Anti spam test for WooCommerce checkout form.', 'cleantalk-spam-protect'),
184
- 'childrens' => array('wc_register_from_order')
185
- ),
186
- 'wc_register_from_order' => array(
187
- 'title' => __('Spam test for registration during checkout', 'cleantalk-spam-protect'),
188
- 'description' => __('Enable anti spam test for registration process which during woocommerce\'s checkout.', 'cleantalk-spam-protect'),
189
- 'parent' => 'wc_checkout_test',
190
- 'class' => 'apbct_settings-field_wrapper--sub',
191
- 'reverse_trigger' => true
192
- ),
193
- ),
194
- ),
195
-
196
- // Comments and Messages
197
- 'comments_and_messages' => array(
198
- 'title' => __('Comments and Messages', 'cleantalk-spam-protect'),
199
- 'fields' => array(
200
- 'disable_comments__all' => array(
201
- 'title' => __( 'Disable all comments', 'cleantalk-spam-protect'),
202
- 'description' => __( 'Disabling comments for all types of content.', 'cleantalk-spam-protect'),
203
- 'childrens' => array(
204
- 'disable_comments__posts',
205
- 'disable_comments__pages',
206
- 'disable_comments__media',
207
- ),
208
- 'options' => array(
209
- array( 'val' => 1, 'label' => __( 'On' ), 'childrens_enable' => 0, ),
210
- array( 'val' => 0, 'label' => __( 'Off' ), 'childrens_enable' => 1, ),
211
- ),
212
- ),
213
- 'disable_comments__posts' => array(
214
- 'title' => __( 'Disable comments for all posts', 'cleantalk-spam-protect'),
215
- 'class' => 'apbct_settings-field_wrapper--sub',
216
- 'parent' => 'disable_comments__all',
217
- 'reverse_trigger' => true,
218
- ),
219
- 'disable_comments__pages' => array(
220
- 'title' => __( 'Disable comments for all pages', 'cleantalk-spam-protect'),
221
- 'class' => 'apbct_settings-field_wrapper--sub',
222
- 'parent' => 'disable_comments__all',
223
- 'reverse_trigger' => true,
224
- ),
225
- 'disable_comments__media' => array(
226
- 'title' => __( 'Disable comments for all media', 'cleantalk-spam-protect'),
227
- 'class' => 'apbct_settings-field_wrapper--sub',
228
- 'parent' => 'disable_comments__all',
229
- 'reverse_trigger' => true,
230
- ),
231
- 'bp_private_messages' => array(
232
- 'title' => __('BuddyPress Private Messages', 'cleantalk-spam-protect'),
233
- 'description' => __('Check buddyPress private messages.', 'cleantalk-spam-protect'),
234
- ),
235
- 'remove_old_spam' => array(
236
- 'title' => __('Automatically delete spam comments', 'cleantalk-spam-protect'),
237
- 'description' => sprintf(__('Delete spam comments older than %d days.', 'cleantalk-spam-protect'), $apbct->data['spam_store_days']),
238
- ),
239
- 'remove_comments_links' => array(
240
- 'title' => __('Remove links from approved comments', 'cleantalk-spam-protect'),
241
- 'description' => __('Remove links from approved comments. Replace it with "[Link deleted]"', 'cleantalk-spam-protect'),
242
- ),
243
- 'show_check_links' => array(
244
- 'title' => __('Show links to check Emails, IPs for spam', 'cleantalk-spam-protect'),
245
- 'description' => __('Shows little icon near IP addresses and Emails allowing you to check it via CleanTalk\'s database.', 'cleantalk-spam-protect'),
246
- 'display' => !$apbct->white_label,
247
- ),
248
- 'manage_comments_on_public_page' => array(
249
- 'title' => __('Manage comments on public pages', 'cleantalk-spam-protect'),
250
- 'description' => __('Allows administrators to manage comments on public post\'s pages with small interactive menu.', 'cleantalk-spam-protect'),
251
- 'display' => !$apbct->white_label,
252
- ),
253
- ),
254
- ),
255
-
256
- // Data Processing
257
- 'data_processing' => array(
258
- 'title' => __('Data Processing', 'cleantalk-spam-protect'),
259
- 'fields' => array(
260
- 'protect_logged_in' => array(
261
- 'title' => __("Protect logged in Users", 'cleantalk-spam-protect'),
262
- 'description' => __('Turn this option on to check for spam any submissions (comments, contact forms and etc.) from registered Users.', 'cleantalk-spam-protect'),
263
- ),
264
- 'check_comments_number' => array(
265
- 'title' => __("Don't check trusted user's comments", 'cleantalk-spam-protect'),
266
- 'description' => sprintf(__("Don't check comments for users with above %d comments.", 'cleantalk-spam-protect'), defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3),
267
- ),
268
- 'use_ajax' => array(
269
- 'title' => __('Use AJAX for JavaScript check', 'cleantalk-spam-protect'),
270
- 'description' => __('Options helps protect WordPress against spam with any caching plugins. Turn this option on to avoid issues with caching plugins.', 'cleantalk-spam-protect'),
271
- ),
272
- 'use_static_js_key' => array(
273
- 'title' => __('Use static keys for JS check.', 'cleantalk-spam-protect'),
274
- 'description' => __('Could help if you have cache for AJAX requests and you are dealing with false positives. Slightly decreases protection quality. Auto - Static key will be used if caching plugin is spotted.', 'cleantalk-spam-protect'),
275
- 'options' => array(
276
- array('val' => 1, 'label' => __('On'), ),
277
- array('val' => 0, 'label' => __('Off'), ),
278
- array('val' => -1, 'label' => __('Auto'),),
279
- ),
280
- ),
281
- 'general_postdata_test' => array(
282
- 'title' => __('Check all post data', 'cleantalk-spam-protect'),
283
- 'description' => __('Check all POST submissions from website visitors. Enable this option if you have spam misses on website.', 'cleantalk-spam-protect')
284
- .(!$apbct->white_label
285
- ? __(' Or you don`t have records about missed spam here:', 'cleantalk-spam-protect') . '&nbsp;' . '<a href="https://cleantalk.org/my/?user_token='.$apbct->user_token.'&utm_source=wp-backend&utm_medium=admin-bar&cp_mode=antispam" target="_blank">' . __('CleanTalk dashboard', 'cleantalk-spam-protect') . '</a>.'
286
- : ''
287
- )
288
- .'<br />' . __('СAUTION! Option can catch POST requests in WordPress backend', 'cleantalk-spam-protect'),
289
- ),
290
- 'set_cookies' => array(
291
- 'title' => __("Set cookies", 'cleantalk-spam-protect'),
292
- 'description' => __('Turn this option off to deny plugin generates any cookies on website front-end. This option is helpful if you use Varnish. But most of contact forms will not be protected if the option is turned off! <b>Warning: We strongly recommend you to enable this otherwise it could cause false positives spam detection.</b>', 'cleantalk-spam-protect'),
293
- 'childrens' => array('set_cookies__sessions'),
294
- ),
295
- 'set_cookies__sessions' => array(
296
- 'title' => __('Use alternative mechanism for cookies', 'cleantalk-spam-protect'),
297
- 'description' => __('Doesn\'t use cookie or PHP sessions. Collect data for all types of bots.', 'cleantalk-spam-protect'),
298
- 'parent' => 'set_cookies',
299
- 'class' => 'apbct_settings-field_wrapper--sub',
300
- ),
301
- 'ssl_on' => array(
302
- 'title' => __("Use SSL", 'cleantalk-spam-protect'),
303
- 'description' => __('Turn this option on to use encrypted (SSL) connection with servers.', 'cleantalk-spam-protect'),
304
- ),
305
- 'use_buitin_http_api' => array(
306
- 'title' => __("Use Wordpress HTTP API", 'cleantalk-spam-protect'),
307
- 'description' => __('Alternative way to connect the Cloud. Use this if you have connection problems.', 'cleantalk-spam-protect'),
308
- ),
309
- ),
310
- ),
311
-
312
- // Exclusions
313
- 'exclusions' => array(
314
- 'title' => __('Exclusions', 'cleantalk-spam-protect'),
315
- 'fields' => array(
316
- 'exclusions__urls' => array(
317
- 'type' => 'textarea',
318
- 'title' => __('URL exclusions', 'cleantalk-spam-protect'),
319
- 'description' => __('You could type here URL you want to exclude. Use comma or new lines as separator.', 'cleantalk-spam-protect'),
320
- ),
321
- 'exclusions__urls__use_regexp' => array(
322
- 'type' => 'checkbox',
323
- 'title' => __('Use Regular Expression in URL Exclusions', 'cleantalk-spam-protect'),
324
- ),
325
- 'exclusions__fields' => array(
326
- 'type' => 'text',
327
- 'title' => __('Field name exclusions', 'cleantalk-spam-protect'),
328
- 'description' => __('You could type here fields names you want to exclude. Use comma as separator.', 'cleantalk-spam-protect'),
329
- ),
330
- 'exclusions__fields__use_regexp' => array(
331
- 'type' => 'checkbox',
332
- 'title' => __('Use Regular Expression in Field Exclusions', 'cleantalk-spam-protect'),
333
- ),
334
- 'exclusions__roles' => array(
335
- 'type' => 'select',
336
- 'multiple' => true,
337
- 'options_callback' => 'apbct_get_all_roles',
338
- 'options_callback_params' => array(true),
339
- 'description' => __('Roles which bypass spam test. Hold CTRL to select multiple roles.', 'cleantalk-spam-protect'),
340
- ),
341
- ),
342
- ),
343
-
344
- // Admin bar
345
- 'admin_bar' => array(
346
- 'title' => __('Admin bar', 'cleantalk-spam-protect'),
347
- 'default_params' => array(),
348
- 'description' => '',
349
- 'html_before' => '',
350
- 'html_after' => '',
351
- 'fields' => array(
352
- 'show_adminbar' => array(
353
- 'title' => __('Show statistics in admin bar', 'cleantalk-spam-protect'),
354
- 'description' => __('Show/hide icon in top level menu in WordPress backend. The number of submissions is being counted for past 24 hours.', 'cleantalk-spam-protect'),
355
- 'childrens' => array('all_time_counter','daily_counter','sfw_counter'),
356
- ),
357
- 'all_time_counter' => array(
358
- 'title' => __('Show All-time counter', 'cleantalk-spam-protect'),
359
- 'description' => __('Display all-time requests counter in the admin bar. Counter displays number of requests since plugin installation.', 'cleantalk-spam-protect'),
360
- 'parent' => 'show_adminbar',
361
- 'class' => 'apbct_settings-field_wrapper--sub',
362
- ),
363
- 'daily_counter' => array(
364
- 'title' => __('Show 24 hours counter', 'cleantalk-spam-protect'),
365
- 'description' => __('Display daily requests counter in the admin bar. Counter displays number of requests of the past 24 hours.', 'cleantalk-spam-protect'),
366
- 'parent' => 'show_adminbar',
367
- 'class' => 'apbct_settings-field_wrapper--sub',
368
- ),
369
- 'sfw_counter' => array(
370
- 'title' => __('SpamFireWall counter', 'cleantalk-spam-protect'),
371
- 'description' => __('Display SpamFireWall requests in the admin bar. Counter displays number of requests since plugin installation.', 'cleantalk-spam-protect'),
372
- 'parent' => 'show_adminbar',
373
- 'class' => 'apbct_settings-field_wrapper--sub',
374
- ),
375
- ),
376
- ),
377
-
378
- // Misc
379
- 'misc' => array(
380
- 'html_after' => '</div><br>',
381
- 'fields' => array(
382
- 'collect_details' => array(
383
- 'type' => 'checkbox',
384
- 'title' => __('Collect details about browsers', 'cleantalk-spam-protect'),
385
- 'description' => __("Checking this box you allow plugin store information about screen size and browser plugins of website visitors. The option in a beta state.", 'cleantalk-spam-protect'),
386
- ),
387
- 'send_connection_reports' => array(
388
- 'type' => 'checkbox',
389
- 'title' => __('Send connection reports', 'cleantalk-spam-protect'),
390
- 'description' => __("Checking this box you allow plugin to send the information about your connection. The option in a beta state.", 'cleantalk-spam-protect'),
391
- ),
392
- 'async_js' => array(
393
- 'type' => 'checkbox',
394
- 'title' => __('Async JavaScript loading', 'cleantalk-spam-protect'),
395
- 'description' => __('Use async loading for scripts. Warning: This could reduce filtration quality.', 'cleantalk-spam-protect'),
396
- ),
397
- 'gdpr_enabled' => array(
398
- 'type' => 'checkbox',
399
- 'title' => __('Allow to add GDPR notice via shortcode', 'cleantalk-spam-protect'),
400
- 'description' => __(' Adds small checkbox under your website form. To add it you should use the shortcode on the form\'s page: [cleantalk_gdpr_form id="FORM_ID"]', 'cleantalk-spam-protect'),
401
- 'childrens' => array('gdpr_text'),
402
- ),
403
- 'gdpr_text' => array(
404
- 'type' => 'text',
405
- 'title' => __('GDPR text notice', 'cleantalk-spam-protect'),
406
- 'description' => __('This text will be added as a description to the GDPR checkbox.', 'cleantalk-spam-protect'),
407
- 'parent' => 'gdpr_enabled',
408
- 'class' => 'apbct_settings-field_wrapper--sub',
409
- ),
410
- 'store_urls' => array(
411
- 'type' => 'checkbox',
412
- 'title' => __('Store visited URLs', 'cleantalk-spam-protect'),
413
- 'description' => __("Plugin stores last 10 visited URLs (HTTP REFFERERS) before visitor submits form on the site. You can see stored visited URLS for each visitor in your Dashboard. Turn the option on to improve Anti-Spam protection.", 'cleantalk-spam-protect'),
414
- 'childrens' => array('store_urls__sessions'),
415
- ),
416
- 'store_urls__sessions' => array(
417
- 'type' => 'checkbox',
418
- 'title' => __('Use cookies less sessions', 'cleantalk-spam-protect'),
419
- 'description' => __('Doesn\'t use cookie or PHP sessions. Collect data for all types of bots.', 'cleantalk-spam-protect'),
420
- 'parent' => 'store_urls',
421
- 'class' => 'apbct_settings-field_wrapper--sub',
422
- ),
423
- 'comment_notify' => array(
424
- 'type' => 'checkbox',
425
- 'title' => __('Notify users with selected roles about new approved comments. Hold CTRL to select multiple roles.', 'cleantalk-spam-protect'),
426
- 'description' => sprintf(__("If enabled, overrides similar Wordpress %sdiscussion settings%s.", 'cleantalk-spam-protect'), '<a href="options-discussion.php">','</a>'),
427
- 'childrens' => array('comment_notify__roles'),
428
- ),
429
- 'comment_notify__roles' => array(
430
- 'type' => 'select',
431
- 'multiple' => true,
432
- 'parent' => 'comment_notify',
433
- 'options_callback' => 'apbct_get_all_roles',
434
- 'options_callback_params' => array(true),
435
- 'class' => 'apbct_settings-field_wrapper--sub',
436
- ),
437
- 'sfw__anti_flood__view_limit' => array(
438
- 'type' => 'text',
439
- 'title' => __('Anti-Flood Page Views Limit', 'cleantalk-spam-protect'),
440
- 'class' => 'apbct_settings-field_wrapper',
441
- 'parent' => 'sfw__anti_flood',
442
- 'description' => __('Count of page view per 1 minute before plugin shows SpamFireWall page. SpamFireWall page active for 30 second after that valid visitor (with JavaScript) passes the page to the demanded page of the site.', 'cleantalk-spam-protect'),
443
- ),
444
- 'dashboard_widget__show' => array(
445
- 'type' => 'checkbox',
446
- 'title' => __('Show Dashboard Widget', 'cleantalk-spam-protect'),
447
- ),
448
- 'complete_deactivation' => array(
449
- 'type' => 'checkbox',
450
- 'title' => __('Complete deactivation', 'cleantalk-spam-protect'),
451
- 'description' => __('Leave no trace in the system after deactivation.', 'cleantalk-spam-protect'),
452
- ),
453
-
454
- ),
455
- ),
456
- );
457
-
458
- return $fields;
459
- }
460
-
461
- function apbct_settings__set_fileds__network( $fields ){
462
- global $apbct;
463
- $additional_fields = array(
464
- 'main' => array(
465
- 'fields' => array(
466
- 'white_label' => array(
467
- 'type' => 'checkbox',
468
- 'title' => __('Enable White Label Mode', 'cleantalk-spam-protect'),
469
- 'description' => sprintf(__("Learn more information %shere%s.", 'cleantalk-spam-protect'), '<a target="_blank" href="https://cleantalk.org/ru/help/hosting-white-label">', '</a>'),
470
- 'childrens' => array( 'white_label__hoster_key', 'white_label__plugin_name', 'allow_custom_key', ),
471
- 'disabled' => defined('CLEANTALK_ACCESS_KEY'),
472
- 'network' => true,
473
- ),
474
- 'white_label__hoster_key' => array(
475
- 'title' => __('Hoster API Key', 'cleantalk-spam-protect'),
476
- 'description' => sprintf(__("You can get it in %sCleantalk's Control Panel%s", 'cleantalk-spam-protect'), '<a target="_blank" href="https://cleantalk.org/my/profile">', '</a>'),
477
- 'type' => 'text',
478
- 'parent' => 'white_label',
479
- 'class' => 'apbct_settings-field_wrapper--sub',
480
- 'network' => true,
481
- 'required' => true,
482
- ),
483
- 'white_label__plugin_name' => array(
484
- 'title' => __('Plugin name', 'cleantalk-spam-protect'),
485
- 'description' => sprintf(__("Specify plugin name. Leave empty for deafult %sAntispam by Cleantalk%s", 'cleantalk-spam-protect'), '<b>', '</b>'),
486
- 'type' => 'text',
487
- 'parent' => 'white_label',
488
- 'class' => 'apbct_settings-field_wrapper--sub',
489
- 'network' => true,
490
- 'required' => true,
491
- ),
492
- 'allow_custom_key' => array(
493
- 'type' => 'checkbox',
494
- 'title' => __('Allow users to use other key', 'cleantalk-spam-protect'),
495
- 'description' => __('Allow users to use different Access key in their plugin settings on child blogs. They could use different CleanTalk account.', 'cleantalk-spam-protect')
496
- . (defined('CLEANTALK_ACCESS_KEY')
497
- ? ' <span style="color: red">'
498
- . __('Constant <b>CLEANTALK_ACCESS_KEY</b> is set. All websites will use API key from this constant. Look into wp-config.php', 'cleantalk-spam-protect')
499
- . '<br>'
500
- . __('You are not able to use white label mode while <b>CLEANTALK_ACCESS_KEY</b> is defined.', 'cleantalk-spam-protect')
501
- . '</span>'
502
- : ''
503
- ),
504
- 'display' => APBCT_WPMS && is_main_site(),
505
- 'disabled' => $apbct->network_settings['white_label'],
506
- 'network' => true,
507
- ),
508
- 'allow_custom_settings' => array(
509
- 'type' => 'checkbox',
510
- 'title' => __('Allow users to manage plugin settings', 'cleantalk-spam-protect'),
511
- 'description' => __('Allow to change settings on child sites.', 'cleantalk-spam-protect'),
512
- 'display' => APBCT_WPMS && is_main_site(),
513
- 'network' => true,
514
- ),
515
- 'use_settings_template' => array(
516
- 'type' => 'checkbox',
517
- 'title' => __('Use settings template', 'cleantalk-spam-protect'),
518
- 'description' => __("Use the current settings template for child sites.", 'cleantalk-spam-protect'),
519
- 'childrens' => array( 'use_settings_template_apply_for_new', 'use_settings_template_apply_for_current'),
520
- 'network' => true,
521
- ),
522
- 'use_settings_template_apply_for_new' => array(
523
- 'type' => 'checkbox',
524
- 'title' => __('Apply for newly added sites.', 'cleantalk-spam-protect'),
525
- 'description' => __("The newly added site will have the same preset settings template.", 'cleantalk-spam-protect'),
526
- 'parent' => 'use_settings_template',
527
- 'class' => 'apbct_settings-field_wrapper--sub',
528
- 'network' => true,
529
- ),
530
- 'use_settings_template_apply_for_current' => array(
531
- 'type' => 'checkbox',
532
- 'title' => __('Apply for current sites.', 'cleantalk-spam-protect'),
533
- 'description' => __("Apply current settings template for selected sites.", 'cleantalk-spam-protect'),
534
- 'parent' => 'use_settings_template',
535
- 'childrens' => array( 'use_settings_template_apply_for_current_list_sites'),
536
- 'class' => 'apbct_settings-field_wrapper--sub',
537
- 'network' => true,
538
- ),
539
- 'use_settings_template_apply_for_current_list_sites' => array(
540
- 'type' => 'select',
541
- 'multiple' => true,
542
- 'options_callback' => 'apbct_get_all_child_domains',
543
- 'options_callback_params' => array(true),
544
- 'class' => 'apbct_settings-field_wrapper--sub',
545
- 'parent' => 'use_settings_template_apply_for_current',
546
- 'description' => __('Sites to apply settings. Hold CTRL to select multiple sites.', 'cleantalk-spam-protect'),
547
- 'network' => true,
548
- ),
549
- )
550
- )
551
- );
552
-
553
- $fields = array_merge_recursive($fields, $additional_fields);
554
-
555
- return $fields;
556
-
557
- }
558
-
559
- function apbct_settings__add_groups_and_fields( $fields ){
560
-
561
- global $apbct;
562
-
563
- $apbct->settings_fields_in_groups = $fields;
564
-
565
- $field_default_params = array(
566
- 'callback' => 'apbct_settings__field__draw',
567
- 'type' => 'radio',
568
- 'options' => array(
569
- array('val' => 1, 'label' => __('On', 'cleantalk-spam-protect'), 'childrens_enable' => 1, ),
570
- array('val' => 0, 'label' => __('Off', 'cleantalk-spam-protect'), 'childrens_enable' => 0, ),
571
- ),
572
- 'def_class' => 'apbct_settings-field_wrapper',
573
- 'class' => '',
574
- 'parent' => '',
575
- 'childrens' => array(),
576
- 'hide' => array(),
577
- // 'title' => 'Default title',
578
- // 'description' => 'Default description',
579
- 'display' => true, // Draw settings or not
580
- 'reverse_trigger' => false, // How to allow child settings. Childrens are opened when the parent triggered "ON". This is overrides by this option
581
- 'multiple' => false,
582
- 'description' => '',
583
- 'network' => false,
584
- 'disabled' => false,
585
- 'required' => false,
586
- );
587
-
588
- foreach($apbct->settings_fields_in_groups as $group_name => $group){
589
-
590
- add_settings_section('apbct_section__'.$group_name, '', 'apbct_section__'.$group_name, 'cleantalk-spam-protect');
591
-
592
- foreach($group['fields'] as $field_name => $field){
593
-
594
- // Normalize $field['options'] from callback function to this type array( array( 'val' => 1, 'label' => __('On'), ), )
595
- if(!empty($field['options_callback'])){
596
- $options = call_user_func_array($field['options_callback'], !empty($field['options_callback_params']) ? $field['options_callback_params'] : array());
597
- foreach ($options as &$option){
598
- $option = array('val' => $option, 'label' => $option);
599
- } unset($option);
600
- $field['options'] = $options;
601
- }
602
-
603
- $params = !empty($group['default_params'])
604
- ? array_merge($group['default_params'], $field)
605
- : array_merge($field_default_params, $field);
606
-
607
- $params['name'] = $field_name;
608
-
609
- if(!$params['display'])
610
- continue;
611
-
612
- add_settings_field(
613
- 'apbct_field__'.$field_name,
614
- '',
615
- $params['callback'],
616
- 'cleantalk',
617
- 'apbct_section__'.$group_name,
618
- $params
619
- );
620
-
621
- }
622
- }
623
- }
624
-
625
- /**
626
- * Admin callback function - Displays plugin options page
627
- */
628
- function apbct_settings__display() {
629
-
630
- global $apbct;
631
-
632
- // Title
633
- echo '<h2 class="apbct_settings-title">'.__($apbct->plugin_name, 'cleantalk-spam-protect').'</h2>';
634
-
635
- // Subtitle for IP license
636
- if($apbct->moderate_ip)
637
- echo '<h4 class="apbct_settings-subtitle apbct_color--gray">'. __('Hosting AntiSpam', 'cleantalk-spam-protect').'</h4>';
638
-
639
- echo '<form action="options.php" method="post">';
640
-
641
- apbct_settings__error__output();
642
-
643
- // Top info
644
- if(!$apbct->white_label){
645
- echo '<div style="float: right; padding: 15px 15px 5px 15px; font-size: 13px; position: relative; background: #f1f1f1;">';
646
-
647
- echo __('CleanTalk\'s tech support:', 'cleantalk-spam-protect')
648
- .'&nbsp;'
649
- .'<a target="_blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">Wordpress.org</a>.'
650
- // .' <a href="https://community.cleantalk.org/viewforum.php?f=25" target="_blank">'.__("Tech forum", 'cleantalk-spam-protect').'</a>'
651
- // .($user_token ? ", <a href='https://cleantalk.org/my/support?user_token=$user_token&cp_mode=antispam' target='_blank'>".__("Service support ", 'cleantalk-spam-protect').'</a>' : '').
652
- .'<br>';
653
- echo __('Plugin Homepage at', 'cleantalk-spam-protect').' <a href="https://cleantalk.org" target="_blank">cleantalk.org</a>.<br/>';
654
- echo '<span id="apbct_gdpr_open_modal" style="text-decoration: underline;">'.__('GDPR compliance', 'cleantalk-spam-protect').'</span><br/>';
655
- echo __('Use s@cleantalk.org to test plugin in any WordPress form.', 'cleantalk-spam-protect').'<br>';
656
- echo __('CleanTalk is registered Trademark. All rights reserved.', 'cleantalk-spam-protect').'<br/>';
657
- if($apbct->key_is_ok)
658
- echo '<b style="display: inline-block; margin-top: 10px;">'.sprintf(__('Do you like CleanTalk? %sPost your feedback here%s.', 'cleantalk-spam-protect'), '<a href="https://wordpress.org/support/plugin/cleantalk-spam-protect/reviews/#new-post" target="_blank">', '</a>').'</b><br />';
659
- apbct_admin__badge__get_premium();
660
- echo '<div id="gdpr_dialog" style="display: none; padding: 7px;">';
661
- apbct_settings_show_gdpr_text('print');
662
- echo '</div>';
663
- echo '</div>';
664
- }
665
-
666
- // Output spam count
667
- if($apbct->key_is_ok && apbct_api_key__is_correct()){
668
- if( $apbct->spam_count > 0 ){
669
- echo '<div class="apbct_settings-subtitle" style="top: 0; margin-bottom: 10px; width: 200px;">'
670
- . '<br>'
671
- . '<span>'
672
- . sprintf(
673
- __( '%s has blocked <b>%s</b> spam.', 'cleantalk-spam-protect' ),
674
- $apbct->plugin_name,
675
- number_format( $apbct->spam_count, 0, ',', ' ' )
676
- )
677
- . '</span>'
678
- . '<br>'
679
- . '<br>'
680
- . '</div>';
681
- }
682
- }
683
-
684
-
685
- // Output spam count
686
- if($apbct->key_is_ok && apbct_api_key__is_correct()){
687
- if(!$apbct->white_label){
688
-
689
- // CP button
690
- echo '<a class="cleantalk_link cleantalk_link-manual" target="__blank" href="https://cleantalk.org/my?user_token='.$apbct->user_token.'&cp_mode=antispam">'
691
- .__('Click here to get anti-spam statistics', 'cleantalk-spam-protect')
692
- .'</a>';
693
- echo '&nbsp;&nbsp;';
694
-
695
- }
696
- }
697
-
698
- if( apbct_api_key__is_correct() && ! $apbct->white_label ){
699
- // Sync button
700
- echo '<button type="button" class="cleantalk_link cleantalk_link-auto" id="apbct_button__sync" title="Synchronizing account status, SpamFireWall database, all kind of journals.">'
701
- . '<i class="icon-upload-cloud"></i>&nbsp;&nbsp;'
702
- . __( 'Synchronize with Cloud', 'security-malware-firewall' )
703
- . '<img style="margin-left: 10px;" class="apbct_preloader_button" src="' . APBCT_URL_PATH . '/inc/images/preloader2.gif" />'
704
- . '<img style="margin-left: 10px;" class="apbct_success --hide" src="' . APBCT_URL_PATH . '/inc/images/yes.png" />'
705
- . '</button>';
706
- echo '&nbsp;&nbsp;';
707
- }
708
-
709
- // Output spam count
710
- if($apbct->key_is_ok && apbct_api_key__is_correct()){
711
- if(!$apbct->white_label){
712
-
713
- // Support button
714
- echo '<a class="cleantalk_link cleantalk_link-auto" target="__blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">'.__('Support', 'cleantalk-spam-protect').'</a>';
715
- echo '&nbsp;&nbsp;';
716
- echo '<br>'
717
- . '<br>';
718
- }
719
- }
720
-
721
- settings_fields('cleantalk_settings');
722
- do_settings_fields('cleantalk', 'cleantalk_section_settings_main');
723
-
724
- foreach($apbct->settings_fields_in_groups as $group_name => $group){
725
-
726
- echo !empty($group['html_before']) ? $group['html_before'] : '';
727
- echo !empty($group['title']) ? '<h3 style="margin-left: 220px;">'.$group['title'].'</h3>' : '';
728
-
729
- do_settings_fields('cleantalk', 'apbct_section__'.$group_name);
730
-
731
- echo !empty($group['html_after']) ? $group['html_after'] : '';
732
-
733
- }
734
-
735
- echo '<br>';
736
- echo '<button name="submit" class="cleantalk_link cleantalk_link-manual" value="save_changes">'.__('Save Changes').'</button>';
737
-
738
- echo "</form>";
739
-
740
- if(!$apbct->white_label){
741
- // Translate banner for non EN locale
742
- if(substr(get_locale(), 0, 2) != 'en'){
743
- global $ct_translate_banner_template;
744
- require_once(CLEANTALK_PLUGIN_DIR.'templates/translate_banner.php');
745
- printf($ct_translate_banner_template, substr(get_locale(), 0, 2));
746
- }
747
- }
748
- }
749
-
750
- function apbct_settings__display__network(){
751
- // If it's network admin dashboard
752
- if(is_network_admin()){
753
- $site_url = get_site_option('siteurl');
754
- $site_url = preg_match( '/\/$/', $site_url ) ? $site_url : $site_url . '/';
755
- $link = $site_url . 'wp-admin/options-general.php?page=cleantalk';
756
- printf("<h2>" . __("Please, enter the %splugin settings%s in main site dashboard.", 'cleantalk-spam-protect') . "</h2>", "<a href='$link'>", "</a>");
757
- return;
758
- }
759
- }
760
-
761
- function apbct_settings__error__output($return = false){
762
-
763
- global $apbct;
764
-
765
- // If have error message output error block.
766
-
767
- $out = '';
768
-
769
- if(!empty($apbct->errors) && !defined('CLEANTALK_ACCESS_KEY')){
770
-
771
- $errors = $apbct->errors;
772
-
773
- $error_texts = array(
774
- // Misc
775
- 'key_invalid' => __('Error occurred while API key validating. Error: ', 'cleantalk-spam-protect'),
776
- 'key_get' => __('Error occurred while automatically gettings access key. Error: ', 'cleantalk-spam-protect'),
777
- 'sfw_send_logs' => __('Error occurred while sending SpamFireWall logs. Error: ', 'cleantalk-spam-protect'),
778
- 'sfw_update' => __('Error occurred while updating SpamFireWall local base. Error: ' , 'cleantalk-spam-protect'),
779
- 'account_check' => __('Error occurred while checking account status. Error: ', 'cleantalk-spam-protect'),
780
- 'api' => __('Error occurred while excuting API call. Error: ', 'cleantalk-spam-protect'),
781
-
782
- // Validating settings
783
- 'settings_validate' => 'Validate Settings',
784
- 'exclusions_urls' => 'URL Exclusions',
785
- 'exclusions_fields' => 'Field Exclusions',
786
-
787
- // Unknown
788
- 'unknown' => __('Unknown error. Error: ', 'cleantalk-spam-protect'),
789
- );
790
-
791
- $errors_out = array();
792
-
793
- foreach($errors as $type => $error){
794
-
795
- if(!empty($error)){
796
-
797
- if(is_array(current($error))){
798
-
799
- foreach($error as $sub_type => $sub_error){
800
- $errors_out[$sub_type] = '';
801
- if(isset($sub_error['error_time']))
802
- $errors_out[$sub_type] .= date('Y-m-d H:i:s', $sub_error['error_time']) . ': ';
803
- $errors_out[$sub_type] .= (isset($error_texts[$type]) ? $error_texts[$type] : ucfirst($type)) . ': ';
804
- $errors_out[$sub_type] .= (isset($error_texts[$sub_type]) ? $error_texts[$sub_type] : $error_texts['unknown']) . ' ' . $sub_error['error'];
805
- }
806
- continue;
807
- }
808
-
809
- $errors_out[$type] = '';
810
- if(isset($error['error_time']))
811
- $errors_out[$type] .= date('Y-m-d H:i:s', $error['error_time']) . ': ';
812
- $errors_out[$type] .= (isset($error_texts[$type]) ? $error_texts[$type] : $error_texts['unknown']) . ' ' . (isset($error['error']) ? $error['error'] : '');
813
-
814
- }
815
- }
816
-
817
- if(!empty($errors_out)){
818
- $out .= '<div id="apbctTopWarning" class="error" style="position: relative;">'
819
- .'<h3 style="display: inline-block;">'.__('Errors:', 'cleantalk-spam-protect').'</h3>';
820
- foreach($errors_out as $value){
821
- $out .= '<h4>'.$value.'</h4>';
822
- }
823
- $out .= !$apbct->white_label
824
- ? '<h4 style="text-align: unset;">'.sprintf(__('You can get support any time here: %s.', 'cleantalk-spam-protect'), '<a target="blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">https://wordpress.org/support/plugin/cleantalk-spam-protect</a>').'</h4>'
825
- : '';
826
- $out .= '</div>';
827
- }
828
- }
829
-
830
- if($return) return $out; else echo $out;
831
- }
832
-
833
- function apbct_settings__field__debug(){
834
-
835
- global $apbct;
836
-
837
- if($apbct->debug){
838
-
839
- echo '<hr /><h2>Debug:</h2>';
840
- echo '<h4>Constants:</h4>';
841
- echo 'CLEANTALK_AJAX_USE_BUFFER '. (defined('CLEANTALK_AJAX_USE_BUFFER') ? (CLEANTALK_AJAX_USE_BUFFER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
842
- echo 'CLEANTALK_AJAX_USE_FOOTER_HEADER '. (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? (CLEANTALK_AJAX_USE_FOOTER_HEADER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
843
- echo 'CLEANTALK_ACCESS_KEY '. (defined('CLEANTALK_ACCESS_KEY') ? (CLEANTALK_ACCESS_KEY ? CLEANTALK_ACCESS_KEY : 'flase') : 'NOT_DEFINED')."<br>";
844
- echo 'CLEANTALK_CHECK_COMMENTS_NUMBER '. (defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? (CLEANTALK_CHECK_COMMENTS_NUMBER ? CLEANTALK_CHECK_COMMENTS_NUMBER : 0) : 'NOT_DEFINED')."<br>";
845
- echo 'CLEANTALK_CHECK_MESSAGES_NUMBER '. (defined('CLEANTALK_CHECK_MESSAGES_NUMBER') ? (CLEANTALK_CHECK_MESSAGES_NUMBER ? CLEANTALK_CHECK_MESSAGES_NUMBER : 0) : 'NOT_DEFINED')."<br>";
846
- echo 'CLEANTALK_PLUGIN_DIR '. (defined('CLEANTALK_PLUGIN_DIR') ? (CLEANTALK_PLUGIN_DIR ? CLEANTALK_PLUGIN_DIR : 'flase') : 'NOT_DEFINED')."<br>";
847
- echo 'WP_ALLOW_MULTISITE '. (defined('WP_ALLOW_MULTISITE') ? (WP_ALLOW_MULTISITE ? 'true' : 'flase') : 'NOT_DEFINED');
848
-
849
- echo "<h4>Debug log: <button type='submit' value='debug_drop' name='submit' style='font-size: 11px; padding: 1px;'>Drop debug data</button></h4>";
850
- echo "<div style='height: 500px; width: 80%; overflow: auto;'>";
851
-
852
- $output = print_r($apbct->debug, true);
853
- $output = str_replace("\n", "<br>", $output);
854
- $output = preg_replace("/[^\S]{4}/", "&nbsp;&nbsp;&nbsp;&nbsp;", $output);
855
- echo "$output";
856
-
857
- echo "</div>";
858
-
859
- }
860
- }
861
-
862
- function apbct_settings__field__state(){
863
-
864
- global $apbct;
865
-
866
- $path_to_img = plugin_dir_url(__FILE__) . "images/";
867
-
868
- $img = $path_to_img."yes.png";
869
- $img_no = $path_to_img."no.png";
870
- $img_no_gray = $path_to_img."no_gray.png";
871
- $preloader = $path_to_img."preloader.gif";
872
- $color="black";
873
-
874
- if( ! $apbct->key_is_ok ){
875
- $img=$path_to_img."no.png";
876
- $img_no=$path_to_img."no.png";
877
- $color="black";
878
- }
879
-
880
- if(!apbct_api_key__is_correct($apbct->api_key)){
881
- $img = $path_to_img."yes_gray.png";
882
- $img_no = $path_to_img."no_gray.png";
883
- $color="gray";
884
- }
885
-
886
- if($apbct->moderate_ip){
887
- $img = $path_to_img."yes.png";
888
- $img_no = $path_to_img."no.png";
889
- $color="black";
890
- }
891
-
892
- if( $apbct->moderate == 0 ){
893
- $img = $path_to_img."no.png";
894
- $img_no = $path_to_img."no.png";
895
- $color="black";
896
- }
897
-
898
- print '<div class="apbct_settings-field_wrapper" style="color:'.$color.'">';
899
-
900
- print '<h2>'.__('Protection is active', 'cleantalk-spam-protect').'</h2>';
901
-
902
- echo '<img class="apbct_status_icon" src="'.($apbct->settings['registrations_test'] == 1 ? $img : $img_no).'"/>'.__('Registration forms', 'cleantalk-spam-protect');
903
- echo '<img class="apbct_status_icon" src="'.($apbct->settings['comments_test'] == 1 ? $img : $img_no).'"/>'.__('Comments forms', 'cleantalk-spam-protect');
904
- echo '<img class="apbct_status_icon" src="'.($apbct->settings['contact_forms_test'] == 1 ? $img : $img_no).'"/>'.__('Contact forms', 'cleantalk-spam-protect');
905
- echo '<img class="apbct_status_icon" src="'.($apbct->settings['general_contact_forms_test'] == 1 ? $img : $img_no).'"/>'.__('Custom contact forms', 'cleantalk-spam-protect');
906
- if(!$apbct->white_label || is_main_site())
907
- echo '<img class="apbct_status_icon" src="'.($apbct->data['moderate'] == 1 ? $img : $img_no).'"/>'
908
- .'<a style="color: black" href="https://blog.cleantalk.org/real-time-email-address-existence-validation/">'.__('Validate email for existence', 'cleantalk-spam-protect').'</a>';
909
- // Autoupdate status
910
- if($apbct->notice_auto_update && (!$apbct->white_label || is_main_site())){
911
- echo '<img class="apbct_status_icon" src="'.($apbct->auto_update == 1 ? $img : ($apbct->auto_update == -1 ? $img_no : $img_no_gray)).'"/>'.__('Auto update', 'cleantalk-spam-protect')
912
- .' <sup><a href="https://cleantalk.org/help/cleantalk-auto-update" target="_blank">?</a></sup>';
913
- }
914
-
915
- // WooCommerce
916
- if(class_exists('WooCommerce'))
917
- echo '<img class="apbct_status_icon" src="'.($apbct->settings['wc_checkout_test'] == 1 ? $img : $img_no).'"/>'.__('WooCommerce checkout form', 'cleantalk-spam-protect');
918
- if($apbct->moderate_ip)
919
- print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$apbct->data['ip_license'].".<br />";
920
-
921
- print "</div>";
922
- }
923
-
924
- /**
925
- * Admin callback function - Displays inputs of 'apikey' plugin parameter
926
- */
927
- function apbct_settings__field__apikey(){
928
-
929
- global $apbct;
930
-
931
- echo '<div id="cleantalk_apikey_wrapper" class="apbct_settings-field_wrapper">';
932
-
933
- // Using key from Main site, or from CLEANTALK_ACCESS_KEY constant
934
- if(APBCT_WPMS && !is_main_site() && (!$apbct->allow_custom_key || defined('CLEANTALK_ACCESS_KEY'))){
935
- _e('<h3>Key is provided by Super Admin.</h3>', 'cleantalk-spam-protect');
936
- return;
937
- }
938
-
939
- echo '<label class="apbct_settings__label" for="cleantalk_apkey">' . __('Access key', 'cleantalk-spam-protect') . '</label>';
940
-
941
- echo '<input
942
- id="apbct_setting_apikey"
943
- class="apbct_setting_text apbct_setting---apikey"
944
- type="text"
945
- name="cleantalk_settings[apikey]"
946
- value="'
947
- . ($apbct->key_is_ok
948
- ? str_repeat('*', strlen($apbct->api_key))
949
- : $apbct->api_key
950
- )
951
- . '"
952
- key="' . $apbct->api_key . '"
953
- size="20"
954
- placeholder="' . __('Enter the key', 'cleantalk-spam-protect') . '"'
955
- . ' />';
956
-
957
- // Show account name associated with key
958
- if(!empty($apbct->data['account_name_ob'])){
959
- echo '<div class="apbct_display--none">'
960
- . sprintf( __('Account at cleantalk.org is %s.', 'cleantalk-spam-protect'),
961
- '<b>'.$apbct->data['account_name_ob'].'</b>'
962
- )
963
- . '</div>';
964
- };
965
-
966
- // Show key button
967
- if((apbct_api_key__is_correct($apbct->api_key) && $apbct->key_is_ok)){
968
- echo '<a id="apbct_showApiKey" class="ct_support_link" style="display: block" href="#">'
969
- . __('Show the access key', 'cleantalk-spam-protect')
970
- . '</a>';
971
-
972
- // "Auto Get Key" buttons. License agreement
973
- }else{
974
-
975
- echo '<br /><br />';
976
-
977
- // Auto get key
978
- if(!$apbct->ip_license){
979
- echo '<button class="cleantalk_link cleantalk_link-manual apbct_setting---get_key_auto" name="submit" type="submit" value="get_key_auto">'
980
- .__('Get Access Key Automatically', 'cleantalk-spam-protect')
981
- .'</button>';
982
- echo '<input type="hidden" id="ct_admin_timezone" name="ct_admin_timezone" value="null" />';
983
- echo '<br />';
984
- echo '<br />';
985
- }
986
-
987
- // Warnings and GDPR
988
- printf( __('Admin e-mail (%s) will be used for registration, if you want to use other email please %sGet Access Key Manually%s.', 'cleantalk-spam-protect'),
989
- ct_get_admin_email(),
990
- '<a class="apbct_color--gray" target="__blank" href="'
991
- . sprintf( 'https://cleantalk.org/register?platform=wordpress&email=%s&website=%s',
992
- urlencode(ct_get_admin_email()),
993
- urlencode(parse_url(get_option('siteurl'),PHP_URL_HOST))
994
- )
995
- . '">',
996
- '</a>'
997
- );
998
-
999
- // License agreement
1000
- if(!$apbct->ip_license){
1001
- echo '<div>';
1002
- echo '<input checked type="checkbox" id="license_agreed" onclick="apbctSettingsDependencies(\'apbct_setting---get_key_auto\');"/>';
1003
- echo '<label for="spbc_license_agreed">';
1004
- printf( __('I accept %sLicense Agreement%s.', 'cleantalk-spam-protect'),
1005
- '<a class = "apbct_color--gray" href="https://cleantalk.org/publicoffer" target="_blank">',
1006
- '</a>'
1007
- );
1008
- echo "</label>";
1009
- echo '</div>';
1010
- }
1011
- }
1012
-
1013
- echo '</div>';
1014
- }
1015
-
1016
- function apbct_settings__field__action_buttons(){
1017
-
1018
- global $apbct;
1019
-
1020
- $links = apply_filters(
1021
- 'apbct_settings_action_buttons',
1022
- array(
1023
- '<a href="edit-comments.php?page=ct_check_spam" class="ct_support_link">' . __('Check comments for spam', 'cleantalk-spam-protect') . '</a>',
1024
- '<a href="users.php?page=ct_check_users" class="ct_support_link">' . __('Check users for spam', 'cleantalk-spam-protect') . '</a>',
1025
- '<a href="#" class="ct_support_link" onclick="apbct_show_hide_elem(\'apbct_statistics\')">' . __('Statistics & Reports', 'cleantalk-spam-protect') . '</a>',
1026
- )
1027
- );
1028
-
1029
- echo '<div class="apbct_settings-field_wrapper">';
1030
-
1031
- if( apbct_api_key__is_correct($apbct->api_key) && $apbct->key_is_ok ){
1032
- echo '<div>';
1033
- foreach( $links as $link ) {
1034
- echo $link . '&nbsp;&nbsp;&nbsp;&nbsp;';
1035
- }
1036
- echo '</div>';
1037
- }
1038
-
1039
- echo '</div>';
1040
- }
1041
-
1042
- function apbct_settings__field__statistics() {
1043
-
1044
- global $apbct, $wpdb;
1045
-
1046
- echo '<div id="apbct_statistics" class="apbct_settings-field_wrapper" style="display: none;">';
1047
-
1048
- // Last request
1049
- printf(
1050
- __('Last spam check request to %s server was at %s.', 'cleantalk-spam-protect'),
1051
- $apbct->stats['last_request']['server'] ? $apbct->stats['last_request']['server'] : __('unknown', 'cleantalk-spam-protect'),
1052
- $apbct->stats['last_request']['time'] ? date('M d Y H:i:s', $apbct->stats['last_request']['time']) : __('unknown', 'cleantalk-spam-protect')
1053
- );
1054
- echo '<br>';
1055
-
1056
- // Avarage time request
1057
- printf(
1058
- __('Average request time for past 7 days: %s seconds.', 'cleantalk-spam-protect'),
1059
- $apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]['average_time']
1060
- ? round($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]['average_time'], 3)
1061
- : __('unknown', 'cleantalk-spam-protect')
1062
- );
1063
- echo '<br>';
1064
-
1065
- // SFW last die
1066
- printf(
1067
- __('Last time SpamFireWall was triggered for %s IP at %s', 'cleantalk-spam-protect'),
1068
- $apbct->stats['last_sfw_block']['ip'] ? $apbct->stats['last_sfw_block']['ip'] : __('unknown', 'cleantalk-spam-protect'),
1069
- $apbct->stats['last_sfw_block']['time'] ? date('M d Y H:i:s', $apbct->stats['last_sfw_block']['time']) : __('unknown', 'cleantalk-spam-protect')
1070
- );
1071
- echo '<br>';
1072
-
1073
- // SFW last update
1074
- $sfw_netwoks_amount = $wpdb->get_results("SELECT count(*) AS cnt FROM `".$wpdb->prefix."cleantalk_sfw`", ARRAY_A);
1075
- printf(
1076
- __('SpamFireWall was updated %s. Now contains %s entries.', 'cleantalk-spam-protect'),
1077
- $apbct->stats['sfw']['last_update_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_update_time']) : __('unknown', 'cleantalk-spam-protect'),
1078
- isset($sfw_netwoks_amount[0]['cnt']) ? $sfw_netwoks_amount[0]['cnt'] : __('unknown', 'cleantalk-spam-protect')
1079
- );
1080
- echo '<br>';
1081
-
1082
- // SFW last sent logs
1083
- printf(
1084
- __('SpamFireWall sent %s events at %s.', 'cleantalk-spam-protect'),
1085
- $apbct->stats['sfw']['last_send_amount'] ? $apbct->stats['sfw']['last_send_amount'] : __('unknown', 'cleantalk-spam-protect'),
1086
- $apbct->stats['sfw']['last_send_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_send_time']) : __('unknown', 'cleantalk-spam-protect')
1087
- );
1088
- echo '<br>';
1089
-
1090
- // Connection reports
1091
- if ($apbct->connection_reports){
1092
-
1093
- if ($apbct->connection_reports['negative'] == 0){
1094
- _e('There are no failed connections to server.', 'cleantalk-spam-protect');
1095
- }else{
1096
- echo "<table id='negative_reports_table''>
1097
- <tr>
1098
- <td>#</td>
1099
- <td><b>Date</b></td>
1100
- <td><b>Page URL</b></td>
1101
- <td><b>Report</b></td>
1102
- <td><b>Server IP</b></td>
1103
- </tr>";
1104
- foreach($apbct->connection_reports['negative_report'] as $key => $report){
1105
- echo '<tr>'
1106
- . '<td>'.($key+1).'.</td>'
1107
- . '<td>'.$report['date'].'</td>'
1108
- . '<td>'.$report['page_url'].'</td>'
1109
- . '<td>'.$report['lib_report'].'</td>'
1110
- . '<td>'.$report['work_url'].'</td>'
1111
- . '</tr>';
1112
- }
1113
- echo "</table>";
1114
- echo '<br/>';
1115
- echo '<button'
1116
- . ' name="submit"'
1117
- . ' class="cleantalk_link cleantalk_link-manual"'
1118
- . ' value="ct_send_connection_report"'
1119
- . (!$apbct->settings['send_connection_reports'] ? ' disabled="disabled"' : '')
1120
- . '>'
1121
- .__('Send report', 'cleantalk-spam-protect')
1122
- .'</button>';
1123
- if (!$apbct->settings['send_connection_reports']){
1124
- echo '<br><br>';
1125
- _e('Please, enable "Send connection reports" setting to be able to send reports', 'cleantalk-spam-protect');
1126
- }
1127
- }
1128
-
1129
- }
1130
-
1131
- echo '<br/>';
1132
- echo 'Plugin version: ' . APBCT_VERSION;
1133
-
1134
- echo '</div>';
1135
- }
1136
- function apbct_get_all_child_domains($except_main_site = false) {
1137
- global $wpdb;
1138
- $blogs = array();
1139
- $wp_blogs = $wpdb->get_results('SELECT blog_id, site_id FROM '. $wpdb->blogs, OBJECT_K);
1140
-
1141
- if ($except_main_site) {
1142
- foreach ($wp_blogs as $blog) {
1143
- if ($blog->blog_id != $blog->site_id)
1144
- $blogs[] = get_blog_details( array( 'blog_id' => $blog->blog_id ) )->blogname;
1145
- }
1146
- }
1147
- return $blogs;
1148
- }
1149
- /**
1150
- * Get all current Wordpress roles, could except 'subscriber' role
1151
- *
1152
- * @param bool $except_subscriber
1153
- *
1154
- * @return array
1155
- */
1156
- function apbct_get_all_roles($except_subscriber = false) {
1157
-
1158
- global $wp_roles;
1159
-
1160
- $wp_roles = new WP_Roles();
1161
- $roles = $wp_roles->get_names();
1162
-
1163
- if($except_subscriber) {
1164
- $key = array_search( 'Subscriber', $roles );
1165
- if ( $key !== false ) {
1166
- unset( $roles[ $key ] );
1167
- }
1168
- }
1169
-
1170
- return $roles;
1171
- }
1172
-
1173
- function apbct_settings__field__draw($params = array()){
1174
-
1175
- global $apbct;
1176
-
1177
- $value = $params['network'] ? $apbct->network_settings[$params['name']] : $apbct->settings[$params['name']];
1178
- $value_parent = $params['parent']
1179
- ? ($params['network'] ? $apbct->network_settings[$params['parent']] : $apbct->settings[$params['parent']])
1180
- : false;
1181
-
1182
- // Is element is disabled
1183
- $disabled = $params['parent'] && !$value_parent ? ' disabled="disabled"' : ''; // Strait
1184
- $disabled = $params['parent'] && $params['reverse_trigger'] && !$value_parent ? ' disabled="disabled"' : $disabled; // Reverse logic
1185
- $disabled = $params['disabled'] ? ' disabled="disabled"' : $disabled; // Direct disable from params
1186
- $disabled = ! is_main_site() && $apbct->network_settings && ! $apbct->network_settings['allow_custom_settings'] ? ' disabled="disabled"' : $disabled; // Disabled by super admin on sub-sites
1187
-
1188
- $childrens = $params['childrens'] ? 'apbct_setting---' . implode(",apbct_setting---",$params['childrens']) : '';
1189
- $hide = $params['hide'] ? implode(",",$params['hide']) : '';
1190
-
1191
- echo '<div class="'.$params['def_class'].(isset($params['class']) ? ' '.$params['class'] : '').'">';
1192
-
1193
- switch($params['type']){
1194
-
1195
- // Checkbox type
1196
- case 'checkbox':
1197
- echo '<input
1198
- type="checkbox"
1199
- name="cleantalk_settings['.$params['name'].']"
1200
- id="apbct_setting_'.$params['name'].'"
1201
- value="1" '
1202
- ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1203
- .($value == '1' ? ' checked' : '')
1204
- .$disabled
1205
- .($params['required'] ? ' required="required"' : '')
1206
- .($params['childrens'] ? ' apbct_children="'. $childrens .'"' : '')
1207
- .' onchange="'
1208
- . ($params['childrens'] ? ' apbctSettingsDependencies(\''. $childrens .'\');' : '')
1209
- . ($params['hide'] ? ' apbct_show_hide_elem(\''. $hide . '\');' : '')
1210
- . '"'
1211
- .' />'
1212
- .'<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1213
- .$params['title']
1214
- .'</label>';
1215
- echo isset($params['long_description'])
1216
- ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1217
- : '';
1218
- echo '<div class="apbct_settings-field_description">'
1219
- .$params['description']
1220
- .'</div>';
1221
- break;
1222
-
1223
- // Radio type
1224
- case 'radio':
1225
-
1226
- // Title
1227
- echo isset($params['title'])
1228
- ? '<h4 class="apbct_settings-field_title apbct_settings-field_title--'.$params['type'].'">'.$params['title'].'</h4>'
1229
- : '';
1230
-
1231
- // Popup description
1232
- echo isset($params['long_description'])
1233
- ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1234
- : '';
1235
-
1236
- echo '<div class="apbct_settings-field_content apbct_settings-field_content--'.$params['type'].'">';
1237
-
1238
- echo '<div class="apbct_switchers" style="direction: ltr">';
1239
- foreach($params['options'] as $option){
1240
- echo '<input'
1241
- .' type="radio"'
1242
- ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1243
- ." id='apbct_setting_{$params['name']}__{$option['label']}'"
1244
- .' name="cleantalk_settings['.$params['name'].']"'
1245
- .' value="'.$option['val'].'"'
1246
- . $disabled
1247
- .($params['childrens']
1248
- ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\', ' . $option['childrens_enable'] . ')"'
1249
- : ''
1250
- )
1251
- .($value == $option['val'] ? ' checked' : '')
1252
- .($params['required'] ? ' required="required"' : '')
1253
- .' />';
1254
- echo '<label for="apbct_setting_'.$params['name'].'__'.$option['label'].'"> ' . $option['label'] . '</label>';
1255
- echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
1256
- }
1257
- echo '</div>';
1258
-
1259
- echo isset($params['description'])
1260
- ? '<div class="apbct_settings-field_description">'.$params['description'].'</div>'
1261
- : '';
1262
-
1263
- echo '</div>';
1264
- break;
1265
-
1266
- // Dropdown list type
1267
- case 'select':
1268
- echo isset($params['title'])
1269
- ? '<h4 class="apbct_settings-field_title apbct_settings-field_title--'.$params['type'].'">'.$params['title'].'</h4>'
1270
- : '';
1271
- echo isset($params['long_description'])
1272
- ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1273
- : '';
1274
- echo '<select'
1275
- . ' id="apbct_setting_'.$params['name'].'"'
1276
- . " class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1277
- . ' name="cleantalk_settings['.$params['name'].']'.($params['multiple'] ? '[]"' : '"')
1278
- . ($params['multiple'] ? ' size="'. count($params['options']). '""' : '')
1279
- . ($params['multiple'] ? ' multiple="multiple"' : '')
1280
- . $disabled
1281
- . ($params['required'] ? ' required="required"' : '')
1282
- . ' >';
1283
-
1284
- foreach($params['options'] as $option){
1285
- echo '<option'
1286
- . ' value="' . $option['val'] . '"'
1287
- . ($params['multiple']
1288
- ? (!empty($value) && in_array($option['val'], $value) ? ' selected="selected"' : '')
1289
- : ($value == $option['val'] ? 'selected="selected"' : '')
1290
- )
1291
- .'>'
1292
- . $option['label']
1293
- . '</option>';
1294
- }
1295
-
1296
- echo '</select>';
1297
- echo isset($params['long_description'])
1298
- ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1299
- : '';
1300
- echo isset($params['description'])
1301
- ? '<div class="apbct_settings-field_description">'.$params['description'].'</div>'
1302
- : '';
1303
-
1304
- break;
1305
-
1306
- // Text type
1307
- case 'text':
1308
-
1309
- echo '<input
1310
- type="text"
1311
- id="apbct_setting_'.$params['name'].'"
1312
- name="cleantalk_settings['.$params['name'].']"'
1313
- ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1314
- .' value="'. $value .'" '
1315
- .$disabled
1316
- .($params['required'] ? ' required="required"' : '')
1317
- .($params['childrens'] ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\')"' : '')
1318
- .' />'
1319
- . '&nbsp;'
1320
- .'<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1321
- .$params['title']
1322
- .'</label>';
1323
- echo '<div class="apbct_settings-field_description">'
1324
- .$params['description']
1325
- .'</div>';
1326
- break;
1327
-
1328
- // Textarea type
1329
- case 'textarea':
1330
-
1331
- echo '<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1332
- .$params['title']
1333
- .'</label></br>';
1334
- echo '<textarea
1335
- id="apbct_setting_'.$params['name'].'"
1336
- name="cleantalk_settings['.$params['name'].']"'
1337
- ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1338
- .$disabled
1339
- .($params['required'] ? ' required="required"' : '')
1340
- .($params['childrens'] ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\')"' : '')
1341
- .'>'. $value .'</textarea>'
1342
- . '&nbsp;';
1343
- echo '<div class="apbct_settings-field_description">'
1344
- .$params['description']
1345
- .'</div>';
1346
- break;
1347
-
1348
- }
1349
-
1350
- echo '</div>';
1351
- }
1352
-
1353
- /**
1354
- * Admin callback function - Plugin parameters validator
1355
- *
1356
- * @global \Cleantalk\ApbctWP\State $apbct
1357
- * @param array $settings Array with passed settings
1358
- * @return array Array with processed settings
1359
- */
1360
- function apbct_settings__validate($settings) {
1361
-
1362
- global $apbct;
1363
-
1364
- // If user is not allowed to manage settings. Get settings from the storage
1365
- if( ! is_main_site() && ( ! $apbct->network_settings['allow_custom_settings'] ) ){
1366
- foreach ($apbct->settings as $key => $setting){
1367
- $settings[ $key ] = $setting;
1368
- }
1369
- }
1370
-
1371
- // Set missing settings.
1372
- foreach($apbct->def_settings as $setting => $value){
1373
- if(!isset($settings[$setting])){
1374
- $settings[$setting] = null;
1375
- settype($settings[$setting], gettype($value));
1376
- }
1377
- } unset($setting, $value);
1378
-
1379
- // Set missing settings.
1380
- foreach($apbct->def_network_settings as $setting => $value){
1381
- if(!isset($settings[$setting])){
1382
- $settings[$setting] = null;
1383
- settype($settings[$setting], gettype($value));
1384
- }
1385
- } unset($setting, $value);
1386
-
1387
- //Sanitizing sfw__anti_flood__view_limit setting
1388
- $settings['sfw__anti_flood__view_limit'] = floor( intval( $settings['sfw__anti_flood__view_limit'] ) );
1389
- $settings['sfw__anti_flood__view_limit'] = ( $settings['sfw__anti_flood__view_limit'] == 0 ? 10 : $settings['sfw__anti_flood__view_limit'] ); // Default if 0 passed
1390
- $settings['sfw__anti_flood__view_limit'] = ( $settings['sfw__anti_flood__view_limit'] < 5 ? 5 : $settings['sfw__anti_flood__view_limit'] ); //
1391
-
1392
- // Auto getting key
1393
- if (isset($_POST['submit']) && $_POST['submit'] == 'get_key_auto'){
1394
-
1395
- $website = parse_url(get_option('siteurl'), PHP_URL_HOST).parse_url(get_option('siteurl'), PHP_URL_PATH);
1396
- $platform = 'wordpress';
1397
- $user_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'), false);
1398
- $timezone = filter_input(INPUT_POST, 'ct_admin_timezone');
1399
- $language = apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1400
- $wpms = APBCT_WPMS && defined('SUBDOMAIN_INSTALL') && !SUBDOMAIN_INSTALL ? true : false;
1401
- $white_label = $apbct->network_settings['white_label'] ? 1 : 0;
1402
- $hoster_api_key = $apbct->network_settings['white_label__hoster_key'] ? $apbct->network_settings['white_label__hoster_key'] : '';
1403
-
1404
- $result = \Cleantalk\ApbctWP\API::method__get_api_key(
1405
- ! is_main_site() && $apbct->white_label ? 'anti-spam-hosting' : 'antispam',
1406
- ct_get_admin_email(),
1407
- $website,
1408
- $platform,
1409
- $timezone,
1410
- $language,
1411
- $user_ip,
1412
- $wpms,
1413
- $white_label,
1414
- $hoster_api_key
1415
- );
1416
-
1417
- if(empty($result['error'])){
1418
-
1419
- if(isset($result['user_token'])){
1420
- $apbct->data['user_token'] = $result['user_token'];
1421
- }
1422
-
1423
- if(!empty($result['auth_key'])){
1424
- $settings['apikey'] = $result['auth_key'];
1425
- }
1426
-
1427
- }else{
1428
- $apbct->error_add(
1429
- 'key_get',
1430
- $result['error']
1431
- . ($apbct->white_label
1432
- ? ' <button name="submit" type="submit" class="cleantalk_link cleantalk_link-manual" value="get_key_auto">'
1433
- : ''
1434
- )
1435
- );
1436
- }
1437
- }
1438
-
1439
- // Validating API key
1440
- $settings['apikey'] = strpos($settings['apikey'], '*') === false ? $settings['apikey'] : $apbct->settings['apikey'];
1441
-
1442
- $apbct->data['key_changed'] = $settings['apikey'] !== $apbct->settings['apikey'];
1443
-
1444
- $settings['apikey'] = !empty($settings['apikey']) ? trim($settings['apikey']) : '';
1445
- $settings['apikey'] = defined( 'CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $settings['apikey'];
1446
- $settings['apikey'] = ! is_main_site() && $apbct->white_label ? $apbct->settings['apikey'] : $settings['apikey'];
1447
- $settings['apikey'] = is_main_site() || $apbct->allow_custom_key || $apbct->white_label ? $settings['apikey'] : $apbct->network_settings['apikey'];
1448
- $settings['apikey'] = is_main_site() || !$settings['white_label'] ? $settings['apikey'] : $apbct->settings['apikey'];
1449
-
1450
- // Sanitize setting values
1451
- foreach ($settings as &$setting ){
1452
- if( is_scalar( $setting ) )
1453
- $setting = preg_replace( '/[<"\'>]/', '', trim( $setting ) ); // Make HTML code inactive
1454
- }
1455
-
1456
- // Validate Exclusions
1457
- // URLs
1458
- $result = apbct_settings__sanitize__exclusions($settings['exclusions__urls'], $settings['exclusions__urls__use_regexp']);
1459
- $result === false
1460
- ? $apbct->error_add( 'exclusions_urls', 'is not valid: "' . $settings['exclusions__urls'] . '"', 'settings_validate' )
1461
- : $apbct->error_delete( 'exclusions_urls', true, 'settings_validate' );
1462
- $settings['exclusions__urls'] = $result ? $result: '';
1463
-
1464
- // Fields
1465
- $result = apbct_settings__sanitize__exclusions($settings['exclusions__fields'], $settings['exclusions__fields__use_regexp']);
1466
- $result === false
1467
- ? $apbct->error_add( 'exclusions_fields', 'is not valid: "' . $settings['exclusions__fields'] . '"', 'settings_validate' )
1468
- : $apbct->error_delete( 'exclusions_fields', true, 'settings_validate' );
1469
- $settings['exclusions__fields'] = $result ? $result: '';
1470
-
1471
- // WPMS Logic.
1472
- if(APBCT_WPMS && is_main_site()){
1473
- $network_settings = array(
1474
- 'allow_custom_key' => $settings['allow_custom_key'],
1475
- 'allow_custom_settings' => $settings['allow_custom_settings'],
1476
- 'white_label' => $settings['white_label'],
1477
- 'white_label__hoster_key' => $settings['white_label__hoster_key'],
1478
- 'white_label__plugin_name' => $settings['white_label__plugin_name'],
1479
- 'use_settings_template' => $settings['use_settings_template'],
1480
- 'use_settings_template_apply_for_new' => $settings['use_settings_template_apply_for_new'],
1481
- 'use_settings_template_apply_for_current' => $settings['use_settings_template_apply_for_current'],
1482
- 'use_settings_template_apply_for_current_list_sites' => $settings['use_settings_template_apply_for_current_list_sites'],
1483
- );
1484
- unset( $settings['allow_custom_key'], $settings['white_label'], $settings['white_label__hoster_key'], $settings['white_label__plugin_name'] );
1485
- }
1486
-
1487
- // Drop debug data
1488
- if (isset($_POST['submit']) && $_POST['submit'] == 'debug_drop'){
1489
- $apbct->debug = false;
1490
- delete_option('cleantalk_debug');
1491
- return $settings;
1492
- }
1493
-
1494
- // Send connection reports
1495
- if (isset($_POST['submit']) && $_POST['submit'] == 'ct_send_connection_report'){
1496
- ct_mail_send_connection_report();
1497
- return $settings;
1498
- }
1499
-
1500
- $apbct->saveData();
1501
-
1502
- // WPMS Logic.
1503
- if(APBCT_WPMS){
1504
- if(is_main_site()){
1505
-
1506
- // Network settings
1507
- $network_settings['apikey'] = $settings['apikey'];
1508
- $apbct->network_settings = $network_settings;
1509
- $apbct->saveNetworkSettings();
1510
-
1511
- // Network data
1512
- $apbct->network_data = array(
1513
- 'key_is_ok' => $apbct->data['key_is_ok'],
1514
- 'moderate' => $apbct->data['moderate'],
1515
- 'valid' => $apbct->data['valid'],
1516
- 'auto_update' => $apbct->data['auto_update'],
1517
- 'user_token' => $apbct->data['user_token'],
1518
- 'service_id' => $apbct->data['service_id'],
1519
- );
1520
- $apbct->saveNetworkData();
1521
- if (isset($settings['use_settings_template_apply_for_current_list_sites']) && !empty($settings['use_settings_template_apply_for_current_list_sites'])) {
1522
- apbct_update_blogs_options($settings['use_settings_template_apply_for_current_list_sites'], $settings);
1523
- }
1524
- }
1525
- if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1526
- $settings['apikey'] = '';
1527
- }
1528
- }
1529
-
1530
- return $settings;
1531
- }
1532
-
1533
- function apbct_settings__sync( $direct_call = false ){
1534
-
1535
- if( ! $direct_call )
1536
- check_ajax_referer('ct_secret_nonce' );
1537
-
1538
- global $apbct;
1539
-
1540
- // Feedback with app_agent
1541
- ct_send_feedback('0:' . APBCT_AGENT); // 0 - request_id, agent version.
1542
-
1543
- // Key is good by default
1544
- $apbct->data['key_is_ok'] = true;
1545
-
1546
- // Checking account status
1547
- $result = ct_account_status_check( $apbct->settings['apikey'] );
1548
-
1549
- // Is key valid?
1550
- if( $result ){
1551
-
1552
- // Deleting errors about invalid key
1553
- $apbct->error_delete( 'key_invalid key_get', 'save' );
1554
-
1555
- // SFW actions
1556
- if( $apbct->settings['spam_firewall'] == 1 ){
1557
-
1558
- $result = ct_sfw_update( $apbct->settings['apikey'] );
1559
- if( ! empty( $result['error'] ) )
1560
- $apbct->error_add( 'sfw_update', $result['error'] );
1561
-
1562
- $result = ct_sfw_send_logs( $apbct->settings['apikey'] );
1563
- if( ! empty( $result['error'] ) )
1564
- $apbct->error_add( 'sfw_send_logs', $result['error'] );
1565
-
1566
- }
1567
-
1568
- // Updating brief data for dashboard widget
1569
- $apbct->data['brief_data'] = \Cleantalk\ApbctWP\API::method__get_antispam_report_breif( $apbct->settings['apikey'] );
1570
-
1571
- // Key is not valid
1572
- }else{
1573
- $apbct->data['key_is_ok'] = false;
1574
- $apbct->error_add( 'key_invalid', __( 'Testing is failed. Please check the Access key.', 'cleantalk-spam-protect' ) );
1575
- }
1576
-
1577
- // WPMS Logic.
1578
- if(APBCT_WPMS){
1579
- if(is_main_site()){
1580
-
1581
- // Network settings
1582
- $network_settings['apikey'] = $apbct->settings['apikey'];
1583
- $apbct->network_settings = $network_settings;
1584
- $apbct->saveNetworkSettings();
1585
-
1586
- // Network data
1587
- $apbct->network_data = array(
1588
- 'key_is_ok' => $apbct->data['key_is_ok'],
1589
- 'moderate' => $apbct->data['moderate'],
1590
- 'valid' => $apbct->data['valid'],
1591
- 'auto_update' => $apbct->data['auto_update'],
1592
- 'user_token' => $apbct->data['user_token'],
1593
- 'service_id' => $apbct->data['service_id'],
1594
- );
1595
- $apbct->saveNetworkData();
1596
- if (isset($settings['use_settings_template_apply_for_current_list_sites']) && !empty($settings['use_settings_template_apply_for_current_list_sites'])) {
1597
- apbct_update_blogs_options($settings['use_settings_template_apply_for_current_list_sites'], $settings);
1598
- }
1599
- }
1600
- if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1601
- $settings['apikey'] = '';
1602
- }
1603
- }
1604
-
1605
- if($apbct->data['key_is_ok'] == false && $apbct->data['moderate_ip'] == 0){
1606
-
1607
- // Notices
1608
- $apbct->data['notice_show'] = 1;
1609
- $apbct->data['notice_renew'] = 0;
1610
- $apbct->data['notice_trial'] = 0;
1611
- $apbct->data['notice_review'] = 0;
1612
- $apbct->data['notice_auto_update'] = 0;
1613
-
1614
- // Other
1615
- $apbct->data['service_id'] = 0;
1616
- $apbct->data['valid'] = 0;
1617
- $apbct->data['moderate'] = 0;
1618
- $apbct->data['ip_license'] = 0;
1619
- $apbct->data['moderate_ip'] = 0;
1620
- $apbct->data['spam_count'] = 0;
1621
- $apbct->data['auto_update'] = 0;
1622
- $apbct->data['user_token'] = '';
1623
- $apbct->data['license_trial'] = 0;
1624
- $apbct->data['account_name_ob'] = '';
1625
- }
1626
-
1627
- $out = array(
1628
- 'success' => true,
1629
- 'reload' => $apbct->data['key_changed'],
1630
- );
1631
-
1632
- $apbct->data['key_changed'] = false;
1633
-
1634
- $apbct->saveData();
1635
-
1636
- die( json_encode( $out ) );
1637
- }
1638
-
1639
- function apbct_update_blogs_options ($blog_names = array(), $settings) {
1640
- global $wpdb;
1641
-
1642
- $wp_blogs = $wpdb->get_results('SELECT blog_id, site_id FROM '. $wpdb->blogs, OBJECT_K);
1643
-
1644
- foreach ($wp_blogs as $blog) {
1645
- $blog_name = get_blog_details( array( 'blog_id' => $blog->blog_id ) )->blogname;
1646
- if (in_array($blog_name, $blog_names)) {
1647
- update_blog_option ($blog->blog_id, 'cleantalk_settings', $settings);
1648
- }
1649
- }
1650
- }
1651
- /**
1652
- * Sanitize and validate exclusions.
1653
- * Explode given string by commas and trim each string.
1654
- * Skip element if it's empty.
1655
- *
1656
- * Return false if exclusion is bad
1657
- * Return sanitized string if all is ok
1658
- *
1659
- * @param string $exclusions
1660
- * @param bool $regexp
1661
- *
1662
- * @return bool|string
1663
- */
1664
- function apbct_settings__sanitize__exclusions($exclusions, $regexp = false){
1665
- $result = array();
1666
- $type = 0;
1667
- if( ! empty( $exclusions ) ){
1668
- if( strpos( $exclusions, "\r\n" ) !== false ) {
1669
- $exclusions = explode( "\r\n", $exclusions );
1670
- $type = 2;
1671
- } elseif( strpos( $exclusions, "\n" ) !== false ) {
1672
- $exclusions = explode( "\n", $exclusions );
1673
- $type = 1;
1674
- } else {
1675
- $exclusions = explode( ',', $exclusions );
1676
- }
1677
- foreach ( $exclusions as $exclusion ){
1678
- $sanitized_exclusion = trim( $exclusion, " \t\n\r\0\x0B/\/" );
1679
- if ( ! empty( $sanitized_exclusion ) ) {
1680
- if( $regexp && ! apbct_is_regexp( $exclusion ) )
1681
- return false;
1682
- $result[] = $sanitized_exclusion;
1683
- }
1684
- }
1685
- }
1686
- switch ( $type ) {
1687
- case 0 :
1688
- default :
1689
- return implode( ',', $result );
1690
- break;
1691
- case 1 :
1692
- return implode( "\n", $result );
1693
- break;
1694
- case 2 :
1695
- return implode( "\r\n", $result );
1696
- break;
1697
- }
1698
- }
1699
-
1700
- function apbct_settings_show_gdpr_text($print = false){
1701
-
1702
- $out = wpautop('The notice requirements remain and are expanded. They must include the retention time for personal data, and contact information for data controller and data protection officer has to be provided.
1703
- Automated individual decision-making, including profiling (Article 22) is contestable, similarly to the Data Protection Directive (Article 15). Citizens have rights to question and fight significant decisions that affect them that have been made on a solely-algorithmic basis. Many media outlets have commented on the introduction of a "right to explanation" of algorithmic decisions, but legal scholars have since argued that the existence of such a right is highly unclear without judicial tests and is limited at best.
1704
- To be able to demonstrate compliance with the GDPR, the data controller should implement measures, which meet the principles of data protection by design and data protection by default. Privacy by design and by default (Article 25) require data protection measures to be designed into the development of business processes for products and services. Such measures include pseudonymising personal data, by the controller, as soon as possible (Recital 78).
1705
- It is the responsibility and the liability of the data controller to implement effective measures and be able to demonstrate the compliance of processing activities even if the processing is carried out by a data processor on behalf of the controller (Recital 74).
1706
- Data Protection Impact Assessments (Article 35) have to be conducted when specific risks occur to the rights and freedoms of data subjects. Risk assessment and mitigation is required and prior approval of the national data protection authorities (DPAs) is required for high risks. Data protection officers (Articles 37–39) are required to ensure compliance within organisations.
1707
- They have to be appointed:')
1708
- .'<ul style="padding: 0px 25px; list-style: disc;">'
1709
- .'<li>for all public authorities, except for courts acting in their judicial capacity</li>'
1710
- .'<li>if the core activities of the controller or the processor are:</li>'
1711
- .'<ul style="padding: 0px 25px; list-style: disc;">'
1712
- .'<li>processing operations, which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale</li>'
1713
- .'<li>processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10;</li>'
1714
- .'</ul>'
1715
- .'</li>'
1716
- .'</ul>';
1717
-
1718
- if($print) echo $out; else return $out;
1719
- }
1720
-
1721
- function apbct_settings__get__long_description(){
1722
-
1723
- global $apbct;
1724
-
1725
- check_ajax_referer('ct_secret_nonce' );
1726
-
1727
- $setting_id = $_POST['setting_id'] ? $_POST['setting_id'] : '';
1728
-
1729
- $descriptions = array(
1730
- 'white_label' => array(
1731
- 'title' => __( 'XSS check', 'cleantalk-spam-protect'),
1732
- 'desc' => __( 'Cross-Site Scripting (XSS) — prevents malicious code to be executed/sent to any user. As a result malicious scripts can not get access to the cookie files, session tokens and any other confidential information browsers use and store. Such scripts can even overwrite content of HTML pages. CleanTalk WAF monitors for patterns of these parameters and block them.', 'cleantalk-spam-protect'),
1733
- ),
1734
- 'white_label__hoster_key' => array(
1735
- 'title' => __( 'SQL-injection check', 'cleantalk-spam-protect'),
1736
- 'desc' => __( 'SQL Injection — one of the most popular ways to hack websites and programs that work with databases. It is based on injection of a custom SQL code into database queries. It could transmit data through GET, POST requests or cookie files in an SQL code. If a website is vulnerable and execute such injections then it would allow attackers to apply changes to the website\'s MySQL database.', 'cleantalk-spam-protect'),
1737
- ),
1738
- 'white_label__plugin_name' => array(
1739
- 'title' => __( 'Check uploaded files', 'cleantalk-spam-protect'),
1740
- 'desc' => __( 'The option checks each uploaded file to a website for malicious code. If it\'s possible for visitors to upload files to a website, for instance a work resume, then attackers could abuse it and upload an infected file to execute it later and get access to your website.', 'cleantalk-spam-protect'),
1741
- ),
1742
- );
1743
-
1744
- die(json_encode($descriptions[$setting_id]));
1745
- }
1746
-
1747
- function apbct_settings__check_renew_banner() {
1748
- global $apbct;
1749
-
1750
- check_ajax_referer('ct_secret_nonce' );
1751
-
1752
- die(json_encode(array('close_renew_banner' => ($apbct->data['notice_trial'] == 0 && $apbct->data['notice_renew'] == 0) ? true : false)));
1753
  }
1
+ <?php
2
+
3
+ /**
4
+ * Admin action 'admin_menu' - Add the admin options page
5
+ */
6
+ function apbct_settings_add_page() {
7
+
8
+ global $apbct, $pagenow;
9
+
10
+ $parent_slug = is_network_admin() ? 'settings.php' : 'options-general.php';
11
+ $callback = is_network_admin() ? 'apbct_settings__display__network' : 'apbct_settings__display';
12
+
13
+ // Adding settings page
14
+ add_submenu_page(
15
+ $parent_slug,
16
+ $apbct->plugin_name.' '.__('settings'),
17
+ $apbct->plugin_name,
18
+ 'manage_options',
19
+ 'cleantalk',
20
+ $callback
21
+ );
22
+
23
+ if(!in_array($pagenow, array('options.php', 'options-general.php', 'settings.php', 'admin.php')))
24
+ return;
25
+
26
+ register_setting('cleantalk_settings', 'cleantalk_settings', 'apbct_settings__validate');
27
+
28
+ $fields = array();
29
+ $fields = apbct_settings__set_fileds($fields);
30
+ $fields = APBCT_WPMS && is_main_site() ? apbct_settings__set_fileds__network($fields) : $fields;
31
+ apbct_settings__add_groups_and_fields($fields);
32
+
33
+ }
34
+
35
+ function apbct_settings__set_fileds( $fields ){
36
+ global $apbct;
37
+
38
+ $fields = array(
39
+
40
+ 'main' => array(
41
+ 'title' => '',
42
+ 'default_params' => array(),
43
+ 'description' => '',
44
+ 'html_before' => '',
45
+ 'html_after' => '',
46
+ 'fields' => array(
47
+ 'action_buttons' => array(
48
+ 'callback' => 'apbct_settings__field__action_buttons',
49
+ ),
50
+ 'connection_reports' => array(
51
+ 'callback' => 'apbct_settings__field__statistics',
52
+ ),
53
+ 'api_key' => array(
54
+ 'display' => !$apbct->white_label || is_main_site(),
55
+ 'callback' => 'apbct_settings__field__apikey',
56
+ ),
57
+ ),
58
+ ),
59
+
60
+ 'state' => array(
61
+ 'title' => '',
62
+ 'default_params' => array(),
63
+ 'description' => '',
64
+ 'html_before' => '<hr style="width: 100%;">',
65
+ 'html_after' => '',
66
+ 'fields' => array(
67
+ 'state' => array(
68
+ 'callback' => 'apbct_settings__field__state',
69
+ ),
70
+ ),
71
+ ),
72
+
73
+ 'debug' => array(
74
+ 'title' => '',
75
+ 'default_params' => array(),
76
+ 'description' => '',
77
+ 'html_before' => '',
78
+ 'html_after' => '',
79
+ 'fields' => array(
80
+ 'state' => array(
81
+ 'callback' => 'apbct_settings__field__debug',
82
+ ),
83
+ ),
84
+ ),
85
+
86
+ // Different
87
+ 'different' => array(
88
+ 'title' => '',
89
+ 'default_params' => array(),
90
+ 'description' => '',
91
+ 'html_before' => '<hr>',
92
+ 'html_after' => '',
93
+ 'fields' => array(
94
+ 'spam_firewall' => array(
95
+ 'type' => 'checkbox',
96
+ 'title' => __('SpamFireWall', 'cleantalk-spam-protect'),
97
+ 'description' => __("This option allows to filter spam bots before they access website. Also reduces CPU usage on hosting server and accelerates pages load time.", 'cleantalk-spam-protect'),
98
+ 'childrens' => array('sfw__anti_flood', 'sfw__anti_crawler'),
99
+ ),
100
+ 'sfw__anti_flood' => array(
101
+ 'type' => 'checkbox',
102
+ 'title' => __('Anti-Flood', 'cleantalk-spam-protect'),
103
+ 'class' => 'apbct_settings-field_wrapper--sub',
104
+ 'parent' => 'spam_firewall',
105
+ 'childrens' => array('sfw__anti_flood__view_limit',),
106
+ 'description' => __('Shows SpamFireWall page for bot which are trying to scan your website. Look for the page limit setting below.', 'cleantalk-spam-protect'),
107
+ ),
108
+ 'sfw__anti_crawler' => array(
109
+ 'type' => 'checkbox',
110
+ 'title' => __('Anti-Crawler', 'cleantalk-spam-protect'),
111
+ 'class' => 'apbct_settings-field_wrapper--sub',
112
+ 'parent' => 'spam_firewall',
113
+ 'description' => __('Plugin shows SpamFireWall stop page for any bot, except allowed bots (Google, Yahoo and etc).', 'cleantalk-spam-protect'),
114
+ ),
115
+ ),
116
+ ),
117
+
118
+ // Forms protection
119
+ 'forms_protection' => array(
120
+ 'title' => __('Forms to protect', 'cleantalk-spam-protect'),
121
+ 'default_params' => array(),
122
+ 'description' => '',
123
+ 'html_before' => '<hr><br>'
124
+ .'<span id="ct_adv_showhide">'
125
+ .'<a href="#" class="apbct_color--gray" onclick="event.preventDefault(); apbct_show_hide_elem(\'apbct_settings__davanced_settings\');">'
126
+ .__('Advanced settings', 'cleantalk-spam-protect')
127
+ .'</a>'
128
+ .'</span>'
129
+ .'<div id="apbct_settings__davanced_settings" style="display: none;">',
130
+ 'html_after' => '',
131
+ 'fields' => array(
132
+ 'registrations_test' => array(
133
+ 'title' => __('Registration Forms', 'cleantalk-spam-protect'),
134
+ 'description' => __('WordPress, BuddyPress, bbPress, S2Member, WooCommerce.', 'cleantalk-spam-protect'),
135
+ ),
136
+ 'comments_test' => array(
137
+ 'title' => __('Comments form', 'cleantalk-spam-protect'),
138
+ 'description' => __('WordPress, JetPack, WooCommerce.', 'cleantalk-spam-protect'),
139
+ ),
140
+ 'contact_forms_test' => array(
141
+ 'title' => __('Contact forms', 'cleantalk-spam-protect'),
142
+ 'description' => __('Contact Form 7, Formidable forms, JetPack, Fast Secure Contact Form, WordPress Landing Pages, Gravity Forms.', 'cleantalk-spam-protect'),
143
+ ),
144
+ 'general_contact_forms_test' => array(
145
+ 'title' => __('Custom contact forms', 'cleantalk-spam-protect'),
146
+ 'description' => __('Anti spam test for any WordPress themes or contacts forms.', 'cleantalk-spam-protect'),
147
+ ),
148
+ 'search_test' => array(
149
+ 'title' => __('Test default Wordpress search form for spam', 'cleantalk-spam-protect'),
150
+ 'description' => __('Spam protection for Search form.', 'cleantalk-spam-protect')
151
+ . (!$apbct->white_label || is_main_site()
152
+ ? sprintf(__('Read more about %sspam protection for Search form%s on our blog. “noindex” tag will be placed in meta derictive on search page.', 'cleantalk-spam-protect'),
153
+ '<a href="https://blog.cleantalk.org/how-to-protect-website-search-from-spambots/" target="_blank">',
154
+ '</a>'
155
+ )
156
+ : ''
157
+ )
158
+ ),
159
+ 'check_external' => array(
160
+ 'title' => __('Protect external forms', 'cleantalk-spam-protect'),
161
+ 'description' => __('Turn this option on to protect forms on your WordPress that send data to third-part servers (like MailChimp).', 'cleantalk-spam-protect'),
162
+ 'childrens' => array('check_external__capture_buffer'),
163
+ ),
164
+ 'check_external__capture_buffer' => array(
165
+ 'title' => __('Capture buffer', 'cleantalk-spam-protect'),
166
+ 'description' => __('This setting gives you more sophisticated and strengthened protection for external forms. But it could break plugins which use a buffer like Ninja Forms.', 'cleantalk-spam-protect'),
167
+ 'class' => 'apbct_settings-field_wrapper--sub',
168
+ 'parent' => 'check_external',
169
+ ),
170
+ 'check_internal' => array(
171
+ 'title' => __('Protect internal forms', 'cleantalk-spam-protect'),
172
+ 'description' => __('This option will enable protection for custom (hand-made) AJAX forms with PHP scripts handlers on your WordPress.', 'cleantalk-spam-protect'),
173
+ ),
174
+ ),
175
+ ),
176
+
177
+ // Comments and Messages
178
+ 'wc' => array(
179
+ 'title' => __('WooCommerce', 'cleantalk-spam-protect'),
180
+ 'fields' => array(
181
+ 'wc_checkout_test' => array(
182
+ 'title' => __('WooCommerce checkout form', 'cleantalk-spam-protect'),
183
+ 'description' => __('Anti spam test for WooCommerce checkout form.', 'cleantalk-spam-protect'),
184
+ 'childrens' => array('wc_register_from_order')
185
+ ),
186
+ 'wc_register_from_order' => array(
187
+ 'title' => __('Spam test for registration during checkout', 'cleantalk-spam-protect'),
188
+ 'description' => __('Enable anti spam test for registration process which during woocommerce\'s checkout.', 'cleantalk-spam-protect'),
189
+ 'parent' => 'wc_checkout_test',
190
+ 'class' => 'apbct_settings-field_wrapper--sub',
191
+ 'reverse_trigger' => true
192
+ ),
193
+ ),
194
+ ),
195
+
196
+ // Comments and Messages
197
+ 'comments_and_messages' => array(
198
+ 'title' => __('Comments and Messages', 'cleantalk-spam-protect'),
199
+ 'fields' => array(
200
+ 'disable_comments__all' => array(
201
+ 'title' => __( 'Disable all comments', 'cleantalk-spam-protect'),
202
+ 'description' => __( 'Disabling comments for all types of content.', 'cleantalk-spam-protect'),
203
+ 'childrens' => array(
204
+ 'disable_comments__posts',
205
+ 'disable_comments__pages',
206
+ 'disable_comments__media',
207
+ ),
208
+ 'options' => array(
209
+ array( 'val' => 1, 'label' => __( 'On' ), 'childrens_enable' => 0, ),
210
+ array( 'val' => 0, 'label' => __( 'Off' ), 'childrens_enable' => 1, ),
211
+ ),
212
+ ),
213
+ 'disable_comments__posts' => array(
214
+ 'title' => __( 'Disable comments for all posts', 'cleantalk-spam-protect'),
215
+ 'class' => 'apbct_settings-field_wrapper--sub',
216
+ 'parent' => 'disable_comments__all',
217
+ 'reverse_trigger' => true,
218
+ ),
219
+ 'disable_comments__pages' => array(
220
+ 'title' => __( 'Disable comments for all pages', 'cleantalk-spam-protect'),
221
+ 'class' => 'apbct_settings-field_wrapper--sub',
222
+ 'parent' => 'disable_comments__all',
223
+ 'reverse_trigger' => true,
224
+ ),
225
+ 'disable_comments__media' => array(
226
+ 'title' => __( 'Disable comments for all media', 'cleantalk-spam-protect'),
227
+ 'class' => 'apbct_settings-field_wrapper--sub',
228
+ 'parent' => 'disable_comments__all',
229
+ 'reverse_trigger' => true,
230
+ ),
231
+ 'bp_private_messages' => array(
232
+ 'title' => __('BuddyPress Private Messages', 'cleantalk-spam-protect'),
233
+ 'description' => __('Check buddyPress private messages.', 'cleantalk-spam-protect'),
234
+ ),
235
+ 'remove_old_spam' => array(
236
+ 'title' => __('Automatically delete spam comments', 'cleantalk-spam-protect'),
237
+ 'description' => sprintf(__('Delete spam comments older than %d days.', 'cleantalk-spam-protect'), $apbct->data['spam_store_days']),
238
+ ),
239
+ 'remove_comments_links' => array(
240
+ 'title' => __('Remove links from approved comments', 'cleantalk-spam-protect'),
241
+ 'description' => __('Remove links from approved comments. Replace it with "[Link deleted]"', 'cleantalk-spam-protect'),
242
+ ),
243
+ 'show_check_links' => array(
244
+ 'title' => __('Show links to check Emails, IPs for spam', 'cleantalk-spam-protect'),
245
+ 'description' => __('Shows little icon near IP addresses and Emails allowing you to check it via CleanTalk\'s database.', 'cleantalk-spam-protect'),
246
+ 'display' => !$apbct->white_label,
247
+ ),
248
+ 'manage_comments_on_public_page' => array(
249
+ 'title' => __('Manage comments on public pages', 'cleantalk-spam-protect'),
250
+ 'description' => __('Allows administrators to manage comments on public post\'s pages with small interactive menu.', 'cleantalk-spam-protect'),
251
+ 'display' => !$apbct->white_label,
252
+ ),
253
+ ),
254
+ ),
255
+
256
+ // Data Processing
257
+ 'data_processing' => array(
258
+ 'title' => __('Data Processing', 'cleantalk-spam-protect'),
259
+ 'fields' => array(
260
+ 'protect_logged_in' => array(
261
+ 'title' => __("Protect logged in Users", 'cleantalk-spam-protect'),
262
+ 'description' => __('Turn this option on to check for spam any submissions (comments, contact forms and etc.) from registered Users.', 'cleantalk-spam-protect'),
263
+ ),
264
+ 'check_comments_number' => array(
265
+ 'title' => __("Don't check trusted user's comments", 'cleantalk-spam-protect'),
266
+ 'description' => sprintf(__("Don't check comments for users with above %d comments.", 'cleantalk-spam-protect'), defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? CLEANTALK_CHECK_COMMENTS_NUMBER : 3),
267
+ ),
268
+ 'use_ajax' => array(
269
+ 'title' => __('Use AJAX for JavaScript check', 'cleantalk-spam-protect'),
270
+ 'description' => __('Options helps protect WordPress against spam with any caching plugins. Turn this option on to avoid issues with caching plugins. Turn off this option and SpamFireWall to be compatible with Accelerated mobile pages (AMP).', 'cleantalk-spam-protect'),
271
+ ),
272
+ 'use_static_js_key' => array(
273
+ 'title' => __('Use static keys for JS check.', 'cleantalk-spam-protect'),
274
+ 'description' => __('Could help if you have cache for AJAX requests and you are dealing with false positives. Slightly decreases protection quality. Auto - Static key will be used if caching plugin is spotted.', 'cleantalk-spam-protect'),
275
+ 'options' => array(
276
+ array('val' => 1, 'label' => __('On'), ),
277
+ array('val' => 0, 'label' => __('Off'), ),
278
+ array('val' => -1, 'label' => __('Auto'),),
279
+ ),
280
+ ),
281
+ 'general_postdata_test' => array(
282
+ 'title' => __('Check all post data', 'cleantalk-spam-protect'),
283
+ 'description' => __('Check all POST submissions from website visitors. Enable this option if you have spam misses on website.', 'cleantalk-spam-protect')
284
+ .(!$apbct->white_label
285
+ ? __(' Or you don`t have records about missed spam here:', 'cleantalk-spam-protect') . '&nbsp;' . '<a href="https://cleantalk.org/my/?user_token='.$apbct->user_token.'&utm_source=wp-backend&utm_medium=admin-bar&cp_mode=antispam" target="_blank">' . __('CleanTalk dashboard', 'cleantalk-spam-protect') . '</a>.'
286
+ : ''
287
+ )
288
+ .'<br />' . __('СAUTION! Option can catch POST requests in WordPress backend', 'cleantalk-spam-protect'),
289
+ ),
290
+ 'set_cookies' => array(
291
+ 'title' => __("Set cookies", 'cleantalk-spam-protect'),
292
+ 'description' => __('Turn this option off to deny plugin generates any cookies on website front-end. This option is helpful if you use Varnish. But most of contact forms will not be protected if the option is turned off! <b>Warning: We strongly recommend you to enable this otherwise it could cause false positives spam detection.</b>', 'cleantalk-spam-protect'),
293
+ 'childrens' => array('set_cookies__sessions'),
294
+ ),
295
+ 'set_cookies__sessions' => array(
296
+ 'title' => __('Use alternative mechanism for cookies', 'cleantalk-spam-protect'),
297
+ 'description' => __('Doesn\'t use cookie or PHP sessions. Collect data for all types of bots.', 'cleantalk-spam-protect'),
298
+ 'parent' => 'set_cookies',
299
+ 'class' => 'apbct_settings-field_wrapper--sub',
300
+ ),
301
+ 'ssl_on' => array(
302
+ 'title' => __("Use SSL", 'cleantalk-spam-protect'),
303
+ 'description' => __('Turn this option on to use encrypted (SSL) connection with servers.', 'cleantalk-spam-protect'),
304
+ ),
305
+ 'use_buitin_http_api' => array(
306
+ 'title' => __("Use Wordpress HTTP API", 'cleantalk-spam-protect'),
307
+ 'description' => __('Alternative way to connect the Cloud. Use this if you have connection problems.', 'cleantalk-spam-protect'),
308
+ ),
309
+ ),
310
+ ),
311
+
312
+ // Exclusions
313
+ 'exclusions' => array(
314
+ 'title' => __('Exclusions', 'cleantalk-spam-protect'),
315
+ 'fields' => array(
316
+ 'exclusions__urls' => array(
317
+ 'type' => 'textarea',
318
+ 'title' => __('URL exclusions', 'cleantalk-spam-protect'),
319
+ 'description' => __('You could type here URL you want to exclude. Use comma or new lines as separator.', 'cleantalk-spam-protect'),
320
+ ),
321
+ 'exclusions__urls__use_regexp' => array(
322
+ 'type' => 'checkbox',
323
+ 'title' => __('Use Regular Expression in URL Exclusions', 'cleantalk-spam-protect'),
324
+ ),
325
+ 'exclusions__fields' => array(
326
+ 'type' => 'text',
327
+ 'title' => __('Field name exclusions', 'cleantalk-spam-protect'),
328
+ 'description' => __('You could type here fields names you want to exclude. Use comma as separator.', 'cleantalk-spam-protect'),
329
+ ),
330
+ 'exclusions__fields__use_regexp' => array(
331
+ 'type' => 'checkbox',
332
+ 'title' => __('Use Regular Expression in Field Exclusions', 'cleantalk-spam-protect'),
333
+ ),
334
+ 'exclusions__roles' => array(
335
+ 'type' => 'select',
336
+ 'multiple' => true,
337
+ 'options_callback' => 'apbct_get_all_roles',
338
+ 'options_callback_params' => array(true),
339
+ 'description' => __('Roles which bypass spam test. Hold CTRL to select multiple roles.', 'cleantalk-spam-protect'),
340
+ ),
341
+ ),
342
+ ),
343
+
344
+ // Admin bar
345
+ 'admin_bar' => array(
346
+ 'title' => __('Admin bar', 'cleantalk-spam-protect'),
347
+ 'default_params' => array(),
348
+ 'description' => '',
349
+ 'html_before' => '',
350
+ 'html_after' => '',
351
+ 'fields' => array(
352
+ 'show_adminbar' => array(
353
+ 'title' => __('Show statistics in admin bar', 'cleantalk-spam-protect'),
354
+ 'description' => __('Show/hide icon in top level menu in WordPress backend. The number of submissions is being counted for past 24 hours.', 'cleantalk-spam-protect'),
355
+ 'childrens' => array('all_time_counter','daily_counter','sfw_counter'),
356
+ ),
357
+ 'all_time_counter' => array(
358
+ 'title' => __('Show All-time counter', 'cleantalk-spam-protect'),
359
+ 'description' => __('Display all-time requests counter in the admin bar. Counter displays number of requests since plugin installation.', 'cleantalk-spam-protect'),
360
+ 'parent' => 'show_adminbar',
361
+ 'class' => 'apbct_settings-field_wrapper--sub',
362
+ ),
363
+ 'daily_counter' => array(
364
+ 'title' => __('Show 24 hours counter', 'cleantalk-spam-protect'),
365
+ 'description' => __('Display daily requests counter in the admin bar. Counter displays number of requests of the past 24 hours.', 'cleantalk-spam-protect'),
366
+ 'parent' => 'show_adminbar',
367
+ 'class' => 'apbct_settings-field_wrapper--sub',
368
+ ),
369
+ 'sfw_counter' => array(
370
+ 'title' => __('SpamFireWall counter', 'cleantalk-spam-protect'),
371
+ 'description' => __('Display SpamFireWall requests in the admin bar. Counter displays number of requests since plugin installation.', 'cleantalk-spam-protect'),
372
+ 'parent' => 'show_adminbar',
373
+ 'class' => 'apbct_settings-field_wrapper--sub',
374
+ ),
375
+ ),
376
+ ),
377
+
378
+ // Misc
379
+ 'misc' => array(
380
+ 'html_after' => '</div><br>',
381
+ 'fields' => array(
382
+ 'collect_details' => array(
383
+ 'type' => 'checkbox',
384
+ 'title' => __('Collect details about browsers', 'cleantalk-spam-protect'),
385
+ 'description' => __("Checking this box you allow plugin store information about screen size and browser plugins of website visitors. The option in a beta state.", 'cleantalk-spam-protect'),
386
+ ),
387
+ 'send_connection_reports' => array(
388
+ 'type' => 'checkbox',
389
+ 'title' => __('Send connection reports', 'cleantalk-spam-protect'),
390
+ 'description' => __("Checking this box you allow plugin to send the information about your connection. The option in a beta state.", 'cleantalk-spam-protect'),
391
+ ),
392
+ 'async_js' => array(
393
+ 'type' => 'checkbox',
394
+ 'title' => __('Async JavaScript loading', 'cleantalk-spam-protect'),
395
+ 'description' => __('Use async loading for scripts. Warning: This could reduce filtration quality.', 'cleantalk-spam-protect'),
396
+ ),
397
+ 'gdpr_enabled' => array(
398
+ 'type' => 'checkbox',
399
+ 'title' => __('Allow to add GDPR notice via shortcode', 'cleantalk-spam-protect'),
400
+ 'description' => __(' Adds small checkbox under your website form. To add it you should use the shortcode on the form\'s page: [cleantalk_gdpr_form id="FORM_ID"]', 'cleantalk-spam-protect'),
401
+ 'childrens' => array('gdpr_text'),
402
+ ),
403
+ 'gdpr_text' => array(
404
+ 'type' => 'text',
405
+ 'title' => __('GDPR text notice', 'cleantalk-spam-protect'),
406
+ 'description' => __('This text will be added as a description to the GDPR checkbox.', 'cleantalk-spam-protect'),
407
+ 'parent' => 'gdpr_enabled',
408
+ 'class' => 'apbct_settings-field_wrapper--sub',
409
+ ),
410
+ 'store_urls' => array(
411
+ 'type' => 'checkbox',
412
+ 'title' => __('Store visited URLs', 'cleantalk-spam-protect'),
413
+ 'description' => __("Plugin stores last 10 visited URLs (HTTP REFFERERS) before visitor submits form on the site. You can see stored visited URLS for each visitor in your Dashboard. Turn the option on to improve Anti-Spam protection.", 'cleantalk-spam-protect'),
414
+ 'childrens' => array('store_urls__sessions'),
415
+ ),
416
+ 'store_urls__sessions' => array(
417
+ 'type' => 'checkbox',
418
+ 'title' => __('Use cookies less sessions', 'cleantalk-spam-protect'),
419
+ 'description' => __('Doesn\'t use cookie or PHP sessions. Collect data for all types of bots.', 'cleantalk-spam-protect'),
420
+ 'parent' => 'store_urls',
421
+ 'class' => 'apbct_settings-field_wrapper--sub',
422
+ ),
423
+ 'comment_notify' => array(
424
+ 'type' => 'checkbox',
425
+ 'title' => __('Notify users with selected roles about new approved comments. Hold CTRL to select multiple roles.', 'cleantalk-spam-protect'),
426
+ 'description' => sprintf(__("If enabled, overrides similar Wordpress %sdiscussion settings%s.", 'cleantalk-spam-protect'), '<a href="options-discussion.php">','</a>'),
427
+ 'childrens' => array('comment_notify__roles'),
428
+ ),
429
+ 'comment_notify__roles' => array(
430
+ 'type' => 'select',
431
+ 'multiple' => true,
432
+ 'parent' => 'comment_notify',
433
+ 'options_callback' => 'apbct_get_all_roles',
434
+ 'options_callback_params' => array(true),
435
+ 'class' => 'apbct_settings-field_wrapper--sub',
436
+ ),
437
+ 'sfw__anti_flood__view_limit' => array(
438
+ 'type' => 'text',
439
+ 'title' => __('Anti-Flood Page Views Limit', 'cleantalk-spam-protect'),
440
+ 'class' => 'apbct_settings-field_wrapper',
441
+ 'parent' => 'sfw__anti_flood',
442
+ 'description' => __('Count of page view per 1 minute before plugin shows SpamFireWall page. SpamFireWall page active for 30 second after that valid visitor (with JavaScript) passes the page to the demanded page of the site.', 'cleantalk-spam-protect'),
443
+ ),
444
+ 'dashboard_widget__show' => array(
445
+ 'type' => 'checkbox',
446
+ 'title' => __('Show Dashboard Widget', 'cleantalk-spam-protect'),
447
+ ),
448
+ 'complete_deactivation' => array(
449
+ 'type' => 'checkbox',
450
+ 'title' => __('Complete deactivation', 'cleantalk-spam-protect'),
451
+ 'description' => __('Leave no trace in the system after deactivation.', 'cleantalk-spam-protect'),
452
+ ),
453
+
454
+ ),
455
+ ),
456
+ );
457
+
458
+ return $fields;
459
+ }
460
+
461
+ function apbct_settings__set_fileds__network( $fields ){
462
+ global $apbct;
463
+ $additional_fields = array(
464
+ 'main' => array(
465
+ 'fields' => array(
466
+ 'white_label' => array(
467
+ 'type' => 'checkbox',
468
+ 'title' => __('Enable White Label Mode', 'cleantalk-spam-protect'),
469
+ 'description' => sprintf(__("Learn more information %shere%s.", 'cleantalk-spam-protect'), '<a target="_blank" href="https://cleantalk.org/ru/help/hosting-white-label">', '</a>'),
470
+ 'childrens' => array( 'white_label__hoster_key', 'white_label__plugin_name', 'allow_custom_key', ),
471
+ 'disabled' => defined('CLEANTALK_ACCESS_KEY'),
472
+ 'network' => true,
473
+ ),
474
+ 'white_label__hoster_key' => array(
475
+ 'title' => __('Hoster API Key', 'cleantalk-spam-protect'),
476
+ 'description' => sprintf(__("You can get it in %sCleantalk's Control Panel%s", 'cleantalk-spam-protect'), '<a target="_blank" href="https://cleantalk.org/my/profile">', '</a>'),
477
+ 'type' => 'text',
478
+ 'parent' => 'white_label',
479
+ 'class' => 'apbct_settings-field_wrapper--sub',
480
+ 'network' => true,
481
+ 'required' => true,
482
+ ),
483
+ 'white_label__plugin_name' => array(
484
+ 'title' => __('Plugin name', 'cleantalk-spam-protect'),
485
+ 'description' => sprintf(__("Specify plugin name. Leave empty for deafult %sAntispam by Cleantalk%s", 'cleantalk-spam-protect'), '<b>', '</b>'),
486
+ 'type' => 'text',
487
+ 'parent' => 'white_label',
488
+ 'class' => 'apbct_settings-field_wrapper--sub',
489
+ 'network' => true,
490
+ 'required' => true,
491
+ ),
492
+ 'allow_custom_key' => array(
493
+ 'type' => 'checkbox',
494
+ 'title' => __('Allow users to use other key', 'cleantalk-spam-protect'),
495
+ 'description' => __('Allow users to use different Access key in their plugin settings on child blogs. They could use different CleanTalk account.', 'cleantalk-spam-protect')
496
+ . (defined('CLEANTALK_ACCESS_KEY')
497
+ ? ' <span style="color: red">'
498
+ . __('Constant <b>CLEANTALK_ACCESS_KEY</b> is set. All websites will use API key from this constant. Look into wp-config.php', 'cleantalk-spam-protect')
499
+ . '<br>'
500
+ . __('You are not able to use white label mode while <b>CLEANTALK_ACCESS_KEY</b> is defined.', 'cleantalk-spam-protect')
501
+ . '</span>'
502
+ : ''
503
+ ),
504
+ 'display' => APBCT_WPMS && is_main_site(),
505
+ 'disabled' => $apbct->network_settings['white_label'],
506
+ 'network' => true,
507
+ ),
508
+ 'allow_custom_settings' => array(
509
+ 'type' => 'checkbox',
510
+ 'title' => __('Allow users to manage plugin settings', 'cleantalk-spam-protect'),
511
+ 'description' => __('Allow to change settings on child sites.', 'cleantalk-spam-protect'),
512
+ 'display' => APBCT_WPMS && is_main_site(),
513
+ 'network' => true,
514
+ ),
515
+ 'use_settings_template' => array(
516
+ 'type' => 'checkbox',
517
+ 'title' => __('Use settings template', 'cleantalk-spam-protect'),
518
+ 'description' => __("Use the current settings template for child sites.", 'cleantalk-spam-protect'),
519
+ 'childrens' => array( 'use_settings_template_apply_for_new', 'use_settings_template_apply_for_current'),
520
+ 'network' => true,
521
+ ),
522
+ 'use_settings_template_apply_for_new' => array(
523
+ 'type' => 'checkbox',
524
+ 'title' => __('Apply for newly added sites.', 'cleantalk-spam-protect'),
525
+ 'description' => __("The newly added site will have the same preset settings template.", 'cleantalk-spam-protect'),
526
+ 'parent' => 'use_settings_template',
527
+ 'class' => 'apbct_settings-field_wrapper--sub',
528
+ 'network' => true,
529
+ ),
530
+ 'use_settings_template_apply_for_current' => array(
531
+ 'type' => 'checkbox',
532
+ 'title' => __('Apply for current sites.', 'cleantalk-spam-protect'),
533
+ 'description' => __("Apply current settings template for selected sites.", 'cleantalk-spam-protect'),
534
+ 'parent' => 'use_settings_template',
535
+ 'childrens' => array( 'use_settings_template_apply_for_current_list_sites'),
536
+ 'class' => 'apbct_settings-field_wrapper--sub',
537
+ 'network' => true,
538
+ ),
539
+ 'use_settings_template_apply_for_current_list_sites' => array(
540
+ 'type' => 'select',
541
+ 'multiple' => true,
542
+ 'options_callback' => 'apbct_get_all_child_domains',
543
+ 'options_callback_params' => array(true),
544
+ 'class' => 'apbct_settings-field_wrapper--sub',
545
+ 'parent' => 'use_settings_template_apply_for_current',
546
+ 'description' => __('Sites to apply settings. Hold CTRL to select multiple sites.', 'cleantalk-spam-protect'),
547
+ 'network' => true,
548
+ ),
549
+ )
550
+ )
551
+ );
552
+
553
+ $fields = array_merge_recursive($fields, $additional_fields);
554
+
555
+ return $fields;
556
+
557
+ }
558
+
559
+ function apbct_settings__add_groups_and_fields( $fields ){
560
+
561
+ global $apbct;
562
+
563
+ $apbct->settings_fields_in_groups = $fields;
564
+
565
+ $field_default_params = array(
566
+ 'callback' => 'apbct_settings__field__draw',
567
+ 'type' => 'radio',
568
+ 'options' => array(
569
+ array('val' => 1, 'label' => __('On', 'cleantalk-spam-protect'), 'childrens_enable' => 1, ),
570
+ array('val' => 0, 'label' => __('Off', 'cleantalk-spam-protect'), 'childrens_enable' => 0, ),
571
+ ),
572
+ 'def_class' => 'apbct_settings-field_wrapper',
573
+ 'class' => '',
574
+ 'parent' => '',
575
+ 'childrens' => array(),
576
+ 'hide' => array(),
577
+ // 'title' => 'Default title',
578
+ // 'description' => 'Default description',
579
+ 'display' => true, // Draw settings or not
580
+ 'reverse_trigger' => false, // How to allow child settings. Childrens are opened when the parent triggered "ON". This is overrides by this option
581
+ 'multiple' => false,
582
+ 'description' => '',
583
+ 'network' => false,
584
+ 'disabled' => false,
585
+ 'required' => false,
586
+ );
587
+
588
+ foreach($apbct->settings_fields_in_groups as $group_name => $group){
589
+
590
+ add_settings_section('apbct_section__'.$group_name, '', 'apbct_section__'.$group_name, 'cleantalk-spam-protect');
591
+
592
+ foreach($group['fields'] as $field_name => $field){
593
+
594
+ // Normalize $field['options'] from callback function to this type array( array( 'val' => 1, 'label' => __('On'), ), )
595
+ if(!empty($field['options_callback'])){
596
+ $options = call_user_func_array($field['options_callback'], !empty($field['options_callback_params']) ? $field['options_callback_params'] : array());
597
+ foreach ($options as &$option){
598
+ $option = array('val' => $option, 'label' => $option);
599
+ } unset($option);
600
+ $field['options'] = $options;
601
+ }
602
+
603
+ $params = !empty($group['default_params'])
604
+ ? array_merge($group['default_params'], $field)
605
+ : array_merge($field_default_params, $field);
606
+
607
+ $params['name'] = $field_name;
608
+
609
+ if(!$params['display'])
610
+ continue;
611
+
612
+ add_settings_field(
613
+ 'apbct_field__'.$field_name,
614
+ '',
615
+ $params['callback'],
616
+ 'cleantalk',
617
+ 'apbct_section__'.$group_name,
618
+ $params
619
+ );
620
+
621
+ }
622
+ }
623
+ }
624
+
625
+ /**
626
+ * Admin callback function - Displays plugin options page
627
+ */
628
+ function apbct_settings__display() {
629
+
630
+ global $apbct;
631
+
632
+ // Title
633
+ echo '<h2 class="apbct_settings-title">'.__($apbct->plugin_name, 'cleantalk-spam-protect').'</h2>';
634
+
635
+ // Subtitle for IP license
636
+ if($apbct->moderate_ip)
637
+ echo '<h4 class="apbct_settings-subtitle apbct_color--gray">'. __('Hosting AntiSpam', 'cleantalk-spam-protect').'</h4>';
638
+
639
+ echo '<form action="options.php" method="post">';
640
+
641
+ apbct_settings__error__output();
642
+
643
+ // Top info
644
+ if(!$apbct->white_label){
645
+ echo '<div style="float: right; padding: 15px 15px 5px 15px; font-size: 13px; position: relative; background: #f1f1f1;">';
646
+
647
+ echo __('CleanTalk\'s tech support:', 'cleantalk-spam-protect')
648
+ .'&nbsp;'
649
+ .'<a target="_blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">Wordpress.org</a>.'
650
+ // .' <a href="https://community.cleantalk.org/viewforum.php?f=25" target="_blank">'.__("Tech forum", 'cleantalk-spam-protect').'</a>'
651
+ // .($user_token ? ", <a href='https://cleantalk.org/my/support?user_token=$user_token&cp_mode=antispam' target='_blank'>".__("Service support ", 'cleantalk-spam-protect').'</a>' : '').
652
+ .'<br>';
653
+ echo __('Plugin Homepage at', 'cleantalk-spam-protect').' <a href="https://cleantalk.org" target="_blank">cleantalk.org</a>.<br/>';
654
+ echo '<span id="apbct_gdpr_open_modal" style="text-decoration: underline;">'.__('GDPR compliance', 'cleantalk-spam-protect').'</span><br/>';
655
+ echo __('Use s@cleantalk.org to test plugin in any WordPress form.', 'cleantalk-spam-protect').'<br>';
656
+ echo __('CleanTalk is registered Trademark. All rights reserved.', 'cleantalk-spam-protect').'<br/>';
657
+ if($apbct->key_is_ok)
658
+ echo '<b style="display: inline-block; margin-top: 10px;">'.sprintf(__('Do you like CleanTalk? %sPost your feedback here%s.', 'cleantalk-spam-protect'), '<a href="https://wordpress.org/support/plugin/cleantalk-spam-protect/reviews/#new-post" target="_blank">', '</a>').'</b><br />';
659
+ apbct_admin__badge__get_premium();
660
+ echo '<div id="gdpr_dialog" style="display: none; padding: 7px;">';
661
+ apbct_settings_show_gdpr_text('print');
662
+ echo '</div>';
663
+ echo '</div>';
664
+ }
665
+
666
+ // Output spam count
667
+ if($apbct->key_is_ok && apbct_api_key__is_correct()){
668
+ if( $apbct->spam_count > 0 ){
669
+ echo '<div class="apbct_settings-subtitle" style="top: 0; margin-bottom: 10px; width: 200px;">'
670
+ . '<br>'
671
+ . '<span>'
672
+ . sprintf(
673
+ __( '%s has blocked <b>%s</b> spam.', 'cleantalk-spam-protect' ),
674
+ $apbct->plugin_name,
675
+ number_format( $apbct->spam_count, 0, ',', ' ' )
676
+ )
677
+ . '</span>'
678
+ . '<br>'
679
+ . '<br>'
680
+ . '</div>';
681
+ }
682
+ }
683
+
684
+
685
+ // Output spam count
686
+ if($apbct->key_is_ok && apbct_api_key__is_correct()){
687
+ if(!$apbct->white_label){
688
+
689
+ // CP button
690
+ echo '<a class="cleantalk_link cleantalk_link-manual" target="__blank" href="https://cleantalk.org/my?user_token='.$apbct->user_token.'&cp_mode=antispam">'
691
+ .__('Click here to get anti-spam statistics', 'cleantalk-spam-protect')
692
+ .'</a>';
693
+ echo '&nbsp;&nbsp;';
694
+
695
+ }
696
+ }
697
+
698
+ if( apbct_api_key__is_correct() && ! $apbct->white_label ){
699
+ // Sync button
700
+ echo '<button type="button" class="cleantalk_link cleantalk_link-auto" id="apbct_button__sync" title="Synchronizing account status, SpamFireWall database, all kind of journals.">'
701
+ . '<i class="icon-upload-cloud"></i>&nbsp;&nbsp;'
702
+ . __( 'Synchronize with Cloud', 'security-malware-firewall' )
703
+ . '<img style="margin-left: 10px;" class="apbct_preloader_button" src="' . APBCT_URL_PATH . '/inc/images/preloader2.gif" />'
704
+ . '<img style="margin-left: 10px;" class="apbct_success --hide" src="' . APBCT_URL_PATH . '/inc/images/yes.png" />'
705
+ . '</button>';
706
+ echo '&nbsp;&nbsp;';
707
+ }
708
+
709
+ // Output spam count
710
+ if($apbct->key_is_ok && apbct_api_key__is_correct()){
711
+ if(!$apbct->white_label){
712
+
713
+ // Support button
714
+ echo '<a class="cleantalk_link cleantalk_link-auto" target="__blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">'.__('Support', 'cleantalk-spam-protect').'</a>';
715
+ echo '&nbsp;&nbsp;';
716
+ echo '<br>'
717
+ . '<br>';
718
+ }
719
+ }
720
+
721
+ settings_fields('cleantalk_settings');
722
+ do_settings_fields('cleantalk', 'cleantalk_section_settings_main');
723
+
724
+ foreach($apbct->settings_fields_in_groups as $group_name => $group){
725
+
726
+ echo !empty($group['html_before']) ? $group['html_before'] : '';
727
+ echo !empty($group['title']) ? '<h3 style="margin-left: 220px;">'.$group['title'].'</h3>' : '';
728
+
729
+ do_settings_fields('cleantalk', 'apbct_section__'.$group_name);
730
+
731
+ echo !empty($group['html_after']) ? $group['html_after'] : '';
732
+
733
+ }
734
+
735
+ echo '<br>';
736
+ echo '<button name="submit" class="cleantalk_link cleantalk_link-manual" value="save_changes">'.__('Save Changes').'</button>';
737
+
738
+ echo "</form>";
739
+
740
+ if(!$apbct->white_label){
741
+ // Translate banner for non EN locale
742
+ if(substr(get_locale(), 0, 2) != 'en'){
743
+ global $ct_translate_banner_template;
744
+ require_once(CLEANTALK_PLUGIN_DIR.'templates/translate_banner.php');
745
+ printf($ct_translate_banner_template, substr(get_locale(), 0, 2));
746
+ }
747
+ }
748
+ }
749
+
750
+ function apbct_settings__display__network(){
751
+ // If it's network admin dashboard
752
+ if(is_network_admin()){
753
+ $site_url = get_site_option('siteurl');
754
+ $site_url = preg_match( '/\/$/', $site_url ) ? $site_url : $site_url . '/';
755
+ $link = $site_url . 'wp-admin/options-general.php?page=cleantalk';
756
+ printf("<h2>" . __("Please, enter the %splugin settings%s in main site dashboard.", 'cleantalk-spam-protect') . "</h2>", "<a href='$link'>", "</a>");
757
+ return;
758
+ }
759
+ }
760
+
761
+ function apbct_settings__error__output($return = false){
762
+
763
+ global $apbct;
764
+
765
+ // If have error message output error block.
766
+
767
+ $out = '';
768
+
769
+ if(!empty($apbct->errors) && !defined('CLEANTALK_ACCESS_KEY')){
770
+
771
+ $errors = $apbct->errors;
772
+
773
+ $error_texts = array(
774
+ // Misc
775
+ 'key_invalid' => __('Error occurred while API key validating. Error: ', 'cleantalk-spam-protect'),
776
+ 'key_get' => __('Error occurred while automatically gettings access key. Error: ', 'cleantalk-spam-protect'),
777
+ 'sfw_send_logs' => __('Error occurred while sending SpamFireWall logs. Error: ', 'cleantalk-spam-protect'),
778
+ 'sfw_update' => __('Error occurred while updating SpamFireWall local base. Error: ' , 'cleantalk-spam-protect'),
779
+ 'account_check' => __('Error occurred while checking account status. Error: ', 'cleantalk-spam-protect'),
780
+ 'api' => __('Error occurred while excuting API call. Error: ', 'cleantalk-spam-protect'),
781
+
782
+ // Validating settings
783
+ 'settings_validate' => 'Validate Settings',
784
+ 'exclusions_urls' => 'URL Exclusions',
785
+ 'exclusions_fields' => 'Field Exclusions',
786
+
787
+ // Unknown
788
+ 'unknown' => __('Unknown error. Error: ', 'cleantalk-spam-protect'),
789
+ );
790
+
791
+ $errors_out = array();
792
+
793
+ foreach($errors as $type => $error){
794
+
795
+ if(!empty($error)){
796
+
797
+ if(is_array(current($error))){
798
+
799
+ foreach($error as $sub_type => $sub_error){
800
+ $errors_out[$sub_type] = '';
801
+ if(isset($sub_error['error_time']))
802
+ $errors_out[$sub_type] .= date('Y-m-d H:i:s', $sub_error['error_time']) . ': ';
803
+ $errors_out[$sub_type] .= (isset($error_texts[$type]) ? $error_texts[$type] : ucfirst($type)) . ': ';
804
+ $errors_out[$sub_type] .= (isset($error_texts[$sub_type]) ? $error_texts[$sub_type] : $error_texts['unknown']) . ' ' . $sub_error['error'];
805
+ }
806
+ continue;
807
+ }
808
+
809
+ $errors_out[$type] = '';
810
+ if(isset($error['error_time']))
811
+ $errors_out[$type] .= date('Y-m-d H:i:s', $error['error_time']) . ': ';
812
+ $errors_out[$type] .= (isset($error_texts[$type]) ? $error_texts[$type] : $error_texts['unknown']) . ' ' . (isset($error['error']) ? $error['error'] : '');
813
+
814
+ }
815
+ }
816
+
817
+ if(!empty($errors_out)){
818
+ $out .= '<div id="apbctTopWarning" class="error" style="position: relative;">'
819
+ .'<h3 style="display: inline-block;">'.__('Errors:', 'cleantalk-spam-protect').'</h3>';
820
+ foreach($errors_out as $value){
821
+ $out .= '<h4>'.$value.'</h4>';
822
+ }
823
+ $out .= !$apbct->white_label
824
+ ? '<h4 style="text-align: unset;">'.sprintf(__('You can get support any time here: %s.', 'cleantalk-spam-protect'), '<a target="blank" href="https://wordpress.org/support/plugin/cleantalk-spam-protect">https://wordpress.org/support/plugin/cleantalk-spam-protect</a>').'</h4>'
825
+ : '';
826
+ $out .= '</div>';
827
+ }
828
+ }
829
+
830
+ if($return) return $out; else echo $out;
831
+ }
832
+
833
+ function apbct_settings__field__debug(){
834
+
835
+ global $apbct;
836
+
837
+ if($apbct->debug){
838
+
839
+ echo '<hr /><h2>Debug:</h2>';
840
+ echo '<h4>Constants:</h4>';
841
+ echo 'CLEANTALK_AJAX_USE_BUFFER '. (defined('CLEANTALK_AJAX_USE_BUFFER') ? (CLEANTALK_AJAX_USE_BUFFER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
842
+ echo 'CLEANTALK_AJAX_USE_FOOTER_HEADER '. (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? (CLEANTALK_AJAX_USE_FOOTER_HEADER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
843
+ echo 'CLEANTALK_ACCESS_KEY '. (defined('CLEANTALK_ACCESS_KEY') ? (CLEANTALK_ACCESS_KEY ? CLEANTALK_ACCESS_KEY : 'flase') : 'NOT_DEFINED')."<br>";
844
+ echo 'CLEANTALK_CHECK_COMMENTS_NUMBER '. (defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? (CLEANTALK_CHECK_COMMENTS_NUMBER ? CLEANTALK_CHECK_COMMENTS_NUMBER : 0) : 'NOT_DEFINED')."<br>";
845
+ echo 'CLEANTALK_CHECK_MESSAGES_NUMBER '. (defined('CLEANTALK_CHECK_MESSAGES_NUMBER') ? (CLEANTALK_CHECK_MESSAGES_NUMBER ? CLEANTALK_CHECK_MESSAGES_NUMBER : 0) : 'NOT_DEFINED')."<br>";
846
+ echo 'CLEANTALK_PLUGIN_DIR '. (defined('CLEANTALK_PLUGIN_DIR') ? (CLEANTALK_PLUGIN_DIR ? CLEANTALK_PLUGIN_DIR : 'flase') : 'NOT_DEFINED')."<br>";
847
+ echo 'WP_ALLOW_MULTISITE '. (defined('WP_ALLOW_MULTISITE') ? (WP_ALLOW_MULTISITE ? 'true' : 'flase') : 'NOT_DEFINED');
848
+
849
+ echo "<h4>Debug log: <button type='submit' value='debug_drop' name='submit' style='font-size: 11px; padding: 1px;'>Drop debug data</button></h4>";
850
+ echo "<div style='height: 500px; width: 80%; overflow: auto;'>";
851
+
852
+ $output = print_r($apbct->debug, true);
853
+ $output = str_replace("\n", "<br>", $output);
854
+ $output = preg_replace("/[^\S]{4}/", "&nbsp;&nbsp;&nbsp;&nbsp;", $output);
855
+ echo "$output";
856
+
857
+ echo "</div>";
858
+
859
+ }
860
+ }
861
+
862
+ function apbct_settings__field__state(){
863
+
864
+ global $apbct;
865
+
866
+ $path_to_img = plugin_dir_url(__FILE__) . "images/";
867
+
868
+ $img = $path_to_img."yes.png";
869
+ $img_no = $path_to_img."no.png";
870
+ $img_no_gray = $path_to_img."no_gray.png";
871
+ $preloader = $path_to_img."preloader.gif";
872
+ $color="black";
873
+
874
+ if( ! $apbct->key_is_ok ){
875
+ $img=$path_to_img."no.png";
876
+ $img_no=$path_to_img."no.png";
877
+ $color="black";
878
+ }
879
+
880
+ if(!apbct_api_key__is_correct($apbct->api_key)){
881
+ $img = $path_to_img."yes_gray.png";
882
+ $img_no = $path_to_img."no_gray.png";
883
+ $color="gray";
884
+ }
885
+
886
+ if($apbct->moderate_ip){
887
+ $img = $path_to_img."yes.png";
888
+ $img_no = $path_to_img."no.png";
889
+ $color="black";
890
+ }
891
+
892
+ if( $apbct->moderate == 0 ){
893
+ $img = $path_to_img."no.png";
894
+ $img_no = $path_to_img."no.png";
895
+ $color="black";
896
+ }
897
+
898
+ print '<div class="apbct_settings-field_wrapper" style="color:'.$color.'">';
899
+
900
+ print '<h2>'.__('Protection is active', 'cleantalk-spam-protect').'</h2>';
901
+
902
+ echo '<img class="apbct_status_icon" src="'.($apbct->settings['registrations_test'] == 1 ? $img : $img_no).'"/>'.__('Registration forms', 'cleantalk-spam-protect');
903
+ echo '<img class="apbct_status_icon" src="'.($apbct->settings['comments_test'] == 1 ? $img : $img_no).'"/>'.__('Comments forms', 'cleantalk-spam-protect');
904
+ echo '<img class="apbct_status_icon" src="'.($apbct->settings['contact_forms_test'] == 1 ? $img : $img_no).'"/>'.__('Contact forms', 'cleantalk-spam-protect');
905
+ echo '<img class="apbct_status_icon" src="'.($apbct->settings['general_contact_forms_test'] == 1 ? $img : $img_no).'"/>'.__('Custom contact forms', 'cleantalk-spam-protect');
906
+ if(!$apbct->white_label || is_main_site())
907
+ echo '<img class="apbct_status_icon" src="'.($apbct->data['moderate'] == 1 ? $img : $img_no).'"/>'
908
+ .'<a style="color: black" href="https://blog.cleantalk.org/real-time-email-address-existence-validation/">'.__('Validate email for existence', 'cleantalk-spam-protect').'</a>';
909
+ // Autoupdate status
910
+ if($apbct->notice_auto_update && (!$apbct->white_label || is_main_site())){
911
+ echo '<img class="apbct_status_icon" src="'.($apbct->auto_update == 1 ? $img : ($apbct->auto_update == -1 ? $img_no : $img_no_gray)).'"/>'.__('Auto update', 'cleantalk-spam-protect')
912
+ .' <sup><a href="https://cleantalk.org/help/cleantalk-auto-update" target="_blank">?</a></sup>';
913
+ }
914
+
915
+ // WooCommerce
916
+ if(class_exists('WooCommerce'))
917
+ echo '<img class="apbct_status_icon" src="'.($apbct->settings['wc_checkout_test'] == 1 ? $img : $img_no).'"/>'.__('WooCommerce checkout form', 'cleantalk-spam-protect');
918
+ if($apbct->moderate_ip)
919
+ print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$apbct->data['ip_license'].".<br />";
920
+
921
+ print "</div>";
922
+ }
923
+
924
+ /**
925
+ * Admin callback function - Displays inputs of 'apikey' plugin parameter
926
+ */
927
+ function apbct_settings__field__apikey(){
928
+
929
+ global $apbct;
930
+
931
+ echo '<div id="cleantalk_apikey_wrapper" class="apbct_settings-field_wrapper">';
932
+
933
+ // Using key from Main site, or from CLEANTALK_ACCESS_KEY constant
934
+ if(APBCT_WPMS && !is_main_site() && (!$apbct->allow_custom_key || defined('CLEANTALK_ACCESS_KEY'))){
935
+ _e('<h3>Key is provided by Super Admin.</h3>', 'cleantalk-spam-protect');
936
+ return;
937
+ }
938
+
939
+ echo '<label class="apbct_settings__label" for="cleantalk_apkey">' . __('Access key', 'cleantalk-spam-protect') . '</label>';
940
+
941
+ echo '<input
942
+ id="apbct_setting_apikey"
943
+ class="apbct_setting_text apbct_setting---apikey"
944
+ type="text"
945
+ name="cleantalk_settings[apikey]"
946
+ value="'
947
+ . ($apbct->key_is_ok
948
+ ? str_repeat('*', strlen($apbct->api_key))
949
+ : $apbct->api_key
950
+ )
951
+ . '"
952
+ key="' . $apbct->api_key . '"
953
+ size="20"
954
+ placeholder="' . __('Enter the key', 'cleantalk-spam-protect') . '"'
955
+ . ' />';
956
+
957
+ // Show account name associated with key
958
+ if(!empty($apbct->data['account_name_ob'])){
959
+ echo '<div class="apbct_display--none">'
960
+ . sprintf( __('Account at cleantalk.org is %s.', 'cleantalk-spam-protect'),
961
+ '<b>'.$apbct->data['account_name_ob'].'</b>'
962
+ )
963
+ . '</div>';
964
+ };
965
+
966
+ // Show key button
967
+ if((apbct_api_key__is_correct($apbct->api_key) && $apbct->key_is_ok)){
968
+ echo '<a id="apbct_showApiKey" class="ct_support_link" style="display: block" href="#">'
969
+ . __('Show the access key', 'cleantalk-spam-protect')
970
+ . '</a>';
971
+
972
+ // "Auto Get Key" buttons. License agreement
973
+ }else{
974
+
975
+ echo '<br /><br />';
976
+
977
+ // Auto get key
978
+ if(!$apbct->ip_license){
979
+ echo '<button class="cleantalk_link cleantalk_link-manual apbct_setting---get_key_auto" name="submit" type="submit" value="get_key_auto">'
980
+ .__('Get Access Key Automatically', 'cleantalk-spam-protect')
981
+ .'</button>';
982
+ echo '<input type="hidden" id="ct_admin_timezone" name="ct_admin_timezone" value="null" />';
983
+ echo '<br />';
984
+ echo '<br />';
985
+ }
986
+
987
+ // Warnings and GDPR
988
+ printf( __('Admin e-mail (%s) will be used for registration, if you want to use other email please %sGet Access Key Manually%s.', 'cleantalk-spam-protect'),
989
+ ct_get_admin_email(),
990
+ '<a class="apbct_color--gray" target="__blank" href="'
991
+ . sprintf( 'https://cleantalk.org/register?platform=wordpress&email=%s&website=%s',
992
+ urlencode(ct_get_admin_email()),
993
+ urlencode(parse_url(get_option('siteurl'),PHP_URL_HOST))
994
+ )
995
+ . '">',
996
+ '</a>'
997
+ );
998
+
999
+ // License agreement
1000
+ if(!$apbct->ip_license){
1001
+ echo '<div>';
1002
+ echo '<input checked type="checkbox" id="license_agreed" onclick="apbctSettingsDependencies(\'apbct_setting---get_key_auto\');"/>';
1003
+ echo '<label for="spbc_license_agreed">';
1004
+ printf( __('I accept %sLicense Agreement%s.', 'cleantalk-spam-protect'),
1005
+ '<a class = "apbct_color--gray" href="https://cleantalk.org/publicoffer" target="_blank">',
1006
+ '</a>'
1007
+ );
1008
+ echo "</label>";
1009
+ echo '</div>';
1010
+ }
1011
+ }
1012
+
1013
+ echo '</div>';
1014
+ }
1015
+
1016
+ function apbct_settings__field__action_buttons(){
1017
+
1018
+ global $apbct;
1019
+
1020
+ $links = apply_filters(
1021
+ 'apbct_settings_action_buttons',
1022
+ array(
1023
+ '<a href="edit-comments.php?page=ct_check_spam" class="ct_support_link">' . __('Check comments for spam', 'cleantalk-spam-protect') . '</a>',
1024
+ '<a href="users.php?page=ct_check_users" class="ct_support_link">' . __('Check users for spam', 'cleantalk-spam-protect') . '</a>',
1025
+ '<a href="#" class="ct_support_link" onclick="apbct_show_hide_elem(\'apbct_statistics\')">' . __('Statistics & Reports', 'cleantalk-spam-protect') . '</a>',
1026
+ )
1027
+ );
1028
+
1029
+ echo '<div class="apbct_settings-field_wrapper">';
1030
+
1031
+ if( apbct_api_key__is_correct($apbct->api_key) && $apbct->key_is_ok ){
1032
+ echo '<div>';
1033
+ foreach( $links as $link ) {
1034
+ echo $link . '&nbsp;&nbsp;&nbsp;&nbsp;';
1035
+ }
1036
+ echo '</div>';
1037
+ }
1038
+
1039
+ echo '</div>';
1040
+ }
1041
+
1042
+ function apbct_settings__field__statistics() {
1043
+
1044
+ global $apbct, $wpdb;
1045
+
1046
+ echo '<div id="apbct_statistics" class="apbct_settings-field_wrapper" style="display: none;">';
1047
+
1048
+ // Last request
1049
+ printf(
1050
+ __('Last spam check request to %s server was at %s.', 'cleantalk-spam-protect'),
1051
+ $apbct->stats['last_request']['server'] ? $apbct->stats['last_request']['server'] : __('unknown', 'cleantalk-spam-protect'),
1052
+ $apbct->stats['last_request']['time'] ? date('M d Y H:i:s', $apbct->stats['last_request']['time']) : __('unknown', 'cleantalk-spam-protect')
1053
+ );
1054
+ echo '<br>';
1055
+
1056
+ // Avarage time request
1057
+ printf(
1058
+ __('Average request time for past 7 days: %s seconds.', 'cleantalk-spam-protect'),
1059
+ $apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]['average_time']
1060
+ ? round($apbct->stats['requests'][min(array_keys($apbct->stats['requests']))]['average_time'], 3)
1061
+ : __('unknown', 'cleantalk-spam-protect')
1062
+ );
1063
+ echo '<br>';
1064
+
1065
+ // SFW last die
1066
+ printf(
1067
+ __('Last time SpamFireWall was triggered for %s IP at %s', 'cleantalk-spam-protect'),
1068
+ $apbct->stats['last_sfw_block']['ip'] ? $apbct->stats['last_sfw_block']['ip'] : __('unknown', 'cleantalk-spam-protect'),
1069
+ $apbct->stats['last_sfw_block']['time'] ? date('M d Y H:i:s', $apbct->stats['last_sfw_block']['time']) : __('unknown', 'cleantalk-spam-protect')
1070
+ );
1071
+ echo '<br>';
1072
+
1073
+ // SFW last update
1074
+ $sfw_netwoks_amount = $wpdb->get_results("SELECT count(*) AS cnt FROM `".$wpdb->prefix."cleantalk_sfw`", ARRAY_A);
1075
+ printf(
1076
+ __('SpamFireWall was updated %s. Now contains %s entries.', 'cleantalk-spam-protect'),
1077
+ $apbct->stats['sfw']['last_update_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_update_time']) : __('unknown', 'cleantalk-spam-protect'),
1078
+ isset($sfw_netwoks_amount[0]['cnt']) ? $sfw_netwoks_amount[0]['cnt'] : __('unknown', 'cleantalk-spam-protect')
1079
+ );
1080
+ echo '<br>';
1081
+
1082
+ // SFW last sent logs
1083
+ printf(
1084
+ __('SpamFireWall sent %s events at %s.', 'cleantalk-spam-protect'),
1085
+ $apbct->stats['sfw']['last_send_amount'] ? $apbct->stats['sfw']['last_send_amount'] : __('unknown', 'cleantalk-spam-protect'),
1086
+ $apbct->stats['sfw']['last_send_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_send_time']) : __('unknown', 'cleantalk-spam-protect')
1087
+ );
1088
+ echo '<br>';
1089
+
1090
+ // Connection reports
1091
+ if ($apbct->connection_reports){
1092
+
1093
+ if ($apbct->connection_reports['negative'] == 0){
1094
+ _e('There are no failed connections to server.', 'cleantalk-spam-protect');
1095
+ }else{
1096
+ echo "<table id='negative_reports_table''>
1097
+ <tr>
1098
+ <td>#</td>
1099
+ <td><b>Date</b></td>
1100
+ <td><b>Page URL</b></td>
1101
+ <td><b>Report</b></td>
1102
+ <td><b>Server IP</b></td>
1103
+ </tr>";
1104
+ foreach($apbct->connection_reports['negative_report'] as $key => $report){
1105
+ echo '<tr>'
1106
+ . '<td>'.($key+1).'.</td>'
1107
+ . '<td>'.$report['date'].'</td>'
1108
+ . '<td>'.$report['page_url'].'</td>'
1109
+ . '<td>'.$report['lib_report'].'</td>'
1110
+ . '<td>'.$report['work_url'].'</td>'
1111
+ . '</tr>';
1112
+ }
1113
+ echo "</table>";
1114
+ echo '<br/>';
1115
+ echo '<button'
1116
+ . ' name="submit"'
1117
+ . ' class="cleantalk_link cleantalk_link-manual"'
1118
+ . ' value="ct_send_connection_report"'
1119
+ . (!$apbct->settings['send_connection_reports'] ? ' disabled="disabled"' : '')
1120
+ . '>'
1121
+ .__('Send report', 'cleantalk-spam-protect')
1122
+ .'</button>';
1123
+ if (!$apbct->settings['send_connection_reports']){
1124
+ echo '<br><br>';
1125
+ _e('Please, enable "Send connection reports" setting to be able to send reports', 'cleantalk-spam-protect');
1126
+ }
1127
+ }
1128
+
1129
+ }
1130
+
1131
+ echo '<br/>';
1132
+ echo 'Plugin version: ' . APBCT_VERSION;
1133
+
1134
+ echo '</div>';
1135
+ }
1136
+ function apbct_get_all_child_domains($except_main_site = false) {
1137
+ global $wpdb;
1138
+ $blogs = array();
1139
+ $wp_blogs = $wpdb->get_results('SELECT blog_id, site_id FROM '. $wpdb->blogs, OBJECT_K);
1140
+
1141
+ if ($except_main_site) {
1142
+ foreach ($wp_blogs as $blog) {
1143
+ if ($blog->blog_id != $blog->site_id)
1144
+ $blogs[] = get_blog_details( array( 'blog_id' => $blog->blog_id ) )->blogname;
1145
+ }
1146
+ }
1147
+ return $blogs;
1148
+ }
1149
+ /**
1150
+ * Get all current Wordpress roles, could except 'subscriber' role
1151
+ *
1152
+ * @param bool $except_subscriber
1153
+ *
1154
+ * @return array
1155
+ */
1156
+ function apbct_get_all_roles($except_subscriber = false) {
1157
+
1158
+ global $wp_roles;
1159
+
1160
+ $wp_roles = new WP_Roles();
1161
+ $roles = $wp_roles->get_names();
1162
+
1163
+ if($except_subscriber) {
1164
+ $key = array_search( 'Subscriber', $roles );
1165
+ if ( $key !== false ) {
1166
+ unset( $roles[ $key ] );
1167
+ }
1168
+ }
1169
+
1170
+ return $roles;
1171
+ }
1172
+
1173
+ function apbct_settings__field__draw($params = array()){
1174
+
1175
+ global $apbct;
1176
+
1177
+ $value = $params['network'] ? $apbct->network_settings[$params['name']] : $apbct->settings[$params['name']];
1178
+ $value_parent = $params['parent']
1179
+ ? ($params['network'] ? $apbct->network_settings[$params['parent']] : $apbct->settings[$params['parent']])
1180
+ : false;
1181
+
1182
+ // Is element is disabled
1183
+ $disabled = $params['parent'] && !$value_parent ? ' disabled="disabled"' : ''; // Strait
1184
+ $disabled = $params['parent'] && $params['reverse_trigger'] && !$value_parent ? ' disabled="disabled"' : $disabled; // Reverse logic
1185
+ $disabled = $params['disabled'] ? ' disabled="disabled"' : $disabled; // Direct disable from params
1186
+ $disabled = ! is_main_site() && $apbct->network_settings && ! $apbct->network_settings['allow_custom_settings'] ? ' disabled="disabled"' : $disabled; // Disabled by super admin on sub-sites
1187
+
1188
+ $childrens = $params['childrens'] ? 'apbct_setting---' . implode(",apbct_setting---",$params['childrens']) : '';
1189
+ $hide = $params['hide'] ? implode(",",$params['hide']) : '';
1190
+
1191
+ echo '<div class="'.$params['def_class'].(isset($params['class']) ? ' '.$params['class'] : '').'">';
1192
+
1193
+ switch($params['type']){
1194
+
1195
+ // Checkbox type
1196
+ case 'checkbox':
1197
+ echo '<input
1198
+ type="checkbox"
1199
+ name="cleantalk_settings['.$params['name'].']"
1200
+ id="apbct_setting_'.$params['name'].'"
1201
+ value="1" '
1202
+ ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1203
+ .($value == '1' ? ' checked' : '')
1204
+ .$disabled
1205
+ .($params['required'] ? ' required="required"' : '')
1206
+ .($params['childrens'] ? ' apbct_children="'. $childrens .'"' : '')
1207
+ .' onchange="'
1208
+ . ($params['childrens'] ? ' apbctSettingsDependencies(\''. $childrens .'\');' : '')
1209
+ . ($params['hide'] ? ' apbct_show_hide_elem(\''. $hide . '\');' : '')
1210
+ . '"'
1211
+ .' />'
1212
+ .'<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1213
+ .$params['title']
1214
+ .'</label>';
1215
+ echo isset($params['long_description'])
1216
+ ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1217
+ : '';
1218
+ echo '<div class="apbct_settings-field_description">'
1219
+ .$params['description']
1220
+ .'</div>';
1221
+ break;
1222
+
1223
+ // Radio type
1224
+ case 'radio':
1225
+
1226
+ // Title
1227
+ echo isset($params['title'])
1228
+ ? '<h4 class="apbct_settings-field_title apbct_settings-field_title--'.$params['type'].'">'.$params['title'].'</h4>'
1229
+ : '';
1230
+
1231
+ // Popup description
1232
+ echo isset($params['long_description'])
1233
+ ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1234
+ : '';
1235
+
1236
+ echo '<div class="apbct_settings-field_content apbct_settings-field_content--'.$params['type'].'">';
1237
+
1238
+ echo '<div class="apbct_switchers" style="direction: ltr">';
1239
+ foreach($params['options'] as $option){
1240
+ echo '<input'
1241
+ .' type="radio"'
1242
+ ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1243
+ ." id='apbct_setting_{$params['name']}__{$option['label']}'"
1244
+ .' name="cleantalk_settings['.$params['name'].']"'
1245
+ .' value="'.$option['val'].'"'
1246
+ . $disabled
1247
+ .($params['childrens']
1248
+ ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\', ' . $option['childrens_enable'] . ')"'
1249
+ : ''
1250
+ )
1251
+ .($value == $option['val'] ? ' checked' : '')
1252
+ .($params['required'] ? ' required="required"' : '')
1253
+ .' />';
1254
+ echo '<label for="apbct_setting_'.$params['name'].'__'.$option['label'].'"> ' . $option['label'] . '</label>';
1255
+ echo '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
1256
+ }
1257
+ echo '</div>';
1258
+
1259
+ echo isset($params['description'])
1260
+ ? '<div class="apbct_settings-field_description">'.$params['description'].'</div>'
1261
+ : '';
1262
+
1263
+ echo '</div>';
1264
+ break;
1265
+
1266
+ // Dropdown list type
1267
+ case 'select':
1268
+ echo isset($params['title'])
1269
+ ? '<h4 class="apbct_settings-field_title apbct_settings-field_title--'.$params['type'].'">'.$params['title'].'</h4>'
1270
+ : '';
1271
+ echo isset($params['long_description'])
1272
+ ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1273
+ : '';
1274
+ echo '<select'
1275
+ . ' id="apbct_setting_'.$params['name'].'"'
1276
+ . " class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1277
+ . ' name="cleantalk_settings['.$params['name'].']'.($params['multiple'] ? '[]"' : '"')
1278
+ . ($params['multiple'] ? ' size="'. count($params['options']). '""' : '')
1279
+ . ($params['multiple'] ? ' multiple="multiple"' : '')
1280
+ . $disabled
1281
+ . ($params['required'] ? ' required="required"' : '')
1282
+ . ' >';
1283
+
1284
+ foreach($params['options'] as $option){
1285
+ echo '<option'
1286
+ . ' value="' . $option['val'] . '"'
1287
+ . ($params['multiple']
1288
+ ? (!empty($value) && in_array($option['val'], $value) ? ' selected="selected"' : '')
1289
+ : ($value == $option['val'] ? 'selected="selected"' : '')
1290
+ )
1291
+ .'>'
1292
+ . $option['label']
1293
+ . '</option>';
1294
+ }
1295
+
1296
+ echo '</select>';
1297
+ echo isset($params['long_description'])
1298
+ ? '<i setting="'.$params['name'].'" class="apbct_settings-long_description---show icon-help-circled"></i>'
1299
+ : '';
1300
+ echo isset($params['description'])
1301
+ ? '<div class="apbct_settings-field_description">'.$params['description'].'</div>'
1302
+ : '';
1303
+
1304
+ break;
1305
+
1306
+ // Text type
1307
+ case 'text':
1308
+
1309
+ echo '<input
1310
+ type="text"
1311
+ id="apbct_setting_'.$params['name'].'"
1312
+ name="cleantalk_settings['.$params['name'].']"'
1313
+ ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1314
+ .' value="'. $value .'" '
1315
+ .$disabled
1316
+ .($params['required'] ? ' required="required"' : '')
1317
+ .($params['childrens'] ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\')"' : '')
1318
+ .' />'
1319
+ . '&nbsp;'
1320
+ .'<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1321
+ .$params['title']
1322
+ .'</label>';
1323
+ echo '<div class="apbct_settings-field_description">'
1324
+ .$params['description']
1325
+ .'</div>';
1326
+ break;
1327
+
1328
+ // Textarea type
1329
+ case 'textarea':
1330
+
1331
+ echo '<label for="apbct_setting_'.$params['name'].'" class="apbct_setting-field_title--'.$params['type'].'">'
1332
+ .$params['title']
1333
+ .'</label></br>';
1334
+ echo '<textarea
1335
+ id="apbct_setting_'.$params['name'].'"
1336
+ name="cleantalk_settings['.$params['name'].']"'
1337
+ ." class='apbct_setting_{$params['type']} apbct_setting---{$params['name']}'"
1338
+ .$disabled
1339
+ .($params['required'] ? ' required="required"' : '')
1340
+ .($params['childrens'] ? ' onchange="apbctSettingsDependencies(\'' . $childrens . '\')"' : '')
1341
+ .'>'. $value .'</textarea>'
1342
+ . '&nbsp;';
1343
+ echo '<div class="apbct_settings-field_description">'
1344
+ .$params['description']
1345
+ .'</div>';
1346
+ break;
1347
+
1348
+ }
1349
+
1350
+ echo '</div>';
1351
+ }
1352
+
1353
+ /**
1354
+ * Admin callback function - Plugin parameters validator
1355
+ *
1356
+ * @global \Cleantalk\ApbctWP\State $apbct
1357
+ * @param array $settings Array with passed settings
1358
+ * @return array Array with processed settings
1359
+ */
1360
+ function apbct_settings__validate($settings) {
1361
+
1362
+ global $apbct;
1363
+
1364
+ // If user is not allowed to manage settings. Get settings from the storage
1365
+ if( ! is_main_site() && ( ! $apbct->network_settings['allow_custom_settings'] ) ){
1366
+ foreach ($apbct->settings as $key => $setting){
1367
+ $settings[ $key ] = $setting;
1368
+ }
1369
+ }
1370
+
1371
+ // Set missing settings.
1372
+ foreach($apbct->def_settings as $setting => $value){
1373
+ if(!isset($settings[$setting])){
1374
+ $settings[$setting] = null;
1375
+ settype($settings[$setting], gettype($value));
1376
+ }
1377
+ } unset($setting, $value);
1378
+
1379
+ // Set missing settings.
1380
+ foreach($apbct->def_network_settings as $setting => $value){
1381
+ if(!isset($settings[$setting])){
1382
+ $settings[$setting] = null;
1383
+ settype($settings[$setting], gettype($value));
1384
+ }
1385
+ } unset($setting, $value);
1386
+
1387
+ //Sanitizing sfw__anti_flood__view_limit setting
1388
+ $settings['sfw__anti_flood__view_limit'] = floor( intval( $settings['sfw__anti_flood__view_limit'] ) );
1389
+ $settings['sfw__anti_flood__view_limit'] = ( $settings['sfw__anti_flood__view_limit'] == 0 ? 10 : $settings['sfw__anti_flood__view_limit'] ); // Default if 0 passed
1390
+ $settings['sfw__anti_flood__view_limit'] = ( $settings['sfw__anti_flood__view_limit'] < 5 ? 5 : $settings['sfw__anti_flood__view_limit'] ); //
1391
+
1392
+ // Auto getting key
1393
+ if (isset($_POST['submit']) && $_POST['submit'] == 'get_key_auto'){
1394
+
1395
+ $website = parse_url(get_option('siteurl'), PHP_URL_HOST).parse_url(get_option('siteurl'), PHP_URL_PATH);
1396
+ $platform = 'wordpress';
1397
+ $user_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'), false);
1398
+ $timezone = filter_input(INPUT_POST, 'ct_admin_timezone');
1399
+ $language = apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1400
+ $wpms = APBCT_WPMS && defined('SUBDOMAIN_INSTALL') && !SUBDOMAIN_INSTALL ? true : false;
1401
+ $white_label = $apbct->network_settings['white_label'] ? 1 : 0;
1402
+ $hoster_api_key = $apbct->network_settings['white_label__hoster_key'] ? $apbct->network_settings['white_label__hoster_key'] : '';
1403
+
1404
+ $result = \Cleantalk\ApbctWP\API::method__get_api_key(
1405
+ ! is_main_site() && $apbct->white_label ? 'anti-spam-hosting' : 'antispam',
1406
+ ct_get_admin_email(),
1407
+ $website,
1408
+ $platform,
1409
+ $timezone,
1410
+ $language,
1411
+ $user_ip,
1412
+ $wpms,
1413
+ $white_label,
1414
+ $hoster_api_key
1415
+ );
1416
+
1417
+ if(empty($result['error'])){
1418
+
1419
+ if(isset($result['user_token'])){
1420
+ $apbct->data['user_token'] = $result['user_token'];
1421
+ }
1422
+
1423
+ if(!empty($result['auth_key'])){
1424
+ $settings['apikey'] = $result['auth_key'];
1425
+ }
1426
+
1427
+ }else{
1428
+ $apbct->error_add(
1429
+ 'key_get',
1430
+ $result['error']
1431
+ . ($apbct->white_label
1432
+ ? ' <button name="submit" type="submit" class="cleantalk_link cleantalk_link-manual" value="get_key_auto">'
1433
+ : ''
1434
+ )
1435
+ );
1436
+ }
1437
+ }
1438
+
1439
+ // Validating API key
1440
+ $settings['apikey'] = strpos($settings['apikey'], '*') === false ? $settings['apikey'] : $apbct->settings['apikey'];
1441
+
1442
+ $apbct->data['key_changed'] = $settings['apikey'] !== $apbct->settings['apikey'];
1443
+
1444
+ $settings['apikey'] = !empty($settings['apikey']) ? trim($settings['apikey']) : '';
1445
+ $settings['apikey'] = defined( 'CLEANTALK_ACCESS_KEY') ? CLEANTALK_ACCESS_KEY : $settings['apikey'];
1446
+ $settings['apikey'] = ! is_main_site() && $apbct->white_label ? $apbct->settings['apikey'] : $settings['apikey'];
1447
+ $settings['apikey'] = is_main_site() || $apbct->allow_custom_key || $apbct->white_label ? $settings['apikey'] : $apbct->network_settings['apikey'];
1448
+ $settings['apikey'] = is_main_site() || !$settings['white_label'] ? $settings['apikey'] : $apbct->settings['apikey'];
1449
+
1450
+ // Sanitize setting values
1451
+ foreach ($settings as &$setting ){
1452
+ if( is_scalar( $setting ) )
1453
+ $setting = preg_replace( '/[<"\'>]/', '', trim( $setting ) ); // Make HTML code inactive
1454
+ }
1455
+
1456
+ // Validate Exclusions
1457
+ // URLs
1458
+ $result = apbct_settings__sanitize__exclusions($settings['exclusions__urls'], $settings['exclusions__urls__use_regexp']);
1459
+ $result === false
1460
+ ? $apbct->error_add( 'exclusions_urls', 'is not valid: "' . $settings['exclusions__urls'] . '"', 'settings_validate' )
1461
+ : $apbct->error_delete( 'exclusions_urls', true, 'settings_validate' );
1462
+ $settings['exclusions__urls'] = $result ? $result: '';
1463
+
1464
+ // Fields
1465
+ $result = apbct_settings__sanitize__exclusions($settings['exclusions__fields'], $settings['exclusions__fields__use_regexp']);
1466
+ $result === false
1467
+ ? $apbct->error_add( 'exclusions_fields', 'is not valid: "' . $settings['exclusions__fields'] . '"', 'settings_validate' )
1468
+ : $apbct->error_delete( 'exclusions_fields', true, 'settings_validate' );
1469
+ $settings['exclusions__fields'] = $result ? $result: '';
1470
+
1471
+ // WPMS Logic.
1472
+ if(APBCT_WPMS && is_main_site()){
1473
+ $network_settings = array(
1474
+ 'allow_custom_key' => $settings['allow_custom_key'],
1475
+ 'allow_custom_settings' => $settings['allow_custom_settings'],
1476
+ 'white_label' => $settings['white_label'],
1477
+ 'white_label__hoster_key' => $settings['white_label__hoster_key'],
1478
+ 'white_label__plugin_name' => $settings['white_label__plugin_name'],
1479
+ 'use_settings_template' => $settings['use_settings_template'],
1480
+ 'use_settings_template_apply_for_new' => $settings['use_settings_template_apply_for_new'],
1481
+ 'use_settings_template_apply_for_current' => $settings['use_settings_template_apply_for_current'],
1482
+ 'use_settings_template_apply_for_current_list_sites' => $settings['use_settings_template_apply_for_current_list_sites'],
1483
+ );
1484
+ unset( $settings['allow_custom_key'], $settings['white_label'], $settings['white_label__hoster_key'], $settings['white_label__plugin_name'] );
1485
+ }
1486
+
1487
+ // Drop debug data
1488
+ if (isset($_POST['submit']) && $_POST['submit'] == 'debug_drop'){
1489
+ $apbct->debug = false;
1490
+ delete_option('cleantalk_debug');
1491
+ return $settings;
1492
+ }
1493
+
1494
+ // Send connection reports
1495
+ if (isset($_POST['submit']) && $_POST['submit'] == 'ct_send_connection_report'){
1496
+ ct_mail_send_connection_report();
1497
+ return $settings;
1498
+ }
1499
+
1500
+ $apbct->saveData();
1501
+
1502
+ // WPMS Logic.
1503
+ if(APBCT_WPMS){
1504
+ if(is_main_site()){
1505
+
1506
+ // Network settings
1507
+ $network_settings['apikey'] = $settings['apikey'];
1508
+ $apbct->network_settings = $network_settings;
1509
+ $apbct->saveNetworkSettings();
1510
+
1511
+ // Network data
1512
+ $apbct->network_data = array(
1513
+ 'key_is_ok' => $apbct->data['key_is_ok'],
1514
+ 'moderate' => $apbct->data['moderate'],
1515
+ 'valid' => $apbct->data['valid'],
1516
+ 'auto_update' => $apbct->data['auto_update'],
1517
+ 'user_token' => $apbct->data['user_token'],
1518
+ 'service_id' => $apbct->data['service_id'],
1519
+ );
1520
+ $apbct->saveNetworkData();
1521
+ if (isset($settings['use_settings_template_apply_for_current_list_sites']) && !empty($settings['use_settings_template_apply_for_current_list_sites'])) {
1522
+ apbct_update_blogs_options($settings['use_settings_template_apply_for_current_list_sites'], $settings);
1523
+ }
1524
+ }
1525
+ if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1526
+ $settings['apikey'] = '';
1527
+ }
1528
+ }
1529
+
1530
+ return $settings;
1531
+ }
1532
+
1533
+ function apbct_settings__sync( $direct_call = false ){
1534
+
1535
+ if( ! $direct_call )
1536
+ check_ajax_referer('ct_secret_nonce' );
1537
+
1538
+ global $apbct;
1539
+
1540
+ // Feedback with app_agent
1541
+ ct_send_feedback('0:' . APBCT_AGENT); // 0 - request_id, agent version.
1542
+
1543
+ // Key is good by default
1544
+ $apbct->data['key_is_ok'] = true;
1545
+
1546
+ // Checking account status
1547
+ $result = ct_account_status_check( $apbct->settings['apikey'] );
1548
+
1549
+ // Is key valid?
1550
+ if( $result ){
1551
+
1552
+ // Deleting errors about invalid key
1553
+ $apbct->error_delete( 'key_invalid key_get', 'save' );
1554
+
1555
+ // SFW actions
1556
+ if( $apbct->settings['spam_firewall'] == 1 ){
1557
+
1558
+ $result = ct_sfw_update( $apbct->settings['apikey'] );
1559
+ if( ! empty( $result['error'] ) )
1560
+ $apbct->error_add( 'sfw_update', $result['error'] );
1561
+
1562
+ $result = ct_sfw_send_logs( $apbct->settings['apikey'] );
1563
+ if( ! empty( $result['error'] ) )
1564
+ $apbct->error_add( 'sfw_send_logs', $result['error'] );
1565
+
1566
+ }
1567
+
1568
+ // Updating brief data for dashboard widget
1569
+ $apbct->data['brief_data'] = \Cleantalk\ApbctWP\API::method__get_antispam_report_breif( $apbct->settings['apikey'] );
1570
+
1571
+ // Key is not valid
1572
+ }else{
1573
+ $apbct->data['key_is_ok'] = false;
1574
+ $apbct->error_add( 'key_invalid', __( 'Testing is failed. Please check the Access key.', 'cleantalk-spam-protect' ) );
1575
+ }
1576
+
1577
+ // WPMS Logic.
1578
+ if(APBCT_WPMS){
1579
+ if(is_main_site()){
1580
+
1581
+ // Network settings
1582
+ $network_settings['apikey'] = $apbct->settings['apikey'];
1583
+ $apbct->network_settings = $network_settings;
1584
+ $apbct->saveNetworkSettings();
1585
+
1586
+ // Network data
1587
+ $apbct->network_data = array(
1588
+ 'key_is_ok' => $apbct->data['key_is_ok'],
1589
+ 'moderate' => $apbct->data['moderate'],
1590
+ 'valid' => $apbct->data['valid'],
1591
+ 'auto_update' => $apbct->data['auto_update'],
1592
+ 'user_token' => $apbct->data['user_token'],
1593
+ 'service_id' => $apbct->data['service_id'],
1594
+ );
1595
+ $apbct->saveNetworkData();
1596
+ if (isset($settings['use_settings_template_apply_for_current_list_sites']) && !empty($settings['use_settings_template_apply_for_current_list_sites'])) {
1597
+ apbct_update_blogs_options($settings['use_settings_template_apply_for_current_list_sites'], $settings);
1598
+ }
1599
+ }
1600
+ if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1601
+ $settings['apikey'] = '';
1602
+ }
1603
+ }
1604
+
1605
+ if($apbct->data['key_is_ok'] == false && $apbct->data['moderate_ip'] == 0){
1606
+
1607
+ // Notices
1608
+ $apbct->data['notice_show'] = 1;
1609
+ $apbct->data['notice_renew'] = 0;
1610
+ $apbct->data['notice_trial'] = 0;
1611
+ $apbct->data['notice_review'] = 0;
1612
+ $apbct->data['notice_auto_update'] = 0;
1613
+
1614
+ // Other
1615
+ $apbct->data['service_id'] = 0;
1616
+ $apbct->data['valid'] = 0;
1617
+ $apbct->data['moderate'] = 0;
1618
+ $apbct->data['ip_license'] = 0;
1619
+ $apbct->data['moderate_ip'] = 0;
1620
+ $apbct->data['spam_count'] = 0;
1621
+ $apbct->data['auto_update'] = 0;
1622
+ $apbct->data['user_token'] = '';
1623
+ $apbct->data['license_trial'] = 0;
1624
+ $apbct->data['account_name_ob'] = '';
1625
+ }
1626
+
1627
+ $out = array(
1628
+ 'success' => true,
1629
+ 'reload' => $apbct->data['key_changed'],
1630
+ );
1631
+
1632
+ $apbct->data['key_changed'] = false;
1633
+
1634
+ $apbct->saveData();
1635
+
1636
+ die( json_encode( $out ) );
1637
+ }
1638
+
1639
+ function apbct_update_blogs_options ($blog_names = array(), $settings) {
1640
+ global $wpdb;
1641
+
1642
+ $wp_blogs = $wpdb->get_results('SELECT blog_id, site_id FROM '. $wpdb->blogs, OBJECT_K);
1643
+
1644
+ foreach ($wp_blogs as $blog) {
1645
+ $blog_name = get_blog_details( array( 'blog_id' => $blog->blog_id ) )->blogname;
1646
+ if (in_array($blog_name, $blog_names)) {
1647
+ update_blog_option ($blog->blog_id, 'cleantalk_settings', $settings);
1648
+ }
1649
+ }
1650
+ }
1651
+ /**
1652
+ * Sanitize and validate exclusions.
1653
+ * Explode given string by commas and trim each string.
1654
+ * Skip element if it's empty.
1655
+ *
1656
+ * Return false if exclusion is bad
1657
+ * Return sanitized string if all is ok
1658
+ *
1659
+ * @param string $exclusions
1660
+ * @param bool $regexp
1661
+ *
1662
+ * @return bool|string
1663
+ */
1664
+ function apbct_settings__sanitize__exclusions($exclusions, $regexp = false){
1665
+ $result = array();
1666
+ $type = 0;
1667
+ if( ! empty( $exclusions ) ){
1668
+ if( strpos( $exclusions, "\r\n" ) !== false ) {
1669
+ $exclusions = explode( "\r\n", $exclusions );
1670
+ $type = 2;
1671
+ } elseif( strpos( $exclusions, "\n" ) !== false ) {
1672
+ $exclusions = explode( "\n", $exclusions );
1673
+ $type = 1;
1674
+ } else {
1675
+ $exclusions = explode( ',', $exclusions );
1676
+ }
1677
+ foreach ( $exclusions as $exclusion ){
1678
+ $sanitized_exclusion = trim( $exclusion, " \t\n\r\0\x0B/\/" );
1679
+ if ( ! empty( $sanitized_exclusion ) ) {
1680
+ if( $regexp && ! apbct_is_regexp( $exclusion ) )
1681
+ return false;
1682
+ $result[] = $sanitized_exclusion;
1683
+ }
1684
+ }
1685
+ }
1686
+ switch ( $type ) {
1687
+ case 0 :
1688
+ default :
1689
+ return implode( ',', $result );
1690
+ break;
1691
+ case 1 :
1692
+ return implode( "\n", $result );
1693
+ break;
1694
+ case 2 :
1695
+ return implode( "\r\n", $result );
1696
+ break;
1697
+ }
1698
+ }
1699
+
1700
+ function apbct_settings_show_gdpr_text($print = false){
1701
+
1702
+ $out = wpautop('The notice requirements remain and are expanded. They must include the retention time for personal data, and contact information for data controller and data protection officer has to be provided.
1703
+ Automated individual decision-making, including profiling (Article 22) is contestable, similarly to the Data Protection Directive (Article 15). Citizens have rights to question and fight significant decisions that affect them that have been made on a solely-algorithmic basis. Many media outlets have commented on the introduction of a "right to explanation" of algorithmic decisions, but legal scholars have since argued that the existence of such a right is highly unclear without judicial tests and is limited at best.
1704
+ To be able to demonstrate compliance with the GDPR, the data controller should implement measures, which meet the principles of data protection by design and data protection by default. Privacy by design and by default (Article 25) require data protection measures to be designed into the development of business processes for products and services. Such measures include pseudonymising personal data, by the controller, as soon as possible (Recital 78).
1705
+ It is the responsibility and the liability of the data controller to implement effective measures and be able to demonstrate the compliance of processing activities even if the processing is carried out by a data processor on behalf of the controller (Recital 74).
1706
+ Data Protection Impact Assessments (Article 35) have to be conducted when specific risks occur to the rights and freedoms of data subjects. Risk assessment and mitigation is required and prior approval of the national data protection authorities (DPAs) is required for high risks. Data protection officers (Articles 37–39) are required to ensure compliance within organisations.
1707
+ They have to be appointed:')
1708
+ .'<ul style="padding: 0px 25px; list-style: disc;">'
1709
+ .'<li>for all public authorities, except for courts acting in their judicial capacity</li>'
1710
+ .'<li>if the core activities of the controller or the processor are:</li>'
1711
+ .'<ul style="padding: 0px 25px; list-style: disc;">'
1712
+ .'<li>processing operations, which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale</li>'
1713
+ .'<li>processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10;</li>'
1714
+ .'</ul>'
1715
+ .'</li>'
1716
+ .'</ul>';
1717
+
1718
+ if($print) echo $out; else return $out;
1719
+ }
1720
+
1721
+ function apbct_settings__get__long_description(){
1722
+
1723
+ global $apbct;
1724
+
1725
+ check_ajax_referer('ct_secret_nonce' );
1726
+
1727
+ $setting_id = $_POST['setting_id'] ? $_POST['setting_id'] : '';
1728
+
1729
+ $descriptions = array(
1730
+ 'white_label' => array(
1731
+ 'title' => __( 'XSS check', 'cleantalk-spam-protect'),
1732
+ 'desc' => __( 'Cross-Site Scripting (XSS) — prevents malicious code to be executed/sent to any user. As a result malicious scripts can not get access to the cookie files, session tokens and any other confidential information browsers use and store. Such scripts can even overwrite content of HTML pages. CleanTalk WAF monitors for patterns of these parameters and block them.', 'cleantalk-spam-protect'),
1733
+ ),
1734
+ 'white_label__hoster_key' => array(
1735
+ 'title' => __( 'SQL-injection check', 'cleantalk-spam-protect'),
1736
+ 'desc' => __( 'SQL Injection — one of the most popular ways to hack websites and programs that work with databases. It is based on injection of a custom SQL code into database queries. It could transmit data through GET, POST requests or cookie files in an SQL code. If a website is vulnerable and execute such injections then it would allow attackers to apply changes to the website\'s MySQL database.', 'cleantalk-spam-protect'),
1737
+ ),
1738
+ 'white_label__plugin_name' => array(
1739
+ 'title' => __( 'Check uploaded files', 'cleantalk-spam-protect'),
1740
+ 'desc' => __( 'The option checks each uploaded file to a website for malicious code. If it\'s possible for visitors to upload files to a website, for instance a work resume, then attackers could abuse it and upload an infected file to execute it later and get access to your website.', 'cleantalk-spam-protect'),
1741
+ ),
1742
+ );
1743
+
1744
+ die(json_encode($descriptions[$setting_id]));
1745
+ }
1746
+
1747
+ function apbct_settings__check_renew_banner() {
1748
+ global $apbct;
1749
+
1750
+ check_ajax_referer('ct_secret_nonce' );
1751
+
1752
+ die(json_encode(array('close_renew_banner' => ($apbct->data['notice_trial'] == 0 && $apbct->data['notice_renew'] == 0) ? true : false)));
1753
  }
js/cleantalk_external.min.js CHANGED
@@ -1,2 +1,2 @@
1
- function ct_protect_external(){for(var e,c,t,a,r,n,o,l,i=0;i<document.forms.length;i++){null==document.forms[i].cleantalk_hidden_action&&null==document.forms[i].cleantalk_hidden_method&&"string"==typeof document.forms[i].action&&(-1!==(e=document.forms[i].action).indexOf("activehosted.com")||-1!==e.indexOf("app.convertkit.com")||void 0!==document.forms[i].firstChild.classList&&document.forms[i].firstChild.classList.contains("cb-form-group")?(jQuery(document.forms[i]).before('<i class="cleantalk_placeholder" style="display: none;"></i>'),c=jQuery(document.forms[i]).prev(),t=document.forms[i].outerHTML,a=jQuery(document.forms[i]).detach(),r=i,c.after(t),(n=document.createElement("input")).name="action",n.value="cleantalk_force_ajax_check",n.type="hidden",document.forms[i].appendChild(n),document.forms[i].onsubmit=function(e){e.preventDefault();var t={};t[0]=apbct_collect_visible_fields(this),apbct_visible_fields_set_cookie(t);var n={},o=e.target.elements;(o=Array.prototype.slice.call(o)).forEach(function(e,t){""===e.name?n["input_"+t]=e.value:n[e.name]=e.value}),apbct_public_sendAJAX(n,{async:!1,callback:function(e,t,n,o){var c;+o.apbct.blocked||(apbct_replace_inputs_values_from_other_form(jQuery(document.forms[e]).detach(),n),t.after(n),0!==(c=jQuery(document.forms[e]).find("button[type=submit]")).length&&c[0].click(),0!==(c=jQuery(document.forms[e]).find('button[data-element="submit"]')).length&&c[0].click())},callback_context:null,callback_params:[r,c,a]})}):-1===e.indexOf("http://")&&-1===e.indexOf("https://")||e.split("//")[1].split("/")[0].toLowerCase()!==location.hostname.toLowerCase()&&((o=document.createElement("input")).name="cleantalk_hidden_action",o.value=e,o.type="hidden",document.forms[i].appendChild(o),(l=document.createElement("input")).name="cleantalk_hidden_method",l.value=document.forms[i].method,l.type="hidden",document.forms[i].method="POST",document.forms[i].appendChild(l),document.forms[i].action=document.location))}}function apbct_replace_inputs_values_from_other_form(e,t){var n=jQuery(e).find("button, input, textarea, select"),a=jQuery(t).find("button, input, textarea, select");n.each(function(e,o){var c=jQuery(o);a.each(function(e,t){var n=jQuery(t);o.outerHTML===t.outerHTML&&n.val(c.val())})})}window.onload=function(){setTimeout(function(){ct_protect_external()},1500)};
2
  //# sourceMappingURL=cleantalk_external.min.js.map
1
+ function ct_protect_external(){for(var e,o,t,c,l,n,a,r,i=0;i<document.forms.length;i++){null==document.forms[i].cleantalk_hidden_action&&null==document.forms[i].cleantalk_hidden_method&&"string"==typeof document.forms[i].action&&(-1!==(e=document.forms[i].action).indexOf("activehosted.com")||-1!==e.indexOf("app.convertkit.com")||void 0!==document.forms[i].firstChild.classList&&document.forms[i].firstChild.classList.contains("cb-form-group")?(jQuery(document.forms[i]).before('<i class="cleantalk_placeholder" style="display: none;"></i>'),o=jQuery(document.forms[i]).prev(),t=document.forms[i].outerHTML,c=jQuery(document.forms[i]).detach(),l=i,o.after(t),(n=document.createElement("input")).name="action",n.value="cleantalk_force_ajax_check",n.type="hidden",document.forms[i].appendChild(n),document.forms[i].onsubmit=function(a){a.preventDefault();var e={};e[0]=apbct_collect_visible_fields(this),apbct_visible_fields_set_cookie(e);var n={},t=a.target.elements;(t=Array.prototype.slice.call(t)).forEach(function(e,t){""===e.name?n["input_"+t]=e.value:n[e.name]=e.value}),apbct_public_sendAJAX(n,{async:!1,callback:function(e,t,n,o){var c;+o.apbct.blocked||(apbct_replace_inputs_values_from_other_form(jQuery(a.target).detach(),n),t.after(n),0!==(c=jQuery(n).find("button[type=submit]")).length&&c[0].click(),0!==(c=jQuery(n).find('button[data-element="submit"]')).length&&c[0].click())},callback_context:null,callback_params:[l,o,c]})}):-1===e.indexOf("http://")&&-1===e.indexOf("https://")||e.split("//")[1].split("/")[0].toLowerCase()!==location.hostname.toLowerCase()&&((a=document.createElement("input")).name="cleantalk_hidden_action",a.value=e,a.type="hidden",document.forms[i].appendChild(a),(r=document.createElement("input")).name="cleantalk_hidden_method",r.value=document.forms[i].method,r.type="hidden",document.forms[i].method="POST",document.forms[i].appendChild(r),document.forms[i].action=document.location))}}function apbct_replace_inputs_values_from_other_form(e,t){var n=jQuery(e).find("button, input, textarea, select"),a=jQuery(t).find("button, input, textarea, select");n.each(function(e,o){var c=jQuery(o);a.each(function(e,t){var n=jQuery(t);o.outerHTML===t.outerHTML&&n.val(c.val())})})}window.onload=function(){setTimeout(function(){ct_protect_external()},1500)};
2
  //# sourceMappingURL=cleantalk_external.min.js.map
js/cleantalk_external.min.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cleantalk_external.min.js","sources":["cleantalk_external.js"],"sourcesContent":["function ct_protect_external(){\r\n\r\n\tfor(var i = 0; i < document.forms.length; i++){\r\n\r\n\t\tif (document.forms[i].cleantalk_hidden_action == undefined && document.forms[i].cleantalk_hidden_method == undefined) {\r\n\r\n\t\t\tif(typeof(document.forms[i].action) == 'string'){\r\n\r\n\t\t\t\tvar action = document.forms[i].action;\r\n\r\n\t\t\t\tif(\r\n\t\t\t\t\taction.indexOf('activehosted.com') !== -1 || // ActiveCampaign form\r\n\t\t\t\t\taction.indexOf('app.convertkit.com') !== -1 || // ConvertKit form\r\n\t\t\t\t\t( document.forms[i].firstChild.classList !== undefined && document.forms[i].firstChild.classList.contains('cb-form-group') ) // Convertbox form\r\n\t\t\t\t) {\r\n\r\n\t\t\t\t\tjQuery( document.forms[i] ).before('<i class=\"cleantalk_placeholder\" style=\"display: none;\"></i>');\r\n\r\n\t\t\t\t\t// Deleting form to prevent submit event\r\n\t\t\t\t\tvar prev = jQuery(document.forms[i]).prev(),\r\n\t\t\t\t\t\tform_html = document.forms[i].outerHTML,\r\n\t\t\t\t\t\tform_original = jQuery(document.forms[i]).detach(),\r\n\t\t\t\t\t\tindex = i;\r\n\r\n\t\t\t\t\tprev.after( form_html );\r\n\r\n\t\t\t\t\tvar force_action = document.createElement(\"input\");\r\n\t\t\t\t\tforce_action.name = 'action';\r\n\t\t\t\t\tforce_action.value = 'cleantalk_force_ajax_check';\r\n\t\t\t\t\tforce_action.type = 'hidden';\r\n\t\t\t\t\tdocument.forms[i].appendChild(force_action);\r\n\r\n\t\t\t\t\tdocument.forms[i].onsubmit = function ( event ){\r\n\r\n\t\t\t\t\t\tevent.preventDefault();\r\n\r\n\t\t\t\t\t\t// Get visible fields and set cookie\r\n\t\t\t\t\t\tvar visible_fields = {};\r\n\t\t\t\t\t\tvisible_fields[0] = apbct_collect_visible_fields(this);\r\n\t\t\t\t\t\tapbct_visible_fields_set_cookie( visible_fields );\r\n\r\n\t\t\t\t\t\tvar data = {};\r\n\t\t\t\t\t\tvar elems = event.target.elements;\r\n\t\t\t\t\t\telems = Array.prototype.slice.call(elems);\r\n\r\n\t\t\t\t\t\telems.forEach( function( elem, y ) {\r\n\t\t\t\t\t\t\tif( elem.name === '' ) {\r\n\t\t\t\t\t\t\t\tdata['input_' + y] = elem.value;\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\tdata[elem.name] = elem.value;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t});\r\n\r\n\t\t\t\t\t\tapbct_public_sendAJAX(\r\n\t\t\t\t\t\t\tdata,\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\tasync: false,\r\n\t\t\t\t\t\t\t\tcallback: function( index, prev, form_original, result ){\r\n\r\n\t\t\t\t\t\t\t\t\tif( ! +result.apbct.blocked ) {\r\n\r\n\t\t\t\t\t\t\t\t\t\tvar form_new = jQuery(document.forms[index]).detach();\r\n\r\n\t\t\t\t\t\t\t\t\t\tapbct_replace_inputs_values_from_other_form(form_new, form_original);\r\n\r\n\t\t\t\t\t\t\t\t\t\tprev.after( form_original );\r\n\r\n\t\t\t\t\t\t\t\t\t\t// Common click event\r\n\t\t\t\t\t\t\t\t\t\tvar subm_button = jQuery(document.forms[index]).find('button[type=submit]');\r\n\t\t\t\t\t\t\t\t\t\tif( subm_button.length !== 0 ) {\r\n\t\t\t\t\t\t\t\t\t\t\tsubm_button[0].click();\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\r\n\t\t\t\t\t\t\t\t\t\t// ConvertKit direct integration\r\n\t\t\t\t\t\t\t\t\t\tsubm_button = jQuery(document.forms[index]).find('button[data-element=\"submit\"]');\r\n\t\t\t\t\t\t\t\t\t\tif( subm_button.length !== 0 ) {\r\n\t\t\t\t\t\t\t\t\t\t\tsubm_button[0].click();\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t\tcallback_context: null,\r\n\t\t\t\t\t\t\t\tcallback_params: [index, prev, form_original],\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t);\r\n\r\n\t\t\t\t\t};\r\n\r\n\t\t\t\t// Common flow\r\n\t\t\t\t}else if(action.indexOf('http://') !== -1 || action.indexOf('https://') !== -1){\r\n\r\n\t\t\t\t\tvar tmp = action.split('//');\r\n\t\t\t\t\ttmp = tmp[1].split('/');\r\n\t\t\t\t\tvar host = tmp[0].toLowerCase();\r\n\r\n\t\t\t\t\tif(host !== location.hostname.toLowerCase()){\r\n\r\n\t var ct_action = document.createElement(\"input\");\r\n\t ct_action.name = 'cleantalk_hidden_action';\r\n\t\t\t\t\t\tct_action.value = action;\r\n\t\t\t\t\t\tct_action.type = 'hidden';\r\n\t\t\t\t\t\tdocument.forms[i].appendChild(ct_action);\r\n\r\n\t var ct_method = document.createElement(\"input\");\r\n\t ct_method.name = 'cleantalk_hidden_method';\r\n\t\t\t\t\t\tct_method.value = document.forms[i].method;\r\n\t\t\t\t\t\tct_method.type = 'hidden';\r\n\r\n\t\t\t\t\t\tdocument.forms[i].method = 'POST';\r\n\t\t\t\t\t\tdocument.forms[i].appendChild(ct_method);\r\n\r\n\t\t\t\t\t\tdocument.forms[i].action = document.location;\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\nfunction apbct_replace_inputs_values_from_other_form( form_source, form_target ){\r\n\r\n\tvar\tinputs_source = jQuery( form_source ).find( 'button, input, textarea, select' ),\r\n\t\tinputs_target = jQuery( form_target ).find( 'button, input, textarea, select' );\r\n\r\n\tinputs_source.each( function( index, elem_source ){\r\n\r\n\t\tvar source = jQuery( elem_source );\r\n\r\n\t\tinputs_target.each( function( index2, elem_target ){\r\n\r\n\t\t\tvar target = jQuery( elem_target );\r\n\r\n\t\t\tif( elem_source.outerHTML === elem_target.outerHTML ){\r\n\r\n\t\t\t\ttarget.val( source.val() );\r\n\t\t\t}\r\n\t\t});\r\n\t});\r\n\r\n}\r\nwindow.onload = function () {\r\n setTimeout(function () {\r\n ct_protect_external()\r\n }, 1500);\r\n};"],"names":["ct_protect_external","action","prev","form_html","form_original","index","force_action","ct_action","ct_method","i","document","forms","length","undefined","cleantalk_hidden_action","cleantalk_hidden_method","indexOf","firstChild","classList","contains","jQuery","before","outerHTML","detach","after","createElement","name","value","type","appendChild","onsubmit","event","preventDefault","visible_fields","apbct_collect_visible_fields","this","apbct_visible_fields_set_cookie","data","elems","target","elements","Array","prototype","slice","call","forEach","elem","y","apbct_public_sendAJAX","async","callback","result","subm_button","apbct","blocked","apbct_replace_inputs_values_from_other_form","find","click","callback_context","callback_params","split","toLowerCase","location","hostname","method","form_source","form_target","inputs_source","inputs_target","each","elem_source","source","index2","elem_target","val","window","onload","setTimeout"],"mappings":"AAAA,SAASA,sBAER,IAAI,IAMGC,EAWCC,EACHC,EACAC,EACAC,EAIGC,EAuEgBC,EAMAC,EArGhBC,EAAI,EAAGA,EAAIC,SAASC,MAAMC,OAAQH,IAAI,CAEII,MAA7CH,SAASC,MAAMF,GAAGK,yBAAqFD,MAA7CH,SAASC,MAAMF,GAAGM,yBAExC,iBAA7BL,SAASC,MAAMF,GAAS,UAKQ,KAHrCR,EAASS,SAASC,MAAMF,GAAGR,QAGvBe,QAAQ,sBAC2B,IAA1Cf,EAAOe,QAAQ,4BAC8BH,IAA3CH,SAASC,MAAMF,GAAGQ,WAAWC,WAA2BR,SAASC,MAAMF,GAAGQ,WAAWC,UAAUC,SAAS,kBAG1GC,OAAQV,SAASC,MAAMF,IAAKY,OAAO,gEAG/BnB,EAAOkB,OAAOV,SAASC,MAAMF,IAAIP,OACpCC,EAAYO,SAASC,MAAMF,GAAGa,UAC9BlB,EAAgBgB,OAAOV,SAASC,MAAMF,IAAIc,SAC1ClB,EAAQI,EAETP,EAAKsB,MAAOrB,IAERG,EAAeI,SAASe,cAAc,UAC7BC,KAAO,SACpBpB,EAAaqB,MAAQ,6BACrBrB,EAAasB,KAAO,SACpBlB,SAASC,MAAMF,GAAGoB,YAAYvB,GAE9BI,SAASC,MAAMF,GAAGqB,SAAW,SAAWC,GAEvCA,EAAMC,iBAGN,IAAIC,EAAiB,GACrBA,EAAe,GAAKC,6BAA6BC,MACjDC,gCAAiCH,GAEjC,IAAII,EAAO,GACPC,EAAQP,EAAMQ,OAAOC,UACzBF,EAAQG,MAAMC,UAAUC,MAAMC,KAAKN,IAE7BO,QAAS,SAAUC,EAAMC,GACZ,KAAdD,EAAKpB,KACRW,EAAK,SAAWU,GAAKD,EAAKnB,MAE1BU,EAAKS,EAAKpB,MAAQoB,EAAKnB,QAIzBqB,sBACCX,EACA,CACCY,OAAO,EACPC,SAAU,SAAU7C,EAAOH,EAAME,EAAe+C,GAE/C,IASKC,GATED,EAAOE,MAAMC,UAInBC,4CAFenC,OAAOV,SAASC,MAAMN,IAAQkB,SAESnB,GAEtDF,EAAKsB,MAAOpB,GAIe,KADvBgD,EAAchC,OAAOV,SAASC,MAAMN,IAAQmD,KAAK,wBACrC5C,QACfwC,EAAY,GAAGK,QAKW,KAD3BL,EAAchC,OAAOV,SAASC,MAAMN,IAAQmD,KAAK,kCACjC5C,QACfwC,EAAY,GAAGK,UAKlBC,iBAAkB,KAClBC,gBAAiB,CAACtD,EAAOH,EAAME,QAOK,IAA/BH,EAAOe,QAAQ,aAAqD,IAAhCf,EAAOe,QAAQ,aAEjDf,EAAO2D,MAAM,MACb,GAAGA,MAAM,KACJ,GAAGC,gBAENC,SAASC,SAASF,iBAEVtD,EAAYG,SAASe,cAAc,UAC7BC,KAAO,0BAChCnB,EAAUoB,MAAQ1B,EAClBM,EAAUqB,KAAO,SACjBlB,SAASC,MAAMF,GAAGoB,YAAYtB,IAEXC,EAAYE,SAASe,cAAc,UAC7BC,KAAO,0BAChClB,EAAUmB,MAAQjB,SAASC,MAAMF,GAAGuD,OACpCxD,EAAUoB,KAAO,SAEjBlB,SAASC,MAAMF,GAAGuD,OAAS,OAC3BtD,SAASC,MAAMF,GAAGoB,YAAYrB,GAE9BE,SAASC,MAAMF,GAAGR,OAASS,SAASoD,YAO1C,SAASP,4CAA6CU,EAAaC,GAElE,IAAIC,EAAgB/C,OAAQ6C,GAAcT,KAAM,mCAC/CY,EAAgBhD,OAAQ8C,GAAcV,KAAM,mCAE7CW,EAAcE,KAAM,SAAUhE,EAAOiE,GAEpC,IAAIC,EAASnD,OAAQkD,GAErBF,EAAcC,KAAM,SAAUG,EAAQC,GAErC,IAAIlC,EAASnB,OAAQqD,GAEjBH,EAAYhD,YAAcmD,EAAYnD,WAEzCiB,EAAOmC,IAAKH,EAAOG,WAMvBC,OAAOC,OAAS,WACZC,WAAW,WACP7E,uBACD"}
1
+ {"version":3,"file":"cleantalk_external.min.js","sources":["cleantalk_external.js"],"sourcesContent":["function ct_protect_external(){\n\n\tfor(var i = 0; i < document.forms.length; i++){\n\n\t\tif (document.forms[i].cleantalk_hidden_action == undefined && document.forms[i].cleantalk_hidden_method == undefined) {\n\n\t\t\tif(typeof(document.forms[i].action) == 'string'){\n\n\t\t\t\tvar action = document.forms[i].action;\n\n\t\t\t\tif(\n\t\t\t\t\taction.indexOf('activehosted.com') !== -1 || // ActiveCampaign form\n\t\t\t\t\taction.indexOf('app.convertkit.com') !== -1 || // ConvertKit form\n\t\t\t\t\t( document.forms[i].firstChild.classList !== undefined && document.forms[i].firstChild.classList.contains('cb-form-group') ) // Convertbox form\n\t\t\t\t) {\n\n\t\t\t\t\tjQuery( document.forms[i] ).before('<i class=\"cleantalk_placeholder\" style=\"display: none;\"></i>');\n\n\t\t\t\t\t// Deleting form to prevent submit event\n\t\t\t\t\tvar prev = jQuery(document.forms[i]).prev(),\n\t\t\t\t\t\tform_html = document.forms[i].outerHTML,\n\t\t\t\t\t\tform_original = jQuery(document.forms[i]).detach(),\n\t\t\t\t\t\tindex = i;\n\n\t\t\t\t\tprev.after( form_html );\n\n\t\t\t\t\tvar force_action = document.createElement(\"input\");\n\t\t\t\t\tforce_action.name = 'action';\n\t\t\t\t\tforce_action.value = 'cleantalk_force_ajax_check';\n\t\t\t\t\tforce_action.type = 'hidden';\n\t\t\t\t\tdocument.forms[i].appendChild(force_action);\n\n\t\t\t\t\tdocument.forms[i].onsubmit = function ( event ){\n\n\t\t\t\t\t\tevent.preventDefault();\n\n\t\t\t\t\t\t// Get visible fields and set cookie\n\t\t\t\t\t\tvar visible_fields = {};\n\t\t\t\t\t\tvisible_fields[0] = apbct_collect_visible_fields(this);\n\t\t\t\t\t\tapbct_visible_fields_set_cookie( visible_fields );\n\n\t\t\t\t\t\tvar data = {};\n\t\t\t\t\t\tvar elems = event.target.elements;\n\t\t\t\t\t\telems = Array.prototype.slice.call(elems);\n\n\t\t\t\t\t\telems.forEach( function( elem, y ) {\n\t\t\t\t\t\t\tif( elem.name === '' ) {\n\t\t\t\t\t\t\t\tdata['input_' + y] = elem.value;\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\tdata[elem.name] = elem.value;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t});\n\n\t\t\t\t\t\tapbct_public_sendAJAX(\n\t\t\t\t\t\t\tdata,\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tasync: false,\n\t\t\t\t\t\t\t\tcallback: function( index, prev, form_original, result ){\n\n\t\t\t\t\t\t\t\t\tif( ! +result.apbct.blocked ) {\n\n\t\t\t\t\t\t\t\t\t\tvar form_new = jQuery(event.target).detach();\n\n\t\t\t\t\t\t\t\t\t\tapbct_replace_inputs_values_from_other_form(form_new, form_original);\n\n\t\t\t\t\t\t\t\t\t\tprev.after( form_original );\n\n\t\t\t\t\t\t\t\t\t\t// Common click event\n\t\t\t\t\t\t\t\t\t\tvar subm_button = jQuery(form_original).find('button[type=submit]');\n\t\t\t\t\t\t\t\t\t\tif( subm_button.length !== 0 ) {\n\t\t\t\t\t\t\t\t\t\t\tsubm_button[0].click();\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t\t// ConvertKit direct integration\n\t\t\t\t\t\t\t\t\t\tsubm_button = jQuery(form_original).find('button[data-element=\"submit\"]');\n\t\t\t\t\t\t\t\t\t\tif( subm_button.length !== 0 ) {\n\t\t\t\t\t\t\t\t\t\t\tsubm_button[0].click();\n\t\t\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tcallback_context: null,\n\t\t\t\t\t\t\t\tcallback_params: [index, prev, form_original],\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t);\n\n\t\t\t\t\t};\n\n\t\t\t\t// Common flow\n\t\t\t\t}else if(action.indexOf('http://') !== -1 || action.indexOf('https://') !== -1){\n\n\t\t\t\t\tvar tmp = action.split('//');\n\t\t\t\t\ttmp = tmp[1].split('/');\n\t\t\t\t\tvar host = tmp[0].toLowerCase();\n\n\t\t\t\t\tif(host !== location.hostname.toLowerCase()){\n\n\t var ct_action = document.createElement(\"input\");\n\t ct_action.name = 'cleantalk_hidden_action';\n\t\t\t\t\t\tct_action.value = action;\n\t\t\t\t\t\tct_action.type = 'hidden';\n\t\t\t\t\t\tdocument.forms[i].appendChild(ct_action);\n\n\t var ct_method = document.createElement(\"input\");\n\t ct_method.name = 'cleantalk_hidden_method';\n\t\t\t\t\t\tct_method.value = document.forms[i].method;\n\t\t\t\t\t\tct_method.type = 'hidden';\n\n\t\t\t\t\t\tdocument.forms[i].method = 'POST';\n\t\t\t\t\t\tdocument.forms[i].appendChild(ct_method);\n\n\t\t\t\t\t\tdocument.forms[i].action = document.location;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}\n}\nfunction apbct_replace_inputs_values_from_other_form( form_source, form_target ){\n\n\tvar\tinputs_source = jQuery( form_source ).find( 'button, input, textarea, select' ),\n\t\tinputs_target = jQuery( form_target ).find( 'button, input, textarea, select' );\n\n\tinputs_source.each( function( index, elem_source ){\n\n\t\tvar source = jQuery( elem_source );\n\n\t\tinputs_target.each( function( index2, elem_target ){\n\n\t\t\tvar target = jQuery( elem_target );\n\n\t\t\tif( elem_source.outerHTML === elem_target.outerHTML ){\n\n\t\t\t\ttarget.val( source.val() );\n\t\t\t}\n\t\t});\n\t});\n\n}\nwindow.onload = function () {\n setTimeout(function () {\n ct_protect_external()\n }, 1500);\n};"],"names":["ct_protect_external","action","prev","form_html","form_original","index","force_action","ct_action","ct_method","i","document","forms","length","undefined","cleantalk_hidden_action","cleantalk_hidden_method","indexOf","firstChild","classList","contains","jQuery","before","outerHTML","detach","after","createElement","name","value","type","appendChild","onsubmit","event","preventDefault","visible_fields","apbct_collect_visible_fields","this","apbct_visible_fields_set_cookie","data","elems","target","elements","Array","prototype","slice","call","forEach","elem","y","apbct_public_sendAJAX","async","callback","result","subm_button","apbct","blocked","apbct_replace_inputs_values_from_other_form","find","click","callback_context","callback_params","split","toLowerCase","location","hostname","method","form_source","form_target","inputs_source","inputs_target","each","elem_source","source","index2","elem_target","val","window","onload","setTimeout"],"mappings":"AAAA,SAASA,sBAER,IAAI,IAMGC,EAWCC,EACHC,EACAC,EACAC,EAIGC,EAuEgBC,EAMAC,EArGhBC,EAAI,EAAGA,EAAIC,SAASC,MAAMC,OAAQH,IAAI,CAEII,MAA7CH,SAASC,MAAMF,GAAGK,yBAAqFD,MAA7CH,SAASC,MAAMF,GAAGM,yBAExC,iBAA7BL,SAASC,MAAMF,GAAS,UAKQ,KAHrCR,EAASS,SAASC,MAAMF,GAAGR,QAGvBe,QAAQ,sBAC2B,IAA1Cf,EAAOe,QAAQ,4BAC8BH,IAA3CH,SAASC,MAAMF,GAAGQ,WAAWC,WAA2BR,SAASC,MAAMF,GAAGQ,WAAWC,UAAUC,SAAS,kBAG1GC,OAAQV,SAASC,MAAMF,IAAKY,OAAO,gEAG/BnB,EAAOkB,OAAOV,SAASC,MAAMF,IAAIP,OACpCC,EAAYO,SAASC,MAAMF,GAAGa,UAC9BlB,EAAgBgB,OAAOV,SAASC,MAAMF,IAAIc,SAC1ClB,EAAQI,EAETP,EAAKsB,MAAOrB,IAERG,EAAeI,SAASe,cAAc,UAC7BC,KAAO,SACpBpB,EAAaqB,MAAQ,6BACrBrB,EAAasB,KAAO,SACpBlB,SAASC,MAAMF,GAAGoB,YAAYvB,GAE9BI,SAASC,MAAMF,GAAGqB,SAAW,SAAWC,GAEvCA,EAAMC,iBAGN,IAAIC,EAAiB,GACrBA,EAAe,GAAKC,6BAA6BC,MACjDC,gCAAiCH,GAEjC,IAAII,EAAO,GACPC,EAAQP,EAAMQ,OAAOC,UACzBF,EAAQG,MAAMC,UAAUC,MAAMC,KAAKN,IAE7BO,QAAS,SAAUC,EAAMC,GACZ,KAAdD,EAAKpB,KACRW,EAAK,SAAWU,GAAKD,EAAKnB,MAE1BU,EAAKS,EAAKpB,MAAQoB,EAAKnB,QAIzBqB,sBACCX,EACA,CACCY,OAAO,EACPC,SAAU,SAAU7C,EAAOH,EAAME,EAAe+C,GAE/C,IASKC,GATED,EAAOE,MAAMC,UAInBC,4CAFenC,OAAOW,EAAMQ,QAAQhB,SAEkBnB,GAEtDF,EAAKsB,MAAOpB,GAIe,KADvBgD,EAAchC,OAAOhB,GAAeoD,KAAK,wBAC7B5C,QACfwC,EAAY,GAAGK,QAKW,KAD3BL,EAAchC,OAAOhB,GAAeoD,KAAK,kCACzB5C,QACfwC,EAAY,GAAGK,UAKlBC,iBAAkB,KAClBC,gBAAiB,CAACtD,EAAOH,EAAME,QAOK,IAA/BH,EAAOe,QAAQ,aAAqD,IAAhCf,EAAOe,QAAQ,aAEjDf,EAAO2D,MAAM,MACb,GAAGA,MAAM,KACJ,GAAGC,gBAENC,SAASC,SAASF,iBAEVtD,EAAYG,SAASe,cAAc,UAC7BC,KAAO,0BAChCnB,EAAUoB,MAAQ1B,EAClBM,EAAUqB,KAAO,SACjBlB,SAASC,MAAMF,GAAGoB,YAAYtB,IAEXC,EAAYE,SAASe,cAAc,UAC7BC,KAAO,0BAChClB,EAAUmB,MAAQjB,SAASC,MAAMF,GAAGuD,OACpCxD,EAAUoB,KAAO,SAEjBlB,SAASC,MAAMF,GAAGuD,OAAS,OAC3BtD,SAASC,MAAMF,GAAGoB,YAAYrB,GAE9BE,SAASC,MAAMF,GAAGR,OAASS,SAASoD,YAO1C,SAASP,4CAA6CU,EAAaC,GAElE,IAAIC,EAAgB/C,OAAQ6C,GAAcT,KAAM,mCAC/CY,EAAgBhD,OAAQ8C,GAAcV,KAAM,mCAE7CW,EAAcE,KAAM,SAAUhE,EAAOiE,GAEpC,IAAIC,EAASnD,OAAQkD,GAErBF,EAAcC,KAAM,SAAUG,EAAQC,GAErC,IAAIlC,EAASnB,OAAQqD,GAEjBH,EAAYhD,YAAcmD,EAAYnD,WAEzCiB,EAAOmC,IAAKH,EAAOG,WAMvBC,OAAOC,OAAS,WACZC,WAAW,WACP7E,uBACD"}
lib/Cleantalk/Antispam/Integrations.php CHANGED
@@ -30,7 +30,7 @@ class Integrations
30
  global $cleantalk_executed;
31
 
32
  // Getting current integration name
33
- $current_integration = $this->get_current_integration_triggered( current_action() );
34
  if( $current_integration ) {
35
  // Instantiate the integration object
36
  $class = '\\Cleantalk\\Antispam\\Integrations\\' . $current_integration;
30
  global $cleantalk_executed;
31
 
32
  // Getting current integration name
33
+ $current_integration = $this->get_current_integration_triggered( current_filter() );
34
  if( $current_integration ) {
35
  // Instantiate the integration object
36
  $class = '\\Cleantalk\\Antispam\\Integrations\\' . $current_integration;
lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php CHANGED
@@ -1,264 +1,272 @@
1
- <?php
2
-
3
- namespace Cleantalk\ApbctWP\FindSpam\ListTable;
4
-
5
- class Users extends \Cleantalk\ApbctWP\CleantalkListTable
6
- {
7
-
8
- protected $apbct;
9
-
10
- function __construct(){
11
-
12
- parent::__construct(array(
13
- 'singular' => 'spam',
14
- 'plural' => 'spam'
15
- ));
16
-
17
- $this->bulk_actions_handler();
18
-
19
- $this->row_actions_handler();
20
-
21
- $this->prepare_items();
22
-
23
- global $apbct;
24
- $this->apbct = $apbct;
25
-
26
- }
27
-
28
- // Set columns
29
- function get_columns(){
30
- return array(
31
- 'cb' => '<input type="checkbox" />',
32
- 'ct_username' => esc_html__( 'Username', 'cleantalk-spam-protect'),
33
- 'ct_name' => esc_html__( 'Name', 'cleantalk-spam-protect'),
34
- 'ct_email' => esc_html__( 'E-mail', 'cleantalk-spam-protect'),
35
- 'ct_signed_up' => esc_html__( 'Signed up', 'cleantalk-spam-protect'),
36
- 'ct_role' => esc_html__( 'Role', 'cleantalk-spam-protect'),
37
- 'ct_posts' => esc_html__( 'Posts', 'cleantalk-spam-protect'),
38
- );
39
- }
40
-
41
- // CheckBox column
42
- function column_cb( $item ){
43
- echo '<input type="checkbox" name="spamids[]" id="cb-select-'. $item['ct_id'] .'" value="'. $item['ct_id'] .'" />';
44
- }
45
-
46
- // Username (first) column
47
- function column_ct_username( $item ) {
48
- $user_obj = $item['ct_username'];
49
- $email = $user_obj->user_email;
50
- $column_content = '';
51
-
52
- // Avatar, nickname
53
- $column_content .= '<strong>' . get_avatar( $user_obj->ID , 32) . '&nbsp;' . $user_obj->user_login . '</strong>';
54
- $column_content .= '<br /><br />';
55
-
56
- // Email
57
- if( ! empty( $email ) ){
58
- $column_content .= "<a href='mailto:$email'>$email</a>"
59
- .( ! $this->apbct->white_label
60
- ? "<a href='https://cleantalk.org/blacklists/$email' target='_blank'>"
61
- ."&nbsp;<img src='" . APBCT_URL_PATH . "/inc/images/new_window.gif' alt='Ico: open in new window' border='0' style='float:none' />"
62
- ."</a>"
63
- : '');
64
- } else {
65
- $column_content .= esc_html__( 'No email', 'cleantalk-spam-protect');
66
- }
67
- $column_content .= '<br/>';
68
-
69
- // IP
70
- $user_meta = get_user_meta( $user_obj->ID, 'session_tokens', true );
71
- if( ! empty( $user_meta ) && is_array( $user_meta ) ){
72
- $user_meta = array_values( $user_meta );
73
- if( ! empty( $user_meta[0]['ip'] ) ) {
74
- $ip = $user_meta[0]['ip'];
75
- $column_content .= "<a href='user-edit.php?user_id=$user_obj->ID'>$ip</a>"
76
- .( ! $this->apbct->white_label
77
- ?"<a href='https://cleantalk.org/blacklists/$ip ' target='_blank'>"
78
- ."&nbsp;<img src='" . APBCT_URL_PATH . "/inc/images/new_window.gif' alt='Ico: open in new window' border='0' style='float:none' />"
79
- ."</a>"
80
- : '');
81
- }else
82
- $column_content .= esc_html__( 'No IP adress', 'cleantalk-spam-protect');
83
- }else
84
- $column_content .= esc_html__( 'No IP adress', 'cleantalk-spam-protect');
85
-
86
- $actions = array(
87
- 'delete' => sprintf( '<a href="?page=%s&action=%s&spam=%s">Delete</a>', $_REQUEST['page'],'delete', $user_obj->ID ),
88
- );
89
-
90
- return sprintf( '%1$s %2$s', $column_content, $this->row_actions( $actions ) );
91
-
92
- }
93
-
94
- // Rest of columns
95
- function column_default( $item, $column_name ) {
96
- switch( $column_name ) {
97
- case 'ct_name':
98
- case 'ct_email':
99
- case 'ct_signed_up':
100
- case 'ct_role':
101
- case 'ct_posts':
102
- case 'ct_start':
103
- case 'ct_checked':
104
- case 'ct_spam':
105
- case 'ct_bad':
106
- return $item[ $column_name ];
107
- default:
108
- return print_r( $item, true ) ;
109
- }
110
- }
111
-
112
- function get_bulk_actions() {
113
- $actions = array(
114
- 'delete' => 'Delete'
115
- );
116
- return $actions;
117
- }
118
-
119
- function bulk_actions_handler() {
120
-
121
- if( empty($_POST['spamids']) || empty($_POST['_wpnonce']) ) return;
122
-
123
- if ( ! $action = $this->current_action() ) return;
124
-
125
- if( ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) )
126
- wp_die('nonce error');
127
-
128
- $this->removeSpam( $_POST['spamids'] );
129
-
130
- }
131
-
132
- function row_actions_handler() {
133
-
134
- if( empty($_GET['action']) ) return;
135
-
136
- if( $_GET['action'] == 'delete' ) {
137
-
138
- $id = filter_input( INPUT_GET, 'spam', FILTER_SANITIZE_NUMBER_INT );
139
- $this->removeSpam( array( $id ) );
140
-
141
- }
142
-
143
- }
144
-
145
- function no_items() {
146
- esc_html_e( 'No spam found.', 'cleantalk-spam-protect');
147
- }
148
-
149
- //********************************************//
150
- // LOGIC //
151
- //*******************************************//
152
-
153
- function removeSpam( $ids ) {
154
-
155
- $ids_string = implode( ', ', $ids );
156
- global $wpdb;
157
-
158
- $wpdb->query("DELETE FROM {$wpdb->users} WHERE
159
- ID IN ($ids_string)");
160
-
161
- }
162
-
163
- public function getTotal() {
164
-
165
- $params_total = array(
166
- 'fields' => 'ID',
167
- 'count'=>true,
168
- 'orderby' => 'user_registered'
169
- );
170
- $total_users = new \WP_User_Query($params_total);
171
- return $total_users;
172
-
173
- }
174
-
175
- public function getChecked() {
176
-
177
- $params_spam = array(
178
- 'fields' => 'ID',
179
- 'meta_key' => 'ct_checked',
180
- 'count_total' => true,
181
- );
182
- $spam_users = new \WP_User_Query($params_spam);
183
- return $spam_users;
184
-
185
- }
186
-
187
- public function getCheckedNow() {
188
-
189
- $params_spam = array(
190
- 'fields' => 'ID',
191
- 'meta_key' => 'ct_checked_now',
192
- 'count_total' => true,
193
- );
194
- $spam_users = new \WP_User_Query($params_spam);
195
- return $spam_users;
196
-
197
- }
198
-
199
- public function getSpam() {
200
-
201
- $params_spam = array(
202
- 'fields' => 'ID',
203
- 'meta_key' => 'ct_marked_as_spam',
204
- 'count_total' => true,
205
- );
206
- $spam_users = new \WP_User_Query($params_spam);
207
- return $spam_users;
208
-
209
- }
210
-
211
- public function getSpamNow() {
212
-
213
- $params_spam = array(
214
- 'fields' => 'ID',
215
- 'meta_query' => array(
216
- 'relation' => 'AND',
217
- array(
218
- 'key' => 'ct_marked_as_spam',
219
- 'compare' => 'EXISTS'
220
- ),
221
- array(
222
- 'key' => 'ct_checked_now',
223
- 'compare' => 'EXISTS'
224
- ),
225
- ),
226
- 'count_total' => true,
227
- );
228
- $spam_users = new \WP_User_Query($params_spam);
229
- return $spam_users;
230
-
231
- }
232
-
233
- public function getBad() { // Without IP and EMAIL
234
-
235
- $params_bad = array(
236
- 'fields' => 'ID',
237
- 'meta_key' => 'ct_bad',
238
- 'count_total' => true,
239
- );
240
- $bad_users = new \WP_User_Query($params_bad);
241
- return $bad_users;
242
-
243
- }
244
-
245
- public function getScansLogs() {
246
-
247
- global $wpdb;
248
- $query = "SELECT * FROM " . APBCT_SPAMSCAN_LOGS . " WHERE scan_type = 'users'";
249
- $res = $wpdb->get_results( $query, ARRAY_A );
250
- return $res;
251
-
252
- }
253
-
254
- protected function removeLogs( $ids ) {
255
-
256
- $ids_string = implode( ', ', $ids );
257
- global $wpdb;
258
-
259
- $wpdb->query("DELETE FROM " . APBCT_SPAMSCAN_LOGS . " WHERE
260
- ID IN ($ids_string)");
261
-
262
- }
263
-
 
 
 
 
 
 
 
 
264
  }
1
+ <?php
2
+
3
+ namespace Cleantalk\ApbctWP\FindSpam\ListTable;
4
+
5
+ class Users extends \Cleantalk\ApbctWP\CleantalkListTable
6
+ {
7
+
8
+ protected $apbct;
9
+
10
+ function __construct(){
11
+
12
+ parent::__construct(array(
13
+ 'singular' => 'spam',
14
+ 'plural' => 'spam'
15
+ ));
16
+
17
+ $this->bulk_actions_handler();
18
+
19
+ $this->row_actions_handler();
20
+
21
+ $this->prepare_items();
22
+
23
+ global $apbct;
24
+ $this->apbct = $apbct;
25
+
26
+ }
27
+
28
+ // Set columns
29
+ function get_columns(){
30
+ return array(
31
+ 'cb' => '<input type="checkbox" />',
32
+ 'ct_username' => esc_html__( 'Username', 'cleantalk-spam-protect'),
33
+ 'ct_name' => esc_html__( 'Name', 'cleantalk-spam-protect'),
34
+ 'ct_email' => esc_html__( 'E-mail', 'cleantalk-spam-protect'),
35
+ 'ct_signed_up' => esc_html__( 'Signed up', 'cleantalk-spam-protect'),
36
+ 'ct_role' => esc_html__( 'Role', 'cleantalk-spam-protect'),
37
+ 'ct_posts' => esc_html__( 'Posts', 'cleantalk-spam-protect'),
38
+ );
39
+ }
40
+
41
+ // CheckBox column
42
+ function column_cb( $item ){
43
+ echo '<input type="checkbox" name="spamids[]" id="cb-select-'. $item['ct_id'] .'" value="'. $item['ct_id'] .'" />';
44
+ }
45
+
46
+ // Username (first) column
47
+ function column_ct_username( $item ) {
48
+ $user_obj = $item['ct_username'];
49
+ $email = $user_obj->user_email;
50
+ $column_content = '';
51
+
52
+ // Avatar, nickname
53
+ $column_content .= '<strong>' . get_avatar( $user_obj->ID , 32) . '&nbsp;' . $user_obj->user_login . '</strong>';
54
+ $column_content .= '<br /><br />';
55
+
56
+ // Email
57
+ if( ! empty( $email ) ){
58
+ $column_content .= "<a href='mailto:$email'>$email</a>"
59
+ .( ! $this->apbct->white_label
60
+ ? "<a href='https://cleantalk.org/blacklists/$email' target='_blank'>"
61
+ ."&nbsp;<img src='" . APBCT_URL_PATH . "/inc/images/new_window.gif' alt='Ico: open in new window' border='0' style='float:none' />"
62
+ ."</a>"
63
+ : '');
64
+ } else {
65
+ $column_content .= esc_html__( 'No email', 'cleantalk-spam-protect');
66
+ }
67
+ $column_content .= '<br/>';
68
+
69
+ // IP
70
+ $user_meta = get_user_meta( $user_obj->ID, 'session_tokens', true );
71
+ if( ! empty( $user_meta ) && is_array( $user_meta ) ){
72
+ $user_meta = array_values( $user_meta );
73
+ if( ! empty( $user_meta[0]['ip'] ) ) {
74
+ $ip = $user_meta[0]['ip'];
75
+ $column_content .= "<a href='user-edit.php?user_id=$user_obj->ID'>$ip</a>"
76
+ .( ! $this->apbct->white_label
77
+ ?"<a href='https://cleantalk.org/blacklists/$ip ' target='_blank'>"
78
+ ."&nbsp;<img src='" . APBCT_URL_PATH . "/inc/images/new_window.gif' alt='Ico: open in new window' border='0' style='float:none' />"
79
+ ."</a>"
80
+ : '');
81
+ }else
82
+ $column_content .= esc_html__( 'No IP adress', 'cleantalk-spam-protect');
83
+ }else
84
+ $column_content .= esc_html__( 'No IP adress', 'cleantalk-spam-protect');
85
+
86
+ $actions = array(
87
+ 'delete' => sprintf( '<a href="?page=%s&action=%s&spam=%s">Delete</a>', $_REQUEST['page'],'delete', $user_obj->ID ),
88
+ );
89
+
90
+ return sprintf( '%1$s %2$s', $column_content, $this->row_actions( $actions ) );
91
+
92
+ }
93
+
94
+ // Rest of columns
95
+ function column_default( $item, $column_name ) {
96
+ switch( $column_name ) {
97
+ case 'ct_name':
98
+ case 'ct_email':
99
+ case 'ct_signed_up':
100
+ case 'ct_role':
101
+ case 'ct_posts':
102
+ case 'ct_start':
103
+ case 'ct_checked':
104
+ case 'ct_spam':
105
+ case 'ct_bad':
106
+ return $item[ $column_name ];
107
+ default:
108
+ return print_r( $item, true ) ;
109
+ }
110
+ }
111
+
112
+ function get_bulk_actions() {
113
+ $actions = array(
114
+ 'delete' => 'Delete'
115
+ );
116
+ return $actions;
117
+ }
118
+
119
+ function bulk_actions_handler() {
120
+
121
+ if( empty($_POST['spamids']) || empty($_POST['_wpnonce']) ) return;
122
+
123
+ if ( ! $action = $this->current_action() ) return;
124
+
125
+ if( ! wp_verify_nonce( $_POST['_wpnonce'], 'bulk-' . $this->_args['plural'] ) )
126
+ wp_die('nonce error');
127
+
128
+ $this->removeSpam( $_POST['spamids'] );
129
+
130
+ }
131
+
132
+ function row_actions_handler() {
133
+
134
+ if( empty($_GET['action']) ) return;
135
+
136
+ if( $_GET['action'] == 'delete' ) {
137
+
138
+ $id = filter_input( INPUT_GET, 'spam', FILTER_SANITIZE_NUMBER_INT );
139
+ $this->removeSpam( array( $id ) );
140
+
141
+ }
142
+
143
+ }
144
+
145
+ function no_items() {
146
+ esc_html_e( 'No spam found.', 'cleantalk-spam-protect');
147
+ }
148
+
149
+ //********************************************//
150
+ // LOGIC //
151
+ //*******************************************//
152
+
153
+ function removeSpam( $ids ) {
154
+
155
+ $sanitized_ids = array();
156
+ foreach($ids as $id) {
157
+ $sanitized_ids[] = sanitize_key( $id );
158
+ }
159
+ $ids_string = implode( ', ', $sanitized_ids );
160
+ global $wpdb;
161
+
162
+ $wpdb->query("DELETE FROM {$wpdb->users} WHERE
163
+ ID IN ($ids_string)");
164
+
165
+ }
166
+
167
+ public function getTotal() {
168
+
169
+ $params_total = array(
170
+ 'fields' => 'ID',
171
+ 'count'=>true,
172
+ 'orderby' => 'user_registered'
173
+ );
174
+ $total_users = new \WP_User_Query($params_total);
175
+ return $total_users;
176
+
177
+ }
178
+
179
+ public function getChecked() {
180
+
181
+ $params_spam = array(
182
+ 'fields' => 'ID',
183
+ 'meta_key' => 'ct_checked',
184
+ 'count_total' => true,
185
+ );
186
+ $spam_users = new \WP_User_Query($params_spam);
187
+ return $spam_users;
188
+
189
+ }
190
+
191
+ public function getCheckedNow() {
192
+
193
+ $params_spam = array(
194
+ 'fields' => 'ID',
195
+ 'meta_key' => 'ct_checked_now',
196
+ 'count_total' => true,
197
+ );
198
+ $spam_users = new \WP_User_Query($params_spam);
199
+ return $spam_users;
200
+
201
+ }
202
+
203
+ public function getSpam() {
204
+
205
+ $params_spam = array(
206
+ 'fields' => 'ID',
207
+ 'meta_key' => 'ct_marked_as_spam',
208
+ 'count_total' => true,
209
+ );
210
+ $spam_users = new \WP_User_Query($params_spam);
211
+ return $spam_users;
212
+
213
+ }
214
+
215
+ public function getSpamNow() {
216
+
217
+ $params_spam = array(
218
+ 'fields' => 'ID',
219
+ 'meta_query' => array(
220
+ 'relation' => 'AND',
221
+ array(
222
+ 'key' => 'ct_marked_as_spam',
223
+ 'compare' => 'EXISTS'
224
+ ),
225
+ array(
226
+ 'key' => 'ct_checked_now',
227
+ 'compare' => 'EXISTS'
228
+ ),
229
+ ),
230
+ 'count_total' => true,
231
+ );
232
+ $spam_users = new \WP_User_Query($params_spam);
233
+ return $spam_users;
234
+
235
+ }
236
+
237
+ public function getBad() { // Without IP and EMAIL
238
+
239
+ $params_bad = array(
240
+ 'fields' => 'ID',
241
+ 'meta_key' => 'ct_bad',
242
+ 'count_total' => true,
243
+ );
244
+ $bad_users = new \WP_User_Query($params_bad);
245
+ return $bad_users;
246
+
247
+ }
248
+
249
+ public function getScansLogs() {
250
+
251
+ global $wpdb;
252
+ $query = "SELECT * FROM " . APBCT_SPAMSCAN_LOGS . " WHERE scan_type = 'users'";
253
+ $res = $wpdb->get_results( $query, ARRAY_A );
254
+ return $res;
255
+
256
+ }
257
+
258
+ protected function removeLogs( $ids ) {
259
+
260
+ $sanitized_ids = array();
261
+ foreach($ids as $id) {
262
+ $sanitized_ids[] = sanitize_key( $id );
263
+ }
264
+ $ids_string = implode( ', ', $sanitized_ids );
265
+ global $wpdb;
266
+
267
+ $wpdb->query("DELETE FROM " . APBCT_SPAMSCAN_LOGS . " WHERE
268
+ ID IN ($ids_string)");
269
+
270
+ }
271
+
272
  }
lib/Cleantalk/ApbctWP/Firewall/AntiCrawler.php CHANGED
@@ -1,250 +1,249 @@
1
- <?php
2
-
3
- namespace Cleantalk\ApbctWP\Firewall;
4
-
5
- use Cleantalk\Common\Helper as Helper;
6
- use Cleantalk\Variables\Cookie;
7
- use Cleantalk\Variables\Server;
8
-
9
- class AntiCrawler extends \Cleantalk\Common\Firewall\FirewallModule{
10
-
11
- public $module_name = 'ANTICRAWLER';
12
-
13
- private $db__table__ac_logs = null;
14
- private $api_key = '';
15
- private $apbct = false;
16
- private $store_interval = 60;
17
- private $ua; //User-Agent
18
-
19
- private $ac_log_result = '';
20
-
21
- public $isExcluded = false;
22
-
23
- /**
24
- * AntiBot constructor.
25
- *
26
- * @param $log_table
27
- * @param $ac_logs_table
28
- * @param array $params
29
- */
30
- public function __construct( $log_table, $ac_logs_table, $params = array() ) {
31
-
32
- global $apbct;
33
- $this->apbct = $apbct;
34
- $this->db__table__logs = $log_table ?: null;
35
- $this->db__table__ac_logs = $ac_logs_table ?: null;
36
- $this->ua = md5( Server::get('HTTP_USER_AGENT') );
37
-
38
-
39
- foreach( $params as $param_name => $param ){
40
- $this->$param_name = isset( $this->$param_name ) ? $param : false;
41
- }
42
-
43
- $this->isExcluded = $this->check_exclusions();
44
-
45
- }
46
-
47
- /**
48
- * Use this method to execute main logic of the module.
49
- *
50
- * @return array Array of the check results
51
- */
52
- public function check() {
53
-
54
- $results = array();
55
-
56
- foreach( $this->ip_array as $ip_origin => $current_ip ) {
57
-
58
- // Skip by 301 response code
59
- if( http_response_code() == 301 ){
60
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
61
- return $results;
62
- }
63
-
64
- // Skip by cookie
65
- if( Cookie::get('apbct_antibot') == hash( 'sha256', $this->api_key . $this->apbct->data['salt'] ) ) {
66
- if( Cookie::get( 'apbct_anticrawler_passed' ) == 1 ){
67
- if( ! headers_sent() )
68
- \Cleantalk\Common\Helper::apbct_cookie__set( 'apbct_anticrawler_passed', '0', time() - 86400, '/', null, false, true, 'Lax' );
69
- }
70
-
71
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
72
-
73
- return $results;
74
-
75
- }
76
- }
77
-
78
- // Common check
79
- foreach( $this->ip_array as $ip_origin => $current_ip ){
80
-
81
- $result = $this->db->fetch(
82
- "SELECT ip"
83
- . ' FROM `' . $this->db__table__ac_logs . '`'
84
- . " WHERE ip = '$current_ip'"
85
- . " AND ua = '$this->ua';"
86
- );
87
-
88
- if( isset( $result['ip'] ) ){
89
-
90
- if( Cookie::get('apbct_antibot') !== hash( 'sha256', $this->api_key . $this->apbct->data['salt'] ) ){
91
-
92
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'DENY_ANTICRAWLER', );
93
-
94
- }else{
95
-
96
- if( Cookie::get( 'apbct_anticrawler_passed' ) === '1' ){
97
-
98
- if( ! headers_sent() )
99
- \Cleantalk\Common\Helper::apbct_cookie__set( 'apbct_anticrawler_passed', '0', time() - 86400, '/', null, false, true, 'Lax' );
100
-
101
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
102
-
103
- return $results;
104
- }
105
- }
106
-
107
- }else{
108
-
109
- if( ! Cookie::get('apbct_antibot') ) {
110
- $this->update_ac_log();
111
- }
112
-
113
- add_action( 'wp_head', array( '\Cleantalk\ApbctWP\Firewall\AntiCrawler', 'set_cookie' ) );
114
-
115
- }
116
- }
117
-
118
- return $results;
119
-
120
- }
121
-
122
- private function update_ac_log() {
123
-
124
- $interval_time = Helper::time__get_interval_start( $this->store_interval );
125
-
126
- // @todo Rename ip column to sign. Use IP + UserAgent for it.
127
-
128
- foreach( $this->ip_array as $ip_origin => $current_ip ){
129
- $id = md5( $current_ip . $this->ua. $interval_time );
130
- $this->db->execute(
131
- "INSERT INTO " . $this->db__table__ac_logs . " SET
132
- id = '$id',
133
- ip = '$current_ip',
134
- ua = '$this->ua',
135
- entries = 1,
136
- interval_start = $interval_time
137
- ON DUPLICATE KEY UPDATE
138
- ip = ip,
139
- ua = '$this->ua',
140
- entries = entries + 1,
141
- interval_start = $interval_time;"
142
- );
143
- }
144
-
145
- }
146
-
147
-
148
- public static function set_cookie(){
149
- global $apbct;
150
- echo '<script>document.cookie = "apbct_antibot=' . hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ) . '; path=/; expires=0; samesite=lax";</script>';
151
- }
152
-
153
- /**
154
- * Add entry to SFW log.
155
- * Writes to database.
156
- *
157
- * @param string $ip
158
- * @param $status
159
- */
160
- public function update_log( $ip, $status ) {
161
-
162
- $id = md5( $ip . $this->module_name );
163
- $time = time();
164
-
165
- $query = "INSERT INTO " . $this->db__table__logs . "
166
- SET
167
- id = '$id',
168
- ip = '$ip',
169
- status = '$status',
170
- all_entries = 1,
171
- blocked_entries = 1,
172
- entries_timestamp = '" . intval( $time ) . "'
173
- ON DUPLICATE KEY
174
- UPDATE
175
- status = '$status',
176
- all_entries = all_entries + 1,
177
- blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
178
- entries_timestamp = '" . intval( $time ) . "'";
179
-
180
- $this->db->execute( $query );
181
- }
182
-
183
- public function _die( $result ){
184
-
185
- global $apbct;
186
-
187
- // File exists?
188
- if(file_exists(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_anticrawler.html")){
189
-
190
- $sfw_die_page = file_get_contents(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_anticrawler.html");
191
-
192
- // Translation
193
- $replaces = array(
194
- '{SFW_DIE_NOTICE_IP}' => __('Anti-Crawler Protection is activated for your IP ', 'cleantalk-spam-protect'),
195
- '{SFW_DIE_MAKE_SURE_JS_ENABLED}' => __( 'To continue working with the web site, please make sure that you have enabled JavaScript.', 'cleantalk-spam-protect' ),
196
- '{SFW_DIE_YOU_WILL_BE_REDIRECTED}' => sprintf( __( 'You will be automatically redirected to the requested page after %d seconds.', 'cleantalk-spam-protect' ), 3 ) . '<br>' . __( 'Don\'t close this page. Please, wait for 3 seconds to pass to the page.', 'cleantalk-spam-protect' ),
197
- '{CLEANTALK_TITLE}' => __( 'Antispam by CleanTalk', 'cleantalk-spam-protect' ),
198
- '{REMOTE_ADDRESS}' => $result['ip'],
199
- '{SERVICE_ID}' => $this->apbct->data['service_id'],
200
- '{HOST}' => Server::get( 'HTTP_HOST' ),
201
- '{COOKIE_ANTICRAWLER}' => hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ),
202
- '{COOKIE_ANTICRAWLER_PASSED}' => '1',
203
- '{GENERATED}' => '<p>The page was generated at&nbsp;' . date( 'D, d M Y H:i:s' ) . "</p>",
204
- );
205
-
206
- foreach( $replaces as $place_holder => $replace ){
207
- $sfw_die_page = str_replace( $place_holder, $replace, $sfw_die_page );
208
- }
209
-
210
- if( isset( $_GET['debug'] ) ){
211
- $debug = '<h1>Headers</h1>'
212
- . str_replace( "\n", "<br>", print_r( \apache_request_headers(), true ) )
213
- . '<h1>$_SERVER</h1>'
214
- . str_replace( "\n", "<br>", print_r( $_SERVER, true ) )
215
- . '<h1>AC_LOG_RESULT</h1>'
216
- . str_replace( "\n", "<br>", print_r( $this->ac_log_result, true ) )
217
- . '<h1>IPS</h1>'
218
- . str_replace( "\n", "<br>", print_r( $this->ip_array, true ) );
219
- }else{
220
- $debug = '';
221
- }
222
- $sfw_die_page = str_replace( "{DEBUG}", $debug, $sfw_die_page );
223
-
224
- wp_die($sfw_die_page, "Blacklisted", Array('response'=>403));
225
-
226
- }else{
227
- wp_die("IP BLACKLISTED. Blocked by AntiCrawler " . $result['ip'], "Blacklisted", Array('response'=>403));
228
- }
229
-
230
- }
231
-
232
- private function check_exclusions() {
233
-
234
- $allowed_roles = array( 'administrator', 'editor' );
235
- $user = apbct_wp_get_current_user();
236
-
237
- if( ! $user ) {
238
- return false;
239
- }
240
-
241
- foreach( $allowed_roles as $role ) {
242
- if( in_array( $role, (array) $user->roles ) ) {
243
- return true;
244
- }
245
- }
246
-
247
- return false;
248
-
249
- }
250
  }
1
+ <?php
2
+
3
+ namespace Cleantalk\ApbctWP\Firewall;
4
+
5
+ use Cleantalk\Common\Helper as Helper;
6
+ use Cleantalk\Variables\Cookie;
7
+ use Cleantalk\Variables\Server;
8
+
9
+ class AntiCrawler extends \Cleantalk\Common\Firewall\FirewallModule{
10
+
11
+ public $module_name = 'ANTICRAWLER';
12
+
13
+ private $db__table__ac_logs = null;
14
+ private $api_key = '';
15
+ private $apbct = false;
16
+ private $store_interval = 60;
17
+ private $ua; //User-Agent
18
+
19
+ private $ac_log_result = '';
20
+
21
+ public $isExcluded = false;
22
+
23
+ /**
24
+ * AntiBot constructor.
25
+ *
26
+ * @param $log_table
27
+ * @param $ac_logs_table
28
+ * @param array $params
29
+ */
30
+ public function __construct( $log_table, $ac_logs_table, $params = array() ) {
31
+
32
+ global $apbct;
33
+ $this->apbct = $apbct;
34
+ $this->db__table__logs = $log_table ?: null;
35
+ $this->db__table__ac_logs = $ac_logs_table ?: null;
36
+ $this->ua = md5( Server::get('HTTP_USER_AGENT') );
37
+
38
+
39
+ foreach( $params as $param_name => $param ){
40
+ $this->$param_name = isset( $this->$param_name ) ? $param : false;
41
+ }
42
+
43
+ $this->isExcluded = $this->check_exclusions();
44
+
45
+ }
46
+
47
+ /**
48
+ * Use this method to execute main logic of the module.
49
+ *
50
+ * @return array Array of the check results
51
+ */
52
+ public function check() {
53
+
54
+ $results = array();
55
+
56
+ foreach( $this->ip_array as $ip_origin => $current_ip ) {
57
+
58
+ // Skip by 301 response code
59
+ if( http_response_code() == 301 ){
60
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
61
+ return $results;
62
+ }
63
+
64
+ // Skip by cookie
65
+ if( Cookie::get('apbct_antibot') == hash( 'sha256', $this->api_key . $this->apbct->data['salt'] ) ) {
66
+ if( Cookie::get( 'apbct_anticrawler_passed' ) == 1 ){
67
+ if( ! headers_sent() )
68
+ \Cleantalk\Common\Helper::apbct_cookie__set( 'apbct_anticrawler_passed', '0', time() - 86400, '/', null, false, true, 'Lax' );
69
+ }
70
+
71
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
72
+
73
+ return $results;
74
+
75
+ }
76
+ }
77
+
78
+ // Common check
79
+ foreach( $this->ip_array as $ip_origin => $current_ip ){
80
+
81
+ $result = $this->db->fetch(
82
+ "SELECT ip"
83
+ . ' FROM `' . $this->db__table__ac_logs . '`'
84
+ . " WHERE ip = '$current_ip'"
85
+ . " AND ua = '$this->ua';"
86
+ );
87
+
88
+ if( isset( $result['ip'] ) ){
89
+
90
+ if( Cookie::get('apbct_antibot') !== hash( 'sha256', $this->api_key . $this->apbct->data['salt'] ) ){
91
+
92
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'DENY_ANTICRAWLER', );
93
+
94
+ }else{
95
+
96
+ if( Cookie::get( 'apbct_anticrawler_passed' ) === '1' ){
97
+
98
+ if( ! headers_sent() )
99
+ \Cleantalk\Common\Helper::apbct_cookie__set( 'apbct_anticrawler_passed', '0', time() - 86400, '/', null, false, true, 'Lax' );
100
+
101
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_ANTICRAWLER', );
102
+
103
+ return $results;
104
+ }
105
+ }
106
+
107
+ }else{
108
+
109
+ if( ! Cookie::get('apbct_antibot') ) {
110
+ $this->update_ac_log();
111
+ }
112
+
113
+ add_action( 'wp_head', array( '\Cleantalk\ApbctWP\Firewall\AntiCrawler', 'set_cookie' ) );
114
+
115
+ }
116
+ }
117
+
118
+ return $results;
119
+
120
+ }
121
+
122
+ private function update_ac_log() {
123
+
124
+ $interval_time = Helper::time__get_interval_start( $this->store_interval );
125
+
126
+ // @todo Rename ip column to sign. Use IP + UserAgent for it.
127
+
128
+ foreach( $this->ip_array as $ip_origin => $current_ip ){
129
+ $id = md5( $current_ip . $this->ua. $interval_time );
130
+ $this->db->execute(
131
+ "INSERT INTO " . $this->db__table__ac_logs . " SET
132
+ id = '$id',
133
+ ip = '$current_ip',
134
+ ua = '$this->ua',
135
+ entries = 1,
136
+ interval_start = $interval_time
137
+ ON DUPLICATE KEY UPDATE
138
+ ip = ip,
139
+ entries = entries + 1,
140
+ interval_start = $interval_time;"
141
+ );
142
+ }
143
+
144
+ }
145
+
146
+
147
+ public static function set_cookie(){
148
+ global $apbct;
149
+ echo '<script>document.cookie = "apbct_antibot=' . hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ) . '; path=/; expires=0; samesite=lax";</script>';
150
+ }
151
+
152
+ /**
153
+ * Add entry to SFW log.
154
+ * Writes to database.
155
+ *
156
+ * @param string $ip
157
+ * @param $status
158
+ */
159
+ public function update_log( $ip, $status ) {
160
+
161
+ $id = md5( $ip . $this->module_name );
162
+ $time = time();
163
+
164
+ $query = "INSERT INTO " . $this->db__table__logs . "
165
+ SET
166
+ id = '$id',
167
+ ip = '$ip',
168
+ status = '$status',
169
+ all_entries = 1,
170
+ blocked_entries = 1,
171
+ entries_timestamp = '" . intval( $time ) . "'
172
+ ON DUPLICATE KEY
173
+ UPDATE
174
+ status = '$status',
175
+ all_entries = all_entries + 1,
176
+ blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
177
+ entries_timestamp = '" . intval( $time ) . "'";
178
+
179
+ $this->db->execute( $query );
180
+ }
181
+
182
+ public function _die( $result ){
183
+
184
+ global $apbct;
185
+
186
+ // File exists?
187
+ if(file_exists(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_anticrawler.html")){
188
+
189
+ $sfw_die_page = file_get_contents(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_anticrawler.html");
190
+
191
+ // Translation
192
+ $replaces = array(
193
+ '{SFW_DIE_NOTICE_IP}' => __('Anti-Crawler Protection is activated for your IP ', 'cleantalk-spam-protect'),
194
+ '{SFW_DIE_MAKE_SURE_JS_ENABLED}' => __( 'To continue working with the web site, please make sure that you have enabled JavaScript.', 'cleantalk-spam-protect' ),
195
+ '{SFW_DIE_YOU_WILL_BE_REDIRECTED}' => sprintf( __( 'You will be automatically redirected to the requested page after %d seconds.', 'cleantalk-spam-protect' ), 3 ) . '<br>' . __( 'Don\'t close this page. Please, wait for 3 seconds to pass to the page.', 'cleantalk-spam-protect' ),
196
+ '{CLEANTALK_TITLE}' => __( 'Antispam by CleanTalk', 'cleantalk-spam-protect' ),
197
+ '{REMOTE_ADDRESS}' => $result['ip'],
198
+ '{SERVICE_ID}' => $this->apbct->data['service_id'],
199
+ '{HOST}' => Server::get( 'HTTP_HOST' ),
200
+ '{COOKIE_ANTICRAWLER}' => hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ),
201
+ '{COOKIE_ANTICRAWLER_PASSED}' => '1',
202
+ '{GENERATED}' => '<p>The page was generated at&nbsp;' . date( 'D, d M Y H:i:s' ) . "</p>",
203
+ );
204
+
205
+ foreach( $replaces as $place_holder => $replace ){
206
+ $sfw_die_page = str_replace( $place_holder, $replace, $sfw_die_page );
207
+ }
208
+
209
+ if( isset( $_GET['debug'] ) ){
210
+ $debug = '<h1>Headers</h1>'
211
+ . str_replace( "\n", "<br>", print_r( \apache_request_headers(), true ) )
212
+ . '<h1>$_SERVER</h1>'
213
+ . str_replace( "\n", "<br>", print_r( $_SERVER, true ) )
214
+ . '<h1>AC_LOG_RESULT</h1>'
215
+ . str_replace( "\n", "<br>", print_r( $this->ac_log_result, true ) )
216
+ . '<h1>IPS</h1>'
217
+ . str_replace( "\n", "<br>", print_r( $this->ip_array, true ) );
218
+ }else{
219
+ $debug = '';
220
+ }
221
+ $sfw_die_page = str_replace( "{DEBUG}", $debug, $sfw_die_page );
222
+
223
+ wp_die($sfw_die_page, "Blacklisted", Array('response'=>403));
224
+
225
+ }else{
226
+ wp_die("IP BLACKLISTED. Blocked by AntiCrawler " . $result['ip'], "Blacklisted", Array('response'=>403));
227
+ }
228
+
229
+ }
230
+
231
+ private function check_exclusions() {
232
+
233
+ $allowed_roles = array( 'administrator', 'editor' );
234
+ $user = apbct_wp_get_current_user();
235
+
236
+ if( ! $user ) {
237
+ return false;
238
+ }
239
+
240
+ foreach( $allowed_roles as $role ) {
241
+ if( in_array( $role, (array) $user->roles ) ) {
242
+ return true;
243
+ }
244
+ }
245
+
246
+ return false;
247
+
248
+ }
 
249
  }
lib/Cleantalk/ApbctWP/Firewall/SFW.php CHANGED
@@ -1,548 +1,549 @@
1
- <?php
2
-
3
- namespace Cleantalk\ApbctWP\Firewall;
4
-
5
- use Cleantalk\ApbctWP\Helper;
6
- use Cleantalk\Variables\Cookie;
7
- use Cleantalk\Variables\Get;
8
- use Cleantalk\Variables\Server;
9
-
10
- class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
11
-
12
- /**
13
- * @var bool
14
- */
15
- private $test;
16
-
17
- // Additional params
18
- private $sfw_counter = false;
19
- private $api_key = false;
20
- private $apbct = array();
21
- private $set_cookies = false;
22
- private $cookie_domain = false;
23
-
24
- public $module_name = 'SFW';
25
-
26
- private $real_ip;
27
- private $debug;
28
- private $debug_data = '';
29
-
30
- /**
31
- * FireWall_module constructor.
32
- * Use this method to prepare any data for the module working.
33
- *
34
- * @param string $log_table
35
- * @param string $data_table
36
- * @param $params
37
- */
38
- public function __construct( $log_table, $data_table, $params = array() ){
39
-
40
- $this->db__table__data = $data_table ?: null;
41
- $this->db__table__logs = $log_table ?: null;
42
-
43
- foreach( $params as $param_name => $param ){
44
- $this->$param_name = isset( $this->$param_name ) ? $param : false;
45
- }
46
-
47
- $this->debug = (bool) Get::get( 'debug' );
48
-
49
- }
50
-
51
- /**
52
- * @param $ips
53
- */
54
- public function ip__append_additional( &$ips ){
55
-
56
- $this->real_ip = isset($ips['real']) ? $ips['real'] : null;
57
-
58
- if( Get::get( 'sfw_test_ip' ) ){
59
- if( Helper::ip__validate( Get::get( 'sfw_test_ip' ) ) !== false ){
60
- $ips['sfw_test'] = Get::get( 'sfw_test_ip' );
61
- $this->test_ip = Get::get( 'sfw_test_ip' );
62
- $this->test = true;
63
- }
64
- }
65
-
66
-
67
- }
68
-
69
- /**
70
- * Use this method to execute main logic of the module.
71
- *
72
- * @return array Array of the check results
73
- */
74
- public function check(){
75
-
76
- $results = array();
77
- $status = 0;
78
-
79
- // Skip by cookie
80
- foreach( $this->ip_array as $current_ip ){
81
-
82
- if( substr( Cookie::get( 'ct_sfw_pass_key' ), 0, 32 ) == md5( $current_ip . $this->api_key ) ){
83
-
84
- if( Cookie::get( 'ct_sfw_passed' ) ){
85
-
86
- if( ! headers_sent() ){
87
- \Cleantalk\Common\Helper::apbct_cookie__set( 'ct_sfw_passed', '0', time() + 86400 * 3, '/', null, false, true, 'Lax' );
88
- }
89
-
90
- else {
91
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_COOKIE', );
92
- }
93
-
94
- if( $this->sfw_counter ){
95
- $this->apbct->data['sfw_counter']['all'] ++;
96
- $this->apbct->saveData();
97
- }
98
-
99
- }
100
-
101
- if( strlen( Cookie::get( 'ct_sfw_pass_key' ) ) > 32 ) {
102
- $status = substr( Cookie::get( 'ct_sfw_pass_key' ), -1 );
103
- }
104
-
105
- if( $status ) {
106
- $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_WHITELIST',);
107
- }
108
-
109
- return $results;
110
- }
111
- }
112
-
113
- // Common check
114
- foreach($this->ip_array as $origin => $current_ip){
115
-
116
- $current_ip_v4 = sprintf("%u", ip2long($current_ip));
117
- for ( $needles = array(), $m = 6; $m <= 32; $m ++ ) {
118
- $mask = sprintf( "%u", ip2long( long2ip( - 1 << ( 32 - (int) $m ) ) ) );
119
- $needles[] = bindec( decbin( $mask ) & decbin( $current_ip_v4 ) );
120
- }
121
- $needles = array_unique( $needles );
122
-
123
- $db_results = $this->db->fetch_all("SELECT
124
- network, mask, status
125
- FROM " . $this->db__table__data . "
126
- WHERE network IN (". implode( ',', $needles ) .")
127
- AND network = " . $current_ip_v4 . " & mask");
128
-
129
- if( ! empty( $db_results ) ){
130
-
131
- foreach( $db_results as $db_result ){
132
-
133
- if( $db_result['status'] == 1 )
134
- $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_WHITELIST',);
135
- else
136
- $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'DENY_SFW',);
137
-
138
- }
139
-
140
- }else{
141
-
142
- $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW' );
143
-
144
- }
145
- }
146
-
147
- return $results;
148
- }
149
-
150
- /**
151
- * Add entry to SFW log.
152
- * Writes to database.
153
- *
154
- * @param string $ip
155
- * @param $status
156
- */
157
- public function update_log( $ip, $status ) {
158
-
159
- if( in_array( $status, array( 'PASS_SFW__BY_WHITELIST', 'PASS_SFW', 'PASS_ANTIFLOOD', 'PASS_ANTICRAWLER' ) ) ){
160
- return;
161
- }
162
-
163
- $id = md5( $ip . $this->module_name );
164
- $time = time();
165
-
166
- $query = "INSERT INTO " . $this->db__table__logs . "
167
- SET
168
- id = '$id',
169
- ip = '$ip',
170
- status = '$status',
171
- all_entries = 1,
172
- blocked_entries = 1,
173
- entries_timestamp = '" . $time . "'
174
- ON DUPLICATE KEY
175
- UPDATE
176
- status = '$status',
177
- all_entries = all_entries + 1,
178
- blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
179
- entries_timestamp = '" . intval( $time ) . "'";
180
-
181
- $this->db->execute( $query );
182
- }
183
-
184
- public function actions_for_denied( $result ){
185
-
186
- if( $this->sfw_counter ){
187
- $this->apbct->data['sfw_counter']['blocked']++;
188
- $this->apbct->saveData();
189
- }
190
-
191
- }
192
-
193
- public function actions_for_passed( $result ){
194
- if( $this->set_cookies && ! headers_sent() ) {
195
- $status = $result['status'] == 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
196
- $cookie_val = md5( $result['ip'] . $this->api_key ) . $status;
197
- \Cleantalk\ApbctWP\Helper::apbct_cookie__set( 'ct_sfw_pass_key', $cookie_val, time() + 86400 * 30, '/', null, false );
198
- }
199
- }
200
-
201
- /**
202
- * Shows DIE page.
203
- * Stops script executing.
204
- *
205
- * @param $result
206
- */
207
- public function _die( $result ){
208
-
209
- global $apbct;
210
-
211
- parent::_die( $result );
212
-
213
- // Statistics
214
- if(!empty($this->blocked_ips)){
215
- reset($this->blocked_ips);
216
- $this->apbct->stats['last_sfw_block']['time'] = time();
217
- $this->apbct->stats['last_sfw_block']['ip'] = $result['ip'];
218
- $this->apbct->save('stats');
219
- }
220
-
221
- // File exists?
222
- if(file_exists(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_sfw.html")){
223
-
224
- $sfw_die_page = file_get_contents(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_sfw.html");
225
-
226
- $status = $result['status'] == 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
227
- $cookie_val = md5( $result['ip'] . $this->api_key ) . $status;
228
-
229
- // Translation
230
- $replaces = array(
231
- '{SFW_DIE_NOTICE_IP}' => __('SpamFireWall is activated for your IP ', 'cleantalk-spam-protect'),
232
- '{SFW_DIE_MAKE_SURE_JS_ENABLED}' => __( 'To continue working with the web site, please make sure that you have enabled JavaScript.', 'cleantalk-spam-protect' ),
233
- '{SFW_DIE_CLICK_TO_PASS}' => __('Please click the link below to pass the protection,', 'cleantalk-spam-protect'),
234
- '{SFW_DIE_YOU_WILL_BE_REDIRECTED}' => sprintf(__('Or you will be automatically redirected to the requested page after %d seconds.', 'cleantalk-spam-protect'), 3),
235
- '{CLEANTALK_TITLE}' => ($this->test ? __('This is the testing page for SpamFireWall', 'cleantalk-spam-protect') : ''),
236
- '{REMOTE_ADDRESS}' => $result['ip'],
237
- '{SERVICE_ID}' => $this->apbct->data['service_id'],
238
- '{HOST}' => Server::get( 'HTTP_HOST' ),
239
- '{GENERATED}' => '<p>The page was generated at&nbsp;' . date( 'D, d M Y H:i:s' ) . "</p>",
240
- '{REQUEST_URI}' => Server::get( 'REQUEST_URI' ),
241
-
242
- // Cookie
243
- '{COOKIE_PREFIX}' => '',
244
- '{COOKIE_DOMAIN}' => $this->cookie_domain,
245
- '{COOKIE_SFW}' => $this->test ? $this->test_ip : $cookie_val,
246
- '{COOKIE_ANTICRAWLER}' => hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ),
247
-
248
- // Test
249
- '{TEST_TITLE}' => '',
250
- '{REAL_IP__HEADER}' => '',
251
- '{TEST_IP__HEADER}' => '',
252
- '{TEST_IP}' => '',
253
- '{REAL_IP}' => '',
254
- );
255
-
256
- // Test
257
- if($this->test){
258
- $replaces['{TEST_TITLE}'] = __( 'This is the testing page for SpamFireWall', 'cleantalk-spam-protect' );
259
- $replaces['{REAL_IP__HEADER}'] = 'Real IP:';
260
- $replaces['{TEST_IP__HEADER}'] = 'Test IP:';
261
- $replaces['{TEST_IP}'] = $this->test_ip;
262
- $replaces['{REAL_IP}'] = $this->real_ip;
263
- }
264
-
265
- // Debug
266
- if($this->debug){
267
- $debug = '<h1>Headers</h1>'
268
- . var_export(apache_request_headers(), true)
269
- . '<h1>REMOTE_ADDR</h1>'
270
- . Server::get( 'REMOTE_ADDR' )
271
- . '<h1>SERVER_ADDR</h1>'
272
- . Server::get( 'REMOTE_ADDR' )
273
- . '<h1>IP_ARRAY</h1>'
274
- . var_export($this->ip_array, true)
275
- . '<h1>ADDITIONAL</h1>'
276
- . var_export($this->debug_data, true);
277
- }
278
- $replaces['{DEBUG}'] = isset( $debug ) ? $debug : '';
279
-
280
- foreach( $replaces as $place_holder => $replace ){
281
- $sfw_die_page = str_replace( $place_holder, $replace, $sfw_die_page );
282
- }
283
-
284
- wp_die($sfw_die_page, "Blacklisted", Array('response'=>403));
285
-
286
- }else{
287
- wp_die("IP BLACKLISTED. Blocked by SFW " . $result['ip'], "Blacklisted", Array('response'=>403));
288
- }
289
-
290
- }
291
-
292
- /**
293
- * Sends and wipe SFW log
294
- *
295
- * @param $db
296
- * @param $log_table
297
- * @param string $ct_key API key
298
- *
299
- * @return array|bool array('error' => STRING)
300
- */
301
- public static function send_log( $db, $log_table, $ct_key ) {
302
-
303
- //Getting logs
304
- $query = "SELECT * FROM " . $log_table . ";";
305
- $db->fetch_all( $query );
306
-
307
- if( count( $db->result ) ){
308
-
309
- //Compile logs
310
- $data = array();
311
- foreach( $db->result as $key => $value ){
312
-
313
- // Converting statuses to API format
314
- $value['status'] = $value['status'] === 'DENY_ANTICRAWLER' ? 'BOT_PROTECTION' : $value['status'];
315
- $value['status'] = $value['status'] === 'PASS_ANTICRAWLER' ? 'BOT_PROTECTION' : $value['status'];
316
-
317
- $value['status'] = $value['status'] === 'DENY_ANTIFLOOD' ? 'FLOOD_PROTECTION' : $value['status'];
318
- $value['status'] = $value['status'] === 'PASS_ANTIFLOOD' ? 'FLOOD_PROTECTION' : $value['status'];
319
-
320
- $value['status'] = $value['status'] === 'PASS_SFW__BY_COOKIE' ? null : $value['status'];
321
- $value['status'] = $value['status'] === 'DENY_SFW' ? null : $value['status'];
322
-
323
- $row = array(
324
- trim( $value['ip'] ),
325
- $value['all_entries'],
326
- $value['all_entries'] - $value['blocked_entries'],
327
- $value['entries_timestamp'],
328
- );
329
-
330
- if( $value['status'] )
331
- $row[] = $value['status'];
332
-
333
- $data[] = $row;
334
-
335
- }
336
- unset( $key, $value );
337
-
338
- //Sending the request
339
- $result = \Cleantalk\Common\API::method__sfw_logs( $ct_key, $data );
340
- //Checking answer and deleting all lines from the table
341
- if( empty( $result['error'] ) ){
342
- if( $result['rows'] == count( $data ) ){
343
- $db->execute( "TRUNCATE TABLE " . $log_table . ";" );
344
-
345
- return $result;
346
- }
347
-
348
- return array( 'error' => 'SENT_AND_RECEIVED_LOGS_COUNT_DOESNT_MACH' );
349
- } else{
350
- return $result;
351
- }
352
-
353
- } else{
354
- return $result = array( 'rows' => 0 );
355
- }
356
- }
357
-
358
-
359
- /**
360
- * Updates SFW local base
361
- *
362
- * @param $db
363
- * @param $db__table__data
364
- * @param string $ct_key API key
365
- * @param null|string $file_url File URL with SFW data.
366
- * @param bool $immediate Requires immmediate update. Without remote call
367
- *
368
- * @return array|bool array('error' => STRING)
369
- */
370
- public static function update( $db, $db__table__data, $ct_key, $file_url = null, $immediate = false){
371
-
372
- // Getting remote file name
373
- if(!$file_url){
374
-
375
- $result = \Cleantalk\Common\API::method__get_2s_blacklists_db($ct_key, 'multifiles', '2_0');
376
-
377
- sleep(4);
378
-
379
- if( empty( $result['error'] ) ){
380
-
381
- if( ! empty( $result['file_url'] ) ){
382
-
383
- $file_url = trim( $result['file_url'] );
384
-
385
- $response_code = Helper::http__request__get_response_code( $file_url );
386
-
387
- if( empty( $response_code['error'] ) ){
388
-
389
- if( $response_code == 200 || $response_code == 501 ){
390
-
391
- $gz_data = Helper::http__request__get_content( $file_url );
392
-
393
- if( empty( $gz_data['error'] ) ){
394
-
395
- if( Helper::get_mime_type( $gz_data, 'application/x-gzip' ) ){
396
-
397
- if( function_exists( 'gzdecode' ) ){
398
-
399
- $data = gzdecode( $gz_data );
400
-
401
- if( $data !== false ){
402
-
403
- $result__clear_db = self::clear_data_table( $db, $db__table__data );
404
-
405
- if( empty( $result__clear_db['error'] ) ){
406
-
407
- $lines = Helper::buffer__parse__csv( $data );
408
-
409
- /*$file_urls = array();
410
-
411
- while( current( $lines ) !== false ){
412
- $file_urls[] = current( $lines )[0];
413
- next( $lines );
414
- }*/
415
-
416
- $patterns = array();
417
- $patterns[] = 'get';
418
-
419
- if( ! $immediate ){
420
- $patterns[] = 'async';
421
- }
422
-
423
- return Helper::http__request(
424
- get_option( 'siteurl' ),
425
- array(
426
- 'spbc_remote_call_token' => md5( $ct_key ),
427
- 'spbc_remote_call_action' => 'sfw_update',
428
- 'plugin_name' => 'apbct',
429
- 'file_urls' => $file_url,
430
- 'url_count' => count( $lines ),
431
- 'current_url' => 0,
432
- ),
433
- $patterns
434
- );
435
-
436
- }else
437
- return $result__clear_db;
438
- }else
439
- return array('error' => 'COULD_DECODE_MULTIFILE');
440
- }else
441
- return array('error' => 'FUNCTION_GZ_DECODE_DOES_NOT_EXIST');
442
- }else
443
- return array('error' => 'WRONG_MULTIFILE_MIME_TYPE');
444
- }else
445
- return array('error' => 'COULD_NOT_GET_MULTIFILE: ' . $gz_data['error'] );
446
- }else
447
- return array('error' => 'MULTIFILE_BAD_RESPONSE_CODE: '. (int) $response_code );
448
- }else
449
- return array('error' => 'MULTIFILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
450
- }else
451
- return array('error' => 'NO_REMOTE_MULTIFILE_FOUND: ' . $result['file_url'] );
452
- }else
453
- return $result;
454
- }else{
455
-
456
- $response_code = Helper::http__request($file_url, array(), 'get_code');
457
-
458
- if( empty( $response_code['error'] ) ){
459
-
460
- if( $response_code == 200 || $response_code == 501 ){ // Check if it's there
461
-
462
- $gz_data = Helper::http__request__get_content( $file_url );
463
-
464
- if( empty( $gz_data['error'] ) ){
465
-
466
- if( Helper::get_mime_type( $gz_data, 'application/x-gzip' ) ){
467
-
468
- if( function_exists( 'gzdecode' ) ){
469
-
470
- $data = gzdecode( $gz_data );
471
-
472
- if( $data !== false ){
473
-
474
- $lines = Helper::buffer__parse__csv( $data );
475
-
476
- }else
477
- return array('error' => 'COULD_DECODE_FILE');
478
- }else
479
- return array('error' => 'FUNCTION_GZ_DECODE_DOES_NOT_EXIST');
480
- }else
481
- return array('error' => 'WRONG_FILE_MIME_TYPE');
482
-
483
- reset( $lines );
484
-
485
- for( $count_result = 0; current($lines) !== false; ) {
486
-
487
- $query = "INSERT INTO ".$db__table__data." (network, mask, status) VALUES ";
488
-
489
- for( $i = 0, $values = array(); APBCT_WRITE_LIMIT !== $i && current( $lines ) !== false; $i ++, $count_result ++, next( $lines ) ){
490
-
491
- $entry = current($lines);
492
-
493
- if(empty($entry))
494
- continue;
495
-
496
- if ( APBCT_WRITE_LIMIT !== $i ) {
497
-
498
- // Cast result to int
499
- $ip = preg_replace('/[^\d]*/', '', $entry[0]);
500
- $mask = preg_replace('/[^\d]*/', '', $entry[1]);
501
- $private = isset($entry[2]) ? $entry[2] : 0;
502
-
503
- }
504
-
505
- $values[] = '('. $ip .','. $mask .','. $private .')';
506
-
507
- }
508
-
509
- if( ! empty( $values ) ){
510
- $query = $query . implode( ',', $values ) . ';';
511
- $db->execute( $query );
512
- }
513
-
514
- }
515
-
516
- return $count_result;
517
-
518
- }else
519
- return array('error' => 'COULD_NOT_GET_FILE: ' . $gz_data['error'] );
520
- }else
521
- return array('error' => 'FILE_BAD_RESPONSE_CODE: '. (int) $response_code );
522
- }else
523
- return array('error' => 'FILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
524
- }
525
- }
526
-
527
- /**
528
- * Clear SFW table
529
- *
530
- * @param $db
531
- * @param $db__table__data
532
- *
533
- * @return string[]
534
- */
535
- public static function clear_data_table( $db, $db__table__data ) {
536
-
537
- $db->execute( "TRUNCATE TABLE {$db__table__data};" );
538
- $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
539
- if( $db->result['cnt'] != 0 ){
540
- $db->execute( "DELETE FROM {$db__table__data};" ); // Truncate table
541
- $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
542
- if( $db->result['cnt'] != 0 ){
543
- return array( 'error' => 'COULD_NOT_CLEAR_SFW_TABLE' ); // throw an error
544
- }
545
- }
546
- $db->execute( "ALTER TABLE {$db__table__data} AUTO_INCREMENT = 1;" ); // Drop AUTO INCREMENT
547
- }
 
548
  }
1
+ <?php
2
+
3
+ namespace Cleantalk\ApbctWP\Firewall;
4
+
5
+ use Cleantalk\ApbctWP\Helper;
6
+ use Cleantalk\Variables\Cookie;
7
+ use Cleantalk\Variables\Get;
8
+ use Cleantalk\Variables\Server;
9
+
10
+ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
11
+
12
+ /**
13
+ * @var bool
14
+ */
15
+ private $test;
16
+
17
+ // Additional params
18
+ private $sfw_counter = false;
19
+ private $api_key = false;
20
+ private $apbct = array();
21
+ private $set_cookies = false;
22
+ private $cookie_domain = false;
23
+
24
+ public $module_name = 'SFW';
25
+
26
+ private $real_ip;
27
+ private $debug;
28
+ private $debug_data = '';
29
+
30
+ /**
31
+ * FireWall_module constructor.
32
+ * Use this method to prepare any data for the module working.
33
+ *
34
+ * @param string $log_table
35
+ * @param string $data_table
36
+ * @param $params
37
+ */
38
+ public function __construct( $log_table, $data_table, $params = array() ){
39
+
40
+ $this->db__table__data = $data_table ?: null;
41
+ $this->db__table__logs = $log_table ?: null;
42
+
43
+ foreach( $params as $param_name => $param ){
44
+ $this->$param_name = isset( $this->$param_name ) ? $param : false;
45
+ }
46
+
47
+ $this->debug = (bool) Get::get( 'debug' );
48
+
49
+ }
50
+
51
+ /**
52
+ * @param $ips
53
+ */
54
+ public function ip__append_additional( &$ips ){
55
+
56
+ $this->real_ip = isset($ips['real']) ? $ips['real'] : null;
57
+
58
+ if( Get::get( 'sfw_test_ip' ) ){
59
+ if( Helper::ip__validate( Get::get( 'sfw_test_ip' ) ) !== false ){
60
+ $ips['sfw_test'] = Get::get( 'sfw_test_ip' );
61
+ $this->test_ip = Get::get( 'sfw_test_ip' );
62
+ $this->test = true;
63
+ }
64
+ }
65
+
66
+
67
+ }
68
+
69
+ /**
70
+ * Use this method to execute main logic of the module.
71
+ *
72
+ * @return array Array of the check results
73
+ */
74
+ public function check(){
75
+
76
+ $results = array();
77
+ $status = 0;
78
+
79
+ // Skip by cookie
80
+ foreach( $this->ip_array as $current_ip ){
81
+
82
+ if( substr( Cookie::get( 'ct_sfw_pass_key' ), 0, 32 ) == md5( $current_ip . $this->api_key ) ){
83
+
84
+ if( Cookie::get( 'ct_sfw_passed' ) ){
85
+
86
+ if( ! headers_sent() ){
87
+ \Cleantalk\Common\Helper::apbct_cookie__set( 'ct_sfw_passed', '0', time() + 86400 * 3, '/', null, false, true, 'Lax' );
88
+ }
89
+
90
+ else {
91
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_COOKIE', );
92
+ }
93
+
94
+ if( $this->sfw_counter ){
95
+ $this->apbct->data['sfw_counter']['all'] ++;
96
+ $this->apbct->saveData();
97
+ }
98
+
99
+ }
100
+
101
+ if( strlen( Cookie::get( 'ct_sfw_pass_key' ) ) > 32 ) {
102
+ $status = substr( Cookie::get( 'ct_sfw_pass_key' ), -1 );
103
+ }
104
+
105
+ if( $status ) {
106
+ $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_WHITELIST',);
107
+ }
108
+
109
+ return $results;
110
+ }
111
+ }
112
+
113
+ // Common check
114
+ foreach($this->ip_array as $origin => $current_ip){
115
+
116
+ $current_ip_v4 = sprintf("%u", ip2long($current_ip));
117
+ for ( $needles = array(), $m = 6; $m <= 32; $m ++ ) {
118
+ $mask = str_repeat( '1', $m );
119
+ $mask = str_pad( $mask, 32, '0' );
120
+ $needles[] = sprintf( "%u", bindec( $mask & base_convert( $current_ip_v4, 10, 2 ) ) );
121
+ }
122
+ $needles = array_unique( $needles );
123
+
124
+ $db_results = $this->db->fetch_all("SELECT
125
+ network, mask, status
126
+ FROM " . $this->db__table__data . "
127
+ WHERE network IN (". implode( ',', $needles ) .")
128
+ AND network = " . $current_ip_v4 . " & mask");
129
+
130
+ if( ! empty( $db_results ) ){
131
+
132
+ foreach( $db_results as $db_result ){
133
+
134
+ if( $db_result['status'] == 1 )
135
+ $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW__BY_WHITELIST',);
136
+ else
137
+ $results[] = array('ip' => $current_ip, 'is_personal' => false, 'status' => 'DENY_SFW',);
138
+
139
+ }
140
+
141
+ }else{
142
+
143
+ $results[] = array( 'ip' => $current_ip, 'is_personal' => false, 'status' => 'PASS_SFW' );
144
+
145
+ }
146
+ }
147
+
148
+ return $results;
149
+ }
150
+
151
+ /**
152
+ * Add entry to SFW log.
153
+ * Writes to database.
154
+ *
155
+ * @param string $ip
156
+ * @param $status
157
+ */
158
+ public function update_log( $ip, $status ) {
159
+
160
+ if( in_array( $status, array( 'PASS_SFW__BY_WHITELIST', 'PASS_SFW', 'PASS_ANTIFLOOD', 'PASS_ANTICRAWLER' ) ) ){
161
+ return;
162
+ }
163
+
164
+ $id = md5( $ip . $this->module_name );
165
+ $time = time();
166
+
167
+ $query = "INSERT INTO " . $this->db__table__logs . "
168
+ SET
169
+ id = '$id',
170
+ ip = '$ip',
171
+ status = '$status',
172
+ all_entries = 1,
173
+ blocked_entries = 1,
174
+ entries_timestamp = '" . $time . "'
175
+ ON DUPLICATE KEY
176
+ UPDATE
177
+ status = '$status',
178
+ all_entries = all_entries + 1,
179
+ blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
180
+ entries_timestamp = '" . intval( $time ) . "'";
181
+
182
+ $this->db->execute( $query );
183
+ }
184
+
185
+ public function actions_for_denied( $result ){
186
+
187
+ if( $this->sfw_counter ){
188
+ $this->apbct->data['sfw_counter']['blocked']++;
189
+ $this->apbct->saveData();
190
+ }
191
+
192
+ }
193
+
194
+ public function actions_for_passed( $result ){
195
+ if( $this->set_cookies && ! headers_sent() ) {
196
+ $status = $result['status'] == 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
197
+ $cookie_val = md5( $result['ip'] . $this->api_key ) . $status;
198
+ \Cleantalk\ApbctWP\Helper::apbct_cookie__set( 'ct_sfw_pass_key', $cookie_val, time() + 86400 * 30, '/', null, false );
199
+ }
200
+ }
201
+
202
+ /**
203
+ * Shows DIE page.
204
+ * Stops script executing.
205
+ *
206
+ * @param $result
207
+ */
208
+ public function _die( $result ){
209
+
210
+ global $apbct;
211
+
212
+ parent::_die( $result );
213
+
214
+ // Statistics
215
+ if(!empty($this->blocked_ips)){
216
+ reset($this->blocked_ips);
217
+ $this->apbct->stats['last_sfw_block']['time'] = time();
218
+ $this->apbct->stats['last_sfw_block']['ip'] = $result['ip'];
219
+ $this->apbct->save('stats');
220
+ }
221
+
222
+ // File exists?
223
+ if(file_exists(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_sfw.html")){
224
+
225
+ $sfw_die_page = file_get_contents(CLEANTALK_PLUGIN_DIR . "lib/Cleantalk/ApbctWP/Firewall/die_page_sfw.html");
226
+
227
+ $status = $result['status'] == 'PASS_SFW__BY_WHITELIST' ? '1' : '0';
228
+ $cookie_val = md5( $result['ip'] . $this->api_key ) . $status;
229
+
230
+ // Translation
231
+ $replaces = array(
232
+ '{SFW_DIE_NOTICE_IP}' => __('SpamFireWall is activated for your IP ', 'cleantalk-spam-protect'),
233
+ '{SFW_DIE_MAKE_SURE_JS_ENABLED}' => __( 'To continue working with the web site, please make sure that you have enabled JavaScript.', 'cleantalk-spam-protect' ),
234
+ '{SFW_DIE_CLICK_TO_PASS}' => __('Please click the link below to pass the protection,', 'cleantalk-spam-protect'),
235
+ '{SFW_DIE_YOU_WILL_BE_REDIRECTED}' => sprintf(__('Or you will be automatically redirected to the requested page after %d seconds.', 'cleantalk-spam-protect'), 3),
236
+ '{CLEANTALK_TITLE}' => ($this->test ? __('This is the testing page for SpamFireWall', 'cleantalk-spam-protect') : ''),
237
+ '{REMOTE_ADDRESS}' => $result['ip'],
238
+ '{SERVICE_ID}' => $this->apbct->data['service_id'],
239
+ '{HOST}' => Server::get( 'HTTP_HOST' ),
240
+ '{GENERATED}' => '<p>The page was generated at&nbsp;' . date( 'D, d M Y H:i:s' ) . "</p>",
241
+ '{REQUEST_URI}' => Server::get( 'REQUEST_URI' ),
242
+
243
+ // Cookie
244
+ '{COOKIE_PREFIX}' => '',
245
+ '{COOKIE_DOMAIN}' => $this->cookie_domain,
246
+ '{COOKIE_SFW}' => $this->test ? $this->test_ip : $cookie_val,
247
+ '{COOKIE_ANTICRAWLER}' => hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ),
248
+
249
+ // Test
250
+ '{TEST_TITLE}' => '',
251
+ '{REAL_IP__HEADER}' => '',
252
+ '{TEST_IP__HEADER}' => '',
253
+ '{TEST_IP}' => '',
254
+ '{REAL_IP}' => '',
255
+ );
256
+
257
+ // Test
258
+ if($this->test){
259
+ $replaces['{TEST_TITLE}'] = __( 'This is the testing page for SpamFireWall', 'cleantalk-spam-protect' );
260
+ $replaces['{REAL_IP__HEADER}'] = 'Real IP:';
261
+ $replaces['{TEST_IP__HEADER}'] = 'Test IP:';
262
+ $replaces['{TEST_IP}'] = $this->test_ip;
263
+ $replaces['{REAL_IP}'] = $this->real_ip;
264
+ }
265
+
266
+ // Debug
267
+ if($this->debug){
268
+ $debug = '<h1>Headers</h1>'
269
+ . var_export(apache_request_headers(), true)
270
+ . '<h1>REMOTE_ADDR</h1>'
271
+ . Server::get( 'REMOTE_ADDR' )
272
+ . '<h1>SERVER_ADDR</h1>'
273
+ . Server::get( 'REMOTE_ADDR' )
274
+ . '<h1>IP_ARRAY</h1>'
275
+ . var_export($this->ip_array, true)
276
+ . '<h1>ADDITIONAL</h1>'
277
+ . var_export($this->debug_data, true);
278
+ }
279
+ $replaces['{DEBUG}'] = isset( $debug ) ? $debug : '';
280
+
281
+ foreach( $replaces as $place_holder => $replace ){
282
+ $sfw_die_page = str_replace( $place_holder, $replace, $sfw_die_page );
283
+ }
284
+
285
+ wp_die($sfw_die_page, "Blacklisted", Array('response'=>403));
286
+
287
+ }else{
288
+ wp_die("IP BLACKLISTED. Blocked by SFW " . $result['ip'], "Blacklisted", Array('response'=>403));
289
+ }
290
+
291
+ }
292
+
293
+ /**
294
+ * Sends and wipe SFW log
295
+ *
296
+ * @param $db
297
+ * @param $log_table
298
+ * @param string $ct_key API key
299
+ *
300
+ * @return array|bool array('error' => STRING)
301
+ */
302
+ public static function send_log( $db, $log_table, $ct_key ) {
303
+
304
+ //Getting logs
305
+ $query = "SELECT * FROM " . $log_table . ";";
306
+ $db->fetch_all( $query );
307
+
308
+ if( count( $db->result ) ){
309
+
310
+ //Compile logs
311
+ $data = array();
312
+ foreach( $db->result as $key => $value ){
313
+
314
+ // Converting statuses to API format
315
+ $value['status'] = $value['status'] === 'DENY_ANTICRAWLER' ? 'BOT_PROTECTION' : $value['status'];
316
+ $value['status'] = $value['status'] === 'PASS_ANTICRAWLER' ? 'BOT_PROTECTION' : $value['status'];
317
+
318
+ $value['status'] = $value['status'] === 'DENY_ANTIFLOOD' ? 'FLOOD_PROTECTION' : $value['status'];
319
+ $value['status'] = $value['status'] === 'PASS_ANTIFLOOD' ? 'FLOOD_PROTECTION' : $value['status'];
320
+
321
+ $value['status'] = $value['status'] === 'PASS_SFW__BY_COOKIE' ? null : $value['status'];
322
+ $value['status'] = $value['status'] === 'DENY_SFW' ? null : $value['status'];
323
+
324
+ $row = array(
325
+ trim( $value['ip'] ),
326
+ $value['all_entries'],
327
+ $value['all_entries'] - $value['blocked_entries'],
328
+ $value['entries_timestamp'],
329
+ );
330
+
331
+ if( $value['status'] )
332
+ $row[] = $value['status'];
333
+
334
+ $data[] = $row;
335
+
336
+ }
337
+ unset( $key, $value );
338
+
339
+ //Sending the request
340
+ $result = \Cleantalk\Common\API::method__sfw_logs( $ct_key, $data );
341
+ //Checking answer and deleting all lines from the table
342
+ if( empty( $result['error'] ) ){
343
+ if( $result['rows'] == count( $data ) ){
344
+ $db->execute( "TRUNCATE TABLE " . $log_table . ";" );
345
+
346
+ return $result;
347
+ }
348
+
349
+ return array( 'error' => 'SENT_AND_RECEIVED_LOGS_COUNT_DOESNT_MACH' );
350
+ } else{
351
+ return $result;
352
+ }
353
+
354
+ } else{
355
+ return $result = array( 'rows' => 0 );
356
+ }
357
+ }
358
+
359
+
360
+ /**
361
+ * Updates SFW local base
362
+ *
363
+ * @param $db
364
+ * @param $db__table__data
365
+ * @param string $ct_key API key
366
+ * @param null|string $file_url File URL with SFW data.
367
+ * @param bool $immediate Requires immmediate update. Without remote call
368
+ *
369
+ * @return array|bool array('error' => STRING)
370
+ */
371
+ public static function update( $db, $db__table__data, $ct_key, $file_url = null, $immediate = false){
372
+
373
+ // Getting remote file name
374
+ if(!$file_url){
375
+
376
+ $result = \Cleantalk\Common\API::method__get_2s_blacklists_db($ct_key, 'multifiles', '2_0');
377
+
378
+ sleep(4);
379
+
380
+ if( empty( $result['error'] ) ){
381
+
382
+ if( ! empty( $result['file_url'] ) ){
383
+
384
+ $file_url = trim( $result['file_url'] );
385
+
386
+ $response_code = Helper::http__request__get_response_code( $file_url );
387
+
388
+ if( empty( $response_code['error'] ) ){
389
+
390
+ if( $response_code == 200 || $response_code == 501 ){
391
+
392
+ $gz_data = Helper::http__request__get_content( $file_url );
393
+
394
+ if( empty( $gz_data['error'] ) ){
395
+
396
+ if( Helper::get_mime_type( $gz_data, 'application/x-gzip' ) ){
397
+
398
+ if( function_exists( 'gzdecode' ) ){
399
+
400
+ $data = gzdecode( $gz_data );
401
+
402
+ if( $data !== false ){
403
+
404
+ $result__clear_db = self::clear_data_table( $db, $db__table__data );
405
+
406
+ if( empty( $result__clear_db['error'] ) ){
407
+
408
+ $lines = Helper::buffer__parse__csv( $data );
409
+
410
+ /*$file_urls = array();
411
+
412
+ while( current( $lines ) !== false ){
413
+ $file_urls[] = current( $lines )[0];
414
+ next( $lines );
415
+ }*/
416
+
417
+ $patterns = array();
418
+ $patterns[] = 'get';
419
+
420
+ if( ! $immediate ){
421
+ $patterns[] = 'async';
422
+ }
423
+
424
+ return Helper::http__request(
425
+ get_option( 'siteurl' ),
426
+ array(
427
+ 'spbc_remote_call_token' => md5( $ct_key ),
428
+ 'spbc_remote_call_action' => 'sfw_update',
429
+ 'plugin_name' => 'apbct',
430
+ 'file_urls' => $file_url,
431
+ 'url_count' => count( $lines ),
432
+ 'current_url' => 0,
433
+ ),
434
+ $patterns
435
+ );
436
+
437
+ }else
438
+ return $result__clear_db;
439
+ }else
440
+ return array('error' => 'COULD_DECODE_MULTIFILE');
441
+ }else
442
+ return array('error' => 'FUNCTION_GZ_DECODE_DOES_NOT_EXIST');
443
+ }else
444
+ return array('error' => 'WRONG_MULTIFILE_MIME_TYPE');
445
+ }else
446
+ return array('error' => 'COULD_NOT_GET_MULTIFILE: ' . $gz_data['error'] );
447
+ }else
448
+ return array('error' => 'MULTIFILE_BAD_RESPONSE_CODE: '. (int) $response_code );
449
+ }else
450
+ return array('error' => 'MULTIFILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
451
+ }else
452
+ return array('error' => 'NO_REMOTE_MULTIFILE_FOUND: ' . $result['file_url'] );
453
+ }else
454
+ return $result;
455
+ }else{
456
+
457
+ $response_code = Helper::http__request($file_url, array(), 'get_code');
458
+
459
+ if( empty( $response_code['error'] ) ){
460
+
461
+ if( $response_code == 200 || $response_code == 501 ){ // Check if it's there
462
+
463
+ $gz_data = Helper::http__request__get_content( $file_url );
464
+
465
+ if( empty( $gz_data['error'] ) ){
466
+
467
+ if( Helper::get_mime_type( $gz_data, 'application/x-gzip' ) ){
468
+
469
+ if( function_exists( 'gzdecode' ) ){
470
+
471
+ $data = gzdecode( $gz_data );
472
+
473
+ if( $data !== false ){
474
+
475
+ $lines = Helper::buffer__parse__csv( $data );
476
+
477
+ }else
478
+ return array('error' => 'COULD_DECODE_FILE');
479
+ }else
480
+ return array('error' => 'FUNCTION_GZ_DECODE_DOES_NOT_EXIST');
481
+ }else
482
+ return array('error' => 'WRONG_FILE_MIME_TYPE');
483
+
484
+ reset( $lines );
485
+
486
+ for( $count_result = 0; current($lines) !== false; ) {
487
+
488
+ $query = "INSERT INTO ".$db__table__data." (network, mask, status) VALUES ";
489
+
490
+ for( $i = 0, $values = array(); APBCT_WRITE_LIMIT !== $i && current( $lines ) !== false; $i ++, $count_result ++, next( $lines ) ){
491
+
492
+ $entry = current($lines);
493
+
494
+ if(empty($entry))
495
+ continue;
496
+
497
+ if ( APBCT_WRITE_LIMIT !== $i ) {
498
+
499
+ // Cast result to int
500
+ $ip = preg_replace('/[^\d]*/', '', $entry[0]);
501
+ $mask = preg_replace('/[^\d]*/', '', $entry[1]);
502
+ $private = isset($entry[2]) ? $entry[2] : 0;
503
+
504
+ }
505
+
506
+ $values[] = '('. $ip .','. $mask .','. $private .')';
507
+
508
+ }
509
+
510
+ if( ! empty( $values ) ){
511
+ $query = $query . implode( ',', $values ) . ';';
512
+ $db->execute( $query );
513
+ }
514
+
515
+ }
516
+
517
+ return $count_result;
518
+
519
+ }else
520
+ return array('error' => 'COULD_NOT_GET_FILE: ' . $gz_data['error'] );
521
+ }else
522
+ return array('error' => 'FILE_BAD_RESPONSE_CODE: '. (int) $response_code );
523
+ }else
524
+ return array('error' => 'FILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
525
+ }
526
+ }
527
+
528
+ /**
529
+ * Clear SFW table
530
+ *
531
+ * @param $db
532
+ * @param $db__table__data
533
+ *
534
+ * @return string[]
535
+ */
536
+ public static function clear_data_table( $db, $db__table__data ) {
537
+
538
+ $db->execute( "TRUNCATE TABLE {$db__table__data};" );
539
+ $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
540
+ if( $db->result['cnt'] != 0 ){
541
+ $db->execute( "DELETE FROM {$db__table__data};" ); // Truncate table
542
+ $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
543
+ if( $db->result['cnt'] != 0 ){
544
+ return array( 'error' => 'COULD_NOT_CLEAR_SFW_TABLE' ); // throw an error
545
+ }
546
+ }
547
+ $db->execute( "ALTER TABLE {$db__table__data} AUTO_INCREMENT = 1;" ); // Drop AUTO INCREMENT
548
+ }
549
  }
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: spam, antispam, anti-spam, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.5
6
  Requires PHP: 5.4
7
- Stable tag: 5.148
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
@@ -485,7 +485,7 @@ CleanTalk works with Varnish, it protects WordPress against spam, but by default
485
  Now the plugin will protect WordPress comments, registrations and most of popular contact forms, but will not protect some of rarely used contact forms.
486
 
487
  = Does the anti-spam plugin work with Accelerated Mobile Pages (AMP)? =
488
- Yes, it does. But you have to turn off the option 'Use AJAX for JavaScript check' in Advanced settigns of the plugin to be fully compatible with Accelerated Mobile Pages.
489
 
490
  = How to close renewal or trial notice in the WordPress backend? =
491
  To close the notice please save the plugin settings again or it will be closed automatically within 60 minutes after the renewal.
@@ -580,6 +580,21 @@ If your website has forms that send data to external sources, you can enable opt
580
 
581
  == Changelog ==
582
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
583
  = 5.148 Oct 28 2020 =
584
  * Fix: Visible fields collecting on external forms fixed.
585
  * Fix: Skip pre-filled form data for specific form.
4
  Requires at least: 3.0
5
  Tested up to: 5.5
6
  Requires PHP: 5.4
7
+ Stable tag: 5.149
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
485
  Now the plugin will protect WordPress comments, registrations and most of popular contact forms, but will not protect some of rarely used contact forms.
486
 
487
  = Does the anti-spam plugin work with Accelerated Mobile Pages (AMP)? =
488
+ Yes, it does. But you have to turn off the SpamFireWall and the option 'Use AJAX for JavaScript check' in Advanced settigns of the plugin to be fully compatible with Accelerated Mobile Pages.
489
 
490
  = How to close renewal or trial notice in the WordPress backend? =
491
  To close the notice please save the plugin settings again or it will be closed automatically within 60 minutes after the renewal.
580
 
581
  == Changelog ==
582
 
583
+ = 5.149 Nov 19 2020 =
584
+ * Fix: External forms protection fixed.
585
+ * Fix: check for array in spam_stat collect.
586
+ * Fix: Spam Firewall. Operating with IPs on 32 bit systems.
587
+ * Fix: Skip WFU ask_server request.
588
+ * Fix: AC user agents support fixed.
589
+ * New: Hook 'apbct_pre_block_page' added.
590
+ * Fix: Woocommerce ajax internal.
591
+ * Fix: skip redirect ajax login.
592
+ * Fix: SFW updating return statement added.
593
+ * Fix: Skip reset pass checking.
594
+ * Fix: replace current_action() to current_filter().
595
+ * Upd: AMP support description updated.
596
+ * Fix: SQL injection fixed.
597
+
598
  = 5.148 Oct 28 2020 =
599
  * Fix: Visible fields collecting on external forms fixed.
600
  * Fix: Skip pre-filled form data for specific form.