Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.151

Version Description

Dec 17 2020 = * Mod: Cleantalk Alternative Sessions. Store time reduces to 1 day. * Fix: Unusable alternative cookies table clearing. * Fix: AC UA case insensitive checking fixed. * Fix: AC UA enabled by default. * Fix: AC UA spelling fixed. * Fix: skip ajax mailpoet import users. * Fix: Helper::get_mime_type(). * Fix: Users - spam/not spam icons removed. * Fix: Users/Comments - additional button removed. * Integration: WP Members integration implemented. * Fix: Prevent mod_security protection blocking. * Fix: WLM sub site key getting fixed. * New: SFW updating through a temporary table. * New: UA logging for all FW modules. * Fix: Replace clearing table from SFW updating process. * Fix: SFW - Unused method removed. * Fix: IP detection. * Fix: Helper - Clean input of null bytes. * Fix: SFW updating - https protocol returned. * Fix: SFW updating - truncating temporary table. * Fix: SFW updating process percents added.

Download this release

Release Info

Developer glomberg
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.151
Comparing to
See all releases

Code changes from version 5.150.1 to 5.151

Files changed (16) hide show
  1. cleantalk.php +165 -81
  2. inc/cleantalk-admin.php +8 -13
  3. inc/cleantalk-ajax.php +2 -1
  4. inc/cleantalk-find-spam.php +52 -56
  5. inc/cleantalk-public.php +2 -1
  6. inc/cleantalk-settings.php +12 -2
  7. inc/cleantalk-updater.php +1 -1
  8. lib/Cleantalk/Antispam/Integrations.php +87 -86
  9. lib/Cleantalk/Antispam/Integrations/WpMembers.php +22 -0
  10. lib/Cleantalk/ApbctWP/FindSpam/UsersChecker.php +613 -646
  11. lib/Cleantalk/ApbctWP/Firewall/AntiCrawler.php +1 -1
  12. lib/Cleantalk/ApbctWP/Firewall/AntiFlood.php +4 -2
  13. lib/Cleantalk/ApbctWP/Firewall/SFW.php +61 -63
  14. lib/Cleantalk/ApbctWP/State.php +584 -578
  15. lib/Cleantalk/Common/Helper.php +6 -3
  16. readme.txt +24 -1
cleantalk.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.150.1
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
@@ -14,6 +14,10 @@ use Cleantalk\ApbctWP\CleantalkUpgrader;
14
  use Cleantalk\ApbctWP\CleantalkUpgraderSkin;
15
  use Cleantalk\ApbctWP\CleantalkUpgraderSkin_Deprecated;
16
  use Cleantalk\ApbctWP\Cron;
 
 
 
 
17
 
18
  $cleantalk_executed = false;
19
 
@@ -42,7 +46,7 @@ define('APBCT_DEBUG', 'cleantalk_debug'); //Option name wi
42
  define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
43
 
44
  // Sessions
45
- define('APBCT_SEESION__LIVE_TIME', 86400*2);
46
  define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
47
 
48
  // Different params
@@ -85,6 +89,8 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
85
 
86
  $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
87
  $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
 
 
88
 
89
  $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
90
 
@@ -109,7 +115,7 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
109
  define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
110
  define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
111
  define('APBCT_TBL_AC_LOG', $apbct->db_prefix . 'cleantalk_ac_log'); // Table with firewall logs.
112
- define('APBCT_TBL_AC_UA_BL', $apbct->db_prefix . 'cleantalk_ua_bl'); // Table with User Agents blacklist.
113
  define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
114
  define('APBCT_SPAMSCAN_LOGS', $apbct->db_prefix . 'cleantalk_spamscan_logs'); // Table with session data.
115
  define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
@@ -183,6 +189,7 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
183
  'SimpleMembership' => array( 'hook' => 'swpm_front_end_registration_complete_user_data', 'ajax' => false ),
184
  'EstimationForm' => array( 'hook' => 'send_email', 'ajax' => true ),
185
  'LandingPageBuilder' => array( 'hook' => 'ulpb_formBuilderEmail_ajax', 'ajax' => true ),
 
186
  );
187
  new \Cleantalk\Antispam\Integrations( $apbct_active_integrations );
188
 
@@ -212,7 +219,7 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
212
 
213
  // Custom register form (ticket_id=13668)
214
  add_action('website_neotrends_signup_fields_check',function( $username, $fields ){
215
- $ip = \Cleantalk\ApbctWP\Helper::ip__get( array('real'), false );
216
  $ct_result = ct_test_registration( $username, $fields['email'], $ip );
217
  if( $ct_result['allow'] == 0 ) {
218
  ct_die_extended( $ct_result['comment'] );
@@ -623,10 +630,10 @@ function apbct_sfw__check()
623
  );
624
 
625
  $firewall = new \Cleantalk\Common\Firewall(
626
- \Cleantalk\ApbctWP\DB::getInstance()
627
  );
628
 
629
- $firewall->load_fw_module( new \Cleantalk\ApbctWP\Firewall\SFW(
630
  APBCT_TBL_FIREWALL_LOG,
631
  APBCT_TBL_FIREWALL_DATA,
632
  array(
@@ -1035,84 +1042,146 @@ function ct_get_cookie()
1035
  die();
1036
  }
1037
 
1038
- function ct_sfw_update($api_key = '', $immediate = false){
1039
 
1040
  global $apbct;
1041
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1042
  $api_key = !empty($apbct->api_key) ? $apbct->api_key : $api_key;
1043
 
1044
  if( $apbct->settings['spam_firewall'] == 1 && ( ! empty($api_key) || $apbct->data['moderate_ip'] ) ) {
1045
-
1046
- $file_urls = isset($_GET['file_urls']) ? urldecode( $_GET['file_urls'] ) : null;
1047
- $url_count = isset($_GET['url_count']) ? urldecode( $_GET['url_count'] ) : null;
1048
- $current_url = isset($_GET['current_url']) ? urldecode( $_GET['current_url'] ) : null;
1049
 
1050
- if( ! $file_urls ){
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1051
 
1052
- // @ToDo we have to implement a flag to checking is the updating is in progress
1053
- // @ToDo this is the temporary solution: Setting update time at the updating start to prevent running several update processes
1054
- $apbct->stats['sfw']['last_update_time'] = time();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1055
 
1056
- //Reset previous entries count
1057
- $apbct->stats['sfw']['entries'] = 0;
1058
- $apbct->save('stats');
1059
-
1060
- $result = \Cleantalk\ApbctWP\Firewall\SFW::update(
1061
- \Cleantalk\ApbctWP\DB::getInstance(),
1062
- APBCT_TBL_FIREWALL_DATA,
1063
- $api_key,
1064
- null,
1065
- $immediate
1066
- );
1067
-
1068
- return ! empty( $result['error'] )
1069
- ? $result
1070
- : true;
1071
-
1072
- }elseif( $file_urls && $url_count > $current_url ){
1073
-
1074
- $result = \Cleantalk\ApbctWP\Firewall\SFW::update(
1075
- \Cleantalk\ApbctWP\DB::getInstance(),
1076
- APBCT_TBL_FIREWALL_DATA,
1077
- $api_key,
1078
- str_replace( 'multifiles', $current_url, $file_urls ),
1079
- $immediate
1080
- );
1081
-
1082
- if( empty( $result['error'] ) ){
1083
-
1084
- $current_url++;
1085
-
1086
- //Increment sfw entries
1087
- $apbct->stats['sfw']['entries'] += $result;
1088
- $apbct->save('stats');
1089
-
1090
- if ( $url_count >= $current_url ) {
1091
- return \Cleantalk\ApbctWP\Helper::http__request(
1092
- get_option('siteurl'),
1093
- array(
1094
- 'spbc_remote_call_token' => md5($api_key),
1095
- 'spbc_remote_call_action' => 'sfw_update',
1096
- 'plugin_name' => 'apbct',
1097
- 'file_urls' => $file_urls,
1098
- 'url_count' => $url_count,
1099
- 'current_url' => $current_url,
1100
- ),
1101
- array('get', 'async')
1102
- );
1103
- } else {
1104
- //Files array is empty update sfw time
1105
- $apbct->stats['sfw']['last_update_time'] = time();
1106
- $apbct->save('stats');
1107
- // Delete update errors
1108
- $apbct->error_delete( 'sfw_update', 'save_settings' );
1109
-
1110
- return $result;
1111
- }
1112
- }else
1113
- return $result;
1114
- }else
1115
- return array('error' => 'SFW_UPDATE WRONG_FILE_URLS');
1116
  }
1117
 
1118
  return array('error' => 'SFW_DISABLED');
@@ -1126,8 +1195,8 @@ function ct_sfw_send_logs($api_key = '')
1126
 
1127
  if( $apbct->settings['spam_firewall'] == 1 && ( ! empty($api_key) || $apbct->data['moderate_ip'] ) ) {
1128
 
1129
- $result = \Cleantalk\ApbctWP\Firewall\SFW::send_log(
1130
- \Cleantalk\ApbctWP\DB::getInstance(),
1131
  APBCT_TBL_FIREWALL_LOG,
1132
  $api_key
1133
  );
@@ -1159,7 +1228,7 @@ function apbct_antiflood__clear_table(){
1159
  'chance_to_clean' => 100,
1160
  )
1161
  );
1162
- $anti_flood->setDb( \Cleantalk\ApbctWP\DB::getInstance() );
1163
  $anti_flood->clear_table();
1164
  unset( $anti_flood );
1165
  }
@@ -1190,7 +1259,7 @@ function apbct_rc__send($action, $additional_params = array(), $presets = 'get',
1190
  $params = array_merge($additional_params, $default_params);
1191
 
1192
  return apbct_rc__parse_result(
1193
- \Cleantalk\ApbctWP\Helper::http__request(
1194
  $url ? $url : get_option('siteurl'),
1195
  $params,
1196
  $presets
@@ -1441,7 +1510,7 @@ function apbct_rc__update(){
1441
  die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1442
  }
1443
 
1444
- $httpResponseCode = \Cleantalk\ApbctWP\Helper::http__request(get_option('siteurl'), array(), 'get_code');
1445
 
1446
  if( strpos($httpResponseCode, '200') === false ){
1447
 
@@ -1601,7 +1670,7 @@ function apbct__hook__wp_logout__delete_trial_notice_cookie(){
1601
  }
1602
 
1603
  function apbct_alt_session__id__get(){
1604
- $id = \Cleantalk\ApbctWP\Helper::ip__get(array('real'))
1605
  .apbct_get_server_variable( 'HTTP_USER_AGENT' )
1606
  .apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1607
  return hash('sha256', $id);
@@ -1618,6 +1687,21 @@ function apbct_alt_sessions__remove_old(){
1618
  );
1619
  }
1620
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1621
 
1622
  function apbct_alt_session__save($name, $value){
1623
 
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.151
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
14
  use Cleantalk\ApbctWP\CleantalkUpgraderSkin;
15
  use Cleantalk\ApbctWP\CleantalkUpgraderSkin_Deprecated;
16
  use Cleantalk\ApbctWP\Cron;
17
+ use Cleantalk\ApbctWP\DB;
18
+ use Cleantalk\ApbctWP\Firewall\SFW;
19
+ use Cleantalk\ApbctWP\Helper;
20
+ use Cleantalk\Variables\Get;
21
 
22
  $cleantalk_executed = false;
23
 
46
  define('APBCT_WPMS', (is_multisite() ? true : false)); // WMPS is enabled
47
 
48
  // Sessions
49
+ define('APBCT_SEESION__LIVE_TIME', 86400);
50
  define('APBCT_SEESION__CHANCE_TO_CLEAN', 100);
51
 
52
  // Different params
89
 
90
  $apbct->data['user_counter']['since'] = isset($apbct->data['user_counter']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
91
  $apbct->data['connection_reports']['since'] = isset($apbct->data['connection_reports']['since']) ? $apbct->data['user_counter']['since'] : date('d M');
92
+
93
+ $apbct->firewall_updating = (bool) $apbct->data['firewall_updating_id'];
94
 
95
  $apbct->settings_link = is_network_admin() ? 'settings.php?page=cleantalk' : 'options-general.php?page=cleantalk';
96
 
115
  define('APBCT_TBL_FIREWALL_DATA', $apbct->db_prefix . 'cleantalk_sfw'); // Table with firewall data.
116
  define('APBCT_TBL_FIREWALL_LOG', $apbct->db_prefix . 'cleantalk_sfw_logs'); // Table with firewall logs.
117
  define('APBCT_TBL_AC_LOG', $apbct->db_prefix . 'cleantalk_ac_log'); // Table with firewall logs.
118
+ define('APBCT_TBL_AC_UA_BL', $apbct->db_prefix . 'cleantalk_ua_bl'); // Table with User-Agents blacklist.
119
  define('APBCT_TBL_SESSIONS', $apbct->db_prefix . 'cleantalk_sessions'); // Table with session data.
120
  define('APBCT_SPAMSCAN_LOGS', $apbct->db_prefix . 'cleantalk_spamscan_logs'); // Table with session data.
121
  define('APBCT_SELECT_LIMIT', 5000); // Select limit for logs.
189
  'SimpleMembership' => array( 'hook' => 'swpm_front_end_registration_complete_user_data', 'ajax' => false ),
190
  'EstimationForm' => array( 'hook' => 'send_email', 'ajax' => true ),
191
  'LandingPageBuilder' => array( 'hook' => 'ulpb_formBuilderEmail_ajax', 'ajax' => true ),
192
+ 'WpMembers' => array( 'hook' => 'wpmem_pre_register_data', 'ajax' => false ),
193
  );
194
  new \Cleantalk\Antispam\Integrations( $apbct_active_integrations );
195
 
219
 
220
  // Custom register form (ticket_id=13668)
221
  add_action('website_neotrends_signup_fields_check',function( $username, $fields ){
222
+ $ip = Helper::ip__get( array('real'), false );
223
  $ct_result = ct_test_registration( $username, $fields['email'], $ip );
224
  if( $ct_result['allow'] == 0 ) {
225
  ct_die_extended( $ct_result['comment'] );
630
  );
631
 
632
  $firewall = new \Cleantalk\Common\Firewall(
633
+ DB::getInstance()
634
  );
635
 
636
+ $firewall->load_fw_module( new SFW(
637
  APBCT_TBL_FIREWALL_LOG,
638
  APBCT_TBL_FIREWALL_DATA,
639
  array(
1042
  die();
1043
  }
1044
 
1045
+ function ct_sfw_update( $api_key = '', $immediate = false ){
1046
 
1047
  global $apbct;
1048
 
1049
+ // Prevent start another update at a time
1050
+ if(
1051
+ ! Get::get('firewall_updating_id') &&
1052
+ $apbct->data['firewall_updating_id'] &&
1053
+ time() - $apbct->data['firewall_updating_last_start'] < 60
1054
+ ){
1055
+ return true;
1056
+ }
1057
+
1058
+ // Check if the update performs right now. Blocks remote calls with different ID
1059
+ if( Get::get('firewall_updating_id') &&
1060
+ Get::get('firewall_updating_id') !== $apbct->data['firewall_updating_id']
1061
+ ) {
1062
+ return array( 'error' => 'FIREWALL_IS_UPDATING' );
1063
+ }
1064
+
1065
+ // Set new update ID
1066
+ if( ! $apbct->data['firewall_updating_id'] || time() - $apbct->data['firewall_updating_last_start'] > 300 ){
1067
+ $apbct->data['firewall_updating_id'] = md5( rand( 0, 100000 ) );
1068
+ $apbct->data['firewall_updating_last_start'] = time();
1069
+ $apbct->save( 'data' );
1070
+ }
1071
+
1072
  $api_key = !empty($apbct->api_key) ? $apbct->api_key : $api_key;
1073
 
1074
  if( $apbct->settings['spam_firewall'] == 1 && ( ! empty($api_key) || $apbct->data['moderate_ip'] ) ) {
 
 
 
 
1075
 
1076
+ if(
1077
+ // Remote call is in process, do updating
1078
+ isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) &&
1079
+ in_array($_GET['plugin_name'], array('antispam','anti-spam', 'apbct'))
1080
+ ) {
1081
+
1082
+ $file_urls = isset($_GET['file_urls']) ? urldecode( $_GET['file_urls'] ) : null;
1083
+ $url_count = isset($_GET['url_count']) ? urldecode( $_GET['url_count'] ) : null;
1084
+ $current_url = isset($_GET['current_url']) ? urldecode( $_GET['current_url'] ) : null;
1085
+
1086
+ if( ! $file_urls ){
1087
+
1088
+ //Reset previous entries count
1089
+ $apbct->stats['sfw']['entries'] = 0;
1090
+ $apbct->save('stats');
1091
+
1092
+ // @todo We have to handle errors here
1093
+ SFW::create_temp_tables( DB::getInstance() );
1094
+
1095
+ $result = SFW::update(
1096
+ DB::getInstance(),
1097
+ APBCT_TBL_FIREWALL_DATA . '_temp',
1098
+ $api_key,
1099
+ null,
1100
+ $immediate
1101
+ );
1102
+
1103
+ return ! empty( $result['error'] )
1104
+ ? $result
1105
+ : true;
1106
+
1107
+ }elseif( $file_urls && $url_count > $current_url ){
1108
+
1109
+ $result = SFW::update(
1110
+ DB::getInstance(),
1111
+ APBCT_TBL_FIREWALL_DATA . '_temp',
1112
+ $api_key,
1113
+ str_replace( 'multifiles', $current_url, $file_urls ),
1114
+ $immediate
1115
+ );
1116
+
1117
+ if( empty( $result['error'] ) ){
1118
+
1119
+ $current_url++;
1120
+
1121
+ //Increment sfw entries
1122
+ $apbct->stats['sfw']['entries'] += $result;
1123
+ $apbct->save('stats');
1124
+ $apbct->data['firewall_update_percent'] = round( ( ( (int) $current_url + 1 ) / (int) $url_count ), 2) * 100;
1125
+ $apbct->save('data');
1126
+
1127
+ if ( $url_count > $current_url ) {
1128
+ return Helper::http__request(
1129
+ get_option('siteurl'),
1130
+ array(
1131
+ 'spbc_remote_call_token' => md5($api_key),
1132
+ 'spbc_remote_call_action' => 'sfw_update',
1133
+ 'plugin_name' => 'apbct',
1134
+ 'file_urls' => str_replace( array( 'http://', 'https://' ), '', $file_urls ),
1135
+ 'url_count' => $url_count,
1136
+ 'current_url' => $current_url,
1137
+ // Additional params
1138
+ 'firewall_updating_id' => $apbct->data['firewall_updating_id'],
1139
+ ),
1140
+ array('get', 'async')
1141
+ );
1142
+ } else {
1143
 
1144
+ // @todo We have to handle errors here
1145
+ SFW::delete_main_data_tables( DB::getInstance() );
1146
+ // @todo We have to handle errors here
1147
+ SFW::rename_data_tables( DB::getInstance() );
1148
+
1149
+ //Files array is empty update sfw stats
1150
+ $apbct->data['last_firewall_updated'] = current_time('timestamp');
1151
+ $apbct->data['firewall_update_percent'] = 0;
1152
+ $apbct->data['firewall_updating_id'] = null;
1153
+ $apbct->save('data');
1154
+
1155
+ //Files array is empty update sfw time
1156
+ $apbct->stats['sfw']['last_update_time'] = time();
1157
+ $apbct->save('stats');
1158
+
1159
+ // Delete update errors
1160
+ $apbct->error_delete( 'sfw_update', 'save_settings' );
1161
+
1162
+ // REMOVE AND RENAME
1163
+ return $result;
1164
+ }
1165
+ }else
1166
+ return $result;
1167
+ }else
1168
+ return array('error' => 'SFW_UPDATE WRONG_FILE_URLS');
1169
+
1170
+ } else {
1171
+ // Go to init remote call
1172
+ return Helper::http__request(
1173
+ get_option( 'siteurl' ),
1174
+ array(
1175
+ 'spbc_remote_call_token' => md5( $api_key ),
1176
+ 'spbc_remote_call_action' => 'sfw_update',
1177
+ 'plugin_name' => 'apbct',
1178
+ // Additional params
1179
+ 'firewall_updating_id' => $apbct->data['firewall_updating_id'],
1180
+ ),
1181
+ array( 'get','async' )
1182
+ );
1183
+ }
1184
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1185
  }
1186
 
1187
  return array('error' => 'SFW_DISABLED');
1195
 
1196
  if( $apbct->settings['spam_firewall'] == 1 && ( ! empty($api_key) || $apbct->data['moderate_ip'] ) ) {
1197
 
1198
+ $result = SFW::send_log(
1199
+ DB::getInstance(),
1200
  APBCT_TBL_FIREWALL_LOG,
1201
  $api_key
1202
  );
1228
  'chance_to_clean' => 100,
1229
  )
1230
  );
1231
+ $anti_flood->setDb( DB::getInstance() );
1232
  $anti_flood->clear_table();
1233
  unset( $anti_flood );
1234
  }
1259
  $params = array_merge($additional_params, $default_params);
1260
 
1261
  return apbct_rc__parse_result(
1262
+ Helper::http__request(
1263
  $url ? $url : get_option('siteurl'),
1264
  $params,
1265
  $presets
1510
  die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
1511
  }
1512
 
1513
+ $httpResponseCode = Helper::http__request(get_option('siteurl'), array(), 'get_code');
1514
 
1515
  if( strpos($httpResponseCode, '200') === false ){
1516
 
1670
  }
1671
 
1672
  function apbct_alt_session__id__get(){
1673
+ $id = Helper::ip__get(array('real'))
1674
  .apbct_get_server_variable( 'HTTP_USER_AGENT' )
1675
  .apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1676
  return hash('sha256', $id);
1687
  );
1688
  }
1689
  }
1690
+ function apbct_alt_sessions__clear( $full_clear = true ) {
1691
+ global $wpdb;
1692
+ if( $full_clear ) {
1693
+ $res = $wpdb->query(
1694
+ 'TRUNCATE TABLE '. APBCT_TBL_SESSIONS .';'
1695
+ );
1696
+ } else {
1697
+ $res = $wpdb->query(
1698
+ 'DELETE FROM `'. APBCT_TBL_SESSIONS .'`
1699
+ WHERE name NOT IN ( "apbct_urls", "apbct_site_referer" )
1700
+ LIMIT 100000;'
1701
+ );
1702
+ }
1703
+ return $res;
1704
+ }
1705
 
1706
  function apbct_alt_session__save($name, $value){
1707
 
inc/cleantalk-admin.php CHANGED
@@ -37,10 +37,6 @@ function apbct_add_buttons_to_comments_and_users( $unused_argument ) {
37
  <img src="' . $apbct->logo__small__colored . '" alt="Cleantalk Antispam logo" height="" style="width: 17px; vertical-align: text-bottom;" />
38
  ' . sprintf(__( 'Find spam %s', 'cleantalk-spam-protect'), $button_description ) . '
39
  </a>
40
- <a href="https://cleantalk.org/my/show_requests?service_id=' . $apbct->data['service_id'] . '&int=week" target="_blank" class="button" style="margin:1px 0 0 0; display: inline-block;">
41
- <img src="' . $apbct->logo__small__colored . '" alt="Cleantalk Antispam logo" height="" style="width: 17px; vertical-align: text-bottom;" />
42
- ' . __( 'CleanTalk Anti-Spam Log', 'cleantalk-spam-protect') . '
43
- </a>
44
  ';
45
 
46
  }
@@ -183,15 +179,14 @@ function apbct_admin__init(){
183
  }
184
 
185
  // Getting key like hoster. Only once!
186
- if(!is_main_site() && $apbct->white_label && ( empty($apbct->api_key) || $apbct->settings['apikey'] == $apbct->network_settings['apikey'] ) ){
187
-
188
- $_POST['submit'] = 'get_key_auto';
189
- $apbct->save('settings');
190
- $settings = get_option('cleantalk_settings');
191
- $apbct->api_key = $settings['apikey'];
192
- unset($_POST['submit']);
193
-
194
- }
195
  }
196
 
197
  function apbct_admin__init___ajax_actions(){
37
  <img src="' . $apbct->logo__small__colored . '" alt="Cleantalk Antispam logo" height="" style="width: 17px; vertical-align: text-bottom;" />
38
  ' . sprintf(__( 'Find spam %s', 'cleantalk-spam-protect'), $button_description ) . '
39
  </a>
 
 
 
 
40
  ';
41
 
42
  }
179
  }
180
 
181
  // Getting key like hoster. Only once!
182
+ if(!is_main_site() && $apbct->white_label && ( empty($apbct->api_key) || $apbct->settings['apikey'] == $apbct->network_settings['apikey'] ) ){
183
+ $_POST['submit'] = 'get_key_auto';
184
+ $settings = apbct_settings__validate(array());
185
+ $apbct->api_key = $settings['apikey'];
186
+ $apbct->save('settings');
187
+ unset($_POST['submit']);
188
+
189
+ }
 
190
  }
191
 
192
  function apbct_admin__init___ajax_actions(){
inc/cleantalk-ajax.php CHANGED
@@ -341,7 +341,8 @@ function ct_ajax_hook($message_obj = false, $additional = false)
341
  )
342
  ) ||
343
  (isset($_POST['action'], $_POST['arm_action']) && $_POST['action'] == 'arm_shortcode_form_ajax_action' && $_POST['arm_action'] == 'please-login') || //arm forms skip login
344
- ( isset($_POST['action']) && $_POST['action'] == 'erf_login_user' && in_array( 'easy-registration-forms/erforms.php', apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) //Easy Registration Forms login form skip
 
345
  )
346
  {
347
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
341
  )
342
  ) ||
343
  (isset($_POST['action'], $_POST['arm_action']) && $_POST['action'] == 'arm_shortcode_form_ajax_action' && $_POST['arm_action'] == 'please-login') || //arm forms skip login
344
+ ( isset($_POST['action']) && $_POST['action'] == 'erf_login_user' && in_array( 'easy-registration-forms/erforms.php', apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) || //Easy Registration Forms login form skip
345
+ (isset($_POST['action'], $_POST['endpoint'], $_POST['method']) && $_POST['action'] == 'mailpoet' && $_POST['endpoint'] == 'ImportExport' && $_POST['method'] == 'processImport') //Mailpoet import
346
  )
347
  {
348
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
inc/cleantalk-find-spam.php CHANGED
@@ -1,56 +1,52 @@
1
- <?php
2
-
3
- // Adding menu items for USERS and COMMENTS spam checking pages
4
- add_action( 'admin_menu', 'ct_add_find_spam_pages' );
5
- function ct_add_find_spam_pages(){
6
-
7
- // Check users pages
8
- $ct_check_users = add_users_page( __( "Check for spam", 'cleantalk-spam-protect'), __( "Find spam users", 'cleantalk-spam-protect'), 'activate_plugins', 'ct_check_users', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
9
- $ct_check_users_logs = add_users_page( __( "Scan logs", 'cleantalk-spam-protect'), '', 'activate_plugins', 'ct_check_users_logs', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
10
-
11
- // Cheack comments pages
12
- $ct_check_spam = add_comments_page( __( "Check for spam", 'cleantalk-spam-protect'), __( "Find spam comments", 'cleantalk-spam-protect'), 'activate_plugins', 'ct_check_spam', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
13
- $ct_check_spam_logs = add_comments_page( __( "Scan logs", 'cleantalk-spam-protect'), '', 'activate_plugins', 'ct_check_spam_logs', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
14
-
15
- // Remove some pages from main menu
16
- remove_submenu_page( 'users.php', 'ct_check_users_logs' );
17
- remove_submenu_page( 'edit-comments.php', 'ct_check_spam_logs' );
18
-
19
- // Set screen option for every pages
20
- add_action( "load-$ct_check_users", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
21
- add_action( "load-$ct_check_users_logs", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
22
- add_action( "load-$ct_check_spam", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
23
- add_action( "load-$ct_check_spam_logs", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
24
-
25
- }
26
-
27
- // Set AJAX actions
28
- add_action( 'wp_ajax_ajax_clear_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_clear_users' ) );
29
- add_action( 'wp_ajax_ajax_check_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_check_users' ) );
30
- add_action( 'wp_ajax_ajax_info_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_info' ) );
31
- add_action( 'wp_ajax_ajax_ct_get_csv_file', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_get_csv_file' ) );
32
- add_action( 'wp_ajax_ajax_delete_all_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_delete_all_users' ) );
33
-
34
- add_action( 'wp_ajax_ajax_clear_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_clear_comments' ) );
35
- add_action( 'wp_ajax_ajax_check_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_check_comments' ) );
36
- add_action( 'wp_ajax_ajax_info_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_info' ) );
37
- add_action( 'wp_ajax_ajax_trash_all', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_trash_all' ) );
38
- add_action( 'wp_ajax_ajax_spam_all', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_spam_all' ) );
39
-
40
- // Debug
41
- add_action( 'wp_ajax_ajax_insert_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_insert_users' ) );
42
-
43
- // Hook for saving "per_page" option
44
- add_action( 'wp_loaded', 'ct_save_screen_option' );
45
- function ct_save_screen_option() {
46
-
47
- // Saving screen option for the pagination (per page option)
48
- add_filter( 'set-screen-option', function( $status, $option, $value ){
49
- return ( $option == 'spam_per_page' ) ? (int) $value : $status;
50
- }, 10, 3 );
51
-
52
- }
53
-
54
- // Add checked icons into users table
55
- add_filter( 'manage_users_columns', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_manage_users_columns' ), 10, 1 );
56
- add_filter( 'manage_users_custom_column', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_manage_users_custom_column' ), 10, 3 );
1
+ <?php
2
+
3
+ // Adding menu items for USERS and COMMENTS spam checking pages
4
+ add_action( 'admin_menu', 'ct_add_find_spam_pages' );
5
+ function ct_add_find_spam_pages(){
6
+
7
+ // Check users pages
8
+ $ct_check_users = add_users_page( __( "Check for spam", 'cleantalk-spam-protect'), __( "Find spam users", 'cleantalk-spam-protect'), 'activate_plugins', 'ct_check_users', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
9
+ $ct_check_users_logs = add_users_page( __( "Scan logs", 'cleantalk-spam-protect'), '', 'activate_plugins', 'ct_check_users_logs', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
10
+
11
+ // Cheack comments pages
12
+ $ct_check_spam = add_comments_page( __( "Check for spam", 'cleantalk-spam-protect'), __( "Find spam comments", 'cleantalk-spam-protect'), 'activate_plugins', 'ct_check_spam', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
13
+ $ct_check_spam_logs = add_comments_page( __( "Scan logs", 'cleantalk-spam-protect'), '', 'activate_plugins', 'ct_check_spam_logs', array( '\Cleantalk\ApbctWP\FindSpam\Page', 'showFindSpamPage' ) );
14
+
15
+ // Remove some pages from main menu
16
+ remove_submenu_page( 'users.php', 'ct_check_users_logs' );
17
+ remove_submenu_page( 'edit-comments.php', 'ct_check_spam_logs' );
18
+
19
+ // Set screen option for every pages
20
+ add_action( "load-$ct_check_users", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
21
+ add_action( "load-$ct_check_users_logs", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
22
+ add_action( "load-$ct_check_spam", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
23
+ add_action( "load-$ct_check_spam_logs", array( '\Cleantalk\ApbctWP\FindSpam\Page', 'setScreenOption' ) );
24
+
25
+ }
26
+
27
+ // Set AJAX actions
28
+ add_action( 'wp_ajax_ajax_clear_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_clear_users' ) );
29
+ add_action( 'wp_ajax_ajax_check_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_check_users' ) );
30
+ add_action( 'wp_ajax_ajax_info_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_info' ) );
31
+ add_action( 'wp_ajax_ajax_ct_get_csv_file', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_get_csv_file' ) );
32
+ add_action( 'wp_ajax_ajax_delete_all_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_delete_all_users' ) );
33
+
34
+ add_action( 'wp_ajax_ajax_clear_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_clear_comments' ) );
35
+ add_action( 'wp_ajax_ajax_check_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_check_comments' ) );
36
+ add_action( 'wp_ajax_ajax_info_comments', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_info' ) );
37
+ add_action( 'wp_ajax_ajax_trash_all', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_trash_all' ) );
38
+ add_action( 'wp_ajax_ajax_spam_all', array( '\Cleantalk\ApbctWP\FindSpam\CommentsChecker', 'ct_ajax_spam_all' ) );
39
+
40
+ // Debug
41
+ add_action( 'wp_ajax_ajax_insert_users', array( '\Cleantalk\ApbctWP\FindSpam\UsersChecker', 'ct_ajax_insert_users' ) );
42
+
43
+ // Hook for saving "per_page" option
44
+ add_action( 'wp_loaded', 'ct_save_screen_option' );
45
+ function ct_save_screen_option() {
46
+
47
+ // Saving screen option for the pagination (per page option)
48
+ add_filter( 'set-screen-option', function( $status, $option, $value ){
49
+ return ( $option == 'spam_per_page' ) ? (int) $value : $status;
50
+ }, 10, 3 );
51
+
52
+ }
 
 
 
 
inc/cleantalk-public.php CHANGED
@@ -3357,7 +3357,8 @@ function ct_contact_form_validate() {
3357
  ( isset( $_POST['action'] ) && $_POST['action'] == 'dokan_save_account_details' ) ||
3358
  \Cleantalk\Variables\Post::get('action') === 'frm_get_lookup_text_value' || // Exception for Formidable multilevel form
3359
  ( isset( $_POST['ihcaction'] ) && $_POST['ihcaction'] == 'reset_pass') || //Reset pass exclusion
3360
- ( isset( $_POST['action'], $_POST['register_unspecified_nonce_field'] ) && $_POST['action'] == 'register' ) // Profile Builder have a direct integration
 
3361
  ) {
3362
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3363
  return null;
3357
  ( isset( $_POST['action'] ) && $_POST['action'] == 'dokan_save_account_details' ) ||
3358
  \Cleantalk\Variables\Post::get('action') === 'frm_get_lookup_text_value' || // Exception for Formidable multilevel form
3359
  ( isset( $_POST['ihcaction'] ) && $_POST['ihcaction'] == 'reset_pass') || //Reset pass exclusion
3360
+ ( isset( $_POST['action'], $_POST['register_unspecified_nonce_field'] ) && $_POST['action'] == 'register' ) || // Profile Builder have a direct integration
3361
+ ( isset( $_POST['_wpmem_register_nonce'] ) && wp_verify_nonce( $_POST['_wpmem_register_nonce'], 'wpmem_longform_nonce' ) ) // WP Members have a direct integration
3362
  ) {
3363
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
3364
  return null;
inc/cleantalk-settings.php CHANGED
@@ -439,9 +439,9 @@ function apbct_settings__set_fileds( $fields ){
439
  ),
440
  'sfw__anti_crawler_ua' => array(
441
  'type' => 'checkbox',
442
- 'title' => __('Block bots by User Agents', 'cleantalk-spam-protect'),
443
  'parent' => 'sfw__anti_crawler',
444
- 'description' => __('The option allows you to block or allow bots by their User Agents. Supports black and white lists.', 'cleantalk-spam-protect')
445
  . '<br>'
446
  . __( 'This option improves the accuracy of Anti-Crawler and allows you to manage rules for specific bots.', 'cleantalk-spam-protect' ),
447
  ),
@@ -1088,6 +1088,7 @@ function apbct_settings__field__statistics() {
1088
  $apbct->stats['sfw']['last_update_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_update_time']) : __('unknown', 'cleantalk-spam-protect'),
1089
  isset($sfw_netwoks_amount[0]['cnt']) ? $sfw_netwoks_amount[0]['cnt'] : __('unknown', 'cleantalk-spam-protect')
1090
  );
 
1091
  echo '<br>';
1092
 
1093
  // SFW last sent logs
@@ -1537,6 +1538,15 @@ function apbct_settings__validate($settings) {
1537
  $settings['apikey'] = '';
1538
  }
1539
  }
 
 
 
 
 
 
 
 
 
1540
 
1541
  return $settings;
1542
  }
439
  ),
440
  'sfw__anti_crawler_ua' => array(
441
  'type' => 'checkbox',
442
+ 'title' => __('Block bots by User-Agents', 'cleantalk-spam-protect'),
443
  'parent' => 'sfw__anti_crawler',
444
+ 'description' => __('The option allows you to block or allow bots by their User-Agents. Supports black and white lists.', 'cleantalk-spam-protect')
445
  . '<br>'
446
  . __( 'This option improves the accuracy of Anti-Crawler and allows you to manage rules for specific bots.', 'cleantalk-spam-protect' ),
447
  ),
1088
  $apbct->stats['sfw']['last_update_time'] ? date('M d Y H:i:s', $apbct->stats['sfw']['last_update_time']) : __('unknown', 'cleantalk-spam-protect'),
1089
  isset($sfw_netwoks_amount[0]['cnt']) ? $sfw_netwoks_amount[0]['cnt'] : __('unknown', 'cleantalk-spam-protect')
1090
  );
1091
+ echo $apbct->data['firewall_updating_id'] ? ' ' . __('Under updating now:', 'cleantalk-spam-protect') . ' ' . $apbct->data['firewall_update_percent'] . '%' : '';
1092
  echo '<br>';
1093
 
1094
  // SFW last sent logs
1538
  $settings['apikey'] = '';
1539
  }
1540
  }
1541
+
1542
+ // Alt sessions table clearing
1543
+ if( empty( $settings['set_cookies__sessions'] ) ) {
1544
+ if( empty( $settings['store_urls__sessions'] ) ) {
1545
+ apbct_alt_sessions__clear();
1546
+ } else {
1547
+ apbct_alt_sessions__clear( false );
1548
+ }
1549
+ }
1550
 
1551
  return $settings;
1552
  }
inc/cleantalk-updater.php CHANGED
@@ -661,7 +661,7 @@ function apbct_update_to_5_149_2() {
661
 
662
  apbct_activation__create_tables( $sqls, $apbct->db_prefix );
663
 
664
- $apbct->settings['sfw__anti_crawler_ua'] = 0;
665
  $apbct->saveSettings();
666
 
667
  }
661
 
662
  apbct_activation__create_tables( $sqls, $apbct->db_prefix );
663
 
664
+ $apbct->settings['sfw__anti_crawler_ua'] = 1;
665
  $apbct->saveSettings();
666
 
667
  }
lib/Cleantalk/Antispam/Integrations.php CHANGED
@@ -1,87 +1,88 @@
1
- <?php
2
-
3
-
4
- namespace Cleantalk\Antispam;
5
-
6
-
7
- class Integrations
8
- {
9
-
10
- private $integrations = array();
11
-
12
- private $integration;
13
-
14
- public function __construct( $integrations )
15
- {
16
- $this->integrations = $integrations;
17
-
18
- foreach( $this->integrations as $integration_name => $integration_info ) {
19
- if( $integration_info['ajax'] ) {
20
- add_action( 'wp_ajax_' . $integration_info['hook'], array( $this, 'checkSpam' ), 1 );
21
- add_action( 'wp_ajax_nopriv_' . $integration_info['hook'], array( $this, 'checkSpam' ), 1 );
22
- } else {
23
- add_action( $integration_info['hook'], array( $this, 'checkSpam' ) );
24
- }
25
- }
26
- }
27
-
28
- public function checkSpam( $argument )
29
- {
30
- global $cleantalk_executed;
31
-
32
- // Getting current integration name
33
- $current_integration = $this->get_current_integration_triggered( current_filter() );
34
- if( $current_integration ) {
35
- // Instantiate the integration object
36
- $class = '\\Cleantalk\\Antispam\\Integrations\\' . $current_integration;
37
- if( class_exists( $class )) {
38
- $this->integration = new $class();
39
- if( ! ( $this->integration instanceof \Cleantalk\Antispam\Integrations\IntegrationBase ) ) {
40
- // @ToDo have to handle an error
41
- do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, array('Integration is not instanse of IntegrationBase class.') );
42
- return;
43
- }
44
- // Run data collecting for spam checking
45
- $data = $this->integration->getDataForChecking( $argument );
46
- if( ! is_null( $data ) ) {
47
- // Go spam checking
48
- $base_call_result = apbct_base_call(
49
- array(
50
- 'message' => !empty( $data['message'] ) ? json_encode( $data['message'] ) : '',
51
- 'sender_email' => !empty( $data['email'] ) ? $data['email'] : '',
52
- 'sender_nickname' => !empty( $data['nickname'] ) ? $data['nickname'] : '',
53
- 'post_info' => array(
54
- 'comment_type' => 'contact_form_wordpress_' . strtolower($current_integration),
55
- 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ), // Page URL must be an previous page
56
- ),
57
- )
58
- );
59
-
60
- $ct_result = $base_call_result['ct_result'];
61
-
62
- $cleantalk_executed = true;
63
-
64
- if ($ct_result->allow == 0) {
65
- // Do blocking if it is a spam
66
- $this->integration->doBlock( $ct_result->comment );
67
- }
68
- } else {
69
- // @ToDo have to handle an error
70
- return;
71
- }
72
- }
73
- }
74
- }
75
-
76
- private function get_current_integration_triggered( $hook )
77
- {
78
- if( $hook !== false ) {
79
- foreach( $this->integrations as $integration_name => $integration_info ) {
80
- if( strpos( $hook, $integration_info['hook'] ) !== false ) {
81
- return $integration_name;
82
- }
83
- }
84
- }
85
- return false;
86
- }
 
87
  }
1
+ <?php
2
+
3
+
4
+ namespace Cleantalk\Antispam;
5
+
6
+
7
+ class Integrations
8
+ {
9
+
10
+ private $integrations = array();
11
+
12
+ private $integration;
13
+
14
+ public function __construct( $integrations )
15
+ {
16
+ $this->integrations = $integrations;
17
+
18
+ foreach( $this->integrations as $integration_name => $integration_info ) {
19
+ if( $integration_info['ajax'] ) {
20
+ add_action( 'wp_ajax_' . $integration_info['hook'], array( $this, 'checkSpam' ), 1 );
21
+ add_action( 'wp_ajax_nopriv_' . $integration_info['hook'], array( $this, 'checkSpam' ), 1 );
22
+ } else {
23
+ add_action( $integration_info['hook'], array( $this, 'checkSpam' ) );
24
+ }
25
+ }
26
+ }
27
+
28
+ public function checkSpam( $argument )
29
+ {
30
+ global $cleantalk_executed;
31
+
32
+ // Getting current integration name
33
+ $current_integration = $this->get_current_integration_triggered( current_filter() );
34
+ if( $current_integration ) {
35
+ // Instantiate the integration object
36
+ $class = '\\Cleantalk\\Antispam\\Integrations\\' . $current_integration;
37
+ if( class_exists( $class )) {
38
+ $this->integration = new $class();
39
+ if( ! ( $this->integration instanceof \Cleantalk\Antispam\Integrations\IntegrationBase ) ) {
40
+ // @ToDo have to handle an error
41
+ do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, array('Integration is not instanse of IntegrationBase class.') );
42
+ return;
43
+ }
44
+ // Run data collecting for spam checking
45
+ $data = $this->integration->getDataForChecking( $argument );
46
+ if( ! is_null( $data ) ) {
47
+ // Go spam checking
48
+ $base_call_result = apbct_base_call(
49
+ array(
50
+ 'message' => !empty( $data['message'] ) ? json_encode( $data['message'] ) : '',
51
+ 'sender_email' => !empty( $data['email'] ) ? $data['email'] : '',
52
+ 'sender_nickname' => !empty( $data['nickname'] ) ? $data['nickname'] : '',
53
+ 'post_info' => array(
54
+ 'comment_type' => 'contact_form_wordpress_' . strtolower($current_integration),
55
+ 'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ), // Page URL must be an previous page
56
+ ),
57
+ ),
58
+ isset( $data['register'] ) ? true : false
59
+ );
60
+
61
+ $ct_result = $base_call_result['ct_result'];
62
+
63
+ $cleantalk_executed = true;
64
+
65
+ if ($ct_result->allow == 0) {
66
+ // Do blocking if it is a spam
67
+ $this->integration->doBlock( $ct_result->comment );
68
+ }
69
+ } else {
70
+ // @ToDo have to handle an error
71
+ return;
72
+ }
73
+ }
74
+ }
75
+ }
76
+
77
+ private function get_current_integration_triggered( $hook )
78
+ {
79
+ if( $hook !== false ) {
80
+ foreach( $this->integrations as $integration_name => $integration_info ) {
81
+ if( strpos( $hook, $integration_info['hook'] ) !== false ) {
82
+ return $integration_name;
83
+ }
84
+ }
85
+ }
86
+ return false;
87
+ }
88
  }
lib/Cleantalk/Antispam/Integrations/WpMembers.php ADDED
@@ -0,0 +1,22 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+
4
+ namespace Cleantalk\Antispam\Integrations;
5
+
6
+
7
+ class WpMembers extends IntegrationBase
8
+ {
9
+
10
+ function getDataForChecking( $argument )
11
+ {
12
+ $data = ct_get_fields_any( $argument );
13
+ $data['register'] = true;
14
+ return $data;
15
+ }
16
+
17
+ function doBlock( $message )
18
+ {
19
+ global $wpmem_themsg;
20
+ $wpmem_themsg = $message;
21
+ }
22
+ }
lib/Cleantalk/ApbctWP/FindSpam/UsersChecker.php CHANGED
@@ -1,647 +1,614 @@
1
- <?php
2
-
3
- namespace Cleantalk\ApbctWP\FindSpam;
4
-
5
- class UsersChecker extends Checker
6
- {
7
-
8
- public function __construct() {
9
-
10
- parent::__construct();
11
-
12
- $this->page_title = esc_html__( 'Check users for spam', 'cleantalk-spam-protect');
13
- $this->page_script_name = 'users.php';
14
- $this->page_slug = 'users';
15
-
16
- // Preparing data
17
- $current_user = wp_get_current_user();
18
- if( ! empty( $_COOKIE['ct_paused_users_check'] ) )
19
- $prev_check = json_decode( stripslashes( $_COOKIE['ct_paused_users_check'] ), true );
20
-
21
- wp_enqueue_script( 'ct_users_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-users-checkspam.min.js'), array( 'jquery', 'jqueryui' ), APBCT_VERSION );
22
- wp_localize_script( 'ct_users_checkspam', 'ctUsersCheck', array(
23
- 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
24
- 'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
25
- 'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
26
- 'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,
27
- 'ct_timeout' => __('Failed from timeout. Going to check users again.', 'cleantalk-spam-protect'),
28
- 'ct_timeout_delete' => __('Failed from timeout. Going to run a new attempt to delete spam users.', 'cleantalk-spam-protect'),
29
- 'ct_confirm_deletion_all' => __('Delete all spam users?', 'cleantalk-spam-protect'),
30
- 'ct_iusers' => __('users.', 'cleantalk-spam-protect'),
31
- 'ct_csv_filename' => "user_check_by_".$current_user->user_login,
32
- 'ct_status_string' => __("Checked %s, found %s spam users and %s bad users (without IP or email)", 'cleantalk-spam-protect'),
33
- 'ct_status_string_warning' => "<p>".__("Please do backup of WordPress database before delete any accounts!", 'cleantalk-spam-protect')."</p>"
34
- ));
35
-
36
- wp_enqueue_style( 'cleantalk_admin_css_settings_page', plugins_url().'/cleantalk-spam-protect/css/cleantalk-spam-check.min.css', array(), APBCT_VERSION, 'all' );
37
-
38
- }
39
-
40
- public function getCurrentScanPage() {
41
-
42
- $this->list_table = new \Cleantalk\ApbctWP\FindSpam\ListTable\UsersScan();
43
-
44
- $this->getCurrentScanPanel( $this );
45
- echo '<form action="" method="POST">';
46
- $this->list_table->display();
47
- echo '</form>';
48
-
49
- }
50
-
51
- public function getSpamLogsPage(){
52
-
53
- $this->list_table = new \Cleantalk\ApbctWP\FindSpam\ListTable\UsersLogs();
54
-
55
- echo '<form action="" method="POST">';
56
- $this->list_table->display();
57
- echo '</form>';
58
-
59
- }
60
-
61
- /**
62
- * Getting a count of total users of the website and return formatted string about this.
63
- *
64
- * @return string
65
- */
66
- public static function get_count_text() {
67
-
68
- $res = count_users();
69
-
70
- if( $res['total_users'] ) {
71
- $text = sprintf( esc_html__ ('Total count of users: %s.', 'cleantalk-spam-protect' ), $res['total_users'] );
72
- } else {
73
- $text = esc_html__( 'No users found.', 'cleantalk-spam-protect' );
74
- }
75
-
76
- return $text;
77
-
78
- }
79
-
80
- /**
81
- * Get date last checked user or date first registered user
82
- *
83
- * @return string date "M j Y"
84
- */
85
- public static function lastCheckDate() {
86
-
87
- // Checked users
88
- $params = array(
89
- 'fields' => 'ID',
90
- 'meta_key' => 'ct_checked',
91
- 'count_total' => true,
92
- 'orderby' => 'ct_checked'
93
- );
94
- $tmp = new \WP_User_Query( $params );
95
- $cnt_checked = $tmp->get_total();
96
-
97
- if( $cnt_checked > 0 ) {
98
-
99
- // If we have checked users return last user reg date
100
- $users = $tmp->get_results();
101
- return self::getUserRegister( end( $users ) );
102
-
103
- } else {
104
-
105
- // If we have not any checked users return first user registered date
106
- $params = array(
107
- 'fields' => 'ID',
108
- 'number' => 1,
109
- 'orderby' => 'user_registered'
110
- );
111
- $tmp = new \WP_User_Query( $params );
112
-
113
- return self::getUserRegister( current( $tmp->get_results() ) );
114
-
115
- }
116
-
117
- }
118
-
119
- /**
120
- * Get date user registered
121
- *
122
- * @param $user_id
123
- * @return string Date format"M j Y"
124
- */
125
- private static function getUserRegister( $user_id ) {
126
-
127
- $user_data = get_userdata( $user_id );
128
- $registered = $user_data->user_registered;
129
-
130
- return date( "M j Y", strtotime( $registered ) );
131
-
132
- }
133
-
134
- static function ct_ajax_check_users(){
135
-
136
- check_ajax_referer('ct_secret_nonce', 'security');
137
-
138
- global $apbct, $wpdb;
139
-
140
- $amount = !empty($_POST['amount']) && intval($_POST['amount'])
141
- ? intval($_POST['amount'])
142
- : 100;
143
-
144
- $skip_roles = array(
145
- 'administrator'
146
- );
147
-
148
- $from_till = '';
149
-
150
- if(isset($_POST['from'], $_POST['till'])){
151
-
152
- $from_date = date('Y-m-d', intval(strtotime($_POST['from']))) . ' 00:00:00';
153
- $till_date = date('Y-m-d', intval(strtotime($_POST['till']))) . ' 23:59:59';
154
-
155
- $from_till = " AND $wpdb->users.user_registered >= '$from_date' AND $wpdb->users.user_registered <= '$till_date'";
156
-
157
- }
158
-
159
- $u = $wpdb->get_results("
160
- SELECT {$wpdb->users}.ID, {$wpdb->users}.user_email, {$wpdb->users}.user_registered
161
- FROM {$wpdb->users}
162
- WHERE
163
- NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_bad') AND
164
- NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_checked') AND
165
- NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_checked_now')
166
- $from_till
167
- ORDER BY {$wpdb->users}.user_registered ASC
168
- LIMIT $amount;"
169
- );
170
-
171
- $check_result = array(
172
- 'end' => 0,
173
- 'checked' => 0,
174
- 'spam' => 0,
175
- 'bad' => 0,
176
- 'error' => 0
177
- );
178
-
179
- if( count($u) > 0 ){
180
-
181
- if( ! empty( $_POST['accurate_check'] ) ){
182
- // Leaving users only with first comment's date. Unsetting others.
183
- foreach( $u as $user_index => $user ){
184
-
185
- if( ! isset( $curr_date ) )
186
- $curr_date = ( substr( $user->user_registered, 0, 10 ) ? substr( $user->user_registered, 0, 10 ) : '' );
187
-
188
- if( substr( $user->user_registered, 0, 10 ) != $curr_date )
189
- unset( $u[$user_index] );
190
-
191
- }
192
- unset( $user_index, $user );
193
- }
194
-
195
- // Checking comments IP/Email. Gathering $data for check.
196
- $data = array();
197
-
198
- for( $i=0; $i < count($u); $i++ ){
199
-
200
- $user_meta = get_user_meta( $u[$i]->ID, 'session_tokens', true );
201
- if( is_array( $user_meta ) )
202
- $user_meta = array_values( $user_meta );
203
-
204
- $curr_ip = !empty( $user_meta[0]['ip' ]) ? trim( $user_meta[0]['ip'] ) : '';
205
- $curr_email = !empty( $u[$i]->user_email ) ? trim( $u[$i]->user_email ) : '';
206
-
207
- // Check for identity
208
- $curr_ip = preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $curr_ip) === 1 ? $curr_ip : null;
209
- $curr_email = preg_match('/^\S+@\S+\.\S+$/', $curr_email) === 1 ? $curr_email : null;
210
-
211
- if( empty( $curr_ip ) && empty( $curr_email ) ){
212
- $check_result['bad']++;
213
- update_user_meta( $u[$i]->ID,'ct_bad','1',true );
214
- update_user_meta( $u[$i]->ID, 'ct_checked', date("Y-m-d H:m:s"), true) ;
215
- update_user_meta( $u[$i]->ID, 'ct_checked_now', '1', true) ;
216
- unset( $u[$i] );
217
- }else{
218
- if( !empty( $curr_ip ) )
219
- $data[] = $curr_ip;
220
- if( !empty( $curr_email ) )
221
- $data[] = $curr_email;
222
- // Patch for empty IP/Email
223
- $u[$i]->data = new \stdClass();
224
- $u[$i]->user_ip = empty($curr_ip) ? 'none' : $curr_ip;
225
- $u[$i]->user_email = empty($curr_email) ? 'none' : $curr_email;
226
- }
227
- }
228
-
229
- // Recombining after checking and unsettting
230
- $u = array_values( $u );
231
-
232
- // Drop if data empty and there's no users to check
233
- if( count( $data ) == 0 ){
234
- if( $_POST['unchecked'] === 0 )
235
- $check_result['end'] = 1;
236
- print json_encode( $check_result );
237
- die();
238
- }
239
-
240
- $result = \Cleantalk\ApbctWP\API::method__spam_check_cms( $apbct->api_key, $data, !empty($_POST['accurate_check']) ? $curr_date : null );
241
-
242
- if( empty( $result['error'] ) ){
243
-
244
- for( $i=0; $i < sizeof( $u ); $i++ ) {
245
-
246
- $check_result['checked']++;
247
- update_user_meta( $u[$i]->ID, 'ct_checked', date("Y-m-d H:m:s"), true) ;
248
- update_user_meta( $u[$i]->ID, 'ct_checked_now', date("Y-m-d H:m:s"), true) ;
249
-
250
- // Do not display forbidden roles.
251
- foreach ( $skip_roles as $role ) {
252
- $user_meta = get_userdata($u[$i]->ID);
253
- $user_roles = $user_meta->roles;
254
- if ( in_array( $role, $user_roles ) ){
255
- delete_user_meta( $u[$i]->ID, 'ct_marked_as_spam' );
256
- continue 2;
257
- }
258
- }
259
-
260
- $mark_spam_ip = false;
261
- $mark_spam_email = false;
262
-
263
- $uip = $u[$i]->user_ip;
264
- $uim = $u[$i]->user_email;
265
-
266
- if( isset( $result[$uip] ) && $result[$uip]['appears'] == 1 )
267
- $mark_spam_ip = true;
268
-
269
- if( isset($result[$uim]) && $result[$uim]['appears'] == 1 )
270
- $mark_spam_email = true;
271
-
272
- if ( $mark_spam_ip || $mark_spam_email ){
273
- $check_result['spam']++;
274
- update_user_meta( $u[$i]->ID, 'ct_marked_as_spam', '1', true );
275
- }
276
-
277
- }
278
-
279
- echo json_encode( $check_result );
280
-
281
- } else {
282
-
283
- $check_result['error'] = 1;
284
- $check_result['error_message'] = $result['error'];
285
-
286
- echo json_encode( $check_result );
287
-
288
- }
289
- } else {
290
-
291
- $check_result['end'] = 1;
292
-
293
- $log_data = static::get_log_data();
294
- static::writeSpamLog( 'users', date("Y-m-d H:i:s"), $log_data['checked'], $log_data['spam'], $log_data['bad'] );
295
-
296
- echo json_encode( $check_result );
297
-
298
- }
299
-
300
- die;
301
-
302
- }
303
-
304
- /**
305
- * Run query for deleting 'ct_checked_now' meta. Need for the new scan.
306
- *
307
- * @return void
308
- */
309
- public static function ct_ajax_clear_users()
310
- {
311
- check_ajax_referer( 'ct_secret_nonce', 'security' );
312
-
313
- global $wpdb;
314
- $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE meta_key IN ('ct_checked_now')");
315
-
316
- if ( isset($_POST['from']) && isset($_POST['till']) ) {
317
- if ( preg_match('/[a-zA-Z]{3}\s{1}\d{1,2}\s{1}\d{4}/', $_POST['from'] ) && preg_match('/[a-zA-Z]{3}\s{1}\d{1,2}\s{1}\d{4}/', $_POST['till'] ) ) {
318
-
319
- $from = date('Y-m-d', intval(strtotime($_POST['from']))) . ' 00:00:00';
320
- $till = date('Y-m-d', intval(strtotime($_POST['till']))) . ' 23:59:59';
321
-
322
- $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE
323
- meta_key IN ('ct_checked','ct_marked_as_spam','ct_bad')
324
- AND meta_value >= '{$from}'
325
- AND meta_value <= '{$till}';");
326
- die();
327
- } else {
328
- $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE
329
- meta_key IN ('ct_checked','ct_marked_as_spam','ct_bad')");
330
- die();
331
- }
332
- }
333
-
334
- die();
335
- }
336
-
337
- public static function ct_ajax_info($direct_call = false) {
338
-
339
- if (!$direct_call)
340
- check_ajax_referer( 'ct_secret_nonce', 'security' );
341
-
342
- global $wpdb;
343
-
344
- // Checked users
345
- $cnt_checked = $wpdb->get_results("
346
- SELECT COUNT(*) AS cnt
347
- FROM {$wpdb->usermeta}
348
- WHERE meta_key='ct_checked_now'"
349
- )[0]->cnt;
350
-
351
- // Spam users
352
- $cnt_spam = $wpdb->get_results("
353
- SELECT COUNT({$wpdb->users}.ID) AS cnt
354
- FROM {$wpdb->users}
355
- INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
356
- INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
357
- WHERE
358
- meta1.meta_key = 'ct_marked_as_spam' AND
359
- meta2.meta_key = 'ct_checked_now';"
360
- )[0]->cnt;
361
-
362
- // Bad users (without IP and Email)
363
- $cnt_bad = $wpdb->get_results("
364
- SELECT COUNT({$wpdb->users}.ID) AS cnt
365
- FROM {$wpdb->users}
366
- INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
367
- INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
368
- WHERE
369
- meta1.meta_key = 'ct_bad' AND
370
- meta2.meta_key = 'ct_checked_now';"
371
- )[0]->cnt;
372
-
373
- $return = array(
374
- 'message' => '',
375
- 'spam' => $cnt_spam,
376
- 'checked' => $cnt_checked,
377
- 'bad' => $cnt_bad,
378
- );
379
-
380
- if( ! $direct_call ) {
381
- $return['message'] .= sprintf (
382
- esc_html__('Checked %s, found %s spam users and %s bad users (without IP or email)', 'cleantalk-spam-protect'),
383
- $cnt_checked,
384
- $cnt_spam,
385
- $cnt_bad
386
- );
387
- } else {
388
-
389
- global $wpdb;
390
-
391
- $query = "SELECT * FROM " . APBCT_SPAMSCAN_LOGS . " WHERE scan_type = 'users' ORDER BY start_time DESC";
392
- $res = $wpdb->get_row( $query, ARRAY_A );
393
-
394
- if ( $res ) {
395
- $return['message'] .= sprintf (
396
- __("Last check %s: checked %s users, found %s spam users and %s bad users (without IP or email).", 'cleantalk-spam-protect'),
397
- self::lastCheckDate(),
398
- $cnt_checked,
399
- $cnt_spam,
400
- $cnt_bad
401
- );
402
- } else {
403
- $return['message'] = esc_html__( 'Never checked yet or no new spam.', 'cleantalk-spam-protect');
404
- }
405
-
406
- }
407
-
408
- $backup_notice = '&nbsp;';
409
- if ($cnt_spam > 0) {
410
- $backup_notice = __("Please do backup of WordPress database before delete any accounts!", 'cleantalk-spam-protect');
411
- }
412
- $return['message'] .= "<p>$backup_notice</p>";
413
-
414
- if($direct_call){
415
- return $return['message'];
416
- }else{
417
- echo json_encode($return);
418
- die();
419
- }
420
- }
421
-
422
- private static function get_log_data() {
423
-
424
- global $wpdb;
425
-
426
- // Checked users
427
- $cnt_checked = $wpdb->get_results("
428
- SELECT COUNT(*) AS cnt
429
- FROM {$wpdb->usermeta}
430
- WHERE meta_key='ct_checked_now'"
431
- )[0]->cnt;
432
-
433
- // Spam users
434
- $cnt_spam = $wpdb->get_results("
435
- SELECT COUNT({$wpdb->users}.ID) AS cnt
436
- FROM {$wpdb->users}
437
- INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
438
- INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
439
- WHERE
440
- meta1.meta_key = 'ct_marked_as_spam' AND
441
- meta2.meta_key = 'ct_checked_now';"
442
- )[0]->cnt;
443
-
444
- // Bad users (without IP and Email)
445
- $cnt_bad = $wpdb->get_results("
446
- SELECT COUNT({$wpdb->users}.ID) AS cnt
447
- FROM {$wpdb->users}
448
- INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
449
- INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
450
- WHERE
451
- meta1.meta_key = 'ct_bad' AND
452
- meta2.meta_key = 'ct_checked_now';"
453
- )[0]->cnt;
454
-
455
- return array(
456
- 'spam' => $cnt_spam,
457
- 'checked' => $cnt_checked,
458
- 'bad' => $cnt_bad,
459
- );
460
-
461
- }
462
-
463
- /**
464
- * Admin action 'wp_ajax_ajax_ct_get_csv_file' - prints CSV file to AJAX
465
- */
466
- public static function ct_get_csv_file() {
467
-
468
- check_ajax_referer( 'ct_secret_nonce', 'security' );
469
-
470
- $text = 'login,email,ip' . PHP_EOL;
471
-
472
- $params = array(
473
- 'meta_query' => array(
474
- array(
475
- 'key' => 'ct_marked_as_spam',
476
- 'compare' => '1'
477
- ),
478
- ),
479
- 'orderby' => 'registered',
480
- 'order' => 'ASC',
481
- );
482
-
483
- $u = get_users( $params );
484
-
485
- for( $i=0; $i < count($u); $i++ ){
486
- $user_meta = get_user_meta( $u[$i]->ID, 'session_tokens', true );
487
- if( is_array( $user_meta ) )
488
- $user_meta = array_values( $user_meta );
489
- $text .= $u[$i]->user_login.',';
490
- $text .= $u[$i]->data->user_email.',';
491
- $text .= ! empty( $user_meta[0]['ip']) ? trim( $user_meta[0]['ip'] ) : '';
492
- $text .= PHP_EOL;
493
- }
494
-
495
- $filename = ! empty( $_POST['filename'] ) ? $_POST['filename'] : false;
496
-
497
- if( $filename !== false ) {
498
- header('Content-Type: text/csv');
499
- echo $text;
500
- } else {
501
- echo 'Export error.'; // file not exists or empty $_POST['filename']
502
- }
503
- die();
504
-
505
- }
506
-
507
- public static function ct_ajax_insert_users()
508
- {
509
-
510
- check_ajax_referer( 'ct_secret_nonce', 'security' );
511
-
512
- //* DELETION
513
- if(!empty($_POST['delete'])){
514
- $users = get_users(array('search' => 'user_*', 'search_columns' => array('login', 'nicename')));
515
- $deleted = 0;
516
- $amount_to_delete = 1000;
517
- foreach($users as $user){
518
- if($deleted >= $amount_to_delete)
519
- break;
520
- if(wp_delete_user($user->ID))
521
- $deleted++;
522
- }
523
- print "$deleted";
524
- die();
525
- }
526
- //*/
527
-
528
- //* INSERTION
529
- global $wpdb;
530
- $to_insert = 500;
531
- $result = $wpdb->get_results('SELECT network FROM `'. APBCT_TBL_FIREWALL_DATA .'` LIMIT '. $to_insert .';', ARRAY_A);
532
-
533
- if($result){
534
- $ip = array();
535
- foreach($result as $value){
536
- $ips[] = long2ip($value['network']);
537
- }
538
- unset($value);
539
-
540
- $inserted = 0;
541
- for($i=0; $i<$to_insert; $i++){
542
- $rnd=mt_rand(1,10000000);
543
-
544
- $user_name = "user_$rnd";
545
- $email="stop_email_$rnd@example.com";
546
-
547
- $user_id = wp_create_user(
548
- $user_name,
549
- rand(),
550
- $email
551
- );
552
-
553
- $curr_user = get_user_by('email', $email);
554
-
555
- update_user_meta($curr_user->ID, 'session_tokens', array($rnd => array('ip' => $ips[$i])));
556
-
557
- if (is_int($user_id))
558
- $inserted++;
559
-
560
- }
561
- }else{
562
- $inserted = '0';
563
- }
564
- //*/
565
-
566
- print "$inserted";
567
- die();
568
- }
569
-
570
- public static function ct_ajax_delete_all_users($count_all = 0)
571
- {
572
- check_ajax_referer( 'ct_secret_nonce', 'security' );
573
-
574
- global $wpdb;
575
-
576
- $r = $wpdb->get_results("select count(*) as cnt from $wpdb->usermeta where meta_key='ct_marked_as_spam';", OBJECT );
577
-
578
- if(!empty($r)){
579
-
580
- $count_all = $r ? $r[0]->cnt : 0;
581
-
582
- $args = array(
583
- 'meta_key' => 'ct_marked_as_spam',
584
- 'meta_value' => '1',
585
- 'fields' => array('ID'),
586
- 'number' => 50
587
- );
588
- $users = get_users($args);
589
-
590
- if ($users){
591
- foreach($users as $user){
592
- wp_delete_user($user->ID);
593
- usleep(5000);
594
- }
595
- }
596
- }
597
-
598
- die($count_all);
599
- }
600
-
601
- /**
602
- * Add hidden column into the users table
603
- *
604
- * @param $columns
605
- * @return mixed
606
- */
607
- public static function ct_manage_users_columns( $columns ) {
608
-
609
- $columns['apbct_status hidden'] = '';
610
- return $columns;
611
-
612
- }
613
-
614
- /**
615
- * Generates <span> with information about user scan using user's meta.
616
- *
617
- * @param $value
618
- * @param $column_name
619
- * @param $user_id
620
- * @return string
621
- */
622
- public static function ct_manage_users_custom_column( $value, $column_name, $user_id ) {
623
-
624
- if( 'apbct_status hidden' == $column_name ) {
625
-
626
- $is_checked = get_user_meta( $user_id, 'ct_checked', true);
627
- if( ! empty( $is_checked ) ) {
628
- $is_checked = date( 'M d Y', strtotime( $is_checked ) );
629
- $is_spam = get_user_meta( $user_id, 'ct_marked_as_spam', true );
630
- if( ! empty( $is_spam ) ) {
631
- $text = sprintf( esc_html__( 'SPAM. Checked %s.', 'cleantalk-spam-protect'), $is_checked );
632
- $value = '<span id="apbct_checked_spam">' . $text . '</span>';
633
- } else {
634
- $text = sprintf( esc_html__( 'Not spam. Checked %s.', 'cleantalk-spam-protect'), $is_checked );
635
- $value = '<span id="apbct_checked_not_spam">' . $text . '</span>';
636
- }
637
- } else {
638
- $value = '<span id="apbct_not_checked">' . esc_html__( 'Not checked yet. Anti-Spam by CleanTalk.', 'cleantalk-spam-protect') . '</span>';
639
- }
640
-
641
- }
642
-
643
- return $value;
644
-
645
- }
646
-
647
  }
1
+ <?php
2
+
3
+ namespace Cleantalk\ApbctWP\FindSpam;
4
+
5
+ class UsersChecker extends Checker
6
+ {
7
+
8
+ public function __construct() {
9
+
10
+ parent::__construct();
11
+
12
+ $this->page_title = esc_html__( 'Check users for spam', 'cleantalk-spam-protect');
13
+ $this->page_script_name = 'users.php';
14
+ $this->page_slug = 'users';
15
+
16
+ // Preparing data
17
+ $current_user = wp_get_current_user();
18
+ if( ! empty( $_COOKIE['ct_paused_users_check'] ) )
19
+ $prev_check = json_decode( stripslashes( $_COOKIE['ct_paused_users_check'] ), true );
20
+
21
+ wp_enqueue_script( 'ct_users_checkspam', plugins_url('/cleantalk-spam-protect/js/cleantalk-users-checkspam.min.js'), array( 'jquery', 'jqueryui' ), APBCT_VERSION );
22
+ wp_localize_script( 'ct_users_checkspam', 'ctUsersCheck', array(
23
+ 'ct_ajax_nonce' => wp_create_nonce('ct_secret_nonce'),
24
+ 'ct_prev_accurate' => !empty($prev_check['accurate']) ? true : false,
25
+ 'ct_prev_from' => !empty($prev_check['from']) ? $prev_check['from'] : false,
26
+ 'ct_prev_till' => !empty($prev_check['till']) ? $prev_check['till'] : false,
27
+ 'ct_timeout' => __('Failed from timeout. Going to check users again.', 'cleantalk-spam-protect'),
28
+ 'ct_timeout_delete' => __('Failed from timeout. Going to run a new attempt to delete spam users.', 'cleantalk-spam-protect'),
29
+ 'ct_confirm_deletion_all' => __('Delete all spam users?', 'cleantalk-spam-protect'),
30
+ 'ct_iusers' => __('users.', 'cleantalk-spam-protect'),
31
+ 'ct_csv_filename' => "user_check_by_".$current_user->user_login,
32
+ 'ct_status_string' => __("Checked %s, found %s spam users and %s bad users (without IP or email)", 'cleantalk-spam-protect'),
33
+ 'ct_status_string_warning' => "<p>".__("Please do backup of WordPress database before delete any accounts!", 'cleantalk-spam-protect')."</p>"
34
+ ));
35
+
36
+ wp_enqueue_style( 'cleantalk_admin_css_settings_page', plugins_url().'/cleantalk-spam-protect/css/cleantalk-spam-check.min.css', array(), APBCT_VERSION, 'all' );
37
+
38
+ }
39
+
40
+ public function getCurrentScanPage() {
41
+
42
+ $this->list_table = new \Cleantalk\ApbctWP\FindSpam\ListTable\UsersScan();
43
+
44
+ $this->getCurrentScanPanel( $this );
45
+ echo '<form action="" method="POST">';
46
+ $this->list_table->display();
47
+ echo '</form>';
48
+
49
+ }
50
+
51
+ public function getSpamLogsPage(){
52
+
53
+ $this->list_table = new \Cleantalk\ApbctWP\FindSpam\ListTable\UsersLogs();
54
+
55
+ echo '<form action="" method="POST">';
56
+ $this->list_table->display();
57
+ echo '</form>';
58
+
59
+ }
60
+
61
+ /**
62
+ * Getting a count of total users of the website and return formatted string about this.
63
+ *
64
+ * @return string
65
+ */
66
+ public static function get_count_text() {
67
+
68
+ $res = count_users();
69
+
70
+ if( $res['total_users'] ) {
71
+ $text = sprintf( esc_html__ ('Total count of users: %s.', 'cleantalk-spam-protect' ), $res['total_users'] );
72
+ } else {
73
+ $text = esc_html__( 'No users found.', 'cleantalk-spam-protect' );
74
+ }
75
+
76
+ return $text;
77
+
78
+ }
79
+
80
+ /**
81
+ * Get date last checked user or date first registered user
82
+ *
83
+ * @return string date "M j Y"
84
+ */
85
+ public static function lastCheckDate() {
86
+
87
+ // Checked users
88
+ $params = array(
89
+ 'fields' => 'ID',
90
+ 'meta_key' => 'ct_checked',
91
+ 'count_total' => true,
92
+ 'orderby' => 'ct_checked'
93
+ );
94
+ $tmp = new \WP_User_Query( $params );
95
+ $cnt_checked = $tmp->get_total();
96
+
97
+ if( $cnt_checked > 0 ) {
98
+
99
+ // If we have checked users return last user reg date
100
+ $users = $tmp->get_results();
101
+ return self::getUserRegister( end( $users ) );
102
+
103
+ } else {
104
+
105
+ // If we have not any checked users return first user registered date
106
+ $params = array(
107
+ 'fields' => 'ID',
108
+ 'number' => 1,
109
+ 'orderby' => 'user_registered'
110
+ );
111
+ $tmp = new \WP_User_Query( $params );
112
+
113
+ return self::getUserRegister( current( $tmp->get_results() ) );
114
+
115
+ }
116
+
117
+ }
118
+
119
+ /**
120
+ * Get date user registered
121
+ *
122
+ * @param $user_id
123
+ * @return string Date format"M j Y"
124
+ */
125
+ private static function getUserRegister( $user_id ) {
126
+
127
+ $user_data = get_userdata( $user_id );
128
+ $registered = $user_data->user_registered;
129
+
130
+ return date( "M j Y", strtotime( $registered ) );
131
+
132
+ }
133
+
134
+ static function ct_ajax_check_users(){
135
+
136
+ check_ajax_referer('ct_secret_nonce', 'security');
137
+
138
+ global $apbct, $wpdb;
139
+
140
+ $amount = !empty($_POST['amount']) && intval($_POST['amount'])
141
+ ? intval($_POST['amount'])
142
+ : 100;
143
+
144
+ $skip_roles = array(
145
+ 'administrator'
146
+ );
147
+
148
+ $from_till = '';
149
+
150
+ if(isset($_POST['from'], $_POST['till'])){
151
+
152
+ $from_date = date('Y-m-d', intval(strtotime($_POST['from']))) . ' 00:00:00';
153
+ $till_date = date('Y-m-d', intval(strtotime($_POST['till']))) . ' 23:59:59';
154
+
155
+ $from_till = " AND $wpdb->users.user_registered >= '$from_date' AND $wpdb->users.user_registered <= '$till_date'";
156
+
157
+ }
158
+
159
+ $u = $wpdb->get_results("
160
+ SELECT {$wpdb->users}.ID, {$wpdb->users}.user_email, {$wpdb->users}.user_registered
161
+ FROM {$wpdb->users}
162
+ WHERE
163
+ NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_bad') AND
164
+ NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_checked') AND
165
+ NOT EXISTS(SELECT * FROM {$wpdb->usermeta} as meta WHERE {$wpdb->users}.ID = meta.user_id AND meta.meta_key = 'ct_checked_now')
166
+ $from_till
167
+ ORDER BY {$wpdb->users}.user_registered ASC
168
+ LIMIT $amount;"
169
+ );
170
+
171
+ $check_result = array(
172
+ 'end' => 0,
173
+ 'checked' => 0,
174
+ 'spam' => 0,
175
+ 'bad' => 0,
176
+ 'error' => 0
177
+ );
178
+
179
+ if( count($u) > 0 ){
180
+
181
+ if( ! empty( $_POST['accurate_check'] ) ){
182
+ // Leaving users only with first comment's date. Unsetting others.
183
+ foreach( $u as $user_index => $user ){
184
+
185
+ if( ! isset( $curr_date ) )
186
+ $curr_date = ( substr( $user->user_registered, 0, 10 ) ? substr( $user->user_registered, 0, 10 ) : '' );
187
+
188
+ if( substr( $user->user_registered, 0, 10 ) != $curr_date )
189
+ unset( $u[$user_index] );
190
+
191
+ }
192
+ unset( $user_index, $user );
193
+ }
194
+
195
+ // Checking comments IP/Email. Gathering $data for check.
196
+ $data = array();
197
+
198
+ for( $i=0; $i < count($u); $i++ ){
199
+
200
+ $user_meta = get_user_meta( $u[$i]->ID, 'session_tokens', true );
201
+ if( is_array( $user_meta ) )
202
+ $user_meta = array_values( $user_meta );
203
+
204
+ $curr_ip = !empty( $user_meta[0]['ip' ]) ? trim( $user_meta[0]['ip'] ) : '';
205
+ $curr_email = !empty( $u[$i]->user_email ) ? trim( $u[$i]->user_email ) : '';
206
+
207
+ // Check for identity
208
+ $curr_ip = preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $curr_ip) === 1 ? $curr_ip : null;
209
+ $curr_email = preg_match('/^\S+@\S+\.\S+$/', $curr_email) === 1 ? $curr_email : null;
210
+
211
+ if( empty( $curr_ip ) && empty( $curr_email ) ){
212
+ $check_result['bad']++;
213
+ update_user_meta( $u[$i]->ID,'ct_bad','1',true );
214
+ update_user_meta( $u[$i]->ID, 'ct_checked', date("Y-m-d H:m:s"), true) ;
215
+ update_user_meta( $u[$i]->ID, 'ct_checked_now', '1', true) ;
216
+ unset( $u[$i] );
217
+ }else{
218
+ if( !empty( $curr_ip ) )
219
+ $data[] = $curr_ip;
220
+ if( !empty( $curr_email ) )
221
+ $data[] = $curr_email;
222
+ // Patch for empty IP/Email
223
+ $u[$i]->data = new \stdClass();
224
+ $u[$i]->user_ip = empty($curr_ip) ? 'none' : $curr_ip;
225
+ $u[$i]->user_email = empty($curr_email) ? 'none' : $curr_email;
226
+ }
227
+ }
228
+
229
+ // Recombining after checking and unsettting
230
+ $u = array_values( $u );
231
+
232
+ // Drop if data empty and there's no users to check
233
+ if( count( $data ) == 0 ){
234
+ if( $_POST['unchecked'] === 0 )
235
+ $check_result['end'] = 1;
236
+ print json_encode( $check_result );
237
+ die();
238
+ }
239
+
240
+ $result = \Cleantalk\ApbctWP\API::method__spam_check_cms( $apbct->api_key, $data, !empty($_POST['accurate_check']) ? $curr_date : null );
241
+
242
+ if( empty( $result['error'] ) ){
243
+
244
+ for( $i=0; $i < sizeof( $u ); $i++ ) {
245
+
246
+ $check_result['checked']++;
247
+ update_user_meta( $u[$i]->ID, 'ct_checked', date("Y-m-d H:m:s"), true) ;
248
+ update_user_meta( $u[$i]->ID, 'ct_checked_now', date("Y-m-d H:m:s"), true) ;
249
+
250
+ // Do not display forbidden roles.
251
+ foreach ( $skip_roles as $role ) {
252
+ $user_meta = get_userdata($u[$i]->ID);
253
+ $user_roles = $user_meta->roles;
254
+ if ( in_array( $role, $user_roles ) ){
255
+ delete_user_meta( $u[$i]->ID, 'ct_marked_as_spam' );
256
+ continue 2;
257
+ }
258
+ }
259
+
260
+ $mark_spam_ip = false;
261
+ $mark_spam_email = false;
262
+
263
+ $uip = $u[$i]->user_ip;
264
+ $uim = $u[$i]->user_email;
265
+
266
+ if( isset( $result[$uip] ) && $result[$uip]['appears'] == 1 )
267
+ $mark_spam_ip = true;
268
+
269
+ if( isset($result[$uim]) && $result[$uim]['appears'] == 1 )
270
+ $mark_spam_email = true;
271
+
272
+ if ( $mark_spam_ip || $mark_spam_email ){
273
+ $check_result['spam']++;
274
+ update_user_meta( $u[$i]->ID, 'ct_marked_as_spam', '1', true );
275
+ }
276
+
277
+ }
278
+
279
+ echo json_encode( $check_result );
280
+
281
+ } else {
282
+
283
+ $check_result['error'] = 1;
284
+ $check_result['error_message'] = $result['error'];
285
+
286
+ echo json_encode( $check_result );
287
+
288
+ }
289
+ } else {
290
+
291
+ $check_result['end'] = 1;
292
+
293
+ $log_data = static::get_log_data();
294
+ static::writeSpamLog( 'users', date("Y-m-d H:i:s"), $log_data['checked'], $log_data['spam'], $log_data['bad'] );
295
+
296
+ echo json_encode( $check_result );
297
+
298
+ }
299
+
300
+ die;
301
+
302
+ }
303
+
304
+ /**
305
+ * Run query for deleting 'ct_checked_now' meta. Need for the new scan.
306
+ *
307
+ * @return void
308
+ */
309
+ public static function ct_ajax_clear_users()
310
+ {
311
+ check_ajax_referer( 'ct_secret_nonce', 'security' );
312
+
313
+ global $wpdb;
314
+ $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE meta_key IN ('ct_checked_now')");
315
+
316
+ if ( isset($_POST['from']) && isset($_POST['till']) ) {
317
+ if ( preg_match('/[a-zA-Z]{3}\s{1}\d{1,2}\s{1}\d{4}/', $_POST['from'] ) && preg_match('/[a-zA-Z]{3}\s{1}\d{1,2}\s{1}\d{4}/', $_POST['till'] ) ) {
318
+
319
+ $from = date('Y-m-d', intval(strtotime($_POST['from']))) . ' 00:00:00';
320
+ $till = date('Y-m-d', intval(strtotime($_POST['till']))) . ' 23:59:59';
321
+
322
+ $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE
323
+ meta_key IN ('ct_checked','ct_marked_as_spam','ct_bad')
324
+ AND meta_value >= '{$from}'
325
+ AND meta_value <= '{$till}';");
326
+ die();
327
+ } else {
328
+ $wpdb->query("DELETE FROM {$wpdb->usermeta} WHERE
329
+ meta_key IN ('ct_checked','ct_marked_as_spam','ct_bad')");
330
+ die();
331
+ }
332
+ }
333
+
334
+ die();
335
+ }
336
+
337
+ public static function ct_ajax_info($direct_call = false) {
338
+
339
+ if (!$direct_call)
340
+ check_ajax_referer( 'ct_secret_nonce', 'security' );
341
+
342
+ global $wpdb;
343
+
344
+ // Checked users
345
+ $cnt_checked = $wpdb->get_results("
346
+ SELECT COUNT(*) AS cnt
347
+ FROM {$wpdb->usermeta}
348
+ WHERE meta_key='ct_checked_now'"
349
+ )[0]->cnt;
350
+
351
+ // Spam users
352
+ $cnt_spam = $wpdb->get_results("
353
+ SELECT COUNT({$wpdb->users}.ID) AS cnt
354
+ FROM {$wpdb->users}
355
+ INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
356
+ INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
357
+ WHERE
358
+ meta1.meta_key = 'ct_marked_as_spam' AND
359
+ meta2.meta_key = 'ct_checked_now';"
360
+ )[0]->cnt;
361
+
362
+ // Bad users (without IP and Email)
363
+ $cnt_bad = $wpdb->get_results("
364
+ SELECT COUNT({$wpdb->users}.ID) AS cnt
365
+ FROM {$wpdb->users}
366
+ INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
367
+ INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
368
+ WHERE
369
+ meta1.meta_key = 'ct_bad' AND
370
+ meta2.meta_key = 'ct_checked_now';"
371
+ )[0]->cnt;
372
+
373
+ $return = array(
374
+ 'message' => '',
375
+ 'spam' => $cnt_spam,
376
+ 'checked' => $cnt_checked,
377
+ 'bad' => $cnt_bad,
378
+ );
379
+
380
+ if( ! $direct_call ) {
381
+ $return['message'] .= sprintf (
382
+ esc_html__('Checked %s, found %s spam users and %s bad users (without IP or email)', 'cleantalk-spam-protect'),
383
+ $cnt_checked,
384
+ $cnt_spam,
385
+ $cnt_bad
386
+ );
387
+ } else {
388
+
389
+ global $wpdb;
390
+
391
+ $query = "SELECT * FROM " . APBCT_SPAMSCAN_LOGS . " WHERE scan_type = 'users' ORDER BY start_time DESC";
392
+ $res = $wpdb->get_row( $query, ARRAY_A );
393
+
394
+ if ( $res ) {
395
+ $return['message'] .= sprintf (
396
+ __("Last check %s: checked %s users, found %s spam users and %s bad users (without IP or email).", 'cleantalk-spam-protect'),
397
+ self::lastCheckDate(),
398
+ $cnt_checked,
399
+ $cnt_spam,
400
+ $cnt_bad
401
+ );
402
+ } else {
403
+ $return['message'] = esc_html__( 'Never checked yet or no new spam.', 'cleantalk-spam-protect');
404
+ }
405
+
406
+ }
407
+
408
+ $backup_notice = '&nbsp;';
409
+ if ($cnt_spam > 0) {
410
+ $backup_notice = __("Please do backup of WordPress database before delete any accounts!", 'cleantalk-spam-protect');
411
+ }
412
+ $return['message'] .= "<p>$backup_notice</p>";
413
+
414
+ if($direct_call){
415
+ return $return['message'];
416
+ }else{
417
+ echo json_encode($return);
418
+ die();
419
+ }
420
+ }
421
+
422
+ private static function get_log_data() {
423
+
424
+ global $wpdb;
425
+
426
+ // Checked users
427
+ $cnt_checked = $wpdb->get_results("
428
+ SELECT COUNT(*) AS cnt
429
+ FROM {$wpdb->usermeta}
430
+ WHERE meta_key='ct_checked_now'"
431
+ )[0]->cnt;
432
+
433
+ // Spam users
434
+ $cnt_spam = $wpdb->get_results("
435
+ SELECT COUNT({$wpdb->users}.ID) AS cnt
436
+ FROM {$wpdb->users}
437
+ INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
438
+ INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
439
+ WHERE
440
+ meta1.meta_key = 'ct_marked_as_spam' AND
441
+ meta2.meta_key = 'ct_checked_now';"
442
+ )[0]->cnt;
443
+
444
+ // Bad users (without IP and Email)
445
+ $cnt_bad = $wpdb->get_results("
446
+ SELECT COUNT({$wpdb->users}.ID) AS cnt
447
+ FROM {$wpdb->users}
448
+ INNER JOIN {$wpdb->usermeta} AS meta1 ON ( {$wpdb->users}.ID = meta1.user_id )
449
+ INNER JOIN {$wpdb->usermeta} AS meta2 ON ( {$wpdb->users}.ID = meta2.user_id )
450
+ WHERE
451
+ meta1.meta_key = 'ct_bad' AND
452
+ meta2.meta_key = 'ct_checked_now';"
453
+ )[0]->cnt;
454
+
455
+ return array(
456
+ 'spam' => $cnt_spam,
457
+ 'checked' => $cnt_checked,
458
+ 'bad' => $cnt_bad,
459
+ );
460
+
461
+ }
462
+
463
+ /**
464
+ * Admin action 'wp_ajax_ajax_ct_get_csv_file' - prints CSV file to AJAX
465
+ */
466
+ public static function ct_get_csv_file() {
467
+
468
+ check_ajax_referer( 'ct_secret_nonce', 'security' );
469
+
470
+ $text = 'login,email,ip' . PHP_EOL;
471
+
472
+ $params = array(
473
+ 'meta_query' => array(
474
+ array(
475
+ 'key' => 'ct_marked_as_spam',
476
+ 'compare' => '1'
477
+ ),
478
+ ),
479
+ 'orderby' => 'registered',
480
+ 'order' => 'ASC',
481
+ );
482
+
483
+ $u = get_users( $params );
484
+
485
+ for( $i=0; $i < count($u); $i++ ){
486
+ $user_meta = get_user_meta( $u[$i]->ID, 'session_tokens', true );
487
+ if( is_array( $user_meta ) )
488
+ $user_meta = array_values( $user_meta );
489
+ $text .= $u[$i]->user_login.',';
490
+ $text .= $u[$i]->data->user_email.',';
491
+ $text .= ! empty( $user_meta[0]['ip']) ? trim( $user_meta[0]['ip'] ) : '';
492
+ $text .= PHP_EOL;
493
+ }
494
+
495
+ $filename = ! empty( $_POST['filename'] ) ? $_POST['filename'] : false;
496
+
497
+ if( $filename !== false ) {
498
+ header('Content-Type: text/csv');
499
+ echo $text;
500
+ } else {
501
+ echo 'Export error.'; // file not exists or empty $_POST['filename']
502
+ }
503
+ die();
504
+
505
+ }
506
+
507
+ public static function ct_ajax_insert_users()
508
+ {
509
+
510
+ check_ajax_referer( 'ct_secret_nonce', 'security' );
511
+
512
+ //* DELETION
513
+ if(!empty($_POST['delete'])){
514
+ $users = get_users(array('search' => 'user_*', 'search_columns' => array('login', 'nicename')));
515
+ $deleted = 0;
516
+ $amount_to_delete = 1000;
517
+ foreach($users as $user){
518
+ if($deleted >= $amount_to_delete)
519
+ break;
520
+ if(wp_delete_user($user->ID))
521
+ $deleted++;
522
+ }
523
+ print "$deleted";
524
+ die();
525
+ }
526
+ //*/
527
+
528
+ //* INSERTION
529
+ global $wpdb;
530
+ $to_insert = 500;
531
+ $result = $wpdb->get_results('SELECT network FROM `'. APBCT_TBL_FIREWALL_DATA .'` LIMIT '. $to_insert .';', ARRAY_A);
532
+
533
+ if($result){
534
+ $ip = array();
535
+ foreach($result as $value){
536
+ $ips[] = long2ip($value['network']);
537
+ }
538
+ unset($value);
539
+
540
+ $inserted = 0;
541
+ for($i=0; $i<$to_insert; $i++){
542
+ $rnd=mt_rand(1,10000000);
543
+
544
+ $user_name = "user_$rnd";
545
+ $email="stop_email_$rnd@example.com";
546
+
547
+ $user_id = wp_create_user(
548
+ $user_name,
549
+ rand(),
550
+ $email
551
+ );
552
+
553
+ $curr_user = get_user_by('email', $email);
554
+
555
+ update_user_meta($curr_user->ID, 'session_tokens', array($rnd => array('ip' => $ips[$i])));
556
+
557
+ if (is_int($user_id))
558
+ $inserted++;
559
+
560
+ }
561
+ }else{
562
+ $inserted = '0';
563
+ }
564
+ //*/
565
+
566
+ print "$inserted";
567
+ die();
568
+ }
569
+
570
+ public static function ct_ajax_delete_all_users($count_all = 0)
571
+ {
572
+ check_ajax_referer( 'ct_secret_nonce', 'security' );
573
+
574
+ global $wpdb;
575
+
576
+ $r = $wpdb->get_results("select count(*) as cnt from $wpdb->usermeta where meta_key='ct_marked_as_spam';", OBJECT );
577
+
578
+ if(!empty($r)){
579
+
580
+ $count_all = $r ? $r[0]->cnt : 0;
581
+
582
+ $args = array(
583
+ 'meta_key' => 'ct_marked_as_spam',
584
+ 'meta_value' => '1',
585
+ 'fields' => array('ID'),
586
+ 'number' => 50
587
+ );
588
+ $users = get_users($args);
589
+
590
+ if ($users){
591
+ foreach($users as $user){
592
+ wp_delete_user($user->ID);
593
+ usleep(5000);
594
+ }
595
+ }
596
+ }
597
+
598
+ die($count_all);
599
+ }
600
+
601
+ /**
602
+ * Add hidden column into the users table
603
+ *
604
+ * @param $columns
605
+ * @return mixed
606
+ */
607
+ public static function ct_manage_users_columns( $columns ) {
608
+
609
+ $columns['apbct_status hidden'] = '';
610
+ return $columns;
611
+
612
+ }
613
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
614
  }
lib/Cleantalk/ApbctWP/Firewall/AntiCrawler.php CHANGED
@@ -169,7 +169,7 @@ class AntiCrawler extends \Cleantalk\Common\Firewall\FirewallModule{
169
 
170
  foreach( $ua_bl_results as $ua_bl_result ){
171
 
172
- if( ! empty( $ua_bl_result['ua_template'] ) && preg_match( "$". str_replace( '"', '', $ua_bl_result['ua_template'] ) ."$", Server::get('HTTP_USER_AGENT') ) ) {
173
 
174
  $this->ua_id = $ua_bl_result['id'];
175
 
169
 
170
  foreach( $ua_bl_results as $ua_bl_result ){
171
 
172
+ if( ! empty( $ua_bl_result['ua_template'] ) && preg_match( "%". str_replace( '"', '', $ua_bl_result['ua_template'] ) ."%i", Server::get('HTTP_USER_AGENT') ) ) {
173
 
174
  $this->ua_id = $ua_bl_result['id'];
175
 
lib/Cleantalk/ApbctWP/Firewall/AntiFlood.php CHANGED
@@ -147,13 +147,15 @@ class AntiFlood extends \Cleantalk\Common\Firewall\FirewallModule{
147
  status = '$status',
148
  all_entries = 1,
149
  blocked_entries = 1,
150
- entries_timestamp = '" . intval( $time ) . "'
 
151
  ON DUPLICATE KEY
152
  UPDATE
153
  status = '$status',
154
  all_entries = all_entries + 1,
155
  blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
156
- entries_timestamp = '" . intval( $time ) . "'";
 
157
 
158
  $this->db->execute( $query );
159
  }
147
  status = '$status',
148
  all_entries = 1,
149
  blocked_entries = 1,
150
+ entries_timestamp = '" . intval( $time ) . "',
151
+ ua_name = '" . Server::get('HTTP_USER_AGENT') . "'
152
  ON DUPLICATE KEY
153
  UPDATE
154
  status = '$status',
155
  all_entries = all_entries + 1,
156
  blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
157
+ entries_timestamp = '" . intval( $time ) . "',
158
+ ua_name = '" . Server::get('HTTP_USER_AGENT') . "'";
159
 
160
  $this->db->execute( $query );
161
  }
lib/Cleantalk/ApbctWP/Firewall/SFW.php CHANGED
@@ -171,13 +171,15 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
171
  status = '$status',
172
  all_entries = 1,
173
  blocked_entries = 1,
174
- entries_timestamp = '" . $time . "'
 
175
  ON DUPLICATE KEY
176
  UPDATE
177
  status = '$status',
178
  all_entries = all_entries + 1,
179
  blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
180
- entries_timestamp = '" . intval( $time ) . "'";
 
181
 
182
  $this->db->execute( $query );
183
  }
@@ -378,7 +380,7 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
378
  global $apbct;
379
 
380
  // Getting remote file name
381
- if(!$file_url){
382
 
383
  $result = \Cleantalk\Common\API::method__get_2s_blacklists_db($ct_key, 'multifiles', '3_0');
384
 
@@ -386,7 +388,7 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
386
 
387
  if( empty( $result['error'] ) ){
388
 
389
- // User Agents blacklist
390
  if( ! empty( $result['file_ua_url'] ) && $apbct->settings['sfw__anti_crawler'] ){
391
  $ua_bl_res = AntiCrawler::update( trim( $result['file_ua_url'] ) );
392
  if( ! empty( $ua_bl_res['error'] ) )
@@ -415,42 +417,31 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
415
  $data = gzdecode( $gz_data );
416
 
417
  if( $data !== false ){
418
-
419
- $result__clear_db = self::clear_data_table( $db, $db__table__data );
420
-
421
- if( empty( $result__clear_db['error'] ) ){
422
-
423
- $lines = Helper::buffer__parse__csv( $data );
424
-
425
- /*$file_urls = array();
426
-
427
- while( current( $lines ) !== false ){
428
- $file_urls[] = current( $lines )[0];
429
- next( $lines );
430
- }*/
431
-
432
- $patterns = array();
433
- $patterns[] = 'get';
434
-
435
- if( ! $immediate ){
436
- $patterns[] = 'async';
437
- }
438
-
439
- return Helper::http__request(
440
- get_option( 'siteurl' ),
441
- array(
442
- 'spbc_remote_call_token' => md5( $ct_key ),
443
- 'spbc_remote_call_action' => 'sfw_update',
444
- 'plugin_name' => 'apbct',
445
- 'file_urls' => $file_url,
446
- 'url_count' => count( $lines ),
447
- 'current_url' => 0,
448
- ),
449
- $patterns
450
- );
451
-
452
- }else
453
- return $result__clear_db;
454
  }else
455
  return array('error' => 'COULD_DECODE_MULTIFILE');
456
  }else
@@ -469,7 +460,7 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
469
  return $result;
470
  }else{
471
 
472
- $response_code = Helper::http__request($file_url, array(), 'get_code');
473
 
474
  if( empty( $response_code['error'] ) ){
475
 
@@ -539,26 +530,33 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
539
  return array('error' => 'FILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
540
  }
541
  }
542
-
543
- /**
544
- * Clear SFW table
545
- *
546
- * @param $db
547
- * @param $db__table__data
548
- *
549
- * @return string[]
550
- */
551
- public static function clear_data_table( $db, $db__table__data ) {
552
-
553
- $db->execute( "TRUNCATE TABLE {$db__table__data};" );
554
- $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
555
- if( $db->result['cnt'] != 0 ){
556
- $db->execute( "DELETE FROM {$db__table__data};" ); // Truncate table
557
- $db->set_query( "SELECT COUNT(network) as cnt FROM {$db__table__data};" )->fetch(); // Check if it is clear
558
- if( $db->result['cnt'] != 0 ){
559
- return array( 'error' => 'COULD_NOT_CLEAR_SFW_TABLE' ); // throw an error
560
- }
561
- }
562
- $db->execute( "ALTER TABLE {$db__table__data} AUTO_INCREMENT = 1;" ); // Drop AUTO INCREMENT
563
- }
 
 
 
 
 
 
 
564
  }
171
  status = '$status',
172
  all_entries = 1,
173
  blocked_entries = 1,
174
+ entries_timestamp = '" . $time . "',
175
+ ua_name = '" . Server::get('HTTP_USER_AGENT') . "'
176
  ON DUPLICATE KEY
177
  UPDATE
178
  status = '$status',
179
  all_entries = all_entries + 1,
180
  blocked_entries = blocked_entries" . ( strpos( $status, 'DENY' ) !== false ? ' + 1' : '' ) . ",
181
+ entries_timestamp = '" . intval( $time ) . "',
182
+ ua_name = '" . Server::get('HTTP_USER_AGENT') . "'";
183
 
184
  $this->db->execute( $query );
185
  }
380
  global $apbct;
381
 
382
  // Getting remote file name
383
+ if( ! $file_url ){
384
 
385
  $result = \Cleantalk\Common\API::method__get_2s_blacklists_db($ct_key, 'multifiles', '3_0');
386
 
388
 
389
  if( empty( $result['error'] ) ){
390
 
391
+ // User-Agents blacklist
392
  if( ! empty( $result['file_ua_url'] ) && $apbct->settings['sfw__anti_crawler'] ){
393
  $ua_bl_res = AntiCrawler::update( trim( $result['file_ua_url'] ) );
394
  if( ! empty( $ua_bl_res['error'] ) )
417
  $data = gzdecode( $gz_data );
418
 
419
  if( $data !== false ){
420
+
421
+ $lines = Helper::buffer__parse__csv( $data );
422
+
423
+ $patterns = array();
424
+ $patterns[] = 'get';
425
+
426
+ if( ! $immediate ){
427
+ $patterns[] = 'async';
428
+ }
429
+
430
+ return Helper::http__request(
431
+ get_option( 'siteurl' ),
432
+ array(
433
+ 'spbc_remote_call_token' => md5( $ct_key ),
434
+ 'spbc_remote_call_action' => 'sfw_update',
435
+ 'plugin_name' => 'apbct',
436
+ 'file_urls' => str_replace( array( 'http://', 'https://' ), '', $file_url ),
437
+ 'url_count' => count( $lines ),
438
+ 'current_url' => 0,
439
+ // Additional params
440
+ 'firewall_updating_id' => $apbct->data['firewall_updating_id'],
441
+ ),
442
+ $patterns
443
+ );
444
+
 
 
 
 
 
 
 
 
 
 
 
445
  }else
446
  return array('error' => 'COULD_DECODE_MULTIFILE');
447
  }else
460
  return $result;
461
  }else{
462
 
463
+ $response_code = Helper::http__request( 'https://' . $file_url, array(), 'get_code' );
464
 
465
  if( empty( $response_code['error'] ) ){
466
 
530
  return array('error' => 'FILE_COULD_NOT_GET_RESPONSE_CODE: '. $response_code['error'] );
531
  }
532
  }
533
+
534
+ /**
535
+ * Creatin a temporary updating table
536
+ *
537
+ * @param \wpdb $db database handler
538
+ */
539
+ public static function create_temp_tables( $db ){
540
+ $db->execute( 'CREATE TABLE IF NOT EXISTS `' . APBCT_TBL_FIREWALL_DATA . '_temp` LIKE `' . APBCT_TBL_FIREWALL_DATA . '`;' );
541
+ $db->execute( 'TRUNCATE TABLE `' . APBCT_TBL_FIREWALL_DATA . '_temp`;' );
542
+ }
543
+
544
+ /**
545
+ * Removing a temporary updating table
546
+ *
547
+ * @param \wpdb $db database handler
548
+ */
549
+ public static function delete_main_data_tables( $db ){
550
+ $db->execute( 'DROP TABLE `'. APBCT_TBL_FIREWALL_DATA .'`;' );
551
+ }
552
+
553
+ /**
554
+ * Renamin a temporary updating table into production table name
555
+ *
556
+ * @param \wpdb $db database handler
557
+ */
558
+ public static function rename_data_tables( $db ){
559
+ $db->execute( 'ALTER TABLE `'. APBCT_TBL_FIREWALL_DATA .'_temp` RENAME `'. APBCT_TBL_FIREWALL_DATA .'`;' );
560
+ }
561
+
562
  }
lib/Cleantalk/ApbctWP/State.php CHANGED
@@ -1,578 +1,584 @@
1
- <?php
2
-
3
- namespace Cleantalk\ApbctWP;
4
-
5
- use ArrayObject;
6
-
7
- /**
8
- * CleanTalk Antispam State class
9
- *
10
- * @package Antiospam Plugin by CleanTalk
11
- * @subpackage State
12
- * @Version 2.0
13
- * @author Cleantalk team (welcome@cleantalk.org)
14
- * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
15
- * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
16
- */
17
-
18
- /**
19
- * COMMON
20
- *
21
- * @property string api_key
22
- *
23
- * STAND ALONE
24
- *
25
- * @property ArrayObject settings
26
- * @property ArrayObject data
27
- * @property ArrayObject plugin_request_ids
28
- *
29
- * @property mixed moderate_ip
30
- * @property mixed|string plugin_version
31
- * @property mixed|string db_prefix
32
- * @property string settings_link
33
- * @property int key_is_ok
34
- * @property string logo__small__colored
35
- * @property string logo__small
36
- * @property string logo
37
- * @property string plugin_name
38
- * @property string base_name
39
- * @property string plugin_request_id
40
- * @property array|mixed errors
41
- *
42
- * NETWORK
43
- * @property ArrayObject network_data
44
- * @property ArrayObject network_settings
45
- * @property mixed allow_custom_key
46
- * @property bool white_label
47
- * @property mixed moderate
48
- *
49
- * MISC
50
- *
51
- */
52
- class State
53
- {
54
- public $user = null;
55
- public $option_prefix = 'cleantalk';
56
- public $storage = array();
57
- public $integrations = array();
58
- public $def_settings = array(
59
-
60
- 'spam_firewall' => 1,
61
- 'sfw__anti_flood' => 0,
62
- 'sfw__anti_flood__view_limit' => 10,
63
- 'sfw__anti_crawler' => 0,
64
- 'sfw__anti_crawler_ua' => 0,
65
- 'apikey' => '',
66
- 'autoPubRevelantMess' => 0,
67
-
68
- /* Forms for protection */
69
- 'registrations_test' => 1,
70
- 'comments_test' => 1,
71
- 'contact_forms_test' => 1,
72
- 'general_contact_forms_test' => 1, // Antispam test for unsupported and untested contact forms
73
- 'wc_checkout_test' => 1, // WooCommerce checkout default test
74
- 'wc_register_from_order' => 1, // Woocommerce registration during checkout
75
- 'search_test' => 1, // Test deafult Wordpress form
76
- 'check_external' => 0,
77
- 'check_external__capture_buffer' => 0,
78
- 'check_internal' => 0,
79
-
80
- /* Comments and messages */
81
- 'disable_comments__all' => 0,
82
- 'disable_comments__posts' => 0,
83
- 'disable_comments__pages' => 0,
84
- 'disable_comments__media' => 0,
85
- 'bp_private_messages' => 1, //buddyPress private messages test => ON
86
- 'check_comments_number' => 1,
87
- 'remove_old_spam' => 0,
88
- 'remove_comments_links' => 0, // Removes links from approved comments
89
- 'show_check_links' => 1, // Shows check link to Cleantalk's DB.
90
- 'manage_comments_on_public_page' => 0, // Allows to control comments on public page.
91
-
92
- // Data processing
93
- 'protect_logged_in' => 1, // Do anit-spam tests to for logged in users.
94
- 'use_ajax' => 1,
95
- 'use_static_js_key' => -1,
96
- 'general_postdata_test' => 0, //CAPD
97
- 'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.
98
- 'set_cookies__sessions'=> 0, // Use alt sessions for cookies.
99
- 'ssl_on' => 0, // Secure connection to servers
100
- 'use_buitin_http_api' => 1, // Using Wordpress HTTP built in API
101
-
102
- // Exclusions
103
- 'exclusions__urls' => '',
104
- 'exclusions__urls__use_regexp' => 0,
105
- 'exclusions__fields' => '',
106
- 'exclusions__fields__use_regexp' => 0,
107
- 'exclusions__roles' => array('Administrator'),
108
-
109
- // Administrator Panel
110
- 'show_adminbar' => 1, // Show the admin bar.
111
- 'all_time_counter' => 0,
112
- 'daily_counter' => 0,
113
- 'sfw_counter' => 0,
114
-
115
- //Others
116
- 'user_token' => '',
117
- 'collect_details' => 0, // Collect details about browser of the visitor.
118
- 'send_connection_reports' => 0, //Send connection reports to Cleantalk servers
119
- 'async_js' => 0,
120
- 'debug_ajax' => 0,
121
-
122
- // GDPR
123
- 'gdpr_enabled' => 0,
124
- 'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',
125
-
126
- // Msic
127
- 'store_urls' => 1,
128
- 'store_urls__sessions' => 1,
129
- 'comment_notify' => 1,
130
- 'comment_notify__roles' => array( 'administrator' ),
131
- 'complete_deactivation' => 0,
132
- 'dashboard_widget__show' => 1,
133
- );
134
-
135
- public $def_data = array(
136
-
137
- // Plugin data
138
- 'plugin_version' => APBCT_VERSION,
139
- 'js_keys' => array(), // Keys to do JavaScript antispam test
140
- 'js_keys_store_days' => 14, // JavaScript keys store days - 8 days now
141
- 'js_key_lifetime' => 86400, // JavaScript key life time in seconds - 1 day now
142
- 'last_remote_call' => 0, //Timestam of last remote call
143
-
144
- // Antispam
145
- 'spam_store_days' => 15, // Days before delete comments from folder Spam
146
- 'relevance_test' => 0, // Test comment for relevance
147
- 'notice_api_errors' => 0, // Send API error notices to WP admin
148
-
149
- // Account data
150
- 'service_id' => 0,
151
- 'moderate' => 0,
152
- 'moderate_ip' => 0,
153
- 'ip_license' => 0,
154
- 'spam_count' => 0,
155
- 'auto_update' => 0,
156
- 'user_token' => '', // User token for auto login into spam statistics
157
- 'license_trial' => 0,
158
-
159
- // Notices
160
- 'notice_show' => 0,
161
- 'notice_trial' => 0,
162
- 'notice_renew' => 0,
163
- 'notice_review' => 0,
164
- 'notice_auto_update' => 0,
165
-
166
- // Brief data
167
- 'brief_data' => array(
168
- 'spam_stat' => array(),
169
- 'top5_spam_ip' => array(),
170
- ),
171
-
172
- 'array_accepted' => array(),
173
- 'array_blocked' => array(),
174
- 'current_hour' => '',
175
- 'sfw_counter' => array(
176
- 'all' => 0,
177
- 'blocked' => 0,
178
- ),
179
- 'all_time_counter' => array(
180
- 'accepted' => 0,
181
- 'blocked' => 0,
182
- ),
183
- 'user_counter' => array(
184
- 'accepted' => 0,
185
- 'blocked' => 0,
186
- // 'since' => date('d M'),
187
- ),
188
- 'connection_reports' => array(
189
- 'success' => 0,
190
- 'negative' => 0,
191
- 'negative_report' => array(),
192
- // 'since' => date('d M'),
193
- ),
194
-
195
- // A-B tests
196
- 'ab_test' => array(
197
- 'sfw_enabled' => false,
198
- ),
199
-
200
- // Misc
201
- 'feedback_request' => '',
202
- 'key_is_ok' => 0,
203
- 'salt' => '',
204
- );
205
-
206
- public $def_network_settings = array(
207
-
208
- // Key
209
- 'apikey' => '',
210
- 'allow_custom_key' => 1,
211
- 'allow_custom_settings' => 1,
212
-
213
- // White label settings
214
- 'white_label' => 0,
215
- 'white_label__hoster_key' => '',
216
- 'white_label__plugin_name' => 'Anti-Spam by CleanTalk',
217
- 'use_settings_template' => 0,
218
- 'use_settings_template_apply_for_new' => 0,
219
- 'use_settings_template_apply_for_current' => 0,
220
- 'use_settings_template_apply_for_current_list_sites' => '',
221
- );
222
-
223
- public $def_network_data = array(
224
- 'key_is_ok' => 0,
225
- 'moderate' => 0,
226
- 'valid' => 0,
227
- 'user_token' => '',
228
- 'service_id' => 0,
229
- 'auto_update' => 0,
230
- );
231
-
232
- public $def_remote_calls = array(
233
- 'close_renew_banner' => array(
234
- 'last_call' => 0,
235
- ),
236
- 'sfw_update' => array(
237
- 'last_call' => 0,
238
- ),
239
- 'sfw_send_logs' => array(
240
- 'last_call' => 0,
241
- ),
242
- 'update_plugin' => array(
243
- 'last_call' => 0,
244
- ),
245
- 'install_plugin' => array(
246
- 'last_call' => 0,
247
- ),
248
- 'activate_plugin' => array(
249
- 'last_call' => 0,
250
- ),
251
- 'insert_auth_key' => array(
252
- 'last_call' => 0,
253
- ),
254
- 'deactivate_plugin' => array(
255
- 'last_call' => 0,
256
- ),
257
- 'uninstall_plugin' => array(
258
- 'last_call' => 0,
259
- ),
260
- 'update_settings' => array(
261
- 'last_call' => 0,
262
- ),
263
- );
264
-
265
- public $def_stats = array(
266
- 'sfw' => array(
267
- 'last_send_time' => 0,
268
- 'last_send_amount' => 0,
269
- 'last_update_time' => 0,
270
- 'entries' => 0,
271
- ),
272
- 'last_sfw_block' => array(
273
- 'time' => 0,
274
- 'ip' => '',
275
- ),
276
- 'last_request' => array(
277
- 'time' => 0,
278
- 'server' => '',
279
- ),
280
- 'requests' => array(
281
- '0' => array(
282
- 'amount' => 1,
283
- 'average_time' => 0,
284
- ),
285
- )
286
- );
287
-
288
- /**
289
- * @param string $option_prefix Database settings prefix
290
- * @param array $options Array of strings. Types of settings you want to get.
291
- */
292
- public function __construct($option_prefix, $options = array('settings'))
293
- {
294
- $this->option_prefix = $option_prefix;
295
-
296
- // Network settings
297
- $option = get_site_option($this->option_prefix.'_network_settings');
298
- $option = is_array($option) ? array_merge($this->def_network_settings, $option) : $this->def_network_settings;
299
- $this->network_settings = new ArrayObject($option);
300
-
301
- // Network data
302
- $option = get_site_option($this->option_prefix.'_network_data');
303
- $option = is_array($option) ? array_merge($this->def_network_data, $option) : $this->def_network_data;
304
- $this->network_data = new ArrayObject($option);
305
-
306
- foreach($options as $option_name){
307
-
308
- $option = get_option($this->option_prefix.'_'.$option_name);
309
-
310
- // Setting default options
311
- if($this->option_prefix.'_'.$option_name === 'cleantalk_settings'){
312
- $option = is_array($option) ? array_merge($this->def_settings, $option) : $this->def_settings;
313
- }
314
-
315
- // Setting default data
316
- if($this->option_prefix.'_'.$option_name === 'cleantalk_data'){
317
- $option = is_array($option) ? array_merge($this->def_data, $option) : $this->def_data;
318
- // Generate salt
319
- $option['salt'] = empty($option['salt'])
320
- ? str_pad(rand(0, getrandmax()), 6, '0').str_pad(rand(0, getrandmax()), 6, '0')
321
- : $option['salt'];
322
- }
323
-
324
- // Setting default errors
325
- if($this->option_prefix.'_'.$option_name === 'cleantalk_errors'){
326
- $option = $option ? $option : array();
327
- }
328
-
329
- // Default remote calls
330
- if($this->option_prefix.'_'.$option_name === 'cleantalk_remote_calls'){
331
- $option = is_array($option) ? array_merge($this->def_remote_calls, $option) : $this->def_remote_calls;
332
- }
333
-
334
- // Default statistics
335
- if($this->option_prefix.'_'.$option_name === 'cleantalk_stats'){
336
- $option = is_array($option) ? array_merge($this->def_stats, $option) : $this->def_stats;
337
- }
338
-
339
- $this->$option_name = is_array($option) ? new ArrayObject($option) : $option;
340
- }
341
- }
342
-
343
- /**
344
- * Get specified option from database
345
- *
346
- * @param string $option_name
347
- */
348
- private function getOption($option_name)
349
- {
350
- $option = get_option('cleantalk_'.$option_name, null);
351
-
352
- $this->$option_name = gettype($option) === 'array'
353
- ? new ArrayObject($option)
354
- : $option;
355
- }
356
-
357
- /**
358
- * Save option to database
359
- *
360
- * @param string $option_name
361
- * @param bool $use_prefix
362
- * @param bool $autoload Use autoload flag?
363
- */
364
- public function save($option_name, $use_prefix = true, $autoload = true)
365
- {
366
- $option_name_to_save = $use_prefix ? $this->option_prefix . '_' . $option_name : $option_name;
367
- $arr = array();
368
- foreach($this->$option_name as $key => $value){
369
- $arr[$key] = $value;
370
- }
371
- update_option($option_name_to_save, $arr, $autoload);
372
- }
373
-
374
- /**
375
- * Save PREFIX_setting to DB.
376
- */
377
- public function saveSettings()
378
- {
379
- update_option($this->option_prefix.'_settings', (array)$this->settings);
380
- }
381
-
382
- /**
383
- * Save PREFIX_data to DB.
384
- */
385
- public function saveData()
386
- {
387
- update_option($this->option_prefix.'_data', (array)$this->data);
388
- }
389
-
390
- /**
391
- * Save PREFIX_error to DB.
392
- */
393
- public function saveErrors()
394
- {
395
- update_option($this->option_prefix.'_errors', (array)$this->errors);
396
- }
397
-
398
- /**
399
- * Save PREFIX_network_data to DB.
400
- */
401
- public function saveNetworkData()
402
- {
403
- update_site_option($this->option_prefix.'_network_data', $this->network_data);
404
- }
405
-
406
- /**
407
- * Save PREFIX_network_data to DB.
408
- */
409
- public function saveNetworkSettings()
410
- {
411
- update_site_option($this->option_prefix.'_network_settings', $this->network_settings);
412
- }
413
-
414
- /**
415
- * Unset and delete option from DB.
416
- *
417
- * @param string $option_name
418
- * @param bool $use_prefix
419
- */
420
- public function deleteOption($option_name, $use_prefix = false)
421
- {
422
- if($this->__isset($option_name)){
423
- $this->__unset($option_name);
424
- delete_option( ($use_prefix ? $this->option_prefix.'_' : '') . $option_name);
425
- }
426
- }
427
-
428
- /**
429
- * Prepares an adds an error to the plugin's data
430
- *
431
- * @param string $type Error type/subtype
432
- * @param string|array $error Error
433
- * @param string $major_type Error major type
434
- * @param bool $set_time Do we need to set time of this error
435
- *
436
- * @returns null
437
- */
438
- public function error_add($type, $error, $major_type = null, $set_time = true)
439
- {
440
- $error = is_array($error)
441
- ? $error['error']
442
- : $error;
443
-
444
- // Exceptions
445
- if( ($type == 'send_logs' && $error == 'NO_LOGS_TO_SEND') ||
446
- ($type == 'send_firewall_logs' && $error == 'NO_LOGS_TO_SEND') ||
447
- $error == 'LOG_FILE_NOT_EXISTS'
448
- )
449
- return;
450
-
451
- $error = array(
452
- 'error' => $error,
453
- 'error_time' => $set_time ? current_time('timestamp') : null,
454
- );
455
-
456
- if(!empty($major_type)){
457
- $this->errors[$major_type][$type] = $error;
458
- }else{
459
- $this->errors[$type] = $error;
460
- }
461
-
462
- $this->saveErrors();
463
- }
464
-
465
- /**
466
- * Deletes an error from the plugin's data
467
- *
468
- * @param array|string $type Error type to delete
469
- * @param bool $save_flag Do we need to save data after error was deleted
470
- * @param string $major_type Error major type to delete
471
- *
472
- * @returns null
473
- */
474
- public function error_delete($type, $save_flag = false, $major_type = null)
475
- {
476
- /** @noinspection DuplicatedCode */
477
- if(is_string($type))
478
- $type = explode(' ', $type);
479
-
480
- foreach($type as $val){
481
- if($major_type){
482
- if(isset($this->errors[$major_type][$val]))
483
- unset($this->errors[$major_type][$val]);
484
- }else{
485
- if(isset($this->errors[$val]))
486
- unset($this->errors[$val]);
487
- }
488
- }
489
-
490
- // Save if flag is set and there are changes
491
- if($save_flag)
492
- $this->saveErrors();
493
- }
494
-
495
- /**
496
- * Deletes all errors from the plugin's data
497
- *
498
- * @param bool $save_flag Do we need to save data after all errors was deleted
499
- *
500
- * @returns null
501
- */
502
- public function error_delete_all($save_flag = false)
503
- {
504
- $this->errors = array();
505
- if($save_flag)
506
- $this->saveErrors();
507
- }
508
-
509
- /**
510
- * Magic.
511
- * Add new variables to storage[NEW_VARIABLE]
512
- * And duplicates it in storage['data'][NEW_VARIABLE]
513
- *
514
- * @param string $name
515
- * @param mixed $value
516
- */
517
- public function __set($name, $value)
518
- {
519
- $this->storage[$name] = $value;
520
- if(isset($this->storage['data'][$name])){
521
- $this->storage['data'][$name] = $value;
522
- }
523
- }
524
-
525
- /**
526
- * Magic.
527
- * Search and get param from: storage, data, api_key, database
528
- *
529
- * @param $name
530
- *
531
- * @return mixed
532
- */
533
- public function __get($name)
534
- {
535
- // First check in storage
536
- if (isset($this->storage[$name])){
537
- return $this->storage[$name];
538
-
539
- // Then in data
540
- }elseif(isset($this->storage['data'][$name])){
541
- $this->$name = $this->storage['data'][$name];
542
- return $this->storage['data'][$name];
543
-
544
- // Otherwise try to get it from db settings table
545
- // it will be arrayObject || scalar || null
546
- }else{
547
- $this->getOption($name);
548
- return $this->storage[$name];
549
- }
550
-
551
- }
552
-
553
- public function __isset($name)
554
- {
555
- return isset($this->storage[$name]);
556
- }
557
-
558
- public function __unset($name)
559
- {
560
- unset($this->storage[$name]);
561
- }
562
-
563
- public function server(){
564
- return \Cleantalk\Variables\Server::getInstance();
565
- }
566
- public function cookie(){
567
- return \Cleantalk\Variables\Cookie::getInstance();
568
- }
569
- public function request(){
570
- return \Cleantalk\Variables\Request::getInstance();
571
- }
572
- public function post(){
573
- return \Cleantalk\Variables\Post::getInstance();
574
- }
575
- public function get(){
576
- return \Cleantalk\Variables\Get::getInstance();
577
- }
578
- }
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace Cleantalk\ApbctWP;
4
+
5
+ use ArrayObject;
6
+
7
+ /**
8
+ * CleanTalk Antispam State class
9
+ *
10
+ * @package Antiospam Plugin by CleanTalk
11
+ * @subpackage State
12
+ * @Version 2.0
13
+ * @author Cleantalk team (welcome@cleantalk.org)
14
+ * @copyright (C) 2014 CleanTalk team (http://cleantalk.org)
15
+ * @license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
16
+ */
17
+
18
+ /**
19
+ * COMMON
20
+ *
21
+ * @property string api_key
22
+ *
23
+ * STAND ALONE
24
+ *
25
+ * @property ArrayObject settings
26
+ * @property ArrayObject data
27
+ * @property ArrayObject plugin_request_ids
28
+ *
29
+ * @property mixed moderate_ip
30
+ * @property mixed|string plugin_version
31
+ * @property mixed|string db_prefix
32
+ * @property string settings_link
33
+ * @property int key_is_ok
34
+ * @property string logo__small__colored
35
+ * @property string logo__small
36
+ * @property string logo
37
+ * @property string plugin_name
38
+ * @property string base_name
39
+ * @property string plugin_request_id
40
+ * @property array|mixed errors
41
+ *
42
+ * NETWORK
43
+ * @property ArrayObject network_data
44
+ * @property ArrayObject network_settings
45
+ * @property mixed allow_custom_key
46
+ * @property bool white_label
47
+ * @property mixed moderate
48
+ *
49
+ * MISC
50
+ *
51
+ */
52
+ class State
53
+ {
54
+ public $user = null;
55
+ public $option_prefix = 'cleantalk';
56
+ public $storage = array();
57
+ public $integrations = array();
58
+ public $def_settings = array(
59
+
60
+ 'spam_firewall' => 1,
61
+ 'sfw__anti_flood' => 0,
62
+ 'sfw__anti_flood__view_limit' => 10,
63
+ 'sfw__anti_crawler' => 0,
64
+ 'sfw__anti_crawler_ua' => 1,
65
+ 'apikey' => '',
66
+ 'autoPubRevelantMess' => 0,
67
+
68
+ /* Forms for protection */
69
+ 'registrations_test' => 1,
70
+ 'comments_test' => 1,
71
+ 'contact_forms_test' => 1,
72
+ 'general_contact_forms_test' => 1, // Antispam test for unsupported and untested contact forms
73
+ 'wc_checkout_test' => 1, // WooCommerce checkout default test
74
+ 'wc_register_from_order' => 1, // Woocommerce registration during checkout
75
+ 'search_test' => 1, // Test deafult Wordpress form
76
+ 'check_external' => 0,
77
+ 'check_external__capture_buffer' => 0,
78
+ 'check_internal' => 0,
79
+
80
+ /* Comments and messages */
81
+ 'disable_comments__all' => 0,
82
+ 'disable_comments__posts' => 0,
83
+ 'disable_comments__pages' => 0,
84
+ 'disable_comments__media' => 0,
85
+ 'bp_private_messages' => 1, //buddyPress private messages test => ON
86
+ 'check_comments_number' => 1,
87
+ 'remove_old_spam' => 0,
88
+ 'remove_comments_links' => 0, // Removes links from approved comments
89
+ 'show_check_links' => 1, // Shows check link to Cleantalk's DB.
90
+ 'manage_comments_on_public_page' => 0, // Allows to control comments on public page.
91
+
92
+ // Data processing
93
+ 'protect_logged_in' => 1, // Do anit-spam tests to for logged in users.
94
+ 'use_ajax' => 1,
95
+ 'use_static_js_key' => -1,
96
+ 'general_postdata_test' => 0, //CAPD
97
+ 'set_cookies'=> 1, // Disable cookies generatation to be compatible with Varnish.
98
+ 'set_cookies__sessions'=> 0, // Use alt sessions for cookies.
99
+ 'ssl_on' => 0, // Secure connection to servers
100
+ 'use_buitin_http_api' => 1, // Using Wordpress HTTP built in API
101
+
102
+ // Exclusions
103
+ 'exclusions__urls' => '',
104
+ 'exclusions__urls__use_regexp' => 0,
105
+ 'exclusions__fields' => '',
106
+ 'exclusions__fields__use_regexp' => 0,
107
+ 'exclusions__roles' => array('Administrator'),
108
+
109
+ // Administrator Panel
110
+ 'show_adminbar' => 1, // Show the admin bar.
111
+ 'all_time_counter' => 0,
112
+ 'daily_counter' => 0,
113
+ 'sfw_counter' => 0,
114
+
115
+ //Others
116
+ 'user_token' => '',
117
+ 'collect_details' => 0, // Collect details about browser of the visitor.
118
+ 'send_connection_reports' => 0, //Send connection reports to Cleantalk servers
119
+ 'async_js' => 0,
120
+ 'debug_ajax' => 0,
121
+
122
+ // GDPR
123
+ 'gdpr_enabled' => 0,
124
+ 'gdpr_text' => 'By using this form you agree with the storage and processing of your data by using the Privacy Policy on this website.',
125
+
126
+ // Msic
127
+ 'store_urls' => 1,
128
+ 'store_urls__sessions' => 1,
129
+ 'comment_notify' => 1,
130
+ 'comment_notify__roles' => array( 'administrator' ),
131
+ 'complete_deactivation' => 0,
132
+ 'dashboard_widget__show' => 1,
133
+ );
134
+
135
+ public $def_data = array(
136
+
137
+ // Plugin data
138
+ 'plugin_version' => APBCT_VERSION,
139
+ 'js_keys' => array(), // Keys to do JavaScript antispam test
140
+ 'js_keys_store_days' => 14, // JavaScript keys store days - 8 days now
141
+ 'js_key_lifetime' => 86400, // JavaScript key life time in seconds - 1 day now
142
+ 'last_remote_call' => 0, //Timestam of last remote call
143
+
144
+ // Antispam
145
+ 'spam_store_days' => 15, // Days before delete comments from folder Spam
146
+ 'relevance_test' => 0, // Test comment for relevance
147
+ 'notice_api_errors' => 0, // Send API error notices to WP admin
148
+
149
+ // Account data
150
+ 'service_id' => 0,
151
+ 'moderate' => 0,
152
+ 'moderate_ip' => 0,
153
+ 'ip_license' => 0,
154
+ 'spam_count' => 0,
155
+ 'auto_update' => 0,
156
+ 'user_token' => '', // User token for auto login into spam statistics
157
+ 'license_trial' => 0,
158
+
159
+ // Notices
160
+ 'notice_show' => 0,
161
+ 'notice_trial' => 0,
162
+ 'notice_renew' => 0,
163
+ 'notice_review' => 0,
164
+ 'notice_auto_update' => 0,
165
+
166
+ // Brief data
167
+ 'brief_data' => array(
168
+ 'spam_stat' => array(),
169
+ 'top5_spam_ip' => array(),
170
+ ),
171
+
172
+ 'array_accepted' => array(),
173
+ 'array_blocked' => array(),
174
+ 'current_hour' => '',
175
+ 'sfw_counter' => array(
176
+ 'all' => 0,
177
+ 'blocked' => 0,
178
+ ),
179
+ 'all_time_counter' => array(
180
+ 'accepted' => 0,
181
+ 'blocked' => 0,
182
+ ),
183
+ 'user_counter' => array(
184
+ 'accepted' => 0,
185
+ 'blocked' => 0,
186
+ // 'since' => date('d M'),
187
+ ),
188
+ 'connection_reports' => array(
189
+ 'success' => 0,
190
+ 'negative' => 0,
191
+ 'negative_report' => array(),
192
+ // 'since' => date('d M'),
193
+ ),
194
+
195
+ // A-B tests
196
+ 'ab_test' => array(
197
+ 'sfw_enabled' => false,
198
+ ),
199
+
200
+ // Misc
201
+ 'feedback_request' => '',
202
+ 'key_is_ok' => 0,
203
+ 'salt' => '',
204
+
205
+ //FireWall
206
+ 'firewall_updating_id' => null,
207
+ 'firewall_update_percent' => 0,
208
+ 'firewall_updating_last_start' => 0,
209
+
210
+ );
211
+
212
+ public $def_network_settings = array(
213
+
214
+ // Key
215
+ 'apikey' => '',
216
+ 'allow_custom_key' => 1,
217
+ 'allow_custom_settings' => 1,
218
+
219
+ // White label settings
220
+ 'white_label' => 0,
221
+ 'white_label__hoster_key' => '',
222
+ 'white_label__plugin_name' => 'Anti-Spam by CleanTalk',
223
+ 'use_settings_template' => 0,
224
+ 'use_settings_template_apply_for_new' => 0,
225
+ 'use_settings_template_apply_for_current' => 0,
226
+ 'use_settings_template_apply_for_current_list_sites' => '',
227
+ );
228
+
229
+ public $def_network_data = array(
230
+ 'key_is_ok' => 0,
231
+ 'moderate' => 0,
232
+ 'valid' => 0,
233
+ 'user_token' => '',
234
+ 'service_id' => 0,
235
+ 'auto_update' => 0,
236
+ );
237
+
238
+ public $def_remote_calls = array(
239
+ 'close_renew_banner' => array(
240
+ 'last_call' => 0,
241
+ ),
242
+ 'sfw_update' => array(
243
+ 'last_call' => 0,
244
+ ),
245
+ 'sfw_send_logs' => array(
246
+ 'last_call' => 0,
247
+ ),
248
+ 'update_plugin' => array(
249
+ 'last_call' => 0,
250
+ ),
251
+ 'install_plugin' => array(
252
+ 'last_call' => 0,
253
+ ),
254
+ 'activate_plugin' => array(
255
+ 'last_call' => 0,
256
+ ),
257
+ 'insert_auth_key' => array(
258
+ 'last_call' => 0,
259
+ ),
260
+ 'deactivate_plugin' => array(
261
+ 'last_call' => 0,
262
+ ),
263
+ 'uninstall_plugin' => array(
264
+ 'last_call' => 0,
265
+ ),
266
+ 'update_settings' => array(
267
+ 'last_call' => 0,
268
+ ),
269
+ );
270
+
271
+ public $def_stats = array(
272
+ 'sfw' => array(
273
+ 'last_send_time' => 0,
274
+ 'last_send_amount' => 0,
275
+ 'last_update_time' => 0,
276
+ 'entries' => 0,
277
+ ),
278
+ 'last_sfw_block' => array(
279
+ 'time' => 0,
280
+ 'ip' => '',
281
+ ),
282
+ 'last_request' => array(
283
+ 'time' => 0,
284
+ 'server' => '',
285
+ ),
286
+ 'requests' => array(
287
+ '0' => array(
288
+ 'amount' => 1,
289
+ 'average_time' => 0,
290
+ ),
291
+ )
292
+ );
293
+
294
+ /**
295
+ * @param string $option_prefix Database settings prefix
296
+ * @param array $options Array of strings. Types of settings you want to get.
297
+ */
298
+ public function __construct($option_prefix, $options = array('settings'))
299
+ {
300
+ $this->option_prefix = $option_prefix;
301
+
302
+ // Network settings
303
+ $option = get_site_option($this->option_prefix.'_network_settings');
304
+ $option = is_array($option) ? array_merge($this->def_network_settings, $option) : $this->def_network_settings;
305
+ $this->network_settings = new ArrayObject($option);
306
+
307
+ // Network data
308
+ $option = get_site_option($this->option_prefix.'_network_data');
309
+ $option = is_array($option) ? array_merge($this->def_network_data, $option) : $this->def_network_data;
310
+ $this->network_data = new ArrayObject($option);
311
+
312
+ foreach($options as $option_name){
313
+
314
+ $option = get_option($this->option_prefix.'_'.$option_name);
315
+
316
+ // Setting default options
317
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_settings'){
318
+ $option = is_array($option) ? array_merge($this->def_settings, $option) : $this->def_settings;
319
+ }
320
+
321
+ // Setting default data
322
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_data'){
323
+ $option = is_array($option) ? array_merge($this->def_data, $option) : $this->def_data;
324
+ // Generate salt
325
+ $option['salt'] = empty($option['salt'])
326
+ ? str_pad(rand(0, getrandmax()), 6, '0').str_pad(rand(0, getrandmax()), 6, '0')
327
+ : $option['salt'];
328
+ }
329
+
330
+ // Setting default errors
331
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_errors'){
332
+ $option = $option ? $option : array();
333
+ }
334
+
335
+ // Default remote calls
336
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_remote_calls'){
337
+ $option = is_array($option) ? array_merge($this->def_remote_calls, $option) : $this->def_remote_calls;
338
+ }
339
+
340
+ // Default statistics
341
+ if($this->option_prefix.'_'.$option_name === 'cleantalk_stats'){
342
+ $option = is_array($option) ? array_merge($this->def_stats, $option) : $this->def_stats;
343
+ }
344
+
345
+ $this->$option_name = is_array($option) ? new ArrayObject($option) : $option;
346
+ }
347
+ }
348
+
349
+ /**
350
+ * Get specified option from database
351
+ *
352
+ * @param string $option_name
353
+ */
354
+ private function getOption($option_name)
355
+ {
356
+ $option = get_option('cleantalk_'.$option_name, null);
357
+
358
+ $this->$option_name = gettype($option) === 'array'
359
+ ? new ArrayObject($option)
360
+ : $option;
361
+ }
362
+
363
+ /**
364
+ * Save option to database
365
+ *
366
+ * @param string $option_name
367
+ * @param bool $use_prefix
368
+ * @param bool $autoload Use autoload flag?
369
+ */
370
+ public function save($option_name, $use_prefix = true, $autoload = true)
371
+ {
372
+ $option_name_to_save = $use_prefix ? $this->option_prefix . '_' . $option_name : $option_name;
373
+ $arr = array();
374
+ foreach($this->$option_name as $key => $value){
375
+ $arr[$key] = $value;
376
+ }
377
+ update_option($option_name_to_save, $arr, $autoload);
378
+ }
379
+
380
+ /**
381
+ * Save PREFIX_setting to DB.
382
+ */
383
+ public function saveSettings()
384
+ {
385
+ update_option($this->option_prefix.'_settings', (array)$this->settings);
386
+ }
387
+
388
+ /**
389
+ * Save PREFIX_data to DB.
390
+ */
391
+ public function saveData()
392
+ {
393
+ update_option($this->option_prefix.'_data', (array)$this->data);
394
+ }
395
+
396
+ /**
397
+ * Save PREFIX_error to DB.
398
+ */
399
+ public function saveErrors()
400
+ {
401
+ update_option($this->option_prefix.'_errors', (array)$this->errors);
402
+ }
403
+
404
+ /**
405
+ * Save PREFIX_network_data to DB.
406
+ */
407
+ public function saveNetworkData()
408
+ {
409
+ update_site_option($this->option_prefix.'_network_data', $this->network_data);
410
+ }
411
+
412
+ /**
413
+ * Save PREFIX_network_data to DB.
414
+ */
415
+ public function saveNetworkSettings()
416
+ {
417
+ update_site_option($this->option_prefix.'_network_settings', $this->network_settings);
418
+ }
419
+
420
+ /**
421
+ * Unset and delete option from DB.
422
+ *
423
+ * @param string $option_name
424
+ * @param bool $use_prefix
425
+ */
426
+ public function deleteOption($option_name, $use_prefix = false)
427
+ {
428
+ if($this->__isset($option_name)){
429
+ $this->__unset($option_name);
430
+ delete_option( ($use_prefix ? $this->option_prefix.'_' : '') . $option_name);
431
+ }
432
+ }
433
+
434
+ /**
435
+ * Prepares an adds an error to the plugin's data
436
+ *
437
+ * @param string $type Error type/subtype
438
+ * @param string|array $error Error
439
+ * @param string $major_type Error major type
440
+ * @param bool $set_time Do we need to set time of this error
441
+ *
442
+ * @returns null
443
+ */
444
+ public function error_add($type, $error, $major_type = null, $set_time = true)
445
+ {
446
+ $error = is_array($error)
447
+ ? $error['error']
448
+ : $error;
449
+
450
+ // Exceptions
451
+ if( ($type == 'send_logs' && $error == 'NO_LOGS_TO_SEND') ||
452
+ ($type == 'send_firewall_logs' && $error == 'NO_LOGS_TO_SEND') ||
453
+ $error == 'LOG_FILE_NOT_EXISTS'
454
+ )
455
+ return;
456
+
457
+ $error = array(
458
+ 'error' => $error,
459
+ 'error_time' => $set_time ? current_time('timestamp') : null,
460
+ );
461
+
462
+ if(!empty($major_type)){
463
+ $this->errors[$major_type][$type] = $error;
464
+ }else{
465
+ $this->errors[$type] = $error;
466
+ }
467
+
468
+ $this->saveErrors();
469
+ }
470
+
471
+ /**
472
+ * Deletes an error from the plugin's data
473
+ *
474
+ * @param array|string $type Error type to delete
475
+ * @param bool $save_flag Do we need to save data after error was deleted
476
+ * @param string $major_type Error major type to delete
477
+ *
478
+ * @returns null
479
+ */
480
+ public function error_delete($type, $save_flag = false, $major_type = null)
481
+ {
482
+ /** @noinspection DuplicatedCode */
483
+ if(is_string($type))
484
+ $type = explode(' ', $type);
485
+
486
+ foreach($type as $val){
487
+ if($major_type){
488
+ if(isset($this->errors[$major_type][$val]))
489
+ unset($this->errors[$major_type][$val]);
490
+ }else{
491
+ if(isset($this->errors[$val]))
492
+ unset($this->errors[$val]);
493
+ }
494
+ }
495
+
496
+ // Save if flag is set and there are changes
497
+ if($save_flag)
498
+ $this->saveErrors();
499
+ }
500
+
501
+ /**
502
+ * Deletes all errors from the plugin's data
503
+ *
504
+ * @param bool $save_flag Do we need to save data after all errors was deleted
505
+ *
506
+ * @returns null
507
+ */
508
+ public function error_delete_all($save_flag = false)
509
+ {
510
+ $this->errors = array();
511
+ if($save_flag)
512
+ $this->saveErrors();
513
+ }
514
+
515
+ /**
516
+ * Magic.
517
+ * Add new variables to storage[NEW_VARIABLE]
518
+ * And duplicates it in storage['data'][NEW_VARIABLE]
519
+ *
520
+ * @param string $name
521
+ * @param mixed $value
522
+ */
523
+ public function __set($name, $value)
524
+ {
525
+ $this->storage[$name] = $value;
526
+ if(isset($this->storage['data'][$name])){
527
+ $this->storage['data'][$name] = $value;
528
+ }
529
+ }
530
+
531
+ /**
532
+ * Magic.
533
+ * Search and get param from: storage, data, api_key, database
534
+ *
535
+ * @param $name
536
+ *
537
+ * @return mixed
538
+ */
539
+ public function __get($name)
540
+ {
541
+ // First check in storage
542
+ if (isset($this->storage[$name])){
543
+ return $this->storage[$name];
544
+
545
+ // Then in data
546
+ }elseif(isset($this->storage['data'][$name])){
547
+ $this->$name = $this->storage['data'][$name];
548
+ return $this->storage['data'][$name];
549
+
550
+ // Otherwise try to get it from db settings table
551
+ // it will be arrayObject || scalar || null
552
+ }else{
553
+ $this->getOption($name);
554
+ return $this->storage[$name];
555
+ }
556
+
557
+ }
558
+
559
+ public function __isset($name)
560
+ {
561
+ return isset($this->storage[$name]);
562
+ }
563
+
564
+ public function __unset($name)
565
+ {
566
+ unset($this->storage[$name]);
567
+ }
568
+
569
+ public function server(){
570
+ return \Cleantalk\Variables\Server::getInstance();
571
+ }
572
+ public function cookie(){
573
+ return \Cleantalk\Variables\Cookie::getInstance();
574
+ }
575
+ public function request(){
576
+ return \Cleantalk\Variables\Request::getInstance();
577
+ }
578
+ public function post(){
579
+ return \Cleantalk\Variables\Post::getInstance();
580
+ }
581
+ public function get(){
582
+ return \Cleantalk\Variables\Get::getInstance();
583
+ }
584
+ }
lib/Cleantalk/Common/Helper.php CHANGED
@@ -53,6 +53,8 @@ class Helper
53
  'apix1.cleantalk.org' => '35.158.52.161',
54
  'apix2.cleantalk.org' => '18.206.49.217',
55
  'apix3.cleantalk.org' => '3.18.23.246',
 
 
56
  //ns
57
  'netserv2.cleantalk.org' => '178.63.60.214',
58
  'netserv3.cleantalk.org' => '188.40.14.173',
@@ -139,9 +141,9 @@ class Helper
139
 
140
  // OVH
141
  }elseif(isset($headers['X-Cdn-Any-Ip'], $headers['Remote-Ip'])){
142
- $ip_type = self::ip__validate($headers['X-Cdn-Any-Ip']);
143
  if($ip_type)
144
- $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['X-Cdn-Any-Ip']) : $headers['X-Cdn-Any-Ip'];
145
 
146
  // Incapsula proxy
147
  }elseif(isset($headers['Incap-Client-Ip'])){
@@ -755,7 +757,8 @@ class Helper
755
  */
756
  static function get_mime_type( $data, $type = '' )
757
  {
758
- if( @file_exists( $data )){
 
759
  $type = mime_content_type( $data );
760
  }elseif( function_exists('finfo_open' ) ){
761
  $finfo = finfo_open(FILEINFO_MIME_TYPE);
53
  'apix1.cleantalk.org' => '35.158.52.161',
54
  'apix2.cleantalk.org' => '18.206.49.217',
55
  'apix3.cleantalk.org' => '3.18.23.246',
56
+ 'apix4.cleantalk.org' => '44.227.90.42',
57
+ 'apix5.cleantalk.org' => '15.188.198.212',
58
  //ns
59
  'netserv2.cleantalk.org' => '178.63.60.214',
60
  'netserv3.cleantalk.org' => '188.40.14.173',
141
 
142
  // OVH
143
  }elseif(isset($headers['X-Cdn-Any-Ip'], $headers['Remote-Ip'])){
144
+ $ip_type = self::ip__validate($headers['Remote-Ip']);
145
  if($ip_type)
146
+ $ips['real'] = $ip_type == 'v6' ? self::ip__v6_normalize($headers['Remote-Ip']) : $headers['Remote-Ip'];
147
 
148
  // Incapsula proxy
149
  }elseif(isset($headers['Incap-Client-Ip'])){
757
  */
758
  static function get_mime_type( $data, $type = '' )
759
  {
760
+ $data = str_replace( chr(0), '', $data ); // Clean input of null bytes
761
+ if( ! empty( $data ) && @file_exists( $data )){
762
  $type = mime_content_type( $data );
763
  }elseif( function_exists('finfo_open' ) ){
764
  $finfo = finfo_open(FILEINFO_MIME_TYPE);
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: spam, antispam, anti-spam, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.6
6
  Requires PHP: 5.4
7
- Stable tag: 5.150.1
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
@@ -580,6 +580,29 @@ If your website has forms that send data to external sources, you can enable opt
580
 
581
  == Changelog ==
582
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
583
  = 5.150.1 Dec 8 2020 =
584
  * Fix: Jetpack logic fixed.
585
  * Fix: AC UA table structure fixed.
4
  Requires at least: 3.0
5
  Tested up to: 5.6
6
  Requires PHP: 5.4
7
+ Stable tag: 5.151
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
580
 
581
  == Changelog ==
582
 
583
+ = 5.151 Dec 17 2020 =
584
+ * Mod: Cleantalk Alternative Sessions. Store time reduces to 1 day.
585
+ * Fix: Unusable alternative cookies table clearing.
586
+ * Fix: AC UA case insensitive checking fixed.
587
+ * Fix: AC UA enabled by default.
588
+ * Fix: AC UA spelling fixed.
589
+ * Fix: skip ajax mailpoet import users.
590
+ * Fix: Helper::get_mime_type().
591
+ * Fix: Users - spam/not spam icons removed.
592
+ * Fix: Users/Comments - additional button removed.
593
+ * Integration: WP Members integration implemented.
594
+ * Fix: Prevent mod_security protection blocking.
595
+ * Fix: WLM sub site key getting fixed.
596
+ * New: SFW updating through a temporary table.
597
+ * New: UA logging for all FW modules.
598
+ * Fix: Replace clearing table from SFW updating process.
599
+ * Fix: SFW - Unused method removed.
600
+ * Fix: IP detection.
601
+ * Fix: Helper - Clean input of null bytes.
602
+ * Fix: SFW updating - https protocol returned.
603
+ * Fix: SFW updating - truncating temporary table.
604
+ * Fix: SFW updating process percents added.
605
+
606
  = 5.150.1 Dec 8 2020 =
607
  * Fix: Jetpack logic fixed.
608
  * Fix: AC UA table structure fixed.