Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.159.9

Version Description

Jul 15 2021 = * Fix. SFW. Updating cooldown increased up to 15 min. * Fix. Cron. Next call time set by task updating fixed. * Fix. SFW. Reset blacklist array before processing. * Fix. SFW. Some errors handling fixed. * Fix. SFW. Getting update period from dns fixed. * Fix. Ajax. Checking nonce for logged in users fixed.

Download this release

Release Info

Developer glomberg
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.159.9
Comparing to
See all releases

Code changes from version 5.159.8 to 5.159.9

Files changed (11) hide show
  1. cleantalk.php +12 -11
  2. inc/cleantalk-admin.php +85 -20
  3. inc/cleantalk-ajax.php +194 -195
  4. inc/cleantalk-pluggable.php +221 -227
  5. inc/cleantalk-public.php +2 -2
  6. inc/cleantalk-settings.php +13 -23
  7. inc/cleantalk-widget.php +5 -3
  8. lib/Cleantalk/ApbctWP/Ajax.php +30 -2
  9. lib/Cleantalk/ApbctWP/Firewall/SFW.php +5 -1
  10. lib/Cleantalk/Common/Cron.php +11 -8
  11. readme.txt +9 -1
cleantalk.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
- Version: 5.159.8
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
@@ -344,8 +344,8 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
344
 
345
  if(apbct_is_ajax() || isset($_POST['cma-action'])){
346
 
347
- $cleantalk_hooked_actions = array();
348
- $cleantalk_ajax_actions_to_check = array();
349
 
350
  require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public-validate.php');
351
  require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
@@ -367,7 +367,7 @@ if( !defined( 'CLEANTALK_PLUGIN_DIR' ) ){
367
  // if Unknown action or Known action with mandatory check
368
  if( ( ! apbct_is_user_logged_in() || $apbct->settings['data__protect_logged_in'] == 1) &&
369
  isset( $_POST['action'] ) &&
370
- ( ! in_array( $_POST['action'], $cleantalk_hooked_actions ) || in_array( $_POST['action'], $cleantalk_ajax_actions_to_check ) ) &&
371
  ! array_search( $_POST['action'], array_column( $apbct_active_integrations, 'hook' ) )
372
  ){
373
  ct_ajax_hook();
@@ -869,11 +869,11 @@ add_action( 'apbct_sfw_update__init', 'apbct_sfw_update__init' );
869
  function apbct_sfw_update__init( $delay = 0 ){
870
  global $apbct;
871
 
872
- // Prevent start an update if update is already running and started less than 2 minutes ago
873
  if(
874
  ! $apbct->settings['sfw__enabled'] &&
875
  $apbct->fw_stats['firewall_updating_id'] &&
876
- time() - $apbct->fw_stats['firewall_updating_last_start'] < 120
877
  ){
878
  return false;
879
  }
@@ -1076,7 +1076,7 @@ function apbct_sfw_update__process_ua( $multifile_url, $url_count, $current_url,
1076
  $result = AntiCrawler::update( 'https://' . $useragent_url );
1077
 
1078
  if( ! empty( $result['error'] ) ){
1079
- array( 'error' => 'UPDATING UA LIST: ' . $result['error'] );
1080
  }
1081
 
1082
  if( ! is_int( $result ) ){
@@ -1122,7 +1122,7 @@ function apbct_sfw_update__process_file( $multifile_url, $url_count, $current_ur
1122
  );
1123
 
1124
  if( ! empty( $result['error'] ) ){
1125
- array( 'error' => 'PROCESS FILE: ' . $result['error'] );
1126
  }
1127
 
1128
  if( ! is_int( $result ) ){
@@ -1168,7 +1168,7 @@ function apbct_sfw_update__process_exclusions( $multifile_url, $updating_id ){
1168
  );
1169
 
1170
  if( ! empty( $result['error'] ) ){
1171
- array( 'error' => 'EXCLUSIONS: ' . $result['error'] );
1172
  }
1173
 
1174
  if( ! is_int( $result ) ){
@@ -1272,8 +1272,9 @@ function apbct_sfw_update__end_of_update() {
1272
  $apbct->error_delete( 'sfw_update', 'save_settings' );
1273
 
1274
  // Get update period for server
1275
- $update_period = \Cleantalk\Common\DNS::getServerTTL( 'spamfirewall-ttl.cleantalk.org' );
1276
- $update_period = (int)$update_period > 14400 ? (int) $update_period : 14400;
 
1277
  $cron = new Cron();
1278
  $cron->updateTask('sfw_update', 'apbct_sfw_update__init', $update_period );
1279
 
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: https://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6
+ Version: 5.159.9
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: https://cleantalk.org
9
  Text Domain: cleantalk-spam-protect
344
 
345
  if(apbct_is_ajax() || isset($_POST['cma-action'])){
346
 
347
+ $_cleantalk_hooked_actions = array();
348
+ $_cleantalk_ajax_actions_to_check = array();
349
 
350
  require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public-validate.php');
351
  require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
367
  // if Unknown action or Known action with mandatory check
368
  if( ( ! apbct_is_user_logged_in() || $apbct->settings['data__protect_logged_in'] == 1) &&
369
  isset( $_POST['action'] ) &&
370
+ ( ! in_array( $_POST['action'], $_cleantalk_hooked_actions ) || in_array( $_POST['action'], $_cleantalk_ajax_actions_to_check ) ) &&
371
  ! array_search( $_POST['action'], array_column( $apbct_active_integrations, 'hook' ) )
372
  ){
373
  ct_ajax_hook();
869
  function apbct_sfw_update__init( $delay = 0 ){
870
  global $apbct;
871
 
872
+ // Prevent start an update if update is already running and started less than 15 minutes ago
873
  if(
874
  ! $apbct->settings['sfw__enabled'] &&
875
  $apbct->fw_stats['firewall_updating_id'] &&
876
+ time() - $apbct->fw_stats['firewall_updating_last_start'] < 900
877
  ){
878
  return false;
879
  }
1076
  $result = AntiCrawler::update( 'https://' . $useragent_url );
1077
 
1078
  if( ! empty( $result['error'] ) ){
1079
+ return array( 'error' => 'UPDATING UA LIST: ' . $result['error'] );
1080
  }
1081
 
1082
  if( ! is_int( $result ) ){
1122
  );
1123
 
1124
  if( ! empty( $result['error'] ) ){
1125
+ return array( 'error' => 'PROCESS FILE: ' . $result['error'] );
1126
  }
1127
 
1128
  if( ! is_int( $result ) ){
1168
  );
1169
 
1170
  if( ! empty( $result['error'] ) ){
1171
+ return array( 'error' => 'EXCLUSIONS: ' . $result['error'] );
1172
  }
1173
 
1174
  if( ! is_int( $result ) ){
1272
  $apbct->error_delete( 'sfw_update', 'save_settings' );
1273
 
1274
  // Get update period for server
1275
+ $update_period = \Cleantalk\Common\DNS::getRecord( 'spamfirewall-ttl-txt.cleantalk.org', true, DNS_TXT );
1276
+ $update_period = isset( $update_period['txt'] ) ? $update_period['txt'] : 0;
1277
+ $update_period = (int) $update_period > 43200 ? (int) $update_period : 43200;
1278
  $cron = new Cron();
1279
  $cron->updateTask('sfw_update', 'apbct_sfw_update__init', $update_period );
1280
 
inc/cleantalk-admin.php CHANGED
@@ -14,20 +14,34 @@ add_action( 'wp_ajax_apbct_settings__check_renew_banner', 'apbct_settings__check
14
  // Crunch for Anti-Bot
15
  add_action( 'admin_head','apbct_admin_set_cookie_for_anti_bot' );
16
 
 
 
 
 
17
  function apbct_admin_set_cookie_for_anti_bot(){
18
  global $apbct;
19
  echo '<script ' . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . '>var ctSecure = location.protocol === "https:" ? "; secure" : ""; document.cookie = "wordpress_apbct_antibot=' . hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ) . '; path=/; expires=0; samesite=lax" + ctSecure;</script>';
20
  }
21
 
22
- function apbct_add_buttons_to_comments_and_users( $unused_argument ) {
 
 
 
 
 
 
 
23
 
24
  global $apbct;
25
- $current_screen = get_current_screen();
26
 
27
- if( 'users' == $current_screen->base ) {
 
 
 
 
28
  $button_url__check = $current_screen->base . '.php?page=ct_check_users';
29
  $button_description = 'users';
30
- } elseif ( 'edit-comments' == $current_screen->base ) {
31
  $button_url__check = $current_screen->base . '.php?page=ct_check_spam';
32
  $button_description = 'comments';
33
  } else {
@@ -43,7 +57,10 @@ function apbct_add_buttons_to_comments_and_users( $unused_argument ) {
43
 
44
  }
45
 
46
- //Adding widget
 
 
 
47
  function ct_dashboard_statistics_widget() {
48
 
49
  global $apbct;
@@ -57,8 +74,13 @@ function ct_dashboard_statistics_widget() {
57
  }
58
  }
59
 
60
- // Outputs statistics widget content
61
- function ct_dashboard_statistics_widget_output( $post, $callback_args ) {
 
 
 
 
 
62
 
63
  global $apbct, $current_user;
64
 
@@ -169,6 +191,8 @@ function ct_dashboard_statistics_widget_output( $post, $callback_args ) {
169
 
170
  /**
171
  * Admin action 'admin_init' - Add the admin settings and such
 
 
172
  */
173
  function apbct_admin__init(){
174
 
@@ -177,8 +201,7 @@ function apbct_admin__init(){
177
  // Admin bar
178
  $apbct->admin_bar_enabled = $apbct->settings['admin_bar__show'] &&
179
  current_user_can( 'activate_plugins' );
180
-
181
- // ( defined( 'CLEANTALK_SHOW_ADMIN_BAR_FORCE' ) && CLEANTALK_SHOW_ADMIN_BAR_FORCE ) &&
182
  if( $apbct->admin_bar_enabled ){
183
  if(
184
  ! has_action('admin_bar_menu', 'apbct_admin__admin_bar__add_structure' ) &&
@@ -187,8 +210,8 @@ function apbct_admin__init(){
187
  add_action( 'admin_bar_menu', 'apbct_admin__admin_bar__add_structure', 999 );
188
  }
189
 
190
- add_action( 'cleantalk_admin_bar__parent_node__before', 'apbct_admin__admin_bar__prepare_counters' );
191
- add_action( 'cleantalk_admin_bar__add_icon_to_parent_node', 'apbct_admin__admin_bar__prepare_counters' );
192
  // Temporary disable the icon
193
  //add_filter( 'cleantalk_admin_bar__parent_node__before', 'apbct_admin__admin_bar__add_parent_icon', 10, 1 );
194
  add_filter( 'cleantalk_admin_bar__parent_node__after', 'apbct_admin__admin_bar__add_counter', 10, 1 );
@@ -198,7 +221,6 @@ function apbct_admin__init(){
198
  add_filter( 'admin_bar_menu', 'apbct_spbc_admin__admin_bar__add_child_nodes', 1001 );
199
  }
200
  }
201
-
202
 
203
  // Getting dashboard widget statistics
204
  if(!empty($_POST['ct_brief_refresh'])){
@@ -236,9 +258,13 @@ function apbct_admin__init(){
236
 
237
  /**
238
  * Manage links in plugins list
 
 
 
 
239
  * @return array
240
- */
241
- function apbct_admin__plugin_action_links($links, $file) {
242
 
243
  global $apbct;
244
 
@@ -250,8 +276,12 @@ function apbct_admin__plugin_action_links($links, $file) {
250
 
251
  /**
252
  * Manage links and plugins page
 
 
 
 
253
  * @return array
254
- */
255
  function apbct_admin__register_plugin_links($links, $file){
256
 
257
  global $apbct;
@@ -290,7 +320,7 @@ function apbct_admin__register_plugin_links($links, $file){
290
  * Admin action 'admin_enqueue_scripts' - Enqueue admin script of reloading admin page after needed AJAX events
291
  * @param string $hook URL of hooked page
292
  */
293
- function apbct_admin__enqueue_scripts($hook){
294
 
295
  global $apbct;
296
 
@@ -382,6 +412,14 @@ function apbct_admin__enqueue_scripts($hook){
382
 
383
  }
384
 
 
 
 
 
 
 
 
 
385
  function apbct_admin__badge__get_premium($print = true, $out = ''){
386
 
387
  global $apbct;
@@ -403,6 +441,11 @@ function apbct_admin__badge__get_premium($print = true, $out = ''){
403
  return $out;
404
  }
405
 
 
 
 
 
 
406
  function apbct_admin__admin_bar__add_structure( $wp_admin_bar ) {
407
 
408
  global $spbc, $apbct;
@@ -782,7 +825,14 @@ function apbct_comment__unmark_red($message) {
782
  return $message;
783
  }
784
 
785
- // Ajax action feedback form comments page.
 
 
 
 
 
 
 
786
  function apbct_comment__send_feedback($comment_id = null, $comment_status = null, $change_status = false, $direct_call = null){
787
 
788
  // For AJAX call
@@ -833,7 +883,13 @@ function apbct_comment__send_feedback($comment_id = null, $comment_status = null
833
  }
834
  }
835
 
836
- // Ajax action feedback form user page.
 
 
 
 
 
 
837
  function apbct_user__send_feedback($user_id = null, $status = null, $direct_call = null){
838
 
839
  check_ajax_referer('ct_secret_nonce', 'security');
@@ -869,9 +925,13 @@ function apbct_user__send_feedback($user_id = null, $status = null, $direct_call
869
 
870
  /**
871
  * Send feedback when user deleted
872
- * @return null
 
 
 
 
873
  */
874
- function apbct_user__delete__hook($user_id, $reassign = null){
875
 
876
  $hash = get_user_meta($user_id, 'ct_hash', true);
877
  if ($hash !== '') {
@@ -879,6 +939,11 @@ function apbct_user__delete__hook($user_id, $reassign = null){
879
  }
880
  }
881
 
 
 
 
 
 
882
  function apbct_test_connection(){
883
 
884
  $url_to_test = array(
14
  // Crunch for Anti-Bot
15
  add_action( 'admin_head','apbct_admin_set_cookie_for_anti_bot' );
16
 
17
+ /**
18
+ * Crunch for Anti-Bot
19
+ * Hooked by 'admin_head'
20
+ */
21
  function apbct_admin_set_cookie_for_anti_bot(){
22
  global $apbct;
23
  echo '<script ' . ( class_exists('Cookiebot_WP') ? 'data-cookieconsent="ignore"' : '' ) . '>var ctSecure = location.protocol === "https:" ? "; secure" : ""; document.cookie = "wordpress_apbct_antibot=' . hash( 'sha256', $apbct->api_key . $apbct->data['salt'] ) . '; path=/; expires=0; samesite=lax" + ctSecure;</script>';
24
  }
25
 
26
+
27
+ /**
28
+ * Add buttons to comments list table
29
+ * Hooked by 'manage_comments_nav' and 'manage_users_extra_tablenav'
30
+ *
31
+ * @param $_unused_argument
32
+ */
33
+ function apbct_add_buttons_to_comments_and_users( $_unused_argument ) {
34
 
35
  global $apbct;
 
36
 
37
+ if( is_null( $current_screen = get_current_screen() ) ) {
38
+ return;
39
+ }
40
+
41
+ if( 'users' === $current_screen->base ) {
42
  $button_url__check = $current_screen->base . '.php?page=ct_check_users';
43
  $button_description = 'users';
44
+ } elseif ( 'edit-comments' === $current_screen->base ) {
45
  $button_url__check = $current_screen->base . '.php?page=ct_check_spam';
46
  $button_description = 'comments';
47
  } else {
57
 
58
  }
59
 
60
+ /**
61
+ * Adding widget
62
+ * Hooked by 'wp_dashboard_setup'
63
+ */
64
  function ct_dashboard_statistics_widget() {
65
 
66
  global $apbct;
74
  }
75
  }
76
 
77
+ /**
78
+ * Outputs statistics widget content
79
+ *
80
+ * @param $_post
81
+ * @param $_callback_args
82
+ */
83
+ function ct_dashboard_statistics_widget_output( $_post, $_callback_args ) {
84
 
85
  global $apbct, $current_user;
86
 
191
 
192
  /**
193
  * Admin action 'admin_init' - Add the admin settings and such
194
+ *
195
+ * @psalm-suppress UndefinedFunction
196
  */
197
  function apbct_admin__init(){
198
 
201
  // Admin bar
202
  $apbct->admin_bar_enabled = $apbct->settings['admin_bar__show'] &&
203
  current_user_can( 'activate_plugins' );
204
+
 
205
  if( $apbct->admin_bar_enabled ){
206
  if(
207
  ! has_action('admin_bar_menu', 'apbct_admin__admin_bar__add_structure' ) &&
210
  add_action( 'admin_bar_menu', 'apbct_admin__admin_bar__add_structure', 999 );
211
  }
212
 
213
+ add_filter( 'cleantalk_admin_bar__parent_node__before', 'apbct_admin__admin_bar__prepare_counters' );
214
+ add_filter( 'cleantalk_admin_bar__add_icon_to_parent_node', 'apbct_admin__admin_bar__prepare_counters' );
215
  // Temporary disable the icon
216
  //add_filter( 'cleantalk_admin_bar__parent_node__before', 'apbct_admin__admin_bar__add_parent_icon', 10, 1 );
217
  add_filter( 'cleantalk_admin_bar__parent_node__after', 'apbct_admin__admin_bar__add_counter', 10, 1 );
221
  add_filter( 'admin_bar_menu', 'apbct_spbc_admin__admin_bar__add_child_nodes', 1001 );
222
  }
223
  }
 
224
 
225
  // Getting dashboard widget statistics
226
  if(!empty($_POST['ct_brief_refresh'])){
258
 
259
  /**
260
  * Manage links in plugins list
261
+ *
262
+ * @param $links
263
+ * @param $_file
264
+ *
265
  * @return array
266
+ */
267
+ function apbct_admin__plugin_action_links($links, $_file) {
268
 
269
  global $apbct;
270
 
276
 
277
  /**
278
  * Manage links and plugins page
279
+ *
280
+ * @param $links
281
+ * @param $file
282
+ *
283
  * @return array
284
+ */
285
  function apbct_admin__register_plugin_links($links, $file){
286
 
287
  global $apbct;
320
  * Admin action 'admin_enqueue_scripts' - Enqueue admin script of reloading admin page after needed AJAX events
321
  * @param string $hook URL of hooked page
322
  */
323
+ function apbct_admin__enqueue_scripts( $hook ){
324
 
325
  global $apbct;
326
 
412
 
413
  }
414
 
415
+ /**
416
+ * Premium badge layout
417
+ *
418
+ * @param bool $print
419
+ * @param string $out
420
+ *
421
+ * @return null|string
422
+ */
423
  function apbct_admin__badge__get_premium($print = true, $out = ''){
424
 
425
  global $apbct;
441
  return $out;
442
  }
443
 
444
+ /**
445
+ * Admin bar logic
446
+ *
447
+ * @param $wp_admin_bar
448
+ */
449
  function apbct_admin__admin_bar__add_structure( $wp_admin_bar ) {
450
 
451
  global $spbc, $apbct;
825
  return $message;
826
  }
827
 
828
+ /**
829
+ * Ajax action feedback form comments page.
830
+ *
831
+ * @param null $comment_id
832
+ * @param null $comment_status
833
+ * @param bool $change_status
834
+ * @param null $direct_call
835
+ */
836
  function apbct_comment__send_feedback($comment_id = null, $comment_status = null, $change_status = false, $direct_call = null){
837
 
838
  // For AJAX call
883
  }
884
  }
885
 
886
+ /**
887
+ * Ajax action feedback form user page.
888
+ *
889
+ * @param null $user_id
890
+ * @param null $status
891
+ * @param null $direct_call
892
+ */
893
  function apbct_user__send_feedback($user_id = null, $status = null, $direct_call = null){
894
 
895
  check_ajax_referer('ct_secret_nonce', 'security');
925
 
926
  /**
927
  * Send feedback when user deleted
928
+ *
929
+ * @param $user_id
930
+ * @param null $_reassign
931
+ *
932
+ * @return null
933
  */
934
+ function apbct_user__delete__hook($user_id, $_reassign = null){
935
 
936
  $hash = get_user_meta($user_id, 'ct_hash', true);
937
  if ($hash !== '') {
939
  }
940
  }
941
 
942
+ /**
943
+ * Check connection to the API servers
944
+ *
945
+ * @return mixed
946
+ */
947
  function apbct_test_connection(){
948
 
949
  $url_to_test = array(
inc/cleantalk-ajax.php CHANGED
@@ -1,22 +1,16 @@
1
  <?php
2
- global $cleantalk_hooked_actions;
3
-
4
  /*
5
  AJAX functions
6
  */
7
 
8
- //$cleantalk_ajax_actions_to_check - array for POST 'actions' we should check.
9
-
10
  use Cleantalk\Variables\Post;
11
 
12
- $cleantalk_ajax_actions_to_check[] = 'qcf_validate_form'; //Quick Contact Form
13
- $cleantalk_ajax_actions_to_check[] = 'amoforms_submit'; //amoForms
14
-
15
- //cleantalk_hooked_actions[] - array for POST 'actions' which were direct hooked.
16
 
17
- $cleantalk_hooked_actions[] = 'rwp_ajax_action_rating'; //Don't check Reviewer plugin
18
 
19
- $cleantalk_hooked_actions[] = 'ct_feedback_comment';
20
 
21
  /* MailChimp Premium*/
22
  add_filter('mc4wp_form_errors', 'ct_mc4wp_ajax_hook');
@@ -28,90 +22,70 @@ add_filter('un_validate_feedback', 'ct_ajax_hook', 1, 2);
28
  /*hooks for AJAX Login & Register email validation*/
29
  add_action( 'wp_ajax_nopriv_validate_email', 'ct_validate_email_ajaxlogin',1 );
30
  add_action( 'wp_ajax_validate_email', 'ct_validate_email_ajaxlogin',1 );
31
- $cleantalk_hooked_actions[]='validate_email';
32
 
33
  /*hooks for user registration*/
34
  add_action( 'user_register', 'ct_user_register_ajaxlogin',1 );
35
 
36
  /*hooks for WPUF pro */
37
- //add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
38
- //add_action( 'wp_ajax_wpuf_submit_register', 'ct_wpuf_submit_register',1 );
39
  add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_ajax_hook',1 );
40
  add_action( 'wp_ajax_wpuf_submit_register', 'ct_ajax_hook',1 );
41
- $cleantalk_hooked_actions[]='submit_register';
42
 
43
  /*hooks for MyMail */
44
- //add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_mymail_form_submit',1 );
45
- //add_action( 'wp_ajax_mymail_form_submit', 'ct_mymail_form_submit',1 );
46
  add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_ajax_hook',1 );
47
  add_action( 'wp_ajax_mymail_form_submit', 'ct_ajax_hook',1 );
48
- $cleantalk_hooked_actions[]='form_submit';
49
 
50
  /*hooks for MailPoet */
51
- //add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_wysija_ajax',1 );
52
- //add_action( 'wp_ajax_wysija_ajax', 'ct_wysija_ajax',1 );
53
  add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_ajax_hook',1 );
54
  add_action( 'wp_ajax_wysija_ajax', 'ct_ajax_hook',1 );
55
- $cleantalk_hooked_actions[]='wysija_ajax';
56
 
57
  /*hooks for cs_registration_validation */
58
- //add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_cs_registration_validation',1 );
59
- //add_action( 'wp_ajax_cs_registration_validation', 'ct_cs_registration_validation',1 );
60
  add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_ajax_hook',1 );
61
  add_action( 'wp_ajax_cs_registration_validation', 'ct_ajax_hook',1 );
62
- $cleantalk_hooked_actions[]='cs_registration_validation';
63
 
64
  /*hooks for send_message and request_appointment */
65
- //add_action( 'wp_ajax_nopriv_send_message', 'ct_sm_ra',1 );
66
- //add_action( 'wp_ajax_send_message', 'ct_sm_ra',1 );
67
- //add_action( 'wp_ajax_nopriv_request_appointment', 'ct_sm_ra',1 );
68
- //add_action( 'wp_ajax_request_appointment', 'ct_sm_ra',1 );
69
  add_action( 'wp_ajax_nopriv_send_message', 'ct_ajax_hook',1 );
70
  add_action( 'wp_ajax_send_message', 'ct_ajax_hook',1 );
71
  add_action( 'wp_ajax_nopriv_request_appointment', 'ct_ajax_hook',1 );
72
  add_action( 'wp_ajax_request_appointment', 'ct_ajax_hook',1 );
73
- $cleantalk_hooked_actions[]='send_message';
74
- $cleantalk_hooked_actions[]='request_appointment';
75
 
76
  /*hooks for zn_do_login */
77
- //add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_zn_do_login',1 );
78
- //add_action( 'wp_ajax_zn_do_login', 'ct_zn_do_login',1 );
79
  add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_ajax_hook',1 );
80
  add_action( 'wp_ajax_zn_do_login', 'ct_ajax_hook',1 );
81
- $cleantalk_hooked_actions[]='zn_do_login';
82
 
83
  /*hooks for zn_do_login */
84
- //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_cscf_submitform',1 );
85
- //add_action( 'wp_ajax_cscf-submitform', 'ct_cscf_submitform',1 );
86
- if(isset($_POST['action']) && $_POST['action'] == 'cscf-submitform'){
87
  add_filter('preprocess_comment', 'ct_ajax_hook', 1);
88
- //add_action( 'wp_ajax_nopriv_cscf-submitform', 'ct_ajax_hook',1 );
89
- //add_action( 'wp_ajax_cscf-submitform', 'ct_ajax_hook',1 );
90
- $cleantalk_hooked_actions[]='cscf-submitform';
91
  }
92
 
93
 
94
  /*hooks for visual form builder */
95
- //add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_vfb_submit',1 );
96
- //add_action( 'wp_ajax_vfb_submit', 'ct_vfb_submit',1 );
97
  add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_ajax_hook',1 );
98
  add_action( 'wp_ajax_vfb_submit', 'ct_ajax_hook',1 );
99
- $cleantalk_hooked_actions[]='vfb_submit';
100
 
101
  /*hooks for woocommerce_checkout*/
102
  add_action( 'wp_ajax_nopriv_woocommerce_checkout', 'ct_ajax_hook',1 );
103
  add_action( 'wp_ajax_woocommerce_checkout', 'ct_ajax_hook',1 );
104
- $cleantalk_hooked_actions[]='woocommerce_checkout';
105
- $cleantalk_hooked_actions[]='wcfm_ajax_controller';
106
 
107
  /*hooks for frm_action*/
108
  add_action( 'wp_ajax_nopriv_frm_entries_create', 'ct_ajax_hook',1 );
109
  add_action( 'wp_ajax_frm_entries_create', 'ct_ajax_hook',1 );
110
- $cleantalk_hooked_actions[]='frm_entries_create';
111
 
112
  add_action( 'wp_ajax_nopriv_td_mod_register', 'ct_ajax_hook',1 );
113
  add_action( 'wp_ajax_td_mod_register', 'ct_ajax_hook',1 );
114
- $cleantalk_hooked_actions[]='td_mod_register';
115
 
116
  /*hooks for tevolution theme*/
117
  add_action( 'wp_ajax_nopriv_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
@@ -120,46 +94,51 @@ add_action( 'wp_ajax_nopriv_tevolution_submit_from_preview', 'ct_ajax_hook',1 )
120
  add_action( 'wp_ajax_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
121
  add_action( 'wp_ajax_nopriv_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
122
  add_action( 'wp_ajax_tmpl_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
123
- $cleantalk_hooked_actions[]='tmpl_ajax_check_user_email';
124
- $cleantalk_hooked_actions[]='tevolution_submit_from_preview';
125
- $cleantalk_hooked_actions[]='submit_form_recaptcha_validation';
126
 
127
  /* hooks for contact forms by web settler ajax*/
128
  add_action( 'wp_ajax_nopriv_smuzform-storage', 'ct_ajax_hook',1 );
129
- $cleantalk_hooked_actions[]='smuzform_form_submit';
130
 
131
  /* hooks for reviewer plugin*/
132
  add_action( 'wp_ajax_nopriv_rwp_ajax_action_rating', 'ct_ajax_hook',1 );
133
- $cleantalk_hooked_actions[]='rwp-submit-wrap';
134
 
135
- $cleantalk_hooked_actions[]='post_update';
136
 
137
  /* Ninja Forms hoocked actions */
138
- $cleantalk_hooked_actions[]='ninja_forms_ajax_submit';
139
- $cleantalk_hooked_actions[]='nf_ajax_submit';
140
- $cleantalk_hooked_actions[]='ninja_forms_process'; // Depricated ?
141
 
142
  /* Follow-Up Emails */
143
- $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
144
 
145
  /* Follow-Up Emails */
146
- $cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
147
 
148
  /* The Fluent Form have the direct integration */
149
- $cleantalk_hooked_actions[] = 'fluentform_submit';
150
 
151
  /* Estimation Forms have the direct integration */
152
  if( class_exists('LFB_Core') ) {
153
- $cleantalk_hooked_actions[] = 'send_email';
154
  }
155
 
156
- function ct_validate_email_ajaxlogin($email=null, $is_ajax=true){
 
 
 
 
 
157
 
158
  $email = is_null( $email ) ? $email : $_POST['email'];
159
  $email = sanitize_email($email);
160
- $is_good = !filter_var($email, FILTER_VALIDATE_EMAIL) || email_exists($email) ? false : true;
161
 
162
- if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='validate_email'){
163
 
164
  $checkjs = apbct_js_test('ct_checkjs', $_POST);
165
  $sender_info['post_checkjs_passed'] = $checkjs;
@@ -205,9 +184,16 @@ function ct_validate_email_ajaxlogin($email=null, $is_ajax=true){
205
  wp_die();
206
  }
207
 
208
- function ct_user_register_ajaxlogin($user_id)
 
 
 
 
 
 
 
209
  {
210
- if(class_exists('AjaxLogin')&&isset($_POST['action'])&&$_POST['action']=='register_submit')
211
  {
212
 
213
  $checkjs = apbct_js_test('ct_checkjs', $_POST);
@@ -242,7 +228,9 @@ function ct_user_register_ajaxlogin($user_id)
242
  * Hook into MailChimp for WordPress `mc4wp_form_errors` filter.
243
  *
244
  * @param array $errors
 
245
  * @return array
 
246
  */
247
  function ct_mc4wp_ajax_hook( array $errors )
248
  {
@@ -256,13 +244,22 @@ function ct_mc4wp_ajax_hook( array $errors )
256
  return $errors;
257
  }
258
 
259
- function ct_ajax_hook($message_obj = false, $additional = false)
 
 
 
 
 
 
 
 
 
260
  {
261
- global $apbct, $current_user;
262
 
263
- $message_obj = (array)$message_obj;
264
 
265
- // Get current_user and set it globaly
266
  apbct_wp_set_current_user($current_user instanceof WP_User ? $current_user : apbct_wp_get_current_user() );
267
 
268
  // $_REQUEST['action'] to skip. Go out because of not spam data
@@ -329,7 +326,8 @@ function ct_ajax_hook($message_obj = false, $additional = false)
329
  'apbct_email_check_before_post', //Interal request
330
  /* !! Do not add actions here. Use apbct_is_skip_request() function below !! */
331
  );
332
-
 
333
  // Skip test if
334
  if( !$apbct->settings['forms__general_contact_forms_test'] || // Test disabled
335
  !apbct_is_user_enable($apbct->user) || // User is admin, editor, author
@@ -340,15 +338,15 @@ function ct_ajax_hook($message_obj = false, $additional = false)
340
  (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
341
  isset($_POST['quform_submit']) || //QForms multi-paged form skip
342
  // QAEngine Theme fix
343
- ( strval(current_filter()) != 'et_pre_insert_answer' &&
344
- (
345
- (isset($message_obj['author']) && intval($message_obj['author']) == 0) ||
346
- (isset($message_obj['post_author']) && intval($message_obj['post_author']) == 0)
347
  )
348
  ) ||
349
- (isset($_POST['action'], $_POST['arm_action']) && $_POST['action'] == 'arm_shortcode_form_ajax_action' && $_POST['arm_action'] == 'please-login') || //arm forms skip login
350
- ( isset($_POST['action']) && $_POST['action'] == 'erf_login_user' && in_array( 'easy-registration-forms/erforms.php', apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) || //Easy Registration Forms login form skip
351
- (isset($_POST['action'], $_POST['endpoint'], $_POST['method']) && $_POST['action'] == 'mailpoet' && $_POST['endpoint'] == 'ImportExport' && $_POST['method'] == 'processImport') //Mailpoet import
352
  )
353
  {
354
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
@@ -365,16 +363,11 @@ function ct_ajax_hook($message_obj = false, $additional = false)
365
  'comment_type' => 'feedback_ajax',
366
  'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ), // Page URL must be an previous page
367
  );
368
- if( \Cleantalk\Variables\Post::get('action') == 'cleantalk_force_ajax_check' ) {
369
  $post_info['comment_type'] = 'feedback_ajax_external_form';
370
  }
371
 
372
  $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true);
373
-
374
- if(isset($_POST['user_login']))
375
- $sender_nickname = $_POST['user_login'];
376
- else
377
- $sender_nickname = '';
378
 
379
  //QAEngine Theme answers
380
  if( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
@@ -387,37 +380,37 @@ function ct_ajax_hook($message_obj = false, $additional = false)
387
  }
388
 
389
  //CSCF fix
390
- if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform'){
391
  $ct_post_temp[] = $message_obj['comment_author'];
392
  $ct_post_temp[] = $message_obj['comment_author_email'];
393
  $ct_post_temp[] = $message_obj['comment_content'];
394
  }
395
 
396
  //??? fix
397
- if(isset($_POST['action'], $_POST['target']) && ($_POST['action']=='request_appointment'||$_POST['action']=='send_message')){
398
  $ct_post_temp=$_POST;
399
  $ct_post_temp['target']=1;
400
  }
401
 
402
  //UserPro fix
403
- if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register'){
404
  $ct_post_temp = $_POST;
405
  $ct_post_temp['shortcode'] = '';
406
  }
407
  //Pre-filled form 426869223
408
- if (isset($_POST['action'], $_POST['response-email-address'], $_POST['response-email-sender-address']) && $_POST['action'] == 'contact-owner:send') {
409
  unset($_POST['response-email-address']);
410
  unset($_POST['response-email-sender-address']);
411
  }
412
  //Reviewer fix
413
- if(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
414
  {
415
  $ct_post_temp['name'] = $_POST['user_name'];
416
  $ct_post_temp['email'] = $_POST['user_email'];
417
  $ct_post_temp['comment'] = $_POST['comment'];
418
  }
419
  //Woocommerce checkout
420
- if( \Cleantalk\Variables\Post::get( 'action' ) == 'woocommerce_checkout' || \Cleantalk\Variables\Post::get( 'action' ) == 'save_data' ){
421
  $post_info['comment_type'] = 'order';
422
  if( empty( $apbct->settings['forms__wc_checkout_test'] ) ){
423
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
@@ -425,10 +418,10 @@ function ct_ajax_hook($message_obj = false, $additional = false)
425
  }
426
  }
427
  //Easy Forms for Mailchimp
428
- if( \Cleantalk\Variables\Post::get('action') == 'process_form_submission' ){
429
  $post_info['comment_type'] = 'contact_enquire_wordpress_easy_forms_for_mailchimp';
430
- if( \Cleantalk\Variables\Post::get('form_data') ) {
431
- $form_data = explode( '&', urldecode( \Cleantalk\Variables\Post::get('form_data') ) );
432
  $form_data_arr = array();
433
  foreach ( $form_data as $val ) {
434
  $form_data_element = explode( '=', $val );
@@ -440,9 +433,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
440
  $ct_post_temp['nickname'] = $form_data_arr['FNAME'];
441
  }
442
  }
443
- if (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
444
  $ct_post_temp = $_POST;
445
- foreach ($ct_post_temp as $key => $value) {
446
  if (preg_match('/form_data_\d_name/', $key))
447
  unset($ct_post_temp[$key]);
448
  }
@@ -452,30 +445,29 @@ function ct_ajax_hook($message_obj = false, $additional = false)
452
  ? ct_get_fields_any($ct_post_temp)
453
  : ct_get_fields_any($_POST);
454
 
455
- $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
456
- $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
457
- $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
458
- $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
459
- $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
460
- if($subject != '') {
461
  $message['subject'] = $subject;
462
  }
463
 
464
  // Skip submission if no data found
465
- if ($sender_email === ''|| !$contact_form) {
466
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
467
  return false;
468
  }
469
-
470
 
471
  // Mailpoet fix
472
- if (isset($message['wysijaData'], $message['wysijaplugin'], $message['task'], $message['controller']) && $message['wysijaplugin'] == 'wysija-newsletters' && $message['controller'] == 'campaigns') {
473
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
474
  return false;
475
  }
476
 
477
  // Mailpoet3 admin skip fix
478
- if (isset($_POST['action'], $_POST['method']) && $_POST['action'] == 'mailpoet' && $_POST['method'] =='save') {
479
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
480
  return false;
481
  }
@@ -483,12 +475,12 @@ function ct_ajax_hook($message_obj = false, $additional = false)
483
 
484
  // WP Foto Vote Fix
485
  if (!empty($_FILES)){
486
- foreach($message as $key => $value){
487
  if(strpos($key, 'oje') !== false) {
488
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
489
  return false;
490
  }
491
- } unset($key ,$value);
492
  }
493
 
494
  /**
@@ -496,17 +488,16 @@ function ct_ajax_hook($message_obj = false, $additional = false)
496
  */
497
  // Detect contact form an set it's name to $contact_form to use later
498
  $contact_form = null;
499
- foreach($_POST as $param => $value){
500
  if(strpos($param, 'et_pb_contactform_submit') === 0){
501
  $contact_form = 'contact_form_divi_theme';
502
- $contact_form_additional = str_replace($param, '', $param);
503
  }
504
  if(strpos($param, 'avia_generated_form') === 0){
505
  $contact_form = 'contact_form_enfold_theme';
506
- $contact_form_additional = str_replace('avia_generated_form', '', $param);
507
  }
508
- if(!empty($contact_form))
509
  break;
 
510
  }
511
 
512
  $base_call_result = apbct_base_call(
@@ -523,85 +514,84 @@ function ct_ajax_hook($message_obj = false, $additional = false)
523
 
524
  if ($ct_result->allow == 0)
525
  {
526
- if(isset($_POST['action']) && $_POST['action']=='wpuf_submit_register'){
527
- $result=Array('success'=>false,'error'=>$ct_result->comment);
528
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
529
  print json_encode($result);
530
  die();
531
  }
532
- else if(isset($_POST['action']) && $_POST['action']=='mymail_form_submit')
533
- {
534
- $result=Array('success'=>false,'html'=>$ct_result->comment);
535
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
536
  print json_encode($result);
537
  die();
538
  }
539
- else if(isset($_POST['action'], $_POST['task']) && $_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview' && $_POST['task'] != 'send_test_mail')
540
- {
541
  $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
542
- //@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
543
  print $_GET['callback'].'('.json_encode($result).');';
544
  die();
545
  }
546
- else if(isset($_POST['action']) && $_POST['action']=='cs_registration_validation')
547
- {
548
  $result=Array("type"=>"error","message"=>$ct_result->comment);
549
  print json_encode($result);
550
  die();
551
  }
552
- else if(isset($_POST['action']) && ($_POST['action']=='request_appointment' || $_POST['action']=='send_message'))
553
- {
554
  print $ct_result->comment;
555
  die();
556
  }
557
- else if(isset($_POST['action']) && $_POST['action']=='zn_do_login')
558
- {
559
  print '<div id="login_error">'.$ct_result->comment.'</div>';
560
  die();
561
  }
562
- else if(isset($_POST['action']) && $_POST['action']=='vfb_submit')
563
- {
564
  $result=Array('result'=>false,'message'=>$ct_result->comment);
565
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
566
  print json_encode($result);
567
  die();
568
  }
569
- else if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout')
570
- {
571
  print $ct_result->comment;
572
  die();
573
  }
574
- else if(isset($_POST['action']) && $_POST['action']=='frm_entries_create')
575
- {
576
  $result=Array('112'=>$ct_result->comment);
577
  print json_encode($result);
578
  die();
579
  }
580
- else if(isset($_POST['cma-action']) && $_POST['cma-action']=='add')
581
- {
582
  $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
583
  print json_encode($result);
584
  die();
585
  }
586
- else if(isset($_POST['action']) && $_POST['action']=='td_mod_register')
587
- {
588
  print json_encode(array('register', 0, $ct_result->comment));
589
  die();
590
  }
591
- else if(isset($_POST['action']) && $_POST['action']=='tmpl_ajax_check_user_email')
592
- {
593
  print "17,email";
594
  die();
595
  }
596
- else if(isset($_POST['action']) && ($_POST['action']=='tevolution_submit_from_preview' || $_POST['action']=='submit_form_recaptcha_validation'))
597
- {
598
  print $ct_result->comment;
599
  die();
600
  }
 
601
  // WooWaitList
602
  // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
603
- else if(isset($_POST['action']) && $_POST['action']=='wew_save_to_db_callback')
604
- {
605
  $result = array();
606
  $result['error'] = 1;
607
  $result['message'] = $ct_result->comment;
@@ -609,19 +599,20 @@ function ct_ajax_hook($message_obj = false, $additional = false)
609
  print json_encode($result);
610
  die();
611
  }
 
612
  // UserPro
613
- else if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register')
614
- {
615
- foreach($_POST as $key => $value){
616
- $output[$key]=$value;
617
- }unset($key, $value);
618
  $output['template'] = $ct_result->comment;
619
  $output=json_encode($output);
620
  print_r($output);
621
  die;
622
  }
 
623
  // Quick event manager
624
- else if(isset($_POST['action']) && $_POST['action']=='qem_validate_form'){
625
  $errors[] = 'registration_forbidden';
626
  $result = Array(
627
  'success' => 'false',
@@ -631,9 +622,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
631
  print json_encode($result);
632
  die();
633
  }
 
634
  // Quick Contact Form
635
- elseif(isset($_POST['action']) && $_POST['action'] == 'qcf_validate_form')
636
- {
637
  $result = Array(
638
  'blurb' => "<h1>".$ct_result->comment."</h1>",
639
  'display' => "Oops, got a few problems here",
@@ -648,15 +639,14 @@ function ct_ajax_hook($message_obj = false, $additional = false)
648
  print json_encode($result);
649
  die();
650
  }
 
651
  // Usernoise Contact Form
652
- elseif(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs']))
653
- {
654
  return array($ct_result->comment);
655
- die();
656
  }
 
657
  // amoForms
658
- elseif(isset($_POST['action']) && $_POST['action'] == 'amoforms_submit')
659
- {
660
  $result = Array(
661
  'result' => true,
662
  'type' => "html",
@@ -666,26 +656,28 @@ function ct_ajax_hook($message_obj = false, $additional = false)
666
  print json_encode($result);
667
  die();
668
  }
 
669
  // MailChimp for Wordpress Premium
670
- elseif(!empty($_POST['_mc4wp_form_id']))
671
- {
672
  return 'ct_mc4wp_response';
673
  }
 
674
  // QAEngine Theme answers
675
- elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
676
  throw new Exception($ct_result->comment);
677
  }
 
678
  //ES Add subscriber
679
- elseif(isset($_POST['action']) && $_POST['action'] == 'es_add_subscriber')
680
- {
681
  $result = Array(
682
  'error' => 'unexpected-error',
683
  );
684
  print json_encode($result);
685
  die();
686
  }
 
687
  //Convertplug. Strpos because action value dynamically changes and depends on mailing service
688
- elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
689
  $result = Array(
690
  'action' => "message",
691
  'detailed_msg' => "",
@@ -697,8 +689,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
697
  print json_encode($result);
698
  die();
699
  }
 
700
  // Ultimate Form Builder
701
- elseif (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
702
  $result = Array(
703
  'error_keys' => array(),
704
  'error_flag' => 1,
@@ -707,8 +700,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
707
  print json_encode($result);
708
  die();
709
  }
 
710
  // Smart Forms
711
- elseif (isset($_POST['action']) && $_POST['action'] == 'rednao_smart_forms_save_form_values'){
712
  $result = Array(
713
  'message' => $ct_result->comment,
714
  'refreshCaptcha' => 'n',
@@ -717,9 +711,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
717
  print json_encode($result);
718
  die();
719
  }
 
720
  //cFormsII
721
- elseif(isset($_POST['action']) && $_POST['action'] == 'submitcform')
722
- {
723
  header('Content-Type: application/json');
724
  $result = Array(
725
  'no' => isset($_POST['cforms_id']) ? $_POST['cforms_id'] : '',
@@ -731,9 +725,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
731
  print json_encode($result);
732
  die();
733
  }
 
734
  //Contact Form by Web-Settler
735
- elseif(isset($_POST['smFieldData']))
736
- {
737
  $result = Array(
738
  'signal' => true,
739
  'code' => 0,
@@ -745,9 +739,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
745
  print json_encode($result);
746
  die();
747
  }
 
748
  //Reviewer
749
- elseif(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
750
- {
751
  $result = Array(
752
  'success' => false,
753
  'data' => array(0=>$ct_result->comment)
@@ -755,16 +749,17 @@ function ct_ajax_hook($message_obj = false, $additional = false)
755
  print json_encode($result);
756
  die();
757
  }
 
758
  // CouponXXL Theme
759
- elseif(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] == 'register'){
760
  $result = array(
761
  'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
762
  );
763
  die(json_encode($result));
764
  }
 
765
  //ConvertPro
766
- elseif(isset($_POST['action']) && $_POST['action'] == 'cp_v2_notify_admin' || $_POST['action'] == 'cpro_notify_via_email')
767
- {
768
  $result = Array(
769
  'success' => false,
770
  'data' => array('error'=>$ct_result->comment,'style_slug'=>'convertprot-form'),
@@ -772,8 +767,9 @@ function ct_ajax_hook($message_obj = false, $additional = false)
772
  print json_encode($result);
773
  die();
774
  }
 
775
  //Easy Forms for Mailchimp
776
- elseif( isset($_POST['action']) && $_POST['action']=='process_form_submission' ) {
777
  wp_send_json_error(
778
  array(
779
  'error' => 1,
@@ -781,12 +777,14 @@ function ct_ajax_hook($message_obj = false, $additional = false)
781
  )
782
  );
783
  }
 
784
  //Optin wheel
785
- elseif( isset($_POST['action']) && ($_POST['action'] == 'wof-lite-email-optin' || $_POST['action'] == 'wof-email-optin')) {
786
  wp_send_json_error(__($ct_result->comment, 'wp-optin-wheel'));
787
  }
 
788
  // Forminator
789
- elseif( isset($_POST['action']) && strpos($_POST['action'], 'forminator_submit') !== false ){
790
  wp_send_json_error(
791
  array(
792
  'message' => $ct_result->comment,
@@ -796,33 +794,34 @@ function ct_ajax_hook($message_obj = false, $additional = false)
796
  )
797
  );
798
  }
 
799
  // Easy Registration Form
800
- elseif( isset( $_POST['action'] ) && strpos($_POST['action'], 'erf_submit_form') !== false ) {
801
  wp_send_json_error( array( 0 => array( 'username_error', $ct_result->comment ) ) );
802
  }
803
- else
804
- {
805
- die(json_encode(array( 'apbct' => array(
806
- 'blocked' => true,
807
- 'comment' => $ct_result->comment,
808
- 'stop_script' => \Cleantalk\Variables\Post::has_string('action', 'tve_leads_ajax_')
809
- ? 1
810
- : 0
811
- ))));
812
- }
813
  }
814
- //Allow == 1
815
- else{
816
- //QAEngine Theme answers
817
- if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
818
- return $message_obj;
819
- }
820
- // Force AJAX check
821
- if( \Cleantalk\Variables\Post::get('action') == 'cleantalk_force_ajax_check' ){
822
- die(json_encode(array( 'apbct' => array(
823
- 'blocked' => false,
824
- 'allow' => true,
825
- ))));
826
- }
827
  }
 
 
 
 
 
 
 
 
 
828
  }
1
  <?php
 
 
2
  /*
3
  AJAX functions
4
  */
5
 
 
 
6
  use Cleantalk\Variables\Post;
7
 
8
+ $_cleantalk_ajax_actions_to_check[] = 'qcf_validate_form'; //Quick Contact Form
9
+ $_cleantalk_ajax_actions_to_check[] = 'amoforms_submit'; //amoForms
 
 
10
 
11
+ $_cleantalk_hooked_actions[] = 'rwp_ajax_action_rating'; //Don't check Reviewer plugin
12
 
13
+ $_cleantalk_hooked_actions[] = 'ct_feedback_comment';
14
 
15
  /* MailChimp Premium*/
16
  add_filter('mc4wp_form_errors', 'ct_mc4wp_ajax_hook');
22
  /*hooks for AJAX Login & Register email validation*/
23
  add_action( 'wp_ajax_nopriv_validate_email', 'ct_validate_email_ajaxlogin',1 );
24
  add_action( 'wp_ajax_validate_email', 'ct_validate_email_ajaxlogin',1 );
25
+ $_cleantalk_hooked_actions[]='validate_email';
26
 
27
  /*hooks for user registration*/
28
  add_action( 'user_register', 'ct_user_register_ajaxlogin',1 );
29
 
30
  /*hooks for WPUF pro */
 
 
31
  add_action( 'wp_ajax_nopriv_wpuf_submit_register', 'ct_ajax_hook',1 );
32
  add_action( 'wp_ajax_wpuf_submit_register', 'ct_ajax_hook',1 );
33
+ $_cleantalk_hooked_actions[]='submit_register';
34
 
35
  /*hooks for MyMail */
 
 
36
  add_action( 'wp_ajax_nopriv_mymail_form_submit', 'ct_ajax_hook',1 );
37
  add_action( 'wp_ajax_mymail_form_submit', 'ct_ajax_hook',1 );
38
+ $_cleantalk_hooked_actions[]='form_submit';
39
 
40
  /*hooks for MailPoet */
 
 
41
  add_action( 'wp_ajax_nopriv_wysija_ajax', 'ct_ajax_hook',1 );
42
  add_action( 'wp_ajax_wysija_ajax', 'ct_ajax_hook',1 );
43
+ $_cleantalk_hooked_actions[]='wysija_ajax';
44
 
45
  /*hooks for cs_registration_validation */
 
 
46
  add_action( 'wp_ajax_nopriv_cs_registration_validation', 'ct_ajax_hook',1 );
47
  add_action( 'wp_ajax_cs_registration_validation', 'ct_ajax_hook',1 );
48
+ $_cleantalk_hooked_actions[]='cs_registration_validation';
49
 
50
  /*hooks for send_message and request_appointment */
 
 
 
 
51
  add_action( 'wp_ajax_nopriv_send_message', 'ct_ajax_hook',1 );
52
  add_action( 'wp_ajax_send_message', 'ct_ajax_hook',1 );
53
  add_action( 'wp_ajax_nopriv_request_appointment', 'ct_ajax_hook',1 );
54
  add_action( 'wp_ajax_request_appointment', 'ct_ajax_hook',1 );
55
+ $_cleantalk_hooked_actions[]='send_message';
56
+ $_cleantalk_hooked_actions[]='request_appointment';
57
 
58
  /*hooks for zn_do_login */
 
 
59
  add_action( 'wp_ajax_nopriv_zn_do_login', 'ct_ajax_hook',1 );
60
  add_action( 'wp_ajax_zn_do_login', 'ct_ajax_hook',1 );
61
+ $_cleantalk_hooked_actions[]='zn_do_login';
62
 
63
  /*hooks for zn_do_login */
64
+ if(isset($_POST['action']) && $_POST['action'] === 'cscf-submitform'){
 
 
65
  add_filter('preprocess_comment', 'ct_ajax_hook', 1);
66
+ $_cleantalk_hooked_actions[]='cscf-submitform';
 
 
67
  }
68
 
69
 
70
  /*hooks for visual form builder */
 
 
71
  add_action( 'wp_ajax_nopriv_vfb_submit', 'ct_ajax_hook',1 );
72
  add_action( 'wp_ajax_vfb_submit', 'ct_ajax_hook',1 );
73
+ $_cleantalk_hooked_actions[]='vfb_submit';
74
 
75
  /*hooks for woocommerce_checkout*/
76
  add_action( 'wp_ajax_nopriv_woocommerce_checkout', 'ct_ajax_hook',1 );
77
  add_action( 'wp_ajax_woocommerce_checkout', 'ct_ajax_hook',1 );
78
+ $_cleantalk_hooked_actions[]='woocommerce_checkout';
79
+ $_cleantalk_hooked_actions[]='wcfm_ajax_controller';
80
 
81
  /*hooks for frm_action*/
82
  add_action( 'wp_ajax_nopriv_frm_entries_create', 'ct_ajax_hook',1 );
83
  add_action( 'wp_ajax_frm_entries_create', 'ct_ajax_hook',1 );
84
+ $_cleantalk_hooked_actions[]='frm_entries_create';
85
 
86
  add_action( 'wp_ajax_nopriv_td_mod_register', 'ct_ajax_hook',1 );
87
  add_action( 'wp_ajax_td_mod_register', 'ct_ajax_hook',1 );
88
+ $_cleantalk_hooked_actions[]='td_mod_register';
89
 
90
  /*hooks for tevolution theme*/
91
  add_action( 'wp_ajax_nopriv_tmpl_ajax_check_user_email', 'ct_ajax_hook',1 );
94
  add_action( 'wp_ajax_tevolution_submit_from_preview', 'ct_ajax_hook',1 );
95
  add_action( 'wp_ajax_nopriv_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
96
  add_action( 'wp_ajax_tmpl_submit_form_recaptcha_validation', 'ct_ajax_hook',1 );
97
+ $_cleantalk_hooked_actions[]='tmpl_ajax_check_user_email';
98
+ $_cleantalk_hooked_actions[]='tevolution_submit_from_preview';
99
+ $_cleantalk_hooked_actions[]='submit_form_recaptcha_validation';
100
 
101
  /* hooks for contact forms by web settler ajax*/
102
  add_action( 'wp_ajax_nopriv_smuzform-storage', 'ct_ajax_hook',1 );
103
+ $_cleantalk_hooked_actions[]='smuzform_form_submit';
104
 
105
  /* hooks for reviewer plugin*/
106
  add_action( 'wp_ajax_nopriv_rwp_ajax_action_rating', 'ct_ajax_hook',1 );
107
+ $_cleantalk_hooked_actions[]='rwp-submit-wrap';
108
 
109
+ $_cleantalk_hooked_actions[]='post_update';
110
 
111
  /* Ninja Forms hoocked actions */
112
+ $_cleantalk_hooked_actions[]='ninja_forms_ajax_submit';
113
+ $_cleantalk_hooked_actions[]='nf_ajax_submit';
114
+ $_cleantalk_hooked_actions[]='ninja_forms_process'; // Deprecated ?
115
 
116
  /* Follow-Up Emails */
117
+ $_cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
118
 
119
  /* Follow-Up Emails */
120
+ $_cleantalk_hooked_actions[] = 'fue_wc_set_cart_email'; // Don't check email via this plugin
121
 
122
  /* The Fluent Form have the direct integration */
123
+ $_cleantalk_hooked_actions[] = 'fluentform_submit';
124
 
125
  /* Estimation Forms have the direct integration */
126
  if( class_exists('LFB_Core') ) {
127
+ $_cleantalk_hooked_actions[] = 'send_email';
128
  }
129
 
130
+ /**
131
+ * AjaxLogin plugin handler
132
+ *
133
+ * @param null $email
134
+ */
135
+ function ct_validate_email_ajaxlogin( $email=null ){
136
 
137
  $email = is_null( $email ) ? $email : $_POST['email'];
138
  $email = sanitize_email($email);
139
+ $is_good = ! ( ! filter_var( $email, FILTER_VALIDATE_EMAIL ) || email_exists( $email ) );
140
 
141
+ if( class_exists('AjaxLogin') && isset($_POST['action']) && $_POST['action'] === 'validate_email' ){
142
 
143
  $checkjs = apbct_js_test('ct_checkjs', $_POST);
144
  $sender_info['post_checkjs_passed'] = $checkjs;
184
  wp_die();
185
  }
186
 
187
+ /**
188
+ * AjaxLogin plugin handler
189
+ *
190
+ * @param $user_id
191
+ *
192
+ * @return mixed
193
+ */
194
+ function ct_user_register_ajaxlogin( $user_id )
195
  {
196
+ if( class_exists('AjaxLogin') && isset($_POST['action']) && $_POST['action'] === 'register_submit' )
197
  {
198
 
199
  $checkjs = apbct_js_test('ct_checkjs', $_POST);
228
  * Hook into MailChimp for WordPress `mc4wp_form_errors` filter.
229
  *
230
  * @param array $errors
231
+ *
232
  * @return array
233
+ * @throws Exception
234
  */
235
  function ct_mc4wp_ajax_hook( array $errors )
236
  {
244
  return $errors;
245
  }
246
 
247
+ /**
248
+ * Main handler of ajax forms checking
249
+ *
250
+ * @param array|object $message_obj
251
+ *
252
+ * @return array|bool|string|null
253
+ *
254
+ * @throws Exception
255
+ */
256
+ function ct_ajax_hook( $message_obj = null )
257
  {
258
+ global $current_user;
259
 
260
+ $message_obj = (array) $message_obj;
261
 
262
+ // Get current_user and set it globally
263
  apbct_wp_set_current_user($current_user instanceof WP_User ? $current_user : apbct_wp_get_current_user() );
264
 
265
  // $_REQUEST['action'] to skip. Go out because of not spam data
326
  'apbct_email_check_before_post', //Interal request
327
  /* !! Do not add actions here. Use apbct_is_skip_request() function below !! */
328
  );
329
+
330
+ global $apbct;
331
  // Skip test if
332
  if( !$apbct->settings['forms__general_contact_forms_test'] || // Test disabled
333
  !apbct_is_user_enable($apbct->user) || // User is admin, editor, author
338
  (isset($_GET['action']) && in_array($_GET['action'], $skip_post)) || // Special params
339
  isset($_POST['quform_submit']) || //QForms multi-paged form skip
340
  // QAEngine Theme fix
341
+ ( (string) current_filter() !== 'et_pre_insert_answer' &&
342
+ (
343
+ ( isset($message_obj['author']) && (int) $message_obj['author'] === 0) ||
344
+ ( isset($message_obj['post_author']) && (int) $message_obj['post_author'] === 0)
345
  )
346
  ) ||
347
+ (isset($_POST['action'], $_POST['arm_action']) && $_POST['action'] === 'arm_shortcode_form_ajax_action' && $_POST['arm_action'] === 'please-login') || //arm forms skip login
348
+ ( isset($_POST['action']) && $_POST['action'] === 'erf_login_user' && in_array( 'easy-registration-forms/erforms.php', apply_filters( 'active_plugins', get_option( 'active_plugins' ) ) ) ) || //Easy Registration Forms login form skip
349
+ (isset($_POST['action'], $_POST['endpoint'], $_POST['method']) && $_POST['action'] === 'mailpoet' && $_POST['endpoint'] === 'ImportExport' && $_POST['method'] === 'processImport') //Mailpoet import
350
  )
351
  {
352
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
363
  'comment_type' => 'feedback_ajax',
364
  'post_url' => apbct_get_server_variable( 'HTTP_REFERER' ), // Page URL must be an previous page
365
  );
366
+ if( Post::get('action') === 'cleantalk_force_ajax_check' ) {
367
  $post_info['comment_type'] = 'feedback_ajax_external_form';
368
  }
369
 
370
  $checkjs = apbct_js_test('ct_checkjs', $_COOKIE, true);
 
 
 
 
 
371
 
372
  //QAEngine Theme answers
373
  if( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
380
  }
381
 
382
  //CSCF fix
383
+ if(isset($_POST['action']) && $_POST['action'] === 'cscf-submitform'){
384
  $ct_post_temp[] = $message_obj['comment_author'];
385
  $ct_post_temp[] = $message_obj['comment_author_email'];
386
  $ct_post_temp[] = $message_obj['comment_content'];
387
  }
388
 
389
  //??? fix
390
+ if(isset($_POST['action'], $_POST['target']) && ( $_POST['action'] === 'request_appointment' || $_POST['action'] === 'send_message')){
391
  $ct_post_temp=$_POST;
392
  $ct_post_temp['target']=1;
393
  }
394
 
395
  //UserPro fix
396
+ if(isset($_POST['action'], $_POST['template']) && $_POST['action'] === 'userpro_process_form' && $_POST['template'] === 'register'){
397
  $ct_post_temp = $_POST;
398
  $ct_post_temp['shortcode'] = '';
399
  }
400
  //Pre-filled form 426869223
401
+ if (isset($_POST['action'], $_POST['response-email-address'], $_POST['response-email-sender-address']) && $_POST['action'] === 'contact-owner:send') {
402
  unset($_POST['response-email-address']);
403
  unset($_POST['response-email-sender-address']);
404
  }
405
  //Reviewer fix
406
+ if(isset($_POST['action']) && $_POST['action'] === 'rwp_ajax_action_rating')
407
  {
408
  $ct_post_temp['name'] = $_POST['user_name'];
409
  $ct_post_temp['email'] = $_POST['user_email'];
410
  $ct_post_temp['comment'] = $_POST['comment'];
411
  }
412
  //Woocommerce checkout
413
+ if( Post::get( 'action' ) === 'woocommerce_checkout' || Post::get( 'action' ) === 'save_data' ){
414
  $post_info['comment_type'] = 'order';
415
  if( empty( $apbct->settings['forms__wc_checkout_test'] ) ){
416
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
418
  }
419
  }
420
  //Easy Forms for Mailchimp
421
+ if( Post::get('action') === 'process_form_submission' ){
422
  $post_info['comment_type'] = 'contact_enquire_wordpress_easy_forms_for_mailchimp';
423
+ if( Post::get('form_data') ) {
424
+ $form_data = explode( '&', urldecode( Post::get('form_data') ) );
425
  $form_data_arr = array();
426
  foreach ( $form_data as $val ) {
427
  $form_data_element = explode( '=', $val );
433
  $ct_post_temp['nickname'] = $form_data_arr['FNAME'];
434
  }
435
  }
436
+ if (isset($_POST['action']) && $_POST['action'] === 'ufbl_front_form_action'){
437
  $ct_post_temp = $_POST;
438
+ foreach ($ct_post_temp as $key => $_value) {
439
  if (preg_match('/form_data_\d_name/', $key))
440
  unset($ct_post_temp[$key]);
441
  }
445
  ? ct_get_fields_any($ct_post_temp)
446
  : ct_get_fields_any($_POST);
447
 
448
+ $sender_email = $ct_temp_msg_data['email'] ?: '';
449
+ $sender_nickname = $ct_temp_msg_data['nickname'] ?: '';
450
+ $subject = $ct_temp_msg_data['subject'] ?: '';
451
+ $contact_form = $ct_temp_msg_data['contact'] ?: true;
452
+ $message = $ct_temp_msg_data['message'] ?: array();
453
+ if( $subject !== '' ) {
454
  $message['subject'] = $subject;
455
  }
456
 
457
  // Skip submission if no data found
458
+ if ( $sender_email === ''|| $contact_form === false ) {
459
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
460
  return false;
461
  }
 
462
 
463
  // Mailpoet fix
464
+ if (isset($message['wysijaData'], $message['wysijaplugin'], $message['task'], $message['controller']) && $message['wysijaplugin'] === 'wysija-newsletters' && $message['controller'] === 'campaigns') {
465
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
466
  return false;
467
  }
468
 
469
  // Mailpoet3 admin skip fix
470
+ if (isset($_POST['action'], $_POST['method']) && $_POST['action'] === 'mailpoet' && $_POST['method'] === 'save') {
471
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
472
  return false;
473
  }
475
 
476
  // WP Foto Vote Fix
477
  if (!empty($_FILES)){
478
+ foreach($message as $key => $_value){
479
  if(strpos($key, 'oje') !== false) {
480
  do_action( 'apbct_skipped_request', __FILE__ . ' -> ' . __FUNCTION__ . '():' . __LINE__, $_POST );
481
  return false;
482
  }
483
+ }
484
  }
485
 
486
  /**
488
  */
489
  // Detect contact form an set it's name to $contact_form to use later
490
  $contact_form = null;
491
+ foreach($_POST as $param => $_value){
492
  if(strpos($param, 'et_pb_contactform_submit') === 0){
493
  $contact_form = 'contact_form_divi_theme';
 
494
  }
495
  if(strpos($param, 'avia_generated_form') === 0){
496
  $contact_form = 'contact_form_enfold_theme';
 
497
  }
498
+ if(!empty($contact_form)) {
499
  break;
500
+ }
501
  }
502
 
503
  $base_call_result = apbct_base_call(
514
 
515
  if ($ct_result->allow == 0)
516
  {
517
+ if ( isset($_POST['action']) && $_POST['action'] === 'wpuf_submit_register' ) {
518
+ $result=array('success'=>false,'error'=>$ct_result->comment);
519
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
520
  print json_encode($result);
521
  die();
522
  }
523
+
524
+ if( isset($_POST['action']) && $_POST['action'] === 'mymail_form_submit' ) {
525
+ $result=array('success'=>false,'html'=>$ct_result->comment);
526
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
527
  print json_encode($result);
528
  die();
529
  }
530
+
531
+ if(isset($_POST['action'], $_POST['task']) && $_POST['action'] === 'wysija_ajax' && $_POST['task'] !== 'send_preview' && $_POST['task'] !== 'send_test_mail') {
532
  $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
 
533
  print $_GET['callback'].'('.json_encode($result).');';
534
  die();
535
  }
536
+
537
+ if(isset($_POST['action']) && $_POST['action'] === 'cs_registration_validation') {
538
  $result=Array("type"=>"error","message"=>$ct_result->comment);
539
  print json_encode($result);
540
  die();
541
  }
542
+
543
+ if(isset($_POST['action']) && ( $_POST['action'] === 'request_appointment' || $_POST['action'] === 'send_message')) {
544
  print $ct_result->comment;
545
  die();
546
  }
547
+
548
+ if(isset($_POST['action']) && $_POST['action'] === 'zn_do_login') {
549
  print '<div id="login_error">'.$ct_result->comment.'</div>';
550
  die();
551
  }
552
+
553
+ if(isset($_POST['action']) && $_POST['action'] === 'vfb_submit') {
554
  $result=Array('result'=>false,'message'=>$ct_result->comment);
555
  @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
556
  print json_encode($result);
557
  die();
558
  }
559
+
560
+ if(isset($_POST['action']) && $_POST['action'] === 'woocommerce_checkout') {
561
  print $ct_result->comment;
562
  die();
563
  }
564
+
565
+ if(isset($_POST['action']) && $_POST['action'] === 'frm_entries_create') {
566
  $result=Array('112'=>$ct_result->comment);
567
  print json_encode($result);
568
  die();
569
  }
570
+
571
+ if(isset($_POST['cma-action']) && $_POST['cma-action'] === 'add') {
572
  $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
573
  print json_encode($result);
574
  die();
575
  }
576
+
577
+ if(isset($_POST['action']) && $_POST['action'] === 'td_mod_register') {
578
  print json_encode(array('register', 0, $ct_result->comment));
579
  die();
580
  }
581
+
582
+ if(isset($_POST['action']) && $_POST['action'] === 'tmpl_ajax_check_user_email') {
583
  print "17,email";
584
  die();
585
  }
586
+
587
+ if(isset($_POST['action']) && ( $_POST['action'] === 'tevolution_submit_from_preview' || $_POST['action'] === 'submit_form_recaptcha_validation')) {
588
  print $ct_result->comment;
589
  die();
590
  }
591
+
592
  // WooWaitList
593
  // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
594
+ if(isset($_POST['action']) && $_POST['action'] === 'wew_save_to_db_callback') {
 
595
  $result = array();
596
  $result['error'] = 1;
597
  $result['message'] = $ct_result->comment;
599
  print json_encode($result);
600
  die();
601
  }
602
+
603
  // UserPro
604
+ if(isset($_POST['action'], $_POST['template']) && $_POST['action'] === 'userpro_process_form' && $_POST['template'] === 'register') {
605
+ foreach($_POST as $key => $value) {
606
+ $output[ $key ] = $value;
607
+ }
 
608
  $output['template'] = $ct_result->comment;
609
  $output=json_encode($output);
610
  print_r($output);
611
  die;
612
  }
613
+
614
  // Quick event manager
615
+ if(isset($_POST['action']) && $_POST['action'] === 'qem_validate_form') {
616
  $errors[] = 'registration_forbidden';
617
  $result = Array(
618
  'success' => 'false',
622
  print json_encode($result);
623
  die();
624
  }
625
+
626
  // Quick Contact Form
627
+ if(isset($_POST['action']) && $_POST['action'] === 'qcf_validate_form') {
 
628
  $result = Array(
629
  'blurb' => "<h1>".$ct_result->comment."</h1>",
630
  'display' => "Oops, got a few problems here",
639
  print json_encode($result);
640
  die();
641
  }
642
+
643
  // Usernoise Contact Form
644
+ if(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs'])) {
 
645
  return array($ct_result->comment);
 
646
  }
647
+
648
  // amoForms
649
+ if(isset($_POST['action']) && $_POST['action'] === 'amoforms_submit') {
 
650
  $result = Array(
651
  'result' => true,
652
  'type' => "html",
656
  print json_encode($result);
657
  die();
658
  }
659
+
660
  // MailChimp for Wordpress Premium
661
+ if(!empty($_POST['_mc4wp_form_id'])) {
 
662
  return 'ct_mc4wp_response';
663
  }
664
+
665
  // QAEngine Theme answers
666
+ if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
667
  throw new Exception($ct_result->comment);
668
  }
669
+
670
  //ES Add subscriber
671
+ if(isset($_POST['action']) && $_POST['action'] === 'es_add_subscriber') {
 
672
  $result = Array(
673
  'error' => 'unexpected-error',
674
  );
675
  print json_encode($result);
676
  die();
677
  }
678
+
679
  //Convertplug. Strpos because action value dynamically changes and depends on mailing service
680
+ if (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
681
  $result = Array(
682
  'action' => "message",
683
  'detailed_msg' => "",
689
  print json_encode($result);
690
  die();
691
  }
692
+
693
  // Ultimate Form Builder
694
+ if (isset($_POST['action']) && $_POST['action'] === 'ufbl_front_form_action'){
695
  $result = Array(
696
  'error_keys' => array(),
697
  'error_flag' => 1,
700
  print json_encode($result);
701
  die();
702
  }
703
+
704
  // Smart Forms
705
+ if (isset($_POST['action']) && $_POST['action'] === 'rednao_smart_forms_save_form_values'){
706
  $result = Array(
707
  'message' => $ct_result->comment,
708
  'refreshCaptcha' => 'n',
711
  print json_encode($result);
712
  die();
713
  }
714
+
715
  //cFormsII
716
+ if(isset($_POST['action']) && $_POST['action'] === 'submitcform') {
 
717
  header('Content-Type: application/json');
718
  $result = Array(
719
  'no' => isset($_POST['cforms_id']) ? $_POST['cforms_id'] : '',
725
  print json_encode($result);
726
  die();
727
  }
728
+
729
  //Contact Form by Web-Settler
730
+ if(isset($_POST['smFieldData'])) {
 
731
  $result = Array(
732
  'signal' => true,
733
  'code' => 0,
739
  print json_encode($result);
740
  die();
741
  }
742
+
743
  //Reviewer
744
+ if(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating') {
 
745
  $result = Array(
746
  'success' => false,
747
  'data' => array(0=>$ct_result->comment)
749
  print json_encode($result);
750
  die();
751
  }
752
+
753
  // CouponXXL Theme
754
+ if(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] === 'register'){
755
  $result = array(
756
  'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
757
  );
758
  die(json_encode($result));
759
  }
760
+
761
  //ConvertPro
762
+ if( isset( $_POST['action'] ) && ( $_POST['action'] === 'cp_v2_notify_admin' || $_POST['action'] === 'cpro_notify_via_email' ) ) {
 
763
  $result = Array(
764
  'success' => false,
765
  'data' => array('error'=>$ct_result->comment,'style_slug'=>'convertprot-form'),
767
  print json_encode($result);
768
  die();
769
  }
770
+
771
  //Easy Forms for Mailchimp
772
+ if( isset($_POST['action']) && $_POST['action'] === 'process_form_submission' ) {
773
  wp_send_json_error(
774
  array(
775
  'error' => 1,
777
  )
778
  );
779
  }
780
+
781
  //Optin wheel
782
+ if( isset($_POST['action']) && ( $_POST['action'] === 'wof-lite-email-optin' || $_POST['action'] === 'wof-email-optin')) {
783
  wp_send_json_error(__($ct_result->comment, 'wp-optin-wheel'));
784
  }
785
+
786
  // Forminator
787
+ if( isset($_POST['action']) && strpos($_POST['action'], 'forminator_submit') !== false ){
788
  wp_send_json_error(
789
  array(
790
  'message' => $ct_result->comment,
794
  )
795
  );
796
  }
797
+
798
  // Easy Registration Form
799
+ if( isset( $_POST['action'] ) && strpos($_POST['action'], 'erf_submit_form') !== false ) {
800
  wp_send_json_error( array( 0 => array( 'username_error', $ct_result->comment ) ) );
801
  }
802
+
803
+ // Regular block output
804
+ die(json_encode(array( 'apbct' => array(
805
+ 'blocked' => true,
806
+ 'comment' => $ct_result->comment,
807
+ 'stop_script' => Post::has_string('action', 'tve_leads_ajax_')
808
+ ? 1
809
+ : 0
810
+ ))));
 
811
  }
812
+
813
+ // Allow == 1
814
+ //QAEngine Theme answers
815
+ if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['post_content']) ){
816
+ return $message_obj;
 
 
 
 
 
 
 
 
817
  }
818
+ // Force AJAX check
819
+ if( Post::get('action') === 'cleantalk_force_ajax_check' ){
820
+ die(json_encode(array( 'apbct' => array(
821
+ 'blocked' => false,
822
+ 'allow' => true,
823
+ ))));
824
+ }
825
+
826
+ return null;
827
  }
inc/cleantalk-pluggable.php CHANGED
@@ -22,7 +22,7 @@ function apbct_wp_get_current_user(){
22
  ? $current_user->ID
23
  : null;
24
  }else{
25
- $user_id = empty($user_id) && defined('LOGGED_IN_COOKIE') && !empty($_COOKIE[LOGGED_IN_COOKIE])
26
  ? apbct_wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in')
27
  : null;
28
  }
@@ -369,233 +369,227 @@ function apbct_is_skip_request( $ajax = false ) {
369
  /* !!! Have to use more than one factor to detect the request - is_plugin active() && $_POST['action'] !!! */
370
  //@ToDo Implement direct integration checking - if have the direct integration will be returned false
371
 
372
- switch ( $ajax ) {
373
- case true :
374
- /*****************************************/
375
- /* Here is ajax requests skipping */
376
- /*****************************************/
377
-
378
- // Paid Memberships Pro - Login Form
379
- if(
380
- apbct_is_plugin_active( 'paid-memberships-pro/paid-memberships-pro.php' ) &&
381
- Post::get( 'rm_slug' ) === 'rm_login_form' &&
382
- Post::get( 'rm_form_sub_id' )
383
- ){
384
- return 'paid_memberships_pro__login_form';
385
- }
386
-
387
- // Thrive Ultimatum
388
- if(
389
- apbct_is_plugin_active( 'thrive-ultimatum/thrive-ultimatum.php' ) &&
390
- Post::get( 'action' ) === 'tve_dash_front_ajax'
391
- ){
392
- return 'thrive-ultimatum__links_from_email';
393
- }
394
-
395
- // wpDiscuz - Online Users Addon for wpDiscuz
396
- if(
397
- apbct_is_plugin_active( 'wpdiscuz-online-users/wpdiscuz-ou.php' ) &&
398
- Post::get( 'action' ) === 'wouPushNotification'
399
- ){
400
- return 'wpdiscuz_online_users__push_notification';
401
- }
402
-
403
- // Bookly Plugin admin actions skip
404
- if( apbct_is_plugin_active( 'bookly-responsive-appointment-booking-tool/main.php' ) &&
405
- isset( $_POST['action'] ) &&
406
- strpos( $_POST['action'], 'bookly' ) !== false &&
407
- is_admin() )
408
- {
409
- return 'bookly_pro_update_staff_advanced';
410
- }
411
- // Youzier login form skip
412
- if( apbct_is_plugin_active( 'youzer/youzer.php' ) &&
413
- isset( $_POST['action'] ) &&
414
- $_POST['action'] === 'yz_ajax_login' )
415
- {
416
- return 'youzier_login_form';
417
- }
418
- // Youzify login form skip
419
- if( apbct_is_plugin_active( 'youzify/youzify.php' ) &&
420
- isset( $_POST['action'] ) &&
421
- $_POST['action'] === 'youzify_ajax_login' )
422
- {
423
- return 'youzify_login_form';
424
- }
425
- // InJob theme lost password skip
426
- if( apbct_is_plugin_active( 'iwjob/iwjob.php' ) &&
427
- isset( $_POST['action'] ) &&
428
- $_POST['action'] === 'iwj_lostpass' )
429
- {
430
- return 'injob_theme_plugin';
431
- }
432
- // Divi builder skip
433
- if ( apbct_is_theme_active( 'Divi' ) &&
434
- isset( $_POST['action'] ) &&
435
- ( $_POST['action'] === 'save_epanel' || $_POST['action'] === 'et_fb_ajax_save' ) )
436
- {
437
- return 'divi_builder_skip';
438
- }
439
- // Email Before Download plugin https://wordpress.org/plugins/email-before-download/ action skip
440
- if ( apbct_is_plugin_active( 'email-before-download/email-before-download.php' ) &&
441
- isset( $_POST['action'] ) &&
442
- $_POST['action'] === 'ebd_inline_links' )
443
- {
444
- return 'ebd_inline_links';
445
- }
446
- // WP Discuz skip service requests. The plugin have the direct integration
447
- if ( apbct_is_plugin_active( 'wpdiscuz/class.WpdiscuzCore.php' ) &&
448
- isset( $_POST['action'] ) &&
449
- strpos( $_POST['action'], 'wpd' ) !== false )
450
- {
451
- return 'ebd_inline_links';
452
- }
453
- // Exception for plugin https://ru.wordpress.org/plugins/easy-login-woocommerce/ login form
454
- if(
455
- apbct_is_plugin_active( 'easy-login-woocommerce/xoo-el-main.php' ) &&
456
- Post::get( '_xoo_el_form' ) === 'login'
457
- ){
458
- return 'xoo_login';
459
- }
460
- // Emails & Newsletters with Jackmail: skip all admin-side actions
461
- if(
462
- apbct_is_plugin_active( 'jackmail-newsletters/jackmail-newsletters.php' ) &&
463
- is_admin() &&
464
- strpos( Server::get('HTTP_REFERER'), 'jackmail_' ) !== false
465
- ){
466
- return 'jackmail_admin_actions';
467
- }
468
- // Newspaper theme login form
469
- if ( apbct_is_theme_active( 'Newspaper' ) &&
470
- isset( $_POST['action'] ) &&
471
- ( $_POST['action'] == 'td_mod_login' || $_POST['action'] == 'td_mod_remember_pass' ) )
472
- {
473
- return 'Newspaper_theme_login_form';
474
- }
475
- // Save abandoned cart checking skip
476
- if ( apbct_is_plugin_active( 'woo-save-abandoned-carts/cartbounty-abandoned-carts.php' ) &&
477
- Post::get( 'action' ) === 'cartbounty_save' )
478
- {
479
- return 'cartbounty_save';
480
- }
481
- // SUMODISCOUNT discout request skip
482
- if ( apbct_is_plugin_active( 'sumodiscounts/sumodiscounts.php' ) &&
483
- Post::get( 'action' ) === 'fp_apply_discount_for_first_purchase' )
484
- {
485
- return 'fp_apply_discount_for_first_purchase';
486
- }
487
- // WP eMember login form skip
488
- if ( apbct_is_plugin_active( 'wp-eMember/wp_eMember.php' ) &&
489
- Post::get( 'action' ) === 'emember_ajax_login' )
490
- {
491
- return 'emember_ajax_login';
492
- }
493
- // Avada theme saving settings
494
- if ( apbct_is_theme_active( 'Avada' ) &&
495
- Post::get('action') === 'fusion_options_ajax_save' )
496
- {
497
- return 'Avada_theme_saving_settings';
498
- }
499
- // Formidable skip - this is the durect integration
500
- if ( apbct_is_plugin_active( 'formidable/formidable.php' ) &&
501
- Post::get( 'action' ) === 'frm_entries_update' )
502
- {
503
- return 'formidable_skip';
504
- }
505
- // Artbees Jupiter theme saving settings
506
- if ( Post::get( 'action' ) === 'mk_theme_save' && strpos( get_template(), 'jupiter' ) !== false ){
507
- return 'artbees_jupiter_6_skip';
508
- }
509
- // fix conflict with wiloke theme and unknown plugin, that removes standard authorization cookies
510
- if ( Post::get( 'action' ) === 'wiloke_themeoptions_ajax_save' && apbct_is_theme_active( 'wilcity' ) ){
511
- return 'wiloke_themeoptions_ajax_save_skip';
512
- }
513
- // Essentials addons for elementor - light and pro
514
- if(
515
- ( apbct_is_plugin_active( 'essential-addons-for-elementor-lite/essential_adons_elementor.php' ) ||
516
- apbct_is_plugin_active( 'essential-addons-elementor/essential_adons_elementor.php' ) ) &&
517
- ( Post::get('eael-login-submit') !== '' && Post::get('eael-user-login') !== '' ) )
518
- {
519
- return 'eael_login_skipped';
520
- }
521
- // WPForms check restricted email skipped
522
- if(
523
- ( apbct_is_plugin_active( 'wpforms/wpforms.php' ) ) &&
524
- ( Post::get('action') === 'wpforms_restricted_email' && Post::get('token') !== '' )
525
- )
526
- {
527
- return 'wpforms_check_restricted_email';
528
- }
529
- // FluentForm multistep skip
530
- if ( ( apbct_is_plugin_active( 'fluentformpro/fluentformpro.php' ) || apbct_is_plugin_active( 'fluentform/fluentform.php' ) ) &&
531
- Post::get( 'action' ) === 'active_step' )
532
- {
533
- return 'fluentform_skip';
534
- }
535
- break;
536
-
537
- case false :
538
- default:
539
- /*****************************************/
540
- /* Here is non-ajax requests skipping */
541
- /*****************************************/
542
- // WC payment APIs
543
- if( apbct_is_plugin_active( 'woocommerce/woocommerce.php' ) &&
544
- apbct_is_in_uri( 'wc-api=2checkout_ipn_convert_plus') )
545
- {
546
- return 'wc-payment-api';
547
- }
548
- // BuddyPress edit profile checking skip
549
- if( apbct_is_plugin_active( 'buddypress/bp-loader.php' ) &&
550
- array_key_exists( 'profile-group-edit-submit', $_POST ) )
551
- {
552
- return 'buddypress_profile_edit';
553
- }
554
- // UltimateMember password reset skip
555
- if( apbct_is_plugin_active( 'ultimate-member/ultimate-member.php' ) &&
556
- isset( $_POST['_um_password_reset'] ) && $_POST['_um_password_reset'] == 1 )
557
- {
558
- return 'ultimatemember_password_reset';
559
- }
560
- // UltimateMember password reset skip
561
- if( apbct_is_plugin_active( 'gravityformspaypal/paypal.php' ) &&
562
- ( apbct_is_in_uri('page=gf_paypal_ipn') || apbct_is_in_uri('callback=gravityformspaypal') ) )
563
- {
564
- return 'gravityformspaypal_processing_skipped';
565
- }
566
- // MyListing theme service requests skip
567
- if ( ( apbct_is_theme_active( 'My Listing Child' ) || apbct_is_theme_active( 'My Listing' ) ) &&
568
- Get::get('mylisting-ajax') === '1' )
569
- {
570
- return 'mylisting_theme_service_requests_skip';
571
- }
572
- // HappyForms skip every requests. HappyForms have the direct integration
573
- if( apbct_is_plugin_active( 'happyforms-upgrade/happyforms-upgrade.php' ) ||
574
- apbct_is_plugin_active( 'happyforms/happyforms.php' ) &&
575
- ( Post::get('happyforms_message_nonce') !== '' ) )
576
- {
577
- return 'happyform_skipped';
578
- }
579
- // Essentials addons for elementor - light and pro
580
- if(
581
- ( apbct_is_plugin_active( 'essential-addons-for-elementor-lite/essential_adons_elementor.php' ) ||
582
- apbct_is_plugin_active( 'essential-addons-elementor/essential_adons_elementor.php' ) ) &&
583
- ( Post::get('eael-login-submit') !== '' && Post::get('eael-user-login') !== '' ) )
584
- {
585
- return 'eael_login_skipped';
586
- }
587
- // Autonami Marketing Automations service request
588
- if( apbct_is_rest() && Post::get('automation_id') !== '' && Post::get('unique_key') !== '' )
589
- {
590
- return 'autonami-rest';
591
- }
592
- //Skip wforms because of direct integration
593
- if ( apbct_is_plugin_active( 'wpforms/wpforms.php' ) && isset( $_POST['wpforms'] ) ) {
594
- return 'wp_forms';
595
- }
596
-
597
- break;
598
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
599
  }
600
 
601
  return false;
22
  ? $current_user->ID
23
  : null;
24
  }else{
25
+ $user_id = defined('LOGGED_IN_COOKIE') && !empty($_COOKIE[LOGGED_IN_COOKIE])
26
  ? apbct_wp_validate_auth_cookie($_COOKIE[LOGGED_IN_COOKIE], 'logged_in')
27
  : null;
28
  }
369
  /* !!! Have to use more than one factor to detect the request - is_plugin active() && $_POST['action'] !!! */
370
  //@ToDo Implement direct integration checking - if have the direct integration will be returned false
371
 
372
+ if ($ajax) {
373
+ /*****************************************/
374
+ /* Here is ajax requests skipping */
375
+ /*****************************************/
376
+
377
+ // Paid Memberships Pro - Login Form
378
+ if(
379
+ apbct_is_plugin_active( 'paid-memberships-pro/paid-memberships-pro.php' ) &&
380
+ Post::get( 'rm_slug' ) === 'rm_login_form' &&
381
+ Post::get( 'rm_form_sub_id' )
382
+ ){
383
+ return 'paid_memberships_pro__login_form';
384
+ }
385
+
386
+ // Thrive Ultimatum
387
+ if(
388
+ apbct_is_plugin_active( 'thrive-ultimatum/thrive-ultimatum.php' ) &&
389
+ Post::get( 'action' ) === 'tve_dash_front_ajax'
390
+ ){
391
+ return 'thrive-ultimatum__links_from_email';
392
+ }
393
+
394
+ // wpDiscuz - Online Users Addon for wpDiscuz
395
+ if(
396
+ apbct_is_plugin_active( 'wpdiscuz-online-users/wpdiscuz-ou.php' ) &&
397
+ Post::get( 'action' ) === 'wouPushNotification'
398
+ ){
399
+ return 'wpdiscuz_online_users__push_notification';
400
+ }
401
+
402
+ // Bookly Plugin admin actions skip
403
+ if( apbct_is_plugin_active( 'bookly-responsive-appointment-booking-tool/main.php' ) &&
404
+ isset( $_POST['action'] ) &&
405
+ strpos( $_POST['action'], 'bookly' ) !== false &&
406
+ is_admin() )
407
+ {
408
+ return 'bookly_pro_update_staff_advanced';
409
+ }
410
+ // Youzier login form skip
411
+ if( apbct_is_plugin_active( 'youzer/youzer.php' ) &&
412
+ isset( $_POST['action'] ) &&
413
+ $_POST['action'] === 'yz_ajax_login' )
414
+ {
415
+ return 'youzier_login_form';
416
+ }
417
+ // Youzify login form skip
418
+ if( apbct_is_plugin_active( 'youzify/youzify.php' ) &&
419
+ isset( $_POST['action'] ) &&
420
+ $_POST['action'] === 'youzify_ajax_login' )
421
+ {
422
+ return 'youzify_login_form';
423
+ }
424
+ // InJob theme lost password skip
425
+ if( apbct_is_plugin_active( 'iwjob/iwjob.php' ) &&
426
+ isset( $_POST['action'] ) &&
427
+ $_POST['action'] === 'iwj_lostpass' )
428
+ {
429
+ return 'injob_theme_plugin';
430
+ }
431
+ // Divi builder skip
432
+ if ( apbct_is_theme_active( 'Divi' ) &&
433
+ isset( $_POST['action'] ) &&
434
+ ( $_POST['action'] === 'save_epanel' || $_POST['action'] === 'et_fb_ajax_save' ) )
435
+ {
436
+ return 'divi_builder_skip';
437
+ }
438
+ // Email Before Download plugin https://wordpress.org/plugins/email-before-download/ action skip
439
+ if ( apbct_is_plugin_active( 'email-before-download/email-before-download.php' ) &&
440
+ isset( $_POST['action'] ) &&
441
+ $_POST['action'] === 'ebd_inline_links' )
442
+ {
443
+ return 'ebd_inline_links';
444
+ }
445
+ // WP Discuz skip service requests. The plugin have the direct integration
446
+ if ( apbct_is_plugin_active( 'wpdiscuz/class.WpdiscuzCore.php' ) &&
447
+ isset( $_POST['action'] ) &&
448
+ strpos( $_POST['action'], 'wpd' ) !== false )
449
+ {
450
+ return 'ebd_inline_links';
451
+ }
452
+ // Exception for plugin https://ru.wordpress.org/plugins/easy-login-woocommerce/ login form
453
+ if(
454
+ apbct_is_plugin_active( 'easy-login-woocommerce/xoo-el-main.php' ) &&
455
+ Post::get( '_xoo_el_form' ) === 'login'
456
+ ){
457
+ return 'xoo_login';
458
+ }
459
+ // Emails & Newsletters with Jackmail: skip all admin-side actions
460
+ if(
461
+ apbct_is_plugin_active( 'jackmail-newsletters/jackmail-newsletters.php' ) &&
462
+ is_admin() &&
463
+ strpos( Server::get('HTTP_REFERER'), 'jackmail_' ) !== false
464
+ ){
465
+ return 'jackmail_admin_actions';
466
+ }
467
+ // Newspaper theme login form
468
+ if ( apbct_is_theme_active( 'Newspaper' ) &&
469
+ isset( $_POST['action'] ) &&
470
+ ( $_POST['action'] == 'td_mod_login' || $_POST['action'] == 'td_mod_remember_pass' ) )
471
+ {
472
+ return 'Newspaper_theme_login_form';
473
+ }
474
+ // Save abandoned cart checking skip
475
+ if ( apbct_is_plugin_active( 'woo-save-abandoned-carts/cartbounty-abandoned-carts.php' ) &&
476
+ Post::get( 'action' ) === 'cartbounty_save' )
477
+ {
478
+ return 'cartbounty_save';
479
+ }
480
+ // SUMODISCOUNT discout request skip
481
+ if ( apbct_is_plugin_active( 'sumodiscounts/sumodiscounts.php' ) &&
482
+ Post::get( 'action' ) === 'fp_apply_discount_for_first_purchase' )
483
+ {
484
+ return 'fp_apply_discount_for_first_purchase';
485
+ }
486
+ // WP eMember login form skip
487
+ if ( apbct_is_plugin_active( 'wp-eMember/wp_eMember.php' ) &&
488
+ Post::get( 'action' ) === 'emember_ajax_login' )
489
+ {
490
+ return 'emember_ajax_login';
491
+ }
492
+ // Avada theme saving settings
493
+ if ( apbct_is_theme_active( 'Avada' ) &&
494
+ Post::get('action') === 'fusion_options_ajax_save' )
495
+ {
496
+ return 'Avada_theme_saving_settings';
497
+ }
498
+ // Formidable skip - this is the durect integration
499
+ if ( apbct_is_plugin_active( 'formidable/formidable.php' ) &&
500
+ Post::get( 'action' ) === 'frm_entries_update' )
501
+ {
502
+ return 'formidable_skip';
503
+ }
504
+ // Artbees Jupiter theme saving settings
505
+ if ( Post::get( 'action' ) === 'mk_theme_save' && strpos( get_template(), 'jupiter' ) !== false ){
506
+ return 'artbees_jupiter_6_skip';
507
+ }
508
+ // fix conflict with wiloke theme and unknown plugin, that removes standard authorization cookies
509
+ if ( Post::get( 'action' ) === 'wiloke_themeoptions_ajax_save' && apbct_is_theme_active( 'wilcity' ) ){
510
+ return 'wiloke_themeoptions_ajax_save_skip';
511
+ }
512
+ // Essentials addons for elementor - light and pro
513
+ if(
514
+ ( apbct_is_plugin_active( 'essential-addons-for-elementor-lite/essential_adons_elementor.php' ) ||
515
+ apbct_is_plugin_active( 'essential-addons-elementor/essential_adons_elementor.php' ) ) &&
516
+ ( Post::get('eael-login-submit') !== '' && Post::get('eael-user-login') !== '' ) )
517
+ {
518
+ return 'eael_login_skipped';
519
+ }
520
+ // WPForms check restricted email skipped
521
+ if(
522
+ ( apbct_is_plugin_active( 'wpforms/wpforms.php' ) ) &&
523
+ ( Post::get('action') === 'wpforms_restricted_email' && Post::get('token') !== '' )
524
+ )
525
+ {
526
+ return 'wpforms_check_restricted_email';
527
+ }
528
+ // FluentForm multistep skip
529
+ if ( ( apbct_is_plugin_active( 'fluentformpro/fluentformpro.php' ) || apbct_is_plugin_active( 'fluentform/fluentform.php' ) ) &&
530
+ Post::get( 'action' ) === 'active_step' )
531
+ {
532
+ return 'fluentform_skip';
533
+ }
534
+ } else {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
535
 
536
+ /*****************************************/
537
+ /* Here is non-ajax requests skipping */
538
+ /*****************************************/
539
+ // WC payment APIs
540
+ if( apbct_is_plugin_active( 'woocommerce/woocommerce.php' ) &&
541
+ apbct_is_in_uri( 'wc-api=2checkout_ipn_convert_plus') )
542
+ {
543
+ return 'wc-payment-api';
544
+ }
545
+ // BuddyPress edit profile checking skip
546
+ if( apbct_is_plugin_active( 'buddypress/bp-loader.php' ) &&
547
+ array_key_exists( 'profile-group-edit-submit', $_POST ) )
548
+ {
549
+ return 'buddypress_profile_edit';
550
+ }
551
+ // UltimateMember password reset skip
552
+ if( apbct_is_plugin_active( 'ultimate-member/ultimate-member.php' ) &&
553
+ isset( $_POST['_um_password_reset'] ) && $_POST['_um_password_reset'] == 1 )
554
+ {
555
+ return 'ultimatemember_password_reset';
556
+ }
557
+ // UltimateMember password reset skip
558
+ if( apbct_is_plugin_active( 'gravityformspaypal/paypal.php' ) &&
559
+ ( apbct_is_in_uri('page=gf_paypal_ipn') || apbct_is_in_uri('callback=gravityformspaypal') ) )
560
+ {
561
+ return 'gravityformspaypal_processing_skipped';
562
+ }
563
+ // MyListing theme service requests skip
564
+ if ( ( apbct_is_theme_active( 'My Listing Child' ) || apbct_is_theme_active( 'My Listing' ) ) &&
565
+ Get::get('mylisting-ajax') === '1' )
566
+ {
567
+ return 'mylisting_theme_service_requests_skip';
568
+ }
569
+ // HappyForms skip every requests. HappyForms have the direct integration
570
+ if( apbct_is_plugin_active( 'happyforms-upgrade/happyforms-upgrade.php' ) ||
571
+ apbct_is_plugin_active( 'happyforms/happyforms.php' ) &&
572
+ ( Post::get('happyforms_message_nonce') !== '' ) )
573
+ {
574
+ return 'happyform_skipped';
575
+ }
576
+ // Essentials addons for elementor - light and pro
577
+ if(
578
+ ( apbct_is_plugin_active( 'essential-addons-for-elementor-lite/essential_adons_elementor.php' ) ||
579
+ apbct_is_plugin_active( 'essential-addons-elementor/essential_adons_elementor.php' ) ) &&
580
+ ( Post::get('eael-login-submit') !== '' && Post::get('eael-user-login') !== '' ) )
581
+ {
582
+ return 'eael_login_skipped';
583
+ }
584
+ // Autonami Marketing Automations service request
585
+ if( apbct_is_rest() && Post::get('automation_id') !== '' && Post::get('unique_key') !== '' )
586
+ {
587
+ return 'autonami-rest';
588
+ }
589
+ //Skip wforms because of direct integration
590
+ if ( apbct_is_plugin_active( 'wpforms/wpforms.php' ) && isset( $_POST['wpforms'] ) ) {
591
+ return 'wp_forms';
592
+ }
593
  }
594
 
595
  return false;
inc/cleantalk-public.php CHANGED
@@ -716,7 +716,7 @@ function ct_die($comment_id, $comment_status) {
716
  $back_script = '';
717
  if( ! $ct_jp_comments ) {
718
  $back_script = '<script>setTimeout("history.back()", 5000);</script>';
719
- } else {
720
  $back_link = '<a href="' . $_SERVER['HTTP_REFERER'] . '">' . __('Back') . '</a>';
721
  }
722
 
@@ -793,7 +793,7 @@ function ct_die_extended($comment_body) {
793
  * Validates JavaScript anti-spam test
794
  *
795
  * @param string $field_name filed to serach in data
796
- * @param null $data Data to search in
797
  * @param bool $random_key
798
  *
799
  * @return int|null
716
  $back_script = '';
717
  if( ! $ct_jp_comments ) {
718
  $back_script = '<script>setTimeout("history.back()", 5000);</script>';
719
+ } else if( isset( $_SERVER['HTTP_REFERER'] ) ) {
720
  $back_link = '<a href="' . $_SERVER['HTTP_REFERER'] . '">' . __('Back') . '</a>';
721
  }
722
 
793
  * Validates JavaScript anti-spam test
794
  *
795
  * @param string $field_name filed to serach in data
796
+ * @param array|null $data Data to search in
797
  * @param bool $random_key
798
  *
799
  * @return int|null
inc/cleantalk-settings.php CHANGED
@@ -25,16 +25,15 @@ function apbct_settings_add_page() {
25
  if(!in_array($pagenow, array('options.php', 'options-general.php', 'settings.php', 'admin.php')))
26
  return;
27
 
28
- register_setting('cleantalk_settings', 'cleantalk_settings', 'apbct_settings__validate');
29
 
30
- $fields = array();
31
- $fields = apbct_settings__set_fileds($fields);
32
  $fields = APBCT_WPMS && is_main_site() ? apbct_settings__set_fileds__network($fields) : $fields;
33
  apbct_settings__add_groups_and_fields($fields);
34
 
35
  }
36
 
37
- function apbct_settings__set_fileds( $fields ){
38
  global $apbct;
39
 
40
  $additional_ac_title = '';
@@ -652,8 +651,8 @@ function apbct_settings__add_groups_and_fields( $fields ){
652
  );
653
 
654
  foreach($apbct->settings_fields_in_groups as $group_name => $group){
655
-
656
- add_settings_section('apbct_section__'.$group_name, '', 'apbct_section__'.$group_name, 'cleantalk-spam-protect');
657
 
658
  foreach($group['fields'] as $field_name => $field){
659
 
@@ -813,7 +812,6 @@ function apbct_settings__display() {
813
  if(!$apbct->white_label){
814
  // Translate banner for non EN locale
815
  if(substr(get_locale(), 0, 2) != 'en'){
816
- global $ct_translate_banner_template;
817
  require_once(CLEANTALK_PLUGIN_DIR.'templates/translate_banner.php');
818
  printf($ct_translate_banner_template, substr(get_locale(), 0, 2));
819
  }
@@ -945,7 +943,6 @@ function apbct_settings__field__state(){
945
  $img = $path_to_img."yes.png";
946
  $img_no = $path_to_img."no.png";
947
  $img_no_gray = $path_to_img."no_gray.png";
948
- $preloader = $path_to_img."preloader.gif";
949
  $color="black";
950
 
951
  if( ! $apbct->key_is_ok ){
@@ -1120,7 +1117,7 @@ function apbct_settings__field__action_buttons(){
1120
 
1121
  function apbct_settings__field__statistics() {
1122
 
1123
- global $apbct, $wpdb;
1124
 
1125
  echo '<div id="apbct_statistics" class="apbct_settings-field_wrapper" style="display: none;">';
1126
 
@@ -1239,9 +1236,7 @@ function apbct_get_all_child_domains($except_main_site = false) {
1239
  * @return array
1240
  */
1241
  function apbct_get_all_roles($except_subscriber = false) {
1242
-
1243
- global $wp_roles;
1244
-
1245
  $wp_roles = new WP_Roles();
1246
  $roles = $wp_roles->get_names();
1247
 
@@ -1503,7 +1498,7 @@ function apbct_settings__validate($settings) {
1503
 
1504
  // Sanitize setting values
1505
  foreach ($settings as &$setting ){
1506
- if( is_scalar( $setting ) )
1507
  $setting = preg_replace( '/[<"\'>]/', '', trim( $setting ) ); // Make HTML code inactive
1508
  }
1509
 
@@ -1659,12 +1654,12 @@ function apbct_settings__sync( $direct_call = false ){
1659
  'service_id' => $apbct->data['service_id'],
1660
  );
1661
  $apbct->saveNetworkData();
1662
- if (isset($settings['multisite__use_settings_template_apply_for_current_list_sites']) && !empty($settings['multisite__use_settings_template_apply_for_current_list_sites'])) {
1663
- apbct_update_blogs_options( $settings );
1664
  }
1665
  }
1666
  if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1667
- $settings['apikey'] = '';
1668
  }
1669
  }
1670
 
@@ -1711,11 +1706,11 @@ function apbct_settings__get_key_auto( $direct_call = false ) {
1711
 
1712
  $website = parse_url(get_option('siteurl'), PHP_URL_HOST).parse_url(get_option('siteurl'), PHP_URL_PATH);
1713
  $platform = 'wordpress';
1714
- $user_ip = \Cleantalk\ApbctWP\Helper::ip__get(array('real'), false);
1715
  $timezone = filter_input(INPUT_POST, 'ct_admin_timezone');
1716
  $language = apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1717
  $wpms = APBCT_WPMS && defined('SUBDOMAIN_INSTALL') && !SUBDOMAIN_INSTALL ? true : false;
1718
- $white_label = $apbct->network_settings['multisite__white_label'] ? 1 : 0;
1719
  $admin_email = get_option('admin_email');
1720
  if (function_exists('is_multisite') && is_multisite() && $apbct->white_label) {
1721
  $admin_email = get_site_option( 'admin_email' );
@@ -1840,13 +1835,10 @@ function apbct_settings__sanitize__exclusions($exclusions, $regexp = false){
1840
  case 0 :
1841
  default :
1842
  return implode( ',', $result );
1843
- break;
1844
  case 1 :
1845
  return implode( "\n", $result );
1846
- break;
1847
  case 2 :
1848
  return implode( "\r\n", $result );
1849
- break;
1850
  }
1851
  }
1852
 
@@ -1873,8 +1865,6 @@ function apbct_settings_show_gdpr_text($print = false){
1873
 
1874
  function apbct_settings__get__long_description(){
1875
 
1876
- global $apbct;
1877
-
1878
  check_ajax_referer('ct_secret_nonce' );
1879
 
1880
  $setting_id = $_POST['setting_id'] ? $_POST['setting_id'] : '';
25
  if(!in_array($pagenow, array('options.php', 'options-general.php', 'settings.php', 'admin.php')))
26
  return;
27
 
28
+ register_setting('cleantalk_settings', 'cleantalk_settings', array('type' => 'string', 'sanitize_callback' => 'apbct_settings__validate', 'default' => null));
29
 
30
+ $fields = apbct_settings__set_fileds();
 
31
  $fields = APBCT_WPMS && is_main_site() ? apbct_settings__set_fileds__network($fields) : $fields;
32
  apbct_settings__add_groups_and_fields($fields);
33
 
34
  }
35
 
36
+ function apbct_settings__set_fileds( ){
37
  global $apbct;
38
 
39
  $additional_ac_title = '';
651
  );
652
 
653
  foreach($apbct->settings_fields_in_groups as $group_name => $group){
654
+
655
+ add_settings_section('apbct_section__'.$group_name, '', '', 'cleantalk-spam-protect');
656
 
657
  foreach($group['fields'] as $field_name => $field){
658
 
812
  if(!$apbct->white_label){
813
  // Translate banner for non EN locale
814
  if(substr(get_locale(), 0, 2) != 'en'){
 
815
  require_once(CLEANTALK_PLUGIN_DIR.'templates/translate_banner.php');
816
  printf($ct_translate_banner_template, substr(get_locale(), 0, 2));
817
  }
943
  $img = $path_to_img."yes.png";
944
  $img_no = $path_to_img."no.png";
945
  $img_no_gray = $path_to_img."no_gray.png";
 
946
  $color="black";
947
 
948
  if( ! $apbct->key_is_ok ){
1117
 
1118
  function apbct_settings__field__statistics() {
1119
 
1120
+ global $apbct;
1121
 
1122
  echo '<div id="apbct_statistics" class="apbct_settings-field_wrapper" style="display: none;">';
1123
 
1236
  * @return array
1237
  */
1238
  function apbct_get_all_roles($except_subscriber = false) {
1239
+
 
 
1240
  $wp_roles = new WP_Roles();
1241
  $roles = $wp_roles->get_names();
1242
 
1498
 
1499
  // Sanitize setting values
1500
  foreach ($settings as &$setting ){
1501
+ if( is_string( $setting ) )
1502
  $setting = preg_replace( '/[<"\'>]/', '', trim( $setting ) ); // Make HTML code inactive
1503
  }
1504
 
1654
  'service_id' => $apbct->data['service_id'],
1655
  );
1656
  $apbct->saveNetworkData();
1657
+ if (isset($apbct->settings['multisite__use_settings_template_apply_for_current_list_sites']) && !empty($apbct->settings['multisite__use_settings_template_apply_for_current_list_sites'])) {
1658
+ apbct_update_blogs_options( $apbct->settings );
1659
  }
1660
  }
1661
  if(!$apbct->white_label && !is_main_site() && !$apbct->allow_custom_key){
1662
+ $apbct->settings['apikey'] = '';
1663
  }
1664
  }
1665
 
1706
 
1707
  $website = parse_url(get_option('siteurl'), PHP_URL_HOST).parse_url(get_option('siteurl'), PHP_URL_PATH);
1708
  $platform = 'wordpress';
1709
+ $user_ip = \Cleantalk\ApbctWP\Helper::ip__get('real', false);
1710
  $timezone = filter_input(INPUT_POST, 'ct_admin_timezone');
1711
  $language = apbct_get_server_variable( 'HTTP_ACCEPT_LANGUAGE' );
1712
  $wpms = APBCT_WPMS && defined('SUBDOMAIN_INSTALL') && !SUBDOMAIN_INSTALL ? true : false;
1713
+ $white_label = $apbct->network_settings['multisite__white_label'] ? true : false;
1714
  $admin_email = get_option('admin_email');
1715
  if (function_exists('is_multisite') && is_multisite() && $apbct->white_label) {
1716
  $admin_email = get_site_option( 'admin_email' );
1835
  case 0 :
1836
  default :
1837
  return implode( ',', $result );
 
1838
  case 1 :
1839
  return implode( "\n", $result );
 
1840
  case 2 :
1841
  return implode( "\r\n", $result );
 
1842
  }
1843
  }
1844
 
1865
 
1866
  function apbct_settings__get__long_description(){
1867
 
 
 
1868
  check_ajax_referer('ct_secret_nonce' );
1869
 
1870
  $setting_id = $_POST['setting_id'] ? $_POST['setting_id'] : '';
inc/cleantalk-widget.php CHANGED
@@ -83,9 +83,9 @@ class cleantalk_widget extends WP_Widget
83
  {
84
  // Widget admin form
85
 
86
- $title = isset( $instance[ 'title' ] ) ? $instance[ 'title' ] : $title = __( 'Spam blocked', 'cleantalk-spam-protect');
87
- $style = isset( $instance[ 'style' ] ) ? $instance[ 'style' ] : $style = 'ct_style';
88
- $refid = isset( $instance[ 'refid' ] ) ? $instance[ 'refid' ] : $refid = '';
89
  // Title field
90
  echo '<p>'
91
  .'<label for="' . $this->get_field_id( 'title' ) . '">' . __( 'Title:', 'cleantalk-spam-protect') . '</label>'
@@ -106,6 +106,8 @@ class cleantalk_widget extends WP_Widget
106
  .'<label for="' . $this->get_field_id( 'refid' ) . '">' . __( 'Referal link ID:', 'cleantalk-spam-protect') . '</label>'
107
  .'<input class="widefat" id="'.$this->get_field_id( 'refid' ).'" name="'.$this->get_field_name( 'refid' ).'" type="text" value="'.$refid.'" />'
108
  .'</p>';
 
 
109
  }
110
 
111
  // Updating widget replacing old instances with new
83
  {
84
  // Widget admin form
85
 
86
+ $title = isset( $instance[ 'title' ] ) ? $instance[ 'title' ] : __( 'Spam blocked', 'cleantalk-spam-protect');
87
+ $style = isset( $instance[ 'style' ] ) ? $instance[ 'style' ] : 'ct_style';
88
+ $refid = isset( $instance[ 'refid' ] ) ? $instance[ 'refid' ] : '';
89
  // Title field
90
  echo '<p>'
91
  .'<label for="' . $this->get_field_id( 'title' ) . '">' . __( 'Title:', 'cleantalk-spam-protect') . '</label>'
106
  .'<label for="' . $this->get_field_id( 'refid' ) . '">' . __( 'Referal link ID:', 'cleantalk-spam-protect') . '</label>'
107
  .'<input class="widefat" id="'.$this->get_field_id( 'refid' ).'" name="'.$this->get_field_name( 'refid' ).'" type="text" value="'.$refid.'" />'
108
  .'</p>';
109
+
110
+ return 'noform';
111
  }
112
 
113
  // Updating widget replacing old instances with new
lib/Cleantalk/ApbctWP/Ajax.php CHANGED
@@ -17,7 +17,17 @@ class Ajax {
17
  define( 'SHORTINIT', true );
18
 
19
  require_once( '../../../../../../wp-load.php' );
 
 
 
 
 
 
 
 
 
20
  require_once( '../../../../../../wp-includes/pluggable.php' );
 
21
 
22
  $this->checkRequest();
23
 
@@ -112,13 +122,25 @@ class Ajax {
112
  private function wp_verify_nonce( $nonce, $action )
113
  {
114
  $nonce = (string) $nonce;
115
- $uid = apply_filters( 'nonce_user_logged_out', 0, $action );
 
 
 
 
 
 
 
 
 
 
 
 
116
 
117
  if ( empty( $nonce ) ) {
118
  return false;
119
  }
120
 
121
- $token = '';
122
  $i = $this->wp_nonce_tick();
123
 
124
  // Nonce generated 0-12 hours ago.
@@ -149,6 +171,12 @@ class Ajax {
149
  return ceil( time() / ( $nonce_life / 2 ) );
150
  }
151
 
 
 
 
 
 
 
152
  }
153
 
154
  new Ajax();
17
  define( 'SHORTINIT', true );
18
 
19
  require_once( '../../../../../../wp-load.php' );
20
+ require_once( '../../../../../../wp-includes/capabilities.php' );
21
+ require_once( '../../../../../../wp-includes/class-wp-role.php' );
22
+ require_once( '../../../../../../wp-includes/class-wp-roles.php' );
23
+ require_once( '../../../../../../wp-includes/user.php' );
24
+ require_once( '../../../../../../wp-includes/class-wp-user.php' );
25
+ require_once( '../../../../../../wp-includes/option.php' );
26
+ require_once( '../../../../../../wp-includes/default-constants.php' );
27
+ wp_plugin_directory_constants();
28
+ wp_cookie_constants();
29
  require_once( '../../../../../../wp-includes/pluggable.php' );
30
+ require_once( '../../../inc/cleantalk-pluggable.php' );
31
 
32
  $this->checkRequest();
33
 
122
  private function wp_verify_nonce( $nonce, $action )
123
  {
124
  $nonce = (string) $nonce;
125
+ $user = apbct_wp_get_current_user();
126
+ $uid = is_null( $user ) ? 0 : $user->ID;
127
+ if ( ! $uid ) {
128
+ /**
129
+ * Filters whether the user who generated the nonce is logged out.
130
+ *
131
+ * @since 3.5.0
132
+ *
133
+ * @param int $uid ID of the nonce-owning user.
134
+ * @param string $action The nonce action.
135
+ */
136
+ $uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
137
+ }
138
 
139
  if ( empty( $nonce ) ) {
140
  return false;
141
  }
142
 
143
+ $token = $this->wp_get_session_token();
144
  $i = $this->wp_nonce_tick();
145
 
146
  // Nonce generated 0-12 hours ago.
171
  return ceil( time() / ( $nonce_life / 2 ) );
172
  }
173
 
174
+ private function wp_get_session_token()
175
+ {
176
+ $cookie = wp_parse_auth_cookie( '', 'logged_in' );
177
+ return ! empty( $cookie['token'] ) ? $cookie['token'] : '';
178
+ }
179
+
180
  }
181
 
182
  new Ajax();
lib/Cleantalk/ApbctWP/Firewall/SFW.php CHANGED
@@ -467,6 +467,8 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
467
 
468
  public static function direct_update( $db, $db__table__data, array $blacklists ){
469
 
 
 
470
  for( $count_result = 0; current($blacklists) !== false; ) {
471
 
472
  $query = "INSERT INTO ".$db__table__data." (network, mask, status) VALUES ";
@@ -554,7 +556,9 @@ class SFW extends \Cleantalk\Common\Firewall\FirewallModule {
554
  $data = Helper::http__get_data_from_remote_gz__and_parse_csv( $file_url );
555
 
556
  if( empty( $data['errors'] ) ){
557
-
 
 
558
  for( $count_result = 0; current($data) !== false; ) {
559
 
560
  $query = "INSERT INTO ".$db__table__data." (network, mask, status, source) VALUES ";
467
 
468
  public static function direct_update( $db, $db__table__data, array $blacklists ){
469
 
470
+ reset($blacklists);
471
+
472
  for( $count_result = 0; current($blacklists) !== false; ) {
473
 
474
  $query = "INSERT INTO ".$db__table__data." (network, mask, status) VALUES ";
556
  $data = Helper::http__get_data_from_remote_gz__and_parse_csv( $file_url );
557
 
558
  if( empty( $data['errors'] ) ){
559
+
560
+ reset($data);
561
+
562
  for( $count_result = 0; current($data) !== false; ) {
563
 
564
  $query = "INSERT INTO ".$db__table__data." (network, mask, status, source) VALUES ";
lib/Cleantalk/Common/Cron.php CHANGED
@@ -101,20 +101,22 @@ abstract class Cron
101
  {
102
  // First call time() + period
103
  $first_call = ! $first_call ? time() + $period : $first_call;
104
-
105
- if( isset( $this->tasks[ $task ] ) ){
 
 
106
  return false;
107
  }
108
 
109
  // Task entry
110
- $this->tasks[$task] = array(
111
  'handler' => $handler,
112
  'next_call' => $first_call,
113
  'period' => $period,
114
  'params' => $params,
115
  );
116
 
117
- return $this->saveTasks( $this->tasks );
118
  }
119
 
120
  /**
@@ -126,13 +128,14 @@ abstract class Cron
126
  */
127
  public function removeTask( $task )
128
  {
129
- if( ! isset( $this->tasks[ $task ] ) ){
 
130
  return false;
131
  }
132
 
133
- unset( $this->tasks[ $task ] );
134
 
135
- return $this->saveTasks( $this->tasks );
136
  }
137
 
138
  /**
@@ -153,7 +156,7 @@ abstract class Cron
153
  // Rewrite the task
154
  $tasks[$task] = array(
155
  'handler' => $handler,
156
- 'next_call' => $first_call,
157
  'period' => $period,
158
  'params' => $params,
159
  );
101
  {
102
  // First call time() + period
103
  $first_call = ! $first_call ? time() + $period : $first_call;
104
+
105
+ $tasks = ! empty( $this->tasks ) ? $this->tasks : $this->getTasks();
106
+
107
+ if( isset( $tasks[ $task ] ) ){
108
  return false;
109
  }
110
 
111
  // Task entry
112
+ $tasks[$task] = array(
113
  'handler' => $handler,
114
  'next_call' => $first_call,
115
  'period' => $period,
116
  'params' => $params,
117
  );
118
 
119
+ return $this->saveTasks( $tasks );
120
  }
121
 
122
  /**
128
  */
129
  public function removeTask( $task )
130
  {
131
+ $tasks = ! empty( $this->tasks ) ? $this->tasks : $this->getTasks();
132
+ if( ! isset( $tasks[ $task ] ) ){
133
  return false;
134
  }
135
 
136
+ unset( $tasks[ $task ] );
137
 
138
+ return $this->saveTasks( $tasks );
139
  }
140
 
141
  /**
156
  // Rewrite the task
157
  $tasks[$task] = array(
158
  'handler' => $handler,
159
+ 'next_call' => is_null( $first_call ) ? time() + $period : $first_call,
160
  'period' => $period,
161
  'params' => $params,
162
  );
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: spam, antispam, anti-spam, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 5.8
6
  Requires PHP: 5.6
7
- Stable tag: 5.159.8
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
@@ -573,6 +573,14 @@ If your website has forms that send data to external sources, you can enable opt
573
 
574
  == Changelog ==
575
 
 
 
 
 
 
 
 
 
576
  = 5.159.8 Jul 07 2021 =
577
  * Fix: Fixed the connection error Ajax.php when the site files are in a subfolder.
578
  * Fix. SFW. Anticrawler redirect detection fixed.
4
  Requires at least: 3.0
5
  Tested up to: 5.8
6
  Requires PHP: 5.6
7
+ Stable tag: 5.159.9
8
  License: GPLv2
9
 
10
  Spam protection, anti-spam, firewall, premium plugin. No spam comments & users, no spam contact form & WooCommerce anti-spam.
573
 
574
  == Changelog ==
575
 
576
+ = 5.159.9 Jul 15 2021 =
577
+ * Fix. SFW. Updating cooldown increased up to 15 min.
578
+ * Fix. Cron. Next call time set by task updating fixed.
579
+ * Fix. SFW. Reset blacklist array before processing.
580
+ * Fix. SFW. Some errors handling fixed.
581
+ * Fix. SFW. Getting update period from dns fixed.
582
+ * Fix. Ajax. Checking nonce for logged in users fixed.
583
+
584
  = 5.159.8 Jul 07 2021 =
585
  * Fix: Fixed the connection error Ajax.php when the site files are in a subfolder.
586
  * Fix. SFW. Anticrawler redirect detection fixed.