Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

2015-12-01 = * Backend interface fixes * Improved Spam FireWall efficiency * Improved performance of anti spam checking

Release Info

Developer	shagimuratov
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	5.33
Comparing to
See all releases

Code changes from version 5.32 to 5.33

Files changed (6) hide show

cleantalk.php +69 -66
inc/cleantalk-admin.php +9 -9
inc/cleantalk-common.php +1 -1
inc/cleantalk-public.php +3 -3
inc/cleantalk-sfw.class.php +49 -37
readme.txt +23 -14

cleantalk.php CHANGED Viewed

	@@ -3,11 +3,11 @@
3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, captcha less, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	- Version: 5.32
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10	- $cleantalk_plugin_version='5.32';
11	$cleantalk_executed=false;
12
13	if(defined('CLEANTALK_AJAX_USE_BUFFER'))
	@@ -48,32 +48,35 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
48	{
49	$value=0;
50	}
51	-
52	- if($value==1 && !is_admin() && stripos($_SERVER['REQUEST_URI'],'/wp-admin/')===false) //&& (!isset($_POST) \|\| isset($_POST) && sizeof($_POST)==0)
53	{
54	$is_sfw_check=true;
55	- ~~if(isset(~~$~~_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key']==md5(~~cleantalk_get_ip()~~.$ct_options['apikey']))~~
56	- {
57	- ~~$is_sfw_check=false;~~
58	- if(isset($_COOKIE['~~ct_sfw_passed~~']))
59	- {
60	- ~~if(isset(~~$~~ct_data['sfw_log']))~~
61	- {
62	- ~~$sfw_log=$ct_data['sfw_log'];~~
63	- }
64	- ~~else~~
65	- {
66	- ~~$sfw_log=array();~~
67	- ~~$sfw_log[cleantalk_get_ip()]=Array();~~
68	- }
69	- $sfw_log~~[cleantalk_get_ip~~()~~]['allow']++;~~
70	- $~~ct_data~~[~~'sfw_log'~~] = ~~$sfw_log~~;
71	- ~~update_option('cleantalk_data', $ct_data);~~
72	- ~~@setcookie (~~'~~ct_sfw_passed~~'~~, '0', 1, "/");~~
73	- }
74	- ~~//@$ct_data[~~'~~sfw_log~~'~~][cleantalk_get_ip(~~)~~]['all']++;~~
75	- ~~//update_option~~('~~cleantalk_data~~', ~~$ct_data~~);
76	- }




77	if($is_sfw_check)
78	{
79	//include_once("cleantalk-sfw.php");
	@@ -173,42 +176,43 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
173	if (is_admin()\|\|is_network_admin())
174	{
175	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
176	- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)) {
177	- ~~add_action('admin_init', 'ct_admin_init', 1);~~
178	- add_action('~~admin_menu~~', '~~ct_admin_add_page~~');
179	- if(~~is_network_admin(~~))
180	- {
181	- ~~add_action('network_admin_menu', 'ct_admin_add_page');~~
182	- }
183	- ~~add_action('admin_notices', 'cleantalk_admin_notice_message');~~
184	- }
185	- ~~if (defined( 'DOING_AJAX' ) && DOING_AJAX\|\|isset($_POST['cma-action']))~~

186	{
187	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
188	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
189	}
190
191	- add_action('admin_enqueue_scripts', 'ct_enqueue_scripts');
192	- if($pagenow=='edit-comments.php')
193	- {
194	- add_action('comment_unapproved_to_approvecomment', 'ct_comment_approved'); // param - comment object
195	- add_action('comment_unapproved_to_approved', 'ct_comment_approved'); // param - comment object
196	- add_action('comment_approved_to_unapproved', 'ct_comment_unapproved'); // param - comment object
197	- add_action('comment_unapproved_to_spam', 'ct_comment_spam'); // param - comment object
198	- add_action('comment_approved_to_spam', 'ct_comment_spam'); // param - comment object
199	- //add_filter('get_comment_text', 'ct_get_comment_text'); // param - current comment text
200	- add_filter('unspam_comment', 'ct_unspam_comment');
201	- }
202	- if($pagenow=='users.php')
203	- {
204	- add_action('delete_user', 'ct_delete_user');
205	- }
206	- if($pagenow=='plugins.php' \|\| @strpos($_SERVER['REQUEST_URI'],'plugins.php')!==false)
207	- {
208	- add_filter('plugin_row_meta', 'ct_register_plugin_links', 10, 2);
209	- add_filter('plugin_action_links', 'ct_plugin_action_links', 10, 2);
210	- }
211	- add_action('updated_option', 'ct_update_option'); // param - option name, i.e. 'cleantalk_settings'
212	}else{
213	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
214
	@@ -452,6 +456,7 @@ INDEX ( `network` , `mask` )
452
453	function cleantalk_get_ip()
454	{

455	if ( function_exists( 'apache_request_headers' ) )
456	{
457	$headers = apache_request_headers();
	@@ -463,22 +468,20 @@ function cleantalk_get_ip()
463	if ( array_key_exists( 'X-Forwarded-For', $headers ) )
464	{
465	$the_ip=explode(",", trim($headers['X-Forwarded-For']));
466	- $~~the_ip~~ = trim($the_ip[0]);
467	}
468	- ~~elseif~~ ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ))
469	{
470	$the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
471	- $~~the_ip~~ = trim($the_ip[0]);
472	- }
473	- else
474	- {
475	- $the_ip = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
476	}


477	if(isset($_GET['sfw_test_ip']))
478	{
479	- $~~the_ip~~=$_GET['sfw_test_ip'];
480	}
481	- return $~~the_ip~~;
482	}
483
484	function ct_send_sfw_log()


3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, captcha less, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	+ Version: 5.33
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10	+ $cleantalk_plugin_version='5.33';
11	$cleantalk_executed=false;
12
13	if(defined('CLEANTALK_AJAX_USE_BUFFER'))

48	{
49	$value=0;
50	}
51	+ if($value==1 && !is_admin() && stripos($_SERVER['REQUEST_URI'],'/wp-admin/')===false \|\| stripos($_SERVER['REQUEST_URI'],basename(admin_url('admin-ajax.php')))!=false) //&& (!isset($_POST) \|\| isset($_POST) && sizeof($_POST)==0)

52	{
53	$is_sfw_check=true;
54	+ $ip=cleantalk_get_ip();
55	+ for($i=0;$i<sizeof($ip);$i++)
56	+ {
57	+ if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key']==md5($ip[$i].$ct_options['apikey']))
58	+ {
59	+ $is_sfw_check=false;
60	+ if(isset($_COOKIE['ct_sfw_passed']))
61	+ {
62	+ if(isset($ct_data['sfw_log']))
63	+ {
64	+ $sfw_log=$ct_data['sfw_log'];
65	+ }
66	+ else
67	+ {
68	+ $sfw_log=array();
69	+ $sfw_log[$ip[$i]]=Array();
70	+ }
71	+ $sfw_log[$ip[$i]]['allow']++;
72	+ $ct_data['sfw_log'] = $sfw_log;
73	+ update_option('cleantalk_data', $ct_data);
74	+ @setcookie ('ct_sfw_passed', '0', 1, "/");
75	+ }
76	+ //@$ct_data['sfw_log'][cleantalk_get_ip()]['all']++;
77	+ //update_option('cleantalk_data', $ct_data);
78	+ }
79	+ }
80	if($is_sfw_check)
81	{
82	//include_once("cleantalk-sfw.php");

176	if (is_admin()\|\|is_network_admin())
177	{
178	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
179	+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX))
180	+ {
181	+ add_action('admin_init', 'ct_admin_init', 1);
182	+ add_action('admin_menu', 'ct_admin_add_page');
183	+ if(is_network_admin())
184	+ {
185	+ add_action('network_admin_menu', 'ct_admin_add_page');
186	+ }
187	+ add_action('admin_notices', 'cleantalk_admin_notice_message');
188	+ }
189	+ if (defined( 'DOING_AJAX' ) && DOING_AJAX\|\|isset($_POST['cma-action']))
190	{
191	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
192	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
193	}
194
195	+ add_action('admin_enqueue_scripts', 'ct_enqueue_scripts');
196	+ if($pagenow=='edit-comments.php')
197	+ {
198	+ add_action('comment_unapproved_to_approvecomment', 'ct_comment_approved'); // param - comment object
199	+ add_action('comment_unapproved_to_approved', 'ct_comment_approved'); // param - comment object
200	+ add_action('comment_approved_to_unapproved', 'ct_comment_unapproved'); // param - comment object
201	+ add_action('comment_unapproved_to_spam', 'ct_comment_spam'); // param - comment object
202	+ add_action('comment_approved_to_spam', 'ct_comment_spam'); // param - comment object
203	+ //add_filter('get_comment_text', 'ct_get_comment_text'); // param - current comment text
204	+ add_filter('unspam_comment', 'ct_unspam_comment');
205	+ }
206	+ if($pagenow=='users.php')
207	+ {
208	+ add_action('delete_user', 'ct_delete_user');
209	+ }
210	+ if($pagenow=='plugins.php' \|\| @strpos($_SERVER['REQUEST_URI'],'plugins.php')!==false)
211	+ {
212	+ add_filter('plugin_row_meta', 'ct_register_plugin_links', 10, 2);
213	+ add_filter('plugin_action_links', 'ct_plugin_action_links', 10, 2);
214	+ }
215	+ add_action('updated_option', 'ct_update_option'); // param - option name, i.e. 'cleantalk_settings'
216	}else{
217	require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
218

456
457	function cleantalk_get_ip()
458	{
459	+ $result=Array();
460	if ( function_exists( 'apache_request_headers' ) )
461	{
462	$headers = apache_request_headers();

468	if ( array_key_exists( 'X-Forwarded-For', $headers ) )
469	{
470	$the_ip=explode(",", trim($headers['X-Forwarded-For']));
471	+ $result[] = trim($the_ip[0]);
472	}
473	+ if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ))
474	{
475	$the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
476	+ $result[] = trim($the_ip[0]);




477	}
478	+ $result[] = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
479	+
480	if(isset($_GET['sfw_test_ip']))
481	{
482	+ $result[]=$_GET['sfw_test_ip'];
483	}
484	+ return $result;
485	}
486
487	function ct_send_sfw_log()

inc/cleantalk-admin.php CHANGED Viewed

	@@ -138,7 +138,7 @@ function ct_admin_init()
138	));
139	}
140
141	- if(@isset($_POST['cleantalk_settings']['spam_firewall']) && $_POST['cleantalk_settings']['spam_firewall']==1 ~~\|\| isset($ct_options['spam_firewall']~~) ~~&& intval($ct_options['spam_firewall'])==1)~~
142	{
143	cleantalk_update_sfw();
144	}
	@@ -279,7 +279,7 @@ function ct_admin_init()
279	}
280
281	// Save next status request time
282	- $ct_data['next_account_status_check'] = ~~strtotime("+$notice_check_timeout hours",~~ time());
283	update_option('cleantalk_data', $ct_data);
284	}
285
	@@ -1027,7 +1027,7 @@ function cleantalk_admin_notice_message(){
1027	$show_notice = false;
1028	}
1029
1030	- if ($show_notice && $show_ct_notice_trial && $value==1 && (is_network_admin() \|\| ~~(!defined('WP_ALLOW_MULTISITE')\|\|defined('WP_ALLOW_MULTISITE')&&WP_ALLOW_MULTISITE==false) &&~~ is_admin())) {
1031	echo '<div class="error"><h3>' . sprintf(__("%s trial period ends, please upgrade to %s!", 'cleantalk'), "<a href=\"options-general.php?page=cleantalk\">$ct_plugin_name</a>", "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20trial$user_token\" target=\"_blank\"><b>premium version</b></a>") . '</h3></div>';
1032	$show_notice = false;
1033	}
	@@ -1051,18 +1051,18 @@ function cleantalk_admin_notice_message(){
1051	$link="?close_notice=1";
1052	}
1053
1054	- if ($show_notice && $show_ct_notice_renew && $value==1 && time()>$next_notice_show && (is_network_admin() \|\| ~~(!defined('WP_ALLOW_MULTISITE')\|\|defined('WP_ALLOW_MULTISITE')&&WP_ALLOW_MULTISITE==false) &&~~ is_admin())) {
1055	$button_html = "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20renew$user_token\" target=\"_blank\">" . '<input type="button" class="button button-primary" value="' . __('RENEW ANTI-SPAM', 'cleantalk') . '" />' . "</a>";
1056	echo '<div class="updated"><a href="'.$link.'" style="text-decoration:none;float:right;font-size:16px;margin-top:5px;"><b>X</b></a><h3>' . sprintf(__("Please renew your anti-spam license for %s.", 'cleantalk'), "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20renew$user_token\" target=\"_blank\"><b>" . __('next year', 'cleantalk') ."</b></a>") . '<br /><br />' . $button_html . '</h3></div>';
1057	$show_notice = false;
1058	}
1059
1060	- if ($show_notice && $show_ct_notice_online != '' && $value==1 && (is_network_admin() \|\| ~~(!defined('WP_ALLOW_MULTISITE')\|\|defined('WP_ALLOW_MULTISITE')&&WP_ALLOW_MULTISITE==false) &&~~ is_admin())) {
1061	if($show_ct_notice_online === 'Y'){
1062	- echo '<div class="updated"><h3><b>';
1063	//echo __("Don’t forget to disable CAPTCHA if you have it!", 'cleantalk');
1064	- echo __("Settings updated!", 'cleantalk');
1065	- echo '</b></h3></div>';
1066	}
1067
1068	if($show_ct_notice_online === 'N' && $value==1 && (is_network_admin() \|\| (!defined('WP_ALLOW_MULTISITE')\|\|defined('WP_ALLOW_MULTISITE')&&WP_ALLOW_MULTISITE==false) && is_admin())){
	@@ -1259,7 +1259,7 @@ function ct_update_option($option_name) {
1259	$ct_options['apikey'] = $api_key;
1260	}
1261
1262	- if(@isset($_POST['cleantalk_settings']['spam_firewall']) && $_POST['cleantalk_settings']['spam_firewall']==1 ~~\|\| isset($ct_options['spam_firewall']~~) ~~&& intval($ct_options['spam_firewall'])==1)~~
1263	{
1264	cleantalk_update_sfw();
1265	}


138	));
139	}
140
141	+ if(@isset($_POST['cleantalk_settings']['spam_firewall']) && $_POST['cleantalk_settings']['spam_firewall']==1)
142	{
143	cleantalk_update_sfw();
144	}

279	}
280
281	// Save next status request time
282	+ $ct_data['next_account_status_check'] = time()+86400;
283	update_option('cleantalk_data', $ct_data);
284	}
285

1027	$show_notice = false;
1028	}
1029
1030	+ if ($show_notice && $show_ct_notice_trial && $value==1 && (is_network_admin() \|\| is_admin())) {
1031	echo '<div class="error"><h3>' . sprintf(__("%s trial period ends, please upgrade to %s!", 'cleantalk'), "<a href=\"options-general.php?page=cleantalk\">$ct_plugin_name</a>", "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20trial$user_token\" target=\"_blank\"><b>premium version</b></a>") . '</h3></div>';
1032	$show_notice = false;
1033	}

1051	$link="?close_notice=1";
1052	}
1053
1054	+ if ($show_notice && $show_ct_notice_renew && $value==1 && time()>$next_notice_show && (is_network_admin() \|\| is_admin())) {
1055	$button_html = "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20renew$user_token\" target=\"_blank\">" . '<input type="button" class="button button-primary" value="' . __('RENEW ANTI-SPAM', 'cleantalk') . '" />' . "</a>";
1056	echo '<div class="updated"><a href="'.$link.'" style="text-decoration:none;float:right;font-size:16px;margin-top:5px;"><b>X</b></a><h3>' . sprintf(__("Please renew your anti-spam license for %s.", 'cleantalk'), "<a href=\"http://cleantalk.org/my/bill/recharge?utm_source=wp-backend&utm_medium=cpc&utm_campaign=WP%20backend%20renew$user_token\" target=\"_blank\"><b>" . __('next year', 'cleantalk') ."</b></a>") . '<br /><br />' . $button_html . '</h3></div>';
1057	$show_notice = false;
1058	}
1059
1060	+ if ($show_notice && $show_ct_notice_online != '' && $value==1 && (is_network_admin() \|\| is_admin())) {
1061	if($show_ct_notice_online === 'Y'){
1062	+ //echo '<div class="updated"><h3><b>';
1063	//echo __("Don’t forget to disable CAPTCHA if you have it!", 'cleantalk');
1064	+ //echo __("Settings updated!", 'cleantalk');
1065	+ //echo '</b></h3></div>';
1066	}
1067
1068	if($show_ct_notice_online === 'N' && $value==1 && (is_network_admin() \|\| (!defined('WP_ALLOW_MULTISITE')\|\|defined('WP_ALLOW_MULTISITE')&&WP_ALLOW_MULTISITE==false) && is_admin())){

1259	$ct_options['apikey'] = $api_key;
1260	}
1261
1262	+ if(@isset($_POST['cleantalk_settings']['spam_firewall']) && $_POST['cleantalk_settings']['spam_firewall']==1)
1263	{
1264	cleantalk_update_sfw();
1265	}

inc/cleantalk-common.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2
3	- $ct_agent_version = 'wordpress-~~532~~';
4	$ct_plugin_name = 'Anti-spam by CleanTalk';
5	$ct_checkjs_frm = 'ct_checkjs_frm';
6	$ct_checkjs_register_form = 'ct_checkjs_register_form';


1	<?php
2
3	+ $ct_agent_version = 'wordpress-533';
4	$ct_plugin_name = 'Anti-spam by CleanTalk';
5	$ct_checkjs_frm = 'ct_checkjs_frm';
6	$ct_checkjs_register_form = 'ct_checkjs_register_form';

inc/cleantalk-public.php CHANGED Viewed

	@@ -1,6 +1,5 @@
1	<?php
2
3	-
4	/**
5	* Init functions
6	* @return mixed[] Array of options
	@@ -317,7 +316,7 @@ setTimeout(function(){var ct_input_name = \'%s\';var ct_input_value = document.g
317	function ct_is_user_enable() {
318	global $current_user;
319
320	- if (!isset($current_user->roles)) {
321	return true;
322	}
323
	@@ -327,7 +326,8 @@ function ct_is_user_enable() {
327	return false;
328	}
329
330	- return true;

331	}
332
333	/**


1	<?php
2

3	/**
4	* Init functions
5	* @return mixed[] Array of options

316	function ct_is_user_enable() {
317	global $current_user;
318
319	+ /*if (!isset($current_user->roles)) {
320	return true;
321	}
322

326	return false;
327	}
328
329	+ return true;*/
330	+ return !current_user_can('publish_posts');
331	}
332
333	/**

inc/cleantalk-sfw.class.php CHANGED Viewed

	@@ -3,6 +3,9 @@ class CleanTalkSFW
3	{
4	public $ip = 0;
5	public $ip_str = '';



6	public $result = false;
7
8	public function cleantalk_get_real_ip()
	@@ -19,65 +22,74 @@ class CleanTalkSFW
19	{
20	$the_ip=explode(",", trim($headers['X-Forwarded-For']));
21	$the_ip = trim($the_ip[0]);


22	}
23	- ~~elseif~~ ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ))
24	{
25	$the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
26	$the_ip = trim($the_ip[0]);


27	}
28	- ~~else~~
29	- {
30	- $~~the_ip~~ = ~~filter_var~~( $~~_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4~~ );
31	- }
32	if(isset($_GET['sfw_test_ip']))
33	{
34	$the_ip=$_GET['sfw_test_ip'];


35	}
36	- $this->ip_str=$the_ip;
37	- $this->ip=sprintf("%u", ip2long($the_ip));
38	//print sprintf("%u", ip2long($the_ip));
39	}
40
41	public function check_ip()
42	{
43	global $wpdb,$ct_options, $ct_data;
44	- ~~//print "select network from `".$wpdb->base_prefix."cleantalk_sfw` where ".$this->ip." & mask~~ = ~~network~~;";
45	- $r = $~~wpdb->get_results("select network from `".$wpdb->base_prefix."cleantalk_sfw` where network = ".$~~this->~~ip." & mask;", ARRAY_A~~);
46	-
47	- if(isset($ct_data['sfw_log']))
48	- {
49	- $sfw_log=$ct_data['sfw_log'];
50	- }
51	- else
52	- {
53	- $sfw_log=array();
54	- }
55	-
56	- /*if(isset($sfw_log[$this->ip_str]))
57	- {
58	- $sfw_log[$this->ip_str]['all']++;
59	- }
60	- else
61	{
62	- ~~$sfw_log[$this->ip_str]~~ = ~~Array('datetime'=>time(),~~ ~~'all'~~ => 1, ~~'allow'~~ => 0);
63	- ~~}*/~~

64
65	- if(~~sizeof~~($r)>0)
66	- {
67	- $~~this->result=true~~;
68	- ~~if(isset($sfw_log[$this->ip_str]))~~






69	{
70	- $~~sfw_log[$~~this->~~ip_str]['all']++;~~









71	}
72	else
73	{
74	- $sfw_log[$this->ip_str] ~~= Array(~~'~~datetime'=>time(), 'all' => 1, '~~allow' ~~=> 0);~~


75	}

76	}
77	- ~~else~~
78	{
79	- ~~//$sfw_log[~~$~~this->ip_str]~~['~~allow~~']~~++;~~
80	- @setcookie ('ct_sfw_pass_key', md5($this->ip_str.$ct_options['apikey']), 0, "/");
81	}
82	$ct_data['sfw_log'] = $sfw_log;
83	update_option('cleantalk_data', $ct_data);
	@@ -87,9 +99,9 @@ class CleanTalkSFW
87	{
88	global $ct_options, $ct_data;
89	$sfw_die_page=file_get_contents(dirname(__FILE__)."/sfw_die_page.html");
90	- $sfw_die_page=str_replace("{REMOTE_ADDRESS}",$this->~~ip_str~~,$sfw_die_page);
91	$sfw_die_page=str_replace("{REQUEST_URI}",$_SERVER['REQUEST_URI'],$sfw_die_page);
92	- $sfw_die_page=str_replace("{SFW_COOKIE}",md5($this->~~ip_str~~.$ct_options['apikey']),$sfw_die_page);
93	@header('HTTP/1.0 403 Forbidden');
94	wp_die( $sfw_die_page, "Blacklisted", Array('response'=>403) );
95	}


3	{
4	public $ip = 0;
5	public $ip_str = '';
6	+ public $ip_array = Array();
7	+ public $ip_str_array = Array();
8	+ public $blocked_ip = '';
9	public $result = false;
10
11	public function cleantalk_get_real_ip()

22	{
23	$the_ip=explode(",", trim($headers['X-Forwarded-For']));
24	$the_ip = trim($the_ip[0]);
25	+ $this->ip_str_array[]=$the_ip;
26	+ $this->ip_array[]=sprintf("%u", ip2long($the_ip));
27	}
28	+ if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ))
29	{
30	$the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
31	$the_ip = trim($the_ip[0]);
32	+ $this->ip_str_array[]=$the_ip;
33	+ $this->ip_array[]=sprintf("%u", ip2long($the_ip));
34	}
35	+ $the_ip = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
36	+ $this->ip_str_array[]=$the_ip;
37	+ $this->ip_array[]=sprintf("%u", ip2long($the_ip));
38	+
39	if(isset($_GET['sfw_test_ip']))
40	{
41	$the_ip=$_GET['sfw_test_ip'];
42	+ $this->ip_str_array[]=$the_ip;
43	+ $this->ip_array[]=sprintf("%u", ip2long($the_ip));
44	}
45	+ //$this->ip_str=$the_ip;
46	+ //$this->ip=sprintf("%u", ip2long($the_ip));
47	//print sprintf("%u", ip2long($the_ip));
48	}
49
50	public function check_ip()
51	{
52	global $wpdb,$ct_options, $ct_data;
53	+ $passed_ip='';
54	+ for($i=0;$i<sizeof($this->ip_array);$i++)















55	{
56	+ //print "select network from `".$wpdb->base_prefix."cleantalk_sfw` where ".$this->ip." & mask = network;";
57	+ //$r = $wpdb->get_results("select network from `".$wpdb->base_prefix."cleantalk_sfw` where network = ".$this->ip." & mask;", ARRAY_A);
58	+ $r = $wpdb->get_results("select network from `".$wpdb->base_prefix."cleantalk_sfw` where network = ".$this->ip_array[$i]." & mask;", ARRAY_A);
59
60	+ if(isset($ct_data['sfw_log']))
61	+ {
62	+ $sfw_log=$ct_data['sfw_log'];
63	+ }
64	+ else
65	+ {
66	+ $sfw_log=array();
67	+ }
68	+
69	+ if(sizeof($r)>0)
70	{
71	+ $this->result=true;
72	+ $this->blocked_ip=$this->ip_str_array[$i];
73	+ if(isset($sfw_log[$this->ip_str_array[$i]]))
74	+ {
75	+ $sfw_log[$this->ip_str_array[$i]]['all']++;
76	+ }
77	+ else
78	+ {
79	+ $sfw_log[$this->ip_str_array[$i]] = Array('datetime'=>time(), 'all' => 1, 'allow' => 0);
80	+ }
81	}
82	else
83	{
84	+ //$sfw_log[$this->ip_str]['allow']++;
85	+ //@setcookie ('ct_sfw_pass_key', md5($this->ip_str.$ct_options['apikey']), 0, "/");
86	+ $passed_ip = $this->ip_str_array[$i];
87	}
88	+ //if($this->result)break;
89	}
90	+ if($passed_ip!='')
91	{
92	+ @setcookie ('ct_sfw_pass_key', md5($passed_ip.$ct_options['apikey']), 0, "/");

93	}
94	$ct_data['sfw_log'] = $sfw_log;
95	update_option('cleantalk_data', $ct_data);

99	{
100	global $ct_options, $ct_data;
101	$sfw_die_page=file_get_contents(dirname(__FILE__)."/sfw_die_page.html");
102	+ $sfw_die_page=str_replace("{REMOTE_ADDRESS}",$this->blocked_ip,$sfw_die_page);
103	$sfw_die_page=str_replace("{REQUEST_URI}",$_SERVER['REQUEST_URI'],$sfw_die_page);
104	+ $sfw_die_page=str_replace("{SFW_COOKIE}",md5($this->blocked_ip.$ct_options['apikey']),$sfw_die_page);
105	@header('HTTP/1.0 403 Forbidden');
106	wp_die( $sfw_die_page, "Blacklisted", Array('response'=>403) );
107	}

readme.txt CHANGED Viewed

	@@ -1,9 +1,9 @@
1	=== Anti-Spam by CleanTalk - No Captcha, no comments & registrations spam ===
2	Contributors: znaeff, shagimuratov, vlad-cleantalk
3	- Tags: anti-spam, antispam, bbpress, buddypress, captcha, capcha, captha, catcha, cf7 spam, comments, contact form spam, signup, spam, spammers, spammy, woocommerce, wordpress spam, booking, order, subscription, gravity spam, jetpack, bots, contact form 7, contact form, registrations, ninja, Fast Secure Contact, Gravity forms, formidable, mailchimp, s2member, protection, protect, email, akismet, plugin, contact, recaptcha, google captcha, math, security, login, blacklist, cache, prevent, wordpress, User Frontend, bulk delete, bulk remove, cloudflare, widget, review, auth forms, firewall, ddos, cleantalk, mailpoet, profile builder, comment spam, registration spam, spam comments, comment moderation
4	Requires at least: 3.0
5	Tested up to: 4.4
6	- Stable tag: 5.32
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
	@@ -75,14 +75,13 @@ Spam FireWall also makes CleanTalk the two-step protection from spam bots. Spam
75	* HTTP request data is checked of the nearly 5,8 million of certain IP spam bots.
76	* If it is an active spam bot, it gets a blank page, if it is a visitor then it gets a site page. This is completely transparent to the visitors.
77
78	-
79	- All the CleanTalk Spam FireWall activity is being logged in the process of filtering. The logs will be available for viewing in CleanTalk Dashboard since 10/15/2015.
80
81	= Spam FireWall DDos Protection (Experimentally option) =
82	- Spam FireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website. Spam FireWall blocks all requests from bad IP addresses. Your website ~~givies~~ infringer a special page with description of DDoS rejection instead of the website pages. Therefore Spam FireWall can help to reduce of CPU usage on your server.
83
84	= XML-RPC brute force protection =
85	- Spam FireWall can mitigate XML-~~RPS~~ brute force attacks. It blocks XML-~~RPS~~ attacks from bad IP addresses. That helps to prevent bruteforce attacks by a Remote Procedure Call.
86
87	= No spam comments, no spam registrations, no spam contact emails, no spam trackbacks. CAPTCHA less anti-spam for WordPress =
88	Spam is one of the most irritating factors. Spam become every year more and conventional anti-spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.
	@@ -374,10 +373,15 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
374	1. CleanTalk works faster than most of the other anti-spam plugins.
375
376	== Changelog ==





377	= 5.32 2015-11-26 =
378	* Added improvements for manual spam detection
379	* Fixed errors in backend
380	- * Fixed bulk users ~~antispam~~ checking
381	* Added indicator for bulk spam checking
382	* Added "Get access key automatically" button
383
	@@ -479,7 +483,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
479
480	= 5.13 2015-06-12 =
481	* Closing notification for anti-spam renew
482	- * Fixed bulk ~~antispam~~ comment checking
483
484	= 5.12 2015-06-01 =
485	* Added option for checking all post data for spam
	@@ -503,7 +507,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
503	= 5.6 2015-05-11 =
504	* Fixed translation
505	* Fixed bulk comments anti-spam checking
506	- * Added option for disabling ~~antispam~~ statistics in adminbar
507	* Some security fixes
508
509	= 5.5 2015-04-29 =
	@@ -658,7 +662,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
658	= 2.58 2014-08-06 =
659	* Added anti-spam protection for signups posted via WooCommerce order form.
660	* Improved anti-spam protection for Contact Form 7.
661	- * Improved anti-spam protection for registrations. Now the plugin looking for JavaScript ~~antispam~~ test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
662	* Updated PHP API. Now the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
663
664	= 2.57 2014-07-29 =
	@@ -879,10 +883,15 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
879	* First version
880
881	== Upgrade Notice ==





882	= 5.32 2015-11-26 =
883	* Added improvements for manual spam detection
884	* Fixed errors in backend
885	- * Fixed bulk users ~~antispam~~ checking
886	* Added indicator for bulk spam checking
887	* Added "Get access key automatically" feature
888
	@@ -908,7 +917,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
908	= 5.28 2015-10-16 =
909	* Fixed errors in anti-spam checking
910	* Restored options for spam checking registrations and cpmmon contact forms
911	- * Improved ~~antispam~~ defence
912	* Fixed problems with AJAX functionality in MailPoet, WooCommerce and other AJAX plugins
913
914	= 5.27 2015-10-13 =
	@@ -984,7 +993,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
984
985	= 5.13 2015-06-12 =
986	* Closing notification for anti-spam renew
987	- * Fixed bulk ~~antispam~~ comment checking
988
989	= 5.12 2015-06-01 =
990	* Added option for checking all post data for spam
	@@ -1008,7 +1017,7 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
1008	= 5.6 2015-05-11 =
1009	* Fixed translation
1010	* Fixed bulk comments anti-spam checking
1011	- * Added option for disabling ~~antispam~~ statistics in adminbar
1012	* Some security fixes
1013
1014	= 5.5 2015-04-29


1	=== Anti-Spam by CleanTalk - No Captcha, no comments & registrations spam ===
2	Contributors: znaeff, shagimuratov, vlad-cleantalk
3	+ Tags: anti-spam, antispam, bbpress, buddypress, captcha, capcha, captha, catcha, cf7 spam, comments, contact form spam, signup, spam, spammers, spammy, woocommerce, wordpress spam, booking, order, subscription, gravity spam, jetpack, bots, contact form 7, contact form, registrations, ninja, Fast Secure Contact, Gravity forms, formidable, mailchimp, s2member, protection, protect, email, akismet, plugin, contact, recaptcha, google captcha, math, security, login, blacklist, cache, prevent, wordpress, User Frontend, bulk delete, bulk remove, cloudflare, widget, review, auth forms, firewall, ddos, cleantalk, mailpoet, profile builder, comment spam, registration spam, spam comments, comment moderation, spam bots, block spam, signup spam, spam blocker, spam filter, user registration spam,pingback,trackback
4	Requires at least: 3.0
5	Tested up to: 4.4
6	+ Stable tag: 5.33
7	License: GPLv2
8	License URI: http://www.gnu.org/licenses/gpl-2.0.html
9

75	* HTTP request data is checked of the nearly 5,8 million of certain IP spam bots.
76	* If it is an active spam bot, it gets a blank page, if it is a visitor then it gets a site page. This is completely transparent to the visitors.
77
78	+ All the CleanTalk Spam FireWall activity is being logged in the process of filtering.

79
80	= Spam FireWall DDos Protection (Experimentally option) =
81	+ Spam FireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website. Spam FireWall blocks all requests from bad IP addresses. Your website gives infringer a special page with description of DDoS rejection instead of the website pages. Therefore Spam FireWall can help to reduce of CPU usage on your server.
82
83	= XML-RPC brute force protection =
84	+ Spam FireWall can mitigate XML-RPC brute force attacks. It blocks XML-RPC attacks from bad IP addresses. That helps to prevent bruteforce attacks by a Remote Procedure Call.
85
86	= No spam comments, no spam registrations, no spam contact emails, no spam trackbacks. CAPTCHA less anti-spam for WordPress =
87	Spam is one of the most irritating factors. Spam become every year more and conventional anti-spam can no longer handle all the spam bots. CleanTalk prevents spam and automatically blocks it. You'll be surprised of effective protection against spam.

373	1. CleanTalk works faster than most of the other anti-spam plugins.
374
375	== Changelog ==
376	+ = 5.33 2015-12-01 =
377	+ * Backend interface fixes
378	+ * Improved Spam FireWall efficiency
379	+ * Improved performance of anti spam checking
380	+
381	= 5.32 2015-11-26 =
382	* Added improvements for manual spam detection
383	* Fixed errors in backend
384	+ * Fixed bulk users anti spam checking
385	* Added indicator for bulk spam checking
386	* Added "Get access key automatically" button
387

483
484	= 5.13 2015-06-12 =
485	* Closing notification for anti-spam renew
486	+ * Fixed bulk anti spam comment checking
487
488	= 5.12 2015-06-01 =
489	* Added option for checking all post data for spam

507	= 5.6 2015-05-11 =
508	* Fixed translation
509	* Fixed bulk comments anti-spam checking
510	+ * Added option for disabling anti spam statistics in adminbar
511	* Some security fixes
512
513	= 5.5 2015-04-29 =

662	= 2.58 2014-08-06 =
663	* Added anti-spam protection for signups posted via WooCommerce order form.
664	* Improved anti-spam protection for Contact Form 7.
665	+ * Improved anti-spam protection for registrations. Now the plugin looking for JavaScript anti spam test results not only in POST array, but in COOKIES array too. This improvement allows protect signup forms for any untested signups plugins and themes.
666	* Updated PHP API. Now the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.
667
668	= 2.57 2014-07-29 =

883	* First version
884
885	== Upgrade Notice ==
886	+ = 5.33 2015-12-01 =
887	+ * Backend interface fixes
888	+ * Improved Spam FireWall efficiency
889	+ * Improved performance of anti spam checking
890	+
891	= 5.32 2015-11-26 =
892	* Added improvements for manual spam detection
893	* Fixed errors in backend
894	+ * Fixed bulk users anti spam checking
895	* Added indicator for bulk spam checking
896	* Added "Get access key automatically" feature
897

917	= 5.28 2015-10-16 =
918	* Fixed errors in anti-spam checking
919	* Restored options for spam checking registrations and cpmmon contact forms
920	+ * Improved anti spam defence
921	* Fixed problems with AJAX functionality in MailPoet, WooCommerce and other AJAX plugins
922
923	= 5.27 2015-10-13 =

993
994	= 5.13 2015-06-12 =
995	* Closing notification for anti-spam renew
996	+ * Fixed bulk anti spam comment checking
997
998	= 5.12 2015-06-01 =
999	* Added option for checking all post data for spam

1017	= 5.6 2015-05-11 =
1018	* Fixed translation
1019	* Fixed bulk comments anti-spam checking
1020	+ * Added option for disabling anti spam statistics in adminbar
1021	* Some security fixes
1022
1023	= 5.5 2015-04-29

Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.33

Version Description

Release Info

Code changes from version 5.32 to 5.33