Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.58.6

Version Description

March 16 2017 = * Fix for Ninja forms (protection updated). * Fix for QA Theme. * Fix for RSVP form. * Setting changes (Spam FireWall). * Improved debug section. * Improved gathering data function. * Minor fixes.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.58.6
Comparing to
See all releases

Code changes from version 5.58.5 to 5.58.6

Files changed (8) hide show
  1. cleantalk.php +788 -785
  2. inc/cleantalk-admin.php +49 -53
  3. inc/cleantalk-ajax.php +35 -10
  4. inc/cleantalk-comments.php +4 -7
  5. inc/cleantalk-common.php +87 -79
  6. inc/cleantalk-public.php +8 -10
  7. inc/cleantalk-users.php +4 -4
  8. readme.txt +25 -19
cleantalk.php CHANGED
@@ -1,786 +1,789 @@
1
- <?php
2
- /*
3
- Plugin Name: Spam Protection by CleanTalk
4
- Plugin URI: http://cleantalk.org
5
- Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
- Version: 5.58.5
7
- Author: СleanTalk <welcome@cleantalk.org>
8
- Author URI: http://cleantalk.org
9
- */
10
- $cleantalk_plugin_version='5.58.5';
11
- $ct_agent_version = 'wordpress-5585';
12
- $cleantalk_executed=false;
13
- $ct_sfw_updated = false;
14
-
15
- $ct_redirects_label = 'ct_redirects';
16
-
17
- define('CLEANTALK_REMOTE_CALL_SLEEP', 10); //Minimum time between remote call
18
-
19
- $cleantalk_use_buffer = (defined('CLEANTALK_AJAX_USE_BUFFER') ? CLEANTALK_AJAX_USE_BUFFER : true);
20
- $cleantalk_use_footer_header = (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? CLEANTALK_AJAX_USE_FOOTER_HEADER : true);
21
-
22
- if(!defined('CLEANTALK_PLUGIN_DIR')){
23
-
24
- global $ct_options, $ct_data, $pagenow;
25
-
26
- define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
27
-
28
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
29
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
30
-
31
- $ct_options=ct_get_options();
32
- $ct_data=ct_get_data();
33
-
34
- //Cron jobs
35
- add_action('cleantalk_send_daily_report_hook', 'cleantalk_send_daily_report'); //Sending daily report
36
-
37
- //Update actions
38
- if(!isset($ct_data['db_refreshed'])){
39
-
40
- global $wpdb;
41
-
42
- $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw` (
43
- `network` int(11) unsigned NOT NULL,
44
- `mask` int(11) unsigned NOT NULL,
45
- INDEX ( `network` , `mask` )
46
- ) ENGINE = MYISAM ;");
47
-
48
- $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs` (
49
- `ip` VARCHAR(15) NOT NULL ,
50
- `all` INT NOT NULL ,
51
- `blocked` INT NOT NULL ,
52
- `timestamp` INT NOT NULL ,
53
- PRIMARY KEY (`ip`))
54
- ENGINE = MYISAM;");
55
-
56
- $ct_data['db_refreshed'] = 1;
57
- update_option('cleantalk_data', $ct_data);
58
-
59
- }
60
- if(isset($ct_data['db_refreshed']) && $ct_data['db_refreshed'] == 1){
61
- if (!wp_next_scheduled('cleantalk_update_sfw_hook'))
62
- wp_schedule_event(time()+1800, 'daily', 'cleantalk_update_sfw_hook' );
63
- $ct_data['db_refreshed'] = 2;
64
- update_option('cleantalk_data', $ct_data);
65
- }
66
- /*
67
- if(isset($ct_data['db_refreshed']) && $ct_data['db_refreshed'] == 2){
68
- $ct_activation_timestamp = get_option('cleantalk_activation_timestamp');
69
- if(!$ct_activation_timestamp)
70
- add_option('cleantalk_activation_timestamp', time());
71
- $ct_data['db_refreshed'] = 3;
72
- update_option('cleantalk_data', $ct_data);
73
- }
74
- //*/
75
-
76
- if(@stripos($_SERVER['REQUEST_URI'],'admin-ajax.php')!==false && sizeof($_POST)>0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
77
- $_POST['action']='ninja_forms_ajax_submit';
78
-
79
- $value = (isset($ct_options['spam_firewall']) ? intval($ct_options['spam_firewall']) : 0);
80
- /*
81
- Turn off the SpamFireWall if current url in the exceptions list.
82
- */
83
- if ($value == 1 && isset($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
84
- foreach ($cleantalk_url_exclusions as $v) {
85
- if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
86
- $value = 0;
87
- break;
88
- }
89
- }
90
- }
91
-
92
- /*
93
- Turn off the SpamFireWall for WordPress core pages
94
- */
95
- $ct_wordpress_core_pages = array(
96
- '/wp-admin',
97
- '/feed'
98
- );
99
- if ($value == 1) {
100
- foreach ($ct_wordpress_core_pages as $v) {
101
- if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
102
- $value = 0;
103
- break;
104
- }
105
- }
106
- }
107
-
108
- if($value==1 && !is_admin() || $value==1 && defined( 'DOING_AJAX' ) && DOING_AJAX && $_SERVER["REQUEST_METHOD"] == 'GET')
109
- {
110
-
111
- include_once("inc/cleantalk-sfw.class.php");
112
-
113
- $is_sfw_check=true;
114
- $sfw = new CleanTalkSFW();
115
- $ip = $sfw->cleantalk_get_real_ip();
116
-
117
- foreach($ip as $ct_cur_ip){
118
- if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$ct_options['apikey'])){
119
- $is_sfw_check=false;
120
- if(isset($_COOKIE['ct_sfw_passed'])){
121
- update_option('cleantalk_data', $ct_data);
122
- CleanTalkSFW::sfw_update_logs($ct_cur_ip, 'passed');
123
- @setcookie ('ct_sfw_passed', '0', 1, "/");
124
- }
125
- }else
126
- $is_sfw_check=true;
127
- } unset($ct_cur_ip);
128
- if($is_sfw_check){
129
- $sfw->check_ip();
130
- if($sfw->result){
131
- CleanTalkSFW::sfw_update_logs($sfw->blocked_ip, 'blocked');
132
- $sfw->sfw_die();
133
- }
134
- }
135
-
136
- //cron start
137
- $last_sfw_send = (isset($ct_data['last_sfw_send']) ? $ct_data['last_sfw_send'] : 0);
138
-
139
- if(time() - $last_sfw_send > 3600){
140
- ct_send_sfw_log();
141
- $ct_data['last_sfw_send'] = time();
142
- update_option('cleantalk_data', $ct_data);
143
- }
144
- //cron end
145
- }
146
-
147
- //* Remote calls
148
- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && ($_GET['plugin_name'] == 'antispam' || $_GET['plugin_name'] == 'anti-spam')){
149
-
150
- if(isset($ct_data['last_remote_call']) && time() - $ct_data['last_remote_call'] < CLEANTALK_REMOTE_CALL_SLEEP){
151
- echo "FAIL TOO_MANY_ATTEMPTS";
152
- die();
153
- }else{
154
- $ct_data['last_remote_call'] = time();
155
- update_option('cleantalk_data', $ct_data);
156
- }
157
-
158
- $spbc_remote_call_token = md5($ct_options['apikey']);
159
-
160
- if($_GET['spbc_remote_call_token'] == $spbc_remote_call_token){
161
-
162
- if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){
163
- $ct_data['show_ct_notice_trial'] = 0;
164
- $ct_data['show_ct_notice_renew'] = 0;
165
- $ct_data['next_account_status_check'] = time() + $account_notice_check_timeout*3600;
166
- update_option('cleantalk_data', $ct_data);
167
-
168
- echo "OK";
169
- die();
170
- }
171
- }else{
172
- echo "FAIL WRONG_TOKEN";
173
- die();
174
- }
175
-
176
- }
177
- //*/
178
-
179
- if(isset($ct_options['check_external']) && @intval($ct_options['check_external']) == 1)
180
- $test_external_forms=true;
181
- else
182
- $test_external_forms=false;
183
-
184
- if(isset($ct_options['check_internal']) && @intval($ct_options['check_internal']) == 1)
185
- $test_internal_forms = true;
186
- else
187
- $test_internal_forms = false;
188
-
189
- // Activation/deactivation functions must be in main plugin file.
190
- // http://codex.wordpress.org/Function_Reference/register_activation_hook
191
- register_activation_hook( __FILE__, 'ct_activation' );
192
- register_deactivation_hook( __FILE__, 'ct_deactivation' );
193
-
194
- //
195
- // Redirect admin to plugin settings.
196
- //
197
- if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
198
- add_action('admin_init', 'ct_plugin_redirect');
199
-
200
- // After plugin loaded - to load locale as described in manual
201
- add_action( 'ct_init', 'ct_plugin_loaded' );
202
- ct_plugin_loaded();
203
-
204
- $use_ajax = (isset($ct_options['use_ajax']) ? intval($ct_options['use_ajax']) : 1);
205
-
206
- if( $use_ajax==1 &&
207
- stripos($_SERVER['REQUEST_URI'],'.xml')===false &&
208
- stripos($_SERVER['REQUEST_URI'],'.xsl')===false)
209
- {
210
- if($cleantalk_use_buffer)
211
- add_action('wp_loaded', 'ct_add_nocache_script', 1);
212
-
213
- if($cleantalk_use_footer_header){
214
- add_action('wp_footer', 'ct_add_nocache_script_footer', 1);
215
- add_action('wp_head', 'ct_add_nocache_script_header', 1);
216
- }
217
- add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
218
- add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
219
- }
220
-
221
- if(isset($ct_options['show_link']) && intval($ct_options['show_link']) == 1)
222
- add_action('comment_form_after', 'ct_show_comment_link');
223
-
224
- if(is_admin()){
225
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
226
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
227
- }
228
-
229
- if (is_admin()||is_network_admin()){
230
-
231
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
232
-
233
- if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
234
- add_action('admin_init', 'ct_admin_init', 1);
235
- add_action('admin_menu', 'ct_admin_add_page');
236
- if(is_network_admin())
237
- add_action('network_admin_menu', 'ct_admin_add_page');
238
-
239
- add_action('admin_notices', 'cleantalk_admin_notice_message');
240
- add_action('network_admin_notices', 'cleantalk_admin_notice_message');
241
- }
242
- if (defined( 'DOING_AJAX' ) && DOING_AJAX||isset($_POST['cma-action'])){
243
- $cleantalk_hooked_actions = array();
244
- $cleantalk_ajax_actions_to_check = array();
245
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
246
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
247
-
248
- // Do check for AJAX if Unknown action or Known action with mandatory check
249
- if(isset($_POST['action']) &&
250
- !isset($_COOKIE[LOGGED_IN_COOKIE]) &&
251
- (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
252
- ){
253
- ct_ajax_hook();
254
- }
255
- //
256
- // Some of plugins to register a users use AJAX context.
257
- //
258
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
259
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
260
- add_action('user_register', 'ct_user_register');
261
-
262
- }
263
-
264
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
265
-
266
- //Bitrix24 contact form
267
- if (ct_is_user_enable()) {
268
- ct_cookies_test();
269
-
270
- if (isset($ct_options['general_contact_forms_test']) && $ct_options['general_contact_forms_test'] == 1 &&
271
- !empty($_POST['your-phone']) &&
272
- !empty($_POST['your-email']) &&
273
- !empty($_POST['your-message'])
274
- ){
275
- $ct_check_post_result=false;
276
- ct_contact_form_validate();
277
- }
278
- }
279
-
280
- add_action('admin_enqueue_scripts', 'ct_enqueue_scripts');
281
-
282
- if($pagenow=='edit-comments.php'){
283
- add_action('comment_unapproved_to_approvecomment', 'ct_comment_approved'); // param - comment object
284
- add_action('comment_unapproved_to_approved', 'ct_comment_approved'); // param - comment object
285
- add_action('comment_approved_to_unapproved', 'ct_comment_unapproved'); // param - comment object
286
- add_action('comment_unapproved_to_spam', 'ct_comment_spam'); // param - comment object
287
- add_action('comment_approved_to_spam', 'ct_comment_spam'); // param - comment object
288
- //add_filter('get_comment_text', 'ct_get_comment_text'); // param - current comment text
289
- add_filter('unspam_comment', 'ct_unspam_comment');
290
- }
291
-
292
- if($pagenow=='users.php')
293
- add_action('delete_user', 'ct_delete_user');
294
-
295
- if($pagenow=='plugins.php' || @strpos($_SERVER['REQUEST_URI'],'plugins.php')!==false){
296
-
297
- add_filter('plugin_row_meta', 'ct_register_plugin_links', 10, 2);
298
- add_filter('plugin_action_links', 'ct_plugin_action_links', 10, 2);
299
- }
300
- add_action('updated_option', 'ct_update_option'); // param - option name, i.e. 'cleantalk_settings'
301
- }else{
302
-
303
- require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
304
-
305
- // Init action.
306
- add_action('plugins_loaded', 'ct_init', 1);
307
-
308
- // Hourly run hook
309
- add_action('ct_hourly_event_hook', 'ct_do_this_hourly');
310
- add_action('cleantalk_update_sfw_hook', 'cleantalk_update_sfw');
311
-
312
- // Comments
313
- add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
314
- add_filter('comment_text', 'ct_comment_text' );
315
-
316
- // Registrations
317
- add_action('register_form','ct_register_form');
318
- add_filter('registration_errors', 'ct_registration_errors', 1, 3);
319
- add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
320
- add_action('user_register', 'ct_user_register');
321
-
322
- // Multisite registrations
323
- add_action('signup_extra_fields','ct_register_form');
324
- add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
325
-
326
- // Login form - for notifications only
327
- add_filter('login_message', 'ct_login_message');
328
-
329
- // Ait-Themes fix
330
- if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
331
- $tmp=$_POST['redirect_to'];
332
- unset($_POST['redirect_to']);
333
- ct_contact_form_validate();
334
- $_POST['redirect_to']=$tmp;
335
- }
336
- }
 
 
 
337
  }
338
-
339
- function ct_db_refresh(){
340
- global $wpdb;
341
-
342
- $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw` (
343
- `network` int(11) unsigned NOT NULL,
344
- `mask` int(11) unsigned NOT NULL,
345
- INDEX ( `network` , `mask` )
346
- ) ENGINE = MYISAM ;");
347
-
348
- $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs` (
349
- `ip` VARCHAR(15) NOT NULL ,
350
- `all` INT NOT NULL ,
351
- `blocked` INT NOT NULL ,
352
- `timestamp` INT NOT NULL ,
353
- PRIMARY KEY (`ip`))
354
- ENGINE = MYISAM;");
355
-
356
- }
357
-
358
- /**
359
- * On activation, set a time, frequency and name of an action hook to be scheduled.
360
- */
361
- if (!function_exists ( 'ct_activation')) {
362
- function ct_activation() {
363
-
364
- ct_db_refresh();
365
-
366
- wp_schedule_event(time(), 'hourly', 'ct_hourly_event_hook' );
367
- //wp_schedule_event(time(), 'hourly', 'ct_send_sfw_log' );
368
- wp_schedule_event(time(), 'daily', 'cleantalk_update_sfw_hook' );
369
- //Sends log every day
370
- wp_schedule_event(time()+85400 , 'daily', 'cleantalk_send_daily_report_hook' );
371
-
372
- cleantalk_update_sfw();
373
-
374
- add_option('ct_plugin_do_activation_redirect', true);
375
- add_option('cleantalk_activation_timestamp', time());
376
- }
377
- }
378
-
379
- /**
380
- * On deactivation, clear schedule.
381
- */
382
- if (!function_exists ( 'ct_deactivation')) {
383
- function ct_deactivation() {
384
-
385
- global $wpdb;
386
-
387
- $wpdb->query("DROP TABLE IF EXISTS `".$wpdb->base_prefix."cleantalk_sfw`;");
388
- $wpdb->query("DROP TABLE IF EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs`;");
389
-
390
- wp_clear_scheduled_hook( 'ct_hourly_event_hook' );
391
- wp_clear_scheduled_hook( 'ct_send_sfw_log' );
392
- wp_clear_scheduled_hook( 'cleantalk_update_sfw' );
393
- wp_clear_scheduled_hook( 'cleantalk_update_sfw_hook' );
394
- wp_clear_scheduled_hook( 'cleantalk_send_daily_report_hook' );
395
-
396
- }
397
- }
398
-
399
- /**
400
- * Redirects admin to plugin settings after activation.
401
- */
402
- function ct_plugin_redirect()
403
- {
404
- global $ct_redirects_label;
405
- if (get_option('ct_plugin_do_activation_redirect', false))
406
- {
407
- delete_option('ct_plugin_do_activation_redirect');
408
- if(!isset($_GET['activate-multi']) && !isset($_COOKIE[$ct_redirects_label]))
409
- {
410
- setcookie($ct_redirects_label, 1, null, '/');
411
- wp_redirect("options-general.php?page=cleantalk");
412
- }
413
- }
414
- }
415
-
416
- function ct_add_event($event_type)
417
- {
418
- global $ct_data,$cleantalk_executed;
419
-
420
- if(!get_option('cleantalk_sends_reports_till'));
421
- add_option('cleantalk_sends_reports_till', time()+7*24*3600);
422
-
423
- //
424
- // To migrate on the new version of ct_add_event().
425
- //
426
- switch ($event_type) {
427
- case '0': $event_type = 'no';break;
428
- case '1': $event_type = 'yes';break;
429
- }
430
-
431
- $ct_data = ct_get_data();
432
- $current_hour=intval(date('G'));
433
-
434
- //Daily counter
435
- if(!isset($ct_data['array_accepted'])){
436
- $ct_data['array_accepted']=Array();
437
- $ct_data['array_blocked']=Array();
438
- $ct_data['current_hour']=$current_hour;
439
- }
440
- //All time counter
441
- if(!isset($ct_data['all_time_counter'])){
442
- $ct_data['all_time_counter']['accepted']=0;
443
- $ct_data['all_time_counter']['blocked']=0;
444
- }
445
- //User counter
446
- if(!isset($ct_data['user_counter'])){
447
- $ct_data['user_counter']['accepted']=0;
448
- $ct_data['user_counter']['blocked']=0;
449
- $ct_data['user_counter']['since']=date('d M');
450
- }
451
-
452
- if($current_hour!=$ct_data['current_hour']){
453
- @$ct_data['current_hour']=$current_hour;
454
- @$ct_data['array_accepted'][$current_hour]=0;
455
- @$ct_data['array_blocked'][$current_hour]=0;
456
- }
457
-
458
- //Add 1 to counters
459
- if($event_type=='yes'){
460
- @$ct_data['array_accepted'][$current_hour]++;
461
- @$ct_data['all_time_counter']['accepted']++;
462
- @$ct_data['user_counter']['accepted']++;
463
- }
464
- if($event_type=='no'){
465
- @$ct_data['array_blocked'][$current_hour]++;
466
- @$ct_data['all_time_counter']['blocked']++;
467
- @$ct_data['user_counter']['blocked']++;
468
- }
469
-
470
- update_option('cleantalk_data', $ct_data);
471
- $cleantalk_executed=true;
472
- }
473
-
474
- /**
475
- * return new cookie value
476
- */
477
- function ct_get_cookie()
478
- {
479
- global $ct_checkjs_def;
480
- $ct_checkjs_key = ct_get_checkjs_value(true);
481
- print $ct_checkjs_key;
482
- die();
483
- }
484
-
485
- /**
486
- * adds nocache script
487
- */
488
- function ct_add_nocache_script()
489
- {
490
- ob_start('ct_inject_nocache_script');
491
- }
492
-
493
- function ct_add_nocache_script_footer(){
494
-
495
- if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
496
-
497
- global $test_external_forms, $test_internal_forms, $cleantalk_plugin_version;
498
-
499
- print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_nocache.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
500
-
501
- if($test_external_forms){
502
- print "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
503
- print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_external.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
504
- }
505
-
506
- if($test_internal_forms){
507
- print "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
508
- print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_internal.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
509
- }
510
- }
511
- }
512
-
513
- /**
514
- * Function prepares values to manage JavaScript code
515
- * @return string
516
- */
517
- function ct_set_info_flag () {
518
- global $ct_options;
519
-
520
- $ct_options=ct_get_options();
521
-
522
- $result = 'false';
523
- if(@intval($ct_options['collect_details'])==1
524
- && @intval($ct_options['set_cookies']) == 1
525
- ) {
526
- $result = 'true';
527
- }
528
-
529
- $ct_info_flag = "var ct_info_flag=$result;\n";
530
-
531
- $result = 'true';
532
- if (@intval($ct_options['set_cookies']) == 0) {
533
- $result = 'false';
534
- }
535
-
536
- $ct_set_cookies_flag = "var ct_set_cookies_flag=$result;\n";
537
-
538
- return $ct_info_flag . $ct_set_cookies_flag;
539
- }
540
-
541
- function ct_add_nocache_script_header(){
542
-
543
- if(strpos($_SERVER['REQUEST_URI'],'jm-ajax')===false){
544
- $ct_info_flag = ct_set_info_flag();
545
- print "\n<script type='text/javascript'>\nvar ct_ajaxurl = '".admin_url('admin-ajax.php')."';\n $ct_info_flag </script>\n";
546
- }
547
-
548
- }
549
-
550
- function ct_inject_nocache_script($html){
551
-
552
- if(strpos($_SERVER['REQUEST_URI'],'jm-ajax')===false){
553
-
554
- global $test_external_forms, $test_internal_forms, $cleantalk_plugin_version, $ct_options;
555
-
556
- $ct_info_flag = ct_set_info_flag();
557
-
558
- if(!is_admin()&&stripos($html,"</body>")!==false){
559
-
560
- $ct_replace="<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_nocache.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
561
-
562
- if($test_external_forms){
563
- $ct_replace.="\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
564
- $ct_replace.="<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_external.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
565
- }
566
-
567
- if($test_internal_forms){
568
- $ct_replace .= "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
569
- $ct_replace .= "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_internal.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
570
- }
571
-
572
- $html = preg_replace("/<\/body>\s*<\/html>/", $ct_replace."</body></html>", $html, 1); }
573
- }
574
- return $html;
575
- }
576
-
577
- function ct_show_comment_link(){
578
-
579
- print "<div style='font-size:10pt;'><a href='https://cleantalk.org/wordpress-anti-spam-plugin' target='_blank'>".__( 'WordPress spam', 'cleantalk' )."</a> ".__( 'blocked by', 'cleantalk' )." CleanTalk.</div>";
580
-
581
- }
582
-
583
- add_action( 'right_now_content_table_end', 'my_add_counts_to_dashboard' );
584
-
585
- function cleantalk_update_sfw(){
586
- global $wpdb, $ct_sfw_updated, $ct_options, $ct_data;
587
-
588
- if(!function_exists('sendRawRequest'))
589
- require_once('inc/cleantalk.class.php');
590
-
591
- if(isset($ct_options['spam_firewall']) && intval($ct_options['spam_firewall']) == 1 && ($ct_sfw_updated === false || !isset($ct_sfw_updated))){
592
-
593
- $data = Array( 'auth_key' => $ct_options['apikey'],
594
- 'method_name' => '2s_blacklists_db'
595
- );
596
-
597
- $result=sendRawRequest('https://api.cleantalk.org', $data);
598
-
599
- $result=json_decode($result, true);
600
-
601
- if(isset($result['data'])){
602
-
603
- $wpdb->query("TRUNCATE TABLE `".$wpdb->base_prefix."cleantalk_sfw`;");
604
- $result=$result['data'];
605
- $query="INSERT INTO `".$wpdb->base_prefix."cleantalk_sfw` VALUES ";
606
- for($i=0;$i<sizeof($result);$i++){
607
-
608
- if($i==sizeof($result)-1)
609
- $query.="(".$result[$i][0].",".$result[$i][1].");";
610
- else
611
- $query.="(".$result[$i][0].",".$result[$i][1]."), ";
612
-
613
- }
614
- $wpdb->query($query);
615
- $ct_sfw_updated = true;
616
- }
617
- }
618
- }
619
-
620
- function cleantalk_get_ip(){
621
-
622
- $result=Array();
623
-
624
- if ( function_exists( 'apache_request_headers' ) )
625
- $headers = apache_request_headers();
626
- else
627
- $headers = $_SERVER;
628
-
629
- if ( array_key_exists( 'X-Forwarded-For', $headers ) ){
630
- $the_ip=explode(",", trim($headers['X-Forwarded-For']));
631
- $result[] = trim($the_ip[0]);
632
- }
633
-
634
- if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers )){
635
- $the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
636
- $result[] = trim($the_ip[0]);
637
- }
638
-
639
- $result[] = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
640
-
641
- if(isset($_GET['sfw_test_ip']))
642
- $result[]=$_GET['sfw_test_ip'];
643
-
644
- return $result;
645
- }
646
-
647
- function ct_send_sfw_log()
648
- {
649
- global $ct_options, $ct_data;
650
-
651
- $ct_options=ct_get_options();
652
- $ct_data=ct_get_data();
653
-
654
- include_once("inc/cleantalk-sfw.class.php");
655
- $result = CleanTalkSFW::send_logs($ct_options['apikey']);
656
-
657
- if($result !== false){
658
-
659
- if(!isset($ct_data['sfw_counter']))
660
- $ct_data['sfw_counter'] = array('all' => 0, 'blocked' => 0);
661
-
662
- $ct_data['sfw_counter']['all'] += $result['all'];
663
- $ct_data['sfw_counter']['blocked'] += $result['blocked'];
664
- $ct_data['last_sfw_send']=time();
665
- update_option('cleantalk_data', $ct_data);
666
-
667
- return true;
668
-
669
- }else
670
- return false;
671
- }
672
-
673
- // Sends daily report from get_antispam_report method
674
- function cleantalk_send_daily_report(){
675
-
676
-
677
- $timestamp_trial_ends = get_option('cleantalk_sends_reports_till');
678
-
679
- // If 7 days is over
680
- if($timestamp_trial_ends === false){
681
- return;
682
- }elseif((int)$timestamp_trial_ends < time()){
683
- wp_clear_scheduled_hook( 'cleantalk_send_daily_report_hook' );
684
- return;
685
- }
686
-
687
- if(!function_exists('ct_get_data'))
688
- include_once("inc/cleantalk-common.php");
689
-
690
- $ct_options = ct_get_options();
691
- $ct_data = ct_get_data();
692
- $site_url = get_option('siteurl');
693
- $site_url = preg_replace('/http[s]?:\/\//', '', $site_url, 1);
694
- $site_domain = preg_replace('/\/.*$/', '', $site_url, 1);
695
-
696
- if($ct_options['apikey'] == ''){
697
-
698
- if(!function_exists('getAntispamReport'))
699
- include_once("inc/cleantalk.class.php");
700
-
701
- $result = getAntispamReport($site_domain);
702
- $result = json_decode($result, true);
703
-
704
- //Connection failed
705
- if(!$result){
706
-
707
- $ct_data['errors'][__FUNCTION__] = array(
708
- 'time' => date("M d Y H:i:s", time()),
709
- 'error_no' => (-1),
710
- 'error' => 'Request method returns FALSE'
711
- );
712
- update_option('cleantalk_data', $ct_data);
713
- return $ct_data['errors'][__FUNCTION__];
714
- } //Error returned
715
- elseif(isset($result['error_message']) && isset($result['error_no']))
716
- {
717
- $ct_data['errors'][__FUNCTION__] = array(
718
- 'time' => date("M d Y H:i:s", time()),
719
- 'error_no' => $result['error_no'],
720
- 'error' => $result['error_message']
721
- );
722
- update_option('cleantalk_data', $ct_data);
723
- return $ct_data['errors'][__FUNCTION__];
724
- } //OK
725
- elseif(!empty($result['data']))
726
- {
727
- $result = $result['data']['stat'];
728
- if(isset($ct_data['errors'][__FUNCTION__])){
729
- unset($ct_data['errors'][__FUNCTION__]);
730
- update_option('cleantalk_data', $ct_data);
731
- }
732
- }
733
-
734
- //Comple mail
735
- include_once("templates/daily_report.php");
736
-
737
- $title = sprintf(__('%d spam attacks have been blocked', 'cleantalk'), $result['deny_comments'] + $result['deny_registrations'] + $result['deny_contacts']);
738
- $events = sprintf($events,
739
- $result['allow_comments'], $result['deny_comments'],
740
- $result['allow_registrations'], $result['deny_registrations'],
741
- $result['allow_contacts'], $result['deny_contacts']
742
- );
743
-
744
- $href_for_network_admin = (is_network_admin() ? "settings" : "options-general");
745
-
746
- $message = sprintf($msg_template,
747
- $style, //Headers and styles
748
- $title, //Title
749
- $events, //Result table
750
- $site_url, $href_for_network_admin, __('Complete setup', 'cleantalk'), //Right link to cleantalk's settings
751
- __('To see the anti-spam log and complete the setup, please get the Access key.', 'cleantalk'),
752
- $site_url, $href_for_network_admin, 'Antispam by CleanTalk' //Right link to cleantalk's settings
753
- );
754
-
755
- $admin_email = get_option('admin_email');
756
- $subject = sprintf(__("%s spam attacks report", "cleantalk"), $site_domain);
757
- $headers[] = 'content-type: text/html';
758
-
759
- $result = $send_mail_result = wp_mail(
760
- $admin_email,
761
- $subject,
762
- $message,
763
- $headers
764
- );
765
-
766
- return ($result ? true : false);
767
-
768
- }
769
-
770
- return;
771
-
772
- }
773
-
774
- /*
775
- function myplugin_update_field( $new_value, $old_value ) {
776
- error_log('cleantalk_data dump: '. strlen(serialize($new_value)));
777
- return $new_value;
778
- }
779
-
780
- function myplugin_init() {
781
- add_filter( 'pre_update_option_cleantalk_data', 'myplugin_update_field', 10, 2 );
782
- }
783
-
784
- add_action( 'init', 'myplugin_init' );
785
- */
786
- ?>
1
+ <?php
2
+ /*
3
+ Plugin Name: Spam Protection by CleanTalk
4
+ Plugin URI: http://cleantalk.org
5
+ Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
+ Version: 5.58.6
7
+ Author: СleanTalk <welcome@cleantalk.org>
8
+ Author URI: http://cleantalk.org
9
+ */
10
+ $cleantalk_plugin_version='5.58.6';
11
+ $ct_agent_version = 'wordpress-5586';
12
+ $cleantalk_executed=false;
13
+ $ct_sfw_updated = false;
14
+
15
+ $ct_redirects_label = 'ct_redirects';
16
+
17
+ define('CLEANTALK_REMOTE_CALL_SLEEP', 10); //Minimum time between remote call
18
+
19
+ $cleantalk_use_buffer = (defined('CLEANTALK_AJAX_USE_BUFFER') ? CLEANTALK_AJAX_USE_BUFFER : true);
20
+ $cleantalk_use_footer_header = (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? CLEANTALK_AJAX_USE_FOOTER_HEADER : true);
21
+
22
+ if(!defined('CLEANTALK_PLUGIN_DIR')){
23
+
24
+ global $ct_options, $ct_data, $pagenow;
25
+
26
+ define('CLEANTALK_PLUGIN_DIR', plugin_dir_path(__FILE__));
27
+
28
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-common.php');
29
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-widget.php');
30
+
31
+ $ct_options=ct_get_options();
32
+ $ct_data=ct_get_data();
33
+
34
+ //Cron jobs
35
+ add_action('cleantalk_send_daily_report_hook', 'cleantalk_send_daily_report'); //Sending daily report
36
+
37
+ //Update actions
38
+ if(!isset($ct_data['db_refreshed'])){
39
+
40
+ global $wpdb;
41
+
42
+ $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw` (
43
+ `network` int(11) unsigned NOT NULL,
44
+ `mask` int(11) unsigned NOT NULL,
45
+ INDEX ( `network` , `mask` )
46
+ ) ENGINE = MYISAM ;");
47
+
48
+ $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs` (
49
+ `ip` VARCHAR(15) NOT NULL ,
50
+ `all` INT NOT NULL ,
51
+ `blocked` INT NOT NULL ,
52
+ `timestamp` INT NOT NULL ,
53
+ PRIMARY KEY (`ip`))
54
+ ENGINE = MYISAM;");
55
+
56
+ $ct_data['db_refreshed'] = 1;
57
+ update_option('cleantalk_data', $ct_data);
58
+
59
+ }
60
+ if(isset($ct_data['db_refreshed']) && $ct_data['db_refreshed'] == 1){
61
+ if (!wp_next_scheduled('cleantalk_update_sfw_hook'))
62
+ wp_schedule_event(time()+1800, 'daily', 'cleantalk_update_sfw_hook' );
63
+ $ct_data['db_refreshed'] = 2;
64
+ update_option('cleantalk_data', $ct_data);
65
+ }
66
+ /*
67
+ if(isset($ct_data['db_refreshed']) && $ct_data['db_refreshed'] == 2){
68
+ $ct_activation_timestamp = get_option('cleantalk_activation_timestamp');
69
+ if(!$ct_activation_timestamp)
70
+ add_option('cleantalk_activation_timestamp', time());
71
+ $ct_data['db_refreshed'] = 3;
72
+ update_option('cleantalk_data', $ct_data);
73
+ }
74
+ //*/
75
+
76
+ if(@stripos($_SERVER['REQUEST_URI'],'admin-ajax.php')!==false && sizeof($_POST)>0 && isset($_GET['action']) && $_GET['action']=='ninja_forms_ajax_submit')
77
+ $_POST['action']='ninja_forms_ajax_submit';
78
+
79
+ $value = (isset($ct_options['spam_firewall']) ? intval($ct_options['spam_firewall']) : 0);
80
+ /*
81
+ Turn off the SpamFireWall if current url in the exceptions list.
82
+ */
83
+ if ($value == 1 && isset($cleantalk_url_exclusions) && is_array($cleantalk_url_exclusions)) {
84
+ foreach ($cleantalk_url_exclusions as $v) {
85
+ if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
86
+ $value = 0;
87
+ break;
88
+ }
89
+ }
90
+ }
91
+
92
+ /*
93
+ Turn off the SpamFireWall for WordPress core pages
94
+ */
95
+ $ct_wordpress_core_pages = array(
96
+ '/wp-admin',
97
+ '/feed'
98
+ );
99
+ if ($value == 1) {
100
+ foreach ($ct_wordpress_core_pages as $v) {
101
+ if (stripos($_SERVER['REQUEST_URI'], $v) !== false) {
102
+ $value = 0;
103
+ break;
104
+ }
105
+ }
106
+ }
107
+
108
+ if($value==1 && !is_admin() || $value==1 && defined( 'DOING_AJAX' ) && DOING_AJAX && $_SERVER["REQUEST_METHOD"] == 'GET')
109
+ {
110
+
111
+ include_once("inc/cleantalk-sfw.class.php");
112
+
113
+ $is_sfw_check=true;
114
+ $sfw = new CleanTalkSFW();
115
+ $ip = $sfw->cleantalk_get_real_ip();
116
+
117
+ foreach($ip as $ct_cur_ip){
118
+ if(isset($_COOKIE['ct_sfw_pass_key']) && $_COOKIE['ct_sfw_pass_key'] == md5($ct_cur_ip.$ct_options['apikey'])){
119
+ $is_sfw_check=false;
120
+ if(isset($_COOKIE['ct_sfw_passed'])){
121
+ update_option('cleantalk_data', $ct_data);
122
+ CleanTalkSFW::sfw_update_logs($ct_cur_ip, 'passed');
123
+ @setcookie ('ct_sfw_passed', '0', 1, "/");
124
+ }
125
+ }else
126
+ $is_sfw_check=true;
127
+ } unset($ct_cur_ip);
128
+ if($is_sfw_check){
129
+ $sfw->check_ip();
130
+ if($sfw->result){
131
+ CleanTalkSFW::sfw_update_logs($sfw->blocked_ip, 'blocked');
132
+ $sfw->sfw_die();
133
+ }
134
+ }
135
+
136
+ //cron start
137
+ $last_sfw_send = (isset($ct_data['last_sfw_send']) ? $ct_data['last_sfw_send'] : 0);
138
+
139
+ if(time() - $last_sfw_send > 3600){
140
+ ct_send_sfw_log();
141
+ $ct_data['last_sfw_send'] = time();
142
+ update_option('cleantalk_data', $ct_data);
143
+ }
144
+ //cron end
145
+ }
146
+
147
+ //* Remote calls
148
+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && ($_GET['plugin_name'] == 'antispam' || $_GET['plugin_name'] == 'anti-spam')){
149
+
150
+ if(isset($ct_data['last_remote_call']) && time() - $ct_data['last_remote_call'] < CLEANTALK_REMOTE_CALL_SLEEP){
151
+ echo "FAIL TOO_MANY_ATTEMPTS";
152
+ die();
153
+ }else{
154
+ $ct_data['last_remote_call'] = time();
155
+ update_option('cleantalk_data', $ct_data);
156
+ }
157
+
158
+ $spbc_remote_call_token = md5($ct_options['apikey']);
159
+
160
+ if($_GET['spbc_remote_call_token'] == $spbc_remote_call_token){
161
+
162
+ if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){
163
+ $ct_data['show_ct_notice_trial'] = 0;
164
+ $ct_data['show_ct_notice_renew'] = 0;
165
+ $ct_data['next_account_status_check'] = time() + $account_notice_check_timeout*3600;
166
+ update_option('cleantalk_data', $ct_data);
167
+
168
+ echo "OK";
169
+ die();
170
+ }
171
+ }else{
172
+ echo "FAIL WRONG_TOKEN";
173
+ die();
174
+ }
175
+
176
+ }
177
+ //*/
178
+
179
+ if(isset($ct_options['check_external']) && @intval($ct_options['check_external']) == 1)
180
+ $test_external_forms=true;
181
+ else
182
+ $test_external_forms=false;
183
+
184
+ if(isset($ct_options['check_internal']) && @intval($ct_options['check_internal']) == 1)
185
+ $test_internal_forms = true;
186
+ else
187
+ $test_internal_forms = false;
188
+
189
+ // Activation/deactivation functions must be in main plugin file.
190
+ // http://codex.wordpress.org/Function_Reference/register_activation_hook
191
+ register_activation_hook( __FILE__, 'ct_activation' );
192
+ register_deactivation_hook( __FILE__, 'ct_deactivation' );
193
+
194
+ //
195
+ // Redirect admin to plugin settings.
196
+ //
197
+ if(!defined('WP_ALLOW_MULTISITE') || defined('WP_ALLOW_MULTISITE') && WP_ALLOW_MULTISITE == false)
198
+ add_action('admin_init', 'ct_plugin_redirect');
199
+
200
+ // After plugin loaded - to load locale as described in manual
201
+ add_action( 'ct_init', 'ct_plugin_loaded' );
202
+ ct_plugin_loaded();
203
+
204
+ $use_ajax = (isset($ct_options['use_ajax']) ? intval($ct_options['use_ajax']) : 1);
205
+
206
+ if( $use_ajax==1 &&
207
+ stripos($_SERVER['REQUEST_URI'],'.xml')===false &&
208
+ stripos($_SERVER['REQUEST_URI'],'.xsl')===false)
209
+ {
210
+ if($cleantalk_use_buffer)
211
+ add_action('wp_loaded', 'ct_add_nocache_script', 1);
212
+
213
+ if($cleantalk_use_footer_header){
214
+ add_action('wp_footer', 'ct_add_nocache_script_footer', 1);
215
+ add_action('wp_head', 'ct_add_nocache_script_header', 1);
216
+ }
217
+ add_action( 'wp_ajax_nopriv_ct_get_cookie', 'ct_get_cookie',1 );
218
+ add_action( 'wp_ajax_ct_get_cookie', 'ct_get_cookie',1 );
219
+ }
220
+
221
+ if(isset($ct_options['show_link']) && intval($ct_options['show_link']) == 1)
222
+ add_action('comment_form_after', 'ct_show_comment_link');
223
+
224
+ if(is_admin()){
225
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-comments.php');
226
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-users.php');
227
+ }
228
+
229
+ if (is_admin()||is_network_admin()){
230
+
231
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-admin.php');
232
+
233
+ if (!(defined( 'DOING_AJAX' ) && DOING_AJAX)){
234
+ add_action('admin_init', 'ct_admin_init', 1);
235
+ add_action('admin_menu', 'ct_admin_add_page');
236
+ if(is_network_admin())
237
+ add_action('network_admin_menu', 'ct_admin_add_page');
238
+
239
+ add_action('admin_notices', 'cleantalk_admin_notice_message');
240
+ add_action('network_admin_notices', 'cleantalk_admin_notice_message');
241
+ }
242
+ if (defined( 'DOING_AJAX' ) && DOING_AJAX||isset($_POST['cma-action'])){
243
+ $cleantalk_hooked_actions = array();
244
+ $cleantalk_ajax_actions_to_check = array();
245
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
246
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-ajax.php');
247
+
248
+ // Do check for AJAX if Unknown action or Known action with mandatory check
249
+ if( isset($_POST['action']) &&
250
+ !isset($_COOKIE[LOGGED_IN_COOKIE]) &&
251
+ (!in_array($_POST['action'], $cleantalk_hooked_actions) || in_array($_POST['action'], $cleantalk_ajax_actions_to_check))
252
+ ){
253
+ ct_ajax_hook();
254
+ }
255
+ //
256
+ // Some of plugins to register a users use AJAX context.
257
+ //
258
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
259
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
260
+ add_action('user_register', 'ct_user_register');
261
+
262
+ //QAEngine Theme answers
263
+ if (intval($ct_options['general_contact_forms_test']))
264
+ add_filter('et_pre_insert_answer', 'ct_ajax_hook', 1, 1);
265
+ }
266
+
267
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
268
+
269
+ //Bitrix24 contact form
270
+ if (ct_is_user_enable()) {
271
+ ct_cookies_test();
272
+
273
+ if (isset($ct_options['general_contact_forms_test']) && $ct_options['general_contact_forms_test'] == 1 &&
274
+ !empty($_POST['your-phone']) &&
275
+ !empty($_POST['your-email']) &&
276
+ !empty($_POST['your-message'])
277
+ ){
278
+ $ct_check_post_result=false;
279
+ ct_contact_form_validate();
280
+ }
281
+ }
282
+
283
+ add_action('admin_enqueue_scripts', 'ct_enqueue_scripts');
284
+
285
+ if($pagenow=='edit-comments.php'){
286
+ add_action('comment_unapproved_to_approvecomment', 'ct_comment_approved'); // param - comment object
287
+ add_action('comment_unapproved_to_approved', 'ct_comment_approved'); // param - comment object
288
+ add_action('comment_approved_to_unapproved', 'ct_comment_unapproved'); // param - comment object
289
+ add_action('comment_unapproved_to_spam', 'ct_comment_spam'); // param - comment object
290
+ add_action('comment_approved_to_spam', 'ct_comment_spam'); // param - comment object
291
+ //add_filter('get_comment_text', 'ct_get_comment_text'); // param - current comment text
292
+ add_filter('unspam_comment', 'ct_unspam_comment');
293
+ }
294
+
295
+ if($pagenow=='users.php')
296
+ add_action('delete_user', 'ct_delete_user');
297
+
298
+ if($pagenow=='plugins.php' || @strpos($_SERVER['REQUEST_URI'],'plugins.php')!==false){
299
+
300
+ add_filter('plugin_row_meta', 'ct_register_plugin_links', 10, 2);
301
+ add_filter('plugin_action_links', 'ct_plugin_action_links', 10, 2);
302
+ }
303
+ add_action('updated_option', 'ct_update_option'); // param - option name, i.e. 'cleantalk_settings'
304
+ }else{
305
+
306
+ require_once(CLEANTALK_PLUGIN_DIR . 'inc/cleantalk-public.php');
307
+
308
+ // Init action.
309
+ add_action('plugins_loaded', 'ct_init', 1);
310
+
311
+ // Hourly run hook
312
+ add_action('ct_hourly_event_hook', 'ct_do_this_hourly');
313
+ add_action('cleantalk_update_sfw_hook', 'cleantalk_update_sfw');
314
+
315
+ // Comments
316
+ add_filter('preprocess_comment', 'ct_preprocess_comment', 1, 1); // param - comment data array
317
+ add_filter('comment_text', 'ct_comment_text' );
318
+
319
+ // Registrations
320
+ add_action('register_form','ct_register_form');
321
+ add_filter('registration_errors', 'ct_registration_errors', 1, 3);
322
+ add_filter('registration_errors', 'ct_check_registration_erros', 999999, 3);
323
+ add_action('user_register', 'ct_user_register');
324
+
325
+ // Multisite registrations
326
+ add_action('signup_extra_fields','ct_register_form');
327
+ add_filter('wpmu_validate_user_signup', 'ct_registration_errors_wpmu', 10, 3);
328
+
329
+ // Login form - for notifications only
330
+ add_filter('login_message', 'ct_login_message');
331
+
332
+ // Ait-Themes fix
333
+ if(isset($_GET['ait-action']) && $_GET['ait-action']=='register'){
334
+ $tmp=$_POST['redirect_to'];
335
+ unset($_POST['redirect_to']);
336
+ ct_contact_form_validate();
337
+ $_POST['redirect_to']=$tmp;
338
+ }
339
+ }
340
  }
341
+
342
+ function ct_db_refresh(){
343
+ global $wpdb;
344
+
345
+ $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw` (
346
+ `network` int(11) unsigned NOT NULL,
347
+ `mask` int(11) unsigned NOT NULL,
348
+ INDEX ( `network` , `mask` )
349
+ ) ENGINE = MYISAM ;");
350
+
351
+ $wpdb->query("CREATE TABLE IF NOT EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs` (
352
+ `ip` VARCHAR(15) NOT NULL ,
353
+ `all` INT NOT NULL ,
354
+ `blocked` INT NOT NULL ,
355
+ `timestamp` INT NOT NULL ,
356
+ PRIMARY KEY (`ip`))
357
+ ENGINE = MYISAM;");
358
+
359
+ }
360
+
361
+ /**
362
+ * On activation, set a time, frequency and name of an action hook to be scheduled.
363
+ */
364
+ if (!function_exists ( 'ct_activation')) {
365
+ function ct_activation() {
366
+
367
+ ct_db_refresh();
368
+
369
+ wp_schedule_event(time(), 'hourly', 'ct_hourly_event_hook' );
370
+ //wp_schedule_event(time(), 'hourly', 'ct_send_sfw_log' );
371
+ wp_schedule_event(time(), 'daily', 'cleantalk_update_sfw_hook' );
372
+ //Sends log every day
373
+ wp_schedule_event(time()+85400 , 'daily', 'cleantalk_send_daily_report_hook' );
374
+
375
+ cleantalk_update_sfw();
376
+
377
+ add_option('ct_plugin_do_activation_redirect', true);
378
+ add_option('cleantalk_activation_timestamp', time());
379
+ }
380
+ }
381
+
382
+ /**
383
+ * On deactivation, clear schedule.
384
+ */
385
+ if (!function_exists ( 'ct_deactivation')) {
386
+ function ct_deactivation() {
387
+
388
+ global $wpdb;
389
+
390
+ $wpdb->query("DROP TABLE IF EXISTS `".$wpdb->base_prefix."cleantalk_sfw`;");
391
+ $wpdb->query("DROP TABLE IF EXISTS `".$wpdb->base_prefix."cleantalk_sfw_logs`;");
392
+
393
+ wp_clear_scheduled_hook( 'ct_hourly_event_hook' );
394
+ wp_clear_scheduled_hook( 'ct_send_sfw_log' );
395
+ wp_clear_scheduled_hook( 'cleantalk_update_sfw' );
396
+ wp_clear_scheduled_hook( 'cleantalk_update_sfw_hook' );
397
+ wp_clear_scheduled_hook( 'cleantalk_send_daily_report_hook' );
398
+
399
+ }
400
+ }
401
+
402
+ /**
403
+ * Redirects admin to plugin settings after activation.
404
+ */
405
+ function ct_plugin_redirect()
406
+ {
407
+ global $ct_redirects_label;
408
+ if (get_option('ct_plugin_do_activation_redirect', false))
409
+ {
410
+ delete_option('ct_plugin_do_activation_redirect');
411
+ if(!isset($_GET['activate-multi']) && !isset($_COOKIE[$ct_redirects_label]))
412
+ {
413
+ setcookie($ct_redirects_label, 1, null, '/');
414
+ wp_redirect("options-general.php?page=cleantalk");
415
+ }
416
+ }
417
+ }
418
+
419
+ function ct_add_event($event_type)
420
+ {
421
+ global $ct_data,$cleantalk_executed;
422
+
423
+ if(!get_option('cleantalk_sends_reports_till'));
424
+ add_option('cleantalk_sends_reports_till', time()+7*24*3600);
425
+
426
+ //
427
+ // To migrate on the new version of ct_add_event().
428
+ //
429
+ switch ($event_type) {
430
+ case '0': $event_type = 'no';break;
431
+ case '1': $event_type = 'yes';break;
432
+ }
433
+
434
+ $ct_data = ct_get_data();
435
+ $current_hour=intval(date('G'));
436
+
437
+ //Daily counter
438
+ if(!isset($ct_data['array_accepted'])){
439
+ $ct_data['array_accepted']=Array();
440
+ $ct_data['array_blocked']=Array();
441
+ $ct_data['current_hour']=$current_hour;
442
+ }
443
+ //All time counter
444
+ if(!isset($ct_data['all_time_counter'])){
445
+ $ct_data['all_time_counter']['accepted']=0;
446
+ $ct_data['all_time_counter']['blocked']=0;
447
+ }
448
+ //User counter
449
+ if(!isset($ct_data['user_counter'])){
450
+ $ct_data['user_counter']['accepted']=0;
451
+ $ct_data['user_counter']['blocked']=0;
452
+ $ct_data['user_counter']['since']=date('d M');
453
+ }
454
+
455
+ if($current_hour!=$ct_data['current_hour']){
456
+ @$ct_data['current_hour']=$current_hour;
457
+ @$ct_data['array_accepted'][$current_hour]=0;
458
+ @$ct_data['array_blocked'][$current_hour]=0;
459
+ }
460
+
461
+ //Add 1 to counters
462
+ if($event_type=='yes'){
463
+ @$ct_data['array_accepted'][$current_hour]++;
464
+ @$ct_data['all_time_counter']['accepted']++;
465
+ @$ct_data['user_counter']['accepted']++;
466
+ }
467
+ if($event_type=='no'){
468
+ @$ct_data['array_blocked'][$current_hour]++;
469
+ @$ct_data['all_time_counter']['blocked']++;
470
+ @$ct_data['user_counter']['blocked']++;
471
+ }
472
+
473
+ update_option('cleantalk_data', $ct_data);
474
+ $cleantalk_executed=true;
475
+ }
476
+
477
+ /**
478
+ * return new cookie value
479
+ */
480
+ function ct_get_cookie()
481
+ {
482
+ global $ct_checkjs_def;
483
+ $ct_checkjs_key = ct_get_checkjs_value(true);
484
+ print $ct_checkjs_key;
485
+ die();
486
+ }
487
+
488
+ /**
489
+ * adds nocache script
490
+ */
491
+ function ct_add_nocache_script()
492
+ {
493
+ ob_start('ct_inject_nocache_script');
494
+ }
495
+
496
+ function ct_add_nocache_script_footer(){
497
+
498
+ if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
499
+
500
+ global $test_external_forms, $test_internal_forms, $cleantalk_plugin_version;
501
+
502
+ print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_nocache.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
503
+
504
+ if($test_external_forms){
505
+ print "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
506
+ print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_external.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
507
+ }
508
+
509
+ if($test_internal_forms){
510
+ print "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
511
+ print "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_internal.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
512
+ }
513
+ }
514
+ }
515
+
516
+ /**
517
+ * Function prepares values to manage JavaScript code
518
+ * @return string
519
+ */
520
+ function ct_set_info_flag () {
521
+ global $ct_options;
522
+
523
+ $ct_options=ct_get_options();
524
+
525
+ $result = 'false';
526
+ if(@intval($ct_options['collect_details'])==1
527
+ && @intval($ct_options['set_cookies']) == 1
528
+ ) {
529
+ $result = 'true';
530
+ }
531
+
532
+ $ct_info_flag = "var ct_info_flag=$result;\n";
533
+
534
+ $result = 'true';
535
+ if (@intval($ct_options['set_cookies']) == 0) {
536
+ $result = 'false';
537
+ }
538
+
539
+ $ct_set_cookies_flag = "var ct_set_cookies_flag=$result;\n";
540
+
541
+ return $ct_info_flag . $ct_set_cookies_flag;
542
+ }
543
+
544
+ function ct_add_nocache_script_header(){
545
+
546
+ if(strpos($_SERVER['REQUEST_URI'],'jm-ajax')===false){
547
+ $ct_info_flag = ct_set_info_flag();
548
+ print "\n<script type='text/javascript'>\nvar ct_ajaxurl = '".admin_url('admin-ajax.php')."';\n $ct_info_flag </script>\n";
549
+ }
550
+
551
+ }
552
+
553
+ function ct_inject_nocache_script($html){
554
+
555
+ if(strpos($_SERVER['REQUEST_URI'],'jm-ajax')===false){
556
+
557
+ global $test_external_forms, $test_internal_forms, $cleantalk_plugin_version, $ct_options;
558
+
559
+ $ct_info_flag = ct_set_info_flag();
560
+
561
+ if(!is_admin()&&stripos($html,"</body>")!==false){
562
+
563
+ $ct_replace="<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_nocache.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
564
+
565
+ if($test_external_forms){
566
+ $ct_replace.="\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
567
+ $ct_replace.="<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_external.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
568
+ }
569
+
570
+ if($test_internal_forms){
571
+ $ct_replace .= "\n<script type='text/javascript'>var ct_blog_home = '".get_home_url()."';</script>\n";
572
+ $ct_replace .= "<script async type='text/javascript' src='".plugins_url( '/inc/cleantalk_internal.js' , __FILE__ )."?random=".$cleantalk_plugin_version."'></script>\n";
573
+ }
574
+
575
+ $html = preg_replace("/<\/body>\s*<\/html>/", $ct_replace."</body></html>", $html, 1); }
576
+ }
577
+ return $html;
578
+ }
579
+
580
+ function ct_show_comment_link(){
581
+
582
+ print "<div style='font-size:10pt;'><a href='https://cleantalk.org/wordpress-anti-spam-plugin' target='_blank'>".__( 'WordPress spam', 'cleantalk' )."</a> ".__( 'blocked by', 'cleantalk' )." CleanTalk.</div>";
583
+
584
+ }
585
+
586
+ add_action( 'right_now_content_table_end', 'my_add_counts_to_dashboard' );
587
+
588
+ function cleantalk_update_sfw(){
589
+ global $wpdb, $ct_sfw_updated, $ct_options, $ct_data;
590
+
591
+ if(!function_exists('sendRawRequest'))
592
+ require_once('inc/cleantalk.class.php');
593
+
594
+ if(isset($ct_options['spam_firewall']) && intval($ct_options['spam_firewall']) == 1 && ($ct_sfw_updated === false || !isset($ct_sfw_updated))){
595
+
596
+ $data = Array( 'auth_key' => $ct_options['apikey'],
597
+ 'method_name' => '2s_blacklists_db'
598
+ );
599
+
600
+ $result=sendRawRequest('https://api.cleantalk.org', $data);
601
+
602
+ $result=json_decode($result, true);
603
+
604
+ if(isset($result['data'])){
605
+
606
+ $wpdb->query("TRUNCATE TABLE `".$wpdb->base_prefix."cleantalk_sfw`;");
607
+ $result=$result['data'];
608
+ $query="INSERT INTO `".$wpdb->base_prefix."cleantalk_sfw` VALUES ";
609
+ for($i=0;$i<sizeof($result);$i++){
610
+
611
+ if($i==sizeof($result)-1)
612
+ $query.="(".$result[$i][0].",".$result[$i][1].");";
613
+ else
614
+ $query.="(".$result[$i][0].",".$result[$i][1]."), ";
615
+
616
+ }
617
+ $wpdb->query($query);
618
+ $ct_sfw_updated = true;
619
+ }
620
+ }
621
+ }
622
+
623
+ function cleantalk_get_ip(){
624
+
625
+ $result=Array();
626
+
627
+ if ( function_exists( 'apache_request_headers' ) )
628
+ $headers = apache_request_headers();
629
+ else
630
+ $headers = $_SERVER;
631
+
632
+ if ( array_key_exists( 'X-Forwarded-For', $headers ) ){
633
+ $the_ip=explode(",", trim($headers['X-Forwarded-For']));
634
+ $result[] = trim($the_ip[0]);
635
+ }
636
+
637
+ if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers )){
638
+ $the_ip=explode(",", trim($headers['HTTP_X_FORWARDED_FOR']));
639
+ $result[] = trim($the_ip[0]);
640
+ }
641
+
642
+ $result[] = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
643
+
644
+ if(isset($_GET['sfw_test_ip']))
645
+ $result[]=$_GET['sfw_test_ip'];
646
+
647
+ return $result;
648
+ }
649
+
650
+ function ct_send_sfw_log()
651
+ {
652
+ global $ct_options, $ct_data;
653
+
654
+ $ct_options=ct_get_options();
655
+ $ct_data=ct_get_data();
656
+
657
+ include_once("inc/cleantalk-sfw.class.php");
658
+ $result = CleanTalkSFW::send_logs($ct_options['apikey']);
659
+
660
+ if($result !== false){
661
+
662
+ if(!isset($ct_data['sfw_counter']))
663
+ $ct_data['sfw_counter'] = array('all' => 0, 'blocked' => 0);
664
+
665
+ $ct_data['sfw_counter']['all'] += $result['all'];
666
+ $ct_data['sfw_counter']['blocked'] += $result['blocked'];
667
+ $ct_data['last_sfw_send']=time();
668
+ update_option('cleantalk_data', $ct_data);
669
+
670
+ return true;
671
+
672
+ }else
673
+ return false;
674
+ }
675
+
676
+ // Sends daily report from get_antispam_report method
677
+ function cleantalk_send_daily_report(){
678
+
679
+
680
+ $timestamp_trial_ends = get_option('cleantalk_sends_reports_till');
681
+
682
+ // If 7 days is over
683
+ if($timestamp_trial_ends === false){
684
+ return;
685
+ }elseif((int)$timestamp_trial_ends < time()){
686
+ wp_clear_scheduled_hook( 'cleantalk_send_daily_report_hook' );
687
+ return;
688
+ }
689
+
690
+ if(!function_exists('ct_get_data'))
691
+ include_once("inc/cleantalk-common.php");
692
+
693
+ $ct_options = ct_get_options();
694
+ $ct_data = ct_get_data();
695
+ $site_url = get_option('siteurl');
696
+ $site_url = preg_replace('/http[s]?:\/\//', '', $site_url, 1);
697
+ $site_domain = preg_replace('/\/.*$/', '', $site_url, 1);
698
+
699
+ if($ct_options['apikey'] == ''){
700
+
701
+ if(!function_exists('getAntispamReport'))
702
+ include_once("inc/cleantalk.class.php");
703
+
704
+ $result = getAntispamReport($site_domain);
705
+ $result = json_decode($result, true);
706
+
707
+ //Connection failed
708
+ if(!$result){
709
+
710
+ $ct_data['errors'][__FUNCTION__] = array(
711
+ 'time' => date("M d Y H:i:s", time()),
712
+ 'error_no' => (-1),
713
+ 'error' => 'Request method returns FALSE'
714
+ );
715
+ update_option('cleantalk_data', $ct_data);
716
+ return $ct_data['errors'][__FUNCTION__];
717
+ } //Error returned
718
+ elseif(isset($result['error_message']) && isset($result['error_no']))
719
+ {
720
+ $ct_data['errors'][__FUNCTION__] = array(
721
+ 'time' => date("M d Y H:i:s", time()),
722
+ 'error_no' => $result['error_no'],
723
+ 'error' => $result['error_message']
724
+ );
725
+ update_option('cleantalk_data', $ct_data);
726
+ return $ct_data['errors'][__FUNCTION__];
727
+ } //OK
728
+ elseif(!empty($result['data']))
729
+ {
730
+ $result = $result['data']['stat'];
731
+ if(isset($ct_data['errors'][__FUNCTION__])){
732
+ unset($ct_data['errors'][__FUNCTION__]);
733
+ update_option('cleantalk_data', $ct_data);
734
+ }
735
+ }
736
+
737
+ //Comple mail
738
+ include_once("templates/daily_report.php");
739
+
740
+ $title = sprintf(__('%d spam attacks have been blocked', 'cleantalk'), $result['deny_comments'] + $result['deny_registrations'] + $result['deny_contacts']);
741
+ $events = sprintf($events,
742
+ $result['allow_comments'], $result['deny_comments'],
743
+ $result['allow_registrations'], $result['deny_registrations'],
744
+ $result['allow_contacts'], $result['deny_contacts']
745
+ );
746
+
747
+ $href_for_network_admin = (is_network_admin() ? "settings" : "options-general");
748
+
749
+ $message = sprintf($msg_template,
750
+ $style, //Headers and styles
751
+ $title, //Title
752
+ $events, //Result table
753
+ $site_url, $href_for_network_admin, __('Complete setup', 'cleantalk'), //Right link to cleantalk's settings
754
+ __('To see the anti-spam log and complete the setup, please get the Access key.', 'cleantalk'),
755
+ $site_url, $href_for_network_admin, 'Antispam by CleanTalk' //Right link to cleantalk's settings
756
+ );
757
+
758
+ $admin_email = get_option('admin_email');
759
+ $subject = sprintf(__("%s spam attacks report", "cleantalk"), $site_domain);
760
+ $headers[] = 'content-type: text/html';
761
+
762
+ $result = $send_mail_result = wp_mail(
763
+ $admin_email,
764
+ $subject,
765
+ $message,
766
+ $headers
767
+ );
768
+
769
+ return ($result ? true : false);
770
+
771
+ }
772
+
773
+ return;
774
+
775
+ }
776
+
777
+ /*
778
+ function myplugin_update_field( $new_value, $old_value ) {
779
+ error_log('cleantalk_data dump: '. strlen(serialize($new_value)));
780
+ return $new_value;
781
+ }
782
+
783
+ function myplugin_init() {
784
+ add_filter( 'pre_update_option_cleantalk_data', 'myplugin_update_field', 10, 2 );
785
+ }
786
+
787
+ add_action( 'init', 'myplugin_init' );
788
+ */
789
+ ?>
inc/cleantalk-admin.php CHANGED
@@ -319,6 +319,8 @@ function ct_admin_init()
319
  register_setting('cleantalk_settings', 'cleantalk_settings', 'ct_settings_validate');
320
  add_settings_section('cleantalk_settings_main', __($ct_plugin_name, 'cleantalk'), 'ct_section_settings_main', 'cleantalk');
321
 
 
 
322
  add_settings_section('cleantalk_settings_state', "<hr>".__('Protection is active', 'cleantalk'), 'ct_section_settings_state', 'cleantalk');
323
  add_settings_section('cleantalk_settings_banner', "<hr>", '', 'cleantalk');
324
  add_settings_section('cleantalk_settings_anti_spam', "<a href='#' class='ct_support_link'>".__('Advanced settings', 'cleantalk')."</a>", 'ct_section_settings_anti_spam', 'cleantalk');
@@ -331,6 +333,7 @@ function ct_admin_init()
331
  {
332
  add_settings_field('cleantalk_apikey', '', 'ct_input_apikey', 'cleantalk', 'cleantalk_settings_main');
333
  }
 
334
  //Forms for protection
335
  add_settings_field('cleantalk_title_fiels_for_protect', "", 'ct_input_what_fields_should_be_protected', 'cleantalk', 'cleantalk_settings_anti_spam');//Title settings
336
  add_settings_field('cleantalk_registrations_test', __('Registration forms', 'cleantalk'), 'ct_input_registrations_test', 'cleantalk', 'cleantalk_settings_anti_spam');
@@ -365,8 +368,8 @@ function ct_admin_init()
365
 
366
 
367
  add_settings_field('cleantalk_collect_details', __('Collect details about browsers', 'cleantalk'), 'ct_input_collect_details', 'cleantalk', 'cleantalk_settings_anti_spam');
368
- add_settings_field('cleantalk_spam_firewall', __('SpamFireWall', 'cleantalk'), 'ct_input_spam_firewall', 'cleantalk', 'cleantalk_settings_anti_spam');
369
  add_settings_field('cleantalk_show_link', __('Tell others about CleanTalk', 'cleantalk'), 'ct_input_show_link', 'cleantalk', 'cleantalk_settings_banner');
 
370
  }
371
  }
372
 
@@ -612,52 +615,47 @@ function ct_add_admin_menu( $wp_admin_bar ) {
612
 
613
 
614
  // Prints debug information. Support function.
615
- function ct_debug_print($arr, $iter = 1){
616
-
617
- foreach($arr as $key => $value){
618
-
619
- if(is_array($value) || $key == 'ct' || $key == 'ct_result'){
620
- echo str_repeat('&nbsp;&nbsp;', $iter)."<b style='font-size: 15px;'>$key: </b><br>";
621
- ct_debug_print($value, $iter + 1);
622
- }else
623
- echo str_repeat('&nbsp;&nbsp;', $iter)."$key => $value<br>";
624
-
625
- }
626
 
627
- unset($key, $value);
628
- }
629
-
630
- /**
631
- * Admin callback function - Displays description of 'state' plugin parameters section
632
- */
633
- function ct_section_settings_state() {
634
- global $ct_options, $ct_data;
635
-
636
  $ct_options = ct_get_options();
637
  $ct_data = ct_get_data();
638
-
639
  if(isset($ct_data['ct_debug_reset']) && $ct_data['ct_debug_reset']){
640
  unset($ct_data['debug'], $ct_data['ct_debug_reset']);
641
  update_option('cleantalk_data', $ct_data);
 
642
  }
643
 
644
- if(!empty($ct_data['debug'])){
645
-
646
- echo "<input type='submit' value='Drop debug data' name='ct_debug_reset'><br>";
647
-
648
- echo 'CLEANTALK_AJAX_USE_BUFFER '.(defined('CLEANTALK_AJAX_USE_BUFFER') ? (CLEANTALK_AJAX_USE_BUFFER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
649
- echo 'CLEANTALK_AJAX_USE_FOOTER_HEADER '.(defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? (CLEANTALK_AJAX_USE_FOOTER_HEADER ? 'true' : 'flase') : 'NOT_DEFINED');
 
 
 
 
 
 
650
 
651
- echo "<h3>DEBUG:</h3>";
652
- // ct_debug_print($ct_data['debug']);
653
  $output = print_r($ct_data['debug'], true);
654
  $output = str_replace("\n", "<br>", $output);
655
  $output = preg_replace("/[^\S]{4}/", "&nbsp;&nbsp;&nbsp;&nbsp;", $output);
656
  echo "$output";
657
 
658
- echo "<br>";
659
- }
660
-
 
 
 
 
 
 
 
 
 
661
  if(!isset($ct_data['moderate_ip']))
662
  {
663
  $ct_data['moderate_ip'] = 0;
@@ -692,30 +690,28 @@ function ct_section_settings_state() {
692
  }
693
  print "<div style='color:$color'>";
694
 
695
- if(isset($ct_data['moderate_ip']) && $ct_data['moderate_ip'] == 1)
696
- $ct_moderate = true;
697
- else
698
- $ct_moderate = false;
699
-
700
- print '<img src="'. (($ct_options['registrations_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Registration forms', 'cleantalk');
701
- print ' &nbsp; <img src="'.(($ct_options['comments_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Comments forms', 'cleantalk');
702
- print ' &nbsp; <img src="'.(($ct_options['contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Contact forms', 'cleantalk');
703
- print ' &nbsp; <img src="'.(($ct_options['general_contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Custom contact forms', 'cleantalk');
704
-
705
- if(class_exists('WooCommerce'))
706
- print ' &nbsp; <img src="'.(($ct_options['wc_checkout_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('WooCommerce checkout form', 'cleantalk');
707
-
708
- if($ct_options['spam_firewall']==1 || $ct_moderate)
709
- print ' &nbsp; <img src="'.$img.'" alt="" height="" /> '.__('SpamFireWall', 'cleantalk');
710
-
711
- if($ct_data['moderate_ip'] == 1)
712
- print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";
713
 
714
  print "</div>";
 
715
  if($test_failed && $ct_data['moderate_ip'] != 1)
716
- {
717
  print __("Testing is failed, check settings. Tech support <a target=_blank href='mailto:support@cleantalk.org'>support@cleantalk.org</a>", 'cleantalk');
718
- }
719
  return true;
720
  }
721
 
319
  register_setting('cleantalk_settings', 'cleantalk_settings', 'ct_settings_validate');
320
  add_settings_section('cleantalk_settings_main', __($ct_plugin_name, 'cleantalk'), 'ct_section_settings_main', 'cleantalk');
321
 
322
+ if(!empty($ct_data['debug']))
323
+ add_settings_section('cleantalk_debug_section', '<hr>Debug', 'ct_section_debug', 'cleantalk');
324
  add_settings_section('cleantalk_settings_state', "<hr>".__('Protection is active', 'cleantalk'), 'ct_section_settings_state', 'cleantalk');
325
  add_settings_section('cleantalk_settings_banner', "<hr>", '', 'cleantalk');
326
  add_settings_section('cleantalk_settings_anti_spam', "<a href='#' class='ct_support_link'>".__('Advanced settings', 'cleantalk')."</a>", 'ct_section_settings_anti_spam', 'cleantalk');
333
  {
334
  add_settings_field('cleantalk_apikey', '', 'ct_input_apikey', 'cleantalk', 'cleantalk_settings_main');
335
  }
336
+
337
  //Forms for protection
338
  add_settings_field('cleantalk_title_fiels_for_protect', "", 'ct_input_what_fields_should_be_protected', 'cleantalk', 'cleantalk_settings_anti_spam');//Title settings
339
  add_settings_field('cleantalk_registrations_test', __('Registration forms', 'cleantalk'), 'ct_input_registrations_test', 'cleantalk', 'cleantalk_settings_anti_spam');
368
 
369
 
370
  add_settings_field('cleantalk_collect_details', __('Collect details about browsers', 'cleantalk'), 'ct_input_collect_details', 'cleantalk', 'cleantalk_settings_anti_spam');
 
371
  add_settings_field('cleantalk_show_link', __('Tell others about CleanTalk', 'cleantalk'), 'ct_input_show_link', 'cleantalk', 'cleantalk_settings_banner');
372
+ add_settings_field('cleantalk_spam_firewall', __('SpamFireWall', 'cleantalk'), 'ct_input_spam_firewall', 'cleantalk', 'cleantalk_settings_banner');
373
  }
374
  }
375
 
615
 
616
 
617
  // Prints debug information. Support function.
618
+ function ct_section_debug(){
 
 
 
 
 
 
 
 
 
 
619
 
 
 
 
 
 
 
 
 
 
620
  $ct_options = ct_get_options();
621
  $ct_data = ct_get_data();
622
+
623
  if(isset($ct_data['ct_debug_reset']) && $ct_data['ct_debug_reset']){
624
  unset($ct_data['debug'], $ct_data['ct_debug_reset']);
625
  update_option('cleantalk_data', $ct_data);
626
+ return;
627
  }
628
 
629
+
630
+ echo "<h4>Constants:</h4>";
631
+ echo 'CLEANTALK_AJAX_USE_BUFFER '. (defined('CLEANTALK_AJAX_USE_BUFFER') ? (CLEANTALK_AJAX_USE_BUFFER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
632
+ echo 'CLEANTALK_AJAX_USE_FOOTER_HEADER '. (defined('CLEANTALK_AJAX_USE_FOOTER_HEADER') ? (CLEANTALK_AJAX_USE_FOOTER_HEADER ? 'true' : 'flase') : 'NOT_DEFINED')."<br>";
633
+ echo 'CLEANTALK_ACCESS_KEY '. (defined('CLEANTALK_ACCESS_KEY') ? (CLEANTALK_ACCESS_KEY ? CLEANTALK_ACCESS_KEY : 'flase') : 'NOT_DEFINED')."<br>";
634
+ echo 'CLEANTALK_CHECK_COMMENTS_NUMBER '. (defined('CLEANTALK_CHECK_COMMENTS_NUMBER') ? (CLEANTALK_CHECK_COMMENTS_NUMBER ? CLEANTALK_CHECK_COMMENTS_NUMBER : 0) : 'NOT_DEFINED')."<br>";
635
+ echo 'CLEANTALK_CHECK_MESSAGES_NUMBER '. (defined('CLEANTALK_CHECK_MESSAGES_NUMBER') ? (CLEANTALK_CHECK_MESSAGES_NUMBER ? CLEANTALK_CHECK_MESSAGES_NUMBER : 0) : 'NOT_DEFINED')."<br>";
636
+ echo 'CLEANTALK_PLUGIN_DIR '. (defined('CLEANTALK_PLUGIN_DIR') ? (CLEANTALK_PLUGIN_DIR ? CLEANTALK_PLUGIN_DIR : 'flase') : 'NOT_DEFINED')."<br>";
637
+ echo 'WP_ALLOW_MULTISITE '. (defined('WP_ALLOW_MULTISITE') ? (WP_ALLOW_MULTISITE ? 'true' : 'flase') : 'NOT_DEFINED');
638
+
639
+ echo "<h4>Debug log: <input type='submit' value='Drop debug data' name='ct_debug_reset' style='font-size: 11px; padding: 1px;'></h4>";
640
+ echo "<div style='height: 500px; width: 80%; overflow: auto;'>";
641
 
 
 
642
  $output = print_r($ct_data['debug'], true);
643
  $output = str_replace("\n", "<br>", $output);
644
  $output = preg_replace("/[^\S]{4}/", "&nbsp;&nbsp;&nbsp;&nbsp;", $output);
645
  echo "$output";
646
 
647
+ echo "</div>";
648
+ }
649
+
650
+ /**
651
+ * Admin callback function - Displays description of 'state' plugin parameters section
652
+ */
653
+ function ct_section_settings_state() {
654
+ global $ct_options, $ct_data;
655
+
656
+ $ct_options = ct_get_options();
657
+ $ct_data = ct_get_data();
658
+
659
  if(!isset($ct_data['moderate_ip']))
660
  {
661
  $ct_data['moderate_ip'] = 0;
690
  }
691
  print "<div style='color:$color'>";
692
 
693
+ if(isset($ct_data['moderate_ip']) && $ct_data['moderate_ip'] == 1)
694
+ $ct_moderate = true;
695
+ else
696
+ $ct_moderate = false;
697
+
698
+ print '<img src="'. (($ct_options['registrations_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Registration forms', 'cleantalk');
699
+ print ' &nbsp; <img src="'.(($ct_options['comments_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Comments forms', 'cleantalk');
700
+ print ' &nbsp; <img src="'.(($ct_options['contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Contact forms', 'cleantalk');
701
+ print ' &nbsp; <img src="'.(($ct_options['general_contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Custom contact forms', 'cleantalk');
702
+ print ' &nbsp; <img src="'.(($ct_options['spam_firewall']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('SpamFireWall', 'cleantalk');
703
+
704
+ if(class_exists('WooCommerce'))
705
+ print ' &nbsp; <img src="'.(($ct_options['wc_checkout_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('WooCommerce checkout form', 'cleantalk');
706
+
707
+ if($ct_data['moderate_ip'] == 1)
708
+ print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";
 
 
709
 
710
  print "</div>";
711
+
712
  if($test_failed && $ct_data['moderate_ip'] != 1)
 
713
  print __("Testing is failed, check settings. Tech support <a target=_blank href='mailto:support@cleantalk.org'>support@cleantalk.org</a>", 'cleantalk');
714
+
715
  return true;
716
  }
717
 
inc/cleantalk-ajax.php CHANGED
@@ -321,7 +321,7 @@ function ct_ajax_hook($message_obj = false, $additional = false)
321
  $nickname=null;
322
  $contact = true;
323
  $subject = '';
324
-
325
  //
326
  // Skip test if Custom contact forms is disabled.
327
  //
@@ -332,10 +332,12 @@ function ct_ajax_hook($message_obj = false, $additional = false)
332
  //
333
  // Go out because we call it on backend.
334
  //
335
- if (ct_is_user_enable() === false || (function_exists('get_current_user_id') && get_current_user_id() != 0)) {
336
- return false;
 
 
337
  }
338
-
339
  //
340
  // Go out because of not spam data
341
  //
@@ -344,21 +346,26 @@ function ct_ajax_hook($message_obj = false, $additional = false)
344
  'gmw_ps_display_info_window', // Geo My WP pop-up windows.
345
  'the_champ_user_auth', // Super Socializer
346
  );
 
347
  $checkjs = js_test('ct_checkjs', $_COOKIE, true);
348
  if ($checkjs && // Spammers usually fail the JS test
349
  (isset($_POST['action']) && in_array($_POST['action'], $skip_post))
350
- ) {
351
  return false;
352
  }
353
-
354
  if(isset($_POST['user_login']))
355
- {
356
  $nickname=$_POST['user_login'];
357
- }
358
  else
359
- {
360
  $nickname='';
361
- }
 
 
 
 
 
 
 
362
 
363
  //CSCF fix
364
  if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform'){
@@ -522,6 +529,13 @@ function ct_ajax_hook($message_obj = false, $additional = false)
522
  print '{"form_id":'.$_POST['_form_id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
523
  die();
524
  }
 
 
 
 
 
 
 
525
  //
526
  // WooWaitList
527
  // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
@@ -597,12 +611,23 @@ function ct_ajax_hook($message_obj = false, $additional = false)
597
  {
598
  return 'ct_mc4wp_response';
599
  }
 
 
 
 
600
  else
601
  {
602
  print $ct_result->comment;
603
  die();
604
  }
605
  }
 
 
 
 
 
 
 
606
  }
607
  }
608
 
321
  $nickname=null;
322
  $contact = true;
323
  $subject = '';
324
+
325
  //
326
  // Skip test if Custom contact forms is disabled.
327
  //
332
  //
333
  // Go out because we call it on backend.
334
  //
335
+ if( (ct_is_user_enable() === false || (function_exists('get_current_user_id') && get_current_user_id() != 0)) &&
336
+ (strval(current_action()) != 'et_pre_insert_answer' && isset($message_obj['author']) && intval($message_obj['author']) == 0) //QAEngine Theme fix
337
+ ){
338
+ return false;
339
  }
340
+
341
  //
342
  // Go out because of not spam data
343
  //
346
  'gmw_ps_display_info_window', // Geo My WP pop-up windows.
347
  'the_champ_user_auth', // Super Socializer
348
  );
349
+
350
  $checkjs = js_test('ct_checkjs', $_COOKIE, true);
351
  if ($checkjs && // Spammers usually fail the JS test
352
  (isset($_POST['action']) && in_array($_POST['action'], $skip_post))
353
+ ) {
354
  return false;
355
  }
356
+
357
  if(isset($_POST['user_login']))
 
358
  $nickname=$_POST['user_login'];
 
359
  else
 
360
  $nickname='';
361
+
362
+ //QAEngine Theme answers
363
+ if( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
364
+ $curr_user = get_user_by('id', $message_obj['author']);
365
+ $ct_post_temp['comment'] = $message_obj['post_content'];
366
+ $ct_post_temp['email'] = $curr_user->data->user_email;
367
+ $ct_post_temp['name'] = $curr_user->data->user_login;
368
+ }
369
 
370
  //CSCF fix
371
  if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform'){
529
  print '{"form_id":'.$_POST['_form_id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
530
  die();
531
  }
532
+ else if(isset($_POST['action']) && $_POST['action']=='nf_ajax_submit')
533
+ {
534
+ $nf_data = json_decode($_POST['formData'], true);
535
+ print '{"form_id":'.$nf_data['id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
536
+ die();
537
+ }
538
+
539
  //
540
  // WooWaitList
541
  // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
611
  {
612
  return 'ct_mc4wp_response';
613
  }
614
+ //QAEngine Theme answers
615
+ elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
616
+ return new WP_Error('Spam comment', $ct_result->comment);
617
+ }
618
  else
619
  {
620
  print $ct_result->comment;
621
  die();
622
  }
623
  }
624
+ //Allow == 1
625
+ else{
626
+ //QAEngine Theme answers
627
+ if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
628
+ return $message_obj;
629
+ }
630
+ }
631
  }
632
  }
633
 
inc/cleantalk-comments.php CHANGED
@@ -81,7 +81,7 @@ function ct_show_checkspam_page()
81
  <table>
82
  <tr>
83
  <td>
84
- <?php echo get_avatar( $c_spam[$i]->comment_author_email , 32); ?>
85
  </td>
86
  <td>
87
  <?php print $c_spam[$i]->comment_author; ?><br />
@@ -298,18 +298,15 @@ function ct_ajax_check_comments()
298
  $data[]=$u[$i]->comment_author_IP;
299
  $data[]=$u[$i]->comment_author_email;
300
  }
301
- $data[]='23.105.21.74';
302
  $data=implode(',',$data);
303
 
304
  $request=Array();
305
- $request['method_name'] = 'spam_check_cms';
306
- $request['auth_key'] = $ct_options['apikey'];
307
  $request['data'] = $data;
308
- $url='https://api.cleantalk.org';
 
309
  if(!function_exists('sendRawRequest'))
310
- {
311
  require_once('cleantalk.class.php');
312
- }
313
  $result=sendRawRequest($url, $request, false, 5);
314
 
315
  $result=json_decode($result);
81
  <table>
82
  <tr>
83
  <td>
84
+ <?php echo get_avatar( $c_spam[$i]->user_id , 32); ?>
85
  </td>
86
  <td>
87
  <?php print $c_spam[$i]->comment_author; ?><br />
298
  $data[]=$u[$i]->comment_author_IP;
299
  $data[]=$u[$i]->comment_author_email;
300
  }
 
301
  $data=implode(',',$data);
302
 
303
  $request=Array();
 
 
304
  $request['data'] = $data;
305
+ $url='https://api.cleantalk.org/?method_name=spam_check_cms&auth_key='.$ct_options['apikey'];
306
+
307
  if(!function_exists('sendRawRequest'))
 
308
  require_once('cleantalk.class.php');
309
+
310
  $result=sendRawRequest($url, $request, false, 5);
311
 
312
  $result=json_decode($result);
inc/cleantalk-common.php CHANGED
@@ -485,7 +485,7 @@ function ct_def_options() {
485
  'remove_old_spam' => '0',
486
  'remove_comments_links' => '0', //Removes links from approved comments
487
  //Data processing
488
- 'protect_logged_in' => '-1', // Do anit-spam tests to for logged in users.
489
  'use_ajax' => '1',
490
  'general_postdata_test' => '0', //CAPD
491
  'set_cookies'=> '1', // Disable cookies generatation to be compatible with Varnish.
@@ -700,13 +700,13 @@ function delete_spam_comments() {
700
  * Get data from an ARRAY recursively
701
  * @return array
702
  */
703
- function ct_get_fields_any($arr, $message=array(), $email=null, $nickname=null, $subject=null, $contact=true, $prev_name='') {
704
  $skip_params = array( //Skip request if fields exists
705
- 'ipn_track_id', // PayPal IPN #
706
- 'txn_type', // PayPal transaction type
707
- 'payment_status', // PayPal payment status
708
- 'ccbill_ipn', //CCBill IPN
709
- 'ct_checkjs' //skip ct_checkjs field
710
  );
711
  $obfuscate_params = array( //Fields to replace with ****
712
  'password',
@@ -714,28 +714,34 @@ function ct_get_fields_any($arr, $message=array(), $email=null, $nickname=null,
714
  'pwd',
715
  'pswd'
716
  );
717
- $skip_fields_params = array( //Array for known service fields
718
- //Common
719
- 'ct_checkjs',
720
- //Custom Contact Forms
 
 
721
  'form_id',
722
- 'form_nonce',
723
  'ccf_form',
724
  'form_page',
725
- 'form_nonce',
726
- //Qu Forms
727
  'iphorm_uid',
728
  'form_url',
729
  'post_id',
730
  'iphorm_ajax',
731
  'iphorm_id',
732
- //Fast SecureContact Froms
733
  'fs_postonce_1',
734
  'fscf_submitted',
735
  'mailto_id',
736
- 'si_contact_action'
 
 
737
  );
738
 
 
 
 
 
739
  foreach($skip_params as $value){
740
  if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
741
  $contact = false;
@@ -743,34 +749,60 @@ function ct_get_fields_any($arr, $message=array(), $email=null, $nickname=null,
743
 
744
  if(count($arr)){
745
  foreach($arr as $key => $value){
 
 
 
 
 
 
 
746
  if(!is_array($value) && !is_object($value) && @get_class($value)!='WP_User'){
747
 
748
- // Skip empty or work fields execept 0 feild
749
- if($value==='' || in_array($key, $skip_fields_params, true)){
 
 
750
  continue;
751
- }
752
 
 
 
 
 
 
 
 
 
753
  foreach($obfuscate_params as $needle){
754
  if (strpos($key, $needle) !== false){
755
  $value = ct_obfuscate_param($value);
756
- $message[$key] = $value;
757
- continue;
758
  }
759
  }unset($needle);
760
 
761
  // Removes shortcodes to do better spam filtration on server side.
762
  $value = strip_shortcodes($value);
763
 
764
- if (in_array($key, $skip_params, true) && $key!=0 && $key!='' || preg_match("/^ct_checkjs/", $key)){
765
- $contact = false;
766
- }
767
-
768
- if (!$email && @preg_match("/^\S+@\S+\.\S+$/", $value)){
769
  $email = $value;
770
- }elseif ($nickname === null && ct_get_data_from_submit($key, 'name')){
771
- $nickname .= " ".$value;
772
- }elseif ($subject === null && ct_get_data_from_submit($key, 'subject')){
 
 
 
 
 
 
 
 
 
 
 
 
773
  $subject = $value;
 
 
774
  }else{
775
  $message[$prev_name.$key] = $value;
776
  }
@@ -782,38 +814,41 @@ function ct_get_fields_any($arr, $message=array(), $email=null, $nickname=null,
782
 
783
  $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
784
 
785
- $prev_name = $prev_name_original;
786
-
787
- $email = ($temp['email'] ? $temp['email'] : null);
788
- $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
789
- $subject = ($temp['subject'] ? $temp['subject'] : null);
790
- if($contact===true)
791
- $contact = ($temp['contact']===false ? false : true);
792
- $message = $temp['message'];
793
  }
794
  } unset($key, $value);
795
  }
796
 
797
- // Deleting repeats values
798
- $message = array_unique($message);
799
-
800
- // Reset $message if we have a sign-up data
801
- $skip_message_post = array(
802
- 'edd_action', // Easy Digital Downloads
803
- );
804
  foreach ($skip_message_post as $v) {
805
  if (isset($_POST[$v])) {
806
  $message = null;
807
  break;
808
  }
809
  } unset($v);
810
-
 
 
 
 
 
 
 
 
 
 
 
811
  $return_param = array(
812
- 'email' => $email,
813
- 'nickname' => $nickname,
814
- 'subject' => $subject,
815
- 'contact' => $contact,
816
- 'message' => $message
817
  );
818
  return $return_param;
819
  }
@@ -822,7 +857,7 @@ function ct_get_fields_any($arr, $message=array(), $email=null, $nickname=null,
822
  * Masks a value with asterisks (*)
823
  * @return string
824
  */
825
- function ct_obfuscate_param ($value = null) {
826
  if ($value && (!is_object($value) || !is_array($value))) {
827
  $length = strlen($value);
828
  $value = str_repeat('*', $length);
@@ -830,34 +865,7 @@ function ct_obfuscate_param ($value = null) {
830
 
831
  return $value;
832
  }
833
- /* //OLD ct_get_fields_any_postdata
834
- function ct_get_fields_any_postdata(&$message,$arr)
835
- {
836
- $skip_params = array(
837
- 'ipn_track_id', // PayPal IPN #
838
- 'txn_type', // PayPal transaction type
839
- 'payment_status', // PayPal payment status
840
- );
841
- foreach($arr as $key=>$value)
842
- {
843
- if(!is_array($value))
844
- {
845
- if (in_array($key, $skip_params) || preg_match("/^ct_checkjs/", $key)) {
846
- //$contact = false;
847
- }
848
- else
849
- {
850
- $message.="$value\n";
851
- }
852
- }
853
- else
854
- {
855
- @ct_get_fields_any_postdata($message, $value);
856
- }
857
- }
858
- }
859
- //*/
860
- //New ct_get_fields_any_postdata
861
  //New ct_get_fields_any_postdata
862
  function ct_get_fields_any_postdata($arr, $message=array()){
863
  $skip_params = array(
485
  'remove_old_spam' => '0',
486
  'remove_comments_links' => '0', //Removes links from approved comments
487
  //Data processing
488
+ 'protect_logged_in' => '1', // Do anit-spam tests to for logged in users.
489
  'use_ajax' => '1',
490
  'general_postdata_test' => '0', //CAPD
491
  'set_cookies'=> '1', // Disable cookies generatation to be compatible with Varnish.
700
  * Get data from an ARRAY recursively
701
  * @return array
702
  */
703
+ function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
704
  $skip_params = array( //Skip request if fields exists
705
+ 'ipn_track_id', // PayPal IPN #
706
+ 'txn_type', // PayPal transaction type
707
+ 'payment_status', // PayPal payment status
708
+ 'ccbill_ipn', //CCBill IPN
709
+ 'ct_checkjs' //skip ct_checkjs field
710
  );
711
  $obfuscate_params = array( //Fields to replace with ****
712
  'password',
714
  'pwd',
715
  'pswd'
716
  );
717
+
718
+ $skip_fields_with_strings = array( //Array for strings in keys to skip and known service fields
719
+ //Common
720
+ 'ct_checkjs', //Do not send ct_checkjs
721
+ 'nonce', //nonce for strings such as 'rsvp_nonce_name'
722
+ //Custom Contact Forms
723
  'form_id',
 
724
  'ccf_form',
725
  'form_page',
726
+ //Qu Forms
 
727
  'iphorm_uid',
728
  'form_url',
729
  'post_id',
730
  'iphorm_ajax',
731
  'iphorm_id',
732
+ //Fast SecureContact Froms
733
  'fs_postonce_1',
734
  'fscf_submitted',
735
  'mailto_id',
736
+ 'si_contact_action',
737
+ //Ninja Forms
738
+ 'formData_settings'
739
  );
740
 
741
+ $skip_message_post = array( // Reset $message if we have a sign-up data
742
+ 'edd_action', // Easy Digital Downloads
743
+ );
744
+
745
  foreach($skip_params as $value){
746
  if(@array_key_exists($value,$_GET)||@array_key_exists($value,$_POST))
747
  $contact = false;
749
 
750
  if(count($arr)){
751
  foreach($arr as $key => $value){
752
+
753
+ if(gettype($value)=='string'){
754
+ $decoded_json_value = json_decode($value, true);
755
+ if($decoded_json_value !== null)
756
+ $value = $decoded_json_value;
757
+ }
758
+
759
  if(!is_array($value) && !is_object($value) && @get_class($value)!='WP_User'){
760
 
761
+ if (in_array($key, $skip_params, true) && $key!=0 && $key!='' || preg_match("/^ct_checkjs/", $key))
762
+ $contact = false;
763
+
764
+ if($value === '')
765
  continue;
 
766
 
767
+ //Skipping fields names with strings from (array)skip_fields_with_strings
768
+ foreach($skip_fields_with_strings as $needle){
769
+ if (strpos($prev_name.$key, $needle) !== false){
770
+ continue(2);
771
+ }
772
+ }unset($needle);
773
+
774
+ //Obfuscating params
775
  foreach($obfuscate_params as $needle){
776
  if (strpos($key, $needle) !== false){
777
  $value = ct_obfuscate_param($value);
778
+ continue(2);
 
779
  }
780
  }unset($needle);
781
 
782
  // Removes shortcodes to do better spam filtration on server side.
783
  $value = strip_shortcodes($value);
784
 
785
+ //Email
786
+ if (!$email && preg_match("/^\S+@\S+\.\S+$/", $value)){
 
 
 
787
  $email = $value;
788
+
789
+ //Names
790
+ }elseif (preg_match("/name/i", $key)){
791
+
792
+ if(preg_match("/first/i", $key) || preg_match("/fore/i", $key) || preg_match("/private/i", $key))
793
+ $nickname['first'] = $value;
794
+ elseif(preg_match("/last/i", $key) || preg_match("/sur/i", $key) || preg_match("/family/i", $key) || preg_match("/second/i", $key))
795
+ $nickname['last'] = $value;
796
+ elseif(!$nickname['nick'])
797
+ $nickname['nick'] = $value;
798
+ else
799
+ $message[$prev_name.$key] = $value;
800
+
801
+ //Subject
802
+ }elseif ($subject === null && preg_match("/subj/i", $key)){
803
  $subject = $value;
804
+
805
+ //Message
806
  }else{
807
  $message[$prev_name.$key] = $value;
808
  }
814
 
815
  $temp = ct_get_fields_any($value, $message, $email, $nickname, $subject, $contact, $prev_name);
816
 
817
+ $message = $temp['message'];
818
+ $email = ($temp['email'] ? $temp['email'] : null);
819
+ $nickname = ($temp['nickname'] ? $temp['nickname'] : null);
820
+ $subject = ($temp['subject'] ? $temp['subject'] : null);
821
+ if($contact === true)
822
+ $contact = ($temp['contact'] === false ? false : true);
823
+ $prev_name = $prev_name_original;
 
824
  }
825
  } unset($key, $value);
826
  }
827
 
 
 
 
 
 
 
 
828
  foreach ($skip_message_post as $v) {
829
  if (isset($_POST[$v])) {
830
  $message = null;
831
  break;
832
  }
833
  } unset($v);
834
+
835
+ //If top iteration, returns compiled name field. Example: "Nickname Firtsname Lastname".
836
+ if($prev_name === ''){
837
+ if(!empty($nickname)){
838
+ $nickname_str = '';
839
+ foreach($nickname as $value){
840
+ $nickname_str .= ($value ? $value." " : "");
841
+ }unset($value);
842
+ }
843
+ $nickname = $nickname_str;
844
+ }
845
+
846
  $return_param = array(
847
+ 'email' => $email,
848
+ 'nickname' => $nickname,
849
+ 'subject' => $subject,
850
+ 'contact' => $contact,
851
+ 'message' => $message
852
  );
853
  return $return_param;
854
  }
857
  * Masks a value with asterisks (*)
858
  * @return string
859
  */
860
+ function ct_obfuscate_param($value = null) {
861
  if ($value && (!is_object($value) || !is_array($value))) {
862
  $length = strlen($value);
863
  $value = str_repeat('*', $length);
865
 
866
  return $value;
867
  }
868
+
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
869
  //New ct_get_fields_any_postdata
870
  function ct_get_fields_any_postdata($arr, $message=array()){
871
  $skip_params = array(
inc/cleantalk-public.php CHANGED
@@ -128,17 +128,15 @@ function ct_init() {
128
 
129
  // Contact Form7
130
  if(defined('WPCF7_VERSION')){
131
- add_filter('wpcf7_form_elements', 'ct_wpcf7_form_elements');
132
- if(WPCF7_VERSION >= '3.0.0')
133
- {
134
- add_filter('wpcf7_spam', 'ct_wpcf7_spam');
135
- }
136
- else
137
- {
138
- add_filter('wpcf7_acceptance', 'ct_wpcf7_spam');
139
- }
140
  }
141
-
142
  // Formidable
143
  if(class_exists('FrmSettings')){
144
  add_action('frm_validate_entry', 'ct_frm_validate_entry', 1, 2);
128
 
129
  // Contact Form7
130
  if(defined('WPCF7_VERSION')){
131
+ add_filter('wpcf7_form_elements', 'ct_wpcf7_form_elements');
132
+
133
+ if(WPCF7_VERSION >= '3.0.0')
134
+ add_filter('wpcf7_spam', 'ct_wpcf7_spam');
135
+ else
136
+ add_filter('wpcf7_acceptance', 'ct_wpcf7_spam');
137
+
 
 
138
  }
139
+
140
  // Formidable
141
  if(class_exists('FrmSettings')){
142
  add_action('frm_validate_entry', 'ct_frm_validate_entry', 1, 2);
inc/cleantalk-users.php CHANGED
@@ -113,9 +113,9 @@ $cnt_spam1=$r[0]['cnt'];
113
  <input id="cb-select-<?php print $c_spam[$i]->ID; ?>" type="checkbox" name="del_comments[]" value="<?php print $c_spam[$i]->comment_ID; ?>"/>
114
  </th>
115
  <td class="author column-author" nowrap>
116
- <strong>
117
- <?php echo get_avatar( $c_spam[$i]->data->user_email , 32); ?>
118
- <?php print $c_spam[$i]->data->user_login; ?>
119
  </strong>
120
  <br/>
121
  <a href="mailto:<?php print $c_spam[$i]->data->user_email; ?>"><?php print $c_spam[$i]->data->user_email; ?></a> <a href="https://cleantalk.org/blacklists/<?php print $c_spam[$i]->data->user_email ; ?>" target="_blank"><img src="<?php print plugin_dir_url(__FILE__); ?>images/new_window.gif" border="0" style="float:none"/></a>
@@ -422,7 +422,7 @@ function ct_ajax_insert_users()
422
  $users = get_users(array('search' => '*user_*', 'search_columns' => array('login', 'nicename')));
423
  $inserted = 0;
424
  foreach($users as $user)
425
- if(wp_delete_user($user->id))
426
  $inserted++;
427
  //*/
428
 
113
  <input id="cb-select-<?php print $c_spam[$i]->ID; ?>" type="checkbox" name="del_comments[]" value="<?php print $c_spam[$i]->comment_ID; ?>"/>
114
  </th>
115
  <td class="author column-author" nowrap>
116
+ <strong>
117
+ <?php echo get_avatar( $c_spam[$i]->data->ID , 32); ?>
118
+ <?php print $c_spam[$i]->data->user_login; ?>
119
  </strong>
120
  <br/>
121
  <a href="mailto:<?php print $c_spam[$i]->data->user_email; ?>"><?php print $c_spam[$i]->data->user_email; ?></a> <a href="https://cleantalk.org/blacklists/<?php print $c_spam[$i]->data->user_email ; ?>" target="_blank"><img src="<?php print plugin_dir_url(__FILE__); ?>images/new_window.gif" border="0" style="float:none"/></a>
422
  $users = get_users(array('search' => '*user_*', 'search_columns' => array('login', 'nicename')));
423
  $inserted = 0;
424
  foreach($users as $user)
425
+ if(wp_delete_user($user->ID))
426
  $inserted++;
427
  //*/
428
 
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: znaeff, shagimuratov, serge00, sartemd174
3
  Tags: spam, anti-spam, antispam, anti spam, bbpress, buddypress, captcha, capcha, captha, catcha, cf7 spam, comments, contact form spam, signup, spammers, spammy, woocommerce, wordpress spam, subscription, gravity spam, jetpack, bots, contact form 7, contact form, registrations, ninja, Fast Secure Contact, Gravity forms, formidable, mailchimp, s2member, protection, protect, email, plugin, contact, recaptcha, google captcha, google recaptcha, blacklist, prevent spam comments, wordpress, User Frontend, bulk delete, bulk remove, widget, review, firewall, cleantalk, mailpoet, profile builder, comment spam, registration spam, spam comments, comment moderation, spam bots, block spam, signup spam, spam blocker, spam filter, user registration spam,pingback,trackback, anti-spam plugin, varnish, amp, spam free, userpro,honeypot,puzzle,quiz,survey,poll,security, amo forms, caldera forms, visual form builder, contact form clean and simple
4
  Requires at least: 3.0
5
  Tested up to: 4.7.2
6
- Stable tag: 5.58.5
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
@@ -12,6 +12,12 @@ Spam protection, anti-spam, all-in-one, premium plug-in. No comments spam & user
12
  == Description ==
13
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal Anti-Spam plugin. Formerly "Anti-Spam by CleanTalk".
14
 
 
 
 
 
 
 
15
  = Anti-Spam features =
16
  1. Stops spam comments.
17
  1. Stops spam registrations.
@@ -545,6 +551,15 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
545
  1. The Dashboard with a map of most spam active countries per your account.
546
 
547
  == Changelog ==
 
 
 
 
 
 
 
 
 
548
  = 5.58.5 March 6 2017 =
549
  * Minor backend fix.
550
 
@@ -1322,6 +1337,15 @@ WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enab
1322
  * First version
1323
 
1324
  == Upgrade Notice ==
 
 
 
 
 
 
 
 
 
1325
  = 5.58.5 March 6 2017 =
1326
  * Minor backend fix.
1327
 
@@ -1914,21 +1938,3 @@ Added immediate spam protection activation.
1914
  * Changed: Improved servers connection logic.
1915
  * Fixed: Antispam test for Fomidable forms.
1916
 
1917
- = 2.27 2013-12-06 =
1918
- * New: Added protection against spam bots for JetPack Contact form.
1919
- * Fixed: JavaScript anti-spam logic for registrations and Contact form 7.
1920
-
1921
- = 2.25 2013-11-27 =
1922
- * New: Added protection against spam bots for BuddyPress registrations.
1923
- * New: Added protection against spam bots for Contact form 7.
1924
- * New: Added Spanish (es_ES) translation.
1925
-
1926
- = 2.23 2013-11-20 =
1927
- * New: Added automatic training blacklists on spam bot account deletion.
1928
- * New: Added URL to project homepage at plugin options.
1929
- * Changed: Improved anti-spam logic.
1930
-
1931
- = 2.21 2013-11-13 =
1932
- * Changed: WordPress blacklists settings get priority over plugin's anti-spam settings
1933
- * Changed: Disabled management approval comments for regular commentators of the blog. Automatically approved for publication only the comments of the new blog authors.
1934
- * Changed: PHP code optimizations
3
  Tags: spam, anti-spam, antispam, anti spam, bbpress, buddypress, captcha, capcha, captha, catcha, cf7 spam, comments, contact form spam, signup, spammers, spammy, woocommerce, wordpress spam, subscription, gravity spam, jetpack, bots, contact form 7, contact form, registrations, ninja, Fast Secure Contact, Gravity forms, formidable, mailchimp, s2member, protection, protect, email, plugin, contact, recaptcha, google captcha, google recaptcha, blacklist, prevent spam comments, wordpress, User Frontend, bulk delete, bulk remove, widget, review, firewall, cleantalk, mailpoet, profile builder, comment spam, registration spam, spam comments, comment moderation, spam bots, block spam, signup spam, spam blocker, spam filter, user registration spam,pingback,trackback, anti-spam plugin, varnish, amp, spam free, userpro,honeypot,puzzle,quiz,survey,poll,security, amo forms, caldera forms, visual form builder, contact form clean and simple
4
  Requires at least: 3.0
5
  Tested up to: 4.7.2
6
+ Stable tag: 5.58.6
7
  License: GPLv2
8
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
9
 
12
  == Description ==
13
  No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal Anti-Spam plugin. Formerly "Anti-Spam by CleanTalk".
14
 
15
+ **Supports: Contact Form 7, Ninja Forms, Gravity Forms, MailChimp, Formidable
16
+ forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress,
17
+ Fast Secure Contact form, S2Member, MailPoet, any WordPress
18
+ registrations & contact forms and themes.
19
+ Just setup and forget the spam!**
20
+
21
  = Anti-Spam features =
22
  1. Stops spam comments.
23
  1. Stops spam registrations.
551
  1. The Dashboard with a map of most spam active countries per your account.
552
 
553
  == Changelog ==
554
+ = 5.58.6 March 16 2017 =
555
+ * Fix for Ninja forms (protection updated).
556
+ * Fix for QA Theme.
557
+ * Fix for RSVP form.
558
+ * Setting changes (Spam FireWall).
559
+ * Improved debug section.
560
+ * Improved gathering data function.
561
+ * Minor fixes.
562
+
563
  = 5.58.5 March 6 2017 =
564
  * Minor backend fix.
565
 
1337
  * First version
1338
 
1339
  == Upgrade Notice ==
1340
+ = 5.58.6 March 16 2017 =
1341
+ * Fix for Ninja forms (protection updated).
1342
+ * Fix for QA Theme.
1343
+ * Fix for RSVP form.
1344
+ * Setting changes (Spam FireWall).
1345
+ * Improved debug section.
1346
+ * Improved gathering data function.
1347
+ * Minor fixes.
1348
+
1349
  = 5.58.5 March 6 2017 =
1350
  * Minor backend fix.
1351
 
1938
  * Changed: Improved servers connection logic.
1939
  * Fixed: Antispam test for Fomidable forms.
1940