Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.65

Version Description

May 16 2017 = * Fix for PayPal redirecton. * Fixed issue with empty query for bulk comments test. * Added protection for Enfold contact form. * Ninja forms integration.

Download this release

Release Info

Developer shagimuratov
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.65
Comparing to
See all releases

Code changes from version 5.64 to 5.65

Files changed (7) hide show
  1. cleantalk.php +3 -3
  2. inc/cleantalk-ajax.php +2 -1
  3. inc/cleantalk-comments.php +15 -4
  4. inc/cleantalk-common.php +4 -1
  5. inc/cleantalk-public.php +23 -9
  6. inc/cleantalk.class.php +8 -35
  7. readme.txt +14 -2
cleantalk.php CHANGED
@@ -3,12 +3,12 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
- Version: 5.64
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
- $cleantalk_plugin_version='5.64';
11
- $ct_agent_version = 'wordpress-564';
12
  $cleantalk_executed=false;
13
  $ct_sfw_updated = false;
14
 
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
+ Version: 5.65
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
+ $cleantalk_plugin_version='5.65';
11
+ $ct_agent_version = 'wordpress-565';
12
  $cleantalk_executed=false;
13
  $ct_sfw_updated = false;
14
 
inc/cleantalk-ajax.php CHANGED
@@ -532,7 +532,8 @@ function ct_ajax_hook($message_obj = false, $additional = false)
532
  else if(isset($_POST['action']) && $_POST['action']=='nf_ajax_submit')
533
  {
534
  $nf_data = json_decode($_POST['formData'], true);
535
- print '{"form_id":'.$nf_data['id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
 
536
  die();
537
  }
538
 
532
  else if(isset($_POST['action']) && $_POST['action']=='nf_ajax_submit')
533
  {
534
  $nf_data = json_decode($_POST['formData'], true);
535
+ // print '{data:{{"form_id":'.$nf_data['id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}}}'; \\Old version
536
+ print '{"data":{"form_id":"'.$nf_data['id'].'","settings":{},"extra":[],"fields":{},"processed_actions":[],"actions":{"success_message": "<font style=\"color: red\">'.$ct_result->comment.'</font><br><br>"}},"errors":[],"debug":[]}';
537
  die();
538
  }
539
 
inc/cleantalk-comments.php CHANGED
@@ -295,8 +295,12 @@ function ct_ajax_check_comments()
295
  $data=Array();
296
  for($i=0;$i<sizeof($u);$i++)
297
  {
298
- $data[]=$u[$i]->comment_author_IP;
299
- $data[]=$u[$i]->comment_author_email;
 
 
 
 
300
  }
301
  $data=implode(',',$data);
302
 
@@ -310,10 +314,17 @@ function ct_ajax_check_comments()
310
  $result=sendRawRequest($url, $request, false, 5);
311
 
312
  $result=json_decode($result);
313
-
314
  if(isset($result->error_message))
315
  {
316
- print $result->error_message;
 
 
 
 
 
 
 
 
317
  }
318
  else
319
  {
295
  $data=Array();
296
  for($i=0;$i<sizeof($u);$i++)
297
  {
298
+ if (preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $u[$i]->comment_author_IP)) {
299
+ $data[] = $u[$i]->comment_author_IP;
300
+ }
301
+ if (preg_match('/^\S+@\S+\.\S+$/', $u[$i]->comment_author_email)) {
302
+ $data[] = $u[$i]->comment_author_email;
303
+ }
304
  }
305
  $data=implode(',',$data);
306
 
314
  $result=sendRawRequest($url, $request, false, 5);
315
 
316
  $result=json_decode($result);
 
317
  if(isset($result->error_message))
318
  {
319
+ // Data not set, marks comments as checked to avoid loops.
320
+ if (isset($result->error_no) && $result->error_no == 8) { // Data not set.
321
+ for($i=0;$i<sizeof($u);$i++) {
322
+ add_comment_meta($u[$i]->comment_ID,'ct_checked',date("Y-m-d H:m:s"),true);
323
+ }
324
+ print 1;
325
+ } else {
326
+ print $result->error_message;
327
+ }
328
  }
329
  else
330
  {
inc/cleantalk-common.php CHANGED
@@ -788,7 +788,10 @@ function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = ar
788
 
789
  // Removes shortcodes to do better spam filtration on server side.
790
  $value = strip_shortcodes($value);
791
-
 
 
 
792
  //Email
793
  if (!$email && preg_match("/^\S+@\S+\.\S+$/", $value)){
794
  $email = $value;
788
 
789
  // Removes shortcodes to do better spam filtration on server side.
790
  $value = strip_shortcodes($value);
791
+
792
+ // Decodes URL-encoded data to string.
793
+ $value = urldecode($value);
794
+
795
  //Email
796
  if (!$email && preg_match("/^\S+@\S+\.\S+$/", $value)){
797
  $email = $value;
inc/cleantalk-public.php CHANGED
@@ -35,8 +35,11 @@ function ct_init() {
35
  add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
36
  }
37
 
38
- if($test_external_forms && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['cleantalk_hidden_method']) && isset($_POST['cleantalk_hidden_action']))
39
- {
 
 
 
40
  $action=htmlspecialchars($_POST['cleantalk_hidden_action']);
41
  $method=htmlspecialchars($_POST['cleantalk_hidden_method']);
42
  unset($_POST['cleantalk_hidden_action']);
@@ -45,7 +48,13 @@ function ct_init() {
45
  print "<html><body><form method='$method' action='$action'>";
46
  ct_print_form($_POST,'');
47
  print "</form><center>Redirecting to ".$action."... Anti-spam by CleanTalk.</center></body></html>";
48
- print "<script>document.forms[0].submit();</script>";
 
 
 
 
 
 
49
  die();
50
  }
51
 
@@ -2410,7 +2419,6 @@ function ct_contact_form_validate() {
2410
  }
2411
  //@header("CtExclusions: ".$ct_cnt);
2412
  cleantalk_debug("CtExclusions", $ct_cnt);
2413
-
2414
  if (@sizeof($_POST)==0 ||
2415
  (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2416
  (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
@@ -2471,7 +2479,7 @@ function ct_contact_form_validate() {
2471
  }
2472
 
2473
  $ct_temp_msg_data = ct_get_fields_any($_POST);
2474
-
2475
  $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2476
  $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2477
  $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
@@ -2509,7 +2517,7 @@ function ct_contact_form_validate() {
2509
  $tmp=$_POST['TellAFriend_Link'];
2510
  unset($_POST['TellAFriend_Link']);
2511
  }
2512
-
2513
  //@header("CtBaseCallBefore: 1");
2514
  cleantalk_debug("CtBaseCallBefore", "1");
2515
 
@@ -2522,7 +2530,6 @@ function ct_contact_form_validate() {
2522
  'sender_info' => get_sender_info(),
2523
  'checkjs' => $checkjs
2524
  ));
2525
-
2526
  //@header("CtBaseCall: Executed");
2527
  cleantalk_debug("CtBaseCall", "Executed");
2528
 
@@ -2542,6 +2549,10 @@ function ct_contact_form_validate() {
2542
  $contact_form = 'divi_theme_contact_form';
2543
  $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
2544
  }
 
 
 
 
2545
  if(!empty($contact_form))
2546
  break;
2547
  }
@@ -2553,7 +2564,7 @@ function ct_contact_form_validate() {
2553
  if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
2554
  ) {
2555
  $ajax_call = true;
2556
- }
2557
  if ($ajax_call) {
2558
  //@header("AJAX: Yes");
2559
  cleantalk_debug("AJAX", "Yes");
@@ -2610,9 +2621,12 @@ function ct_contact_form_validate() {
2610
  print json_encode($return);
2611
  die();
2612
  //Divi Theme Contact Form. Using $contact_form
2613
- }elseif(!empty($contact_form) && $contact_form = 'divi_theme_contact_form'){
2614
  echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
2615
  die;
 
 
 
2616
  }else{
2617
  ct_die(null, null);
2618
  }
35
  add_shortcode( 'et_pb_contact_form', 'ct_contact_form_validate' );
36
  }
37
 
38
+ if($test_external_forms
39
+ && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST'
40
+ && isset($_POST['cleantalk_hidden_method'])
41
+ && isset($_POST['cleantalk_hidden_action'])
42
+ ){
43
  $action=htmlspecialchars($_POST['cleantalk_hidden_action']);
44
  $method=htmlspecialchars($_POST['cleantalk_hidden_method']);
45
  unset($_POST['cleantalk_hidden_action']);
48
  print "<html><body><form method='$method' action='$action'>";
49
  ct_print_form($_POST,'');
50
  print "</form><center>Redirecting to ".$action."... Anti-spam by CleanTalk.</center></body></html>";
51
+ print "<script>
52
+ if(document.forms[0].submit != 'undefined'){
53
+ var objects = document.getElementsByName('submit');
54
+ document.forms[0].removeChild(objects[0]);
55
+ }
56
+ document.forms[0].submit();
57
+ </script>";
58
  die();
59
  }
60
 
2419
  }
2420
  //@header("CtExclusions: ".$ct_cnt);
2421
  cleantalk_debug("CtExclusions", $ct_cnt);
 
2422
  if (@sizeof($_POST)==0 ||
2423
  (isset($_POST['signup_username']) && isset($_POST['signup_email']) && isset($_POST['signup_password'])) ||
2424
  (isset($pagenow) && $pagenow == 'wp-login.php') || // WordPress log in form
2479
  }
2480
 
2481
  $ct_temp_msg_data = ct_get_fields_any($_POST);
2482
+
2483
  $sender_email = ($ct_temp_msg_data['email'] ? $ct_temp_msg_data['email'] : '');
2484
  $sender_nickname = ($ct_temp_msg_data['nickname'] ? $ct_temp_msg_data['nickname'] : '');
2485
  $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
2517
  $tmp=$_POST['TellAFriend_Link'];
2518
  unset($_POST['TellAFriend_Link']);
2519
  }
2520
+
2521
  //@header("CtBaseCallBefore: 1");
2522
  cleantalk_debug("CtBaseCallBefore", "1");
2523
 
2530
  'sender_info' => get_sender_info(),
2531
  'checkjs' => $checkjs
2532
  ));
 
2533
  //@header("CtBaseCall: Executed");
2534
  cleantalk_debug("CtBaseCall", "Executed");
2535
 
2549
  $contact_form = 'divi_theme_contact_form';
2550
  $contact_form_additional = str_replace('et_pb_contactform_submit', '', $param);
2551
  }
2552
+ if(strpos($param, 'avia_generated_form') === 0){
2553
+ $contact_form = 'enfold_theme_contact_form';
2554
+ $contact_form_additional = str_replace('avia_generated_form', '', $param);
2555
+ }
2556
  if(!empty($contact_form))
2557
  break;
2558
  }
2564
  if ((defined( 'DOING_AJAX' ) && DOING_AJAX)
2565
  ) {
2566
  $ajax_call = true;
2567
+ }
2568
  if ($ajax_call) {
2569
  //@header("AJAX: Yes");
2570
  cleantalk_debug("AJAX", "Yes");
2621
  print json_encode($return);
2622
  die();
2623
  //Divi Theme Contact Form. Using $contact_form
2624
+ }elseif(!empty($contact_form) && $contact_form == 'divi_theme_contact_form'){
2625
  echo "<div id='et_pb_contact_form{$contact_form_additional}'><h1>Your request looks like spam.</h1><div><p>{$ct_result->comment}</p></div></div>";
2626
  die;
2627
+ // Enfold Theme Contact Form. Using $contact_form
2628
+ }elseif(!empty($contact_form) && $contact_form == 'enfold_theme_contact_form'){
2629
+
2630
  }else{
2631
  ct_die(null, null);
2632
  }
inc/cleantalk.class.php CHANGED
@@ -12,31 +12,6 @@
12
  *
13
  */
14
 
15
- /**
16
- * Creating apache_request_headers() if not exists
17
- */
18
- if( !function_exists('apache_request_headers') ) {
19
- function apache_request_headers() {
20
- $arh = array();
21
- $rx_http = '/\AHTTP_/';
22
- foreach($_SERVER as $key => $val) {
23
- if( preg_match($rx_http, $key) ) {
24
- $arh_key = preg_replace($rx_http, '', $key);
25
- $rx_matches = array();
26
- // do some nasty string manipulations to restore the original letter case
27
- // this should work in most cases
28
- $rx_matches = explode('_', $arh_key);
29
- if( count($rx_matches) > 0 and strlen($arh_key) > 2 ) {
30
- foreach($rx_matches as $ak_key => $ak_val) $rx_matches[$ak_key] = ucfirst($ak_val);
31
- $arh_key = implode('-', $rx_matches);
32
- }
33
- $arh[$arh_key] = $val;
34
- }
35
- }
36
- return( $arh );
37
- }
38
- }
39
-
40
  /**
41
  * Response class
42
  */
@@ -1234,21 +1209,19 @@ function sendRawRequest($url,$data,$isJSON=false,$timeout=3)
1234
  return $result;
1235
  }
1236
 
1237
- if( !function_exists('apache_request_headers') )
1238
- {
1239
- function apache_request_headers()
1240
- {
1241
  $arh = array();
1242
  $rx_http = '/\AHTTP_/';
1243
- foreach($_SERVER as $key => $val)
1244
- {
1245
- if( preg_match($rx_http, $key) )
1246
- {
1247
  $arh_key = preg_replace($rx_http, '', $key);
 
 
1248
  $rx_matches = array();
1249
  $rx_matches = explode('_', $arh_key);
1250
- if( count($rx_matches) > 0 and strlen($arh_key) > 2 )
1251
- {
1252
  foreach($rx_matches as $ak_key => $ak_val) $rx_matches[$ak_key] = ucfirst($ak_val);
1253
  $arh_key = implode('-', $rx_matches);
1254
  }
12
  *
13
  */
14
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
15
  /**
16
  * Response class
17
  */
1209
  return $result;
1210
  }
1211
 
1212
+ // Creating apache_request_headers() if not exists
1213
+ if(!function_exists('apache_request_headers')){
1214
+ function apache_request_headers(){
 
1215
  $arh = array();
1216
  $rx_http = '/\AHTTP_/';
1217
+ foreach($_SERVER as $key => $val){
1218
+ if(preg_match($rx_http, $key)){
 
 
1219
  $arh_key = preg_replace($rx_http, '', $key);
1220
+ // do some nasty string manipulations to restore the original letter case
1221
+ // this should work in most cases
1222
  $rx_matches = array();
1223
  $rx_matches = explode('_', $arh_key);
1224
+ if( count($rx_matches) > 0 and strlen($arh_key) > 2 ){
 
1225
  foreach($rx_matches as $ak_key => $ak_val) $rx_matches[$ak_key] = ucfirst($ak_val);
1226
  $arh_key = implode('-', $rx_matches);
1227
  }
readme.txt CHANGED
@@ -1,9 +1,9 @@
1
  === Spam protection FireWall, AntiSpam by CleanTalk ===
2
- Contributors: znaeff, shagimuratov, serge00, sartemd174
3
  Tags: antispam, protection, contact form, comments, spam
4
  Requires at least: 3.0
5
  Tested up to: 4.7
6
- Stable tag: 5.64
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.
@@ -501,6 +501,12 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
501
  1. The Dashboard with a map of most spam active countries per your account.
502
 
503
  == Changelog ==
 
 
 
 
 
 
504
  = 5.64 April 26 2017 =
505
  * Integration for Facebook registrations.
506
  * Small fixes for WPMS.
@@ -1327,6 +1333,12 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
1327
  * First version
1328
 
1329
  == Upgrade Notice ==
 
 
 
 
 
 
1330
  = 5.64 April 26 2017 =
1331
  * Integration for Facebook registrations.
1332
  * Small fixes for WPMS.
1
  === Spam protection FireWall, AntiSpam by CleanTalk ===
2
+ Contributors: znaeff, shagimuratov, serge00, sartemd174, amagsumov
3
  Tags: antispam, protection, contact form, comments, spam
4
  Requires at least: 3.0
5
  Tested up to: 4.7
6
+ Stable tag: 5.65
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.
501
  1. The Dashboard with a map of most spam active countries per your account.
502
 
503
  == Changelog ==
504
+ = 5.65 May 16 2017 =
505
+ * Fix for PayPal redirecton.
506
+ * Fixed issue with empty query for bulk comments test.
507
+ * Added protection for Enfold contact form.
508
+ * Ninja forms integration.
509
+
510
  = 5.64 April 26 2017 =
511
  * Integration for Facebook registrations.
512
  * Small fixes for WPMS.
1333
  * First version
1334
 
1335
  == Upgrade Notice ==
1336
+ = 5.65 May 16 2017 =
1337
+ * Fix for PayPal redirecton.
1338
+ * Fixed issue with empty query for bulk comments test.
1339
+ * Added protection for Enfold contact form.
1340
+ * Ninja forms integration.
1341
+
1342
  = 5.64 April 26 2017 =
1343
  * Integration for Facebook registrations.
1344
  * Small fixes for WPMS.