Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.86

Version Description

January 25 2018 = * Fix: High CPU load with wp-ajax.php. * Fix: Mailpoet: Newsletter. * Fix: Gravity: Forms standardization for input fields. * Fix: ajax hook checks data for contact form. * Fix: UTF8 character in requests.

Download this release

Release Info

Developer Safronik
Plugin Icon 128x128 Spam protection, AntiSpam, FireWall by CleanTalk
Version 5.86
Comparing to
See all releases

Code changes from version 5.85 to 5.86

Files changed (11) hide show
  1. cleantalk.php +5 -5
  2. css/cleantalk-admin-settings-page.css +5 -0
  3. inc/cleantalk-admin.php +12 -8
  4. inc/cleantalk-ajax.php +286 -281
  5. inc/cleantalk-common.php +12 -6
  6. inc/cleantalk-public.php +12 -3
  7. inc/cleantalk.class.php +3 -1
  8. js/apbct-public.js +23 -21
  9. {inc → js}/cleantalk_external.js +0 -0
  10. {inc → js}/cleantalk_internal.js +0 -0
  11. readme.txt +15 -1
cleantalk.php CHANGED
@@ -3,17 +3,17 @@
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
- Version: 5.85
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
- $cleantalk_plugin_version='5.85';
12
- $ct_agent_version = 'wordpress-585';
13
  $cleantalk_executed = false;
14
 
15
- define('APBCT_VERSION', '5.85');
16
- define('APBCT_AGENT', 'wordpress-585');
17
 
18
  define('CLEANTALK_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
19
 
3
  Plugin Name: Anti-Spam by CleanTalk
4
  Plugin URI: http://cleantalk.org
5
  Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms. Formerly Anti-Spam by CleanTalk.
6
+ Version: 5.86
7
  Author: СleanTalk <welcome@cleantalk.org>
8
  Author URI: http://cleantalk.org
9
  */
10
 
11
+ $cleantalk_plugin_version='5.86';
12
+ $ct_agent_version = 'wordpress-586';
13
  $cleantalk_executed = false;
14
 
15
+ define('APBCT_VERSION', '5.86');
16
+ define('APBCT_AGENT', 'wordpress-586');
17
 
18
  define('CLEANTALK_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
19
 
css/cleantalk-admin-settings-page.css CHANGED
@@ -1,3 +1,8 @@
 
 
 
 
 
1
  a.ct_support_link{
2
  color: #666;
3
  margin-right: 0.5em;
1
+ .apbct_status_icon{
2
+ vertical-align: text-bottom;
3
+ margin: 0 5px;
4
+ }
5
+
6
  a.ct_support_link{
7
  color: #666;
8
  margin-right: 0.5em;
inc/cleantalk-admin.php CHANGED
@@ -856,7 +856,7 @@ function ct_section_debug(){
856
  * Admin callback function - Displays description of 'state' plugin parameters section
857
  */
858
  function ct_section_settings_state() {
859
- global $ct_options, $ct_data;
860
 
861
  $ct_options = ct_get_options();
862
  $ct_data = ct_get_data();
@@ -897,14 +897,18 @@ function ct_section_settings_state() {
897
  else
898
  $ct_moderate = false;
899
 
900
- print '<img src="'. (($ct_options['registrations_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Registration forms', 'cleantalk');
901
- print ' &nbsp; <img src="'.(($ct_options['comments_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Comments forms', 'cleantalk');
902
- print ' &nbsp; <img src="'.(($ct_options['contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Contact forms', 'cleantalk');
903
- print ' &nbsp; <img src="'.(($ct_options['general_contact_forms_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('Custom contact forms', 'cleantalk');
904
- print ' &nbsp; <img src="'.(($ct_options['spam_firewall']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('SpamFireWall', 'cleantalk');
905
-
 
 
 
 
906
  if(class_exists('WooCommerce'))
907
- print ' &nbsp; <img src="'.(($ct_options['wc_checkout_test']==1 || $ct_moderate) ? $img : $img_no).'" alt="" height="" /> '.__('WooCommerce checkout form', 'cleantalk');
908
 
909
  if($ct_data['moderate_ip'] == 1)
910
  print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";
856
  * Admin callback function - Displays description of 'state' plugin parameters section
857
  */
858
  function ct_section_settings_state() {
859
+ global $ct_options, $ct_data, $wpdb;
860
 
861
  $ct_options = ct_get_options();
862
  $ct_data = ct_get_data();
897
  else
898
  $ct_moderate = false;
899
 
900
+ echo '<img class="apbct_status_icon" src="'.($ct_options['registrations_test']==1 || $ct_moderate ? $img : $img_no).'" /> '.__('Registration forms', 'cleantalk');
901
+ echo '<img class="apbct_status_icon" src="'.($ct_options['comments_test']==1 || $ct_moderate ? $img : $img_no).'"/> '.__('Comments forms', 'cleantalk');
902
+ echo '<img class="apbct_status_icon" src="'.($ct_options['contact_forms_test']==1 || $ct_moderate ? $img : $img_no).'"/> '.__('Contact forms', 'cleantalk');
903
+ echo '<img class="apbct_status_icon" src="'.($ct_options['general_contact_forms_test']==1 || $ct_moderate ? $img : $img_no).'"/> '.__('Custom contact forms', 'cleantalk');
904
+
905
+ // SFW + current network count
906
+ $sfw_netwoks_amount = $wpdb->get_results("SELECT count(*) AS cnt FROM `".$wpdb->base_prefix."cleantalk_sfw`", ARRAY_A);
907
+ $alt_for_sfw = sprintf(__('Networks in database: %d.', 'cleantalk'), $sfw_netwoks_amount[0]['cnt']);
908
+ echo '<img class="apbct_status_icon" src="'.($ct_options['spam_firewall']==1 || $ct_moderate ? $img : $img_no).'" title="'.($ct_options['spam_firewall']==1 || $ct_moderate ? $alt_for_sfw : '').'"/> '.__('SpamFireWall', 'cleantalk');
909
+ // WooCommerce
910
  if(class_exists('WooCommerce'))
911
+ echo '<img src="'.($ct_options['wc_checkout_test']==1 || $ct_moderate ? $img : $img_no).'"/> '.__('WooCommerce checkout form', 'cleantalk');
912
 
913
  if($ct_data['moderate_ip'] == 1)
914
  print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";
inc/cleantalk-ajax.php CHANGED
@@ -342,290 +342,295 @@ function ct_ajax_hook($message_obj = false, $additional = false)
342
  $message['subject'] = $subject;
343
  }
344
 
345
- if($sender_email != null)
346
- {
347
- $base_call_result = apbct_base_call(
348
- array(
349
- 'message' => $message,
350
- 'sender_email' => $sender_email,
351
- 'sender_nickname' => $sender_nickname,
352
- 'sender_info' => array('post_checkjs_passed' => $checkjs),
353
- 'post_info' => array('comment_type' => 'feedback_ajax'),
354
- 'checkjs' => $checkjs,
355
- )
356
- );
357
- $ct_result = $base_call_result['ct_result'];
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
358
 
359
- if ($ct_result->allow == 0)
 
 
360
  {
361
- if(isset($_POST['action']) && $_POST['action']=='wpuf_submit_register'){
362
- $result=Array('success'=>false,'error'=>$ct_result->comment);
363
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
364
- print json_encode($result);
365
- die();
366
- }
367
- else if(isset($_POST['action']) && $_POST['action']=='mymail_form_submit')
368
- {
369
- $result=Array('success'=>false,'html'=>$ct_result->comment);
370
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
371
- print json_encode($result);
372
- die();
373
- }
374
- else if(isset($_POST['action'], $_POST['task']) && $_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview' && $_POST['task'] != 'send_test_mail')
375
- {
376
- $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
377
- //@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
378
- print $_GET['callback'].'('.json_encode($result).');';
379
- die();
380
- }
381
- else if(isset($_POST['action']) && $_POST['action']=='cs_registration_validation')
382
- {
383
- $result=Array("type"=>"error","message"=>$ct_result->comment);
384
- print json_encode($result);
385
- die();
386
- }
387
- else if(isset($_POST['action']) && ($_POST['action']=='request_appointment' || $_POST['action']=='send_message'))
388
- {
389
- print $ct_result->comment;
390
- die();
391
- }
392
- else if(isset($_POST['action']) && $_POST['action']=='zn_do_login')
393
- {
394
- print '<div id="login_error">'.$ct_result->comment.'</div>';
395
- die();
396
- }
397
- else if(isset($_POST['action']) && $_POST['action']=='vfb_submit')
398
- {
399
- $result=Array('result'=>false,'message'=>$ct_result->comment);
400
- @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
401
- print json_encode($result);
402
- die();
403
- }
404
- else if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform')
405
- {
406
- $message_obj['akismet_result'] = 'true';
407
- $result = array(
408
- 'sent' => false,
409
- 'valid' => 1,
410
- 'errorlist' => array('confirm-email'=>$ct_result->comment)
411
- );
412
- $result = json_encode($result);
413
- echo $result;
414
- return $message_obj;
415
- }
416
- else if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout')
417
- {
418
- print $ct_result->comment;
419
- die();
420
- }
421
- else if(isset($_POST['action']) && $_POST['action']=='frm_entries_create')
422
- {
423
- $result=Array('112'=>$ct_result->comment);
424
- print json_encode($result);
425
- die();
426
- }
427
- else if(isset($_POST['cma-action']) && $_POST['cma-action']=='add')
428
- {
429
- $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
430
- print json_encode($result);
431
- die();
432
- }
433
- else if(isset($_POST['action']) && $_POST['action']=='td_mod_register')
434
- {
435
- print json_encode(array('register', 0, $ct_result->comment));
436
- die();
437
- }
438
- else if(isset($_POST['action']) && $_POST['action']=='tmpl_ajax_check_user_email')
439
- {
440
- print "17,email";
441
- die();
442
- }
443
- else if(isset($_POST['action']) && ($_POST['action']=='tevolution_submit_from_preview' || $_POST['action']=='submit_form_recaptcha_validation'))
444
- {
445
- print $ct_result->comment;
446
- die();
447
- }
448
- else if(isset($_POST['action']) && $_POST['action']=='ninja_forms_ajax_submit')
449
- {
450
- print '{"form_id":'.$_POST['_form_id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
451
- die();
452
- }
453
- else if(isset($_POST['action']) && $_POST['action']=='nf_ajax_submit')
454
- {
455
- $nf_data = json_decode($_POST['formData'], true);
456
- // print '{data:{{"form_id":'.$nf_data['id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}}}'; \\Old version
457
- print '{"data":{"form_id":"'.$nf_data['id'].'","settings":{},"extra":[],"fields":{},"processed_actions":[],"actions":{"success_message": "<font style=\"color: red\">'.$ct_result->comment.'</font><br><br>"}},"errors":[],"debug":[]}';
458
- die();
459
- }
460
-
461
- // WooWaitList
462
- // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
463
- else if(isset($_POST['action']) && $_POST['action']=='wew_save_to_db_callback')
464
- {
465
- $result = array();
466
- $result['error'] = 1;
467
- $result['message'] = $ct_result->comment;
468
- $result['code'] = 5; // Unused code number in WooWaitlist
469
- print json_encode($result);
470
- die();
471
- }
472
- // UserPro
473
- else if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register')
474
- {
475
- foreach($_POST as $key => $value){
476
- $output[$key]=$value;
477
- }unset($key, $value);
478
- $output['template'] = $ct_result->comment;
479
- $output=json_encode($output);
480
- print_r($output);
481
- die;
482
- }
483
- // Quick event manager
484
- else if(isset($_POST['action']) && $_POST['action']=='qem_validate_form'){
485
- $errors[] = 'registration_forbidden';
486
- $result = Array(
487
- 'success' => 'false',
488
- 'errors' => $errors,
489
- 'title' => $ct_result->comment
490
- );
491
- print json_encode($result);
492
- die();
493
- }
494
- // Quick Contact Form
495
- elseif(isset($_POST['action']) && $_POST['action'] == 'qcf_validate_form')
496
- {
497
- $result = Array(
498
- 'blurb' => "<h1>".$ct_result->comment."</h1>",
499
- 'display' => "Oops, got a few problems here",
500
- 'errors' => array(
501
- 0 => array(
502
- error => 'error',
503
- name => 'name'
504
- ),
505
  ),
506
- 'success' => 'false',
507
- );
508
- print json_encode($result);
509
- die();
510
- }
511
- // Usernoise Contact Form
512
- elseif(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs']))
513
- {
514
- return array($ct_result->comment);
515
- die();
516
- }
517
- // amoForms
518
- elseif(isset($_POST['action']) && $_POST['action'] == 'amoforms_submit')
519
- {
520
- $result = Array(
521
- 'result' => true,
522
- 'type' => "html",
523
- 'value' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
524
- 'fast' => false
525
- );
526
- print json_encode($result);
527
- die();
528
- }
529
- // MailChimp for Wordpress Premium
530
- elseif(!empty($_POST['_mc4wp_form_id']))
531
- {
532
- return 'ct_mc4wp_response';
533
- }
534
- // QAEngine Theme answers
535
- elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
536
- return new WP_Error('Spam comment', $ct_result->comment);
537
- }
538
- //Convertplug. Strpos because action value dynamically changes and depends on mailing service
539
- elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
540
- $result = Array(
541
- 'action' => "message",
542
- 'detailed_msg' => "",
543
- 'email_status' => false,
544
- 'message' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
545
- 'status' => "error",
546
- 'url' => "none"
547
- );
548
- print json_encode($result);
549
- die();
550
- }
551
- // Ultimate Form Builder
552
- elseif (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
553
- $result = Array(
554
- 'error_keys' => array(),
555
- 'error_flag' => 1,
556
- 'response_message' => $ct_result->comment
557
- );
558
- print json_encode($result);
559
- die();
560
- }
561
- // Smart Forms
562
- elseif (isset($_POST['action']) && $_POST['action'] == 'rednao_smart_forms_save_form_values'){
563
- $result = Array(
564
- 'message' => $ct_result->comment,
565
- 'refreshCaptcha' => 'n',
566
- 'success' => 'n'
567
- );
568
- print json_encode($result);
569
- die();
570
- }
571
- //cFormsII
572
- elseif(isset($_POST['action']) && $_POST['action'] == 'submitcform')
573
- {
574
- header('Content-Type: application/json');
575
- $result = Array(
576
- 'no' => "",
577
- 'result' => "failure",
578
- 'html' =>$ct_result->comment,
579
- 'hide' => false,
580
- 'redirection' => null
581
-
582
- );
583
- print json_encode($result);
584
- die();
585
- }
586
- //Contact Form by Web-Settler
587
- elseif(isset($_POST['smFieldData']))
588
- {
589
- $result = Array(
590
- 'signal' => true,
591
- 'code' => 0,
592
- 'thanksMsg' => $ct_result->comment,
593
- 'errors' => array(),
594
- 'isMsg' => true,
595
- 'redirectUrl' => null
596
- );
597
- print json_encode($result);
598
- die();
599
- }
600
- //Reviewer
601
- elseif(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
602
- {
603
- $result = Array(
604
- 'success' => false,
605
- 'data' => array(0=>$ct_result->comment)
606
- );
607
- print json_encode($result);
608
- die();
609
- }
610
- // CouponXXL Theme
611
- elseif(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] == 'register'){
612
- $result = array(
613
- 'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
614
- );
615
- die(json_encode($result));
616
- }
617
- else
618
- {
619
- print $ct_result->comment;
620
- die();
621
- }
622
- }
623
- //Allow == 1
624
- else{
625
- //QAEngine Theme answers
626
- if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
627
- return $message_obj;
628
- }
629
  }
630
  }
631
  }
342
  $message['subject'] = $subject;
343
  }
344
 
345
+ // Skip submission if no data found
346
+ if ($sender_email === ''|| !$contact_form)
347
+ return false;
348
+
349
+ // Mailpoet fix
350
+ if (isset($message['wysijaData'], $message['wysijaplugin'], $message['task'], $message['controller']) && $message['wysijaplugin'] == 'wysija-newsletters' && $message['controller'] == 'campaigns')
351
+ return false;
352
+
353
+ $base_call_result = apbct_base_call(
354
+ array(
355
+ 'message' => $message,
356
+ 'sender_email' => $sender_email,
357
+ 'sender_nickname' => $sender_nickname,
358
+ 'sender_info' => array('post_checkjs_passed' => $checkjs),
359
+ 'post_info' => array('comment_type' => 'feedback_ajax'),
360
+ 'checkjs' => $checkjs,
361
+ )
362
+ );
363
+ $ct_result = $base_call_result['ct_result'];
364
+
365
+ if ($ct_result->allow == 0)
366
+ {
367
+ if(isset($_POST['action']) && $_POST['action']=='wpuf_submit_register'){
368
+ $result=Array('success'=>false,'error'=>$ct_result->comment);
369
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
370
+ print json_encode($result);
371
+ die();
372
+ }
373
+ else if(isset($_POST['action']) && $_POST['action']=='mymail_form_submit')
374
+ {
375
+ $result=Array('success'=>false,'html'=>$ct_result->comment);
376
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
377
+ print json_encode($result);
378
+ die();
379
+ }
380
+ else if(isset($_POST['action'], $_POST['task']) && $_POST['action'] == 'wysija_ajax' && $_POST['task'] != 'send_preview' && $_POST['task'] != 'send_test_mail')
381
+ {
382
+ $result=Array('result'=>false,'msgs'=>Array('updated'=>Array($ct_result->comment)));
383
+ //@header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
384
+ print $_GET['callback'].'('.json_encode($result).');';
385
+ die();
386
+ }
387
+ else if(isset($_POST['action']) && $_POST['action']=='cs_registration_validation')
388
+ {
389
+ $result=Array("type"=>"error","message"=>$ct_result->comment);
390
+ print json_encode($result);
391
+ die();
392
+ }
393
+ else if(isset($_POST['action']) && ($_POST['action']=='request_appointment' || $_POST['action']=='send_message'))
394
+ {
395
+ print $ct_result->comment;
396
+ die();
397
+ }
398
+ else if(isset($_POST['action']) && $_POST['action']=='zn_do_login')
399
+ {
400
+ print '<div id="login_error">'.$ct_result->comment.'</div>';
401
+ die();
402
+ }
403
+ else if(isset($_POST['action']) && $_POST['action']=='vfb_submit')
404
+ {
405
+ $result=Array('result'=>false,'message'=>$ct_result->comment);
406
+ @header( 'Content-Type: application/json; charset=' . get_option( 'blog_charset' ) );
407
+ print json_encode($result);
408
+ die();
409
+ }
410
+ else if(isset($_POST['action']) && $_POST['action']== 'cscf-submitform')
411
+ {
412
+ $message_obj['akismet_result'] = 'true';
413
+ $result = array(
414
+ 'sent' => false,
415
+ 'valid' => 1,
416
+ 'errorlist' => array('confirm-email'=>$ct_result->comment)
417
+ );
418
+ $result = json_encode($result);
419
+ echo $result;
420
+ return $message_obj;
421
+ }
422
+ else if(isset($_POST['action']) && $_POST['action']=='woocommerce_checkout')
423
+ {
424
+ print $ct_result->comment;
425
+ die();
426
+ }
427
+ else if(isset($_POST['action']) && $_POST['action']=='frm_entries_create')
428
+ {
429
+ $result=Array('112'=>$ct_result->comment);
430
+ print json_encode($result);
431
+ die();
432
+ }
433
+ else if(isset($_POST['cma-action']) && $_POST['cma-action']=='add')
434
+ {
435
+ $result=Array('success'=>0, 'thread_id'=>null,'messages'=>Array($ct_result->comment));
436
+ print json_encode($result);
437
+ die();
438
+ }
439
+ else if(isset($_POST['action']) && $_POST['action']=='td_mod_register')
440
+ {
441
+ print json_encode(array('register', 0, $ct_result->comment));
442
+ die();
443
+ }
444
+ else if(isset($_POST['action']) && $_POST['action']=='tmpl_ajax_check_user_email')
445
+ {
446
+ print "17,email";
447
+ die();
448
+ }
449
+ else if(isset($_POST['action']) && ($_POST['action']=='tevolution_submit_from_preview' || $_POST['action']=='submit_form_recaptcha_validation'))
450
+ {
451
+ print $ct_result->comment;
452
+ die();
453
+ }
454
+ else if(isset($_POST['action']) && $_POST['action']=='ninja_forms_ajax_submit')
455
+ {
456
+ print '{"form_id":'.$_POST['_form_id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}';
457
+ die();
458
+ }
459
+ else if(isset($_POST['action']) && $_POST['action']=='nf_ajax_submit')
460
+ {
461
+ $nf_data = json_decode($_POST['formData'], true);
462
+ // print '{data:{{"form_id":'.$nf_data['id'].',"errors":false,"success":{"success_msg-Success":"'.$ct_result->comment.'"}}}}'; \\Old version
463
+ print '{"data":{"form_id":"'.$nf_data['id'].'","settings":{},"extra":[],"fields":{},"processed_actions":[],"actions":{"success_message": "<font style=\"color: red\">'.$ct_result->comment.'</font><br><br>"}},"errors":[],"debug":[]}';
464
+ die();
465
+ }
466
 
467
+ // WooWaitList
468
+ // http://codecanyon.net/item/woowaitlist-woocommerce-back-in-stock-notifier/7103373
469
+ else if(isset($_POST['action']) && $_POST['action']=='wew_save_to_db_callback')
470
  {
471
+ $result = array();
472
+ $result['error'] = 1;
473
+ $result['message'] = $ct_result->comment;
474
+ $result['code'] = 5; // Unused code number in WooWaitlist
475
+ print json_encode($result);
476
+ die();
477
+ }
478
+ // UserPro
479
+ else if(isset($_POST['action'], $_POST['template']) && $_POST['action']=='userpro_process_form' && $_POST['template']=='register')
480
+ {
481
+ foreach($_POST as $key => $value){
482
+ $output[$key]=$value;
483
+ }unset($key, $value);
484
+ $output['template'] = $ct_result->comment;
485
+ $output=json_encode($output);
486
+ print_r($output);
487
+ die;
488
+ }
489
+ // Quick event manager
490
+ else if(isset($_POST['action']) && $_POST['action']=='qem_validate_form'){
491
+ $errors[] = 'registration_forbidden';
492
+ $result = Array(
493
+ 'success' => 'false',
494
+ 'errors' => $errors,
495
+ 'title' => $ct_result->comment
496
+ );
497
+ print json_encode($result);
498
+ die();
499
+ }
500
+ // Quick Contact Form
501
+ elseif(isset($_POST['action']) && $_POST['action'] == 'qcf_validate_form')
502
+ {
503
+ $result = Array(
504
+ 'blurb' => "<h1>".$ct_result->comment."</h1>",
505
+ 'display' => "Oops, got a few problems here",
506
+ 'errors' => array(
507
+ 0 => array(
508
+ error => 'error',
509
+ name => 'name'
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
510
  ),
511
+ ),
512
+ 'success' => 'false',
513
+ );
514
+ print json_encode($result);
515
+ die();
516
+ }
517
+ // Usernoise Contact Form
518
+ elseif(isset($_POST['title'], $_POST['email'], $_POST['type'], $_POST['ct_checkjs']))
519
+ {
520
+ return array($ct_result->comment);
521
+ die();
522
+ }
523
+ // amoForms
524
+ elseif(isset($_POST['action']) && $_POST['action'] == 'amoforms_submit')
525
+ {
526
+ $result = Array(
527
+ 'result' => true,
528
+ 'type' => "html",
529
+ 'value' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
530
+ 'fast' => false
531
+ );
532
+ print json_encode($result);
533
+ die();
534
+ }
535
+ // MailChimp for Wordpress Premium
536
+ elseif(!empty($_POST['_mc4wp_form_id']))
537
+ {
538
+ return 'ct_mc4wp_response';
539
+ }
540
+ // QAEngine Theme answers
541
+ elseif ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
542
+ return new WP_Error('Spam comment', $ct_result->comment);
543
+ }
544
+ //Convertplug. Strpos because action value dynamically changes and depends on mailing service
545
+ elseif (isset($_POST['action']) && strpos($_POST['action'], '_add_subscriber') !== false){
546
+ $result = Array(
547
+ 'action' => "message",
548
+ 'detailed_msg' => "",
549
+ 'email_status' => false,
550
+ 'message' => "<h1 style='font-size: 25px; color: red;'>".$ct_result->comment."</h1>",
551
+ 'status' => "error",
552
+ 'url' => "none"
553
+ );
554
+ print json_encode($result);
555
+ die();
556
+ }
557
+ // Ultimate Form Builder
558
+ elseif (isset($_POST['action']) && $_POST['action'] == 'ufbl_front_form_action'){
559
+ $result = Array(
560
+ 'error_keys' => array(),
561
+ 'error_flag' => 1,
562
+ 'response_message' => $ct_result->comment
563
+ );
564
+ print json_encode($result);
565
+ die();
566
+ }
567
+ // Smart Forms
568
+ elseif (isset($_POST['action']) && $_POST['action'] == 'rednao_smart_forms_save_form_values'){
569
+ $result = Array(
570
+ 'message' => $ct_result->comment,
571
+ 'refreshCaptcha' => 'n',
572
+ 'success' => 'n'
573
+ );
574
+ print json_encode($result);
575
+ die();
576
+ }
577
+ //cFormsII
578
+ elseif(isset($_POST['action']) && $_POST['action'] == 'submitcform')
579
+ {
580
+ header('Content-Type: application/json');
581
+ $result = Array(
582
+ 'no' => "",
583
+ 'result' => "failure",
584
+ 'html' =>$ct_result->comment,
585
+ 'hide' => false,
586
+ 'redirection' => null
587
+
588
+ );
589
+ print json_encode($result);
590
+ die();
591
+ }
592
+ //Contact Form by Web-Settler
593
+ elseif(isset($_POST['smFieldData']))
594
+ {
595
+ $result = Array(
596
+ 'signal' => true,
597
+ 'code' => 0,
598
+ 'thanksMsg' => $ct_result->comment,
599
+ 'errors' => array(),
600
+ 'isMsg' => true,
601
+ 'redirectUrl' => null
602
+ );
603
+ print json_encode($result);
604
+ die();
605
+ }
606
+ //Reviewer
607
+ elseif(isset($_POST['action']) && $_POST['action'] == 'rwp_ajax_action_rating')
608
+ {
609
+ $result = Array(
610
+ 'success' => false,
611
+ 'data' => array(0=>$ct_result->comment)
612
+ );
613
+ print json_encode($result);
614
+ die();
615
+ }
616
+ // CouponXXL Theme
617
+ elseif(isset($_POST['_wp_http_referer'], $_POST['register_field'], $_POST['action']) && strpos($_POST['_wp_http_referer'],'/register/account') !== false && $_POST['action'] == 'register'){
618
+ $result = array(
619
+ 'message' => '<div class="alert alert-error">'.$ct_result->comment.'</div>',
620
+ );
621
+ die(json_encode($result));
622
+ }
623
+ else
624
+ {
625
+ print $ct_result->comment;
626
+ die();
627
+ }
628
+ }
629
+ //Allow == 1
630
+ else{
631
+ //QAEngine Theme answers
632
+ if ( !empty($message_obj) && isset($message_obj['post_type'], $message_obj['author'], $message_obj['post_content']) ){
633
+ return $message_obj;
634
  }
635
  }
636
  }
inc/cleantalk-common.php CHANGED
@@ -137,7 +137,7 @@ function apbct_base_call($params = array(), $reg_flag = false){
137
 
138
  // Misc
139
  $ct_request->auth_key = $ct_options['apikey'];
140
- $ct_request->message = !empty($params['message']) ? json_encode(ct_filter_array($params['message'])) : null;
141
  $ct_request->example = !empty($params['example']) ? $params['example'] : null;
142
  $ct_request->sender_email = !empty($params['sender_email']) ? $params['sender_email'] : null;
143
  $ct_request->sender_nickname = !empty($params['sender_nickname']) ? $params['sender_nickname'] : null;
@@ -629,27 +629,32 @@ function ct_delete_spam_comments() {
629
  */
630
  function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
631
 
632
- $skip_params = array( //Skip request if fields exists
 
633
  'ipn_track_id', // PayPal IPN #
634
  'txn_type', // PayPal transaction type
635
  'payment_status', // PayPal payment status
636
  'ccbill_ipn', // CCBill IPN
637
  'ct_checkjs', // skip ct_checkjs field
638
  'api_mode', // DigiStore-API
 
639
  );
640
- $obfuscate_params = array( //Fields to replace with ****
 
 
641
  'password',
642
  'pass',
643
  'pwd',
644
  'pswd'
645
  );
646
 
647
- $skip_fields_with_strings = array( //Array for strings in keys to skip and known service fields
 
648
  // Common
649
  'ct_checkjs', //Do not send ct_checkjs
650
  'nonce', //nonce for strings such as 'rsvp_nonce_name'
651
  'security',
652
- 'action',
653
  'http_referer',
654
  'timestamp',
655
  'captcha',
@@ -688,7 +693,8 @@ function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = ar
688
  'user_login-',
689
  );
690
 
691
- $skip_message_post = array( // Reset $message if we have a sign-up data
 
692
  'edd_action', // Easy Digital Downloads
693
  );
694
 
137
 
138
  // Misc
139
  $ct_request->auth_key = $ct_options['apikey'];
140
+ $ct_request->message = !empty($params['message']) ? serialize(ct_filter_array($params['message'])) : null;
141
  $ct_request->example = !empty($params['example']) ? $params['example'] : null;
142
  $ct_request->sender_email = !empty($params['sender_email']) ? $params['sender_email'] : null;
143
  $ct_request->sender_nickname = !empty($params['sender_nickname']) ? $params['sender_nickname'] : null;
629
  */
630
  function ct_get_fields_any($arr, $message=array(), $email = null, $nickname = array('nick' => '', 'first' => '', 'last' => ''), $subject = null, $contact = true, $prev_name = ''){
631
 
632
+ //Skip request if fields exists
633
+ $skip_params = array(
634
  'ipn_track_id', // PayPal IPN #
635
  'txn_type', // PayPal transaction type
636
  'payment_status', // PayPal payment status
637
  'ccbill_ipn', // CCBill IPN
638
  'ct_checkjs', // skip ct_checkjs field
639
  'api_mode', // DigiStore-API
640
+ 'loadLastCommentId' // Plugin: WP Discuz. ticket_id=5571
641
  );
642
+
643
+ // Fields to replace with ****
644
+ $obfuscate_params = array(
645
  'password',
646
  'pass',
647
  'pwd',
648
  'pswd'
649
  );
650
 
651
+ // Skip feilds with these strings and known service fields
652
+ $skip_fields_with_strings = array(
653
  // Common
654
  'ct_checkjs', //Do not send ct_checkjs
655
  'nonce', //nonce for strings such as 'rsvp_nonce_name'
656
  'security',
657
+ // 'action',
658
  'http_referer',
659
  'timestamp',
660
  'captcha',
693
  'user_login-',
694
  );
695
 
696
+ // Reset $message if we have a sign-up data
697
+ $skip_message_post = array(
698
  'edd_action', // Easy Digital Downloads
699
  );
700
 
inc/cleantalk-public.php CHANGED
@@ -1891,6 +1891,14 @@ function ct_gforms_spam_test ($is_spam, $form, $entry) {
1891
  $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
1892
  $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
1893
  $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
 
 
 
 
 
 
 
 
1894
  if($subject != '') {
1895
  $message['subject'] = $subject;
1896
  }
@@ -2341,13 +2349,14 @@ function ct_enqueue_scripts_public($hook){
2341
  if(!empty($ct_options['use_ajax']) && stripos($_SERVER['REQUEST_URI'],'.xml') === false && stripos($_SERVER['REQUEST_URI'],'.xsl') === false){
2342
  if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
2343
 
2344
- wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/inc/cleantalk_nocache.js'), array(), $cleantalk_plugin_version, 'in_footer');
 
2345
 
2346
  if(!empty($ct_options['check_external']))
2347
- wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/inc/cleantalk_external.js'), array('jquery'), $cleantalk_plugin_version, 'in_footer');
2348
 
2349
  if(!empty($ct_options['check_internal']))
2350
- wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/inc/cleantalk_internal.js'), array('jquery'), $cleantalk_plugin_version, 'in_footer');
2351
 
2352
  wp_localize_script('ct_nocache', 'ctNocache', array(
2353
  'ajaxurl' => admin_url('admin-ajax.php'),
1891
  $subject = ($ct_temp_msg_data['subject'] ? $ct_temp_msg_data['subject'] : '');
1892
  $contact_form = ($ct_temp_msg_data['contact'] ? $ct_temp_msg_data['contact'] : true);
1893
  $message = ($ct_temp_msg_data['message'] ? $ct_temp_msg_data['message'] : array());
1894
+
1895
+ // Adding 'input_' to every field /Gravity Forms fix/
1896
+ $message = array_flip($message);
1897
+ array_walk($message, function(&$value, $key){
1898
+ $value = 'input_'.$value;
1899
+ });
1900
+ $message = array_flip($message);
1901
+
1902
  if($subject != '') {
1903
  $message['subject'] = $subject;
1904
  }
2349
  if(!empty($ct_options['use_ajax']) && stripos($_SERVER['REQUEST_URI'],'.xml') === false && stripos($_SERVER['REQUEST_URI'],'.xsl') === false){
2350
  if(strpos($_SERVER['REQUEST_URI'],'jm-ajax') === false){
2351
 
2352
+ if(!empty($ct_options['use_ajax']))
2353
+ wp_enqueue_script('ct_nocache', plugins_url('/cleantalk-spam-protect/inc/cleantalk_nocache.js'), array(), $cleantalk_plugin_version, 'in_footer');
2354
 
2355
  if(!empty($ct_options['check_external']))
2356
+ wp_enqueue_script('ct_external', plugins_url('/cleantalk-spam-protect/js/cleantalk_external.js'), array('jquery'), $cleantalk_plugin_version, 'in_footer');
2357
 
2358
  if(!empty($ct_options['check_internal']))
2359
+ wp_enqueue_script('ct_internal', plugins_url('/cleantalk-spam-protect/js/cleantalk_internal.js'), array('jquery'), $cleantalk_plugin_version, 'in_footer');
2360
 
2361
  wp_localize_script('ct_nocache', 'ctNocache', array(
2362
  'ajaxurl' => admin_url('admin-ajax.php'),
inc/cleantalk.class.php CHANGED
@@ -558,7 +558,9 @@ class Cleantalk {
558
  if(is_string($request->$param) || is_int($request->$param))
559
  $request->$param = $this->removeNonUTF8FromString($value);
560
  }
561
-
 
 
562
 
563
  return $request;
564
  }
558
  if(is_string($request->$param) || is_int($request->$param))
559
  $request->$param = $this->removeNonUTF8FromString($value);
560
  }
561
+
562
+ $request->message = unserialize($request->message);
563
+ $request->message = is_array($request->message) ? json_encode($request->message) : $request->message;
564
 
565
  return $request;
566
  }
js/apbct-public.js CHANGED
@@ -83,28 +83,30 @@ apbct_attach_event_handler(window, "keydown", ctFunctionFirstKey);
83
  function apbct_ready(){
84
  ctSetCookieSec("apbct_visible_fields", 0);
85
  ctSetCookieSec("apbct_visible_fields_count", 0);
86
- for(var i=0; i < document.forms.length; i++){
87
- var form = document.forms[i];
88
- form.onsubmit = function(){
89
- var apbct_vf = {apbct_visible_fields: ""};
90
- for(var j=0, elem_count=form.elements.length; j < form.elements.length; j++){
91
- var elem = form.elements[j];
92
- if( getComputedStyle(elem).display == "none" ||
93
- getComputedStyle(elem).visibility == "hidden" ||
94
- getComputedStyle(elem).width == "0" ||
95
- getComputedStyle(elem).heigth == "0" ||
96
- getComputedStyle(elem).opacity == "0" ||
97
- elem.getAttribute("type") == "hidden" ||
98
- elem.getAttribute("type") == "submit"
99
- ){
100
- elem_count--;
101
- }else{
102
- apbct_vf.apbct_visible_fields += elem.getAttribute("name") + (j+1 == form.elements.length ? "" : " ");
103
- }
 
 
 
 
104
  }
105
- ctSetCookieSec("apbct_visible_fields", JSON.stringify(apbct_vf));
106
- ctSetCookieSec("apbct_visible_fields_count", elem_count);
107
  }
108
- }
109
  }
110
  apbct_attach_event_handler(window, "DOMContentLoaded", apbct_ready);
83
  function apbct_ready(){
84
  ctSetCookieSec("apbct_visible_fields", 0);
85
  ctSetCookieSec("apbct_visible_fields_count", 0);
86
+ setTimeout(function(){
87
+ for(var i=0; i < document.forms.length; i++){
88
+ var form = document.forms[i];
89
+ form.onsubmit = function(){
90
+ var apbct_vf = {apbct_visible_fields: ""};
91
+ for(var j=0, elem_count=form.elements.length; j < form.elements.length; j++){
92
+ var elem = form.elements[j];
93
+ if( getComputedStyle(elem).display == "none" ||
94
+ getComputedStyle(elem).visibility == "hidden" ||
95
+ getComputedStyle(elem).width == "0" ||
96
+ getComputedStyle(elem).heigth == "0" ||
97
+ getComputedStyle(elem).opacity == "0" ||
98
+ elem.getAttribute("type") == "hidden" ||
99
+ elem.getAttribute("type") == "submit"
100
+ ){
101
+ elem_count--;
102
+ }else{
103
+ apbct_vf.apbct_visible_fields += elem.getAttribute("name") + (j+1 == form.elements.length ? "" : " ");
104
+ }
105
+ }
106
+ ctSetCookieSec("apbct_visible_fields", JSON.stringify(apbct_vf));
107
+ ctSetCookieSec("apbct_visible_fields_count", elem_count);
108
  }
 
 
109
  }
110
+ }, 1000);
111
  }
112
  apbct_attach_event_handler(window, "DOMContentLoaded", apbct_ready);
{inc → js}/cleantalk_external.js RENAMED
File without changes
{inc → js}/cleantalk_internal.js RENAMED
File without changes
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: znaeff, shagimuratov, sartemd174
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 4.9.1
6
- Stable tag: 5.85
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.
@@ -504,6 +504,13 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
504
  1. The plugin deletes/removes the existing spam comments and users accounts.
505
 
506
  == Changelog ==
 
 
 
 
 
 
 
507
  = 5.85 January 11 2018 =
508
  * Fix: Fast Secure contact form spam block message.
509
  * Fix: IP license status.
@@ -1497,6 +1504,13 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
1497
  * First version
1498
 
1499
  == Upgrade Notice ==
 
 
 
 
 
 
 
1500
  = 5.85 January 11 2018 =
1501
  * Fix: Fast Secure contact form spam block message.
1502
  * Fix: IP license status.
3
  Tags: spam, antispam, protection, comments, firewall
4
  Requires at least: 3.0
5
  Tested up to: 4.9.1
6
+ Stable tag: 5.86
7
  License: GPLv2
8
 
9
  Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.
504
  1. The plugin deletes/removes the existing spam comments and users accounts.
505
 
506
  == Changelog ==
507
+ = 5.86 January 25 2018 =
508
+ * Fix: High CPU load with wp-ajax.php.
509
+ * Fix: Mailpoet: Newsletter.
510
+ * Fix: Gravity: Forms standardization for input fields.
511
+ * Fix: ajax hook checks data for contact form.
512
+ * Fix: UTF8 character in requests.
513
+
514
  = 5.85 January 11 2018 =
515
  * Fix: Fast Secure contact form spam block message.
516
  * Fix: IP license status.
1504
  * First version
1505
 
1506
  == Upgrade Notice ==
1507
+ = 5.86 January 25 2018 =
1508
+ * Fix: High CPU load with wp-ajax.php.
1509
+ * Fix: Mailpoet: Newsletter.
1510
+ * Fix: Gravity: Forms standardization for input fields.
1511
+ * Fix: ajax hook checks data for contact form.
1512
+ * Fix: UTF8 character in requests.
1513
+
1514
  = 5.85 January 11 2018 =
1515
  * Fix: Fast Secure contact form spam block message.
1516
  * Fix: IP license status.