Spam protection, AntiSpam, FireWall by CleanTalk

Version Description

March 7 2018 = * Improvement: Better IP recognition in SpamFireWall. * Fix: Gravity Froms blocking message. * Security improvments. * Minor fixes.

Download this release

Release Info

Developer	Safronik
Plugin	Spam protection, AntiSpam, FireWall by CleanTalk
Version	5.90
Comparing to
See all releases

Code changes from version 5.89 to 5.90

Files changed (7) hide show

cleantalk.php +63 -54
inc/cleantalk-admin.php +4 -4
inc/cleantalk-common.php +2 -2
inc/cleantalk-public.php +17 -13
lib/CleantalkHelper.php +23 -0
lib/CleantalkSFW.php +80 -30
readme.txt +13 -1

cleantalk.php CHANGED Viewed

	@@ -3,17 +3,17 @@
3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	- Version: 5.89
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10
11	- $cleantalk_plugin_version='5.89';
12	- $ct_agent_version = 'wordpress-~~589~~';
13	$cleantalk_executed = false;
14
15	- define('APBCT_VERSION', '5.89');
16	- define('APBCT_AGENT', 'wordpress-~~589~~');
17
18	define('CLEANTALK_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
19
	@@ -71,46 +71,56 @@ if(!defined('CLEANTALK_PLUGIN_DIR')){
71	$_POST['action']='ninja_forms_ajax_submit';
72
73	//*/ REMOTE CALLS
74	- if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && ($_GET['plugin_name'] == 'antispam' ~~\|\| $_GET[~~'~~plugin_name'] == '~~anti-spam')){
75	-
76	- if(isset($ct_data['last_remote_call']) && time() - $ct_data['last_remote_call'] < CLEANTALK_REMOTE_CALL_SLEEP){
77	- echo "FAIL TOO_MANY_ATTEMPTS";
78	- die();
79	- }else{
80	- $ct_data['last_remote_call'] = time();
81	- update_option('cleantalk_data', $ct_data);
82	- }
83
84	- ~~$spbc_remote_call_token~~ = ~~md5($ct_options[~~'~~apikey']);~~

85
86	- if(~~strtolower(~~$~~_GET['spbc_remote_call_token'])~~ == ~~$spbc_remote_call_token~~){
87
88	- // ~~Close~~ ~~renew banner~~
89	- ~~if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){~~
90	- $~~ct_data['show_ct_notice_trial']~~ = 0;
91	- ~~$ct_data['show_ct_notice_renew'] = 0;~~
92	- ~~update_option~~('~~cleantalk_data~~', $~~ct_data~~);
93	- ~~CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);~~
94	- ~~echo~~ 'OK';
95	- ~~die();~~
96	- // ~~SFW~~ ~~update~~
97	- ~~}elseif~~(~~$_GET[~~'~~spbc_remote_call_action~~'] ~~== 'sfw_update'~~){
98	- ~~$rc_result = ct_sfw_update();~~
99	- ~~echo~~ $~~rc_result === true ?~~ 'OK' : '~~FAIL~~ '~~.$rc_result;~~
100	- ~~die();~~
101	- // ~~SFW~~ ~~send~~ ~~logs~~
102	- ~~}elseif~~($_GET['spbc_remote_call_action'] == '~~sfw_send_logs~~'){
103	- $~~rc_result~~ = ~~ct_sfw_send_logs()~~;
104	- ~~echo~~ $~~rc_result === true ?~~ 'OK' : ~~'FAIL '.$rc_result~~;
105	- ~~die~~();
106	- // ~~Update plugin~~
107	- ~~}elseif~~(~~$_GET[~~'~~spbc_remote_call_action~~'~~] == 'update_plugin'~~){
108	- ~~add_action('template_redirect',~~ ~~'apbct_update',~~ ~~1);~~
109	- }
110	- ~~}else{~~
111	- ~~echo~~ "FAIL ~~WRONG_TOKEN"~~;
112	- ~~die();~~
113	- }

















114	}
115	//*/ END OF REMOTE CALLS
116
	@@ -488,12 +498,10 @@ function ct_sfw_update(){
488	$sfw = new CleantalkSFW();
489	$result = $sfw->sfw_update($ct_options['apikey']);
490	unset($sfw);
491	-
492	- return $result === true ? true : $result;
493	-
494	}
495
496	- return 'SFW_DISABLED';
497
498	}
499
	@@ -511,12 +519,11 @@ function ct_sfw_send_logs()
511	$sfw = new CleantalkSFW();
512	$result = $sfw->send_logs($ct_options['apikey']);
513	unset($sfw);
514	-
515	- return $result === true ? true : $result;
516
517	}
518
519	- return 'SFW_DISABLED';
520	}
521
522	function apbct_update(){
	@@ -543,17 +550,19 @@ function apbct_update(){
543	$result = activate_plugins( $plugin );
544
545	if(is_wp_error($result))
546	- die('COULD_NOT_ACTIVATE ~~WP_ERROR~~' . $result->get_error_message());
547	if($result === false)
548	- die('COULD_NOT_ACTIVATE');
549
550	$plugin_data = get_plugin_data(__FILE__);
551	$apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
552	ct_send_feedback('0:' . $apbct_agent);
553
554	- }
555	-
556	- ~~die($upgrader->apbct_result);~~


557	}
558
559	function cleantalk_get_brief_data(){


3	Plugin Name: Anti-Spam by CleanTalk
4	Plugin URI: http://cleantalk.org
5	Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
6	+ Version: 5.90
7	Author: СleanTalk <welcome@cleantalk.org>
8	Author URI: http://cleantalk.org
9	*/
10
11	+ $cleantalk_plugin_version='5.90';
12	+ $ct_agent_version = 'wordpress-590';
13	$cleantalk_executed = false;
14
15	+ define('APBCT_VERSION', '5.90');
16	+ define('APBCT_AGENT', 'wordpress-590');
17
18	define('CLEANTALK_REMOTE_CALL_SLEEP', 10); // Minimum time between remote call
19

71	$_POST['action']='ninja_forms_ajax_submit';
72
73	//*/ REMOTE CALLS
74	+ if(isset($_GET['spbc_remote_call_token'], $_GET['spbc_remote_call_action'], $_GET['plugin_name']) && in_array($_GET['plugin_name'], array('antispam','anti-spam'))){








75
76	+ // Comparing with cleantalk's IP
77	+ $spbc_remote_ip = CleantalkHelper::get_ip_real();
78
79	+ if($spbc_remote_ip !== false){
80
81	+ $resolved = gethostbyaddr($spbc_remote_ip);
82	+
83	+ if($resolved !== false){
84	+
85	+ if(preg_match('/cleantalk\.org$/', $resolved) === 1 \|\| $resolved === 'back'){
86	+
87	+ if(!isset($ct_data['last_remote_call']) \|\| (isset($ct_data['last_remote_call']) && time() - $ct_data['last_remote_call'] > CLEANTALK_REMOTE_CALL_SLEEP)){
88	+
89	+ $ct_data['last_remote_call'] = time();
90	+ update_option('cleantalk_data', $ct_data);
91	+
92	+ if(strtolower($_GET['spbc_remote_call_token']) == md5($ct_options['apikey'])){
93	+
94	+ // Close renew banner
95	+ if($_GET['spbc_remote_call_action'] == 'close_renew_banner'){
96	+ $ct_data['show_ct_notice_trial'] = 0;
97	+ $ct_data['show_ct_notice_renew'] = 0;
98	+ update_option('cleantalk_data', $ct_data);
99	+ CleantalkCron::updateTask('check_account_status', 'ct_account_status_check', 86400);
100	+ die('OK');
101	+ // SFW update
102	+ }elseif($_GET['spbc_remote_call_action'] == 'sfw_update'){
103	+ $result = ct_sfw_update();
104	+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error_string'])));
105	+ // SFW send logs
106	+ }elseif($_GET['spbc_remote_call_action'] == 'sfw_send_logs'){
107	+ $rc_result = ct_sfw_send_logs();
108	+ die(empty($result['error']) ? 'OK' : 'FAIL '.json_encode(array('error' => $result['error_string'])));
109	+ // Update plugin
110	+ }elseif($_GET['spbc_remote_call_action'] == 'update_plugin'){
111	+ add_action('template_redirect', 'apbct_update', 1);
112	+ }else
113	+ die('FAIL '.json_encode(array('error' => 'UNKNOWN_ACTION')));
114	+ }else
115	+ die('FAIL '.json_encode(array('error' => 'WRONG_TOKEN')));
116	+ }else
117	+ die('FAIL '.json_encode(array('error' => 'TOO_MANY_ATTEMPTS')));
118	+ }else
119	+ die('FAIL '.json_encode(array('error' => 'WRONG_IP')));
120	+ }else
121	+ die('FAIL '.json_encode(array('error' => 'COULDNT_RESOLVE_IP')));
122	+ }else
123	+ die('FAIL '.json_encode(array('error' => 'COULDNT_RECONIZE_IP')));
124	}
125	//*/ END OF REMOTE CALLS
126

498	$sfw = new CleantalkSFW();
499	$result = $sfw->sfw_update($ct_options['apikey']);
500	unset($sfw);
501	+ return $result;


502	}
503
504	+ return array('error' => true, 'error_string' => 'SFW_DISABLED');
505
506	}
507

519	$sfw = new CleantalkSFW();
520	$result = $sfw->send_logs($ct_options['apikey']);
521	unset($sfw);
522	+ return $result;

523
524	}
525
526	+ return array('error' => true, 'error_string' => 'SFW_DISABLED');
527	}
528
529	function apbct_update(){

550	$result = activate_plugins( $plugin );
551
552	if(is_wp_error($result))
553	+ die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE', 'wp_error' => $result->get_error_message())));
554	if($result === false)
555	+ die('FAIL '. json_encode(array('error' => 'COULD_NOT_ACTIVATE')));
556
557	$plugin_data = get_plugin_data(__FILE__);
558	$apbct_agent = 'wordpress-'.str_replace('.', '', $plugin_data['Version']);
559	ct_send_feedback('0:' . $apbct_agent);
560
561	+ die('OK');
562	+
563	+ }else{
564	+ die('FAIL '. json_encode(array('error' => $upgrader->apbct_result)));
565	+ }
566	}
567
568	function cleantalk_get_brief_data(){

inc/cleantalk-admin.php CHANGED Viewed

	@@ -852,7 +852,7 @@ function ct_section_settings_state() {
852
853	$ct_moderate = isset($ct_data['moderate_ip']) && $ct_data['moderate_ip'] == 1 ? true : false;
854	$show_ct_notice_auto_update = isset($ct_data['show_ct_notice_auto_update']) ? $ct_data['show_ct_notice_auto_update'] : 0;
855	- $auto_update_app = isset($ct_data['auto_update_app']) ? $ct_data['auto_update_app'] : 0;
856
857	echo '<img class="apbct_status_icon" src="'.($ct_options['registrations_test']==1 \|\| $ct_moderate ? $img : $img_no).'" />'.__('Registration forms', 'cleantalk');
858	echo '<img class="apbct_status_icon" src="'.($ct_options['comments_test']==1 \|\| $ct_moderate ? $img : $img_no).'"/>'.__('Comments forms', 'cleantalk');
	@@ -866,13 +866,13 @@ function ct_section_settings_state() {
866
867	// Autoupdate status
868	if($show_ct_notice_auto_update == 1){
869	- echo '<img class="apbct_status_icon" src="'.($auto_update_app == 1 ? $img : ($auto_update_app == -1 ? $img_no : $img_no_gray)).'"/>'.__('Auto update', 'cleantalk')
870	- .' <sup><a href="http://cleantalk.org/help/auto-update" target="_blank">?</a></sup>';
871	}
872
873	// WooCommerce
874	if(class_exists('WooCommerce'))
875	- echo '<img src="'.($ct_options['wc_checkout_test']==1 \|\| $ct_moderate ? $img : $img_no).'"/>'.__('WooCommerce checkout form', 'cleantalk');
876
877	if($ct_data['moderate_ip'] == 1)
878	print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";


852
853	$ct_moderate = isset($ct_data['moderate_ip']) && $ct_data['moderate_ip'] == 1 ? true : false;
854	$show_ct_notice_auto_update = isset($ct_data['show_ct_notice_auto_update']) ? $ct_data['show_ct_notice_auto_update'] : 0;
855	+ $auto_update_app = isset($ct_data['auto_update_app']) ? $ct_data['auto_update_app'] : 0;
856
857	echo '<img class="apbct_status_icon" src="'.($ct_options['registrations_test']==1 \|\| $ct_moderate ? $img : $img_no).'" />'.__('Registration forms', 'cleantalk');
858	echo '<img class="apbct_status_icon" src="'.($ct_options['comments_test']==1 \|\| $ct_moderate ? $img : $img_no).'"/>'.__('Comments forms', 'cleantalk');

866
867	// Autoupdate status
868	if($show_ct_notice_auto_update == 1){
869	+ echo '<img class="apbct_status_icon" src="'.($auto_update_app == 1 ? $img : ($auto_update_app == -1 ? $img_no : $img_no_gray)).'"/>'.__('Auto update', 'cleantalk')
870	+ .' <sup><a href="http://cleantalk.org/help/auto-update" target="_blank">?</a></sup>';
871	}
872
873	// WooCommerce
874	if(class_exists('WooCommerce'))
875	+ echo '<img class="apbct_status_icon" src="'.($ct_options['wc_checkout_test']==1 \|\| $ct_moderate ? $img : $img_no).'"/>'.__('WooCommerce checkout form', 'cleantalk');
876
877	if($ct_data['moderate_ip'] == 1)
878	print "<br /><br />The anti-spam service is paid by your hosting provider. License #".$ct_data['ip_license'].".<br />";

inc/cleantalk-common.php CHANGED Viewed

	@@ -235,7 +235,7 @@ function apbct_get_sender_info() {
235	'site_landing_ts' => !empty($_COOKIE['apbct_site_landing_ts']) && $cookie_is_ok ? $_COOKIE['apbct_site_landing_ts'] : null,
236	'page_hits' => !empty($_COOKIE['apbct_page_hits']) ? $_COOKIE['apbct_page_hits'] : null,
237	// JS cookies
238	- 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info'])) : null,
239	'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
240	'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
241	'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,
	@@ -243,7 +243,7 @@ function apbct_get_sender_info() {
243	'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
244	'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? $_COOKIE['apbct_visible_fields'] : null,
245	// Debug stuff
246	- 'amp_detected' => $amp_detected,
247	);
248	}
249


235	'site_landing_ts' => !empty($_COOKIE['apbct_site_landing_ts']) && $cookie_is_ok ? $_COOKIE['apbct_site_landing_ts'] : null,
236	'page_hits' => !empty($_COOKIE['apbct_page_hits']) ? $_COOKIE['apbct_page_hits'] : null,
237	// JS cookies
238	+ 'js_info' => !empty($_COOKIE['ct_user_info']) ? json_decode(stripslashes($_COOKIE['ct_user_info']), true) : null,
239	'mouse_cursor_positions' => !empty($_COOKIE['ct_pointer_data']) ? json_decode(stripslashes($_COOKIE['ct_pointer_data']), true) : null,
240	'js_timezone' => !empty($_COOKIE['ct_timezone']) ? $_COOKIE['ct_timezone'] : null,
241	'key_press_timestamp' => !empty($_COOKIE['ct_fkp_timestamp']) ? $_COOKIE['ct_fkp_timestamp'] : null,

243	'form_visible_inputs' => !empty($_COOKIE['apbct_visible_fields_count']) ? $_COOKIE['apbct_visible_fields_count'] : null,
244	'apbct_visible_fields' => !empty($_COOKIE['apbct_visible_fields']) ? $_COOKIE['apbct_visible_fields'] : null,
245	// Debug stuff
246	+ 'amp_detected' => $amp_detected,
247	);
248	}
249

inc/cleantalk-public.php CHANGED Viewed

	@@ -211,7 +211,8 @@ function apbct_init() {
211	//
212	if (defined('GF_MIN_WP_VERSION')) {
213	add_filter('gform_get_form_filter', 'ct_gforms_hidden_field', 10, 2);
214	- add_filter('gform_entry_is_spam', 'ct_gforms_spam_test', 1, 3);

215	}
216
217	//
	@@ -1860,7 +1861,8 @@ function ct_gforms_hidden_field ( $form_string, $form ) {
1860	* @return boolean
1861	*/
1862	function ct_gforms_spam_test ($is_spam, $form, $entry) {
1863	- ~~global $ct_options, $ct_data, $cleantalk_executed;~~

1864
1865	$ct_options = ct_get_options();
1866	$ct_data = ct_get_data();
	@@ -1915,22 +1917,24 @@ function ct_gforms_spam_test ($is_spam, $form, $entry) {
1915	$ct_result = $base_call_result['ct_result'];
1916	if ($ct_result->allow == 0) {
1917	$is_spam = true;
1918	- ~~if (isset(~~$~~_POST['gform_ajax'])~~ && ~~$_POST['gform_ajax'] !== null)~~
1919	- {
1920	- $response = sprintf("<!DOCTYPE html><html><head><meta charset='UTF-8' /></head><body class='GF_AJAX_POSTBACK'><div id='gform_wrapper_1' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_1' class='gform_confirmation_message_1
1921	- gform_confirmation_message'>%s</div></div></body></html>",
1922	- $ct_result->comment
1923	- );
1924	- echo $response;
1925	- die();
1926	- }
1927	- else
1928	- wp_die("<h1>".__('Spam protection by CleanTalk', 'cleantalk')."</h1><h2>".$ct_result->comment."</h2>", '', array('response' => 403, "back_link" => true, "text_direction" => 'ltr'));
1929	}
1930
1931	return $is_spam;
1932	}
1933











1934	/**
1935	* Test S2member registration
1936	* @return array with errors


211	//
212	if (defined('GF_MIN_WP_VERSION')) {
213	add_filter('gform_get_form_filter', 'ct_gforms_hidden_field', 10, 2);
214	+ add_filter('gform_entry_is_spam', 'ct_gforms_spam_test', 999, 3);
215	+ add_filter('gform_confirmation', 'ct_gfomrs_confimation', 999, 4 );
216	}
217
218	//

1861	* @return boolean
1862	*/
1863	function ct_gforms_spam_test ($is_spam, $form, $entry) {
1864	+
1865	+ global $ct_options, $ct_data, $cleantalk_executed, $ct_gform_is_spam, $ct_gform_response;
1866
1867	$ct_options = ct_get_options();
1868	$ct_data = ct_get_data();

1917	$ct_result = $base_call_result['ct_result'];
1918	if ($ct_result->allow == 0) {
1919	$is_spam = true;
1920	+ $ct_gform_is_spam = true;
1921	+ $ct_gform_response = $ct_result->comment;









1922	}
1923
1924	return $is_spam;
1925	}
1926
1927	+ function ct_gfomrs_confimation( $confirmation, $form, $entry, $ajax ){
1928	+
1929	+ global $ct_gform_is_spam, $ct_gform_response;
1930	+
1931	+ if(!empty($ct_gform_is_spam)){
1932	+ $confirmation = "<div id='gform_confirmation_wrapper_2' class='gform_confirmation_wrapper '><div id='gform_confirmation_message_2' class='gform_confirmation_message_2 gform_confirmation_message'><font style='color: red'>$ct_gform_response</font></div></div>";
1933	+ }
1934	+
1935	+ return $confirmation;
1936	+ }
1937	+
1938	/**
1939	* Test S2member registration
1940	* @return array with errors

lib/CleantalkHelper.php CHANGED Viewed

@@ -501,4 +501,27 @@ class CleantalkHelper
             		if($save_flag)
             			$apbct->save('data');
+            	}
+            }


501	if($save_flag)
502	$apbct->save('data');
503	}
504	+
505	+ //* Write $message to the plugin's debug option
506	+ static public function ct_log($message = 'empty', $func = null, $params = array())
507	+ {
508	+ global $ct_data;
509	+
510	+ $ct_data = ct_get_data();
511	+
512	+ $function = $func ? $func : '';
513	+ $cron = in_array('cron', $params) ? true : false;
514	+ $data = in_array('data', $params) ? true : false;
515	+ $settings = in_array('settings', $params) ? true : false;
516	+
517	+ if(is_array($message) or is_object($message))
518	+ $message = print_r($message, true);
519	+
520	+ if($message) $ct_data['debug'][date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func)] = $message;
521	+ if($cron) $ct_data['debug'][date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_cron'] = get_option('cleantalk_cron');
522	+ if($data) $ct_data['debug'][date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_data'] = get_option('cleantalk_data');
523	+ if($settings) $ct_data['debug'][date("H:i:s", microtime(true))."_ACTION_".strval(current_action())."_FUNCTION_".strval($func).'_settings'] = get_option('cleantalk_settings');
524	+
525	+ update_option('cleantalk_data', $ct_data);
526	+ }
527	}

lib/CleantalkSFW.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	/*
4	* CleanTalk SpamFireWall base class
5	* Compatible only with Wordpress.
6	- * Version 1.5-wp
7	* author Cleantalk team (welcome@cleantalk.org)
8	* copyright (C) 2014 CleanTalk team (http://cleantalk.org)
9	* license GNU/GPL: http://www.gnu.org/copyleft/gpl.html
	@@ -27,6 +27,33 @@ class CleantalkSFW
27	private $db_result;
28	private $db_result_data = array();
29



























30	public function __construct()
31	{
32	global $wpdb;
	@@ -60,57 +87,80 @@ class CleantalkSFW
60	*/
61	public function cleantalk_get_real_ip(){
62
63	- $result=Array();
64	$headers = function_exists('apache_request_headers')
65	? apache_request_headers()
66	: self::apache_request_headers();
67
68	- $~~headers~~['~~REMOTE_ADDR~~'] = $_SERVER['REMOTE_ADDR'];
69	- $sfw_test_ip = isset($_GET['sfw_test_ip']) ? $_GET['sfw_test_ip'] : null;
70
71	- ~~if(~~ ~~isset($headers['X-Forwarded-For'])~~ ){
72	- ~~$the_ip = explode~~(~~",", trim~~($headers['X-~~Forwarded~~-~~For~~']));
73	- $~~the_ip = trim~~($~~the_ip~~[0]);
74	- $result[] = $~~the_ip~~;
75	- $~~this->ip_str_array~~[]~~=$the_ip~~;
76	- ~~$this->ip_array[]=sprintf("%u", ip2long($the_ip));~~











77	}
78
79	- ~~$the_ip = filter_var~~( $~~headers~~['~~REMOTE_ADDR~~']~~, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4~~ );
80	- $result[] = $~~the_ip~~;
81	- $this->ip_str_array[]=$the_ip;
82	- $this->ip_array[]=sprintf("%u", ip2long($the_ip));
83	-
84	- if($sfw_test_ip){
85	- $result[] = $sfw_test_ip;
86	- $this->ip_str_array[]=$sfw_test_ip;
87	- $this->ip_array[]=sprintf("%u", ip2long($sfw_test_ip));
88	}
89


90	return $result;





















91	}
92
93	/*
94	* Checks IP via Database
95	*/
96	- public function check_ip(){


97
98	- for($i=0, $arr_count = sizeof($this->ip_array); $i < $arr_count; $i++){
99	-
100	$query = "SELECT
101	COUNT(network) AS cnt
102	FROM ".$this->table_prefix."cleantalk_sfw
103	- WHERE network = ".~~intval~~($~~this->ip_array[$i]~~)." & mask;";
104	$this->unversal_query($query);
105	$this->unversal_fetch();
106
107	- $curr_ip = long2ip(intval($this->ip_array[$i]));
108	-
109	if($this->db_result_data['cnt']){
110	$this->result = true;
111	- $this->blocked_ip~~=$this->ip_str_array[~~$i];
112	}else{
113	- $this->passed_ip = $~~this->ip_str_array[$i]~~;
114	}
115	}
116	}
	@@ -174,7 +224,7 @@ class CleantalkSFW
174	return true;
175
176	}else{
177	- return $result~~['error_string']~~;
178	}
179	}
180
	@@ -209,11 +259,11 @@ class CleantalkSFW
209	return true;
210	}
211	}else{
212	- return $result~~['error_string']~~;
213	}
214
215	}else{
216	- return 'NO_LOGS_TO_SEND';
217	}
218	}
219


3	/*
4	* CleanTalk SpamFireWall base class
5	* Compatible only with Wordpress.
6	+ * Version 1.6-wp
7	* author Cleantalk team (welcome@cleantalk.org)
8	* copyright (C) 2014 CleanTalk team (http://cleantalk.org)
9	* license GNU/GPL: http://www.gnu.org/copyleft/gpl.html

27	private $db_result;
28	private $db_result_data = array();
29
30	+ public static $cdn_pool = array(
31	+ 'cloud_flare' => array(
32	+ '103.21.244.0/22',
33	+ '103.22.200.0/22',
34	+ '103.31.4.0/22',
35	+ '104.16.0.0/12',
36	+ '108.162.192.0/18',
37	+ '131.0.72.0/22',
38	+ '141.101.64.0/18',
39	+ '162.158.0.0/15',
40	+ '172.64.0.0/13',
41	+ '173.245.48.0/20',
42	+ '188.114.96.0/20',
43	+ '190.93.240.0/20',
44	+ '197.234.240.0/22',
45	+ '198.41.128.0/17',
46	+ ),
47	+ );
48	+
49	+ public static $private_networks = array(
50	+ '10.0.0.0/8',
51	+ '100.64.0.0/10',
52	+ '172.16.0.0/12',
53	+ '192.168.0.0/16',
54	+ '127.0.0.1/32',
55	+ );
56	+
57	public function __construct()
58	{
59	global $wpdb;

87	*/
88	public function cleantalk_get_real_ip(){
89

90	$headers = function_exists('apache_request_headers')
91	? apache_request_headers()
92	: self::apache_request_headers();
93
94	+ $result['remote_addr'] = filter_var( $_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );

95
96	+ // Cloud Flare
97	+ if(isset($headers['Cf-Connecting-Ip'])){
98	+ if($this->ip_mask_match($result['remote_addr'], self::$cdn_pool['cloud_flare'])){
99	+ $result['cf_connecting_ip'] = filter_var( $headers['Cf-Connecting-Ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
100	+ unset($result['remote_addr']);
101	+ }
102	+ // Private networks. Looking for HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP
103	+ }elseif($this->ip_mask_match($result['remote_addr'], self::$private_networks)){
104	+ if(isset($headers['X-Forwarded_For'])){
105	+ $result['x_forwarded_for'] = filter_var( $headers['X-Forwarded_For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
106	+ }
107	+ if(isset($headers['X-Real-Ip'])){
108	+ $result['x_real_ip'] = filter_var( $headers['X-Real-Ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );
109	+ }
110	+ if(isset($result['x_forwarded_for']) \|\| isset($result['x_real_ip'])){
111	+ unset($result['remote_addr']);
112	+ }
113	}
114
115	+ if(isset($_GET['sfw_test_ip'])){
116	+ $result['test'] = filter_var( $_GET['sfw_test_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 );







117	}
118
119	+ $this->ip_array = $result;
120	+
121	return $result;
122	+
123	+ }
124	+
125	+ /*
126	+ * Check if the IP belong to mask. Recursivly if array given
127	+ * @param ip string
128	+ * @param cird mixed (string\|array of strings)
129	+ */
130	+ public function ip_mask_match($ip, $cidr){
131	+ if(is_array($cidr)){
132	+ foreach($cidr as $curr_mask){
133	+ if($this->ip_mask_match($ip, $curr_mask)){
134	+ return true;
135	+ }
136	+ } unset($curr_mask);
137	+ return false;
138	+ }
139	+ $exploded = explode ('/', $cidr);
140	+ $net = $exploded[0];
141	+ $mask = 4294967295 << (32 - $exploded[1]);
142	+ return (ip2long($ip) & $mask) == (ip2long($net) & $mask);
143	}
144
145	/*
146	* Checks IP via Database
147	*/
148	+ public function check_ip(){
149	+
150	+ foreach($this->ip_array as $current_ip){
151


152	$query = "SELECT
153	COUNT(network) AS cnt
154	FROM ".$this->table_prefix."cleantalk_sfw
155	+ WHERE network = ".sprintf("%u", ip2long($current_ip))." & mask;";
156	$this->unversal_query($query);
157	$this->unversal_fetch();
158


159	if($this->db_result_data['cnt']){
160	$this->result = true;
161	+ $this->blocked_ip = $current_ip;
162	}else{
163	+ $this->passed_ip = $current_ip;
164	}
165	}
166	}

224	return true;
225
226	}else{
227	+ return $result;
228	}
229	}
230

259	return true;
260	}
261	}else{
262	+ return $result;
263	}
264
265	}else{
266	+ return array('error' => true, 'error_string' => 'NO_LOGS_TO_SEND');
267	}
268	}
269

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: znaeff, shagimuratov, sartemd174
3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 4.9.3
6	- Stable tag: 5.89
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.
	@@ -515,6 +515,12 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
515	10. Website's options.
516
517	== Changelog ==






518	= 5.89 February 21 2018 =
519	* Improved spam filtration quality.
520	* Improved compatibility.
	@@ -1535,6 +1541,12 @@ We develop plugin to do it as optimized as possible, CleanTalk doesn't downgrade
1535	* First version
1536
1537	== Upgrade Notice ==






1538	= 5.89 February 21 2018 =
1539	* Improved spam filtration quality.
1540	* Improved compatibility.


3	Tags: spam, antispam, protection, comments, firewall
4	Requires at least: 3.0
5	Tested up to: 4.9.3
6	+ Stable tag: 5.90
7	License: GPLv2
8
9	Spam protection, antispam, all-in-one, premium plugin. No spam comments & users, no spam contact form & WooCommerce spam. Forget spam.

515	10. Website's options.
516
517	== Changelog ==
518	+ = 5.90 March 7 2018 =
519	+ * Improvement: Better IP recognition in SpamFireWall.
520	+ * Fix: Gravity Froms blocking message.
521	+ * Security improvments.
522	+ * Minor fixes.
523	+
524	= 5.89 February 21 2018 =
525	* Improved spam filtration quality.
526	* Improved compatibility.

1541	* First version
1542
1543	== Upgrade Notice ==
1544	+ = 5.90 March 7 2018 =
1545	+ * Improvement: Better IP recognition in SpamFireWall.
1546	+ * Fix: Gravity Froms blocking message.
1547	+ * Security improvments.
1548	+ * Minor fixes.
1549	+
1550	= 5.89 February 21 2018 =
1551	* Improved spam filtration quality.
1552	* Improved compatibility.

Spam protection, AntiSpam, FireWall by CleanTalk - Version 5.90

Version Description

Release Info

Code changes from version 5.89 to 5.90