Gwolle Guestbook - Version 2.5.3

Version Description

2018-06-04
Better testing if anti-spam functions are enabled when checking the form input.
Included possible fix for not handling form data on some installs.

Release Info

Developer	mpol
Plugin	Gwolle Guestbook
Version	2.5.3
Comparing to
See all releases

Code changes from version 2.5.2 to 2.5.3

Files changed (3) hide show

frontend/gb-form-posthandling.php +51 -48
gwolle-gb.php +2 -2
readme.txt +6 -1

frontend/gb-form-posthandling.php CHANGED Viewed

	@@ -51,8 +51,8 @@ function gwolle_gb_frontend_posthandling() {
51	/* Name */
52	if ( isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true' ) {
53	$field_name = gwolle_gb_get_field_name( 'name' );
54	- if (isset($_POST[$field_name])) {
55	- $author_name = trim($_POST[$field_name]);
56	$author_name = gwolle_gb_maybe_encode_emoji( $author_name, 'author_name' );
57	$gwolle_gb_formdata['author_name'] = $author_name;
58	gwolle_gb_add_formdata( 'author_name', $author_name );
	@@ -71,8 +71,8 @@ function gwolle_gb_frontend_posthandling() {
71	/* City / Origin */
72	if ( isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true' ) {
73	$field_name = gwolle_gb_get_field_name( 'city' );
74	- if (isset($_POST[$field_name])) {
75	- $author_origin = trim($_POST[$field_name]);
76	$author_origin = gwolle_gb_maybe_encode_emoji( $author_origin, 'author_origin' );
77	$gwolle_gb_formdata['author_origin'] = $author_origin;
78	gwolle_gb_add_formdata( 'author_origin', $author_origin );
	@@ -91,8 +91,8 @@ function gwolle_gb_frontend_posthandling() {
91	/* Email */
92	if ( isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true' ) {
93	$field_name = gwolle_gb_get_field_name( 'email' );
94	- if (isset($_POST[$field_name])) {
95	- $author_email = trim($_POST[$field_name]);
96	$gwolle_gb_formdata['author_email'] = $author_email;
97	gwolle_gb_add_formdata( 'author_email', $author_email );
98	if ( filter_var( $author_email, FILTER_VALIDATE_EMAIL ) ) {
	@@ -116,8 +116,8 @@ function gwolle_gb_frontend_posthandling() {
116	/* Website / Homepage */
117	if ( isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true' ) {
118	$field_name = gwolle_gb_get_field_name( 'website' );
119	- if (isset($_POST[$field_name])) {
120	- $author_website = trim($_POST[$field_name]);
121	$gwolle_gb_formdata['author_website'] = $author_website;
122	gwolle_gb_add_formdata( 'author_website', $author_website );
123	$pattern = '/^http/';
	@@ -139,9 +139,9 @@ function gwolle_gb_frontend_posthandling() {
139	/* Message */
140	if ( isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true' ) {
141	$field_name = gwolle_gb_get_field_name( 'content' );
142	- if (isset($_POST[$field_name])) {
143	- $content = trim($_POST[$field_name]);
144	- if ( $content == "" ) {
145	if ( isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true' ) {
146	gwolle_gb_add_message( '<p class="error_fields gb-error-fields"><strong>' . esc_html__('There is no message, even though it is mandatory.', 'gwolle-gb') . '</strong></p>',true, $field_name); // mandatory
147	}
	@@ -164,14 +164,14 @@ function gwolle_gb_frontend_posthandling() {
164	$antispam_answer = gwolle_gb_sanitize_output( get_option('gwolle_gb-antispam-answer') );
165
166	if ( isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0 ) {
167	- if ( isset($_POST[$field_name]) && trim($_POST[$field_name]) == trim($antispam_answer) ) {
168	//echo "You got it!";
169	} else {
170	gwolle_gb_add_message( '<p class="error_fields gb-error-fields"><strong>' . esc_html__('The anti-spam question was not answered correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>', true, $field_name); // mandatory
171	}
172	}
173	- if ( isset($_POST[$field_name]) ) {
174	- $antispam = trim($_POST[$field_name]);
175	$gwolle_gb_formdata['antispam_answer'] = $antispam;
176	gwolle_gb_add_formdata( 'antispam_answer', $antispam );
177	}
	@@ -234,19 +234,20 @@ function gwolle_gb_frontend_posthandling() {
234
235	/* Akismet: check for spam and set accordingly */
236	$marked_by_akismet = false;
237	- ~~$isspam~~ = ~~gwolle_gb_akismet~~( ~~$entry~~, '~~comment-check~~' );
238	- if ( $~~isspam~~ ) {
239	- // ~~Returned~~ ~~true,~~ so ~~considered spam~~
240	- ~~$entry->set_isspam(~~true);
241	- $~~marked_by_akismet =~~ true;
242	- if ~~(get_option(~~ ~~'gwolle_gb-refuse-spam', 'false') == '~~true~~') {~~
243	- ~~gwolle_gb_add_message~~( '~~<p class="~~refuse-spam~~-akismet"><strong>~~' ~~. esc_html__('Your entry was marked as spam. Please try again.'~~, '~~gwolle-gb~~') . '~~</strong></p>~~', ~~true, false );~~
244	- ~~do_action~~( '~~gwolle_gb_notsaved_entry_frontend~~', $entry );
245	- ~~return~~ ~~false~~;


246	}
247	}
248
249	-
250	/* Stop Forum Spam: check for spam and set accordingly */
251	$marked_by_sfs = false;
252	if ( get_option( 'gwolle_gb-sfs', 'false') == 'true' ) {
	@@ -266,27 +267,29 @@ function gwolle_gb_frontend_posthandling() {
266
267	/* Honeypot: check for spam and set accordingly. */
268	$marked_by_honeypot = false;
269	- ~~$field_name~~ ~~= gwolle_gb_get_field_name~~( 'honeypot' );
270	- $~~field_name2~~ = gwolle_gb_get_field_name( '~~honeypot2~~' );
271	- $~~honeypot_value~~ = ~~get_option~~( '~~gwolle_gb-honeypot_value~~', 15 );
272	- ~~if ( isset(~~$~~_POST[$field_name])~~ && ~~strlen~~(~~$_POST[$field_name])~~ > 0 ) {
273	- // ~~Input~~ ~~field~~ ~~was~~ ~~filled~~ ~~in,~~ so ~~considered~~ ~~spam~~
274	- ~~$entry->set_isspam(true);~~
275	- $~~marked_by_honeypot =~~ true;
276	- if ~~(get_option(~~ ~~'gwolle_gb-refuse-spam', 'false') == '~~true~~') {~~
277	- ~~gwolle_gb_add_message~~( '~~<p class="~~refuse-spam~~-honeypot"><strong>~~' ~~. esc_html__('Your entry was marked as spam. Please try again.'~~, '~~gwolle-gb~~') . '~~</strong></p>~~', ~~true, false );~~
278	- ~~do_action~~( '~~gwolle_gb_notsaved_entry_frontend~~', $entry );
279	- ~~return~~ ~~false~~;


280	}
281	- }
282	- if ( ! ~~isset($_POST[$field_name2])~~ \|\| ~~$_POST[$field_name2]~~ != ~~$honeypot_value~~ ) {
283	- ~~// Input field was not filled in correctly, so considered spam~~
284	- $~~entry->set_isspam(~~true);
285	- ~~$marked_by_honeypot~~ = true;
286	- if (~~get_option(~~ '~~gwolle_gb-~~refuse-spam', '~~false~~') == 'true') {
287	- ~~gwolle_gb_add_message~~( '~~<p class="refuse-spam-honeypot2"><strong>~~' ~~. esc_html__('Your~~ entry ~~was marked as spam. Please try again.', 'gwolle-gb'~~) ~~. '</strong></p>', true, false )~~;
288	- ~~do_action(~~ ~~'gwolle_gb_notsaved_entry_frontend', $entry )~~;
289	- ~~return false;~~
290	}
291	}
292
	@@ -295,7 +298,7 @@ function gwolle_gb_frontend_posthandling() {
295	$marked_by_nonce = false;
296	if (get_option( 'gwolle_gb-nonce', 'true') == 'true') {
297	$field_name = gwolle_gb_get_field_name( 'nonce' );
298	- $verified = wp_verify_nonce( $_REQUEST[$field_name], 'gwolle_gb_add_entry' );
299	if ( $verified == false ) {
300	// Nonce is invalid, so considered spam
301	$entry->set_isspam(true);
	@@ -390,10 +393,10 @@ function gwolle_gb_frontend_posthandling() {
390	if (get_option( 'gwolle_gb-timeout', 'true') == 'true') {
391	$field_name = gwolle_gb_get_field_name( 'timeout' );
392	$field_name2 = gwolle_gb_get_field_name( 'timeout2' );
393	- if ( isset($_POST[$field_name]) && strlen($_POST[$field_name]) > 0 && isset($_POST[$field_name2]) && strlen($_POST[$field_name2]) > 0 ) {
394	// Input fields were filled in, so continue.
395	- $timeout = (int) $_POST[$field_name];
396	- $timeout2 = (int) $_POST[$field_name2];
397	if ( ($timeout2 - $timeout) < 14 ) {
398	// Submitted less then 7 seconds after loading. Considered spam.
399	$entry->set_isspam(true);


51	/* Name */
52	if ( isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true' ) {
53	$field_name = gwolle_gb_get_field_name( 'name' );
54	+ if (isset($_POST["$field_name"])) {
55	+ $author_name = trim($_POST["$field_name"]);
56	$author_name = gwolle_gb_maybe_encode_emoji( $author_name, 'author_name' );
57	$gwolle_gb_formdata['author_name'] = $author_name;
58	gwolle_gb_add_formdata( 'author_name', $author_name );

71	/* City / Origin */
72	if ( isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true' ) {
73	$field_name = gwolle_gb_get_field_name( 'city' );
74	+ if (isset($_POST["$field_name"])) {
75	+ $author_origin = trim($_POST["$field_name"]);
76	$author_origin = gwolle_gb_maybe_encode_emoji( $author_origin, 'author_origin' );
77	$gwolle_gb_formdata['author_origin'] = $author_origin;
78	gwolle_gb_add_formdata( 'author_origin', $author_origin );

91	/* Email */
92	if ( isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true' ) {
93	$field_name = gwolle_gb_get_field_name( 'email' );
94	+ if (isset($_POST["$field_name"])) {
95	+ $author_email = trim($_POST["$field_name"]);
96	$gwolle_gb_formdata['author_email'] = $author_email;
97	gwolle_gb_add_formdata( 'author_email', $author_email );
98	if ( filter_var( $author_email, FILTER_VALIDATE_EMAIL ) ) {

116	/* Website / Homepage */
117	if ( isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true' ) {
118	$field_name = gwolle_gb_get_field_name( 'website' );
119	+ if (isset($_POST["$field_name"])) {
120	+ $author_website = trim($_POST["$field_name"]);
121	$gwolle_gb_formdata['author_website'] = $author_website;
122	gwolle_gb_add_formdata( 'author_website', $author_website );
123	$pattern = '/^http/';

139	/* Message */
140	if ( isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true' ) {
141	$field_name = gwolle_gb_get_field_name( 'content' );
142	+ if (isset($_POST["$field_name"])) {
143	+ $content = trim($_POST["$field_name"]);
144	+ if ( $content == '' ) {
145	if ( isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true' ) {
146	gwolle_gb_add_message( '<p class="error_fields gb-error-fields"><strong>' . esc_html__('There is no message, even though it is mandatory.', 'gwolle-gb') . '</strong></p>',true, $field_name); // mandatory
147	}

164	$antispam_answer = gwolle_gb_sanitize_output( get_option('gwolle_gb-antispam-answer') );
165
166	if ( isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0 ) {
167	+ if ( isset($_POST["$field_name"]) && trim($_POST["$field_name"]) == trim($antispam_answer) ) {
168	//echo "You got it!";
169	} else {
170	gwolle_gb_add_message( '<p class="error_fields gb-error-fields"><strong>' . esc_html__('The anti-spam question was not answered correctly, even though it is mandatory.', 'gwolle-gb') . '</strong></p>', true, $field_name); // mandatory
171	}
172	}
173	+ if ( isset($_POST["$field_name"]) ) {
174	+ $antispam = trim($_POST["$field_name"]);
175	$gwolle_gb_formdata['antispam_answer'] = $antispam;
176	gwolle_gb_add_formdata( 'antispam_answer', $antispam );
177	}

234
235	/* Akismet: check for spam and set accordingly */
236	$marked_by_akismet = false;
237	+ if ( get_option( 'gwolle_gb-akismet-active', 'false' ) === 'true' ) {
238	+ $isspam = gwolle_gb_akismet( $entry, 'comment-check' );
239	+ if ( $isspam ) {
240	+ // Returned true, so considered spam
241	+ $entry->set_isspam(true);
242	+ $marked_by_akismet = true;
243	+ if (get_option( 'gwolle_gb-refuse-spam', 'false') == 'true') {
244	+ gwolle_gb_add_message( '<p class="refuse-spam-akismet"><strong>' . esc_html__('Your entry was marked as spam. Please try again.', 'gwolle-gb') . '</strong></p>', true, false );
245	+ do_action( 'gwolle_gb_notsaved_entry_frontend', $entry );
246	+ return false;
247	+ }
248	}
249	}
250

251	/* Stop Forum Spam: check for spam and set accordingly */
252	$marked_by_sfs = false;
253	if ( get_option( 'gwolle_gb-sfs', 'false') == 'true' ) {

267
268	/* Honeypot: check for spam and set accordingly. */
269	$marked_by_honeypot = false;
270	+ if (get_option( 'gwolle_gb-honeypot', 'true') == 'true') {
271	+ $field_name = gwolle_gb_get_field_name( 'honeypot' );
272	+ $field_name2 = gwolle_gb_get_field_name( 'honeypot2' );
273	+ $honeypot_value = get_option( 'gwolle_gb-honeypot_value', 15 );
274	+ if ( isset($_POST["$field_name"]) && strlen($_POST["$field_name"]) > 0 ) {
275	+ // Input field was filled in, so considered spam
276	+ $entry->set_isspam(true);
277	+ $marked_by_honeypot = true;
278	+ if (get_option( 'gwolle_gb-refuse-spam', 'false') == 'true') {
279	+ gwolle_gb_add_message( '<p class="refuse-spam-honeypot"><strong>' . esc_html__('Your entry was marked as spam. Please try again.', 'gwolle-gb') . '</strong></p>', true, false );
280	+ do_action( 'gwolle_gb_notsaved_entry_frontend', $entry );
281	+ return false;
282	+ }
283	}
284	+ if ( ! isset($_POST["$field_name2"]) \|\| $_POST["$field_name2"] != $honeypot_value ) {
285	+ // Input field was not filled in correctly, so considered spam
286	+ $entry->set_isspam(true);
287	+ $marked_by_honeypot = true;
288	+ if (get_option( 'gwolle_gb-refuse-spam', 'false') == 'true') {
289	+ gwolle_gb_add_message( '<p class="refuse-spam-honeypot2"><strong>' . esc_html__('Your entry was marked as spam. Please try again.', 'gwolle-gb') . '</strong></p>', true, false );
290	+ do_action( 'gwolle_gb_notsaved_entry_frontend', $entry );
291	+ return false;
292	+ }
293	}
294	}
295

298	$marked_by_nonce = false;
299	if (get_option( 'gwolle_gb-nonce', 'true') == 'true') {
300	$field_name = gwolle_gb_get_field_name( 'nonce' );
301	+ $verified = wp_verify_nonce( $_REQUEST["$field_name"], 'gwolle_gb_add_entry' );
302	if ( $verified == false ) {
303	// Nonce is invalid, so considered spam
304	$entry->set_isspam(true);

393	if (get_option( 'gwolle_gb-timeout', 'true') == 'true') {
394	$field_name = gwolle_gb_get_field_name( 'timeout' );
395	$field_name2 = gwolle_gb_get_field_name( 'timeout2' );
396	+ if ( isset($_POST["$field_name"]) && strlen($_POST["$field_name"]) > 0 && isset($_POST["$field_name2"]) && strlen($_POST["$field_name2"]) > 0 ) {
397	// Input fields were filled in, so continue.
398	+ $timeout = (int) $_POST["$field_name"];
399	+ $timeout2 = (int) $_POST["$field_name2"];
400	if ( ($timeout2 - $timeout) < 14 ) {
401	// Submitted less then 7 seconds after loading. Considered spam.
402	$entry->set_isspam(true);

gwolle-gb.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: Gwolle Guestbook
4	Plugin URI: http://zenoweb.nl
5	Description: Gwolle Guestbook is not just another guestbook for WordPress. The goal is to provide an easy and slim way to integrate a guestbook into your WordPress powered site. Don't use your 'comment' section the wrong way - install Gwolle Guestbook and have a real guestbook.
6	- Version: 2.5.2
7	Author: Marcel Pol
8	Author URI: http://zenoweb.nl
9	License: GPLv2 or later
	@@ -32,7 +32,7 @@ Domain Path: /lang/
32
33
34	// Plugin Version
35	- define('GWOLLE_GB_VER', '2.5.2');
36
37
38	/*


3	Plugin Name: Gwolle Guestbook
4	Plugin URI: http://zenoweb.nl
5	Description: Gwolle Guestbook is not just another guestbook for WordPress. The goal is to provide an easy and slim way to integrate a guestbook into your WordPress powered site. Don't use your 'comment' section the wrong way - install Gwolle Guestbook and have a real guestbook.
6	+ Version: 2.5.3
7	Author: Marcel Pol
8	Author URI: http://zenoweb.nl
9	License: GPLv2 or later

32
33
34	// Plugin Version
35	+ define('GWOLLE_GB_VER', '2.5.3');
36
37
38	/*

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: Gwolle, mpol
3	Tags: guestbook, guest book, livre d'or, Gästebuch, review
4	Requires at least: 3.7
5	Tested up to: 4.9
6	- Stable tag: 2.5.2
7	License: GPLv2 or later
8
9	Gwolle Guestbook is the WordPress guestbook you've just been looking for. Beautiful and easy.
	@@ -405,6 +405,11 @@ But if you don't use standard comments, you can just as easily use the comment s
405
406	== Changelog ==
407





408	= 2.5.2 =
409	* 2018-05-12
410	* Support link to privacy policy (requires WordPress 4.9.6).


3	Tags: guestbook, guest book, livre d'or, Gästebuch, review
4	Requires at least: 3.7
5	Tested up to: 4.9
6	+ Stable tag: 2.5.3
7	License: GPLv2 or later
8
9	Gwolle Guestbook is the WordPress guestbook you've just been looking for. Beautiful and easy.

405
406	== Changelog ==
407
408	+ = 2.5.3 =
409	+ * 2018-06-04
410	+ * Better testing if anti-spam functions are enabled when checking the form input.
411	+ * Included possible fix for not handling form data on some installs.
412	+
413	= 2.5.2 =
414	* 2018-05-12
415	* Support link to privacy policy (requires WordPress 4.9.6).