Newsletter - Version 5.3.0

Version Description

  • CAPTCHA system
  • IP black list
  • Email address black list
Download this release

Release Info

Developer webagile
Plugin Icon 128x128 Newsletter
Version 5.3.0
Comparing to
See all releases

Code changes from version 5.2.7 to 5.3.0

includes/controls.php CHANGED
@@ -814,6 +814,9 @@ class NewsletterControls {
814
 
815
  function textarea($name, $width = '100%', $height = '50') {
816
  $value = $this->get_value($name);
 
 
 
817
  echo '<textarea id="options-' . esc_attr($name) . '" class="dynamic" name="options[' . esc_attr($name) . ']" wrap="off" style="width:' . esc_attr($width) . ';height:' . esc_attr($height) . '">';
818
  echo esc_html($value);
819
  echo '</textarea>';
814
 
815
  function textarea($name, $width = '100%', $height = '50') {
816
  $value = $this->get_value($name);
817
+ if (is_array($value)) {
818
+ $value = implode("\n", $value);
819
+ }
820
  echo '<textarea id="options-' . esc_attr($name) . '" class="dynamic" name="options[' . esc_attr($name) . ']" wrap="off" style="width:' . esc_attr($width) . ';height:' . esc_attr($height) . '">';
821
  echo esc_html($value);
822
  echo '</textarea>';
includes/module.php CHANGED
@@ -1132,17 +1132,45 @@ class NewsletterModule {
1132
  return $text;
1133
  }
1134
 
1135
- public static function antibot_form_check() {
1136
- return strtolower($_SERVER['REQUEST_METHOD']) == 'post' && isset($_POST['ts']) && time() - $_POST['ts'] < 30;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1137
  }
1138
 
1139
- public static function request_to_antibot_form($submit_label = 'Continue...') {
1140
  header('Content-Type: text/html;charset=UTF-8');
1141
  header('X-Robots-Tag: noindex,nofollow,noarchive');
1142
  header('Cache-Control: no-cache,no-store,private');
1143
  echo "<!DOCTYPE html>\n";
1144
- echo '<html><head></head><body>';
1145
- echo '<form method="post" action="https://www.domain.tld" id="form" style="width: 1px; height: 1px; overflow: hidden">';
 
 
 
 
 
 
 
 
1146
  foreach ($_REQUEST as $name => $value) {
1147
  if ($name == 'submit')
1148
  continue;
@@ -1167,12 +1195,25 @@ class NewsletterModule {
1167
  echo '<input type="hidden" name="nhr" value="' . esc_attr($_SERVER['HTTP_REFERER']) . '">';
1168
  }
1169
  echo '<input type="hidden" name="ts" value="' . time() . '">';
 
 
 
 
 
 
 
 
 
 
1170
  echo '<noscript><input type="submit" value="';
1171
  echo esc_attr($submit_label);
1172
  echo '"></noscript></form>';
1173
  echo '<script>';
1174
  echo 'document.getElementById("form").action="' . home_url('/') . '";';
1175
- echo 'document.getElementById("form").submit();</script>';
 
 
 
1176
  echo '</body></html>';
1177
  die();
1178
  }
@@ -1211,12 +1252,13 @@ class NewsletterModule {
1211
  }
1212
  return (int) $var;
1213
  }
1214
-
1215
  static function sanitize_ip($ip) {
1216
- if (empty($ip)) return $ip;
 
1217
  return preg_replace('/[^0-9a-fA-F:., ]/', '', $ip);
1218
  }
1219
-
1220
  static function get_remote_ip() {
1221
  return self::sanitize_ip($_SERVER['REMOTE_ADDR']);
1222
  }
1132
  return $text;
1133
  }
1134
 
1135
+ public static function antibot_form_check($captcha = false) {
1136
+ if (strtolower($_SERVER['REQUEST_METHOD']) != 'post') return false;
1137
+
1138
+ if (!isset($_POST['ts']) || time() - $_POST['ts'] > 60) {
1139
+ return false;
1140
+ }
1141
+ if ($captcha) {
1142
+ $n1 = (int) $_POST['n1'];
1143
+ if (empty($n1)) {
1144
+ return false;
1145
+ }
1146
+ $n2 = (int) $_POST['n2'];
1147
+ if (empty($n2)) {
1148
+ return false;
1149
+ }
1150
+ $n3 = (int) $_POST['n3'];
1151
+ if ($n1 + $n2 != $n3) {
1152
+ return false;
1153
+ }
1154
+ }
1155
+
1156
+ return true;
1157
  }
1158
 
1159
+ public static function request_to_antibot_form($submit_label = 'Continue...', $captcha = false) {
1160
  header('Content-Type: text/html;charset=UTF-8');
1161
  header('X-Robots-Tag: noindex,nofollow,noarchive');
1162
  header('Cache-Control: no-cache,no-store,private');
1163
  echo "<!DOCTYPE html>\n";
1164
+ echo '<html><head>'
1165
+ . '<style type="text/css">'
1166
+ . 'form {margin: 200px auto 0 auto !important; width: 350px !important; padding: 10px !important; font-family: "Open Sans", sans-serif; background: #ECF0F1; border-radius: 5px; padding: 50px !important; border: none !important;}'
1167
+ . 'p {text-align: center; padding: 10px; color: #7F8C8D;}'
1168
+ . 'input[type=text] {width: 50px; padding: 10px 10px; border: none; border-radius: 2px; margin: 0px 5px;}'
1169
+ . 'input[type=submit] {text-align: center; border: none; padding: 10px 15px; font-family: "Open Sans", sans-serif; background-color: #27AE60; color: white; cursor: pointer;}'
1170
+ . '</style>'
1171
+ . '</head><body>';
1172
+ echo '<form method="post" action="https://www.domain.tld" id="form">';
1173
+ echo '<div style="width: 1px; height: 1px; overflow: hidden">';
1174
  foreach ($_REQUEST as $name => $value) {
1175
  if ($name == 'submit')
1176
  continue;
1195
  echo '<input type="hidden" name="nhr" value="' . esc_attr($_SERVER['HTTP_REFERER']) . '">';
1196
  }
1197
  echo '<input type="hidden" name="ts" value="' . time() . '">';
1198
+ echo '</div>';
1199
+ if ($captcha) {
1200
+ echo '<p>Math question</p>';
1201
+ echo '<input type="text" name="n1" value="' . rand(1, 9) . '" readonly style="width: 50px">';
1202
+ echo '+';
1203
+ echo '<input type="text" name="n2" value="' . rand(1, 9) . '" readonly style="width: 50px">';
1204
+ echo '=';
1205
+ echo '<input type="text" name="n3" value="?" style="width: 50px">';
1206
+ echo '&nbsp;<input type="submit" value="', esc_attr($submit_label), '">';
1207
+ }
1208
  echo '<noscript><input type="submit" value="';
1209
  echo esc_attr($submit_label);
1210
  echo '"></noscript></form>';
1211
  echo '<script>';
1212
  echo 'document.getElementById("form").action="' . home_url('/') . '";';
1213
+ if (!$captcha) {
1214
+ echo 'document.getElementById("form").submit();';
1215
+ }
1216
+ echo '</script>';
1217
  echo '</body></html>';
1218
  die();
1219
  }
1252
  }
1253
  return (int) $var;
1254
  }
1255
+
1256
  static function sanitize_ip($ip) {
1257
+ if (empty($ip))
1258
+ return $ip;
1259
  return preg_replace('/[^0-9a-fA-F:., ]/', '', $ip);
1260
  }
1261
+
1262
  static function get_remote_ip() {
1263
  return self::sanitize_ip($_SERVER['REMOTE_ADDR']);
1264
  }
plugin.php CHANGED
@@ -4,7 +4,7 @@
4
  Plugin Name: Newsletter
5
  Plugin URI: https://www.thenewsletterplugin.com/plugins/newsletter
6
  Description: Newsletter is a cool plugin to create your own subscriber list, to send newsletters, to build your business. <strong>Before update give a look to <a href="https://www.thenewsletterplugin.com/category/release">this page</a> to know what's changed.</strong>
7
- Version: 5.2.7
8
  Author: Stefano Lissa & The Newsletter Team
9
  Author URI: https://www.thenewsletterplugin.com
10
  Disclaimer: Use at your own risk. No warranty expressed or implied is provided.
@@ -14,7 +14,7 @@
14
  */
15
 
16
  // Used as dummy parameter on css and js links
17
- define('NEWSLETTER_VERSION', '5.2.7');
18
 
19
  global $wpdb, $newsletter;
20
 
4
  Plugin Name: Newsletter
5
  Plugin URI: https://www.thenewsletterplugin.com/plugins/newsletter
6
  Description: Newsletter is a cool plugin to create your own subscriber list, to send newsletters, to build your business. <strong>Before update give a look to <a href="https://www.thenewsletterplugin.com/category/release">this page</a> to know what's changed.</strong>
7
+ Version: 5.3.0
8
  Author: Stefano Lissa & The Newsletter Team
9
  Author URI: https://www.thenewsletterplugin.com
10
  Disclaimer: Use at your own risk. No warranty expressed or implied is provided.
14
  */
15
 
16
  // Used as dummy parameter on css and js links
17
+ define('NEWSLETTER_VERSION', '5.3.0');
18
 
19
  global $wpdb, $newsletter;
20
 
readme.txt CHANGED
@@ -2,7 +2,7 @@
2
  Tags: newsletter,email,subscription,mass mail,list build,email marketing,direct mailing,automation,automated
3
  Requires at least: 3.4.0
4
  Tested up to: 4.9.4
5
- Stable tag: 5.2.7
6
  Contributors: satollo,webagile,michael-travan
7
 
8
  Add a real newsletter system to your blog. For free. With unlimited newsletters and subscribers.
@@ -88,7 +88,17 @@ Thank you, The Newsletter Team
88
 
89
  == Changelog ==
90
 
91
- = NEXT =
 
 
 
 
 
 
 
 
 
 
92
 
93
  * Improved block layout
94
  * Added filter on profile url
2
  Tags: newsletter,email,subscription,mass mail,list build,email marketing,direct mailing,automation,automated
3
  Requires at least: 3.4.0
4
  Tested up to: 4.9.4
5
+ Stable tag: 5.3.0
6
  Contributors: satollo,webagile,michael-travan
7
 
8
  Add a real newsletter system to your blog. For free. With unlimited newsletters and subscribers.
88
 
89
  == Changelog ==
90
 
91
+ = 5.3.0 =
92
+
93
+ * CAPTCHA system
94
+ * IP black list
95
+ * Email address black list
96
+
97
+ = 5.2.8 =
98
+
99
+ * Redirect fix
100
+
101
+ = 5.2.7 =
102
 
103
  * Improved block layout
104
  * Added filter on profile url
statistics/statistics.php CHANGED
@@ -119,8 +119,7 @@ class NewsletterStatistics extends NewsletterModule {
119
 
120
  $wpdb->query($wpdb->prepare("update " . NEWSLETTER_SENT_TABLE . " set open=2, ip=%s where email_id=%d and user_id=%d limit 1", $ip, $email_id, $user_id));
121
 
122
- wp_safe_redirect(apply_filters('newsletter_redirect_url', $url, $email, $user));
123
-
124
  die();
125
  }
126
 
119
 
120
  $wpdb->query($wpdb->prepare("update " . NEWSLETTER_SENT_TABLE . " set open=2, ip=%s where email_id=%d and user_id=%d limit 1", $ip, $email_id, $user_id));
121
 
122
+ header('Location: ' . apply_filters('newsletter_redirect_url', $url, $email, $user));
 
123
  die();
124
  }
125
 
subscription/languages/en_US.php CHANGED
@@ -14,6 +14,11 @@ $options = array();
14
 
15
  $options['noconfirmation'] = 0;
16
  $options['antiflood'] = 10;
 
 
 
 
 
17
  $options['notify_email'] = get_option('admin_email');
18
 
19
  // Profile page
14
 
15
  $options['noconfirmation'] = 0;
16
  $options['antiflood'] = 10;
17
+ $options['ip_blacklist'] = array();
18
+ $options['address_blacklist'] = array();
19
+ $options['domain_check'] = 0;
20
+ $options['akismet'] = 0;
21
+ $options['captcha'] = 0;
22
  $options['notify_email'] = get_option('admin_email');
23
 
24
  // Profile page
subscription/options.php CHANGED
@@ -58,6 +58,29 @@ if ($controls->is_action()) {
58
  if (!empty($controls->data['page'])) {
59
  $controls->data['url'] = ''; // do not unset
60
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
61
 
62
  $module->merge_options($controls->data);
63
  $controls->add_message_saved();
@@ -258,10 +281,24 @@ if (empty($controls->data['page'])) {
258
  <td>
259
  <?php $controls->yesno('antibot_disable'); ?>
260
  <p class="description">
261
- <?php _e ('Disable for ajax form submission', 'newsletter'); ?>
262
  </p>
263
  </td>
264
  </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
265
  <tr>
266
  <th><?php _e('Antiflood', 'newsletter') ?></th>
267
  <td>
@@ -283,6 +320,43 @@ if (empty($controls->data['page'])) {
283
  <?php $controls->help('https://www.thenewsletterplugin.com/documentation/antiflood') ?>
284
  </td>
285
  </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
286
  </table>
287
 
288
  <h3>Special cases</h3>
@@ -313,10 +387,10 @@ if (empty($controls->data['page'])) {
313
 
314
 
315
  <div id="tabs-3">
316
-
317
  <p><?php _e('Only for double opt-in mode.', 'newsletter') ?></p>
318
  <?php $controls->panel_help('https://www.thenewsletterplugin.com/documentation/subscription#activation') ?>
319
-
320
  <table class="form-table">
321
  <tr>
322
  <th><?php _e('Activation message', 'newsletter') ?></th>
@@ -367,7 +441,7 @@ if (empty($controls->data['page'])) {
367
 
368
  <tr>
369
  <th><?php _e('Conversion tracking code', 'newsletter') ?>
370
- <?php $controls->help('https://www.thenewsletterplugin.com/documentation/subscription#conversion') ?></th>
371
  <td>
372
  <?php $controls->textarea('confirmed_tracking'); ?>
373
  </td>
58
  if (!empty($controls->data['page'])) {
59
  $controls->data['url'] = ''; // do not unset
60
  }
61
+
62
+ $blacklist = trim($controls->data['ip_blacklist']);
63
+ if (empty($blacklist)) $blacklist = array();
64
+ else {
65
+ $blacklist = preg_split("/\\r\\n/", $blacklist);
66
+ $blacklist = array_map('trim', $blacklist);
67
+ $blacklist = array_map('strtolower', $blacklist);
68
+ $blacklist = array_filter($blacklist);
69
+
70
+ $controls->data['ip_blacklist'] = $blacklist;
71
+ }
72
+
73
+ $blacklist = trim($controls->data['address_blacklist']);
74
+ if (empty($blacklist)) $blacklist = array();
75
+ else {
76
+ $blacklist = preg_split("/\\r\\n/", $blacklist);
77
+ $blacklist = array_map('trim', $blacklist);
78
+ $blacklist = array_map('strtolower', $blacklist);
79
+ $blacklist = array_filter($blacklist);
80
+
81
+ $controls->data['address_blacklist'] = $blacklist;
82
+ }
83
+
84
 
85
  $module->merge_options($controls->data);
86
  $controls->add_message_saved();
281
  <td>
282
  <?php $controls->yesno('antibot_disable'); ?>
283
  <p class="description">
284
+ <?php _e('Disable for ajax form submission', 'newsletter'); ?>
285
  </p>
286
  </td>
287
  </tr>
288
+ <?php /*
289
+ <tr>
290
+ <th><?php _e('Akismet', 'newsletter') ?></th>
291
+ <td>
292
+ <?php
293
+ $controls->select('akismet', array(
294
+ 0 => __('Disabled', 'newsletter'),
295
+ 1 => __('Enabled', 'newsletter')
296
+ ));
297
+ ?>
298
+ <?php $controls->help('https://www.thenewsletterplugin.com/documentation/akismet') ?>
299
+ </td>
300
+ </tr>
301
+ */ ?>
302
  <tr>
303
  <th><?php _e('Antiflood', 'newsletter') ?></th>
304
  <td>
320
  <?php $controls->help('https://www.thenewsletterplugin.com/documentation/antiflood') ?>
321
  </td>
322
  </tr>
323
+ <tr>
324
+ <th><?php _e('Captcha', 'newsletter') ?></th>
325
+ <td>
326
+ <?php
327
+ $controls->enabled('captcha');
328
+ ?>
329
+ </td>
330
+ </tr>
331
+ <?php /*
332
+ <tr>
333
+ <th><?php _e('Domain check', 'newsletter') ?></th>
334
+ <td>
335
+ <?php
336
+ $controls->yesno('domain_check');
337
+ ?>
338
+ </td>
339
+ </tr>
340
+ */ ?>
341
+
342
+ <tr>
343
+ <th><?php _e('IP black list', 'newsletter') ?></th>
344
+ <td>
345
+ <?php
346
+ $controls->textarea('ip_blacklist');
347
+ ?>
348
+ <?php $controls->help('https://www.thenewsletterplugin.com/documentation/blacklist') ?>
349
+ </td>
350
+ </tr>
351
+ <tr>
352
+ <th><?php _e('Address black list', 'newsletter') ?></th>
353
+ <td>
354
+ <?php
355
+ $controls->textarea('address_blacklist');
356
+ ?>
357
+ <?php $controls->help('https://www.thenewsletterplugin.com/documentation/blacklist') ?>
358
+ </td>
359
+ </tr>
360
  </table>
361
 
362
  <h3>Special cases</h3>
387
 
388
 
389
  <div id="tabs-3">
390
+
391
  <p><?php _e('Only for double opt-in mode.', 'newsletter') ?></p>
392
  <?php $controls->panel_help('https://www.thenewsletterplugin.com/documentation/subscription#activation') ?>
393
+
394
  <table class="form-table">
395
  <tr>
396
  <th><?php _e('Activation message', 'newsletter') ?></th>
441
 
442
  <tr>
443
  <th><?php _e('Conversion tracking code', 'newsletter') ?>
444
+ <?php $controls->help('https://www.thenewsletterplugin.com/documentation/subscription#conversion') ?></th>
445
  <td>
446
  <?php $controls->textarea('confirmed_tracking'); ?>
447
  </td>
subscription/subscription.php CHANGED
@@ -23,7 +23,7 @@ class NewsletterSubscription extends NewsletterModule {
23
 
24
  function __construct() {
25
 
26
- parent::__construct('subscription', '2.0.3');
27
 
28
  // Must be called after the Newsletter::hook_init, since some constants are defined
29
  // there.
@@ -80,6 +80,19 @@ class NewsletterSubscription extends NewsletterModule {
80
  wp_localize_script('newsletter-subscription', 'newsletter', $data);
81
  }
82
 
 
 
 
 
 
 
 
 
 
 
 
 
 
83
  function hook_wp_loaded() {
84
  global $newsletter, $wpdb;
85
 
@@ -90,7 +103,7 @@ class NewsletterSubscription extends NewsletterModule {
90
  if (!$user || $user->status != 'C') {
91
  die('Subscriber not found or not active.');
92
  }
93
-
94
  $email = $this->get_email_from_request();
95
  if (!$email) {
96
  die('Newsletter not found');
@@ -104,9 +117,9 @@ class NewsletterSubscription extends NewsletterModule {
104
  if (!$list || $list['status'] == 0) {
105
  die('Private list.');
106
  }
107
-
108
  $url = $_REQUEST['redirect'];
109
-
110
  $this->set_user_list($user, $list_id, $_REQUEST['value']);
111
  NewsletterStatistics::instance()->add_click(wp_sanitize_redirect($url), $user->id, $email->id);
112
  wp_safe_redirect($url);
@@ -125,30 +138,107 @@ class NewsletterSubscription extends NewsletterModule {
125
  // normal subscription
126
  case 's':
127
  case 'subscribe':
128
- // Flood check
129
- if (!empty($this->options['antiflood'])) {
130
- $ip = (string) $_SERVER['REMOTE_ADDR'];
131
- $email = $this->is_email($_REQUEST['ne']);
132
- $updated = $wpdb->get_var($wpdb->prepare("select updated from " . NEWSLETTER_USERS_TABLE . " where ip=%s or email=%s order by updated desc limit 1", $ip, $email));
133
-
134
- if ($updated && time() - $updated < $this->options['antiflood']) {
135
- die('Too quick');
136
- }
137
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
138
 
139
- if (!empty($this->options['antibot_disable']) || $this->antibot_form_check()) {
140
- $user = $this->subscribe();
 
 
 
 
 
 
 
 
141
 
142
- if ($user->status == 'E')
143
- $this->show_message('error', $user->id);
144
- if ($user->status == 'C')
145
- $this->show_message('confirmed', $user->id);
146
- if ($user->status == 'A')
147
- $this->show_message('already_confirmed', $user->id);
148
- if ($user->status == 'S')
149
- $this->show_message('confirmation', $user->id);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
150
  } else {
151
- $this->request_to_antibot_form('Subscribe');
 
 
 
 
152
  }
153
  die();
154
 
23
 
24
  function __construct() {
25
 
26
+ parent::__construct('subscription', '2.0.4');
27
 
28
  // Must be called after the Newsletter::hook_init, since some constants are defined
29
  // there.
80
  wp_localize_script('newsletter-subscription', 'newsletter', $data);
81
  }
82
 
83
+ function ip_match($ip, $range) {
84
+ if (strpos($range, '/')) {
85
+ list ($subnet, $bits) = explode('/', $range);
86
+ $ip = ip2long($ip);
87
+ $subnet = ip2long($subnet);
88
+ $mask = -1 << (32 - $bits);
89
+ $subnet &= $mask; # nb: in case the supplied subnet wasn't correctly aligned
90
+ return ($ip & $mask) == $subnet;
91
+ } else {
92
+ return strpos($range, $ip) === 0;
93
+ }
94
+ }
95
+
96
  function hook_wp_loaded() {
97
  global $newsletter, $wpdb;
98
 
103
  if (!$user || $user->status != 'C') {
104
  die('Subscriber not found or not active.');
105
  }
106
+
107
  $email = $this->get_email_from_request();
108
  if (!$email) {
109
  die('Newsletter not found');
117
  if (!$list || $list['status'] == 0) {
118
  die('Private list.');
119
  }
120
+
121
  $url = $_REQUEST['redirect'];
122
+
123
  $this->set_user_list($user, $list_id, $_REQUEST['value']);
124
  NewsletterStatistics::instance()->add_click(wp_sanitize_redirect($url), $user->id, $email->id);
125
  wp_safe_redirect($url);
138
  // normal subscription
139
  case 's':
140
  case 'subscribe':
141
+
142
+ $ip = $this->get_remote_ip();
143
+ $email = $this->normalize_email($_REQUEST['ne']);
144
+ $antibot_logger = new NewsletterLogger('antibot');
145
+
146
+ if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
147
+ $antibot_logger->fatal($email . ' - ' . $ip . ' - HTTP method invalid');
148
+ die('Invalid');
 
149
  }
150
+
151
+ $captcha = !empty($this->options['captcha']);
152
+
153
+ if (!empty($this->options['antibot_disable']) || $this->antibot_form_check($captcha)) {
154
+
155
+
156
+ // Cannot check for administrator here, too early.
157
+ if (true) {
158
+
159
+ $this->logger->debug('Subscription of: ' . $email);
160
+ // if ($this->options['domain_check']) {
161
+ // $this->logger->debug('Domain checking');
162
+ // list($local, $domain) = explode('@', $email);
163
+ //
164
+ // $hosts = array();
165
+ // if (!getmxrr($domain, $hosts)) {
166
+ // $antibot_logger->fatal($email . ' - ' . $ip . ' - MX check failed');
167
+ // die('Blocked 0');
168
+ // }
169
+ // }
170
+
171
+ if (!empty($this->options['ip_blacklist'])) {
172
+ $this->logger->debug('IP blacklist check');
173
+ foreach ($this->options['ip_blacklist'] as $item) {
174
+ if ($this->ip_match($ip, $item)) {
175
+ $antibot_logger->fatal($email . ' - ' . $ip . ' - IP blacklisted');
176
+ header("HTTP/1.0 404 Not Found"); die();
177
+ }
178
+ }
179
+ }
180
 
181
+ if (!empty($this->options['address_blacklist'])) {
182
+ $this->logger->debug('Address blacklist check');
183
+ $rev_email = strrev($email);
184
+ foreach ($this->options['address_blacklist'] as $item) {
185
+ if (strpos($rev_email, strrev($item)) === 0) {
186
+ $antibot_logger->fatal($email . ' - ' . $ip . ' - Address blacklisted');
187
+ header("HTTP/1.0 404 Not Found"); die();
188
+ }
189
+ }
190
+ }
191
 
192
+ // Akismet check
193
+ // if (!empty($this->options['akismet']) && class_exists('Akismet')) {
194
+ // $this->logger->debug('Akismet check');
195
+ // $request = 'blog=' . urlencode(home_url()) . '&referrer=' . urlencode($_SERVER['HTTP_REFERER']) .
196
+ // '&user_agent=' . urlencode($_SERVER['HTTP_USER_AGENT']) .
197
+ // '&comment_type=signup' .
198
+ // '&comment_author_email=' . urlencode($_REQUEST['ne']) .
199
+ // '&user_ip=' . urlencode($_SERVER['REMOTE_ADDR']);
200
+ // if (isset($_REQUEST['nn'])) {
201
+ // $request .= '&comment_author=' . urlencode($_REQUEST['nn']);
202
+ // }
203
+ //
204
+ // $response = Akismet::http_post($request, 'comment-check');
205
+ //
206
+ // if ($response && $response[1] == 'true') {
207
+ // $antibot_logger->fatal($email . ' - ' . $ip . ' - Akismet blocked');
208
+ // //$this->logger->error('Reported as spam by Akismet: ' . $_REQUEST['ne'] . ' ' . $_SERVER['REMOTE_ADDR']);
209
+ // die('Blocked 3');
210
+ // }
211
+ // }
212
+
213
+ // Flood check
214
+ if (!empty($this->options['antiflood'])) {
215
+ $this->logger->debug('Antiflood check');
216
+ $email = $this->is_email($_REQUEST['ne']);
217
+ $updated = $wpdb->get_var($wpdb->prepare("select updated from " . NEWSLETTER_USERS_TABLE . " where ip=%s or email=%s order by updated desc limit 1", $ip, $email));
218
+
219
+ if ($updated && time() - $updated < $this->options['antiflood']) {
220
+ $antibot_logger->fatal($email . ' - ' . $ip . ' - Antiflood triggered');
221
+ die('Too quick');
222
+ }
223
+ }
224
+
225
+ $user = $this->subscribe();
226
+
227
+ if ($user->status == 'E')
228
+ $this->show_message('error', $user->id);
229
+ if ($user->status == 'C')
230
+ $this->show_message('confirmed', $user->id);
231
+ if ($user->status == 'A')
232
+ $this->show_message('already_confirmed', $user->id);
233
+ if ($user->status == 'S')
234
+ $this->show_message('confirmation', $user->id);
235
+ }
236
  } else {
237
+ // Temporary store data
238
+ //$data_key = wp_generate_password(16, false, false);
239
+ //set_transient('newsletter_' . $data_key, $_REQUEST, 60);
240
+ //$this->antibot_redirect($data_key);
241
+ $this->request_to_antibot_form('Subscribe', $captcha);
242
  }
243
  die();
244