Stop Spammers - Version 7.0.3

Version Description

continued general cleanup
continued design improvements
fixed SFS report messages
removed email notifications for admin logins

Release Info

Developer	bhadaway
Plugin	Stop Spammers
Version	7.0.3
Comparing to
See all releases

Code changes from version 7.0.2 to 7.0.3

Files changed (34) hide show

classes/ss_get_alreq.php +3 -3
classes/ss_get_bcache.php +1 -1
classes/ss_get_gcache.php +1 -1
classes/ss_get_options.php +1 -1
css/admin.css +2 -0
data/.sfs_debug_output.txt +0 -0
includes/ss-admin-options.php +14 -14
includes/ss_notify_admin.php +0 -21
js/sfs_handle_ajax.js +2 -2
modules/chk404.php +1 -1
modules/chkadminlog.php +1 -1
modules/chkagent.php +1 -1
modules/chkbbcode.php +1 -1
modules/chkdisp.php +1 -1
modules/chkgooglesafe.php +1 -1
modules/chkhoney.php +1 -1
modules/chklong.php +1 -1
modules/chksession.php +1 -1
modules/chkshort.php +3 -3
modules/chktld.php +1 -1
modules/chkvalidip.php +7 -7
readme.txt +7 -1
settings/ss_allowlist_settings.php +2 -0
settings/ss_allowreq.php +5 -3
settings/ss_cache.php +5 -3
settings/ss_challenge.php +4 -4
settings/ss_denylist_settings.php +2 -0
settings/ss_option_maint.php +8 -5
settings/ss_options.php +2 -0
settings/ss_reports.php +6 -18
settings/ss_summary.php +27 -26
settings/ss_threat_scan.php +3 -1
settings/ss_webservices_settings.php +2 -0
stop-spammer-registrations-new.php +3 -7

classes/ss_get_alreq.php CHANGED Viewed

	@@ -7,8 +7,8 @@ extract($stats);
7	extract($options);
8	$trash=SS_PLUGIN_URL.'images/trash.png';
9	$tdown=SS_PLUGIN_URL.'images/tdown.png';
10	- $tup=SS_PLUGIN_URL.'images/tup.png'; ~~// fix this~~
11	- $whois=SS_PLUGIN_URL.'images/whois.png'; ~~// fix this~~
12	$ajaxurl=admin_url('admin-ajax.php');
13	$show='';
14	$nwlrequests=array();
	@@ -37,7 +37,7 @@ $trsh="<a href=\"\" onclick=\"sfs_ajax_process('$key','wlreq','delete_wl_row','$
37	$addtodeny="<a href=\"\"onclick=\"sfs_ajax_process('$value[0]','$container','add_black','$ajaxurl');return false;\" title=\"Add $value[0] to Deny List\" alt=\"Add $value[0] to Deny List\" ><img src=\"$tdown\" height=\"16px\" /></a>";
38	$addtoallow="<a href=\"\"onclick=\"sfs_ajax_process('$value[0]','$container','add_white','$ajaxurl');return false;\" title=\"Add $value[0] to Allow List\" alt=\"Add $value[0] to Allow List\" ><img src=\"$tup\" height=\"16px\" /></a>";
39	$show.="<td>$key $trsh $addtodeny $addtoallow</td>";
40	- $who="<a title=\"~~whois~~\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$value[0]\"><img src=\"$whois\" height=\"16px\"/></a> ";
41	$trsh="<a href=\"\" onclick=\"sfs_ajax_process('$value[0]','wlreq','delete_wlip','$ajaxurl');return false;\" title=\"Delete all $value[0]\" alt=\"Delete all $value[0]\" ><img src=\"$trash\" height=\"16px\" /></a>";
42	$show.="<td>$value[0] $who $trsh</td>";
43	$trsh="<a href=\"\" onclick=\"sfs_ajax_process('$value[1]','wlreq','delete_wlem','$ajaxurl');return false;\" title=\"Delete all $value[1]\" alt=\"Delete all $value[1]\" ><img src=\"$trash\" height=\"16px\" /></a>";


7	extract($options);
8	$trash=SS_PLUGIN_URL.'images/trash.png';
9	$tdown=SS_PLUGIN_URL.'images/tdown.png';
10	+ $tup=SS_PLUGIN_URL.'images/tup.png';
11	+ $whois=SS_PLUGIN_URL.'images/whois.png';
12	$ajaxurl=admin_url('admin-ajax.php');
13	$show='';
14	$nwlrequests=array();

37	$addtodeny="<a href=\"\"onclick=\"sfs_ajax_process('$value[0]','$container','add_black','$ajaxurl');return false;\" title=\"Add $value[0] to Deny List\" alt=\"Add $value[0] to Deny List\" ><img src=\"$tdown\" height=\"16px\" /></a>";
38	$addtoallow="<a href=\"\"onclick=\"sfs_ajax_process('$value[0]','$container','add_white','$ajaxurl');return false;\" title=\"Add $value[0] to Allow List\" alt=\"Add $value[0] to Allow List\" ><img src=\"$tup\" height=\"16px\" /></a>";
39	$show.="<td>$key $trsh $addtodeny $addtoallow</td>";
40	+ $who="<br /><a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$value[0]\"><img src=\"$whois\" height=\"16px\"/></a> ";
41	$trsh="<a href=\"\" onclick=\"sfs_ajax_process('$value[0]','wlreq','delete_wlip','$ajaxurl');return false;\" title=\"Delete all $value[0]\" alt=\"Delete all $value[0]\" ><img src=\"$trash\" height=\"16px\" /></a>";
42	$show.="<td>$value[0] $who $trsh</td>";
43	$trsh="<a href=\"\" onclick=\"sfs_ajax_process('$value[1]','wlreq','delete_wlem','$ajaxurl');return false;\" title=\"Delete all $value[1]\" alt=\"Delete all $value[1]\" ><img src=\"$trash\" height=\"16px\" /></a>";

classes/ss_get_bcache.php CHANGED Viewed

	@@ -15,7 +15,7 @@ $search=SS_PLUGIN_URL.'images/search.png';
15	$ajaxurl=admin_url('admin-ajax.php');
16	$show='';
17	foreach ($badips as $key => $value) {
18	- $who="<a title=\"~~Check~~ WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\"/></a>";
19	$show.="<a href=\"http://www.stopforumspam.com/search?q=$key\" target=\"_stopspam\">$key: $value</a> ";
20	// try AJAX on the delete from bad cache
21	$onclick="onclick=\"sfs_ajax_process('$key','$container','$cachedel','$ajaxurl');return false;\"";


15	$ajaxurl=admin_url('admin-ajax.php');
16	$show='';
17	foreach ($badips as $key => $value) {
18	+ $who="<a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\"/></a>";
19	$show.="<a href=\"http://www.stopforumspam.com/search?q=$key\" target=\"_stopspam\">$key: $value</a> ";
20	// try AJAX on the delete from bad cache
21	$onclick="onclick=\"sfs_ajax_process('$key','$container','$cachedel','$ajaxurl');return false;\"";

classes/ss_get_gcache.php CHANGED Viewed

	@@ -15,7 +15,7 @@ $search=SS_PLUGIN_URL.'images/search.png';
15	$ajaxurl=admin_url('admin-ajax.php');
16	$show='';
17	foreach ($goodips as $key => $value) {
18	- $who="<a title=\"~~Check~~ WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\"/></a>";
19	$show.="<a href=\"http://www.stopforumspam.com/search?q=$key\" target=\"_stopspam\">$key: $value</a> ";
20	// try AJAX on the delete from bad cache
21	$onclick="onclick=\"sfs_ajax_process('$key','$container','$cachedel','$ajaxurl');return false;\"";


15	$ajaxurl=admin_url('admin-ajax.php');
16	$show='';
17	foreach ($goodips as $key => $value) {
18	+ $who="<a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\"/></a>";
19	$show.="<a href=\"http://www.stopforumspam.com/search?q=$key\" target=\"_stopspam\">$key: $value</a> ";
20	// try AJAX on the delete from bad cache
21	$onclick="onclick=\"sfs_ajax_process('$key','$container','$cachedel','$ajaxurl');return false;\"";

classes/ss_get_options.php CHANGED Viewed

	@@ -428,7 +428,7 @@ $defaults=array(
428	'ss_sp_cache_em'=>4,
429	'redirurl'=>'',
430	'logfilesize'=>0,
431	- 'rejectmessage'=>"Access Denied<br/>"
432	);
433	$defaultCOUNTRY=array( // all yes - changed to no
434	'chkAD'=>'N',


428	'ss_sp_cache_em'=>4,
429	'redirurl'=>'',
430	'logfilesize'=>0,
431	+ 'rejectmessage'=>"Access Denied<br />"
432	);
433	$defaultCOUNTRY=array( // all yes - changed to no
434	'chkAD'=>'N',

css/admin.css CHANGED Viewed

	@@ -1,3 +1,5 @@


1	#toplevel_page_stop_spammers .wp-menu-image img{max-height:20px;padding:7px 0 0}
2
3	#ss-plugin *{box-sizing:border-box}


1	+ .green{color:#4aa863}
2	+
3	#toplevel_page_stop_spammers .wp-menu-image img{max-height:20px;padding:7px 0 0}
4
5	#ss-plugin *{box-sizing:border-box}

data/.sfs_debug_output.txt ADDED Viewed

File without changes

includes/ss-admin-options.php CHANGED Viewed

	@@ -55,13 +55,13 @@ $options=ss_get_options();
55	if ($spmcount>0) {
56	// steal the Akismet stats CSS format
57	// get the path to the plugin
58	- echo "<p>Stop Spammers has prevented $spmcount spammers from registering or leaving comments.";
59	echo"</p>";
60	}
61	if (count($wlrequests)==1) {
62	- echo "<p>".count($wlrequests)." user</a> has been denied access and requested that you add them to the Allow List.</p>";
63	} else if (count($wlrequests)>0) {
64	- echo "<p>".count($wlrequests)." users</a> have been denied access and requested that you add them to the Allow List.</p>";
65	}
66	}
67	function ss_row($actions,$comment) {
	@@ -73,10 +73,10 @@ $action="";
73	// $action.="\|";
74	// $action.="<a title=\"Check Project HoneyPot\" target=\"_stopspam\" href=\"http://www.projecthoneypot.org/search_ip.php?ip=$ip\">Check HoneyPot</a>";
75	// add the network check
76	- $whois=SS_PLUGIN_URL.'images/whois.png'; ~~// fix this~~
77	- $who="<a title=\"~~Check~~ WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$ip\"><img src=\"$whois\" height=\"16px\"/></a>";
78	$stophand=SS_PLUGIN_URL.'images/stop.png';
79	- $stop="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$ip\"><img src=\"$stophand\" height=\"16px\"~~/></~~a>";
80	$action.=" $who $stop";
81	// now add the report function
82	$email=urlencode($comment->comment_author_email);
	@@ -116,7 +116,7 @@ $onclick="onclick=\"sfs_ajax_report_spam(this,'$ID','$blog','$ajaxurl');return f
116	}
117	if (!empty($email)) {
118	$action.="\|";
119	- $action.="<a $exst title=\"Report to Stop Forum Spam (SFS)\" $target $href $onclick class='delete:the-comment-list:comment-$ID::delete=1 delete vim-d vim-destructive'>Report to SFS</a>";
120	}
121	$actions['check_spam']=$action;
122	return $actions;
	@@ -193,12 +193,12 @@ exit();
193	$hget="http://www.stopforumspam.com/add.php?ip_addr=$ip_addr&api_key=$apikey&email=$email&username=$uname&evidence=$evidence";
194	// echo $hget;
195	$ret=ss_read_file($hget);
196	- if (stripos($ret,'~~data~~ ~~submitted~~ ~~successfully~~')!==false) {
197	echo $ret;
198	- } else if (stripos($ret,'~~recent~~ ~~duplicate~~ ~~entry~~')!==false) {
199	- echo ' ~~recent~~ ~~duplicate~~ ~~entry~~ ';
200	} else {
201	- echo '~~returning~~ from ~~ajax~~';
202	}
203	exit();
204	}
	@@ -232,8 +232,8 @@ if (!empty($check)) {
232	$check=trim($check);
233	$check=trim($check,'0');
234	if (substr($check,0,4)=="ERR:") {
235	- echo "Access to the Stop Forum Spam Database ~~shows~~ ~~errors~~\r\n";
236	- echo "~~response~~ ~~was~~ $check\r\n";
237	}
238	// access to the Stop Forum Spam database is working
239	$n=strpos($check,'<response success="true">');
	@@ -379,7 +379,7 @@ $username=$user_info->display_name;
379	$stopper="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$signup_ip\"><img src=\"$stophand\" height=\"16px\"/></a>";
380	$honeysearch="<a title=\"Check Project HoneyPot\" target=\"_stopspam\" href=\"https://www.projecthoneypot.org/ip_$signup_ip\"><img src=\"$search\" height=\"16px\"/></a>";
381	$botsearch="<a title=\"Check BotScout\" target=\"_stopspam\" href=\"http://botscout.com/search.htm?stype=q&sterm=$signup_ip\"><img src=\"$search\" height=\"16px\"/></a>";
382	- $who="<a title=\"WHOIS ~~Lookup~~\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$signup_ip\"><img src=\"$whois\" height=\"16px\"/></a>";
383	$action=" $who $stopper $honeysearch $botsearch";
384	$options=ss_get_options();
385	$apikey=$options['apikey'];


55	if ($spmcount>0) {
56	// steal the Akismet stats CSS format
57	// get the path to the plugin
58	+ echo "<p>Stop Spammers has prevented <strong>$spmcount</strong> spammers from registering or leaving comments.";
59	echo"</p>";
60	}
61	if (count($wlrequests)==1) {
62	+ echo "<p><strong>".count($wlrequests)."</strong> user</a> has been denied access and requested that you add them to the Allow List.</p>";
63	} else if (count($wlrequests)>0) {
64	+ echo "<p><strong>".count($wlrequests)."</strong> users</a> have been denied access and <a href='admin.php?page=ss_allowrequests'>requested</a> that you add them to the Allow List.</p>";
65	}
66	}
67	function ss_row($actions,$comment) {

73	// $action.="\|";
74	// $action.="<a title=\"Check Project HoneyPot\" target=\"_stopspam\" href=\"http://www.projecthoneypot.org/search_ip.php?ip=$ip\">Check HoneyPot</a>";
75	// add the network check
76	+ $whois=SS_PLUGIN_URL.'images/whois.png';
77	+ $who="<a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$ip\"><img src=\"$whois\" height=\"16px\"/></a>";
78	$stophand=SS_PLUGIN_URL.'images/stop.png';
79	+ $stop="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$ip\"><img src=\"$stophand\" height=\"16px\"/> </a>";
80	$action.=" $who $stop";
81	// now add the report function
82	$email=urlencode($comment->comment_author_email);

116	}
117	if (!empty($email)) {
118	$action.="\|";
119	+ $action.="<a $exst title=\"Report to Stop Forum Spam (SFS)\" $target $href $onclick class='delete:the-comment-list:comment-$ID::delete=1 delete vim-d vim-destructive'> Report to SFS</a>";
120	}
121	$actions['check_spam']=$action;
122	return $actions;

193	$hget="http://www.stopforumspam.com/add.php?ip_addr=$ip_addr&api_key=$apikey&email=$email&username=$uname&evidence=$evidence";
194	// echo $hget;
195	$ret=ss_read_file($hget);
196	+ if (stripos($ret,'Data Submitted Successfully')!==false) {
197	echo $ret;
198	+ } else if (stripos($ret,'Recent Duplicate Entry')!==false) {
199	+ echo ' Recent Duplicate Entry ';
200	} else {
201	+ echo 'Returning from AJAX';
202	}
203	exit();
204	}

232	$check=trim($check);
233	$check=trim($check,'0');
234	if (substr($check,0,4)=="ERR:") {
235	+ echo "Access to the Stop Forum Spam Database Shows Errors\r\n";
236	+ echo "Response Was: $check\r\n";
237	}
238	// access to the Stop Forum Spam database is working
239	$n=strpos($check,'<response success="true">');

379	$stopper="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$signup_ip\"><img src=\"$stophand\" height=\"16px\"/></a>";
380	$honeysearch="<a title=\"Check Project HoneyPot\" target=\"_stopspam\" href=\"https://www.projecthoneypot.org/ip_$signup_ip\"><img src=\"$search\" height=\"16px\"/></a>";
381	$botsearch="<a title=\"Check BotScout\" target=\"_stopspam\" href=\"http://botscout.com/search.htm?stype=q&sterm=$signup_ip\"><img src=\"$search\" height=\"16px\"/></a>";
382	+ $who="<br /><a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$signup_ip\"><img src=\"$whois\" height=\"16px\"/></a>";
383	$action=" $who $stopper $honeysearch $botsearch";
384	$options=ss_get_options();
385	$apikey=$options['apikey'];

includes/ss_notify_admin.php DELETED Viewed

@@ -1,21 +0,0 @@
-            -
            <?php
-            -
            if (!defined('ABSPATH')) exit;
-            -
            function ss_notify_admin_action($user_login, $user) {
-            -
            // notify admin when someone logs in
-            -
            if(!current_user_can('manage_options')){
-            -
            return;
-            -
            }
-            -
            sfs_errorsonoff();
-            -
            $website =  get_bloginfo("wpurl");
-            -
            $logintime = date('l jS F Y');
-            -
            $ip=$_SERVER['REMOTE_ADDR'];
-            -
            $subject = sprintf('An administrator of your website %s has just logged in', $website);
-            -
            $message = "Stop Spammers Message - An admin logged into your WordPress website $website on $logintime from IP: $ip ";
-            -
            wp_mail(
-            -
            get_option("admin_email")
-            -
            , $subject
-            -
            , $message
-            -
            );
-            -
            sfs_errorsonoff('off');
-            -
            }
-            -
            ?>

js/sfs_handle_ajax.js CHANGED Viewed

	@@ -52,8 +52,8 @@ sfs_ajax_who.style.color="brown";
52	sfs_ajax_who.style.fontWeight="bolder";
53	return false;
54	}
55	- sfs_ajax_who.innerHTML="~~Error~~ ~~Reporting Spam:~~"+response;
56	- sfs_ajax_who.style.color="~~red~~";
57	sfs_ajax_who.style.fontWeight="bolder";
58	alert(response);
59	return false;


52	sfs_ajax_who.style.fontWeight="bolder";
53	return false;
54	}
55	+ sfs_ajax_who.innerHTML="Status: "+response;
56	+ sfs_ajax_who.style.color="black";
57	sfs_ajax_who.style.fontWeight="bolder";
58	alert(response);
59	return false;

modules/chk404.php CHANGED Viewed

	@@ -103,7 +103,7 @@ $sname=$this->getSname();
103	// ss_cd_write_file("debug.txt","check 404 '$hit'");
104	foreach($expl as $bad) {
105	if (stripos($sname,$bad)!==false) {
106	- return "404 on ~~exploit~~ ~~attempt~~ $sname $bad";
107	} else {
108	// echo "$sname, $bad<br />";
109	}


103	// ss_cd_write_file("debug.txt","check 404 '$hit'");
104	foreach($expl as $bad) {
105	if (stripos($sname,$bad)!==false) {
106	+ return "404 on Exploit Attempt $sname $bad";
107	} else {
108	// echo "$sname, $bad<br />";
109	}

modules/chkadminlog.php CHANGED Viewed

	@@ -12,7 +12,7 @@ $pwd=$post['pwd'];
12	if (empty($log)\|\|empty($pwd)) return false;
13	$user=@wp_authenticate($log,$pwd);
14	if (!is_wp_error($user)) { // user login is good
15	- return '~~authenticated~~ ~~user~~ ~~login~~';
16	}
17	return false;
18	}


12	if (empty($log)\|\|empty($pwd)) return false;
13	$user=@wp_authenticate($log,$pwd);
14	if (!is_wp_error($user)) { // user login is good
15	+ return 'Authenticated User Login';
16	}
17	return false;
18	}

modules/chkagent.php CHANGED Viewed

	@@ -16,7 +16,7 @@ if (stripos($agent,'//www.google.com/bot.html)')!==false) return false; // fix t
16	if (stripos($agent,'bingbot)')!==false) return false; // fix this?
17	foreach ($badagents as $a) {
18	if (stripos($agent,$a)!==false) {
19	- return 'Deny List User Agent:'.$a;
20	}
21	}
22	return false;


16	if (stripos($agent,'bingbot)')!==false) return false; // fix this?
17	foreach ($badagents as $a) {
18	if (stripos($agent,$a)!==false) {
19	+ return 'Deny List User Agent: '.$a;
20	}
21	}
22	return false;

modules/chkbbcode.php CHANGED Viewed

	@@ -11,7 +11,7 @@ foreach($post as $key=>$data) {
11	foreach($bbcodes as $bb) {
12	// sfs_debug_msg("looking for $key - $bb in $data");
13	if (stripos($data,$bb)!==false) {
14	- return "~~bbcode~~ $bb in $key";
15	}
16	}
17	}


11	foreach($bbcodes as $bb) {
12	// sfs_debug_msg("looking for $key - $bb in $data");
13	if (stripos($data,$bb)!==false) {
14	+ return "BBCode $bb in $key";
15	}
16	}
17	}

modules/chkdisp.php CHANGED Viewed

	@@ -107,7 +107,7 @@ $emdomain=explode('@',$options['em']);
107	if (count($emdomain)==2&&in_array(strtolower($emdomain[1]),$disposables)) {
108	// the email is a disposable email address
109	// do you really want this guy?
110	- return 'Disposable em:'.$options['em'];
111	}
112	return false;
113	}


107	if (count($emdomain)==2&&in_array(strtolower($emdomain[1]),$disposables)) {
108	// the email is a disposable email address
109	// do you really want this guy?
110	+ return 'Disposable Email: '.$options['em'];
111	}
112	return false;
113	}

modules/chkgooglesafe.php CHANGED Viewed

	@@ -32,7 +32,7 @@ $query="https://sb-ssl.google.com/safebrowsing/api/lookup?client=stop-spammer-pl
32	$r=$this->getafile($query);
33	if (!empty($r)) {
34	if (strpos($r,'phishing')!==false\|\|strpos($r,'malware')!==false) {
35	- return 'Google Safe:'.$r;
36	}
37	}
38	}


32	$r=$this->getafile($query);
33	if (!empty($r)) {
34	if (strpos($r,'phishing')!==false\|\|strpos($r,'malware')!==false) {
35	+ return 'Google Safe: '.$r;
36	}
37	}
38	}

modules/chkhoney.php CHANGED Viewed

	@@ -22,7 +22,7 @@ if ($result[0] == 127) {
22	// [1] is numbr of days since last report
23	// spammers are type 1 to 7
24	if ($result[2]>=25 && ($result[3]>=1 && $result[3]<=7) && $result[1]>0) {
25	- return "~~dnsbl~~: $data=".$result[0].','.$result[1].','.$result[2].','.$result[3];
26	}
27	}
28	}


22	// [1] is numbr of days since last report
23	// spammers are type 1 to 7
24	if ($result[2]>=25 && ($result[3]>=1 && $result[3]<=7) && $result[1]>0) {
25	+ return "DNSBL: $data=".$result[0].','.$result[1].','.$result[2].','.$result[3];
26	}
27	}
28	}

modules/chklong.php CHANGED Viewed

	@@ -2,7 +2,7 @@
2	if (!defined('ABSPATH')) exit;
3	class chklong { // change name
4	public function process($ip,&$stats=array(),&$options=array(),&$post=array()) {
5	- $this->searchname='Email/Author/Password ~~too~~ ~~long~~';
6	if (array_key_exists('email',$post)) {
7	$email=$post['email'];
8	if (!empty($email)) {


2	if (!defined('ABSPATH')) exit;
3	class chklong { // change name
4	public function process($ip,&$stats=array(),&$options=array(),&$post=array()) {
5	+ $this->searchname='Email/Author/Password Too Long';
6	if (array_key_exists('email',$post)) {
7	$email=$post['email'];
8	if (!empty($email)) {

modules/chksession.php CHANGED Viewed

	@@ -34,7 +34,7 @@ $stime=$_COOKIE['ss_stop_spammers_time'];
34	$tm=strtotime("now")-$stime;
35	if ($tm>0&&$tm<=$sesstime) { // zero seconds is wrong, too - it means that session was set somewhere
36	// takes longer than 2 seconds to really type a comment
37	- return "~~session~~ ~~speed~~ - $tm seconds";
38	}
39	}
40	}


34	$tm=strtotime("now")-$stime;
35	if ($tm>0&&$tm<=$sesstime) { // zero seconds is wrong, too - it means that session was set somewhere
36	// takes longer than 2 seconds to really type a comment
37	+ return "Session Speed - $tm seconds";
38	}
39	}
40	}

modules/chkshort.php CHANGED Viewed

	@@ -2,12 +2,12 @@
2	if (!defined('ABSPATH')) exit;
3	class chkshort { // change name
4	public function process($ip,&$stats=array(),&$options=array(),&$post=array()) {
5	- $this->searchname='Email/Author ~~too~~ ~~short~~';
6	if (array_key_exists('email',$post)) {
7	$email=$post['email'];
8	if (!empty($email)) {
9	if (strlen($email)<5) {
10	- return "Email ~~too~~ ~~short:$~~email";
11	}
12	}
13	}
	@@ -16,7 +16,7 @@ if (!empty($post['author'])) {
16	$author=$post['author'];
17	// short author is OK?
18	if (strlen($post['author'])<3) {
19	- return "Author ~~too~~ ~~short:$~~author";
20	}
21	}
22	}


2	if (!defined('ABSPATH')) exit;
3	class chkshort { // change name
4	public function process($ip,&$stats=array(),&$options=array(),&$post=array()) {
5	+ $this->searchname='Email/Author Too Short';
6	if (array_key_exists('email',$post)) {
7	$email=$post['email'];
8	if (!empty($email)) {
9	if (strlen($email)<5) {
10	+ return "Email Too Short: $email";
11	}
12	}
13	}

16	$author=$post['author'];
17	// short author is OK?
18	if (strlen($post['author'])<3) {
19	+ return "Author Too Short: $author";
20	}
21	}
22	}

modules/chktld.php CHANGED Viewed

	@@ -23,7 +23,7 @@ if ($dlvl==0) continue;
23	$t=explode('.',$value);
24	$tt=implode(array_slice($t,count($t)-$dlvl,$dlvl), '.');
25	$tt='.'.trim(strtolower($tt));
26	- if ($ft==$tt) return "TLD Blocked: $key:$value:$ft";
27	}
28	}
29	return false;


23	$t=explode('.',$value);
24	$tt=implode(array_slice($t,count($t)-$dlvl,$dlvl), '.');
25	$tt='.'.trim(strtolower($tt));
26	+ if ($ft==$tt) return "TLD Blocked: $key: $value: $ft";
27	}
28	}
29	return false;

modules/chkvalidip.php CHANGED Viewed

	@@ -14,7 +14,7 @@ return 'Invalid IP: '.$ip;
14	}
15	// check IPv4 for local private IP addresses
16	if ($ip=='127.0.0.1') {
17	- return 'Accessing ~~site~~ ~~through~~ localhost';
18	}
19	$priv=array(
20	array('100000000000','100255255255'),
	@@ -39,28 +39,28 @@ return $e;
39	*/
40	// check for IPv6
41	$lip="127.0.0.1";
42	- if (substr($ip,0,2)=='FB'\|\|substr($ip,0,2)=='fb') 'Local IP Address:'.$ip;
43	// see if server and browser are running on same server
44	if (array_key_exists('SERVER_ADDR',$_SERVER)) {
45	$lip=$_SERVER["SERVER_ADDR"];
46	- if ($ip==$lip) return 'IP ~~same~~ as ~~server~~:'.$ip;
47	} else if (array_key_exists('LOCAL_ADDR',$_SERVER)) { // IIS 7?
48	$lip=$_SERVER["LOCAL_ADDR"];
49	- if ($ip==$lip) return 'IP ~~same~~ as ~~server~~:'.$ip;
50	} else { // IIS 6 no server address use a gethost by name? hope we never get here
51	try {
52	$lip=@gethostbyname($_SERVER['SERVER_NAME']);
53	- if ($ip==$lip) return 'IP ~~same~~ as ~~server~~:'.$ip;
54	} catch (Exception $e) {
55	// can't make this work - ignore
56	}
57	}
58	- // we can do this with ~~ip4~~ addresses - check if same /24 subnet
59	$j=strrpos($ip,'.');
60	if ($j===false) return false;
61	$k=strrpos($lip,'.');
62	if ($k===false) return false;
63	- if (substr($ip,0,$j)==substr($lip,0,$k)) return 'IP same /24 subnet as server'.$ip;
64	return false;
65	}
66	// borrowed this code - not sure of how good it is or even what it does.


14	}
15	// check IPv4 for local private IP addresses
16	if ($ip=='127.0.0.1') {
17	+ return 'Accessing Site Through localhost';
18	}
19	$priv=array(
20	array('100000000000','100255255255'),

39	*/
40	// check for IPv6
41	$lip="127.0.0.1";
42	+ if (substr($ip,0,2)=='FB'\|\|substr($ip,0,2)=='fb') 'Local IP Address: '.$ip;
43	// see if server and browser are running on same server
44	if (array_key_exists('SERVER_ADDR',$_SERVER)) {
45	$lip=$_SERVER["SERVER_ADDR"];
46	+ if ($ip==$lip) return 'IP Same as Server: '.$ip;
47	} else if (array_key_exists('LOCAL_ADDR',$_SERVER)) { // IIS 7?
48	$lip=$_SERVER["LOCAL_ADDR"];
49	+ if ($ip==$lip) return 'IP Same as Server: '.$ip;
50	} else { // IIS 6 no server address use a gethost by name? hope we never get here
51	try {
52	$lip=@gethostbyname($_SERVER['SERVER_NAME']);
53	+ if ($ip==$lip) return 'IP Same as Server: '.$ip;
54	} catch (Exception $e) {
55	// can't make this work - ignore
56	}
57	}
58	+ // we can do this with IPv4 addresses - check if same /24 subnet
59	$j=strrpos($ip,'.');
60	if ($j===false) return false;
61	$k=strrpos($lip,'.');
62	if ($k===false) return false;
63	+ if (substr($ip,0,$j)==substr($lip,0,$k)) return 'IP same /24 subnet as server '.$ip;
64	return false;
65	}
66	// borrowed this code - not sure of how good it is or even what it does.

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Contributors: bhadaway, Keith Graham
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=DTRTUYSPKJN8N
5	Tags: spam, antispam, anti-spam, spam blocker, block spam, signup spam, comment spam, spam filter, registration spam, spammer, spammers, spamming, xss, malware, virus, captcha, comment, comments, contact, contact form, contact forms, form, forms, login, multisite, protection, register, registration, security, signup, trackback, trackbacks, user registration spam, widget
6	- Tested up to: 4.~~7.4~~
7	Stable tag: trunk
8	License: https://www.gnu.org/licenses/gpl.html
9
	@@ -36,6 +36,12 @@ OR
36
37	== Changelog ==
38






39	= 7.0.2 =
40	* continued general cleanup
41	* continued design improvements


3	Contributors: bhadaway, Keith Graham
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=DTRTUYSPKJN8N
5	Tags: spam, antispam, anti-spam, spam blocker, block spam, signup spam, comment spam, spam filter, registration spam, spammer, spammers, spamming, xss, malware, virus, captcha, comment, comments, contact, contact form, contact forms, form, forms, login, multisite, protection, register, registration, security, signup, trackback, trackbacks, user registration spam, widget
6	+ Tested up to: 4.8
7	Stable tag: trunk
8	License: https://www.gnu.org/licenses/gpl.html
9

36
37	== Changelog ==
38
39	+ = 7.0.3 =
40	+ * continued general cleanup
41	+ * continued design improvements
42	+ * fixed SFS report messages
43	+ * removed email notifications for admin logins
44	+
45	= 7.0.2 =
46	* continued general cleanup
47	* continued design improvements

settings/ss_allowlist_settings.php CHANGED Viewed

	@@ -41,11 +41,13 @@ $options[$check]=$v;
41	}
42	ss_set_options($options);
43	extract($options); // extract again to get the new options

44	}
45	$nonce=wp_create_nonce('ss_stopspam_update');
46	?>
47	<div id="ss-plugin" class="wrap">
48	<h1>Stop Spammers — Allow Lists</h1>

49	<form method="post" action="">
50	<input type="hidden" name="action" value="update" />
51	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce; ?>" />


41	}
42	ss_set_options($options);
43	extract($options); // extract again to get the new options
44	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
45	}
46	$nonce=wp_create_nonce('ss_stopspam_update');
47	?>
48	<div id="ss-plugin" class="wrap">
49	<h1>Stop Spammers — Allow Lists</h1>
50	+ <?php if (!empty($msg)) echo "$msg"; ?>
51	<form method="post" action="">
52	<input type="hidden" name="action" value="update" />
53	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce; ?>" />

settings/ss_allowreq.php CHANGED Viewed

	@@ -25,11 +25,13 @@ $wlrequests=array();
25	$stats['wlrequests']=$wlrequests;
26	ss_set_stats($stats);
27	}

28	}
29	$nonce=wp_create_nonce('ss_stopspam_update');
30	?>
31	<div id="ss-plugin" class="wrap">
32	<h1>Stop Spammers — Allow Requests</h1>

33	<p>When users are blocked they can fill out a form asking to be added to the allow list. Any users that have filled out the form will appear below. Some spam robots fill in any form that they find so their may be some garbage here.</p>
34	<?php
35	if (count($wlrequests)==0) {
	@@ -45,7 +47,7 @@ else {
45	</form>
46	<?php
47	?>
48	- <table style="background-color:#eee" cellspacing="2">
49	<thead>
50	<tr style="background-color:ivory;text-align:center"><th>Time</th><th>IP</th><th>Email</th><th>Reason</th><th>URL</th></tr>
51	</thead>
	@@ -54,8 +56,8 @@ else {
54	$show='';
55	$cont='wlreqs';
56	// wlrequs has an array of arrays
57	- // time,ip,email,author,~~reasion~~,info,sname
58	- // time,ip,email,author,~~reasion~~,info,sname
59	// use the be_load to get badips
60	$options=ss_get_options();
61	$stats=ss_get_stats();


25	$stats['wlrequests']=$wlrequests;
26	ss_set_stats($stats);
27	}
28	+ $msg='<div class="notice notice-success"><p>Requests Cleared</p></div>';
29	}
30	$nonce=wp_create_nonce('ss_stopspam_update');
31	?>
32	<div id="ss-plugin" class="wrap">
33	<h1>Stop Spammers — Allow Requests</h1>
34	+ <?php if (!empty($msg)) echo "$msg"; ?>
35	<p>When users are blocked they can fill out a form asking to be added to the allow list. Any users that have filled out the form will appear below. Some spam robots fill in any form that they find so their may be some garbage here.</p>
36	<?php
37	if (count($wlrequests)==0) {

47	</form>
48	<?php
49	?>
50	+ <table width="100%" style="background-color:#eee" cellspacing="2">
51	<thead>
52	<tr style="background-color:ivory;text-align:center"><th>Time</th><th>IP</th><th>Email</th><th>Reason</th><th>URL</th></tr>
53	</thead>

56	$show='';
57	$cont='wlreqs';
58	// wlrequs has an array of arrays
59	+ // time,ip,email,author,reason,info,sname
60	+ // time,ip,email,author,reason,info,sname
61	// use the be_load to get badips
62	$options=ss_get_options();
63	$stats=ss_get_stats();

settings/ss_cache.php CHANGED Viewed

	@@ -40,13 +40,15 @@ $goodips=array();
40	$stats['badips']=$badips;
41	$stats['goodips']=$goodips;
42	ss_set_stats($stats);
43	- echo "<h2>Cache Cleared</h2>";
44	- }

45	}
46	$nonce=wp_create_nonce('ss_stopspam_update');
47	?>
48	<div id="ss-plugin" class="wrap">
49	<h1>Stop Spammers — Cache</h1>

50	<p>Whenever a user tries to leave a comment, register, or login, they are recorded in the Good Cache if they pass or the Bad Cache if they fail. If a user is blocked from access, they are added to the Bad Cache. You can see the caches here. The caches clear themselves over time, but if you are getting lots of spam it is a good idea to clear these out manually by pressing the "Clear Cache" button.</p>
51	<form method="post" action="">
52	<input type="hidden" name="update_options" value="update" />
	@@ -135,7 +137,7 @@ $onclick="onclick=\"sfs_ajax_process('$key','$cont','add_black','$ajaxurl');retu
135	$show.=" <a href=\"\" $onclick title=\"Add to $key Deny List\" alt=\"Add to Deny List\" ><img src=\"$tdown\" height=\"16px\" /></a> ";
136	$onclick="onclick=\"sfs_ajax_process('$key','$cont','add_white','$ajaxurl');return false;\"";
137	$show.=" <a href=\"\" $onclick title=\"Add to $key Allow List\" alt=\"Add to Allow List\" ><img src=\"$tup\" height=\"16px\" /></a> ";
138	- $who="<a title=\"~~whois~~\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\" /></a> ";
139	$show.=$who;
140	$show.="<br />";
141	}


40	$stats['badips']=$badips;
41	$stats['goodips']=$goodips;
42	ss_set_stats($stats);
43	+ echo "<div class='notice notice-success'><p>Cache Cleared</p></div>";
44	+ }
45	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
46	}
47	$nonce=wp_create_nonce('ss_stopspam_update');
48	?>
49	<div id="ss-plugin" class="wrap">
50	<h1>Stop Spammers — Cache</h1>
51	+ <?php if (!empty($msg)) echo "$msg"; ?>
52	<p>Whenever a user tries to leave a comment, register, or login, they are recorded in the Good Cache if they pass or the Bad Cache if they fail. If a user is blocked from access, they are added to the Bad Cache. You can see the caches here. The caches clear themselves over time, but if you are getting lots of spam it is a good idea to clear these out manually by pressing the "Clear Cache" button.</p>
53	<form method="post" action="">
54	<input type="hidden" name="update_options" value="update" />

137	$show.=" <a href=\"\" $onclick title=\"Add to $key Deny List\" alt=\"Add to Deny List\" ><img src=\"$tdown\" height=\"16px\" /></a> ";
138	$onclick="onclick=\"sfs_ajax_process('$key','$cont','add_white','$ajaxurl');return false;\"";
139	$show.=" <a href=\"\" $onclick title=\"Add to $key Allow List\" alt=\"Add to Allow List\" ><img src=\"$tup\" height=\"16px\" /></a> ";
140	+ $who="<a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$key\"><img src=\"$whois\" height=\"16px\" /></a> ";
141	$show.=$who;
142	$show.="<br />";
143	}

settings/ss_challenge.php CHANGED Viewed

	@@ -69,15 +69,15 @@ $msg="You cannot use Solve Media CAPTCHA unless you have entered an API key";
69	}
70	ss_set_options($options);
71	extract($options); // extract again to get the new options
72	- }

73	}
74	$nonce=wp_create_nonce('ss_stopspam_update');
75	?>
76	<div id="ss-plugin" class="wrap">
77	<h1>Stop Spammers — Challenge and Deny</h1>
78	- <?php
79	- if (!empty($msg)) echo "<span style=\"color:red;size=2em;\">$msg</span>";
80	- ?>
81	<form method="post" action="">
82	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />
83	<input type="hidden" name="action" value="update challenge" />


69	}
70	ss_set_options($options);
71	extract($options); // extract again to get the new options
72	+ }
73	+ $update='<div class="notice notice-success"><p>Options Updated</p></div>';
74	}
75	$nonce=wp_create_nonce('ss_stopspam_update');
76	?>
77	<div id="ss-plugin" class="wrap">
78	<h1>Stop Spammers — Challenge and Deny</h1>
79	+ <?php if (!empty($update)) echo "$update"; ?>
80	+ <?php if (!empty($msg)) echo "<span style=\"color:red;size=2em;\">$msg</span>"; ?>

81	<form method="post" action="">
82	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />
83	<input type="hidden" name="action" value="update challenge" />

settings/ss_denylist_settings.php CHANGED Viewed

	@@ -70,11 +70,13 @@ $options[$check]=$v;
70	}
71	ss_set_options($options);
72	extract($options);

73	}
74	$nonce=wp_create_nonce('ss_stopspam_update');
75	?>
76	<div id="ss-plugin" class="wrap">
77	<h1>Stop Spammers — Block Lists</h1>

78	<form method="post" action="">
79	<input type="hidden" name="action" value="update" />
80	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce; ?>" />


70	}
71	ss_set_options($options);
72	extract($options);
73	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
74	}
75	$nonce=wp_create_nonce('ss_stopspam_update');
76	?>
77	<div id="ss-plugin" class="wrap">
78	<h1>Stop Spammers — Block Lists</h1>
79	+ <?php if (!empty($msg)) echo "$msg"; ?>
80	<form method="post" action="">
81	<input type="hidden" name="action" value="update" />
82	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce; ?>" />

settings/ss_option_maint.php CHANGED Viewed

	@@ -1,14 +1,17 @@
1	<?php
2	- // this is a version of my Options Optimizer plugin - it works better in this context
3	if (!defined('ABSPATH')) exit; // just in case
4	- if(!current_user_can('manage_options')) {
5	- die('Access Denied');

6	}
7	ss_fix_post_vars();
8	?>
9	<div id="ss-plugin" class="wrap">
10	<h1>Stop Spammers — DB Cleanup</h1>
11	- <p ~~class="notice~~ ~~notice-warning">This~~ ~~feature~~ is ~~to be considered experimental. Use with caution and at your own risk.</p>~~



12	<p>Plugins often don't clean up their mess when they are uninstalled. Some malicious themes and plugins use WordPress options to store some information.</p>
13	<p>This function allows you inspect and delete orphan or suspicious options and to change plugin options so that they don´t autoload. </p>
14	<p>In WordPress, some options are loaded whenever WordPress loads a page. These are marked as autoload options. This is done to speed up WordPress and prevent the programs from hitting the database every time some plugin needs to look up an option. Automatic loading of options at startup makes WordPress fast, but it can also use up memory for options that will seldom or never be used.</p>
	@@ -117,7 +120,7 @@ $nonce=wp_create_nonce('ss_update');
117	?>
118	<form method="POST" name="DOIT2" action="">
119	<input type="hidden" name="ss_opt_control" value="<?php echo $nonce; ?>" />
120	- <table bgcolor="#b0b0b0" cellspacing='1' cellpadding="4">
121	<thead>
122	<tr bgcolor="#fff">
123	<th>Option</th>


1	<?php

2	if (!defined('ABSPATH')) exit; // just in case
3	+ if (!current_user_can('manage_options')) {
4	+ die ('Access Denied');
5	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
6	}
7	ss_fix_post_vars();
8	?>
9	<div id="ss-plugin" class="wrap">
10	<h1>Stop Spammers — DB Cleanup</h1>
11	+ <?php if (!empty($msg)) echo "$msg"; ?>
12	+ <div class="notice notice-warning">
13	+ <p>This feature is to be considered experimental. Use with caution and at your own risk.</p>
14	+ </div>
15	<p>Plugins often don't clean up their mess when they are uninstalled. Some malicious themes and plugins use WordPress options to store some information.</p>
16	<p>This function allows you inspect and delete orphan or suspicious options and to change plugin options so that they don´t autoload. </p>
17	<p>In WordPress, some options are loaded whenever WordPress loads a page. These are marked as autoload options. This is done to speed up WordPress and prevent the programs from hitting the database every time some plugin needs to look up an option. Automatic loading of options at startup makes WordPress fast, but it can also use up memory for options that will seldom or never be used.</p>

120	?>
121	<form method="POST" name="DOIT2" action="">
122	<input type="hidden" name="ss_opt_control" value="<?php echo $nonce; ?>" />
123	+ <table width="100%" bgcolor="#b0b0b0" cellspacing='1' cellpadding="4">
124	<thead>
125	<tr bgcolor="#fff">
126	<th>Option</th>

settings/ss_options.php CHANGED Viewed

	@@ -68,11 +68,13 @@ $options['multicnt']=$multicnt;
68	}
69	ss_set_options($options);
70	extract($options); // extract again to get the new options

71	}
72	$nonce=wp_create_nonce('ss_stopspam_update');
73	?>
74	<div id="ss-plugin" class="wrap">
75	<h1>Stop Spammers — Protection Options</h1>

76	<form method="post" action="" name="ss">
77	<input type="hidden" name="action" value="update" />
78	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />


68	}
69	ss_set_options($options);
70	extract($options); // extract again to get the new options
71	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
72	}
73	$nonce=wp_create_nonce('ss_stopspam_update');
74	?>
75	<div id="ss-plugin" class="wrap">
76	<h1>Stop Spammers — Protection Options</h1>
77	+ <?php if (!empty($msg)) echo "$msg"; ?>
78	<form method="post" action="" name="ss">
79	<input type="hidden" name="action" value="update" />
80	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />

settings/ss_reports.php CHANGED Viewed

	@@ -35,30 +35,20 @@ $spdate=$now;
35	$stats['spdate']=$spdate;
36	ss_set_stats($stats);
37	extract($stats); // extract again to get the new options
38	- $msg="~~History~~ Log Cleared";
39	}
40	if (array_key_exists('ss_stop_update_log_size',$_POST)) {
41	// update log size
42	if (array_key_exists('ss_sp_hist',$_POST)){
43	$ss_sp_hist=stripslashes($_POST['ss_sp_hist']);
44	$options['ss_sp_hist']=$ss_sp_hist;
45	- $msg="~~Log~~ ~~size~~ ~~updated~~";
46	// update the options
47	ss_set_options($options);
48	}
49	}
50	}
51	- if (!empty($msg)) echo "~~<h3>$~~msg~~</h3>~~";
52	- if ($spmcount>0) {
53	- ?>
54	- <h2>Stop Spammers has stopped <?php echo $spmcount; ?> spammers since <?php echo $spmdate; ?>.</h2>
55	- <?php
56	- }
57	- if ($spcount>0) {
58	- ?>
59	- <h2>Stop Spammers has stopped <?php echo $spcount; ?> spammers since <?php echo $spdate; ?>.</h2>
60	- <?php
61	- }
62	$num_comm = wp_count_comments( );
63	$num = number_format_i18n($num_comm->spam);
64	if ($num_comm->spam>0 && SS_MU!='Y') {
	@@ -75,8 +65,6 @@ if ($num_comm->moderated>0 && SS_MU!='Y') {
75	}
76	$nonce=wp_create_nonce('ss_stopspam_update');
77	?>
78	- <hr />
79	- <h2>Recent Activity</h2>
80	<script>
81	// setTimeout(function(){
82	// window.location.reload(1);
	@@ -109,7 +97,7 @@ Select the number of items to save in the History. Keep this small.<br />
109	</p>
110	<?php
111	if (empty($hist)) {
112	- echo "<p>Nothing in ~~Logs</~~p>";
113	} else {
114	?>
115	<table style="width:100%;background-color:#eee" cellspacing="2">
	@@ -130,7 +118,7 @@ if (function_exists('is_multisite') && is_multisite()) {
130	?>
131	</tr>
132	<?php
133	- // sort ~~hist~~ by date descending
134	krsort($hist);
135	foreach($hist as $key=>$data) {
136	// $hist[$now]=array($ip,$email,$author,$sname,'begin');
	@@ -150,7 +138,7 @@ $reason="passed";
150	$stopper="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$ip\"><img src=\"$stophand\" height=\"16px\" /></a>";
151	$honeysearch="<a title=\"Check project HoneyPot\" target=\"_stopspam\" href=\"https://www.projecthoneypot.org/ip_$ip\"><img src=\"$search\" height=\"16px\" /></a>";
152	$botsearch="<a title=\"Check BotScout\" target=\"_stopspam\" href=\"http://botscout.com/search.htm?stype=q&sterm=$ip\"><img src=\"$search\" height=\"16px\" /></a>";
153	- $who="<br /><a title=\"WHOIS ~~Lookup~~\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$ip\"><img src=\"$whois\" height=\"16px\" /></a>";
154	echo "<tr style=\"background-color:white\">
155	<td>$dt</td>
156	<td>$em</td>


35	$stats['spdate']=$spdate;
36	ss_set_stats($stats);
37	extract($stats); // extract again to get the new options
38	+ $msg="<div class='notice notice-success'><p>Activity Log Cleared</p></div>";
39	}
40	if (array_key_exists('ss_stop_update_log_size',$_POST)) {
41	// update log size
42	if (array_key_exists('ss_sp_hist',$_POST)){
43	$ss_sp_hist=stripslashes($_POST['ss_sp_hist']);
44	$options['ss_sp_hist']=$ss_sp_hist;
45	+ $msg="<div class='notice notice-success'><p>Options Updated</p></div>";
46	// update the options
47	ss_set_options($options);
48	}
49	}
50	}
51	+ if (!empty($msg)) echo "$msg";










52	$num_comm = wp_count_comments( );
53	$num = number_format_i18n($num_comm->spam);
54	if ($num_comm->spam>0 && SS_MU!='Y') {

65	}
66	$nonce=wp_create_nonce('ss_stopspam_update');
67	?>


68	<script>
69	// setTimeout(function(){
70	// window.location.reload(1);

97	</p>
98	<?php
99	if (empty($hist)) {
100	+ echo "<p>Nothing in logs.</p>";
101	} else {
102	?>
103	<table style="width:100%;background-color:#eee" cellspacing="2">

118	?>
119	</tr>
120	<?php
121	+ // sort list by date descending
122	krsort($hist);
123	foreach($hist as $key=>$data) {
124	// $hist[$now]=array($ip,$email,$author,$sname,'begin');

138	$stopper="<a title=\"Check Stop Forum Spam (SFS)\" target=\"_stopspam\" href=\"http://www.stopforumspam.com/search.php?q=$ip\"><img src=\"$stophand\" height=\"16px\" /></a>";
139	$honeysearch="<a title=\"Check project HoneyPot\" target=\"_stopspam\" href=\"https://www.projecthoneypot.org/ip_$ip\"><img src=\"$search\" height=\"16px\" /></a>";
140	$botsearch="<a title=\"Check BotScout\" target=\"_stopspam\" href=\"http://botscout.com/search.htm?stype=q&sterm=$ip\"><img src=\"$search\" height=\"16px\" /></a>";
141	+ $who="<br /><a title=\"Look Up WHOIS\" target=\"_stopspam\" href=\"http://lacnic.net/cgi-bin/lacnic/whois?lg=EN&query=$ip\"><img src=\"$whois\" height=\"16px\" /></a>";
142	echo "<tr style=\"background-color:white\">
143	<td>$dt</td>
144	<td>$em</td>

settings/ss_summary.php CHANGED Viewed

	@@ -213,7 +213,7 @@ $stats[$v1]=0;
213	}
214	$addonstats=array();
215	$stats['addonstats']=$addonstats;
216	- $msg='<p class="notice notice-success">Summary Cleared</p>';
217	ss_set_stats($stats);
218	extract($stats); // extract again to get the new options
219	}
	@@ -228,9 +228,9 @@ $nonce=wp_create_nonce('ss_stopspam_update');
228	?>
229	<div id="ss-plugin" class="wrap">
230	<h1>Stop Spammers — Summary</h1>
231	- <p>Version <?php echo SS_VERSION; ?></p>
232	<?php
233	- if (!empty($msg)) echo "~~<h2>$~~msg~~</h2>~~";
234	$current_user_name=wp_get_current_user()->user_login;
235	if ($current_user_name=='admin') {
236	echo "<p style=\"color:red;font-style::italic;\">You are using the admin id \"admin\". This is
	@@ -242,7 +242,7 @@ Here is discussion on WordPress.org:
242	$showcf=false; // hide this for now
243	if ($showcf && array_key_exists('HTTP_CF_CONNECTING_IP',$_SERVER)&& !function_exists( 'cloudflare_init' ) &&!defined('W3TC') ){
244	echo "<p style=\"color:red;font-style::italic;\">
245	- Cloudflare Remote IP address detected. Please install the <a href=\"~~http~~://wordpress.org/plugins/cloudflare/\" target=\"_blank\">Cloudflare Plugin</a>.
246	This plugin works best with the Cloudflare plugin when yout website is using Cloudflare.
247	</p>";
248	}
	@@ -255,15 +255,15 @@ el.style.display="block";
255	return false;
256	}
257	</script>
258	- <h2>Stop Spammers in total has stopped <a ~~style="text-decoration:none;color:black;"~~ href="" onclick="showcheat();return false;"><?php echo $spmcount; ?></a> spammers since <?php echo $spmdate; ?>.</h2>
259	- <div id="cheater" style="display:none;">
260	This is cheating! Enter a new Total Spam Count:<br />
261	<form method="post" action="">
262	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />
263	- <input type="hidden" name="update_total" value="~~update~~ ~~total~~" />
264	- Count:<input type="text" name="spmcount" value="<?php echo $spmcount~~;?>~~" /><br />
265	- Date: <input type="text" name="spmdate" value="<?php echo $spmdate~~;?>~~" /><br />
266	- <p class="submit" style="clear:both;"><input class="button-primary" value="~~update~~ ~~total~~ ~~spam~~" type="submit" /></p>
267	</form>
268	</p>
269	</div>
	@@ -271,7 +271,7 @@ Date: <input type="text" name="spmdate" value="<?php echo $spmdate;?>" /><br />
271	}
272	if ($spcount>0) {
273	?>
274	- <h2>Stop Spammers has stopped <?php echo $spcount; ?> spammers since <?php echo $spdate; ?>.</h2>
275	<?php
276	}
277	$num_comm = wp_count_comments( );
	@@ -303,23 +303,11 @@ $summry.= "<div class='stat-box'>$key: ".$data[0]."</div>";
303	}
304	if (!empty($summry)) {
305	?>
306	- <hr />
307	- <fieldset>
308	- <legend><span style="font-weight:bold;font-size:1.2em">Summary of Spam</span></legend>
309	- <?php
310	- echo $summry;
311	- ?>
312	- <form method="post" action="">
313	- <input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />
314	- <input type="hidden" name="clear" value="clear summary" />
315	- <p class="submit" style="clear:both"><input class="button-primary" value="Clear Summary" type="submit" /></p>
316	- </form>
317	- </fieldset>
318	<?php
319	}
320	$ip =ss_get_ip();
321	?>
322	- <p>Your current IP address is: <span ~~style~~="~~font-weight:bold;font-size:1.1em~~"><?php echo $ip~~;?></~~span><p>
323	<?php
324	// check the IP to see if we are local
325	$ansa=be_load('chkvalidip',ss_get_ip());
	@@ -344,7 +332,18 @@ $sname=$_SERVER["SCRIPT_NAME"];
344	}
345	if (strpos($sname,'?')!==false) $sname=substr($sname,0,strpos($sname,'?'));
346	?>
347	- <h2>~~Support and Help Improve Stop Spammers</h2>~~











348	<p>Please post all issues, bugs, typos, questions, suggestions, requests, and complaints <a href="https://github.com/bhadaway/stop-spammers/issues" target="_blank">on GitHub</a>. Thank you.</p>
349	<h2>Plugin Options</h2>
350	<ul>
	@@ -360,7 +359,9 @@ if (strpos($sname,'?')!==false) $sname=substr($sname,0,strpos($sname,'?'));
360	<li><a href="?page=ss_diagnostics">Diagnostics</a>: You can use this to test an IP, email or, comment against all of the options. This can tell you more about why an IP address might fail. It will also show you any options that might crash the plugin on your site due to system settings.</li>
361	</ul>
362	<h2>Beta Options</h2>
363	- <p class="notice notice-warning"~~>These~~ ~~features are to be considered experimental. Use with caution and at your own risk.</p~~>


364	<ul>
365	<li><a href="?page=ss_option_maint">DB Cleanup</a>: Delete leftover options from deleted plugins or anything that appears suspicious.</li>
366	<li><a href="?page=ss_threat_scan">Threat Scan</a>: A simple scan to find possibly malicious code.</li>


213	}
214	$addonstats=array();
215	$stats['addonstats']=$addonstats;
216	+ $msg='<div class="notice notice-success"><p>Summary Cleared</p></div>';
217	ss_set_stats($stats);
218	extract($stats); // extract again to get the new options
219	}

228	?>
229	<div id="ss-plugin" class="wrap">
230	<h1>Stop Spammers — Summary</h1>
231	+ <p>Version <span class="green"><?php echo SS_VERSION; ?></span></p>
232	<?php
233	+ if (!empty($msg)) echo "$msg";
234	$current_user_name=wp_get_current_user()->user_login;
235	if ($current_user_name=='admin') {
236	echo "<p style=\"color:red;font-style::italic;\">You are using the admin id \"admin\". This is

242	$showcf=false; // hide this for now
243	if ($showcf && array_key_exists('HTTP_CF_CONNECTING_IP',$_SERVER)&& !function_exists( 'cloudflare_init' ) &&!defined('W3TC') ){
244	echo "<p style=\"color:red;font-style::italic;\">
245	+ Cloudflare Remote IP address detected. Please install the <a href=\"https://wordpress.org/plugins/cloudflare/\" target=\"_blank\">Cloudflare Plugin</a>.
246	This plugin works best with the Cloudflare plugin when yout website is using Cloudflare.
247	</p>";
248	}

255	return false;
256	}
257	</script>
258	+ <p>Stop Spammers in total has stopped <a href="" onclick="showcheat();return false;" class="green"><?php echo $spmcount; ?></a> spammers since <?php echo $spmdate; ?>.</p>
259	+ <div id="cheater" style="display:none">
260	This is cheating! Enter a new Total Spam Count:<br />
261	<form method="post" action="">
262	<input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce;?>" />
263	+ <input type="hidden" name="update_total" value="Update Total" />
264	+ Count:<input type="text" name="spmcount" value="<?php echo $spmcount; ?>" /><br />
265	+ Date: <input type="text" name="spmdate" value="<?php echo $spmdate; ?>" /><br />
266	+ <p class="submit" style="clear:both"><input class="button-primary" value="Update Total Spam" type="submit" /></p>
267	</form>
268	</p>
269	</div>

271	}
272	if ($spcount>0) {
273	?>
274	+ <p>Stop Spammers has stopped <span class="green"><?php echo $spcount; ?></span> spammers since <?php echo $spdate; ?>.</p>
275	<?php
276	}
277	$num_comm = wp_count_comments( );

303	}
304	if (!empty($summry)) {
305	?>












306	<?php
307	}
308	$ip =ss_get_ip();
309	?>
310	+ <p>Your current IP address is: <span class="green"><?php echo $ip; ?></span><p>
311	<?php
312	// check the IP to see if we are local
313	$ansa=be_load('chkvalidip',ss_get_ip());

332	}
333	if (strpos($sname,'?')!==false) $sname=substr($sname,0,strpos($sname,'?'));
334	?>
335	+ <fieldset>
336	+ <legend><span style="font-weight:bold;font-size:1.2em">Summary of Spam</span></legend>
337	+ <?php
338	+ echo $summry;
339	+ ?>
340	+ <form method="post" action="">
341	+ <input type="hidden" name="ss_stop_spammers_control" value="<?php echo $nonce; ?>" />
342	+ <input type="hidden" name="clear" value="clear summary" />
343	+ <p class="submit" style="clear:both"><input class="button-primary" value="Clear Summary" type="submit" /></p>
344	+ </form>
345	+ </fieldset>
346	+ <h2>Get Support and Help Improve Stop Spammers</h2>
347	<p>Please post all issues, bugs, typos, questions, suggestions, requests, and complaints <a href="https://github.com/bhadaway/stop-spammers/issues" target="_blank">on GitHub</a>. Thank you.</p>
348	<h2>Plugin Options</h2>
349	<ul>

359	<li><a href="?page=ss_diagnostics">Diagnostics</a>: You can use this to test an IP, email or, comment against all of the options. This can tell you more about why an IP address might fail. It will also show you any options that might crash the plugin on your site due to system settings.</li>
360	</ul>
361	<h2>Beta Options</h2>
362	+ <span class="notice notice-warning" style="display:block">
363	+ <p>These features are to be considered experimental. Use with caution and at your own risk.</p>
364	+ </span>
365	<ul>
366	<li><a href="?page=ss_option_maint">DB Cleanup</a>: Delete leftover options from deleted plugins or anything that appears suspicious.</li>
367	<li><a href="?page=ss_threat_scan">Threat Scan</a>: A simple scan to find possibly malicious code.</li>

settings/ss_threat_scan.php CHANGED Viewed

	@@ -19,7 +19,9 @@ $nonce=wp_create_nonce('ss_stopspam_update');
19	?>
20	<div id="ss-plugin" class="wrap">
21	<h1>Stop Spammers — Threat Scan</h1>
22	- <p class="notice notice-warning">~~This feature is to be considered experimental. Use with caution and at your own risk.</p>~~


23	<p>This is a very simple threat scan that looks for things out of place in the content directory as well as the database.</p>
24	<p>The process searches PHP files for the occurrence of the eval() function, which, although a valuable part of PHP is also the door that hackers use in order to infect systems. The eval() function is avoided by many programmers unless there is a real need. It is often used by hackers to hide their malicious code or to inject future threats into infected systems. If you find a theme or a plugin that uses the eval() function it is safer to delete it and ask the author to provide a new version that does not use this function.</p>
25	<p>The scan can take a few seconds and on larger or slower systems can time-out.</p>


19	?>
20	<div id="ss-plugin" class="wrap">
21	<h1>Stop Spammers — Threat Scan</h1>
22	+ <div class="notice notice-warning">
23	+ <p>This feature is to be considered experimental. Use with caution and at your own risk.</p>
24	+ </div>
25	<p>This is a very simple threat scan that looks for things out of place in the content directory as well as the database.</p>
26	<p>The process searches PHP files for the occurrence of the eval() function, which, although a valuable part of PHP is also the door that hackers use in order to infect systems. The eval() function is avoided by many programmers unless there is a real need. It is often used by hackers to hide their malicious code or to inject future threats into infected systems. If you find a theme or a plugin that uses the eval() function it is safer to delete it and ask the author to provide a new version that does not use this function.</p>
27	<p>The scan can take a few seconds and on larger or slower systems can time-out.</p>

settings/ss_webservices_settings.php CHANGED Viewed

	@@ -62,11 +62,13 @@ $options[$check]=$v;
62	ss_set_options($options);
63	extract($options); // extract again to get the new options
64	}

65	}
66	$nonce=wp_create_nonce('ss_stopspam_update');
67	?>
68	<div id="ss-plugin" class="wrap">
69	<h1>Stop Spammers — Web Services</h1>

70	<p>There are many services that can be used to check for spam or protect your website against spammers. Most require a key so that only registered users can use their services. All of the services here can be used by Stop Spammers and all are free.</p>
71	<form method="post" action="">
72	<input type="hidden" name="action" value="update" />


62	ss_set_options($options);
63	extract($options); // extract again to get the new options
64	}
65	+ $msg='<div class="notice notice-success"><p>Options Updated</p></div>';
66	}
67	$nonce=wp_create_nonce('ss_stopspam_update');
68	?>
69	<div id="ss-plugin" class="wrap">
70	<h1>Stop Spammers — Web Services</h1>
71	+ <?php if (!empty($msg)) echo "$msg"; ?>
72	<p>There are many services that can be used to check for spam or protect your website against spammers. Most require a key so that only registered users can use their services. All of the services here can be used by Stop Spammers and all are free.</p>
73	<form method="post" action="">
74	<input type="hidden" name="action" value="update" />

stop-spammer-registrations-new.php CHANGED Viewed

	@@ -1,15 +1,15 @@
1	<?php
2	/*
3	- Plugin Name: Stop Spammers ~~Spam Control~~
4	Plugin URI: https://wordpress.org/plugins/stop-spammer-registrations-plugin/
5	Description: The Stop Spammers plugin blocks spammers from leaving comments or logging in. It protects sites from robot registrations and malicious attacks.
6	Author: Bryan Hadaway
7	Author URI: https://calmestghost.com/
8	- Version: 7.0.2
9	License: https://www.gnu.org/licenses/gpl.html
10	*/
11	// networking requires a couple of globals
12	- define('SS_VERSION', '7.0.2');
13	define('SS_PLUGIN_URL', plugin_dir_url( __FILE__ ));
14	define('SS_PLUGIN_FILE', plugin_dir_path( __FILE__ ));
15	define('SS_PLUGIN_DATA', plugin_dir_path( __FILE__ ).'data/');
	@@ -596,9 +596,5 @@ $post['reason']='Passed Registration '.$ret;
596	$ansa=be_load('ss_log_good',ss_get_ip(),$stats,$options,$post);
597	return $user_login;
598	}
599	- function ss_notify_admin($user_login, $user) {
600	- require_once('includes/ss_notify_admin.php');
601	- return ss_notify_admin_action($user_login, $user);
602	- }
603	require_once('includes/stop-spam-utils.php');
604	?>


1	<?php
2	/*
3	+ Plugin Name: Stop Spammers
4	Plugin URI: https://wordpress.org/plugins/stop-spammer-registrations-plugin/
5	Description: The Stop Spammers plugin blocks spammers from leaving comments or logging in. It protects sites from robot registrations and malicious attacks.
6	Author: Bryan Hadaway
7	Author URI: https://calmestghost.com/
8	+ Version: 7.0.3
9	License: https://www.gnu.org/licenses/gpl.html
10	*/
11	// networking requires a couple of globals
12	+ define('SS_VERSION', '7.0.3');
13	define('SS_PLUGIN_URL', plugin_dir_url( __FILE__ ));
14	define('SS_PLUGIN_FILE', plugin_dir_path( __FILE__ ));
15	define('SS_PLUGIN_DATA', plugin_dir_path( __FILE__ ).'data/');

596	$ansa=be_load('ss_log_good',ss_get_ip(),$stats,$options,$post);
597	return $user_login;
598	}




599	require_once('includes/stop-spam-utils.php');
600	?>