WordPress Zero Spam - Version 4.9.2

Version Description

  • Removed Ninja Form submission support. See FAQs for more details.
  • Fix for PHP notice on the log page in the view details modal.
  • Fix for double slashes in the JS URLs.
  • Fix for BotScout not checking IPs
  • Fix for table not found notice on activation

4.9.1 Fix for PHP notice on the modals for spam detections

Download this release

Release Info

Developer bmarshall511
Plugin Icon 128x128 WordPress Zero Spam
Version 4.9.2
Comparing to
See all releases

Code changes from version 4.9.1 to 4.9.2

Files changed (13) hide show
  1. classes/class-wpzerospam-log-table.php +0 -9
  2. inc/admin.php +0 -17
  3. inc/helpers.php +236 -113
  4. integrations/buddypress/buddypress.php +2 -2
  5. integrations/comments/comments.php +1 -1
  6. integrations/contact-form-7/contact-form-7.php +1 -1
  7. integrations/fluentform/fluentform.php +1 -1
  8. integrations/gravity-forms/gravity-forms.php +1 -1
  9. integrations/ninja-forms/ninja-forms.php +0 -87
  10. integrations/registrations/registrations.php +1 -1
  11. integrations/wpforms/wpforms.php +1 -1
  12. readme.txt +33 -37
  13. wordpress-zero-spam.php +4 -8
classes/class-wpzerospam-log-table.php CHANGED
@@ -188,7 +188,6 @@ class WPZeroSpam_Log_Table extends WP_List_Table {
188
 
189
  if ( ! empty( $item->submission_data ) ) {
190
  $submission_data = json_decode( $item->submission_data, true );
191
-
192
  foreach( $submission_data as $key => $value ):
193
  if ( ! $value ) { continue; }
194
  switch( $key ):
@@ -356,14 +355,6 @@ class WPZeroSpam_Log_Table extends WP_List_Table {
356
  echo '</div>';
357
  break;
358
 
359
- // Ninja Forms fields
360
- case 'id':
361
- echo '<div class="wpzerospam-details-item">';
362
- echo '<div class="wpzerospam-details-label">' . __( 'ID', 'wpzerospam' ) . '</div>';
363
- echo '<div class="wpzerospam-details-data">' . $value . '</div>';
364
- echo '</div>';
365
- break;
366
-
367
  // Formidable fields
368
  case 'frm_action':
369
  echo '<div class="wpzerospam-details-item">';
188
 
189
  if ( ! empty( $item->submission_data ) ) {
190
  $submission_data = json_decode( $item->submission_data, true );
 
191
  foreach( $submission_data as $key => $value ):
192
  if ( ! $value ) { continue; }
193
  switch( $key ):
355
  echo '</div>';
356
  break;
357
 
 
 
 
 
 
 
 
 
358
  // Formidable fields
359
  case 'frm_action':
360
  echo '<div class="wpzerospam-details-item">';
inc/admin.php CHANGED
@@ -352,10 +352,6 @@ function wpzerospam_validate_options( $input ) {
352
  $input['verify_gform'] = 'disabled';
353
  }
354
 
355
- if ( empty( $input['verify_ninja_forms'] ) ) {
356
- $input['verify_ninja_forms'] = 'disabled';
357
- }
358
-
359
  if ( empty( $input['verify_bp_registrations'] ) ) {
360
  $input['verify_bp_registrations'] = 'disabled';
361
  }
@@ -652,19 +648,6 @@ function wpzerospam_admin_init() {
652
  ]);
653
  }
654
 
655
- // Ninja Forms spam check
656
- if ( is_plugin_active( 'ninja-forms/ninja-forms.php' ) ) {
657
- add_settings_field( 'verify_ninja_forms', __( 'Verify Ninja Forms Submissions', 'wpzerospam' ), 'wpzerospam_field_cb', 'wpzerospam', 'wpzerospam_spam_checks', [
658
- 'label_for' => 'verify_ninja_forms',
659
- 'type' => 'checkbox',
660
- 'multi' => false,
661
- 'desc' => 'Enables spam detection for Ninja Forms submissions.',
662
- 'options' => [
663
- 'enabled' => __( 'Enabled', 'wpzerospam' )
664
- ]
665
- ]);
666
- }
667
-
668
  // BuddyPress registrations spam check
669
  if ( function_exists( 'bp_is_active' ) ) {
670
  add_settings_field( 'verify_bp_registrations', __( 'Verify BuddyPress Registrations', 'wpzerospam' ), 'wpzerospam_field_cb', 'wpzerospam', 'wpzerospam_spam_checks', [
352
  $input['verify_gform'] = 'disabled';
353
  }
354
 
 
 
 
 
355
  if ( empty( $input['verify_bp_registrations'] ) ) {
356
  $input['verify_bp_registrations'] = 'disabled';
357
  }
648
  ]);
649
  }
650
 
 
 
 
 
 
 
 
 
 
 
 
 
 
651
  // BuddyPress registrations spam check
652
  if ( function_exists( 'bp_is_active' ) ) {
653
  add_settings_field( 'verify_bp_registrations', __( 'Verify BuddyPress Registrations', 'wpzerospam' ), 'wpzerospam_field_cb', 'wpzerospam', 'wpzerospam_spam_checks', [
inc/helpers.php CHANGED
@@ -12,6 +12,29 @@
12
  */
13
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/inc/locations.php';
14
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
15
  /**
16
  * Returns the geolocation information for a specified IP address.
17
  *
@@ -53,27 +76,228 @@ if ( ! function_exists( 'wpzerospam_get_ip_info' ) ) {
53
  }
54
 
55
  /**
56
- * Returns the human-readable spam type or an array of available spam types.
57
  *
58
- * @param string $type_key The key of the type that should be returned.
59
- * @return string/array The human-readable type name or an array of all the
60
- * available types.
61
  */
62
- if ( ! function_exists( 'wpzerospam_types' ) ) {
63
- function wpzerospam_types( $type_key = false ) {
64
- $types = apply_filters( 'wpzerospam_types', [ 'blocked' => __( 'Access Blocked', 'wpzerospam' ) ] );
65
 
66
- if ( $type_key ) {
67
- if ( ! empty( $types[ $type_key ] ) ) {
68
- return $types[ $type_key ];
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
69
  }
 
70
 
71
- return $type_key;
 
 
 
 
 
 
 
72
  }
73
 
74
- return $types;
 
 
 
 
75
  }
76
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
77
 
78
  /**
79
  * Checks if either the submission data or $_POST contain the wpzerospam_key and
@@ -503,7 +727,6 @@ if ( ! function_exists( 'wpzerospam_plugin_integration_enabled' ) ) {
503
  $options = wpzerospam_options();
504
 
505
  $integrations = [
506
- 'ninja_forms' => 'ninja-forms/ninja-forms.php',
507
  'cf7' => 'contact-form-7/wp-contact-form-7.php',
508
  'gforms' => 'gravityforms/gravityforms.php',
509
  'fluentform' => 'fluentform/fluentform.php',
@@ -584,10 +807,6 @@ if ( ! function_exists( 'wpzerospam_options' ) ) {
584
  $options['verify_gform'] = 'enabled';
585
  }
586
 
587
- if ( empty( $options['verify_ninja_forms'] ) ) {
588
- $options['verify_ninja_forms'] = 'enabled';
589
- }
590
-
591
  if ( empty( $options['verify_bp_registrations'] ) ) {
592
  $options['verify_bp_registrations'] = 'enabled';
593
  }
@@ -687,102 +906,6 @@ if ( ! function_exists( 'wpzerospam_is_blocked' ) ) {
687
  }
688
  }
689
 
690
- /**
691
- * Checks to see if the current user has access to the site
692
- */
693
- if ( ! function_exists( 'wpzerospam_check_access' ) ) {
694
- function wpzerospam_check_access() {
695
- $access = [
696
- 'access' => true
697
- ];
698
-
699
- // Ignore admin dashboard & login page checks
700
- if (
701
- is_admin() || wpzerospam_is_login() ||
702
- (
703
- ! is_singular() &&
704
- ! is_page() &&
705
- ! is_single() &&
706
- ! is_archive() &&
707
- ! is_home() &&
708
- ! is_front_page()
709
- )
710
- ) {
711
- return $access;
712
- }
713
-
714
- $options = wpzerospam_options();
715
- $ip = wpzerospam_ip();
716
- $access['ip'] = $ip;
717
-
718
- // Check whitelist
719
- $whitelist = $options['ip_whitelist'];
720
- if ( $whitelist ) {
721
- $whitelist = explode( PHP_EOL, $whitelist );
722
- foreach( $whitelist as $k => $whitelisted_ip ) {
723
- if ( $ip == $whitelisted_ip ) {
724
- return $access;
725
- }
726
- }
727
- }
728
-
729
- // Check if the current user's IP address has been blocked
730
- $is_blocked = wpzerospam_get_blocked_ips( $ip );
731
- if ( ! $is_blocked ) {
732
- // IP hasen't been blocked
733
- // If enabled, check the Stop Forum Spam blacklist
734
- if ( 'enabled' == $options['stop_forum_spam'] ) {
735
- $stop_forum_spam_is_spam = wpzerospam_stopforumspam_is_spam( $ip );
736
- if ( ! $stop_forum_spam_is_spam ) {
737
- // IP wasn't found in the Stop Forum Spam blacklist
738
- return $access;
739
- } else {
740
- // IP was found in the Stop Forum Spam blacklist
741
- $access['access'] = false;
742
- $access['reason'] = 'Stop Forum Spam';
743
-
744
- return $access;
745
- }
746
- }
747
-
748
- // If enabled, check the BotScout blacklist
749
- if ( 'enabled' == $options['botscout'] ) {
750
- $botscout_request = wpzerospam_botscout_is_spam( $ip );
751
- if ( ! $botscout_request ) {
752
- // IP wasn't found in the Stop Forum Spam blacklist
753
- return $access;
754
- } else {
755
- // IP was found in the Stop Forum Spam blacklist
756
- $access['access'] = false;
757
- $access['reason'] = 'BotScout';
758
-
759
- return $access;
760
- }
761
- }
762
-
763
- // Passed all tests
764
- return $access;
765
- }
766
-
767
- // Check if in the blacklist
768
- $in_blacklist = wpzerospam_in_blacklist( $ip );
769
- if ( $in_blacklist ) {
770
- // IP found in the blacklist
771
- $access['access'] = false;
772
- $access['reason'] = $in_blacklist->blacklist_service;
773
-
774
- return $access;
775
- }
776
-
777
- if ( wpzerospam_is_blocked( $is_blocked ) ) {
778
- $access['access'] = false;
779
- $access['reason'] = $is_blocked->reason;
780
- }
781
-
782
- return $access;
783
- }
784
- }
785
-
786
  /**
787
  * Determines if the current page is the login page
788
  */
12
  */
13
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/inc/locations.php';
14
 
15
+ /**
16
+ * Returns the human-readable spam type or an array of available spam types.
17
+ *
18
+ * @param string $type_key The key of the type that should be returned.
19
+ * @return string/array The human-readable type name or an array of all the
20
+ * available types.
21
+ */
22
+ if ( ! function_exists( 'wpzerospam_types' ) ) {
23
+ function wpzerospam_types( $type_key = false ) {
24
+ $types = apply_filters( 'wpzerospam_types', [ 'blocked' => __( 'Access Blocked', 'wpzerospam' ) ] );
25
+
26
+ if ( $type_key ) {
27
+ if ( ! empty( $types[ $type_key ] ) ) {
28
+ return $types[ $type_key ];
29
+ }
30
+
31
+ return $type_key;
32
+ }
33
+
34
+ return $types;
35
+ }
36
+ }
37
+
38
  /**
39
  * Returns the geolocation information for a specified IP address.
40
  *
76
  }
77
 
78
  /**
79
+ * Query the database tables
80
  *
81
+ * @return false/array False if not found, otherwise the blocked IP info.
 
 
82
  */
83
+ if ( ! function_exists( 'wpzerospam_query_table' ) ) {
84
+ function wpzerospam_query_table( $table, $args = [] ) {
85
+ global $wpdb;
86
 
87
+ // Select
88
+ $sql = 'SELECT ';
89
+ if ( ! empty( $args['select'] ) ) {
90
+ $sql .= implode( ',', $args['select'] );
91
+ } else {
92
+ $sql .= '*';
93
+ }
94
+
95
+ // From
96
+ $sql .= " from " . wpzerospam_tables( $table );
97
+
98
+ // Where
99
+ if ( ! empty( $args['where'] ) ) {
100
+ $sql .= ' WHERE ';
101
+ foreach( $args['where'] as $key => $value ) {
102
+ if ( is_int( $value ) ) {
103
+ $sql .= $key . ' = ' . $value . ' ';
104
+ } else {
105
+ $sql .= $key . ' = "' . $value . '" ';
106
+ }
107
  }
108
+ }
109
 
110
+ // Limit
111
+ if ( ! empty( $args['limit'] ) ) {
112
+ $sql .= 'LIMIT ' . $args['limit'];
113
+
114
+ // Offset
115
+ if ( ! empty( $args['offset'] ) ) {
116
+ $sql .= ', ' . $args['offset'];
117
+ }
118
  }
119
 
120
+ if ( ! empty( $args['limit'] ) && 1 == $args['limit'] ) {
121
+ return $wpdb->get_row( $sql, ARRAY_A );
122
+ } else {
123
+ return $wpdb->get_results( $sql, ARRAY_A );
124
+ }
125
  }
126
  }
127
+
128
+ /**
129
+ * Whitelisted IPs
130
+ *
131
+ * @return array An array of whitelisted IP addresses.
132
+ */
133
+ if ( ! function_exists( 'wpzerospam_get_whitelist' ) ) {
134
+ function wpzerospam_get_whitelist() {
135
+ $options = wpzerospam_options();
136
+ if ( $options['ip_whitelist'] ) {
137
+ $whitelist = explode( PHP_EOL, $options['ip_whitelist'] );
138
+ if ( $whitelist ) {
139
+ $whitelisted = [];
140
+ foreach( $whitelist as $k => $whitelisted_ip ) {
141
+ $whitelisted[ $whitelisted_ip ] = $whitelisted_ip;
142
+ }
143
+
144
+ return $whitelisted;
145
+ }
146
+ }
147
+
148
+ return false;
149
+ }
150
+ }
151
+
152
+ /**
153
+ * Check access
154
+ *
155
+ * Determines if the current user IP should have access to the site.
156
+ *
157
+ * @return array Includes info about the access check.
158
+ */
159
+ if ( ! function_exists( 'wpzerospam_check_access' ) ) {
160
+ function wpzerospam_check_access() {
161
+ // Innocent until proven guilty...
162
+ $access = [ 'access' => true ];
163
+
164
+ // Always allow authenticated users & users trying to log in access
165
+ if ( is_user_logged_in() || wpzerospam_is_login() ) {
166
+ return $access;
167
+ }
168
+
169
+ /**
170
+ * Only check access for actual page vists. Some resource requests like
171
+ * favicons fire this function which causes duplicate entries in the DB.
172
+ *
173
+ * @TODO - Find a way to avoid these checks & ensure this function only gets
174
+ * fired on page requests vs. resources.
175
+ */
176
+ if (
177
+ ! is_singular() && ! is_page() && ! is_single() && ! is_archive() &&
178
+ ! is_home() && ! is_front_page()
179
+ ) {
180
+ return $access;
181
+ }
182
+
183
+ // Get the user's IP address then begin the checks
184
+ $options = wpzerospam_options();
185
+ $ip = wpzerospam_ip();
186
+
187
+ // 1. Check whitelisted IP addresses
188
+ $whitelist = wpzerospam_get_whitelist();
189
+ if ( $whitelist && array_key_exists( $ip, $whitelist ) ) {
190
+ return $access;
191
+ }
192
+
193
+ // 2. Check if the user's IP address has been blocked
194
+ $blocked_ip = wpzerospam_query_table( 'blocked', [
195
+ 'select' => [
196
+ 'blocked_type',
197
+ 'start_block',
198
+ 'end_block',
199
+ 'reason',
200
+ 'attempts'
201
+ ],
202
+ 'where' => [ 'user_ip' => $ip ],
203
+ 'limit' => 1
204
+ ]);
205
+
206
+ if ( $blocked_ip ) {
207
+ if ( 'permanent' == $blocked_ip['blocked_type'] ) {
208
+ $access['access'] = false;
209
+ $access['reason'] = $blocked_ip['reason'];
210
+
211
+ return $access;
212
+ } else {
213
+ $current_datetime = current_time( 'timestamp' );
214
+ $start_block = strtotime( $blocked_ip['start_block'] );
215
+ $end_block = strtotime( $blocked_ip['end_block'] );
216
+ if (
217
+ $current_datetime >= $start_block &&
218
+ $current_datetime < $end_block
219
+ ) {
220
+ $access['access'] = false;
221
+ $access['reason'] = $blocked_ip['reason'];
222
+
223
+ return $access;
224
+ }
225
+ }
226
+ }
227
+
228
+ // 3. Check the blacklist
229
+ $blacklist_ip = wpzerospam_query_table( 'blacklist', [
230
+ 'select' => [ 'blacklist_service' ],
231
+ 'where' => [ 'user_ip' => $ip ],
232
+ 'limit' => 1
233
+ ]);
234
+ if ( $blacklist_ip ) {
235
+ $access['access'] = false;
236
+ $access['reason'] = $blacklist_ip['blacklist_service'];
237
+
238
+ return $access;
239
+ }
240
+
241
+ // 4. Check the Stop Forum Spam blacklist
242
+ if ( 'enabled' == $options['stop_forum_spam'] ) {
243
+ $stop_forum_spam_is_spam = wpzerospam_stopforumspam_is_spam( $ip );
244
+ if ( $stop_forum_spam_is_spam ) {
245
+ $access['access'] = false;
246
+ $access['reason'] = 'Stop Forum Spam';
247
+
248
+ return $access;
249
+ }
250
+ }
251
+
252
+ // 5. Check the BotScout blacklist
253
+ if ( ! empty( $options['botscout'] ) ) {
254
+ $botscout_request = wpzerospam_botscout_is_spam( $ip );
255
+ if ( $botscout_request ) {
256
+ $access['access'] = false;
257
+ $access['reason'] = 'BotScout';
258
+
259
+ return $access;
260
+ }
261
+ }
262
+
263
+ return $access;
264
+ }
265
+ }
266
+
267
+
268
+
269
+
270
+
271
+
272
+
273
+
274
+
275
+
276
+
277
+
278
+
279
+
280
+
281
+
282
+
283
+
284
+
285
+
286
+
287
+
288
+
289
+
290
+
291
+
292
+
293
+
294
+
295
+
296
+
297
+
298
+
299
+
300
+
301
 
302
  /**
303
  * Checks if either the submission data or $_POST contain the wpzerospam_key and
727
  $options = wpzerospam_options();
728
 
729
  $integrations = [
 
730
  'cf7' => 'contact-form-7/wp-contact-form-7.php',
731
  'gforms' => 'gravityforms/gravityforms.php',
732
  'fluentform' => 'fluentform/fluentform.php',
807
  $options['verify_gform'] = 'enabled';
808
  }
809
 
 
 
 
 
810
  if ( empty( $options['verify_bp_registrations'] ) ) {
811
  $options['verify_bp_registrations'] = 'enabled';
812
  }
906
  }
907
  }
908
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
909
  /**
910
  * Determines if the current page is the login page
911
  */
integrations/buddypress/buddypress.php CHANGED
@@ -38,11 +38,11 @@ if ( ! function_exists( 'wpzerospam_buddy_press' ) ) {
38
  wp_enqueue_script(
39
  'wpzerospam-integration-buddy-press',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
- '/integrations/buddypress/js/buddypress.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
45
  );
46
  }
47
  }
48
- add_action( 'wpcf7_enqueue_scripts', 'wpzerospam_buddy_press' );
38
  wp_enqueue_script(
39
  'wpzerospam-integration-buddy-press',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
+ 'integrations/buddypress/js/buddypress.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
45
  );
46
  }
47
  }
48
+ add_action( 'bp_before_register_page', 'wpzerospam_buddy_press' );
integrations/comments/comments.php CHANGED
@@ -49,7 +49,7 @@ if ( ! function_exists( 'wpzerospam_comment_form' ) ) {
49
  wp_enqueue_script(
50
  'wpzerospam-integration-comments',
51
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
52
- '/integrations/comments/js/comments.js',
53
  [ 'wpzerospam' ],
54
  WORDPRESS_ZERO_SPAM_VERSION,
55
  true
49
  wp_enqueue_script(
50
  'wpzerospam-integration-comments',
51
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
52
+ 'integrations/comments/js/comments.js',
53
  [ 'wpzerospam' ],
54
  WORDPRESS_ZERO_SPAM_VERSION,
55
  true
integrations/contact-form-7/contact-form-7.php CHANGED
@@ -38,7 +38,7 @@ if ( ! function_exists( 'wpzerospam_cf7' ) ) {
38
  wp_enqueue_script(
39
  'wpzerospam-integration-cf7',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
- '/integrations/contact-form-7/js/cf7.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
38
  wp_enqueue_script(
39
  'wpzerospam-integration-cf7',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
+ 'integrations/contact-form-7/js/cf7.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
integrations/fluentform/fluentform.php CHANGED
@@ -48,7 +48,7 @@ if ( ! function_exists( 'wpzerospam_fluentform' ) ) {
48
  wp_enqueue_script(
49
  'wpzerospam-integration-fluentform',
50
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
51
- '/integrations/fluentform/js/fluentform.js',
52
  [ 'wpzerospam' ],
53
  WORDPRESS_ZERO_SPAM_VERSION,
54
  true
48
  wp_enqueue_script(
49
  'wpzerospam-integration-fluentform',
50
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
51
+ 'integrations/fluentform/js/fluentform.js',
52
  [ 'wpzerospam' ],
53
  WORDPRESS_ZERO_SPAM_VERSION,
54
  true
integrations/gravity-forms/gravity-forms.php CHANGED
@@ -38,7 +38,7 @@ if ( ! function_exists( 'wpzerospam_gravity_forms' ) ) {
38
  wp_enqueue_script(
39
  'wpzerospam-integration-gravity-forms',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
- '/integrations/gravity-forms/js/gravity-forms.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
38
  wp_enqueue_script(
39
  'wpzerospam-integration-gravity-forms',
40
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
41
+ 'integrations/gravity-forms/js/gravity-forms.js',
42
  [ 'wpzerospam' ],
43
  WORDPRESS_ZERO_SPAM_VERSION,
44
  true
integrations/ninja-forms/ninja-forms.php DELETED
@@ -1,87 +0,0 @@
1
- <?php
2
- /**
3
- * Handles checking submitted Ninja Forms for spam
4
- *
5
- * @package WordPressZeroSpam
6
- * @since 4.3.7
7
- */
8
-
9
- /**
10
- * Add the 'ninja_forms' spam type
11
- */
12
- add_filter( 'wpzerospam_types', function( $types ) {
13
- $types = array_merge( $types, [ 'ninja_forms' => 'Ninja Forms' ] );
14
- return $types;
15
- });
16
-
17
- /**
18
- * Validation for Ninja Forms submissions
19
- */
20
- if ( ! function_exists( 'wpzerospam_ninja_forms_validate' ) ) {
21
- function wpzerospam_ninja_forms_validate( $form_data ) {
22
- if ( is_user_logged_in() ) {
23
- return $form_data;
24
- }
25
-
26
- if (
27
- empty( $form_data['extra'] ) ||
28
- empty( $form_data['extra']['wpzerospam_key'] ) ||
29
- wpzerospam_get_key() != $form_data['extra']['wpzerospam_key']
30
- ) {
31
- $options = wpzerospam_options();
32
-
33
- do_action( 'wpzerospam_ninja_forms_spam' );
34
-
35
- wpzerospam_spam_detected( 'ninja_forms', $form_data, false );
36
-
37
- // @TODO - This is a hacky way to display an error for spam detections,
38
- // but only way I've found to show an error.
39
- $form_data['errors']['fields'][1] = $options['spam_message'];
40
- }
41
-
42
- return $form_data;
43
- }
44
- }
45
- add_filter( 'ninja_forms_submit_data', 'wpzerospam_ninja_forms_validate' );
46
-
47
- if ( ! class_exists( 'WordPressZeroSpam_NF_ExtraData' ) ) {
48
- class WordPressZeroSpam_NF_ExtraData {
49
- var $form_ids = [];
50
- var $script_added = false;
51
-
52
- public function __construct() {
53
- add_action( 'ninja_forms_before_form_display', [ $this, 'addHooks' ] );
54
- }
55
-
56
- public function addHooks( $form_id ) {
57
- $this->form_ids[] = $form_id;
58
-
59
- if ( ! $this->script_added ) {
60
- add_action( 'wp_footer', [ $this, 'add_extra_to_form' ], 99 );
61
- $this->script_added = true;
62
- }
63
- }
64
-
65
- public function add_extra_to_form() {
66
- ?>
67
- <script>
68
- (function() {
69
- var form_ids = [ <?php echo join( ", ", $this->form_ids ); ?> ];
70
-
71
- nfRadio.channel( "forms" ).on( "before:submit", function( e ) {
72
- if( form_ids.indexOf( +e.id ) === -1 ) return;
73
-
74
- var extra = e.get( 'extra' );
75
-
76
- extra.wpzerospam_key = '<?php echo wpzerospam_get_key(); ?>';
77
-
78
- e.set('extra', extra);
79
- });
80
- })();
81
- </script>
82
- <?php
83
- }
84
- }
85
- }
86
-
87
- new WordPressZeroSpam_NF_ExtraData();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
integrations/registrations/registrations.php CHANGED
@@ -52,7 +52,7 @@ if ( ! function_exists( 'wpzerospam_registration_form' ) ) {
52
  wp_enqueue_script(
53
  'wpzerospam-integration-registrations',
54
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
55
- '/integrations/registrations/js/registrations.js',
56
  [ 'wpzerospam' ],
57
  WORDPRESS_ZERO_SPAM_VERSION,
58
  true
52
  wp_enqueue_script(
53
  'wpzerospam-integration-registrations',
54
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
55
+ 'integrations/registrations/js/registrations.js',
56
  [ 'wpzerospam' ],
57
  WORDPRESS_ZERO_SPAM_VERSION,
58
  true
integrations/wpforms/wpforms.php CHANGED
@@ -44,7 +44,7 @@ if ( ! function_exists( 'wpzerospam_wpforms' ) ) {
44
  wp_enqueue_script(
45
  'wpzerospam-integration-wpforms',
46
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
47
- '/integrations/wpforms/js/wpforms.js',
48
  [ 'wpzerospam' ],
49
  WORDPRESS_ZERO_SPAM_VERSION,
50
  true
44
  wp_enqueue_script(
45
  'wpzerospam-integration-wpforms',
46
  plugin_dir_url( WORDPRESS_ZERO_SPAM ) .
47
+ 'integrations/wpforms/js/wpforms.js',
48
  [ 'wpzerospam' ],
49
  WORDPRESS_ZERO_SPAM_VERSION,
50
  true
readme.txt CHANGED
@@ -5,25 +5,25 @@ Donate link: https://benmarshall.me/donate/?utm_source=wordpress_zero_spam&utm_m
5
  Requires at least: 5.2
6
  Tested up to: 5.4.2
7
  Requires PHP: 7.1
8
- Stable tag: 4.9.1
9
  License: GNU GPLv3
10
  License URI: https://choosealicense.com/licenses/gpl-3.0/
11
 
12
- WordPress Zero Spam makes blocking spammers a cinch. Install, activate and enjoy a spam-free site &mdash; with third-party plugin support.
13
 
14
  == Description ==
15
 
16
- Why force users to prove that they're humans by filling out captchas? Let bots prove they're not bots with the [WordPress Zero Spam plugin](https://benmarshall.me/wordpress-zero-spam/?utm_source=wordpress.org&utm_medium=plugin&utm_campaign=wordpress_zero_spam).
17
 
18
- WordPress Zero Spam blocks spam submissions including comments, registrations and more automatically without any config or setup. Just install, activate, and enjoy a spam-free site.
19
 
20
- = Plugin Features =
21
 
22
  * **No captcha**, spam isn't a users' problem
23
  * **No moderation queues**, spam isn't a administrators' problem
24
  * **Blocks 99.9% of spam** submissions
25
- * **Blocks spammy IPs** from ever seeing your site
26
- * **Checks spam blacklists** ([Zero Spam](https://zerospam.org), [Stop Forum Spam](https://www.stopforumspam.com/), [BotScout](https://botscout.com/))
27
  * **Auto-block IPs** when a spam detection is triggered
28
  * **Manually block IPs** either temporarily or permanently
29
  * **Developer-friendly**, integrate with any theme, plugin or form
@@ -33,17 +33,16 @@ WordPress Zero Spam blocks spam submissions including comments, registrations an
33
  * **Advanced settings** for complete control over spammers
34
  * **Charts &amp; statistics** for easy to understand spam analytics
35
 
36
- = Plugin Support =
37
 
38
- * WordPress comments system
39
- * WordPress user registrations
40
  * [Contact Form 7](https://wordpress.org/plugins/contact-form-7/) submissions
41
  * [Gravity Forms](https://www.gravityforms.com/) submissions
42
- * [Ninja Forms](https://wordpress.org/plugins/ninja-forms/) submissions*
43
  * [BuddyPress](https://wordpress.org/plugins/buddypress/) registrations
44
- * [Contact Form by WPForms](https://wordpress.org/plugins/wpforms-lite/) submissions
45
- * [WP Fluent Forms](https://wordpress.org/plugins/fluentform/) submissions
46
  * [Formidable Form Builder](https://wordpress.org/plugins/formidable/) submissions
 
47
 
48
  WordPress Zero Spam is great at blocking spam &mdash; as a site owner there's more you can do to [stop WordPress spam](https://benmarshall.me/stop-wordpress-spam/) in its tracks.
49
 
@@ -69,19 +68,19 @@ For more information & developer documentation, see the [plugin’s website](htt
69
 
70
  == Frequently Asked Questions ==
71
 
72
- = Does WordPress Zero Spam work for Jetpack comments? =
73
 
74
- No. For more information, see [https://wordpress.org/support/topic/incompatible-with-jetpack-comments](https://wordpress.org/support/topic/incompatible-with-jetpack-comments).
75
 
76
- = Why aren't spammy comments being blocked? =
77
 
78
- WordPress Zero Spam relies on the default core form id (`#commentform`) in order to detect comments. Verify your comment forms have this ID or add the class `wpzerospam` to them so the plugin knows to it should attempt to detect spam comments.
79
 
80
- = How can I integrate this into a plugin, theme or custom form? =
81
 
82
- It's easy as adding the class `wpzerospam` to the `form` element, then adding a check in the form processor that the `wpzerospam_key` post value matches the option value in the database using the `wpzerospam_key_check()` helper function.
83
 
84
- = Why does my registration form think every submission is spam? =
85
 
86
  This is most likely due to a plugin or theme overriding the default markup of the registration form. Verify the form has an id of `registerform` or add the `wpzerospam` class to it.
87
 
@@ -93,25 +92,15 @@ Example with `wpzerospam` class:
93
 
94
  `<form name="registerform" class="wpzerospam" action="https://yourdomain.local/login/?action=register" method="post" novalidate="novalidate">`
95
 
96
- = Is JavaScript required for this plugin to work? =
97
 
98
- Yes, that's what does the magic and keeps spam bots out.
99
 
100
- = What filters are available? =
101
 
102
- * `wpzerospam_types` - Returns an array of available spam detection types
103
 
104
- = What action hooks are available? =
105
-
106
- * `wpzerospam_comment_spam` - Fires when a spam comment is detected
107
- * `wpzerospam_registration_spam` - Fires when a spam registration is detected
108
- * `wpzerospam_cf7_spam` - Fires when a spam submission is made with a CF7 form
109
- * `wpzerospam_gform_spam` - Fires when a spam submission is made with a Gravity Form
110
- * `wpzerospam_ninja_forms_spam` - Fires when a spam submission is made with a Ninja Form
111
- * `wpzerospam_bp_registration_spam` - Fires when a BuddyPress spam registration is detected
112
- * `wpzerospam_wpform_spam` - Fires when a spam submission is made with a WPForm
113
- * `wpzerospam_fluentform_spam` - Fires when a spam submission is made with a WP Fluent Form
114
- * `wpzerospam_formidable_spam` - Fires when a spam submission is made with a Formidable form
115
 
116
  == Screenshots ==
117
 
@@ -123,9 +112,16 @@ Yes, that's what does the magic and keeps spam bots out.
123
 
124
  == Changelog ==
125
 
126
- = 4.9.1 =
 
 
 
 
 
 
127
 
128
- * Fix for PHP notice on the modals for spam detections
 
129
 
130
  = 4.9.0 =
131
 
5
  Requires at least: 5.2
6
  Tested up to: 5.4.2
7
  Requires PHP: 7.1
8
+ Stable tag: 4.9.2
9
  License: GNU GPLv3
10
  License URI: https://choosealicense.com/licenses/gpl-3.0/
11
 
12
+ WordPress Zero Spam makes blocking spam & malicious visitors a cinch. Just install, activate and enjoy a spam-free site.
13
 
14
  == Description ==
15
 
16
+ Quit forcing users to answer silly questions, read confusing captchas, or take additional steps just to prove they're not spam. Stop malicious bots & hackers in their tracks before they ever have a chance to infiltrate your site &mdash; introducing WordPress Zero Spam.
17
 
18
+ [WordPress Zero Spam](https://benmarshall.me/wordpress-zero-spam/?utm_source=wordpress.org&utm_medium=plugin&utm_campaign=wordpress_zero_spam) uses AI in combination with proven spam detection techniques and a database of known malicious IPs from around the world to detect and block unwanted visitors. In addition, it integrates with other popular plugins to provide all around protection. Just install, activate, and enjoy a spam-free site.
19
 
20
+ = WordPress Zero Spam features =
21
 
22
  * **No captcha**, spam isn't a users' problem
23
  * **No moderation queues**, spam isn't a administrators' problem
24
  * **Blocks 99.9% of spam** submissions
25
+ * **Blocks malicious IPs** from ever seeing your site
26
+ * **Check IPs against spam blacklists** ([Zero Spam](https://zerospam.org), [Stop Forum Spam](https://www.stopforumspam.com/), [BotScout](https://botscout.com/))
27
  * **Auto-block IPs** when a spam detection is triggered
28
  * **Manually block IPs** either temporarily or permanently
29
  * **Developer-friendly**, integrate with any theme, plugin or form
33
  * **Advanced settings** for complete control over spammers
34
  * **Charts &amp; statistics** for easy to understand spam analytics
35
 
36
+ = WordPress Zero Spam also protects =
37
 
38
+ * WordPress core comments & user registrations
 
39
  * [Contact Form 7](https://wordpress.org/plugins/contact-form-7/) submissions
40
  * [Gravity Forms](https://www.gravityforms.com/) submissions
 
41
  * [BuddyPress](https://wordpress.org/plugins/buddypress/) registrations
42
+ * [WPForms](https://wordpress.org/plugins/wpforms-lite/) submissions
43
+ * [WP Fluent Form](https://wordpress.org/plugins/fluentform/) submissions
44
  * [Formidable Form Builder](https://wordpress.org/plugins/formidable/) submissions
45
+ * and can be easily integrated into any existing theme or plugin
46
 
47
  WordPress Zero Spam is great at blocking spam &mdash; as a site owner there's more you can do to [stop WordPress spam](https://benmarshall.me/stop-wordpress-spam/) in its tracks.
48
 
68
 
69
  == Frequently Asked Questions ==
70
 
71
+ = Does WordPress Zero Spam check Ninja Forms submissions? =
72
 
73
+ No. As of v4.10.0, WordPress Zero Spam no longer checks Ninja Form submissions. Support was dropped due its [required of JavaScript](https://developer.ninjaforms.com/codex/loading-the-form-via-ajax/) and how it submits forms. JavaScript is one of the techniques WordPress Zero Spam uses to determine if a submission is spam. Ninja Forms employs a similar method and has its own [spam detection](https://ninjaforms.com/blog/spam-wordpress-form/) feature.
74
 
75
+ = Does WordPress Zero Spam check Jetpack comments? =
76
 
77
+ No. WordPress Zero Spam is unable to integrate Jetpack. For more information, see [https://wordpress.org/support/topic/incompatible-with-jetpack-comments](https://wordpress.org/support/topic/incompatible-with-jetpack-comments).
78
 
79
+ = Spam coments are still getting through, help! =
80
 
81
+ WordPress Zero Spam relies on the default core form id (`#commentform`) in order to check comment submissions. Verify your comment forms have this ID or add the class `wpzerospam` to enable it on your site.
82
 
83
+ = All registrations are marked as spam, help! =
84
 
85
  This is most likely due to a plugin or theme overriding the default markup of the registration form. Verify the form has an id of `registerform` or add the `wpzerospam` class to it.
86
 
92
 
93
  `<form name="registerform" class="wpzerospam" action="https://yourdomain.local/login/?action=register" method="post" novalidate="novalidate">`
94
 
95
+ If you need help, please don't hesitate to [reach out](https://benmarshall.me/contact/?utm_source=wordpress.org&utm_medium=plugin&utm_campaign=wordpress_zero_spam).
96
 
97
+ = How do I integrate this into another plugin or theme? =
98
 
99
+ It's easy as adding the class `wpzerospam` to the `form` element, then adding a check in the form processor that the `wpzerospam_key` post value matches the option value in the database using the `wpzerospam_key_check()` helper function. See the [plugin's documentation](https://benmarshall.me/wordpress-zero-spam/?utm_source=wordpress.org&utm_medium=plugin&utm_campaign=wordpress_zero_spam) for more information on available hooks & functions.
100
 
101
+ = Is JavaScript required to check form submissions? =
102
 
103
+ Yes. One of the many techniques WordPress Zero Spam employs requires JavaScript be enabled to work properly.
 
 
 
 
 
 
 
 
 
 
104
 
105
  == Screenshots ==
106
 
112
 
113
  == Changelog ==
114
 
115
+ = 4.9.2 =
116
+
117
+ * Removed Ninja Form submission support. See FAQs for more details.
118
+ * Fix for PHP notice on the log page in the view details modal.
119
+ * Fix for double slashes in the JS URLs.
120
+ * Fix for BotScout not checking IPs
121
+ * Fix for table not found notice on activation
122
 
123
+ 4.9.1
124
+ Fix for PHP notice on the modals for spam detections
125
 
126
  = 4.9.0 =
127
 
wordpress-zero-spam.php CHANGED
@@ -13,7 +13,7 @@
13
  * Plugin Name: WordPress Zero Spam
14
  * Plugin URI: https://benmarshall.me/wordpress-zero-spam
15
  * Description: Tired of all the useless and bloated WordPress spam plugins? The WordPress Zero Spam plugin makes blocking spam a cinch. <strong>Just install, activate and say goodbye to spam.</strong> Based on work by <a href="http://davidwalsh.name/wordpress-comment-spam" target="_blank">David Walsh</a>.
16
- * Version: 4.9.1
17
  * Requires at least: 5.2
18
  * Requires PHP: 7.2
19
  * Author: Ben Marshall
@@ -31,7 +31,7 @@ defined( 'ABSPATH' ) or die( 'No script kiddies please!' );
31
  // Define plugin constants
32
  define( 'WORDPRESS_ZERO_SPAM', __FILE__ );
33
  define( 'WORDPRESS_ZERO_SPAM_DB_VERSION', '0.2' );
34
- define( 'WORDPRESS_ZERO_SPAM_VERSION', '4.9.1' );
35
 
36
  /**
37
  * Helpers
@@ -94,13 +94,13 @@ function wpzerospam_install() {
94
  dbDelta( $sql );
95
 
96
  if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $blocked_table ) ) === $blocked_table ) {
97
- $wpdb->query( "DELETE $blocked_table FROM $blocked_table AS t1 INNER JOIN $blocked_table AS t2 WHERE t1.blocked_id < t2.blocked_id AND t1.user_ip = t2.user_ip;" );
98
 
99
  $wpdb->query( "ALTER TABLE $blocked_table ADD UNIQUE `user_ip` (`user_ip`(39));" );
100
  }
101
 
102
  if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $blacklist_table ) ) === $blacklist_table ) {
103
- $wpdb->query( "DELETE $blacklist_table FROM $blacklist_table AS t1 INNER JOIN $blacklist_table AS t2 WHERE t1.blacklist_id < t2.blacklist_id AND t1.user_ip = t2.user_ip;" );
104
 
105
  $wpdb->query( "ALTER TABLE $blacklist_table ADD UNIQUE `user_ip` (`user_ip`(39));" );
106
  }
@@ -149,10 +149,6 @@ if ( wpzerospam_plugin_integration_enabled( 'gforms' ) ) {
149
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/integrations/gravity-forms/gravity-forms.php';
150
  }
151
 
152
- if ( wpzerospam_plugin_integration_enabled( 'ninja_forms' ) ) {
153
- require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/integrations/ninja-forms/ninja-forms.php';
154
- }
155
-
156
  if ( wpzerospam_plugin_integration_enabled( 'bp_registrations' ) ) {
157
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/integrations/buddypress/buddypress.php';
158
  }
13
  * Plugin Name: WordPress Zero Spam
14
  * Plugin URI: https://benmarshall.me/wordpress-zero-spam
15
  * Description: Tired of all the useless and bloated WordPress spam plugins? The WordPress Zero Spam plugin makes blocking spam a cinch. <strong>Just install, activate and say goodbye to spam.</strong> Based on work by <a href="http://davidwalsh.name/wordpress-comment-spam" target="_blank">David Walsh</a>.
16
+ * Version: 4.9.2
17
  * Requires at least: 5.2
18
  * Requires PHP: 7.2
19
  * Author: Ben Marshall
31
  // Define plugin constants
32
  define( 'WORDPRESS_ZERO_SPAM', __FILE__ );
33
  define( 'WORDPRESS_ZERO_SPAM_DB_VERSION', '0.2' );
34
+ define( 'WORDPRESS_ZERO_SPAM_VERSION', '4.9.2' );
35
 
36
  /**
37
  * Helpers
94
  dbDelta( $sql );
95
 
96
  if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $blocked_table ) ) === $blocked_table ) {
97
+ $wpdb->query( "DELETE t1 FROM $blocked_table AS t1 JOIN $blocked_table AS t2 ON t2.blocked_id = t1.blocked_id WHERE t1.blocked_id < t2.blocked_id AND t1.user_ip = t2.user_ip" );
98
 
99
  $wpdb->query( "ALTER TABLE $blocked_table ADD UNIQUE `user_ip` (`user_ip`(39));" );
100
  }
101
 
102
  if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $blacklist_table ) ) === $blacklist_table ) {
103
+ $wpdb->query( "DELETE t1 FROM $blacklist_table AS t1 JOIN $blacklist_table AS t2 ON t2.blacklist_id = t1.blacklist_id WHERE t1.blacklist_id < t2.blacklist_id AND t1.user_ip = t2.user_ip" );
104
 
105
  $wpdb->query( "ALTER TABLE $blacklist_table ADD UNIQUE `user_ip` (`user_ip`(39));" );
106
  }
149
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/integrations/gravity-forms/gravity-forms.php';
150
  }
151
 
 
 
 
 
152
  if ( wpzerospam_plugin_integration_enabled( 'bp_registrations' ) ) {
153
  require plugin_dir_path( WORDPRESS_ZERO_SPAM ) . '/integrations/buddypress/buddypress.php';
154
  }