WordPress Zero Spam - Version 5.0.7

Version Description

Release Info

Developer	bmarshall511
Plugin	WordPress Zero Spam
Version	5.0.7
Comparing to
See all releases

Code changes from version 5.0.6 to 5.0.7

Files changed (25) hide show

assets/css/admin.css +9 -2
core/admin/class-admin.php +27 -0
core/admin/class-settings.php +53 -1
core/class-access.php +15 -12
core/class-cron.php +62 -0
core/class-settings.php +70 -23
core/class-utilities.php +37 -6
includes/class-autoloader.php +1 -3
includes/class-db.php +5 -14
includes/class-plugin.php +14 -52
modules/class-ipstack.php +0 -1
modules/class-stopforumspam.php +7 -6
modules/class-zerospam.php +83 -12
modules/comments/class-comments.php +46 -15
modules/contactform7/class-contactform7.php +13 -11
modules/davidwalsh/assets/js/davidwalsh.js +43 -0
modules/davidwalsh/class-davidwalsh.php +180 -0
modules/fluentforms/class-fluentforms.php +13 -11
modules/formidable/class-formidable.php +13 -11
modules/registration/class-registration.php +13 -11
modules/woocommerce/class-woocommerce.php +7 -6
modules/wpforms/class-wpforms.php +13 -11
readme.txt +12 -2
uninstall.php +4 -0
wordpress-zero-spam.php +5 -23

assets/css/admin.css CHANGED Viewed

	@@ -265,11 +265,18 @@
265	padding: 5px 0;
266	}
267





268	.zerospam-list li:last-child {

269	border-bottom: 0;
270	}
271
272	.zerospam-list li span:first-child {

273	width: 35%;
274	}
275
	@@ -279,10 +286,10 @@
279
280	.zerospam-list li span:nth-child(3) {
281	text-align: right;
282	- width: 10%;
283	}
284
285	.zerospam-list li span:nth-child(4) {
286	text-align: right;
287	- width: 20%;
288	}


265	padding: 5px 0;
266	}
267
268	+ .zerospam-list li span {
269	+ padding-left: 5px;
270	+ padding-right: 5px;
271	+ }
272	+
273	.zerospam-list li:last-child {
274	+ padding-right: 0;
275	border-bottom: 0;
276	}
277
278	.zerospam-list li span:first-child {
279	+ padding-left: 0;
280	width: 35%;
281	}
282

286
287	.zerospam-list li span:nth-child(3) {
288	text-align: right;
289	+ width: 8%;
290	}
291
292	.zerospam-list li span:nth-child(4) {
293	text-align: right;
294	+ width: 22%;
295	}

core/admin/class-admin.php CHANGED Viewed

@@ -35,6 +35,33 @@ class Admin {
             		add_filter( 'plugin_row_meta', array( $this, 'plugin_row_meta' ), 10, 2 );
             		add_filter( 'admin_footer_text', array( $this, 'admin_footer_text' ) );
             		add_action( 'admin_enqueue_scripts', array( $this, 'scripts' ) );
+            	}
             	/**


35	add_filter( 'plugin_row_meta', array( $this, 'plugin_row_meta' ), 10, 2 );
36	add_filter( 'admin_footer_text', array( $this, 'admin_footer_text' ) );
37	add_action( 'admin_enqueue_scripts', array( $this, 'scripts' ) );
38	+
39	+ // Check first-time config.
40	+ $configured = get_option( 'zerospam_configured' );
41	+ if ( ! $configured ) {
42	+ add_action( 'admin_notices', array( $this, 'not_configured_notice' ) );
43	+ }
44	+ }
45	+
46	+ /**
47	+ * Display not configured notice.
48	+ */
49	+ public function not_configured_notice() {
50	+ $message = sprintf(
51	+ wp_kses(
52	+ /* translators: %s: url */
53	+ __( 'Thanks for installing WordPress Zero Spam! Visit the <a href="%1$s">setting page</a> to configure your site\'s protection level or <a href="%2$s">click here</a> to automatically configure recommended settings.', 'zerospam' ),
54	+ array(
55	+ 'a' => array(
56	+ 'href' => array(),
57	+ ),
58	+ )
59	+ ),
60	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings' ) ),
61	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-auto-configure=1' ) )
62	+ );
63	+
64	+ add_settings_error( 'zerospam-notices', 'zerospam-configure', $message, 'info' );
65	}
66
67	/**

core/admin/class-settings.php CHANGED Viewed

@@ -28,6 +28,36 @@ class Settings {
             	public function __construct() {
             		add_action( 'admin_menu', array( $this, 'admin_menu' ) );
             		add_action( 'admin_init', array( $this, 'register_settings' ) );
+            	}
             	/**
@@ -47,6 +77,15 @@ class Settings {
             		);
+            	}
             	/**
             	 * Register settings.
+            	 *
@@ -54,7 +93,13 @@ class Settings {
             	 * @access public
             	 */
             	public function register_settings() {
-            -
            		register_setting( 'wpzerospam', 'wpzerospam' );
             		foreach ( ZeroSpam\Core\Settings::get_sections() as $key => $section ) {
             			add_settings_section(
@@ -107,6 +152,10 @@ class Settings {
             				$options['step'] = $setting['step'];
+            			}
             			if ( ! empty( $setting['field_class'] ) ) {
             				$options['field_class'] = $setting['field_class'];
+            			}
@@ -139,6 +188,9 @@ class Settings {
             	 */
             	public function settings_field( $args ) {
             		switch ( $args['type'] ) {
             			case 'textarea':
             				?>
             				<textarea


28	public function __construct() {
29	add_action( 'admin_menu', array( $this, 'admin_menu' ) );
30	add_action( 'admin_init', array( $this, 'register_settings' ) );
31	+
32	+ if ( ! empty( $_REQUEST['zerospam-auto-configure'] ) ) {
33	+ \ZeroSpam\Core\Settings::auto_configure();
34	+
35	+ wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=WordPress Zero Spam has been auto-configured to the recommended settings.' ) );
36	+ exit;
37	+ }
38	+
39	+ if ( ! empty( $_REQUEST['zerospam-regenerate-honeypot'] ) ) {
40	+ self::regenerate_honeypot();
41	+
42	+ wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=The WordPress Zero Spam honeypot ID has been successfully regenerated.' ) );
43	+ exit;
44	+ }
45	+
46	+ if ( ! empty( $_REQUEST['zerospam-msg'] ) ) {
47	+ add_action(
48	+ 'admin_notices',
49	+ function() {
50	+ add_settings_error( 'zerospam-notices', 'zerospam-msg', esc_html( $_REQUEST['zerospam-msg'] ), 'success' );
51	+ }
52	+ );
53	+ }
54	+ }
55	+
56	+ /**
57	+ * Regenerates the honeypot ID.
58	+ */
59	+ public function regenerate_honeypot() {
60	+ \ZeroSpam\Core\Utilities::get_honeypot( true );
61	}
62
63	/**

77	);
78	}
79
80	+ /**
81	+ * Validates plugin settings before save.
82	+ */
83	+ public function settings_validation( $input ) {
84	+ update_option( 'zerospam_configured', 1 );
85	+
86	+ return $input;
87	+ }
88	+
89	/**
90	* Register settings.
91	*

93	* @access public
94	*/
95	public function register_settings() {
96	+ register_setting(
97	+ 'wpzerospam',
98	+ 'wpzerospam',
99	+ array(
100	+ 'sanitize_callback' => array( $this, 'settings_validation' ),
101	+ )
102	+ );
103
104	foreach ( ZeroSpam\Core\Settings::get_sections() as $key => $section ) {
105	add_settings_section(

152	$options['step'] = $setting['step'];
153	}
154
155	+ if ( ! empty( $setting['html'] ) ) {
156	+ $options['html'] = $setting['html'];
157	+ }
158	+
159	if ( ! empty( $setting['field_class'] ) ) {
160	$options['field_class'] = $setting['field_class'];
161	}

188	*/
189	public function settings_field( $args ) {
190	switch ( $args['type'] ) {
191	+ case 'html':
192	+ echo $args['html'];
193	+ break;
194	case 'textarea':
195	?>
196	<textarea

core/class-access.php CHANGED Viewed

	@@ -61,7 +61,7 @@ class Access {
61
62	if ( ! empty( $access['details'] ) && is_array( $access['details'] ) ) {
63	if ( ! empty( $settings['share_data']['value'] ) && 'enabled' === $settings['share_data']['value'] ) {
64	- do_action( 'zerospam_share_blocked', $access~~['details']~~ );
65	}
66
67	foreach ( $access['details'] as $key => $detail ) {
	@@ -125,6 +125,7 @@ class Access {
125	$start_date = new \DateTime( $blocked_record['start_block'] );
126	}
127

128	if ( $today >= $start_date ) {
129	// Check the end date if temporary block.
130	if (
	@@ -136,21 +137,22 @@ class Access {
136	$end_date = new \DateTime( $blocked_record['end_block'] );
137
138	if ( $today < $end_date ) {
139	- $~~access_check['~~blocked'] = true;
140	- $access_check['type'] = 'blocked';
141	- $access_check['details'] = $blocked_record;
142	- $access_check['details']['failed'] = $failed;
143	}
144	}
145	} else {
146	// Permanent block.
147	- $~~access_check['~~blocked'] = true;
148	- $access_check['type'] = 'blocked';
149	- $access_check['details'] = $blocked_record;
150	- $access_check['details']['failed'] = $failed;
151	}
152	}
153







154	return $access_check;
155	}
156
	@@ -166,7 +168,7 @@ class Access {
166	);
167
168	// Attempt to get the IP address location & checked if block.
169	- $location = ~~apply_filters~~( ~~'zerospam_get_location',~~ $user_ip );
170	if ( $location ) {
171	$location_keys = array( 'country_code', 'region_code', 'city', 'zip' );
172	foreach ( $location_keys as $key => $loc ) {
	@@ -200,14 +202,15 @@ class Access {
200	*/
201	public function get_access() {
202	$settings = ZeroSpam\Core\Settings::get_settings();

203
204	$access = array(
205	'blocked' => false,
206	);
207
208	- $user_ip = ZeroSpam\Core\User::get_ip();
209	-
210	if ( $user_ip ) {


211	if ( ZeroSpam\Core\Utilities::is_whitelisted( $user_ip ) ) {
212	return $access;
213	}


61
62	if ( ! empty( $access['details'] ) && is_array( $access['details'] ) ) {
63	if ( ! empty( $settings['share_data']['value'] ) && 'enabled' === $settings['share_data']['value'] ) {
64	+ do_action( 'zerospam_share_blocked', $access );
65	}
66
67	foreach ( $access['details'] as $key => $detail ) {

125	$start_date = new \DateTime( $blocked_record['start_block'] );
126	}
127
128	+ $blocked = false;
129	if ( $today >= $start_date ) {
130	// Check the end date if temporary block.
131	if (

137	$end_date = new \DateTime( $blocked_record['end_block'] );
138
139	if ( $today < $end_date ) {
140	+ $blocked = true;



141	}
142	}
143	} else {
144	// Permanent block.
145	+ $blocked = true;



146	}
147	}
148
149	+ if ( $blocked ) {
150	+ $access_check['blocked'] = true;
151	+ $access_check['type'] = 'blocked';
152	+ $access_check['details'] = $blocked_record;
153	+ $access_check['details']['failed'] = $failed;
154	+ }
155	+
156	return $access_check;
157	}
158

168	);
169
170	// Attempt to get the IP address location & checked if block.
171	+ $location = ZeroSpam\Modules\ipstack::get_geolocation( $user_ip );
172	if ( $location ) {
173	$location_keys = array( 'country_code', 'region_code', 'city', 'zip' );
174	foreach ( $location_keys as $key => $loc ) {

202	*/
203	public function get_access() {
204	$settings = ZeroSpam\Core\Settings::get_settings();
205	+ $user_ip = ZeroSpam\Core\User::get_ip();
206
207	$access = array(
208	'blocked' => false,
209	);
210


211	if ( $user_ip ) {
212	+ $access['ip'] = $user_ip;
213	+
214	if ( ZeroSpam\Core\Utilities::is_whitelisted( $user_ip ) ) {
215	return $access;
216	}

core/class-cron.php ADDED Viewed

	@@ -0,0 +1,62 @@


1	+ <?php
2	+ /**
3	+ * Cron
4	+ *
5	+ * @package ZeroSpam
6	+ */
7	+
8	+ namespace ZeroSpam\Core;
9	+
10	+ use ZeroSpam;
11	+
12	+ // Security Note: Blocks direct access to the plugin PHP files.
13	+ defined( 'ABSPATH' ) \|\| die();
14	+
15	+ /**
16	+ * Shortcodes
17	+ */
18	+ class Cron {
19	+
20	+ /**
21	+ * Constructor
22	+ */
23	+ public function __construct() {
24	+ add_action( 'init', array( $this, 'register_cron' ) );
25	+ add_action( 'zerospam_update_blacklist_terms', array( $this, 'update_blacklist' ) );
26	+ register_deactivation_hook( ZEROSPAM, array( $this, 'deactivate_cron' ) );
27	+ }
28	+
29	+ /**
30	+ * Register cron jobs.
31	+ */
32	+ public function register_cron() {
33	+ if ( ! wp_next_scheduled( 'zerospam_update_blacklist_terms' ) ) {
34	+ wp_schedule_event( current_time( 'timestamp' ), 'weekly', 'zerospam_update_blacklist_terms' );
35	+ }
36	+ }
37	+
38	+ /**
39	+ * Updates the WP core blacklist.
40	+ */
41	+ public function update_blacklist() {
42	+ $response = wp_remote_get( 'https://raw.githubusercontent.com/splorp/wordpress-comment-blacklist/master/blacklist.txt' );
43	+
44	+ if ( ! is_wp_error( $response ) && 200 === wp_remote_retrieve_response_code( $response ) ) {
45	+ update_option( 'disallowed_keys', wp_remote_retrieve_body( $response ) );
46	+ }
47	+ }
48	+
49	+ /**
50	+ * Processes the blocked log.
51	+ */
52	+ public function process_blocked() {
53	+ ZeroSpam\Core\Log::process_log();
54	+ }
55	+
56	+ /**
57	+ * Deactivates cron.
58	+ */
59	+ public function deactivate_cron() {
60	+ wp_clear_scheduled_hook( 'zerospam_update_blacklist_terms' );
61	+ }
62	+ }

core/class-settings.php CHANGED Viewed

	@@ -58,6 +58,26 @@ class Settings {
58	return apply_filters( 'zerospam_setting_sections', self::$sections );
59	}
60




















61	/**
62	* Returns the plugin settings.
63	*
	@@ -68,10 +88,10 @@ class Settings {
68	$options = get_option( 'wpzerospam' );
69
70	self::$settings['share_data'] = array(
71	- 'title' => __( 'Usage Data Sharing', 'zerospam' ),
72	- 'section' => 'general',
73	- 'type' => 'checkbox',
74	- 'options' => array(
75	'enabled' => sprintf(
76	wp_kses(
77	/* translators: %s: url */
	@@ -87,7 +107,8 @@ class Settings {
87	esc_url( 'https://github.com/bmarshall511/wordpress-zero-spam/wiki/FAQ#what-data-is-shared-when-usage-data-sharing-is-enabled' )
88	),
89	),
90	- 'value' => ! empty( $options['share_data'] ) ? $options['share_data'] : false,

91	);
92
93	self::$settings['block_handler'] = array(
	@@ -111,12 +132,13 @@ class Settings {
111	)
112	),
113	esc_url( 'https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403' )
114	- )
115	),
116	'value' => ! empty( $options['block_handler'] ) ? $options['block_handler'] : 403,
117	);
118
119	- $message = __( 'Your IP address has been blocked by WordPress Zero Spam due to detected spam/malicious activity.', 'zerospam' );

120	self::$settings['blocked_message'] = array(
121	'title' => __( 'Blocked Message', 'zerospam' ),
122	'desc' => __( 'The message displayed to blocked users when \'Display a 403 Forbidden error\' is selected.', 'zerospam' ),
	@@ -138,14 +160,15 @@ class Settings {
138	);
139
140	self::$settings['log_blocked_ips'] = array(
141	- 'title' => __( 'Log Blocked IPs', 'zerospam' ),
142	- 'section' => 'general',
143	- 'type' => 'checkbox',
144	- 'desc' => __( 'Enables logging IPs that are blocked from accessing the site.', 'zerospam' ),
145	- 'options' => array(
146	'enabled' => __( 'Enabled', 'zerospam' ),
147	),
148	- 'value' => ! empty( $options['log_blocked_ips'] ) ? $options['log_blocked_ips'] : false,

149	);
150
151	self::$settings['max_logs'] = array(
	@@ -179,16 +202,40 @@ class Settings {
179	'value' => ! empty( $options['debug'] ) ? $options['debug'] : false,
180	);
181
182	- ~~if ( 'enabled' ===~~ self::$settings['~~debug~~']~~['value']~~ ) {
183	- ~~self::$settings[~~'~~debug_ip~~'] = ~~array(~~
184	- '~~title~~' => __( ~~'Debug IP', 'zerospam' ),~~
185	- ~~'desc' =>~~ ~~__(~~ ~~'Mock~~ a ~~IP address for debugging.', 'zerospam' ),~~
186	- '~~section~~' => '~~debug~~',
187	- ~~'type' => 'text',~~
188	- '~~placeholder~~' => ~~'127.0.0.1'~~,
189	- ~~'value' => ! empty( $options['debug_ip']~~ ) ~~? $options['debug_ip'] : false,~~
190	- );
191	- }
























192
193	$settings = apply_filters( 'zerospam_settings', self::$settings );
194


58	return apply_filters( 'zerospam_setting_sections', self::$sections );
59	}
60
61	+ /**
62	+ * Configures the plugin's recommended settings.
63	+ */
64	+ public function auto_configure() {
65	+ $settings = \ZeroSpam\Core\Settings::get_settings();
66	+
67	+ $recommended_settings = array();
68	+ foreach ( $settings as $key => $setting ) {
69	+ $recommended_settings[ $key ] = $setting['value'];
70	+ if ( isset( $setting['recommended'] ) ) {
71	+ $recommended_settings[ $key ] = $setting['recommended'];
72	+ }
73	+ }
74	+
75	+ if ( $recommended_settings ) {
76	+ update_option( 'wpzerospam', $recommended_settings );
77	+ update_option( 'zerospam_configured', 1 );
78	+ }
79	+ }
80	+
81	/**
82	* Returns the plugin settings.
83	*

88	$options = get_option( 'wpzerospam' );
89
90	self::$settings['share_data'] = array(
91	+ 'title' => __( 'Usage Data Sharing', 'zerospam' ),
92	+ 'section' => 'general',
93	+ 'type' => 'checkbox',
94	+ 'options' => array(
95	'enabled' => sprintf(
96	wp_kses(
97	/* translators: %s: url */

107	esc_url( 'https://github.com/bmarshall511/wordpress-zero-spam/wiki/FAQ#what-data-is-shared-when-usage-data-sharing-is-enabled' )
108	),
109	),
110	+ 'value' => ! empty( $options['share_data'] ) ? $options['share_data'] : false,
111	+ 'recommended' => 'enabled',
112	);
113
114	self::$settings['block_handler'] = array(

132	)
133	),
134	esc_url( 'https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403' )
135	+ ),
136	),
137	'value' => ! empty( $options['block_handler'] ) ? $options['block_handler'] : 403,
138	);
139
140	+ $message = __( 'Your IP address has been blocked by WordPress Zero Spam due to detected spam/malicious activity.', 'zerospam' );
141	+
142	self::$settings['blocked_message'] = array(
143	'title' => __( 'Blocked Message', 'zerospam' ),
144	'desc' => __( 'The message displayed to blocked users when \'Display a 403 Forbidden error\' is selected.', 'zerospam' ),

160	);
161
162	self::$settings['log_blocked_ips'] = array(
163	+ 'title' => __( 'Log Blocked IPs', 'zerospam' ),
164	+ 'section' => 'general',
165	+ 'type' => 'checkbox',
166	+ 'desc' => __( 'Enables logging IPs that are blocked from accessing the site.', 'zerospam' ),
167	+ 'options' => array(
168	'enabled' => __( 'Enabled', 'zerospam' ),
169	),
170	+ 'value' => ! empty( $options['log_blocked_ips'] ) ? $options['log_blocked_ips'] : false,
171	+ 'recommended' => 'enabled',
172	);
173
174	self::$settings['max_logs'] = array(

202	'value' => ! empty( $options['debug'] ) ? $options['debug'] : false,
203	);
204
205	+ self::$settings['debug_ip'] = array(
206	+ 'title' => __( 'Debug IP', 'zerospam' ),
207	+ 'desc' => wp_kses(
208	+ /* translators: %s: url */
209	+ __( 'Mock a IP address for debugging. <strong>WARNING: This overrides all visitor IP addresses and while enabled could block legit visitors from accessing the site.</strong>', 'zerospam' ),
210	+ array(
211	+ 'strong' => array(),
212	+ )
213	+ ),
214	+ 'section' => 'debug',
215	+ 'type' => 'text',
216	+ 'placeholder' => '127.0.0.1',
217	+ 'value' => ! empty( $options['debug_ip'] ) ? $options['debug_ip'] : false,
218	+ );
219	+
220	+ self::$settings['regenerate_honeypot'] = array(
221	+ 'title' => __( 'Regenerate Honeypot ID', 'zerospam' ),
222	+ 'desc' => __( 'Helpful if spam is getting through. Current honeypot ID: <code>' . \ZeroSpam\Core\Utilities::get_honeypot() . '</code>', 'zerospam' ),
223	+ 'section' => 'general',
224	+ 'type' => 'html',
225	+ 'html' => sprintf(
226	+ wp_kses(
227	+ /* translators: %s: url */
228	+ __( '<a href="%s" class="button button-primary">Regenerate Honeypot ID</a>', 'zerospam' ),
229	+ array(
230	+ 'a' => array(
231	+ 'href' => array(),
232	+ 'class' => array(),
233	+ ),
234	+ )
235	+ ),
236	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-regenerate-honeypot=1' ) )
237	+ ),
238	+ );
239
240	$settings = apply_filters( 'zerospam_settings', self::$settings );
241

core/class-utilities.php CHANGED Viewed

@@ -1,6 +1,6 @@
             <?php
             /**
-            -
             * Utilities class.
+             *
              * @package ZeroSpam
              */
@@ -13,12 +13,43 @@ use ZeroSpam;
             defined( 'ABSPATH' ) || die();
             /**
-            -
             * Utilities.
-            -
             *
-            -
             * @since 5.0.0
              */
             class Utilities {
             	/**
             	 * Returns the default detection meta title.
+            	 *
@@ -336,9 +367,9 @@ class Utilities {
+            	 *
             	 * @return string A unique key used for the 'honeypot' field.
             	 */
-            -
            	public static function get_honeypot() {
             		$key = get_option( 'wpzerospam_honeypot' );
-            -
            		if ( ! $key ) {
             			$key = wp_generate_password( 5, false, false );
             			update_option( 'wpzerospam_honeypot', $key );
+            		}


1	<?php
2	/**
3	+ * Utilities class
4	*
5	* @package ZeroSpam
6	*/

13	defined( 'ABSPATH' ) \|\| die();
14
15	/**
16	+ * Utilities


17	*/
18	class Utilities {
19
20	+ /**
21	+ * Validates submitted data agaisnt the WP core disallowed list.
22	+ */
23	+ public static function is_disallowed( $content ) {
24	+ $disallowed_keys = trim( get_option( 'disallowed_keys' ) );
25	+ if ( empty( $disallowed_keys ) ) {
26	+ return false;
27	+ }
28	+
29	+ $disallowed_words = explode( "\n", $disallowed_keys );
30	+
31	+ // Ensure HTML tags are not being used to bypass the list of disallowed characters and words.
32	+ $content = wp_strip_all_tags( $content );
33	+
34	+ foreach ( (array) $disallowed_words as $word ) {
35	+ $word = trim( $word );
36	+
37	+ if ( empty( $word ) ) {
38	+ continue;
39	+ }
40	+
41	+ // Do some escaping magic so that '#' chars in the spam words don't break things.
42	+ $word = preg_quote( $word, '#' );
43	+
44	+ $pattern = "#$word#i";
45	+ if ( preg_match( $pattern, $content ) ) {
46	+ return true;
47	+ }
48	+ }
49	+
50	+ return false;
51	+ }
52	+
53	/**
54	* Returns the default detection meta title.
55	*

367	*
368	* @return string A unique key used for the 'honeypot' field.
369	*/
370	+ public static function get_honeypot( $regenerate = false ) {
371	$key = get_option( 'wpzerospam_honeypot' );
372	+ if ( ! $key \|\| $regenerate ) {
373	$key = wp_generate_password( 5, false, false );
374	update_option( 'wpzerospam_honeypot', $key );
375	}

includes/class-autoloader.php CHANGED Viewed

	@@ -11,12 +11,10 @@ namespace ZeroSpam;
11	defined( 'ABSPATH' ) \|\| die();
12
13	/**
14	- * WordPress Zero Spam autoloader.
15	*
16	* WordPress Zero Spam autoloader handler class is responsible for loading the
17	* different classes needed to run the plugin.
18	- *
19	- * @since 5.0.0
20	*/
21	class Autoloader {
22


11	defined( 'ABSPATH' ) \|\| die();
12
13	/**
14	+ * WordPress Zero Spam autoloader
15	*
16	* WordPress Zero Spam autoloader handler class is responsible for loading the
17	* different classes needed to run the plugin.


18	*/
19	class Autoloader {
20

includes/class-db.php CHANGED Viewed

	@@ -22,15 +22,10 @@ class DB {
22	/**
23	* Current DB version.
24	*/
25	- const DB_VERSION = '0.7';
26
27	/**
28	* DB tables.
29	- *
30	- * @since 5.0.0
31	- * @access public
32	- *
33	- * @var Assets_Manager
34	*/
35	public static $tables = array(
36	'log' => 'wpzerospam_log',
	@@ -49,17 +44,13 @@ class DB {
49	}
50
51	/**
52	- * Installs & updates the DB tables.
53	- *
54	- * @since 5.0.0
55	- * @access public
56	*/
57	public function update() {
58	if ( self::DB_VERSION !== get_site_option( 'zerospam_db_version' ) ) {
59	global $wpdb;
60
61	- $charset_collate = $wpdb->get_charset_collate();
62	- $installed_db_version = get_option( 'zerospam_db_version' );
63
64	$sql = 'CREATE TABLE ' . $wpdb->prefix . self::$tables['log'] . " (
65	log_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
	@@ -76,7 +67,7 @@ class DB {
76	zip VARCHAR(10) NULL DEFAULT NULL,
77	latitude VARCHAR(255) NULL DEFAULT NULL,
78	longitude VARCHAR(255) NULL DEFAULT NULL,
79	- PRIMARY KEY (`log_id`)) $charset_collate;";
80
81	$sql .= 'CREATE TABLE ' . $wpdb->prefix . self::$tables['blocked'] . " (
82	blocked_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
	@@ -88,7 +79,7 @@ class DB {
88	start_block DATETIME NULL DEFAULT NULL,
89	end_block DATETIME NULL DEFAULT NULL,
90	reason VARCHAR(255) NULL DEFAULT NULL,
91	- PRIMARY KEY (`blocked_id`)) $charset_collate;";
92
93	require_once ABSPATH . 'wp-admin/includes/upgrade.php';
94	dbDelta( $sql );


22	/**
23	* Current DB version.
24	*/
25	+ const DB_VERSION = '0.8';
26
27	/**
28	* DB tables.





29	*/
30	public static $tables = array(
31	'log' => 'wpzerospam_log',

44	}
45
46	/**
47	+ * Installs & updates the DB tables



48	*/
49	public function update() {
50	if ( self::DB_VERSION !== get_site_option( 'zerospam_db_version' ) ) {
51	global $wpdb;
52
53	+ $charset_collate = $wpdb->get_charset_collate();

54
55	$sql = 'CREATE TABLE ' . $wpdb->prefix . self::$tables['log'] . " (
56	log_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,

67	zip VARCHAR(10) NULL DEFAULT NULL,
68	latitude VARCHAR(255) NULL DEFAULT NULL,
69	longitude VARCHAR(255) NULL DEFAULT NULL,
70	+ PRIMARY KEY (log_id)) $charset_collate;";
71
72	$sql .= 'CREATE TABLE ' . $wpdb->prefix . self::$tables['blocked'] . " (
73	blocked_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,

79	start_block DATETIME NULL DEFAULT NULL,
80	end_block DATETIME NULL DEFAULT NULL,
81	reason VARCHAR(255) NULL DEFAULT NULL,
82	+ PRIMARY KEY (blocked_id)) $charset_collate;";
83
84	require_once ABSPATH . 'wp-admin/includes/upgrade.php';
85	dbDelta( $sql );

includes/class-plugin.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2	/**
3	- * Main plugin class.
4	*
5	* @package ZeroSpam
6	*/
	@@ -10,6 +10,7 @@ namespace ZeroSpam;
10	use ZeroSpam\Includes\DB;
11	use ZeroSpam\Core\Access;
12	use ZeroSpam\Core\User;

13	use ZeroSpam\Core\Admin\Admin;
14	use ZeroSpam\Modules\StopForumSpam;
15	use ZeroSpam\Modules\ipstack;
	@@ -22,40 +23,25 @@ use ZeroSpam\Modules\WooCommerce\WooCommerce;
22	use ZeroSpam\Modules\WPForms\WPForms;
23	use ZeroSpam\Modules\Formidable\Formidable;
24	use ZeroSpam\Modules\FluentForms\FluentForms;

25
26	// Security Note: Blocks direct access to the plugin PHP files.
27	defined( 'ABSPATH' ) \|\| die();
28
29	/**
30	- * WordPress Zero Spam plugin.
31	- *
32	- * The main plugin handler class is responsible for initializing WordPress Zero
33	- * Spam. The class registers and all the components required to run the plugin.
34	- *
35	- * @since 5.0.0
36	*/
37	class Plugin {
38
39	/**
40	- * Instance.
41	- *
42	- * Holds the plugin instance.
43	- *
44	- * @since 5.0.0
45	- * @access public
46	- * @static
47	*
48	* @var Plugin
49	*/
50	public static $instance = null;
51
52	/**
53	- * Plugin constructor.
54	- *
55	- * Initializing WordPress Zero Spam plugin.
56	- *
57	- * @since 5.0.0
58	- * @access private
59	*/
60	private function __construct() {
61	$this->register_autoloader();
	@@ -65,13 +51,7 @@ class Plugin {
65	}
66
67	/**
68	- * Register autoloader.
69	- *
70	- * WordPress Zero Spam autoloader loads all the classes needed to run the
71	- * plugin.
72	- *
73	- * @since 5.0.0
74	- * @access private
75	*/
76	private function register_autoloader() {
77	require_once ZEROSPAM_PATH . 'includes/class-autoloader.php';
	@@ -80,15 +60,7 @@ class Plugin {
80	}
81
82	/**
83	- * Instance.
84	- *
85	- * Ensures only one instance of the plugin class is loaded or can be loaded.
86	- *
87	- * @since 1.0.0
88	- * @access public
89	- * @static
90	- *
91	- * @return Plugin An instance of the class.
92	*/
93	public static function instance() {
94	if ( is_null( self::$instance ) ) {
	@@ -108,19 +80,13 @@ class Plugin {
108	}
109
110	/**
111	- * Init.
112	- *
113	- * Initialize WordPress Zero Spam Plugin. Checks if the current user should be
114	- * blocked.
115	- *
116	- * @since 5.0.0
117	- * @access public
118	*/
119	public function init() {
120	$this->init_components();
121
122	/**
123	- * WordPress Zero Spam init.
124	*
125	* Fires on WordPress Zero Spam init, after WordPress Zero Spam has finished
126	* loading but before any headers are sent.
	@@ -131,19 +97,18 @@ class Plugin {
131	}
132
133	/**
134	- * Init components.
135	*
136	* Initialize WordPress Zero Spam components. Register actions, initialize all
137	* the components that run WordPress Zero Spam, and if in admin page
138	* initialize admin components.
139	- *
140	- * @since 5.0.0
141	- * @access private
142	*/
143	private function init_components() {
144	new DB();

145	new Registration();
146	new Comments();

147
148	include_once ABSPATH . 'wp-admin/includes/plugin.php';
149
	@@ -188,10 +153,7 @@ class Plugin {
188	}
189
190	/**
191	- * Add to the types array.
192	- *
193	- * @since 5.0.0
194	- * @access public
195	*/
196	public function types( $types ) {
197	$types['blocked'] = __( 'Blocked', 'zerospam' );


1	<?php
2	/**
3	+ * Main plugin class
4	*
5	* @package ZeroSpam
6	*/

10	use ZeroSpam\Includes\DB;
11	use ZeroSpam\Core\Access;
12	use ZeroSpam\Core\User;
13	+ use ZeroSpam\Core\Cron;
14	use ZeroSpam\Core\Admin\Admin;
15	use ZeroSpam\Modules\StopForumSpam;
16	use ZeroSpam\Modules\ipstack;

23	use ZeroSpam\Modules\WPForms\WPForms;
24	use ZeroSpam\Modules\Formidable\Formidable;
25	use ZeroSpam\Modules\FluentForms\FluentForms;
26	+ use ZeroSpam\Modules\DavidWalsh\DavidWalsh;
27
28	// Security Note: Blocks direct access to the plugin PHP files.
29	defined( 'ABSPATH' ) \|\| die();
30
31	/**
32	+ * WordPress Zero Spam plugin





33	*/
34	class Plugin {
35
36	/**
37	+ * Instance






38	*
39	* @var Plugin
40	*/
41	public static $instance = null;
42
43	/**
44	+ * Plugin constructor





45	*/
46	private function __construct() {
47	$this->register_autoloader();

51	}
52
53	/**
54	+ * Register autoloader






55	*/
56	private function register_autoloader() {
57	require_once ZEROSPAM_PATH . 'includes/class-autoloader.php';

60	}
61
62	/**
63	+ * Instance








64	*/
65	public static function instance() {
66	if ( is_null( self::$instance ) ) {

80	}
81
82	/**
83	+ * Init






84	*/
85	public function init() {
86	$this->init_components();
87
88	/**
89	+ * WordPress Zero Spam init
90	*
91	* Fires on WordPress Zero Spam init, after WordPress Zero Spam has finished
92	* loading but before any headers are sent.

97	}
98
99	/**
100	+ * Init components
101	*
102	* Initialize WordPress Zero Spam components. Register actions, initialize all
103	* the components that run WordPress Zero Spam, and if in admin page
104	* initialize admin components.



105	*/
106	private function init_components() {
107	new DB();
108	+ new Cron();
109	new Registration();
110	new Comments();
111	+ new DavidWalsh();
112
113	include_once ABSPATH . 'wp-admin/includes/plugin.php';
114

153	}
154
155	/**
156	+ * Add to the types array



157	*/
158	public function types( $types ) {
159	$types['blocked'] = __( 'Blocked', 'zerospam' );

modules/class-ipstack.php CHANGED Viewed

	@@ -28,7 +28,6 @@ class ipstack {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	add_filter( 'zerospam_settings', array( $this, 'settings' ) );
30	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );
31	- add_filter( 'zerospam_get_location', array( $this, 'get_geolocation' ), 10, 1 );
32	}
33
34	/**


28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	add_filter( 'zerospam_settings', array( $this, 'settings' ) );
30	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );

31	}
32
33	/**

modules/class-stopforumspam.php CHANGED Viewed

	@@ -59,13 +59,13 @@ class StopForumSpam {
59	$options = get_option( 'wpzerospam' );
60
61	$settings['stop_forum_spam'] = array(
62	- 'title' => __( 'Stop Forum Spam', 'zerospam' ),
63	- 'section' => 'stop_forum_spam',
64	- 'type' => 'checkbox',
65	- 'options' => array(
66	'enabled' => __( 'Enabled', 'zerospam' ),
67	),
68	- 'desc' => sprintf(
69	wp_kses(
70	__( 'Checks user IPs against <a href="%s" target="_blank" rel="noopener noreferrer">Stop Forum Spam</a>\'s blacklist.', 'zerospam' ),
71	array(
	@@ -79,7 +79,8 @@ class StopForumSpam {
79	),
80	esc_url( 'https://www.stopforumspam.com/#utm_source=wordpresszerospam&utm_medium=admin_link&utm_campaign=wordpresszerospam' )
81	),
82	- 'value' => ! empty( $options['stop_forum_spam'] ) ? $options['stop_forum_spam'] : false,

83	);
84
85	$settings['stop_forum_spam_timeout'] = array(


59	$options = get_option( 'wpzerospam' );
60
61	$settings['stop_forum_spam'] = array(
62	+ 'title' => __( 'Stop Forum Spam', 'zerospam' ),
63	+ 'section' => 'stop_forum_spam',
64	+ 'type' => 'checkbox',
65	+ 'options' => array(
66	'enabled' => __( 'Enabled', 'zerospam' ),
67	),
68	+ 'desc' => sprintf(
69	wp_kses(
70	__( 'Checks user IPs against <a href="%s" target="_blank" rel="noopener noreferrer">Stop Forum Spam</a>\'s blacklist.', 'zerospam' ),
71	array(

79	),
80	esc_url( 'https://www.stopforumspam.com/#utm_source=wordpresszerospam&utm_medium=admin_link&utm_campaign=wordpresszerospam' )
81	),
82	+ 'value' => ! empty( $options['stop_forum_spam'] ) ? $options['stop_forum_spam'] : false,
83	+ 'recommended' => 'enabled',
84	);
85
86	$settings['stop_forum_spam_timeout'] = array(

modules/class-zerospam.php CHANGED Viewed

@@ -1,6 +1,6 @@
             <?php
             /**
-            -
             * Zero Spam class.
+             *
              * @package ZeroSpam
              */
@@ -13,28 +13,99 @@ use ZeroSpam;
             defined( 'ABSPATH' ) || die();
             /**
-            -
             * Zero Spam.
-            -
             *
-            -
             * @since 5.0.0
              */
             class Zero_Spam {
             	/**
-            -
            	 * Zero Spam constructor.
-            -
            	 *
-            -
            	 * @since 5.0.0
-            -
            	 * @access public
             	 */
             	public function __construct() {
             		add_action( 'zerospam_share_blocked', array( $this, 'share_blocked' ), 10, 1 );
+            	}
             	/**
-            -
            	 * Share blocked.
+            	 *
-            -
            	 * @since 5.0.0
-            -
            	 * @access public
             	 */
-            -
            	public function share_blocked( $details ) {
+            	}
+            }


1	<?php
2	/**
3	+ * Zero Spam class
4	*
5	* @package ZeroSpam
6	*/

13	defined( 'ABSPATH' ) \|\| die();
14
15	/**
16	+ * Zero Spam


17	*/
18	class Zero_Spam {
19	+
20	/**
21	+ * The zerospam.org API endpoint
22	+ */
23	+ const API_ENDPOINT = 'https://www.zerospam.org/wp-json/zerospam/v1/';
24	+
25	+ /**
26	+ * Constructor
27	*/
28	public function __construct() {
29	+ // Fires when a user is blocked from accessing the site.
30	add_action( 'zerospam_share_blocked', array( $this, 'share_blocked' ), 10, 1 );
31	}
32
33	/**
34	+ * Share blocked details with zerospam.org
35	*
36	+ * @param array $access Contains all access details.

37	*/
38	+ public function share_blocked( $access ) {
39	+ $endpoint = self::API_ENDPOINT . 'add-blocked/';
40	+
41	+ // Only send details if the user was blocked.
42	+ if ( empty( $access['blocked'] ) ) {
43	+ return false;
44	+ }
45	+
46	+ $api_data = array( 'checks' => array() );
47	+ $ip = ! empty( $access['ip'] ) ? $access['ip'] : false;
48	+ $details = ! empty( $access['details'] ) ? $access['details'] : false;
49	+
50	+ // Require an IP address.
51	+ if ( ! $ip ) {
52	+ return false;
53	+ }
54	+
55	+ $api_data['user_ip'] = $ip;
56	+
57	+ // Attempt to get the geolocation information.
58	+ $api_data['location'] = ZeroSpam\Modules\ipstack::get_geolocation( $ip );
59	+
60	+ // Only send $details that were blocked.
61	+ if ( $details && is_array( $details ) ) {
62	+ foreach ( $details as $check_key => $check_details ) {
63	+ if (
64	+ ! empty( $check_details['blocked'] ) &&
65	+ ! empty( $check_details['type'] )
66	+ ) {
67	+ // User didn't pass the $check_key check.
68	+ $api_data['checks'][ $check_key ] = array(
69	+ 'type' => $check_details['type'],
70	+ );
71	+
72	+ // Add additional details if available.
73	+ if ( ! empty( $check_details['details'] && is_array( $check_details['details'] ) ) ) {
74	+ $details_data = $check_details['details'];
75	+
76	+ // Add country if not already set and available.
77	+ if (
78	+ empty( $api_data['location']['country_code'] ) &&
79	+ ! empty( $details_data['country'] ) &&
80	+ 2 === strlen( $details_data['country'] )
81	+ ) {
82	+ $api_data['location']['country_code'] = $details_data['country'];
83	+ }
84	+ }
85	+ }
86	+ }
87	+ }
88	+
89	+ // Only query the API if there's data to be sent.
90	+ if ( ! empty( $api_data['checks'] ) ) {
91	+ // Add site details.
92	+ $api_data['site_url'] = site_url();
93	+ $api_data['admin_email'] = get_bloginfo( 'admin_email' );
94	+ $api_data['wp_version'] = get_bloginfo( 'version' );
95	+ $api_data['site_name'] = get_bloginfo( 'name' );
96	+ $api_data['site_desc'] = get_bloginfo( 'description' );
97	+ $api_data['site_language'] = get_bloginfo( 'language' );
98	+ $api_data['plugin_version'] = ZEROSPAM_VERSION;
99	+
100	+ // Send the data to zerospam.org.
101	+ $args = array(
102	+ 'body' => $api_data,
103	+ );
104
105	+ $response = wp_remote_post( $endpoint, $args );
106	+ if ( ! is_wp_error( $response ) ) {
107	+ wp_remote_retrieve_body( $response );
108	+ }
109	+ }
110	}
111	}

modules/comments/class-comments.php CHANGED Viewed

	@@ -28,6 +28,7 @@ class Comments {
28	if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'verify_comments' ) && ZeroSpam\Core\Access::process() ) {
29	add_filter( 'comment_form_defaults', array( $this, 'honeypot' ) );
30	add_action( 'preprocess_comment', array( $this, 'preprocess_comments' ) );

31	}
32	}
33
	@@ -48,14 +49,44 @@ class Comments {
48	* @param array $commentdata Comment data array.
49	*/
50	public function preprocess_comments( $commentdata ) {
51	- $~~settings~~ = ~~ZeroSpam\Core\Settings::get_settings()~~;


52
53	// Check honeypot.
54	// @codingStandardsIgnoreLine
55	if ( ! empty( $_REQUEST[ ZeroSpam\Core\Utilities::get_honeypot() ] ) ) {




























56	if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
57	$details = array(
58	- 'failed' => ~~'honeypot'~~,
59	);
60	$details = array_merge( $details, $commentdata );
61	ZeroSpam\Includes\DB::log( 'comment', $details );
	@@ -82,8 +113,6 @@ class Comments {
82	);
83	}
84
85	- $commentdata = apply_filters( 'zerospam_preprocess_comment', $commentdata );
86	-
87	return apply_filters( 'zerospam_preprocess_comment', $commentdata );
88	}
89
	@@ -120,13 +149,14 @@ class Comments {
120	$options = get_option( 'wpzerospam' );
121
122	$settings['verify_comments'] = array(
123	- 'title' => __( 'Protect Comments', 'zerospam' ),
124	- 'section' => 'comments',
125	- 'type' => 'checkbox',
126	- 'options' => array(
127	'enabled' => __( 'Monitor comments for malicious or automated spambots.', 'zerospam' ),
128	),
129	- 'value' => ! empty( $options['verify_comments'] ) ? $options['verify_comments'] : false,

130	);
131
132	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -142,17 +172,18 @@ class Comments {
142	);
143
144	$settings['log_blocked_comments'] = array(
145	- 'title' => __( 'Log Blocked Comments', 'zerospam' ),
146	- 'section' => 'comments',
147	- 'type' => 'checkbox',
148	- 'desc' => wp_kses(
149	__( 'Enables logging blocked comments. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
150	array( 'strong' => array() )
151	),
152	- 'options' => array(
153	'enabled' => __( 'Enabled', 'zerospam' ),
154	),
155	- 'value' => ! empty( $options['log_blocked_comments'] ) ? $options['log_blocked_comments'] : false,

156	);
157
158	return $settings;


28	if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'verify_comments' ) && ZeroSpam\Core\Access::process() ) {
29	add_filter( 'comment_form_defaults', array( $this, 'honeypot' ) );
30	add_action( 'preprocess_comment', array( $this, 'preprocess_comments' ) );
31	+ add_action( 'comment_form_before_fields', array( $this, 'enqueue_davidwalsh' ) );
32	}
33	}
34

49	* @param array $commentdata Comment data array.
50	*/
51	public function preprocess_comments( $commentdata ) {
52	+ $block_user = false;
53	+ $block_type = false;
54	+ $settings = ZeroSpam\Core\Settings::get_settings();
55
56	// Check honeypot.
57	// @codingStandardsIgnoreLine
58	if ( ! empty( $_REQUEST[ ZeroSpam\Core\Utilities::get_honeypot() ] ) ) {
59	+ $block_user = true;
60	+ $block_type = 'honeypot';
61	+ }
62	+
63	+ // Check comment disallowed list.
64	+ $disallowed_check = array(
65	+ 'author' => ! empty( $commentdata['comment_author'] ) ? $commentdata['comment_author'] : false,
66	+ 'email' => ! empty( $commentdata['comment_author_email'] ) ? $commentdata['comment_author_email'] : false,
67	+ 'url' => ! empty( $commentdata['comment_author_url'] ) ? $commentdata['comment_author_url'] : false,
68	+ 'content' => ! empty( $commentdata['comment_content'] ) ? $commentdata['comment_content'] : false,
69	+ 'ip' => \ZeroSpam\Core\User::get_ip(),
70	+ 'agent' => ! empty( $commentdata['comment_agent'] ) ? $commentdata['comment_agent'] : false,
71	+ );
72	+
73	+ if ( wp_check_comment_disallowed_list(
74	+ $disallowed_check['author'],
75	+ $disallowed_check['email'],
76	+ $disallowed_check['url'],
77	+ $disallowed_check['content'],
78	+ $disallowed_check['ip'],
79	+ $disallowed_check['agent'],
80	+ ) ) {
81	+ $block_user = true;
82	+ $block_type = 'disallowed_list';
83	+ }
84	+
85	+ if ( $block_user && $block_type ) {
86	+ // Log if enabled.
87	if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
88	$details = array(
89	+ 'failed' => $block_type,
90	);
91	$details = array_merge( $details, $commentdata );
92	ZeroSpam\Includes\DB::log( 'comment', $details );

113	);
114	}
115


116	return apply_filters( 'zerospam_preprocess_comment', $commentdata );
117	}
118

149	$options = get_option( 'wpzerospam' );
150
151	$settings['verify_comments'] = array(
152	+ 'title' => __( 'Protect Comments', 'zerospam' ),
153	+ 'section' => 'comments',
154	+ 'type' => 'checkbox',
155	+ 'options' => array(
156	'enabled' => __( 'Monitor comments for malicious or automated spambots.', 'zerospam' ),
157	),
158	+ 'value' => ! empty( $options['verify_comments'] ) ? $options['verify_comments'] : false,
159	+ 'recommended' => 'enabled',
160	);
161
162	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

172	);
173
174	$settings['log_blocked_comments'] = array(
175	+ 'title' => __( 'Log Blocked Comments', 'zerospam' ),
176	+ 'section' => 'comments',
177	+ 'type' => 'checkbox',
178	+ 'desc' => wp_kses(
179	__( 'Enables logging blocked comments. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
180	array( 'strong' => array() )
181	),
182	+ 'options' => array(
183	'enabled' => __( 'Enabled', 'zerospam' ),
184	),
185	+ 'value' => ! empty( $options['log_blocked_comments'] ) ? $options['log_blocked_comments'] : false,
186	+ 'recommended' => 'enabled',
187	);
188
189	return $settings;

modules/contactform7/class-contactform7.php CHANGED Viewed

	@@ -99,13 +99,14 @@ class ContactForm7 {
99	$options = get_option( 'wpzerospam' );
100
101	$settings['verify_contactform7'] = array(
102	- 'title' => __( 'Protect CF7 Submissions', 'zerospam' ),
103	- 'section' => 'contactform7',
104	- 'type' => 'checkbox',
105	- 'options' => array(
106	'enabled' => __( 'Monitor CF7 submissions for malicious or automated spambots.', 'zerospam' ),
107	),
108	- 'value' => ! empty( $options['verify_contactform7'] ) ? $options['verify_contactform7'] : false,

109	);
110
111	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -121,17 +122,18 @@ class ContactForm7 {
121	);
122
123	$settings['log_blocked_contactform7'] = array(
124	- 'title' => __( 'Log Blocked CF7 Submissions', 'zerospam' ),
125	- 'section' => 'contactform7',
126	- 'type' => 'checkbox',
127	- 'desc' => wp_kses(
128	__( 'Enables logging blocked CF7 submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
129	array( 'strong' => array() )
130	),
131	- 'options' => array(
132	'enabled' => __( 'Enabled', 'zerospam' ),
133	),
134	- 'value' => ! empty( $options['log_blocked_contactform7'] ) ? $options['log_blocked_contactform7'] : false,

135	);
136
137	return $settings;


99	$options = get_option( 'wpzerospam' );
100
101	$settings['verify_contactform7'] = array(
102	+ 'title' => __( 'Protect CF7 Submissions', 'zerospam' ),
103	+ 'section' => 'contactform7',
104	+ 'type' => 'checkbox',
105	+ 'options' => array(
106	'enabled' => __( 'Monitor CF7 submissions for malicious or automated spambots.', 'zerospam' ),
107	),
108	+ 'value' => ! empty( $options['verify_contactform7'] ) ? $options['verify_contactform7'] : false,
109	+ 'recommended' => 'enabled',
110	);
111
112	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

122	);
123
124	$settings['log_blocked_contactform7'] = array(
125	+ 'title' => __( 'Log Blocked CF7 Submissions', 'zerospam' ),
126	+ 'section' => 'contactform7',
127	+ 'type' => 'checkbox',
128	+ 'desc' => wp_kses(
129	__( 'Enables logging blocked CF7 submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
130	array( 'strong' => array() )
131	),
132	+ 'options' => array(
133	'enabled' => __( 'Enabled', 'zerospam' ),
134	),
135	+ 'value' => ! empty( $options['log_blocked_contactform7'] ) ? $options['log_blocked_contactform7'] : false,
136	+ 'recommended' => 'enabled',
137	);
138
139	return $settings;

modules/davidwalsh/assets/js/davidwalsh.js ADDED Viewed

	@@ -0,0 +1,43 @@


1	+ /**
2	+ * WordPress Zero Spam David Walsh jQuery plugin.
3	+ *
4	+ * Handles adding the required functionality for spam detections.
5	+ */
6	+ (function ($) {
7	+ $.fn.ZeroSpamDavidWalsh = function () {
8	+ // Check if the required WPZS key is defined.
9	+ if (typeof ZeroSpamDavidWalsh.key == "undefined") {
10	+ return this;
11	+ }
12	+
13	+ // Check if the element is on the page.
14	+ if (!this.length) {
15	+ return this;
16	+ }
17	+
18	+ // Add an attribute to the element to show its been initialized by WPZS.
19	+ this.attr("data-zerospam-davidwalsh", "protected");
20	+
21	+ // Check if the WPZS hidden input already exists.
22	+ if ($('[name="zerospam_david_walsh_key"]', this).length) {
23	+ // Hidden input already exists, update its value.
24	+ $('[name="zerospam_david_walsh_key"]', this).val(ZeroSpamDavidWalsh.key);
25	+ } else {
26	+ // Hidden input isn't present, add it.
27	+ $(
28	+ '<input type="hidden" name="zerospam_david_walsh_key" value="' +
29	+ ZeroSpamDavidWalsh.key +
30	+ '" />'
31	+ ).appendTo(this);
32	+ }
33	+ };
34	+
35	+ $(function() {
36	+ var selectors = '#commentform';
37	+ if (typeof ZeroSpamDavidWalsh.selectors != "undefined" && ZeroSpamDavidWalsh.selectors ) {
38	+ selectors += ',' + ZeroSpamDavidWalsh.selectors
39	+ }
40	+
41	+ jQuery(selectors).ZeroSpamDavidWalsh();
42	+ });
43	+ })(jQuery);

modules/davidwalsh/class-davidwalsh.php ADDED Viewed

	@@ -0,0 +1,180 @@


1	+ <?php
2	+ /**
3	+ * David Walsh class
4	+ *
5	+ * See https://davidwalsh.name/wordpress-comment-spam.
6	+ *
7	+ * @package ZeroSpam
8	+ */
9	+
10	+ namespace ZeroSpam\Modules\DavidWalsh;
11	+
12	+ // Security Note: Blocks direct access to the plugin PHP files.
13	+ defined( 'ABSPATH' ) \|\| die();
14	+
15	+ /**
16	+ * Zero Spam
17	+ */
18	+ class DavidWalsh {
19	+ /**
20	+ * Constructor
21	+ */
22	+ public function __construct() {
23	+ add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
24	+ add_filter( 'zerospam_settings', array( $this, 'settings' ) );
25	+
26	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'davidwalsh' ) && \ZeroSpam\Core\Access::process() ) {
27	+ add_action( 'wp_enqueue_scripts', array( $this, 'scripts' ) );
28	+ add_action( 'zerospam_preprocess_comment', array( $this, 'preprocess_comments' ) );
29	+ }
30	+ }
31	+
32	+ /**
33	+ * Preprocess comments
34	+ *
35	+ * @param array $commentdata Comment data array.
36	+ */
37	+ public function preprocess_comments( $commentdata ) {
38	+ if ( empty( $_REQUEST['zerospam_david_walsh_key'] \|\| self::get_davidwalsh() === $_REQUEST['zerospam_david_walsh_key'] ) ) {
39	+ // Log if enabled.
40	+ if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
41	+ $details = array(
42	+ 'failed' => 'david_walsh',
43	+ );
44	+ $details = array_merge( $details, $commentdata );
45	+ ZeroSpam\Includes\DB::log( 'comment', $details );
46	+ }
47	+
48	+ $message = ZeroSpam\Core\Utilities::detection_message( 'comment_spam_message' );
49	+
50	+ wp_die(
51	+ wp_kses(
52	+ $message,
53	+ array(
54	+ 'a' => array(
55	+ 'target' => array(),
56	+ 'href' => array(),
57	+ 'rel' => array(),
58	+ ),
59	+ 'strong' => array(),
60	+ )
61	+ ),
62	+ esc_html( ZeroSpam\Core\Utilities::detection_title( 'comment_spam_message' ) ),
63	+ array(
64	+ 'response' => 403,
65	+ )
66	+ );
67	+ }
68	+
69	+ return $commentdata;
70	+ }
71	+
72	+ /**
73	+ * David Walsh settings section
74	+ *
75	+ * @param array $sections Array of available setting sections.
76	+ */
77	+ public function sections( $sections ) {
78	+ $sections['davidwalsh'] = array(
79	+ 'title' => __( 'David Walsh Detection Settings', 'zerospam' ),
80	+ );
81	+
82	+ return $sections;
83	+ }
84	+
85	+ /**
86	+ * David Walsh settings
87	+ *
88	+ * @param array $settings Array of available settings.
89	+ */
90	+ public function settings( $settings ) {
91	+ $options = get_option( 'wpzerospam' );
92	+
93	+ $settings['davidwalsh'] = array(
94	+ 'title' => __( 'David Walsh Technique', 'zerospam' ),
95	+ 'desc' => sprintf(
96	+ wp_kses(
97	+ /* translators: %s: url */
98	+ __( 'Enables the <a href="%s" target="_blank" rel="noreferrer noopener">David Walsh technique</a>. <strong>Requires JavaScript be enabled.</strong>', 'zerospam' ),
99	+ array(
100	+ 'a' => array(
101	+ 'target' => array(),
102	+ 'href' => array(),
103	+ 'rel' => array(),
104	+ ),
105	+ 'strong' => array(),
106	+ )
107	+ ),
108	+ esc_url( 'https://davidwalsh.name/wordpress-comment-spam#utm_source=wordpresszerospam&utm_medium=admin_link&utm_campaign=wordpresszerospam' )
109	+ ),
110	+ 'section' => 'davidwalsh',
111	+ 'type' => 'checkbox',
112	+ 'options' => array(
113	+ 'enabled' => __( 'Enabled', 'zerospam' ),
114	+ ),
115	+ 'value' => ! empty( $options['davidwalsh'] ) ? $options['davidwalsh'] : false,
116	+ 'recommended' => 'enabled',
117	+ );
118	+
119	+ $settings['davidwalsh_form_selectors'] = array(
120	+ 'title' => __( 'Custom Form Selectors', 'zerospam' ),
121	+ 'desc' => sprintf(
122	+ wp_kses(
123	+ /* translators: %s: url */
124	+ __( 'Comma-seperated list of custom form selectors that should use the <a href="%s" target="_blank" rel="noreferrer noopener">David Walsh technique</a>.', 'zerospam' ),
125	+ array(
126	+ 'a' => array(
127	+ 'target' => array(),
128	+ 'href' => array(),
129	+ 'rel' => array(),
130	+ ),
131	+ )
132	+ ),
133	+ esc_url( 'https://davidwalsh.name/wordpress-comment-spam#utm_source=wordpresszerospam&utm_medium=admin_link&utm_campaign=wordpresszerospam' )
134	+ ),
135	+ 'section' => 'davidwalsh',
136	+ 'type' => 'text',
137	+ 'field_class' => 'large-text',
138	+ 'placeholder' => '.custom-form',
139	+ 'value' => ! empty( $options['davidwalsh_form_selectors'] ) ? $options['davidwalsh_form_selectors'] : false,
140	+ );
141	+
142	+ return $settings;
143	+ }
144	+
145	+ /**
146	+ * Register scripts
147	+ */
148	+ public function scripts() {
149	+ wp_enqueue_script(
150	+ 'zerospam-davidwalsh',
151	+ plugin_dir_url( ZEROSPAM ) . 'modules/davidwalsh/assets/js/davidwalsh.js',
152	+ array( 'jquery' ),
153	+ ZEROSPAM_VERSION,
154	+ true
155	+ );
156	+
157	+ // Pass the davidwalsh key to the script.
158	+ wp_localize_script(
159	+ 'zerospam-davidwalsh',
160	+ 'ZeroSpamDavidWalsh',
161	+ array(
162	+ 'key' => self::get_davidwalsh(),
163	+ 'selectors' => \ZeroSpam\Core\Settings::get_settings( 'davidwalsh_form_selectors' ),
164	+ )
165	+ );
166	+ }
167	+
168	+ /**
169	+ * Returns the generated DavidWalsh key for checking submissions.
170	+ */
171	+ public static function get_davidwalsh( $regenerate = false ) {
172	+ $key = get_option( 'zerospam_davidwalsh' );
173	+ if ( ! $key \|\| $regenerate ) {
174	+ $key = wp_generate_password( 5, false, false );
175	+ update_option( 'zerospam_davidwalsh', $key );
176	+ }
177	+
178	+ return $key;
179	+ }
180	+ }

modules/fluentforms/class-fluentforms.php CHANGED Viewed

	@@ -62,13 +62,14 @@ class FluentForms {
62	$options = get_option( 'wpzerospam' );
63
64	$settings['verify_fluentforms'] = array(
65	- 'title' => __( 'Protect Fluent Form Submissions', 'zerospam' ),
66	- 'section' => 'fluentforms',
67	- 'type' => 'checkbox',
68	- 'options' => array(
69	'enabled' => __( 'Monitor Fluent Form submissions for malicious or automated spambots.', 'zerospam' ),
70	),
71	- 'value' => ! empty( $options['verify_fluentforms'] ) ? $options['verify_fluentforms'] : false,

72	);
73
74	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -84,17 +85,18 @@ class FluentForms {
84	);
85
86	$settings['log_blocked_fluentforms'] = array(
87	- 'title' => __( 'Log Blocked Fluent Form Submissions', 'zerospam' ),
88	- 'section' => 'fluentforms',
89	- 'type' => 'checkbox',
90	- 'desc' => wp_kses(
91	__( 'Enables logging blocked Fluent Form submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
92	array( 'strong' => array() )
93	),
94	- 'options' => array(
95	'enabled' => __( 'Enabled', 'zerospam' ),
96	),
97	- 'value' => ! empty( $options['log_blocked_fluentforms'] ) ? $options['log_blocked_fluentforms'] : false,

98	);
99
100	return $settings;


62	$options = get_option( 'wpzerospam' );
63
64	$settings['verify_fluentforms'] = array(
65	+ 'title' => __( 'Protect Fluent Form Submissions', 'zerospam' ),
66	+ 'section' => 'fluentforms',
67	+ 'type' => 'checkbox',
68	+ 'options' => array(
69	'enabled' => __( 'Monitor Fluent Form submissions for malicious or automated spambots.', 'zerospam' ),
70	),
71	+ 'value' => ! empty( $options['verify_fluentforms'] ) ? $options['verify_fluentforms'] : false,
72	+ 'recommended' => 'enabled',
73	);
74
75	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

85	);
86
87	$settings['log_blocked_fluentforms'] = array(
88	+ 'title' => __( 'Log Blocked Fluent Form Submissions', 'zerospam' ),
89	+ 'section' => 'fluentforms',
90	+ 'type' => 'checkbox',
91	+ 'desc' => wp_kses(
92	__( 'Enables logging blocked Fluent Form submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
93	array( 'strong' => array() )
94	),
95	+ 'options' => array(
96	'enabled' => __( 'Enabled', 'zerospam' ),
97	),
98	+ 'value' => ! empty( $options['log_blocked_fluentforms'] ) ? $options['log_blocked_fluentforms'] : false,
99	+ 'recommended' => 'enabled',
100	);
101
102	return $settings;

modules/formidable/class-formidable.php CHANGED Viewed

	@@ -63,13 +63,14 @@ class Formidable {
63	$options = get_option( 'wpzerospam' );
64
65	$settings['verify_formidable'] = array(
66	- 'title' => __( 'Protect Formidable Submissions', 'zerospam' ),
67	- 'section' => 'formidable',
68	- 'type' => 'checkbox',
69	- 'options' => array(
70	'enabled' => __( 'Monitor Formidable submissions for malicious or automated spambots.', 'zerospam' ),
71	),
72	- 'value' => ! empty( $options['verify_formidable'] ) ? $options['verify_formidable'] : false,

73	);
74
75	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -85,17 +86,18 @@ class Formidable {
85	);
86
87	$settings['log_blocked_formidable'] = array(
88	- 'title' => __( 'Log Blocked Formidable Submissions', 'zerospam' ),
89	- 'section' => 'formidable',
90	- 'type' => 'checkbox',
91	- 'desc' => wp_kses(
92	__( 'Enables logging blocked Formidable submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
93	array( 'strong' => array() )
94	),
95	- 'options' => array(
96	'enabled' => __( 'Enabled', 'zerospam' ),
97	),
98	- 'value' => ! empty( $options['log_blocked_formidable'] ) ? $options['log_blocked_formidable'] : false,

99	);
100
101	return $settings;


63	$options = get_option( 'wpzerospam' );
64
65	$settings['verify_formidable'] = array(
66	+ 'title' => __( 'Protect Formidable Submissions', 'zerospam' ),
67	+ 'section' => 'formidable',
68	+ 'type' => 'checkbox',
69	+ 'options' => array(
70	'enabled' => __( 'Monitor Formidable submissions for malicious or automated spambots.', 'zerospam' ),
71	),
72	+ 'value' => ! empty( $options['verify_formidable'] ) ? $options['verify_formidable'] : false,
73	+ 'recommended' => 'enabled',
74	);
75
76	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

86	);
87
88	$settings['log_blocked_formidable'] = array(
89	+ 'title' => __( 'Log Blocked Formidable Submissions', 'zerospam' ),
90	+ 'section' => 'formidable',
91	+ 'type' => 'checkbox',
92	+ 'desc' => wp_kses(
93	__( 'Enables logging blocked Formidable submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
94	array( 'strong' => array() )
95	),
96	+ 'options' => array(
97	'enabled' => __( 'Enabled', 'zerospam' ),
98	),
99	+ 'value' => ! empty( $options['log_blocked_formidable'] ) ? $options['log_blocked_formidable'] : false,
100	+ 'recommended' => 'enabled',
101	);
102
103	return $settings;

modules/registration/class-registration.php CHANGED Viewed

	@@ -103,13 +103,14 @@ class Registration {
103	$options = get_option( 'wpzerospam' );
104
105	$settings['verify_registrations'] = array(
106	- 'title' => __( 'Protect Registrations', 'zerospam' ),
107	- 'section' => 'registration',
108	- 'type' => 'checkbox',
109	- 'options' => array(
110	'enabled' => __( 'Monitor registrations for malicious or automated spambots.', 'zerospam' ),
111	),
112	- 'value' => ! empty( $options['verify_registrations'] ) ? $options['verify_registrations'] : false,

113	);
114
115	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -125,17 +126,18 @@ class Registration {
125	);
126
127	$settings['log_blocked_registrations'] = array(
128	- 'title' => __( 'Log Blocked Registrations', 'zerospam' ),
129	- 'section' => 'registration',
130	- 'type' => 'checkbox',
131	- 'desc' => wp_kses(
132	__( 'Enables logging blocked registrations. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
133	array( 'strong' => array() )
134	),
135	- 'options' => array(
136	'enabled' => __( 'Enabled', 'zerospam' ),
137	),
138	- 'value' => ! empty( $options['log_blocked_registrations'] ) ? $options['log_blocked_registrations'] : false,

139	);
140
141	return $settings;


103	$options = get_option( 'wpzerospam' );
104
105	$settings['verify_registrations'] = array(
106	+ 'title' => __( 'Protect Registrations', 'zerospam' ),
107	+ 'section' => 'registration',
108	+ 'type' => 'checkbox',
109	+ 'options' => array(
110	'enabled' => __( 'Monitor registrations for malicious or automated spambots.', 'zerospam' ),
111	),
112	+ 'value' => ! empty( $options['verify_registrations'] ) ? $options['verify_registrations'] : false,
113	+ 'recommended' => 'enabled',
114	);
115
116	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

126	);
127
128	$settings['log_blocked_registrations'] = array(
129	+ 'title' => __( 'Log Blocked Registrations', 'zerospam' ),
130	+ 'section' => 'registration',
131	+ 'type' => 'checkbox',
132	+ 'desc' => wp_kses(
133	__( 'Enables logging blocked registrations. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
134	array( 'strong' => array() )
135	),
136	+ 'options' => array(
137	'enabled' => __( 'Enabled', 'zerospam' ),
138	),
139	+ 'value' => ! empty( $options['log_blocked_registrations'] ) ? $options['log_blocked_registrations'] : false,
140	+ 'recommended' => 'enabled',
141	);
142
143	return $settings;

modules/woocommerce/class-woocommerce.php CHANGED Viewed

	@@ -65,14 +65,15 @@ class WooCommerce {
65	$options = get_option( 'wpzerospam' );
66
67	$settings['woocommerce_protection'] = array(
68	- 'title' => __( 'WooCommerce Protection', 'zerospam' ),
69	- 'section' => 'woocommerce',
70	- 'type' => 'checkbox',
71	- 'desc' => __( 'Enables integration with the WooCommerce.', 'zerospam' ),
72	- 'options' => array(
73	'enabled' => __( 'Enabled', 'zerospam' ),
74	),
75	- 'value' => ! empty( $options['woocommerce_protection'] ) ? $options['woocommerce_protection'] : false,

76	);
77
78	return $settings;


65	$options = get_option( 'wpzerospam' );
66
67	$settings['woocommerce_protection'] = array(
68	+ 'title' => __( 'WooCommerce Protection', 'zerospam' ),
69	+ 'section' => 'woocommerce',
70	+ 'type' => 'checkbox',
71	+ 'desc' => __( 'Enables integration with the WooCommerce.', 'zerospam' ),
72	+ 'options' => array(
73	'enabled' => __( 'Enabled', 'zerospam' ),
74	),
75	+ 'value' => ! empty( $options['woocommerce_protection'] ) ? $options['woocommerce_protection'] : false,
76	+ 'recommended' => 'enabled',
77	);
78
79	return $settings;

modules/wpforms/class-wpforms.php CHANGED Viewed

	@@ -63,13 +63,14 @@ class WPForms {
63	$options = get_option( 'wpzerospam' );
64
65	$settings['verify_wpforms'] = array(
66	- 'title' => __( 'Protect WPForms Submissions', 'zerospam' ),
67	- 'section' => 'wpforms',
68	- 'type' => 'checkbox',
69	- 'options' => array(
70	'enabled' => __( 'Monitor WPForms submissions for malicious or automated spambots.', 'zerospam' ),
71	),
72	- 'value' => ! empty( $options['verify_wpforms'] ) ? $options['verify_wpforms'] : false,

73	);
74
75	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );
	@@ -85,17 +86,18 @@ class WPForms {
85	);
86
87	$settings['log_blocked_wpforms'] = array(
88	- 'title' => __( 'Log Blocked WPForms Submissions', 'zerospam' ),
89	- 'section' => 'wpforms',
90	- 'type' => 'checkbox',
91	- 'desc' => wp_kses(
92	__( 'Enables logging blocked WPForms submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
93	array( 'strong' => array() )
94	),
95	- 'options' => array(
96	'enabled' => __( 'Enabled', 'zerospam' ),
97	),
98	- 'value' => ! empty( $options['log_blocked_wpforms'] ) ? $options['log_blocked_wpforms'] : false,

99	);
100
101	return $settings;


63	$options = get_option( 'wpzerospam' );
64
65	$settings['verify_wpforms'] = array(
66	+ 'title' => __( 'Protect WPForms Submissions', 'zerospam' ),
67	+ 'section' => 'wpforms',
68	+ 'type' => 'checkbox',
69	+ 'options' => array(
70	'enabled' => __( 'Monitor WPForms submissions for malicious or automated spambots.', 'zerospam' ),
71	),
72	+ 'value' => ! empty( $options['verify_wpforms'] ) ? $options['verify_wpforms'] : false,
73	+ 'recommended' => 'enabled',
74	);
75
76	$message = __( 'You have been flagged as spam/malicious by WordPress Zero Spam.', 'zerospam' );

86	);
87
88	$settings['log_blocked_wpforms'] = array(
89	+ 'title' => __( 'Log Blocked WPForms Submissions', 'zerospam' ),
90	+ 'section' => 'wpforms',
91	+ 'type' => 'checkbox',
92	+ 'desc' => wp_kses(
93	__( 'Enables logging blocked WPForms submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
94	array( 'strong' => array() )
95	),
96	+ 'options' => array(
97	'enabled' => __( 'Enabled', 'zerospam' ),
98	),
99	+ 'value' => ! empty( $options['log_blocked_wpforms'] ) ? $options['log_blocked_wpforms'] : false,
100	+ 'recommended' => 'enabled',
101	);
102
103	return $settings;

readme.txt CHANGED Viewed

	@@ -5,7 +5,7 @@ Donate link: https://www.benmarshall.me/donate/?utm_source=wordpress_zero_spam&u
5	Requires at least: 5.2
6	Tested up to: 5.6.2
7	Requires PHP: 7.3
8	- Stable tag: 5.0.6
9	License: GNU GPLv3
10	License URI: https://choosealicense.com/licenses/gpl-3.0/
11
	@@ -27,7 +27,8 @@ Quit forcing people to answer questions or confusing captchas to prove they're n
27	* Automatically & manually block IPs temporarily or permanently
28	* Geolocate IP addresses to see where offenders are coming from
29	* Block entire countries, regions, zip/postal codes & cities
30	- * ~~Detailed~~ ~~logging~~ to ~~catch,~~ ~~investigate~~ & ~~block~~ ~~recurring~~ ~~offenders~~

31
32	= WordPress Zero Spam also protects =
33
	@@ -72,6 +73,15 @@ For more information & developer documentation, see the [plugin’s website](htt
72
73	== Changelog ==
74









75	= v5.0.6 =
76
77	* Various admin UI improvements


5	Requires at least: 5.2
6	Tested up to: 5.6.2
7	Requires PHP: 7.3
8	+ Stable tag: 5.0.7
9	License: GNU GPLv3
10	License URI: https://choosealicense.com/licenses/gpl-3.0/
11

27	* Automatically & manually block IPs temporarily or permanently
28	* Geolocate IP addresses to see where offenders are coming from
29	* Block entire countries, regions, zip/postal codes & cities
30	+ * Automatically update the WP core disallowed list weekly using [splorp's Comment Blacklist for WordPress](https://github.com/splorp/wordpress-comment-blacklist)
31	+ * Multiple detection techniques including [David Walsh's solution](https://davidwalsh.name/wordpress-comment-spam) for stopping WordPress spam.
32
33	= WordPress Zero Spam also protects =
34

73
74	== Changelog ==
75
76	+ = v5.0.7 =
77	+
78	+ * Added first-time configuration notice & auto-configure recommended settings functionality
79	+ * Added the ability to regenerate the honeypot ID
80	+ * Various admin UI improvements
81	+ * WP Disallowed Comment Keys are automatically updated weekly using https://github.com/splorp/wordpress-comment-blacklist
82	+ * Strengthened comment spam detections using WP core disallowed list
83	+ * [David Walsh's spam technique](https://davidwalsh.name/wordpress-comment-spam#utm_source=wordpresszerospam&utm_medium=admin_link&utm_campaign=wordpresszerospam) is back! https://github.com/bmarshall511/wordpress-zero-spam/issues/247
84	+
85	= v5.0.6 =
86
87	* Various admin UI improvements

uninstall.php CHANGED Viewed

	@@ -26,6 +26,8 @@ if ( is_multisite() ) {
26	delete_option( 'wpzerospam' );
27	delete_option( 'wpzerospam_honeypot' );
28	delete_option( 'zerospam_db_version' );


29
30	foreach ( $tables as $key => $table ) {
31	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );
	@@ -37,6 +39,8 @@ if ( is_multisite() ) {
37	delete_option( 'wpzerospam' );
38	delete_option( 'wpzerospam_honeypot' );
39	delete_option( 'zerospam_db_version' );


40
41	foreach ( $tables as $key => $table ) {
42	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );


26	delete_option( 'wpzerospam' );
27	delete_option( 'wpzerospam_honeypot' );
28	delete_option( 'zerospam_db_version' );
29	+ delete_option( 'zerospam_configured' );
30	+ delete_option( 'zerospam_davidwalsh' );
31
32	foreach ( $tables as $key => $table ) {
33	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );

39	delete_option( 'wpzerospam' );
40	delete_option( 'wpzerospam_honeypot' );
41	delete_option( 'zerospam_db_version' );
42	+ delete_option( 'zerospam_configured' );
43	+ delete_option( 'zerospam_davidwalsh' );
44
45	foreach ( $tables as $key => $table ) {
46	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );

wordpress-zero-spam.php CHANGED Viewed

	@@ -13,7 +13,7 @@
13	* Plugin Name: WordPress Zero Spam
14	* Plugin URI: https://benmarshall.me/wordpress-zero-spam
15	* Description: Tired of all the useless and bloated WordPress spam plugins? The WordPress Zero Spam plugin makes blocking spam a cinch. <strong>Just install, activate and say goodbye to spam.</strong>.
16	- * Version: 5.0.6
17	* Requires at least: 5.2
18	* Requires PHP: 7.3
19	* Author: Ben Marshall
	@@ -31,7 +31,7 @@ defined( 'ABSPATH' ) \|\| die();
31	define( 'ZEROSPAM', __FILE__ );
32	define( 'ZEROSPAM_PATH', plugin_dir_path( ZEROSPAM ) );
33	define( 'ZEROSPAM_PLUGIN_BASE', plugin_basename( ZEROSPAM ) );
34	- define( 'ZEROSPAM_VERSION', '5.0.6' );
35
36	add_action( 'plugins_loaded', 'zerospam_load_plugin_textdomain' );
37
	@@ -44,26 +44,14 @@ if ( ! version_compare( PHP_VERSION, '7.3', '>=' ) ) {
44	}
45
46	/**
47	- * Load ~~Elementor~~ textdomain.
48	- *
49	- * Load gettext translate for Elementor text domain.
50	- *
51	- * @since 1.0.0
52	- *
53	- * @return void
54	*/
55	function zerospam_load_plugin_textdomain() {
56	load_plugin_textdomain( 'zerospam' );
57	}
58
59	/**
60	- * WordPress Zero Spam admin notice for minimum PHP version.
61	- *
62	- * Warning when the site doesn't have the minimum required PHP version.
63	- *
64	- * @since 5.0.0
65	- *
66	- * @return void
67	*/
68	function zerospam_fail_php_version() {
69	/* translators: %s: PHP version */
	@@ -73,13 +61,7 @@ function zerospam_fail_php_version() {
73	}
74
75	/**
76	- * WordPress Zero Spam admin notice for minimum WordPress version.
77	- *
78	- * Warning when the site doesn't have the minimum required WordPress version.
79	- *
80	- * @since 5.0.0
81	- *
82	- * @return void
83	*/
84	function zerospam_fail_wp_version() {
85	/* translators: %s: WordPress version */


13	* Plugin Name: WordPress Zero Spam
14	* Plugin URI: https://benmarshall.me/wordpress-zero-spam
15	* Description: Tired of all the useless and bloated WordPress spam plugins? The WordPress Zero Spam plugin makes blocking spam a cinch. <strong>Just install, activate and say goodbye to spam.</strong>.
16	+ * Version: 5.0.7
17	* Requires at least: 5.2
18	* Requires PHP: 7.3
19	* Author: Ben Marshall

31	define( 'ZEROSPAM', __FILE__ );
32	define( 'ZEROSPAM_PATH', plugin_dir_path( ZEROSPAM ) );
33	define( 'ZEROSPAM_PLUGIN_BASE', plugin_basename( ZEROSPAM ) );
34	+ define( 'ZEROSPAM_VERSION', '5.0.7' );
35
36	add_action( 'plugins_loaded', 'zerospam_load_plugin_textdomain' );
37

44	}
45
46	/**
47	+ * Load plugin textdomain






48	*/
49	function zerospam_load_plugin_textdomain() {
50	load_plugin_textdomain( 'zerospam' );
51	}
52
53	/**
54	+ * WordPress Zero Spam admin notice for minimum PHP version






55	*/
56	function zerospam_fail_php_version() {
57	/* translators: %s: PHP version */

61	}
62
63	/**
64	+ * WordPress Zero Spam admin notice for minimum WordPress version






65	*/
66	function zerospam_fail_wp_version() {
67	/* translators: %s: WordPress version */