WordPress Zero Spam - Version 5.2.5

Version Description

Release Info

Developer	bmarshall511
Plugin	WordPress Zero Spam
Version	5.2.5
Comparing to
See all releases

Code changes from version 5.2.4 to 5.2.5

Files changed (29) hide show

core/admin/class-admin.php +10 -5
core/admin/class-settings.php +61 -43
core/class-access.php +13 -17
core/class-settings.php +15 -36
core/class-user.php +1 -7
core/class-utilities.php +45 -3
includes/class-plugin.php +24 -42
includes/templates/settings/errors.php +1 -1
modules/class-debug.php +99 -0
modules/class-google.php +22 -27
modules/class-ipinfomodule.php +19 -14
modules/class-ipstack.php +31 -20
modules/class-projecthoneypot.php +34 -24
modules/class-stopforumspam.php +68 -90
modules/class-zerospam.php +30 -17
modules/comments/class-comments.php +77 -61
modules/contactform7/class-contactform7.php +77 -38
modules/davidwalsh/class-davidwalsh.php +35 -210
modules/fluentforms/class-fluentforms.php +23 -18
modules/formidable/class-formidable.php +52 -26
modules/give/class-give.php +24 -6
modules/login/class-login.php +24 -13
modules/mailchimpforwp/class-mailchimpforwp.php +17 -16
modules/memberpress/class-memberpress.php +17 -16
modules/registration/class-registration.php +83 -66
modules/wpforms/class-wpforms.php +28 -19
readme.txt +17 -2
uninstall.php +3 -0
wordpress-zero-spam.php +23 -7

core/admin/class-admin.php CHANGED Viewed

	@@ -14,7 +14,6 @@ defined( 'ABSPATH' ) \|\| die();
14	* Admin
15	*/
16	class Admin {
17	-
18	/**
19	* Constructor
20	*/
	@@ -22,6 +21,13 @@ class Admin {
22	new \ZeroSpam\Core\Admin\Settings();
23	new \ZeroSpam\Core\Admin\Dashboard();
24







25	add_filter( 'plugin_action_links_' . ZEROSPAM_PLUGIN_BASE, array( $this, 'plugin_action_links' ) );
26	add_filter( 'plugin_row_meta', array( $this, 'plugin_row_meta' ), 10, 2 );
27	add_filter( 'admin_footer_text', array( $this, 'admin_footer_text' ) );
	@@ -106,9 +112,8 @@ class Admin {
106	</div>
107	<?php
108	}
109	- ?>
110	- ~~<?php~~ require ZEROSPAM_PATH . 'includes/templates/admin-line-chart.php'; ?>
111	- <?php
112	}
113
114	/**
	@@ -128,7 +133,7 @@ class Admin {
128	)
129	),
130	esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings' ) ),
131	- esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-auto-configure=1' ) ),
132	esc_url( ZEROSPAM_URL . 'product/premium/' )
133	);
134


14	* Admin
15	*/
16	class Admin {

17	/**
18	* Constructor
19	*/

21	new \ZeroSpam\Core\Admin\Settings();
22	new \ZeroSpam\Core\Admin\Dashboard();
23
24	+ add_action( 'init', array( $this, 'init' ) );
25	+ }
26	+
27	+ /**
28	+ * Fires after WordPress has finished loading but before any headers are sent.
29	+ */
30	+ public function init() {
31	add_filter( 'plugin_action_links_' . ZEROSPAM_PLUGIN_BASE, array( $this, 'plugin_action_links' ) );
32	add_filter( 'plugin_row_meta', array( $this, 'plugin_row_meta' ), 10, 2 );
33	add_filter( 'admin_footer_text', array( $this, 'admin_footer_text' ) );

112	</div>
113	<?php
114	}
115	+
116	+ require ZEROSPAM_PATH . 'includes/templates/admin-line-chart.php';

117	}
118
119	/**

133	)
134	),
135	esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings' ) ),
136	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-action=auto-configure' ) ),
137	esc_url( ZEROSPAM_URL . 'product/premium/' )
138	);
139

core/admin/class-settings.php CHANGED Viewed

@@ -1,14 +1,12 @@
             <?php
             /**
-            -
             * Settings class.
+             *
              * @package ZeroSpam
              */
             namespace ZeroSpam\Core\Admin;
-            -
            use ZeroSpam;
-            -
             // Security Note: Blocks direct access to the plugin PHP files.
             defined( 'ABSPATH' ) || die();
@@ -23,53 +21,71 @@ class Settings {
             	public function __construct() {
             		add_action( 'admin_menu', array( $this, 'admin_menu' ) );
             		add_action( 'admin_init', array( $this, 'register_settings' ) );
             		add_action( 'admin_action_import_settings', array( $this, 'import_settings' ) );
-            -
            		if ( ! empty( $_REQUEST['zerospam-auto-configure'] ) ) {
-            -
            			\ZeroSpam\Core\Settings::auto_configure();
-            -
-            -
            			wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=WordPress Zero Spam has been auto-configured to the recommended settings.' ) );
-            -
            			exit;
-            -
            		}
-            -
-            -
            		if ( ! empty( $_REQUEST['zerospam-regenerate-honeypot'] ) ) {
-            -
            			self::regenerate_honeypot();
-            -
-            -
            			wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=The WordPress Zero Spam honeypot ID has been successfully regenerated.' ) );
-            -
            			exit;
-            -
            		}
-            -
-            -
            		if ( ! empty( $_REQUEST['zerospam-update-blocked-email-domains'] ) ) {
-            -
            			\ZeroSpam\Core\Settings::update_blocked_email_domains();
-            -
-            -
            			wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=The blocked email domains settings has been successfully updated with the recommended domains.' ) );
-            -
            			exit;
-            -
            		}
-            -
-            -
            		if ( ! empty( $_REQUEST['zerospam-update-disallowed-words'] ) ) {
-            -
            			\ZeroSpam\Core\Settings::update_disallowed_words();
-            -
-            -
            			wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-msg=Your site\'s disallowed words list has been successfully updated.' ) );
-            -
            			exit;
-            -
            		}
-            -
-            -
            		if ( ! empty( $_REQUEST['delete-error-log'] ) ) {
-            -
            			\ZeroSpam\Core\Utilities::delete_error_log();
-            -
-            -
            			wp_safe_redirect( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&tab=error&zerospam-msg=The error log has been successfully deleted.' ) );
-            -
            			exit;
-            -
            		}
-            -
             		if ( ! empty( $_REQUEST['zerospam-msg'] ) ) {
             			add_action(
             				'admin_notices',
             				function() {
             					add_settings_error( 'zerospam-notices', 'zerospam-msg', sanitize_text_field( wp_unslash( $_REQUEST['zerospam-msg'] ) ), 'success' );
+            				}
             			);
+            		}
+            	}
             	/**
             	 * Imports settings
             	 */
@@ -150,7 +166,7 @@ class Settings {
+            			)
             		);
-            -
            		foreach ( ZeroSpam\Core\Settings::get_sections() as $key => $section ) {
             			add_settings_section(
             				'zerospam_' . $key,
             				$section['title'],
@@ -159,7 +175,7 @@ class Settings {
             			);
+            		}
-            -
            		foreach ( ZeroSpam\Core\Settings::get_settings() as $key => $setting ) {
             			$options = array(
             				'label_for' => $key,
             				'type'      => $setting['type'],
@@ -226,8 +242,10 @@ class Settings {
             	/**
             	 * Settings section
             	 */
-            -
            	public function settings_section( $arg ) {
+            	}
             	/**
@@ -433,11 +451,11 @@ class Settings {
             				'title'    => __( 'Settings', 'zerospam' ),
             				'template' => 'settings',
             			),
-            -
            			'export' => array(
             				'title'    => __( 'Export/Import Settings', 'zerospam' ),
             				'template' => 'export',
             			),
-            -
            			'error' => array(
             				'title'    => __( 'Error Log', 'zerospam' ),
             				'template' => 'errors',
             			),


1	<?php
2	/**
3	+ * Settings class
4	*
5	* @package ZeroSpam
6	*/
7
8	namespace ZeroSpam\Core\Admin;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12

21	public function __construct() {
22	add_action( 'admin_menu', array( $this, 'admin_menu' ) );
23	add_action( 'admin_init', array( $this, 'register_settings' ) );
24	+ add_action( 'admin_init', array( $this, 'process_actions' ) );
25	add_action( 'admin_action_import_settings', array( $this, 'import_settings' ) );
26
27	+ // @codingStandardsIgnoreLine


































28	if ( ! empty( $_REQUEST['zerospam-msg'] ) ) {
29	add_action(
30	'admin_notices',
31	function() {
32	+ // @codingStandardsIgnoreLine
33	add_settings_error( 'zerospam-notices', 'zerospam-msg', sanitize_text_field( wp_unslash( $_REQUEST['zerospam-msg'] ) ), 'success' );
34	}
35	);
36	}
37	}
38
39	+ /**
40	+ * Processes actions
41	+ */
42	+ public function process_actions() {
43	+ // @codingStandardsIgnoreLine
44	+ $action = ! empty( $_REQUEST['zerospam-action'] ) ? trim( sanitize_text_field( $_REQUEST['zerospam-action'] ) ) : false;
45	+ $redirect = false;
46	+ $message = false;
47	+
48	+ switch ( $action ) {
49	+ case 'auto-configure':
50	+ $redirect = '&tab=settings';
51	+ $message = __( 'WordPress Zero Spam has successfully been auto-configured with the recommended settings.', 'zerospam' );
52	+ \ZeroSpam\Core\Settings::auto_configure();
53	+ break;
54	+ case 'regenerate-honeypot':
55	+ $redirect = '&tab=settings';
56	+ $message = __( 'WordPress Zero Spam\'s honeypot ID has been successfully reset.', 'zerospam' );
57	+ self::regenerate_honeypot();
58	+ break;
59	+ case 'update-blocked-email-domains':
60	+ $redirect = '&tab=settings';
61	+ $message = __( 'WordPress Zero Spam\'s blocked email domains have been successfully updated to the recommended.', 'zerospam' );
62	+ \ZeroSpam\Core\Settings::update_blocked_email_domains();
63	+ break;
64	+ case 'update-disallowed-words':
65	+ $redirect = '&tab=settings';
66	+ $message = __( 'WordPress\'s disallowed words list has been successfully updated to the recommended.', 'zerospam' );
67	+ \ZeroSpam\Core\Settings::update_disallowed_words();
68	+ break;
69	+ case 'delete-error-log':
70	+ $redirect = '&tab=error';
71	+ $message = __( 'WordPress Zero Spam\'s error log has been successfully deleted.', 'zerospam' );
72	+ \ZeroSpam\Core\Utilities::delete_error_log();
73	+ break;
74	+ }
75	+
76	+ if ( $redirect ) {
77	+ $redirect_url = 'options-general.php?page=wordpress-zero-spam-settings';
78	+ $redirect_url .= $redirect;
79	+
80	+ if ( $message ) {
81	+ $redirect_url .= '&zerospam-msg=' . $message;
82	+ }
83	+
84	+ wp_safe_redirect( admin_url( $redirect_url ) );
85	+ exit;
86	+ }
87	+ }
88	+
89	/**
90	* Imports settings
91	*/

166	)
167	);
168
169	+ foreach ( \ZeroSpam\Core\Settings::get_sections() as $key => $section ) {
170	add_settings_section(
171	'zerospam_' . $key,
172	$section['title'],

175	);
176	}
177
178	+ foreach ( \ZeroSpam\Core\Settings::get_settings() as $key => $setting ) {
179	$options = array(
180	'label_for' => $key,
181	'type' => $setting['type'],

242
243	/**
244	* Settings section
245	+ *
246	+ * @param array $args Section arguments.
247	*/
248	+ public function settings_section( $args ) {
249	}
250
251	/**

451	'title' => __( 'Settings', 'zerospam' ),
452	'template' => 'settings',
453	),
454	+ 'export' => array(
455	'title' => __( 'Export/Import Settings', 'zerospam' ),
456	'template' => 'export',
457	),
458	+ 'error' => array(
459	'title' => __( 'Error Log', 'zerospam' ),
460	'template' => 'errors',
461	),

core/class-access.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2	/**
3	- * Access class.
4	*
5	* @package ZeroSpam
6	*/
	@@ -18,12 +18,19 @@ defined( 'ABSPATH' ) \|\| die();
18	class Access {
19
20	/**
21	- * ~~Cnstructor~~
22	*/
23	public function __construct() {







24	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
25
26	- if ( self::process() ) {
27	add_action( 'template_redirect', array( $this, 'access_check' ), 0 );
28	add_filter( 'zerospam_access_checks', array( $this, 'check_blocked' ), 0, 3 );
29	}
	@@ -45,12 +52,7 @@ class Access {
45	}
46
47	/**
48	- * Access check.
49	- *
50	- * Determines if the current user should be blocked.
51	- *
52	- * @since 5.0.0
53	- * @access public
54	*/
55	public function access_check() {
56	$access = self::get_access();
	@@ -156,10 +158,7 @@ class Access {
156	}
157
158	/**
159	- * Checks if an IP has been blocked.
160	- *
161	- * @since 5.0.0
162	- * @access public
163	*
164	* @param array $access_checks Array of exisiting access checks.
165	* @param string $user_ip The user's IP address.
	@@ -206,10 +205,7 @@ class Access {
206	}
207
208	/**
209	- * Gets the current user's access.
210	- *
211	- * @since 5.0.0
212	- * @access public
213	*/
214	public function get_access() {
215	$settings = ZeroSpam\Core\Settings::get_settings();


1	<?php
2	/**
3	+ * Access class
4	*
5	* @package ZeroSpam
6	*/

18	class Access {
19
20	/**
21	+ * Constructor
22	*/
23	public function __construct() {
24	+ add_action( 'init', array( $this, 'init' ) );
25	+ }
26	+
27	+ /**
28	+ * Fires after WordPress has finished loading but before any headers are sent.
29	+ */
30	+ public function init() {
31	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
32
33	+ if ( ! is_admin() && is_main_query() && self::process() ) {
34	add_action( 'template_redirect', array( $this, 'access_check' ), 0 );
35	add_filter( 'zerospam_access_checks', array( $this, 'check_blocked' ), 0, 3 );
36	}

52	}
53
54	/**
55	+ * Access check





56	*/
57	public function access_check() {
58	$access = self::get_access();

158	}
159
160	/**
161	+ * Checks if an IP has been blocked



162	*
163	* @param array $access_checks Array of exisiting access checks.
164	* @param string $user_ip The user's IP address.

205	}
206
207	/**
208	+ * Gets the current user's access



209	*/
210	public function get_access() {
211	$settings = ZeroSpam\Core\Settings::get_settings();

core/class-settings.php CHANGED Viewed

	@@ -37,10 +37,6 @@ class Settings {
37	'title' => __( 'General Settings', 'zerospam' ),
38	);
39
40	- self::$sections['debug'] = array(
41	- 'title' => __( 'Debug', 'zerospam' ),
42	- );
43	-
44	return apply_filters( 'zerospam_setting_sections', self::$sections );
45	}
46
	@@ -132,7 +128,7 @@ class Settings {
132	),
133	)
134	),
135	- esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-auto-configure=1' ) )
136	),
137	);
138
	@@ -328,13 +324,22 @@ class Settings {
328	),
329	)
330	),
331	- esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-update-blocked-email-domains=1' ) )
332	),
333	);
334
335	self::$settings['regenerate_honeypot'] = array(
336	'title' => __( 'Regenerate Honeypot ID', 'zerospam' ),
337	- 'desc' => __( ~~'Helpful if spam is getting through. Current honeypot ID: <code>' . \ZeroSpam\Core\Utilities::get_honeypot() . '</code>', 'zerospam' ),~~









338	'section' => 'general',
339	'type' => 'html',
340	'html' => sprintf(
	@@ -348,7 +353,7 @@ class Settings {
348	),
349	)
350	),
351	- esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-regenerate-honeypot=1' ) )
352	),
353	);
354
	@@ -368,37 +373,11 @@ class Settings {
368	),
369	)
370	),
371	- esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-update-disallowed-words=1' ) )
372	),
373	);
374
375	- ~~self::$~~settings['~~debug~~'] = ~~array(~~
376	- 'title' => __( 'Debug', 'zerospam' ),
377	- 'desc' => __( 'For troubleshooting site issues.', 'zerospam' ),
378	- 'section' => 'debug',
379	- 'type' => 'checkbox',
380	- 'options' => array(
381	- 'enabled' => __( 'Enabled', 'zerospam' ),
382	- ),
383	- 'value' => ! empty( $options['debug'] ) ? $options['debug'] : false,
384	- );
385	-
386	- self::$settings['debug_ip'] = array(
387	- 'title' => __( 'Debug IP', 'zerospam' ),
388	- 'desc' => wp_kses(
389	- /* translators: %s: url */
390	- __( 'Mock a IP address for debugging. <strong>WARNING: This overrides all visitor IP addresses and while enabled could block legit visitors from accessing the site.</strong>', 'zerospam' ),
391	- array(
392	- 'strong' => array(),
393	- )
394	- ),
395	- 'section' => 'debug',
396	- 'type' => 'text',
397	- 'placeholder' => '127.0.0.1',
398	- 'value' => ! empty( $options['debug_ip'] ) ? $options['debug_ip'] : false,
399	- );
400	-
401	- $settings = apply_filters( 'zerospam_settings', self::$settings );
402
403	if ( $key ) {
404	if ( ! empty( $settings[ $key ]['value'] ) ) {


37	'title' => __( 'General Settings', 'zerospam' ),
38	);
39




40	return apply_filters( 'zerospam_setting_sections', self::$sections );
41	}
42

128	),
129	)
130	),
131	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-action=auto-configure' ) )
132	),
133	);
134

324	),
325	)
326	),
327	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-action=update-blocked-email-domains' ) )
328	),
329	);
330
331	self::$settings['regenerate_honeypot'] = array(
332	'title' => __( 'Regenerate Honeypot ID', 'zerospam' ),
333	+ 'desc' => sprintf(
334	+ wp_kses(
335	+ /* translators: %s: url */
336	+ __( 'Helpful if spam is getting through. Current honeypot ID: <code>%s</code>', 'zerospam' ),
337	+ array(
338	+ 'code' => array(),
339	+ )
340	+ ),
341	+ \ZeroSpam\Core\Utilities::get_honeypot()
342	+ ),
343	'section' => 'general',
344	'type' => 'html',
345	'html' => sprintf(

353	),
354	)
355	),
356	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-action=regenerate-honeypot' ) )
357	),
358	);
359

373	),
374	)
375	),
376	+ esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&zerospam-action=update-disallowed-words' ) )
377	),
378	);
379
380	+ $settings = apply_filters( 'zerospam_settings', self::$settings, $options );


























381
382	if ( $key ) {
383	if ( ! empty( $settings[ $key ]['value'] ) ) {

core/class-user.php CHANGED Viewed

	@@ -25,13 +25,7 @@ class User {
25	$ip = false;
26
27	// Check if a debugging IP is enabled.
28	- if (
29	- ! empty( $settings['debug']['value'] ) &&
30	- 'enabled' === $settings['debug']['value'] &&
31	- ! empty( $settings['debug_ip']['value'] )
32	- ) {
33	- $ip = $settings['debug_ip']['value'];
34	- } elseif ( ! empty( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) {
35	// Check against Cloudflare's reported IP address.
36	$ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_CF_CONNECTING_IP'] ) );
37	} else {


25	$ip = false;
26
27	// Check if a debugging IP is enabled.
28	+ if ( ! empty( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) {






29	// Check against Cloudflare's reported IP address.
30	$ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_CF_CONNECTING_IP'] ) );
31	} else {

core/class-utilities.php CHANGED Viewed

@@ -58,14 +58,14 @@ class Utilities {
+            	}
             	/**
-            -
            	 * Deletes the error log.
             	 */
             	public static function delete_error_log() {
             		$upload_dir = wp_upload_dir();
             		$upload_dir = $upload_dir['basedir'];
             		$file       = $upload_dir . '/zerospam.log';
-            -
            		if ( $file_path && file_exists( $file_path ) ) {
             			wp_delete_file( $file );
+            		}
+            	}
@@ -96,6 +96,44 @@ class Utilities {
             		return false;
+            	}
             	/**
             	 * Returns list of recommended blocked email domains.
             	 */
@@ -591,7 +629,11 @@ class Utilities {
             	 * Returns a cache key
             	 */
             	public static function cache_key( $args, $table = false ) {
-            -
            		return sanitize_title( $table . '_' . implode( '_', $args ) );
+            	}
             	/**


58	}
59
60	/**
61	+ * Deletes the error log
62	*/
63	public static function delete_error_log() {
64	$upload_dir = wp_upload_dir();
65	$upload_dir = $upload_dir['basedir'];
66	$file = $upload_dir . '/zerospam.log';
67
68	+ if ( file_exists( $file ) ) {
69	wp_delete_file( $file );
70	}
71	}

96	return false;
97	}
98
99	+ /**
100	+ * Determines if an email has been blocked by it's domain.
101	+ *
102	+ * @param string $email Email address.
103	+ */
104	+ public static function is_email_domain_blocked( $email ) {
105	+ $blocked_domains = self::get_blocked_email_domains();
106	+ $domain = explode( '@', $email );
107	+ $domain = trim( array_pop( $domain ) );
108	+
109	+ if ( in_array( $domain, $blocked_domains, true ) ) {
110	+ return true;
111	+ }
112	+
113	+ return false;
114	+ }
115	+
116	+ /**
117	+ * Returns the saved blocked email domains.
118	+ */
119	+ public static function get_blocked_email_domains() {
120	+ $blocked_email_domains = \ZeroSpam\Core\Settings::get_settings( 'blocked_email_domains' );
121	+ if ( ! $blocked_email_domains ) {
122	+ return false;
123	+ }
124	+
125	+ $domains = explode( "\n", $blocked_email_domains );
126	+ $domains = array_map( 'trim', $domains );
127	+ $domains = self::sanitize_array( $domains );
128	+ $domains = array_filter( $domains );
129	+
130	+ if ( empty( $domains ) ) {
131	+ return false;
132	+ }
133	+
134	+ return $domains;
135	+ }
136	+
137	/**
138	* Returns list of recommended blocked email domains.
139	*/

629	* Returns a cache key
630	*/
631	public static function cache_key( $args, $table = false ) {
632	+ if ( is_array( $args ) ) {
633	+ $args = implode( '_', $args );
634	+ }
635	+
636	+ return sanitize_title( $table . '_' . $args );
637	}
638
639	/**

includes/class-plugin.php CHANGED Viewed

	@@ -23,12 +23,12 @@ class Plugin {
23	public static $instance = null;
24
25	/**
26	- * ~~Plugin constructor~~
27	*/
28	private function __construct() {
29	$this->register_autoloader();

30
31	- add_action( 'init', array( $this, 'init' ), 0 );
32	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
33	}
34
	@@ -47,62 +47,55 @@ class Plugin {
47	public static function instance() {
48	if ( is_null( self::$instance ) ) {
49	self::$instance = new self();
50	-
51	- // Fires when WordPress Zero Spam was fully loaded and instantiated.
52	- do_action( 'zerospam_loaded' );
53	}
54
55	return self::$instance;
56	}
57
58	/**
59	- * ~~Init~~
60	*/
61	- ~~public~~ function ~~init~~() {
62	- ~~$this->init_components~~();
63	-
64	- /**
65	- * Fires on WordPress Zero Spam init, after WordPress Zero Spam has finished
66	- * loading but before any headers are sent.
67	- */
68	- ~~do_action~~( ~~'zerospam_init'~~ );
69	- }
70
71	- /**
72	- * Init components
73	- *
74	- * Initialize WordPress Zero Spam components. Register actions, initialize all
75	- * the components that run WordPress Zero Spam, and if in admin page
76	- * initialize admin components.
77	- */
78	- private function init_components() {
79	// Database functionality.
80	new \ZeroSpam\Includes\DB();
81



82	// Stop Forum Spam module.
83	new \ZeroSpam\Modules\StopForumSpam();
84
85	// Project Honeypot module.
86	new \ZeroSpam\Modules\ProjectHoneypot();
87
88	- // Zero Spam module.
89	- new \ZeroSpam\Modules\Zero_Spam();
90	-
91	// ipstack module.
92	new \ZeroSpam\Modules\ipstack();
93
94	// IPinfo module.
95	new \ZeroSpam\Modules\IPinfoModule();
96





97	// David Walsh module.
98	new \ZeroSpam\Modules\DavidWalsh\DavidWalsh();
99
100	- // WordPress registration module.
101	- new \ZeroSpam\Modules\Registration\Registration();
102	-
103	// WordPress comments module.
104	new \ZeroSpam\Modules\Comments\Comments();
105



106	// WordPress login module.
107	new \ZeroSpam\Modules\Login\Login();
108
	@@ -147,19 +140,8 @@ class Plugin {
147	new \ZeroSpam\Modules\MailchimpForWP\MailchimpForWP();
148	}
149
150	- // ~~Preform~~ ~~the firewall access check~~.
151	- if ( ~~! is_admin(~~) ~~&& is_main_query() ) {~~
152	- new \ZeroSpam\Core\Access();
153	- }
154	-
155	- // If in admin, loaded needed classes.
156	- if ( is_admin() ) {
157	- // Plugin admin module.
158	- new \ZeroSpam\Core\Admin\Admin();
159	-
160	- // Google API module.
161	- new \ZeroSpam\Modules\Google();
162	- }
163	}
164
165	/**


23	public static $instance = null;
24
25	/**
26	+ * Constructor
27	*/
28	private function __construct() {
29	$this->register_autoloader();
30	+ $this->init_modules();
31

32	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
33	}
34

47	public static function instance() {
48	if ( is_null( self::$instance ) ) {
49	self::$instance = new self();



50	}
51
52	return self::$instance;
53	}
54
55	/**
56	+ * Initializes modules
57	*/
58	+ private function init_modules() {
59	+ if ( is_admin() ) {
60	+ // Plugin admin module.
61	+ new \ZeroSpam\Core\Admin\Admin();
62	+ }
63	+
64	+ // Preform the firewall access check.
65	+ new \ZeroSpam\Core\Access();

66








67	// Database functionality.
68	new \ZeroSpam\Includes\DB();
69
70	+ // Zero Spam module.
71	+ new \ZeroSpam\Modules\Zero_Spam();
72	+
73	// Stop Forum Spam module.
74	new \ZeroSpam\Modules\StopForumSpam();
75
76	// Project Honeypot module.
77	new \ZeroSpam\Modules\ProjectHoneypot();
78



79	// ipstack module.
80	new \ZeroSpam\Modules\ipstack();
81
82	// IPinfo module.
83	new \ZeroSpam\Modules\IPinfoModule();
84
85	+ if ( is_admin() ) {
86	+ // Google API module.
87	+ new \ZeroSpam\Modules\Google();
88	+ }
89	+
90	// David Walsh module.
91	new \ZeroSpam\Modules\DavidWalsh\DavidWalsh();
92



93	// WordPress comments module.
94	new \ZeroSpam\Modules\Comments\Comments();
95
96	+ // WordPress registration module.
97	+ new \ZeroSpam\Modules\Registration\Registration();
98	+
99	// WordPress login module.
100	new \ZeroSpam\Modules\Login\Login();
101

140	new \ZeroSpam\Modules\MailchimpForWP\MailchimpForWP();
141	}
142
143	+ // Debug module.
144	+ new \ZeroSpam\Modules\Debug();











145	}
146
147	/**

includes/templates/settings/errors.php CHANGED Viewed

	@@ -13,4 +13,4 @@ if ( ! $log ) {
13	?>
14
15	<textarea readonly class="large-text code" rows="30"><?php echo esc_html( $log ); ?></textarea>
16	- <a href="<?php echo esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&tab=error&delete-error-log=1' ) ); ?>" class="button button-primary"><?php esc_html_e( 'Clear Error Log' ); ?></a>


13	?>
14
15	<textarea readonly class="large-text code" rows="30"><?php echo esc_html( $log ); ?></textarea>
16	+ <a href="<?php echo esc_url( admin_url( 'options-general.php?page=wordpress-zero-spam-settings&tab=error&zerospam-action=delete-error-log' ) ); ?>" class="button button-primary"><?php esc_html_e( 'Clear Error Log' ); ?></a>

modules/class-debug.php ADDED Viewed

	@@ -0,0 +1,99 @@


1	+ <?php
2	+ /**
3	+ * Debug class.
4	+ *
5	+ * @package ZeroSpam
6	+ */
7	+
8	+ namespace ZeroSpam\Modules;
9	+
10	+ // Security Note: Blocks direct access to the plugin PHP files.
11	+ defined( 'ABSPATH' ) \|\| die();
12	+
13	+ /**
14	+ * Debug
15	+ */
16	+ class Debug {
17	+ /**
18	+ * Constructor
19	+ */
20	+ public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	+ add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	+ add_filter( 'zerospam_get_ip', array( $this, 'debug_ip' ), 10, 1 );
31	+ }
32	+
33	+ /**
34	+ * Updates the visitor IP to the debug IP
35	+ *
36	+ * @param string $ip IP address.
37	+ */
38	+ public function debug_ip( $ip ) {
39	+ $debug_ip = \ZeroSpam\Core\Settings::get_settings( 'debug_ip' );
40	+
41	+ if (
42	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'debug' ) &&
43	+ ! empty( $debug_ip )
44	+ ) {
45	+ return $debug_ip;
46	+ }
47	+
48	+ return $ip;
49	+ }
50	+
51	+ /**
52	+ * Admin setting sections
53	+ *
54	+ * @param array $sections Array of admin setting sections.
55	+ */
56	+ public function sections( $sections ) {
57	+ $sections['debug'] = array(
58	+ 'title' => __( 'Debug', 'zerospam' ),
59	+ );
60	+
61	+ return $sections;
62	+ }
63	+
64	+ /**
65	+ * Admin settings
66	+ *
67	+ * @param array $settings Array of available settings.
68	+ * @param array $options Array of saved database options.
69	+ */
70	+ public function settings( $settings, $options ) {
71	+ $settings['debug'] = array(
72	+ 'title' => __( 'Debug', 'zerospam' ),
73	+ 'desc' => __( 'For troubleshooting site issues.', 'zerospam' ),
74	+ 'section' => 'debug',
75	+ 'type' => 'checkbox',
76	+ 'options' => array(
77	+ 'enabled' => __( 'Enabled', 'zerospam' ),
78	+ ),
79	+ 'value' => ! empty( $options['debug'] ) ? $options['debug'] : false,
80	+ );
81	+
82	+ $settings['debug_ip'] = array(
83	+ 'title' => __( 'Debug IP', 'zerospam' ),
84	+ 'desc' => wp_kses(
85	+ /* translators: %s: url */
86	+ __( 'Mock a IP address for debugging. <strong>WARNING: This overrides all visitor IP addresses and while enabled could block legit visitors from accessing the site.</strong>', 'zerospam' ),
87	+ array(
88	+ 'strong' => array(),
89	+ )
90	+ ),
91	+ 'section' => 'debug',
92	+ 'type' => 'text',
93	+ 'placeholder' => '127.0.0.1',
94	+ 'value' => ! empty( $options['debug_ip'] ) ? $options['debug_ip'] : false,
95	+ );
96	+
97	+ return $settings;
98	+ }
99	+ }

modules/class-google.php CHANGED Viewed

	@@ -7,41 +7,38 @@
7
8	namespace ZeroSpam\Modules;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
15	/**
16	- * Google maps.
17	- *
18	- * @since 5.0.0
19	*/
20	class Google {
21	/**
22	- * ~~Google maps constructor.~~
23	- *
24	- * @since 5.0.0
25	- * @access public
26	*/
27	public function __construct() {







28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
30
31	- $~~settings~~ = ZeroSpam\Core\Settings::get_settings();
32	- if ( ! empty( $~~settings['google_api']['value']~~ ) ) {
33	add_action( 'zerospam_google_map', array( $this, 'map' ), 10, 2 );
34	}
35	}
36
37	/**
38	- * Embeds a map;
39	- *
40	- * @since 5.0.0
41	- * @access public
42	*/
43	public function map( $coordinates ) {
44	- $settings = ZeroSpam\Core\Settings::get_settings();
45
46	if ( ! empty( $settings['google_api']['value'] ) ) {
47	$url = 'https://www.google.com/maps/embed/v1/place?';
	@@ -66,28 +63,25 @@ class Google {
66	}
67
68	/**
69	- * ~~Google~~ ~~maps~~ sections.
70	*
71	- * @~~since~~ 5.~~0.0~~
72	- * @access public
73	*/
74	public function sections( $sections ) {
75	$sections['google'] = array(
76	- 'title' => __( 'Google Integration', 'zerospam' ),
77	);
78
79	return $sections;
80	}
81
82	/**
83	- * ~~Botscout~~ settings.
84	*
85	- * @~~since~~ 5.~~0.0~~
86	- * @~~access~~ ~~public~~
87	*/
88	- public function settings( $settings ) {
89	- $options = get_option( 'wpzerospam' );
90	-
91	$settings['google_api'] = array(
92	'title' => __( 'Google API Key', 'zerospam' ),
93	'section' => 'google',
	@@ -96,6 +90,7 @@ class Google {
96	'placeholder' => __( 'Enter your Google API key.', 'zerospam' ),
97	'desc' => sprintf(
98	wp_kses(

99	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Google API key</a> for Google Maps integration.', 'zerospam' ),
100	array(
101	'a' => array(


7
8	namespace ZeroSpam\Modules;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12
13	/**
14	+ * Google maps


15	*/
16	class Google {
17	/**
18	+ * Constructor



19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30
31	+ $api_key = \ZeroSpam\Core\Settings::get_settings( 'google_api' );
32	+ if ( ! empty( $api_key ) ) {
33	add_action( 'zerospam_google_map', array( $this, 'map' ), 10, 2 );
34	}
35	}
36
37	/**
38	+ * Embeds a map



39	*/
40	public function map( $coordinates ) {
41	+ $settings = \ZeroSpam\Core\Settings::get_settings();
42
43	if ( ! empty( $settings['google_api']['value'] ) ) {
44	$url = 'https://www.google.com/maps/embed/v1/place?';

63	}
64
65	/**
66	+ * Admin setting sections
67	*
68	+ * @param array $sections Array of admin setting sections.

69	*/
70	public function sections( $sections ) {
71	$sections['google'] = array(
72	+ 'title' => __( 'Google API Integration (geolocation)', 'zerospam' ),
73	);
74
75	return $sections;
76	}
77
78	/**
79	+ * Admin settings
80	*
81	+ * @param array $settings Array of available settings.
82	+ * @param array $options Array of saved database options.
83	*/
84	+ public function settings( $settings, $options ) {


85	$settings['google_api'] = array(
86	'title' => __( 'Google API Key', 'zerospam' ),
87	'section' => 'google',

90	'placeholder' => __( 'Enter your Google API key.', 'zerospam' ),
91	'desc' => sprintf(
92	wp_kses(
93	+ /* translators: %1$s: Replaced with the Google API key URL */
94	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Google API key</a> for Google Maps integration.', 'zerospam' ),
95	array(
96	'a' => array(

modules/class-ipinfomodule.php CHANGED Viewed

	@@ -7,7 +7,6 @@
7
8	namespace ZeroSpam\Modules;
9
10	- use ZeroSpam;
11	use \ipinfo\ipinfo\IPinfo;
12
13	// Security Note: Blocks direct access to the plugin PHP files.
	@@ -21,37 +20,43 @@ class IPinfoModule {
21	* Constructor
22	*/
23	public function __construct() {







24	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
25	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
26	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );
27	}
28
29	/**
30	- * ~~Sections~~
31	*
32	- * @param array $sections ~~Admin~~ ~~settings~~ ~~section~~.
33	*/
34	public function sections( $sections ) {
35	$sections['ipinfo'] = array(
36	- 'title' => __( 'IPinfo ~~Geolocation~~ ~~Integration~~', 'zerospam' ),
37	);
38
39	return $sections;
40	}
41
42	/**
43	- * ~~Settings~~
44	*
45	- * @param array $settings ~~Admin~~ ~~setting~~ ~~fields~~.

46	*/
47	- public function settings( $settings ) {
48	- $options = get_option( 'wpzerospam' );
49	-
50	$settings['ipinfo_access_token'] = array(
51	- 'title' => __( '~~IPinfo~~ Access Token', 'zerospam' ),
52	'desc' => sprintf(
53	wp_kses(
54	- /* translators: %s: IPinfo URL */
55	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">IPinfo access token</a> to enable geolocation features. Don\'t have an API key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
56	array(
57	'strong' => array(),
	@@ -73,13 +78,13 @@ class IPinfoModule {
73	);
74
75	$settings['ipinfo_cache'] = array(
76	- 'title' => __( '~~IPinfo~~ Cache Expiration', 'zerospam' ),
77	'section' => 'ipinfo',
78	'type' => 'number',
79	'field_class' => 'small-text',
80	'suffix' => __( 'day(s)', 'zerospam' ),
81	'placeholder' => __( '14', 'zerospam' ),
82	- 'desc' => __( '~~Recommended setting is 14 days.~~ Setting to high could result in outdated information, too low could cause a decrease in performance.', 'zerospam' ),
83	'value' => ! empty( $options['ipinfo_cache'] ) ? $options['ipinfo_cache'] : 14,
84	'recommended' => 14,
85	);


7
8	namespace ZeroSpam\Modules;
9

10	use \ipinfo\ipinfo\IPinfo;
11
12	// Security Note: Blocks direct access to the plugin PHP files.

20	* Constructor
21	*/
22	public function __construct() {
23	+ add_action( 'init', array( $this, 'init' ) );
24	+ }
25	+
26	+ /**
27	+ * Fires after WordPress has finished loading but before any headers are sent.
28	+ */
29	+ public function init() {
30	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
31	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
32	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );
33	}
34
35	/**
36	+ * Admin setting sections
37	*
38	+ * @param array $sections Array of admin setting sections.
39	*/
40	public function sections( $sections ) {
41	$sections['ipinfo'] = array(
42	+ 'title' => __( 'IPinfo Integration (geolocation)', 'zerospam' ),
43	);
44
45	return $sections;
46	}
47
48	/**
49	+ * Admin settings
50	*
51	+ * @param array $settings Array of available settings.
52	+ * @param array $options Array of saved database options.
53	*/
54	+ public function settings( $settings, $options ) {


55	$settings['ipinfo_access_token'] = array(
56	+ 'title' => __( 'Access Token', 'zerospam' ),
57	'desc' => sprintf(
58	wp_kses(
59	+ /* translators: %1$s: Replaced with the IPInfo URL, %2$s: Replaced with the IPinfo signup URL */
60	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">IPinfo access token</a> to enable geolocation features. Don\'t have an API key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
61	array(
62	'strong' => array(),

78	);
79
80	$settings['ipinfo_cache'] = array(
81	+ 'title' => __( 'Cache Expiration', 'zerospam' ),
82	'section' => 'ipinfo',
83	'type' => 'number',
84	'field_class' => 'small-text',
85	'suffix' => __( 'day(s)', 'zerospam' ),
86	'placeholder' => __( '14', 'zerospam' ),
87	+ 'desc' => __( 'Setting to high could result in outdated information, too low could cause a decrease in performance; recommended 14 days.', 'zerospam' ),
88	'value' => ! empty( $options['ipinfo_cache'] ) ? $options['ipinfo_cache'] : 14,
89	'recommended' => 14,
90	);

modules/class-ipstack.php CHANGED Viewed

	@@ -1,51 +1,60 @@
1	<?php
2	/**
3	- * ~~ipstack~~ class.
4	*
5	* @package ZeroSpam
6	*/
7
8	namespace ZeroSpam\Modules;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
15	/**
16	- * ~~ipstack~~
17	*/
18	class ipstack {
19	/**
20	* Constructor
21	*/
22	public function __construct() {







23	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
24	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
25	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );
26	}
27
28	/**
29	- * ~~Sections~~


30	*/
31	public function sections( $sections ) {
32	$sections['ipstack'] = array(
33	- 'title' => __( 'ipstack ~~Geolocation~~ ~~Integration~~', 'zerospam' ),
34	);
35
36	return $sections;
37	}
38
39	/**
40	- * ~~Settings~~



41	*/
42	- public function settings( $settings ) {
43	- $options = get_option( 'wpzerospam' );
44	-
45	$settings['ipstack_api'] = array(
46	- 'title' => __( '~~ipstack~~ API Key', 'zerospam' ),
47	'desc' => sprintf(
48	wp_kses(

49	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">ipstack API key</a> to enable geolocation features. Don\'t have an API key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
50	array(
51	'strong' => array(),
	@@ -67,25 +76,25 @@ class ipstack {
67	);
68
69	$settings['ipstack_timeout'] = array(
70	- 'title' => __( '~~ipstack~~ API Timeout', 'zerospam' ),
71	'section' => 'ipstack',
72	'type' => 'number',
73	'field_class' => 'small-text',
74	'suffix' => __( 'seconds', 'zerospam' ),
75	'placeholder' => __( '5', 'zerospam' ),
76	- 'desc' => __( '~~Recommended setting is 5 seconds.~~ Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond.', 'zerospam' ),
77	'value' => ! empty( $options['ipstack_timeout'] ) ? $options['ipstack_timeout'] : 5,
78	'recommended' => 5,
79	);
80
81	$settings['ipstack_cache'] = array(
82	- 'title' => __( '~~ipstack~~ Cache Expiration', 'zerospam' ),
83	'section' => 'ipstack',
84	'type' => 'number',
85	'field_class' => 'small-text',
86	'suffix' => __( 'day(s)', 'zerospam' ),
87	'placeholder' => __( '14', 'zerospam' ),
88	- 'desc' => __( '~~Recommended setting is 14 days.~~ Setting to high could result in outdated information, too low could cause a decrease in performance.', 'zerospam' ),
89	'value' => ! empty( $options['ipstack_cache'] ) ? $options['ipstack_cache'] : 14,
90	'recommended' => 14,
91	);
	@@ -139,15 +148,17 @@ class ipstack {
139
140	/**
141	* Get geolocation


142	*/
143	public static function get_geolocation( $ip ) {
144	- $settings = ZeroSpam\Core\Settings::get_settings();
145
146	if ( empty( $settings['ipstack_api']['value'] ) ) {
147	return false;
148	}
149
150	- $cache_key = ZeroSpam\Core\Utilities::cache_key(
151	array(
152	'ipstack',
153	$ip,
	@@ -156,7 +167,7 @@ class ipstack {
156
157	$result = wp_cache_get( $cache_key );
158	if ( false === $result ) {
159	- $endpoint = 'http://api.ipstack.com/';
160	$endpoint .= $ip . '?access_key=' . $settings['ipstack_api']['value'];
161
162	$timeout = 5;
	@@ -164,7 +175,7 @@ class ipstack {
164	$timeout = intval( $settings['ipstack_timeout']['value'] );
165	}
166
167	- $response = ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $timeout ) );
168	if ( $response ) {
169	$result = json_decode( $response, true );
170


1	<?php
2	/**
3	+ * Ipstack class
4	*
5	* @package ZeroSpam
6	*/
7
8	namespace ZeroSpam\Modules;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12
13	/**
14	+ * Ipstack
15	*/
16	class ipstack {
17	/**
18	* Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_log_record', array( $this, 'log_record' ) );
31	}
32
33	/**
34	+ * Admin setting sections
35	+ *
36	+ * @param array $sections Array of admin setting sections.
37	*/
38	public function sections( $sections ) {
39	$sections['ipstack'] = array(
40	+ 'title' => __( 'ipstack Integration (geolocation)', 'zerospam' ),
41	);
42
43	return $sections;
44	}
45
46	/**
47	+ * Admin settings
48	+ *
49	+ * @param array $settings Array of available settings.
50	+ * @param array $options Array of saved database options.
51	*/
52	+ public function settings( $settings, $options ) {


53	$settings['ipstack_api'] = array(
54	+ 'title' => __( 'API Key', 'zerospam' ),
55	'desc' => sprintf(
56	wp_kses(
57	+ /* translators: %1$s: Replaced with the ipstack URL, %2$s: Replaced with the ipstack product URL */
58	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">ipstack API key</a> to enable geolocation features. Don\'t have an API key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
59	array(
60	'strong' => array(),

76	);
77
78	$settings['ipstack_timeout'] = array(
79	+ 'title' => __( 'API Timeout', 'zerospam' ),
80	'section' => 'ipstack',
81	'type' => 'number',
82	'field_class' => 'small-text',
83	'suffix' => __( 'seconds', 'zerospam' ),
84	'placeholder' => __( '5', 'zerospam' ),
85	+ 'desc' => __( 'Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond; recommended 5 seconds.', 'zerospam' ),
86	'value' => ! empty( $options['ipstack_timeout'] ) ? $options['ipstack_timeout'] : 5,
87	'recommended' => 5,
88	);
89
90	$settings['ipstack_cache'] = array(
91	+ 'title' => __( 'Cache Expiration', 'zerospam' ),
92	'section' => 'ipstack',
93	'type' => 'number',
94	'field_class' => 'small-text',
95	'suffix' => __( 'day(s)', 'zerospam' ),
96	'placeholder' => __( '14', 'zerospam' ),
97	+ 'desc' => __( 'Setting to high could result in outdated information, too low could cause a decrease in performance; recommended 14 days.', 'zerospam' ),
98	'value' => ! empty( $options['ipstack_cache'] ) ? $options['ipstack_cache'] : 14,
99	'recommended' => 14,
100	);

148
149	/**
150	* Get geolocation
151	+ *
152	+ * @param string $ip IP address.
153	*/
154	public static function get_geolocation( $ip ) {
155	+ $settings = \ZeroSpam\Core\Settings::get_settings();
156
157	if ( empty( $settings['ipstack_api']['value'] ) ) {
158	return false;
159	}
160
161	+ $cache_key = \ZeroSpam\Core\Utilities::cache_key(
162	array(
163	'ipstack',
164	$ip,

167
168	$result = wp_cache_get( $cache_key );
169	if ( false === $result ) {
170	+ $endpoint = 'http://api.ipstack.com/';
171	$endpoint .= $ip . '?access_key=' . $settings['ipstack_api']['value'];
172
173	$timeout = 5;

175	$timeout = intval( $settings['ipstack_timeout']['value'] );
176	}
177
178	+ $response = \ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $timeout ) );
179	if ( $response ) {
180	$result = json_decode( $response, true );
181

modules/class-projecthoneypot.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2	/**
3	- * Project Honeypot httpBL class.
4	*
5	* @package ZeroSpam
6	*/
	@@ -15,14 +15,21 @@ defined( 'ABSPATH' ) \|\| die();
15	*/
16	class ProjectHoneypot {
17	/**
18	- * Constructor.
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23
24	if ( \ZeroSpam\Core\Access::process() ) {
25	- add_filter( 'zerospam_access_checks', array( $this, 'access_check' ), 10, 3 );
26	}
27	}
28
	@@ -31,14 +38,18 @@ class ProjectHoneypot {
31	*
32	* @param array $access_checks Current access checks array.
33	* @param string $user_ip IP address to check.
34	- * @param array $settings Plugin settings.
35	*/
36	- public function access_check( $access_checks, $user_ip, ~~$settings~~ ) {


37	$access_checks['project_honeypot'] = array(
38	'blocked' => false,
39	);
40
41	- if ( ~~empty( $settings['project_honeypot']['value'] ) \|\| 'enabled' !== $settings['project_honeypot']['value'] ) {~~



42	return $access_checks;
43	}
44
	@@ -151,7 +162,7 @@ class ProjectHoneypot {
151	}
152
153	/**
154	- * ~~Project~~ ~~Honeypot~~ sections
155	*
156	* @param array $sections Array of available setting sections.
157	*/
	@@ -164,15 +175,14 @@ class ProjectHoneypot {
164	}
165
166	/**
167	- * ~~Project~~ ~~Honeypot~~ settings
168	*
169	* @param array $settings Array of available settings.

170	*/
171	- public function settings( $settings ) {
172	- $options = get_option( 'wpzerospam' );
173	-
174	$settings['project_honeypot'] = array(
175	- 'title' => __( '~~Project Honeypot~~', 'zerospam' ),
176	'section' => 'project_honeypot',
177	'type' => 'checkbox',
178	'options' => array(
	@@ -180,8 +190,8 @@ class ProjectHoneypot {
180	),
181	'desc' => sprintf(
182	wp_kses(
183	- /* translators: %s: ~~url~~ */
184	- __( '~~Checks~~ ~~user~~ IPs ~~against~~ <a href="%s" target="_blank" rel="noopener noreferrer">Project Honeypot</a>\'~~s blacklist.'~~, 'zerospam' ),
185	array(
186	'strong' => array(),
187	'a' => array(
	@@ -198,10 +208,10 @@ class ProjectHoneypot {
198	);
199
200	$settings['project_honeypot_access_key'] = array(
201	- 'title' => __( '~~Project Honeypot~~ Access Key', 'zerospam' ),
202	'desc' => sprintf(
203	wp_kses(
204	- /* translators: %s: ~~url~~ */
205	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Project Honeypot</a> access key. Don\'t have an access key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
206	array(
207	'strong' => array(),
	@@ -223,20 +233,20 @@ class ProjectHoneypot {
223	);
224
225	$settings['project_honeypot_cache'] = array(
226	- 'title' => __( '~~Project Honeypot~~ Cache Expiration', 'zerospam' ),
227	'section' => 'project_honeypot',
228	'type' => 'number',
229	'field_class' => 'small-text',
230	'suffix' => __( 'day(s)', 'zerospam' ),
231	- 'placeholder' => ~~__(~~ WEEK_IN_SECONDS, ~~'zerospam' ),~~
232	'min' => 0,
233	- 'desc' => __( '~~Recommended setting is 14 days.~~ Setting to high could result in outdated information, too low could cause a decrease in performance.', 'zerospam' ),
234	'value' => ! empty( $options['project_honeypot_cache'] ) ? $options['project_honeypot_cache'] : 14,
235	'recommended' => 14,
236	);
237
238	$settings['project_honeypot_score_min'] = array(
239	- 'title' => __( '~~Project Honeypot~~ Threat Score Minimum', 'zerospam' ),
240	'section' => 'project_honeypot',
241	'type' => 'number',
242	'field_class' => 'small-text',
	@@ -244,10 +254,10 @@ class ProjectHoneypot {
244	'min' => 0,
245	'max' => 255,
246	'step' => 1,
247	- 'desc' => sprintf(
248	wp_kses(
249	- /* translators: %s: ~~url~~ */
250	- __( '~~Recommended setting is 50.~~ Minimum <a href="%s" target="_blank" rel="noopener noreferrer">threat score</a> an IP must meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be.', 'zerospam' ),
251	array(
252	'a' => array(
253	'target' => array(),


1	<?php
2	/**
3	+ * Project Honeypot httpBL class
4	*
5	* @package ZeroSpam
6	*/

15	*/
16	class ProjectHoneypot {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30
31	if ( \ZeroSpam\Core\Access::process() ) {
32	+ add_filter( 'zerospam_access_checks', array( $this, 'access_check' ), 10, 2 );
33	}
34	}
35

38	*
39	* @param array $access_checks Current access checks array.
40	* @param string $user_ip IP address to check.

41	*/
42	+ public function access_check( $access_checks, $user_ip ) {
43	+ $settings = \ZeroSpam\Core\Settings::get_settings();
44	+
45	$access_checks['project_honeypot'] = array(
46	'blocked' => false,
47	);
48
49	+ if (
50	+ empty( $settings['project_honeypot']['value'] ) \|\|
51	+ 'enabled' !== $settings['project_honeypot']['value']
52	+ ) {
53	return $access_checks;
54	}
55

162	}
163
164	/**
165	+ * Admin setting sections
166	*
167	* @param array $sections Array of available setting sections.
168	*/

175	}
176
177	/**
178	+ * Admin settings
179	*
180	* @param array $settings Array of available settings.
181	+ * @param array $options Array of saved database options.
182	*/
183	+ public function settings( $settings, $options ) {


184	$settings['project_honeypot'] = array(
185	+ 'title' => __( 'Status', 'zerospam' ),
186	'section' => 'project_honeypot',
187	'type' => 'checkbox',
188	'options' => array(

190	),
191	'desc' => sprintf(
192	wp_kses(
193	+ /* translators: %s: Replaced with the Project Honeypot URL */
194	+ __( 'Blocks visitor IPs that have been reported to <a href="%s" target="_blank" rel="noopener noreferrer">Project Honeypot</a>.', 'zerospam' ),
195	array(
196	'strong' => array(),
197	'a' => array(

208	);
209
210	$settings['project_honeypot_access_key'] = array(
211	+ 'title' => __( 'Access Key', 'zerospam' ),
212	'desc' => sprintf(
213	wp_kses(
214	+ /* translators: %1s: Replaced with the Project Honeypot URL, %2s: Replaced with the Project Honeypot account creation URL */
215	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Project Honeypot</a> access key. Don\'t have an access key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one for free!</strong></a>', 'zerospam' ),
216	array(
217	'strong' => array(),

233	);
234
235	$settings['project_honeypot_cache'] = array(
236	+ 'title' => __( 'Cache Expiration', 'zerospam' ),
237	'section' => 'project_honeypot',
238	'type' => 'number',
239	'field_class' => 'small-text',
240	'suffix' => __( 'day(s)', 'zerospam' ),
241	+ 'placeholder' => WEEK_IN_SECONDS,
242	'min' => 0,
243	+ 'desc' => __( 'Setting to high could result in outdated information, too low could cause a decrease in performance; recommended 14 days.', 'zerospam' ),
244	'value' => ! empty( $options['project_honeypot_cache'] ) ? $options['project_honeypot_cache'] : 14,
245	'recommended' => 14,
246	);
247
248	$settings['project_honeypot_score_min'] = array(
249	+ 'title' => __( 'Threat Score Minimum', 'zerospam' ),
250	'section' => 'project_honeypot',
251	'type' => 'number',
252	'field_class' => 'small-text',

254	'min' => 0,
255	'max' => 255,
256	'step' => 1,
257	+ 'desc' => sprintf(
258	wp_kses(
259	+ /* translators: %s: Replaced with the Project Honeypot threat page URL */
260	+ __( 'Minimum <a href="%s" target="_blank" rel="noopener noreferrer">threat score</a> an IP must meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be; recommended 50.', 'zerospam' ),
261	array(
262	'a' => array(
263	'target' => array(),

modules/class-stopforumspam.php CHANGED Viewed

	@@ -1,45 +1,47 @@
1	<?php
2	/**
3	- * Stop Forum Spam class.
4	*
5	* @package ZeroSpam
6	*/
7
8	namespace ZeroSpam\Modules;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
15	/**
16	- * Stop Forum Spam.
17	- *
18	- * @since 5.0.0
19	*/
20	class StopForumSpam {
21	/**
22	- * ~~Stop Forum Spam constructor.~~
23	- *
24	- * @since 5.0.0
25	- * @access public
26	*/
27	public function __construct() {
28	- ~~add_filter~~( '~~zerospam_setting_sections~~', array( $this, '~~sections~~' ) );
29	- ~~add_filter( 'zerospam_settings', array( $this, 'settings' ) );~~
30
31	- ~~if ( ZeroSpam\Core\Access::process() ) {~~
32	- ~~add_filter(~~ ~~'zerospam_access_checks',~~ ~~array(~~ ~~$this,~~ ~~'access_check'~~ ), ~~10,~~ 3 );
33	- ~~add_filter( 'zerospam_registration_errors', array( $this, 'preprocess_registrations' ), 10, 3 );~~
34	- ~~add_filter(~~ ~~'zerospam_preprocess_comment',~~ ~~array~~( ~~$this, 'preprocess_comments'~~ ), ~~10, 1 );~~










35	}
36	}
37
38	/**
39	- * ~~Stop~~ ~~Forum~~ ~~Spam~~ sections.
40	*
41	- * @~~since~~ 5.~~0.0~~
42	- * @access public
43	*/
44	public function sections( $sections ) {
45	$sections['stop_forum_spam'] = array(
	@@ -50,16 +52,14 @@ class StopForumSpam {
50	}
51
52	/**
53	- * ~~Stop~~ ~~Forum Spam~~ settings.
54	*
55	- * @~~since~~ 5.~~0.0~~
56	- * @~~access~~ ~~public~~
57	*/
58	- public function settings( $settings ) {
59	- $options = get_option( 'wpzerospam' );
60	-
61	$settings['stop_forum_spam'] = array(
62	- 'title' => __( '~~Stop Forum Spam~~', 'zerospam' ),
63	'section' => 'stop_forum_spam',
64	'type' => 'checkbox',
65	'options' => array(
	@@ -67,7 +67,8 @@ class StopForumSpam {
67	),
68	'desc' => sprintf(
69	wp_kses(
70	- ~~__(~~ ~~'Checks~~ ~~user IPs against <a href="~~%s" ~~target="_blank"~~ ~~rel="noopener~~ ~~noreferrer">~~Stop Forum Spam~~</a>\'s~~ ~~blacklist.',~~ ~~'zerospam' ),~~

71	array(
72	'strong' => array(),
73	'a' => array(
	@@ -84,33 +85,33 @@ class StopForumSpam {
84	);
85
86	$settings['stop_forum_spam_timeout'] = array(
87	- 'title' => __( '~~Stop Forum Spam~~ API Timeout', 'zerospam' ),
88	'section' => 'stop_forum_spam',
89	'type' => 'number',
90	'field_class' => 'small-text',
91	'suffix' => __( 'seconds', 'zerospam' ),
92	'placeholder' => __( '5', 'zerospam' ),
93	'min' => 0,
94	- 'desc' => __( '~~Recommended setting is 5 seconds.~~ Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond.', 'zerospam' ),
95	'value' => ! empty( $options['stop_forum_spam_timeout'] ) ? $options['stop_forum_spam_timeout'] : 5,
96	'recommended' => 5,
97	);
98
99	$settings['stop_forum_spam_cache'] = array(
100	- 'title' => __( '~~Stop Forum Spam~~ Cache Expiration', 'zerospam' ),
101	'section' => 'stop_forum_spam',
102	'type' => 'number',
103	'field_class' => 'small-text',
104	'suffix' => __( 'day(s)', 'zerospam' ),
105	- 'placeholder' => ~~__(~~ WEEK_IN_SECONDS, ~~'zerospam' ),~~
106	'min' => 0,
107	- 'desc' => __( '~~Recommended setting is 14 days.~~ Setting to high could result in outdated information, too low could cause a decrease in performance.', 'zerospam' ),
108	'value' => ! empty( $options['stop_forum_spam_cache'] ) ? $options['stop_forum_spam_cache'] : 14,
109	'recommended' => 14,
110	);
111
112	$settings['stop_forum_spam_confidence_min'] = array(
113	- 'title' => __( '~~Stop Forum Spam~~ Confidence Minimum', 'zerospam' ),
114	'section' => 'stop_forum_spam',
115	'type' => 'number',
116	'field_class' => 'small-text',
	@@ -119,9 +120,10 @@ class StopForumSpam {
119	'min' => 0,
120	'max' => 100,
121	'step' => 0.1,
122	- 'desc' => sprintf(
123	wp_kses(
124	- ~~__(~~ ~~'Recommended~~ ~~setting is 50%%. Minimum <a href="~~%s" ~~target="_blank"~~ ~~rel="noopener~~ ~~noreferrer">confidence~~ ~~score</a>~~ an IP ~~must~~ ~~meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be.', 'zerospam' ),~~

125	array(
126	'a' => array(
127	'target' => array(),
	@@ -140,26 +142,26 @@ class StopForumSpam {
140	}
141
142	/**
143	- * Processes comments.
144	*
145	- * @~~since~~ 5.~~0.0~~
146	- * @~~access~~ ~~public~~

147	*/
148	- public function preprocess_comments( $~~commentdata~~ ) {
149	- ~~$settings~~ = ~~ZeroSpam\Core\Settings::get_settings~~();
150	-
151	- if ( empty( $settings['stop_forum_spam']['value'] ) \|\| 'enabled' !== $settings['stop_forum_spam']['value'] ) {
152	- return $commentdata;
153	}
154
155	$response = self::query(
156	array(
157	- 'email' => $~~commentdata~~['comment_author_email'],
158	)
159	);
160	if ( $response ) {
161	$response = json_decode( $response, true );
162	if ( ! empty( $response['success'] ) && $response['success'] ) {

163
164	// Check email.
165	if (
	@@ -168,48 +170,23 @@ class StopForumSpam {
168	! empty( $settings['stop_forum_spam_confidence_min']['value'] ) &&
169	floatval( $response['email']['confidence'] ) >= floatval( $settings['stop_forum_spam_confidence_min']['value'] )
170	) {
171	-
172	- if ( ! empty( $settings['log_blocked_comments']['value'] ) && 'enabled' === $settings['log_blocked_comments']['value'] ) {
173	- $details = array(
174	- 'failed' => 'stop_forum_spam_email',
175	- );
176	- $details = array_merge( $details, $commentdata );
177	- ZeroSpam\Includes\DB::log( 'comment', $details );
178	- }
179	-
180	- $message = ZeroSpam\Core\Utilities::detection_message( 'comment_spam_message' );
181	- wp_die(
182	- wp_kses(
183	- $message,
184	- array(
185	- 'a' => array(
186	- 'target' => array(),
187	- 'href' => array(),
188	- 'rel' => array(),
189	- ),
190	- 'strong' => array(),
191	- )
192	- ),
193	- esc_html( ZeroSpam\Core\Utilities::detection_title( 'comment_spam_message' ) ),
194	- array(
195	- 'response' => 403,
196	- )
197	- );
198	}
199	}
200	}
201
202	- return $~~commentdata~~;
203	}
204
205	/**
206	- * Processes registrations.
207	*
208	- * @~~since~~ 5.~~0.0~~
209	- * @~~access~~ ~~public~~

210	*/
211	public function preprocess_registrations( $errors, $sanitized_user_login, $user_email ) {
212	- $settings = ZeroSpam\Core\Settings::get_settings();
213
214	if ( empty( $settings['stop_forum_spam']['value'] ) \|\| 'enabled' !== $settings['stop_forum_spam']['value'] ) {
215	return $errors;
	@@ -224,7 +201,7 @@ class StopForumSpam {
224	if ( $response ) {
225	$response = json_decode( $response, true );
226	if ( ! empty( $response['success'] ) && $response['success'] ) {
227	- $message = ZeroSpam\Core\Utilities::detection_message( 'registration_spam_message' );
228
229	// Check username.
230	if (
	@@ -241,7 +218,7 @@ class StopForumSpam {
241	'failed' => 'stop_forum_spam_username',
242	);
243	if ( ! empty( $settings['log_blocked_registrations']['value'] ) && 'enabled' === $settings['log_blocked_registrations']['value'] ) {
244	- ZeroSpam\Includes\DB::log( 'registration', $details );
245	}
246
247	// Share the detection if enabled.
	@@ -259,7 +236,7 @@ class StopForumSpam {
259	floatval( $response['email']['confidence'] ) >= floatval( $settings['stop_forum_spam_confidence_min']['value'] )
260	) {
261	if ( count( $errors->errors ) == 0 ) {
262	- $errors->add( 'zerospam_error_stopformspam_email', ~~__(~~ $message, ~~'zerospam'~~ ) );
263	}
264
265	if ( ! empty( $settings['log_blocked_registrations']['value'] ) && 'enabled' === $settings['log_blocked_registrations']['value'] ) {
	@@ -268,7 +245,7 @@ class StopForumSpam {
268	'user_email' => $user_email,
269	'failed' => 'stop_forum_spam_email',
270	);
271	- ZeroSpam\Includes\DB::log( 'registration', $details );
272	}
273	}
274	}
	@@ -278,17 +255,16 @@ class StopForumSpam {
278	}
279
280	/**
281	- * Query the Stop Forum Spam API.
282	*
283	- * @~~since~~ 5.~~0.0~~
284	- * @access public
285	*/
286	public function query( $params ) {
287	- $settings = ZeroSpam\Core\Settings::get_settings();
288
289	$cache_array = array( 'stop_forum_spam' );
290	$cache_array = array_merge( $cache_array, $params );
291	- $cache_key = ZeroSpam\Core\Utilities::cache_key( $cache_array );
292
293	$response = wp_cache_get( $cache_key );
294	if ( false === $response ) {
	@@ -302,7 +278,7 @@ class StopForumSpam {
302	$timeout = intval( $settings['stop_forum_spam_timeout']['value'] );
303	}
304
305	- $response = ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $timeout ) );
306	if ( $response ) {
307	$expiration = 14 * DAY_IN_SECONDS;
308	if ( ! empty( $settings['stop_forum_spam_cache']['value'] ) ) {
	@@ -316,12 +292,14 @@ class StopForumSpam {
316	}
317
318	/**
319	- * Stop Forum Spam access_check.
320	*
321	- * @~~since~~ 5.~~0.0~~
322	- * @~~access~~ ~~public~~
323	*/
324	- public function access_check( $access_checks, $user_ip, ~~$settings~~ ) {


325	$access_checks['stop_forum_spam'] = array(
326	'blocked' => false,
327	);


1	<?php
2	/**
3	+ * Stop Forum Spam class
4	*
5	* @package ZeroSpam
6	*/
7
8	namespace ZeroSpam\Modules;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12
13	/**
14	+ * Stop Forum Spam


15	*/
16	class StopForumSpam {
17	/**
18	+ * Constructor



19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	+ add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	+
31	+ if (
32	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'stop_forum_spam' ) &&
33	+ \ZeroSpam\Core\Access::process()
34	+ ) {
35	+ add_filter( 'zerospam_access_checks', array( $this, 'access_check' ), 10, 2 );
36	+ add_filter( 'zerospam_preprocess_registration_submission', array( $this, 'preprocess_registrations' ), 10, 3 );
37	+ add_filter( 'zerospam_preprocess_comment_submission', array( $this, 'preprocess_comments' ), 10, 3 );
38	}
39	}
40
41	/**
42	+ * Admin setting sections
43	*
44	+ * @param array $sections Array of admin setting sections.

45	*/
46	public function sections( $sections ) {
47	$sections['stop_forum_spam'] = array(

52	}
53
54	/**
55	+ * Admin settings
56	*
57	+ * @param array $settings Array of available settings.
58	+ * @param array $options Array of saved database options.
59	*/
60	+ public function settings( $settings, $options ) {


61	$settings['stop_forum_spam'] = array(
62	+ 'title' => __( 'Status', 'zerospam' ),
63	'section' => 'stop_forum_spam',
64	'type' => 'checkbox',
65	'options' => array(

67	),
68	'desc' => sprintf(
69	wp_kses(
70	+ /* translators: %s: Replaced with the Stop Forum Spam URL */
71	+ __( 'Blocks visitor IPs that have been reported to <a href="%s" target="_blank" rel="noopener noreferrer">Stop Forum Spam</a>.', 'zerospam' ),
72	array(
73	'strong' => array(),
74	'a' => array(

85	);
86
87	$settings['stop_forum_spam_timeout'] = array(
88	+ 'title' => __( 'API Timeout', 'zerospam' ),
89	'section' => 'stop_forum_spam',
90	'type' => 'number',
91	'field_class' => 'small-text',
92	'suffix' => __( 'seconds', 'zerospam' ),
93	'placeholder' => __( '5', 'zerospam' ),
94	'min' => 0,
95	+ 'desc' => __( 'Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond; recommended 5 seconds.', 'zerospam' ),
96	'value' => ! empty( $options['stop_forum_spam_timeout'] ) ? $options['stop_forum_spam_timeout'] : 5,
97	'recommended' => 5,
98	);
99
100	$settings['stop_forum_spam_cache'] = array(
101	+ 'title' => __( 'Cache Expiration', 'zerospam' ),
102	'section' => 'stop_forum_spam',
103	'type' => 'number',
104	'field_class' => 'small-text',
105	'suffix' => __( 'day(s)', 'zerospam' ),
106	+ 'placeholder' => WEEK_IN_SECONDS,
107	'min' => 0,
108	+ 'desc' => __( 'Setting to high could result in outdated information, too low could cause a decrease in performance; recommended 14 days.', 'zerospam' ),
109	'value' => ! empty( $options['stop_forum_spam_cache'] ) ? $options['stop_forum_spam_cache'] : 14,
110	'recommended' => 14,
111	);
112
113	$settings['stop_forum_spam_confidence_min'] = array(
114	+ 'title' => __( 'Confidence Minimum', 'zerospam' ),
115	'section' => 'stop_forum_spam',
116	'type' => 'number',
117	'field_class' => 'small-text',

120	'min' => 0,
121	'max' => 100,
122	'step' => 0.1,
123	+ 'desc' => sprintf(
124	wp_kses(
125	+ /* translators: %s: Replaced with the Stop Forum Spam URL */
126	+ __( 'Minimum <a href="%s" target="_blank" rel="noopener noreferrer">confidence score</a> an IP must meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be; recommended 50%%', 'zerospam' ),
127	array(
128	'a' => array(
129	'target' => array(),

142	}
143
144	/**
145	+ * Processes comments
146	*
147	+ * @param array $errors Array of errors.
148	+ * @param array $post Post array.
149	+ * @param string $detection_message_key Detection message key.
150	*/
151	+ public function preprocess_comments( $errors, $post, $detection_message_key ) {
152	+ if ( empty( $post['comment_author_email'] ) ) {
153	+ return $errors;


154	}
155
156	$response = self::query(
157	array(
158	+ 'email' => $post['comment_author_email'],
159	)
160	);
161	if ( $response ) {
162	$response = json_decode( $response, true );
163	if ( ! empty( $response['success'] ) && $response['success'] ) {
164	+ $settings = \ZeroSpam\Core\Settings::get_settings();
165
166	// Check email.
167	if (

170	! empty( $settings['stop_forum_spam_confidence_min']['value'] ) &&
171	floatval( $response['email']['confidence'] ) >= floatval( $settings['stop_forum_spam_confidence_min']['value'] )
172	) {
173	+ $errors[] = 'stop_forum_spam_email';


























174	}
175	}
176	}
177
178	+ return $errors;
179	}
180
181	/**
182	+ * Processes registrations
183	*
184	+ * @param WP_Error $errors A WP_Error object containing any errors encountered during registration.
185	+ * @param string $sanitized_user_login User's username after it has been sanitized.
186	+ * @param string $user_email User's email.
187	*/
188	public function preprocess_registrations( $errors, $sanitized_user_login, $user_email ) {
189	+ $settings = \ZeroSpam\Core\Settings::get_settings();
190
191	if ( empty( $settings['stop_forum_spam']['value'] ) \|\| 'enabled' !== $settings['stop_forum_spam']['value'] ) {
192	return $errors;

201	if ( $response ) {
202	$response = json_decode( $response, true );
203	if ( ! empty( $response['success'] ) && $response['success'] ) {
204	+ $message = \ZeroSpam\Core\Utilities::detection_message( 'registration_spam_message' );
205
206	// Check username.
207	if (

218	'failed' => 'stop_forum_spam_username',
219	);
220	if ( ! empty( $settings['log_blocked_registrations']['value'] ) && 'enabled' === $settings['log_blocked_registrations']['value'] ) {
221	+ \ZeroSpam\Includes\DB::log( 'registration', $details );
222	}
223
224	// Share the detection if enabled.

236	floatval( $response['email']['confidence'] ) >= floatval( $settings['stop_forum_spam_confidence_min']['value'] )
237	) {
238	if ( count( $errors->errors ) == 0 ) {
239	+ $errors->add( 'zerospam_error_stopformspam_email', $message );
240	}
241
242	if ( ! empty( $settings['log_blocked_registrations']['value'] ) && 'enabled' === $settings['log_blocked_registrations']['value'] ) {

245	'user_email' => $user_email,
246	'failed' => 'stop_forum_spam_email',
247	);
248	+ \ZeroSpam\Includes\DB::log( 'registration', $details );
249	}
250	}
251	}

255	}
256
257	/**
258	+ * Query the Stop Forum Spam API
259	*
260	+ * @param array $params Array of query parameters.

261	*/
262	public function query( $params ) {
263	+ $settings = \ZeroSpam\Core\Settings::get_settings();
264
265	$cache_array = array( 'stop_forum_spam' );
266	$cache_array = array_merge( $cache_array, $params );
267	+ $cache_key = \ZeroSpam\Core\Utilities::cache_key( $cache_array );
268
269	$response = wp_cache_get( $cache_key );
270	if ( false === $response ) {

278	$timeout = intval( $settings['stop_forum_spam_timeout']['value'] );
279	}
280
281	+ $response = \ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $timeout ) );
282	if ( $response ) {
283	$expiration = 14 * DAY_IN_SECONDS;
284	if ( ! empty( $settings['stop_forum_spam_cache']['value'] ) ) {

292	}
293
294	/**
295	+ * Stop Forum Spam access_check
296	*
297	+ * @param array $access_checks Access checks.
298	+ * @param string $user_ip User IP.
299	*/
300	+ public function access_check( $access_checks, $user_ip ) {
301	+ $settings = \ZeroSpam\Core\Settings::get_settings();
302	+
303	$access_checks['stop_forum_spam'] = array(
304	'blocked' => false,
305	);

modules/class-zerospam.php CHANGED Viewed

	@@ -26,15 +26,24 @@ class Zero_Spam {
26	* Constructor
27	*/
28	public function __construct() {







29	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
30	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
31
32	// Fires when a user submission has been detected as spam.
33	add_action( 'zerospam_share_detection', array( $this, 'share_detection' ), 10, 1 );
34	}
35
36	/**
37	- * ~~Sections~~


38	*/
39	public function sections( $sections ) {
40	$sections['zerospam'] = array(
	@@ -45,13 +54,14 @@ class Zero_Spam {
45	}
46
47	/**
48	- * ~~Settings~~



49	*/
50	- public function settings( $settings ) {
51	- $options = get_option( 'wpzerospam' );
52	-
53	$settings['zerospam'] = array(
54	- 'title' => __( '~~Zero Spam~~', 'zerospam' ),
55	'section' => 'zerospam',
56	'type' => 'checkbox',
57	'options' => array(
	@@ -59,7 +69,8 @@ class Zero_Spam {
59	),
60	'desc' => sprintf(
61	wp_kses(
62	- ~~__(~~ ~~'Checks~~ ~~user IPs & submissions against <a href="~~%s" ~~target="_blank"~~ ~~rel="noopener~~ ~~noreferrer">~~Zero Spam~~</a>\'s~~ ~~blacklist.',~~ ~~'zerospam' ),~~

63	array(
64	'strong' => array(),
65	'a' => array(
	@@ -76,9 +87,10 @@ class Zero_Spam {
76	);
77
78	$settings['zerospam_license'] = array(
79	- 'title' => __( '~~Zero Spam~~ License Key', 'zerospam' ),
80	'desc' => sprintf(
81	wp_kses(

82	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Zero Spam license key</a> to enable enhanced premium protection. Don\'t have an license key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one now!</strong></a>', 'zerospam' ),
83	array(
84	'strong' => array(),
	@@ -100,33 +112,33 @@ class Zero_Spam {
100	);
101
102	$settings['zerospam_timeout'] = array(
103	- 'title' => __( '~~Zero Spam~~ API Timeout', 'zerospam' ),
104	'section' => 'zerospam',
105	'type' => 'number',
106	'field_class' => 'small-text',
107	'suffix' => __( 'seconds', 'zerospam' ),
108	'placeholder' => __( '5', 'zerospam' ),
109	'min' => 0,
110	- 'desc' => __( '~~Recommended setting is 5 seconds.~~ Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond.', 'zerospam' ),
111	'value' => ! empty( $options['zerospam_timeout'] ) ? $options['zerospam_timeout'] : 5,
112	'recommended' => 5,
113	);
114
115	$settings['zerospam_cache'] = array(
116	- 'title' => __( '~~Zero Spam~~ Cache Expiration', 'zerospam' ),
117	'section' => 'zerospam',
118	'type' => 'number',
119	'field_class' => 'small-text',
120	'suffix' => __( 'day(s)', 'zerospam' ),
121	- 'placeholder' => ~~__(~~ WEEK_IN_SECONDS, ~~'zerospam' ),~~
122	'min' => 0,
123	- 'desc' => __( '~~Recommended setting is 14 days.~~ Setting to high could result in outdated information, too low could cause a decrease in performance.', 'zerospam' ),
124	'value' => ! empty( $options['zerospam_cache'] ) ? $options['zerospam_cache'] : 14,
125	'recommended' => 14,
126	);
127
128	$settings['zerospam_confidence_min'] = array(
129	- 'title' => __( '~~Zero Spam~~ Confidence Minimum', 'zerospam' ),
130	'section' => 'zerospam',
131	'type' => 'number',
132	'field_class' => 'small-text',
	@@ -135,9 +147,10 @@ class Zero_Spam {
135	'min' => 0,
136	'max' => 100,
137	'step' => 0.1,
138	- 'desc' => sprintf(
139	wp_kses(
140	- ~~__(~~ ~~'Recommended~~ ~~setting is 20%%. Minimum <a href="~~%s" ~~target="_blank"~~ ~~rel="noopener~~ ~~noreferrer">confidence~~ ~~score</a>~~ an IP ~~must~~ ~~meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be.', 'zerospam' ),~~

141	array(
142	'a' => array(
143	'target' => array(),


26	* Constructor
27	*/
28	public function __construct() {
29	+ add_action( 'init', array( $this, 'init' ) );
30	+ }
31	+
32	+ /**
33	+ * Fires after WordPress has finished loading but before any headers are sent.
34	+ */
35	+ public function init() {
36	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
37	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
38
39	// Fires when a user submission has been detected as spam.
40	add_action( 'zerospam_share_detection', array( $this, 'share_detection' ), 10, 1 );
41	}
42
43	/**
44	+ * Admin setting sections
45	+ *
46	+ * @param array $sections Array of admin setting sections.
47	*/
48	public function sections( $sections ) {
49	$sections['zerospam'] = array(

54	}
55
56	/**
57	+ * Admin settings
58	+ *
59	+ * @param array $settings Array of available settings.
60	+ * @param array $options Array of saved database options.
61	*/
62	+ public function settings( $settings, $options ) {


63	$settings['zerospam'] = array(
64	+ 'title' => __( 'Status', 'zerospam' ),
65	'section' => 'zerospam',
66	'type' => 'checkbox',
67	'options' => array(

69	),
70	'desc' => sprintf(
71	wp_kses(
72	+ /* translators: %s: Replaced with the Zero Spam URL */
73	+ __( 'Blocks visitor IPs, email addresses & usernames that have been reported to <a href="%s" target="_blank" rel="noopener noreferrer">Zero Spam</a>.', 'zerospam' ),
74	array(
75	'strong' => array(),
76	'a' => array(

87	);
88
89	$settings['zerospam_license'] = array(
90	+ 'title' => __( 'License Key', 'zerospam' ),
91	'desc' => sprintf(
92	wp_kses(
93	+ /* translators: %1$s: Replaced with the Zero Spam URL, %2$s: Replaced with the Zero Spam subscription URL */
94	__( 'Enter your <a href="%1$s" target="_blank" rel="noopener noreferrer">Zero Spam license key</a> to enable enhanced premium protection. Don\'t have an license key? <a href="%2$s" target="_blank" rel="noopener noreferrer"><strong>Get one now!</strong></a>', 'zerospam' ),
95	array(
96	'strong' => array(),

112	);
113
114	$settings['zerospam_timeout'] = array(
115	+ 'title' => __( 'API Timeout', 'zerospam' ),
116	'section' => 'zerospam',
117	'type' => 'number',
118	'field_class' => 'small-text',
119	'suffix' => __( 'seconds', 'zerospam' ),
120	'placeholder' => __( '5', 'zerospam' ),
121	'min' => 0,
122	+ 'desc' => __( 'Setting to high could result in degraded site performance, too low won\'t allow to API enough time to respond; recommended 5 seconds.', 'zerospam' ),
123	'value' => ! empty( $options['zerospam_timeout'] ) ? $options['zerospam_timeout'] : 5,
124	'recommended' => 5,
125	);
126
127	$settings['zerospam_cache'] = array(
128	+ 'title' => __( 'Cache Expiration', 'zerospam' ),
129	'section' => 'zerospam',
130	'type' => 'number',
131	'field_class' => 'small-text',
132	'suffix' => __( 'day(s)', 'zerospam' ),
133	+ 'placeholder' => WEEK_IN_SECONDS,
134	'min' => 0,
135	+ 'desc' => __( 'Setting to high could result in outdated information, too low could cause a decrease in performance; recommended 14 days.', 'zerospam' ),
136	'value' => ! empty( $options['zerospam_cache'] ) ? $options['zerospam_cache'] : 14,
137	'recommended' => 14,
138	);
139
140	$settings['zerospam_confidence_min'] = array(
141	+ 'title' => __( 'Confidence Minimum', 'zerospam' ),
142	'section' => 'zerospam',
143	'type' => 'number',
144	'field_class' => 'small-text',

147	'min' => 0,
148	'max' => 100,
149	'step' => 0.1,
150	+ 'desc' => sprintf(
151	wp_kses(
152	+ /* translators: %s: Replaced with the Zero Spam API URL */
153	+ __( 'Minimum <a href="%s" target="_blank" rel="noopener noreferrer">confidence score</a> an IP must meet before being blocked. Setting this too low could cause users to be blocked that shouldn\'t be; recommended 20%%.', 'zerospam' ),
154	array(
155	'a' => array(
156	'target' => array(),

modules/comments/class-comments.php CHANGED Viewed

	@@ -7,7 +7,6 @@
7
8	namespace ZeroSpam\Modules\Comments;
9
10	- use ZeroSpam;
11	use WP_Error;
12
13	// Security Note: Blocks direct access to the plugin PHP files.
	@@ -18,22 +17,32 @@ defined( 'ABSPATH' ) \|\| die();
18	*/
19	class Comments {
20	/**
21	- * ~~Comments constructor~~
22	*/
23	public function __construct() {







24	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
25	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
26	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
27
28	- if ( ~~'enabled' === ZeroSpam\Core\Settings::get_settings( 'verify_comments' ) && ZeroSpam\Core\Access::process() ) {~~
29	- ~~add_action(~~ '~~comment_form_before~~', ~~array~~( ~~$this,~~ '~~comment_form_before~~' ) );



30	add_filter( 'comment_form_defaults', array( $this, 'honeypot' ) );
31	add_action( 'preprocess_comment', array( $this, 'preprocess_comments' ) );
32	}
33	}
34
35	/**
36	- * Add to the types array
37	*
38	* @param array $types Array of available detection types.
39	*/
	@@ -44,10 +53,10 @@ class Comments {
44	}
45
46	/**
47	- * ~~Fires~~ ~~before~~ the ~~comment form.~~
48	*/
49	- public function ~~comment_form_before~~() {
50	- do_action( '~~zerospam_comment_form_before~~' );
51	}
52
53	/**
	@@ -56,30 +65,47 @@ class Comments {
56	* @param array $commentdata Comment data array.
57	*/
58	public function preprocess_comments( $commentdata ) {
59	- ~~$block_user~~ ~~= false;~~
60	- $~~block_type~~ = ~~false~~;



61
62	- // ~~Check~~ ~~honeypot~~.









63	// @codingStandardsIgnoreLine
64	- if ( ! empty( $~~_REQUEST~~[ ~~ZeroSpam\Core\Utilities::get_honeypot()~~ ] ) ) {
65	- ~~$block_user~~ = ~~true;~~
66	- $~~block_type~~ = 'honeypot';


67	}
68
69	// Check blocked email domains.
70	- if ( ~~! empty( $commentdata['comment_author_email'] ) ) {~~
71	- ~~$blocked_email_domains~~ ~~= \ZeroSpam\Core\Settings::get_settings~~( '~~blocked_email_domains~~' );
72	- if ( $~~blocked_email_domains~~ ) {
73	- ~~$blocked_email_domains_array~~ ~~= explode( "\n", $blocked_email_domains );~~
74	- ~~$blocked_email_domains_array~~ = ~~array_map(~~ ~~'trim',~~ ~~$blocked_email_domains_array~~ );
75	- $~~tmp_domain~~ = ~~explode(~~ '@'~~, $commentdata['comment_author_email'] )~~;
76	- ~~$domain = array_pop( $tmp_domain );~~
77	-
78	- if ( ~~in_array(~~ ~~$domain,~~ ~~$blocked_email_domains_array,~~ ~~true~~ ) ) {
79	- // ~~Email~~ ~~domain has been blocked.~~
80	- ~~$block_user = true;~~
81	- $~~block_type~~ = '~~blocked_email_domain~~';
82	- }



83	}
84	}
85
	@@ -101,37 +127,28 @@ class Comments {
101	$disallowed_check['ip'],
102	$disallowed_check['agent'],
103	) ) {
104	- $~~block_user~~ = ~~true~~;
105	- $block_type = 'disallowed_list';
106	}
107
108	- // If ~~blocked,~~ ~~log~~ ~~and~~ ~~send~~ ~~the~~ ~~details.~~
109	- if ( ~~$block_user~~ && ~~$block_type~~ ) {
110	- $~~details~~ = ~~array(~~
111	- 'failed' => $~~block_type,~~
112	- );
113	- $details = array_merge( $details, $commentdata );
114
115	- // Log if enabled.
116	- if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
117	- ZeroSpam\Includes\DB::log( 'comment', $details );
118	- }
119
120	- // Share the detection if enabled.
121	- if (
122	- ~~'enabled' === ZeroSpam\Core\Settings::get_settings~~( '~~share_data~~' ) &&
123	- ~~'blocked_email_domain' !== $block_type &&~~
124	- 'disallowed_list' !== $block_type
125	- ) {
126	- $details['type'] = 'comment';
127	- do_action( 'zerospam_share_detection', $details );
128	}
129
130	- $message = ZeroSpam\Core\Utilities::detection_message( 'comment_spam_message' );
131	-
132	wp_die(
133	wp_kses(
134	- $~~message~~,
135	array(
136	'a' => array(
137	'target' => array(),
	@@ -141,14 +158,14 @@ class Comments {
141	'strong' => array(),
142	)
143	),
144	- esc_html( ZeroSpam\Core\Utilities::detection_title( 'comment_spam_message' ) ),
145	array(
146	'response' => 403,
147	)
148	);
149	}
150
151	- return ~~apply_filters( 'zerospam_preprocess_comment',~~ $commentdata );
152	}
153
154	/**
	@@ -157,15 +174,15 @@ class Comments {
157	* @param array $defaults The default comment form arguments.
158	*/
159	public function honeypot( $defaults ) {
160	- $defaults['fields']['wpzerospam_hp'] = ZeroSpam\Core\Utilities::honeypot_field();
161
162	return $defaults;
163	}
164
165	/**
166	- * ~~Comment~~ sections
167	*
168	- * @param array $sections Array of ~~available~~ setting sections.
169	*/
170	public function sections( $sections ) {
171	$sections['comments'] = array(
	@@ -176,13 +193,12 @@ class Comments {
176	}
177
178	/**
179	- * ~~Comment~~ settings
180	*
181	* @param array $settings Array of available settings.

182	*/
183	- public function settings( $settings ) {
184	- $options = get_option( 'wpzerospam' );
185	-
186	$settings['verify_comments'] = array(
187	'title' => __( 'Protect Comments', 'zerospam' ),
188	'section' => 'comments',
	@@ -194,7 +210,7 @@ class Comments {
194	'recommended' => 'enabled',
195	);
196
197	- $message = __( '~~You~~ ~~have~~ been flagged as spam/malicious ~~by WordPress Zero Spam~~.', 'zerospam' );
198
199	$settings['comment_spam_message'] = array(
200	'title' => __( 'Spam/Malicious Message', 'zerospam' ),


7
8	namespace ZeroSpam\Modules\Comments;
9

10	use WP_Error;
11
12	// Security Note: Blocks direct access to the plugin PHP files.

17	*/
18	class Comments {
19	/**
20	+ * Constructor
21	*/
22	public function __construct() {
23	+ add_action( 'init', array( $this, 'init' ) );
24	+ }
25	+
26	+ /**
27	+ * Fires after WordPress has finished loading but before any headers are sent.
28	+ */
29	+ public function init() {
30	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
31	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
32	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
33
34	+ if (
35	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_comments' ) &&
36	+ \ZeroSpam\Core\Access::process()
37	+ ) {
38	+ add_action( 'comment_form_before', array( $this, 'scripts' ) );
39	add_filter( 'comment_form_defaults', array( $this, 'honeypot' ) );
40	add_action( 'preprocess_comment', array( $this, 'preprocess_comments' ) );
41	}
42	}
43
44	/**
45	+ * Add to the detection types array
46	*
47	* @param array $types Array of available detection types.
48	*/

53	}
54
55	/**
56	+ * Load the scripts
57	*/
58	+ public function scripts() {
59	+ do_action( 'zerospam_comment_scripts' );
60	}
61
62	/**

65	* @param array $commentdata Comment data array.
66	*/
67	public function preprocess_comments( $commentdata ) {
68	+ // @codingStandardsIgnoreLine
69	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
70	+
71	+ // Get the error message.
72	+ $error_message = \ZeroSpam\Core\Utilities::detection_message( 'comment_spam_message' );
73
74	+ // Create the details array for logging & sharing data.
75	+ $details = $commentdata;
76	+
77	+ $details['type'] = 'comment';
78	+
79	+ // Begin validation checks.
80	+ $validation_errors = array();
81	+
82	+ // Check Zero Spam's honeypot field.
83	+ $honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
84	// @codingStandardsIgnoreLine
85	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
86	+ // Failed the honeypot check.
87	+ $details['failed'] = 'honeypot';
88	+
89	+ $validation_errors[] = 'honeypot';
90	}
91
92	// Check blocked email domains.
93	+ if (
94	+ ! empty( $commentdata['comment_author_email'] ) &&
95	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $commentdata['comment_author_email'] )
96	+ ) {
97	+ // Email domain has been blocked.
98	+ $validation_errors[] = 'blocked_email_domain';
99	+ }
100	+
101	+ // Fire hook for additional validation (ex. David Walsh script).
102	+ $post['comment_author_email'] = $commentdata['comment_author_email'];
103	+
104	+ $filtered_errors = apply_filters( 'zerospam_preprocess_comment_submission', array(), $post, 'comment_spam_message' );
105	+
106	+ if ( ! empty( $filtered_errors ) ) {
107	+ foreach ( $filtered_errors as $key => $message ) {
108	+ $validation_errors[] = str_replace( 'zerospam_', '', $key );
109	}
110	}
111

127	$disallowed_check['ip'],
128	$disallowed_check['agent'],
129	) ) {
130	+ $validation_errors[] = 'disallowed_list';

131	}
132
133	+ if ( ! empty( $validation_errors ) ) {
134	+ // Failed validations, log & send details if enabled.
135	+ foreach ( $validation_errors as $key => $fail ) {
136	+ $details['failed'] = $fail;


137
138	+ // Log the detection if enabled.
139	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
140	+ \ZeroSpam\Includes\DB::log( 'comment', $details );
141	+ }
142
143	+ // Share the detection if enabled.
144	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
145	+ do_action( 'zerospam_share_detection', $details );
146	+ }




147	}
148


149	wp_die(
150	wp_kses(
151	+ $error_message,
152	array(
153	'a' => array(
154	'target' => array(),

158	'strong' => array(),
159	)
160	),
161	+ esc_html( \ZeroSpam\Core\Utilities::detection_title( 'comment_spam_message' ) ),
162	array(
163	'response' => 403,
164	)
165	);
166	}
167
168	+ return $commentdata;
169	}
170
171	/**

174	* @param array $defaults The default comment form arguments.
175	*/
176	public function honeypot( $defaults ) {
177	+ $defaults['fields']['wpzerospam_hp'] = \ZeroSpam\Core\Utilities::honeypot_field();
178
179	return $defaults;
180	}
181
182	/**
183	+ * Admin setting sections
184	*
185	+ * @param array $sections Array of admin setting sections.
186	*/
187	public function sections( $sections ) {
188	$sections['comments'] = array(

193	}
194
195	/**
196	+ * Admin settings
197	*
198	* @param array $settings Array of available settings.
199	+ * @param array $options Array of saved database options.
200	*/
201	+ public function settings( $settings, $options ) {


202	$settings['verify_comments'] = array(
203	'title' => __( 'Protect Comments', 'zerospam' ),
204	'section' => 'comments',

210	'recommended' => 'enabled',
211	);
212
213	+ $message = __( 'Your IP has been flagged as spam/malicious.', 'zerospam' );
214
215	$settings['comment_spam_message'] = array(
216	'title' => __( 'Spam/Malicious Message', 'zerospam' ),

modules/contactform7/class-contactform7.php CHANGED Viewed

	@@ -7,8 +7,6 @@
7
8	namespace ZeroSpam\Modules\ContactForm7;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
	@@ -17,25 +15,40 @@ defined( 'ABSPATH' ) \|\| die();
17	*/
18	class ContactForm7 {
19	/**
20	- * ~~Contact Form 7 constructor~~
21	*/
22	public function __construct() {







23	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
24	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
25	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
26
27	- if ( ~~'enabled' === ZeroSpam\Core\Settings::get_settings( 'verify_contactform7' ) && ZeroSpam\Core\Access::process() ) {~~
28	- ~~add_action(~~ '~~wpcf7_enqueue_scripts~~', ~~array~~( ~~$this,~~ '~~wpcf7_enqueue_scripts~~' ) );
29	- ~~add_filter~~( ~~'wpcf7_form_elements', array( $this, 'honeypot'~~ )~~, 10, 1 );~~
30	- ~~add_filter( 'wpcf7_validate', array( $this, 'preprocess_submission'~~ ), ~~10, 2 );~~








31	}
32	}
33
34	/**
35	- * ~~Fires~~ ~~when a Contact Form 7 form is loaded on~~ the ~~page.~~
36	*/
37	- public function ~~wpcf7_enqueue_scripts~~() {
38	- do_action( '~~zerospam_wpcf7_enqueue_scripts~~' );
39	}
40
41	/**
	@@ -43,8 +56,8 @@ class ContactForm7 {
43	*
44	* @param string $this_replace_all_form_tags Form tags.
45	*/
46	- public function ~~honeypot~~( $this_replace_all_form_tags ) {
47	- $this_replace_all_form_tags .= ZeroSpam\Core\Utilities::honeypot_field();
48
49	return $this_replace_all_form_tags;
50	}
	@@ -55,36 +68,63 @@ class ContactForm7 {
55	* @param WPCF7_Validation $result Validation.
56	* @param WPCF7_FormTag $tag Form tag.
57	*/
58	- public function ~~preprocess_submission~~( $result, $tag ) {
59	- ~~$settings~~ ~~= ZeroSpam\Core\Settings::get_settings();~~















60
61	- // Check honeypot.
62	// @codingStandardsIgnoreLine
63	- if ( ! empty( $~~_REQUEST~~[ ~~ZeroSpam\Core\Utilities::get_honeypot()~~ ] ) ) {
64	- ~~$message~~ = ~~ZeroSpam\Core\Utilities::detection_message(~~ ~~'contactform7_spam_message'~~ );
65	- $~~result->invalidate( $tag~~[0], ~~$message~~ );

66
67	- ~~$details =~~ ~~$_REQUEST;~~
68	- $~~details[~~'~~failed~~'] = '~~honeypot~~';
69
70	- // ~~Log~~ if ~~enabled.~~
71	- if ( ~~'enabled'~~ ~~===~~ ~~ZeroSpam\Core\Settings::get_settings(~~ ~~'log_blocked_contactform7'~~ ) ) {
72	- // ~~@codingStandardsIgnoreLine~~
73	- ZeroSpam\Includes\DB::log( 'contactform7', $details );
74	}

75
76	- // ~~Share~~ ~~the~~ ~~detection~~ if ~~enabled.~~
77	- if ( ~~'enabled'~~ ~~===~~ ~~ZeroSpam\Core\Settings::get_settings(~~ ~~'share_data'~~ ) ) {
78	- $~~details['type']~~ = ~~'contactform7';~~
79	- ~~do_action(~~ '~~zerospam_share_detection~~', $~~details )~~;










80	}


81	}
82
83	- return ~~apply_filters( 'zerospam_preprocess_cf7_submission',~~ $result~~, $tag )~~;
84	}
85
86	/**
87	- * Add to the types array
88	*
89	* @param array $types Array of available detection types.
90	*/
	@@ -95,9 +135,9 @@ class ContactForm7 {
95	}
96
97	/**
98	- * ~~CF7~~ sections
99	*
100	- * @param array $sections Array of ~~available~~ setting sections.
101	*/
102	public function sections( $sections ) {
103	$sections['contactform7'] = array(
	@@ -108,13 +148,12 @@ class ContactForm7 {
108	}
109
110	/**
111	- * ~~CF7~~ settings
112	*
113	* @param array $settings Array of available settings.

114	*/
115	- public function settings( $settings ) {
116	- $options = get_option( 'wpzerospam' );
117	-
118	$settings['verify_contactform7'] = array(
119	'title' => __( 'Protect CF7 Submissions', 'zerospam' ),
120	'section' => 'contactform7',
	@@ -126,7 +165,7 @@ class ContactForm7 {
126	'recommended' => 'enabled',
127	);
128
129	- $message = __( '~~You~~ ~~have~~ been flagged as spam/malicious ~~by WordPress Zero Spam~~.', 'zerospam' );
130
131	$settings['contactform7_spam_message'] = array(
132	'title' => __( 'Spam/Malicious Message', 'zerospam' ),


7
8	namespace ZeroSpam\Modules\ContactForm7;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12

15	*/
16	class ContactForm7 {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_contactform7' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	+ // Load scripts.
37	+ add_action( 'wpcf7_enqueue_scripts', array( $this, 'scripts' ), 10 );
38	+
39	+ // Adds Zero Spam's honeypot field.
40	+ add_filter( 'wpcf7_form_elements', array( $this, 'add_honeypot' ), 10, 1 );
41	+
42	+ // Processes the form.
43	+ add_filter( 'wpcf7_validate', array( $this, 'process_form' ), 10, 2 );
44	}
45	}
46
47	/**
48	+ * Load the scripts
49	*/
50	+ public function scripts() {
51	+ do_action( 'zerospam_wpcf7_scripts' );
52	}
53
54	/**

56	*
57	* @param string $this_replace_all_form_tags Form tags.
58	*/
59	+ public function add_honeypot( $this_replace_all_form_tags ) {
60	+ $this_replace_all_form_tags .= \ZeroSpam\Core\Utilities::honeypot_field();
61
62	return $this_replace_all_form_tags;
63	}

68	* @param WPCF7_Validation $result Validation.
69	* @param WPCF7_FormTag $tag Form tag.
70	*/
71	+ public function process_form( $result, $tag ) {
72	+ // @codingStandardsIgnoreLine
73	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
74	+
75	+ // Check Zero Spam's honeypot field.
76	+ $honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
77	+
78	+ // Get the error message.
79	+ $error_message = \ZeroSpam\Core\Utilities::detection_message( 'contactform7_spam_message' );
80	+
81	+ // Create the details array for logging & sharing data.
82	+ $details = $post;
83	+
84	+ $details['type'] = 'contactform7';
85	+
86	+ // Begin validation checks.
87	+ $validation_errors = array();
88

89	// @codingStandardsIgnoreLine
90	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
91	+ // Failed the honeypot check.
92	+ $validation_errors[] = 'honeypot';
93	+ }
94
95	+ // Fire hook for additional validation (ex. David Walsh script).
96	+ $errors = apply_filters( 'zerospam_preprocess_cf7_submission', array(), $post, 'contactform7_spam_message' );
97
98	+ if ( ! empty( $errors ) ) {
99	+ foreach ( $errors as $key => $message ) {
100	+ $validation_errors[] = str_replace( 'zerospam_', '', $key );

101	}
102	+ }
103
104	+ if ( ! empty( $validation_errors ) ) {
105	+ // Failed validations, log & send details if enabled.
106	+ foreach ( $validation_errors as $key => $fail ) {
107	+ $details['failed'] = $fail;
108	+
109	+ // Log the detection if enabled.
110	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_contactform7' ) ) {
111	+ \ZeroSpam\Includes\DB::log( 'contactform7', $details );
112	+ }
113	+
114	+ // Share the detection if enabled.
115	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
116	+ do_action( 'zerospam_share_detection', $details );
117	+ }
118	}
119	+
120	+ $result->invalidate( $tag[0], $error_message );
121	}
122
123	+ return $result;
124	}
125
126	/**
127	+ * Add to the detection types array
128	*
129	* @param array $types Array of available detection types.
130	*/

135	}
136
137	/**
138	+ * Admin setting sections
139	*
140	+ * @param array $sections Array of admin setting sections.
141	*/
142	public function sections( $sections ) {
143	$sections['contactform7'] = array(

148	}
149
150	/**
151	+ * Admin settings
152	*
153	* @param array $settings Array of available settings.
154	+ * @param array $options Array of saved database options.
155	*/
156	+ public function settings( $settings, $options ) {


157	$settings['verify_contactform7'] = array(
158	'title' => __( 'Protect CF7 Submissions', 'zerospam' ),
159	'section' => 'contactform7',

165	'recommended' => 'enabled',
166	);
167
168	+ $message = __( 'Your IP has been flagged as spam/malicious.', 'zerospam' );
169
170	$settings['contactform7_spam_message'] = array(
171	'title' => __( 'Spam/Malicious Message', 'zerospam' ),

modules/davidwalsh/class-davidwalsh.php CHANGED Viewed

@@ -13,23 +13,33 @@ namespace ZeroSpam\Modules\DavidWalsh;
             defined( 'ABSPATH' ) || die();
             /**
-            -
             * Zero Spam
              */
             class DavidWalsh {
             	/**
             	 * Constructor
             	 */
             	public function __construct() {
             		add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
-            -
            		add_filter( 'zerospam_settings', array( $this, 'settings' ) );
-            -
            		if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'davidwalsh' ) && \ZeroSpam\Core\Access::process() ) {
             			add_action( 'wp_enqueue_scripts', array( $this, 'scripts' ), 0 );
             			add_action( 'login_enqueue_scripts', array( $this, 'scripts' ) );
-            -
            			add_action( 'zerospam_comment_form_before', array( $this, 'enqueue_script' ) );
             			// See https://contactform7.com/loading-javascript-and-stylesheet-only-when-it-is-necessary/.
-            -
            			add_action( 'zerospam_wpcf7_enqueue_scripts', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_register_form', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_wpforms_scripts', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_fluentforms_scripts', array( $this, 'enqueue_script' ) );
@@ -46,70 +56,35 @@ class DavidWalsh {
             			);
-            -
            			add_filter( 'zerospam_preprocess_comment', array( $this, 'preprocess_comments' ), 10, 1 );
-            -
            			add_filter( 'zerospam_registration_errors', array( $this, 'preprocess_registration' ), 10, 3 );
-            -
            			add_filter( 'zerospam_preprocess_cf7_submission', array( $this, 'preprocess_cf7_submission' ), 10, 2 );
-            -
            			add_filter( 'zerospam_preprocess_wpforms_submission', array( $this, 'preprocess_wpforms_submission' ), 10, 3 );
-            -
            			add_filter( 'zerospam_preprocess_fluentform_submission', array( $this, 'preprocess_fluentform_submission' ), 10, 4 );
-            -
            			add_filter( 'zerospam_preprocess_login_attempt', array( $this, 'preprocess_login_attempt' ), 10, 4 );
-            -
            			add_filter( 'zerospam_preprocess_memberpress_registration', array( $this, 'preprocess_memberpress_registration' ), 10, 2 );
-            -
            			add_filter( 'zerospam_preprocess_mailchimp4wp', array( $this, 'preprocess_mailchimp4wp_registration' ), 10, 2 );
+            		}
+            	}
             	/**
-            -
            	 * Enqueues the script.
             	 */
             	public function enqueue_script() {
             		wp_enqueue_script( 'zerospam-davidwalsh' );
+            	}
             	/**
-            -
            	 * Preprocesses a Mailchimp form submission.
-            -
            	 *
-            -
            	 * @param array $errors Array of submission errors.
-            -
            	 * @param array $post   Form post array.
-            -
            	 */
-            -
            	public function preprocess_mailchimp4wp_registration( $errors, $post ) {
-            -
            		if ( empty( $post['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $post['zerospam_david_walsh_key'] ) {
-            -
            			// Failed the David Walsh check.
-            -
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( 'mailchimp4wp_spam_message' );
-            -
-            -
            			$errors['zerospam_david_walsh'] = $error_message;
-            -
            		}
-            -
-            -
            		return $errors;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocesses a MemberPress registration submission.
-            -
            	 *
-            -
            	 * @param array $errors Array of submission errors.
-            -
            	 * @param array $post   Form post array.
-            -
            	 */
-            -
            	public function preprocess_memberpress_registration( $errors, $post ) {
-            -
            		if ( empty( $post['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $post['zerospam_david_walsh_key'] ) {
-            -
            			// Failed the David Walsh check.
-            -
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( 'memberpress_regsitration_spam_message' );
-            -
-            -
            			$errors['zerospam_david_walsh'] = $error_message;
-            -
            		}
-            -
-            -
            		return $errors;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocesses a login attempt.
+            	 *
-            -
            	 * @param array            $errors   Array of submission errors.
-            -
            	 * @param WP_User|WP_Error $user     WP_User or WP_Error object if a previous callback failed authentication.
-            -
            	 * @param string           $password Password to check against the user.
-            -
            	 * @param array            $post     Form post array.
             	 */
-            -
            	public function preprocess_login_attempt( $errors, $user, $password, $post ) {
             		if ( empty( $post['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $post['zerospam_david_walsh_key'] ) {
             			// Failed the David Walsh check.
-            -
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( 'login_spam_message' );
             			$errors['zerospam_david_walsh'] = $error_message;
+            		}
@@ -118,158 +93,9 @@ class DavidWalsh {
+            	}
             	/**
-            -
            	 * Preprocesses a Fluent Form submission.
+            	 *
-            -
            	 * @param array  $errors Array of submission errors.
-            -
            	 * @param array  $insert_data submission_data Array.
-            -
            	 * @param array  $data        $_POST[‘data’] from submission.
-            -
            	 * @param object $form        The $form Object.
-            -
            	 */
-            -
            	public function preprocess_fluentform_submission( $errors, $insert_data, $data, $form ) {
-            -
            		if ( empty( $data['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $data['zerospam_david_walsh_key'] ) {
-            -
            			// Failed the David Walsh check.
-            -
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( 'fluentforms_spam_message' );
-            -
-            -
            			$errors['zerospam_david_walsh'] = $error_message;
-            -
            		}
-            -
-            -
            		return $errors;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocess a WPForms submission.
-            -
            	 *
-            -
            	 * @param array $errors    Array of submission errors.
-            -
            	 * @param array $form_data Submitted form values.
-            -
            	 * @param array $post      Form post array.
-            -
            	 */
-            -
            	public function preprocess_wpforms_submission( $errors, $form_data, $post ) {
-            -
            		if ( empty( $post['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $post['zerospam_david_walsh_key'] ) {
-            -
            			// Failed the David Walsh check.
-            -
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( 'wpforms_spam_message' );
-            -
-            -
            			$errors['zerospam_david_walsh'] = $error_message;
-            -
            		}
-            -
-            -
            		return $errors;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocess CF7 submission.
-            -
            	 */
-            -
            	public function preprocess_cf7_submission( $result, $tag ) {
-            -
            		if ( empty( $_REQUEST['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $_REQUEST['zerospam_david_walsh_key'] ) {
-            -
            			$message = \ZeroSpam\Core\Utilities::detection_message( 'contactform7_spam_message' );
-            -
            			$result->invalidate( $tag[0], $message );
-            -
-            -
            			$details = array(
-            -
            				'result'    => $result,
-            -
            				'tag'       => $tag,
-            -
            				'failed'    => 'david_walsh',
-            -
            			);
-            -
-            -
            			// Log if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_contactform7' ) ) {
-            -
            				\ZeroSpam\Includes\DB::log( 'contactform7', $details );
-            -
            			}
-            -
-            -
            			// Share the detection if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
-            -
            				$details['type'] = 'contactform7';
-            -
            				do_action( 'zerospam_share_detection', $details );
-            -
            			}
-            -
            		}
-            -
-            -
            		return $result;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocess registrations
-            -
            	 *
-            -
            	 * @param WP_Error $errors A WP_Error object containing any errors encountered during registration.
-            -
            	 * @param string   $sanitized_user_login User's username after it has been sanitized.
-            -
            	 * @param string   $user_email User's email.
-            -
            	 */
-            -
            	public function preprocess_registration( $errors, $sanitized_user_login, $user_email ) {
-            -
            		if ( empty( $_REQUEST['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $_REQUEST['zerospam_david_walsh_key'] ) {
-            -
-            -
            			$details = array(
-            -
            				'user_login' => $sanitized_user_login,
-            -
            				'user_email' => $user_email,
-            -
            				'failed'     => 'david_walsh',
-            -
            			);
-            -
-            -
            			// Log if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_registrations' ) ) {
-            -
            				\ZeroSpam\Includes\DB::log( 'registration', $details );
-            -
            			}
-            -
-            -
            			// Share the detection if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
-            -
            				$details['type'] = 'registration';
-            -
            				do_action( 'zerospam_share_detection', $details );
-            -
            			}
-            -
-            -
            			$message = \ZeroSpam\Core\Utilities::detection_message( 'registration_spam_message' );
-            -
-            -
            			$errors->add( 'zerospam_error', $message );
-            -
            		}
-            -
-            -
            		return $errors;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * Preprocess comments
-            -
            	 *
-            -
            	 * @param array $commentdata Comment data array.
-            -
            	 */
-            -
            	public function preprocess_comments( $commentdata ) {
-            -
            		if ( empty( $_REQUEST['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $_REQUEST['zerospam_david_walsh_key'] ) {
-            -
-            -
            			$details = array(
-            -
            				'failed' => 'david_walsh',
-            -
            			);
-            -
            			$details = array_merge( $details, $commentdata );
-            -
-            -
            			// Log if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_comments' ) ) {
-            -
            				\ZeroSpam\Includes\DB::log( 'comment', $details );
-            -
            			}
-            -
-            -
            			// Share the detection if enabled.
-            -
            			if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
-            -
            				$details['type'] = 'comment';
-            -
            				do_action( 'zerospam_share_detection', $details );
-            -
            			}
-            -
-            -
            			$message = \ZeroSpam\Core\Utilities::detection_message( 'comment_spam_message' );
-            -
-            -
            			wp_die(
-            -
            				wp_kses(
-            -
            					$message,
-            -
            					array(
-            -
            						'a'      => array(
-            -
            							'target' => array(),
-            -
            							'href'   => array(),
-            -
            							'rel'    => array(),
-            -
            						),
-            -
            						'strong' => array(),
-            -
            					)
-            -
            				),
-            -
            				esc_html( \ZeroSpam\Core\Utilities::detection_title( 'comment_spam_message' ) ),
-            -
            				array(
-            -
            					'response' => 403,
-            -
            				)
-            -
            			);
-            -
            		}
-            -
-            -
            		return $commentdata;
-            -
            	}
-            -
-            -
            	/**
-            -
            	 * David Walsh settings section
-            -
            	 *
-            -
            	 * @param array $sections Array of available setting sections.
             	 */
             	public function sections( $sections ) {
             		$sections['davidwalsh'] = array(
@@ -280,13 +106,12 @@ class DavidWalsh {
+            	}
             	/**
-            -
            	 * David Walsh settings
+            	 *
             	 * @param array $settings Array of available settings.
             	 */
-            -
            	public function settings( $settings ) {
-            -
            		$options = get_option( 'wpzerospam' );
-            -
             		$settings['davidwalsh'] = array(
             			'title'       => __( 'David Walsh Technique', 'zerospam' ),
             			'desc'        => sprintf(

             defined( 'ABSPATH' ) || die();
             /**
+            +
             * David Walsh
              */
             class DavidWalsh {
             	/**
             	 * Constructor
             	 */
             	public function __construct() {
+            +
            		add_action( 'init', array( $this, 'init' ) );
+            +
            	}
+            +
+            +
            	/**
+            +
            	 * Fires after WordPress has finished loading but before any headers are sent.
+            +
            	 */
+            +
            	public function init() {
             		add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
+            +
            		add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
+            +
            		if (
+            +
            			'enabled' === \ZeroSpam\Core\Settings::get_settings( 'davidwalsh' ) &&
+            +
            			\ZeroSpam\Core\Access::process()
+            +
            		) {
             			add_action( 'wp_enqueue_scripts', array( $this, 'scripts' ), 0 );
             			add_action( 'login_enqueue_scripts', array( $this, 'scripts' ) );
+            +
            			add_action( 'zerospam_comment_scripts', array( $this, 'enqueue_script' ) );
             			// See https://contactform7.com/loading-javascript-and-stylesheet-only-when-it-is-necessary/.
+            +
            			add_action( 'zerospam_wpcf7_scripts', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_register_form', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_wpforms_scripts', array( $this, 'enqueue_script' ) );
             			add_action( 'zerospam_fluentforms_scripts', array( $this, 'enqueue_script' ) );
             			);
+            +
            			add_filter( 'zerospam_preprocess_comment_submission', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_registration_submission', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_cf7_submission', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_wpforms_submission', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_fluentform_submission', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_login_attempt', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_memberpress_registration', array( $this, 'validate_post' ), 10, 3 );
+            +
            			add_filter( 'zerospam_preprocess_mailchimp4wp', array( $this, 'validate_post' ), 10, 3 );
+            		}
+            	}
             	/**
+            +
            	 * Enqueues the script
             	 */
             	public function enqueue_script() {
             		wp_enqueue_script( 'zerospam-davidwalsh' );
+            	}
             	/**
+            +
            	 * Validates a submission against the David Walsh field.
+            	 *
+            +
            	 * @param array  $errors            Array of submission errors.
+            +
            	 * @param array  $post              Form post array.
+            +
            	 * @param string $detection_msg_key Detection message key.
             	 */
+            +
            	public function validate_post( $errors, $post, $detection_msg_key ) {
             		if ( empty( $post['zerospam_david_walsh_key'] ) || self::get_davidwalsh() !== $post['zerospam_david_walsh_key'] ) {
             			// Failed the David Walsh check.
+            +
            			$error_message = \ZeroSpam\Core\Utilities::detection_message( $detection_msg_key );
             			$errors['zerospam_david_walsh'] = $error_message;
+            		}
+            	}
             	/**
+            +
            	 * Admin setting sections
+            	 *
+            +
            	 * @param array $sections Array of admin setting sections.
             	 */
             	public function sections( $sections ) {
             		$sections['davidwalsh'] = array(
+            	}
             	/**
+            +
            	 * Admin settings
+            	 *
             	 * @param array $settings Array of available settings.
+            +
            	 * @param array $options  Array of saved database options.
             	 */
+            +
            	public function settings( $settings, $options ) {
             		$settings['davidwalsh'] = array(
             			'title'       => __( 'David Walsh Technique', 'zerospam' ),
             			'desc'        => sprintf(

modules/fluentforms/class-fluentforms.php CHANGED Viewed

	@@ -15,14 +15,24 @@ defined( 'ABSPATH' ) \|\| die();
15	*/
16	class FluentForms {
17	/**
18	- * ~~Fluent Forms constructor~~
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	- if ( ~~'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_fluentforms' ) && \ZeroSpam\Core\Access::process() ) {~~



26	// Load scripts.
27	add_action( 'fluentform_load_form_assets', array( $this, 'scripts' ), 10 );
28
	@@ -118,7 +128,7 @@ class FluentForms {
118	}
119
120	// Fire hook for additional validation (ex. David Walsh script).
121	- $errors = apply_filters( 'zerospam_preprocess_fluentform_submission', array(), $~~insert_data, $~~data, ~~$form~~ );
122
123	if ( ! empty( $errors ) ) {
124	$errors_array = array();
	@@ -160,22 +170,18 @@ class FluentForms {
160	* @param object $form The $form Object.
161	*/
162	public function validate_email( $error, $field, $form_data, $fields, $form ) {
163	- $error_message = \ZeroSpam\Core\Utilities::detection_message( 'fluentforms_spam_message' );
164	- $blocked_email_domains = \ZeroSpam\Core\Utilities::blocked_email_domains();
165	-
166	- if ( ! $blocked_email_domains ) {
167	- return $error;
168	- }
169	-
170	$field_name = $field['name'];
171	if ( empty( $form_data[ $field_name ] ) ) {
172	return $error;
173	}
174
175	- ~~$email_address~~ = ~~explode(~~ ~~'@',~~ ~~$form_data[ $field_name ] );~~
176	- ~~$email_domain =~~ ~~array_pop~~( ~~$email_address );~~




177
178	- if ( in_array( $email_domain, $blocked_email_domains, true ) ) {
179	return array( $error_message );
180	}
181
	@@ -208,13 +214,12 @@ class FluentForms {
208	}
209
210	/**
211	- * ~~Fluent~~ ~~Forms~~ settings
212	*
213	* @param array $settings Array of available settings.

214	*/
215	- public function settings( $settings ) {
216	- $options = get_option( 'wpzerospam' );
217	-
218	$settings['verify_fluentforms'] = array(
219	'title' => __( 'Protect Fluent Form Submissions', 'zerospam' ),
220	'section' => 'fluentforms',


15	*/
16	class FluentForms {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_fluentforms' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	// Load scripts.
37	add_action( 'fluentform_load_form_assets', array( $this, 'scripts' ), 10 );
38

128	}
129
130	// Fire hook for additional validation (ex. David Walsh script).
131	+ $errors = apply_filters( 'zerospam_preprocess_fluentform_submission', array(), $data, 'fluentforms_spam_message' );
132
133	if ( ! empty( $errors ) ) {
134	$errors_array = array();

170	* @param object $form The $form Object.
171	*/
172	public function validate_email( $error, $field, $form_data, $fields, $form ) {







173	$field_name = $field['name'];
174	if ( empty( $form_data[ $field_name ] ) ) {
175	return $error;
176	}
177
178	+ // Check blocked email domains.
179	+ if (
180	+ ! empty( $form_data[ $field_name ] ) &&
181	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $form_data[ $field_name ] )
182	+ ) {
183	+ $error_message = \ZeroSpam\Core\Utilities::detection_message( 'fluentforms_spam_message' );
184

185	return array( $error_message );
186	}
187

214	}
215
216	/**
217	+ * Admin settings
218	*
219	* @param array $settings Array of available settings.
220	+ * @param array $options Array of saved database options.
221	*/
222	+ public function settings( $settings, $options ) {


223	$settings['verify_fluentforms'] = array(
224	'title' => __( 'Protect Fluent Form Submissions', 'zerospam' ),
225	'section' => 'fluentforms',

modules/formidable/class-formidable.php CHANGED Viewed

	@@ -7,8 +7,6 @@
7
8	namespace ZeroSpam\Modules\Formidable;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
	@@ -17,14 +15,24 @@ defined( 'ABSPATH' ) \|\| die();
17	*/
18	class Formidable {
19	/**
20	- * ~~Formidable constructor~~
21	*/
22	public function __construct() {







23	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
24	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
25	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
26
27	- if ( ~~'enabled' === ZeroSpam\Core\Settings::get_settings( 'verify_formidable' ) && ZeroSpam\Core\Access::process() ) {~~



28	add_action( 'frm_entry_form', array( $this, 'honeypot' ), 10, 1 );
29	add_filter( 'frm_validate_entry', array( $this, 'preprocess_submission' ), 10, 2 );
30	}
	@@ -58,10 +66,9 @@ class Formidable {
58	* Formidable settings
59	*
60	* @param array $settings Array of available settings.

61	*/
62	- public function settings( $settings ) {
63	- $options = get_option( 'wpzerospam' );
64	-
65	$settings['verify_formidable'] = array(
66	'title' => __( 'Protect Formidable Submissions', 'zerospam' ),
67	'section' => 'formidable',
	@@ -73,7 +80,7 @@ class Formidable {
73	'recommended' => 'enabled',
74	);
75
76	- $message = __( '~~You~~ ~~have~~ been flagged as spam/malicious ~~by WordPress Zero Spam~~.', 'zerospam' );
77
78	$settings['formidable_spam_message'] = array(
79	'title' => __( 'Spam/Malicious Message', 'zerospam' ),
	@@ -94,7 +101,7 @@ class Formidable {
94	__( 'Enables logging blocked Formidable submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
95	array( 'strong' => array() )
96	),
97	- 'options' => array(
98	'enabled' => __( 'Enabled', 'zerospam' ),
99	),
100	'value' => ! empty( $options['log_blocked_formidable'] ) ? $options['log_blocked_formidable'] : false,
	@@ -111,7 +118,7 @@ class Formidable {
111	*/
112	public function honeypot( $form_data ) {
113	// @codingStandardsIgnoreLine
114	- echo ZeroSpam\Core\Utilities::honeypot_field();
115	}
116
117	/**
	@@ -121,28 +128,47 @@ class Formidable {
121	* @param array $values Array of values.
122	*/
123	public function preprocess_submission( $errors, $values ) {
124	- $settings = ZeroSpam\Core\Settings::get_settings();
125	-
126	- // Check honeypot.
127	// @codingStandardsIgnoreLine
128	- if ( ~~! empty( $_REQUEST[~~ ZeroSpam\Core\Utilities::~~get_honeypot~~() ] ) ~~) {~~
129	- ~~$message = ZeroSpam\Core\Utilities::detection_message( 'formidable_spam_message' );~~


130
131	- ~~$errors['zerospam_honeypot']~~ = ~~$message;~~

132
133	- $details = ~~$values~~;









134	$details['failed'] = 'honeypot';
135
136	- // ~~Log~~ ~~if enabled.~~
137	- ~~if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_formidable' ) ) {~~
138	- ~~ZeroSpam\Includes\DB::log( 'formidable', $details );~~
139	- }



140
141	- // ~~Share~~ the detection if enabled.
142	- if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( '~~share_data~~' ) ) {
143	- ~~$details[~~'~~type~~'] = ~~'formidable'~~;
144	- ~~do_action( 'zerospam_share_detection', $details );~~





145	}


146	}
147
148	return $errors;


7
8	namespace ZeroSpam\Modules\Formidable;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12

15	*/
16	class Formidable {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_formidable' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	add_action( 'frm_entry_form', array( $this, 'honeypot' ), 10, 1 );
37	add_filter( 'frm_validate_entry', array( $this, 'preprocess_submission' ), 10, 2 );
38	}

66	* Formidable settings
67	*
68	* @param array $settings Array of available settings.
69	+ * @param array $options Array of saved database options.
70	*/
71	+ public function settings( $settings, $options ) {


72	$settings['verify_formidable'] = array(
73	'title' => __( 'Protect Formidable Submissions', 'zerospam' ),
74	'section' => 'formidable',

80	'recommended' => 'enabled',
81	);
82
83	+ $message = __( 'Your IP has been flagged as spam/malicious.', 'zerospam' );
84
85	$settings['formidable_spam_message'] = array(
86	'title' => __( 'Spam/Malicious Message', 'zerospam' ),

101	__( 'Enables logging blocked Formidable submissions. <strong>Recommended for enhanced protection.</strong>', 'zerospam' ),
102	array( 'strong' => array() )
103	),
104	+ 'options' => array(
105	'enabled' => __( 'Enabled', 'zerospam' ),
106	),
107	'value' => ! empty( $options['log_blocked_formidable'] ) ? $options['log_blocked_formidable'] : false,

118	*/
119	public function honeypot( $form_data ) {
120	// @codingStandardsIgnoreLine
121	+ echo \ZeroSpam\Core\Utilities::honeypot_field();
122	}
123
124	/**

128	* @param array $values Array of values.
129	*/
130	public function preprocess_submission( $errors, $values ) {



131	// @codingStandardsIgnoreLine
132	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
133	+
134	+ // Get the error message.
135	+ $error_message = \ZeroSpam\Core\Utilities::detection_message( 'formidable_spam_message' );
136
137	+ // Create the details array for logging & sharing data.
138	+ $details = $values;
139
140	+ $details['type'] = 'formidable';
141	+
142	+ // Begin validation checks.
143	+ $validation_errors = array();
144	+
145	+ // Check Zero Spam's honeypot field.
146	+ $honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
147	+ // @codingStandardsIgnoreLine
148	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
149	+ // Failed the honeypot check.
150	$details['failed'] = 'honeypot';
151
152	+ $validation_errors[] = 'honeypot';
153	+ }
154	+
155	+ if ( ! empty( $validation_errors ) ) {
156	+ // Failed validations, log & send details if enabled.
157	+ foreach ( $validation_errors as $key => $fail ) {
158	+ $details['failed'] = $fail;
159
160	+ // Log the detection if enabled.
161	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_formidable' ) ) {
162	+ \ZeroSpam\Includes\DB::log( 'formidable', $details );
163	+ }
164	+
165	+ // Share the detection if enabled.
166	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
167	+ do_action( 'zerospam_share_detection', $details );
168	+ }
169	}
170	+
171	+ $errors['zerospam_honeypot'] = $error_message;
172	}
173
174	return $errors;

modules/give/class-give.php CHANGED Viewed

	@@ -15,14 +15,24 @@ defined( 'ABSPATH' ) \|\| die();
15	*/
16	class Give {
17	/**
18	- * ~~Add-on constructor~~
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	- if ( ~~'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_givewp' ) && \ZeroSpam\Core\Access::process() ) {~~



26	// Adds Zero Spam's honeypot field.
27	add_action( 'give_donation_form_bottom', array( $this, 'add_honeypot' ), 10 );
28
	@@ -74,6 +84,15 @@ class Give {
74	$validation_errors[] = 'honeypot';
75	}
76









77	if ( ! empty( $validation_errors ) ) {
78	// Failed validations, log & send details if enabled.
79	foreach ( $validation_errors as $key => $fail ) {
	@@ -122,10 +141,9 @@ class Give {
122	* Admin settings
123	*
124	* @param array $settings Array of available settings.

125	*/
126	- public function settings( $settings ) {
127	- $options = get_option( 'wpzerospam' );
128	-
129	$settings['verify_givewp'] = array(
130	'title' => __( 'Protect GiveWP Submissions', 'zerospam' ),
131	'section' => 'givewp',


15	*/
16	class Give {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_givewp' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	// Adds Zero Spam's honeypot field.
37	add_action( 'give_donation_form_bottom', array( $this, 'add_honeypot' ), 10 );
38

84	$validation_errors[] = 'honeypot';
85	}
86
87	+ // Check blocked email domains.
88	+ if (
89	+ ! empty( $post_data['give_email'] ) &&
90	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $post_data['give_email'] )
91	+ ) {
92	+ // Email domain has been blocked.
93	+ $validation_errors[] = 'blocked_email_domain';
94	+ }
95	+
96	if ( ! empty( $validation_errors ) ) {
97	// Failed validations, log & send details if enabled.
98	foreach ( $validation_errors as $key => $fail ) {

141	* Admin settings
142	*
143	* @param array $settings Array of available settings.
144	+ * @param array $options Array of saved database options.
145	*/
146	+ public function settings( $settings, $options ) {


147	$settings['verify_givewp'] = array(
148	'title' => __( 'Protect GiveWP Submissions', 'zerospam' ),
149	'section' => 'givewp',

modules/login/class-login.php CHANGED Viewed

	@@ -15,14 +15,24 @@ defined( 'ABSPATH' ) \|\| die();
15	*/
16	class Login {
17	/**
18	- * ~~Add-on constructor~~
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	- if ( ~~'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_login' ) && \ZeroSpam\Core\Access::process() ) {~~



26	// Adds Zero Spam's honeypot field.
27	add_action( 'login_form', array( $this, 'add_honeypot' ), 10 );
28
	@@ -38,7 +48,7 @@ class Login {
38	}
39
40	/**
41	- * Load the ~~add-on~~ scripts.
42	*/
43	public function scripts() {
44	do_action( 'zerospam_login_scripts' );
	@@ -59,6 +69,9 @@ class Login {
59	* @param string $password Password to check against the user.
60	*/
61	public function process_form( $user, $password ) {



62	// Check Zero Spam's honeypot field.
63	$honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
64
	@@ -75,14 +88,13 @@ class Login {
75	$validation_errors = array();
76
77	// @codingStandardsIgnoreLine
78	- if ( isset( $~~_POST~~[ $honeypot_field_name ] ) && ! empty( $~~_POST~~[ $honeypot_field_name ] ) ) {
79	// Failed the honeypot check.
80	$validation_errors[] = 'honeypot';
81	}
82
83	// Fire hook for additional validation (ex. David Walsh script).
84	- // ~~@codingStandardsIgnoreLine~~
85	- $errors = apply_filters( 'zerospam_preprocess_login_attempt', array(), $user, $password, $_POST );
86
87	if ( ! empty( $errors ) ) {
88	foreach ( $errors as $key => $message ) {
	@@ -113,7 +125,7 @@ class Login {
113	}
114
115	/**
116	- * Add to the types array
117	*
118	* @param array $types Array of available detection types.
119	*/
	@@ -124,9 +136,9 @@ class Login {
124	}
125
126	/**
127	- * Admin ~~section~~
128	*
129	- * @param array $sections Array of ~~available~~ setting sections.
130	*/
131	public function sections( $sections ) {
132	$sections['login'] = array(
	@@ -140,10 +152,9 @@ class Login {
140	* Admin settings
141	*
142	* @param array $settings Array of available settings.

143	*/
144	- public function settings( $settings ) {
145	- $options = get_option( 'wpzerospam' );
146	-
147	$settings['verify_login'] = array(
148	'title' => __( 'Protect Login Attempts', 'zerospam' ),
149	'section' => 'login',


15	*/
16	class Login {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_login' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	// Adds Zero Spam's honeypot field.
37	add_action( 'login_form', array( $this, 'add_honeypot' ), 10 );
38

48	}
49
50	/**
51	+ * Load the scripts
52	*/
53	public function scripts() {
54	do_action( 'zerospam_login_scripts' );

69	* @param string $password Password to check against the user.
70	*/
71	public function process_form( $user, $password ) {
72	+ // @codingStandardsIgnoreLine
73	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
74	+
75	// Check Zero Spam's honeypot field.
76	$honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
77

88	$validation_errors = array();
89
90	// @codingStandardsIgnoreLine
91	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
92	// Failed the honeypot check.
93	$validation_errors[] = 'honeypot';
94	}
95
96	// Fire hook for additional validation (ex. David Walsh script).
97	+ $errors = apply_filters( 'zerospam_preprocess_login_attempt', array(), $post, 'login_spam_message' );

98
99	if ( ! empty( $errors ) ) {
100	foreach ( $errors as $key => $message ) {

125	}
126
127	/**
128	+ * Add to the detection types array
129	*
130	* @param array $types Array of available detection types.
131	*/

136	}
137
138	/**
139	+ * Admin setting sections
140	*
141	+ * @param array $sections Array of admin setting sections.
142	*/
143	public function sections( $sections ) {
144	$sections['login'] = array(

152	* Admin settings
153	*
154	* @param array $settings Array of available settings.
155	+ * @param array $options Array of saved database options.
156	*/
157	+ public function settings( $settings, $options ) {


158	$settings['verify_login'] = array(
159	'title' => __( 'Protect Login Attempts', 'zerospam' ),
160	'section' => 'login',

modules/mailchimpforwp/class-mailchimpforwp.php CHANGED Viewed

	@@ -18,8 +18,15 @@ class MailchimpForWP {
18	* Constructor
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	if (
	@@ -102,22 +109,17 @@ class MailchimpForWP {
102	}
103
104	// Check blocked email domains.
105	- ~~$blocked_email_domains~~ ~~= \ZeroSpam\Core\Settings::get_settings~~( ~~'blocked_email_domains' );~~
106	- ~~if ( $blocked_email_domains &&~~ ! empty( $post['EMAIL'] ) ~~) {~~
107	- ~~$blocked_email_domains_array = explode~~( ~~"\n",~~ $~~blocked_email_domains~~ );
108	- ~~$blocked_email_domains_array~~ ~~= array_map( 'trim', $blocked_email_domains_array );~~
109	- ~~$tmp_domain =~~ ~~explode(~~ ~~'@',~~ ~~$post['EMAIL']~~ );
110	- $~~domain~~ = ~~trim( array_pop( $tmp_domain ) )~~;
111	-
112	- if ( in_array( $domain, $blocked_email_domains_array, true ) ) {
113	- // Email domain has been blocked.
114	- $validation_errors[] = 'blocked_email_domain';
115	- }
116	}
117
118	// Fire hook for additional validation (ex. David Walsh script).
119	// @codingStandardsIgnoreLine
120	- $filtered_errors = apply_filters( 'zerospam_preprocess_mailchimp4wp', array(), $post );
121
122	if ( ! empty( $filtered_errors ) ) {
123	foreach ( $filtered_errors as $key => $message ) {
	@@ -175,10 +177,9 @@ class MailchimpForWP {
175	* Admin settings
176	*
177	* @param array $settings Array of available settings.

178	*/
179	- public function settings( $settings ) {
180	- $options = get_option( 'wpzerospam' );
181	-
182	$settings['verify_mailchimp4wp'] = array(
183	'title' => __( 'Protect Forms', 'zerospam' ),
184	'section' => 'mailchimp4wp',


18	* Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	if (

109	}
110
111	// Check blocked email domains.
112	+ if (
113	+ ! empty( $post['EMAIL'] ) &&
114	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $post['EMAIL'] )
115	+ ) {
116	+ // Email domain has been blocked.
117	+ $validation_errors[] = 'blocked_email_domain';





118	}
119
120	// Fire hook for additional validation (ex. David Walsh script).
121	// @codingStandardsIgnoreLine
122	+ $filtered_errors = apply_filters( 'zerospam_preprocess_mailchimp4wp', array(), $post, 'mailchimp4wp_spam_message' );
123
124	if ( ! empty( $filtered_errors ) ) {
125	foreach ( $filtered_errors as $key => $message ) {

177	* Admin settings
178	*
179	* @param array $settings Array of available settings.
180	+ * @param array $options Array of saved database options.
181	*/
182	+ public function settings( $settings, $options ) {


183	$settings['verify_mailchimp4wp'] = array(
184	'title' => __( 'Protect Forms', 'zerospam' ),
185	'section' => 'mailchimp4wp',

modules/memberpress/class-memberpress.php CHANGED Viewed

	@@ -18,8 +18,15 @@ class MemberPress {
18	* Constructor
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	if (
	@@ -86,22 +93,17 @@ class MemberPress {
86	}
87
88	// Check blocked email domains.
89	- ~~$blocked_email_domains~~ ~~= \ZeroSpam\Core\Settings::get_settings~~( ~~'blocked_email_domains' );~~
90	- ~~if ( $blocked_email_domains &&~~ ! empty( $post['user_email'] ) ~~) {~~
91	- ~~$blocked_email_domains_array = explode~~( ~~"\n",~~ $~~blocked_email_domains~~ );
92	- ~~$blocked_email_domains_array~~ ~~= array_map( 'trim', $blocked_email_domains_array );~~
93	- ~~$tmp_domain =~~ ~~explode(~~ ~~'@',~~ ~~$post['user_email']~~ );
94	- $~~domain~~ = ~~trim( array_pop( $tmp_domain ) )~~;
95	-
96	- if ( in_array( $domain, $blocked_email_domains_array, true ) ) {
97	- // Email domain has been blocked.
98	- $validation_errors[] = 'blocked_email_domain';
99	- }
100	}
101
102	// Fire hook for additional validation (ex. David Walsh script).
103	// @codingStandardsIgnoreLine
104	- $filtered_errors = apply_filters( 'zerospam_preprocess_memberpress_registration', array(), $post );
105
106	if ( ! empty( $filtered_errors ) ) {
107	foreach ( $filtered_errors as $key => $message ) {
	@@ -159,10 +161,9 @@ class MemberPress {
159	* Admin settings
160	*
161	* @param array $settings Array of available settings.

162	*/
163	- public function settings( $settings ) {
164	- $options = get_option( 'wpzerospam' );
165	-
166	$settings['verify_memberpress_registration'] = array(
167	'title' => __( 'Protect Registration Forms', 'zerospam' ),
168	'section' => 'memberpress',


18	* Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	if (

93	}
94
95	// Check blocked email domains.
96	+ if (
97	+ ! empty( $post['user_email'] ) &&
98	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $post['user_email'] )
99	+ ) {
100	+ // Email domain has been blocked.
101	+ $validation_errors[] = 'blocked_email_domain';





102	}
103
104	// Fire hook for additional validation (ex. David Walsh script).
105	// @codingStandardsIgnoreLine
106	+ $filtered_errors = apply_filters( 'zerospam_preprocess_memberpress_registration', array(), $post, 'memberpress_regsitration_spam_message' );
107
108	if ( ! empty( $filtered_errors ) ) {
109	foreach ( $filtered_errors as $key => $message ) {

161	* Admin settings
162	*
163	* @param array $settings Array of available settings.
164	+ * @param array $options Array of saved database options.
165	*/
166	+ public function settings( $settings, $options ) {


167	$settings['verify_memberpress_registration'] = array(
168	'title' => __( 'Protect Registration Forms', 'zerospam' ),
169	'section' => 'memberpress',

modules/registration/class-registration.php CHANGED Viewed

	@@ -7,8 +7,6 @@
7
8	namespace ZeroSpam\Modules\Registration;
9
10	- use ZeroSpam;
11	-
12	// Security Note: Blocks direct access to the plugin PHP files.
13	defined( 'ABSPATH' ) \|\| die();
14
	@@ -17,25 +15,32 @@ defined( 'ABSPATH' ) \|\| die();
17	*/
18	class Registration {
19	/**
20	- * ~~Registration constructor~~
21	*/
22	public function __construct() {


23
24	- ~~if ( get_option( 'users_can_register' ) ) {~~
25	- ~~add_filter(~~ ~~'zerospam_setting_sections',~~ ~~array(~~ ~~$this,~~ ~~'sections'~~ ) );
26	- ~~add_filter( 'zerospam_settings', array( $this, 'settings' ) );~~
27	- ~~add_filter(~~ ~~'zerospam_types',~~ ~~array~~( ~~$this, 'types'~~ ), ~~10, 1 );~~
28	-
29	- if ( '~~enabled~~' ~~=== ZeroSpam\Core\Settings::get_settings~~( '~~verify_registrations~~' ) && ~~ZeroSpam\Core\Access::process()~~ ) {
30	- ~~add_action~~( '~~register_form~~', array( $this, '~~register_form~~' ) );
31	- ~~add_action( 'register_form', array( $this, 'honeypot' ) );~~
32	- ~~add_filter(~~ ~~'registration_errors', array~~( ~~$this, 'preprocess_registration' ), 10, 3 );~~
33	- }





34	}
35	}
36
37	/**
38	- * Add to the types array
39	*
40	* @param array $types Array of available detection types.
41	*/
	@@ -46,9 +51,9 @@ class Registration {
46	}
47
48	/**
49	- * ~~Fires~~ ~~following~~ the ~~‘Email’ field in the user registration form.~~
50	*/
51	- public function ~~register_form~~() {
52	do_action( 'zerospam_register_form' );
53	}
54
	@@ -59,58 +64,71 @@ class Registration {
59	* @param string $sanitized_user_login User's username after it has been sanitized.
60	* @param string $user_email User's email.
61	*/
62	- public function ~~preprocess_registration~~( $errors, $sanitized_user_login, $user_email ) {

























63
64	// Check blocked email domains.
65	- ~~$blocked_email_domains~~ ~~= \ZeroSpam\Core\Settings::get_settings~~( ~~'blocked_email_domains' );~~
66	- if ( $~~blocked_email_domains~~ ) {
67	- ~~$blocked_email_domains_array = explode~~( ~~"\n",~~ $~~blocked_email_domains~~ );
68	- ~~$blocked_email_domains_array~~ ~~= array_map( 'trim', $blocked_email_domains_array );~~
69	- ~~$tmp_domain =~~ ~~explode(~~ ~~'@',~~ ~~$user_email~~ );
70	- $~~domain~~ = ~~array_pop( $tmp_domain )~~;
71	-
72	- ~~if ( in_array( $domain, $blocked_email_domains_array, true ) ) {~~
73	- // ~~Email~~ ~~domain~~ ~~has~~ ~~been~~ ~~blocked~~.
74	- $~~message~~ = ~~ZeroSpam\Core\Utilities::detection_message~~( 'registration_spam_message' );
75	- $errors->add( 'zerospam_error', $message );
76	-
77	- $details = array(
78	- 'user_login' => $sanitized_user_login,
79	- 'user_email' => $user_email,
80	- 'failed' => 'blocked_email_domain',
81	- );
82	-
83	- if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_registrations' ) ) {
84	- ZeroSpam\Includes\DB::log( 'registration', $details );
85	- }
86
87	- ~~return~~ ~~apply_filters~~( ~~'zerospam_registration_errors',~~ ~~$errors,~~ $~~sanitized_user_login,~~ ~~$user_email~~ );


88	}
89	}
90
91	- // ~~Check~~ ~~honeypot.~~
92	- // ~~@codingStandardsIgnoreLine~~
93	- if ( ! ~~empty(~~ $~~_REQUEST[~~ ~~ZeroSpam\Core\Utilities::get_honeypot()~~ ] ) ) {
94	- $~~message~~ = ~~ZeroSpam\Core\Utilities::detection_message( 'registration_spam_message' )~~;
95	- ~~$errors->add( 'zerospam_error', $message );~~
96	-
97	- ~~$details~~ = ~~array~~(
98	- '~~user_login~~' => ~~$sanitized_user_login,~~
99	- ~~'user_email' => $user_email,~~
100	- 'failed' => 'honeypot',
101	- );
102	- if ( 'enabled' === ZeroSpam\Core\Settings::get_settings( 'log_blocked_registrations' ) ) {
103	- ZeroSpam\Includes\DB::log( 'registration', $details );
104	- }
105
106	- // Share the detection if enabled.
107	- if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
108	- ~~$details[~~'~~type~~'] = ~~'registration'~~;
109	- ~~do_action( 'zerospam_share_detection', $details );~~
110	}


111	}
112
113	- return ~~apply_filters( 'zerospam_registration_errors',~~ $errors~~, $sanitized_user_login, $user_email )~~;
114	}
115
116	/**
	@@ -118,13 +136,13 @@ class Registration {
118	*/
119	public function honeypot() {
120	// @codingStandardsIgnoreLine
121	- echo ZeroSpam\Core\Utilities::honeypot_field();
122	}
123
124	/**
125	- * ~~Registration~~ sections
126	*
127	- * @param array $sections Array of ~~available~~ setting sections.
128	*/
129	public function sections( $sections ) {
130	$sections['registration'] = array(
	@@ -135,13 +153,12 @@ class Registration {
135	}
136
137	/**
138	- * ~~Registration~~ settings
139	*
140	* @param array $settings Array of available settings.

141	*/
142	- public function settings( $settings ) {
143	- $options = get_option( 'wpzerospam' );
144	-
145	$settings['verify_registrations'] = array(
146	'title' => __( 'Protect Registrations', 'zerospam' ),
147	'section' => 'registration',
	@@ -153,7 +170,7 @@ class Registration {
153	'recommended' => 'enabled',
154	);
155
156	- $message = __( '~~You~~ ~~have~~ been flagged as spam/malicious ~~by WordPress Zero Spam~~.', 'zerospam' );
157
158	$settings['registration_spam_message'] = array(
159	'title' => __( 'Spam/Malicious Message', 'zerospam' ),


7
8	namespace ZeroSpam\Modules\Registration;
9


10	// Security Note: Blocks direct access to the plugin PHP files.
11	defined( 'ABSPATH' ) \|\| die();
12

15	*/
16	class Registration {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	+ add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	+ add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31	+
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_registrations' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	+ add_action( 'register_form', array( $this, 'scripts' ) );
37	+ add_action( 'register_form', array( $this, 'honeypot' ) );
38	+ add_filter( 'registration_errors', array( $this, 'process_form' ), 10, 3 );
39	}
40	}
41
42	/**
43	+ * Add to the detection types array
44	*
45	* @param array $types Array of available detection types.
46	*/

51	}
52
53	/**
54	+ * Load the scripts
55	*/
56	+ public function scripts() {
57	do_action( 'zerospam_register_form' );
58	}
59

64	* @param string $sanitized_user_login User's username after it has been sanitized.
65	* @param string $user_email User's email.
66	*/
67	+ public function process_form( $errors, $sanitized_user_login, $user_email ) {
68	+ // @codingStandardsIgnoreLine
69	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
70	+
71	+ // Get the error message.
72	+ $error_message = \ZeroSpam\Core\Utilities::detection_message( 'registration_spam_message' );
73	+
74	+ // Create the details array for logging & sharing data.
75	+ $details = array(
76	+ 'user_login' => $sanitized_user_login,
77	+ 'user_email' => $user_email,
78	+ 'type' => 'registration',
79	+ );
80	+
81	+ // Begin validation checks.
82	+ $validation_errors = array();
83	+
84	+ // Check Zero Spam's honeypot field.
85	+ $honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
86	+ // @codingStandardsIgnoreLine
87	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
88	+ // Failed the honeypot check.
89	+ $details['failed'] = 'honeypot';
90	+
91	+ $validation_errors[] = 'honeypot';
92	+ }
93
94	// Check blocked email domains.
95	+ if (
96	+ ! empty( $user_email ) &&
97	+ \ZeroSpam\Core\Utilities::is_email_domain_blocked( $user_email )
98	+ ) {
99	+ // Email domain has been blocked.
100	+ $validation_errors[] = 'blocked_email_domain';
101	+ }
102	+
103	+ // Fire hook for additional validation (ex. David Walsh script).
104	+ $filtered_errors = apply_filters( 'zerospam_preprocess_registration_submission', array(), $post, 'registration_spam_message' );











105
106	+ if ( ! empty( $filtered_errors ) ) {
107	+ foreach ( $filtered_errors as $key => $message ) {
108	+ $validation_errors[] = str_replace( 'zerospam_', '', $key );
109	}
110	}
111
112	+ if ( ! empty( $validation_errors ) ) {
113	+ // Failed validations, log & send details if enabled.
114	+ foreach ( $validation_errors as $key => $fail ) {
115	+ $details['failed'] = $fail;
116	+
117	+ // Log the detection if enabled.
118	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'log_blocked_registrations' ) ) {
119	+ \ZeroSpam\Includes\DB::log( 'registration', $details );
120	+ }





121
122	+ // Share the detection if enabled.
123	+ if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
124	+ do_action( 'zerospam_share_detection', $details );
125	+ }
126	}
127	+
128	+ $errors->add( 'zerospam_error', $error_message );
129	}
130
131	+ return $errors;
132	}
133
134	/**

136	*/
137	public function honeypot() {
138	// @codingStandardsIgnoreLine
139	+ echo \ZeroSpam\Core\Utilities::honeypot_field();
140	}
141
142	/**
143	+ * Admin setting sections
144	*
145	+ * @param array $sections Array of admin setting sections.
146	*/
147	public function sections( $sections ) {
148	$sections['registration'] = array(

153	}
154
155	/**
156	+ * Admin settings
157	*
158	* @param array $settings Array of available settings.
159	+ * @param array $options Array of saved database options.
160	*/
161	+ public function settings( $settings, $options ) {


162	$settings['verify_registrations'] = array(
163	'title' => __( 'Protect Registrations', 'zerospam' ),
164	'section' => 'registration',

170	'recommended' => 'enabled',
171	);
172
173	+ $message = __( 'Your IP has been flagged as spam/malicious.', 'zerospam' );
174
175	$settings['registration_spam_message'] = array(
176	'title' => __( 'Spam/Malicious Message', 'zerospam' ),

modules/wpforms/class-wpforms.php CHANGED Viewed

	@@ -15,14 +15,24 @@ defined( 'ABSPATH' ) \|\| die();
15	*/
16	class WPForms {
17	/**
18	- * ~~WPForms constructor~~
19	*/
20	public function __construct() {







21	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
22	- add_filter( 'zerospam_settings', array( $this, 'settings' ) );
23	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
24
25	- if ( ~~'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_wpforms' ) && \ZeroSpam\Core\Access::process() ) {~~



26	// Adds Zero Spam's honeypot field.
27	add_action( 'wpforms_frontend_output', array( $this, 'honeypot' ), 10, 1 );
28
	@@ -45,11 +55,14 @@ class WPForms {
45	/**
46	* Preprocess submission
47	*
48	- * @param array $fields Sanitized entry field values/properties.
49	- * @param array $entry Original $_POST global.
50	* @param array $form_data Form settings/data.
51	*/
52	public function preprocess_submission( $fields, $entry, $form_data ) {



53	// Get the error message.
54	$error_message = \ZeroSpam\Core\Utilities::detection_message( 'wpforms_spam_message' );
55
	@@ -66,7 +79,7 @@ class WPForms {
66	// Check Zero Spam's honeypot field.
67	$honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
68	// @codingStandardsIgnoreLine
69	- if ( isset( $~~_REQUEST~~[ $honeypot_field_name ] ) && ! empty( $~~_REQUEST~~[ $honeypot_field_name ] ) ) {
70	// Failed the honeypot check.
71	$details['failed'] = 'honeypot';
72
	@@ -74,14 +87,11 @@ class WPForms {
74	}
75
76	// Fire hook for additional validation (ex. David Walsh script).
77	- // ~~@codingStandardsIgnoreLine~~
78	- $errors = apply_filters( 'zerospam_preprocess_wpforms_submission', array(), $form_data, $_REQUEST );
79
80	if ( ! empty( $errors ) ) {
81	foreach ( $errors as $key => $message ) {
82	$validation_errors[] = str_replace( 'zerospam_', '', $key );
83	-
84	- $details['failed'] = str_replace( 'zerospam_', '', $key );
85	}
86	}
87
	@@ -106,7 +116,7 @@ class WPForms {
106	}
107
108	/**
109	- * Add to the types array
110	*
111	* @param array $types Array of available detection types.
112	*/
	@@ -117,16 +127,16 @@ class WPForms {
117	}
118
119	/**
120	- * ~~Fires~~ ~~before a form is displayed on~~ the ~~site’s frontend, only if the form exists and contains fields.~~
121	*/
122	public function scripts() {
123	do_action( 'zerospam_wpforms_scripts' );
124	}
125
126	/**
127	- * ~~WPForms~~ sections
128	*
129	- * @param array $sections Array of ~~available~~ setting sections.
130	*/
131	public function sections( $sections ) {
132	$sections['wpforms'] = array(
	@@ -137,13 +147,12 @@ class WPForms {
137	}
138
139	/**
140	- * ~~WPForms~~ settings
141	*
142	* @param array $settings Array of available settings.

143	*/
144	- public function settings( $settings ) {
145	- $options = get_option( 'wpzerospam' );
146	-
147	$settings['verify_wpforms'] = array(
148	'title' => __( 'Protect WPForms Submissions', 'zerospam' ),
149	'section' => 'wpforms',
	@@ -155,7 +164,7 @@ class WPForms {
155	'recommended' => 'enabled',
156	);
157
158	- $message = __( '~~You~~ ~~have~~ been flagged as spam/malicious ~~by WordPress Zero Spam~~.', 'zerospam' );
159
160	$settings['wpforms_spam_message'] = array(
161	'title' => __( 'WPForms Spam/Malicious Message', 'zerospam' ),


15	*/
16	class WPForms {
17	/**
18	+ * Constructor
19	*/
20	public function __construct() {
21	+ add_action( 'init', array( $this, 'init' ) );
22	+ }
23	+
24	+ /**
25	+ * Fires after WordPress has finished loading but before any headers are sent.
26	+ */
27	+ public function init() {
28	add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
29	+ add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 2 );
30	add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
31
32	+ if (
33	+ 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'verify_wpforms' ) &&
34	+ \ZeroSpam\Core\Access::process()
35	+ ) {
36	// Adds Zero Spam's honeypot field.
37	add_action( 'wpforms_frontend_output', array( $this, 'honeypot' ), 10, 1 );
38

55	/**
56	* Preprocess submission
57	*
58	+ * @param array $fields Sanitized entry field values/properties.
59	+ * @param array $entry Original $_POST global.
60	* @param array $form_data Form settings/data.
61	*/
62	public function preprocess_submission( $fields, $entry, $form_data ) {
63	+ // @codingStandardsIgnoreLine
64	+ $post = \ZeroSpam\Core\Utilities::sanitize_array( $_POST );
65	+
66	// Get the error message.
67	$error_message = \ZeroSpam\Core\Utilities::detection_message( 'wpforms_spam_message' );
68

79	// Check Zero Spam's honeypot field.
80	$honeypot_field_name = \ZeroSpam\Core\Utilities::get_honeypot();
81	// @codingStandardsIgnoreLine
82	+ if ( isset( $post[ $honeypot_field_name ] ) && ! empty( $post[ $honeypot_field_name ] ) ) {
83	// Failed the honeypot check.
84	$details['failed'] = 'honeypot';
85

87	}
88
89	// Fire hook for additional validation (ex. David Walsh script).
90	+ $errors = apply_filters( 'zerospam_preprocess_wpforms_submission', array(), $post, 'wpforms_spam_message' );

91
92	if ( ! empty( $errors ) ) {
93	foreach ( $errors as $key => $message ) {
94	$validation_errors[] = str_replace( 'zerospam_', '', $key );


95	}
96	}
97

116	}
117
118	/**
119	+ * Add to the detection types array
120	*
121	* @param array $types Array of available detection types.
122	*/

127	}
128
129	/**
130	+ * Load the scripts
131	*/
132	public function scripts() {
133	do_action( 'zerospam_wpforms_scripts' );
134	}
135
136	/**
137	+ * Admin setting sections
138	*
139	+ * @param array $sections Array of admin setting sections.
140	*/
141	public function sections( $sections ) {
142	$sections['wpforms'] = array(

147	}
148
149	/**
150	+ * Admin settings
151	*
152	* @param array $settings Array of available settings.
153	+ * @param array $options Array of saved database options.
154	*/
155	+ public function settings( $settings, $options ) {


156	$settings['verify_wpforms'] = array(
157	'title' => __( 'Protect WPForms Submissions', 'zerospam' ),
158	'section' => 'wpforms',

164	'recommended' => 'enabled',
165	);
166
167	+ $message = __( 'Your IP has been flagged as spam/malicious.', 'zerospam' );
168
169	$settings['wpforms_spam_message'] = array(
170	'title' => __( 'WPForms Spam/Malicious Message', 'zerospam' ),

readme.txt CHANGED Viewed

	@@ -5,11 +5,11 @@ Donate link: https://www.zerospam.org/subscribe/
5	Requires at least: 5.2
6	Tested up to: 5.8.2
7	Requires PHP: 7.3
8	- Stable tag: 5.2.4
9	License: GNU GPLv3
10	License URI: https://choosealicense.com/licenses/gpl-3.0/
11
12	- ~~WordPress~~ ~~Zero~~ ~~Spam~~ ~~makes~~ ~~blocking~~ spam & malicious ~~visitors~~ a ~~cinch.~~ ~~Just~~ ~~install,~~ ~~activate, configure and enjoy a spam~~-~~free~~ ~~site~~.
13
14	== Description ==
15
	@@ -63,6 +63,12 @@ For more information & developer documentation, see the [plugin’s website](htt
63
64	== Frequently Asked Questions ==
65






66	= Does WordPress Zero Spam check Jetpack comments? =
67
68	No. WordPress Zero Spam is unable to integrate Jetpack. For more information, see [https://wordpress.org/support/topic/incompatible-with-jetpack-comments](https://wordpress.org/support/topic/incompatible-with-jetpack-comments).
	@@ -71,6 +77,8 @@ For more information & developer documentation, see the [plugin’s website](htt
71
72	Enabled caching. Caching is highly recommended and will prevent repeated calls to third-party API and access checks on each page visit.
73


74	= What WordPress Zero Spam WP-CLI commands are available? =
75
76	* `wp zerospam autoconfigure` — Auto-configures with recommended settings.
	@@ -96,6 +104,13 @@ If hosting with Pantheon, see their [known issues page](https://pantheon.io/docs
96
97	== Changelog ==
98







99	= v5.2.4 =
100
101	* feat(memberpress): resolves #283, now supports memberpress registration forms


5	Requires at least: 5.2
6	Tested up to: 5.8.2
7	Requires PHP: 7.3
8	+ Stable tag: 5.2.5
9	License: GNU GPLv3
10	License URI: https://choosealicense.com/licenses/gpl-3.0/
11
12	+ No captcha needed, behind the scenes protection against spam & malicious attacks using proven techniques & up-to-date blacklists.
13
14	== Description ==
15

63
64	== Frequently Asked Questions ==
65
66	+ = Does WordPress Zero Spam block user IPs? =
67	+
68	+ Not by itself. WordPress Zero Spam does not block IP addresses by itself. Visitors that are getting blocked have either been manually blocked by the site admin or appear in one of the IP blacklist like [Stop Forum Spam](https://www.stopforumspam.com/), [Project Honeypot](https://www.projecthoneypot.org/), or the [Zero Spam IP database](https://www.zerospam.org).
69	+
70	+ If a legitimate user is getting blocked, check the Log (Admin > Dashboard > Zero Spam > Log) to get further details why they were blocked. You can adjust how strict the 3rd-party blacklist checks are or disable those if you find that your users are prone to being flagged as spam/malicious.
71	+
72	= Does WordPress Zero Spam check Jetpack comments? =
73
74	No. WordPress Zero Spam is unable to integrate Jetpack. For more information, see [https://wordpress.org/support/topic/incompatible-with-jetpack-comments](https://wordpress.org/support/topic/incompatible-with-jetpack-comments).

77
78	Enabled caching. Caching is highly recommended and will prevent repeated calls to third-party API and access checks on each page visit.
79
80	+ You can also adjust the cache and API timeout settings in admin depending on your server and specific needs.
81	+
82	= What WordPress Zero Spam WP-CLI commands are available? =
83
84	* `wp zerospam autoconfigure` — Auto-configures with recommended settings.

104
105	== Changelog ==
106
107	+ = v5.2.5 =
108	+
109	+ * feat(givewp): now checks submitted emails against the blocked email domains list
110	+ * perf(everything): refactoring of code for a boost in performance
111	+ * docs(readme): misc. readme file updates
112	+ * fix(admin): fix for error log not clearing
113	+
114	= v5.2.4 =
115
116	* feat(memberpress): resolves #283, now supports memberpress registration forms

uninstall.php CHANGED Viewed

	@@ -17,6 +17,7 @@ $tables = array(
17	);
18
19	if ( is_multisite() ) {

20	$blogs = $wpdb->get_results( "SELECT blog_id FROM {$wpdb->blogs}", ARRAY_A );
21
22	if ( $blogs ) {
	@@ -30,6 +31,7 @@ if ( is_multisite() ) {
30	delete_option( 'zerospam_davidwalsh' );
31
32	foreach ( $tables as $key => $table ) {

33	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );
34	}
35	}
	@@ -43,6 +45,7 @@ if ( is_multisite() ) {
43	delete_option( 'zerospam_davidwalsh' );
44
45	foreach ( $tables as $key => $table ) {

46	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );
47	}
48	}


17	);
18
19	if ( is_multisite() ) {
20	+ // @codingStandardsIgnoreLine
21	$blogs = $wpdb->get_results( "SELECT blog_id FROM {$wpdb->blogs}", ARRAY_A );
22
23	if ( $blogs ) {

31	delete_option( 'zerospam_davidwalsh' );
32
33	foreach ( $tables as $key => $table ) {
34	+ // @codingStandardsIgnoreLine
35	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );
36	}
37	}

45	delete_option( 'zerospam_davidwalsh' );
46
47	foreach ( $tables as $key => $table ) {
48	+ // @codingStandardsIgnoreLine
49	$wpdb->query( "DROP TABLE IF EXISTS " . $wpdb->prefix . $table );
50	}
51	}

wordpress-zero-spam.php CHANGED Viewed

	@@ -13,7 +13,7 @@
13	* Plugin Name: WordPress Zero Spam
14	* Plugin URI: https://www.highfivery.com/projects/zero-spam/
15	* Description: Tired of all the worthless and bloated WordPress anti-spam & security plugins? WordPress Zero Spam makes blocking spam & malicious activity a cinch. <strong>Just install, activate, configure, and say goodbye to spam.</strong>
16	- * Version: 5.2.4
17	* Requires at least: 5.2
18	* Requires PHP: 7.3
19	* Author: Highfivery LLC
	@@ -31,7 +31,7 @@ defined( 'ABSPATH' ) \|\| die();
31	define( 'ZEROSPAM', __FILE__ );
32	define( 'ZEROSPAM_PATH', plugin_dir_path( ZEROSPAM ) );
33	define( 'ZEROSPAM_PLUGIN_BASE', plugin_basename( ZEROSPAM ) );
34	- define( 'ZEROSPAM_VERSION', '5.2.4' );
35
36	if ( defined( 'ZEROSPAM_DEVELOPMENT_URL' ) ) {
37	define( 'ZEROSPAM_URL', ZEROSPAM_DEVELOPMENT_URL );
	@@ -60,9 +60,19 @@ function zerospam_load_plugin_textdomain() {
60	* Admin notice for minimum PHP version
61	*/
62	function zerospam_fail_php_version() {
63	- /* ~~translators:~~ ~~%s: PHP version */~~
64	- ~~$message =~~ ~~sprintf(~~ ~~esc_html__(~~ ~~'WordPress~~ ~~Zero~~ ~~Spam~~ ~~requires~~ PHP version ~~%s+,~~ ~~plugin is currently NOT RUNNING.', 'zerospam' ), '7.3' );~~
65	- ~~$html_message = sprintf~~( ~~'<div class="error">%s</div>', wpautop( $message ) );~~










66	echo wp_kses_post( $html_message );
67	}
68
	@@ -70,8 +80,14 @@ function zerospam_fail_php_version() {
70	* Admin notice for minimum WordPress version
71	*/
72	function zerospam_fail_wp_version() {
73	- /* ~~translators:~~ ~~%s: WordPress version */~~
74	- ~~$message =~~ ~~sprintf(~~ ~~esc_html__( 'WordPress Zero Spam requires WordPress version~~ %s+. ~~Because~~ ~~you~~ ~~are~~ ~~using~~ ~~an earlier~~ version, ~~the~~ ~~plugin is currently NOT RUNNING.', 'zerospam' ), '5' );~~






75	$html_message = sprintf( '<div class="error">%s</div>', wpautop( $message ) );
76	echo wp_kses_post( $html_message );
77	}


13	* Plugin Name: WordPress Zero Spam
14	* Plugin URI: https://www.highfivery.com/projects/zero-spam/
15	* Description: Tired of all the worthless and bloated WordPress anti-spam & security plugins? WordPress Zero Spam makes blocking spam & malicious activity a cinch. <strong>Just install, activate, configure, and say goodbye to spam.</strong>
16	+ * Version: 5.2.5
17	* Requires at least: 5.2
18	* Requires PHP: 7.3
19	* Author: Highfivery LLC

31	define( 'ZEROSPAM', __FILE__ );
32	define( 'ZEROSPAM_PATH', plugin_dir_path( ZEROSPAM ) );
33	define( 'ZEROSPAM_PLUGIN_BASE', plugin_basename( ZEROSPAM ) );
34	+ define( 'ZEROSPAM_VERSION', '5.2.5' );
35
36	if ( defined( 'ZEROSPAM_DEVELOPMENT_URL' ) ) {
37	define( 'ZEROSPAM_URL', ZEROSPAM_DEVELOPMENT_URL );

60	* Admin notice for minimum PHP version
61	*/
62	function zerospam_fail_php_version() {
63	+ $message = sprintf(
64	+ /* translators: %s: replaced with the PHP version number */
65	+ esc_html__(
66	+ 'WordPress Zero Spam requires PHP version %s+, plugin is currently NOT RUNNING.',
67	+ 'zerospam'
68	+ ),
69	+ '7.3'
70	+ );
71	+ $html_message = sprintf(
72	+ /* translators: %s: replaced with the error message */
73	+ '<div class="error">%s</div>',
74	+ wpautop( $message )
75	+ );
76	echo wp_kses_post( $html_message );
77	}
78

80	* Admin notice for minimum WordPress version
81	*/
82	function zerospam_fail_wp_version() {
83	+ $message = sprintf(
84	+ /* translators: %s: replaced with the WordPress version number */
85	+ esc_html__(
86	+ 'WordPress Zero Spam requires WordPress version %s+. Because you are using an earlier version, the plugin is currently NOT RUNNING.',
87	+ 'zerospam'
88	+ ),
89	+ '5'
90	+ );
91	$html_message = sprintf( '<div class="error">%s</div>', wpautop( $message ) );
92	echo wp_kses_post( $html_message );
93	}