Changeset 3261814
- Timestamp:
- 03/25/2025 10:17:20 PM (12 months ago)
- Location:
- oopspam-anti-spam/trunk
- Files:
-
- 2 added
- 8 edited
-
OOPSpamAPI.php (modified) (1 diff)
-
include/Background (added)
-
include/Background/AsyncProcessor.php (added)
-
include/UI/display-ham-entries.php (modified) (6 diffs)
-
include/UI/display-spam-entries.php (modified) (6 diffs)
-
integration/ContactForm7.php (modified) (1 diff)
-
integration/WooCommerce.php (modified) (10 diffs)
-
oopspam-antispam.php (modified) (2 diffs)
-
options.php (modified) (2 diffs)
-
readme.txt (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
oopspam-anti-spam/trunk/OOPSpamAPI.php
r3255030 r3261814 193 193 "shouldBeSpam" => $isSpam, 194 194 "sensitivityLevel" => $currentSensitivityLevel 195 ); 196 197 error_log("OOPSpamAPI: Report parameters: " . json_encode($parameters)); 198 195 ); 199 196 $jsonreply=$this->RequestToOOPSpamReportingAPI(json_encode($parameters)); 200 197 -
oopspam-anti-spam/trunk/include/UI/display-ham-entries.php
r3255030 r3261814 152 152 public static function get_ham_entries($per_page = 5, $page_number = 1, $search = "") { 153 153 global $wpdb; 154 155 // Validate and sanitize input parameters 156 $per_page = absint($per_page); 157 $page_number = absint($page_number); 158 $search = sanitize_text_field($search); 159 154 160 $table = $wpdb->prefix . 'oopspam_frm_ham_entries'; 155 161 156 162 // Start building the query 157 163 $where = array(); … … 160 166 // Add search condition if search term is provided 161 167 if (!empty($search)) { 168 // Use separate placeholders for each LIKE condition 162 169 $search_term = '%' . $wpdb->esc_like($search) . '%'; 163 170 $where[] = "(form_id LIKE %s OR message LIKE %s OR ip LIKE %s OR email LIKE %s OR raw_entry LIKE %s)"; 164 $values = array_merge($values, array ($search_term, $search_term, $search_term, $search_term, $search_term));171 $values = array_merge($values, array_fill(0, 5, $search_term)); 165 172 } 166 173 … … 277 284 public static function record_count() { 278 285 global $wpdb; 279 $table = $wpdb->prefix . 'oopspam_frm_ham_entries'; 280 281 return $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM %i", $table)); 286 $table = $wpdb->prefix . 'oopspam_frm_ham_entries'; 287 288 $where = array(); 289 $values = array($table); 290 291 $sql = "SELECT COUNT(*) FROM %i"; 292 293 // Add search condition if search term is provided 294 if (!empty($_REQUEST['s'])) { 295 $search = sanitize_text_field($_REQUEST['s']); 296 $search_term = '%' . $wpdb->esc_like($search) . '%'; 297 $where[] = "(form_id LIKE %s OR message LIKE %s OR ip LIKE %s OR email LIKE %s OR raw_entry LIKE %s)"; 298 $values = array_merge($values, array_fill(0, 5, $search_term)); 299 } 300 301 // Combine WHERE clauses 302 if (!empty($where)) { 303 $sql .= " WHERE " . implode(" AND ", $where); 304 } 305 306 return $wpdb->get_var($wpdb->prepare($sql, $values)); 282 307 } 283 308 … … 393 418 } 394 419 395 $response = wp_remote_get("https://reallyfreegeoip.org/json/{$ip}"); 420 $args = array( 421 'timeout' => 5, 422 'redirection' => 5, 423 'httpversion' => '1.1', 424 'blocking' => true, 425 'sslverify' => true 426 ); 427 428 $response = wp_remote_get("https://reallyfreegeoip.org/json/{$ip}", $args); 429 396 430 if (is_wp_error($response)) { 431 error_log('IP Geolocation Error: ' . $response->get_error_message()); 397 432 return ''; 398 433 } 399 434 435 if (wp_remote_retrieve_response_code($response) !== 200) { 436 error_log('IP Geolocation Error: Non-200 response code'); 437 return ''; 438 } 439 400 440 $body = wp_remote_retrieve_body($response); 441 if (empty($body)) { 442 return ''; 443 } 444 401 445 $data = json_decode($body, true); 402 446 if (isset($data['country_code'])) { … … 480 524 */ 481 525 public function prepare_items() { 482 483 526 $this->_column_headers = $this->get_column_info(); 527 528 // Handle individual actions 529 $action = $this->current_action(); 530 if ($action === 'report') { 531 if (isset($_GET['ham']) && isset($_GET['_wpnonce'])) { 532 $entry_id = absint($_GET['ham']); 533 if (wp_verify_nonce($_GET['_wpnonce'], 'sp_report_ham')) { 534 self::report_ham_entry($entry_id); 535 wp_redirect(remove_query_arg(['action', 'ham', '_wpnonce'])); 536 exit; 537 } 538 } 539 } 484 540 485 541 /** Process bulk action */ 486 542 $this->process_bulk_action(); 487 543 488 $per_page = $this->get_items_per_page( 'entries_per_page', 10);544 $per_page = $this->get_items_per_page('entries_per_page', 10); 489 545 $current_page = $this->get_pagenum(); 490 $total_items = self::record_count(); 491 492 $this->set_pagination_args( [ 493 'total_items' => $total_items, //We have to calculate the total number of items 494 'per_page' => $per_page //We have to determine how many items to show on a page 495 ] ); 496 497 if (isset($_POST['page']) && isset($_POST['s'])) { 498 $this->items = self::get_ham_entries($per_page, $current_page, $_POST['s']); 499 } else { 500 $this->items = self::get_ham_entries( $per_page, $current_page, "" ); 546 547 // Get search query from either POST or GET 548 $search = ''; 549 if (!empty($_REQUEST['s'])) { 550 $search = sanitize_text_field($_REQUEST['s']); 551 // Limit search term length to prevent excessive long queries 552 $search = substr($search, 0, 100); 501 553 } 554 555 $total_items = self::record_count(); 556 557 $this->set_pagination_args([ 558 'total_items' => $total_items, 559 'per_page' => $per_page 560 ]); 561 562 $this->items = self::get_ham_entries($per_page, $current_page, $search); 502 563 } 503 564 504 565 public function process_bulk_action() { 505 506 //Detect when a bulk action is being triggered... 507 if ('bulk-report' === $this->current_action()) { 508 $report_ids = isset($_POST['bulk-delete']) ? array_map('intval', $_POST['bulk-delete']) : []; 509 510 if (!empty($report_ids)) { 511 foreach ($report_ids as $id) { 512 // Report each selected entry as spam 513 self::report_ham_entry($id); 514 } 515 // Add a message to notify the user of success 516 echo '<div class="updated"><p>Selected entries have been reported as spam.</p></div>'; 517 } 518 } 519 520 if ( 'report' === $this->current_action() ) { 521 522 // In our file that handles the request, verify the nonce. 523 $nonce = esc_attr( $_GET['_wpnonce'] ); 524 525 if (!isset( $_GET['_wpnonce'] ) || !wp_verify_nonce( $nonce, 'sp_report_ham' ) ) { 526 die( 'Not allowed!' ); 527 } 528 else { 529 self::report_ham_entry( absint( $_GET['ham'] ) ); 530 531 // esc_url_raw() is used to prevent converting ampersand in url to "#038;" 532 // add_query_arg() return the current url 533 // wp_redirect( esc_url_raw(add_query_arg()) ); 534 wp_redirect( admin_url( 'admin.php?page=wp_oopspam_frm_ham_entries' ) ); 535 exit; 536 } 537 538 } 539 if ( 'delete' === $this->current_action() ) { 540 541 // In our file that handles the request, verify the nonce. 542 $nonce = esc_attr( $_GET['_wpnonce'] ); 543 544 if (!isset( $_GET['_wpnonce'] ) || !wp_verify_nonce( $nonce, 'sp_delete_ham' ) ) { 545 die( 'Not allowed!' ); 546 } 547 else { 548 self::delete_ham_entry( absint( $_GET['ham'] ) ); 549 550 // esc_url_raw() is used to prevent converting ampersand in url to "#038;" 551 // add_query_arg() return the current url 552 // wp_redirect( esc_url_raw(add_query_arg()) ); 553 wp_redirect( admin_url( 'admin.php?page=wp_oopspam_frm_ham_entries' ) ); 554 exit; 555 } 556 557 } 558 559 // If the delete bulk action is triggered 560 if ( ( isset( $_POST['action'] ) && $_POST['action'] == 'bulk-delete' ) 561 || ( isset( $_POST['action2'] ) && $_POST['action2'] == 'bulk-delete' ) 562 ) { 563 564 $delete_ids = esc_sql( $_POST['bulk-delete'] ); 565 566 // loop over the array of record IDs and delete them 567 foreach ( $delete_ids as $id ) { 568 self::delete_ham_entry( $id ); 569 } 570 571 // esc_url_raw() is used to prevent converting ampersand in url to "#038;" 572 // add_query_arg() return the current url 573 wp_redirect( esc_url_raw(add_query_arg()) ); 574 exit; 575 } 576 } 566 // Security check 567 if (isset($_POST['_wpnonce']) && !empty($_POST['_wpnonce'])) { 568 $nonce = filter_input(INPUT_POST, '_wpnonce', FILTER_UNSAFE_RAW); 569 $nonce = sanitize_text_field($nonce); 570 if (!wp_verify_nonce($nonce, 'bulk-' . $this->_args['plural'])) { 571 wp_die('Security check failed!'); 572 } 573 } 574 575 $action = $this->current_action(); 576 if (in_array($action, ['bulk-delete', 'bulk-report'])) { 577 $entry_ids = isset($_POST['bulk-delete']) ? array_map('absint', $_POST['bulk-delete']) : array(); 578 if (!empty($entry_ids)) { 579 // Add JavaScript for async processing 580 add_action('admin_footer', function() use ($entry_ids, $action) { 581 ?> 582 <style> 583 .oopspam-progress { 584 background: #f0f0f1; 585 border: 1px solid #c3c4c7; 586 padding: 10px; 587 margin: 10px 0; 588 border-radius: 4px; 589 display: none; 590 } 591 .oopspam-progress.active { 592 display: block; 593 } 594 </style> 595 <script type="text/javascript"> 596 jQuery(document).ready(function($) { 597 let remainingIds = <?php echo json_encode($entry_ids); ?>; 598 let processed = 0; 599 let total = remainingIds.length; 600 601 // Add progress div after the description and before the table 602 $('<div id="oopspam-progress" class="oopspam-progress"><div class="progress-text"></div></div>') 603 .insertBefore('.wp-list-table'); 604 605 let $progress = $('#oopspam-progress'); 606 let $progressText = $progress.find('.progress-text'); 607 608 function updateProgress(processed, total) { 609 $progress.addClass('active'); 610 $progressText.html('Processing: ' + processed + ' of ' + total + ' entries... (' + Math.round((processed/total) * 100) + '%)'); 611 } 612 613 function processNextEntry() { 614 updateProgress(processed, total); 615 616 $.ajax({ 617 url: ajaxurl, 618 type: 'POST', 619 data: { 620 action: 'process_bulk_entries', 621 nonce: '<?php echo wp_create_nonce('bulk-entries'); ?>', 622 entry_ids: remainingIds, 623 bulk_action: '<?php echo $action; ?>', 624 entry_type: 'ham' 625 }, 626 success: function(response) { 627 if (response.success) { 628 processed++; 629 remainingIds = response.data.remaining; 630 631 if (response.data.complete) { 632 $progressText.html('Processing complete! Reloading page...'); 633 setTimeout(function() { 634 location.reload(); 635 }, 1000); 636 } else { 637 processNextEntry(); 638 } 639 } else { 640 $progressText.html('Error occurred during processing.'); 641 } 642 }, 643 error: function() { 644 $progressText.html('Error occurred during processing.'); 645 } 646 }); 647 } 648 649 processNextEntry(); 650 }); 651 </script> 652 <?php 653 }); 654 } 655 } 656 } 577 657 578 658 } … … 638 718 <div id="post-body-content"> 639 719 <div class="meta-box-sortables ui-sortable"> 640 <form method="get"> <!-- Changed from post to get --> 641 <input type="hidden" name="page" value="<?php echo esc_attr($_REQUEST['page']) ?>" /> 720 <form method="post"> 642 721 <?php 643 722 $this->entries_obj->prepare_items(); 644 $this->entries_obj->search_box('search', 'search_id'); 723 $this->entries_obj->search_box('Search Entries', 'search_id'); 724 wp_nonce_field('bulk-' . $this->entries_obj->_args['plural']); 645 725 $this->entries_obj->display(); 646 726 ?> -
oopspam-anti-spam/trunk/include/UI/display-spam-entries.php
r3255030 r3261814 159 159 public static function get_spam_entries($per_page = 5, $page_number = 1, $search = "") { 160 160 global $wpdb; 161 162 // Validate and sanitize input parameters 163 $per_page = absint($per_page); 164 $page_number = absint($page_number); 165 $search = sanitize_text_field($search); 166 161 167 $table = $wpdb->prefix . 'oopspam_frm_spam_entries'; 162 168 … … 167 173 // Add search condition if search term is provided 168 174 if (!empty($search)) { 175 // Use separate placeholders for each LIKE condition 169 176 $search_term = '%' . $wpdb->esc_like($search) . '%'; 170 177 $where[] = "(form_id LIKE %s OR message LIKE %s OR ip LIKE %s OR email LIKE %s OR raw_entry LIKE %s)"; 171 $values = array_merge($values, array ($search_term, $search_term, $search_term, $search_term, $search_term));178 $values = array_merge($values, array_fill(0, 5, $search_term)); 172 179 } 173 180 … … 571 578 public static function record_count() { 572 579 global $wpdb; 573 $table = $wpdb->prefix . 'oopspam_frm_spam_entries'; 574 575 $sql = $wpdb->prepare("SELECT COUNT(*) FROM %i WHERE 1=1", $table); 576 $values = array(); 580 $table = $wpdb->prefix . 'oopspam_frm_spam_entries'; 581 582 $where = array(); 583 $values = array($table); 584 585 $sql = "SELECT COUNT(*) FROM %i"; 586 587 // Add search condition if search term is provided 588 if (!empty($_REQUEST['s'])) { 589 $search = sanitize_text_field($_REQUEST['s']); 590 $search_term = '%' . $wpdb->esc_like($search) . '%'; 591 $where[] = "(form_id LIKE %s OR message LIKE %s OR ip LIKE %s OR email LIKE %s OR raw_entry LIKE %s)"; 592 $values = array_merge($values, array_fill(0, 5, $search_term)); 593 } 577 594 578 595 // Add reason filter if selected 579 596 if (isset($_GET['filter_reason']) && !empty($_GET['filter_reason'])) { 580 $sql = $wpdb->prepare( 581 "SELECT COUNT(*) FROM %i WHERE reason = %s", 582 $table, 583 sanitize_text_field($_GET['filter_reason']) 584 ); 585 } 586 587 return $wpdb->get_var($sql); 588 } 589 597 $where[] = "reason = %s"; 598 $values[] = sanitize_text_field($_GET['filter_reason']); 599 } 600 601 // Combine WHERE clauses 602 if (!empty($where)) { 603 $sql .= " WHERE " . implode(" AND ", $where); 604 } 605 606 return $wpdb->get_var($wpdb->prepare($sql, $values)); 607 } 590 608 591 609 /** Text displayed when no spam entry is available */ … … 760 778 */ 761 779 public function prepare_items() { 762 763 780 $this->_column_headers = $this->get_column_info(); 781 782 // Handle individual actions 783 $action = $this->current_action(); 784 if ($action === 'report') { 785 if (isset($_GET['spam']) && isset($_GET['_wpnonce'])) { 786 $entry_id = absint($_GET['spam']); 787 if (wp_verify_nonce($_GET['_wpnonce'], 'sp_report_spam')) { 788 self::report_spam_entry($entry_id); 789 wp_redirect(remove_query_arg(['action', 'spam', '_wpnonce'])); 790 exit; 791 } 792 } 793 } 764 794 765 795 /** Process bulk action */ 766 796 $this->process_bulk_action(); 767 797 768 $per_page = $this->get_items_per_page( 'entries_per_page', 10);798 $per_page = $this->get_items_per_page('entries_per_page', 10); 769 799 $current_page = $this->get_pagenum(); 770 $total_items = self::record_count(); 771 772 $this->set_pagination_args( [ 773 'total_items' => $total_items, //We have to calculate the total number of items 774 'per_page' => $per_page //We have to determine how many items to show on a page 775 ] ); 776 777 if (isset($_POST['page']) && isset($_POST['s'])) { 778 $this->items = self::get_spam_entries($per_page, $current_page, $_POST['s']); 779 } else { 780 $this->items = self::get_spam_entries( $per_page, $current_page, "" ); 781 } 800 801 // Sanitize search input 802 $search = ''; 803 if (!empty($_REQUEST['s'])) { 804 $search = sanitize_text_field($_REQUEST['s']); 805 // Limit search term length to prevent excessive long queries 806 $search = substr($search, 0, 100); 807 } 808 809 $total_items = self::record_count(); 810 811 $this->set_pagination_args([ 812 'total_items' => $total_items, 813 'per_page' => $per_page 814 ]); 815 816 $this->items = self::get_spam_entries($per_page, $current_page, $search); 782 817 } 783 818 784 819 public function process_bulk_action() { 785 786 //Detect when a bulk action is being triggered... 787 if ('bulk-report' === $this->current_action()) { 788 789 $report_ids = isset($_POST['bulk-delete']) ? array_map('intval', $_POST['bulk-delete']) : []; 790 791 if (!empty($report_ids)) { 792 foreach ($report_ids as $id) { 793 // Report each selected entry as ham 794 self::report_spam_entry($id); 795 } 796 // Add a message to notify the user of success 797 echo '<div class="updated"><p>Selected entries have been reported as ham.</p></div>'; 798 } 799 } 800 if ( 'report' === $this->current_action() ) { 801 802 // Verify the nonce. 803 $nonce = esc_attr( $_GET['_wpnonce'] ); 804 805 if (!isset( $_GET['_wpnonce'] ) || !wp_verify_nonce( $nonce, 'sp_report_spam' ) ) { 806 die( 'Not allowed!' ); 807 } 808 else { 809 self::report_spam_entry( absint( $_GET['spam'] ) ); 810 wp_redirect( admin_url( 'admin.php?page=wp_oopspam_frm_spam_entries' ) ); 811 exit; 812 } 813 814 } 815 if ( 'delete' === $this->current_action() ) { 816 817 // Verify the nonce. 818 $nonce = esc_attr( $_GET['_wpnonce'] ); 819 820 if (!isset( $_GET['_wpnonce'] ) || !wp_verify_nonce( $nonce, 'sp_delete_spam' ) ) { 821 die( 'Not allowed!' ); 822 } 823 else { 824 self::delete_spam_entry( absint( $_GET['spam'] ) ); 825 wp_redirect( admin_url( 'admin.php?page=wp_oopspam_frm_spam_entries' ) ); 826 exit; 827 } 828 829 } 830 if ( 'notify' === $this->current_action() ) { 831 832 // Verify the nonce. 833 $nonce = esc_attr( $_GET['_wpnonce'] ); 834 835 if (!isset( $_GET['_wpnonce'] ) || !wp_verify_nonce( $nonce, 'sp_notify_spam' ) ) { 836 die( 'Not allowed!' ); 837 } 838 else { 839 self::notify_spam_entry( absint( $_GET['spam'] ) ); 840 } 841 842 } 843 844 // If the delete bulk action is triggered 845 if ( ( isset( $_POST['action'] ) && $_POST['action'] == 'bulk-delete' ) 846 || ( isset( $_POST['action2'] ) && $_POST['action2'] == 'bulk-delete' ) 847 ) { 848 849 $delete_ids = esc_sql( $_POST['bulk-delete'] ); 850 851 // loop over the array of record IDs and delete them 852 foreach ( $delete_ids as $id ) { 853 self::delete_spam_entry( $id ); 854 } 855 856 // esc_url_raw() is used to prevent converting ampersand in url to "#038;" 857 // add_query_arg() return the current url 858 wp_redirect( esc_url_raw(add_query_arg()) ); 859 exit; 860 } 861 } 820 // Security check 821 if (isset($_POST['_wpnonce']) && !empty($_POST['_wpnonce'])) { 822 $nonce = filter_input(INPUT_POST, '_wpnonce', FILTER_UNSAFE_RAW); 823 $nonce = sanitize_text_field($nonce); 824 if (!wp_verify_nonce($nonce, 'bulk-' . $this->_args['plural'])) { 825 wp_die('Security check failed!'); 826 } 827 } 828 829 $action = $this->current_action(); 830 if (in_array($action, ['bulk-delete', 'bulk-report'])) { 831 $entry_ids = isset($_POST['bulk-delete']) ? array_map('absint', $_POST['bulk-delete']) : array(); 832 if (!empty($entry_ids)) { 833 // Add JavaScript for async processing 834 add_action('admin_footer', function() use ($entry_ids, $action) { 835 ?> 836 <style> 837 .oopspam-progress { 838 background: #f0f0f1; 839 border: 1px solid #c3c4c7; 840 padding: 10px; 841 margin: 10px 0; 842 border-radius: 4px; 843 display: none; 844 } 845 .oopspam-progress.active { 846 display: block; 847 } 848 </style> 849 <script type="text/javascript"> 850 jQuery(document).ready(function($) { 851 let remainingIds = <?php echo json_encode($entry_ids); ?>; 852 let processed = 0; 853 let total = remainingIds.length; 854 855 // Add progress div after the description and before the table 856 $('<div id="oopspam-progress" class="oopspam-progress"><div class="progress-text"></div></div>') 857 .insertBefore('.wp-list-table'); 858 859 let $progress = $('#oopspam-progress'); 860 let $progressText = $progress.find('.progress-text'); 861 862 function updateProgress(processed, total) { 863 $progress.addClass('active'); 864 $progressText.html('Processing: ' + processed + ' of ' + total + ' entries... (' + Math.round((processed/total) * 100) + '%)'); 865 } 866 867 function processNextEntry() { 868 updateProgress(processed, total); 869 870 $.ajax({ 871 url: ajaxurl, 872 type: 'POST', 873 data: { 874 action: 'process_bulk_entries', 875 nonce: '<?php echo wp_create_nonce('bulk-entries'); ?>', 876 entry_ids: remainingIds, 877 bulk_action: '<?php echo $action; ?>', 878 entry_type: 'spam' 879 }, 880 success: function(response) { 881 if (response.success) { 882 processed++; 883 remainingIds = response.data.remaining; 884 885 if (response.data.complete) { 886 $progressText.html('Processing complete! Reloading page...'); 887 setTimeout(function() { 888 location.reload(); 889 }, 1000); 890 } else { 891 processNextEntry(); 892 } 893 } else { 894 $progressText.html('Error occurred during processing.'); 895 } 896 }, 897 error: function() { 898 $progressText.html('Error occurred during processing.'); 899 } 900 }); 901 } 902 903 processNextEntry(); 904 }); 905 </script> 906 <?php 907 }); 908 } 909 } 910 } 862 911 863 912 function column_ip($item) { … … 873 922 } 874 923 875 $response = wp_remote_get("https://reallyfreegeoip.org/json/{$ip}"); 924 $args = array( 925 'timeout' => 5, 926 'redirection' => 5, 927 'httpversion' => '1.1', 928 'blocking' => true, 929 'sslverify' => true 930 ); 931 932 $response = wp_remote_get("https://reallyfreegeoip.org/json/{$ip}", $args); 933 876 934 if (is_wp_error($response)) { 935 error_log('IP Geolocation Error: ' . $response->get_error_message()); 877 936 return ''; 878 937 } 879 938 939 if (wp_remote_retrieve_response_code($response) !== 200) { 940 error_log('IP Geolocation Error: Non-200 response code'); 941 return ''; 942 } 943 880 944 $body = wp_remote_retrieve_body($response); 945 if (empty($body)) { 946 return ''; 947 } 948 881 949 $data = json_decode($body, true); 882 950 if (isset($data['country_code'])) { … … 952 1020 <div id="post-body-content"> 953 1021 <div class="meta-box-sortables ui-sortable"> 954 <form method="get"> <!-- Changed from post to get --> 955 <input type="hidden" name="page" value="<?php echo esc_attr($_REQUEST['page']) ?>" /> 1022 <form method="post"> 956 1023 <?php 957 1024 $this->entries_obj->prepare_items(); 958 $this->entries_obj->search_box('search', 'search_id'); 1025 $this->entries_obj->search_box('Search Entries', 'search_id'); 1026 wp_nonce_field('bulk-' . $this->entries_obj->_args['plural']); 959 1027 $this->entries_obj->display(); 960 1028 ?> -
oopspam-anti-spam/trunk/integration/ContactForm7.php
r3255030 r3261814 22 22 } 23 23 24 // Check for default email field first 24 25 if (isset($_POST["your-email"])) { 25 26 $email = sanitize_email($_POST["your-email"]); 27 } else { 28 // If default email field not found, look for any field containing 'email' 29 foreach ($_POST as $field_name => $field_value) { 30 if (is_string($field_name) && stripos($field_name, 'email') !== false) { 31 $email = sanitize_email($field_value); 32 break; 33 } 34 } 26 35 } 27 36 -
oopspam-anti-spam/trunk/integration/WooCommerce.php
r3255030 r3261814 121 121 wp_die($error_to_show); 122 122 } 123 123 } 124 124 // Now check with OOPSpam API 125 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email'])); 125 $message = isset($post['order_comments']) ? sanitize_text_field($post['order_comments']) : ''; 126 if (empty($message) && isset($data['customer_note'])) { 127 $message = sanitize_text_field($data['customer_note']); 128 } 129 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email']), $message); 126 130 if ($showError) { 127 131 $error_to_show = $this->get_error_message(); 128 132 wc_add_notice( esc_html__( $error_to_show ), 'error' ); 129 133 } 130 }134 131 135 } 132 136 … … 135 139 136 140 $data = json_decode($order, true); 137 141 138 142 // Check for allowed email/IP 139 143 $hasAllowedEmail = isset($data['billing']['email']) ? $this->isEmailAllowed($data['billing']['email'], $data) : false; … … 181 185 wp_die($error_to_show); 182 186 } 183 187 } 184 188 // Now check with OOPSpam API 185 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email'])); 189 $message = isset($data['customer_note']) ? sanitize_text_field($data['customer_note']) : ''; 190 if (empty($message) && isset($data['order_comments'])) { 191 $message = sanitize_text_field($data['order_comments']); 192 } 193 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email']), $message); 186 194 if ($showError) { 187 195 $error_to_show = $this->get_error_message(); 188 196 wc_add_notice( esc_html__( $error_to_show ), 'error' ); 189 197 } 190 }198 191 199 } 192 200 … … 239 247 240 248 // Now check with OOPSpam API 241 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email'])); 249 $message = isset($data['customer_note']) ? sanitize_text_field($data['customer_note']) : ''; 250 if (empty($message) && isset($posted_data['order_comments'])) { 251 $message = sanitize_text_field($posted_data['order_comments']); 252 } 253 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($data['billing']['email']), $message); 242 254 if ($showError) { 243 255 $error_to_show = $this->get_error_message(); … … 249 261 function oopspam_checkout_process() { 250 262 251 $email = ""; 263 $email = ""; $message = ""; 264 $message = isset($_POST['order_comments']) ? sanitize_text_field($_POST['order_comments']) : ''; 265 if (empty($message) && isset($_POST['customer_note'])) { 266 $message = sanitize_text_field($_POST['customer_note']); 267 } 252 268 if (isset($_POST["billing_email"]) && is_email($_POST["billing_email"])) { 253 269 $email = $_POST["billing_email"]; 254 270 } 255 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email) );271 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email), sanitize_text_field($message)); 256 272 if ($showError) { 257 273 $error_to_show = $this->get_error_message(); … … 401 417 402 418 // OOPSpam check 403 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email)); 419 $message = isset($_POST['order_comments']) ? sanitize_text_field($_POST['order_comments']) : ''; 420 if (empty($message) && isset($_POST['customer_note'])) { 421 $message = sanitize_text_field($_POST['customer_note']); 422 } 423 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email), $message); 404 424 if ($showError) { 405 425 $error_to_show = $this->get_error_message(); … … 453 473 454 474 // OOPSpam check 455 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email)); 475 $message = isset($_POST['order_comments']) ? sanitize_text_field($_POST['order_comments']) : ''; 476 if (empty($message) && isset($_POST['customer_note'])) { 477 $message = sanitize_text_field($_POST['customer_note']); 478 } 479 $showError = $this->checkEmailAndIPInOOPSpam(sanitize_email($email), $message); 456 480 457 481 if ($showError) { … … 464 488 } 465 489 466 public function checkEmailAndIPInOOPSpam($email )490 public function checkEmailAndIPInOOPSpam($email, $message) 467 491 { 468 492 … … 478 502 479 503 if (!empty($userIP) || !empty($email)) { 480 $detectionResult = oopspamantispam_call_OOPSpam( "", $userIP, $email, true, "woo");504 $detectionResult = oopspamantispam_call_OOPSpam($message, $userIP, $email, true, "woo"); 481 505 if (!isset($detectionResult["isItHam"])) { 482 506 return false; … … 485 509 $frmEntry = [ 486 510 "Score" => $detectionResult["Score"], 487 "Message" => "",511 "Message" => $message, 488 512 "IP" => $userIP, 489 513 "Email" => $email, -
oopspam-anti-spam/trunk/oopspam-antispam.php
r3255030 r3261814 4 4 * Plugin URI: https://www.oopspam.com/ 5 5 * Description: Stop bots and manual spam from reaching you in comments & contact forms. All with high accuracy, accessibility, and privacy. 6 * Version: 1.2. 296 * Version: 1.2.30 7 7 * Author: OOPSpam 8 8 * Author URI: https://www.oopspam.com/ … … 40 40 require_once dirname(__FILE__) . '/include/UI/display-spam-entries.php'; 41 41 require_once dirname(__FILE__) . '/include/oopspam-rate-limiting.php'; 42 require_once dirname(__FILE__) . '/include/Background/AsyncProcessor.php'; 42 43 43 44 add_action('init', 'oopspam_do_output_buffer'); -
oopspam-anti-spam/trunk/options.php
r3255030 r3261814 24 24 ); 25 25 26 } 27 28 add_action('wp_ajax_update_cloud_providers_setting', 'oopspam_update_cloud_providers_setting'); 29 30 function oopspam_update_cloud_providers_setting() { 31 // Verify nonce 32 if (!check_ajax_referer('oopspam_update_cloud_providers', 'nonce', false)) { 33 wp_send_json_error('Invalid security token'); 34 return; 35 } 36 37 // Get current settings 38 $options = get_option('oopspamantispam_ipfiltering_settings', array()); 39 40 // Update based on enable parameter 41 $enable = isset($_POST['enable']) && filter_var($_POST['enable'], FILTER_VALIDATE_BOOLEAN); 42 if (!is_array($options)) { 43 $options = array(); 44 } 45 46 if ($enable) { 47 $options['oopspam_block_cloud_providers'] = "1"; 48 } else { 49 unset($options['oopspam_block_cloud_providers']); 50 } 51 52 // Save the updated settings 53 if (update_option('oopspamantispam_ipfiltering_settings', $options)) { 54 wp_send_json_success('Setting updated successfully'); 55 } else { 56 wp_send_json_error('Failed to update setting'); 57 } 26 58 } 27 59 … … 1486 1518 var rangeTextOutput = document.getElementById('range_text'); 1487 1519 rangeTextOutput.value = thresholdDescriptions[rangeInput.value]; 1520 1521 // Send AJAX request to update cloud providers setting 1522 var value = parseInt(rangeInput.value); 1523 var enableCloudProviders = value >= 4; 1524 1525 jQuery.post(ajaxurl, { 1526 action: 'update_cloud_providers_setting', 1527 nonce: '<?php echo wp_create_nonce("oopspam_update_cloud_providers"); ?>', 1528 enable: enableCloudProviders 1529 }); 1488 1530 } 1489 1531 -
oopspam-anti-spam/trunk/readme.txt
r3255030 r3261814 5 5 Requires at least: 3.6 6 6 Tested up to: 6.7 7 Stable tag: 1.2. 297 Stable tag: 1.2.30 8 8 License: GPLv2 or later 9 License URI: http ://www.gnu.org/licenses/gpl-2.0.html9 License URI: https://www.gnu.org/licenses/gpl-3.0.html 10 10 11 11 Stop bots and manual spam from reaching you in comments & contact forms. All with high accuracy, accessibility, and privacy. … … 106 106 107 107 == Changelog == 108 = 1.2.30 = 109 * **IMPROVEMENT:** Bulk actions are now processed asynchronously with a progress bar in the Form Spam and Form Ham Entries tables 110 * **IMPROVEMENT:** [Contact Form 7] Enhanced extraction method for email field value if the default is missing 111 * **IMPROVEMENT:** [WooCommerce] "Block URLs in message" setting now applies to Order Notes as well 112 * **IMPROVEMENT:** "Block Cloud Providers" is now automatically enabled for any sensitivity level above Moderate 113 * **FIX:** [WooCommerce] Resolved issue where spam protection didn't work in the Block Checkout 114 * **FIX:** Resolved issue with bulk actions not running in the Form Spam and Form Ham Entries tables 115 * **FIX:** Resolved search functionality issue in the Form Spam and Form Ham Entries tables 108 116 = 1.2.29 = 109 117 * **NEW:** Added support for Multi-site/Network installations
Note: See TracChangeset
for help on using the changeset viewer.