function rs_wpss_gf_spam_check($form)
{
    /***
     * Checks Gravity Forms submissions for spam
     * Added 1.8.9.9, Modified 1.9.5
     ***/
    if (rs_wpss_is_user_admin()) {
        return $form;
    }
    global $spamshield_options;
    if (empty($spamshield_options)) {
        $spamshield_options = get_option('spamshield_options');
    }
    rs_wpss_update_session_data($spamshield_options);
    if (!empty($spamshield_options['disable_gf_shield'])) {
        return $form;
    }
    /* BYPASS - HOOK */
    $gfsc_bypass = apply_filters('wpss_gf_spam_check_bypass', FALSE);
    if (!empty($gfsc_bypass)) {
        return $form;
    }
    /* IP / PROXY INFO - BEGIN */
    global $wpss_ip_proxy_info;
    if (empty($wpss_ip_proxy_info)) {
        $wpss_ip_proxy_info = rs_wpss_ip_proxy_info();
    }
    extract($wpss_ip_proxy_info);
    /* IP / PROXY INFO - END */
    $user_agent = rs_wpss_get_user_agent();
    /* BYPASS - Ecommerce Plugins */
    if ((rs_wpss_is_ssl() || !empty($_POST['add-to-cart']) || !empty($_POST['add_to_cart']) || !empty($_POST['addtocart']) || !empty($_POST['product-id']) || !empty($_POST['product_id']) || !empty($_POST['productid']) || preg_match("~^PayPal\\ IPN~", $user_agent) && preg_match("~(^|\\.)paypal\\.com\$~", $reverse_dns)) && rs_wpss_is_ecom_enabled()) {
        return $form;
    }
    $gf_filter_status = $wpss_error_code = '';
    $gf_jsck_error = $gf_badrobot_error = FALSE;
    $form_type = 'gravity forms';
    $pref = 'GF-';
    $errors_3p = array();
    $error_txt = rs_wpss_error_txt();
    $server_name = WPSS_SERVER_NAME;
    $server_email_domain = rs_wpss_get_email_domain($server_name);
    $gf_serial_post = serialize($_POST);
    $form_auth_dat = array('comment_author' => '', 'comment_author_email' => '', 'comment_author_url' => '');
    /* JS/JQUERY CHECK */
    $wpss_key_values = rs_wpss_get_key_values();
    $wpss_jq_key = $wpss_key_values['wpss_jq_key'];
    $wpss_jq_val = $wpss_key_values['wpss_jq_val'];
    if (TRUE === WPSS_COMPAT_MODE || defined('WPSS_SOFT_COMPAT_MODE')) {
        /* Fall back to FVFJS Keys instead of jQuery keys from jscripts.php */
        $wpss_jq_key = $wpss_key_values['wpss_js_key'];
        $wpss_jq_val = $wpss_key_values['wpss_js_val'];
    }
    $wpss_jsck_jquery_val = !empty($_POST[$wpss_jq_key]) ? $_POST[$wpss_jq_key] : '';
    if ($wpss_jsck_jquery_val !== $wpss_jq_val) {
        $wpss_error_code .= ' ' . $pref . 'JQHFT-7';
        $gf_jsck_error = TRUE;
        $err_cod = 'jsck_error';
        $err_msg = __('Sorry, there was an error. Please be sure JavaScript and Cookies are enabled in your browser and try again.', WPSS_PLUGIN_NAME);
        $errors_3p[$err_cod] = $err_msg;
    }
    /* EMAIL BLACKLIST */
    foreach ($_POST as $k => $v) {
        if (!is_string($v)) {
            continue;
        }
        $k_lc = rs_wpss_casetrans('lower', $k);
        $v_lc = rs_wpss_casetrans('lower', trim(stripslashes($v)));
        if (is_email($v_lc)) {
            $email_domain = rs_wpss_parse_email($v_lc, 'domain');
            if ($email_domain === $server_email_domain) {
                continue;
            }
            if (rs_wpss_email_blacklist_chk($v_lc)) {
                $wpss_error_code .= ' ' . $pref . '9200E-BL';
                if ($gf_jsck_error !== TRUE) {
                    $err_cod = 'blacklist_email_error';
                    $err_msg = __('Sorry, that email address is not allowed!') . ' ' . __('Please enter a valid email address.');
                    $errors_3p[$err_cod] = $err_msg;
                }
                break;
            }
        }
    }
    /* CONTACT FORM CONTENT BLACKLIST */
    foreach ($_POST as $k => $v) {
        if (!is_string($v)) {
            continue;
        }
        /* $k_lc = rs_wpss_casetrans('lower',$k); */
        $v_lc = rs_wpss_casetrans('lower', trim(stripslashes($v)));
        if (rs_wpss_cf_content_blacklist_chk($v_lc)) {
            $wpss_error_code .= ' ' . $pref . '10400C-BL';
            if ($gf_jsck_error !== TRUE) {
                $err_cod = 'blacklist_content_error';
                $err_msg = __('Message appears to be spam.', WPSS_PLUGIN_NAME);
                $errors_3p[$err_cod] = $err_msg;
            }
            break;
        }
    }
    /* BAD ROBOT BLACKLIST */
    $bad_robot_filter_data = rs_wpss_bad_robot_blacklist_chk($form_type, $gf_filter_status);
    $gf_filter_status = $bad_robot_filter_data['status'];
    $bad_robot_blacklisted = $bad_robot_filter_data['blacklisted'];
    if (!empty($bad_robot_blacklisted)) {
        $wpss_error_code .= $bad_robot_filter_data['error_code'];
        $gf_badrobot_error = TRUE;
        if ($gf_jsck_error !== TRUE) {
            $err_cod = 'badrobot_error';
            $err_msg = __('That action is currently not allowed.');
            $errors_3p[$err_cod] = $err_msg;
        }
    }
    /* BLACKLISTED USER */
    if (empty($wpss_error_code) && rs_wpss_ubl_cache()) {
        $wpss_error_code .= ' ' . $pref . '0-BL';
        $err_cod = 'blacklisted_user_error';
        $err_msg = __('That action is currently not allowed.');
        /* TO DO: TRANSLATE */
        $errors_3p[$err_cod] = $err_msg;
    }
    $wpss_error_code = trim($wpss_error_code);
    if (strpos($wpss_error_code, '0-BL') !== FALSE) {
        rs_wpss_append_log_data('Blacklisted user detected. Gravity Forms have been temporarily disabled to prevent spam. ERROR CODE: ' . $wpss_error_code, FALSE);
    }
    if (!empty($wpss_error_code)) {
        $spam = TRUE;
        rs_wpss_update_accept_status($form_auth_dat, 'r', 'Line: ' . __LINE__, $wpss_error_code);
        if (!empty($spamshield_options['comment_logging'])) {
            rs_wpss_log_data($form_auth_dat, $wpss_error_code, $form_type, $gf_serial_post);
        }
    } else {
        rs_wpss_update_accept_status($form_auth_dat, 'a', 'Line: ' . __LINE__);
        if (!empty($spamshield_options['comment_logging']) && !empty($spamshield_options['comment_logging_all'])) {
            rs_wpss_log_data($form_auth_dat, $wpss_error_code, $form_type, $gf_serial_post);
        }
    }
    /* Now output error message */
    if (!empty($wpss_error_code)) {
        $error_msg = '';
        foreach ($errors_3p as $c => $m) {
            $error_msg .= '<strong>' . $error_txt . ':</strong> ' . $m . '<br /><br />' . WPSS_EOL;
        }
        $args = array('response' => '403');
        wp_die($error_msg, '', $args);
    }
}
 public static function early_post_intercept()
 {
     /**
      * SECURITY - Checks all incoming POST requests early for malicious behavior
      * Added 1.9.7.8
      */
     if ('POST' !== $_SERVER['REQUEST_METHOD'] || rs_wpss_is_local_request() || is_user_logged_in()) {
         return;
     }
     global $spamshield_options;
     if (empty($spamshield_options)) {
         $spamshield_options = get_option('spamshield_options');
     }
     if (!empty($spamshield_options['disable_misc_form_shield'])) {
         return;
     }
     $url = rs_wpss_get_url();
     $url_lc = rs_wpss_casetrans('lower', $url);
     $req_uri = $_SERVER['REQUEST_URI'];
     $req_uri_lc = rs_wpss_casetrans('lower', $req_uri);
     $epc_filter_status = $wpss_error_code = $log_pref = '';
     $epc_jsck_error = $epc_badrobot_error = FALSE;
     $form_type = 'misc form';
     $pref = 'EPC-';
     $errors_3p = array();
     $error_txt = rs_wpss_error_txt();
     $server_name = WPSS_SERVER_NAME;
     $server_email_domain = rs_wpss_get_email_domain($server_name);
     $epc_serial_post = json_encode($_POST);
     $form_auth_dat = array('comment_author' => '', 'comment_author_email' => '', 'comment_author_url' => '');
     $blocked = FALSE;
     $c = array('name' => '', 'value' => '1', 'expire' => time() + 60 * 60 * 24 * 365 * 1, 'path' => '/', 'domain' => rs_wpss_get_cookie_domain(), 'secure' => FALSE, 'httponly' => FALSE);
     if (rs_wpss_is_xmlrpc()) {
         if (empty($_POST) || !empty($_GET)) {
             $blocked = TRUE;
         }
         rs_wpss_start_session();
         $c['name'] = 'P_XMLRPC';
     }
     if (rs_wpss_is_doing_ajax()) {
         if (empty($_POST) && empty($_GET) || empty($_REQUEST['action'])) {
             $wpss_error_code .= ' ' . $pref . 'FAR1020';
             $err_cod = 'fake_ajax_request_error';
             $err_msg = __('That action is currently not allowed.');
             $errors_3p[$err_cod] = $err_msg;
         }
     }
     if (rs_wpss_skiddie_ua_check()) {
         $wpss_error_code .= ' ' . $pref . 'UA1004';
         $err_cod = 'badrobot_skiddie_error';
         $err_msg = __('That action is currently not allowed.');
         $errors_3p[$err_cod] = $err_msg;
     }
     if (rs_wpss_ubl_cache()) {
         if (TRUE === WPSS_IP_BAN_ENABLE && rs_wpss_is_xmlrpc()) {
             self::ip_ban();
         }
         $wpss_error_code .= ' ' . $pref . '0-BL';
         $err_cod = 'blacklisted_user_error';
         $err_msg = __('That action is currently not allowed.');
         $errors_3p[$err_cod] = $err_msg;
     }
     if (!empty($c['name'])) {
         /* Setting cookie to honeypot bad actors */
         @setcookie($c['name'], $c['value'], $c['expire'], $c['path'], $c['domain'], $c['secure'], $c['httponly']);
     }
     if (!empty($wpss_error_code)) {
         rs_wpss_update_accept_status($form_auth_dat, 'r', 'Line: ' . __LINE__, $wpss_error_code);
         if (!empty($spamshield_options['comment_logging'])) {
             rs_wpss_log_data($form_auth_dat, $wpss_error_code, $form_type, $epc_serial_post);
         }
     } else {
         rs_wpss_update_accept_status($form_auth_dat, 'a', 'Line: ' . __LINE__);
     }
     /* Now output error message */
     if (!empty($wpss_error_code)) {
         $error_msg = '';
         foreach ($errors_3p as $c => $m) {
             $error_msg .= '<strong>' . $error_txt . ':</strong> ' . $m . '<br /><br />' . WPSS_EOL;
         }
         WP_SpamShield::wp_die($error_msg, TRUE);
     }
 }