function rs_wpss_comment_content_filter($commentdata, $spamshield_options)
{
/***
* Content Filter aka "The Algorithmic Layer"
* Blocking the Obvious to Improve Human/Pingback/Trackback Defense
***/
/* Timer Start - Content Filter */
if (empty($commentdata['start_time_content_filter'])) {
$wpss_start_time_content_filter = microtime(TRUE);
$commentdata['start_time_content_filter'] = $wpss_start_time_content_filter;
}
$content_filter_status = $wpss_error_code = '';
/* Must go before tests */
rs_wpss_update_session_data($spamshield_options);
/* TEST 0 - See if user has already been blacklisted this session */
if (!is_user_logged_in() && rs_wpss_ubl_cache()) {
if (empty($content_filter_status)) {
$content_filter_status = '3';
}
/* 1.8 - Changed from '2' to '3' */
$wpss_error_code .= ' 0-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
$post_ref2xjs = !empty($_POST[WPSS_REF2XJS]) ? trim($_POST[WPSS_REF2XJS]) : '';
$post_ref2xjs_lc = rs_wpss_casetrans('lower', $post_ref2xjs);
/* CONTENT FILTERING - BEGIN */
$commentdata_comment_post_id = $commentdata['comment_post_ID'];
$commentdata_comment_post_title = $commentdata['comment_post_title'];
$commentdata_comment_post_title_lc = rs_wpss_casetrans('lower', $commentdata_comment_post_title);
$commentdata_comment_post_title_lc_regex = rs_wpss_preg_quote($commentdata_comment_post_title_lc);
$commentdata_comment_post_url = $commentdata['comment_post_url'];
$commentdata_comment_post_url_lc = rs_wpss_casetrans('lower', $commentdata_comment_post_url);
$commentdata_comment_post_url_lc_regex = rs_wpss_preg_quote($commentdata_comment_post_url_lc);
$commentdata_comment_post_type = $commentdata['comment_post_type'];
/* Possible results: 'post', 'page', 'attachment', 'revision', 'nav_menu_item' */
/* Next two are boolean */
$commentdata_comment_post_comments_open = $commentdata['comment_post_comments_open'];
$commentdata_comment_post_pings_open = $commentdata['comment_post_pings_open'];
$commentdata_comment_author = $commentdata['comment_author'];
$commentdata_comment_author_deslashed = stripslashes($commentdata_comment_author);
$commentdata_comment_author_lc = rs_wpss_casetrans('lower', $commentdata_comment_author);
$commentdata_comment_author_lc_regex = rs_wpss_preg_quote($commentdata_comment_author_lc);
$commentdata_comment_author_lc_words = rs_wpss_count_words($commentdata_comment_author_lc);
$commentdata_comment_author_lc_space = ' ' . $commentdata_comment_author_lc . ' ';
$commentdata_comment_author_lc_deslashed = stripslashes($commentdata_comment_author_lc);
$commentdata_comment_author_lc_deslashed_regex = rs_wpss_preg_quote($commentdata_comment_author_lc_deslashed);
$commentdata_comment_author_lc_deslashed_words = rs_wpss_count_words($commentdata_comment_author_lc_deslashed);
$commentdata_comment_author_lc_deslashed_space = ' ' . $commentdata_comment_author_lc_deslashed . ' ';
$commentdata_comment_author_email = $commentdata['comment_author_email'];
$commentdata_comment_author_email_lc = rs_wpss_casetrans('lower', $commentdata_comment_author_email);
$commentdata_comment_author_email_lc_regex = rs_wpss_preg_quote($commentdata_comment_author_email_lc);
$commentdata_comment_author_url = $commentdata['comment_author_url'];
$commentdata_comment_author_url_lc = rs_wpss_casetrans('lower', $commentdata_comment_author_url);
$commentdata_comment_author_url_lc_regex = rs_wpss_preg_quote($commentdata_comment_author_url_lc);
$commentdata_comment_author_url_domain_lc = rs_wpss_get_domain($commentdata_comment_author_url_lc);
$commentdata_comment_content = $commentdata['comment_content'];
$commentdata_comment_content_lc = rs_wpss_casetrans('lower', $commentdata_comment_content);
$commentdata_comment_content_lc_deslashed = stripslashes($commentdata_comment_content_lc);
$commentdata_comment_content_extracted_urls = rs_wpss_parse_links($commentdata_comment_content_lc_deslashed, 'url');
/* Parse comment content for all URLs */
$commentdata_comment_content_extracted_urls_at = rs_wpss_parse_links($commentdata_comment_content_lc_deslashed, 'url_at');
/* Parse comment content for Anchor Text Link URLs */
$commentdata_comment_content_num_links = count($commentdata_comment_content_extracted_urls);
/* Count extracted URLS from body content - Added 1.8.4 */
$commentdata_comment_content_num_limit = 3;
/* Max number of links in comment body content */
$replace_apostrophes = array('’', '`', '´', '`', ''', '`', 'e', '‘', '’', 'ž', '´', 'Ï', 'Ð', '‘', '’');
$commentdata_comment_content_lc_norm_apost = str_replace($replace_apostrophes, "'", $commentdata_comment_content_lc_deslashed);
$commentdata_comment_type = $commentdata['comment_type'];
/*
if( $commentdata_comment_type !== 'pingback' && $commentdata_comment_type !== 'trackback' ) {
$commentdata_comment_type = 'comment';
}
*/
$commentdata_user_agent = rs_wpss_get_user_agent(TRUE, FALSE);
$commentdata_user_agent_lc = rs_wpss_casetrans('lower', $commentdata_user_agent);
$user_http_accept = rs_wpss_get_http_accept(TRUE, TRUE);
$user_http_accept_language = rs_wpss_get_http_accept(TRUE, TRUE, TRUE);
$commentdata_remote_addr = rs_wpss_get_ip_addr();
$commentdata_remote_addr_regex = rs_wpss_preg_quote($commentdata_remote_addr);
$commentdata_remote_addr_lc = rs_wpss_casetrans('lower', $commentdata_remote_addr);
$commentdata_remote_addr_lc_regex = rs_wpss_preg_quote($commentdata_remote_addr_lc);
$commentdata_referrer = rs_wpss_get_referrer();
$commentdata_referrer_lc = rs_wpss_casetrans('lower', $commentdata_referrer);
$commentdata_php_self = $_SERVER['PHP_SELF'];
$commentdata_php_self_lc = rs_wpss_casetrans('lower', $commentdata_php_self);
$blog_server_ip = WPSS_SERVER_ADDR;
$blog_server_name = WPSS_SERVER_NAME;
/* IP / PROXY INFO - BEGIN */
global $wpss_ip_proxy_info;
if (empty($wpss_ip_proxy_info)) {
$wpss_ip_proxy_info = rs_wpss_ip_proxy_info();
}
extract($wpss_ip_proxy_info);
/* IP / PROXY INFO - END */
/***
* Post Type Filter - INVALTY
* Removed V 1.1.7 - Found Exception
***/
/* Simple Filters */
/* BEING DEPRECATED... */
$blacklist_word_combo_total_limit = 10;
/* you may increase to 30+ if blog's topic is adult in nature - DEPRECATED */
$blacklist_word_combo_total = 0;
/* Body Content - Check for excessive number of links in message ( body_content ) - 1.8.4 */
if ($commentdata_comment_content_num_links > $commentdata_comment_content_num_limit) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 1-HT';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/***
* Authors Only - Non-Trackback
* Removed Filters 300-423 and replaced with Regex
***/
/* Author Blacklist Check - Invalid Author Names - Stopping Human Spam */
if ($commentdata_comment_type !== 'trackback' && $commentdata_comment_type !== 'pingback' && rs_wpss_anchortxt_blacklist_chk($commentdata_comment_author_lc_deslashed, '', 'author', $commentdata_comment_author_url_lc)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10500A-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Regular Expression Tests - 2nd Gen - Comment Author/Author URL - BEGIN */
/* 10500-13000 - Complex Test for terms in Comment Author/URL - $commentdata_comment_author_lc_deslashed/$commentdata_comment_author_url_domain_lc */
/* Blacklisted Domains Check */
if (rs_wpss_domain_blacklist_chk($commentdata_comment_author_url_domain_lc)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10500AU-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Check for URL Shorteners, Bogus Long URLs, and Misc Spam Domains */
if (rs_wpss_at_link_spam_url_chk($commentdata_comment_author_url_lc)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10510AU-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Testing for a unique identifying string from the comment content in the Author URL Domain */
preg_match("~\\s+([a-z0-9]{6,})\$~i", $commentdata_comment_content_lc_deslashed, $wpss_str_matches);
if (!empty($wpss_str_matches[1])) {
$wpss_spammer_id_string = $wpss_str_matches[1];
} else {
$wpss_spammer_id_string = '';
}
$commentdata_comment_author_url_domain_lc_elements = explode('.', $commentdata_comment_author_url_domain_lc);
$commentdata_comment_author_url_domain_lc_elements_count = count($commentdata_comment_author_url_domain_lc_elements) - 1;
if (!empty($wpss_spammer_id_string)) {
$i = 0;
/* The following line to prevent exploitation: */
$i_max = 20;
while ($i < $commentdata_comment_author_url_domain_lc_elements_count && $i < $i_max) {
if (!empty($commentdata_comment_author_url_domain_lc_elements[$i])) {
if ($commentdata_comment_author_url_domain_lc_elements[$i] === $wpss_spammer_id_string) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10511AUA';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
++$i;
}
}
/***
* Potential Exploits
* Includes protection for Trackbacks and Pingbacks
***/
/* Check Author URL for Exploits */
if (rs_wpss_exploit_url_chk($commentdata_comment_author_url_lc)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 15000AU-XPL';
/* Added in 1.4 - Replacing 15001AU-XPL and 15002AU-XPL, and adds additional protection */
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Regular Expression Tests - 2nd Gen - Comment Author/Author URL - END */
$blacklist_word_combo_limit = 7;
$blacklist_word_combo = 0;
$i = 0;
/* Regular Expression Tests - 2nd Gen - Comment Content - BEGIN */
/* Miscellaneous Patterns that Keep Repeating */
if (preg_match("~^([0-9]{6})\\s([0-9]{6})(.*)\\s([0-9]{6})\$~i", $commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10401C';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Blacklisted Anchor Text Check - Links in Content - Stopping Human Spam */
if (rs_wpss_anchortxt_blacklist_chk($commentdata_comment_content_lc_deslashed, '', 'content') && $commentdata_comment_type !== 'trackback' && $commentdata_comment_type !== 'pingback') {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10500CAT-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Blacklisted Domains Check - Links in Content */
if (rs_wpss_link_blacklist_chk($commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10500CU-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Check Anchor Text Links for URL Shorteners, Bogus Long URLs, and Misc Spam Domains */
if (rs_wpss_at_link_spam_url_chk($commentdata_comment_content_extracted_urls_at)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 10510CU-BL';
/* Replacing 10510CU-MSC */
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Check all URL's in Comment Content for Exploits */
if (rs_wpss_exploit_url_chk($commentdata_comment_content_extracted_urls)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 15000CU-XPL';
/* Added in 1.4 */
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* Regular Expression Tests - 2nd Gen - Comment Content - END */
/***
* Test Comment Author
* Words in Comment Author Repeated in Content - With Keyword Density
***/
$repeated_terms_filters = array('.', '-', ':');
$repeated_terms_temp_phrase = str_replace($repeated_terms_filters, '', $commentdata_comment_author_lc_deslashed);
$repeated_terms_test = explode(' ', $repeated_terms_temp_phrase);
$repeated_terms_test_count = count($repeated_terms_test);
$comment_content_total_words = rs_wpss_count_words($commentdata_comment_content_lc_deslashed);
$i = 0;
while ($i < $repeated_terms_test_count) {
if (!empty($repeated_terms_test[$i])) {
$repeated_terms_in_content_count = rs_wpss_substr_count($commentdata_comment_content_lc_deslashed, $repeated_terms_test[$i]);
$repeated_terms_in_content_str_len = rs_wpss_strlen($repeated_terms_test[$i]);
if ($repeated_terms_in_content_count > 1 && $comment_content_total_words < $repeated_terms_in_content_count) {
$repeated_terms_in_content_count = 1;
}
$repeated_terms_in_content_density = $repeated_terms_in_content_count / $comment_content_total_words * 100;
if ($repeated_terms_in_content_count >= 5 && $repeated_terms_in_content_str_len >= 4 && $repeated_terms_in_content_density > 40) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9000-' . $i;
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
++$i;
}
/* Comment Author and URL Tests */
if (!empty($commentdata_comment_author_url_lc) && !empty($commentdata_comment_author_lc_deslashed)) {
/* Comment Author and Comment Author URL appearing in Content - REGEX VERSION */
if (preg_match("~(<\\s*a\\s+([a-z0-9\\-_\\.\\?\\='\"\\:\\(\\)\\{\\}\\s]*)\\s*href|\\[(url|link))\\s*\\=\\s*(['\"])?\\s*{$commentdata_comment_author_url_lc_regex}([a-z0-9\\-_\\/\\.\\?\\&\\=\\~\\@\\%\\+\\#\\:]*)(['\"])?(>|\\]){$commentdata_comment_author_lc_deslashed_regex}(<|\\[)\\s*\\/\\s*a\\s*(>|(url|link)\\])~i", $commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9100-1';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
if ($commentdata_comment_author_url_lc === $commentdata_comment_author_lc_deslashed && !preg_match("~https?\\:/+~i", $commentdata_comment_author_url_lc) && preg_match("~(<\\s*a\\s+([a-z0-9\\-_\\.\\?\\='\"\\:\\(\\)\\{\\}\\s]*)\\s*href|\\[(url|link))\\s*\\=\\s*(['\"])?\\s*(https?\\:/+[a-z0-9\\-_\\/\\.\\?\\&\\=\\~\\@\\%\\+\\#\\:]+)\\s*(['\"])?\\s*(>|\\]){$commentdata_comment_author_lc_deslashed_regex}(<|\\[)\\s*\\/\\s*a\\s*(>|(url|link)\\])~i", $commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9101';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
if (preg_match("~^((ww[w0-9]|m)\\.)?{$commentdata_comment_author_lc_deslashed_regex}\$~i", $commentdata_comment_author_url_domain_lc) && !preg_match("~https?\\:/+~i", $commentdata_comment_author_lc_deslashed)) {
/* Changed to include Trackbacks and Pingbacks in 1.1.4.4 */
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9102';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
if ($commentdata_comment_author_url_lc === $commentdata_comment_author_lc_deslashed && !preg_match("~https?\\:/+~i", $commentdata_comment_author_url_lc) && preg_match("~(https?\\:/+[a-z0-9\\-_\\/\\.\\?\\&\\=\\~\\@\\%\\+\\#\\:]+)~i", $commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9103';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
/***
* Email Filters
* New Test with Blacklists
***/
if (rs_wpss_email_blacklist_chk($commentdata_comment_author_email_lc)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' 9200E-BL';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* TEST REFERRERS 1 - TO THE COMMENT PROCESSOR */
if (strpos(WPSS_COMMENTS_POST_URL, $commentdata_php_self_lc) !== FALSE && $commentdata_referrer_lc === WPSS_COMMENTS_POST_URL) {
/* Often spammers send the referrer as the URL for the wp-comments-post.php page. */
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' REF-1-1011';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* TEST REFERRERS 2 - SPAMMERS SEARCHING FOR PAGES TO COMMENT ON */
if (!empty($post_ref2xjs)) {
$ref2xJS = addslashes(urldecode($post_ref2xjs));
$ref2xJS = str_replace('%3A', ':', $ref2xJS);
$ref2xJS = str_replace(' ', '+', $ref2xJS);
$ref2xJS = esc_url_raw($ref2xJS);
$ref2xJS_lc = rs_wpss_casetrans('lower', $ref2xJS);
if (preg_match("~\\.google\\.co(m|\\.[a-z]{2})~i", $ref2xJS) && strpos($ref2xJS_lc, 'leave a comment') !== FALSE) {
/* make test more robust for other versions of google & search query */
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' REF-2-1021';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* add Keyword Script Here */
}
/***
* TEST REFERRERS 3 - TO THE PAGE BEING COMMENTED ON
* DISABLED IN V1.5.9
***/
/* Spam Network - BEGIN */
/***
* PART OF BAD ROBOTS TEST - BEGIN
* Test User-Agents
***/
if (empty($commentdata_user_agent_lc)) {
/* There is no reason for a blank UA String, unless it's been altered or a bot. */
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' UA1001';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
$commentdata_user_agent_lc_word_count = rs_wpss_count_words($commentdata_user_agent_lc);
if (!empty($commentdata_user_agent_lc) && $commentdata_user_agent_lc_word_count < 3) {
if ($commentdata_comment_type !== 'trackback' && $commentdata_comment_type !== 'pingback' || strpos($commentdata_user_agent_lc, 'movabletype') === FALSE && $commentdata_comment_type === 'trackback') {
/* Another test for altered UA's. */
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' UA1003';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
if (rs_wpss_skiddie_ua_check($commentdata_user_agent_lc)) {
/* There is no reason for a human to use one of these UA strings. Commonly used to attack/spam WP. */
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' UA1004';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* PART OF BAD ROBOTS TEST - END */
if ($commentdata_comment_type !== 'trackback' && $commentdata_comment_type !== 'pingback') {
/***
* PART OF BAD ROBOTS TEST - BEGIN
* Test HTTP_ACCEPT
***/
if (empty($user_http_accept)) {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HA1001';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* HA1002 removed in 1.9.0.3 */
if ($user_http_accept === '*') {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HA1003';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* More complex test for invalid 'HTTP_ACCEPT' */
$user_http_accept_mod_1 = preg_replace("~([\\s\\;]+)~", ",", $user_http_accept);
$user_http_accept_elements = explode(',', $user_http_accept_mod_1);
$user_http_accept_elements_count = count($user_http_accept_elements);
$i = 0;
/* The following line to prevent exploitation: */
$i_max = 20;
while ($i < $user_http_accept_elements_count && $i < $i_max) {
if (!empty($user_http_accept_elements[$i])) {
if ($user_http_accept_elements[$i] === '*') {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HA1004';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
++$i;
}
/* Test HTTP_ACCEPT_LANGUAGE */
if (empty($user_http_accept_language)) {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HAL1001';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
if ($user_http_accept_language === '*') {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HAL1002';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
/* More complex test for invalid 'HTTP_ACCEPT_LANGUAGE' */
$user_http_accept_language_mod_1 = preg_replace("~([\\s\\;]+)~", ",", $user_http_accept_language);
$user_http_accept_language_elements = explode(',', $user_http_accept_language_mod_1);
$user_http_accept_language_elements_count = count($user_http_accept_language_elements);
$i = 0;
/* The following line to prevent exploitation: */
$i_max = 20;
while ($i < $user_http_accept_language_elements_count && $i < $i_max) {
if (!empty($user_http_accept_language_elements[$i])) {
if ($user_http_accept_language_elements[$i] === '*' && strpos($commentdata_user_agent_lc, 'links (') !== 0) {
$content_filter_status = '3';
/* Was 1, changed to 3 - V1.8.4 */
$wpss_error_code .= ' HAL1004';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
++$i;
}
/***
* HAL1005 - NOT IMPLEMENTED
* PART OF BAD ROBOTS TEST - END
***/
/***
* Test PROXY STATUS if option
* Google Chrome Compression Proxy Bypass
***/
if ($ip_proxy === 'PROXY DETECTED' && $ip_proxy_chrome_compression !== 'TRUE' && empty($spamshield_options['allow_proxy_users'])) {
$content_filter_status = '10';
$wpss_error_code .= ' PROXY1001';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
/***
* Test IPs - was here
* IP1003 - Removed in 1.8
***/
/* Reverse DNS Server Tests - BEGIN */
if ($commentdata_comment_type !== 'pingback' && $commentdata_comment_type !== 'trackback') {
/* Test Reverse DNS Hosts - Do all with Reverse DNS not Remote Host */
$rev_dns_filter_data = rs_wpss_revdns_filter('comment', $content_filter_status, $ip, $reverse_dns_lc, $commentdata_comment_author_lc_deslashed, $commentdata_comment_author_email_lc);
$revdns_blacklisted = $rev_dns_filter_data['blacklisted'];
if (!empty($revdns_blacklisted)) {
$content_filter_status = $rev_dns_filter_data['status'];
$wpss_error_code .= $rev_dns_filter_data['error_code'];
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
/* Reverse DNS Server Tests - END */
/* Spam Network - END */
/* Test Pingbacks and Trackbacks - OLD LOCATION */
/* Miscellaneous Preg Match Tests - Changed to regex in V1.8.4 */
$wpss_misc_spam_phrases_to_check = array('5000' => "~\\[\\.+\\]\\s+\\[\\.+\\]~", '5001' => "~^<new\\s+comment>\$~i", '5003' => "~^([a-z0-9\\s\\.,!]{0,12})?((he.a?|h([ily]{1,2}))(\\s+there)?|howdy|hello|bonjour|good\\s+day)([\\.,!])?\\s+(([ily]{1,2})\\s+know\\s+)?th([ily]{1,2})s\\s+([ily]{1,2})s\\s+([a-z\\s]{3,12}|somewhat|k([ily]{1,2})nd\\s*of)?(of{1,2}\\s+)?of{1,2}\\s+top([ily]{1,2})c\\s+(but|however)\\s+([ily]{1,2})\\s+(was\\s+wonder([ily]{1,2})nn?g?|need\\s+some\\s+adv([ily]{1,2})ce)~i", '5004' => "~^th([ily]{1,2})s\\s+([ily]{1,2})s\\s+k([ily]{1,2})nd\\s+of\\s+off\\s+top([ily]{1,2})c\\s+but~i");
/* 5002 - Removed in V1.8.4 */
foreach ($wpss_misc_spam_phrases_to_check as $ec => $rgx_phrase) {
if (preg_match($rgx_phrase, $commentdata_comment_content_lc_deslashed)) {
if (empty($content_filter_status)) {
$content_filter_status = '1';
}
$wpss_error_code .= ' ' . $ec;
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
/* BOILERPLATE: Add common boilerplate/template spam phrases... Add Blacklist functions */
/* WP Blacklist Check - BEGIN */
/* Test WP Blacklist if option set */
if (!empty($spamshield_options['enhanced_comment_blacklist']) && empty($content_filter_status)) {
if (rs_wpss_blacklist_check($commentdata_comment_author_lc_deslashed, $commentdata_comment_author_email_lc, $commentdata_comment_author_url_lc, $commentdata_comment_content_lc_deslashed, $ip, $commentdata_user_agent_lc, '')) {
if (empty($content_filter_status)) {
$content_filter_status = '100';
}
$wpss_error_code .= ' WP-BLACKLIST';
return rs_wpss_exit_content_filter($commentdata, $spamshield_options, $wpss_error_code, $content_filter_status);
}
}
/* WP Blacklist Check - END */
/* Timer End - Content Filter */
$wpss_end_time_content_filter = microtime(TRUE);
$wpss_total_time_content_filter = rs_wpss_timer($commentdata['start_time_content_filter'], $wpss_end_time_content_filter, FALSE, 6, TRUE);
$commentdata['total_time_content_filter'] = $wpss_total_time_content_filter;
if (empty($wpss_error_code)) {
$wpss_error_code = 'No Error';
} else {
$wpss_error_code = trim($wpss_error_code);
}
/***
* $spamshield_error_data = array( $wpss_error_code, $blacklist_word_combo, $blacklist_word_combo_total );
*/
$commentdata['wpss_error_code'] = trim($wpss_error_code);
$commentdata['content_filter_status'] = $content_filter_status;
return $commentdata;
/* CONTENT FILTERING - END */
}
function rs_wpss_check_new_user($errors = NULL, $user_login = NULL, $user_email = NULL)
{
/* Error checking for new user registration */
global $spamshield_options, $wpss_reg_err_chk_complete, $wpss_wc_reg_inprog;
if (is_user_logged_in() || !empty($wpss_reg_err_chk_complete)) {
return $errors;
}
if (!empty($wpss_wc_reg_inprog) || WPSS_Compatibility::is_woocom_enabled()) {
/* Check if we're on a WooCommerce Checkout Page */
if (isset($_GET['action']) && $_GET['action'] === 'woocommerce_checkout') {
return $errors;
}
$ecom_urls = unserialize(WPSS_ECOM_URLS);
foreach ($ecom_urls as $k => $u) {
if (strpos($_SERVER['REQUEST_URI'], $u) !== FALSE) {
return $errors;
}
}
} elseif (WPSS_Compatibility::is_ecom_enabled()) {
/* Check if we're on another e-commerce Checkout or Shopping Cart Page */
$ecom_urls = unserialize(WPSS_ECOM_URLS);
foreach ($ecom_urls as $k => $u) {
if (strpos($_SERVER['REQUEST_URI'], $u) !== FALSE) {
return $errors;
}
}
}
if (empty($spamshield_options)) {
$spamshield_options = get_option('spamshield_options');
}
if (!empty($spamshield_options['registration_shield_disable'])) {
return $errors;
}
/* BYPASS - HOOK */
$reg_check_bypass = apply_filters('wpss_registration_check_bypass', FALSE);
if (!empty($reg_check_bypass)) {
return $errors;
}
/* BYPASS CHECKS COMPLETE - NOW START */
if (empty($errors) || !is_object($errors)) {
$errors = new WP_Error();
}
$reg_filter_status = $wpss_error_code = $log_pref = '';
$reg_jsck_error = $reg_badrobot_error = $wpss_reg_err_chk_complete = $buddypress_status = $wc_status = $s2member_status = $wpmembers_status = $affiliates_status = FALSE;
$ns_val = 'NS3';
$pref = 'R-';
$errors_3p = array();
/* Error array for 3rd party plugins that don't follow WordPress standards for registration processing: BuddyPress, ... */
$error_txt = rs_wpss_error_txt();
if (class_exists('BuddyPress')) {
if (empty($user_login) && isset($_POST['signup_username'])) {
$user_login = rs_wpss_casetrans('lower', sanitize_user(wp_unslash($_POST['signup_username'])));
$buddypress_status = TRUE;
$log_pref = 'bp-';
}
if (empty($user_email) && isset($_POST['signup_email'])) {
$user_email = rs_wpss_casetrans('lower', sanitize_email(wp_unslash($_POST['signup_email'])));
$buddypress_status = TRUE;
$log_pref = 'bp-';
}
}
if (!empty($wpss_wc_reg_inprog)) {
$wc_status = TRUE;
$log_pref = 'wc-';
}
if (defined('WS_PLUGIN__S2MEMBER_VERSION')) {
$s2member_status = TRUE;
$log_pref = 's2-';
}
if (defined('AFFILIATES_CORE_VERSION')) {
$affiliates_status = TRUE;
$log_pref = 'aff-';
}
if (defined('WPMEM_VERSION')) {
$wpmembers_status = TRUE;
$log_pref = 'wpm-';
}
if (TRUE === $wc_status) {
$user_login = '';
if (empty($user_login) && isset($_POST['username'])) {
$user_login = rs_wpss_casetrans('lower', sanitize_user(wp_unslash($_POST['username'])));
}
if (empty($user_email) && isset($_POST['email'])) {
$user_email = rs_wpss_casetrans('lower', sanitize_email(wp_unslash($_POST['email'])));
}
}
if (TRUE === $affiliates_status) {
if (empty($user_login) && isset($_POST['user_login'])) {
$user_login = rs_wpss_casetrans('lower', sanitize_user(wp_unslash($_POST['user_login'])));
}
if (empty($user_email) && isset($_POST['user_email'])) {
$user_email = rs_wpss_casetrans('lower', sanitize_email(wp_unslash($_POST['user_email'])));
}
}
if (!rs_wpss_is_lang_en_us()) {
$locale = get_locale();
@load_textdomain('default', WP_LANG_DIR . "/admin-{$locale}.mo");
}
$new_fields = array('first_name' => rs_wpss_first_name_txt(), 'last_name' => rs_wpss_last_name_txt(), 'disp_name' => rs_wpss_disp_name_txt());
$user_data = array();
foreach ($new_fields as $k => $v) {
if (isset($_POST[$k])) {
$user_data[$k] = sanitize_text_field(wp_unslash($_POST[$k]));
} else {
$user_data[$k] = '';
}
}
if (FALSE === $buddypress_status && FALSE === $wc_status && FALSE === $s2member_status && FALSE === $affiliates_status) {
/* Check New Fields for Blanks */
$enter_your_x_txt = rs_wpss_enter_your_x_txt();
foreach ($new_fields as $k => $v) {
$k_uc = rs_wpss_casetrans('upper', $k);
if (empty($_POST[$k])) {
$errors->add('empty_' . $k, '<strong>' . $error_txt . ':</strong> ' . sprintf($enter_your_x_txt . '.', $v));
$wpss_error_code .= ' R-BLANK-' . $k_uc;
}
}
}
/* BAD ROBOT TEST - BEGIN */
$bad_robot_filter_data = rs_wpss_bad_robot_blacklist_chk('register', $reg_filter_status, '', '', $user_data['disp_name'], $user_email);
$reg_filter_status = $bad_robot_filter_data['status'];
$bad_robot_blacklisted = $bad_robot_filter_data['blacklisted'];
if (!empty($bad_robot_blacklisted)) {
$wpss_error_code .= $bad_robot_filter_data['error_code'];
$reg_badrobot_error = TRUE;
}
/* BAD ROBOT TEST - END */
/* BAD ROBOTS */
if ($reg_badrobot_error !== FALSE) {
$err_cod = 'badrobot_error';
$err_msg = __('User registration is currently not allowed.');
if (TRUE === $buddypress_status) {
$errors_3p[$err_cod] = $err_msg;
} else {
$errors->add($err_cod, '<strong>' . $error_txt . ':</strong> ' . $err_msg);
}
}
/* JS/COOKIES CHECK */
$wpss_ck_key_bypass = $wpss_js_key_bypass = FALSE;
$wpss_key_values = rs_wpss_get_key_values();
extract($wpss_key_values);
$wpss_jsck_cookie_val = !empty($_COOKIE[$wpss_ck_key]) ? $_COOKIE[$wpss_ck_key] : '';
$wpss_jsck_field_val = !empty($_POST[$wpss_js_key]) ? $_POST[$wpss_js_key] : '';
$wpss_jsck_jquery_val = !empty($_POST[$wpss_jq_key]) ? $_POST[$wpss_jq_key] : '';
if (TRUE === WPSS_COMPAT_MODE || defined('WPSS_SOFT_COMPAT_MODE')) {
/* 1.9.1 */
$wpss_ck_key_bypass = TRUE;
}
if (FALSE === $wpss_ck_key_bypass) {
/* 1.8.9 */
/* If jscripts.php is disabled, these would be skipped - Compatibility Mode */
if ($wpss_jsck_cookie_val !== $wpss_ck_val) {
$wpss_error_code .= ' ' . $pref . 'COOKIE-3';
$reg_jsck_error = TRUE;
}
if ($wpss_jsck_jquery_val !== $wpss_jq_val) {
$wpss_error_code .= ' ' . $pref . 'JQHFT-3';
$reg_jsck_error = TRUE;
}
}
if (FALSE === $wpss_js_key_bypass) {
if ($wpss_jsck_field_val !== $wpss_js_val) {
$wpss_error_code .= ' ' . $pref . 'FVFJS-3';
$reg_jsck_error = TRUE;
}
}
$post_jsonst = !empty($_POST[WPSS_JSONST]) ? trim($_POST[WPSS_JSONST]) : '';
$post_jsonst_lc = rs_wpss_casetrans('lower', $post_jsonst);
if (FALSE === $buddypress_status) {
if ($post_jsonst_lc === 'ns1' || $post_jsonst_lc === 'ns2' || $post_jsonst_lc === 'ns3' || $post_jsonst_lc === 'ns4' || $post_jsonst_lc === 'ns5') {
$wpss_error_code .= ' ' . $pref . 'JSONST-1000-3';
$reg_jsck_error = TRUE;
}
}
if ($reg_jsck_error !== FALSE && $reg_badrobot_error !== TRUE) {
$err_cod = 'jsck_error';
$err_msg = __('JavaScript and Cookies are required in order to register. Please be sure JavaScript and Cookies are enabled in your browser, and reload the page.', 'wp-spamshield');
/* NEEDS TRANSLATION */
if (TRUE === $buddypress_status) {
$errors_3p[$err_cod] = $err_msg;
} else {
$errors->add($err_cod, '<strong>' . $error_txt . ':</strong> ' . $err_msg);
}
}
if (FALSE === $wc_status) {
/* EMAIL BLACKLIST */
if (rs_wpss_email_blacklist_chk($user_email)) {
$wpss_error_code .= ' ' . $pref . '9200E-BL';
if ($reg_badrobot_error !== TRUE && $reg_jsck_error !== TRUE) {
$err_cod = 'blacklist_email_error';
$err_msg = __('Sorry, that email address is not allowed!') . ' ' . __('Please enter a valid email address.');
if (TRUE === $buddypress_status) {
$errors_3p[$err_cod] = $err_msg;
} else {
$errors->add($err_cod, '<strong>' . $error_txt . ':</strong> ' . $err_msg);
}
}
}
}
if (FALSE === $buddypress_status && FALSE === $wc_status && FALSE === $s2member_status && FALSE === $affiliates_status) {
/* AUTHOR KEYPHRASE BLACKLIST */
foreach ($user_data as $k => $v) {
$k_uc = rs_wpss_casetrans('upper', $k);
if (($k === 'user_login' || $k === 'first_name' || $k === 'last_name' || $k === 'disp_name') && rs_wpss_anchortxt_blacklist_chk($v)) {
$wpss_error_code .= ' ' . $pref . '10500A-BL-' . $k_uc;
if ($reg_badrobot_error !== TRUE && $reg_jsck_error !== TRUE) {
$nfk = $new_fields[$k];
$errors->add('blacklist_' . $k . '_error', '<strong>' . $error_txt . ':</strong> ' . sprintf(__('"%1$s" appears to be spam. Please enter a different value in the <strong> %2$s </strong> field.', 'wp-spamshield'), sanitize_text_field($v), $nfk));
}
}
}
}
/* Enhanced Comment Blacklist - R-0-ECBL*/
if (!empty($spamshield_options['enhanced_comment_blacklist']) && empty($wpss_error_code)) {
if (rs_wpss_blacklist_check('', $user_email)) {
$wpss_error_code .= ' ' . $pref . '0-ECBL';
$err_cod = 'blacklist_ecbl_error';
$err_msg = __('User registration is currently not allowed.');
if (TRUE === $buddypress_status) {
$errors_3p[$err_cod] = $err_msg;
} else {
$errors->add($err_cod, '<strong>' . $error_txt . ':</strong> ' . $err_msg);
}
}
}
if (FALSE === $wc_status) {
/* BLACKLISTED USER */
if (empty($wpss_error_code) && rs_wpss_ubl_cache()) {
$wpss_error_code .= ' ' . $pref . '0-BL';
$err_cod = 'blacklisted_user_error';
$err_msg = __('User registration is currently not allowed.');
if (TRUE === $buddypress_status) {
$errors_3p[$err_cod] = $err_msg;
} else {
$errors->add($err_cod, '<strong>' . $error_txt . ':</strong> ' . $err_msg);
}
}
}
/* Done with Tests */
/* Now Log the Errors, if any */
$post_ref2xjs = !empty($_POST[WPSS_REF2XJS]) ? trim($_POST[WPSS_REF2XJS]) : '';
$post_ref2xjs_lc = rs_wpss_casetrans('lower', $post_ref2xjs);
if (!empty($post_ref2xjs)) {
$ref2xJS = rs_wpss_casetrans('lower', addslashes(urldecode($post_ref2xjs)));
$ref2xJS = str_replace('%3a', ':', $ref2xJS);
$ref2xJS = str_replace(' ', '+', $ref2xJS);
$wpss_javascript_page_referrer = esc_url_raw($ref2xJS);
} else {
$wpss_javascript_page_referrer = '[None]';
}
if ($post_jsonst_lc === 'ns1' || $post_jsonst_lc === 'ns2' || $post_jsonst_lc === 'ns3' || $post_jsonst_lc === 'ns4' || $post_jsonst_lc === 'ns5') {
$wpss_jsonst = $post_jsonst;
} else {
$wpss_jsonst = '[None]';
}
$user_id = 'None';
/* Possibly change to '' */
$register_author_data = array('display_name' => $user_data['disp_name'], 'user_firstname' => $user_data['first_name'], 'user_lastname' => $user_data['last_name'], 'user_email' => $user_email, 'user_login' => $user_login, 'ID' => $user_id, 'comment_author' => $user_data['disp_name'], 'comment_author_email' => $user_email, 'comment_author_url' => '', 'javascript_page_referrer' => $wpss_javascript_page_referrer, 'jsonst' => $wpss_jsonst);
if (empty($register_author_data['comment_author']) && !empty($user_login)) {
$register_author_data['comment_author'] = $user_login;
}
unset($wpss_javascript_page_referrer, $wpss_jsonst);
$wpss_error_code = trim($wpss_error_code);
if (strpos($wpss_error_code, '0-BL') !== FALSE || strpos($wpss_error_code, '0-ECBL') !== FALSE) {
rs_wpss_append_log_data('Blacklisted user detected. Registration has been temporarily disabled to prevent spam. ERROR CODE: ' . $wpss_error_code, FALSE);
}
if (!empty($wpss_error_code)) {
if (TRUE === $buddypress_status) {
$wpss_error_code = str_replace('R-', 'BPR-', $wpss_error_code);
} elseif (TRUE === $wc_status) {
$wpss_error_code = str_replace('R-', 'WCR-', $wpss_error_code);
} elseif (TRUE === $s2member_status) {
$wpss_error_code = str_replace('R-', 'S2R-', $wpss_error_code);
} elseif (TRUE === $wpmembers_status) {
$wpss_error_code = str_replace('R-', 'WPMR-', $wpss_error_code);
} elseif (TRUE === $affiliates_status) {
$wpss_error_code = str_replace('R-', 'AFFR-', $wpss_error_code);
}
rs_wpss_update_accept_status($register_author_data, 'r', 'Line: ' . __LINE__, $wpss_error_code);
rs_wpss_increment_reg_count();
if (!empty($spamshield_options['comment_logging'])) {
rs_wpss_log_data($register_author_data, $wpss_error_code, $log_pref . 'register');
}
} elseif (TRUE === $buddypress_status) {
rs_wpss_update_accept_status($register_author_data, 'a', 'Line: ' . __LINE__);
if (!empty($spamshield_options['comment_logging']) && !empty($spamshield_options['comment_logging_all'])) {
rs_wpss_log_data($register_author_data, $wpss_error_code, $log_pref . 'register');
}
}
/* Now return the error values, or output error message */
if (TRUE === $wc_status) {
$wpss_wc_reg_inprog = FALSE;
}
if (!empty($wpss_error_code)) {
if (TRUE === $buddypress_status) {
$error_msg = '';
foreach ($errors_3p as $c => $m) {
$error_msg .= '<strong>' . $error_txt . ':</strong> ' . $m . '<br /><br />' . WPSS_EOL;
}
WP_SpamShield::wp_die($error_msg, TRUE);
}
} elseif (TRUE === $wc_status) {
rs_wpss_update_accept_status($register_author_data, 'a', 'Line: ' . __LINE__);
if (!empty($spamshield_options['comment_logging']) && !empty($spamshield_options['comment_logging_all'])) {
rs_wpss_log_data($register_author_data, $wpss_error_code, $log_pref . 'register');
}
}
$wpss_reg_err_chk_complete = TRUE;
return $errors;
}
