function wpss_insert_footer_js() { /*** * Insert WP-SpamShield JS into footer. This adds essential hidden fields to the relevant forms via jQuery. (REF2XJS and FVFJS) * Added 1.8.9.9 ***/ if (!is_admin() && is_user_logged_in() || !is_user_logged_in()) { $wpss_key_values = spamshield_get_key_values(); $wpss_js_key = $wpss_key_values['wpss_js_key']; $wpss_js_val = $wpss_key_values['wpss_js_val']; $spamshield_options = get_option('spamshield_options'); $comment_min_length = !empty($spamshield_options['comment_min_length']) ? $spamshield_options['comment_min_length'] : '15'; /* Add REF2XJS and FVFJS code */ echo "\n"; global $wpss_ao_active; $ao_noop_open = $ao_noop_close = ''; if (empty($wpss_ao_active)) { $wpss_ao_active = spamshield_is_plugin_active('autoptimize/autoptimize.php'); } if (!empty($wpss_ao_active)) { $ao_noop_open = '<!--noptimize-->'; $ao_noop_close = '<!--/noptimize-->'; } /* Add noptimize tags if Autoptimize is active */ echo $ao_noop_open . '<script type=\'text/javascript\'>' . "\n" . '/* <![CDATA[ */' . "\n" . WPSS_REF2XJS . '=escape(document[\'referrer\']);' . "\n" . 'hf4N=\'' . $wpss_js_key . '\';' . "\n" . 'hf4V=\'' . $wpss_js_val . '\';' . "\n" . 'jQuery(document).ready(function($){' . 'var e="#commentform, .comment-respond form, .comment-form, #registerform, #loginform, #wpss_contact_form, .wpcf7-form, .gform_wrapper form, #buddypress #signup_form, .buddypress #signup_form";$(e).submit(function(){$("<input>").attr("type","hidden").attr("name","' . WPSS_REF2XJS . '").attr("value",' . WPSS_REF2XJS . ').appendTo(e);'; if (FALSE == WPSS_COMPAT_MODE) { echo '$("<input>").attr("type","hidden").attr("name",hf4N).attr("value",hf4V).appendTo(e);'; } echo 'return true;});'; if (TRUE == WPSS_COMPAT_MODE) { echo 'var h="form[method=\'post\']";$(h).submit(function(){$("<input>").attr("type","hidden").attr("name",hf4N).attr("value",hf4V).appendTo(h);return true;});'; } else { echo '$("#comment").attr({minlength:"' . $comment_min_length . '",maxlength:"15360"})'; } echo '});' . "\n" . '/* ]]> */' . "\n" . '</script>' . $ao_noop_close . " " . "\n"; } }
function spamshield_check_new_user($errors, $user_login, $user_email) { /* Error checking for new user registration */ $spamshield_options = get_option('spamshield_options'); /* Check if registration spam shield is disabled - Added in 1.6.9 */ if (!empty($spamshield_options['registration_shield_disable'])) { return $errors; } $reg_filter_status = $wpss_error_code = ''; $reg_jsck_error = $reg_badrobot_error = FALSE; $ns_val = 'NS3'; $pref = 'R-'; $error_txt = spamshield_error_txt(); $new_fields = array('first_name' => __('First Name', WPSS_PLUGIN_NAME), 'last_name' => __('Last Name', WPSS_PLUGIN_NAME), 'disp_name' => __('Display Name', WPSS_PLUGIN_NAME)); $user_data = array(); foreach ($new_fields as $k => $v) { if (isset($_POST[$k])) { $user_data[$k] = trim(wp_unslash($_POST[$k])); } else { $user_data[$k] = ''; } } /* Check New Fields for Blanks */ foreach ($new_fields as $k => $v) { $k_uc = spamshield_casetrans('upper', $k); if (empty($_POST[$k])) { $errors->add('empty_' . $k, '<strong>' . $error_txt . ':</strong> ' . sprintf(__('Please enter your %s', WPSS_PLUGIN_NAME) . '.', $v)); $wpss_error_code .= ' R-BLANK-' . $k_uc; } } /* BAD ROBOT TEST - BEGIN */ $bad_robot_filter_data = spamshield_bad_robot_blacklist_chk('register', $reg_filter_status, '', '', $user_data['disp_name'], $user_email); $reg_filter_status = $bad_robot_filter_data['status']; $bad_robot_blacklisted = $bad_robot_filter_data['blacklisted']; if (!empty($bad_robot_blacklisted)) { $wpss_error_code .= $bad_robot_filter_data['error_code']; $reg_badrobot_error = TRUE; } /* BAD ROBOT TEST - END */ /* BAD ROBOTS */ if ($reg_badrobot_error != FALSE) { $errors->add('badrobot_error', '<strong>' . $error_txt . ':</strong> ' . __('User registration is currently not allowed.')); } /* JS/COOKIES CHECK */ $wpss_key_values = spamshield_get_key_values(TRUE); $wpss_ck_key = $wpss_key_values['wpss_ck_key']; $wpss_ck_val = $wpss_key_values['wpss_ck_val']; $wpss_js_key = $wpss_key_values['wpss_js_key']; $wpss_js_val = $wpss_key_values['wpss_js_val']; /* No need to check cache status here since registration form isn't cached */ if (!empty($_COOKIE[$wpss_ck_key])) { $wpss_jsck_cookie_val = $_COOKIE[$wpss_ck_key]; } else { $wpss_jsck_cookie_val = ''; } if (!empty($_POST[$wpss_js_key])) { $wpss_jsck_field_val = $_POST[$wpss_js_key]; } else { $wpss_jsck_field_val = ''; } $wpss_ck_key_bypass = $wpss_js_key_bypass = FALSE; //if ( TRUE == WPSS_EDGE && !empty( $spamshield_options['js_head_disable'] ) ) { /* EDGE - 1.8.4 */ if (!empty($spamshield_options['js_head_disable'])) { /* 1.8.9 */ $wpss_ck_key_bypass = TRUE; } if (FALSE == $wpss_ck_key_bypass) { /* 1.8.9 */ if ($wpss_jsck_cookie_val != $wpss_ck_val) { $wpss_error_code .= ' ' . $pref . 'COOKIE-3'; $reg_jsck_error = TRUE; } } if ($wpss_jsck_field_val != $wpss_js_val) { $wpss_error_code .= ' ' . $pref . 'FVFJS-3'; $reg_jsck_error = TRUE; } if (!empty($_POST[WPSS_JSONST])) { $post_jsonst = $_POST[WPSS_JSONST]; } else { $post_jsonst = ''; } if ($post_jsonst == $ns_val) { $wpss_error_code .= ' ' . $pref . 'JSONST-1000-3'; $reg_jsck_error = TRUE; } if ($reg_jsck_error != FALSE && $reg_badrobot_error != TRUE) { $errors->add('jsck_error', '<strong>' . $error_txt . ':</strong> ' . __('JavaScript and Cookies are required in order to register. Please be sure JavaScript and Cookies are enabled in your browser, and reload the page.', WPSS_PLUGIN_NAME)); } /* EMAIL BLACKLIST */ if (spamshield_email_blacklist_chk($user_email)) { $wpss_error_code .= ' ' . $pref . '9200E-BL'; if ($reg_badrobot_error != TRUE && $reg_jsck_error != TRUE) { $errors->add('blacklist_email_error', '<strong>' . $error_txt . ':</strong> ' . __('Sorry, that email address is not allowed!') . ' ' . __('Please enter a valid email address.')); } } /* AUTHOR KEYPHRASE BLACKLIST */ foreach ($user_data as $k => $v) { $k_uc = spamshield_casetrans('upper', $k); if (($k == 'user_login' || $k == 'first_name' || $k == 'last_name' || $k == 'disp_name') && spamshield_anchortxt_blacklist_chk($v)) { $wpss_error_code .= ' ' . $pref . '10500A-BL-' . $k_uc; if ($reg_badrobot_error != TRUE && $reg_jsck_error != TRUE) { $nfk = $new_fields[$k]; $errors->add('blacklist_' . $k . '_error', '<strong>' . $error_txt . ':</strong> ' . sprintf(__('"%1$s" appears to be spam. Please enter a different value in the <strong> %2$s </strong> field.', WPSS_PLUGIN_NAME), sanitize_text_field($v), $nfk)); } } } /* BLACKLISTED USER */ if (empty($wpss_error_code) && spamshield_ubl_cache()) { $wpss_error_code .= ' ' . $pref . '0-BL'; $errors->add('blacklisted_user_error', '<strong>' . $error_txt . ':</strong> ' . __('User registration is currently not allowed.')); } /* Done with Tests */ /* Now Log the Errors, if any */ if (!empty($_POST[WPSS_REF2XJS])) { $post_ref2xjs = $_POST[WPSS_REF2XJS]; } else { $post_ref2xjs = ''; } $post_ref2xjs = spamshield_casetrans('lower', $post_ref2xjs); if (!empty($post_ref2xjs)) { $ref2xJS = spamshield_casetrans('lower', addslashes(urldecode($post_ref2xjs))); $ref2xJS = str_replace('%3a', ':', $ref2xJS); $ref2xJS = str_replace(' ', '+', $ref2xJS); $wpss_javascript_page_referrer = esc_url_raw($ref2xJS); } else { $wpss_javascript_page_referrer = '[None]'; } if ($post_jsonst == 'NS3') { $wpss_jsonst = $post_jsonst; } else { $wpss_jsonst = '[None]'; } $user_id = 'None'; /* Possibly change to '' */ $register_author_data = array('display_name' => $user_data['disp_name'], 'user_firstname' => $user_data['first_name'], 'user_lastname' => $user_data['last_name'], 'user_email' => $user_email, 'user_login' => $user_login, 'ID' => $user_id, 'comment_author' => $user_data['disp_name'], 'comment_author_email' => $user_email, 'comment_author_url' => '', 'javascript_page_referrer' => $wpss_javascript_page_referrer, 'jsonst' => $wpss_jsonst); if (empty($register_author_data['comment_author']) && !empty($user_login)) { $register_author_data['comment_author'] = $user_login; } unset($wpss_javascript_page_referrer, $wpss_jsonst); $wpss_error_code = trim($wpss_error_code); if (!empty($wpss_error_code)) { spamshield_update_accept_status($register_author_data, 'r', 'Line: ' . __LINE__); spamshield_increment_reg_count(); if (!empty($spamshield_options['comment_logging'])) { spamshield_log_data($register_author_data, $wpss_error_code, 'register'); } } /* Now return the error values */ return $errors; }