Beta

.github/workflows/tests.yml

@@ -33,6 +33,7 @@ jobs:
         uses: shivammathur/setup-php@v2
         with:
           php-version: ${{ env.PHP_VERSION }}
+          coverage: xdebug
 
       - name: Run MySQL server
         run: sudo systemctl start mysql

cleantalk.php

@@ -4,7 +4,7 @@
   Plugin Name: Anti-Spam by CleanTalk
   Plugin URI: https://cleantalk.org
   Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
-  Version: 6.78
+  Version: 6.79
   Author: CleanTalk - Anti-Spam Protection <welcome@cleantalk.org>
   Author URI: https://cleantalk.org
   Text Domain: cleantalk-spam-protect

inc/cleantalk-settings.php

@@ -189,6 +189,28 @@ function apbct_settings__set_fields()
                     ),
                     'long_description' => true,
                 ),
+                'sfw__anti_crawler'           => array(
+                    'type'        => 'checkbox',
+                    'title'       => 'Anti-Crawler' . $additional_ac_title, // Do not to localize this phrase
+                    'class'       => 'apbct_settings-field_wrapper',
+                    'parent'      => 'sfw__enabled',
+                    'description' =>
+                        __(
+                            'Plugin shows SpamFireWall stop page for any bot, except allowed bots (Google, Yahoo and etc).',
+                            'cleantalk-spam-protect'
+                        )
+                        . '<br>'
+                        . __(
+                            'Anti-Crawler includes blocking bots by the User-Agent. Use Personal lists in the Dashboard to filter specific User-Agents.',
+                            'cleantalk-spam-protect'
+                        )
+                        . '<br><b>'
+                        . __(
+                            'This option works only when SpamFireWall is enabled.',
+                            'cleantalk-spam-protect'
+                        ) . '</b>',
+                    'long_description' => true,
+                ),
                 'data__email_decoder__status'        => array(
                     'type'        => 'custom_html',
                     'title'       => __('Encode contact data', 'cleantalk-spam-protect'),
@@ -869,23 +891,6 @@ function apbct_settings__set_fields()
                     'title'       => __('Custom logo on SpamFireWall blocking pages', 'cleantalk-spam-protect'),
                     'parent'      => 'sfw__enabled',
                 ),
-                'sfw__anti_crawler'           => array(
-                    'type'        => 'checkbox',
-                    'title'       => 'Anti-Crawler' . $additional_ac_title, // Do not to localize this phrase
-                    'class'       => 'apbct_settings-field_wrapper',
-                    'parent'      => 'sfw__enabled',
-                    'description' =>
-                        __(
-                            'Plugin shows SpamFireWall stop page for any bot, except allowed bots (Google, Yahoo and etc).',
-                            'cleantalk-spam-protect'
-                        )
-                        . '<br>'
-                        . __(
-                            'Anti-Crawler includes blocking bots by the User-Agent. Use Personal lists in the Dashboard to filter specific User-Agents.',
-                            'cleantalk-spam-protect'
-                        ),
-                    'long_description' => true,
-                ),
                 'sfw__anti_flood'             => array(
                     'type'        => 'checkbox',
                     'title'       => 'Anti-Flood', // Do not to localize this phrase

js/prebuild/apbct-public-bundle.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_ext-protection.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_ext-protection_gathering.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_full-protection.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_full-protection_gathering.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_gathering.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_int-protection.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/prebuild/apbct-public-bundle_int-protection_gathering.js

@@ -2502,7 +2502,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 
@@ -2694,7 +2694,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -2724,7 +2724,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

js/src/public-1-functions.js

@@ -489,7 +489,7 @@ function getNoCookieData() { // eslint-disable-line no-unused-vars
     let noCookieData = {...noCookieDataLocal, ...noCookieDataSession};
     noCookieData = JSON.stringify(noCookieData);
 
-    return '_ct_no_cookie_data_' + btoa(noCookieData);
+    return '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
 }
 
 

js/src/public-1-main.js

@@ -112,7 +112,7 @@ class ApbctAttachData {
         hiddenInput.setAttribute( 'name', 'apbct_visible_fields');
         let visibleFieldsToInput = {};
         visibleFieldsToInput[0] = this.collectVisibleFields(form);
-        hiddenInput.value = btoa(JSON.stringify(visibleFieldsToInput));
+        hiddenInput.value = btoa(unescape(encodeURIComponent(JSON.stringify(visibleFieldsToInput))));
         form.append( hiddenInput );
     }
 
@@ -142,7 +142,7 @@ class ApbctAttachData {
 
         let noCookieData = getCleanTalkStorageDataArray();
         noCookieData = JSON.stringify(noCookieData);
-        noCookieData = '_ct_no_cookie_data_' + btoa(noCookieData);
+        noCookieData = '_ct_no_cookie_data_' + btoa(unescape(encodeURIComponent(noCookieData)));
         field = document.createElement('input');
         field.setAttribute('name', 'ct_no_cookie_hidden_field');
         field.setAttribute('value', noCookieData);

lib/Cleantalk/Antispam/IntegrationsByClass/WPSearchForm.php

@@ -2,13 +2,6 @@
 
 namespace Cleantalk\Antispam\IntegrationsByClass;
 
-use Cleantalk\ApbctWP\Escape;
-use Cleantalk\ApbctWP\Variables\Post;
-use Cleantalk\ApbctWP\Variables\Server;
-use Cleantalk\Common\TT;
-use Cleantalk\ApbctWP\Sanitize;
-use Cleantalk\ApbctWP\Variables\Cookie;
-use Cleantalk\ApbctWP\State;
 use Cleantalk\ApbctWP\Honeypot;
 use DOMDocument;
 
@@ -32,10 +25,10 @@ public function doAjaxWork()
     public function doPublicWork()
     {
         global $apbct;
-        if ( $apbct->settings['forms__search_test'] ) {
+        if ($apbct->settings['forms__search_test']) {
             add_filter('get_search_form', array($this, 'apbctFormSearchAddFields'), 999);
         }
-        if ( ! is_admin() && ! apbct_is_ajax() && ! apbct_is_customize_preview() ) {
+        if ($this->isNativeSearchFormRequest()) {
             // Default search
             add_filter('get_search_query', array($this, 'testSpam'));
             add_action('wp_head', array($this, 'addNoindex'), 1);
@@ -168,4 +161,22 @@ public function addNoindex()
         echo '<!-- meta by CleanTalk Anti-Spam Protection plugin -->' . "\n";
         echo '<meta name="robots" content="noindex,nofollow" />' . "\n";
     }
+
+    /**
+     * Process signs for the default search request.
+     * - not an admin page
+     * - not an ajax call
+     * - not a preview
+     * - has a 's' param in the GET array
+     * @return bool
+     */
+    public function isNativeSearchFormRequest()
+    {
+        return (
+            !is_admin() &&
+            !apbct_is_ajax() &&
+            !apbct_is_customize_preview() &&
+            isset($_GET['s']) // https://app.doboard.com/1/task/47523#comment_305493
+        );
+    }
 }