updates

Author: bmarshall511

core/admin/class-settings.php

@@ -558,21 +558,21 @@ public function settings_page() {
 							?>
 							<div class="zerospam-block">
 								<div class="zerospam-block__content zerospam-block__content--supports">
-									<strong><?php _e( 'Detection Support', 'zero-spam' ); ?>:</strong>
+									<strong><?php _e( 'Supported Signals', 'zero-spam' ); ?>:</strong>
 									<?php
 									foreach ( $section['supports'] as $k => $s ) :
 										switch ( $s ) :
 											case 'honeypot':
 												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'assets/img/icon-honeypot.svg" alt="' . esc_attr( __( 'Honeypot', 'zero-spam' ) ) . '" />';
 												break;
 											case 'email':
-												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'assets/img/icon-email.svg" alt="' . esc_attr( __( 'Email', 'zero-spam' ) ) . '" />';
+												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'assets/img/icon-email.svg" alt="' . esc_attr( __( 'Email Protection', 'zero-spam' ) ) . '" title="' . esc_attr( __( 'Email Protection', 'zero-spam' ) ) . '" />';
 												break;
 											case 'davidwalsh':
 												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'modules/davidwalsh/icon-david-walsh.png" alt="' . esc_attr( __( 'David Walsh', 'zero-spam' ) ) . '" />';
 												break;
 											case 'words':
-												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'assets/img/icon-words.svg" alt="' . esc_attr( __( 'Disallowed Words', 'zero-spam' ) ) . '" />';
+												echo '<img class="zerospam-small-icon" src="' . plugin_dir_url( ZEROSPAM ) . 'assets/img/icon-words.svg" alt="' . esc_attr( __( 'Disallowed Words', 'zero-spam' ) ) . '" title="' . esc_attr( __( 'Disallowed Words', 'zero-spam' ) ) . '" />';
 												break;
 										endswitch;
 
@@ -582,8 +582,8 @@ public function settings_page() {
 							</div>
 							<?php
 						endif;
-					 endforeach;
-					 ?>
+					endforeach;
+					?>
 
 					<?php if ( ! in_array( $subview, array(  'export', 'errors' ) ) ) : ?>
 						<?php

core/class-access.php

@@ -16,7 +16,6 @@
  * Access
  */
 class Access {
-
 	/**
 	 * Constructor
 	 */

core/class-utilities.php

@@ -851,8 +851,6 @@ public static function geolocation( $ip ) {
 		}
 		// 2. Query ipbase
 		$location_details = apply_filters( 'zero_spam_ip_address_details', $ip, $location_details );
-		echo 1;
-		die();
 
 		// 3. Query the IPinfo API.
 		$ipinfo_location = ZeroSpam\Modules\IPinfoModule::get_geolocation( $ip );

includes/class-plugin.php

@@ -31,6 +31,7 @@ private function __construct() {
 
 		add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
 		add_filter( 'zerospam_failed_types', array( $this, 'failed_types' ), 10, 1 );
+		add_action( 'zero_spam_flagged_attempt', array( $this, 'flagged_attempt' ), 10, 3 );
 	}
 
 	/**
@@ -85,7 +86,7 @@ private function init_modules() {
 		new \ZeroSpam\Includes\Updates();
 
 		// Site security
-		new \ZeroSpam\Modules\Security();
+		new \ZeroSpam\Modules\Security\Security();
 
 		// Zero Spam module.
 		new \ZeroSpam\Modules\Zero_Spam();
@@ -125,6 +126,11 @@ private function init_modules() {
 		// Used to check if a plugin is installed & active.
 		include_once ABSPATH . 'wp-admin/includes/plugin.php';
 
+		// Elementor plugin module.
+		/*if ( is_plugin_active( 'elementor-pro/elementor-pro.php' ) ) {
+			new \ZeroSpam\Modules\Elementor\Elementor();
+		}*/
+
 		// GiveWP plugin module.
 		if ( is_plugin_active( 'give/give.php' ) ) {
 			new \ZeroSpam\Modules\Give\Give();
@@ -184,6 +190,29 @@ public function types( $types ) {
 
 		return $types;
 	}
+
+	/**
+	 * Action taken for flagged attempts
+	 *
+	 * @param string $module The associated module.
+	 * @param string $signal The associated signal.
+	 * @param array  $data   Additional attempt data.
+	 */
+	public function flagged_attempt( $module, $signal, $data ) {
+		$details = array(
+			'type'   => $module,
+			'failed' => $signal,
+			'data'   => $data,
+		);
+
+		if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( $module . '_log_flagged_attempts' ) ) {
+			\ZeroSpam\Includes\DB::log( $module, $details );
+		}
+
+		if ( 'enabled' === \ZeroSpam\Core\Settings::get_settings( 'share_data' ) ) {
+			do_action( 'zerospam_share_detection', $details );
+		}
+	}
 }
 
 Plugin::instance();

modules/class-security.php

@@ -0,0 +1,171 @@
+<?php
+/**
+ * Adds integration for Elementor Pro forms
+ *
+ * @package ZeroSpam
+ */
+
+namespace ZeroSpam\Modules\Elementor;
+
+// Security Note: Blocks direct access to the plugin PHP files.
+defined( 'ABSPATH' ) || die();
+
+/**
+ * Elementor
+ */
+class Elementor {
+	/**
+	 * Constructor
+	 */
+	public function __construct() {
+		add_action( 'init', array( $this, 'init' ) );
+		wp_add_inline_style(
+			'zero-spam-admin',
+			'
+				.zerospam-type-elementor::before {
+					background-image: url("../../modules/elementor/icon-elementor.svg");
+				}
+			'
+		);
+	}
+
+	/**
+	 * Fires after WordPress has finished loading but before any headers are sent
+	 */
+	public function init() {
+		add_filter( 'zerospam_setting_sections', array( $this, 'sections' ) );
+		add_filter( 'zerospam_settings', array( $this, 'settings' ), 10, 1 );
+		add_filter( 'zerospam_types', array( $this, 'types' ), 10, 1 );
+
+		if (
+			'enabled' === \ZeroSpam\Core\Settings::get_settings( 'elementor_enabled' ) &&
+			\ZeroSpam\Core\Access::process()
+		) {
+			add_action( 'elementor_pro/forms/validation/email', array( $this, 'validate_email' ), 10, 3 );
+			add_action( 'elementor_pro/forms/validation/text', array( $this, 'validate_text' ), 10, 3 );
+			add_action( 'elementor_pro/forms/validation/textarea', array( $this, 'validate_text' ), 10, 3 );
+			add_action( 'elementor_pro/forms/validation/html', array( $this, 'validate_text' ), 10, 3 );
+		}
+	}
+
+	/**
+	 * Admin setting sections
+	 *
+	 * @param array $sections Array of admin setting sections.
+	 */
+	public function sections( $sections ) {
+		$sections['elementor'] = array(
+			'title'    => __( 'Elementor', 'zero-spam' ),
+			'icon'     => 'modules/elementor/icon-elementor.svg',
+			'supports' => array( 'email', 'words' ),
+		);
+
+		return $sections;
+	}
+
+	/**
+	 * Admin settings
+	 *
+	 * @param array $settings Array of available settings.
+	 */
+	public function settings( $settings ) {
+		$options = get_option( 'zero-spam-elementor' );
+
+		$settings['elementor_enabled'] = array(
+			'title'       => wp_kses(
+				__( 'Protect Form Submissions', 'zero-spam' ),
+				array(
+					'a'    => array(
+						'href'   => array(),
+						'class'  => array(),
+						'target' => array(),
+						'rel'    => array(),
+					),
+				)
+			),
+			'desc'        => __( 'Protects & monitors Elementor form submissions.', 'zero-spam' ),
+			'module'      => 'elementor',
+			'type'        => 'checkbox',
+			'options'     => array(
+				'enabled' => false,
+			),
+			'value'       => ! empty( $options['elementor_enabled'] ) ? $options['elementor_enabled'] : false,
+			'recommended' => 'enabled',
+		);
+
+		$message = __( 'We were unable to process your submission due to possible malicious activity.', 'zero-spam' );
+		$settings['elementor_flagged_msg'] = array(
+			'title'       => __( 'Flagged Message', 'zero-spam' ),
+			'desc'        => __( 'Message displayed when a submission has been flagged.', 'zero-spam' ),
+			'module'      => 'elementor',
+			'type'        => 'text',
+			'field_class' => 'large-text',
+			'placeholder' => $message,
+			'value'       => ! empty( $options['elementor_flagged_msg'] ) ? $options['elementor_flagged_msg'] : $message,
+			'recommended' => $message,
+		);
+
+		$settings['elementor_log_flagged_attempts'] = array(
+			'title'       => __( 'Log Flagged Attempts', 'zero-spam' ),
+			'module'      => 'elementor',
+			'type'        => 'checkbox',
+			'desc'        => wp_kses(
+				__( 'When enabled, stores blocked form submissions in the database.', 'zero-spam' ),
+				array( 'strong' => array() )
+			),
+			'options'     => array(
+				'enabled' => false
+			),
+			'value'       => ! empty( $options['elementor_log_flagged_attempts'] ) ? $options['elementor_log_flagged_attempts'] : false,
+			'recommended' => 'enabled',
+		);
+
+		return $settings;
+	}
+
+	/**
+	 * Register custom fields
+	 *
+	 * @param \ElementorPro\Modules\Forms\Registrars\Form_Fields_Registrar $form_fields_registrar
+	 */
+	public function register_fields( $form_fields_registrar ) {
+		//require_once ZEROSPAM_PATH . 'modules/elementor/fields/class-honeypot.php';
+	}
+
+	/**
+	 * Validates form on submission
+	 */
+	public function validate_form( $record, $ajax_handler ) {
+
+	}
+
+	/**
+	 * Validates an email address
+	 */
+	public function validate_email( $field, $record, $ajax_handler ) {
+		if ( \ZeroSpam\Core\Utilities::is_email_domain_blocked( $field['value'] ) ) {
+			$ajax_handler->add_error( $field['id'], \ZeroSpam\Core\Utilities::detection_message( 'elementor_flagged_msg' ) );
+			return;
+		}
+	}
+
+	/**
+	 * Validates text content
+	 */
+	public function validate_text( $field, $record, $ajax_handler ) {
+		if ( \ZeroSpam\Core\Utilities::is_disallowed( $field['value'] ) ) {
+			do_action(
+				'zero_spam_flagged_attempt',
+				'elementor',
+				'disallowed_list',
+				array(
+					'field'  => $field,
+					'record' => $record,
+				)
+			);
+
+			$ajax_handler->add_error( $field['id'], \ZeroSpam\Core\Utilities::detection_message( 'elementor_flagged_msg' ) );
+			return;
+		}
+	}
+}

modules/elementor/class-elementor.php

@@ -5,7 +5,6 @@
  * Malicious user detection techniques available:
  *
  * 1. Zero Spam honeypot field
- * 2. Checks blocked email domains
  *
  * @package ZeroSpam
  */
@@ -74,7 +73,7 @@ public function sections( $sections ) {
 		$sections['gravityforms'] = array(
 			'title'    => __( 'Gravity Forms', 'zero-spam' ),
 			'icon'     => 'modules/gravityforms/icon-gravity-forms.svg',
-			'supports' => array( 'honeypot', 'email' ),
+			'supports' => array( 'honeypot' ),
 		);
 
 		return $sections;
@@ -205,8 +204,7 @@ public function settings( $settings ) {
 			'recommended' => 'enabled',
 		);
 
-		$message = __( 'We were unable to process your submission: IP address has been flagged as possible spam.', 'zero-spam' );
-
+		$message = __( 'We were unable to process your submission due to possible malicious activity.', 'zero-spam' );
 		$settings['gravityforms_spam_message'] = array(
 			'title'       => __( 'Flagged Message', 'zero-spam' ),
 			'desc'        => __( 'Message displayed when a submission has been flagged.', 'zero-spam' ),