Version: 6.77.

.github/workflows/tests.yml

@@ -11,6 +11,7 @@ on: # event list
     branches:
       - dev
       - master
+      - '**'
 
 env: # environment variables (available in any part of the action)
   PHP_VERSION: 7.4

cleantalk.php

@@ -4,7 +4,7 @@
   Plugin Name: Anti-Spam by CleanTalk
   Plugin URI: https://cleantalk.org
   Description: Max power, all-in-one, no Captcha, premium anti-spam plugin. No comment spam, no registration spam, no contact spam, protects any WordPress forms.
-  Version: 6.76
+  Version: 6.77
   Author: CleanTalk - Anti-Spam Protection <welcome@cleantalk.org>
   Author URI: https://cleantalk.org
   Text Domain: cleantalk-spam-protect

inc/cleantalk-common.php

@@ -607,6 +607,14 @@ function apbct_get_sender_info()
     $page_hits = RequestParameters::get('apbct_page_hits', Cookie::$force_alt_cookies_global);
     $page_hits = !empty($page_hits) ? TT::toString($page_hits) : null;
 
+    $ct_options = json_encode(
+        array_merge(
+            (array) $apbct->settings,
+            ['data__bot_detector_enabled' => apbct__is_bot_detector_enabled() ? 1 : 0]
+        ),
+        JSON_UNESCAPED_SLASHES
+    );
+
     //Let's keep $data_array for debugging
     $data_array = array(
         'plugin_request_id'         => $apbct->plugin_request_id,
@@ -615,7 +623,7 @@ function apbct_get_sender_info()
         'USER_AGENT'                => Server::get('HTTP_USER_AGENT'),
         'page_url'                  => apbct_sender_info___get_page_url(),
         'cms_lang'                  => substr(get_locale(), 0, 2),
-        'ct_options'                => json_encode($apbct->settings, JSON_UNESCAPED_SLASHES),
+        'ct_options'                => $ct_options,
         'fields_number'             => sizeof($_POST),
         'direct_post'               => $cookie_is_ok === null && apbct_is_post() ? 1 : 0,
         // Raw data to validated JavaScript test in the cloud

inc/cleantalk-integrations-by-hook.php

@@ -135,7 +135,7 @@
         'ajax'    => false
     ),
     'EasyDigitalDownloads' => array(
-        'hook'    => array('edd_pre_process_register_form', 'edd_insert_user_args'),
+        'hook'    => array('edd_pre_process_register_form', 'edd_insert_user_args', 'edd_customer_pre_create'),
         'setting' => 'forms__registrations_test',
         'ajax'    => false
     ),
@@ -291,6 +291,13 @@
         'setting' => 'forms__contact_forms_test',
         'ajax'    => true
     ),
+    'BookingCalendar' => array(
+        'hook'    => [
+            'WPBC_AJX_BOOKING__CREATE',
+        ],
+        'setting' => 'forms__contact_forms_test',
+        'ajax'    => true
+    ),
     'JobstackThemeRegistration' => array(
         'hook'    => 'wp_loaded',
         'setting' => 'forms__registrations_test',

inc/cleantalk-pluggable.php

@@ -1406,6 +1406,13 @@ function apbct_is_skip_request($ajax = false, $ajax_message_obj = array())
             return 'BookingPress service action';
         }
 
+        if (
+            apbct_is_plugin_active('booking/wpdev-booking.php') &&
+            (Post::getString('action') === 'WPBC_AJX_BOOKING__CREATE')
+        ) {
+            return 'WP BookingCalendar service action';
+        }
+
         if (
             (
                 apbct_is_plugin_active('pixelyoursite/pixelyoursite.php') ||
@@ -1812,6 +1819,11 @@ class_exists('Cleantalk\Antispam\Integrations\CleantalkInternalForms')
              apbct_is_in_uri('wc-ajax=iwd_opc_update_order_review') ) {
             return 'cartflows_save_cart';
         }
+        // WC addon - Metorik Helper plugin service requests
+        if ( apbct_is_plugin_active('metorik-helper/metorik-helper.php') &&
+             apbct_is_in_uri('wc-ajax=metorik_capture_customer_data') ) {
+            return 'metorik-helper skip';
+        }
         // Vault Press (JetPack) plugin service requests
         if (
             Post::get('do_backups') !== '' &&

inc/cleantalk-public-integrations.php

@@ -1460,6 +1460,11 @@ function apbct_form__contactForm7__testSpam($spam, $_submission = null)
      */
     $input_array = apply_filters('apbct__filter_post', $_POST);
 
+    $honeypot_params = array();
+    if ( isset($input_array['apbct__email_id__wp_contact_form_7']) ) {
+        $honeypot_params['honeypot_field'] = ($input_array['apbct__email_id__wp_contact_form_7'] === '') ? 1 : 0;
+    }
+
     $ct_temp_msg_data = ct_get_fields_any($input_array);
 
     $sender_email    = isset($ct_temp_msg_data['email']) ? $ct_temp_msg_data['email'] : '';
@@ -1472,21 +1477,24 @@ function apbct_form__contactForm7__testSpam($spam, $_submission = null)
     }
 
     $base_call_result = apbct_base_call(
-        array(
-            'message'         => $message,
-            'sender_email'    => $sender_email,
-            'sender_nickname' => $sender_nickname,
-            'js_on'           => $checkjs,
-            'post_info'       => array('comment_type' => 'contact_form_wordpress_cf7'),
-            'sender_info'     => array(
-                'form_validation' => ! isset($apbct->validation_error)
-                    ? null
-                    : json_encode(array(
-                        'validation_notice' => $apbct->validation_error,
-                        'page_url'          => TT::toString(Server::get('HTTP_HOST')) . TT::toString(Server::get('REQUEST_URI')),
-                    )),
-                'sender_emails_array' => $sender_emails_array,
+        array_merge(
+            array(
+                'message'         => $message,
+                'sender_email'    => $sender_email,
+                'sender_nickname' => $sender_nickname,
+                'js_on'           => $checkjs,
+                'post_info'       => array('comment_type' => 'contact_form_wordpress_cf7'),
+                'sender_info'     => array(
+                    'form_validation' => ! isset($apbct->validation_error)
+                        ? null
+                        : json_encode(array(
+                            'validation_notice' => $apbct->validation_error,
+                            'page_url'          => TT::toString(Server::get('HTTP_HOST')) . TT::toString(Server::get('REQUEST_URI')),
+                        )),
+                    'sender_emails_array' => $sender_emails_array,
+                ),
             ),
+            $honeypot_params
         )
     );
 

js/prebuild/apbct-public-bundle.js

@@ -2184,7 +2184,7 @@ function ctSetAlternativeCookie(cookies, params) {
         if (Array.isArray(cookies)) {
             cookies = getJavascriptClientData(cookies);
         }
-    } else if (!+ctPublic.settings__data__bot_detector_enabled) {
+    } else if (!+ctPublic.bot_detector_enabled) {
         console.log('APBCT ERROR: getJavascriptClientData() is not loaded');
     }
 
@@ -2400,10 +2400,12 @@ let apbctLocalStorage = {
                 const json = JSON.parse(storageValue);
                 if ( json.hasOwnProperty(property) ) {
                     try {
-                        // if property can be parsed as JSON - do it
-                        return JSON.parse( json[property] );
+                        const parsed = JSON.parse( json[property] );
+                        if ( parsed !== null && typeof parsed === 'object' ) {
+                            return json[property].toString();
+                        }
+                        return parsed;
                     } catch (e) {
-                        // if not - return string of value
                         return json[property].toString();
                     }
                 } else {
@@ -3422,7 +3424,7 @@ class ApbctHandler {
                     try {
                         const batchPayload = JSON.parse(args[1].body);
                         if (batchPayload.requests && Array.isArray(batchPayload.requests)) {
-                            const fieldPair = selectFieldsData(+ctPublic.settings__data__bot_detector_enabled);
+                            const fieldPair = selectFieldsData(+ctPublic.bot_detector_enabled);
                             for (const req of batchPayload.requests) {
                                 const isAddItem = req.path === '/wc/store/v1/cart/add-item';
                                 if (isAddItem && req.body && fieldPair && fieldPair.key) {
@@ -3596,6 +3598,11 @@ class ApbctHandler {
                 if (ajaxObject.data.indexOf('action=wwlc_create_user') !== -1) {
                     sourceSign.found = 'action=wwlc_create_user';
                 }
+                if (ajaxObject.data.indexOf('action=WPBC_AJX_BOOKING__CREATE') !== -1) {
+                    sourceSign.found = 'action=WPBC_AJX_BOOKING__CREATE';
+                    sourceSign.keepUnwrapped = true;
+                    sourceSign.attachVisibleFieldsData = true;
+                }
                 if (ajaxObject.data.indexOf('action=drplus_signup') !== -1) {
                     sourceSign.found = 'action=drplus_signup';
                     sourceSign.keepUnwrapped = true;
@@ -3675,7 +3682,7 @@ class ApbctHandler {
         try {
             // Event token
             if (
-                +ctPublic.settings__data__bot_detector_enabled &&
+                +ctPublic.bot_detector_enabled &&
                 apbctLocalStorage.get('bot_detector_event_token')
             ) {
                 const token = this.toolGetEventToken();

js/prebuild/apbct-public-bundle_ext-protection.js

@@ -2184,7 +2184,7 @@ function ctSetAlternativeCookie(cookies, params) {
         if (Array.isArray(cookies)) {
             cookies = getJavascriptClientData(cookies);
         }
-    } else if (!+ctPublic.settings__data__bot_detector_enabled) {
+    } else if (!+ctPublic.bot_detector_enabled) {
         console.log('APBCT ERROR: getJavascriptClientData() is not loaded');
     }
 
@@ -2400,10 +2400,12 @@ let apbctLocalStorage = {
                 const json = JSON.parse(storageValue);
                 if ( json.hasOwnProperty(property) ) {
                     try {
-                        // if property can be parsed as JSON - do it
-                        return JSON.parse( json[property] );
+                        const parsed = JSON.parse( json[property] );
+                        if ( parsed !== null && typeof parsed === 'object' ) {
+                            return json[property].toString();
+                        }
+                        return parsed;
                     } catch (e) {
-                        // if not - return string of value
                         return json[property].toString();
                     }
                 } else {
@@ -3422,7 +3424,7 @@ class ApbctHandler {
                     try {
                         const batchPayload = JSON.parse(args[1].body);
                         if (batchPayload.requests && Array.isArray(batchPayload.requests)) {
-                            const fieldPair = selectFieldsData(+ctPublic.settings__data__bot_detector_enabled);
+                            const fieldPair = selectFieldsData(+ctPublic.bot_detector_enabled);
                             for (const req of batchPayload.requests) {
                                 const isAddItem = req.path === '/wc/store/v1/cart/add-item';
                                 if (isAddItem && req.body && fieldPair && fieldPair.key) {
@@ -3596,6 +3598,11 @@ class ApbctHandler {
                 if (ajaxObject.data.indexOf('action=wwlc_create_user') !== -1) {
                     sourceSign.found = 'action=wwlc_create_user';
                 }
+                if (ajaxObject.data.indexOf('action=WPBC_AJX_BOOKING__CREATE') !== -1) {
+                    sourceSign.found = 'action=WPBC_AJX_BOOKING__CREATE';
+                    sourceSign.keepUnwrapped = true;
+                    sourceSign.attachVisibleFieldsData = true;
+                }
                 if (ajaxObject.data.indexOf('action=drplus_signup') !== -1) {
                     sourceSign.found = 'action=drplus_signup';
                     sourceSign.keepUnwrapped = true;
@@ -3675,7 +3682,7 @@ class ApbctHandler {
         try {
             // Event token
             if (
-                +ctPublic.settings__data__bot_detector_enabled &&
+                +ctPublic.bot_detector_enabled &&
                 apbctLocalStorage.get('bot_detector_event_token')
             ) {
                 const token = this.toolGetEventToken();
@@ -5111,7 +5118,7 @@ function ctProtectOutsideFunctionalHandler(entity, lsStorageName, lsUniqueName)
     ctAttachCoverCSSToHead();
     entityParent.appendChild(ctProtectOutsideFunctionalGenerateCover());
     let entitiesProtected = apbctLocalStorage.get(lsStorageName);
-    if (false === entitiesProtected) {
+    if (false === entitiesProtected || !Array.isArray(entitiesProtected)) {
         entitiesProtected = [];
     }
     if (lsUniqueName) {

js/prebuild/apbct-public-bundle_ext-protection_gathering.js

@@ -2184,7 +2184,7 @@ function ctSetAlternativeCookie(cookies, params) {
         if (Array.isArray(cookies)) {
             cookies = getJavascriptClientData(cookies);
         }
-    } else if (!+ctPublic.settings__data__bot_detector_enabled) {
+    } else if (!+ctPublic.bot_detector_enabled) {
         console.log('APBCT ERROR: getJavascriptClientData() is not loaded');
     }
 
@@ -2400,10 +2400,12 @@ let apbctLocalStorage = {
                 const json = JSON.parse(storageValue);
                 if ( json.hasOwnProperty(property) ) {
                     try {
-                        // if property can be parsed as JSON - do it
-                        return JSON.parse( json[property] );
+                        const parsed = JSON.parse( json[property] );
+                        if ( parsed !== null && typeof parsed === 'object' ) {
+                            return json[property].toString();
+                        }
+                        return parsed;
                     } catch (e) {
-                        // if not - return string of value
                         return json[property].toString();
                     }
                 } else {
@@ -3422,7 +3424,7 @@ class ApbctHandler {
                     try {
                         const batchPayload = JSON.parse(args[1].body);
                         if (batchPayload.requests && Array.isArray(batchPayload.requests)) {
-                            const fieldPair = selectFieldsData(+ctPublic.settings__data__bot_detector_enabled);
+                            const fieldPair = selectFieldsData(+ctPublic.bot_detector_enabled);
                             for (const req of batchPayload.requests) {
                                 const isAddItem = req.path === '/wc/store/v1/cart/add-item';
                                 if (isAddItem && req.body && fieldPair && fieldPair.key) {
@@ -3596,6 +3598,11 @@ class ApbctHandler {
                 if (ajaxObject.data.indexOf('action=wwlc_create_user') !== -1) {
                     sourceSign.found = 'action=wwlc_create_user';
                 }
+                if (ajaxObject.data.indexOf('action=WPBC_AJX_BOOKING__CREATE') !== -1) {
+                    sourceSign.found = 'action=WPBC_AJX_BOOKING__CREATE';
+                    sourceSign.keepUnwrapped = true;
+                    sourceSign.attachVisibleFieldsData = true;
+                }
                 if (ajaxObject.data.indexOf('action=drplus_signup') !== -1) {
                     sourceSign.found = 'action=drplus_signup';
                     sourceSign.keepUnwrapped = true;
@@ -3675,7 +3682,7 @@ class ApbctHandler {
         try {
             // Event token
             if (
-                +ctPublic.settings__data__bot_detector_enabled &&
+                +ctPublic.bot_detector_enabled &&
                 apbctLocalStorage.get('bot_detector_event_token')
             ) {
                 const token = this.toolGetEventToken();
@@ -5111,7 +5118,7 @@ function ctProtectOutsideFunctionalHandler(entity, lsStorageName, lsUniqueName)
     ctAttachCoverCSSToHead();
     entityParent.appendChild(ctProtectOutsideFunctionalGenerateCover());
     let entitiesProtected = apbctLocalStorage.get(lsStorageName);
-    if (false === entitiesProtected) {
+    if (false === entitiesProtected || !Array.isArray(entitiesProtected)) {
         entitiesProtected = [];
     }
     if (lsUniqueName) {

js/prebuild/apbct-public-bundle_full-protection.js

@@ -2184,7 +2184,7 @@ function ctSetAlternativeCookie(cookies, params) {
         if (Array.isArray(cookies)) {
             cookies = getJavascriptClientData(cookies);
         }
-    } else if (!+ctPublic.settings__data__bot_detector_enabled) {
+    } else if (!+ctPublic.bot_detector_enabled) {
         console.log('APBCT ERROR: getJavascriptClientData() is not loaded');
     }
 
@@ -2400,10 +2400,12 @@ let apbctLocalStorage = {
                 const json = JSON.parse(storageValue);
                 if ( json.hasOwnProperty(property) ) {
                     try {
-                        // if property can be parsed as JSON - do it
-                        return JSON.parse( json[property] );
+                        const parsed = JSON.parse( json[property] );
+                        if ( parsed !== null && typeof parsed === 'object' ) {
+                            return json[property].toString();
+                        }
+                        return parsed;
                     } catch (e) {
-                        // if not - return string of value
                         return json[property].toString();
                     }
                 } else {
@@ -3422,7 +3424,7 @@ class ApbctHandler {
                     try {
                         const batchPayload = JSON.parse(args[1].body);
                         if (batchPayload.requests && Array.isArray(batchPayload.requests)) {
-                            const fieldPair = selectFieldsData(+ctPublic.settings__data__bot_detector_enabled);
+                            const fieldPair = selectFieldsData(+ctPublic.bot_detector_enabled);
                             for (const req of batchPayload.requests) {
                                 const isAddItem = req.path === '/wc/store/v1/cart/add-item';
                                 if (isAddItem && req.body && fieldPair && fieldPair.key) {
@@ -3596,6 +3598,11 @@ class ApbctHandler {
                 if (ajaxObject.data.indexOf('action=wwlc_create_user') !== -1) {
                     sourceSign.found = 'action=wwlc_create_user';
                 }
+                if (ajaxObject.data.indexOf('action=WPBC_AJX_BOOKING__CREATE') !== -1) {
+                    sourceSign.found = 'action=WPBC_AJX_BOOKING__CREATE';
+                    sourceSign.keepUnwrapped = true;
+                    sourceSign.attachVisibleFieldsData = true;
+                }
                 if (ajaxObject.data.indexOf('action=drplus_signup') !== -1) {
                     sourceSign.found = 'action=drplus_signup';
                     sourceSign.keepUnwrapped = true;
@@ -3675,7 +3682,7 @@ class ApbctHandler {
         try {
             // Event token
             if (
-                +ctPublic.settings__data__bot_detector_enabled &&
+                +ctPublic.bot_detector_enabled &&
                 apbctLocalStorage.get('bot_detector_event_token')
             ) {
                 const token = this.toolGetEventToken();
@@ -5111,7 +5118,7 @@ function ctProtectOutsideFunctionalHandler(entity, lsStorageName, lsUniqueName)
     ctAttachCoverCSSToHead();
     entityParent.appendChild(ctProtectOutsideFunctionalGenerateCover());
     let entitiesProtected = apbctLocalStorage.get(lsStorageName);
-    if (false === entitiesProtected) {
+    if (false === entitiesProtected || !Array.isArray(entitiesProtected)) {
         entitiesProtected = [];
     }
     if (lsUniqueName) {