Version 6.0

Changed prefixes, sanitizing output, code + readme simplified, use let instead of var in JS

anti-spam-functions.php

@@ -7,66 +7,50 @@
 	exit;
 }
 
-function antispam_default_settings() {
-	$settings = array(
+
+function antispamrel_get_settings() {
+	$default_settings = array(
 		'save_spam_comments' => 0
 	);
-	return $settings;
-}
+	$antispam_settings = (array) get_option('antispamrel_settings');
 
-
-function antispam_get_settings() {
-	$antispam_settings = (array) get_option('antispam_settings');
-	$default_settings = antispam_default_settings();
-	$antispam_settings = array_merge($default_settings, $antispam_settings); // set empty options with default values
-	return $antispam_settings;
+	return array_merge($default_settings, $antispam_settings); // set empty options with default values;
 }
 
 
-function antispam_counter_stats() {
-	$antispam_stats = get_option('antispam_stats', array());
+function antispamrel_counter_stats() {
+	$antispam_stats = get_option('antispamrel_stats', array());
 	if (array_key_exists('blocked_total', $antispam_stats)){
 		$antispam_stats['blocked_total']++;
 	} else {
 		$antispam_stats['blocked_total'] = 1;
 	}
-	update_option('antispam_stats', $antispam_stats);
+	update_option('antispamrel_stats', $antispam_stats);
 }
 
 
-function antispam_check_for_spam() {
+function antispamrel_check_for_spam() {
 	$spam_flag = false;
 
-	$antspm_q = '';
-	if (isset($_POST['antspm-q'])) {
-		$antspm_q = trim($_POST['antspm-q']);
-	}
-
-	$antspm_d = '';
-	if (isset($_POST['antspm-d'])) {
-		$antspm_d = trim($_POST['antspm-d']);
-	}
-
-	$antspm_e = '';
-	if (isset($_POST['antspm-e-email-url-website'])) {
-		$antspm_e = trim($_POST['antspm-e-email-url-website']);
-	}
+	$antspmrl_q = (isset($_POST['antspmrl-q'])) ? trim($_POST['antspmrl-q']) : ''; // Unsafe value
+	$antspmrl_d = (isset($_POST['antspmrl-d'])) ? trim($_POST['antspmrl-d']) : ''; // Unsafe value
+	$antspmrl_e = (isset($_POST['antspmrl-e-email-url-website'])) ? trim($_POST['antspmrl-e-email-url-website']) : ''; // Unsafe value
 
-	if ( $antspm_q != date('Y') ) { // year-answer is wrong - it is spam
-		if ( $antspm_d != date('Y') ) { // extra js-only check: there is no js added input - it is spam
+	if ( $antspmrl_q != date('Y') ) { // year-answer is wrong - it is spam
+		if ( $antspmrl_d != date('Y') ) { // extra js-only check: there is no js added input - it is spam
 			$spam_flag = true;
 		}
 	}
 
-	if ( ! empty($antspm_e)) { // trap field is not empty - it is spam
+	if ( ! empty($antspmrl_e)) { // trap field is not empty - it is spam
 		$spam_flag = true;
 	}
 
 	return $spam_flag;
 }
 
 
-function antispam_store_comment($commentdata) {
+function antispamrel_store_comment($commentdata) {
 	global $wpdb;
 
 	if ( isset( $commentdata['user_ID'] ) ) {

anti-spam-info.php

@@ -7,16 +7,16 @@
 	exit;
 }
 
-function antispam_admin_notice() {
+function antispamrel_admin_notice() {
 	global $pagenow;
-	if ($pagenow == 'edit-comments.php'):
+	if ($pagenow == 'edit-comments.php') {
 		$user_id = get_current_user_id();
-		$antispam_info_visibility = get_user_meta($user_id, 'antispam_info_visibility', true);
-		if ($antispam_info_visibility == 1 OR $antispam_info_visibility == ''):
+		$antispam_info_visibility = get_user_meta($user_id, 'antispamrel_info_visibility', true);
+		if ($antispam_info_visibility == 1 OR $antispam_info_visibility == '') {
 			$blocked_total = 0; // show 0 by default
-			$antispam_stats = get_option('antispam_stats', array());
+			$antispam_stats = get_option('antispamrel_stats', array());
 			if (isset($antispam_stats['blocked_total'])) {
-				$blocked_total = $antispam_stats['blocked_total'];
+				$blocked_total = esc_html($antispam_stats['blocked_total']);
 			}
 			?>
 			<div class="notice notice-info">
@@ -25,17 +25,17 @@ function antispam_admin_notice() {
 				</p>
 			</div>
 			<?php
-		endif; // end of if($antispam_info_visibility)
-	endif; // end of if($pagenow == 'edit-comments.php')
+		}
+	}
 }
-add_action('admin_notices', 'antispam_admin_notice');
+add_action('admin_notices', 'antispamrel_admin_notice');
 
 
-function antispam_display_screen_option() {
+function antispamrel_display_screen_option() {
 	global $pagenow;
-	if ($pagenow == 'edit-comments.php'):
+	if ($pagenow == 'edit-comments.php') {
 		$user_id = get_current_user_id();
-		$antispam_info_visibility = get_user_meta($user_id, 'antispam_info_visibility', true);
+		$antispam_info_visibility = get_user_meta($user_id, 'antispamrel_info_visibility', true);
 
 		if ($antispam_info_visibility == 1 OR $antispam_info_visibility == '') {
 			$checked = 'checked="checked"';
@@ -46,36 +46,36 @@ function antispam_display_screen_option() {
 		?>
 		<script>
 			jQuery(function($){
-				$('.antispam_screen_options_group').insertAfter('#screen-options-wrap #adv-settings');
+				$('.antispamrel_screen_options_group').insertAfter('#screen-options-wrap #adv-settings');
 			});
 		</script>
-		<form method="post" class="antispam_screen_options_group" style="padding: 20px 0 5px 0;">
-			<input type="hidden" name="antispam_option_submit" value="1" />
+		<form method="post" class="antispamrel_screen_options_group" style="padding-top:20px;">
+			<input type="hidden" name="antispamrel_option_submit" value="1" />
 			<label>
-				<input name="antispam_info_visibility" type="checkbox" value="1" <?php echo $checked; ?> />
+				<input name="antispamrel_info_visibility" type="checkbox" value="1" <?php echo $checked; ?> />
 				Anti-spam Reloaded info
 			</label>
 			<input type="submit" class="button" value="<?php _e('Apply'); ?>" />
 		</form>
 		<?php
-	endif; // end of if($pagenow == 'edit-comments.php')
+	}
 }
 
 
-function antispam_register_screen_option() {
-	add_filter('screen_layout_columns', 'antispam_display_screen_option');
+function antispamrel_register_screen_option() {
+	add_filter('screen_layout_columns', 'antispamrel_display_screen_option');
 }
-add_action('admin_head', 'antispam_register_screen_option');
+add_action('admin_head', 'antispamrel_register_screen_option');
 
 
-function antispam_update_screen_option() {
-	if (isset($_POST['antispam_option_submit']) AND $_POST['antispam_option_submit'] == 1) {
+function antispamrel_update_screen_option() {
+	if (isset($_POST['antispamrel_option_submit']) AND $_POST['antispamrel_option_submit'] == 1) {
 		$user_id = get_current_user_id();
-		if (isset($_POST['antispam_info_visibility']) AND $_POST['antispam_info_visibility'] == 1) {
-			update_user_meta($user_id, 'antispam_info_visibility', 1);
+		if (isset($_POST['antispamrel_info_visibility']) AND $_POST['antispamrel_info_visibility'] == 1) {
+			update_user_meta($user_id, 'antispamrel_info_visibility', 1);
 		} else {
-			update_user_meta($user_id, 'antispam_info_visibility', 0);
+			update_user_meta($user_id, 'antispamrel_info_visibility', 0);
 		}
 	}
 }
-add_action('admin_init', 'antispam_update_screen_option');
+add_action('admin_init', 'antispamrel_update_screen_option');

anti-spam-settings.php

@@ -9,78 +9,62 @@
 }
 
 
-function antispam_menu() { // add menu item
-	add_options_page('Anti-spam Reloaded', 'Anti-spam Reloaded', 'manage_options', 'anti-spam', 'antispam_settings');
+function antispamrel_menu() { // add menu item
+	add_options_page('Anti-spam Reloaded', 'Anti-spam Reloaded', 'manage_options', 'anti-spam-reloaded', 'antispamrel_settings');
 }
-add_action('admin_menu', 'antispam_menu');
+add_action('admin_menu', 'antispamrel_menu');
 
 
-function antispam_admin_init() {
-	register_setting('antispam_settings_group', 'antispam_settings', 'antispam_settings_validate');
+function antispamrel_admin_init() {
+	register_setting('antispamrel_settings_group', 'antispamrel_settings');
 
-	add_settings_section('antispam_settings_automatic_section', '', 'antispam_section_callback', 'antispam_automatic_page');
+	add_settings_section('antispamrel_settings_automatic_section', '', 'antispamrel_section_callback', 'antispamrel_automatic_page');
 
-	add_settings_field('save_spam_comments', 'Save spam comments', 'antispam_field_save_spam_comments_callback', 'antispam_automatic_page', 'antispam_settings_automatic_section');
+	add_settings_field('save_spam_comments', 'Save spam comments', 'antispamrel_field_save_spam_comments_callback', 'antispamrel_automatic_page', 'antispamrel_settings_automatic_section');
 
 }
-add_action('admin_init', 'antispam_admin_init');
+add_action('admin_init', 'antispamrel_admin_init');
 
 
-function antispam_settings_init() { // set default settings
-	global $antispam_settings;
-	$antispam_settings = antispam_get_settings();
-	update_option('antispam_settings', $antispam_settings);
+function antispamrel_settings_init() { // set default settings
+	update_option('antispamrel_settings', antispamrel_get_settings());
 }
-add_action('admin_init', 'antispam_settings_init');
+add_action('admin_init', 'antispamrel_settings_init');
 
 
-function antispam_settings_validate($input) {
-	$default_settings = antispam_get_settings();
-
-	// checkbox
-	$output['save_spam_comments'] = $input['save_spam_comments'];
-
-	return $output;
-}
-
-
-function antispam_section_callback() { // Anti-spam settings description
+function antispamrel_section_callback() { // Anti-spam settings description
 	echo '';
 }
 
 
-function antispam_field_save_spam_comments_callback() {
-	$settings = antispam_get_settings();
-	echo '<label><input type="checkbox" name="antispam_settings[save_spam_comments]" '.checked(1, $settings['save_spam_comments'], false).' value="1" />';
-	echo ' Save spam comments into spam section</label>';
-	echo '<p class="description">Useful for testing how the plugin works. <a href="'. admin_url( 'edit-comments.php?comment_status=spam' ) . '">View spam section</a>.</p>';
+function antispamrel_field_save_spam_comments_callback() {
+	$settings = antispamrel_get_settings();
+	echo '<label><input type="checkbox" name="antispamrel_settings[save_spam_comments]" ', checked(1, $settings['save_spam_comments'], false), ' value="1" />',
+		' Save spam comments into spam section</label>',
+		'<p class="description">Useful for testing how the plugin works. <a href="', admin_url( 'edit-comments.php?comment_status=spam' ), '">View spam section</a>.</p>';
 }
 
 
-function antispam_settings() {
-	$antispam_stats = get_option('antispam_stats', array());
-	$blocked_total = $antispam_stats['blocked_total'];
-	if (empty($blocked_total)) {
-		$blocked_total = 0;
+function antispamrel_settings() {
+	$blocked_total = 0; // show 0 by default
+	$antispam_stats = get_option('antispamrel_stats', array());
+	if (isset($antispam_stats['blocked_total'])) {
+		$blocked_total = esc_html($antispam_stats['blocked_total']);
 	}
 	?>
 	<div class="wrap">
-
 		<h2><span class="dashicons dashicons-admin-generic"></span> Anti-spam Reloaded</h2>
-
 		<p>
 			<span class="dashicons dashicons-chart-bar"></span>
-			<strong><?php echo $blocked_total; ?></strong> spam comments were blocked by <a href="https://wordpress.org/plugins/anti-spam-reloaded/" target="_blank">Anti-spam Reloaded</a>
+			<strong><?php echo $blocked_total; ?></strong> spam comments were blocked by <a href="https://wordpress.org/plugins/anti-spam-reloaded/" target="_blank" rel="noreferrer">Anti-spam Reloaded</a>
 		</p>
-
 		<form method="post" action="options.php">
-			<?php settings_fields('antispam_settings_group'); ?>
-			<div class="antispam-group-automatic">
-				<?php do_settings_sections('antispam_automatic_page'); ?>
-			</div>
-			<?php submit_button(); ?>
+		<?php
+			settings_fields('antispamrel_settings_group');
+			do_settings_sections('antispamrel_automatic_page');
+			submit_button();
+		?>
 		</form>
-
 	</div>
 	<?php
 }