WordPress.org
Get WordPress

Plugin Directory

Changeset 3145886


Ignore:
Timestamp:
09/03/2024 11:10:06 AM (19 months ago)
Author:
Wigster
Message:

0.77 release with new optional filters

Location:
block-specific-spam-woo-orders
Files:
3 added
2 edited

Legend:

Unmodified
Added
Removed

  • block-specific-spam-woo-orders/trunk/readme.txt

    r3128164 r3145886  
    1 === Plugin Name ===
     1=== Block Specific Spam Woo Orders ===
    22Contributors: wigster
    33Tags: woocommerce, woo, block, spam, orders
    44Requires at least: 5.1
    5 Tested up to: 6.6.1
     5Tested up to: 9.2.3
    66Requires PHP: 5.4
    7 Stable tag: 0.76
     7Stable tag: 0.77
    88License: GPLv2 or later
    99License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    1414
    1515This plugin prevents a specific set of WooCommerce fake/spam orders.
    16 Simply install and activate the plugin; there are no settings or tweaks to be made.
     16Simply install and activate the plugin; there are no settings or tweaks to be made unless you want to add your own filters.
    1717The plugin extends WooCommerce's built-in checkout validations to check for a specific set of known spam email accounts and names. If triggered, the spam bot simply cannot checkout and importantly does not get to the account creation stage.
    1818The names/emails it checks for would only be used by spam bots, so there is no need to worry about false positives.
     19
     20If you've found this plugin useful, you can support my work by buying me a coffee at:
     21[Buy Me a Coffee](https://buymeacoffee.com/alexwigmore).
     22
     23== How to Use Custom Filters ==
     24
     25Starting from plugin version 0.77, you can extend the list of blocked email domains and blocked customer names using custom filters.
     26
     27### Available Filters:
     28
     291. **BSSO_extra_domains:** Add custom email domains to block during the checkout process.
     302. **BSSO_extra_names:** Add custom first names to block during the checkout process.
     31
     32### Example Usage
     33
     34To use these filters, add code to your theme's `functions.php` file or a custom plugin.
     35
     36#### 1. Blocking Additional Email Domains
     37
     38If you want to block additional email domains like `exampledomain.com` and `spamdomain.net`, use the `BSSO_extra_domains` filter.
     39
     40**Code Example:**
     41
     42```php
     43add_filter('BSSO_extra_domains', function () {
     44    return ['exampledomain.com', 'spamdomain.net'];
     45});
     46```
     47
     48#### 2. Blocking Additional First Names
     49
     50If you want to block additional first names like `spambot` and `faker`, use the `BSSO_extra_names` filter.
     51
     52**Code Example:**
     53
     54```php
     55add_filter('BSSO_extra_names', function () {
     56    return ['spambot', 'faker'];
     57});
     58```
     59
     60### Complete Example
     61
     62Here’s how you might use both filters together:
     63
     64**Code Example:**
     65
     66```php
     67add_filter('BSSO_extra_domains', function () {
     68    return ['exampledomain.com', 'spamdomain.net'];
     69});
     70
     71add_filter('BSSO_extra_names', function () {
     72    return ['spambot', 'faker'];
     73});
     74```
     75
     76### Version Compatibility
     77
     78Please note that these filters are only available starting from version 0.77 of the plugin. Ensure your plugin is updated to at least this version to use the custom filters.
    1979
    2080== Frequently Asked Questions ==
    2181
    2282= Will you keep this plugin updated? =
     83
    2384Yes, where possible, I will try my best to add additional checks if the attack vectors change.
    2485
    2586== Changelog ==
    2687
     88= 0.77 =
     89* Added filters for extending blocked email domains and names.
     90* Tested compatibility with WooCommerce 9.2.3.
     91
    2792= 0.76 =
    28 * Tested compatibility with WP 6.6.1 and WC 9+
     93* Tested compatibility with WP 6.6.1 and WC 9+.
    2994* Added confirmation that this plugin is compliant with the new WooCommerce HPOS (High-Performance Order Storage) / Custom Order Tables (COT) systems.
    3095
    3196= 0.75 =
    32 * Tested compatibility with WP 6.5.2 and WC
     97* Tested compatibility with WP 6.5.2 and WC.
    3398
    3499= 0.7 =
    35100* Updated logic slightly to simplify checks. Names are now also array-based if people want to manually extend.
    36101* Added ability to translate/localize the Spam Validation message with typical language translators (WPML, etc.).
    37 * Confirmed support with WP 6.4 and the latest WooCommerce
     102* Confirmed support with WP 6.4 and the latest WooCommerce.
    38103
    39104= 0.6 =
    40 * Added a new function to handle checking against multiple blocked domains, now including ["@fakemail"]
    41 * Confirmed support with WP 6.1 and the latest WooCommerce
     105* Added a new function to handle checking against multiple blocked domains, now including ["@fakemail"].
     106* Confirmed support with WP 6.1 and the latest WooCommerce.
    42107
    43108= 0.55 =
     
    45110
    46111= 0.54 =
    47 * Updated supported versions for WP and WooCommerce
     112* Updated supported versions for WP and WooCommerce.
    48113
    49114= 0.53 =

  • block-specific-spam-woo-orders/trunk/woo-block-spam-orders.php

    r3128164 r3145886  
    66* Description: A quick plugin to block on-going issues with spam WooCommerce orders November 2020
    77* Author: guwii
    8 * Version: 0.76
     8* Version: 0.77
    99* Author URI: https://guwii.com
    1010* License: GPL3+
    1111* Text Domain: guwii-woo-block-spam-orders
    1212* WC requires at least: 4.3
    13 * WC tested up to: 9.1.4
     13* WC tested up to: 9.2.3
    1414*/
    1515
     
    3232    $blocked_names = ['aaaaa', 'bbbbb'];
    3333
     34    // Apply the filters to allow adding extra emails/domains and names
     35    $extra_domains = apply_filters('BSSO_extra_domains', []);
     36    $extra_names = apply_filters('BSSO_extra_names', []);
     37
     38    // Sanitize and validate the extra domains and names
     39    $extra_domains = array_filter($extra_domains, function ($domain) {
     40      return preg_match('/^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/', $domain);
     41    });
     42    $extra_names = array_map('sanitize_text_field', $extra_names);
     43
     44    // Merge the default and extra arrays
     45    $blocked_email_domains = array_merge($blocked_email_domains, $extra_domains);
     46    $blocked_names = array_merge($blocked_names, $extra_names);
     47
    3448    // Set the default return of false:
    3549    $is_a_spam_order = false;
     
    3751    // Compare user's email domain with our list of blocked email domains:
    3852    foreach ($blocked_email_domains as $blocked_email_domain) {
    39       // If a blocked email domain exists in the user's billing email, return spam=true;
    4053      if (strpos($billing_email, $blocked_email_domain) !== false) {
    4154        $is_a_spam_order = true;
    42         break; // No need to check further if one match is found
     55        break;
    4356      }
    4457    }
    4558
    46     // If not spam by email, check names
     59    // If not spam by email domain, check the names
    4760    if (!$is_a_spam_order) {
    4861      foreach ($blocked_names as $blocked_name) {
    49         // If a blocked Name exists in the user's billing first name, return spam=true;
    5062        if (strpos($billing_first_name, $blocked_name) !== false) {
    5163          $is_a_spam_order = true;
    52           break; // No need to check further if one match is found
     64          break;
    5365        }
    5466      }
Note: See TracChangeset for help on using the changeset viewer.