WordPress.org
Get WordPress

Plugin Directory

Changeset 3397677


Ignore:
Timestamp:
11/18/2025 12:38:37 AM (5 months ago)
Author:
kasuga16
Message:

Update 1.2.0

Location:
tiny-comment-spam-blocker
Files:
9 added
5 edited

Legend:

Unmodified
Added
Removed

  • tiny-comment-spam-blocker/trunk/languages/tiny-comment-spam-blocker-ja.po

    r3394305 r3397677  
    11msgid ""
    22msgstr ""
    3 "Project-Id-Version: Tiny Comment Spam Blocker 1.1.0\n"
     3"Project-Id-Version: Tiny Comment Spam Blocker 1.2.0\n"
    44"Report-Msgid-Bugs-To: \n"
    5 "POT-Creation-Date: 2025-11-11 11:53:32+0000\n"
    6 "PO-Revision-Date: 2025-11-11 11:56:35+0000\n"
     5"POT-Creation-Date: 2025-11-18 00:05:58+0000\n"
     6"PO-Revision-Date: 2025-11-18 00:09:23+0000\n"
    77"Last-Translator: Kasuga\n"
    88"Language-Team: \n"
     
    6565msgstr "禁止する単語またはフレーズを1行に1つずつ入力してください。大文字と小文字は区別されません。"
    6666
     67msgid "NOTE: The badwords list applies to the comment content, email address, and IP address."
     68msgstr "NOTE: 禁止語リストは、コメント本文、メールアドレス、および IP アドレスに適用されます。"
     69
    6770msgid "Detection Log Output"
    6871msgstr "検知ログ"
     
    9598msgstr "[TCSB] %1$s にスパムコメントを検出しました – %2$s"
    9699
    97 msgid "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\n\n--- Target (Attacked Site) ---\nSite URL: %4\$s\nSource Page: %5\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker."
    98 msgstr "スパムコメントの試行が検出されました。\n\n日付: %1\$s\n\n検出されたメッセージ:\n%2\$s\n\n--- 送信元(スパム発生源) ---\nIPアドレス: %3\$s\n\n--- 標的(攻撃されたサイト) ---\nサイトURL: %4\$s\nページ: %5\$s\n\nこのコメントの試行は Tiny Comment Spam Blocker によってブロックされました。"
     100msgid "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\nEmail Address: %4\$s\n\n--- Target (Attacked Site) ---\nSite URL: %5\$s\nSource Page: %6\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker."
     101msgstr "スパムコメントの試行が検出されました。\n\n日時: %1\$s\n\n検出されたメッセージ:\n%2\$s\n\n--- 送信元 (スパム発信元) ---\nIPアドレス: %3\$s\nメールアドレス: %4\$s\n\n--- ターゲット (攻撃されたサイト) ---\nサイトURL: %5\$s\n送信元ページ: %6\$s\n\nこのコメントの試行は、Tiny Comment Spam Blocker によってブロックされました。"
     102
     103msgid "The comment submission was blocked."
     104msgstr "コメントの送信はブロックされました。"
    99105
    100106msgid "### This log is recorded up to %.1f MB. ###"
    101107msgstr "### このログは最大 %.1f MB まで記録されます。 ###"
    102108
    103 msgid "\n[%1\$s] %2\$s | Origin IP: %3\$s | Target: %4\$s | Page: %5\$s"
    104 msgstr "\n[%1\$s] %2\$s | 送信元 IP: %3\$s | 標的サイト: %4\$s | ページ: %5\$s"
     109msgid "\n[%1\$s] %2\$s | Origin IP: %3\$s | Email: %4\$s | Target: %5\$s | Page: %6\$s"
     110msgstr "\n[%1\$s] %2\$s | 送信元IP: %3\$s | メールアドレス: %4\$s | ターゲット: %5\$s | ページ: %6\$s"
    105111

  • tiny-comment-spam-blocker/trunk/languages/tiny-comment-spam-blocker.pot

    r3394305 r3397677  
    11msgid ""
    22msgstr ""
    3 "Project-Id-Version: Tiny Comment Spam Blocker 1.1.0\n"
     3"Project-Id-Version: Tiny Comment Spam Blocker 1.2.0\n"
    44"Report-Msgid-Bugs-To: \n"
    5 "POT-Creation-Date: 2025-11-11 11:53:32+0000\n"
     5"POT-Creation-Date: 2025-11-18 00:05:58+0000\n"
    66"PO-Revision-Date: \n"
    77"Last-Translator: \n"
     
    6565msgstr ""
    6666
     67msgid "NOTE: The badwords list applies to the comment content, email address, and IP address."
     68msgstr ""
     69
    6770msgid "Detection Log Output"
    6871msgstr ""
     
    9598msgstr ""
    9699
    97 msgid "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\n\n--- Target (Attacked Site) ---\nSite URL: %4\$s\nSource Page: %5\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker."
     100msgid "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\nEmail Address: %4\$s\n\n--- Target (Attacked Site) ---\nSite URL: %5\$s\nSource Page: %6\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker."
     101msgstr ""
     102
     103msgid "The comment submission was blocked."
    98104msgstr ""
    99105
     
    101107msgstr ""
    102108
    103 msgid "\n[%1\$s] %2\$s | Origin IP: %3\$s | Target: %4\$s | Page: %5\$s"
     109msgid "\n[%1\$s] %2\$s | Origin IP: %3\$s | Email: %4\$s | Target: %5\$s | Page: %6\$s"
    104110msgstr ""
    105111

  • tiny-comment-spam-blocker/trunk/readme.txt

    r3394305 r3397677  
    11=== Tiny Comment Spam Blocker ===
    22Contributors: Kasuga16
    3 Donate Link:
    43Tags: comments, spam protection, anti-spam, security, honeypot
    54Requires at least: 6.3
    65Tested up to: 6.8
    76Requires PHP: 7.4
    8 Stable tag: 1.1.0
     7Stable tag: 1.2.0
    98License: GPLv2 or later
    109License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    19183. **Honeypot Field** – Hidden field that traps automated spam bots.
    20194. **User Agent Validation** – Detects suspicious User-Agent strings and blocks them.
    21 5. **Forbidden Word Filtering** – Blocks comments and email addresses that contain words or phrases from a configurable list.
     205. **Forbidden Word Filtering** – Blocks submissions containing words or phrases from a configurable list within the **comment body, email address, or IP address.**
    2221
    2322These filters are applied in order: if a comment passes the first check, it proceeds to the second, and so on, until all checks are applied or the comment is blocked.
     
    4140     – Download the plugin's zip file and extract it.
    4241     – Connect to your server via FTP and navigate to the "wp-content/plugins/" directory.
    43      – Upload the extracted "tiny-comment-spam-blocker" folder to this directory.
     42     – Upload the extracted "quick-translate-pot-po-mo" folder to this directory.
    4443     – Go to 'Plugins' in your WordPress dashboard and activate the plugin.
    4544     – Go to **Settings → Tiny Spam Blocker** to configure options.
     
    5453* **Notification Email Address** – Enter an email address to receive notifications when spam is detected. Leave blank to disable email notifications.
    5554* **Minimum Submission Time (seconds)** – Set the minimum allowed time between loading the comment form and submitting a comment. Comments submitted faster than this threshold are considered spam.
    56 * **Forbidden Words List** – Enter one forbidden word or phrase per line. Comments and email addresses containing these words will be blocked. Case is not sensitive. Example: `viagra`, `online pharmacy`, `free download`.
     55* **Forbidden Words List** – Enter one forbidden word, phrase, or IP address per line. Submissions containing these entries in the comment body, **email address**, or **IP address** will be blocked. **Case is insensitive.**
     56* **Example:** `viagra`, `online pharmacy`, `free download`, `spam@email.com`, `164.138.205.72`
    5757
    5858---
    5959
    6060== Frequently Asked Questions ==
    61 
    62 = Can I customize the list of forbidden words? =
    63 Yes. Go to the plugin settings page and enter one forbidden word or phrase per line. Case is not sensitive.
    6461
    6562= What is the "Submission Time Check"?
     
    8481
    8582== Changelog ==
     83= 1.2.0 =
     84* Added IP address to forbidden word checks.
     85* The detection message has been modified.
     86
    8687= 1.1.0 =
    8788* Extend forbidden word checks from comments to email addresses as well.

  • tiny-comment-spam-blocker/trunk/tiny-comment-spam-blocker.php

    r3394305 r3397677  
    33 * Plugin Name: Tiny Comment Spam Blocker
    44 * Description: Lightweight but robust. Blocks comment spam with five techniques: nonce, submission time checks, honeypot fields, user agent validation, and forbidden word filtering.
    5  * Version: 1.1.0
     5 * Version: 1.2.0
    66 * Author: Kasuga
    77 * License: GPLv2 or later
     
    269269                        <textarea name="tcsb_badwords_list" rows="10" cols="50" style="font-family: monospace;"><?php echo esc_textarea( get_option( 'tcsb_badwords_list', TCSB_DEFAULT_BADWORDS ) ); // ★定数を使用 ?></textarea>
    270270                        <p class="description"><?php esc_html_e( 'Enter one forbidden word or phrase per line. Case is not sensitive.', 'tiny-comment-spam-blocker' ); ?></p>
     271                        <p class="description"><?php esc_html_e( 'NOTE: The badwords list applies to the comment content, email address, and IP address.', 'tiny-comment-spam-blocker' ); ?></p>
    271272                    </td>
    272273                </tr>
     
    366367    }
    367368
    368     $remote_addr = tcsb_get_remote_ip();
     369    $remote_addr = sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ?? '' ) );
     370    $email_addr  = sanitize_text_field( wp_unslash( $commentdata['comment_author_email'] ?? '' ) );
    369371
    370372    // 1. Nonce verification
    371373    if ( ! isset( $_POST['_wpnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['_wpnonce'] ) ), 'tcsb_comment_nonce' ) ) {
    372         tcsb_handle_spam( __( 'Invalid nonce.', 'tiny-comment-spam-blocker' ), $remote_addr );
     374        tcsb_handle_spam( __( 'Invalid nonce.', 'tiny-comment-spam-blocker' ), $remote_addr, $email_addr );
    373375    }
    374376
     
    379381        if ( $elapsed < $threshold ) {
    380382            // translators: %d is the number of seconds elapsed since the previous comment.
    381             tcsb_handle_spam( sprintf( __( 'Too-fast comment: %ds', 'tiny-comment-spam-blocker' ), $elapsed ), $remote_addr );
     383            tcsb_handle_spam( sprintf( __( 'Too-fast comment: %ds', 'tiny-comment-spam-blocker' ), $elapsed ), $remote_addr, $email_addr );
    382384        }
    383385    }
     
    385387    // 3. Honeypot check
    386388    if ( ! empty( $_POST['honeypot'] ) ) {
    387         tcsb_handle_spam( __( 'Honeypot detected.', 'tiny-comment-spam-blocker' ), $remote_addr );
     389        tcsb_handle_spam( __( 'Honeypot detected.', 'tiny-comment-spam-blocker' ), $remote_addr, $email_addr );
    388390    }
    389391
     
    394396            // translators: %s is the suspicious User-Agent string that was blocked.
    395397            sprintf( __( 'Blocked User-Agent: %s', 'tiny-comment-spam-blocker' ), esc_html( $ua ) ),
    396             $remote_addr
     398            $remote_addr,
     399            $email_addr
    397400        );
    398401    }
     
    404407    $check_targets = array(
    405408        'content' => strtolower( $commentdata['comment_content'] ),
    406         'email'   => strtolower( $commentdata['comment_author_email'] ),
     409        'email'   => strtolower( $email_addr ),
     410        'ip'      => strtolower( $remote_addr ),
    407411    );
    408412
     
    415419        foreach ( $check_targets as $type => $target ) {
    416420            if ( stripos( $target, $word ) !== false ) {
    417                 $message_type = ( 'email' === $type ) ? 'Email' : 'Content';
     421
     422                $message_type = 'Content';
     423                if ( 'email' === $type ) {
     424                    $message_type = 'Email';
     425                } elseif ( 'ip' === $type ) {
     426                    $message_type = 'IP';
     427                }
    418428
    419429                tcsb_handle_spam(
    420430                    // translators: %1$s is the detected field (Email/Content), %2$s is the forbidden word detected in the comment.
    421431                    sprintf( __( 'Forbidden word detected in %1$s: %2$s', 'tiny-comment-spam-blocker' ), esc_html( $message_type ), esc_html( $word ) ),
    422                     $remote_addr
     432                    $remote_addr,
     433                    $email_addr
    423434                );
    424435            }
     
    433444 * Handle detected spam by logging or other actions.
    434445 *
    435  * @param string $message    The spam message to log.
    436  * @param string $ip_address The IP address associated with the spam.
    437  */
    438 function tcsb_handle_spam( $message, $ip_address ) {
     446 * @param string $message       The spam message to log.
     447 * @param string $ip_address    The IP address associated with the spam.
     448 * @param string $email_address Client email address.
     449 */
     450function tcsb_handle_spam( $message, $ip_address, $email_address ) {
    439451    $date        = wp_date( 'Y-m-d H:i:s' );
    440452    $site_name   = get_bloginfo( 'name' );
     
    443455
    444456    if ( get_option( 'tcsb_enable_logging' ) ) {
    445         tcsb_log_spam( $date, $message, $ip_address, $site_url, $referer_url );
     457        tcsb_log_spam( $date, $message, $ip_address, $email_address, $site_url, $referer_url );
    446458    }
    447459
     
    455467        );
    456468        $body = sprintf(
    457             __( "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\n\n--- Target (Attacked Site) ---\nSite URL: %4\$s\nSource Page: %5\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker.", 'tiny-comment-spam-blocker' ),
     469            __( "A spam comment attempt was detected.\n\nDate: %1\$s\n\nDetected Message:\n%2\$s\n\n--- Source (Spam Origin) ---\nIP Address: %3\$s\nEmail Address: %4\$s\n\n--- Target (Attacked Site) ---\nSite URL: %5\$s\nSource Page: %6\$s\n\nThis comment attempt has been blocked by Tiny Comment Spam Blocker.", 'tiny-comment-spam-blocker' ),
    458470            sanitize_text_field( $date ),
    459471            sanitize_text_field( $message ),
    460472            sanitize_text_field( $ip_address ),
     473            sanitize_email( $email_address ),
    461474            sanitize_text_field( $site_url ),
    462475            sanitize_text_field( $referer_url )
     
    464477        wp_mail( $notify, $subject, $body );
    465478    }
    466     wp_die( esc_html( $message ) );
     479
     480    // wp_die( esc_html( $message ) );
     481    wp_die( esc_html__( 'The comment submission was blocked.', 'tiny-comment-spam-blocker' ) );
    467482}
    468483
     
    470485 * Record spam logs.
    471486 *
    472  * @param string $date        Date string.
    473  * @param string $message     Log message.
    474  * @param string $ip_address  Client IP address.
    475  * @param string $site_url    Site URL.
    476  * @param string $referer_url Site Page.
    477  */
    478 function tcsb_log_spam( $date, $message, $ip_address, $site_url, $referer_url ) {
     487 * @param string $date          Date string.
     488 * @param string $message       Log message.
     489 * @param string $ip_address    Client IP address.
     490 * @param string $email_address Client Mail address.
     491 * @param string $site_url      Site URL.
     492 * @param string $referer_url   Site Page.
     493 */
     494function tcsb_log_spam( $date, $message, $ip_address, $email_address, $site_url, $referer_url ) {
    479495    $logfile  = tcsb_get_log_file_path();
    480496    $max_size = 1048576; // 1MB
     
    498514
    499515    $log = sprintf(
    500         __( "\n[%1\$s] %2\$s | Origin IP: %3\$s | Target: %4\$s | Page: %5\$s", 'tiny-comment-spam-blocker' ),
     516        __( "\n[%1\$s] %2\$s | Origin IP: %3\$s | Email: %4\$s | Target: %5\$s | Page: %6\$s", 'tiny-comment-spam-blocker' ),
    501517        sanitize_text_field( $date ),
    502518        sanitize_text_field( $message ),
    503519        sanitize_text_field( $ip_address ),
     520        sanitize_email( $email_address ),
    504521        sanitize_text_field( $site_url ),
    505522        sanitize_text_field( $referer_url )
     
    512529        error_log( 'Tiny Comment Spam Blocker: Failed to write log.' ); // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_error_log
    513530    }
    514 }
    515 
    516 /**
    517  * Retrieve the visitor's IP address.
    518  *
    519  * @return string The remote IP address, or 'unknown' if not available.
    520  */
    521 function tcsb_get_remote_ip() {
    522     return sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ?? '' ) );
    523531}
    524532
Note: See TracChangeset for help on using the changeset viewer.