Merge pull request #142 from wp-blocks/blacklist-filters-cleanup

erikyo · web-flow · commit 0615e86a4d85 · 2025-11-21T13:20:14.000+01:00
Blacklist filters cleanup
diff --git a/core/CF7_AntiSpam.php b/core/CF7_AntiSpam.php
@@ -168,7 +168,8 @@ private function load_antispam() {
 		$this->loader->add_filter( 'wpcf7_spam', $plugin_antispam, 'cf7a_spam_filter', 8 );
 
 		/* the unspam routine */
-		add_action( 'cf7a_cron', array( $plugin_antispam, 'cf7a_cron_unban' ) );
+		$blacklist = new CF7_Antispam_Blacklist();
+		add_action( 'cf7a_cron', array( $blacklist, 'cf7a_cron_unban' ) );
 
 		/* flamingo */
 		if ( defined( 'FLAMINGO_VERSION' ) ) {
diff --git a/core/CF7_AntiSpam_Filters.php b/core/CF7_AntiSpam_Filters.php
@@ -76,191 +76,6 @@ public static function cf7a_check_dnsbl( $reverse_ip, $dnsbl ) {
 		return checkdnsrr( $reverse_ip . '.' . $dnsbl . '.', 'A' );
 	}
 
-	/* CF7_AntiSpam_Filters blacklists */
-
-	/**
-	 * It takes an IP address as a parameter, validates it, and then returns the row from the database that matches that IP
-	 * address
-	 *
-	 * @param string $ip - The IP address to check.
-	 *
-	 * @return array|object|null - the row from the database that matches the IP address.
-	 */
-	public static function cf7a_blacklist_get_ip( $ip ) {
-		$ip = filter_var( $ip, FILTER_VALIDATE_IP );
-		if ( $ip ) {
-			global $wpdb;
-			// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-			$r = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM %i WHERE ip = %s", $wpdb->prefix . 'cf7a_blacklist', $ip ) );
-			if ( $r ) {
-				return $r;
-			}
-		}
-
-		return null;
-	}
-
-	/**
-	 * It gets the row from the database where the id is equal to the id passed to the function
-	 *
-	 * @param int $id The ID of the blacklist item.
-	 *
-	 * @return object|false the row from the database that matches the id.
-	 */
-	public function cf7a_blacklist_get_id( $id ) {
-		if ( is_int( $id ) ) {
-			global $wpdb;
-			// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-			return $wpdb->get_row( $wpdb->prepare( "SELECT * FROM %i WHERE id = %s", $wpdb->prefix . 'cf7a_blacklist', $id ) );
-		}
-	}
-
-	/**
-	 * It adds an IP address to the blacklist.
-	 *
-	 * @param string $ip The IP address to ban.
-	 * @param array  $reason The reason why the IP is being banned.
-	 * @param float  $spam_score This is the number of points that will be added to the IP's spam score.
-	 *
-	 * @return bool true if the given id was banned
-	 */
-	public function cf7a_ban_by_ip( string $ip, array $reason = array(), $spam_score = 1 ): bool {
-		$ip = filter_var( $ip, FILTER_VALIDATE_IP );
-
-		if ( $ip ) {
-			global $wpdb;
-
-			$ip_row = self::cf7a_blacklist_get_ip( $ip );
-
-			if ( $ip_row ) {
-				// if the ip is in the blacklist, update the status
-				$status = isset( $ip_row->status ) ? floatval( $ip_row->status ) + floatval( $spam_score ) : 1;
-
-			} else {
-				// if the ip is not in the blacklist, add it and initialize the status
-				$status = floatval( $spam_score );
-			}
-
-			// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-			$r = $wpdb->replace(
-				$wpdb->prefix . 'cf7a_blacklist',
-				array(
-					'ip'     => $ip,
-					'status' => $status,
-					'meta'   => serialize(
-						array(
-							'reason' => $reason,
-							'meta'   => null,
-						)
-					),
-				),
-				array( '%s', '%d', '%s' )
-			);
-
-			if ( $r > - 1 ) {
-				return true;
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * It deletes the IP address from the database
-	 *
-	 * @param string $ip The IP address to unban.
-	 *
-	 * @return int|false The number of rows deleted.
-	 */
-	public function cf7a_unban_by_ip( $ip ) {
-		$ip = filter_var( $ip, FILTER_VALIDATE_IP );
-
-		if ( $ip ) {
-			global $wpdb;
-
-			// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-			$r = $wpdb->delete(
-				$wpdb->prefix . 'cf7a_blacklist',
-				array(
-					'ip' => $ip,
-				),
-				array(
-					'%s',
-				)
-			);
-
-			return ! is_wp_error( $r ) ? $r : $wpdb->last_error;
-		}
-
-		return false;
-	}
-
-	/**
-	 * It deletes a row from the database table
-	 *
-	 * @param int $id The ID of the entry to delete.
-	 *
-	 * @return int The number of rows affected by the query.
-	 */
-	public function cf7a_unban_by_id( $id ) {
-		$id = intval( $id );
-
-		global $wpdb;
-
-		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-		$r = $wpdb->delete(
-			$wpdb->prefix . 'cf7a_blacklist',
-			array(
-				'id' => $id,
-			),
-			array(
-				'%d',
-			)
-		);
-
-		return ! is_wp_error( $r ) ? $r : $wpdb->last_error;
-	}
-
-	/**
-	 * It updates the status of all the users in the blacklist table by subtracting 1 from the status column.
-	 *
-	 * Then it deletes all the users whose status is 0.
-	 * The status column is the number of days the user is banned for.
-	 * So if the user is banned for 3 days, the status column will be 3. After the first day, the status column will be 2. After the second day, the status column will be 1. After the third day, the status column will be 0.
-	 * When the status column is 0, the user is unbanned.
-	 *
-	 * The function returns true if the user is unbanned.
-	 *
-	 * @return true.
-	 */
-	public function cf7a_cron_unban() {
-		global $wpdb;
-
-		/* We remove 1 from the status column */
-		$status_decrement = 1;
-
-		/* Below 0 is not anymore a valid status for a blacklist entry, so we can remove it */
-		$lower_bound = 0;
-
-		$blacklist_table = $wpdb->prefix . 'cf7a_blacklist';
-
-		/* removes a status count at each balcklisted ip */
-		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-		$updated = $wpdb->query( $wpdb->prepare( "UPDATE %i SET `status` = `status` - %d", $blacklist_table, $status_decrement ) );
-		cf7a_log( "Status updated for blacklisted (score -1) - $updated users", 1 );
-
-		/* when the line has 0 in status, we can remove it from the blacklist */
-		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
-		$updated_deletion = $wpdb->delete(
-			$blacklist_table,
-			array( 'status' => $lower_bound ),
-			array( '%d' )
-		);
-		cf7a_log( "Removed {$updated_deletion} users from blacklist", 1 );
-
-		return true;
-	}
-
 	/**
 	 * Checks the length of a string and returns a specific part of it based on a given index.
 	 *
@@ -539,7 +354,7 @@ public function cf7a_spam_filter( $spam ) {
 		 * Checking if the IP address was already blacklisted - no mercy 😎
 		 */
 		if ( $remote_ip && $options['max_attempts'] ) {
-			$ip_data        = self::cf7a_blacklist_get_ip( $remote_ip );
+			$ip_data        = CF7_Antispam_Blacklist::cf7a_blacklist_get_ip( $remote_ip );
 			$ip_data_status = isset( $ip_data->status ) ? intval( $ip_data->status ) : 0;
 			$max_attempts   = intval( $options['max_attempts'] );
 
@@ -1043,7 +858,8 @@ public function cf7a_spam_filter( $spam ) {
 
 		/* If the auto-store ip is enabled (and NOT in extended debug mode) */
 		if ( $options['autostore_bad_ip'] ) {
-			if ( self::cf7a_ban_by_ip( $remote_ip, $reason, round( $spam_score ) ) ) {
+			$blacklist = new CF7_Antispam_Blacklist();
+			if ( CF7_Antispam_Blacklist::cf7a_ban_by_ip( $remote_ip, $reason, round( $spam_score ) ) ) {
 				/* Log the antispam result in extended debug mode */
 				cf7a_log( "Ban for $remote_ip - results - " . $reasons_for_ban, 2 );
 			} else {
diff --git a/core/CF7_AntiSpam_Flamingo.php b/core/CF7_AntiSpam_Flamingo.php
@@ -109,21 +109,19 @@ public function cf7a_d8_flamingo_classify() {
 					} else {
 						$rating = ! empty( $flamingo_post->meta['_cf7a_b8_classification'] ) ? $flamingo_post->meta['_cf7a_b8_classification'] : $b8->cf7a_b8_classify( $message );
 
-						$filters = new CF7_AntiSpam_Filters();
-
 						if ( ! $flamingo_post->spam && 'spam' === $action ) {
 							$b8->cf7a_b8_unlearn_ham( $message );
 							$b8->cf7a_b8_learn_spam( $message );
 
 							if ( $options['autostore_bad_ip'] ) {
-								$filters->cf7a_ban_by_ip( $flamingo_post->meta['remote_ip'], 'flamingo ban' );
+								CF7_Antispam_Blacklist::cf7a_ban_by_ip( $flamingo_post->meta['remote_ip'], 'flamingo ban' );
 							}
 						} elseif ( $flamingo_post->spam && 'ham' === $action ) {
 							$b8->cf7a_b8_unlearn_spam( $message );
 							$b8->cf7a_b8_learn_ham( $message );
 
 							if ( $options['autostore_bad_ip'] ) {
-								$filters->cf7a_unban_by_ip( $flamingo_post->meta['remote_ip'] );
+								CF7_Antispam_Blacklist::cf7a_unban_by_ip( $flamingo_post->meta['remote_ip'] );
 							}
 						}
 
diff --git a/core/CF7_Antispam_Blacklist.php b/core/CF7_Antispam_Blacklist.php
