ianpegg · July 20, 2024 13:25
diff --git a/email-validation.inc.php b/email-validation.inc.php
 <?php
 /**
 * Plugin Name:     eggMUP: CF7 Email Validation
 * Plugin URI:      https://gist.github.com/ianpegg/f92a0e0b6b598c49ab56c5215028b150
 * Description:     Tools to improve CF7 spam and abuse filtering.
 * Version:         1.1.0
 * Author:          Ian Pegg
 * Author URI:      https://eggcupwebdesign.com
 * Submitted form data is sanitised and validated to some extent
 * by the CF7 plugin. However, to combat spam, we
 * want to  validate certain input more strictly. For example,
 * to prevent users submitting links via the textarea input.
 * php version 7.4.15
 * 
 * @category Must_Use_Plugin
 * @package  WordPress_Plugin
 * @author   Ian Pegg <[email protected]>
 * @license  GNU/GPLv3 https://www.gnu.org/licenses/gpl-3.0.txt
 * @link     https://eggcupwebdesign.com
 **/
 namespace EggCup\MUP\CF7EmailValidation;

 if (!defined('ABSPATH')) {
    exit;
 }


 /**
 * This script registers following functions with WP action hooks/filters:
 */
 add_filter(
    'wpcf7_validate_email*', 
    __NAMESPACE__ . '\\Email_Address_Blacklist_filter', 20, 2
 );
 add_filter(
    'wpcf7_validate_textarea',
    __NAMESPACE__ . '\\CF7_Textarea_Validation_filter',
    10,
    2
 );
 add_filter(
    'wpcf7_validate_textarea*',
    __NAMESPACE__ . '\\CF7_Textarea_Validation_filter',
    10,
    2
 );


 /**
 * Filters submitted forms against a blacklist of email addresses
 * used by known spammers. These guys are repeat offenders.
 * This is why we can't have nice things!
 *
 * Adapted from the link below.
 * 
 * @param Object $Obj_result Object which controls whether the submission is valid.
 * @param String $Arr_tag    HTML tag which wraps display result.
 * 
 * @link https://medium.com/colbyfayock/custom-blacklist-contact-form-7-dd7d609908c5
 * 
 * @return Object $Obj_result Modified object that was passed into the function.
 */
 function Email_Address_Blacklist_filter( $Obj_result, $Arr_tag )
 {
    $Bool_valid = true;
    $Arr_blacklist = [
        '[email protected]',  // Domain registration spam
        '[email protected]',      // Same dipstick as above
        '[email protected]',      // Website chat software
    ];
    $Str_email_addr 
        = isset($_POST['your-email']) ? trim($_POST['your-email']) : false;
    
    if (!$Str_email_addr) {
        return $Obj_result;
    }

    foreach ( $Arr_blacklist as $Str_list_item ) {
        if (strpos($Str_email_addr, $Str_list_item) !== false) {
            $Bool_valid = false;
        }
    }
    if (!$Bool_valid) {
        $Obj_result->invalidate(
            $Arr_tag, 
            "Sorry, there was a problem validating your email."
        );
    }
    return $Obj_result;
 }


 /**
 * Filters out URLs from textarea form fields generated by
 * Contact Form 7.
 * Important: If you want to allow users to submit URLs
 * via your forms, you can't use this function!
 *
 * Adapted from the link below:
 * 
 * @param Object $Obj_result Object which controls whether the submission is valid.
 * @param Array  $Arr_tag    HTML tag which is currently being processed by CF7.
 * 
 * @link https://stackoverflow.com/questions/62405904/validating-textarea-with-2-conditions-contact-form-7
 * 
 * @return Object $Obj_result Modified object that was passed into the function.
 */
 function CF7_Textarea_Validation_filter($Obj_result, $Arr_tag)
 {
    /**
     * $Str_textarea_name is the HTML name attribute as specified in the shortcode
     * that CF7 generates. By default, this is set to 'your-message', so only change
     * this if you know you have changed the name used in the shortcode:
     */
    $Str_textarea_name = 'your-message';
    $Str_field_name = $Arr_tag['name'];
    
    if ($Str_field_name === $Str_textarea_name) {
        $Str_post_value = $_POST[$Str_field_name];
        $Str_regex 
            = "/\b(?:(?:https?|ftp):\/\/|www\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]|[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,8}/";
        
        if (preg_match($Str_regex, $Str_post_value)) {
            $Obj_result->invalidate(
                $Arr_tag, 
                "Apologies, if you need to send us a link please email us directly."
            );
        }
    }
    return $Obj_result;
 }
	<?php
	/**
	* Plugin Name: eggMUP: CF7 Email Validation
	* Plugin URI: https://gist.github.com/ianpegg/f92a0e0b6b598c49ab56c5215028b150
	* Description: Tools to improve CF7 spam and abuse filtering.
	* Version: 1.1.0
	* Author: Ian Pegg
	* Author URI: https://eggcupwebdesign.com
	* Submitted form data is sanitised and validated to some extent
	* by the CF7 plugin. However, to combat spam, we
	* want to validate certain input more strictly. For example,
	* to prevent users submitting links via the textarea input.
	* php version 7.4.15
	*
	* @category Must_Use_Plugin
	* @package WordPress_Plugin
	* @author Ian Pegg <[email protected]>
	* @license GNU/GPLv3 https://www.gnu.org/licenses/gpl-3.0.txt
	* @link https://eggcupwebdesign.com
	**/
	namespace EggCup\MUP\CF7EmailValidation;

	if (!defined('ABSPATH')) {
	exit;
	}


	/**
	* This script registers following functions with WP action hooks/filters:
	*/
	add_filter(
	'wpcf7_validate_email*',
	__NAMESPACE__ . '\\Email_Address_Blacklist_filter', 20, 2
	);
	add_filter(
	'wpcf7_validate_textarea',
	__NAMESPACE__ . '\\CF7_Textarea_Validation_filter',
	10,
	2
	);
	add_filter(
	'wpcf7_validate_textarea*',
	__NAMESPACE__ . '\\CF7_Textarea_Validation_filter',
	10,
	2
	);


	/**
	* Filters submitted forms against a blacklist of email addresses
	* used by known spammers. These guys are repeat offenders.
	* This is why we can't have nice things!
	*
	* Adapted from the link below.
	*
	* @param Object $Obj_result Object which controls whether the submission is valid.
	* @param String $Arr_tag HTML tag which wraps display result.
	*
	* @link https://medium.com/colbyfayock/custom-blacklist-contact-form-7-dd7d609908c5
	*
	* @return Object $Obj_result Modified object that was passed into the function.
	*/
	function Email_Address_Blacklist_filter( $Obj_result, $Arr_tag )
	{
	$Bool_valid = true;
	$Arr_blacklist = [
	'[email protected]', // Domain registration spam
	'[email protected]', // Same dipstick as above
	'[email protected]', // Website chat software
	];
	$Str_email_addr
	= isset($_POST['your-email']) ? trim($_POST['your-email']) : false;

	if (!$Str_email_addr) {
	return $Obj_result;
	}

	foreach ( $Arr_blacklist as $Str_list_item ) {
	if (strpos($Str_email_addr, $Str_list_item) !== false) {
	$Bool_valid = false;
	}
	}
	if (!$Bool_valid) {
	$Obj_result->invalidate(
	$Arr_tag,
	"Sorry, there was a problem validating your email."
	);
	}
	return $Obj_result;
	}


	/**
	* Filters out URLs from textarea form fields generated by
	* Contact Form 7.
	* Important: If you want to allow users to submit URLs
	* via your forms, you can't use this function!
	*
	* Adapted from the link below:
	*
	* @param Object $Obj_result Object which controls whether the submission is valid.
	* @param Array $Arr_tag HTML tag which is currently being processed by CF7.
	*
	* @link https://stackoverflow.com/questions/62405904/validating-textarea-with-2-conditions-contact-form-7
	*
	* @return Object $Obj_result Modified object that was passed into the function.
	*/
	function CF7_Textarea_Validation_filter($Obj_result, $Arr_tag)
	{
	/**
	* $Str_textarea_name is the HTML name attribute as specified in the shortcode
	* that CF7 generates. By default, this is set to 'your-message', so only change
	* this if you know you have changed the name used in the shortcode:
	*/
	$Str_textarea_name = 'your-message';
	$Str_field_name = $Arr_tag['name'];

	if ($Str_field_name === $Str_textarea_name) {
	$Str_post_value = $_POST[$Str_field_name];
	$Str_regex
	= "/\b(?:(?:https?\|ftp):\/\/\|www\.)[-a-z0-9+&@#\/%?=~_\|!:,.;]*[-a-z0-9+&@#\/%=~_\|]\|[a-z0-9._-]+@[a-z0-9._-]{2,}\.[a-z]{2,8}/";

	if (preg_match($Str_regex, $Str_post_value)) {
	$Obj_result->invalidate(
	$Arr_tag,
	"Apologies, if you need to send us a link please email us directly."
	);
	}
	}
	return $Obj_result;
	}