• Resolved bronz

    (@bronz)


    Hi,
    in version 2.8 there is a possible bug.
    Adding an address like “[email protected]” it ban also address like “[email protected]”.
    Is actually impossibile to block an address without blocking other address that have same string as final part of address.

    I’ve rewrited your banhammer_drop function to avoid the problem.
    Please fix it.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Jeff Starr

    (@specialk)

    Ok thanks for reporting. What did you modify in the banhammer_drop function? If you want to share code privately, you can send via my contact form. Thank you.

    Thread Starter bronz

    (@bronz)

    function banned_action($errors){
        $errors->add( 'invalid_email', $this->options['message'] );
        if ( 'yes' === $this->options['redirect'] ) {
            wp_safe_redirect( $this->options['redirect_url'] );
        } else {
            return true;
        }
    }
    
    function banhammer_drop($user_login, $user_email, $errors) {
        $user_email = strtolower($user_email);
        $bannedlist_string = $this->bannedlist;
        $bannedlist_array = explode("\n", $bannedlist_string);
        $bannedlist_size = count($bannedlist_array);
        $user_email_arr = explode('@', trim($user_email));
        $user_domain = end($user_email_arr);
    
        // Go through bannedlist
        for ($i = 0; $i < $bannedlist_size; $i++) {
            $bannedlist_current = strtolower(trim($bannedlist_array[$i]));
    
            if ($user_email == $bannedlist_current) { //email exact match
                return $this->banned_action($errors);
            } else if (strpos($bannedlist_current, '@') !== false && strpos($bannedlist_current, '@') === 0) { //"@domain"
                if ('@' .$user_domain == $bannedlist_current ) {
                    return $this->banned_action($errors);
                }
            } else if (strpos($bannedlist_current, '@') === false && strpos($bannedlist_current, '.') !== false) {
                $banned_have_subdomain = count(explode('.', $bannedlist_current)) > 2;
                $user_email_have_subdomain = count(explode('.', $user_domain)) > 2;
                if (!$banned_have_subdomain && !$user_email_have_subdomain) {
                    if (strpos($user_domain, $bannedlist_current) !== false) { //domain.com
                        return $this->banned_action($errors);
                    }
                } else if ($banned_have_subdomain) {
                    if (strpos($user_domain, $bannedlist_current) !== false) { //.domain.com
                        return $this->banned_action($errors);
                    }
                }
            }
        }
        return false;
    }
    • This reply was modified 2 years, 3 months ago by bronz.
    Plugin Author Jeff Starr

    (@specialk)

    Awesome thank you. I will test and implement next update if all looks good.

    Plugin Author Jeff Starr

    (@specialk)

    Hey @bronz, looking closer at this.. I think you may have the wrong plugin. Banhammer does not handle or process any email addresses. Plus there is no function named banhammer_drop() in either free or pro versions.

    Maybe you are looking for the other “Ban Hammer” plugin:

    https://www.ads-software.com/plugins/ban-hammer/

    ..it looks like it deals with emails.

    Or if you have any further questions, let me know.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘False positive, possible bug’ is closed to new replies.