Spam Form Submissions – Github mu-plugin

Hi @designnewdaymediacom,

Trust you are doing good, and thank you for reaching out to us.

I checked the code on a test website but couldn’t replicate the issue. Could you please share an export of the form so we can look closely at this?

Reff: https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#import-export

Please share the export of the form using Google Drive or Dropbox as a text file.

Kind Regards,
Nebu John

Here’s a link to the form export: https://drive.google.com/file/d/1x4SQQ2_zs-MjSGVNeEAoffGZGRrR5KRl/view?usp=sharing

Again, we experienced this on multiple sites with multiple forms. Is that github code only meant to work with the PRO version of Forminator? We only have the free version installed.

Was logged in under the wrong user on that previous comment.

Here’s a link to the form export: https://drive.google.com/file/d/1x4SQQ2_zs-MjSGVNeEAoffGZGRrR5KRl/view?usp=sharing

Again, we experienced this on multiple sites with multiple forms. Is that github code only meant to work with the PRO version of Forminator? We only have the free version installed.

Hi @designnewdaymediacom

I hope you are doing well.

I was able to replicate this issue, we pinged our Second Line Support to verify why it is happening.

Forminator also integrates to cleantalk anti-spam https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#cleantalk-anti-spam & Akismet https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#security

We will keep you posted.
Best Regards
Patrick Freitas

Hi @designnewdaymediacom

I hope you are doing well.

Can you test this version on your Staging or Development site?

<?php
/**
 * Plugin Name: [Forminator] - Banned words
 * Plugin URI: https://premium.wpmudev.org/
 * Description: Banned words check for Forminator.
 * Author: Panos Lyrakis @ WPMUDEV
 * Author URI: https://premium.wpmudev.org/
 * License: GPLv2 or later
 */

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

if ( defined( 'WP_CLI' ) && WP_CLI ) {
	return;
}

if ( ! class_exists( 'WPMUDEV_Forminator_Banned_Words' ) ) {

	class WPMUDEV_Forminator_Banned_Words {

		private $error_message = 'There were some banned words found in your submission';

		private static $_instance = null;

		private $filter_error_message = false;

		public static function get_instance() {

			if ( is_null( self::$_instance ) ) {
				self::$_instance = new self();
			}
			return self::$_instance;

		}

		private function __construct() {
			add_filter( 'forminator_custom_form_submit_errors', array( $this, 'control_words' ), 10, 3 );
			add_filter( 'forminator_custom_form_invalid_form_message', array( $this, 'filter_error_message' ) );
		}

		public function control_words( $submit_errors, $form_id, $field_data_array ) {
			$csv_file = WP_CONTENT_DIR . '/mu-plugins/bannedwords.csv';
            foreach( $field_data_array as $key => $value ) {
                if( isset ( $value[ 'form_field_obj' ] ) ) {
                    unset( $field_data_array[ $key ][ 'form_field_obj' ] );
                }
            }

			if ( file_exists( $csv_file ) && is_readable( $csv_file ) ) {
				$fields_words = implode(
					' ',
					array_map(
						function( $a ) {
							return implode( ' ', $a );
						},
						$field_data_array
					)
				);
                
				$banned_words = array_map(
					function( $csv ) {
						return $csv[0];
					},
					array_map( 'str_getcsv', file( $csv_file ) )
				);

				$banned_words = implode( '|', $banned_words );
				$banned_words = preg_replace( '/[^\w_|]+/u', '', $banned_words );

				$matches     = array();
				$match_found = preg_match(
					'(' . $banned_words . ')',
					$fields_words,
					$matches
				);

				if ( $match_found && ! empty( $matches ) ) {
					// We need somehting here so that the <code>$submit_errors</code> array is not empty.
					$submit_errors[]            = array( $matches );
					$this->filter_error_message = true;
				}
			}

			return $submit_errors;
		}

		public function filter_error_message( $invalid_form_message ) {
			if ( $this->filter_error_message ) {
				$invalid_form_message = __( $this->error_message );
			}

			return $invalid_form_message;
		}

	}

	if ( ! function_exists( 'wpmudev_forminator_banned_words' ) ) {

		function wpmudev_forminator_banned_words() {
			return WPMUDEV_Forminator_Banned_Words::get_instance();
		};

		add_action( 'plugins_loaded', 'wpmudev_forminator_banned_words', 10 );
	}
}

The bannedwords.csv must be uploaded inside the wp-content > mu-plugins.

Best Regards
Patrick Freitas

That version works! Thanks! Do you know, will this be fairly forwards compatible, or will I need to check functionality when Forminator has an update?

Hi @designnewdaymediacom

It should be compatible but in all honestly: I cannot make promises on this. it’s a custom piece of code and while we try to avoid changes that could possibly break such custom codes, it’s not always possible and I’m afraid we can’t always test new plugin versions with all and every custom code snippet that was ever created for the plugin.

This is because security and compatibility with current PHP/WordPress versions (as well as a lot of other/3rd-party popular plugins) is a priority here, as well as new features. Sometimes this, unfortunately, requires changes that may affect such custom codes.

So to sum it up: we try to create such snippets using as “generic” code as possible which usually means that they should stay compatible in most cases for a long time but as much as I’d love to – I cannot guarantee that.

But of course if some update breaks it, please feel free to let us know and we’ll be happy to give it a look and see if we can provide update to such custom code.

Kind regards,
Adam

Hello @designnewdaymediacom ,

We haven’t heard from you for over 2 weeks now, so it looks like you don’t need our assistance anymore.

Feel free to re-open this ticket if needed.

Kind regards
Kasia