Nebula is a WordPress theme framework that focuses on enhancing development. The core features of Nebula make it a powerful tool for designing, developing, and analyzing WordPress websites consistently, yet its deliberately uncomplicated code syntax also serves as a learning resource for programmers themselves.
Nebula can help detect spam form submissions particularly on websites that do not allow/expect HTML in field data. The vast majority of spam submissions I've reviewed while working on #2279 contain HTML (particularly links).
Most client websites that I have worked on do not expect or require any HTML tags within the form field values being submitted, so any that do contain HTML could be considered spam.
From the submissions not detected as spam via the CF7 Honeypot plugin only (Google Recaptcha inactive), the false negatives that ended up in the actual submission list all contained HTML.
So create a Nebula Option that can be enabled to add a Nebula spam detection agent for CF7. When enabled, Nebula will check each field for HTML tags and if any are found it will reject the submission as spam. If the option is disabled, Nebula will do no spam checks whatsoever.
Here's what I'm thinking (untested):
add_filter('wpcf7_spam', array($this, 'nebula_cf7_spam_agent'), 10, 2);
public function nebula_cf7_spam_agent($spam, $submission = null){
if ( $spam ) { //If the submission was already detected as spam, don't check further details
return $spam;
}
//If the Nebula Option is not enabled, don't check anything
if ( 1==2 ){ //@todo: Nebula Option here
return $spam;
}
$cf7form = WPCF7_ContactForm::get_current();
$form_tags = $cf7form->scan_form_tags();
foreach ( $form_tags as $tag ) {
$value = isset( $_POST[$tag->name] ) ? $_POST[$tag->name] : '';
if ( 1==2 ) { //@todo: If the field value contains HTML tags $value
$spam = true;
if ( $submission ) {
$submission->add_spam_log(array(
'agent' => 'nebula',
'reason' => sprintf(
__('Nebula detected field contained HTML. Field ID = %1$s', 'nebula'),
$tag->name
),
));
}
return $spam; //There's no need to go on, this is most likely a bot submission.
}
}
return $spam;
}
chrisblakley
commented
3 months ago
Nebula can help detect spam form submissions particularly on websites that do not allow/expect HTML in field data. The vast majority of spam submissions I've reviewed while working on #2279 contain HTML (particularly links).
Most client websites that I have worked on do not expect or require any HTML tags within the form field values being submitted, so any that do contain HTML could be considered spam.
From the submissions not detected as spam via the CF7 Honeypot plugin only (Google Recaptcha inactive), the false negatives that ended up in the actual submission list all contained HTML.
So create a Nebula Option that can be enabled to add a Nebula spam detection agent for CF7. When enabled, Nebula will check each field for HTML tags and if any are found it will reject the submission as spam. If the option is disabled, Nebula will do no spam checks whatsoever.
Here's what I'm thinking (untested):