spam-prevention.php

<?php
/**
 *	This file will introduce a basic spam filter
 *	mm_spam v1
 */

function mm_spam_stop_forum_spam_api( $args = array() ) {
	$defaults = array(
		'ip' 			=> ( isset( $_SERVER['REMOTE_ADDR'] ) ) ? $_SERVER['REMOTE_ADDR'] : '',
		'email'			=> '',
		'username'		=> '',
	);
	$url = 'https://www.stopforumspam.com/api?';
	$args = wp_parse_args( $args, $defaults );
	$args['f']	= 'json';
	$args['confidence']	= true;
	$args = array_filter( $args );
	$query = $url . http_build_query( $args );
	$key = md5( $query );
	if ( false === ( $transient = get_transient( 'mm_spam_' . $key ) ) ) {
		$result = wp_remote_get( $query );
		if ( ! is_wp_error( $result ) ) {

			if ( strlen( $result['body'] ) < 10 || 200 != $result['response']['code'] ) {
				return false;
			}

			if ( $data = json_decode( $result['body'] ) ) {
				// it is json. continue
				if ( $data->success != 1 ) {
					return false;
				}

				if ( isset( $data->ip ) || isset( $data->email ) || isset( $data->username ) ) {

					$blocked = false;

					if ( isset( $data->ip->confidence ) && $data->ip->confidence > get_option( 'mm_confidence_ip', 75 ) ) { $blocked = 'ip';	}
					if ( isset( $data->username->confidence ) && $data->username->confidence > get_option( 'mm_confidence_username', 95 ) ) { $blocked = 'username';	}
					if ( isset( $data->email->confidence ) && $data->email->confidence > get_option( 'mm_confidence_email', 75 ) ) {	$blocked = 'email';	}

					if ( $blocked ) {
						$event = array(
							't'		=> 'event',
							'ec'	=> 'scheduled',
							'ea'	=> 'spam_blocked_' . $blocked,
							'el'	=> 0,
						);
						if ( isset( $events['weekly'][ $event['ea'] ] ) ) {
							$events['weekly'][ $event['ea'] ]['el']++;
						} else {
							$events['weekly'][ $event['ea'] ] = $event;
						}
						update_option( 'mm_cron', $events );
						set_transient( 'mm_spam_' . $key, 'yes', DAY_IN_SECONDS );
						return true;
					} else {
						set_transient( 'mm_spam_' . $key, 'no', DAY_IN_SECONDS );
					}
				}
			}
		}
	} else {
		return ( 'yes' == $transient ) ? true : false;
	}
	return false;
}

//check ip on login pageload
function mm_spam_check_ip_init() {
	if ( mm_spam_stop_forum_spam_api() ) {
		wp_die( '<center>Your IP is on a <a href="http://stopforumspam.com">Spam Blacklist</a>.</center>', 'MOJO Spam Prevention' );
	}
}
add_action( 'login_init', 'mm_spam_check_ip_init' );

function mm_spam_check_comment( $approved, $comment ) {

	if ( ! empty( $comment['user_ID'] ) && get_user_by( 'id', $comment['user_ID'] ) ) {
		return $approved;
	}

	$check = array( 'ip' => $comment['comment_author_IP'] );

	if ( isset( $comment['comment_author_email'] ) && is_email( $comment['comment_author_email'] ) ) {
		$check['email'] = $comment['comment_author_email'];
	}

	if ( isset( $comment['comment_author'] ) ) {
		$check['username'] = $comment['comment_author'];
	}

	return ( mm_spam_stop_forum_spam_api( $check ) ) ? 'spam' : $approved;
}
add_action( 'pre_comment_approved' , 'mm_spam_check_comment', 99, 2 );

function mm_spam_add_blacklist_words( $words ) {
	if ( isset( $_SERVER['PHP_SELF'] ) && strpos( $_SERVER['PHP_SELF'], '/options' ) || isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], '/options' ) ) {
		return $words;
	}
	$words = explode( "\n", $words );
	$blocked_words = array( 'byob','poze','bdsm','paxil','cialis','incest','ambien','adipex','shemale','meridia','cumshot','adderall','hair-loss','bllogspot','hydrocodone','discreetordering','aceteminophen','augmentation','enhancement','phentermine','doxycycline','citalopram','cephalaxin','vicoprofen','lorazepam','oxycontin','oxycodone','percocet','tramadol','cymbalta','lesbian','lexapro','valtrex','titties','meridia','levitra','vicodin','ephedra','lipitor','breast','cyclen','viagra','valium','hqtube','ultram','clomid','vioxx','zolus','pussy','porno','xanax','penis','porn','dick','cock','tits','fuck','shit','gdf','gds' );
	$words = array_merge( $words, $blocked_words );
	$words = array_unique( $words );
	$words = implode( "\n", $words );
	return $words;
}
add_filter( 'option_blacklist_keys', 'mm_spam_add_blacklist_words' );

function mm_spam_add_moderation_words( $words ) {
	if ( isset( $_SERVER['PHP_SELF'] ) && strpos( $_SERVER['PHP_SELF'], '/options' ) || isset( $_SERVER['SCRIPT_NAME'] ) && strpos( $_SERVER['SCRIPT_NAME'], '/options' ) ) {
		return $words;
	}
	$words = explode( "\n", $words );
	$moderated_words = array( 'д','и','ж','Ч','Б','[url=','[/url]','naked','sex','bitch','soma','gay','nude' );
	$words = array_merge( $words, $moderated_words );
	$words = array_unique( $words );
	$words = implode( "\n", $words );
	return $words;
}
add_filter( 'option_moderation_keys', 'mm_spam_add_moderation_words' );

function mm_spam_process_hidden_field( $data ) {
	if ( is_user_logged_in() ) {
		return $data;
	}

	if ( class_exists( 'Jetpack' ) && Jetpack::is_module_active( 'comments' ) ) {
		return $data;
	}

	$spam_key = md5( $_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] );
	if ( ! isset( $_POST['js-spam-prevention'] ) || $_POST['js-spam-prevention'] !== $spam_key ) {
		if ( current_filter() !== 'registration_errors' ) {
			die( 'Blocked as suspected bot.' );
		} else {
			$data->add( 'bot_error', 'Suspected bot.' );
		}
	}
	return $data;
}
add_filter( 'preprocess_comment', 'mm_spam_process_hidden_field' );
add_filter( 'registration_errors', 'mm_spam_process_hidden_field' );

function mm_spam_add_hidden_field() {
	$spam_key = md5( $_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] );
	?>
	<script type="text/javascript">
        jQuery( document ).ready( function( $ ) {
            $( '.comment-form, #registerform' ).append( '<input type="hidden" name="js-spam-prevention" value="<?php echo $spam_key; ?>"/>' );
        } );
	</script>
	<?php
}
add_action( 'comment_form_after', 'mm_spam_add_hidden_field', 20 );
add_action( 'register_form', 'mm_spam_add_hidden_field' );