ci: add PHP 8.4 to test matrix

The cleanup request was no longer precessed since we refactored the
settings page in v1.7.0 to use the WP settings API. Process the request
including nonce verification during page creation restores it.

.distignore

@@ -0,0 +1,18 @@
+/.git
+/.github
+/assets
+/dist
+/test
+/vendor
+/.distignore
+/.editorconfig
+/.gitattributes
+/.gitignore
+/.travis.yml
+/composer.json
+/composer.lock
+/CONTRIBUTING.md
+/package.json
+/package-lock.json
+/phpcs.xml
+/phpunit.xml

.editorconfig

@@ -0,0 +1,21 @@
+# This file is for unifying the coding style for different editors and IDEs
+# editorconfig.org
+
+# WordPress Coding Standards
+# https://make.wordpress.org/core/handbook/coding-standards/
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+indent_style = tab
+
+[{.jshintrc,*.json,*.yml,*.feature}]
+indent_style = space
+indent_size = 2
+
+[{*.txt,wp-config-sample.php}]
+end_of_line = crlf

.gitattributes

@@ -0,0 +1,14 @@
+/.github export-ignore
+/assets export-ignore
+/dist export-ignore
+/test export-ignore
+.distignore export-ignore
+.gitattributes export-ignore
+.gitignore export-ignore
+.travis.yml export-ignore
+composer.json export-ignore
+composer.lock export-ignore
+CONTRIBUTING.md export-ignore
+package.json export-ignore
+phpcs.xml export-ignore
+phpunit.xml export-ignore

.github/workflows/test.yml

@@ -0,0 +1,55 @@
+name: CI
+on: [ push, pull_request ]
+jobs:
+  unit-test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php: [ '5.6', '7.4', '8.0', '8.2', '8.4' ]
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          coverage: xdebug
+          tools: composer
+      - name: Install
+        run: composer install --no-interaction
+      - name: Unit tests
+        run: |
+          composer test
+          sed -i "s#<file name=\"${GITHUB_WORKSPACE}#<file name=\"/github/workspace#g" tests-clover.xml
+      - name: Analyze with SonarCloud
+        if: matrix.php == '8.2' && env.SONAR_TOKEN != ''
+        uses: sonarsource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=stklcode-github
+            -Dsonar.projectKey=stklcode:statify-blacklist
+            -Dsonar.sources=inc,statify-blacklist.php
+            -Dsonar.tests=test
+            -Dsonar.php.tests.reportPath=tests-junit.xml
+            -Dsonar.php.coverage.reportPaths=tests-clover.xml
+            -Dsonar.coverage.exclusions=test/**/*.php
+
+  quality:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.2'
+          tools: composer
+      - name: Install
+        run: composer install --no-interaction
+      - name: Code style checks for PHP
+        run: composer test-cs

.github/workflows/wordpress-plugin-asset-update.yml

@@ -0,0 +1,20 @@
+name: Plugin asset/readme update
+on:
+  push:
+    branches:
+      - stable
+jobs:
+  master:
+    name: Push to stable
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Clean README.md
+        run: tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
+      - name: WordPress.org plugin asset/readme update
+        uses: 10up/action-wordpress-plugin-asset-update@stable
+        env:
+          ASSETS_DIR: assets
+          README_NAME: README.md
+          SVN_PASSWORD: ${{ secrets.WP_SVN_PASSWORD }}
+          SVN_USERNAME: ${{ secrets.WP_SVN_USERNAME }}

.github/workflows/wordpress-plugin-check.yml

@@ -0,0 +1,23 @@
+name: Plugin check
+on:
+  push:
+    branches: [ 'stable', 'release/*' ]
+  pull_request:
+    branches: [ 'stable' ]
+jobs:
+  check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Package plugin
+        run: |
+          mkdir -p ./dist
+          tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
+          rsync -rc --exclude-from=.distignore ./ ./dist/statify-blacklist --delete --delete-excluded
+
+      - name: Check WP plugin
+        uses: wordpress/plugin-check-action@v1
+        with:
+          build-dir: ./dist/statify-blacklist

.github/workflows/wordpress-plugin-deploy.yml

@@ -0,0 +1,20 @@
+name: Deploy to WordPress.org
+on:
+  push:
+    tags:
+      - "v*"
+      - "!v*-*"
+jobs:
+  tag:
+    name: New tag
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Clean README.md
+        run: tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
+      - name: WordPress Plugin Deploy
+        uses: 10up/action-wordpress-plugin-deploy@stable
+        env:
+          ASSETS_DIR: assets
+          SVN_PASSWORD: ${{ secrets.WP_SVN_PASSWORD }}
+          SVN_USERNAME: ${{ secrets.WP_SVN_USERNAME }}

.gitignore

@@ -3,3 +3,6 @@ composer.lock
 /node_modules/
 /dist/
 .idea
+tests-clover.xml
+tests-junit.xml
+.phpunit.result.cache

.travis.yml

@@ -1,14 +0,0 @@
-language: php
-dist: trusty
-php:
-  - '5.5'
-  - '5.6'
-  - '7.0'
-  - '7.1'
-before_script:
-  - composer install --no-interaction
-  - vendor/bin/phpcs --config-set installed_paths vendor/wp-coding-standards/wpcs
-script:
-  - vendor/bin/phpunit ./test/statifyblacklist-test.php
-  - vendor/bin/phpcs statify-blacklist.php --standard=phpcs.xml
-  - vendor/bin/phpcs ./inc/ --standard=phpcs.xml --extensions=php

CONTRIBUTING.md

@@ -0,0 +1,132 @@
+# How to contribute
+
+As for all great Open Source projects, contributions in form of bug reports and code are welcome and important to keep the project alive.
+
+In general, this project follows the [GitHub Flow](https://guides.github.com/introduction/flow/). 
+Fork the project, commit your changes to your branch, open a pull request and it will probably be merged.
+However, to ensure maintainability and quality of the code, there are some guidelines you might be more or less familiar with. 
+For that purpose, this document describes the important points.
+
+## Opening an Issue
+
+If you experience any issues with the plugin or the code, don't hesitate to file an issue.
+
+### Bug Reports
+
+Think you found a bug?
+Please clearly state what happens and describe your environment to help tracking down the issue.
+ 
+* Which version of the plugin are you running?
+* Which version of WordPress?
+* Which version(s) of related plugin(s) (e.g. Statify)?
+* Which version of PHP and - if of interest - which webserver are you running?
+
+### Feature Requests
+
+Missing a feature or like to have certain functionality enhanced?
+No problem, please open an issue and describe what and why you think this change is required.
+
+## Pull Requests
+
+If you want to contribute your code to solve an issue or implement a desired feature yourself, you might open a pull request.
+If the changes introduce new functionality or affect major parts of existing code, please consider opening an issue for discussion first.
+
+For adding new functionality a new test case the corresponding PHPUnit test would be nice (no hard criterion though).
+
+The `master` branch should also be target for most pull requests.
+However it it features new functionality you might want to target the `develop` branch instead (see next section for details on branches).
+
+### Branches
+
+The `master` branch represents the current state of development.
+Please ensure your initial code is up to date with it at the time you start development.
+
+In addition, this project features a `develop` branch, which holds bleeding edge developments, not necessarily considered stable or even compatible.
+Do not expect this code to run smoothly, but you might have a look into the history to see if some work on an issue has already been started there.
+
+For fixes and features, there might be additional branches, likely prefixed by `hotfix/` or `feature/` followed by an issue number (if applicable) and/or a title.
+Feel free to adapt this naming scheme to your forks.
+
+### Merge Requirements
+
+To be merged into the master branch, your code has to pass the automated continuous integration tests, to ensure compatibility.
+In Addition your code has to be approved by a project member.
+
+#### What if my code fails the tests?
+
+Don't worry, you can submit your PR anyway. 
+The reviewing process might help you to solve remaining issues.
+
+### Commit messages
+
+Please use speaking titles and messages for your commits, to ensure a transparent history.
+If your patch fixes an issue, reference the ID in the first line.
+If you feel like you have to _briefly_ explain your changes, do it (for long explanations and discussion, consider opening an issue or describe in the PR).
+
+**Example commit:**
+```text
+Fix nasty bug from #1337
+
+This example commit fixes the issue that some people write non-speaking commit messages like 'done magic'.
+A short description is helpful sometimes.
+```
+
+You might sign your work, although that's no must.
+
+### When will it be merged?
+
+Short answer: When it makes sense.
+
+Bugfixes should be merged in time - assuming they pass the above criteria.
+New features might be assigned to a certain milestone and as a result of this be scheduled according to the planned release cycle.
+
+## Compatibility
+
+To ensure usability for a wide range of users, please take note on the software requirements stated in the `README`.
+This includes especially the minimum PHP version and also the minimum version of WordPress.
+
+If you are unsure if your code matches these versions, the test will probably tell you.
+
+In case you think, your change is more important than maintaining backwards compatibility, please start a discussion to see, 
+if we might increase the minimum version or find a workaround for legacy systems. 
+
+## Build Environment
+
+All you need to start off - besides your favorite IDE of course - is [Composer](https://getcomposer.org). 
+Running `composer install` will fetch all dependencies and build tools required. 
+You might have noticed that this project contains a [Robo](http://robo.li) build script.
+Running the _build_-task (`./vendor/bin/robo build`) executes the full chain from cleanup over test to bundling the final product in the `dist` directory.
+A complete list of the available tasks and options can be shown by running `robo list`.
+
+## Unit Tests
+
+The PHP code is tested by a PHPUnit tests.
+All test files are located in the `test` directory. 
+Files ending with `-test.php` will be automatically included into the test suite.
+The coverage is not yet perfect, but be invited to write tests for methods not yet covered or newly introduced by your patch.
+
+## Code Style
+
+This project, as part of the WordPress ecosystem adheres to the [WordPress Coding Standards](https://codex.wordpress.org/WordPress_Coding_Standards).
+Please make sure that you are at least roughly familiar with those guidelines.
+
+The code style is automatically checked for commits (including pull requests) using [PHP CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer).
+You can check your code against the configured ruleset yourself by running
+ `./vendor/bin/phpcs --standard=phpcs.xml your-edited-file.php` (assuming `composer install` has been executed) or the Robo task `robo test:cs` for a complete scan.
+
+Please see these standards as guidelines. 
+If code style this is the only test that fails and your code's semantics are fine, don't hesitate to submit your pull request anyway.
+We probably find a solution for that.
+
+## Continuous Integration
+
+Automated tests are run using [Travis CI](https://travis-ci.org/stklcode/statify-blacklist) for every commit including pull requests.
+They ensure compatibility with the supported PHP versions and the WP Coding Standards.
+
+There is also a semi-automated code quality analysis pushing results to [SonarCloud](https://sonarcloud.io/dashboard?id=de.stklcode.web.wordpress.plugins%3Astatify-blacklist).
+Keep in mind that the ruleset is not yet perfect, so not every minor issue has to be fixed immediately.
+
+## Still Open Questions?
+
+If anything is still left unanswered and you're unsure if you got it right, don't hesitate to contact a team member.
+in any case you might submit your request/issue anyway, we won't refuse good code only for formal reasons.

Gulpfile.js

@@ -1,61 +0,0 @@
-var gulp = require('gulp');
-var clean = require('gulp-clean');
-var copy = require('gulp-copy');
-var zip = require('gulp-zip');
-var composer = require('gulp-composer');
-var phpunit = require('gulp-phpunit');
-var exec = require('child_process').exec;
-var phpcs = require('gulp-phpcs');
-var config = require('./package.json');
-
-// Clean the target directory.
-gulp.task('clean', function () {
-	console.log('Cleaning up target directory  ...');
-	return gulp.src('dist', {read: false})
-		.pipe(clean());
-});
-
-// Prepare composer.
-gulp.task('compose', function () {
-	console.log('Preparing Composer ...');
-	return composer('install');
-});
-
-// Execute unit tests.
-gulp.task('test', ['compose'], function () {
-	console.log('Running PHPUnit tests ...');
-	return gulp.src('phpunit.xml')
-		.pipe(phpunit('./vendor/bin/phpunit', {debug: false}));
-});
-
-// Execute PHP Code Sniffer.
-gulp.task('test-cs', function (cb) {
-	return exec('./vendor/bin/phpcs --config-set installed_paths vendor/wp-coding-standards/wpcs', function (err, stdout, stderr) {
-		console.log(stdout);
-		console.log(stderr);
-		if (null === err) {
-			console.log('Running PHP Code Sniffer tests ...');
-			gulp.src(['statify-blacklist.php', 'inc/**/*.php'])
-				.pipe(phpcs({bin: './vendor/bin/phpcs', standard: 'phpcs.xml'}))
-				.pipe(phpcs.reporter('log'));
-		}
-		cb(err);
-	});
-});
-
-// Bundle files as required for plugin distribution..
-gulp.task('bundle', ['clean'], function () {
-	console.log('Collecting files for package dist/' + config.name + config.version + ' ...');
-	return gulp.src(['**/*.php', '!test/**', '!vendor/**', 'README.md', 'LICENSE.md'], {base: './'})
-		.pipe(copy('./dist/' + config.name + '.' + config.version));
-});
-
-// Create a ZIP package of the relevant files for plugin distribution.
-gulp.task('package', ['bundle'], function () {
-	console.log('Building package dist/' + config.name + config.version + '.zip ...');
-	return gulp.src('./dist/' + config.name + '.' + config.version + '/**')
-		.pipe(zip(config.name + '.' + config.version + '.zip'))
-		.pipe(gulp.dest('./dist'));
-});
-
-gulp.task('default', ['clean', 'compose', 'test', 'test-cs', 'bundle', 'package']);

LICENSE.md

@@ -357,5 +357,5 @@ into proprietary programs. If your program is a subroutine library,
 you may consider it more useful to permit linking proprietary
 applications with the library. If this is what you want to do, use the
 [GNU Lesser General Public
-License](http://www.gnu.org/licenses/lgpl.html) instead of this
-License.
+License](https://www.gnu.org/licenses/lgpl.html) instead of this
+License.

README.md

@@ -1,32 +1,43 @@
-# Statify Blacklist #
-* Contributors:      Stefan Kalscheuer
-* Requires at least: 3.9
-* Tested up to:      4.8
-* Stable tag:        1.4.1
+[![CI](https://github.com/stklcode/statify-blacklist/actions/workflows/test.yml/badge.svg?branch=stable)](https://github.com/stklcode/statify-blacklist/actions/workflows/test.yml)
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=stklcode%3Astatify-blacklist&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=stklcode%3Astatify-blacklist)
+[![Packagist Version](https://img.shields.io/packagist/v/stklcode/statify-blacklist)](https://packagist.org/packages/stklcode/statify-blacklist)
+[![License](https://img.shields.io/badge/license-GPL%20v2-blue.svg)](https://github.com/stklcode/statify-blacklist/blob/stable/LICENSE.md)
+
+# Statify Filter #
+* Contributors:      stklcode
+* Requires at least: 4.7
+* Tested up to:      6.8
+* Requires PHP:      5.5
+* Stable tag:        1.7.2
 * License:           GPLv2 or later
-* License URI:       http://www.gnu.org/licenses/gpl-2.0.html
+* License URI:       https://www.gnu.org/licenses/gpl-2.0.html
+
+Filter extension for the famous Statify WordPress plugin.
 
 ## Description ##
-A blacklist extension for the famous [Statify](https://wordpress.org/plugins/statify/) Wordpress plugin.
+A filter extension for the famous [Statify](https://wordpress.org/plugins/statify/) WordPress plugin.
 
-This plugin adds customizable blacklist to Statify to allow blocking of referer spam or internal interactions.
+This plugin adds customizable filters to Statify to allow blocking of referer spam or internal interactions.
 
-### Features ##
+### Features ###
 
-#### Referer Blacklist ####
+#### Referer Filter ####
 Add a list of domains (for simplicity only second-level, e.g. _example.com_ which blocks _everything.example.com_).
 
-#### Target Blacklist ####
+#### Target Filter ####
 Add a list of target pages (e.g. _/test/page/_, _/?page_id=123_) that will be excluded from tracking.
 
-#### IP Blacklist ####
+#### IP Filter ####
 Add a list of IP addresses or subnets (e.g. _192.0.2.123_, _198.51.100.0/24_, _2001:db8:a0b:12f0::/64_).
 
+#### User Agent Filter ####
+Add a list of (partial) user agent strings to exclude (e.g. _curl_, _my/bot_, _Firefox_).
+
 #### CleanUp Database ####
 Filters can be applied to data stored in database after modifying filter rules or for one-time clean-up.
 
 #### Compatibility ####
-This plugin requires Statify to be installed. The extension has been tested with Statify up to version 1.5.1
+This plugin requires Statify to be installed. The extension has been tested with Statify up to version 1.8
 The plugin is capable of handling multisite installations.
 
 ### Support & Contributions ###
@@ -36,56 +47,131 @@ The plugin is capable of handling multisite installations.
 
 ### Credits ###
 * Author: Stefan Kalscheuer
-* Special Thanks to [pluginkollektiv](https://github.com/pluginkollektiv) for maintaining _Statify_
+* Special Thanks to [pluginkollektiv](https://pluginkollektiv.org/) for maintaining _Statify_
 
 ## Installation ##
-* If you don’t know how to install a plugin for WordPress, [here’s how](http://codex.wordpress.org/Managing_Plugins#Installing_Plugins).
-* Make sure _Statify_ plugin is installed and active 
-* Goto _Settings_ -> _Statify Blacklist_ to configure the plugin
+* If you don’t know how to install a plugin for WordPress, [here’s how](https://wordpress.org/support/article/managing-plugins/#installing-plugins).
+* Make sure _Statify_ plugin is installed and active
+* Goto _Settings_ -> _Statify Filter_ to configure the plugin
 
 ### Requirements ###
 * PHP 5.5 or above
-* WordPress 3.9 or above
-* Statify plugin installed and activated (tested up to 1.5.1)
+* WordPress 4.7 or above
+* _Statify_ plugin installed and activated (1.5 or above)
 
 ## Frequently Asked Questions ##
 
 ### What is blocked by default? ###
-Nothing. By default all blacklists are empty and disabled. They can and have to be filled by the blog administrator.
+Nothing. By default, all filters are empty and disabled. They can and have to be filled by the blog administrator.
 
-A default blacklist is not provided, as the plugin itself is totally neutral. If you want to filter out referer spam, 
-visitors from search engines, just "false" referers from 301 redirects or you own IP address used for testing only depends on you.
+A default filter is not provided, as the plugin itself is totally neutral. If you want to filter out referer spam,
+visitors from search engines, just "false" referrers from 301 redirects or you own IP address used for testing only depends on you.
 
 ### Does the filter effect user experience? ###
-No. It only prevent's _Statify_ from tracking, nothing more or less.
+No. It only prevents _Statify_ from tracking, nothing more or less.
 
 ### Does live filtering impact performance? ###
-Yes, but probalby not noticeable. Checking a single referer string against a (usually small) list should be negligible compared to the total loading procedure.
+Yes, but probably not noticeable. Checking a single referer string against a (usually small) list should be negligible compared to the total loading procedure.
 If this still is an issue for you, consider deactivating the filter and only run the one-time-cleanup or activate the cron job.
- 
+
 ### Is any personal data collected? ###
 No. The privacy policy of _Statify_ is untouched. Data is only processed, not stored or exposed to anyone.
 
 ### Are regular expression filters possible? ###
-Yes, it is. Just select if you want to filter using regular expressions case sensitive or insensitive.
+Yes, it is. Just select regular expressions (case-sensitive or insensitive) as matching method instead of exact or keyword match.
 
-Note, that regular expression matching is significantly slower than the plain domain filter. Hence it is only recommended for asynchronous cron or manual execution and not for live filtering.
+### Why is IP and User Agent filtering only available as live filter? ###
+As you might know, _Statify_ does not store any personal information, including IP addresses in the database.
+Because of this, these filters can only be applied while processing the request and not afterwards.
 
-### Why is IP filtering only available as live filter? ###
-As you might know, Statify does not store any personal information, including IP addresses in the database.
-Because of this, an IP blacklist can only be applied while processing the request and not afterwards.
+### Can whole IP subnet be blocked? ###
+Yes. The plugin features subnet filters using CIDR notation.
+For example _198.51.100.0/24_ filters all sources from _198.51.100.1_ to _198.51.100.254_.
+Same for IPv6 prefixes like _2001:db8:a0b:12f0::/64_.
 
 
 ## Screenshots ##
-1. Statify Blacklist settings page
+1. Statify Filter settings page
 
-## Changelog ##
+## Upgrade Notice ##
+
+### 1.7.2 ###
+This is a bugfix release to restore the manual cleanup function that was broken since 1.7.0.
+
+### 1.7.1 ###
+This is a service release with minor corrections. Recommended for all users. Tested up to 6.5.
+
+### 1.7.0 ###
+This is a service release with primarily internal rework. Tested up to 6.4 and PHP 8.3.
+
+
+## Changelog
+
+### 1.7.2 / 06.06.2024 ###
+* Restore manual database cleanup functionality
+
+### 1.7.1 / 24.03.2024 ###
+* Fix HTML syntax for checkboxes on settings page
+* Simplify some internal control structures
+* Add plugin dependency to Statify
+* Declared compatibility with WordPress 6.5
+
+### 1.7.0 / 11.03.2024 ###
+* Internal rework of plugin settings
+* Make the IP filter list unique
+* Fix options upgrade routine
+* Declared compatibility with WordPress 6.4
+
+### 1.6.3 / 14.08.2023 ###
+* Minor internal code cleanup
+* Declared compatibility with WordPress 6.3
+
+### 1.6.2 / 25.02.2023 ###
+* Always process IPv6 addresses lowercase
+* Optimize internally used regular expression
+* Minor adjustments to prevent warnings during user agent filtering with PHP 8.2
+
+### 1.6.1 / 28.05.2021 ###
+* Fix storage of user agent filter list (#28, props @BananaSquishee)
+
+### 1.6.0 / 09.12.2020 ###
+
+Plugin renamed to _Statify Filter_.
+
+* Minor accessibility fixes on settings page
+* Introduced new user agent filter (#20)
+* Declared compatibility with WordPress 5.6
+
+### 1.5.2 / 03.09.2020 ###
+* Minor translation updates
+* Declared compatibility with WordPress 5.5
+
+### 1.5.1 / 20.05.2020 ###
+* Fix initialization on AJAX calls for _Statify_ 1.7 compatibility (#22)
+
+### 1.5.0 / 13.05.2020 ###
+* Minimum required WordPress version is 4.7
+* Removed `load_plugin_textdomain()` and `Domain Path` header
+* Added automatic compatibility check for WP and PHP version (#17)
+* Added keyword filter mode for referer blacklist (#15)
+* Layout adjustments on settings page
+* Regular expression filters are validated before saving (#13)
+
+### 1.4.4 / 19.05.2018 ###
+* Fix live filter chain when regular expressions are active (#12)
+
+### 1.4.3 / 09.01.2018 ###
+* Fix issues with multisite installation (#11)
+
+### 1.4.2 / 12.11.2017 ###
+* Minor code fixes
 
 ### 1.4.1 / 16.07.2017 ###
 * Relicensed to GPLv2 or later
 * Fix filter hook if referer is disabled (#9)
 * Fix problem with faulty IPv6 netmask in IP blacklist
 * Minor changes for WP Coding Standard
+* Minimum required WordPress version is 4.4 (#10)
 
 ### 1.4.0 / 10.06.2017 ###
 * IP blacklist implemented (#7)
@@ -104,7 +190,7 @@ Because of this, an IP blacklist can only be applied while processing the reques
 
 ### 1.2.0 / 29.08.2016 ###
 * Switched from `in_array()` to faster `isset()` for referer checking
-* Optional cron execiton implemented
+* Optional cron execution implemented
 
 ### 1.1.2 / 17.08.2016 ###
 * Prepared for localization

assets/blueprints/blueprint.json

@@ -0,0 +1,36 @@
+{
+  "$schema": "https://playground.wordpress.net/blueprint-schema.json",
+  "landingPage": "/wp-admin/options-general.php?page=statify-blacklist",
+  "features": {
+    "networking": true
+  },
+  "steps": [
+    {
+      "step": "login",
+      "username": "admin",
+      "password": "password"
+    },
+    {
+      "step": "installPlugin",
+      "pluginData": {
+        "resource": "wordpress.org/plugins",
+        "slug": "statify"
+      }
+    },
+    {
+      "step": "activatePlugin",
+      "pluginPath": "statify/statify.php"
+    },
+    {
+      "step": "installPlugin",
+      "pluginData": {
+        "resource": "wordpress.org/plugins",
+        "slug": "statify-blacklist"
+      }
+    },
+    {
+      "step": "activatePlugin",
+      "pluginPath": "statify-blacklist/statify-blacklist.php"
+    }
+  ]
+}

composer.json

@@ -1,14 +1,14 @@
 {
   "name": "stklcode/statify-blacklist",
-  "version": "1.4.1",
-  "description": "A blacklist extension for the famous Statify WordPress plugin",
+  "version": "1.7.2",
+  "description": "A filter extension for the famous Statify WordPress plugin",
   "keywords": [
     "wordpress",
     "plugin",
     "statistics",
-    "blacklist"
+    "filter"
   ],
-  "license": "GPL-2.0+",
+  "license": "GPL-2.0-or-later",
   "authors": [
     {
       "name": "Stefan Kalscheuer",
@@ -19,11 +19,36 @@
   "type": "wordpress-plugin",
   "require": {
     "php": ">=5.5",
-    "composer/installers": "~1.0"
+    "composer/installers": "~v1.12|~v2.3"
   },
   "require-dev": {
-    "php": ">=5.5",
-    "phpunit/phpunit": "*",
-    "wp-coding-standards/wpcs": "~0.11.0"
+    "dealerdirect/phpcodesniffer-composer-installer": "^v1.0",
+    "phpunit/phpunit": "^5|^6|^7|^8|^9",
+    "phpunit/php-code-coverage": "*",
+    "slowprog/composer-copy-file": "~0.3",
+    "squizlabs/php_codesniffer": "^3.12",
+    "phpcompatibility/phpcompatibility-wp": "^2.1",
+    "wp-coding-standards/wpcs": "^3.1"
+  },
+  "scripts": {
+    "test-all": [
+      "@test",
+      "@test-cs"
+    ],
+    "test": [
+      "phpunit"
+    ],
+    "test-cs": [
+      "phpcs --standard=phpcs.xml -s"
+    ],
+    "fix-cs": [
+      "phpcbf --standard=phpcs.xml"
+    ]
+  },
+  "config": {
+    "allow-plugins": {
+      "composer/installers": true,
+      "dealerdirect/phpcodesniffer-composer-installer": true
+    }
   }
 }

inc/class-statifyblacklist-admin.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Statify Blacklist: StatifyBlacklist_Admin class
+ * Statify Filter: StatifyBlacklist_Admin class
  *
  * This file contains the derived class for the plugin's administration features.
  *
@@ -9,60 +9,45 @@
  * @since     1.0.0
  */
 
-// Quit.
-defined( 'ABSPATH' ) || exit;
+// Quit if accessed directly.
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
 
 /**
- * Statify Blacklist admin configuration.
- *
- * @since   1.0.0
+ * Statify Filter admin configuration.
  */
 class StatifyBlacklist_Admin extends StatifyBlacklist {
+
 	/**
-	 * Update options.
+	 * Initialize admin-only components of the plugin.
 	 *
-	 * @param  array $options Optional. New options to save.
+	 * @return void
 	 *
-	 * @return array|bool  array of sanitized array on errors, FALSE if there were none.
-	 * @since 1.1.1
+	 * @since 1.5.0
 	 */
-	public static function update_options( $options = null ) {
-		if ( isset( $options ) && current_user_can( 'manage_options' ) ) {
-			// Sanitize URLs and remove empty inputs.
-			$given_referer = $options['referer']['blacklist'];
-			if ( 0 === $options['referer']['regexp'] ) {
-				$sanitized_referer = self::sanitizeURLs( $given_referer );
-			} else {
-				$sanitized_referer = $given_referer;
-			}
+	public static function init() {
+		// Add actions.
+		add_action( 'wpmu_new_blog', array( 'StatifyBlacklist_System', 'install_site' ) );
+		add_action( 'delete_blog', array( 'StatifyBlacklist_System', 'uninstall_site' ) );
+		add_filter( 'plugin_row_meta', array( 'StatifyBlacklist_Admin', 'plugin_meta_link' ), 10, 2 );
 
-			// Sanitize IPs and Subnets and remove empty inputs.
-			$given_ip     = $options['ip']['blacklist'];
-			$sanitized_ip = self::sanitizeIPs( $given_ip );
-
-			// Abort on errors.
-			if ( ! empty( array_diff( array_keys( $given_referer ), array_keys( $sanitized_referer ) ) ) ) {
-				return array(
-					'referer' => $sanitized_referer,
-				);
-			} elseif ( ! empty( array_diff( $given_ip, $sanitized_ip ) ) ) {
-				return array(
-					'ip' => array_diff( $given_ip, $sanitized_ip ),
-					);
-			}
-
-			// Update database on success.
-			if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
-				update_site_option( 'statify-blacklist', $options );
-			} else {
-				update_option( 'statify-blacklist', $options );
-			}
+		if ( self::$multisite ) {
+			add_action( 'network_admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
+			add_filter(
+				'network_admin_plugin_action_links',
+				array(
+					'StatifyBlacklist_Admin',
+					'plugin_actions_links',
+				),
+				10,
+				2
+			);
+		} else {
+			add_action( 'admin_init', array( 'StatifyBlacklist_Settings', 'register_settings' ) );
+			add_action( 'admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
+			add_filter( 'plugin_action_links', array( 'StatifyBlacklist_Admin', 'plugin_actions_links' ), 10, 2 );
 		}
-
-		// Refresh options.
-		parent::update_options( $options );
-
-		return false;
 	}
 
 	/**
@@ -70,44 +55,36 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 	 *
 	 * @since 1.0.0
 	 */
-	public function _add_menu_page() {
-		$title = __( 'Statify Blacklist', 'statify-blacklist' );
+	public static function add_menu_page() {
+		$title = __( 'Statify Filter', 'statify-blacklist' );
 		if ( self::$multisite ) {
-			add_submenu_page(
-				'settings.php', $title, $title, 'manage_network_plugins', 'statify-blacklist-settings', array(
-					'StatifyBlacklist_Admin',
-					'settings_page',
-				)
+			add_options_page(
+				$title,
+				$title,
+				'manage_network_plugins',
+				'statify-blacklist',
+				array( 'StatifyBlacklist_Settings', 'create_settings_page' )
 			);
 		} else {
-			add_submenu_page(
-				'options-general.php', $title, $title, 'manage_options', 'statify-blacklist', array(
-					'StatifyBlacklist_Admin',
-					'settings_page',
-				)
+			add_options_page(
+				$title,
+				$title,
+				'manage_options',
+				'statify-blacklist',
+				array( 'StatifyBlacklist_Settings', 'create_settings_page' )
 			);
 		}
-
-	}
-
-	/**
-	 * Include the Statify-Blacklist settings page.
-	 *
-	 * @since 1.0.0
-	 */
-	public static function settings_page() {
-		include STATIFYBLACKLIST_DIR . '/views/settings-page.php';
 	}
 
 	/**
 	 * Add plugin meta links
 	 *
-	 * @since 1.0.0
-	 *
 	 * @param array  $links Registered links.
 	 * @param string $file  The filename.
 	 *
 	 * @return array  Merged links.
+	 *
+	 * @since 1.0.0
 	 */
 	public static function plugin_meta_link( $links, $file ) {
 		if ( STATIFYBLACKLIST_BASE === $file ) {
@@ -120,12 +97,12 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 	/**
 	 * Add plugin action links.
 	 *
-	 * @since 1.0.0
-	 *
 	 * @param array  $links Registered links.
 	 * @param string $file  The filename.
 	 *
 	 * @return array  Merged links.
+	 *
+	 * @since 1.0.0
 	 */
 	public static function plugin_actions_links( $links, $file ) {
 		$base = self::$multisite ? network_admin_url( 'settings.php' ) : admin_url( 'options-general.php' );
@@ -133,7 +110,7 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 		if ( STATIFYBLACKLIST_BASE === $file && current_user_can( 'manage_options' ) ) {
 			array_unshift(
 				$links,
-				sprintf( '<a href="%s">%s</a>', esc_attr( add_query_arg( 'page', 'statify-blacklist', $base ) ), __( 'Settings' ) )
+				sprintf( '<a href="%s">%s</a>', esc_attr( add_query_arg( 'page', 'statify-blacklist', $base ) ), __( 'Settings', 'statify-blacklist' ) )
 			);
 		}
 
@@ -150,24 +127,24 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 	public static function cleanup_database() {
 		// Check user permissions.
 		if ( ! current_user_can( 'manage_options' ) && ! ( defined( 'DOING_CRON' ) && DOING_CRON ) ) {
-			die( esc_html__( 'Are you sure you want to do this?' ) );
+			die( esc_html__( 'Are you sure you want to do this?', 'statify-blacklist' ) );
 		}
 
 		if ( defined( 'DOING_CRON' ) && DOING_CRON ) {
-			$clean_ref = ( 1 === self::$_options['referer']['cron'] );
-			$clean_trg = ( 1 === self::$_options['target']['cron'] );
+			$clean_ref = ( 1 === self::$options['referer']['cron'] );
+			$clean_trg = ( 1 === self::$options['target']['cron'] );
 		} else {
 			$clean_ref = true;
 			$clean_trg = true;
 		}
 
 		if ( $clean_ref ) {
-			if ( isset( self::$_options['referer']['regexp'] ) && self::$_options['referer']['regexp'] > 0 ) {
+			if ( isset( self::$options['referer']['regexp'] ) && self::$options['referer']['regexp'] > 0 ) {
 				// Merge given regular expressions into one.
-				$referer_regexp = implode( '|', array_keys( self::$_options['referer']['blacklist'] ) );
+				$referer_regexp = implode( '|', array_keys( self::$options['referer']['blacklist'] ) );
 			} else {
 				// Sanitize URLs.
-				$referer = self::sanitizeURLs( self::$_options['referer']['blacklist'] );
+				$referer = self::sanitize_urls( self::$options['referer']['blacklist'] );
 
 				// Build filter regexp.
 				$referer_regexp = str_replace( '.', '\.', implode( '|', array_flip( $referer ) ) );
@@ -175,12 +152,12 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 		}
 
 		if ( $clean_trg ) {
-			if ( isset( self::$_options['target']['regexp'] ) && self::$_options['target']['regexp'] > 0 ) {
+			if ( isset( self::$options['target']['regexp'] ) && self::$options['target']['regexp'] > 0 ) {
 				// Merge given regular expressions into one.
-				$target_regexp = implode( '|', array_keys( self::$_options['target']['blacklist'] ) );
+				$target_regexp = implode( '|', array_keys( self::$options['target']['blacklist'] ) );
 			} else {
 				// Build filter regexp.
-				$target_regexp = str_replace( '.', '\.', implode( '|', array_flip( self::$_options['target']['blacklist'] ) ) );
+				$target_regexp = str_replace( '.', '\.', implode( '|', array_flip( self::$options['target']['blacklist'] ) ) );
 			}
 		}
 
@@ -188,13 +165,14 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 			global $wpdb;
 
 			// Execute filter on database.
-			// @codingStandardsIgnoreStart These statements prouce warnings, rework in future release (TODO).
+			// phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- These statements produce warnings, rework in future release (TODO).
 			if ( ! empty( $referer_regexp ) ) {
 				$wpdb->query(
 					$wpdb->prepare(
 						"DELETE FROM `$wpdb->statify` WHERE "
-						. ( ( 1 === self::$_options['referer']['regexp'] ) ? ' BINARY ' : '' )
-						. 'referrer REGEXP %s', $referer_regexp
+						. ( ( 1 === self::$options['referer']['regexp'] ) ? ' BINARY ' : '' )
+						. 'referrer REGEXP %s',
+						$referer_regexp
 					)
 				);
 			}
@@ -202,12 +180,13 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 				$wpdb->query(
 					$wpdb->prepare(
 						"DELETE FROM `$wpdb->statify` WHERE "
-						. ( ( 1 === self::$_options['target']['regexp'] ) ? ' BINARY ' : '' )
-						. 'target REGEXP %s', $target_regexp
+						. ( ( 1 === self::$options['target']['regexp'] ) ? ' BINARY ' : '' )
+						. 'target REGEXP %s',
+						$target_regexp
 					)
 				);
 			}
-			// @codingStandardsIgnoreEnd
+			// phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
 
 			// Optimize DB.
 			$wpdb->query( "OPTIMIZE TABLE `$wpdb->statify`" );
@@ -221,13 +200,13 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 	/**
 	 * Sanitize URLs and remove empty results.
 	 *
-	 * @since 1.1.1
-	 *
 	 * @param array $urls given array of URLs.
 	 *
 	 * @return array  sanitized array.
+	 *
+	 * @since 1.1.1
 	 */
-	private static function sanitizeURLs( $urls ) {
+	private static function sanitize_urls( $urls ) {
 		return array_flip(
 			array_filter(
 				array_map(
@@ -239,26 +218,4 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 			)
 		);
 	}
-
-	/**
-	 * Sanitize IP addresses with optional CIDR notation and remove empty results.
-	 *
-	 * @since 1.4.0
-	 *
-	 * @param array $ips given array of URLs.
-	 *
-	 * @return array  sanitized array.
-	 */
-	private static function sanitizeIPs( $ips ) {
-		return array_filter(
-			$ips, function ( $ip ) {
-				return preg_match(
-					'/^((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/', $ip
-				) ||
-					preg_match(
-						'/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/', $ip
-					);
-			}
-		);
-	}
 }

inc/class-statifyblacklist-settings.php

@@ -0,0 +1,752 @@
+<?php
+/**
+ * Statify Filter: StatifyBlacklist_Settings class
+ *
+ * This file contains the plugin's settings capabilities.
+ *
+ * @package Statify_Blacklist
+ * @since 1.7.0
+ */
+
+// Quit if accessed directly.
+defined( 'ABSPATH' ) || exit;
+
+/**
+ * Statify Filter settings handling.
+ */
+class StatifyBlacklist_Settings extends StatifyBlacklist {
+	/**
+	 * Registers all options using the WP Settings API.
+	 *
+	 * @return void
+	 */
+	public static function register_settings() {
+		register_setting(
+			'statify-blacklist',
+			'statify-blacklist',
+			array(
+				'sanitize_callback' =>
+					array( __CLASS__, 'sanitize_options' ),
+			)
+		);
+
+		// Referer filter.
+		add_settings_section(
+			'statifyblacklist-referer',
+			__( 'Referer filter', 'statify-blacklist' ),
+			null,
+			'statify-blacklist'
+		);
+		add_settings_field(
+			'statifyblacklist-referer-active',
+			__( 'Activate live filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_referer_active' ),
+			'statify-blacklist',
+			'statifyblacklist-referer'
+		);
+		add_settings_field(
+			'statifyblacklist-referer-cron',
+			__( 'CronJob execution', 'statify-blacklist' ),
+			array( __CLASS__, 'option_referer_cron' ),
+			'statify-blacklist',
+			'statifyblacklist-referer'
+		);
+		add_settings_field(
+			'statifyblacklist-referer-regexp',
+			__( 'Matching method', 'statify-blacklist' ),
+			array( __CLASS__, 'option_referer_regexp' ),
+			'statify-blacklist',
+			'statifyblacklist-referer',
+			array( 'label_for' => 'statifyblacklist-referer-regexp' )
+		);
+		add_settings_field(
+			'statifyblacklist-referer-blacklist',
+			__( 'Referer filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_referer_blacklist' ),
+			'statify-blacklist',
+			'statifyblacklist-referer',
+			array( 'label_for' => 'statifyblacklist-referer-blacklist' )
+		);
+
+		// Target filter.
+		add_settings_section(
+			'statifyblacklist-target',
+			__( 'Target filter', 'statify-blacklist' ),
+			null,
+			'statify-blacklist'
+		);
+		add_settings_field(
+			'statifyblacklist-target-active',
+			__( 'Activate live filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_target_active' ),
+			'statify-blacklist',
+			'statifyblacklist-target'
+		);
+		add_settings_field(
+			'statifyblacklist-target-cron',
+			__( 'CronJob execution', 'statify-blacklist' ),
+			array( __CLASS__, 'option_target_cron' ),
+			'statify-blacklist',
+			'statifyblacklist-target'
+		);
+		add_settings_field(
+			'statifyblacklist-target-regexp',
+			__( 'Matching method', 'statify-blacklist' ),
+			array( __CLASS__, 'option_target_regexp' ),
+			'statify-blacklist',
+			'statifyblacklist-target',
+			array( 'label_for' => 'statifyblacklist-target-regexp' )
+		);
+		add_settings_field(
+			'statifyblacklist-target-blacklist',
+			__( 'Target filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_target_blacklist' ),
+			'statify-blacklist',
+			'statifyblacklist-target',
+			array( 'label_for' => 'statifyblacklist-target-blacklist' )
+		);
+
+		// IP filter.
+		add_settings_section(
+			'statifyblacklist-ip',
+			__( 'IP filter', 'statify-blacklist' ),
+			null,
+			'statify-blacklist'
+		);
+		add_settings_field(
+			'statifyblacklist-ip-active',
+			__( 'Activate live filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_ip_active' ),
+			'statify-blacklist',
+			'statifyblacklist-ip'
+		);
+		add_settings_field(
+			'statifyblacklist-ip-blacklist',
+			__( 'IP filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_ip_blacklist' ),
+			'statify-blacklist',
+			'statifyblacklist-ip',
+			array( 'label_for' => 'statifyblacklist-ip-blacklist' )
+		);
+
+		// User agent filter.
+		add_settings_section(
+			'statifyblacklist-ua',
+			__( 'User agent filter', 'statify-blacklist' ),
+			null,
+			'statify-blacklist'
+		);
+		add_settings_field(
+			'statifyblacklist-ua-active',
+			__( 'Activate live filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_ua_active' ),
+			'statify-blacklist',
+			'statifyblacklist-ua'
+		);
+		add_settings_field(
+			'statifyblacklist-ua-regexp',
+			__( 'Matching method', 'statify-blacklist' ),
+			array( __CLASS__, 'option_ua_regexp' ),
+			'statify-blacklist',
+			'statifyblacklist-ua',
+			array( 'label_for' => 'statifyblacklist-ua-regexp' )
+		);
+		add_settings_field(
+			'statifyblacklist-ua-blacklist',
+			__( 'User agent filter', 'statify-blacklist' ),
+			array( __CLASS__, 'option_ua_blacklist' ),
+			'statify-blacklist',
+			'statifyblacklist-ua',
+			array( 'label_for' => 'statifyblacklist-ua-blacklist' )
+		);
+	}
+
+	/**
+	 * Creates the settings pages.
+	 *
+	 * @return void
+	 */
+	public static function create_settings_page() {
+		?>
+		<div class="wrap">
+			<h1><?php esc_html_e( 'Statify Filter', 'statify-blacklist' ); ?></h1>
+			<?php
+			if ( isset( $_SERVER['REQUEST_METHOD'] ) && 'POST' === $_SERVER['REQUEST_METHOD'] && ! empty( $_POST['cleanup'] ) ) {
+				// Database cleanup requested.
+				if ( isset( $_REQUEST['_wpnonce'] ) && wp_verify_nonce( sanitize_key( $_REQUEST['_wpnonce'] ), 'statify-blacklist-options' ) ) {
+					// Nonce verification successful, proceed with cleanup.
+					StatifyBlacklist_Admin::cleanup_database();
+					?>
+					<div class="notice notice-success is-dismissible">
+						<p><?php esc_html_e( 'Database cleanup successful', 'statify-blacklist' ); ?></p>
+					</div>
+					<?php
+				} else {
+					// Nonce verification failed.
+					?>
+					<div class="notice notice-error is-dismissible">
+						<p><?php esc_html_e( 'Database cleanup request failed', 'statify-blacklist' ); ?></p>
+					</div>
+					<?php
+				}
+			}
+			?>
+
+			<form id="statify-settings" method="post" action="options.php">
+				<?php
+				settings_fields( 'statify-blacklist' );
+				do_settings_sections( 'statify-blacklist' );
+				submit_button();
+				?>
+				<hr>
+				<input class="button-secondary" type="submit" name="cleanup"
+					formaction=""
+					value="<?php esc_html_e( 'CleanUp Database', 'statify-blacklist' ); ?>"
+					onclick="return confirm('<?php echo esc_js( __( 'Do you really want to apply filters to database? This cannot be undone.', 'statify-blacklist' ) ); ?>');">
+				<p class="description">
+					<?php esc_html_e( 'Applies referer and target filter (even if disabled) to data stored in database.', 'statify-blacklist' ); ?>
+					<em><?php esc_html_e( 'This cannot be undone!', 'statify-blacklist' ); ?></em>
+				</p>
+			</form>
+		</div>
+
+		<?php
+	}
+
+	/*
+	 * Disable some code style rules that are impractical for textarea content:
+	 *
+	 * phpcs:disable Squiz.PHP.EmbeddedPhp.ContentBeforeOpen
+	 * phpcs:disable Squiz.PHP.EmbeddedPhp.ContentAfterEnd
+	 */
+
+	/**
+	 * Option for activating the live referer filter.
+	 *
+	 * @return void
+	 */
+	public static function option_referer_active() {
+		?>
+		<fieldset>
+			<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
+			<label for="statifyblacklist-referer-active">
+				<input id="statifyblacklist-referer-active" name="statify-blacklist[referer][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['referer']['active'], 1 ); ?>>
+				<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+			</label>
+			<p class="description">
+				<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
+			</p>
+		</fieldset>
+		<?php
+	}
+
+	/**
+	 * Option for activating cron the referer filter.
+	 *
+	 * @return void
+	 */
+	public static function option_referer_cron() {
+		?>
+		<fieldset>
+			<legend class="screen-reader-text"><?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?></legend>
+			<label for="statifyblacklist-referer-cron">
+				<input id="statifyblacklist-referer-cron" name="statify-blacklist[referer][cron]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['referer']['cron'], 1 ); ?>>
+				<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+			</label>
+			<p class="description">
+				<?php esc_html_e( 'Periodically clean up database in background', 'statify-blacklist' ); ?>
+			</p>
+		</fieldset>
+		<?php
+	}
+
+	/**
+	 * Option for referer matching method.
+	 *
+	 * @return void
+	 */
+	public static function option_referer_regexp() {
+		?>
+		<select id="statifyblacklist-referer-regexp" name="statify-blacklist[referer][regexp]">
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
+				<?php esc_html_e( 'Domain', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_KEYWORD ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_KEYWORD ); ?>>
+				<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
+				<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
+				<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
+			</option>
+		</select>
+		<p class="description">
+			<?php esc_html_e( 'Domain', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match given domain including subdomains', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match every referer that contains one of the keywords', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match referer by regular expression', 'statify-blacklist' ); ?>
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for the referer filter list.
+	 *
+	 * @return void
+	 */
+	public static function option_referer_blacklist() {
+		?>
+		<textarea id="statifyblacklist-referer-blacklist" name="statify-blacklist[referer][blacklist]" cols="40" rows="5"><?php
+		print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$options['referer']['blacklist'] ) ) );
+		?></textarea>
+		<p class="description">
+			<?php esc_html_e( 'Add one domain (without subdomains) each line, e.g. example.com', 'statify-blacklist' ); ?>
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for activating the live target filter.
+	 *
+	 * @return void
+	 */
+	public static function option_target_active() {
+		?>
+		<fieldset>
+			<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
+			<label for="statifyblacklist-target-active">
+				<input id="statifyblacklist-target-active" name="statify-blacklist[target][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['target']['active'], 1 ); ?>>
+				<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+			</label>
+			<p class="description">
+				<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
+			</p>
+		</fieldset>
+		<?php
+	}
+
+	/**
+	 * Option for activating cron the target filter.
+	 *
+	 * @return void
+	 */
+	public static function option_target_cron() {
+		?>
+		<fieldset>
+			<legend class="screen-reader-text"><?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?></legend>
+			<label for="statifyblacklist-target-cron">
+				<input id="statifyblacklist-target-cron" name="statify-blacklist[target][cron]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['target']['cron'], 1 ); ?>>
+				<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+			</label>
+			<p class="description">
+				<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
+			</p>
+		</fieldset>
+		<?php
+	}
+
+	/**
+	 * Option for target matching method.
+	 *
+	 * @return void
+	 */
+	public static function option_target_regexp() {
+		?>
+		<select id="statifyblacklist-target-regexp" name="statify-blacklist[target][regexp]">
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
+				<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
+				<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
+				<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
+			</option>
+		</select>
+		<p class="description">
+			<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match only given targets', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match target by regular expression', 'statify-blacklist' ); ?>
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for the target filter list.
+	 *
+	 * @return void
+	 */
+	public static function option_target_blacklist() {
+		?>
+		<textarea id="statifyblacklist-target-blacklist" name="statify-blacklist[target][blacklist]" cols="40" rows="5"><?php
+		print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$options['target']['blacklist'] ) ) );
+		?></textarea>
+		<p class="description">
+			<?php esc_html_e( 'Add one target URL each line, e.g.', 'statify-blacklist' ); ?> /, /test/page/, /?page_id=123
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for activating the live IP filter.
+	 *
+	 * @return void
+	 */
+	public static function option_ip_active() {
+		?>
+		<fieldset>
+			<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
+			<label for="statifyblacklist-ip-active">
+				<input id="statifyblacklist-ip-active" name="statify-blacklist[ip][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['ip']['active'], 1 ); ?>>
+				<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+			</label>
+			<p class="description">
+				<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
+				<br>
+				<?php esc_html_e( 'Cron execution is not possible for IP filter, because IP addresses are not stored.', 'statify-blacklist' ); ?>
+			</p>
+		</fieldset>
+		<?php
+	}
+
+	/**
+	 * Option for the IP filter list.
+	 *
+	 * @return void
+	 */
+	public static function option_ip_blacklist() {
+		?>
+		<textarea id="statifyblacklist-ip-blacklist" name="statify-blacklist[ip][blacklist]" cols="40" rows="5"><?php
+		print esc_html( implode( "\r\n", StatifyBlacklist::$options['ip']['blacklist'] ) );
+		?></textarea>
+		<p class="description">
+			<?php esc_html_e( 'Add one IP address or range per line, e.g.', 'statify-blacklist' ); ?>
+			127.0.0.1, 192.168.123.0/24, 2001:db8:a0b:12f0::1/64
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for activating the live user agent filter.
+	 *
+	 * @return void
+	 */
+	public static function option_ua_active() {
+		?>
+		<label for="statifyblacklist-ua-active">
+			<input id="statifyblacklist-ua-active" name="statify-blacklist[ua][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['ua']['active'], 1 ); ?>>
+			<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
+		</label>
+
+		<p class="description">
+			<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'Cron execution is not possible for user agent filter, because the user agent is stored.', 'statify-blacklist' ); ?>
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for user agent matching method.
+	 *
+	 * @return void
+	 */
+	public static function option_ua_regexp() {
+		?>
+		<select id="statifyblacklist-ua-regexp" name="statify-blacklist[ua][regexp]">
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
+				<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_KEYWORD ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_KEYWORD ); ?>>
+				<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
+				<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
+			</option>
+			<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
+				<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
+			</option>
+		</select>
+		<p class="description">
+			<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match only given user agents', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match every referer that contains one of the keywords', 'statify-blacklist' ); ?>
+			<br>
+			<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match user agent by regular expression', 'statify-blacklist' ); ?>
+		</p>
+		<?php
+	}
+
+	/**
+	 * Option for the user agent filter list.
+	 *
+	 * @return void
+	 */
+	public static function option_ua_blacklist() {
+		?>
+		<textarea name="statify-blacklist[ua][blacklist]" id="statifyblacklist-ua-blacklist" cols="40" rows="5"><?php
+		print esc_html( implode( "\r\n", StatifyBlacklist::$options['ua']['blacklist'] ) );
+		?></textarea>
+		<p class="description">
+			<?php esc_html_e( 'Add one user agent string per line, e.g.', 'statify-blacklist' ); ?>
+			MyBot/1.23
+		</p>
+		<?php
+	}
+
+	/**
+	 * Validate and sanitize submitted options.
+	 *
+	 * @param array $options Original options.
+	 *
+	 * @return array Validated and sanitized options.
+	 */
+	public static function sanitize_options( $options ) {
+		// Extract filter lists from multi-line inputs.
+		$referer = self::parse_multiline_option( $options['referer']['blacklist'] );
+		$target  = self::parse_multiline_option( $options['target']['blacklist'] );
+		$ip      = self::parse_multiline_option( $options['ip']['blacklist'] );
+		$ua      = self::parse_multiline_option( $options['ua']['blacklist'] );
+
+		// Generate options.
+		$res = array(
+			'referer' => array(
+				'active'    => isset( $options['referer']['active'] ) ? (int) $options['referer']['active'] : 0,
+				'cron'      => isset( $options['referer']['cron'] ) ? (int) $options['referer']['cron'] : 0,
+				'regexp'    => isset( $options['referer']['regexp'] ) ? (int) $options['referer']['regexp'] : 0,
+				'blacklist' => array_flip( $referer ),
+			),
+			'target'  => array(
+				'active'    => isset( $options['target']['active'] ) ? (int) $options['target']['active'] : 0,
+				'cron'      => isset( $options['target']['cron'] ) ? (int) $options['target']['cron'] : 0,
+				'regexp'    => isset( $options['target']['regexp'] ) ? (int) $options['target']['regexp'] : 0,
+				'blacklist' => array_flip( $target ),
+			),
+			'ip'      => array(
+				'active'    => isset( $options['ip']['active'] ) ? (int) $options['ip']['active'] : 0,
+				'blacklist' => $ip,
+			),
+			'ua'      => array(
+				'active'    => isset( $options['ua']['active'] ) ? (int) $options['ua']['active'] : 0,
+				'regexp'    => isset( $options['ua']['regexp'] ) ? (int) $options['ua']['regexp'] : 0,
+				'blacklist' => array_flip( $ua ),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// Apply sanitizations.
+		self::sanitize_referer_options( $res['referer'] );
+		self::sanitize_target_options( $res['target'] );
+		self::sanitize_ip_options( $res['ip'] );
+
+		return $res;
+	}
+
+	/**
+	 * Sanitize referer options.
+	 *
+	 * @param array $options Original referer options.
+	 *
+	 * @return void
+	 *
+	 * @since 1.7.0
+	 */
+	private static function sanitize_referer_options( &$options ) {
+		$referer_given   = $options['blacklist'];
+		$referer_invalid = array();
+		if ( StatifyBlacklist::MODE_NORMAL === $options['regexp'] ) {
+			// Sanitize URLs and remove empty inputs.
+			$referer_sanitized = self::sanitize_urls( $referer_given );
+		} elseif ( StatifyBlacklist::MODE_REGEX === $options['regexp'] || StatifyBlacklist::MODE_REGEX_CI === $options['regexp'] ) {
+			$referer_sanitized = $referer_given;
+			// Check regular expressions.
+			$referer_invalid = self::sanitize_regex( $referer_given );
+		} else {
+			$referer_sanitized = $referer_given;
+		}
+		$referer_diff         = array_diff_key( $referer_given, $referer_sanitized );
+		$options['blacklist'] = $referer_sanitized;
+
+		// Generate messages.
+		if ( ! empty( $referer_diff ) ) {
+			add_settings_error(
+				'statify-blacklist',
+				'referer-diff',
+				__( 'Some URLs are invalid and have been sanitized.', 'statify-blacklist' ),
+				'warning'
+			);
+		}
+		if ( ! empty( $referer_invalid ) ) {
+			add_settings_error(
+				'statify-blacklist',
+				'referer-invalid',
+				__( 'Some regular expressions for referrers are invalid:', 'statify-blacklist' ) . '<br>' . implode( '<br>', $referer_invalid )
+			);
+		}
+	}
+
+	/**
+	 * Sanitize target options.
+	 *
+	 * @param array $options Original target options.
+	 *
+	 * @return void
+	 *
+	 * @since 1.7.0
+	 */
+	private static function sanitize_target_options( &$options ) {
+		$target_given     = $options['blacklist'];
+		$target_sanitized = $target_given;
+		if ( StatifyBlacklist::MODE_REGEX === $options['regexp'] || StatifyBlacklist::MODE_REGEX_CI === $options['regexp'] ) {
+			// Check regular expressions.
+			$target_invalid = self::sanitize_regex( $target_given );
+		} else {
+			$target_invalid = array();
+		}
+		$options['blacklist'] = $target_sanitized;
+
+		// Generate messages.
+		if ( ! empty( $target_invalid ) ) {
+			add_settings_error(
+				'statify-blacklist',
+				'target-invalid',
+				__( 'Some regular expressions for targets are invalid:', 'statify-blacklist' ) . '<br>' . implode( '<br>', $target_invalid )
+			);
+		}
+	}
+
+	/**
+	 * Sanitize IPs and subnets and remove empty inputs.
+	 *
+	 * @param array $options Original IP options.
+	 *
+	 * @return void
+	 *
+	 * @since 1.7.0
+	 */
+	private static function sanitize_ip_options( &$options ) {
+		$given_ip             = $options['blacklist'];
+		$sanitized_ip         = self::sanitize_ips( $given_ip );
+		$ip_diff              = array_diff( $given_ip, $sanitized_ip );
+		$options['blacklist'] = $sanitized_ip;
+
+		// Generate messages.
+		if ( ! empty( $ip_diff ) ) {
+			add_settings_error(
+				'statify-blacklist',
+				'ip-diff',
+				// translators: List of invalid IP addresses (comma separated).
+				sprintf( __( 'Some IPs are invalid: %s', 'statify-blacklist' ), implode( ', ', $ip_diff ) ),
+				'warning'
+			);
+		}
+	}
+
+	/**
+	 * Sanitize URLs and remove empty results.
+	 *
+	 * @param array $urls given array of URLs.
+	 *
+	 * @return array  sanitized array.
+	 *
+	 * @since 1.1.1
+	 * @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
+	 */
+	private static function sanitize_urls( $urls ) {
+		return array_flip(
+			array_filter(
+				array_map(
+					function ( $r ) {
+						return preg_replace( '/[^\da-z\.-]/i', '', filter_var( $r, FILTER_SANITIZE_URL ) );
+					},
+					array_flip( $urls )
+				)
+			)
+		);
+	}
+
+	/**
+	 * Sanitize IP addresses with optional CIDR notation and remove empty results.
+	 *
+	 * @param array $ips given array of URLs.
+	 *
+	 * @return array  sanitized array.
+	 *
+	 * @since 1.4.0
+	 * @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
+	 */
+	private static function sanitize_ips( $ips ) {
+		return array_values(
+			array_unique(
+				array_filter(
+					array_map( 'strtolower', $ips ),
+					function ( $ip ) {
+						return preg_match(
+							'/^((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/',
+							$ip
+						) ||
+						preg_match(
+							'/^(([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}' .
+							'|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}' .
+							'|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}' .
+							'|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)' .
+							'|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]' .
+							'|1?[0-9])?[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9]))' .
+							'(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/',
+							$ip
+						);
+					}
+				)
+			)
+		);
+	}
+
+	/**
+	 * Validate regular expressions, i.e. remove duplicates and empty values and validate others.
+	 *
+	 * @param array $expressions Given pre-sanitized array of regular expressions.
+	 *
+	 * @return array Array of invalid expressions.
+	 *
+	 * @since 1.5.0 #13
+	 * @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
+	 */
+	private static function sanitize_regex( $expressions ) {
+		return array_filter(
+			array_flip( $expressions ),
+			function ( $re ) {
+				// Check of preg_match() fails (warnings suppressed).
+
+				// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
+				return false === @preg_match( StatifyBlacklist::regex( $re, false ), null );
+			}
+		);
+	}
+
+	/**
+	 * Parse multi-line option string.
+	 *
+	 * @param string $raw Input string.
+	 *
+	 * @return array Parsed options.
+	 */
+	private static function parse_multiline_option( $raw ) {
+		if ( empty( trim( $raw ) ) ) {
+			return array();
+		} else {
+			return array_filter(
+				array_map(
+					function ( $a ) {
+						return trim( $a );
+					},
+					explode( "\r\n", str_replace( '\\\\', '\\', $raw ) )
+				),
+				function ( $a ) {
+					return ! empty( $a );
+				}
+			);
+		}
+	}
+}

inc/class-statifyblacklist-system.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Statify Blacklist: StatifyBlacklist_Syste, class
+ * Statify Filter: StatifyBlacklist_System class
  *
  * This file contains the derived class for the plugin's system operations.
  *
@@ -9,11 +9,13 @@
  * @since     1.0.0
  */
 
-// Quit.
-defined( 'ABSPATH' ) || exit;
+// Quit if accessed directly.
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
 
 /**
- * Statify Blacklist system configuration.
+ * Statify Filter system configuration.
  *
  * @since   1.0.0
  */
@@ -25,25 +27,25 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 	 * @since 1.0.0
 	 *
 	 * @param bool $network_wide Whether the plugin was activated network-wide or not.
+	 *
+	 * @return void
 	 */
 	public static function install( $network_wide = false ) {
 		// Create tables for each site in a network.
-		if ( is_multisite() && $network_wide ) {
+		if ( $network_wide && is_multisite() ) {
 			if ( function_exists( 'get_sites' ) ) {
 				$sites = get_sites();
-			} elseif ( function_exists( 'wp_get_sites' ) ) {
-				// @codingStandardsIgnoreLine Legacy support for WP < 4.6.
-				$sites = wp_get_sites();
 			} else {
 				return;
 			}
 
 			foreach ( $sites as $site ) {
-				switch_to_blog( $site['blog_id'] );
-				add_option(
-					'statify-blacklist',
-					self::default_options()
-				);
+				if ( is_array( $site ) ) {
+					$site_id = $site['blog_id'];
+				} else {
+					$site_id = $site->blog_id;
+				}
+				self::install_site( $site_id );
 			}
 
 			restore_current_blog();
@@ -55,11 +57,31 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 		}
 	}
 
+	/**
+	 * Set up the plugin for a single site on Multisite.
+	 *
+	 * @since 1.4.3
+	 *
+	 * @param integer $site_id Site ID.
+	 *
+	 * @return void
+	 */
+	public static function install_site( $site_id ) {
+		switch_to_blog( (int) $site_id );
+		add_option(
+			'statify-blacklist',
+			self::default_options()
+		);
+		restore_current_blog();
+	}
+
 
 	/**
 	 * Plugin uninstall handler.
 	 *
 	 * @since 1.0.0
+	 *
+	 * @return void
 	 */
 	public static function uninstall() {
 		if ( is_multisite() ) {
@@ -67,16 +89,17 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 
 			if ( function_exists( 'get_sites' ) ) {
 				$sites = get_sites();
-			} elseif ( function_exists( 'wp_get_sites' ) ) {
-				// @codingStandardsIgnoreLine Legacy support for WP < 4.6.
-				$sites = wp_get_sites();
 			} else {
 				return;
 			}
 
 			foreach ( $sites as $site ) {
-				switch_to_blog( $site['blog_id'] );
-				delete_option( 'statify-blacklist' );
+				if ( is_array( $site ) ) {
+					$site_id = $site['blog_id'];
+				} else {
+					$site_id = $site->blog_id;
+				}
+				self::uninstall_site( $site_id );
 			}
 
 			switch_to_blog( $old );
@@ -85,20 +108,37 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 		delete_option( 'statify-blacklist' );
 	}
 
+	/**
+	 * Remove the plugin for a single site on Multisite.
+	 *
+	 * @since 1.4.3
+	 *
+	 * @param integer $site_id Site ID.
+	 *
+	 * @return void
+	 */
+	public static function uninstall_site( $site_id ) {
+		$old = get_current_blog_id();
+		switch_to_blog( (int) $site_id );
+		delete_option( 'statify-blacklist' );
+		switch_to_blog( $old );
+	}
 
 	/**
 	 * Upgrade plugin options.
 	 *
 	 * @since 1.2.0
+	 *
+	 * @return void
 	 */
 	public static function upgrade() {
 		self::update_options();
 		// Check if config array is not associative (pre 1.2.0).
-		if ( array_keys( self::$_options['referer'] ) === range( 0, count( self::$_options['referer'] ) - 1 ) ) {
+		if ( array_keys( self::$options['referer'] ) === range( 0, count( self::$options['referer'] ) - 1 ) ) {
 			// Flip referer array to make domains keys.
-			$options            = self::$_options;
-			$options['referer'] = array_flip( self::$_options['referer'] );
-			if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
+			$options            = self::$options;
+			$options['referer'] = array_flip( self::$options['referer'] );
+			if ( self::$multisite ) {
 				update_site_option( 'statify-blacklist', $options );
 			} else {
 				update_option( 'statify-blacklist', $options );
@@ -106,14 +146,14 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 		}
 
 		// Version not set (pre 1.3.0) or older than 1.4.
-		if ( ! isset( self::$_options['version'] ) || self::$_options['version'] < 1.4 ) {
+		if ( ! isset( self::$options['version'] ) || self::$options['version'] < 1.4 ) {
 			// Upgrade options to new schema.
 			$options = array(
 				'referer' => array(
-					'active'    => self::$_options['active_referer'],
-					'cron'      => self::$_options['cron_referer'],
-					'regexp'    => self::$_options['referer_regexp'],
-					'blacklist' => self::$_options['referer'],
+					'active'    => self::$options['active_referer'],
+					'cron'      => self::$options['cron_referer'],
+					'regexp'    => self::$options['referer_regexp'],
+					'blacklist' => self::$options['referer'],
 				),
 				'target'  => array(
 					'active'    => 0,
@@ -127,7 +167,31 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 				),
 				'version' => 1.4,
 			);
-			if ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) {
+			if ( self::$multisite ) {
+				update_site_option( 'statify-blacklist', $options );
+			} else {
+				update_option( 'statify-blacklist', $options );
+			}
+			self::update_options();
+		}
+
+		// Version older than 1.6.
+		if ( self::$options['version'] < 1.6 ) {
+			$options = self::$options;
+			if ( ! isset( $options['ua'] ) ) {
+				$options['ua'] = array(
+					'active'    => 0,
+					'regexp'    => 0,
+					'blacklist' => array(),
+				);
+			} elseif ( ! isset( $options['ua']['blacklist'] ) ) {
+				$options['ua']['blacklist'] = array();
+			} else {
+				// User agent strings got stored incorrectly in 1.6.0 - luckily the version was not updated, either.
+				$options['ua']['blacklist'] = array_flip( $options['ua']['blacklist'] );
+			}
+			$options['version'] = 1.6;
+			if ( self::$multisite ) {
 				update_site_option( 'statify-blacklist', $options );
 			} else {
 				update_option( 'statify-blacklist', $options );
@@ -136,11 +200,11 @@ class StatifyBlacklist_System extends StatifyBlacklist {
 		}
 
 		// Version older than current major release.
-		if ( self::VERSION_MAIN > self::$_options['version'] ) {
+		if ( self::VERSION_MAIN > self::$options['version'] ) {
 			// Merge default options with current config, assuming only additive changes.
-			$options            = array_merge_recursive( self::default_options(), self::$_options );
+			$options            = array_replace_recursive( self::default_options(), self::$options );
 			$options['version'] = self::VERSION_MAIN;
-			if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
+			if ( self::$multisite ) {
 				update_site_option( 'statify-blacklist', $options );
 			} else {
 				update_option( 'statify-blacklist', $options );

inc/class-statifyblacklist.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Statify Blacklist: StatifyBlacklist class
+ * Statify Filter: StatifyBlacklist class
  *
  * This file contains the plugin's base class.
  *
@@ -8,13 +8,13 @@
  * @since   1.0.0
  */
 
-// Quit.
-defined( 'ABSPATH' ) || exit;
+// Quit if accessed directly.
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
 
 /**
- * Statify Blacklist.
- *
- * @since   1.0.0
+ * Statify Filter.
  */
 class StatifyBlacklist {
 
@@ -22,17 +22,46 @@ class StatifyBlacklist {
 	 * Plugin major version.
 	 *
 	 * @since 1.4.0
-	 * @var int VERSION_MAIN
+	 * @var float VERSION_MAIN
 	 */
-	const VERSION_MAIN = 1.4;
+	const VERSION_MAIN = 1.7;
+
+	/**
+	 * Operation mode "normal".
+	 *
+	 * @var integer MODE_NORMAL
+	 */
+	const MODE_NORMAL = 0;
+
+	/**
+	 * Operation mode "regular expression".
+	 *
+	 * @var integer MODE_REGEX
+	 */
+	const MODE_REGEX = 1;
+
+	/**
+	 * Operation mode "regular expression case insensitive".
+	 *
+	 * @var integer MODE_REGEX_CI
+	 */
+	const MODE_REGEX_CI = 2;
+
+	/**
+	 * Operation mode "keyword".
+	 *
+	 * @since 1.5.0
+	 * @var integer MODE_KEYWORD
+	 */
+	const MODE_KEYWORD = 3;
 
 	/**
 	 * Plugin options.
 	 *
 	 * @since 1.0.0
-	 * @var array $_options
+	 * @var array $options
 	 */
-	public static $_options;
+	public static $options;
 
 	/**
 	 * Multisite Status.
@@ -43,67 +72,46 @@ class StatifyBlacklist {
 	public static $multisite;
 
 	/**
-	 * Class self initialize.
+	 * Plugin initialization.
 	 *
-	 * @since 1.0.0
-	 */
-	public static function instance() {
-		new self();
-	}
-
-	/**
-	 * Class constructor.
+	 * @since 1.4.2
 	 *
-	 * @since 1.0.0
+	 * @return void
 	 */
-	public function __construct() {
-		// Skip on autosave or AJAX.
-		if ( ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) || ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
+	public static function init() {
+		// Skip on autosave.
+		if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
 			return;
 		}
 
-		// Plugin options.
-		self::update_options();
-
 		// Get multisite status.
 		self::$multisite = ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) );
 
+		// Plugin options.
+		self::update_options();
+
 		// Add Filter to statify hook if enabled.
-		if ( 0 !== self::$_options['referer']['active'] || 0 !== self::$_options['target']['active'] || 0 !== self::$_options['ip']['active'] ) {
+		if ( 0 !== self::$options['referer']['active'] ||
+			0 !== self::$options['target']['active'] ||
+			0 !== self::$options['ip']['active'] ||
+			0 !== self::$options['ua']['active'] ) {
 			add_filter( 'statify__skip_tracking', array( 'StatifyBlacklist', 'apply_blacklist_filter' ) );
 		}
 
+		// Statify uses WP AJAX as of 1.7, so we need to reach this point. But there are no further admin/cron actions.
+		if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
+			return;
+		}
+
 		// Admin only filters.
 		if ( is_admin() ) {
-			// Load Textdomain (only needed for backend.
-			load_plugin_textdomain( 'statifyblacklist', false, STATIFYBLACKLIST_DIR . '/lang/' );
-
-			// Add actions.
-			add_action( 'wpmu_new_blog', array( 'StatifyBlacklist_Install', 'init_site' ) );
-			add_action( 'delete_blog', array( 'StatifyBlacklist_System', 'init_site' ) );
-			add_filter( 'plugin_row_meta', array( 'StatifyBlacklist_Admin', 'plugin_meta_link' ), 10, 2 );
-
-			if ( is_multisite() ) {
-				add_action( 'network_admin_menu', array( 'StatifyBlacklist_Admin', '_add_menu_page' ) );
-				add_filter(
-					'network_admin_plugin_action_links', array(
-						'StatifyBlacklist_Admin',
-						'plugin_actions_links',
-					),
-					10,
-					2
-				);
-			} else {
-				add_action( 'admin_menu', array( 'StatifyBlacklist_Admin', '_add_menu_page' ) );
-				add_filter( 'plugin_action_links', array( 'StatifyBlacklist_Admin', 'plugin_actions_links' ), 10, 2 );
-			}
+			StatifyBlacklist_Admin::init();
 		}
 
 		// CronJob to clean up database.
-		if ( defined( 'DOING_CRON' ) && DOING_CRON ) {
-			if ( 1 === self::$_options['referer']['cron'] || 1 === self::$_options['target']['cron'] ) {
-				add_action( 'statify_cleanup', array( 'StatifyBlacklist_Admin', 'cleanup_database' ) );
-			}
+		if ( defined( 'DOING_CRON' ) && DOING_CRON &&
+			( 1 === self::$options['referer']['cron'] || 1 === self::$options['target']['cron'] ) ) {
+			add_action( 'statify_cleanup', array( 'StatifyBlacklist_Admin', 'cleanup_database' ) );
 		}
 	}
 
@@ -114,12 +122,16 @@ class StatifyBlacklist {
 	 * @since 1.2.1 update_options($options = null) Parameter with default value introduced.
 	 *
 	 * @param array $options Optional. New options to save.
+	 *
+	 * @return void
 	 */
 	public static function update_options( $options = null ) {
-		self::$_options = wp_parse_args(
-			get_option( 'statify-blacklist' ),
-			self::default_options()
-		);
+		if ( self::$multisite ) {
+			$o = get_site_option( 'statify-blacklist' );
+		} else {
+			$o = get_option( 'statify-blacklist' );
+		}
+		self::$options = wp_parse_args( $o, self::default_options() );
 	}
 
 	/**
@@ -147,85 +159,46 @@ class StatifyBlacklist {
 				'active'    => 0,
 				'blacklist' => array(),
 			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => 0,
+				'blacklist' => array(),
+			),
 			'version' => self::VERSION_MAIN,
 		);
 	}
 
 	/**
-	 * Apply the blacklist filter if active
+	 * Apply the filter if active
 	 *
 	 * @since 1.0.0
 	 *
-	 * @return bool TRUE if referer matches blacklist.
+	 * @return bool TRUE if referer matches filter.
 	 */
 	public static function apply_blacklist_filter() {
-		// Referer blacklist.
-		if ( isset( self::$_options['referer']['active'] ) && 0 !== self::$_options['referer']['active'] ) {
-			// Regular Expression filtering since 1.3.0.
-			if ( isset( self::$_options['referer']['regexp'] ) && self::$_options['referer']['regexp'] > 0 ) {
-				// Get full referer string.
-				$referer = wp_get_raw_referer();
-				if ( ! $referer ) {
-					$referer = '';
-				}
-				// Merge given regular expressions into one.
-				$regexp = '/' . implode( '|', array_keys( self::$_options['referer']['blacklist'] ) ) . '/';
-				if ( 2 === self::$_options['referer']['regexp'] ) {
-					$regexp .= 'i';
-				}
-
-				// Check blacklist (return NULL to continue filtering).
-				return ( 1 === preg_match( $regexp, $referer ) ) ? true : null;
-			} else {
-				// Extract relevant domain parts.
-				$referer = wp_parse_url( wp_get_raw_referer() );
-				$referer = strtolower( ( isset( $referer['host'] ) ? $referer['host'] : '' ) );
-
-				// Get blacklist.
-				$blacklist = self::$_options['referer']['blacklist'];
-
-				// Check blacklist.
-				if ( isset( $blacklist[ $referer ] ) ) {
-					return true;
-				}
-			}
+		// Referer filter.
+		if (
+		self::apply_single_filter(
+			self::$options['referer'],
+			array(
+				__CLASS__,
+				( ! isset( self::$options['referer']['regexp'] ) || self::MODE_NORMAL === self::$options['referer']['regexp'] ) ? 'get_referer_domain' : 'get_referer',
+			)
+		)
+		) {
+			return true;
 		}
 
-		// Target blacklist (since 1.4.0).
-		if ( isset( self::$_options['target']['active'] ) && 0 !== self::$_options['target']['active'] ) {
-			// Regular Expression filtering since 1.3.0.
-			if ( isset( self::$_options['target']['regexp'] ) && 0 < self::$_options['target']['regexp'] ) {
-				// Get full referer string.
-				// @codingStandardsIgnoreStart The globals are checked.
-				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
-				// @codingStandardsIgnoreEnd
-				// Merge given regular expressions into one.
-				$regexp = '/' . implode( '|', array_keys( self::$_options['target']['blacklist'] ) ) . '/';
-				if ( 2 === self::$_options['target']['regexp'] ) {
-					$regexp .= 'i';
-				}
-
-				// Check blacklist (return NULL to continue filtering).
-				return ( 1 === preg_match( $regexp, $target ) ) ? true : null;
-			} else {
-				// Extract target page.
-				// @codingStandardsIgnoreStart The globals are checked.
-				$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
-				// @codingStandardsIgnoreEnd
-				// Get blacklist.
-				$blacklist = self::$_options['target']['blacklist'];
-				// Check blacklist.
-				if ( isset( $blacklist[ $target ] ) ) {
-					return true;
-				}
-			}
+		// Target filter (since 1.4.0).
+		if ( self::apply_single_filter( self::$options['target'], array( __CLASS__, 'get_target' ) ) ) {
+			return true;
 		}
 
-		// IP blacklist (since 1.4.0).
-		if ( isset( self::$_options['ip']['active'] ) && 0 !== self::$_options['ip']['active'] ) {
+		// IP filter (since 1.4.0).
+		if ( isset( self::$options['ip']['active'] ) && 0 !== self::$options['ip']['active'] ) {
 			$ip = self::get_ip();
 			if ( false !== ( $ip ) ) {
-				foreach ( self::$_options['ip']['blacklist'] as $net ) {
+				foreach ( self::$options['ip']['blacklist'] as $net ) {
 					if ( self::cidr_match( $ip, $net ) ) {
 						return true;
 					}
@@ -233,10 +206,145 @@ class StatifyBlacklist {
 			}
 		}
 
-		// Skip and continue (return NULL), if all blacklists are inactive.
+		// User agent filter (since 1.6).
+		if ( self::apply_single_filter( self::$options['ua'], array( __CLASS__, 'get_user_agent' ) ) ) {
+			return true;
+		}
+
+		// Skip and continue (return NULL), if all filters are inactive.
 		return null;
 	}
 
+	/**
+	 * Apply a single filter, if active.
+	 *
+	 * @param array    $config   Configuration array from plugin options.
+	 * @param callable $value_fn Extractor function for filterable value.
+	 *
+	 * @return bool TRUE if referer matches filter.
+	 *
+	 * @since 1.6 Extracted from "apply_blacklist_filter" to reduce redundancies.
+	 */
+	private static function apply_single_filter( $config, $value_fn ) {
+		// Is the filter active?
+		if ( ! isset( $config['active'] ) || 0 === $config['active'] ) {
+			return false;
+		}
+
+		// Extract the filterable value.
+		$value = call_user_func( $value_fn );
+
+		$mode = isset( $config['regexp'] ) ? intval( $config['regexp'] ) : self::MODE_NORMAL;
+
+		switch ( $mode ) {
+			case self::MODE_REGEX:
+			case self::MODE_REGEX_CI:
+				// Regular Expression filtering since 1.3.0.
+
+				// Merge given regular expressions into one.
+				$regexp = self::regex(
+					array_keys( $config['blacklist'] ),
+					self::MODE_REGEX_CI === $config['regexp']
+				);
+
+				// Check filter (no return to continue filtering #12).
+				if ( 1 === preg_match( $regexp, $value ) ) {
+					return true;
+				}
+				break;
+
+			case self::MODE_KEYWORD:
+				// Keyword filter since 1.5.0 (#15).
+				foreach ( array_keys( $config['blacklist'] ) as $keyword ) {
+					if ( false !== strpos( strtolower( $value ), strtolower( $keyword ) ) ) {
+						return true;
+					}
+				}
+
+				break;
+
+			default:
+				// Standard exact filter.
+				if ( isset( $config['blacklist'][ $value ] ) ) {
+					return true;
+				}
+		}
+
+		return false;
+	}
+
+	/**
+	 * Preprocess regular expression provided by the user, i.e. add delimiters and optional ci flag.
+	 *
+	 * @param string|array $expression       Original expression string or array of expressions.
+	 * @param string|array $case_insensitive Make expression match case-insensitive.
+	 *
+	 * @return string Preprocessed expression ready for preg_match().
+	 */
+	protected static function regex( $expression, $case_insensitive ) {
+		$res = '/';
+		if ( is_string( $expression ) ) {
+			$res .= str_replace( '/', '\/', $expression );
+		} elseif ( is_array( $expression ) ) {
+			$res .= implode(
+				'|',
+				array_map(
+					function ( $e ) {
+						return str_replace( '/', '\/', $e );
+					},
+					$expression
+				)
+			);
+		}
+		$res .= '/';
+		if ( $case_insensitive ) {
+			$res .= 'i';
+		}
+
+		return $res;
+	}
+
+	/**
+	 * Helper method to determine the client's referer.
+	 *
+	 * @return string The referer.
+	 */
+	private static function get_referer() {
+		$referer = wp_get_raw_referer();
+		if ( ! $referer ) {
+			$referer = '';
+		}
+
+		return $referer;
+	}
+
+	/**
+	 * Helper method to determine the host part of the client's referer.
+	 *
+	 * @return string Referer domain.
+	 */
+	private static function get_referer_domain() {
+		$referer = wp_parse_url( self::get_referer() );
+
+		return strtolower( ( isset( $referer['host'] ) ? $referer['host'] : '' ) );
+	}
+
+	/**
+	 * Helper method to determine the client's referer.
+	 *
+	 * @return string The referer.
+	 */
+	private static function get_target() {
+		if ( isset( $_SERVER['REQUEST_URI'] ) ) {
+			$target = filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL );
+			if ( $target ) {
+				return $target;
+			}
+		}
+
+		return '';
+	}
+
 	/**
 	 * Helper method to determine the client's IP address.
 	 *
@@ -260,20 +368,35 @@ class StatifyBlacklist {
 				'REMOTE_ADDR',
 			) as $k
 		) {
-			// @codingStandardsIgnoreStart The globals are checked.
 			if ( isset( $_SERVER[ $k ] ) ) {
+				// phpcs:ignore
 				foreach ( explode( ',', $_SERVER[ $k ] ) as $ip ) {
 					if ( false !== filter_var( $ip, FILTER_VALIDATE_IP ) ) {
 						return $ip;
 					}
 				}
 			}
-			// @codingStandardsIgnoreEnd
 		}
 
 		return false;
 	}
 
+	/**
+	 * Helper method to determine the user agent.
+	 *
+	 * @return string The user agent string.
+	 */
+	private static function get_user_agent() {
+		if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
+			$user_agent = filter_var( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) );
+			if ( $user_agent ) {
+				return $user_agent;
+			}
+		}
+
+		return '';
+	}
+
 	/**
 	 * Helper function to check if an IP address matches a given subnet.
 	 *
@@ -306,16 +429,16 @@ class StatifyBlacklist {
 			}
 
 			$bytes_addr = unpack( 'n*', inet_pton( $base ) );
-			$bytes_est = unpack( 'n*', inet_pton( $ip ) );
+			$bytes_est  = unpack( 'n*', inet_pton( $ip ) );
 
 			if ( ! $bytes_addr || ! $bytes_est ) {
 				return false;
 			}
 
 			$ceil = ceil( $mask / 16 );
-			for ( $i = 1; $i <= $ceil; ++ $i ) {
-				$left  = $mask - 16 * ( $i - 1 );
-				$left  = ( $left <= 16 ) ? $left : 16;
+			for ( $i = 1; $i <= $ceil; ++$i ) {
+				$left   = $mask - 16 * ( $i - 1 );
+				$left   = ( $left <= 16 ) ? $left : 16;
 				$mask_b = ~( 0xffff >> $left ) & 0xffff;
 				if ( ( $bytes_addr[ $i ] & $mask_b ) !== ( $bytes_est[ $i ] & $mask_b ) ) {
 					return false;
@@ -344,6 +467,6 @@ class StatifyBlacklist {
 			}
 
 			return ( 0 === substr_compare( sprintf( '%032b', ip2long( $ip ) ), sprintf( '%032b', ip2long( $base ) ), 0, $mask ) );
-		} // End if().
+		}
 	}
 }

package.json

@@ -1,17 +1,7 @@
 {
   "name": "statify-blacklist",
-  "version": "1.4.1",
-  "description": "A blacklist extension for the famous Statify WordPress plugin",
+  "version": "1.7.2",
+  "description": "A filter extension for the famous Statify WordPress plugin",
   "author": "Stefan Kalscheuer",
-  "license": "GPLv2 or later",
-  "devDependencies": {
-    "gulp": "^3.9.1",
-    "gulp-clean": "^0.3.2",
-    "gulp-copy": "^1.0.0",
-    "gulp-zip": "^4.0.0",
-    "gulp-composer": "^0.4.0",
-    "gulp-phpunit": "^0.23.0",
-    "gulp-phpcs": "^2.0.0",
-    "child_process": "^1.0.2"
-  }
+  "license": "GPL-2.0+"
 }

phpcs.xml

@@ -2,16 +2,28 @@
 <ruleset name="StatifyBlacklist">
 	<description>Derived from WordPress Coding Standard</description>
 
+	<arg value="psv"/>
+	<arg name="colors"/>
+
+	<!-- Files to sniff -->
+	<file>statify-blacklist.php</file>
+	<file>inc</file>
+
+	<!-- Compliance with WordPress Coding Standard -->
+	<config name="minimum_supported_wp_version" value="4.7"/>
 	<rule ref="WordPress">
-		<!-- Type hint checks mess up PHP 7 checks, while this plugin has compatibility level 5.5 and above. -->
-		<exclude name="Squiz.Commenting.FunctionComment.ScalarTypeHintMissing"/>
-
-		<!-- The plugin uses switch_to_blog for multisite handling. -->
-		<exclude name="WordPress.VIP.RestrictedFunctions.switch_to_blog"/>
-		<exclude name="WordPress.VIP.RestrictedFunctions.switch_to_blog_switch_to_blog"/>
-
 		<!-- Direct queries used to clean up statify table. -->
-		<exclude name="WordPress.VIP.DirectDatabaseQuery.DirectQuery"/>
-		<exclude name="WordPress.VIP.DirectDatabaseQuery.NoCaching"/>
+		<exclude name="WordPress.DB.DirectDatabaseQuery.DirectQuery"/>
+		<exclude name="WordPress.DB.DirectDatabaseQuery.NoCaching"/>
 	</rule>
+
+	<rule ref="WordPress.WP.I18n">
+		<properties>
+			<property name="text_domain" type="array" value="statify-blacklist"/>
+		</properties>
+	</rule>
+
+	<!-- PHP compatibility level -->
+	<config name="testVersion" value="5.5-"/>
+	<rule ref="PHPCompatibilityWP"/>
 </ruleset>

phpunit.xml

@@ -1,8 +1,17 @@
 <?xml version="1.0" encoding="utf-8" ?>
-<phpunit bootstrap="./vendor/autoload.php">
+<phpunit bootstrap="test/bootstrap.php">
 	<testsuites>
 		<testsuite name="Statify Blacklist TestSuite">
-			<directory suffix="-test.php">./test/</directory>
+			<directory suffix="_Test.php">./test/</directory>
 		</testsuite>
 	</testsuites>
+	<filter>
+		<whitelist processUncoveredFilesFromWhitelist="true">
+			<directory suffix=".php">./inc/</directory>
+		</whitelist>
+	</filter>
+	<logging>
+		<log type="coverage-clover" target="tests-clover.xml"/>
+		<log type="junit" target="tests-junit.xml"/>
+	</logging>
 </phpunit>

statify-blacklist.php

@@ -1,78 +1,143 @@
 <?php
 /**
- * Statify Blacklist
+ * Statify Filter
  *
  * @package     PluginPackage
  * @author      Stefan Kalscheuer <stefan@stklcode.de>
  * @license     GPL-2.0+
  *
  * @wordpress-plugin
- * Plugin Name: Statify Blacklist
- * Plugin URI:  https://wordpress.org/plugins/statify-blacklist/
- * Description: Extension for the Statify plugin to add a customizable blacklists.
- * Version:     1.4.1
- * Author:      Stefan Kalscheuer (@stklcode)
- * Author URI:  https://www.stklcode.de
- * Text Domain: statify-blacklist
- * Domain Path: /lang
- * License:     GPLv2 or later
+ * Plugin Name:       Statify Filter
+ * Plugin URI:        https://wordpress.org/plugins/statify-blacklist/
+ * Description:       Extension for the Statify plugin to add customizable filters. (formerly "Statify Blacklist")
+ * Version:           1.7.2
+ * Requires at least: 4.7
+ * Requires PHP:      5.5
+ * Requires Plugins:  statify
+ * Author:            Stefan Kalscheuer (@stklcode)
+ * Author URI:        https://www.stklcode.de
+ * Text Domain:       statify-blacklist
+ * License:           GPLv2 or later
  *
- * Statify Blacklist is free software: you can redistribute it and/or modify
+ * Statify Filter is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation, either version 2 of the License, or
  * any later version.
  *
- * Statify Blacklist is distributed in the hope that it will be useful,
+ * Statify Filter is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with Statify Blacklist. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
+ * along with Statify Filter. If not, see https://www.gnu.org/licenses/gpl-2.0.html.
  */
 
-// Quit.
-defined( 'ABSPATH' ) || exit;
+// Quit if accessed directly.
+if ( ! defined( 'ABSPATH' ) ) {
+	exit;
+}
 
 // Constants.
 define( 'STATIFYBLACKLIST_FILE', __FILE__ );
-define( 'STATIFYBLACKLIST_DIR', dirname( __FILE__ ) );
+define( 'STATIFYBLACKLIST_DIR', __DIR__ );
 define( 'STATIFYBLACKLIST_BASE', plugin_basename( __FILE__ ) );
 
-// System Hooks.
-add_action( 'plugins_loaded', array( 'StatifyBlacklist', 'instance' ) );
+// Check for compatibility.
+if ( statify_blacklist_compatibility_check() ) {
+	// System Hooks.
+	add_action( 'plugins_loaded', array( 'StatifyBlacklist', 'init' ) );
 
-register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'install' ) );
+	register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'install' ) );
 
-register_uninstall_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'uninstall' ) );
+	register_uninstall_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'uninstall' ) );
 
-// Upgrade hook.
-register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'upgrade' ) );
+	// Upgrade hook.
+	register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'upgrade' ) );
 
-// Autoload.
-spl_autoload_register( 'statify_blacklist_autoload' );
+	// Autoload.
+	spl_autoload_register( 'statify_blacklist_autoload' );
+} else {
+	// Disable plugin, if active.
+	add_action( 'admin_init', 'statify_blacklist_disable' );
+}
 
 /**
  * Autoloader for StatifyBlacklist classes.
  *
- * @param string $class  Name of the class to load.
+ * @param string $class_name Name of the class to load.
  *
  * @since 1.0.0
  */
-function statify_blacklist_autoload( $class ) {
+function statify_blacklist_autoload( $class_name ) {
 	$plugin_classes = array(
 		'StatifyBlacklist',
 		'StatifyBlacklist_Admin',
+		'StatifyBlacklist_Settings',
 		'StatifyBlacklist_System',
 	);
 
-	if ( in_array( $class, $plugin_classes, true ) ) {
-		require_once(
-			sprintf(
-				'%s/inc/class-%s.php',
-				STATIFYBLACKLIST_DIR,
-				strtolower( str_replace( '_', '-', $class ) )
-			)
+	if ( in_array( $class_name, $plugin_classes, true ) ) {
+		require_once sprintf(
+			'%s/inc/class-%s.php',
+			STATIFYBLACKLIST_DIR,
+			strtolower( str_replace( '_', '-', $class_name ) )
 		);
 	}
 }
+
+/**
+ * Check for compatibility with PHP and WP version.
+ *
+ * @since 1.5.0
+ *
+ * @return boolean Whether minimum WP and PHP versions are met.
+ */
+function statify_blacklist_compatibility_check() {
+	return version_compare( $GLOBALS['wp_version'], '4.7', '>=' ) &&
+		version_compare( phpversion(), '5.5', '>=' );
+}
+
+/**
+ * Disable plugin if active and incompatible.
+ *
+ * @since 1.5.0
+ *
+ * @return void
+ */
+function statify_blacklist_disable() {
+	if ( is_plugin_active( STATIFYBLACKLIST_BASE ) ) {
+		deactivate_plugins( STATIFYBLACKLIST_BASE );
+		add_action( 'admin_notices', 'statify_blacklist_disabled_notice' );
+		// phpcs:disable WordPress.Security.NonceVerification.Recommended
+		if ( isset( $_GET['activate'] ) ) {
+			unset( $_GET['activate'] );
+		}
+		// phpcs:enable
+	}
+}
+
+/**
+ * Admin notification for unmet requirements.
+ *
+ * @since 1.5.0
+ *
+ * @return void
+ */
+function statify_blacklist_disabled_notice() {
+	echo '<div class="notice notice-error is-dismissible"><p><strong>';
+	printf(
+		/* translators: minimum version numbers for WordPress and PHP inserted at placeholders */
+		esc_html__( 'Statify Filter requires at least WordPress %1$s and PHP %2$s.', 'statify-blacklist' ),
+		'4.7',
+		'5.5'
+	);
+	echo '<br>';
+	printf(
+		/* translators: current version numbers for WordPress and PHP inserted at placeholders */
+		esc_html__( 'Your site is running WordPress %1$s on PHP %2$s, thus the plugin has been disabled.', 'statify-blacklist' ),
+		esc_html( $GLOBALS['wp_version'] ),
+		esc_html( phpversion() )
+	);
+	echo '</strong></p></div>';
+}

test/StatifyBlacklist_Settings_Test.php

@@ -0,0 +1,330 @@
+<?php
+/**
+ * Statify Filter: Unit Test
+ *
+ * This is a PHPunit test class for the plugin's functionality
+ *
+ * @package Statify_Blacklist
+ */
+
+/**
+ * Class StatifyBlacklist_Settings_Test.
+ *
+ * PHPUnit test class for StatifyBlacklist_Settings.
+ */
+class StatifyBlacklist_Settings_Test extends PHPUnit\Framework\TestCase {
+
+	/**
+	 * Test options sanitization.
+	 *
+	 * @return void
+	 */
+	public function test_sanitize_options() {
+		global $settings_error;
+
+		// Emulate default submission: nothing checked, all textareas empty.
+		$raw = array(
+			'referer' => array(
+				'blacklist' => '',
+				'regexp'    => '0',
+			),
+			'target'  => array(
+				'blacklist' => '',
+				'regexp'    => '0',
+			),
+			'ip'      => array( 'blacklist' => '' ),
+			'ua'      => array(
+				'blacklist' => '',
+				'regexp'    => '0',
+			),
+		);
+
+		$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
+
+		self::assertEmpty( $settings_error );
+		self::assertEquals(
+			array(
+				'referer' => array(
+					'active'    => 0,
+					'cron'      => 0,
+					'blacklist' => array(),
+					'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				),
+				'target'  => array(
+					'active'    => 0,
+					'cron'      => 0,
+					'blacklist' => array(),
+					'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				),
+				'ip'      => array(
+					'active'    => 0,
+					'blacklist' => array(),
+				),
+				'ua'      => array(
+					'active'    => 0,
+					'regexp'    => StatifyBlacklist::MODE_NORMAL,
+					'blacklist' => array(),
+				),
+				'version' => StatifyBlacklist::VERSION_MAIN,
+			),
+			$sanitized
+		);
+
+		// Some checked options and some valid entries.
+		$raw = array(
+			'referer' => array(
+				'cron'      => '1',
+				'blacklist' => "example.com\r\nexample.net\r\nexample.org",
+				'regexp'    => '0',
+			),
+			'target'  => array(
+				'active'    => '1',
+				'blacklist' => "foo\r\nbar\r\ntest",
+				'regexp'    => '3',
+			),
+			'ip'      => array(
+				'active'    => '1',
+				'blacklist' => "127.0.0.1/8\r\n::1",
+			),
+			'ua'      => array(
+				'blacklist' => 'MyBot/1.23',
+				'regexp'    => '1',
+			),
+		);
+
+		$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
+
+		self::assertEmpty( $settings_error );
+		self::assertEquals(
+			array(
+				'referer' => array(
+					'active'    => 0,
+					'cron'      => 1,
+					'blacklist' => array(
+						'example.com' => 0,
+						'example.net' => 1,
+						'example.org' => 2,
+					),
+					'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				),
+				'target'  => array(
+					'active'    => 1,
+					'cron'      => 0,
+					'blacklist' => array(
+						'foo'  => 0,
+						'bar'  => 1,
+						'test' => 2,
+					),
+					'regexp'    => StatifyBlacklist::MODE_KEYWORD,
+				),
+				'ip'      => array(
+					'active'    => 1,
+					'blacklist' => array(
+						'127.0.0.1/8',
+						'::1',
+					),
+				),
+				'ua'      => array(
+					'active'    => 0,
+					'regexp'    => StatifyBlacklist::MODE_REGEX,
+					'blacklist' => array(
+						'MyBot/1.23' => 0,
+					),
+				),
+				'version' => StatifyBlacklist::VERSION_MAIN,
+			),
+			$sanitized
+		);
+
+		// Now we have some additional nonsense fields and invalid entries.
+		$raw = array(
+			'testme ' => 'whatever',
+			'referer' => array(
+				'cron'      => '1',
+				'blacklist' => "  example\\.com   \r\nexample(\\.net\r\nexample\\.com",
+				'regexp'    => '1',
+			),
+			'target'  => array(
+				'active'    => '1',
+				'blacklist' => "fo.\r\n[bar\r\n*test",
+				'regexp'    => '2',
+			),
+			'ip'      => array(
+				'active'    => '1',
+				'blacklist' => "127.0.0.1/8\r\nthisisnotanip\r\n127.0.0.1/8",
+			),
+			'ua'      => array(
+				'blacklist' => 'MyBot/1.23',
+				'regexp'    => '1',
+			),
+		);
+
+		$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
+
+		self::assertEquals(
+			array(
+				'referer' => array(
+					'active'    => 0,
+					'cron'      => 1,
+					'blacklist' => array(
+						'example\.com'  => 2,
+						'example(\.net' => 1,
+					),
+					'regexp'    => StatifyBlacklist::MODE_REGEX,
+				),
+				'target'  => array(
+					'active'    => 1,
+					'cron'      => 0,
+					'blacklist' => array(
+						'fo.'   => 0,
+						'[bar'  => 1,
+						'*test' => 2,
+					),
+					'regexp'    => StatifyBlacklist::MODE_REGEX_CI,
+				),
+				'ip'      => array(
+					'active'    => 1,
+					'blacklist' => array(
+						'127.0.0.1/8',
+					),
+				),
+				'ua'      => array(
+					'active'    => 0,
+					'regexp'    => StatifyBlacklist::MODE_REGEX,
+					'blacklist' => array(
+						'MyBot/1.23' => 0,
+					),
+				),
+				'version' => StatifyBlacklist::VERSION_MAIN,
+			),
+			$sanitized
+		);
+
+		self::assertEquals(
+			array(
+				array( 'statify-blacklist', 'referer-invalid', 'Some regular expressions for referrers are invalid:<br>example(\.net', 'error' ),
+				array( 'statify-blacklist', 'target-invalid', 'Some regular expressions for targets are invalid:<br>[bar<br>*test', 'error' ),
+				array( 'statify-blacklist', 'ip-diff', 'Some IPs are invalid: thisisnotanip', 'warning' ),
+			),
+			$settings_error
+		);
+	}
+
+	/**
+	 * Test sanitization of IP addresses.
+	 *
+	 * @return void
+	 */
+	public function test_sanitize_ips() {
+		// IPv4 tests.
+		$valid   = array( '192.0.2.123', '192.0.2.123/32', '192.0.2.0/24', '192.0.2.128/25' );
+		$invalid = array( '12.34.56.789', '192.0.2.123/33', '192.0.2.123/-1' );
+		$result  = invoke_static( StatifyBlacklist_Settings::class, 'sanitize_ips', array( array_merge( $valid, $invalid ) ) );
+		$this->assertNotFalse( $result );
+
+		/*
+		 * Unfortunately this is necessary as long as we run PHP 5 tests, because "assertInternalType" is deprecated
+		 * as of PHPUnit 8, but "assertIsArray" has been introduces in PHPUnit 7.5 which requires PHP >= 7.1.
+		 */
+		if ( method_exists( $this, 'assertIsArray' ) ) {
+			$this->assertIsArray( $result );
+		} else {
+			$this->assertInternalType( 'array', $result );
+		}
+		$this->assertEquals( $valid, $result );
+
+		// IPv6 tests.
+		$valid   = array(
+			'2001:db8:a0b:12f0::',
+			'2001:db8:a0b:12f0::1',
+			'2001:db8:a0b:12f0::1/128',
+			'2001:DB8:A0B:12F0::/64',
+			'fe80::7645:6de2:ff:1',
+			'2001:db8:a0b:12f0::',
+			'::ffff:192.0.2.123',
+		);
+		$invalid = array(
+			'2001:db8:a0b:12f0::x',
+			'2001:db8:a0b:12f0:::',
+			'2001:fffff:a0b:12f0::1',
+			'2001:DB8:A0B:12F0::/129',
+			'1:2:3:4:5:6:7:8:9',
+			'::ffff:12.34.56.789',
+		);
+		$result  = invoke_static( StatifyBlacklist_Settings::class, 'sanitize_ips', array( array_merge( $valid, $invalid ) ) );
+		$this->assertNotFalse( $result );
+		if ( method_exists( $this, 'assertIsArray' ) ) {
+			$this->assertIsArray( $result );
+		} else {
+			$this->assertInternalType( 'array', $result );
+		}
+		$this->assertEquals(
+			array(
+				'2001:db8:a0b:12f0::',
+				'2001:db8:a0b:12f0::1',
+				'2001:db8:a0b:12f0::1/128',
+				'2001:db8:a0b:12f0::/64',
+				'fe80::7645:6de2:ff:1',
+				'::ffff:192.0.2.123',
+			),
+			$result
+		);
+	}
+
+	/**
+	 * Test settings registration.
+	 *
+	 * @return void
+	 */
+	public function test_register_settings() {
+		global $settings;
+		$settings = array();
+
+		StatifyBlacklist_Settings::register_settings();
+		$this->assertEquals( array( 'statify-blacklist' ), array_keys( $settings ), 'unexpected settings pages' );
+		$this->assertEquals(
+			array(
+				'statifyblacklist-referer',
+				'statifyblacklist-target',
+				'statifyblacklist-ip',
+				'statifyblacklist-ua',
+			),
+			array_keys( $settings['statify-blacklist']['sections'] ),
+			'unexpected settings sections'
+		);
+		$this->assertEquals(
+			array(
+				'statifyblacklist-referer-active',
+				'statifyblacklist-referer-cron',
+				'statifyblacklist-referer-regexp',
+				'statifyblacklist-referer-blacklist',
+			),
+			array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-referer']['fields'] ),
+			'unexpected fields in referrer section'
+		);
+		$this->assertEquals(
+			array(
+				'statifyblacklist-target-active',
+				'statifyblacklist-target-cron',
+				'statifyblacklist-target-regexp',
+				'statifyblacklist-target-blacklist',
+			),
+			array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-target']['fields'] ),
+			'unexpected fields in target section'
+		);
+		$this->assertEquals(
+			array( 'statifyblacklist-ip-active', 'statifyblacklist-ip-blacklist' ),
+			array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-ip']['fields'] ),
+			'unexpected fields in ip section'
+		);
+		$this->assertEquals(
+			array(
+				'statifyblacklist-ua-active',
+				'statifyblacklist-ua-regexp',
+				'statifyblacklist-ua-blacklist',
+			),
+			array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-ua']['fields'] ),
+			'unexpected fields in user agent section'
+		);
+	}
+}

test/StatifyBlacklist_System_Test.php

@@ -0,0 +1,91 @@
+<?php
+/**
+ * Statify Filter: Unit Test
+ *
+ * This is a PHPunit test class for the plugin's functionality
+ *
+ * @package Statify_Blacklist
+ */
+
+/**
+ * Class StatifyBlacklist_System_Test.
+ *
+ * PHPUnit test class for StatifyBlacklist_System.
+ */
+class StatifyBlacklist_System_Test extends PHPUnit\Framework\TestCase {
+
+	/**
+	 * Test the upgrade methodology for configuration options.
+	 *
+	 * @return void
+	 */
+	public function test_upgrade() {
+		// Create configuration of version 1.3.
+		$options13 = array(
+			'active_referer' => 1,
+			'cron_referer'   => 0,
+			'referer'        => array(
+				'example.net' => 0,
+				'example.com' => 1,
+			),
+			'referer_regexp' => 0,
+			'version'        => 1.3,
+		);
+
+		// Set options in mock.
+		update_option( 'statify-blacklist', $options13 );
+
+		// Execute upgrade.
+		StatifyBlacklist_System::upgrade();
+
+		// Retrieve updated options.
+		$options_updated = get_option( 'statify-blacklist' );
+
+		// Verify size against default options (no junk left).
+		$this->assertEquals( 5, count( $options_updated ) );
+		$this->assertEquals( 4, count( $options_updated['referer'] ) );
+		$this->assertEquals( 4, count( $options_updated['target'] ) );
+		$this->assertEquals( 2, count( $options_updated['ip'] ) );
+		$this->assertEquals( 3, count( $options_updated['ua'] ) );
+		$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
+
+		// Verify that original attributes are unchanged.
+		$this->assertEquals( $options13['active_referer'], $options_updated['referer']['active'] );
+		$this->assertEquals( $options13['cron_referer'], $options_updated['referer']['cron'] );
+		$this->assertEquals( $options13['referer'], $options_updated['referer']['blacklist'] );
+		$this->assertEquals( $options13['referer_regexp'], $options_updated['referer']['regexp'] );
+
+		// Verify that new attributes are present in config and filled with default values (disabled, empty).
+		$this->assertEquals( 0, $options_updated['target']['active'] );
+		$this->assertEquals( 0, $options_updated['target']['cron'] );
+		$this->assertEquals( 0, $options_updated['target']['regexp'] );
+		$this->assertEquals( array(), $options_updated['target']['blacklist'] );
+		$this->assertEquals( 0, $options_updated['ip']['active'] );
+		$this->assertEquals( array(), $options_updated['ip']['blacklist'] );
+		$this->assertEquals( 0, $options_updated['ua']['active'] );
+		$this->assertEquals( 0, $options_updated['ua']['regexp'] );
+		$this->assertEquals( array(), $options_updated['ua']['blacklist'] );
+
+		// Verify that version number has changed to current release.
+		$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
+
+		// Test upgrade of incorrectly stored user agent list in 1.6.
+		$options_updated['version']         = 1.4;
+		$options_updated['ua']['blacklist'] = array( 'user agent 1', 'user agent 2' );
+		update_option( 'statify-blacklist', $options_updated );
+
+		// Execute upgrade.
+		StatifyBlacklist_System::upgrade();
+
+		// Retrieve updated options.
+		$options_updated = get_option( 'statify-blacklist' );
+		$this->assertEquals(
+			array(
+				'user agent 1' => 0,
+				'user agent 2' => 1,
+			),
+			$options_updated['ua']['blacklist']
+		);
+		$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
+	}
+}

test/StatifyBlacklist_Test.php

@@ -0,0 +1,615 @@
+<?php
+/**
+ * Statify Filter: Unit Test
+ *
+ * This is a PHPunit test class for the plugin's functionality
+ *
+ * @package Statify_Blacklist
+ * @since   1.3.0
+ */
+
+/**
+ * Class StatifyBlacklistTest.
+ *
+ * PHPUnit test class for StatifyBlacklist.
+ *
+ * @since 1.3.0
+ */
+class StatifyBlacklist_Test extends PHPUnit\Framework\TestCase {
+
+	/**
+	 * Test simple referer filter.
+	 *
+	 * @return void
+	 */
+	public function test_referer_filter() {
+		// Prepare Options: 2 filtered domains, disabled.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => 0,
+				'blacklist' => array(
+					'example.com' => 0,
+					'example.net' => 1,
+				),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => 0,
+				'blacklist' => array(),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// No referer.
+		unset( $_SERVER['HTTP_REFERER'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://example.org';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://example.com';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer with path.
+		$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Activate filter and run tests again.
+		StatifyBlacklist::$options['referer']['active'] = 1;
+
+		unset( $_SERVER['HTTP_REFERER'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		$_SERVER['HTTP_REFERER'] = 'http://example.org';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		$_SERVER['HTTP_REFERER'] = 'http://example.com';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+
+		$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+	/**
+	 * Test referer filter using regular expressions.
+	 *
+	 * @return void
+	 */
+	public function test_referer_regex_filter() {
+		// Prepare Options: 2 regular expressions.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 1,
+				'cron'      => 0,
+				'regexp'    => 1,
+				'blacklist' => array(
+					'example.[a-z]+' => 0,
+					'test'           => 1,
+				),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => 0,
+				'blacklist' => array(),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// No referer.
+		unset( $_SERVER['HTTP_REFERER'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://not.evil';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://example.com';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer with path.
+		$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Matching both.
+		$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Matching with wrong case.
+		$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Set RegExp filter to case insensitive.
+		StatifyBlacklist::$options['referer']['regexp'] = 2;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+	/**
+	 * Test referer filter using keywords.
+	 *
+	 * @return void
+	 */
+	public function test_referer_keyword_filter() {
+		// Prepare Options: 2 regular expressions.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 1,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_KEYWORD,
+				'blacklist' => array(
+					'example' => 0,
+					'test'    => 1,
+				),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// No referer.
+		unset( $_SERVER['HTTP_REFERER'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://not.evil';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer.
+		$_SERVER['HTTP_REFERER'] = 'http://example.com';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer with path.
+		$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Matching both.
+		$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Matching with wrong case.
+		$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+	/**
+	 * Test CIDR address matching for IP filter (#7).
+	 *
+	 * @return void
+	 */
+	public function test_cidr_match() {
+		// IPv4 tests.
+		$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1' ) ) );
+		$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1/32' ) ) );
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '127.0.0.1', '127.0.0.1/33' )
+			)
+		);
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '127.0.0.1', '127.0.0.1/-1' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '192.0.2.123', '192.0.2.0/24' )
+			)
+		);
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '192.0.3.123', '192.0.2.0/24' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '192.0.2.123', '192.0.2.120/29' )
+			)
+		);
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '192.0.2.128', '192.0.2.120/29' )
+			)
+		);
+		$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '10.11.12.13', '10.0.0.0/8' ) ) );
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '10.11.12.345', '10.0.0.0/8' )
+			)
+		);
+
+		// IPv6 tests.
+		$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1' ) ) );
+		$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/128' ) ) );
+		$this->assertFalse( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/129' ) ) );
+		$this->assertFalse( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/-1' ) ) );
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:db8:a0b:12f0:1:2:3:4', '2001:db8:a0b:12f0::1/64 ' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:db8:a0b:12f0::123:456', '2001:db8:a0b:12f0::1/96 ' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:DB8:A0B:12F0::123:456', '2001:db8:a0b:12f0::1/96 ' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:db8:a0b:12f0::123:456', '2001:DB8:A0B:12F0::1/96 ' )
+			)
+		);
+		$this->assertFalse(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:db8:a0b:12f0::1:132:465', '2001:db8:a0b:12f0::1/96 ' )
+			)
+		);
+	}
+
+	/**
+	 * Test IP filter (#7).
+	 *
+	 * @return void
+	 */
+	public function test_ip_filter() {
+		// Prepare Options: 2 filtered IPs, disabled.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(
+					'192.0.2.123',
+					'2001:db8:a0b:12f0::1',
+				),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// Set matching IP.
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Activate filter.
+		StatifyBlacklist::$options['ip']['active'] = 1;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Try matching v6 address.
+		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::1';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-matching addresses.
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::2';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Subnet matching.
+		StatifyBlacklist::$options['ip']['blacklist'] = array(
+			'192.0.2.0/25',
+			'2001:db8:a0b:12f0::/96',
+		);
+		$_SERVER['REMOTE_ADDR']                       = '192.0.2.123';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::5';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0:0:1111::1';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Filter using proxy header.
+		$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_X_FORWARDED_FOR'] = '192.0.2.123';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0:1111::1';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0::1';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+	/**
+	 * Test simple target filter.
+	 *
+	 * @return void
+	 */
+	public function test_target_filter() {
+		// Prepare Options: 2 filtered domains, disabled.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(
+					'/excluded/page/' => 0,
+					'/?page_id=3'     => 1,
+				),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// Empty target.
+		unset( $_SERVER['REQUEST_URI'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-filtered targets.
+		$_SERVER['REQUEST_URI'] = '';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/?page_id=1';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Filtered referer.
+		$_SERVER['REQUEST_URI'] = '/excluded/page/';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/?page_id=3';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Activate filter and run tests again.
+		StatifyBlacklist::$options['target']['active'] = 1;
+
+		unset( $_SERVER['REQUEST_URI'] );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		$_SERVER['REQUEST_URI'] = '';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/?page_id=1';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+
+		$_SERVER['REQUEST_URI'] = '/excluded/page/';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/?page_id=3';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/?page_id=3';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+	// TODO: Test target regex filter.
+
+
+	/**
+	 * Test user agent filter (#20).
+	 *
+	 * @return void
+	 */
+	public function test_ua_filter() {
+		// Prepare Options: 2 filtered IPs, disabled.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'target'  => array(
+				'active'    => 0,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'ip'      => array(
+				'active'    => 0,
+				'blacklist' => array(),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(
+					'TestBot/1.23' => 0,
+				),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// Set matching user agent.
+		$_SERVER['HTTP_USER_AGENT'] = 'TestBot/1.23';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Activate filter.
+		StatifyBlacklist::$options['ua']['active'] = 1;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Non-matching addresses.
+		$_SERVER['HTTP_USER_AGENT'] = 'Another Browser 4.5.6 (Linux)';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_USER_AGENT'] = 'TestBot/2.34';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		// Keyword matching.
+		StatifyBlacklist::$options['ua']['blacklist'] = array( 'TestBot' => 0 );
+		StatifyBlacklist::$options['ua']['regexp']    = StatifyBlacklist::MODE_KEYWORD;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// RegEx.
+		StatifyBlacklist::$options['ua']['blacklist'] = array( 'T[a-z]+B[a-z]+' => 0 );
+		StatifyBlacklist::$options['ua']['regexp']    = StatifyBlacklist::MODE_REGEX;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		StatifyBlacklist::$options['ua']['blacklist'] = array( 't[a-z]+' => 0 );
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		StatifyBlacklist::$options['ua']['regexp'] = StatifyBlacklist::MODE_REGEX_CI;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+	}
+
+
+	/**
+	 * Test combined filters.
+	 *
+	 * @since 1.4.4
+	 *
+	 * @return void
+	 */
+	public function test_combined_filters() {
+		// Prepare Options: simple referer + simple target + ip.
+		StatifyBlacklist::$options = array(
+			'referer' => array(
+				'active'    => 1,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(
+					'example.com' => 0,
+				),
+			),
+			'target'  => array(
+				'active'    => 1,
+				'cron'      => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(
+					'/excluded/page/' => 0,
+				),
+			),
+			'ip'      => array(
+				'active'    => 1,
+				'blacklist' => array(
+					'192.0.2.123',
+				),
+			),
+			'ua'      => array(
+				'active'    => 0,
+				'regexp'    => StatifyBlacklist::MODE_NORMAL,
+				'blacklist' => array(),
+			),
+			'version' => StatifyBlacklist::VERSION_MAIN,
+		);
+
+		// No multisite.
+		StatifyBlacklist::$multisite = false;
+
+		// No match.
+		$_SERVER['HTTP_REFERER'] = 'https://example.net';
+		$_SERVER['REQUEST_URI']  = '/normal/page/';
+		$_SERVER['REMOTE_ADDR']  = '192.0.2.234';
+		unset( $_SERVER['HTTP_X_FORWARDED_FOR'] );
+		unset( $_SERVER['HTTP_X_REAL_IP'] );
+
+		// Matching Referer.
+		$_SERVER['HTTP_REFERER'] = 'https://example.com';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Matching target.
+		$_SERVER['HTTP_REFERER'] = 'https://example.net';
+		$_SERVER['REQUEST_URI']  = '/excluded/page/';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+
+		// Matching IP.
+		$_SERVER['REQUEST_URI'] = '/normal/page/';
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
+
+		// Same for RegExp filters.
+		StatifyBlacklist::$options['referer']['regexp']    = StatifyBlacklist::MODE_REGEX;
+		StatifyBlacklist::$options['referer']['blacklist'] = array( 'example\.com' => 0 );
+		StatifyBlacklist::$options['target']['regexp']     = StatifyBlacklist::MODE_REGEX;
+		StatifyBlacklist::$options['target']['blacklist']  = array( '/excluded/.*' => 0 );
+
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_REFERER'] = 'https://example.com';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		// Check case-insensitive match.
+		$_SERVER['HTTP_REFERER'] = 'https://eXaMpLe.com';
+		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
+		StatifyBlacklist::$options['referer']['regexp'] = StatifyBlacklist::MODE_REGEX_CI;
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['HTTP_REFERER'] = 'https://example.net';
+		$_SERVER['REQUEST_URI']  = '/excluded/page/';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REQUEST_URI'] = '/normal/page/';
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
+		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
+		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
+
+	}
+}

test/bootstrap.php

@@ -0,0 +1,134 @@
+<?php
+/**
+ * PHPUnit bootstrap file
+ *
+ * @package Statify_Blacklist
+ */
+
+/**
+ * Simulating the ABSPATH constant.
+ *
+ * @var boolean ABSPATH
+ */
+const ABSPATH = false;
+
+/*
+ * Include class files.
+ */
+require_once __DIR__ . '/../inc/class-statifyblacklist.php';
+require_once __DIR__ . '/../inc/class-statifyblacklist-admin.php';
+require_once __DIR__ . '/../inc/class-statifyblacklist-settings.php';
+require_once __DIR__ . '/../inc/class-statifyblacklist-system.php';
+
+// Include Composer autoloader.
+require_once __DIR__ . '/../vendor/autoload.php';
+
+
+
+/** @ignore */
+function invoke_static( $class, $method_name, $parameters = array() ) {
+	$reflection = new \ReflectionClass( $class );
+	$method     = $reflection->getMethod( $method_name );
+	$method->setAccessible( true );
+
+	return $method->invokeArgs( null, $parameters );
+}
+
+// Some mocked WP functions.
+$mock_options   = array();
+$mock_multisite = false;
+$settings_error = array();
+$settings       = array();
+
+/** @ignore */
+function is_multisite() {
+	global $mock_multisite;
+
+	return $mock_multisite;
+}
+
+/** @ignore */
+function wp_parse_args( $args, $defaults = '' ) {
+	if ( is_object( $args ) ) {
+		$r = get_object_vars( $args );
+	} elseif ( is_array( $args ) ) {
+		$r =& $args;
+	} else {
+		parse_str( $args, $r );
+	}
+
+	if ( is_array( $defaults ) ) {
+		return array_merge( $defaults, $r );
+	}
+
+	return $r;
+}
+
+/** @ignore */
+function get_option( $option, $default = false ) {
+	global $mock_options;
+
+	return isset( $mock_options[ $option ] ) ? $mock_options[ $option ] : $default;
+}
+
+/** @ignore */
+function update_option( $option, $value, $autoload = null ) {
+	global $mock_options;
+	$mock_options[ $option ] = $value;
+}
+
+/** @ignore */
+function wp_get_raw_referer() {
+	return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : '';
+}
+
+function wp_parse_url( $value ) {
+	return parse_url( $value );
+}
+
+/** @ignore */
+function wp_unslash( $value ) {
+	return is_string( $value ) ? stripslashes( $value ) : $value;
+}
+
+/** @ignore */
+function __( $text, $domain = 'default' ) {
+	return $text;
+}
+
+/** @ignore */
+function add_settings_error( $setting, $code, $message, $type = 'error' ) {
+	global $settings_error;
+	$settings_error[] = array( $setting, $code, $message, $type );
+}
+
+/** @ignore */
+function register_setting( $option_group, $option_name, $args = array() ) {
+	global $settings;
+	$settings[ $option_name ] = array(
+		'group'    => $option_group,
+		'args'     => $args,
+		'sections' => array(),
+	);
+}
+
+/** @ignore */
+function add_settings_section( $id, $title, $callback, $page, $args = array() ) {
+	global $settings;
+	$settings[ $page ]['sections'][ $id ] = array(
+		'title'    => $title,
+		'callback' => $callback,
+		'args'     => $args,
+		'fields'   => array(),
+	);
+}
+
+/** @ignore */
+function add_settings_field( $id, $title, $callback, $page, $section = 'default', $args = array() ) {
+	global $settings;
+	$settings[ $page ]['sections'][ $section ]['fields'][ $id ] = array(
+		'title'    => $title,
+		'callback' => $callback,
+		'args'     => $args,
+	);
+}

test/statifyblacklist-test.php

@@ -1,541 +0,0 @@
-<?php
-/**
- * Statify Blacklist: Unit Test
- *
- * This is a PHPunit test class for the plugin's functionality
- *
- * @package    Statify_Blacklist
- * @subpackage Admin
- * @since      1.3.0
- */
-
-/**
- * Simulating the ABSPATH constant.
- *
- * @since 1.3.0
- * @var bool ABSPATH
- */
-const ABSPATH = false;
-
-/**
- * The StatifyBlacklist base class.
- */
-require_once( 'inc/class-statifyblacklist.php' );
-
-/**
- * The StatifyBlacklist system class.
- */
-require_once( 'inc/class-statifyblacklist-system.php' );
-
-/**
- * The StatifyBlacklist admin class.
- */
-require_once( 'inc/class-statifyblacklist-admin.php' );
-
-/**
- * Class StatifyBlacklistTest.
- *
- * PHPUnit test class for StatifyBlacklist.
- *
- * @since 1.3.0
- */
-class StatifyBlacklist_Test extends PHPUnit\Framework\TestCase {
-
-	/**
-	 * Test simple referer filter.
-	 */
-	public function test_referer_filter() {
-		// Prepare Options: 2 blacklisted domains, disabled.
-		StatifyBlacklist::$_options = array(
-			'referer' => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(
-					'example.com' => 0,
-					'example.net' => 1,
-				),
-			),
-			'target'  => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(),
-			),
-			'ip'      => array(
-				'active'    => 0,
-				'blacklist' => array(),
-			),
-			'version' => StatifyBlacklist::VERSION_MAIN,
-		);
-
-		// No multisite.
-		StatifyBlacklist::$multisite = false;
-
-		// No referer.
-		unset( $_SERVER['HTTP_REFERER'] );
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Non-blacklisted referer.
-		$_SERVER['HTTP_REFERER'] = 'http://example.org';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Blacklisted referer.
-		$_SERVER['HTTP_REFERER'] = 'http://example.com';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Blacklisted referer with path.
-		$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		// Activate filter and run tests again.
-		StatifyBlacklist::$_options['referer']['active'] = 1;
-
-		unset( $_SERVER['HTTP_REFERER'] );
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		$_SERVER['HTTP_REFERER'] = 'http://example.org';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		$_SERVER['HTTP_REFERER'] = 'http://example.com';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-
-		$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-	}
-
-	/**
-	 * Test referer filter using regular expressions.
-	 */
-	public function testRefererRegexFilter() {
-		// Prepare Options: 2 regular expressions.
-		StatifyBlacklist::$_options = array(
-			'referer' => array(
-				'active'    => 1,
-				'cron'      => 0,
-				'regexp'    => 1,
-				'blacklist' => array(
-					'example.[a-z]+' => 0,
-					'test'           => 1,
-				),
-			),
-			'target'  => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(),
-			),
-			'ip'      => array(
-				'active'    => 0,
-				'blacklist' => array(),
-			),
-			'version' => StatifyBlacklist::VERSION_MAIN,
-		);
-
-		// No multisite.
-		StatifyBlacklist::$multisite = false;
-
-		// No referer.
-		unset( $_SERVER['HTTP_REFERER'] );
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Non-blacklisted referer.
-		$_SERVER['HTTP_REFERER'] = 'http://not.evil';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Blacklisted referer.
-		$_SERVER['HTTP_REFERER'] = 'http://example.com';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		// Blacklisted referer with path.
-		$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		// Matching both.
-		$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		// Mathinc with wrong case.
-		$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		// Set RegExp filter to case insensitive.
-		StatifyBlacklist::$_options['referer']['regexp'] = 2;
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-	}
-
-	/**
-	 * Test the upgrade methodology for configuration options.
-	 */
-	public function testUpgrade() {
-		// Create configuration of version 1.3.
-		$options13 = array(
-			'active_referer' => 1,
-			'cron_referer'   => 0,
-			'referer'        => array(
-				'example.net' => 0,
-				'example.com' => 1,
-			),
-			'referer_regexp' => 0,
-			'version'        => 1.3,
-		);
-
-		// Set options in mock.
-		update_option( 'statify-blacklist', $options13 );
-
-		// Execute upgrade.
-		StatifyBlacklist_System::upgrade();
-
-		// Retrieve updated options.
-		$optionsUpdated = get_option( 'statify-blacklist' );
-
-		// Verify size against default options (no junk left).
-		$this->assertEquals( 4, count( $optionsUpdated ) );
-		$this->assertEquals( 4, count( $optionsUpdated['referer'] ) );
-		$this->assertEquals( 4, count( $optionsUpdated['target'] ) );
-		$this->assertEquals( 2, count( $optionsUpdated['ip'] ) );
-
-		// Verify that original attributes are unchanged.
-		$this->assertEquals( $options13['active_referer'], $optionsUpdated['referer']['active'] );
-		$this->assertEquals( $options13['cron_referer'], $optionsUpdated['referer']['cron'] );
-		$this->assertEquals( $options13['referer'], $optionsUpdated['referer']['blacklist'] );
-		$this->assertEquals( $options13['referer_regexp'], $optionsUpdated['referer']['regexp'] );
-
-		// Verify that new attributes are present in config and filled with default values (disabled, empty).
-		$this->assertEquals( 0, $optionsUpdated['target']['active'] );
-		$this->assertEquals( 0, $optionsUpdated['target']['cron'] );
-		$this->assertEquals( 0, $optionsUpdated['target']['regexp'] );
-		$this->assertEquals( array(), $optionsUpdated['target']['blacklist'] );
-		$this->assertEquals( 0, $optionsUpdated['ip']['active'] );
-		$this->assertEquals( array(), $optionsUpdated['ip']['blacklist'] );
-
-		// Verify that version number has changed to current release.
-		$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $optionsUpdated['version'] );
-	}
-
-	/**
-	 * Test CIDR address matching for IP filter (#7)
-	 */
-	public function testCidrMatch() {
-		// IPv4 tests.
-		$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1' ) ) );
-		$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1/32' ) ) );
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'127.0.0.1',
-					'127.0.0.1/33',
-				)
-			)
-		);
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'127.0.0.1',
-					'127.0.0.1/-1',
-				)
-			)
-		);
-		$this->assertTrue(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'192.0.2.123',
-					'192.0.2.0/24',
-				)
-			)
-		);
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'192.0.3.123',
-					'192.0.2.0/24',
-				)
-			)
-		);
-		$this->assertTrue(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'192.0.2.123',
-					'192.0.2.120/29',
-				)
-			)
-		);
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'192.0.2.128',
-					'192.0.2.120/29',
-				)
-			)
-		);
-		$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '10.11.12.13', '10.0.0.0/8' ) ) );
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'10.11.12.345',
-					'10.0.0.0/8',
-				)
-			)
-		);
-
-		// IPv6 tests.
-		$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1' ) ) );
-		$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/128' ) ) );
-		$this->assertFalse( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/129' ) ) );
-		$this->assertFalse( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/-1' ) ) );
-		$this->assertTrue(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'2001:db8:a0b:12f0:1:2:3:4',
-					'2001:db8:a0b:12f0::1/64 ',
-				)
-			)
-		);
-		$this->assertTrue(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'2001:db8:a0b:12f0::123:456',
-					'2001:db8:a0b:12f0::1/96 ',
-				)
-			)
-		);
-		$this->assertFalse(
-			invokeStatic(
-				StatifyBlacklist::class, 'cidr_match', array(
-					'2001:db8:a0b:12f0::1:132:465',
-					'2001:db8:a0b:12f0::1/96 ',
-				)
-			)
-		);
-	}
-
-	/**
-	 * Test sanitization of IP addresses
-	 */
-	public function testSanitizeIPs() {
-		// IPv4 tests.
-		$valid   = array( '192.0.2.123', '192.0.2.123/32', '192.0.2.0/24', '192.0.2.128/25' );
-		$invalid = array( '12.34.56.789', '192.0.2.123/33', '192.0.2.123/-1' );
-		$result  = invokeStatic( StatifyBlacklist_Admin::class, 'sanitizeIPs', array( array_merge( $valid, $invalid ) ) );
-		$this->assertNotFalse( $result );
-		$this->assertInternalType( 'array', $result );
-		$this->assertEquals( $valid, $result );
-
-		// IPv6 tests.
-		$valid   = array(
-			'2001:db8:a0b:12f0::',
-			'2001:db8:a0b:12f0::1',
-			'2001:db8:a0b:12f0::1/128',
-			'2001:db8:a0b:12f0::/64',
-		);
-		$invalid = array(
-			'2001:db8:a0b:12f0::x',
-			'2001:db8:a0b:12f0:::',
-			'2001:fffff:a0b:12f0::1',
-			'2001:db8:a0b:12f0::/129',
-			'1:2:3:4:5:6:7:8:9',
-		);
-		$result  = invokeStatic( StatifyBlacklist_Admin::class, 'sanitizeIPs', array( array_merge( $valid, $invalid ) ) );
-		$this->assertNotFalse( $result );
-		$this->assertInternalType( 'array', $result );
-		$this->assertEquals( $valid, $result );
-	}
-
-	/**
-	 * Test IP filter (#7).
-	 */
-	public function testIPFilter() {
-		// Prepare Options: 2 blacklisted IPs, disabled.
-		StatifyBlacklist::$_options = array(
-			'referer' => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(),
-			),
-			'target'  => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(),
-			),
-			'ip'      => array(
-				'active'    => 0,
-				'blacklist' => array(
-					'192.0.2.123',
-					'2001:db8:a0b:12f0::1',
-				),
-			),
-			'version' => StatifyBlacklist::VERSION_MAIN,
-		);
-
-		// No multisite.
-		StatifyBlacklist::$multisite = false;
-
-		// Set matching IP.
-		$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Activate filter.
-		StatifyBlacklist::$_options['ip']['active'] = 1;
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		// Try matching v6 address.
-		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::1';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		// Non-matching addresses.
-		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::2';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Subnet matching.
-		StatifyBlacklist::$_options['ip']['blacklist'] = array(
-			'192.0.2.0/25',
-			'2001:db8:a0b:12f0::/96',
-		);
-		$_SERVER['REMOTE_ADDR']                        = '192.0.2.123';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::5';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0:0:1111::1';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		// Filter using proxy header.
-		$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['HTTP_X_FORWARDED_FOR'] = '192.0.2.123';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0:1111::1';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0::1';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-	}
-
-	/**
-	 * Test simple target filter.
-	 */
-	public function testTargetFilter() {
-		// Prepare Options: 2 blacklisted domains, disabled.
-		StatifyBlacklist::$_options = array(
-			'referer' => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(),
-			),
-			'target'  => array(
-				'active'    => 0,
-				'cron'      => 0,
-				'regexp'    => 0,
-				'blacklist' => array(
-					'/excluded/page/' => 0,
-					'/?page_id=3'     => 1,
-				),
-			),
-			'ip'      => array(
-				'active'    => 0,
-				'blacklist' => array(),
-			),
-			'version' => StatifyBlacklist::VERSION_MAIN,
-		);
-
-		// No multisite.
-		StatifyBlacklist::$multisite = false;
-
-		// Empty target.
-		unset( $_SERVER['REQUEST_URI'] );
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Non-blacklisted targets.
-		$_SERVER['REQUEST_URI'] = '';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/?page_id=1';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		// Blacklisted referer.
-		$_SERVER['REQUEST_URI'] = '/excluded/page/';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/?page_id=3';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		// Activate filter and run tests again.
-		StatifyBlacklist::$_options['target']['active'] = 1;
-
-		unset( $_SERVER['REQUEST_URI'] );
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		$_SERVER['REQUEST_URI'] = '';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/?page_id=1';
-		$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
-
-		$_SERVER['REQUEST_URI'] = '/excluded/page/';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/?page_id=3';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-		$_SERVER['REQUEST_URI'] = '/?page_id=3';
-		$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
-	}
-
-	// TODO: Test target regex filter.
-}
-
-
-/** @ignore */
-function invokeStatic( $class, $methodName, $parameters = array() ) {
-	$reflection = new \ReflectionClass( $class );
-	$method     = $reflection->getMethod( $methodName );
-	$method->setAccessible( true );
-
-	return $method->invokeArgs( null, $parameters );
-}
-
-
-// Some mocked WP functions.
-$mock_options   = array();
-$mock_multisite = false;
-
-/** @ignore */
-function is_multisite() {
-	global $mock_multisite;
-
-	return $mock_multisite;
-}
-
-/** @ignore */
-function wp_parse_args( $args, $defaults = '' ) {
-	if ( is_object( $args ) ) {
-		$r = get_object_vars( $args );
-	} elseif ( is_array( $args ) ) {
-		$r =& $args;
-	} else {
-		parse_str( $args, $r );
-	}
-
-	if ( is_array( $defaults ) ) {
-		return array_merge( $defaults, $r );
-	}
-
-	return $r;
-}
-
-/** @ignore */
-function get_option( $option, $default = false ) {
-	global $mock_options;
-
-	return isset( $mock_options[ $option ] ) ? $mock_options[ $option ] : $default;
-}
-
-/** @ignore */
-function update_option( $option, $value, $autoload = null ) {
-	global $mock_options;
-	$mock_options[ $option ] = $value;
-}
-
-/** @ignore */
-function wp_get_raw_referer() {
-	return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : '';
-}
-
-function wp_parse_url( $value ) {
-	return parse_url( $value );
-}
-
-/** @ignore */
-function wp_unslash( $value ) {
-	return is_string( $value ) ? stripslashes( $value ) : $value;
-}

views/settings-page.php

@@ -1,285 +0,0 @@
-<?php
-/**
- * Statify Blacklist: Settings View
- *
- * This file contains the dynamic HTML skeleton for the plugin's settings page.
- *
- * @package    Statify_Blacklist
- * @subpackage Admin
- * @since      1.0.0
- */
-
-// Quit.
-defined( 'ABSPATH' ) || exit;
-
-// Update plugin options.
-if ( ! empty( $_POST['statifyblacklist'] ) ) {
-	// Verify nonce.
-	check_admin_referer( 'statify-blacklist-settings' );
-
-	// Check user capabilities.
-	if ( ! current_user_can( 'manage_options' ) ) {
-		die( __( 'Are you sure you want to do this?' ) );
-	}
-
-	if ( ! empty( $_POST['cleanUp'] ) ) {
-		// CleanUp DB.
-		StatifyBlacklist_Admin::cleanup_database();
-	} else {
-		// Extract referer array.
-		if ( empty( trim( $_POST['statifyblacklist']['referer']['blacklist'] ) ) ) {
-			$referer = array();
-		} else {
-			$referer = explode( "\r\n", $_POST['statifyblacklist']['referer']['blacklist'] );
-		}
-
-		// Extract target array.
-		if ( empty( trim( $_POST['statifyblacklist']['target']['blacklist'] ) ) ) {
-			$target = array();
-		} else {
-			$target = explode( "\r\n", str_replace( '\\\\', '\\', $_POST['statifyblacklist']['target']['blacklist'] ) );
-		}
-
-		// Extract IP array.
-		if ( empty( trim( $_POST['statifyblacklist']['ip']['blacklist'] ) ) ) {
-			$ip = array();
-		} else {
-			$ip = explode( "\r\n", $_POST['statifyblacklist']['ip']['blacklist'] );
-		}
-
-		// Update options (data will be sanitized).
-		$statifyblacklist_update_result = StatifyBlacklist_Admin::update_options(
-			array(
-				'referer' => array(
-					'active'    => (int) $_POST['statifyblacklist']['referer']['active'],
-					'cron'      => (int) $_POST['statifyblacklist']['referer']['cron'],
-					'regexp'    => (int) $_POST['statifyblacklist']['referer']['regexp'],
-					'blacklist' => array_flip( $referer ),
-				),
-				'target'  => array(
-					'active'    => (int) $_POST['statifyblacklist']['target']['active'],
-					'cron'      => (int) $_POST['statifyblacklist']['target']['cron'],
-					'regexp'    => (int) $_POST['statifyblacklist']['target']['regexp'],
-					'blacklist' => array_flip( $target ),
-				),
-				'ip'      => array(
-					'active'    => (int) $_POST['statifyblacklist']['ip']['active'],
-					'blacklist' => $ip,
-				),
-				'version' => StatifyBlacklist::VERSION_MAIN,
-			)
-		);
-
-		// Generate messages.
-		if ( false !== $statifyblacklist_update_result ) {
-			if ( array_key_exists( 'referer', $statifyblacklist_update_result ) ) {
-				$statifyblacklist_post_warning = __( 'Some URLs are invalid and have been sanitized.', 'statify-blacklist' );
-			} elseif ( array_key_exists( 'ip', $statifyblacklist_update_result ) ) {
-				// translators: List of invalid IP addresses (comma separated).
-				$statifyblacklist_post_warning = sprintf( __( 'Some IPs are invalid : %s', 'statify-blacklist' ), implode( ', ', $statifyblacklist_update_result['ip'] ) );
-			}
-		} else {
-			$statifyblacklist_post_success = __( 'Settings updated successfully.', 'statify-blacklist' );
-		}
-	} // End if().
-} // End if().
-?>
-
-<div class="wrap">
-	<h1><?php esc_html_e( 'Statify Blacklist', 'statify-blacklist' ) ?></h1>
-	<?php
-	if ( is_plugin_inactive( 'statify/statify.php' ) ) {
-		print '<div class="notice notice-warning"><p>';
-		esc_html( 'Statify plugin is not active.' );
-		print '</p></div>';
-	}
-	if ( isset( $statifyblacklist_post_warning ) ) {
-		print '<div class="notice notice-warning"><p>' .
-			esc_html( $statifyblacklist_post_warning );
-		print '<br/>';
-		esc_html_e( 'Settings have not been saved yet.', 'statify-blacklist' );
-		print '</p></div>';
-	}
-	if ( isset( $statifyblacklist_post_success ) ) {
-		print '<div class="notice notice-success"><p>' .
-			esc_html( $statifyblacklist_post_success ) .
-			'</p></div>';
-	}
-	?>
-	<form action="" method="post" id="statify-blacklist-settings">
-		<fieldset>
-			<h2><?php esc_html_e( 'Referer blacklist', 'statify-blacklist' ); ?></h2>
-			<ul style="list-style: none;">
-				<li>
-					<label for="statify-blacklist_active_referer">
-						<input type="checkbox" name="statifyblacklist[referer][active]"
-							   id="statifyblacklist_active_referer"
-							   value="1" <?php checked( StatifyBlacklist::$_options['referer']['active'], 1 ); ?> />
-						<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_cron_referer">
-						<input type="checkbox" name="statifyblacklist[referer][cron]" id="statifyblacklist_cron_referer"
-							   value="1" <?php checked( StatifyBlacklist::$_options['referer']['cron'], 1 ); ?> />
-						<?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?>
-						<small>(<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
-							)
-						</small>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_referer_regexp">
-						<?php esc_html_e( 'Use regular expressions', 'statify-blacklist' ); ?>:
-						<br />
-						<select name="statifyblacklist[referer][regexp]" id="statifyblacklist_referer_regexp">
-							<option value="0" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 0 ); ?>>
-								<?php esc_html_e( 'Disabled', 'statify-blacklist' ); ?>
-							</option>
-							<option value="1" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 1 ); ?>>
-								<?php esc_html_e( 'Case-sensitive', 'statify-blacklist' ); ?>
-							</option>
-							<option value="2" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 2 ); ?>>
-								<?php esc_html_e( 'Case-insensitive', 'statify-blacklist' ); ?>
-							</option>
-						</select>
-						<small>
-							(<?php esc_html_e( 'Performance slower than standard filter. Recommended for cron or manual execition only.', 'statify-blacklist' ); ?>
-							)
-						</small>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_referer">
-						<?php esc_html_e( 'Referer blacklist', 'statify-blacklist' ); ?>:<br />
-						<textarea cols="40" rows="5" name="statifyblacklist[referer][blacklist]" id="statify-blacklist_referer"><?php
-						if ( isset( $statifyblacklist_update_result['referer'] ) ) {
-							print esc_html( implode( "\r\n", array_keys( $statifyblacklist_update_result['referer'] ) ) );
-						} else {
-							print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$_options['referer']['blacklist'] ) ) );
-						}
-							?></textarea>
-						<br />
-						<small>
-							(<?php esc_html_e( 'Add one domain (without subdomains) each line, e.g. example.com', 'statify-blacklist' ); ?>
-							)
-						</small>
-					</label>
-				</li>
-			</ul>
-		</fieldset>
-
-		<fieldset>
-			<h2><?php esc_html_e( 'Target blacklist', 'statify-blacklist' ); ?></h2>
-			<ul style="list-style: none;">
-				<li>
-					<label for="statify-blacklist_active_target">
-						<input type="checkbox" name="statifyblacklist[target][active]"
-							   id="statifyblacklist_active_target"
-							   value="1" <?php checked( StatifyBlacklist::$_options['target']['active'], 1 ); ?> />
-						<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_cron_target">
-						<input type="checkbox" name="statifyblacklist[target][cron]" id="statifyblacklist_cron_target"
-							   value="1" <?php checked( StatifyBlacklist::$_options['target']['cron'], 1 ); ?> />
-						<?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?>
-						<small>(<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
-							)
-						</small>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_target_regexp">
-						<?php esc_html_e( 'Use regular expressions', 'statify-blacklist' ); ?>:
-						<br />
-						<select name="statifyblacklist[target][regexp]" id="statifyblacklist_target_regexp">
-							<option value="0" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 0 ); ?>>
-								<?php esc_html_e( 'Disabled', 'statify-blacklist' ); ?>
-							</option>
-							<option value="1" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 1 ); ?>>
-								<?php esc_html_e( 'Case-sensitive', 'statify-blacklist' ); ?>
-							</option>
-							<option value="2" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 2 ); ?>>
-								<?php esc_html_e( 'Case-insensitive', 'statify-blacklist' ); ?>
-							</option>
-						</select>
-						<small>
-							(<?php esc_html_e( 'Performance slower than standard filter. Recommended for cron or manual execition only.', 'statify-blacklist' ); ?>
-							)
-						</small>
-					</label>
-				</li>
-				<li>
-					<label for="statify-blacklist_target">
-						<?php esc_html_e( 'Target blacklist', 'statify-blacklist' ); ?>:<br />
-						<textarea cols="40" rows="5" name="statifyblacklist[target][blacklist]" id="statify-blacklist_target"><?php
-						if ( isset( $statifyblacklist_update_result['target'] ) ) {
-							print esc_html( implode( "\r\n", array_keys( $statifyblacklist_update_result['target'] ) ) );
-						} else {
-							print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$_options['target']['blacklist'] ) ) );
-						}
-							?></textarea>
-						<br />
-						<small>
-							(<?php esc_html_e( 'Add one target URL each line, e.g.', 'statify-blacklist' );
-							print ' /, /test/page/, /?page_id=123' ?>
-							)
-						</small>
-					</label>
-				</li>
-			</ul>
-		</fieldset>
-
-		<fieldset>
-			<h2><?php esc_html_e( 'IP blacklist', 'statify-blacklist' ); ?></h2>
-			<ul style="list-style: none;">
-				<li>
-					<label for="statify-blacklist_active_ip">
-						<input type="checkbox" name="statifyblacklist[ip][active]" id="statifyblacklist_active_ip"
-							   value="1" <?php checked( StatifyBlacklist::$_options['ip']['active'], 1 ); ?> />
-						<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
-					</label>
-				</li>
-				<li>
-					<small>
-						(<?php esc_html_e( 'Cron execution is not possible for IP filter, because IP addresses are not stored.', 'statify-blacklist' ); ?>
-						)
-					</small>
-				</li>
-				<li>
-					<label for="statify-blacklist_ip">
-						<?php esc_html_e( 'IP blacklist', 'statify-blacklist' ); ?>:<br />
-						<textarea cols="40" rows="5" name="statifyblacklist[ip][blacklist]" id="statify-blacklist_ip"><?php
-						if ( isset( $statifyblacklist_update_result['ip'] ) ) {
-							print esc_html( $_POST['statifyblacklist']['ip']['blacklist'] );
-						} else {
-							print esc_html( implode( "\r\n", StatifyBlacklist::$_options['ip']['blacklist'] ) );
-						}
-							?></textarea>
-						<br />
-						<small>
-							(<?php esc_html_e( 'Add one IP address or range per line, e.g.', 'statify-blacklist' ) ?>
-							127.0.0.1, 192.168.123.0/24, 2001:db8:a0b:12f0::1/64
-							)
-						</small>
-					</label>
-				</li>
-			</ul>
-		</fieldset>
-
-		<?php wp_nonce_field( 'statify-blacklist-settings' ); ?>
-
-		<p class="submit">
-			<input class="button-primary" type="submit" name="submit" value="<?php esc_html_e( 'Save Changes' ) ?>">
-		<hr />
-		<input class="button-secondary" type="submit" name="cleanUp"
-			   value="<?php esc_html_e( 'CleanUp Database', 'statify-blacklist' ) ?>"
-			   onclick="return confirm('Do you really want to apply filters to database? This cannot be undone.');">
-		<br />
-		<small><?php esc_html_e( 'Applies referer and target filter (even if disabled) to data stored in database.', 'statify-blacklist' ); ?>
-			<em><?php esc_html_e( 'This cannot be undone!', 'statify-blacklist' ); ?></em></small>
-		</p>
-	</form>
-</div>