Include reason in the GF 2.7+ entry note

[richardW8k]

This uses GFCommon::set_spam_filter(), which was added in GF 2.7, to add the note when the entry is spam, including a reason, so the user reviewing the entry knows why it was marked as spam. It also adds an early return for when another check (e.g. honeypot) has already determined the entry is spam.

Summary by CodeRabbit

• Bug Fixes

  • Enhanced spam detection validation for form submissions with improved handling of invalid keys and empty submissions.

• Refactor

  • Improved spam annotation control flow to leverage newer Gravity Forms features when available, with fallback support for older versions.

[coderabbitai]

Walkthrough

The spam detection function is refactored to add early exit for pre-flagged submissions, replace direct $_POST access with the safe rgpost() wrapper, validate submission keys against stored keys, and conditionally use GF 2.7+'s spam annotation API with fallback to entry notes for older versions.

Changes

Cohort / File(s)	Summary
Gravity Forms Zero Spam Plugin gravityforms-zero-spam.php	Refactored spam detection logic: added early exit for existing spam flags; replaced direct $_POST access with rgpost(); implemented key validation with reason tracking; added conditional use of GFCommon::set_spam_filter (GF 2.7+) with fallback to add_entry_note for backward compatibility; minor formatting improvements.

Sequence Diagram

sequenceDiagram
    participant Caller
    participant Function
    participant GFCommon
    participant Fallback
    
    Caller->>Function: Call spam check
    alt Already spam
        Function->>Function: Early exit (return true)
    else Not spam
        Function->>Function: Extract key via rgpost()
        alt Key is empty
            Function->>Function: Mark as spam + set reason
        else Key provided
            Function->>Function: Validate key vs stored key
            alt Keys match
                Function->>Caller: Return false (not spam)
            else Keys don't match
                Function->>Function: Mark as spam + set reason
                alt GF 2.7+ available
                    Function->>GFCommon: Call set_spam_filter(reason)
                else Older GF version
                    Function->>Fallback: Queue entry note via gform_entry_created
                end
            end
        end
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

• Key validation logic and early exit paths require verification for correctness
• Backward compatibility layer (GFCommon::set_spam_filter fallback) needs testing across both GF versions
• rgpost() replacement should be validated to ensure no edge cases with empty/missing keys
• Confirm that entry note queueing mechanism in fallback path properly integrates with gform_entry_created hook

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The PR title "Include reason in the GF 2.7+ entry note" directly aligns with the primary objective stated in the PR description: to use GFCommon::set_spam_filter() to add entry notes with reasons for spam-flagged entries in Gravity Forms 2.7+. The title is clear and specific, identifying both what is being added (reason) and the version scope (GF 2.7+). While the changeset includes additional updates like an early exit for prior spam checks and refactored validation logic, the title appropriately emphasizes the main feature. The title is neither vague nor misleading, and it contains no unnecessary noise or file lists.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

gravityforms-zero-spam.php (1)

234-238: GF 2.7+ integration looks solid; backward compatibility maintained.

The feature detection and use of set_spam_filter() with the reason is exactly what's needed for GF 2.7+. For older versions, the fallback preserves the existing behavior with a generic entry note.

Optional enhancement for older GF versions:

To include the specific reason in entry notes for GF < 2.7, you could pass $reason via a closure:

 } else {
-    add_action( 'gform_entry_created', array( $this, 'add_entry_note' ) );
+    add_action( 'gform_entry_created', function( $entry ) use ( $reason ) {
+        $this->add_entry_note_with_reason( $entry, $reason );
+    } );
 }

Then add a new method to handle the reason:

public function add_entry_note_with_reason( $entry, $reason ) {
    if ( 'spam' !== rgar( $entry, 'status' ) || ! method_exists( 'GFAPI', 'add_note' ) ) {
        return;
    }
    GFAPI::add_note( $entry['id'], 0, 'Zero Spam', $reason, 'gf-zero-spam', 'success' );
}

This keeps the existing add_entry_note() method for other uses while providing the specific reason for spam detection in older GF versions.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between af2db23 and d1e2b70.

📒 Files selected for processing (1)

• gravityforms-zero-spam.php (3 hunks)

🔇 Additional comments (2)

gravityforms-zero-spam.php (2)

185-187: Good addition: early exit prevents redundant processing.

This correctly skips key validation when a prior spam filter has already flagged the submission, improving efficiency and avoiding potential issues with missing keys in edge cases.

---

221-232: Excellent refactor: clearer validation with actionable spam reasons.

The switch to rgpost() follows GF best practices, and separating the missing-key and invalid-key cases provides reviewers with specific context. The early return at line 230 keeps the logic clean.