/wp-content/plugins/better-wp-security/core/modules/database-prefix/utility.php

https://gitlab.com/najomie/fit-hippie · PHP · 140 lines · 68 code · 58 blank · 14 comment · 12 complexity · 54da1ce4728c907c3751a090add185ae MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. final class ITSEC_Database_Prefix_Utility {
    4. 

  4. 	public static function change_database_prefix() {
    5. 

  5. 		global $wpdb;
    6. 

  6. 		
    7. 

  7. 		
    8. 

  8. 		require_once( $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-config-file.php' );
    9. 

  9. 		require_once( $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-file.php' );
    10. 

  10. 		
    11. 

  11. 		$response = array(
    12. 

  12. 			'errors'     => array(),
    13. 

  13. 			'new_prefix' => false,
    14. 

  14. 		);
    15. 

  15. 		
    16. 

  16. 		
    17. 

  17. 		//suppress error messages due to timing
    18. 

  18. //		error_reporting( 0 );
    19. 

  19. //		@ini_set( 'display_errors', 0 );
    20. 

  20. 

  21. 		$check_prefix = true; //Assume the first prefix we generate is unique
    22. 

  22. 

  23. 		//generate a new table prefix that doesn't conflict with any other in use in the database
    24. 

  24. 		while ( $check_prefix ) {
    25. 

  25. 

  26. 			$avail = 'abcdefghijklmnopqrstuvwxyz0123456789';
    27. 

  27. 

  28. 			//first character should be alpha
    29. 

  29. 			$new_prefix = $avail[ mt_rand( 0, 25 ) ];
    30. 

  30. 

  31. 			//length of new prefix
    32. 

  32. 			$prelength = mt_rand( 4, 9 );
    33. 

  33. 

  34. 			//generate remaning characters
    35. 

  35. 			for ( $i = 0; $i < $prelength; $i ++ ) {
    36. 

  36. 				$new_prefix .= $avail[ mt_rand( 0, 35 ) ];
    37. 

  37. 			}
    38. 

  38. 

  39. 			//complete with underscore
    40. 

  40. 			$new_prefix .= '_';
    41. 

  41. 

  42. 			$new_prefix = esc_sql( $new_prefix ); //just be safe
    43. 

  43. 

  44. 			$check_prefix = $wpdb->get_results( 'SHOW TABLES LIKE "' . $new_prefix . '%";', ARRAY_N ); //if there are no tables with that prefix in the database set checkPrefix to false
    45. 

  45. 

  46. 		}
    47. 

  47. 

  48. 

  49. 		$config_file_path = ITSEC_Lib_Config_File::get_wp_config_file_path();
    50. 

  50. 		$config = ITSEC_Lib_File::read( $config_file_path );
    51. 

  51. 		
    52. 

  52. 		if ( is_wp_error( $config ) ) {
    53. 

  53. 			/* translators: 1: Specific error details */
    54. 

  54. 			$response['errors'][] = new WP_Error( $confix->get_error_code(), sprintf( __( 'Unable to read the <code>wp-config.php</code> file in order to update the Database Prefix. Error details as follows: %1$s', 'better-wp-security' ), $config->get_error_message() ) );
    55. 

  55. 			return $response;
    56. 

  56. 		}
    57. 

  57. 		
    58. 

  58. 		
    59. 

  59. 		$regex = '/(\$table_prefix\s*=\s*)([\'"]).+?\\2(\s*;)/';
    60. 

  60. 		$config = preg_replace( $regex, "\${1}'$new_prefix'\${3}", $config );
    61. 

  61. 		
    62. 

  62. 		$write_result = ITSEC_Lib_File::write( $config_file_path, $config );
    63. 

  63. 		
    64. 

  64. 		if ( is_wp_error( $write_result ) ) {
    65. 

  65. 			/* translators: 1: Specific error details */
    66. 

  66. 			$response['errors'][] = new WP_Error( $confix->get_error_code(), sprintf( __( 'Unable to update the <code>wp-config.php</code> file in order to update the Database Prefix. Error details as follows: %1$s', 'better-wp-security' ), $config->get_error_message() ) );
    67. 

  67. 			return $response;
    68. 

  68. 		}
    69. 

  69. 		
    70. 

  70. 		
    71. 

  71. 		$response['new_prefix'] = $new_prefix;
    72. 

  72. 

  73. 

  74. 

  75. 		$tables = $wpdb->get_results( 'SHOW TABLES LIKE "' . $wpdb->base_prefix . '%"', ARRAY_N ); //retrieve a list of all tables in the DB
    76. 

  76. 

  77. 		//Rename each table
    78. 

  78. 		foreach ( $tables as $table ) {
    79. 

  79. 

  80. 			$table = substr( $table[0], strlen( $wpdb->base_prefix ), strlen( $table[0] ) ); //Get the table name without the old prefix
    81. 

  81. 

  82. 			//rename the table and generate an error if there is a problem
    83. 

  83. 			if ( $wpdb->query( 'RENAME TABLE `' . $wpdb->base_prefix . $table . '` TO `' . $new_prefix . $table . '`;' ) === false ) {
    84. 

  84. 

  85. 				$response['errors'][] = new WP_Error( 'itsec-database-prefix-utility-change-database-prefix-failed-table-rename', sprintf( __( 'Could not rename table %1$s. You may have to rename the table manually.', 'better-wp-security' ), $wpdb->base_prefix . $table ) );
    86. 

  86. 

  87. 			}
    88. 

  88. 

  89. 		}
    90. 

  90. 

  91. 		if ( is_multisite() ) { //multisite requires us to rename each blogs' options
    92. 

  92. 

  93. 			$blogs = $wpdb->get_col( "SELECT blog_id FROM `" . $new_prefix . "blogs` WHERE public = '1' AND archived = '0' AND mature = '0' AND spam = '0' ORDER BY blog_id DESC" ); //get list of blog id's
    94. 

  94. 

  95. 			if ( is_array( $blogs ) ) { //make sure there are other blogs to update
    96. 

  96. 

  97. 				//update each blog's user_roles option
    98. 

  98. 				foreach ( $blogs as $blog ) {
    99. 

  99. 

  100. 					$wpdb->query( 'UPDATE `' . $new_prefix . $blog . '_options` SET option_name = "' . $new_prefix . $blog . '_user_roles" WHERE option_name = "' . $wpdb->base_prefix . $blog . '_user_roles" LIMIT 1;' );
    101. 

  101. 

  102. 				}
    103. 

  103. 

  104. 			}
    105. 

  105. 

  106. 		}
    107. 

  107. 

  108. 		$upOpts = $wpdb->query( 'UPDATE `' . $new_prefix . 'options` SET option_name = "' . $new_prefix . 'user_roles" WHERE option_name = "' . $wpdb->base_prefix . 'user_roles" LIMIT 1;' ); //update options table and set flag to false if there's an error
    109. 

  109. 

  110. 		if ( $upOpts === false ) { //set an error
    111. 

  111. 

  112. 			$response['errors'][] = new WP_Error( 'itsec-database-prefix-utility-change-database-prefix-failed-options-update', __( 'Could not update prefix references in options table.', 'better-wp-security' ) );
    113. 

  113. 

  114. 		}
    115. 

  115. 

  116. 		$rows = $wpdb->get_results( 'SELECT * FROM `' . $new_prefix . 'usermeta`' ); //get all rows in usermeta
    117. 

  117. 

  118. 		//update all prefixes in usermeta
    119. 

  119. 		foreach ( $rows as $row ) {
    120. 

  120. 

  121. 			if ( substr( $row->meta_key, 0, strlen( $wpdb->base_prefix ) ) == $wpdb->base_prefix ) {
    122. 

  122. 

  123. 				$pos = $new_prefix . substr( $row->meta_key, strlen( $wpdb->base_prefix ), strlen( $row->meta_key ) );
    124. 

  124. 

  125. 				$result = $wpdb->query( 'UPDATE `' . $new_prefix . 'usermeta` SET meta_key="' . $pos . '" WHERE meta_key= "' . $row->meta_key . '" LIMIT 1;' );
    126. 

  126. 

  127. 				if ( $result == false ) {
    128. 

  128. 

  129. 					$response['errors'][] = new WP_Error( 'itsec-database-prefix-utility-change-database-prefix-failed-usermeta-update', __( 'Could not update prefix references in usermeta table.', 'better-wp-security' ) );
    130. 

  130. 

  131. 				}
    132. 

  132. 

  133. 			}
    134. 

  134. 

  135. 		}
    136. 

  136. 

  137. 

  138. 		return $response;
    139. 

  139. 	}
    140. 

  140. }
    141.