PageRenderTime 64ms CodeModel.GetById 31ms RepoModel.GetById 1ms app.codeStats 0ms

/icwp-wpsf-main.php

https://github.com/stackgrinder/wp-simple-firewall
PHP | 930 lines | 616 code | 131 blank | 183 comment | 101 complexity | b547f019a63e868f3250b8f90cd112bd MD5 | raw file
  1. <?php
  2. /**
  3. * Copyright (c) 2014 iControlWP <support@icontrolwp.com>
  4. * All rights reserved.
  5. *
  6. * "WordPress Simple Firewall" is
  7. * distributed under the GNU General Public License, Version 2,
  8. * June 1991. Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin
  9. * St, Fifth Floor, Boston, MA 02110, USA
  10. *
  11. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
  12. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  13. * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  14. * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
  15. * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  16. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  17. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
  18. * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  19. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  20. * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  21. */
  22. require_once( dirname(__FILE__).'/src/icwp-feature-master.php' );
  23. require_once( dirname(__FILE__).'/src/icwp-data-processor.php' );
  24. if ( !function_exists( '_wpsf_e' ) ) {
  25. function _wpsf_e( $insStr ) {
  26. _e( $insStr, 'wp-simple-firewall' );
  27. }
  28. }
  29. if ( !function_exists( '_wpsf__' ) ) {
  30. function _wpsf__( $insStr ) {
  31. return __( $insStr, 'wp-simple-firewall' );
  32. }
  33. }
  34. if ( !class_exists('ICWP_Wordpress_Simple_Firewall') ):
  35. class ICWP_Wordpress_Simple_Firewall extends ICWP_Feature_Master {
  36. /**
  37. * @var string
  38. */
  39. const AdminAccessKeyCookieName = 'icwp_wpsf_aakcook';
  40. /**
  41. * @var ICWP_OptionsHandler_Firewall
  42. */
  43. protected $m_oFirewallOptions;
  44. /**
  45. * @var ICWP_OptionsHandler_LoginProtect
  46. */
  47. protected $m_oLoginProtectOptions;
  48. /**
  49. * @var ICWP_OptionsHandler_PrivacyProtect
  50. */
  51. protected $m_oPrivacyProtectOptions;
  52. /**
  53. * @var ICWP_OptionsHandler_CommentsFilter
  54. */
  55. protected $m_oCommentsFilterOptions;
  56. /**
  57. * @var ICWP_OptionsHandler_Lockdown
  58. */
  59. protected $m_oLockdownOptions;
  60. /**
  61. * @var ICWP_OptionsHandler_AutoUpdates
  62. */
  63. protected $m_oAutoUpdatesOptions;
  64. /**
  65. * @var ICWP_OptionsHandler_Email_Wpsf
  66. */
  67. protected $m_oEmailOptions;
  68. /**
  69. * @var ICWP_FirewallProcessor
  70. */
  71. protected $m_oFirewallProcessor;
  72. /**
  73. * @var ICWP_LoginProtectProcessor
  74. */
  75. protected $m_oLoginProtectProcessor;
  76. /**
  77. * @var ICWP_CommentsFilterProcessor
  78. */
  79. protected $m_oCommentsFilterProcessor;
  80. /**
  81. * @var ICWP_LockdownProcessor
  82. */
  83. protected $m_oLockdownProcessor;
  84. /**
  85. * @var ICWP_WPSF_PrivacyProtectProcessor
  86. */
  87. protected $m_oPrivacyProtectProcessor;
  88. /**
  89. * @var ICWP_WPSF_AutoUpdatesProcessor
  90. */
  91. protected $m_oAutoUpdatesProcessor;
  92. /**
  93. * @var ICWP_WPSF_LoggingProcessor
  94. */
  95. protected $m_oLoggingProcessor;
  96. /**
  97. * @var ICWP_EmailProcessor
  98. */
  99. protected $m_oEmailProcessor;
  100. /**
  101. * @var bool
  102. */
  103. private $fAdminAccessPermSubmit = null;
  104. /**
  105. */
  106. public function __construct( ICWP_Wordpress_Simple_Firewall_Plugin $oPluginVo ) {
  107. parent::__construct(
  108. $oPluginVo,
  109. array(
  110. 'logging' => 'Logging',
  111. 'email' => 'Email',
  112. 'firewall' => 'Firewall',
  113. 'login_protect' => 'LoginProtect',
  114. 'comments_filter' => 'CommentsFilter',
  115. // 'privacy_protect' => 'PrivacyProtect',
  116. 'autoupdates' => 'AutoUpdates',
  117. 'lockdown' => 'Lockdown'
  118. ),
  119. array(
  120. 'm_oPluginMainOptions',
  121. 'm_oEmailOptions',
  122. 'm_oFirewallOptions',
  123. 'm_oLoginProtectOptions',
  124. 'm_oCommentsFilterOptions',
  125. 'm_oPrivacyProtectOptions',
  126. 'm_oLockdownOptions',
  127. 'm_oAutoUpdatesOptions'
  128. )
  129. );
  130. // loads the base plugin options from 1 db call
  131. if ( is_admin() ) {
  132. $this->loadOptionsHandler( 'all' );
  133. }
  134. else {
  135. $this->loadOptionsHandler( 'PluginMain' );
  136. }
  137. $this->fAutoPluginUpgrade = false && $this->m_oPluginMainOptions->getOpt( 'enable_auto_plugin_upgrade' ) == 'Y';
  138. // checks for filesystem based firewall overrides
  139. $this->override();
  140. if ( isset( $_GET['turnoffperm'] ) ) {
  141. $this->setPermissionToSubmit( false );
  142. }
  143. add_filter( 'pre_update_option', array($this, 'blockOptionsSaves'), 1, 3 );
  144. }
  145. /**
  146. * @return string
  147. */
  148. protected function override() {
  149. $sSetting = parent::override();
  150. if ( empty( $sSetting ) ) {
  151. return $sSetting;
  152. }
  153. $this->m_oPluginMainOptions->setOpt( 'enable_admin_access_restriction', $sSetting );
  154. $this->m_oPluginMainOptions->savePluginOptions();
  155. return $sSetting;
  156. }
  157. /**
  158. * Should be called from the constructor so as to ensure it is called as early as possible.
  159. *
  160. * @return void
  161. */
  162. public function runFirewallProcess() {
  163. $this->loadProcessor( 'Firewall' );
  164. $fFirewallBlockUser = !$this->m_oFirewallProcessor->doFirewallCheck();
  165. if ( $fFirewallBlockUser ) {
  166. if ( $this->m_oFirewallProcessor->getNeedsEmailHandler() ) {
  167. $this->loadProcessor( 'Email' );
  168. $this->m_oFirewallProcessor->setEmailHandler( $this->m_oEmailProcessor );
  169. }
  170. $this->m_oFirewallProcessor->doPreFirewallBlock();
  171. }
  172. if ( $fFirewallBlockUser ) {
  173. $this->shutdown();
  174. $this->m_oFirewallProcessor->doFirewallBlock();
  175. }
  176. }
  177. /**
  178. * Handles the running of all Login Protection processes.
  179. */
  180. public function runLoginProtect() {
  181. $this->loadProcessor( 'LoginProtect' );
  182. $this->loadProcessor( 'Email' );
  183. $this->m_oLoginProtectProcessor->setEmailHandler( $this->m_oEmailProcessor );
  184. $this->m_oLoginProtectProcessor->run();
  185. }
  186. /**
  187. * Handles the running of all Auto Update processes.
  188. */
  189. public function runAutoUpdates() {
  190. $this->loadProcessor( 'AutoUpdates' );
  191. $this->m_oAutoUpdatesProcessor->run( $this->getPluginBaseFile() );
  192. }
  193. protected function createPluginSubMenuItems() {
  194. // $aItems = array(
  195. // Menu Page Title => Menu Item name, page ID (slug), callback function for this page - i.e. what to do/load.
  196. // $this->getSubmenuPageTitle( _wpsf__('Firewall') ) => array( 'Firewall', $this->getSubmenuId('firewall'), 'onDisplayAll' ),
  197. // $this->getSubmenuPageTitle( _wpsf__('Login Protect') ) => array( 'Login Protect', $this->getSubmenuId('login_protect'), 'onDisplayAll' ),
  198. // $this->getSubmenuPageTitle( _wpsf__('Comments Filter') ) => array( 'Comments Filter', $this->getSubmenuId('comments_filter'), 'onDisplayAll' ),
  199. // $this->getSubmenuPageTitle( _wpsf__('Privacy Protect') ) => array( 'Privacy Protect', $this->getSubmenuId('privacy_protect'), 'onDisplayAll' ),
  200. // $this->getSubmenuPageTitle( _wpsf__('Automatic Updates') ) => array( 'Automatic Updates', $this->getSubmenuId('autoupdates'), 'onDisplayAll' ),
  201. // $this->getSubmenuPageTitle( _wpsf__('Lockdown') ) => array( 'Lockdown', $this->getSubmenuId('lockdown'), 'onDisplayAll' ),
  202. // $this->getSubmenuPageTitle( _wpsf__('Firewall Log' ) ) => array( 'Firewall Log', $this->getSubmenuId('firewall_log'), 'onDisplayAll' ),
  203. // $this->getSubmenuPageTitle( _wpsf__('Privacy Log' ) ) => array( 'Privacy Log', $this->getSubmenuId('privacy_protect_log'), 'onDisplayAll' )
  204. // );
  205. $this->aPluginMenu = apply_filters( 'icwp_wpsf_filter_plugin_submenu_items', array() );
  206. $this->aPluginMenu[ _wpsf__('Firewall Log' ) ] = array( 'Firewall Log', $this->getSubmenuId('firewall_log'), 'onDisplayAll' );
  207. }
  208. protected function handlePluginUpgrade() {
  209. parent::handlePluginUpgrade();
  210. $sCurrentPluginVersion = $this->m_oPluginMainOptions->getVersion();
  211. if ( $sCurrentPluginVersion !== $this->oPluginVo->getVersion() && current_user_can( 'manage_options' ) ) {
  212. $this->loadOptionsHandler( 'all' );
  213. // refactoring so that email and logging options are more independent
  214. if ( version_compare( $sCurrentPluginVersion, '2.3.0', '<' ) ) {
  215. $this->deleteOption( 'whitelist_admins' );
  216. $this->m_oEmailOptions->setOpt( 'block_send_email_address', $this->m_oPluginMainOptions->getOpt( 'block_send_email_address') );
  217. $this->m_oEmailOptions->setOpt( 'send_email_throttle_limit', $this->m_oPluginMainOptions->getOpt( 'send_email_throttle_limit') );
  218. }//v2.3.0
  219. $this->loadProcessor( 'Logging' );
  220. $this->m_oLoggingProcessor->handleInstallUpgrade( $sCurrentPluginVersion );
  221. // clears all the processor caches
  222. $this->clearCaches();
  223. }
  224. }
  225. /**
  226. * Displaying all views now goes through this central function and we work out
  227. * what to display based on the name of current hook/filter being processed.
  228. */
  229. public function onDisplayAll() {
  230. if ( !$this->hasPermissionToView() ) {
  231. $this->onDisplayAccessKeyRequest();
  232. return;
  233. }
  234. // Just to ensure the nag bar disappears if/when they visit the dashboard
  235. // regardless of clicking the button.
  236. $this->updateVersionUserMeta();
  237. $sPrefix = str_replace(' ', '-', strtolower( $this->oPluginVo->getAdminMenuTitle() ) ) .'_page_'.$this->getPluginPrefix().'-';
  238. $sCurrent = str_replace( $sPrefix, '', current_filter() );
  239. switch( $sCurrent ) {
  240. case 'toplevel_page_'. $this->oPluginVo->getFullPluginPrefix():
  241. $this->onDisplayMainMenu();
  242. break;
  243. case 'privacy_protect_log' :
  244. $this->onDisplayPrivacyProtectLog();
  245. break;
  246. case 'firewall_log' :
  247. $this->onDisplayFirewallLog();
  248. break;
  249. default:
  250. $aFeatures = $this->getFeaturesMap();
  251. $this->loadOptionsHandler( $aFeatures[$sCurrent] );
  252. $sOptionsName = 'm_o'.$aFeatures[$sCurrent].'Options';
  253. $this->onDisplayConfig( $this->{$sOptionsName}, $sCurrent );
  254. break;
  255. }
  256. }
  257. /**
  258. * @param string $sSubmenu
  259. * @return array
  260. */
  261. protected function getBaseDisplayData( $sSubmenu = '' ) {
  262. $aBaseData = parent::getBaseDisplayData( $sSubmenu );
  263. $aBaseData['aMainOptions'] = $this->m_oPluginMainOptions->getPluginOptionsValues();
  264. return $aBaseData;
  265. }
  266. public function onDisplayAccessKeyRequest() {
  267. $aData = array(
  268. 'nonce_field' => $this->getPluginPrefix(),
  269. 'requested_page' => $this->getCurrentWpAdminPage()
  270. );
  271. $aData = array_merge( $this->getBaseDisplayData(), $aData );
  272. $this->display( 'icwp_wpsf_access_key_request_index', $aData );
  273. }
  274. public function onDisplayMainMenu() {
  275. $this->loadOptionsHandler( 'all', true );
  276. $aAvailableOptions = array_merge( $this->m_oPluginMainOptions->getOptions(), $this->m_oEmailOptions->getOptions() );
  277. $sMainOptions = $this->m_oPluginMainOptions->collateAllFormInputsForAllOptions();
  278. $sEmailMainOptions = $this->m_oEmailOptions->collateAllFormInputsForAllOptions();
  279. $sAllFormInputOptions = $sMainOptions.(ICWP_OptionsHandler_Base_Wpsf::CollateSeparator).$sEmailMainOptions;
  280. $aData = array(
  281. 'aAllOptions' => $aAvailableOptions,
  282. 'all_options_input' => $sAllFormInputOptions,
  283. );
  284. $aData = array_merge( $this->getBaseDisplayData(), $aData );
  285. $aData['aSummaryData'] = $this->getDashboardSummaryDisplayData();
  286. if ( $this->getIsMainFeatureEnabled('firewall') ) {
  287. $this->loadOptionsHandler( 'Firewall' );
  288. $aData['aFirewallOptions'] = $this->m_oFirewallOptions->getPluginOptionsValues();
  289. }
  290. if ( $this->getIsMainFeatureEnabled('login_protect') ) {
  291. $this->loadOptionsHandler( 'LoginProtect' );
  292. $aData['aLoginProtectOptions'] = $this->m_oLoginProtectOptions->getPluginOptionsValues();
  293. }
  294. if ( $this->getIsMainFeatureEnabled('comments_filter') ) {
  295. $this->loadOptionsHandler( 'CommentsFilter' );
  296. $aData['aCommentsFilterOptions'] = $this->m_oCommentsFilterOptions->getPluginOptionsValues();
  297. }
  298. if ( $this->getIsMainFeatureEnabled('lockdown') ) {
  299. $this->loadOptionsHandler( 'Lockdown' );
  300. $aData['aLockdownOptions'] = $this->m_oLockdownOptions->getPluginOptionsValues();
  301. }
  302. if ( $this->getIsMainFeatureEnabled('autoupdates') ) {
  303. $this->loadOptionsHandler( 'AutoUpdates' );
  304. $aData['aAutoUpdatesOptions'] = $this->m_oAutoUpdatesOptions->getPluginOptionsValues();
  305. }
  306. $this->display( $this->doPluginPrefix( 'index', '_' ), $aData );
  307. }
  308. protected function getDashboardSummaryDisplayData() {
  309. $aSummaryData = array();
  310. $aSummaryData[] = array(
  311. $this->m_oPluginMainOptions->getOpt( 'enable_admin_access_restriction' ) == 'Y',
  312. _wpsf__('Admin Access Protection'),
  313. $this->getSubmenuId()
  314. );
  315. $aSummaryData[] = array(
  316. $this->getIsMainFeatureEnabled('firewall'),
  317. _wpsf__('Firewall'),
  318. $this->getSubmenuId( 'firewall' )
  319. );
  320. $aSummaryData[] = array(
  321. $this->getIsMainFeatureEnabled('login_protect'),
  322. _wpsf__('Login Protection'),
  323. $this->getSubmenuId( 'login_protect' )
  324. );
  325. $aSummaryData[] = array(
  326. $this->getIsMainFeatureEnabled('comments_filter'),
  327. _wpsf__('Comments Filter'),
  328. $this->getSubmenuId( 'comments_filter' )
  329. );
  330. $aSummaryData[] = array(
  331. $this->getIsMainFeatureEnabled('autoupdates'),
  332. _wpsf__('Auto Updates'),
  333. $this->getSubmenuId( 'autoupdates' )
  334. );
  335. $aSummaryData[] = array(
  336. $this->getIsMainFeatureEnabled('lockdown'),
  337. _wpsf__('Lock Down'),
  338. $this->getSubmenuId( 'lockdown' )
  339. );
  340. return $aSummaryData;
  341. }
  342. protected function onDisplayPrivacyProtectLog() {
  343. $this->loadProcessor( 'PrivacyProtect' );
  344. $aData = array(
  345. 'urlrequests_log' => $this->m_oPrivacyProtectProcessor->getLogs( true )
  346. );
  347. $aData = array_merge( $this->getBaseDisplayData('privacy_protect_log'), $aData );
  348. $this->display( 'icwp_wpsf_privacy_protect_log_index', $aData );
  349. }
  350. protected function onDisplayFirewallLog() {
  351. $this->loadOptionsHandler( 'Firewall' );
  352. $aIpWhitelist = $this->m_oFirewallOptions->getOpt( 'ips_whitelist' );
  353. $aIpBlacklist = $this->m_oFirewallOptions->getOpt( 'ips_blacklist' );
  354. $this->loadProcessor( 'Logging' );
  355. $aLogData = $this->m_oLoggingProcessor->getLogs( true );
  356. $aData = array(
  357. 'firewall_log' => $aLogData,
  358. 'ip_whitelist' => isset( $aIpWhitelist['ips'] )? $aIpWhitelist['ips'] : array(),
  359. 'ip_blacklist' => isset( $aIpBlacklist['ips'] )? $aIpBlacklist['ips'] : array(),
  360. );
  361. $aData = array_merge( $this->getBaseDisplayData('firewall_log'), $aData );
  362. $this->display( 'icwp_wpsf_firewall_log_index', $aData );
  363. }
  364. /**
  365. *
  366. * @param ICWP_OptionsHandler_Base_WPSF $inoOptions
  367. * @param string $sSlug
  368. */
  369. protected function onDisplayConfig( $inoOptions, $sSlug ) {
  370. $aAvailableOptions = $inoOptions->getOptions();
  371. $sAllFormInputOptions = $inoOptions->collateAllFormInputsForAllOptions();
  372. $aData = array(
  373. 'aAllOptions' => $aAvailableOptions,
  374. 'all_options_input' => $sAllFormInputOptions,
  375. );
  376. $aData = array_merge( $this->getBaseDisplayData($sSlug), $aData );
  377. $this->display( 'icwp_wpsf_config_'.$sSlug.'_index', $aData );
  378. }
  379. /**
  380. * @return boolean
  381. */
  382. protected function isIcwpPluginFormSubmit() {
  383. if ( empty($_POST) && empty($_GET) ) {
  384. return false;
  385. }
  386. $aFormSubmitOptions = array(
  387. 'icwp_plugin_form_submit',
  388. 'icwp_link_action',
  389. 'icwp_wpsf_admin_access_key_request'
  390. );
  391. foreach( $aFormSubmitOptions as $sOption ) {
  392. if ( !is_null( $this->fetchRequest( $sOption, false ) ) ) {
  393. return true;
  394. }
  395. }
  396. return false;
  397. }
  398. protected function handlePluginFormSubmit() {
  399. if ( !is_null( $this->fetchPost( $this->doPluginPrefix( 'admin_access_key_request', '_' ) ) ) ) {
  400. return $this->handleSubmit_AccessKeyRequest();
  401. }
  402. if ( !$this->hasPermissionToSubmit() || !$this->isIcwpPluginFormSubmit() ) {
  403. return false;
  404. }
  405. // Force run automatic updates
  406. if ( $this->fetchGet( 'force_run_auto_updates' ) == 'now' ) {
  407. $oProc = $this->getProcessor_Autoupdates();
  408. $oProc->setForceRunAutoUpdates( true );
  409. return;
  410. }
  411. // If we're dealing with a standard options form submit
  412. $aInputOptions = $this->fetchPost( $this->doPluginPrefix('all_options_input', '_') );
  413. if ( !empty( $aInputOptions ) ) {
  414. check_admin_referer( $this->getPluginPrefix() );
  415. }
  416. // When they've clicked to terminate all logged in authenticated users.
  417. if ( $this->fetchPost( 'terminate-all-logins' ) ) {
  418. $oProc = $this->getProcessor_LoginProtect();
  419. $oProc->doTerminateAllVerifiedLogins();
  420. return;
  421. }
  422. // Import from Firewall2 Plugin
  423. if ( $this->fetchPost( 'import-wpf2-submit') ) {
  424. $this->importFromFirewall2Plugin();
  425. return;
  426. }
  427. $sCurrentPage = $this->getCurrentWpAdminPage();
  428. if ( !empty( $sCurrentPage ) ) {
  429. // if it's the main dashboard, or one of the main features, load everything and save them
  430. if ( $this->getIsPage_PluginAdmin() ) {
  431. $this->loadOptionsHandler( 'all' );
  432. do_action( 'icwp_wpsf_form_submit', $aInputOptions );
  433. $this->saveOptions();
  434. $this->clearCaches();
  435. if ( $this->getIsPage_PluginMainDashboard() && !$this->fetchPost( $this->doPluginPrefix('enable_admin_access_restriction', '_') ) ) {
  436. $this->setPermissionToSubmit( false );
  437. }
  438. wp_safe_redirect( $this->getUrl_PluginDashboard( $sCurrentPage ) );
  439. return true;
  440. }
  441. switch ( $sCurrentPage ) {
  442. case $this->getSubmenuId( 'firewall_log' ):
  443. $this->handleSubmit_FirewallLog();
  444. break;
  445. case $this->getSubmenuId( 'privacy_protect_log' ):
  446. $this->handleSubmit_PrivacyProtectLog();
  447. break;
  448. default:
  449. return false;
  450. break;
  451. }
  452. }
  453. }
  454. /**
  455. * @param bool $infPermission
  456. */
  457. protected function setPermissionToSubmit( $infPermission = false ) {
  458. if ( $infPermission ) {
  459. $this->loadDataProcessor();
  460. $sValue = md5( $this->m_oPluginMainOptions->getOpt( 'admin_access_key' ).ICWP_WPSF_DataProcessor::GetVisitorIpAddress() );
  461. $sTimeout = $this->m_oPluginMainOptions->getOpt( 'admin_access_timeout' ) * 60;
  462. $_COOKIE[ self::AdminAccessKeyCookieName ] = $sValue;
  463. setcookie( self::AdminAccessKeyCookieName, $sValue, time()+$sTimeout, COOKIEPATH, COOKIE_DOMAIN, false );
  464. }
  465. else {
  466. unset( $_COOKIE[ self::AdminAccessKeyCookieName ] );
  467. setcookie( self::AdminAccessKeyCookieName, "", time()-3600, COOKIEPATH, COOKIE_DOMAIN, false );
  468. }
  469. }
  470. /**
  471. * @return boolean
  472. */
  473. protected function hasPermissionToSubmit() {
  474. if ( !is_null( $this->fAdminAccessPermSubmit ) ) {
  475. return $this->fAdminAccessPermSubmit;
  476. }
  477. $this->fAdminAccessPermSubmit = true;
  478. if ( !parent::hasPermissionToSubmit() ) {
  479. $this->fAdminAccessPermSubmit = false;
  480. }
  481. if ( $this->fAdminAccessPermSubmit && $this->m_oPluginMainOptions->getOpt( 'enable_admin_access_restriction' ) == 'Y' ) {
  482. $sAccessKey = $this->m_oPluginMainOptions->getOpt( 'admin_access_key' );
  483. if ( !empty( $sAccessKey ) ) {
  484. $this->loadDataProcessor();
  485. $sHash = md5( $sAccessKey.ICWP_WPSF_DataProcessor::GetVisitorIpAddress() );
  486. $this->fAdminAccessPermSubmit = isset( $_COOKIE[ self::AdminAccessKeyCookieName ] ) && ( $sHash == $_COOKIE[ self::AdminAccessKeyCookieName ] );
  487. }
  488. }
  489. return $this->fAdminAccessPermSubmit;
  490. }
  491. protected function handleSubmit_AccessKeyRequest() {
  492. //Ensures we're actually getting this request from WP.
  493. check_admin_referer( $this->getPluginPrefix() );
  494. $sAccessKey = md5( trim( $this->fetchPost( $this->doPluginPrefix('admin_access_key_request', '_') ) ) );
  495. $sStoredAccessKey = $this->m_oPluginMainOptions->getOpt( 'admin_access_key' );
  496. if ( $sAccessKey === $sStoredAccessKey ) {
  497. $this->setPermissionToSubmit( true );
  498. header( 'Location: '.$this->getUrl_PluginDashboard( sanitize_text_field( $this->fetchPost('icwp_wpsf_requested_page') ) ) );
  499. exit();
  500. }
  501. return false;
  502. }
  503. /**
  504. * Right before a plugin option is due to update it will check that we have permissions to do so and if not, will
  505. * revert the option to save to the previous one.
  506. *
  507. * @param $mValue
  508. * @param $sOption
  509. * @param $mOldValue
  510. * @return mixed
  511. */
  512. public function blockOptionsSaves( $mValue, $sOption, $mOldValue ) {
  513. if ( !preg_match( '/^'.self::$sOptionPrefix.'.*_options$/', $sOption ) || $this->fHasFtpOverride ) {
  514. return $mValue;
  515. }
  516. return $this->hasPermissionToSubmit()? $mValue : $mOldValue;
  517. }
  518. protected function handleSubmit_FirewallLog() {
  519. // Ensures we're actually getting this request from a valid WP submission.
  520. $sNonce = $this->fetchRequest( '_wpnonce', false );
  521. if ( is_null( $sNonce ) || !wp_verify_nonce( $sNonce, $this->getSubmenuId( 'firewall_log' ) ) ) {
  522. wp_die();
  523. }
  524. $this->loadOptionsHandler( 'Firewall' );
  525. // At the time of writing the page only has 1 form submission item - clear log
  526. if ( !is_null( $this->fetchPost( 'clear_log_submit' ) ) ) {
  527. $this->loadProcessor( 'Logging' );
  528. $this->m_oLoggingProcessor->recreateTable();
  529. }
  530. else {
  531. $this->m_oFirewallOptions->addRawIpsToFirewallList( 'ips_whitelist', array( $this->fetchGet( 'whiteip' ) ) );
  532. $this->m_oFirewallOptions->removeRawIpsFromFirewallList( 'ips_whitelist', array( $this->fetchGet( 'unwhiteip' ) ) );
  533. $this->m_oFirewallOptions->addRawIpsToFirewallList( 'ips_blacklist', array( $this->fetchGet( 'blackip' ) ) );
  534. $this->m_oFirewallOptions->removeRawIpsFromFirewallList( 'ips_blacklist', array( $this->fetchGet( 'unblackip' ) ) );
  535. $this->resetProcessor( 'Firewall' );
  536. }
  537. wp_safe_redirect( $this->getUrl_PluginDashboard( 'firewall_log' ) ); //means no admin message is displayed
  538. exit();
  539. }
  540. protected function handleSubmit_PrivacyProtectLog() {
  541. // Ensures we're actually getting this request from a valid WP submission.
  542. $sNonce = $this->fetchRequest( '_wpnonce', false );
  543. if ( is_null( $sNonce ) || !wp_verify_nonce( $sNonce, $this->getSubmenuId( 'privacy_protect_log' ) ) ) {
  544. wp_die();
  545. }
  546. $this->loadOptionsHandler( 'PrivacyProtect' );
  547. // At the time of writing the page only has 1 form submission item - clear log
  548. if ( !is_null( $this->fetchPost( 'clear_log_submit' ) ) ) {
  549. $this->loadProcessor( 'PrivacyProtect' );
  550. $this->m_oPrivacyProtectProcessor->recreateTable();
  551. }
  552. else {
  553. // $this->m_oFirewallOptions->addRawIpsToFirewallList( 'ips_whitelist', array( $this->fetchGet( 'whiteip' ) ) );
  554. // $this->m_oFirewallOptions->removeRawIpsFromFirewallList( 'ips_whitelist', array( $this->fetchGet( 'unwhiteip' ) ) );
  555. // $this->m_oFirewallOptions->addRawIpsToFirewallList( 'ips_blacklist', array( $this->fetchGet( 'blackip' ) ) );
  556. // $this->m_oFirewallOptions->removeRawIpsFromFirewallList( 'ips_blacklist', array( $this->fetchGet( 'unblackip' ) ) );
  557. // $this->resetProcessor( 'Firewall' );
  558. }
  559. wp_safe_redirect( $this->getUrl_PluginDashboard( 'privacy_protect_log' ) ); //means no admin message is displayed
  560. exit();
  561. }
  562. protected function importFromFirewall2Plugin() {
  563. $this->loadOptionsHandler( 'all' );
  564. require_once( dirname(__FILE__).'/src/icwp-import-wpf2-processor.php' );
  565. $oImportProcessor = new ICWP_ImportWpf2Processor( $this->m_oPluginMainOptions, $this->m_oFirewallOptions );
  566. $oImportProcessor->runImport();
  567. }
  568. public function onWpPluginsLoaded() {
  569. parent::onWpPluginsLoaded();
  570. $aFeatures = $this->getFeaturesMap();
  571. foreach( $aFeatures as $sFeatureSlug => $sProcessor ) {
  572. if ( !$this->getIsMainFeatureEnabled( $sFeatureSlug ) ) {
  573. continue;
  574. }
  575. if ( $sFeatureSlug == 'firewall' ) {
  576. $this->runFirewallProcess();
  577. }
  578. else if ( $sFeatureSlug == 'login_protect' ) {
  579. $this->runLoginProtect();
  580. }
  581. else if ( $sFeatureSlug == 'autoupdates' ) {
  582. $this->runAutoUpdates();
  583. }
  584. else {
  585. $sProcessorVariable = $this->loadProcessor( $sProcessor );
  586. $sProcessorVariable->run();
  587. }
  588. }
  589. if ( $this->isValidAdminArea()
  590. && $this->m_oPluginMainOptions->getOpt('enable_upgrade_admin_notice') == 'Y'
  591. && $this->hasPermissionToSubmit()
  592. ) {
  593. $this->m_fDoAutoUpdateCheck = true;
  594. }
  595. }
  596. public function onWpAdminInit() {
  597. parent::onWpAdminInit();
  598. if ( $this->isValidAdminArea() ) {
  599. //Someone clicked the button to acknowledge the update
  600. $sMetaFlag = $this->doPluginPrefix( 'hide_update_notice' );
  601. if ( $this->fetchRequest( $sMetaFlag ) == 1 ) {
  602. $this->updateVersionUserMeta();
  603. if ( $this->isShowMarketing() ) {
  604. wp_redirect( $this->getUrl_PluginDashboard() );
  605. }
  606. else {
  607. wp_redirect( network_admin_url( $_POST['redirect_page'] ) );
  608. }
  609. }
  610. $sMetaFlag = $this->doPluginPrefix( 'hide_translation_notice' );
  611. if ( $this->fetchRequest( $sMetaFlag ) == 1 ) {
  612. $this->updateTranslationNoticeShownUserMeta();
  613. wp_redirect( network_admin_url( $_POST['redirect_page'] ) );
  614. }
  615. $sMetaFlag = $this->doPluginPrefix( 'hide_mailing_list_signup' );
  616. if ( $this->fetchRequest( $sMetaFlag ) == 1 ) {
  617. $this->updateMailingListSignupShownUserMeta();
  618. }
  619. }
  620. }
  621. /**
  622. * @return bool
  623. */
  624. protected function isShowMarketing() {
  625. // don't show marketing on the first 24hrs.
  626. if ( $this->getInstallationDays() < 1 ) {
  627. return false;
  628. }
  629. return parent::isShowMarketing();
  630. }
  631. /**
  632. * Lets you remove certain plugin conflicts that might interfere with this plugin
  633. *
  634. * @see ICWP_Pure_Base_V1::removePluginConflicts()
  635. */
  636. protected function removePluginConflicts() {
  637. if ( class_exists('AIO_WP_Security') && isset( $GLOBALS['aio_wp_security'] ) ) {
  638. remove_action( 'init', array( $GLOBALS['aio_wp_security'], 'wp_security_plugin_init'), 0 );
  639. }
  640. }
  641. /**
  642. * Updates the current log data with new data.
  643. *
  644. * @return void
  645. */
  646. protected function updateLogStore() {
  647. if ( isset( $this->m_oFirewallProcessor ) && is_object( $this->m_oFirewallProcessor ) && $this->getIsMainFeatureEnabled( 'firewall' ) ) {
  648. $aLogData = $this->m_oFirewallProcessor->flushLogData();
  649. if ( !is_null( $aLogData ) && !empty( $aLogData ) ) {
  650. $this->loadProcessor( 'Logging' );
  651. $this->m_oLoggingProcessor->addDataToWrite( $aLogData );
  652. }
  653. }
  654. if ( isset( $this->m_oLoginProtectProcessor ) && is_object( $this->m_oLoginProtectProcessor ) && $this->getIsMainFeatureEnabled( 'login_protect' ) ) {
  655. $aLogData = $this->m_oLoginProtectProcessor->flushLogData();
  656. if ( !is_null( $aLogData ) && !empty( $aLogData ) ) {
  657. $this->loadProcessor( 'Logging' );
  658. $this->m_oLoggingProcessor->addDataToWrite( $aLogData );
  659. }
  660. }
  661. }
  662. protected function shutdown() {
  663. $this->updateLogStore();
  664. parent::shutdown();
  665. }
  666. protected function getPluginsListUpdateMessage() {
  667. return _wpsf__( 'Upgrade Now To Keep Your Firewall Up-To-Date With The Latest Features.' );
  668. }
  669. protected function getAdminNoticeHtml_Translations() {
  670. if ( $this->getInstallationDays() < 7 ) {
  671. return '';
  672. }
  673. $sMetaFlag = $this->doPluginPrefix( 'hide_translation_notice' );
  674. $sRedirectPage = 'index.php';
  675. ob_start(); ?>
  676. <style>
  677. a#fromIcwp { padding: 0 5px; border-bottom: 1px dashed rgba(0,0,0,0.1); color: blue; font-weight: bold; }
  678. </style>
  679. <form id="IcwpTranslationsNotice" method="post" action="admin.php?page=<?php echo $this->getSubmenuId('firewall'); ?>&<?php echo $sMetaFlag; ?>=1">
  680. <input type="hidden" value="<?php echo $sRedirectPage; ?>" name="redirect_page" id="redirect_page">
  681. <input type="hidden" value="1" name="<?php echo $sMetaFlag; ?>" id="<?php echo $sMetaFlag; ?>">
  682. <h4 style="margin:10px 0 3px;">
  683. <?php _wpsf_e( 'Would you like to help translate the WordPress Simple Firewall into your language?' ); ?>
  684. <?php printf( _wpsf__( 'Head over to: %s' ), '<a href="http://translate.icontrolwp.com" target="_blank">translate.icontrolwp.com</a>' ); ?>
  685. </h4>
  686. <input type="submit" value="<?php _wpsf_e( 'Dismiss this notice' ); ?>" name="submit" class="button" style="float:left; margin-bottom:10px;">
  687. <div style="clear:both;"></div>
  688. </form>
  689. <?php
  690. $sNotice = ob_get_contents();
  691. ob_end_clean();
  692. return $sNotice;
  693. }
  694. protected function getAdminNoticeHtml_VersionUpgrade() {
  695. // for now just showing this for the first 3 days of installation.
  696. if ( $this->getInstallationDays() > 7 ) {
  697. return '';
  698. }
  699. $sMetaFlag = $this->doPluginPrefix( 'hide_update_notice' );
  700. $sRedirectPage = 'admin.php?page=icwp-wpsf';
  701. ob_start(); ?>
  702. <style>a#fromIcwp { padding: 0 5px; border-bottom: 1px dashed rgba(0,0,0,0.1); color: blue; font-weight: bold; }</style>
  703. <form id="IcwpUpdateNotice" method="post" action="admin.php?page=<?php echo $this->getSubmenuId('firewall'); ?>&<?php echo $sMetaFlag; ?>=1">
  704. <input type="hidden" value="<?php echo $sRedirectPage; ?>" name="redirect_page" id="redirect_page">
  705. <input type="hidden" value="1" name="<?php echo $sMetaFlag; ?>" id="<?php echo $sMetaFlag; ?>">
  706. <p>
  707. <?php _wpsf_e( 'Note: WordPress Simple Firewall plugin does not automatically turn on when you install/update.' ); ?>
  708. <?php printf( _wpsf__( 'There may also be %simportant updates to read about%s.' ), '<a href="http://icwp.io/27" id="fromIcwp" title="'._wpsf__( 'WordPress Simple Firewall' ).'" target="_blank">', '</a>' ); ?>
  709. </p>
  710. </h4>
  711. <input type="submit" value="<?php _wpsf_e( 'Okay, show me the dashboard' ); ?>" name="submit" class="button" style="float:left; margin-bottom:10px;">
  712. <div style="clear:both;"></div>
  713. </form>
  714. <?php
  715. $sNotice = ob_get_contents();
  716. ob_end_clean();
  717. return $sNotice;
  718. }
  719. /**
  720. * @return string|void
  721. */
  722. protected function getAdminNoticeHtml_MailingListSignup() {
  723. $nDays = $this->getInstallationDays();
  724. if ( $nDays < 2 ) {
  725. return '';
  726. }
  727. $sMetaFlag = $this->doPluginPrefix( 'hide_mailing_list_signup' );
  728. ob_start(); ?>
  729. <!-- Begin MailChimp Signup Form -->
  730. <div id="mc_embed_signup">
  731. <form class="form form-inline" action="http://hostliketoast.us2.list-manage1.com/subscribe/post?u=e736870223389e44fb8915c9a&amp;id=0e1d527259" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank" novalidate>
  732. <p>The WordPress Simple Firewall team has launched a education initiative to raise awareness of WordPress security and to provide further help with the WordPress Simple Firewall plugin. Get Involved here:</p>
  733. <input type="text" value="" name="EMAIL" class="required email" id="mce-EMAIL" placeholder="Your Email" />
  734. <input type="text" value="" name="FNAME" class="" id="mce-FNAME" placeholder="Your Name" />
  735. <input type="hidden" value="<?php echo $nDays; ?>" name="DAYS" class="" id="mce-DAYS" />
  736. <input type="submit" value="Get The News" name="subscribe" id="mc-embedded-subscribe" class="button" />
  737. <a href="<?php echo $this->getUrl_PluginDashboard().'&'.$sMetaFlag.'=1';?>">Dismiss</a>
  738. <div id="mce-responses" class="clear">
  739. <div class="response" id="mce-error-response" style="display:none"></div>
  740. <div class="response" id="mce-success-response" style="display:none"></div>
  741. </div> <!-- real people should not fill this in and expect good things - do not remove this or risk form bot signups-->
  742. <div style="position: absolute; left: -5000px;"><input type="text" name="b_e736870223389e44fb8915c9a_0e1d527259" tabindex="-1" value=""></div>
  743. <div class="clear"></div>
  744. </form>
  745. </div>
  746. <!--End mc_embed_signup-->
  747. <?php
  748. $sNotice = ob_get_contents();
  749. ob_end_clean();
  750. return $sNotice;
  751. }
  752. protected function getAdminNoticeHtml_OptionsUpdated() {
  753. $sAdminFeedbackNotice = $this->m_oPluginMainOptions->getOpt( 'feedback_admin_notice' );
  754. if ( !empty( $sAdminFeedbackNotice ) ) {
  755. $sNotice = '<p>'.$sAdminFeedbackNotice.'</p>';
  756. return $sNotice;
  757. $this->m_oPluginMainOptions->setOpt( 'feedback_admin_notice', '' );
  758. }
  759. }
  760. /**
  761. *
  762. */
  763. protected function getShowAdminNotices() {
  764. return $this->m_oPluginMainOptions->getOpt('enable_upgrade_admin_notice') == 'Y';
  765. }
  766. /**
  767. * @return int
  768. */
  769. protected function getInstallationDays() {
  770. $nTimeInstalled = $this->m_oPluginMainOptions->getOpt( 'installation_time' );
  771. if ( empty($nTimeInstalled) ) {
  772. return 0;
  773. }
  774. return round( ( time() - $nTimeInstalled ) / DAY_IN_SECONDS );
  775. }
  776. protected function getAdminBarNodes() {
  777. return array(); //disabled for now
  778. $aMenu = array(
  779. 'id' => self::$sOptionPrefix.'admin_menu',
  780. 'title' => '<span class="pluginlogo_16">&nbsp;</span>'._wpsf__('Firewall').'',
  781. 'href' => 'bob',
  782. );
  783. return array( $aMenu );
  784. }
  785. /**
  786. * @return ICWP_WPSF_LoginProtectProcessor|null
  787. */
  788. public function getProcessor_LoginProtect() {
  789. return $this->getProcessorVar('LoginProtect');
  790. }
  791. /**
  792. * @return ICWP_WPSF_AutoUpdatesProcessor|null
  793. */
  794. public function getProcessor_Autoupdates() {
  795. return $this->getProcessorVar('AutoUpdates');
  796. }
  797. }
  798. endif;
  799. //$oICWP_Wpsf = ICWP_Wordpress_Simple_Firewall::GetInstance( 'ICWP_Wordpress_Simple_Firewall' );