/**
* Display PHPIDS Intrusions
*
* @return void
*/
public function intrusions()
{
global $wpdb;
// Current page number, items per page
$per_page = HMWP_MS_Utils::hmwp_ms_intrusions_per_page();
$pagenum = isset($_GET['paged']) ? absint($_GET['paged']) : 0;
if (empty($pagenum)) {
$pagenum = 1;
}
// Offset, limit
$limit = $per_page;
$offset = $pagenum * $limit - $limit;
$offset = $offset < 0 ? 0 : $offset;
// Get results
$search = isset($_GET['intrusions_search']) ? stripslashes($_GET['intrusions_search']) : '';
$search_title = '';
if ($search) {
$search_title = sprintf('<span class="subtitle">' . __('Search results for “%s”', 'mute-screamer') . '</span>', esc_html($search));
$token = '%' . $search . '%';
$sql = $wpdb->prepare('SELECT SQL_CALC_FOUND_ROWS * FROM ' . $wpdb->hmwp_ms_intrusions . ' WHERE (name LIKE %s OR page LIKE %s OR user_id LIKE %s OR ip LIKE %s OR total_impact LIKE %s) ORDER BY created DESC LIMIT %d, %d', $token, $token, $token, $token, $token, $offset, $limit);
} else {
$sql = $wpdb->prepare('SELECT SQL_CALC_FOUND_ROWS * FROM ' . $wpdb->hmwp_ms_intrusions . ' ORDER BY created DESC LIMIT %d, %d', $offset, $limit);
}
$intrusions = $wpdb->get_results($sql);
$total_intrusions = $wpdb->get_var('SELECT FOUND_ROWS();');
// Construct pagination links
$num_pages = ceil($total_intrusions / $per_page);
$pagination = HMWP_MS_Utils::pagination($pagenum, $num_pages, $per_page, $total_intrusions);
// Columns
$columns = array('name' => __('Name', 'mute-screamer'), 'value' => __('Value', 'mute-screamer'), 'page' => __('Page', 'mute-screamer'), 'impact' => __('Impact / Total', 'mute-screamer'), 'ip' => __('IP / User', 'mute-screamer'), 'date' => __('Date', 'mute-screamer'));
$columns = apply_filters('hmwp_ms_admin_intrusions_columns', $columns);
// Was something deleted?
$deleted = isset($_GET['deleted']) ? (int) $_GET['deleted'] : 0;
// Was something excluded?
$excluded = isset($_GET['excluded']) ? (int) $_GET['excluded'] : 0;
$all_deleted = isset($_GET['all_deleted']) ? (int) $_GET['all_deleted'] : 0;
//hassan
$data['message'] = false;
$data['intrusions'] = $intrusions;
$data['style'] = '';
$data['columns'] = $columns;
$data['page'] = $_GET['page'];
$data['pagination'] = $pagination;
$data['intrusions_search'] = $search;
$data['search_title'] = $search_title;
$data['time_offset'] = get_option('gmt_offset') * 3600;
$data['date_format'] = get_option('date_format');
$data['time_format'] = get_option('time_format');
if ($deleted) {
$data['message'] = sprintf(_n('Item permanently deleted.', '%s items permanently deleted.', $deleted, 'mute-screamer'), number_format_i18n($deleted));
}
if ($excluded) {
$data['message'] = sprintf(_n('Item added to the exceptions list.', '%s items added to the exceptions list.', $excluded, 'mute-screamer'), number_format_i18n($excluded));
}
if ($all_deleted) {
$data['message'] = __('All logs have been deleted!', 'mute-screamer');
}
HMWP_MS_Utils::view('admin_intrusions', $data);
}
/**
* This is in an iframe
*
* @return void
*/
public function do_upgrade_run()
{
$upgrade_files = array('default_filter.xml', 'Converter.php');
$files = HMWP_MS_Utils::get('files');
$files = explode(',', $files);
if (!current_user_can('update_plugins')) {
wp_die(__('You do not have sufficient permissions to update Mute Screamer for this site.', 'mute-screamer'));
}
check_admin_referer('bulk-update-hmwp_ms');
// Valid files to upgrade?
foreach ($files as $key => $val) {
if (!in_array($val, $upgrade_files)) {
wp_die(sprintf(__("%s can't be upgraded.", 'mute-screamer'), esc_html($val)));
}
// Fetch file contents from cache
$files[$val] = $this->remote_get($this->updates['updates'][$val]->revision_file_url);
unset($files[$key]);
// Remove existing integer based index
}
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
require_once 'hmwp_ms/Upgrader.php';
wp_enqueue_script('jquery');
iframe_header();
$upgrader = new HMWP_MS_Upgrader();
$res = $upgrader->upgrade($files);
// All good? Clear the update array, reset transients
if ($res) {
// Remove the files we updated from the update array
foreach ($files as $key => $file) {
unset($this->updates['updates'][$key]);
}
// Did we update everything?
// Only clear the update array and cache if there are no files left to update
if (empty($this->updates['updates'])) {
$this->updates['updates'] = array();
delete_site_transient('hmwp_ms_requests_cache');
}
set_site_transient('hmwp_ms_update', $this->updates, $this->timeout);
}
iframe_footer();
}
/**
* Constructor
*
* @return void
*/
public function __construct()
{
$this->ip = HMWP_MS_Utils::ip_address();
}
/**
* Number of attacks the user has made
*
* @return integer
*/
private function attack_count()
{
global $wpdb;
$sql = $wpdb->prepare("SELECT COUNT(*) AS count FROM {$wpdb->posts} WHERE post_content = '%s' AND post_excerpt = 'repeat_attack'", HMWP_MS_Utils::ip_address());
$result = $wpdb->get_row($sql);
return (int) $result->count;
}
/**
* Fetch ip address
*
* @return string
*/
public static function ip_address()
{
$ip = '0.0.0.0';
if (self::$ip) {
return self::$ip;
}
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (!isset($_SERVER[$key])) {
continue;
}
foreach (explode(',', $_SERVER[$key]) as $val) {
$ip = trim($val);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
}
}
}
//Most safe
if (getenv('REMOTE_ADDR')) {
$ip = getenv('REMOTE_ADDR');
}
self::$ip = $ip;
return $ip;
}