/**
  * Display PHPIDS Intrusions
  *
  * @return void
  */
 public function intrusions()
 {
     global $wpdb;
     // Current page number, items per page
     $per_page = HMWP_MS_Utils::hmwp_ms_intrusions_per_page();
     $pagenum = isset($_GET['paged']) ? absint($_GET['paged']) : 0;
     if (empty($pagenum)) {
         $pagenum = 1;
     }
     // Offset, limit
     $limit = $per_page;
     $offset = $pagenum * $limit - $limit;
     $offset = $offset < 0 ? 0 : $offset;
     // Get results
     $search = isset($_GET['intrusions_search']) ? stripslashes($_GET['intrusions_search']) : '';
     $search_title = '';
     if ($search) {
         $search_title = sprintf('<span class="subtitle">' . __('Search results for &#8220;%s&#8221;', 'mute-screamer') . '</span>', esc_html($search));
         $token = '%' . $search . '%';
         $sql = $wpdb->prepare('SELECT SQL_CALC_FOUND_ROWS * FROM ' . $wpdb->hmwp_ms_intrusions . ' WHERE (name LIKE %s OR page LIKE %s OR user_id LIKE %s OR ip LIKE %s OR total_impact LIKE %s) ORDER BY created DESC LIMIT %d, %d', $token, $token, $token, $token, $token, $offset, $limit);
     } else {
         $sql = $wpdb->prepare('SELECT SQL_CALC_FOUND_ROWS * FROM ' . $wpdb->hmwp_ms_intrusions . ' ORDER BY created DESC LIMIT %d, %d', $offset, $limit);
     }
     $intrusions = $wpdb->get_results($sql);
     $total_intrusions = $wpdb->get_var('SELECT FOUND_ROWS();');
     // Construct pagination links
     $num_pages = ceil($total_intrusions / $per_page);
     $pagination = HMWP_MS_Utils::pagination($pagenum, $num_pages, $per_page, $total_intrusions);
     // Columns
     $columns = array('name' => __('Name', 'mute-screamer'), 'value' => __('Value', 'mute-screamer'), 'page' => __('Page', 'mute-screamer'), 'impact' => __('Impact / Total', 'mute-screamer'), 'ip' => __('IP / User', 'mute-screamer'), 'date' => __('Date', 'mute-screamer'));
     $columns = apply_filters('hmwp_ms_admin_intrusions_columns', $columns);
     // Was something deleted?
     $deleted = isset($_GET['deleted']) ? (int) $_GET['deleted'] : 0;
     // Was something excluded?
     $excluded = isset($_GET['excluded']) ? (int) $_GET['excluded'] : 0;
     $all_deleted = isset($_GET['all_deleted']) ? (int) $_GET['all_deleted'] : 0;
     //hassan
     $data['message'] = false;
     $data['intrusions'] = $intrusions;
     $data['style'] = '';
     $data['columns'] = $columns;
     $data['page'] = $_GET['page'];
     $data['pagination'] = $pagination;
     $data['intrusions_search'] = $search;
     $data['search_title'] = $search_title;
     $data['time_offset'] = get_option('gmt_offset') * 3600;
     $data['date_format'] = get_option('date_format');
     $data['time_format'] = get_option('time_format');
     if ($deleted) {
         $data['message'] = sprintf(_n('Item permanently deleted.', '%s items permanently deleted.', $deleted, 'mute-screamer'), number_format_i18n($deleted));
     }
     if ($excluded) {
         $data['message'] = sprintf(_n('Item added to the exceptions list.', '%s items added to the exceptions list.', $excluded, 'mute-screamer'), number_format_i18n($excluded));
     }
     if ($all_deleted) {
         $data['message'] = __('All logs have been deleted!', 'mute-screamer');
     }
     HMWP_MS_Utils::view('admin_intrusions', $data);
 }
 /**
  * This is in an iframe
  *
  * @return void
  */
 public function do_upgrade_run()
 {
     $upgrade_files = array('default_filter.xml', 'Converter.php');
     $files = HMWP_MS_Utils::get('files');
     $files = explode(',', $files);
     if (!current_user_can('update_plugins')) {
         wp_die(__('You do not have sufficient permissions to update Mute Screamer for this site.', 'mute-screamer'));
     }
     check_admin_referer('bulk-update-hmwp_ms');
     // Valid files to upgrade?
     foreach ($files as $key => $val) {
         if (!in_array($val, $upgrade_files)) {
             wp_die(sprintf(__("%s can't be upgraded.", 'mute-screamer'), esc_html($val)));
         }
         // Fetch file contents from cache
         $files[$val] = $this->remote_get($this->updates['updates'][$val]->revision_file_url);
         unset($files[$key]);
         // Remove existing integer based index
     }
     require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
     require_once 'hmwp_ms/Upgrader.php';
     wp_enqueue_script('jquery');
     iframe_header();
     $upgrader = new HMWP_MS_Upgrader();
     $res = $upgrader->upgrade($files);
     // All good? Clear the update array, reset transients
     if ($res) {
         // Remove the files we updated from the update array
         foreach ($files as $key => $file) {
             unset($this->updates['updates'][$key]);
         }
         // Did we update everything?
         // Only clear the update array and cache if there are no files left to update
         if (empty($this->updates['updates'])) {
             $this->updates['updates'] = array();
             delete_site_transient('hmwp_ms_requests_cache');
         }
         set_site_transient('hmwp_ms_update', $this->updates, $this->timeout);
     }
     iframe_footer();
 }
 /**
  * Constructor
  *
  * @return void
  */
 public function __construct()
 {
     $this->ip = HMWP_MS_Utils::ip_address();
 }
Beispiel #4
0
 /**
  * Number of attacks the user has made
  *
  * @return integer
  */
 private function attack_count()
 {
     global $wpdb;
     $sql = $wpdb->prepare("SELECT COUNT(*) AS count FROM {$wpdb->posts} WHERE post_content = '%s' AND post_excerpt = 'repeat_attack'", HMWP_MS_Utils::ip_address());
     $result = $wpdb->get_row($sql);
     return (int) $result->count;
 }
Beispiel #5
0
 /**
  * Fetch ip address
  *
  * @return string
  */
 public static function ip_address()
 {
     $ip = '0.0.0.0';
     if (self::$ip) {
         return self::$ip;
     }
     foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
         if (!isset($_SERVER[$key])) {
             continue;
         }
         foreach (explode(',', $_SERVER[$key]) as $val) {
             $ip = trim($val);
             if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
             }
         }
     }
     //Most safe
     if (getenv('REMOTE_ADDR')) {
         $ip = getenv('REMOTE_ADDR');
     }
     self::$ip = $ip;
     return $ip;
 }