public static final function registerHit()
{
// check if live traffic tool is enabled
$liveTrafficToolEnabled = WpsOption::getOption(WpsSettings::ENABLE_LIVE_TRAFFIC);
if (!$liveTrafficToolEnabled) {
return;
}
if (is_admin()) {
return;
}
global $wpdb;
$blogID = $wpdb->blogid;
$url = self::getRequestedUrl();
if (self::isUrlExcluded($url)) {
return;
}
$ip = self::getIP();
$referrer = self::getReferrer();
$ua = self::getUserAgent();
$geoIpInfo = self::_getGeoIpInfo($ip);
$country = $geoIpInfo['country'];
$city = $geoIpInfo['city'];
$query = $wpdb->prepare("INSERT INTO " . WsdPlugin::getTableName(WpsSettings::LIVE_TRAFFIC_TABLE_NAME) . " (entryTime, entryIp, entryReferrer, entryUA, entryRequestedUrl, entryCountry, entryCity, blogId)\n VALUES(CURRENT_TIMESTAMP, %s, %s, %s, %s, %s, %s, %d)", $ip, $referrer, $ua, $url, $country, $city, $blogID);
if (false === @$wpdb->query($query)) {
return;
}
$numEvents = 0;
$optData = WpsOption::getOption(WpsSettings::LIVE_TRAFFIC_ENTRIES);
if (empty($optData)) {
WpsOption::addOption(WpsSettings::LIVE_TRAFFIC_ENTRIES, $numEvents);
} else {
$numEvents = intval($optData);
}
WpsOption::updateOption(WpsSettings::LIVE_TRAFFIC_ENTRIES, $numEvents + 1);
}
function wpsIsValidInstall()
{
if (wpsIsMultisite()) {
$_ = WpsOption::getOption('WPS_NETWORK_INSTALL');
if (empty($_)) {
return false;
}
}
return true;
}
/**
* @internal
* @param $userID
*/
public static function _watchUserInfoUpdated($userID)
{
// If an admin user's password has been updated
if (!empty($_POST['pass1'])) {
$userInfo = self::_getUserInfo($userID);
$userName = $userInfo['userName'];
$userRole = $userInfo['userRole'];
if ($userRole == 'administrator') {
global $wpsPluginAlertsArray;
$actionName = $wpsPluginAlertsArray['watch_admin_password_update']['name'];
$alertType = $wpsPluginAlertsArray['watch_admin_password_update']['type'];
if (wpsIsMultisite()) {
global $wpdb;
$blogID = $wpdb->blogid;
$blogName = WpsOption::getOption('blogname', $blogID);
self::alert($actionName, $alertType, WpsSettings::ALERT_MEDIUM, sprintf(__('Administrator (<strong>%s</strong>) of blog <strong>%s</strong> has updated their password.', WpsSettings::TEXT_DOMAIN), $userName, $blogName), __('<p>This alert is generated every time an administrator\'s password is updated.</p>', WpsSettings::TEXT_DOMAIN));
} else {
self::alert($actionName, $alertType, WpsSettings::ALERT_MEDIUM, sprintf(__('Administrator (<strong>%s</strong>) has updated their password.', WpsSettings::TEXT_DOMAIN), $userName), __('<p>This alert is generated every time an administrator\'s password is updated.</p>', WpsSettings::TEXT_DOMAIN));
}
}
}
}
require 'res/inc/WsdCheck.php';
require 'res/inc/WsdScheduler.php';
require 'res/inc/WsdWatch.php';
require 'res/inc/WsdLiveTraffic.php';
require 'res/inc/WsdWpScanner.php';
require 'res/inc/wss-functions.php';
//#!--
if (wpsIsMultisite()) {
add_action('network_admin_menu', 'wpsCreateNetworkMenu');
add_action('admin_menu', 'wpsCreateSiteMenu');
} else {
add_action('admin_menu', 'wpsCreateNetworkMenu');
}
add_action('init', array('WsdUtil', 'loadPluggable'));
add_action('init', array('WsdPlugin', 'loadResources'));
$wpsCanRun = (bool) WpsOption::getOption(WpsSettings::CAN_RUN_TASKS_OPTION_NAME);
if ($wpsCanRun) {
add_action('init', array('WsdLiveTraffic', 'registerHit'));
add_action('wp_ajax_ajaxGetTrafficData', array('WsdLiveTraffic', 'ajaxGetTrafficData'));
add_action('wp_ajax_nopriv_ajaxGetTrafficData', array('WsdLiveTraffic', 'ajaxGetTrafficData'));
}
add_action('wp_ajax_ajaxDeleteBackupFile', array('WsdUtil', 'ajaxDeleteBackupFile'));
add_action('wp_dashboard_setup', array('WsdUtil', 'addDashboardWidget'));
register_activation_hook(__FILE__, 'wpsNetworkActivate');
register_deactivation_hook(__FILE__, 'wpsNetworkDeactivate');
register_uninstall_hook(__FILE__, array('WsdPlugin', 'uninstall'));
//#++
// Add custom links on plugins page
function wssCustomLinks($links)
{
if (wpsIsValidInstall()) {
public static function stopScan($completed = false, $failReason = '')
{
$scanID = self::$_scanID;
if (empty($scanID)) {
$optData = WpsOption::getOption(WpsSettings::WP_FILE_SCAN_OPTION_NAME);
if (empty($optData)) {
wssLog('Empty $optData. Checking db table for any incomplete scan.');
$sid = WsdWpScanner::getLastScanID_table();
if (empty($sid)) {
wssLog('No incomplete scans found either.');
return;
} else {
wssLog("Incomplete scan found: {$sid}");
$scanID = $sid;
}
} else {
$scanID = $optData['SCAN_ID'];
if (empty($scanID)) {
return;
}
}
}
$m = __METHOD__ . '() ';
wssLog($m . 'triggered.');
if ($completed) {
self::_markScanCompleted();
} else {
wssLog('Fail reason: ' . $failReason);
self::_markScanFailed($scanID, $failReason);
}
WsdWPScanSettings::deleteSettings();
wssLog('Scan (' . $scanID . ') marked as ' . ($completed ? 'completed' : 'failed') . ' and options deleted.' . PHP_EOL . str_repeat('=', 50));
}
/**
* @public
* @static
* Add the rss widget to dashboard
* @return void
*/
static function addDashboardWidget()
{
$rssWidgetData = WpsOption::getOption('WSD-RSS-WGT-DISPLAY');
if ($rssWidgetData == 'yes') {
if (wpsIsMultisite()) {
global $wpdb;
$old_blog = $wpdb->blogid;
// Get all blog ids
$blogIds = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
foreach ($blogIds as $blog_id) {
switch_to_blog($blog_id);
wp_add_dashboard_widget('acx_plugin_dashboard_widget', __('Acunetix news and updates', WpsSettings::TEXT_DOMAIN), array('WsdUtil', 'displayDashboardWidget'));
}
switch_to_blog($old_blog);
wp_add_dashboard_widget('acx_plugin_dashboard_widget', __('Acunetix news and updates', WpsSettings::TEXT_DOMAIN), array('WsdUtil', 'displayDashboardWidget'));
} else {
wp_add_dashboard_widget('acx_plugin_dashboard_widget', __('Acunetix news and updates', WpsSettings::TEXT_DOMAIN), array('WsdUtil', 'displayDashboardWidget'));
}
}
}
}
/**
* @public
* @param $optName
* @param $getMaxRssEntries
*/
function wpsPlugin_handleDisplayRssData($optName, $getMaxRssEntries)
{
$data = wpsPlugin_GetFeedData($getMaxRssEntries);
wpsPlugin_updateRssFeedOption($optName, $data);
echo str_ireplace("url('rss.png')", "url('" . WsdUtil::imageUrl('rss.png') . "')", $data);
}
$optName = WpsSettings::BLOG_DATA_OPTION_NAME;
$getMaxRssEntries = 10;
//@ check cache
$optData = WpsOption::getOption($optName);
if (empty($optData)) {
wpsPlugin_handleDisplayRssData($optName, $getMaxRssEntries);
} else {
// check cache expiry date
if (is_object($optData)) {
$lastUpdateTime = @$optData->expires;
// invalid cache: UPDATE
if (empty($lastUpdateTime)) {
wpsPlugin_handleDisplayRssData($optName, $getMaxRssEntries);
} else {
$nextUpdateTime = $lastUpdateTime + 24 * 60 * 60;
if ($nextUpdateTime >= $lastUpdateTime) {
$data = @$optData->data;
if (empty($data)) {
wpsPlugin_handleDisplayRssData($optName, $getMaxRssEntries);
static function activate()
{
wssLog(__METHOD__ . '() executed');
global $wpdb;
$charset_collate = '';
if (!empty($wpdb->charset)) {
$charset_collate = "DEFAULT CHARACTER SET {$wpdb->charset}";
}
if (!empty($wpdb->collate)) {
$charset_collate .= " COLLATE {$wpdb->collate}";
}
// MUST HAVE "CREATE" RIGHTS if a table is not found and needs to be created
$rights = WsdInfoServer::getDatabaseUserAccessRights();
wssLog('USER RIGHTS', $rights);
$hasCreateRight = in_array('CREATE', $rights['rightsHaving']);
// Must have alter right for updating table
$hasAlterRight = in_array('CREATE', $rights['rightsHaving']);
$table1 = self::getTableName(WpsSettings::ALERTS_TABLE_NAME);
$table2 = self::getTableName(WpsSettings::LIVE_TRAFFIC_TABLE_NAME);
$table3 = self::getTableName(WpsSettings::SCAN_TABLE_NAME);
$table4 = self::getTableName(WpsSettings::SCANS_TABLE_NAME);
if (!WsdUtil::tableExists($table1)) {
wssLog("table not found: {$table1}");
if (!$hasCreateRight) {
wssLog("user has no create right. cannot create table: {$table1}");
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>: The database user needs the '<strong>CREATE</strong>' right in order to install this plugin.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
$query1 = "CREATE TABLE IF NOT EXISTS {$table1} (\n `alertId` INT UNSIGNED NOT NULL AUTO_INCREMENT ,\n `alertType` TINYINT NOT NULL DEFAULT 0 ,\n `alertSeverity` INT NOT NULL DEFAULT 0 ,\n `alertActionName` VARCHAR (255) NOT NULL,\n `alertTitle` VARCHAR(255) NOT NULL ,\n `alertDescription` TEXT NOT NULL ,\n `alertSolution` TEXT NOT NULL ,\n `alertDate` DATETIME NOT NULL default '0000-00-00 00:00:00',\n `alertFirstSeen` DATETIME NOT NULL default '0000-00-00 00:00:00',\n PRIMARY KEY (`alertId`) ,\n UNIQUE INDEX `alertId_UNIQUE` (`alertId` ASC) ) {$charset_collate};";
$result = @$wpdb->query($query1);
if ($result === false) {
//#! MySQL error
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$query1}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
wssLog("table created: {$table1}");
}
$alterCheck = true;
if (!WsdUtil::tableExists($table2)) {
wssLog("table not found: {$table2}");
if (!$hasCreateRight) {
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>: The database user needs the '<strong>CREATE</strong>' right in order to install this plugin.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
$query2 = "CREATE TABLE IF NOT EXISTS {$table2} (\n `entryId` bigint(20) unsigned NOT NULL auto_increment,\n `entryTime` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',\n `entryIp` text,\n `entryReferrer` text,\n `entryUA` text,\n `entryRequestedUrl` text,\n `entryCountry` varchar(125) not null,\n `entryCity` varchar(125) not null,\n `blogId` INT(10) NOT NULL DEFAULT 1,\n PRIMARY KEY (entryId)) {$charset_collate};";
$result = @$wpdb->query($query2);
if ($result === false) {
//#! MySQL error
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$query2}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
$alterCheck = false;
wssLog("table created: {$table2}.");
}
if ($alterCheck) {
wssLog("Alter check needed for {$table2}.");
if (!$hasAlterRight) {
wssLog('NO ALTER RIGHT');
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>: The database user needs the '<strong>ALTER</strong>' right in order to install this plugin.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
// Get columns
$query = "SHOW COLUMNS FROM {$table2}";
$cols = $wpdb->get_results($query, ARRAY_A);
$columns = array();
if (empty($cols)) {
wssLog("Could not retrieve columns from table: {$table2}");
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$query}</pre></strong>. Please inform the plugin author about this error.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
foreach ($cols as $i => $values) {
if (isset($values['Field']) && !empty($values['Field'])) {
array_push($columns, $values['Field']);
}
}
$entryCountryExists = $entryCityExists = $blogIdExists = false;
if (in_array('entryCountry', $columns)) {
$entryCountryExists = true;
}
if (in_array('entryCity', $columns)) {
$entryCityExists = true;
}
if (in_array('blogId', $columns)) {
$blogIdExists = true;
}
//## Check for column: entryCountry
wssLog("Checking for column: entryCountry");
if (!$entryCountryExists) {
// alter table
$q = "ALTER TABLE {$table2} ADD COLUMN `entryCountry` VARCHAR(125) NOT NULL DEFAULT '' AFTER `entryRequestedUrl`;";
$result = @$wpdb->query($q);
if ($result === false) {
wssLog('MySql error: ' . mysql_error());
wssLog("Error running query: {$q}");
//#! MySQL error
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$q}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
wssLog("Column: entryCountry not found in table {$table2}. but was added.");
} else {
wssLog("column already exists: entryCountry");
}
//## Check for column: entryCity
wssLog("Checking for column: entryCity");
if (!$entryCityExists) {
$q = "ALTER TABLE {$table2} ADD COLUMN `entryCity` VARCHAR(125) NOT NULL DEFAULT '' AFTER `entryCountry`;";
$result = @$wpdb->query($q);
if ($result === false) {
//#! MySQL error
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$q}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
wssLog("Column: entryCity not found in table {$table2}. but was added.");
} else {
wssLog("column already exists: entryCity");
}
//## Check for column: blogId
wssLog("Checking for column: blogId");
if (!$blogIdExists) {
$q = "ALTER TABLE {$table2} ADD COLUMN `blogId` INT(10) NOT NULL DEFAULT 1 AFTER `entryCity`;";
$result = @$wpdb->query($q);
if ($result === false) {
//#! MySQL error
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$q}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
wssLog("Column: blogId not found in table {$table2}. but was added.");
} else {
wssLog("column already exists: blogid");
}
wssLog("{$table2} updated successfully");
}
if (!WsdUtil::tableExists($table3)) {
wssLog("table not found: {$table3}");
if (!$hasCreateRight) {
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>: The database user needs the '<strong>CREATE</strong>' right in order to install this plugin.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
$query3 = "CREATE TABLE IF NOT EXISTS {$table3} (\n `entryId` BIGINT NOT NULL AUTO_INCREMENT ,\n `scanId` INT NOT NULL ,\n `filePath` VARCHAR(1000) NOT NULL ,\n `dateModified` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' ,\n `fileNotFound` TINYINT NOT NULL DEFAULT 0,\n PRIMARY KEY (`entryId`) ,\n UNIQUE INDEX `entryId_UNIQUE` (`entryId` ASC) ) {$charset_collate};";
$result = @$wpdb->query($query3);
if ($result === false) {
//#! MySQL error
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$query3}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
wssLog("table created: {$table3}.");
}
if (!WsdUtil::tableExists($table4)) {
wssLog("table not found: {$table4}");
if (!$hasCreateRight) {
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>: The database user needs the '<strong>CREATE</strong>' right in order to install this plugin.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
$query4 = "CREATE TABLE {$table4} (\n `scanId` INT NOT NULL AUTO_INCREMENT ,\n `scanStartDate` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',\n `scanEndDate` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',\n `scanResult` INT NOT NULL DEFAULT 0,\n `failReason` VARCHAR(5000) NOT NULL DEFAULT '',\n `scanType` int(11) NOT NULL DEFAULT '0',\n PRIMARY KEY (`scanId`) ) {$charset_collate};";
$result = @$wpdb->query($query4);
if ($result === false) {
//#! MySQL error
$notices = WpsOption::getOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, array());
$notices[] = '<strong>' . WPS_PLUGIN_NAME . "</strong>. Error running query: <strong><pre>{$query4}</pre></strong>.";
WpsOption::updateOption(WpsSettings::PLUGIN_ERROR_NOTICE_OPTION, $notices);
return false;
}
}
WpsOption::addOption(WpsSettings::CAN_RUN_TASKS_OPTION_NAME, 1);
return true;
}
WpsOption::updateOption('WSD-RSS-WGT-DISPLAY', 'yes');
}
// live traffic
$liveTrafficEnabled = isset($_POST['chk_lt_display']) ? intval($_POST['chk_lt_display']) : 0;
if (empty($liveTrafficEnabled)) {
// hide
$enableLiveTraffic = false;
WpsOption::updateOption(WpsSettings::ENABLE_LIVE_TRAFFIC, false);
} else {
// show
$enableLiveTraffic = true;
WpsOption::updateOption(WpsSettings::ENABLE_LIVE_TRAFFIC, true);
wssLog("Live traffic tool enabled.");
}
WpsOption::updateOption(WpsSettings::PLUGIN_SETTINGS_OPTION_NAME, $settings);
$settings = WpsOption::getOption(WpsSettings::PLUGIN_SETTINGS_OPTION_NAME);
} elseif (isset($_POST['deleteRssDataButton'])) {
WpsOption::deleteOption(WpsSettings::FEED_DATA_OPTION_NAME);
}
}
?>
<div class="wrap wsdplugin_content">
<h2><?php
echo WPS_PLUGIN_NAME . ' - ' . __('Settings', WpsSettings::TEXT_DOMAIN);
?>
</h2>
<p class="clear"></p>
<div style="clear: both; display: block;">
<div class="metabox-holder">
<div class="inner-sidebar1 postbox">
<?php
/*/#! Check for install errors */
if (!wpsCanDisplayPage()) {
return;
}
$liveTrafficToolEnabled = WpsOption::getOption(WpsSettings::ENABLE_LIVE_TRAFFIC);
if ($liveTrafficToolEnabled) {
$refreshRates = array(0, 5, 10, 15, 20, 25, 30);
$settings = array(WpsOption::getOption('WPS_KEEP_NUM_ENTRIES_LT'), WpsOption::getOption('WPS_REFRESH_RATE_AJAX_LT'));
$rm = strtoupper($_SERVER['REQUEST_METHOD']);
if ('POST' == $rm) {
// check nonce
if (isset($_POST['wsdplugin_update_settings_field'])) {
if (!wp_verify_nonce($_POST['wsdplugin_update_settings_field'], 'wsdplugin_update_settings')) {
exit('Invalid request.');
}
} else {
exit('Invalid request.');
}
function wpsPluginValidateSettingsForm($refreshRates)
{
if (isset($_POST['max_number_live_traffic']) && isset($_POST['refreshRateOption'])) {
// validate input $_POST['max_number_live_traffic']
$keepNumEntriesLiveTraffic = intval($_POST['max_number_live_traffic']);
if ($keepNumEntriesLiveTraffic == 0) {
$keepNumEntriesLiveTraffic = 0;
} elseif (!preg_match("/[0-9]{1,5}/", $keepNumEntriesLiveTraffic)) {
$keepNumEntriesLiveTraffic = 500;
}
// validate input $_POST['refreshRateOption']
