/**
* Perform an action based on the request
*
* @return void
*/
private function do_action()
{
global $wpdb;
$sendback = remove_query_arg(array('intrusions', 'deleted', 'excluded'), wp_get_referer());
// Handle bulk actions //hassan added action
if (isset($_GET['doaction']) || isset($_GET['doaction2'])) {
//check_admin_referer( 'hmwp_ms_action_intrusions_bulk' );
if (($_GET['action'] != '' || $_GET['action2'] != '') && isset($_GET['page'])) {
if (isset($_GET['intrusions'])) {
$intrusion_ids = $_GET['intrusions'];
}
$doaction = $_GET['action'] != '' ? $_GET['action'] : $_GET['action2'];
} else {
wp_redirect(admin_url('index.php?page=hmwp_ms_intrusions'));
exit;
}
switch ($doaction) {
case 'bulk_delete':
$deleted = 0;
foreach ((array) $intrusion_ids as $intrusion_id) {
if (!current_user_can('activate_plugins')) {
wp_die(__('You are not allowed to delete this item.', 'mute-screamer'));
}
$sql = $wpdb->prepare('DELETE FROM ' . $wpdb->hmwp_ms_intrusions . ' WHERE id = %d', $intrusion_id);
$result = $wpdb->query($sql);
if (!$result) {
wp_die(__('Error in deleting...', 'mute-screamer'));
}
$deleted++;
}
$sendback = add_query_arg('deleted', $deleted, $sendback);
break;
case 'bulk_exclude':
$excluded = 0;
foreach ((array) $intrusion_ids as $intrusion_id) {
if (!current_user_can('activate_plugins')) {
wp_die(__('You are not allowed to exclude this item.', 'mute-screamer'));
}
// Get the intrusion field to exclude
$sql = $wpdb->prepare("SELECT name FROM {$wpdb->hmwp_ms_intrusions} WHERE id = %d", $intrusion_id);
$result = $wpdb->get_row($sql);
if (!$result) {
wp_die(__('Error in excluding...', 'mute-screamer'));
}
$hmwp_ms = HMWP_MS_IDS::instance();
$exceptions = $hmwp_ms->opt('exception_fields');
$exceptions = explode("\n", $exceptions);
// Exception fields array must not contain an empty string
// otherwise all fields will be excepted
foreach ($exceptions as $k => $v) {
if (strlen($exceptions[$k]) == 0) {
unset($exceptions[$k]);
}
}
// Only add the field once
if (!in_array(trim($result->name, ' /'), $exceptions)) {
$exceptions[] = trim($result->name, '/ ');
}
$exceptions = implode("\n", array_unique($exceptions));
$hmwp_ms->set_opt('exception_fields', $exceptions);
$excluded++;
}
$sendback = add_query_arg('excluded', $excluded, $sendback);
break;
}
if (isset($_GET['action'])) {
$sendback = remove_query_arg(array('action', 'action2', 'intrusions'), $sendback);
}
wp_redirect($sendback);
exit;
} else {
if (isset($_GET['action']) && $_GET['action'] == 'delete_all') {
$result = $wpdb->query("Truncate table {$wpdb->hmwp_ms_intrusions}");
if (!$result) {
wp_die(__('Error in deleting all logs...', 'mute-screamer'));
}
$sendback = remove_query_arg(array('action'), wp_get_referer());
$sendback = add_query_arg('all_deleted', '1', $sendback);
wp_redirect($sendback);
exit;
} else {
if (!empty($_GET['_wp_http_referer'])) {
wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));
exit;
}
}
}
// Handle other actions
$action = HMWP_MS_Utils::get('action');
$id = (int) HMWP_MS_Utils::get('intrusion');
if (!$action) {
return;
}
switch ($action) {
case 'exclude':
check_admin_referer('hmwp_ms_action_exclude_intrusion');
if (!current_user_can('activate_plugins')) {
wp_die(__('You are not allowed to exclude this item.', 'mute-screamer'));
}
// Get the intrusion field to exclude
$sql = $wpdb->prepare("SELECT name FROM {$wpdb->hmwp_ms_intrusions} WHERE id = %d", $id);
$result = $wpdb->get_row($sql);
if (!$result) {
wp_die(__('Error in excluding...', 'mute-screamer'));
}
$hmwp_ms = HMWP_MS_IDS::instance();
$exceptions = $hmwp_ms->opt('exception_fields');
(array) ($exceptions = explode("\n", $exceptions));
// Exception fields array must not contain an empty string
// otherwise all fields will be excepted
foreach ($exceptions as $k => $v) {
if (strlen($exceptions[$k]) == 0) {
unset($exceptions[$k]);
}
}
// Only add the field once
if (!in_array(trim($result->name, ' '), $exceptions)) {
$exceptions[] = trim($result->name, ' ');
}
$exceptions = implode("\n", array_unique($exceptions));
$hmwp_ms->set_opt('exception_fields', $exceptions);
$sendback = add_query_arg('excluded', '1', $sendback);
break;
case 'delete':
check_admin_referer('hmwp_ms_action_delete_intrusion');
if (!current_user_can('activate_plugins')) {
wp_die(__('You are not allowed to delete this item.', 'mute-screamer'));
}
$sql = $wpdb->prepare('DELETE FROM ' . $wpdb->hmwp_ms_intrusions . ' WHERE id = %d', $id);
$result = $wpdb->query($sql);
if (!$result) {
wp_die(__('Error in deleting...', 'mute-screamer'));
}
$sendback = add_query_arg('deleted', 1, $sendback);
break;
}
wp_redirect($sendback);
exit;
}
/**
* This is in an iframe
*
* @return void
*/
public function do_upgrade_run()
{
$upgrade_files = array('default_filter.xml', 'Converter.php');
$files = HMWP_MS_Utils::get('files');
$files = explode(',', $files);
if (!current_user_can('update_plugins')) {
wp_die(__('You do not have sufficient permissions to update Mute Screamer for this site.', 'mute-screamer'));
}
check_admin_referer('bulk-update-hmwp_ms');
// Valid files to upgrade?
foreach ($files as $key => $val) {
if (!in_array($val, $upgrade_files)) {
wp_die(sprintf(__("%s can't be upgraded.", 'mute-screamer'), esc_html($val)));
}
// Fetch file contents from cache
$files[$val] = $this->remote_get($this->updates['updates'][$val]->revision_file_url);
unset($files[$key]);
// Remove existing integer based index
}
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
require_once 'hmwp_ms/Upgrader.php';
wp_enqueue_script('jquery');
iframe_header();
$upgrader = new HMWP_MS_Upgrader();
$res = $upgrader->upgrade($files);
// All good? Clear the update array, reset transients
if ($res) {
// Remove the files we updated from the update array
foreach ($files as $key => $file) {
unset($this->updates['updates'][$key]);
}
// Did we update everything?
// Only clear the update array and cache if there are no files left to update
if (empty($this->updates['updates'])) {
$this->updates['updates'] = array();
delete_site_transient('hmwp_ms_requests_cache');
}
set_site_transient('hmwp_ms_update', $this->updates, $this->timeout);
}
iframe_footer();
}
