/**
* Update or append the requested file with the supplied contents.
*
* @since 1.15.0
*
* @param string $file Full path to config file to update.
* @param string $contents Contents to write to the file.
* @param bool $append Optional. Set to true to append contents to the file. Defaults to false.
* @return bool|WP_Error Boolean true on success, WP_Error object otherwise.
*/
public static function write($file, $contents, $append = false)
{
$callable = array();
if (ITSEC_Lib_Utility::is_callable_function('fopen') && ITSEC_Lib_Utility::is_callable_function('fwrite') && ITSEC_Lib_Utility::is_callable_function('flock')) {
$callable[] = 'fopen';
}
if (ITSEC_Lib_Utility::is_callable_function('file_put_contents')) {
$callable[] = 'file_put_contents';
}
if (empty($callable)) {
return new WP_Error('itsec-lib-file-write-no-callable-functions', sprintf(__('%s could not be written. Both the fopen/fwrite/flock and file_put_contents functions are disabled on the server. This is a server configuration issue that must be resolved before iThemes Security can write files.', 'it-l10n-better-wp-security'), $file));
}
if (ITSEC_Lib_Directory::is_dir($file)) {
return new WP_Error('itsec-lib-file-write-path-exists-as-directory', sprintf(__('%s could not be written as a file. The requested path already exists as a directory. The directory must be removed or a new file name must be chosen before the file can be written.', 'it-l10n-better-wp-security'), $file));
}
if (!ITSEC_Lib_Directory::is_dir(dirname($file))) {
$result = ITSEC_Lib_Directory::create(dirname($file));
if (is_wp_error($result)) {
return $result;
}
}
$file_existed = self::is_file($file);
$success = false;
// Different permissions to try in case the starting set of permissions are prohibiting write.
$trial_perms = array(false, 0644, 0664, 0666);
foreach ($trial_perms as $perms) {
if (false !== $perms) {
if (!isset($original_file_perms)) {
$original_file_perms = self::get_permissions($file);
}
self::chmod($file, $perms);
}
if (in_array('fopen', $callable)) {
if ($append) {
$mode = 'ab';
} else {
$mode = 'wb';
}
if (false !== ($fh = @fopen($file, $mode))) {
flock($fh, LOCK_EX);
mbstring_binary_safe_encoding();
$data_length = strlen($contents);
$bytes_written = @fwrite($fh, $contents);
reset_mbstring_encoding();
@flock($fh, LOCK_UN);
@fclose($fh);
if ($data_length === $bytes_written) {
$success = true;
}
}
}
if (!$success && in_array('file_put_contents', $callable)) {
if ($append) {
$flags = FILE_APPEND;
} else {
$flags = 0;
}
mbstring_binary_safe_encoding();
$data_length = strlen($contents);
$bytes_written = @file_put_contents($file, $contents, $flags);
reset_mbstring_encoding();
if ($data_length === $bytes_written) {
$success = true;
}
}
if ($success) {
if (!$file_existed) {
// Set default file permissions for the new file.
self::chmod($file, self::get_default_permissions());
} else {
if (isset($original_file_perms) && !is_wp_error($original_file_perms)) {
// Reset the original file permissions if they were modified.
self::chmod($file, $original_file_perms);
}
}
return true;
}
if (!$file_existed) {
// If the file is new, there is no point attempting different permissions.
break;
}
}
return new WP_Error('itsec-lib-file-write-file-put-contents-failed', sprintf(__('%s could not be written. This could be due to a permissions issue. Ensure that PHP runs as a user that has permission to write to this location.', 'it-l10n-better-wp-security'), $file));
}
/**
* Executes backup function.
*
* Handles the execution of database backups.
*
* @since 4.0.0
*
* @param bool $one_time whether this is a one-time backup
*
* @return void
*/
private function execute_backup($one_time = false)
{
global $wpdb, $itsec_globals, $itsec_logger;
//get all of the tables
if (isset($this->settings['all_sites']) && true === $this->settings['all_sites']) {
$tables = $wpdb->get_results('SHOW TABLES', ARRAY_N);
//retrieve a list of all tables in the DB
} else {
$tables = $wpdb->get_results('SHOW TABLES LIKE "' . $wpdb->base_prefix . '%"', ARRAY_N);
//retrieve a list of all tables for this WordPress installation
}
$return = '';
//cycle through each table
foreach ($tables as $table) {
$num_fields = sizeof($wpdb->get_results('DESCRIBE `' . $table[0] . '`;'));
$return .= 'DROP TABLE IF EXISTS `' . $table[0] . '`;';
$row2 = $wpdb->get_row('SHOW CREATE TABLE `' . $table[0] . '`;', ARRAY_N);
$return .= PHP_EOL . PHP_EOL . $row2[1] . ";" . PHP_EOL . PHP_EOL;
if (!in_array(substr($table[0], strlen($wpdb->prefix)), $this->settings['exclude'])) {
$result = $wpdb->get_results('SELECT * FROM `' . $table[0] . '`;', ARRAY_N);
foreach ($result as $row) {
$return .= 'INSERT INTO `' . $table[0] . '` VALUES(';
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = preg_replace('#' . PHP_EOL . '#', "\n", $row[$j]);
if (isset($row[$j])) {
$return .= '"' . $row[$j] . '"';
} else {
$return .= '""';
}
if ($j < $num_fields - 1) {
$return .= ',';
}
}
$return .= ");" . PHP_EOL;
}
}
$return .= PHP_EOL . PHP_EOL;
}
$return .= PHP_EOL . PHP_EOL;
//save file
$file = 'backup-' . substr(sanitize_title(get_bloginfo('name')), 0, 20) . '-' . current_time('Ymd-His') . '-' . wp_generate_password(30, false);
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php';
$dir = $this->settings['location'];
ITSEC_Lib_Directory::create($dir);
$fileext = '.sql';
$handle = @fopen($dir . '/' . $file . '.sql', 'w+');
@fwrite($handle, $return);
@fclose($handle);
//zip the file
if (true === $this->settings['zip']) {
if (!class_exists('PclZip')) {
require ABSPATH . 'wp-admin/includes/class-pclzip.php';
}
$zip = new PclZip($dir . '/' . $file . '.zip');
if (0 != $zip->create($dir . '/' . $file . '.sql', PCLZIP_OPT_REMOVE_PATH, $dir)) {
//delete .sql and keep zip
@unlink($dir . '/' . $file . '.sql');
$fileext = '.zip';
}
}
if (2 !== $this->settings['method'] || true === $one_time) {
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-mailer.php';
$mail = new ITSEC_Mail();
$mail->add_header(esc_html__('Database Backup', 'better-wp-security'), sprintf(wp_kses(__('Site Database Backup for <b>%s</b>', 'better-wp-security'), array('b' => array())), date_i18n(get_option('date_format'))));
$mail->add_info_box(esc_html__('Attached is the database backup file for your site.', 'better-wp-security'), 'attachment');
$mail->add_section_heading(esc_html__('Website', 'better-wp-security'));
$mail->add_text(esc_html(network_home_url()));
$mail->add_section_heading(esc_html__('Date', 'better-wp-security'));
$mail->add_text(esc_html(date_i18n(get_option('date_format'))));
$mail->add_footer();
$raw_recipients = ITSEC_Modules::get_setting('global', 'backup_email');
$recipients = array();
foreach ($raw_recipients as $recipient) {
$recipient = trim($recipient);
if (is_email($recipient)) {
$recipients[] = $recipient;
}
}
$subject = sprintf(esc_html__('[%s] Database Backup', 'better-wp-security'), esc_url(network_home_url()));
$subject = apply_filters('itsec_backup_email_subject', $subject);
$attachment = array("{$dir}/{$file}{$fileext}");
$mail_success = $mail->send($recipients, $subject, $attachment);
}
if (1 === $this->settings['method']) {
@unlink($dir . '/' . $file . $fileext);
} else {
$retain = isset($this->settings['retain']) ? absint($this->settings['retain']) : 0;
//delete extra files
if (0 < $retain) {
$files = scandir($dir, 1);
$count = 0;
if (is_array($files) && 0 < count($files)) {
foreach ($files as $file) {
if (strstr($file, 'backup')) {
if ($count >= $retain) {
@unlink(trailingslashit($dir) . $file);
}
$count++;
}
}
}
}
}
if (false === $one_time) {
ITSEC_Modules::set_setting('backup', 'last_run', ITSEC_Core::get_current_time_gmt());
}
switch ($this->settings['method']) {
case 0:
if (false === $mail_success) {
$status = array('status' => __('Error', 'better-wp-security'), 'details' => __('saved locally but email to backup recipients could not be sent.', 'better-wp-security'));
} else {
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('emailed to backup recipients and saved locally', 'better-wp-security'));
}
break;
case 1:
if (false === $mail_success) {
$status = array('status' => __('Error', 'better-wp-security'), 'details' => __('email to backup recipients could not be sent.', 'better-wp-security'));
} else {
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('emailed to backup recipients', 'better-wp-security'));
}
break;
default:
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('saved locally', 'better-wp-security'));
break;
}
$itsec_logger->log_event('backup', 3, array($status));
}
protected final function sanitize_setting($type, $var, $name, $prevent_save_on_error = true, $trim_value = true)
{
$id = $this->get_id();
if (!isset($this->settings[$var])) {
$this->add_error(new WP_Error("itsec-validator-missing-var-{$id}-{$var}", sprintf(__('A validation check for %1$s failed. The %2$s value is missing. This could be due to a problem with the iThemes Security installation or an invalid modification. Please reinstall iThemes Security and try again.', 'better-wp-security'), $id, $name)));
return false;
}
if ($trim_value && is_string($this->settings[$var])) {
$this->settings[$var] = trim($this->settings[$var]);
}
$error = false;
if ('string' === $type) {
$this->settings[$var] = (string) $this->settings[$var];
} else {
if ('non-empty-string' === $type) {
$this->settings[$var] = (string) $this->settings[$var];
if (empty($this->settings[$var])) {
$error = sprintf(__('The %1$s value cannot be empty.', 'better-wp-security'), $name);
}
} else {
if ('title' === $type) {
$this->settings[$var] = sanitize_title($this->settings[$var]);
} else {
if ('non-empty-title' === $type) {
$this->settings[$var] = sanitize_title($this->settings[$var]);
if (empty($this->settings[$var])) {
$error = sprintf(__('The %1$s value cannot be empty.', 'better-wp-security'), $name);
}
} else {
if ('array' === $type) {
if (!is_array($this->settings[$var])) {
if (empty($this->settings[$var])) {
$this->settings[$var] = array();
} else {
$this->settings[$var] = array($this->settings[$var]);
}
}
} else {
if ('bool' === $type) {
if ('false' === $this->settings[$var]) {
$this->settings[$var] = false;
} else {
if ('true' === $this->settings[$var]) {
$this->settings[$var] = true;
} else {
$this->settings[$var] = (bool) $this->settings[$var];
}
}
} else {
if ('int' === $type) {
$test_val = intval($this->settings[$var]);
if ((string) $test_val === (string) $this->settings[$var]) {
$this->settings[$var] = $test_val;
} else {
$error = sprintf(__('The %1$s value must be an integer.', 'better-wp-security'), $name);
}
} else {
if ('positive-int' === $type) {
$test_val = intval($this->settings[$var]);
if ((string) $test_val === (string) $this->settings[$var] && $test_val >= 0) {
$this->settings[$var] = $test_val;
} else {
$error = sprintf(__('The %1$s value must be a positive integer.', 'better-wp-security'), $name);
}
} else {
if ('email' === $type) {
$this->settings[$var] = sanitize_text_field($this->settings[$var]);
if (empty($this->settings[$var]) || !is_email($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a valid email address.', 'better-wp-security'), $name);
}
} else {
if ('valid-username' === $type) {
$this->settings[$var] = sanitize_text_field($this->settings[$var]);
if (!empty($this->settings[$var]) && !validate_username($this->settings[$var])) {
$error = sprintf(__('The %1$s value is not a valid username.', 'better-wp-security'), $name);
}
} else {
if ('date' === $type) {
$val = $this->settings[$var];
$separator = '[\\-/\\. ]';
if (preg_match("|^(\\d\\d\\d\\d){$separator}(\\d\\d?){$separator}(\\d\\d?)\$|", $val, $match)) {
$year = intval($match[1]);
$month = intval($match[2]);
$day = intval($match[3]);
if (!checkdate($month, $day, $year)) {
$error = sprintf(__('The %1$s value must be a valid date.', 'better-wp-security'), $name);
}
} else {
$error = sprintf(__('The %1$s value must be a valid date in the format of YYYY-MM-DD.', 'better-wp-security'), $name);
}
} else {
if ('writable-directory' === $type) {
if (!is_string($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string.', 'better-wp-security'), $name);
} else {
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php';
$this->settings[$var] = rtrim($this->settings[$var], DIRECTORY_SEPARATOR);
if (!ITSEC_Lib_Directory::is_dir($this->settings[$var])) {
$result = ITSEC_Lib_Directory::create($this->settings[$var]);
if (is_wp_error($result)) {
$error = sprintf(_x('The directory supplied in %1$s cannot be used as a valid directory. %2$s', '%1$s is the input name. %2$s is the error message.', 'better-wp-security'), $name, $result->get_error_message());
}
}
if (empty($error) && !ITSEC_Lib_Directory::is_writable($this->settings[$var])) {
$error = sprintf(__('The directory supplied in %1$s is not writable. Please select a directory that can be written to.', 'better-wp-security'), $name);
}
if (empty($error)) {
ITSEC_Lib_Directory::add_file_listing_protection($this->settings[$var]);
}
}
} else {
if ('writable-file' === $type) {
if (!is_string($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string.', 'better-wp-security'), $name);
} else {
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php';
if (!ITSEC_Lib_File::is_file($this->settings[$var]) && ITSEC_Lib_File::exists($this->settings[$var])) {
$error = sprintf(__('The file path supplied in %1$s cannot be used as it already exists but is not a file. Please supply a valid file path.', 'better-wp-security'), $name);
} else {
$result = ITSEC_Lib_Directory::create(dirname($this->settings[$var]));
if (is_wp_error($result)) {
$error = sprintf(_x('The file path supplied in %1$s cannot be used as the parent directory cannot be created. %2$s', '%1$s is the input name. %2$s is the error message.', 'better-wp-security'), $name, $result->get_error_message());
} else {
if (!ITSEC_Lib_File::exists($this->settings[$var])) {
$result = ITSEC_Lib_File::write($this->settings[$var], '');
if (is_wp_error($result)) {
$error = sprintf(__('The file path supplied in %1$s could not be created. Please supply a file path that can be written to.', 'better-wp-security'), $name);
} else {
if (!is_writable($this->settings[$var])) {
$error = sprintf(__('The file path supplied in %1$s was successfully created, but it cannot be updated. Please supply a file path that can be written to.', 'better-wp-security'), $name);
}
}
} else {
if (!is_writable($this->settings[$var])) {
$error = sprintf(__('The file path supplied in %1$s is not writable. Please supply a file path that can be written to.', 'better-wp-security'), $name);
}
}
}
}
}
} else {
if (is_array($type) && 2 === count($type) && $this === $type[0]) {
$this->settings[$var] = $this->convert_string_to_array($this->settings[$var]);
if (!is_array($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string with each entry separated by a new line.', 'better-wp-security'), $name);
} else {
$invalid_entries = array();
foreach ($this->settings[$var] as $index => $entry) {
$entry = sanitize_text_field(trim($entry));
$this->settings[$var][$index] = $entry;
if (empty($entry)) {
unset($this->settings[$var][$index]);
} else {
$result = call_user_func($type, $entry);
if (false === $result) {
$invalid_entries[] = $entry;
} else {
$this->settings[$var][$index] = $result;
}
}
}
$this->settings[$var] = array_unique($this->settings[$var]);
if (!empty($invalid_entries)) {
$error = wp_sprintf(_n('The following entry in %1$s is invalid: %2$l', 'The following entries in %1$s are invalid: %2$l', count($invalid_entries), 'better-wp-security'), $name, $invalid_entries);
}
}
} else {
if (is_array($type)) {
if (is_array($this->settings[$var])) {
$invalid_entries = array();
foreach ($this->settings[$var] as $index => $entry) {
$entry = sanitize_text_field(trim($entry));
$this->settings[$var][$index] = $entry;
if (empty($entry)) {
unset($this->settings[$var][$index]);
} else {
if (!in_array($entry, $type, true)) {
$invalid_entries[] = $entry;
}
}
}
$this->settings[$var] = array_unique($this->settings[$var]);
if (!empty($invalid_entries)) {
$error = wp_sprintf(_n('The following entry in %1$s is invalid: %2$l', 'The following entries in %1$s are invalid: %2$l', count($invalid_entries), 'better-wp-security'), $name, $invalid_entries);
}
} else {
if (!in_array($this->settings[$var], $type, true)) {
$error = wp_sprintf(_n('The valid value for %1$s is: %2$l.', 'The valid values for %1$s are: %2$l.', count($type), 'better-wp-security'), $name, $type);
$type = 'array';
}
}
} else {
if ('newline-separated-array' === $type) {
$this->settings[$var] = $this->convert_string_to_array($this->settings[$var]);
if (!is_array($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string with each entry separated by a new line.', 'better-wp-security'), $name);
}
} else {
if ('newline-separated-emails' === $type) {
$this->settings[$var] = $this->convert_string_to_array($this->settings[$var]);
if (!is_array($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string with each entry separated by a new line.', 'better-wp-security'), $name);
} else {
$invalid_emails = array();
foreach ($this->settings[$var] as $index => $email) {
$email = sanitize_text_field(trim($email));
$this->settings[$var][$index] = $email;
if (empty($email)) {
unset($this->settings[$var][$index]);
} else {
if (!is_email($email)) {
$invalid_emails[] = $email;
}
}
}
$this->settings[$var] = array_unique($this->settings[$var]);
if (!empty($invalid_emails)) {
$error = wp_sprintf(_n('The following email in %1$s is invalid: %2$l', 'The following emails in %1$s are invalid: %2$l', count($invalid_emails), 'better-wp-security'), $name, $invalid_emails);
}
}
} else {
if ('newline-separated-ips' === $type) {
$this->settings[$var] = $this->convert_string_to_array($this->settings[$var]);
if (!is_array($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string with each entry separated by a new line.', 'better-wp-security'), $name);
} else {
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-ip-tools.php';
$invalid_ips = array();
foreach ($this->settings[$var] as $index => $ip) {
$ip = trim($ip);
if ('' === $ip) {
unset($this->settings[$var][$index]);
} else {
$validated_ip = ITSEC_Lib_IP_Tools::ip_wild_to_ip_cidr($ip);
if (false === $validated_ip) {
$invalid_ips[] = $ip;
} else {
$this->settings[$var][$index] = $validated_ip;
}
}
}
$this->settings[$var] = array_unique($this->settings[$var]);
if (!empty($invalid_ips)) {
$error = wp_sprintf(_n('The following IP in %1$s is invalid: %2$l', 'The following IPs in %1$s are invalid: %2$l', count($invalid_ips), 'better-wp-security'), $name, $invalid_ips);
}
}
} else {
if ('newline-separated-extensions' === $type) {
$this->settings[$var] = $this->convert_string_to_array($this->settings[$var]);
if (!is_array($this->settings[$var])) {
$error = sprintf(__('The %1$s value must be a string with each entry separated by a new line.', 'better-wp-security'), $name);
} else {
$invalid_extensions = array();
foreach ($this->settings[$var] as $index => $extension) {
if (!preg_match('/^(\\.[^.]+)+$/', $extension)) {
$invalid_extensions[] = $extension;
}
}
$this->settings[$var] = array_unique($this->settings[$var]);
if (!empty($invalid_extensions)) {
$error = wp_sprintf(_n('The following extension in %1$s is invalid: %2$l', 'The following extensions in %1$s are invalid: %2$l', count($invalid_extensions), 'better-wp-security'), $name, $invalid_extensions);
}
}
} else {
/* translators: 1: sanitize type, 2: input name */
$error = sprintf(__('An invalid sanitize type of "%1$s" was received for the %2$s input.', 'better-wp-security'), $type, $name);
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
if (false !== $error) {
$this->add_error(new WP_Error("itsec-validator-{$id}-invalid-type-{$var}-{$type}", $error));
$this->vars_to_skip_validate_matching_types[] = $var;
if ($prevent_save_on_error) {
$this->set_can_save(false);
}
return false;
}
return true;
}
public static function get_storage_dir($dir = '')
{
$self = self::get_instance();
require_once self::get_core_dir() . '/lib/class-itsec-lib-directory.php';
if (!isset($self->storage_dir)) {
$wp_upload_dir = self::get_wp_upload_dir();
$self->storage_dir = $wp_upload_dir['basedir'] . '/ithemes-security/';
}
$dir = $self->storage_dir . $dir;
$dir = rtrim($dir, '/');
ITSEC_Lib_Directory::create($dir);
return $dir;
}
/**
* Executes backup function.
*
* Handles the execution of database backups.
*
* @since 4.0.0
*
* @param bool $one_time whether this is a one-time backup
*
* @return void
*/
private function execute_backup($one_time = false)
{
global $wpdb, $itsec_globals, $itsec_logger;
//get all of the tables
if (isset($this->settings['all_sites']) && true === $this->settings['all_sites']) {
$tables = $wpdb->get_results('SHOW TABLES', ARRAY_N);
//retrieve a list of all tables in the DB
} else {
$tables = $wpdb->get_results('SHOW TABLES LIKE "' . $wpdb->base_prefix . '%"', ARRAY_N);
//retrieve a list of all tables for this WordPress installation
}
$return = '';
//cycle through each table
foreach ($tables as $table) {
$num_fields = sizeof($wpdb->get_results('DESCRIBE `' . $table[0] . '`;'));
$return .= 'DROP TABLE IF EXISTS `' . $table[0] . '`;';
$row2 = $wpdb->get_row('SHOW CREATE TABLE `' . $table[0] . '`;', ARRAY_N);
$return .= PHP_EOL . PHP_EOL . $row2[1] . ";" . PHP_EOL . PHP_EOL;
if (!in_array(substr($table[0], strlen($wpdb->prefix)), $this->settings['exclude'])) {
$result = $wpdb->get_results('SELECT * FROM `' . $table[0] . '`;', ARRAY_N);
foreach ($result as $row) {
$return .= 'INSERT INTO `' . $table[0] . '` VALUES(';
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = preg_replace('#' . PHP_EOL . '#', "\n", $row[$j]);
if (isset($row[$j])) {
$return .= '"' . $row[$j] . '"';
} else {
$return .= '""';
}
if ($j < $num_fields - 1) {
$return .= ',';
}
}
$return .= ");" . PHP_EOL;
}
}
$return .= PHP_EOL . PHP_EOL;
}
$return .= PHP_EOL . PHP_EOL;
//save file
$file = 'backup-' . substr(sanitize_title(get_bloginfo('name')), 0, 20) . '-' . current_time('Ymd-His') . '-' . wp_generate_password(30, false);
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-directory.php';
$dir = $this->settings['location'];
ITSEC_Lib_Directory::create($dir);
$fileext = '.sql';
$handle = @fopen($dir . '/' . $file . '.sql', 'w+');
@fwrite($handle, $return);
@fclose($handle);
//zip the file
if (true === $this->settings['zip']) {
if (!class_exists('PclZip')) {
require ABSPATH . 'wp-admin/includes/class-pclzip.php';
}
$zip = new PclZip($dir . '/' . $file . '.zip');
if (0 != $zip->create($dir . '/' . $file . '.sql', PCLZIP_OPT_REMOVE_PATH, $dir)) {
//delete .sql and keep zip
@unlink($dir . '/' . $file . '.sql');
$fileext = '.zip';
}
}
if (2 !== $this->settings['method'] || true === $one_time) {
$attachment = array($dir . '/' . $file . $fileext);
$body = __('Attached is the backup file for the database powering', 'better-wp-security') . ' ' . get_option('siteurl') . __(' taken', 'better-wp-security') . ' ' . date('l, F jS, Y \\a\\t g:i a', $itsec_globals['current_time']);
//Setup the remainder of the email
$recipients = ITSEC_Modules::get_setting('global', 'backup_email');
$subject = __('Site Database Backup', 'better-wp-security') . ' ' . date('l, F jS, Y \\a\\t g:i a', $itsec_globals['current_time']);
$subject = apply_filters('itsec_backup_email_subject', $subject);
$headers = 'From: ' . get_bloginfo('name') . ' <' . get_option('admin_email') . '>' . "\r\n";
$mail_success = false;
//Use HTML Content type
add_filter('wp_mail_content_type', array($this, 'set_html_content_type'));
//Send emails to all recipients
foreach ($recipients as $recipient) {
if (is_email(trim($recipient))) {
if (defined('ITSEC_DEBUG') && true === ITSEC_DEBUG) {
$body .= '<p>' . __('Debug info (source page): ' . esc_url($_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"])) . '</p>';
}
$mail_success = wp_mail(trim($recipient), $subject, '<html>' . $body . '</html>', $headers, $attachment);
}
}
//Remove HTML Content type
remove_filter('wp_mail_content_type', array($this, 'set_html_content_type'));
}
if (1 === $this->settings['method']) {
@unlink($dir . '/' . $file . $fileext);
} else {
$retain = isset($this->settings['retain']) ? absint($this->settings['retain']) : 0;
//delete extra files
if (0 < $retain) {
$files = scandir($dir, 1);
$count = 0;
if (is_array($files) && 0 < count($files)) {
foreach ($files as $file) {
if (strstr($file, 'backup')) {
if ($count >= $retain) {
@unlink(trailingslashit($dir) . $file);
}
$count++;
}
}
}
}
}
if (false === $one_time) {
ITSEC_Modules::set_setting('backup', 'last_run', ITSEC_Core::get_current_time_gmt());
}
switch ($this->settings['method']) {
case 0:
if (false === $mail_success) {
$status = array('status' => __('Error', 'better-wp-security'), 'details' => __('saved locally but email to backup recipients could not be sent.', 'better-wp-security'));
} else {
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('emailed to backup recipients and saved locally', 'better-wp-security'));
}
break;
case 1:
if (false === $mail_success) {
$status = array('status' => __('Error', 'better-wp-security'), 'details' => __('email to backup recipients could not be sent.', 'better-wp-security'));
} else {
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('emailed to backup recipients', 'better-wp-security'));
}
break;
default:
$status = array('status' => __('Success', 'better-wp-security'), 'details' => __('saved locally', 'better-wp-security'));
break;
}
$itsec_logger->log_event('backup', 3, array($status));
}
