/**
* Displays the ruleset(s) pages.
*/
public function display_wemahu_rulesets()
{
global $wpdb;
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'list';
switch ($action) {
case 'list':
include_once 'views/rulesets.php';
break;
case 'edit':
$rulsetId = (int) $_REQUEST['id'];
$ModelRuleset = new ModelRuleset($wpdb);
$rulesetData = $ModelRuleset->getRulesetData($rulsetId);
include_once 'views/ruleset.php';
break;
case 'save':
$rulsetId = (int) $_POST['id'];
check_admin_referer('save_ruleset_' . $rulsetId);
$ModelRuleset = new ModelRuleset($wpdb);
$saveResult = $ModelRuleset->saveRuleset($_POST['ruleset'], $rulsetId);
if ($saveResult === false) {
$message = array('type' => 'error', 'text' => 'Rule could not be saved to database.');
} else {
$message = array('type' => 'updated', 'text' => 'Rule successfully saved.');
$rulsetId = $saveResult;
}
$rulesetData = $ModelRuleset->getRulesetData($rulsetId);
include_once 'views/ruleset.php';
break;
case 'add':
$rulesetData = array('id' => 0, 'name' => '', 'filecheck' => 1, 'scandir' => '', 'regex_check' => 1, 'hash_check' => 1, 'filetypes' => 'php,jpg,png,gif,js,html,htm,xml,htaccess', 'filesize_max' => '500000');
include_once 'views/ruleset.php';
break;
case 'delete':
$deleteResult = false;
if (!empty($_GET['id'])) {
$rulsetId = (int) $_GET['id'];
check_admin_referer('delete_' . $rulsetId);
$ModelRuleset = new ModelRuleset($wpdb);
$deleteResult = $ModelRuleset->deleteRuleset($rulsetId);
}
if (!empty($_GET['ruleset'])) {
check_admin_referer('bulk-rulesets');
$rulesetIds = $_GET['ruleset'];
$ModelRuleset = new ModelRuleset($wpdb);
foreach ($rulesetIds as $rulsetId) {
$deleteResult = $ModelRuleset->deleteRuleset($rulsetId);
if ($deleteResult === false) {
break;
}
}
$deleteResult = true;
}
if ($deleteResult === false) {
$message = array('type' => 'error', 'text' => 'Rule(s) could not be deleted database.');
} else {
$message = array('type' => 'updated', 'text' => 'Rule(s) successfully deleted.');
}
include_once 'views/rulesets.php';
break;
}
}
/**
* Inits wemahu scanner by passing necessary objects like settings and database.
*
*/
public function initWemahu()
{
$rulesetId = (int) $_POST['ruleset'];
if (empty($rulesetId)) {
$this->returnError('No ruleset selected.');
}
$ModelRuleset = new ModelRuleset($this->wpdb);
$rulesetData = $ModelRuleset->getRulesetData($rulesetId);
if (empty($rulesetData)) {
$this->returnError('Invalid ruleset.');
}
// prepare Wemahu settings:
$WemahuSettings = new Wemahu\Settings();
$WemahuSettings->intervalMode = true;
$WemahuSettings->useApi = (int) $this->options['use_api'] === 1 ? true : false;
$WemahuSettings->audits['filecheck'] = (int) $rulesetData['filecheck'] === 1 ? true : false;
$WemahuSettings->auditSettings['filecheck']['regexCheck'] = (int) $rulesetData['regex_check'] === 1 ? true : false;
$WemahuSettings->auditSettings['filecheck']['hashCheck'] = (int) $rulesetData['hash_check'] === 1 ? true : false;
$WemahuSettings->auditSettings['filecheck']['scanDir'] = ABSPATH;
$WemahuSettings->auditSettings['filecheck']['tmpDir'] = WP_PLUGIN_DIR . '/wemahu/tmp';
$WemahuSettings->auditSettings['filecheck']['pathRegexWhitelistUser'] = WP_PLUGIN_DIR . '/wemahu/tmp/wemahu_regex_whitelist.wmdb';
if (!empty($rulesetData['scandir'])) {
$WemahuSettings->auditSettings['filecheck']['scanDir'] = $rulesetData['scandir'];
}
$WemahuSettings->auditSettings['filecheck']['scanDir'] = rtrim($WemahuSettings->auditSettings['filecheck']['scanDir'], '/');
if (!empty($rulesetData['regex_db'])) {
$WemahuSettings->auditSettings['filecheck']['pathRegexDb'] = WP_PLUGIN_DIR . '/wemahu/admin/libs/wemahu/db/' . $rulesetData['regex_db'] . '.wmdb';
}
if (!empty($rulesetData['filetypes'])) {
$WemahuSettings->auditSettings['filecheck']['extensionFilter'] = $rulesetData['filetypes'];
}
if (!empty($rulesetData['filesize_max'])) {
$WemahuSettings->auditSettings['filecheck']['sizeFilter'] = $rulesetData['filesize_max'];
}
if (!empty($rulesetData['max_results_file'])) {
$WemahuSettings->auditSettings['filecheck']['maxResultsFile'] = $rulesetData['max_results_file'];
}
if (!empty($rulesetData['max_results_total'])) {
$WemahuSettings->auditSettings['filecheck']['maxResultsTotal'] = $rulesetData['max_results_total'];
}
if ($WemahuSettings->auditSettings['filecheck']['hashCheck'] === true && !empty($rulesetData['hash_check_blacklist'])) {
$WemahuSettings->auditSettings['filecheck']['hashCheckBlacklist'] = explode("\n", str_replace("\r", "", $rulesetData['hash_check_blacklist']));
}
// Init Wemahu:
$Wemahu = new Wemahu\Wemahu();
$Wemahu->setSettings($WemahuSettings);
$WemahuStorage = new Wemahu\Storage();
$Wemahu->setStorage($WemahuStorage);
$WemahuDatabase = new Wemahu\WordpressDatabase($this->wpdb);
$Wemahu->setDatabase($WemahuDatabase);
$initResult = $Wemahu->init();
// Send Response:
if ($initResult === false) {
$this->JsonResponse->setError('Wemahu initialization failed.');
}
$auditMessages = $Wemahu->getAuditMessages();
$auditMessagesHtml = implode('<br />', $auditMessages) . '<br />';
$this->JsonResponse->setType('init_success');
$this->JsonResponse->setData('init_msg', $auditMessagesHtml);
echo $this->JsonResponse->getResponseData();
exit;
}
