function save_setting()
{
$settings = maybe_unserialize(base64_decode($_POST['settings']));
if (is_array($settings) && count($settings) > 0) {
$result = array();
$reload = '';
$opts = $settings;
$validUsers = array();
$invalidUsers = array();
foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) {
$val = trim($val);
if (strlen($val) > 0) {
if (get_user_by('login', $val)) {
$validUsers[] = $val;
} else {
$invalidUsers[] = $val;
}
}
}
if (count($invalidUsers) > 0) {
// return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers)) );
$result['invalid_users'] = htmlentities(implode(', ', $invalidUsers));
}
if (count($validUsers) > 0) {
$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
} else {
$opts['liveTraf_ignoreUsers'] = '';
}
if (!$opts['other_WFNet']) {
$wfdb = new wfDB();
global $wpdb;
$p = $wpdb->base_prefix;
$wfdb->queryWrite("delete from {$p}" . 'wfBlocks where wfsn=1 and permanent=0');
}
$regenerateHtaccess = false;
if (wfConfig::get('bannedURLs', false) !== $opts['bannedURLs']) {
$regenerateHtaccess = true;
}
foreach ($opts as $key => $val) {
if (in_array($key, self::$options_filter)) {
if ('apiKey' !== $key) {
//Don't save API key yet
wfConfig::set($key, $val);
}
}
}
if ($regenerateHtaccess) {
wfCache::addHtaccessCode('add');
}
if ('1' === $opts['autoUpdate']) {
wfConfig::enableAutoUpdate();
} else {
if ('0' === $opts['autoUpdate']) {
wfConfig::disableAutoUpdate();
}
}
if (isset($opts['disableCodeExecutionUploads'])) {
try {
if ($opts['disableCodeExecutionUploads']) {
wfConfig::disableCodeExecutionForUploads();
} else {
wfConfig::removeCodeExecutionProtectionForUploads();
}
} catch (wfConfigException $e) {
return array('error' => $e->getMessage());
}
}
if (isset($opts['email_summary_enabled'])) {
if (!empty($opts['email_summary_enabled'])) {
wfConfig::set('email_summary_enabled', 1);
wfConfig::set('email_summary_interval', $opts['email_summary_interval']);
wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']);
wfActivityReport::scheduleCronJob();
} else {
wfConfig::set('email_summary_enabled', 0);
wfActivityReport::disableCronJob();
}
}
$sch = isset($opts['scheduleScan']) ? $opts['scheduleScan'] : '';
if (get_option('mainwp_child_wordfence_cron_time') !== $sch) {
update_option('mainwp_child_wordfence_cron_time', $sch);
$sched = wp_next_scheduled('mainwp_child_wordfence_cron_scan');
if (false !== $sched) {
wp_unschedule_event($sched, 'mainwp_child_wordfence_cron_scan');
}
}
$result['cacheType'] = wfConfig::get('cacheType');
$result['paidKeyMsg'] = false;
$apiKey = trim($_POST['apiKey']);
if (!$apiKey) {
//Empty API key (after trim above), then try to get one.
$api = new wfAPI('', wfUtils::getWPVersion());
try {
$keyData = $api->call('get_anon_api_key');
if ($keyData['ok'] && $keyData['apiKey']) {
wfConfig::set('apiKey', $keyData['apiKey']);
wfConfig::set('isPaid', 0);
$result['apiKey'] = $keyData['apiKey'];
$result['isPaid'] = 0;
$reload = 'reload';
} else {
throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
}
} catch (Exception $e) {
$result['error'] = 'Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: ' . htmlentities($e->getMessage());
return $result;
}
} else {
if (wfConfig::get('apiKey') !== $apiKey) {
$api = new wfAPI($apiKey, wfUtils::getWPVersion());
try {
$res = $api->call('check_api_key', array(), array());
if ($res['ok'] && isset($res['isPaid'])) {
wfConfig::set('apiKey', $apiKey);
wfConfig::set('isPaid', $res['isPaid']);
//res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
$result['apiKey'] = $apiKey;
$result['isPaid'] = $res['isPaid'];
if ($res['isPaid']) {
$result['paidKeyMsg'] = true;
}
$reload = 'reload';
} else {
throw new Exception('We could not understand the Wordfence API server reply when updating your API key.');
}
} catch (Exception $e) {
$result['error'] = 'Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage());
return $result;
}
} else {
try {
$api = new wfAPI($apiKey, wfUtils::getWPVersion());
$res = $api->call('ping_api_key', array(), array());
} catch (Exception $e) {
$result['error'] = 'Your options have been saved. However we noticed you do not change your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage());
return $result;
}
}
}
$result['ok'] = 1;
$result['reload'] = $reload;
return $result;
}
}
public static function ajax_saveConfig_callback()
{
$reload = '';
$opts = wfConfig::parseOptions();
// These are now on the Diagnostics page, so they aren't sent across.
foreach (self::$diagnosticParams as $param) {
$opts[$param] = wfConfig::get($param);
}
$emails = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['alertEmails'])) as $email) {
if (strlen($email) > 0) {
$emails[] = $email;
}
}
if (sizeof($emails) > 0) {
$badEmails = array();
foreach ($emails as $email) {
if (!preg_match('/^[^@]+@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,11})$/i', $email)) {
$badEmails[] = $email;
}
}
if (sizeof($badEmails) > 0) {
return array('errorMsg' => "The following emails are invalid: " . wp_kses(implode(', ', $badEmails), array()));
}
$opts['alertEmails'] = implode(',', $emails);
} else {
$opts['alertEmails'] = '';
}
$opts['scan_exclude'] = wfUtils::cleanupOneEntryPerLine($opts['scan_exclude']);
foreach (explode("\n", $opts['scan_include_extra']) as $regex) {
if (@preg_match("/{$regex}/", "") === FALSE) {
return array('errorMsg' => "\"" . esc_html($regex) . "\" is not a valid regular expression");
}
}
$whiteIPs = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['whitelisted'])) as $whiteIP) {
if (strlen($whiteIP) > 0) {
$whiteIPs[] = $whiteIP;
}
}
if (sizeof($whiteIPs) > 0) {
$badWhiteIPs = array();
$range = new wfUserIPRange();
foreach ($whiteIPs as $whiteIP) {
$range->setIPString($whiteIP);
if (!$range->isValidRange()) {
$badWhiteIPs[] = $whiteIP;
}
}
if (sizeof($badWhiteIPs) > 0) {
return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . wp_kses(implode(', ', $badWhiteIPs), array()));
}
$opts['whitelisted'] = implode(',', $whiteIPs);
} else {
$opts['whitelisted'] = '';
}
$validUsers = array();
$invalidUsers = array();
foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) {
$val = trim($val);
if (strlen($val) > 0) {
if (get_user_by('login', $val)) {
$validUsers[] = $val;
} else {
$invalidUsers[] = $val;
}
}
}
$opts['loginSec_userBlacklist'] = wfUtils::cleanupOneEntryPerLine($opts['loginSec_userBlacklist']);
$opts['apiKey'] = trim($opts['apiKey']);
if ($opts['apiKey'] && !preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) {
//User entered something but it's garbage.
return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9.");
}
if (sizeof($invalidUsers) > 0) {
return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . wp_kses(implode(', ', $invalidUsers), array()));
}
if (sizeof($validUsers) > 0) {
$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
} else {
$opts['liveTraf_ignoreUsers'] = '';
}
$validIPs = array();
$invalidIPs = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val) {
if (strlen($val) > 0) {
if (wfUtils::isValidIP($val)) {
$validIPs[] = $val;
} else {
$invalidIPs[] = $val;
}
}
}
if (sizeof($invalidIPs) > 0) {
return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . wp_kses(implode(', ', $invalidIPs), array()));
}
if (sizeof($validIPs) > 0) {
$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
}
if (preg_match('/[a-zA-Z0-9\\d]+/', $opts['liveTraf_ignoreUA'])) {
$opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
} else {
$opts['liveTraf_ignoreUA'] = '';
}
if (!$opts['other_WFNet']) {
$wfdb = new wfDB();
global $wpdb;
$p = $wpdb->base_prefix;
$wfdb->queryWrite("delete from {$p}" . "wfBlocks where wfsn=1 and permanent=0");
}
if ($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')) {
$reload = 'reload';
}
$regenerateHtaccess = false;
if (wfConfig::get('bannedURLs', false) != $opts['bannedURLs']) {
$regenerateHtaccess = true;
}
if (!is_numeric($opts['liveTraf_maxRows'])) {
return array('errorMsg' => 'Please enter a number for the amount of Live Traffic data to store.');
}
foreach ($opts as $key => $val) {
if ($key != 'apiKey') {
//Don't save API key yet
wfConfig::set($key, $val);
}
}
if ($regenerateHtaccess && wfConfig::get('cacheType') == 'falcon') {
wfCache::addHtaccessCode('add');
}
if ($opts['autoUpdate'] == '1') {
wfConfig::enableAutoUpdate();
} else {
if ($opts['autoUpdate'] == '0') {
wfConfig::disableAutoUpdate();
}
}
try {
if ($opts['disableCodeExecutionUploads']) {
wfConfig::disableCodeExecutionForUploads();
} else {
wfConfig::removeCodeExecutionProtectionForUploads();
}
} catch (wfConfigException $e) {
return array('errorMsg' => $e->getMessage());
}
if (!empty($opts['email_summary_enabled'])) {
wfConfig::set('email_summary_enabled', 1);
wfConfig::set('email_summary_interval', $opts['email_summary_interval']);
wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']);
wfActivityReport::scheduleCronJob();
} else {
wfConfig::set('email_summary_enabled', 0);
wfActivityReport::disableCronJob();
}
if (wfConfig::get('other_hideWPVersion')) {
wfUtils::hideReadme();
} else {
wfUtils::showReadme();
}
$paidKeyMsg = false;
if (!$opts['apiKey']) {
//Empty API key (after trim above), then try to get one.
$api = new wfAPI('', wfUtils::getWPVersion());
try {
$keyData = $api->call('get_anon_api_key');
if ($keyData['ok'] && $keyData['apiKey']) {
wfConfig::set('apiKey', $keyData['apiKey']);
wfConfig::set('isPaid', 0);
$reload = 'reload';
} else {
throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
}
} catch (Exception $e) {
return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . wp_kses($e->getMessage(), array()));
}
} else {
if ($opts['apiKey'] != wfConfig::get('apiKey')) {
$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
try {
$res = $api->call('check_api_key', array(), array());
if ($res['ok'] && isset($res['isPaid'])) {
wfConfig::set('apiKey', $opts['apiKey']);
$reload = 'reload';
wfConfig::set('isPaid', $res['isPaid']);
//res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
if ($res['isPaid']) {
$paidKeyMsg = true;
}
} else {
throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
}
} catch (Exception $e) {
return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . wp_kses($e->getMessage(), array()));
}
} else {
$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
$api->call('ping_api_key', array(), array());
}
}
return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg);
}
public static function ajax_saveCacheConfig_callback()
{
$cacheType = $_POST['cacheType'];
if ($cacheType == 'falcon' || $cacheType == 'php') {
$plugins = get_plugins();
$badPlugins = array();
foreach ($plugins as $pluginFile => $data) {
if (is_plugin_active($pluginFile)) {
if ($pluginFile == 'w3-total-cache/w3-total-cache.php') {
$badPlugins[] = "W3 Total Cache";
} else {
if ($pluginFile == 'quick-cache/quick-cache.php') {
$badPlugins[] = "Quick Cache";
} else {
if ($pluginFile == "wp-super-cache/wp-cache.php") {
$badPlugins[] = "WP Super Cache";
} else {
if ($pluginFile == "wp-fast-cache/wp-fast-cache.php") {
$badPlugins[] = "WP Fast Cache";
} else {
if ($pluginFile == "wp-fastest-cache/wpFastestCache.php") {
$badPlugins[] = "WP Fastest Cache";
}
}
}
}
}
}
}
if (count($badPlugins) > 0) {
return array('errorMsg' => "You can not enable caching in Wordfence with other caching plugins enabled. This may cause conflicts. You need to disable other caching plugins first. Wordfence caching is very fast and does not require other caching plugins to be active. The plugins you have that conflict are: " . implode(', ', $badPlugins) . ". Disable these plugins, then return to this page and enable Wordfence caching.");
}
$siteURL = site_url();
if (preg_match('/^https?:\\/\\/[^\\/]+\\/[^\\/]+\\/[^\\/]+\\/.+/i', $siteURL)) {
return array('errorMsg' => "Wordfence caching currently does not support sites that are installed in a subdirectory and have a home page that is more than 2 directory levels deep. e.g. we don't support sites who's home page is http://example.com/levelOne/levelTwo/levelThree");
}
}
if ($cacheType == 'falcon') {
if (!get_option('permalink_structure', '')) {
return array('errorMsg' => "You need to enable Permalinks for your site to use Falcon Engine. You can enable Permalinks in WordPress by going to the Settings - Permalinks menu and enabling it there. Permalinks change your site URL structure from something that looks like /p=123 to pretty URLs like /my-new-post-today/ that are generally more search engine friendly.");
}
}
if ($cacheType == 'disable' || $cacheType == 'php') {
$removeError = wfCache::addHtaccessCode('remove');
if ($removeError) {
return array('ok' => 1, 'heading' => "Problem disabling caching.", 'body' => "We could not disable caching because you have code in your .htaccess file that could not be removed by Wordfence. You need to go in and remove any Wordfence code from your .htaccess file yourself. Then return here and disable caching. The error we received was: {$removeError}");
}
$removeError = wfCache::updateBlockedIPs('remove');
if ($removeError) {
return array('ok' => 1, 'heading' => "Problem disabling caching.", 'body' => "We could not remove the list of blocked IP's from your .htaccess file when updating the type of caching you have selected. You need to go in and remove any Wordfence code from your .htaccess file yourself. Then return here and disable caching. The error we received was: {$removeError}");
}
}
if ($cacheType == 'php' || $cacheType == 'falcon') {
$err = wfCache::cacheDirectoryTest();
if ($err) {
return array('ok' => 1, 'heading' => "Could not write to cache directory", 'body' => "To enable caching, Wordfence needs to be able to create and write to the /wp-content/wfcache/ directory. We did some tests that indicate this is not possible. You need to manually create the /wp-content/wfcache/ directory and make it writable by Wordfence. The error we encountered was during our tests was: {$err}");
}
}
//Mainly we clear the cache here so that any footer cache diagnostic comments are rebuilt. We could just leave it intact unless caching is being disabled.
if ($cacheType != wfConfig::get('cacheType', false)) {
wfCache::scheduleCacheClear();
}
if ($cacheType == 'disable') {
wfConfig::set('cacheType', false);
return array('ok' => 1, 'heading' => "Caching successfully disabled.", 'body' => "Caching has been disabled on your system.<br /><br /><center><input type='button' name='wfReload' value='Click here now to refresh this page' onclick='window.location.reload(true);' /></center>");
} else {
if ($cacheType == 'php') {
wfConfig::set('cacheType', 'php');
return array('ok' => 1, 'heading' => "Wordfence Basic Caching Enabled", 'body' => "Wordfence basic caching has been enabled on your system.<br /><br /><center><input type='button' name='wfReload' value='Click here now to refresh this page' onclick='window.location.reload(true);' /></center>");
} else {
if ($cacheType == 'falcon') {
$err = wfCache::addHtaccessCode('add');
if ($err) {
return array('ok' => 1, 'heading' => "Wordfence could not edit .htaccess", 'body' => "Wordfence could not edit your .htaccess code. The error was: " . $err);
}
wfConfig::set('cacheType', 'falcon');
wfCache::scheduleUpdateBlockedIPs();
//Runs every 5 mins until we change cachetype
return array('ok' => 1, 'heading' => "Wordfence Falcon Engine Activated!", 'body' => "Wordfence Falcon Engine has been activated on your system. You will see this icon appear on the Wordfence admin pages as long as Falcon is active indicating your site is running in high performance mode:<div class='wfFalconImage'></div><center><input type='button' name='wfReload' value='Click here now to refresh this page' onclick='window.location.reload(true);' /></center>");
}
}
}
return array('errorMsg' => "An error occurred.");
}
public static function ajax_saveConfig_callback()
{
$reload = '';
$opts = wfConfig::parseOptions();
$emails = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['alertEmails'])) as $email) {
if (strlen($email) > 0) {
$emails[] = $email;
}
}
if (sizeof($emails) > 0) {
$badEmails = array();
foreach ($emails as $email) {
if (!preg_match('/^[^@]+@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,11})$/i', $email)) {
$badEmails[] = $email;
}
}
if (sizeof($badEmails) > 0) {
return array('errorMsg' => "The following emails are invalid: " . htmlentities(implode(', ', $badEmails)));
}
$opts['alertEmails'] = implode(',', $emails);
} else {
$opts['alertEmails'] = '';
}
$opts['scan_exclude'] = preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['scan_exclude']);
$whiteIPs = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['whitelisted'])) as $whiteIP) {
if (strlen($whiteIP) > 0) {
$whiteIPs[] = $whiteIP;
}
}
if (sizeof($whiteIPs) > 0) {
$badWhiteIPs = array();
foreach ($whiteIPs as $whiteIP) {
if (!preg_match('/^[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+$/', $whiteIP)) {
$badWhiteIPs[] = $whiteIP;
}
}
if (sizeof($badWhiteIPs) > 0) {
return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . htmlentities(implode(', ', $badWhiteIPs)));
}
$opts['whitelisted'] = implode(',', $whiteIPs);
} else {
$opts['whitelisted'] = '';
}
$validUsers = array();
$invalidUsers = array();
foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) {
$val = trim($val);
if (strlen($val) > 0) {
if (get_user_by('login', $val)) {
$validUsers[] = $val;
} else {
$invalidUsers[] = $val;
}
}
}
$userBlacklist = array();
foreach (explode(',', $opts['loginSec_userBlacklist']) as $user) {
$user = trim($user);
if (strlen($user) > 0) {
$userBlacklist[] = $user;
}
}
if (sizeof($userBlacklist) > 0) {
$opts['loginSec_userBlacklist'] = implode(',', $userBlacklist);
} else {
$opts['loginSec_userBlacklist'] = '';
}
$opts['apiKey'] = trim($opts['apiKey']);
if ($opts['apiKey'] && !preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) {
//User entered something but it's garbage.
return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9.");
}
if (sizeof($invalidUsers) > 0) {
return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers)));
}
if (sizeof($validUsers) > 0) {
$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
} else {
$opts['liveTraf_ignoreUsers'] = '';
}
$validIPs = array();
$invalidIPs = array();
foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val) {
if (strlen($val) > 0) {
if (preg_match('/^\\d+\\.\\d+\\.\\d+\\.\\d+$/', $val)) {
$validIPs[] = $val;
} else {
$invalidIPs[] = $val;
}
}
}
if (sizeof($invalidIPs) > 0) {
return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . htmlentities(implode(', ', $invalidIPs)));
}
if (sizeof($validIPs) > 0) {
$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
}
if (preg_match('/[a-zA-Z0-9\\d]+/', $opts['liveTraf_ignoreUA'])) {
$opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
} else {
$opts['liveTraf_ignoreUA'] = '';
}
if (!$opts['other_WFNet']) {
$wfdb = new wfDB();
global $wpdb;
$p = $wpdb->base_prefix;
$wfdb->queryWrite("delete from {$p}" . "wfBlocks where wfsn=1 and permanent=0");
}
if ($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')) {
$reload = 'reload';
}
$regenerateHtaccess = false;
if (wfConfig::get('bannedURLs', false) != $opts['bannedURLs']) {
$regenerateHtaccess = true;
}
foreach ($opts as $key => $val) {
if ($key != 'apiKey') {
//Don't save API key yet
wfConfig::set($key, $val);
}
}
if ($regenerateHtaccess) {
wfCache::addHtaccessCode('add');
}
if ($opts['autoUpdate'] == '1') {
wfConfig::enableAutoUpdate();
} else {
if ($opts['autoUpdate'] == '0') {
wfConfig::disableAutoUpdate();
}
}
$paidKeyMsg = false;
if (!$opts['apiKey']) {
//Empty API key (after trim above), then try to get one.
$api = new wfAPI('', wfUtils::getWPVersion());
try {
$keyData = $api->call('get_anon_api_key');
if ($keyData['ok'] && $keyData['apiKey']) {
wfConfig::set('apiKey', $keyData['apiKey']);
wfConfig::set('isPaid', 0);
$reload = 'reload';
} else {
throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
}
} catch (Exception $e) {
return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . htmlentities($e->getMessage()));
}
} else {
if ($opts['apiKey'] != wfConfig::get('apiKey')) {
$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
try {
$res = $api->call('check_api_key', array(), array());
if ($res['ok'] && isset($res['isPaid'])) {
wfConfig::set('apiKey', $opts['apiKey']);
$reload = 'reload';
wfConfig::set('isPaid', $res['isPaid']);
//res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
if ($res['isPaid']) {
$paidKeyMsg = true;
}
} else {
throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
}
} catch (Exception $e) {
return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . htmlentities($e->getMessage()));
}
} else {
$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
$res = $api->call('ping_api_key', array(), array());
}
}
return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg);
}
public static function ajax_removeCacheExclusion_callback()
{
$id = $_POST['id'];
$ex = wfConfig::get('cacheExclusions', false);
if (!$ex) {
return array('ok' => 1);
}
$ex = unserialize($ex);
$rewriteHtaccess = false;
for ($i = 0; $i < sizeof($ex); $i++) {
if ((string) $ex[$i]['id'] == (string) $id) {
if (wfConfig::get('cacheType', false) == 'falcon' && preg_match('/^(?:uac|uaeq|cc)$/', $ex[$i]['pt'])) {
$rewriteHtaccess = true;
}
array_splice($ex, $i, 1);
//Dont break in case of dups
}
}
wfConfig::set('cacheExclusions', serialize($ex));
if ($rewriteHtaccess && wfCache::addHtaccessCode('add')) {
//rewrites htaccess rules
return array('errorMsg', "We removed that rule but could not rewrite your .htaccess file. You're going to have to manually remove this rule from your .htaccess file. Please reload this page now.");
}
return array('ok' => 1);
}