<?php
if (!defined('ABSPATH')) {
exit;
}
// just in case
if (!current_user_can('manage_options')) {
die('Access Denied');
}
$stats = kpg_ss_get_stats();
extract($stats);
$now = date('Y/m/d H:i:s', time() + get_option('gmt_offset') * 3600);
// counter list - this should be copied from the get option utility
// counters should have the same name as the YN switch for the check.
// I see lots of missing counters here.
$counters = array('cntchkcloudflare' => 'pass CloudFlare', 'cntchkgcache' => 'pass Good Cache', 'cntchkakismet' => 'Reported by Akismet', 'cntchkgenallowlist' => 'pass Generated Allow List', 'cntchkgoogle' => 'pass Google', 'cntchkmiscallowlist' => 'pass Allow List', 'cntchkpaypal' => 'pass paypal', 'cntchkscripts' => 'pass scripts', 'cntchkvalidip' => 'pass uncheckable ip', 'cntchkwlem' => 'Allow List email', 'cntchkuserid' => 'Allow userid/author', 'cntchkwlist' => 'pass Allow List ip', 'cntchkyahoomerchant' => 'pass Yahoo merchant', 'cntchk404' => '404 exploit attempt', 'cntchkaccept' => 'bad or missing accept header', 'cntchkadmin' => 'admin login attempt', 'cntchkadminlog' => 'passed login ok', 'cntchkagent' => 'bad or missing user agent', 'cntchkamazon' => 'Amazon AWS', 'cntchkaws' => 'Amazon AWS allow', 'cntchkbcache' => 'bad cache', 'cntchkblem' => 'Deny List email', 'cntchkuserid' => 'Deny userid/author', 'cntchkblip' => 'Deny List ip', 'cntchkbotscout' => 'botscout', 'cntchkdisp' => 'disposable email', 'cntchkdnsbl' => 'dnsbl hit', 'cntchkexploits' => 'exploit attempt', 'cntchkgooglesafe' => 'google safe browsing', 'cntchkhoney' => 'project honeypot', 'cntchkhosting' => 'known spam host', 'cntchkinvalidip' => 'block invalid ip', 'cntchklong' => 'long email', 'cntchkbbcode' => 'bbcode in request', 'cntchkreferer' => 'bad HTTP_REFERER', 'cntchksession' => 'session speed', 'cntchksfs' => 'Stop Forum Spam', 'cntchkspamwords' => 'spam words', 'cntchktld' => 'email TLD', 'cntchkubiquity' => 'ubiquity servers', 'cntchkmulti' => 'Repeated hits', 'cntchkAD' => 'Andorra', 'cntchkAE' => 'United Arab Emirates', 'cntchkAF' => 'Afghanistan', 'cntchkAL' => 'Albania', 'cntchkAM' => 'Armenia', 'cntchkAR' => 'Argentina', 'cntchkAT' => 'Austria', 'cntchkAU' => 'Australia', 'cntchkAX' => 'Aland Islands', 'cntchkAZ' => 'Azerbaijan', 'cntchkBA' => 'Bosnia And Herzegovina', 'cntchkBB' => 'Barbados', 'cntchkBD' => 'Bangladesh', 'cntchkBE' => 'Belgium', 'cntchkBG' => 'Bulgaria', 'cntchkBH' => 'Bahrain', 'cntchkBN' => 'Brunei Darussalam', 'cntchkBO' => 'Bolivia', 'cntchkBR' => 'Brazil', 'cntchkBS' => 'Bahamas', 'cntchkBY' => 'Belarus', 'cntchkBZ' => 'Belize', 'cntchkCA' => 'Canada', 'cntchkCD' => 'Congo, Democratic Republic', 'cntchkCH' => 'Switzerland', 'cntchkCL' => 'Chile', 'cntchkCN' => 'China', 'cntchkCO' => 'Colombia', 'cntchkCR' => 'Costa Rica', 'cntchkCU' => 'Cuba', 'cntchkCW' => 'Curaçao', 'cntchkCY' => 'Cyprus', 'cntchkCZ' => 'Czech Republic', 'cntchkDE' => 'Germany', 'cntchkDK' => 'Denmark', 'cntchkDO' => 'Dominican Republic', 'cntchkDZ' => 'Algeria', 'cntchkEC' => 'Ecuador', 'cntchkEE' => 'Estonia', 'cntchkES' => 'Spain', 'cntchkEU' => 'European Union', 'cntchkFI' => 'Finland', 'cntchkFJ' => 'Fiji', 'cntchkFR' => 'France', 'cntchkGB' => 'Great Britain', 'cntchkGE' => 'Georgia', 'cntchkGF' => 'French Guiana', 'cntchkGI' => 'Gibraltar', 'cntchkGP' => 'Guadeloupe', 'cntchkGR' => 'Greece', 'cntchkGT' => 'Guatemala', 'cntchkGU' => 'Guam', 'cntchkGY' => 'Guyana', 'cntchkHK' => 'Hong Kong', 'cntchkHN' => 'Honduras', 'cntchkHR' => 'Croatia', 'cntchkHT' => 'Haiti', 'cntchkHU' => 'Hungary', 'cntchkID' => 'Indonesia', 'cntchkIE' => 'Ireland', 'cntchkIL' => 'Israel', 'cntchkIN' => 'India', 'cntchkIQ' => 'Iraq', 'cntchkIR' => 'Iran, Islamic Republic Of', 'cntchkIS' => 'Iceland', 'cntchkIT' => 'Italy', 'cntchkJM' => 'Jamaica', 'cntchkJO' => 'Jordan', 'cntchkJP' => 'Japan', 'cntchkKE' => 'Kenya', 'cntchkKG' => 'Kyrgyzstan', 'cntchkKH' => 'Cambodia', 'cntchkKR' => 'Korea', 'cntchkKW' => 'Kuwait', 'cntchkKY' => 'Cayman Islands', 'cntchkKZ' => 'Kazakhstan', 'cntchkLA' => "Lao People's Democratic Republic", 'cntchkLB' => 'Lebanon', 'cntchkLK' => 'Sri Lanka', 'cntchkLT' => 'Lithuania', 'cntchkLU' => 'Luxembourg', 'cntchkLV' => 'Latvia', 'cntchkMD' => 'Moldova', 'cntchkME' => 'Montenegro', 'cntchkMK' => 'Macedonia', 'cntchkMM' => 'Myanmar', 'cntchkMN' => 'Mongolia', 'cntchkMO' => 'Macao', 'cntchkMP' => 'Northern Mariana Islands', 'cntchkMQ' => 'Martinique', 'cntchkMT' => 'Malta', 'cntchkMV' => 'Maldives', 'cntchkMX' => 'Mexico', 'cntchkMY' => 'Malaysia', 'cntchkNC' => 'New Caledonia', 'cntchkNI' => 'Nicaragua', 'cntchkNL' => 'Netherlands', 'cntchkNO' => 'Norway', 'cntchkNP' => 'Nepal', 'cntchkNZ' => 'New Zealand', 'cntchkOM' => 'Oman', 'cntchkPA' => 'Panama', 'cntchkPE' => 'Peru', 'cntchkPG' => 'Papua New Guinea', 'cntchkPH' => 'Philippines', 'cntchkPK' => 'Pakistan', 'cntchkPL' => 'Poland', 'cntchkPR' => 'Puerto Rico', 'cntchkPS' => 'Palestinian Territory, Occupied', 'cntchkPT' => 'Portugal', 'cntchkPW' => 'Palau', 'cntchkPY' => 'Paraguay', 'cntchkQA' => 'Qatar', 'cntchkRO' => 'Romania', 'cntchkRS' => 'Serbia', 'cntchkRU' => 'Russian Federation', 'cntchkSA' => 'Saudi Arabia', 'cntchkSC' => 'Seychelles', 'cntchkSE' => 'Sweden', 'cntchkSG' => 'Singapore', 'cntchkSI' => 'Slovenia', 'cntchkSK' => 'Slovakia', 'cntchkSV' => 'El Salvador', 'cntchkSX' => 'Sint Maarten', 'cntchkSY' => 'Syrian Arab Republic', 'cntchkTH' => 'Thailand', 'cntchkTJ' => 'Tajikistan', 'cntchkTM' => 'Turkmenistan', 'cntchkTR' => 'Turkey', 'cntchkTT' => 'Trinidad And Tobago', 'cntchkTW' => 'Taiwan', 'cntchkUA' => 'Ukraine', 'cntchkUK' => 'United Kingdom', 'cntchkUS' => 'United States', 'cntchkUY' => 'Uruguay', 'cntchkUZ' => 'Uzbekistan', 'cntchkVC' => 'Saint Vincent And Grenadines', 'cntchkVE' => 'Venezuela', 'cntchkVN' => 'Viet Nam', 'cntchkYE' => 'Yemen', 'cntcap' => 'Passed Captcha', 'cntncap' => 'failed Captcha', 'cntpass' => 'Total Pass');
$message = "";
$nonce = '';
if (array_key_exists('kpg_stop_spammers_control', $_POST)) {
$nonce = $_POST['kpg_stop_spammers_control'];
}
if (wp_verify_nonce($nonce, 'kpgstopspam_update')) {
if (array_key_exists('clear', $_POST)) {
foreach ($counters as $v1 => $v2) {
$stats[$v1] = 0;
}
$addonstats = array();
$stats['addonstats'] = $addonstats;
$msg = "Summary Cleared";
kpg_ss_set_stats($stats);
extract($stats);
public function process($ip, &$stats = array(), &$options = array(), &$post = array())
{
// it looks like I am not getting my stats and options correctly
//sfs_debug_msg('Made it into challenge');
$ip = kpg_get_ip();
$stats = kpg_ss_get_stats();
$options = kpg_ss_get_options();
//$post=get_post_variables();
/*
page is HEADER, Allow List Request, Captchas and then a button
Processing is 1) check for response from from
2) else display form.
*/
// display deny message and captcha if set.
// first, check to see if they should be redirected
if ($options['redir'] == 'Y' && !empty($options['redirurl'])) {
//sfs_debug_msg('Redir?');
header('HTTP/1.1 307 Moved');
header('Status: 307 Moved');
header("location: " . $options['redirurl']);
exit;
}
extract($options);
$ke = '';
$km = '';
$kr = '';
$ka = '';
$kp = '';
// serialized post
// step 1 look for form response
// nonce is in a field named kn - this is not to confuse with other forms that may be coming in
$nonce = '';
$msg = '';
// this is the body message for failed captchas, notifies and requests
if (!empty($_POST) && array_key_exists('kn', $_POST)) {
//sfs_debug_msg('second time');
$nonce = $_POST['kn'];
// get the post items
if (array_key_exists('ke', $_POST)) {
$ke = sanitize_text_field($_POST['ke']);
}
if (array_key_exists('km', $_POST)) {
$km = sanitize_text_field($_POST['km']);
}
if (strlen($km) > 80) {
$km = substr($km, 0, 77) . '...';
}
if (array_key_exists('kr', $_POST)) {
$kr = sanitize_text_field($_POST['kr']);
}
if (array_key_exists('ka', $_POST)) {
$ka = sanitize_text_field($_POST['ka']);
}
if (array_key_exists('kp', $_POST)) {
$kp = $_POST['kp'];
}
// serialized post
if (!empty($nonce) && wp_verify_nonce($nonce, 'kpg_stopspam_deny')) {
//sfs_debug_msg('nonce is good');
// have a form return.
//1) to see if the allow by request has been triggered
$emailsent = $this->kpg_ss_send_email($options);
//2) see if we should add to the allow list
$allowset = false;
if ($wlreq == 'Y') {
// allow things to added to allow list
$allowset = $this->kpg_ss_add_allow($ip, $options, $stats, $post, $post);
}
// now the captcha settings
$msg = "Thank you,<br>";
if ($emailsent) {
$msg .= "The blog master has been notified by email.<br>";
}
if ($allowset) {
$msg .= "You request has been recorded.<br>";
}
if (empty($chkcaptcha) || $chkcaptcha == 'N') {
// send out the thank you message
wp_die($msg, "Stop Spammers", array('response' => 200));
exit;
}
// they submitted a captcha
switch ($chkcaptcha) {
case 'Y':
// open captcha
if (array_key_exists('img', $_POST) && !empty($_POST['img']) && !empty($_POST['code'])) {
//sfs_debug_msg('open capcha 2');
// validate open captcha
$fff = 'http://www.opencaptcha.com/validate.php?ans=';
$fff .= sanitize_text_field($_POST['code']);
$fff .= '&img=';
$fff .= sanitize_text_field($_POST['img']);
$sn = kpg_read_file($fff);
if ($sn == 'pass') {
// restore the post
//$kp=base64_encode(serialize($_POST));
$_POST = unserialize(base64_decode($kp));
////sfs_debug_msg("trying to return the post to the comments program".print_r($_POST,true));
// success add to cache
kpg_ss_log_good($ip, 'passed open captcha', 'pass');
do_action('kpg_stop_spam_OK', $ip, $post);
// So plugins can undo spam report
return false;
} else {
$msg = "Open Captcha entry does not match, try again.";
}
}
break;
case 'G':
if (array_key_exists('recaptcha', $_POST) && !empty($_POST['recaptcha']) && array_key_exists('g-recaptcha-response', $_POST)) {
// check recaptcha
$recaptchaapisecret = $options['recaptchaapisecret'];
$recaptchaapisite = $options['recaptchaapisite'];
if (empty($recaptchaapisecret) || empty($recaptchaapisite)) {
$msg = "Recaptcha Keys are not set.";
} else {
$g = $_REQUEST['g-recaptcha-response'];
//$url="https://www.google.com/recaptcha/api/siteverify";
$url = "https://www.google.com/recaptcha/api/siteverify?secret={$recaptchaapisecret}&response={$g}&remoteip={$ip}";
$resp = kpg_read_file($url);
////sfs_debug_msg("recaptcha '$g', '$ip' '$resp' - \r\n".print_r($_POST,true));
if (strpos($resp, '"success": true') !== false) {
// found success
//$kp=base64_encode(serialize($_POST));
$_POST = unserialize(base64_decode($kp));
////sfs_debug_msg("trying to return the post to the comments program".print_r($_POST,true));
// success add to cache
kpg_ss_log_good($ip, 'passed recaptcha', 'pass');
do_action('kpg_stop_spam_OK', $ip, $post);
// So plugins can undo spam report
return false;
} else {
$msg = "Google reCaptcha entry does not match, try again";
}
}
}
break;
case 'S':
if (array_key_exists('adcopy_challenge', $_POST) && !empty($_POST['adcopy_challenge'])) {
// solve media
$solvmediaapivchallenge = $options['solvmediaapivchallenge'];
$solvmediaapiverify = $options['solvmediaapiverify'];
$adcopy_challenge = $_REQUEST['adcopy_challenge'];
$adcopy_response = $_REQUEST['adcopy_response'];
//$ip='127.0.0.1';
$postdata = http_build_query(array('privatekey' => $solvmediaapiverify, 'challenge' => $adcopy_challenge, 'response' => $adcopy_response, 'remoteip' => $ip));
$opts = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata));
//$context = stream_context_create($opts);
// need to rewrite this post with the wp class
/**********************************************
try to use the sp function
**********************************************/
$body = array('privatekey' => $solvmediaapiverify, 'challenge' => $adcopy_challenge, 'response' => $adcopy_response, 'remoteip' => $ip);
$args = array('user-agent' => 'WordPress/' . '4.2' . '; ' . get_bloginfo('url'), 'blocking' => true, 'headers' => array('Content-type: application/x-www-form-urlencoded'), 'method' => 'POST', 'timeout' => 45, 'redirection' => 5, 'httpversion' => '1.0', 'body' => $body, 'cookies' => array());
$url = 'http://verify.solvemedia.com/papi/verify/';
$resultarray = wp_remote_post($url, $args);
$result = $resultarray['body'];
//$result =
//file_get_contents('http://verify.solvemedia.com/papi/verify/',
//false, $context);
if (strpos($result, 'true') !== false) {
$_POST = unserialize(base64_decode($kp));
////sfs_debug_msg("trying to return the post to the comments program".print_r($_POST,true));
// success add to cache
kpg_ss_log_good($ip, 'passed open captcha', 'pass');
do_action('kpg_stop_spam_OK', $ip, $post);
// So plugins can undo spam report
return false;
} else {
$msg = "Captcha entry does not match, try again";
}
}
break;
case 'A':
if (array_key_exists('nums', $_POST) && !empty($_POST['nums'])) {
// simple arithmetic - at lease it is different for each website and changes occasionally
$seed = 5;
$spdate = $stats['spdate'];
if (!empty($spdate)) {
$seed = strtotime($spdate);
}
$nums = really_clean(sanitize_text_field($_POST['nums']));
$nums += $seed;
$sum = really_clean(sanitize_text_field($_POST['sum']));
if ($sum == $nums) {
$_POST = unserialize(base64_decode($kp));
////sfs_debug_msg("trying to return the post to the comments program".print_r($_POST,true));
// success add to cache
kpg_ss_log_good($ip, 'passed open captcha', 'pass');
do_action('kpg_stop_spam_OK', $ip, $post);
// So plugins can undo spam report
return false;
} else {
$msg = "Your arithmetic sucks, try again";
}
}
break;
case 'F':
// future - more free captchas
break;
}
}
// nonce check - not a valid nonce on form submit yet the value is there - what do we do?
//sfs_debug_msg('leaving second time');
} else {
// first time through
//print_r($post);
//print_r($_POST);
$ke = $post['email'];
$km = '';
$kr = "";
//if (array_key_exists('reason',$post)) $kr=$post['reason'];
$ka = $post['author'];
$kp = base64_encode(serialize($_POST));
//sfs_debug_msg('first time getting post stuff');
}
//sfs_debug_msg('creating form data');
// made it here - we display the screens
$knonce = wp_create_nonce('kpg_stopspam_deny');
// this may be the second time through
$formtop = '';
if (!empty($msg)) {
$msg = "\r\n<br><span style=\"color:red;\"> {$msg} </span><hr/>\r\n";
}
$formtop .= "\r\n<form action=\"\" method=\"post\" >\r\n<input type=\"hidden\" name=\"kn\" value=\"{$knonce}\">\r\n<input type=\"hidden\" name=\"kpg_deny\" value=\"{$chkcaptcha}\">\r\n<input type=\"hidden\" name=\"kp\" value=\"{$kp}\">\r\n<input type=\"hidden\" name=\"kr\" value=\"{$kr}\">\r\n<input type=\"hidden\" name=\"ka\" value=\"{$ka}\">\r\n";
$formbot = "\r\n<input type=\"submit\" value=\"Press to continue\">\r\n\r\n</form>\r\n\r\n";
$not = '';
if ($wlreq == 'Y') {
// halfhearted attempt to hide which field is the email field.
$not = "\r\n<fieldset style=\"border:thin solid black;padding:6px;width:100%;\">\r\n<legend><span style=\"font-weight:bold;font-size:1.2em\" >Allow Request</span></legend>\r\n<p>You have been blocked from entering information on this blog. In order to prevent this from happening in the future you\r\nmay ask the owner to add your network address to a list that allows you full access.</p>\r\n<p>Please enter your <b>e</b><b>ma</b><b>il</b> <b>add</b><b>re</b><b>ss</b> and a short note requesting access here</p>\r\n<span style=\"color:FFFEFF;\">e</span>-<span style=\"color:FFFDFF;\">ma</span>il for contact(required)<!-- not the message -->: <input type=\"text\" value=\"\" name=\"ke\"><br>\r\nmessage <!-- not email -->:<br><textarea name=\"km\"></textarea>\r\n</fieldset>\r\n";
}
$captop = "\r\n<fieldset style=\"border:thin solid black;padding:6px;width:100%;\">\r\n<legend><span style=\"font-weight:bold;font-size:1.2em\" >Please prove you are not a Robot</span></legend>\r\n\t\r\n\t\r\n";
$capbot = "\r\n</fieldset>\r\n";
// now the captchas
$cap = '';
switch ($chkcaptcha) {
case 'Y':
$date = date("Ymd");
$rand = rand(0, 9999999999999);
$height = "80";
$width = "240";
$img = "{$date}{$rand}-{$height}-{$width}.jpgx";
$imgloc = 'http://www.opencaptcha.com/img/';
$root = site_url();
$imgloc = site_url() . '?ocimg=';
//http://localhost/wordpress?ocimg=20150410628305005-80-240.jpgx
$cap = "\r\n<br>\r\n<hr/>\r\n<img src='{$imgloc}{$img}' height='{$height}' alt='captcha' width='{$width}' border='0' />\r\n<input type='hidden' name='img' value='{$img}'><br>\r\nEnter the code: <input type=text name=code value='' size='35' />\r\n";
break;
case 'G':
// recaptcha
$recaptchaapisite = $options['recaptchaapisite'];
$cap = "\r\n\t\t\t<script src=\"https://www.google.com/recaptcha/api.js\" async defer></script>\r\n\r\n\t\t\t<input type=\"hidden\" name=\"recaptcha\" value=\"recaptcha\">\r\n<div class=\"g-recaptcha\" data-sitekey=\"{$recaptchaapisite}\"></div>\r\n\r\n\r\n";
break;
case 'S':
$solvmediaapivchallenge = $options['solvmediaapivchallenge'];
$cap = "\r\n\t\t\t<script type=\"text/javascript\"\r\n\tsrc=\"http://api.solvemedia.com/papi/challenge.script?k={$solvmediaapivchallenge}\">\r\n</script>\r\n\r\n<noscript>\r\n\t<iframe src=\"http://api.solvemedia.com/papi/challenge.noscript?k={$solvmediaapivchallenge}\"\r\n\theight=\"300\" width=\"500\" frameborder=\"0\"></iframe><br/>\r\n\t<textarea name=\"adcopy_challenge\" rows=\"3\" cols=\"40\">\r\n\t</textarea>\r\n\t<input type=\"hidden\" name=\"adcopy_response\" value=\"manual_challenge\"/>\r\n</noscript><br>\r\n";
break;
case 'A':
// arithmetic
$n1 = rand(1, 9);
$n2 = rand(1, 9);
// try a much more nteresting way that can't be generalized
// use the "since" date from stats
$seed = 5;
$spdate = $stats['spdate'];
if (!empty($spdate)) {
$seed = strtotime($spdate);
}
$stupid = $n1 + $n2 - $seed;
$cap = "\r\n<P>Enter the SUM of these two numbers: <span style=\"size:4em;font-weight:bold;\">{$n1} + {$n2}</span><br>\r\n<input name=\"sum\" value=\"\" type=\"text\">\r\n<input type=\"hidden\" name=\"nums\" value=\"{$stupid}\"><br>\r\n<input type=\"submit\" value=\"Press to continue\">\r\n\r\n\r\n";
break;
case 'F':
// future
// future
default:
$captop = '';
$capbot = '';
$cap = '';
break;
}
// have a display
// need to send it to the display
if (empty($msg)) {
$msg = $rejectmessage;
}
$ansa = "\r\n\t\t{$msg}\r\n\t\t{$formtop}\r\n\t\t{$not}\r\n\t\t{$captop}\r\n\t\t{$cap}\r\n\t\t{$capbot}\r\n\t\t{$formbot}\r\n\t\t";
wp_die($ansa, "Stop Spammers", array('response' => 200));
exit;
}
function kpg_ss_check_white_block()
{
sfs_errorsonoff();
$options = kpg_ss_get_options();
$stats = kpg_ss_get_stats();
$post = get_post_variables();
$post['block'] = true;
$ansa = be_load('kpg_ss_check_white', kpg_get_ip(), $stats, $options, $post);
sfs_errorsonoff('off');
return $ansa;
}
function sfs_handle_ajax_sfs_process_watch($data)
{
// anything in data? never
// get the things out of the get
// check for valid get
if (!array_key_exists('func', $_GET)) {
echo "func not found";
exit;
}
$trash = KPG_SS_PLUGIN_URL . 'images/trash.png';
$tdown = KPG_SS_PLUGIN_URL . 'images/tdown.png';
$tup = KPG_SS_PLUGIN_URL . 'images/tup.png';
// fix this
$whois = KPG_SS_PLUGIN_URL . 'images/whois.png';
// fix this
$ip = $_GET['ip'];
$container = $_GET['cont'];
$func = $_GET['func'];
//echo "error $ip, $func, $container,".print_r($_GET,true);exit();
// container is blank, goodips, badips or log
// func is add_black, add_white, delete_gcache or delete_bcache
$options = kpg_ss_get_options();
$stats = kpg_ss_get_stats();
//$stats,$options);
$ansa = array();
switch ($func) {
case 'delete_gcache':
// deletes a good cache item
$ansa = be_load('kpg_ss_remove_gcache', $ip, $stats, $options);
$show = be_load('kpg_ss_get_gcache', 'x', $stats, $options);
echo $show;
exit;
break;
case 'delete_bcache':
// deletes a bad cache item
$ansa = be_load('kpg_ss_remove_bcache', $ip, $stats, $options);
$show = be_load('kpg_ss_get_bcache', 'x', $stats, $options);
echo $show;
exit;
break;
case 'add_black':
if ($container == 'badips') {
be_load('kpg_ss_remove_bcache', $ip, $stats, $options);
} else {
if ($container == 'goodips') {
be_load('kpg_ss_remove_gcache', $ip, $stats, $options);
} else {
// wlreq
be_load('kpg_ss_remove_bcache', $ip, $stats, $options);
be_load('kpg_ss_remove_gcache', $ip, $stats, $options);
}
}
be_load('kpg_ss_addtodenylist', $ip, $stats, $options);
break;
case 'add_white':
if ($container == 'badips') {
be_load('kpg_ss_remove_bcache', $ip, $stats, $options);
} else {
if ($container == 'goodips') {
be_load('kpg_ss_remove_gcache', $ip, $stats, $options);
} else {
be_load('kpg_ss_remove_bcache', $ip, $stats, $options);
be_load('kpg_ss_remove_gcache', $ip, $stats, $options);
}
}
be_load('kpg_ss_addtoallowlist', $ip, $stats, $options);
// if it is not good or bad ip we don't need the container as it is the log
break;
case 'delete_wl_row':
// this is from the allow request list
$ansa = be_load('kpg_ss_get_alreq', $ip, $stats, $options);
echo $ansa;
exit;
break;
case 'delete_wlip':
// this is from the allow request list
$ansa = be_load('kpg_ss_get_alreq', $ip, $stats, $options);
echo $ansa;
exit;
break;
case 'delete_wlem':
// this is from the allow request list
$ansa = be_load('kpg_ss_get_alreq', $ip, $stats, $options);
echo $ansa;
exit;
break;
default:
echo "\r\n\r\nUnrecognized function '{$func}'";
exit;
}
$ajaxurl = admin_url('admin-ajax.php');
$cachedel = 'delete_gcache';
switch ($container) {
case 'badips':
$show = be_load('kpg_ss_get_bcache', 'x', $stats, $options);
echo $show;
exit;
break;
case 'goodips':
$show = be_load('kpg_ss_get_gcache', 'x', $stats, $options);
echo $show;
exit;
break;
case 'wlreq':
$ansa = be_load('kpg_ss_get_alreq', $ip, $stats, $options);
echo $ansa;
exit;
default:
// coming from logs report we need to display an appropriate message, I think
echo "OK OK OK something is missing {$container} ";
exit;
}
}
function kpg_ss_user_reg_filter($user_login)
{
// the plugin should be all initialized
// check the ip, etc.
sfs_errorsonoff();
$options = kpg_ss_get_options();
$stats = kpg_ss_get_stats();
// fake out the post variables
$post = get_post_variables();
$post['author'] = $user_login;
$post['addon'] = 'chkRegister';
// no really an addon - but may be moved out when working.
if ($options['filterregistrations'] != 'Y') {
remove_filter('pre_user_login', kpg_ss_user_reg_filter, 1);
sfs_errorsonoff('off');
return $user_login;
}
// if the suspect is already in the bad cache he does not get a second chance?
// prevents looping
$reason = be_load('chkbcache', kpg_get_ip(), $stats, $options, $post);
sfs_errorsonoff();
if ($reason !== false) {
$rejectmessage = $options['rejectmessage'];
$post['reason'] = 'Failed Registration: bad cache';
$host['chk'] = 'chkbcache';
$ansa = be_load('kpg_ss_log_bad', kpg_get_ip(), $stats, $options, $post);
wp_die("{$rejectmessage}", "Login Access Denied", array('response' => 403));
exit;
}
// check the white list
$reason = kpg_ss_check_white();
sfs_errorsonoff();
if ($reason !== false) {
$post['reason'] = 'passed registration:' . $reason;
$ansa = be_load('kpg_ss_log_good', kpg_get_ip(), $stats, $options, $post);
sfs_errorsonoff('off');
return $user_login;
}
// check the black list
//sfs_debug_msg("Checking black list on registration: /r/n".print_r($post,true));
$ret = be_load('kpg_ss_check_post', kpg_get_ip(), $stats, $options, $post);
$post['reason'] = 'Passed Registration ' . $ret;
$ansa = be_load('kpg_ss_log_good', kpg_get_ip(), $stats, $options, $post);
return $user_login;
}
