protected function doPostProcessActions()
{
if (
$this->isBlockNeeded()
&& $this->blockCurrentUser()
&& CSecurityIPRule::IsActive()
)
{
CSecurityIPRule::OnPageStart(true);
}
}
}
ob_start();
$Update = $_REQUEST["Update"] . $_REQUEST["Apply"];
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/admin/group_rights2.php";
ob_end_clean();
if ($_REQUEST["back_url_settings"] != "") {
if ($_REQUEST["Update"] != "") {
LocalRedirect($_REQUEST["back_url_settings"]);
}
$returnUrl = $_GET["return_url"] ? urlencode($_GET["return_url"]) : "";
LocalRedirect($APPLICATION->GetCurPage() . "?mid=" . urlencode($module_id) . "&lang=" . urlencode(LANGUAGE_ID) . "&back_url_settings=" . $returnUrl . "&" . $tabControl->ActiveTabParam());
} else {
LocalRedirect($APPLICATION->GetCurPage() . "?mid=" . urlencode($module_id) . "&lang=" . urlencode(LANGUAGE_ID) . "&" . $tabControl->ActiveTabParam());
}
}
$message = CSecurityIPRule::CheckAntiFile(true);
if ($message) {
echo $message->Show();
}
$availableMessagePlaceholders = CSecurityEventMessageFormatter::getAvailableMessagePlaceholders();
$availableUserInfoPlaceholders = CSecurityEventMessageFormatter::getAvailableUserInfoPlaceholders();
?>
<form method="post" action="<?php
echo $APPLICATION->GetCurPage();
?>
?mid=<?php
echo urlencode($module_id);
?>
&lang=<?php
echo LANGUAGE_ID;
?>
$lAdmin->AddHeaders($arHeaders);
$arSelectedFields = $lAdmin->GetVisibleHeaderColumns();
if (!is_array($arSelectedFields) || count($arSelectedFields) < 1) {
$arSelectedFields = array("ID", "RULE_TYPE", "ACTIVE", "ADMIN_SECTION", "SITE_ID", "SORT", "NAME", "ACTIVE_FROM", "ACTIVE_TO");
}
$arVisibleColumnsMap = array();
foreach ($arSelectedFields as $value) {
$arVisibleColumnsMap[$value] = true;
}
if (array_key_exists("ACTIVE_FROM", $arVisibleColumnsMap)) {
$arSelectedFields[] = "ACTIVE_FROM_TIMESTAMP";
}
if (array_key_exists("ACTIVE_TO", $arVisibleColumnsMap)) {
$arSelectedFields[] = "ACTIVE_TO_TIMESTAMP";
}
$cData = new CSecurityIPRule();
$rsData = $cData->GetList($arSelectedFields, $arFilter, array($by => $order, "ID" => "DESC"));
$rsData = new CAdminResult($rsData, $sTableID);
$rsData->NavStart();
$lAdmin->NavText($rsData->GetNavPrint(GetMessage("SEC_IP_LIST_PAGER")));
$current_time = time();
while ($arRes = $rsData->NavNext(true, "f_")) {
$row =& $lAdmin->AddRow($f_ID, $arRes);
$row->AddViewField("ADMIN_SECTION", $f_ADMIN_SECTION == "Y" ? GetMessage("MAIN_YES") : GetMessage("MAIN_NO"));
$row->AddViewField("RULE_TYPE", $arAccessTypes[$f_RULE_TYPE]);
if ($f_ACTIVE == "Y" && ($f_ACTIVE_FROM == "" || intval($f_ACTIVE_FROM_TIMESTAMP) < $current_time) && ($f_ACTIVE_TO == "" || intval($f_ACTIVE_TO_TIMESTAMP) > $current_time)) {
$row->AddViewField("ACTIVE", '<div class="lamp-green"></div>');
} else {
$row->AddViewField("ACTIVE", '<div class="lamp-red"></div>');
}
if (array_key_exists("INCL_PATH", $arVisibleColumnsMap)) {
}
$data['std']['ITEMS'][] = array("IS_OK" => $error_level == GetMessage("SEC_PANEL_ERROR1") || $error_level == GetMessage("SEC_PANEL_ERROR3"), "KPI_NAME" => GetMessage("SEC_PANEL_ERROR_NAME"), "KPI_VALUE" => $error_level, "KPI_RECOMMENDATION" => $error_level == GetMessage("SEC_PANEL_ERROR1") || $error_level == GetMessage("SEC_PANEL_ERROR3") ? ' ' : ($USER->CanDoOperation('edit_other_settings') ? '<a href="settings.php?lang=' . LANGUAGE_ID . '&mid=main&back_url_settings=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ERROR1") . '</a>' : GetMessage("SEC_PANEL_ERROR1")));
global $DB;
$data['std']['ITEMS'][] = array("IS_OK" => !$DB->debug, "KPI_NAME" => GetMessage("SEC_PANEL_QUERY_DEBUG"), "KPI_VALUE" => $DB->debug ? GetMessage("SEC_PANEL_QUERY_DEBUG_VALUE_ON") : GetMessage("SEC_PANEL_QUERY_DEBUG_VALUE_OFF"), "KPI_RECOMMENDATION" => !$DB->debug ? ' ' : (IsModuleInstalled('fileman') && ($USER->CanDoOperation('fileman_admin_files') || $USER->CanDoOperation('fileman_edit_existent_files')) ? GetMessage("SEC_PANEL_QUERY_DEBUG_RECOMMENDATION_WITH_HREF", array("#HREF#" => '/bitrix/admin/fileman_file_edit.php?lang=' . LANGUAGE_ID . '&full_src=Y&path=' . urlencode(BX_PERSONAL_ROOT . '/php_interface/dbconn.php') . '&back_url=' . urlencode('/bitrix/admin/security_panel.php?lang=' . LANGUAGE_ID))) : GetMessage("SEC_PANEL_QUERY_DEBUG_RECOMMENDATION_WO_HREF")));
$bEventLog = COption::GetOptionString("main", "event_log_logout", "N") === "Y" && COption::GetOptionString("main", "event_log_login_success", "N") === "Y" && COption::GetOptionString("main", "event_log_login_fail", "N") === "Y" && COption::GetOptionString("main", "event_log_register", "N") === "Y" && COption::GetOptionString("main", "event_log_register_fail", "N") === "Y" && COption::GetOptionString("main", "event_log_password_request", "N") === "Y" && COption::GetOptionString("main", "event_log_password_change", "N") === "Y" && COption::GetOptionString("main", "event_log_user_delete", "N") === "Y" && COption::GetOptionString("main", "event_log_user_groups", "N") === "Y" && COption::GetOptionString("main", "event_log_group_policy", "N") === "Y" && COption::GetOptionString("main", "event_log_module_access", "N") === "Y" && COption::GetOptionString("main", "event_log_file_access", "N") === "Y" && COption::GetOptionString("main", "event_log_task", "N") === "Y";
$data['high']['ITEMS'][] = array("IS_OK" => $bEventLog, "KPI_NAME" => GetMessage("SEC_PANEL_EVENT_LOG_NAME"), "KPI_VALUE" => $bEventLog ? GetMessage("SEC_PANEL_EVENT_LOG_VALUE_ON") : GetMessage("SEC_PANEL_EVENT_LOG_VALUE_OFF"), "KPI_RECOMMENDATION" => $bEventLog ? ' ' : ($USER->CanDoOperation('edit_other_settings') ? '<a href="settings.php?lang=' . LANGUAGE_ID . '&mid=main&back_url_settings=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=edit8">' . GetMessage("SEC_PANEL_EVENT_LOG_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_EVENT_LOG_RECOMMENDATION")));
$bSecurityFrame = CSecurityFrame::IsActive();
$data['high']['ITEMS'][] = array("IS_OK" => $bSecurityFrame, "KPI_NAME" => GetMessage("SEC_PANEL_FRAME_NAME"), "KPI_VALUE" => $bSecurityFrame ? GetMessage("SEC_PANEL_FRAME_VALUE_ON") : GetMessage("SEC_PANEL_FRAME_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSecurityFrame ? ' ' : ($USER->CanDoOperation('security_frame_settings_write') ? '<a href="security_frame.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_FRAME_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FRAME_RECOMMENDATION")));
$rsIPRule = CSecurityIPRule::GetList(array(), array("=RULE_TYPE" => "A", "=ADMIN_SECTION" => "Y", "=SITE_ID" => false, "=SORT" => 10, "=ACTIVE_FROM" => false, "=ACTIVE_TO" => false), array("ID" => "ASC"));
$arIPRule = $rsIPRule->Fetch();
if ($arIPRule) {
$bIPProtection = $arIPRule["ACTIVE"] == "Y";
} else {
$bIPProtection = false;
}
$msgStopListDisabled = CSecurityIPRule::CheckAntiFile(true);
$data['high']['ITEMS'][] = array("IS_OK" => $bIPProtection && $msgStopListDisabled === false, "KPI_NAME" => GetMessage("SEC_PANEL_IPBLOCK_NAME"), "KPI_VALUE" => $bIPProtection && $msgStopListDisabled === false ? GetMessage("SEC_PANEL_IPBLOCK_VALUE_ON") : GetMessage("SEC_PANEL_IPBLOCK_VALUE_OFF"), "KPI_RECOMMENDATION" => $bIPProtection ? $msgStopListDisabled === false ? ' ' : $msgStopListDisabled->Show() : ($USER->CanDoOperation('security_iprule_admin_settings_write') ? '<a href="security_iprule_admin.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_IPBLOCK_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_IPBLOCK_RECOMMENDATION")));
$bSessionsDB = COption::GetOptionString("security", "session") == "Y";
$data['high']['ITEMS'][] = array("IS_OK" => $bSessionsDB, "KPI_NAME" => GetMessage("SEC_PANEL_SESSDB_NAME"), "KPI_VALUE" => $bSessionsDB ? GetMessage("SEC_PANEL_SESSDB_VALUE_ON") : GetMessage("SEC_PANEL_SESSDB_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSessionsDB ? ' ' : ($USER->CanDoOperation('security_session_settings_write') ? '<a href="security_session.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=savedb">' . GetMessage("SEC_PANEL_SESSDB_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_SESSDB_RECOMMENDATION")));
$bSessionTTL = COption::GetOptionString("main", "use_session_id_ttl", "N") == "Y" && COption::GetOptionInt("main", "session_id_ttl", 0) > 0;
$data['high']['ITEMS'][] = array("IS_OK" => $bSessionTTL, "KPI_NAME" => GetMessage("SEC_PANEL_SESSID_NAME"), "KPI_VALUE" => $bSessionTTL ? GetMessage("SEC_PANEL_SESSID_VALUE_ON") : GetMessage("SEC_PANEL_SESSID_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSessionTTL ? ' ' : ($USER->CanDoOperation('security_session_settings_write') ? '<a href="security_session.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=sessid">' . GetMessage("SEC_PANEL_SESSID_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_SESSID_RECOMMENDATION")));
$bRedirect = CSecurityRedirect::IsActive();
$data['high']['ITEMS'][] = array("IS_OK" => $bRedirect, "KPI_NAME" => GetMessage("SEC_PANEL_ANTIFISHING_NAME"), "KPI_VALUE" => $bRedirect ? GetMessage("SEC_PANEL_ANTIFISHING_VALUE_ON") : GetMessage("SEC_PANEL_ANTIFISHING_VALUE_OFF"), "KPI_RECOMMENDATION" => $bRedirect ? ' ' : ($USER->CanDoOperation('security_redirect_settings_write') ? '<a href="security_redirect.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ANTIFISHING_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_ANTIFISHING_RECOMMENDATION")));
$bOTP = CSecurityUser::isActive();
$data['very_high']['ITEMS'][] = array("IS_OK" => $bOTP, "KPI_NAME" => GetMessage("SEC_PANEL_OTP_NAME"), "KPI_VALUE" => $bOTP ? GetMessage("SEC_PANEL_OTP_VALUE_ON") : GetMessage("SEC_PANEL_OTP_VALUE_OFF"), "KPI_RECOMMENDATION" => $bOTP ? ' ' : ($USER->CanDoOperation('security_otp_settings_write') ? '<a href="security_otp.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_OTP_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_OTP_RECOMMENDATION")));
$timeFC = COption::GetOptionInt("security", "last_files_check", -1);
$data['very_high']['ITEMS'][] = array("IS_OK" => $timeFC > 1 && time() - $timeFC < 7 * 24 * 3600, "KPI_NAME" => GetMessage("SEC_PANEL_FILES_NAME"), "KPI_VALUE" => $timeFC < 0 ? GetMessage("SEC_PANEL_FILES_VALUE_NEVER") : (time() - $timeFC > 24 * 3600 ? GetMessage("SEC_PANEL_FILES_VALUE_LONGTIMEAGO") : GetMessage("SEC_PANEL_FILES_VALUE_ACTUAL")), "KPI_RECOMMENDATION" => $timeFC > 1 && time() - $timeFC < 7 * 24 * 3600 ? ' ' : ($USER->CanDoOperation('security_file_verifier_verify') ? '<a href="security_file_verifier.php?lang=' . LANGUAGE_ID . '">' . GetMessage("SEC_PANEL_FILES_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILES_RECOMMENDATION")));
$bSecurityAV = CSecurityAntiVirus::IsActive();
$data['very_high']['ITEMS'][] = array("IS_OK" => $bSecurityAV, "KPI_NAME" => GetMessage("SEC_PANEL_ANTIVIRUS_NAME"), "KPI_VALUE" => $bSecurityAV ? GetMessage("SEC_PANEL_ANTIVIRUS_VALUE_ON") : GetMessage("SEC_PANEL_ANTIVIRUS_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSecurityAV ? ' ' : ($USER->CanDoOperation('security_antivirus_settings_write') ? '<a href="security_antivirus.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ANTIVIRUS_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_ANTIVIRUS_RECOMMENDATION")));
$strSecurityAVAction = COption::GetOptionString("security", "antivirus_action");
$data['very_high']['ITEMS'][] = array("IS_OK" => $strSecurityAVAction !== "notify_only", "KPI_NAME" => GetMessage("SEC_PANEL_AV_ACTION_NAME"), "KPI_VALUE" => $strSecurityAVAction === "notify_only" ? GetMessage("SEC_PANEL_AV_ACTION_VALUE_NOTIFY") : GetMessage("SEC_PANEL_AV_ACTION_VALUE_ACT"), "KPI_RECOMMENDATION" => $strSecurityAVAction !== "notify_only" ? ' ' : ($USER->CanDoOperation('security_antivirus_settings_write') ? '<a href="security_antivirus.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=params">' . GetMessage("SEC_PANEL_AV_ACTION_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_AV_ACTION_RECOMMENDATION")));
function CleanUpAgent()
{
$agentName = "CSecurityIPRule::CleanUpAgent();";
$cleanupDays = 2;
$activeTo = ConvertTimeStamp(time() - $cleanupDays * 24 * 60 * 60, "FULL");
if (!$activeTo) {
return $agentName;
}
$rs = CSecurityIPRule::GetList(array("ID"), array("=RULE_TYPE" => "A", "<=ACTIVE_TO" => $activeTo), array("ID" => "ASC"));
while ($ar = $rs->Fetch()) {
CSecurityIPRule::Delete($ar["ID"]);
}
return $agentName;
}
$ID = $arIPRule["ID"];
$ACTIVE = $arIPRule["ACTIVE"];
} else {
$ID = 0;
$ACTIVE = "N";
}
$exclMasks = array();
foreach (GetModuleEvents("security", "OnIPRuleAdmin", true) as $event) {
$exclMasks = array_merge($exclMasks, ExecuteModuleEventEx($event));
}
$strError = "";
$bVarsFromForm = false;
$bShowForce = false;
$message = CSecurityIPRule::CheckAntiFile(true);
if ($REQUEST_METHOD == "POST" && ($save != "" || $apply != "" || $activate_iprule != "" || $deactivate_iprule != "") && $RIGHT_W && check_bitrix_sessid()) {
$ob = new CSecurityIPRule();
if (!$activate_iprule && $deactivate_iprule) {
//When rule is going to be deactivated we will no check for IP
$noExclIPS = false;
$selfBlock = false;
} else {
//Otherwise check if ANY input supplied
$noExclIPS = true;
foreach ($_POST["EXCL_IPS"] as $ip) {
if (strlen(trim($ip)) > 0) {
$noExclIPS = false;
break;
}
}
//AND it is not selfblocking rule
$INCL_IPS = array("0.0.0.1-255.255.255.255");
function CleanUpAgent()
{
$cleanup_days = 2;
$rs = CSecurityIPRule::GetList(array("ID"), array("=RULE_TYPE" => "A", "<=ACTIVE_TO" => ConvertTimeStamp(time() - $cleanup_days * 24 * 60 * 60, "FULL")), array("ID" => "ASC"));
while ($ar = $rs->Fetch()) {
CSecurityIPRule::Delete($ar["ID"]);
}
return "CSecurityIPRule::CleanUpAgent();";
}
/**
* @param array $originalPostVars
*/
protected function doPostProccessActions($originalPostVars = array())
{
if ($this->currentUserHaveRightsForSkip() && $this->isNeedShowForm()) {
$this->showForm($originalPostVars);
} elseif ($this->isUserBlocked && CSecurityIPRule::IsActive()) {
CSecurityIPRule::OnPageStart(true);
}
}
