/**
* Post process (never return)
*
*/
private static function abort($validate, $settings, $exist)
{
$context = IP_Geo_Block::get_instance();
// mark as malicious
$validate['result'] = 'blocked';
//'malice';
// (1) blocked, unknown, (3) unauthenticated, (5) all
if ((int) $settings['validation']['reclogs'] & 1) {
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-logs.php';
IP_Geo_Block_Logs::record_log('admin', $validate, $settings);
}
// update statistics
if ($settings['save_statistics']) {
$context->update_statistics('admin', $validate);
}
// send response code to refuse
$context->send_response('admin', $exist ? $settings['response_code'] : 404);
}
/**
* Ajax callback function
*
* @link http://codex.wordpress.org/AJAX_in_Plugins
* @link http://codex.wordpress.org/Function_Reference/check_ajax_referer
* @link http://core.trac.wordpress.org/browser/trunk/wp-admin/admin-ajax.php
*/
public function admin_ajax_callback()
{
// Check request origin, nonce, capability.
if (!check_admin_referer($this->get_ajax_action(), 'nonce') || !current_user_can('manage_options') || empty($_POST)) {
// @since 2.0
status_header(403);
// Forbidden @since 2.0.0
}
$which = isset($_POST['which']) ? $_POST['which'] : NULL;
switch (isset($_POST['cmd']) ? $_POST['cmd'] : NULL) {
case 'download':
$res = IP_Geo_Block::download_database();
break;
case 'search':
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-apis.php';
// check format
if (filter_var($ip = $_POST['ip'], FILTER_VALIDATE_IP)) {
// get option settings and compose request headers
$options = IP_Geo_Block::get_option('settings');
$args = IP_Geo_Block::get_request_headers($options);
// create object for provider and get location
if ($geo = IP_Geo_Block_API::get_instance($which, $options)) {
$res = $geo->get_location($ip, $args);
} else {
$res = array('errorMessage' => 'Unknown service.');
}
} else {
$res = array('errorMessage' => 'Invalid IP address.');
}
break;
case 'scan-code':
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-apis.php';
// scan all the country code using selected APIs
$ip = IP_Geo_Block::get_ip_address();
$options = IP_Geo_Block::get_option('settings');
$args = IP_Geo_Block::get_request_headers($options);
$type = IP_Geo_Block_Provider::get_providers('type', FALSE, FALSE);
$providers = IP_Geo_Block_Provider::get_valid_providers($options['providers'], FALSE, FALSE);
$res['IP address'] = esc_html($ip);
foreach ($providers as $provider) {
if ($geo = IP_Geo_Block_API::get_instance($provider, $options)) {
$ret = $geo->get_location($ip, $args);
$res[$provider] = array('type' => $type[$provider], 'code' => esc_html(FALSE === $ret ? __('n/a', IP_Geo_Block::TEXT_DOMAIN) : (!empty($ret['errorMessage']) ? $ret['errorMessage'] : (!empty($ret['countryCode']) ? $ret['countryCode'] : __('UNKNOWN', IP_Geo_Block::TEXT_DOMAIN)))));
}
}
break;
case 'clear-statistics':
// set default values
update_option($this->option_name['statistics'], IP_Geo_Block::get_default('statistics'));
$res = array('page' => 'options-general.php?page=' . IP_Geo_Block::PLUGIN_SLUG, 'tab' => 'tab=1');
break;
case 'clear-cache':
// delete cache of IP address
delete_transient(IP_Geo_Block::CACHE_KEY);
// @since 2.8
$res = array('page' => 'options-general.php?page=' . IP_Geo_Block::PLUGIN_SLUG, 'tab' => 'tab=1');
break;
case 'clear-logs':
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-logs.php';
$hook = array('comment', 'login', 'admin', 'xmlrpc');
$which = in_array($which, $hook) ? $which : NULL;
IP_Geo_Block_Logs::clean_log($which);
$res = array('page' => 'options-general.php?page=' . IP_Geo_Block::PLUGIN_SLUG, 'tab' => 'tab=4');
break;
case 'restore':
require_once IP_GEO_BLOCK_PATH . 'includes/localdate.php';
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-logs.php';
// if js is slow then limit the number of rows
$limit = IP_Geo_Block_Logs::limit_rows(@$_POST['time']);
// compose html with sanitization
$which = IP_Geo_Block_Logs::restore_log($which);
foreach ($which as $hook => $rows) {
$html = '';
$n = 0;
foreach ($rows as $logs) {
$log = (int) array_shift($logs);
$html .= "<tr><td data-value={$log}>";
$html .= ip_geo_block_localdate($log, 'Y-m-d H:i:s') . "</td>";
foreach ($logs as $log) {
$log = esc_html($log);
$html .= "<td>{$log}</td>";
}
$html .= "</tr>";
if (++$n >= $limit) {
break;
}
}
$res[$hook] = $html;
}
break;
case 'create_table':
case 'delete_table':
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-logs.php';
if ('create_table' === $_POST['cmd']) {
IP_Geo_Block_Logs::create_log();
} else {
IP_Geo_Block_Logs::delete_log();
}
$res = array('page' => 'options-general.php?page=' . IP_Geo_Block::PLUGIN_SLUG);
}
if (isset($res)) {
// wp_send_json_{success,error}() @since 3.5.0
wp_send_json($res);
}
// @since 3.5.0
die;
// End of ajax
}
/**
* Auxiliary validation functions
*
*/
public function auth_fail($something = NULL)
{
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-apis.php';
// Count up a number of fails when authentication is failed
if ($cache = IP_Geo_Block_API_Cache::get_cache($this->remote_addr)) {
$validate = self::make_validation($this->remote_addr, array('code' => $cache['code'], 'fail' => TRUE, 'result' => 'failed'));
$settings = self::get_option('settings');
IP_Geo_Block_API_Cache::update_cache($cache['hook'], $validate, $settings);
// (1) blocked, (3) unauthenticated, (5) all
if ((int) $settings['validation']['reclogs'] & 1) {
require_once IP_GEO_BLOCK_PATH . 'classes/class-ip-geo-block-logs.php';
IP_Geo_Block_Logs::record_log($cache['hook'], $validate, $settings);
}
}
return $something;
// pass through
}
