/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); if ($current_options === false) { $current_options = $this->defaults; } $current_options['protect_files'] = isset($itsec_bwps_options['st_ht_files']) && $itsec_bwps_options['st_ht_files'] == 1 ? true : false; $current_options['directory_browsing'] = isset($itsec_bwps_options['st_ht_browsing']) && $itsec_bwps_options['st_ht_browsing'] == 1 ? true : false; $current_options['request_methods'] = isset($itsec_bwps_options['st_ht_request']) && $itsec_bwps_options['st_ht_request'] == 1 ? true : false; $current_options['suspicious_query_strings'] = isset($itsec_bwps_options['st_ht_query']) && $itsec_bwps_options['st_ht_query'] == 1 ? true : false; $current_options['non_english_characters'] = isset($itsec_bwps_options['st_ht_foreign']) && $itsec_bwps_options['st_ht_foreign'] == 1 ? true : false; $current_options['long_url_strings'] = isset($itsec_bwps_options['st_longurl']) && $itsec_bwps_options['st_longurl'] == 1 ? true : false; $current_options['write_permissions'] = isset($itsec_bwps_options['st_fileperm']) && $itsec_bwps_options['st_fileperm'] == 1 ? true : false; $current_options['wlwmanifest_header'] = isset($itsec_bwps_options['st_manifest']) && $itsec_bwps_options['st_manifest'] == 1 ? true : false; $current_options['edituri_header'] = isset($itsec_bwps_options['st_edituri']) && $itsec_bwps_options['st_edituri'] == 1 ? true : false; $current_options['theme_updates'] = isset($itsec_bwps_options['st_themenot']) && $itsec_bwps_options['st_themenot'] == 1 ? true : false; $current_options['plugin_updates'] = isset($itsec_bwps_options['st_pluginnot']) && $itsec_bwps_options['st_pluginnot'] == 1 ? true : false; $current_options['core_updates'] = isset($itsec_bwps_options['st_corenot']) && $itsec_bwps_options['st_corenot'] == 1 ? true : false; $current_options['comment_spam'] = isset($itsec_bwps_options['st_comment']) && $itsec_bwps_options['st_comment'] == 1 ? true : false; $current_options['login_errors'] = isset($itsec_bwps_options['st_loginerror']) && $itsec_bwps_options['st_loginerror'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); add_site_option('itsec_rewrites_changed', true); add_site_option('itsec_config_changed', true); } if ($itsec_old_version < 4035) { add_site_option('itsec_rewrites_changed', true); } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['protect_files'] = isset($itsec_bwps_options['st_ht_files']) && $itsec_bwps_options['st_ht_files'] == 1 ? true : false; $current_options['directory_browsing'] = isset($itsec_bwps_options['st_ht_browsing']) && $itsec_bwps_options['st_ht_browsing'] == 1 ? true : false; $current_options['request_methods'] = isset($itsec_bwps_options['st_ht_request']) && $itsec_bwps_options['st_ht_request'] == 1 ? true : false; $current_options['suspicious_query_strings'] = isset($itsec_bwps_options['st_ht_query']) && $itsec_bwps_options['st_ht_query'] == 1 ? true : false; $current_options['non_english_characters'] = isset($itsec_bwps_options['st_ht_foreign']) && $itsec_bwps_options['st_ht_foreign'] == 1 ? true : false; $current_options['long_url_strings'] = isset($itsec_bwps_options['st_longurl']) && $itsec_bwps_options['st_longurl'] == 1 ? true : false; $current_options['write_permissions'] = isset($itsec_bwps_options['st_fileperm']) && $itsec_bwps_options['st_fileperm'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('system-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $on) { if ($on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('system-tweaks'); } else { ITSEC_Modules::deactivate('system-tweaks'); } ITSEC_Modules::set_settings('system-tweaks', $current_options); } } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['wlwmanifest_header'] = isset($itsec_bwps_options['st_manifest']) && $itsec_bwps_options['st_manifest'] == 1 ? true : false; $current_options['edituri_header'] = isset($itsec_bwps_options['st_edituri']) && $itsec_bwps_options['st_edituri'] == 1 ? true : false; $current_options['comment_spam'] = isset($itsec_bwps_options['st_comment']) && $itsec_bwps_options['st_comment'] == 1 ? true : false; $current_options['login_errors'] = isset($itsec_bwps_options['st_loginerror']) && $itsec_bwps_options['st_loginerror'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('wordpress-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $setting => $on) { // False is actually "enabled" for blocking xmlrpc multiauth if ('allow_xmlrpc_multiauth' !== $setting && $on || 'allow_xmlrpc_multiauth' === $setting && !$on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('wordpress-tweaks'); } else { ITSEC_Modules::deactivate('wordpress-tweaks'); } ITSEC_Modules::set_settings('wordpress-tweaks', $current_options); } } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['theme_updates'] = isset($itsec_bwps_options['st_themenot']) && $itsec_bwps_options['st_themenot'] == 1 ? true : false; $current_options['plugin_updates'] = isset($itsec_bwps_options['st_pluginnot']) && $itsec_bwps_options['st_pluginnot'] == 1 ? true : false; $current_options['core_updates'] = isset($itsec_bwps_options['st_corenot']) && $itsec_bwps_options['st_corenot'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('multisite-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $on) { if ($on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('multisite-tweaks'); } else { ITSEC_Modules::deactivate('multisite-tweaks'); } ITSEC_Modules::set_settings('multisite-tweaks', $current_options); } } }
/** * Update Execution * * @since 4.0 * * @param string $old_version Old version number * * @return void */ private function upgrade_execute($upgrade = false) { global $itsec_old_version, $itsec_globals, $wpdb, $itsec_setup_action; $itsec_setup_action = 'upgrade'; $itsec_old_version = $upgrade; if ($itsec_old_version < 4000) { global $itsec_bwps_options; if (wp_next_scheduled('bwps_backup')) { wp_clear_scheduled_hook('bwps_backup'); } if (is_multisite()) { switch_to_blog(1); $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); restore_current_blog(); } else { $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); } if ($itsec_bwps_options !== false) { $current_options = get_site_option('itsec_global'); if ($current_options === false) { $current_options = $this->defaults; } $current_options['notification_email'] = array(isset($itsec_bwps_options['ll_emailaddress']) && strlen($itsec_bwps_options['ll_emailaddress']) ? $itsec_bwps_options['ll_emailaddress'] : get_option('admin_email')); $current_options['backup_email'] = array(isset($itsec_bwps_options['backup_emailaddress']) && strlen($itsec_bwps_options['backup_emailaddress']) ? $itsec_bwps_options['backup_emailaddress'] : get_option('admin_email')); $current_options['blacklist'] = isset($itsec_bwps_options['ll_blacklistip']) && $itsec_bwps_options['ll_blacklistip'] == 0 ? false : true; $current_options['blacklist_count'] = isset($itsec_bwps_options['ll_blacklistipthreshold']) && intval($itsec_bwps_options['ll_blacklistipthreshold']) > 0 ? intval($itsec_bwps_options['ll_blacklistipthreshold']) : 3; $current_options['write_files'] = isset($itsec_bwps_options['st_writefiles']) && $itsec_bwps_options['st_writefiles'] == 1 ? true : false; $itsec_globals['settings']['write_files'] = $current_options['write_files']; $current_options['did_upgrade'] = true; if (isset($itsec_bwps_options['id_whitelist']) && !is_array($itsec_bwps_options['id_whitelist']) && strlen($itsec_bwps_options['id_whitelist']) > 1) { $raw_hosts = explode(PHP_EOL, $itsec_bwps_options['id_whitelist']); foreach ($raw_hosts as $host) { if (strlen($host) > 1) { $current_options['lockout_white_list'][] = $host; } } } if ($current_options['write_files'] === false) { set_site_transient('ITSEC_SHOW_WRITE_FILES_TOOLTIP', true, 600); } update_site_option('itsec_global', $current_options); } $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_lockouts`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_log`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_d404`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_ll`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_lockouts`;"); delete_option('bwps_file_log'); delete_option('bwps_awaymode'); delete_option('bwps_filecheck'); delete_option('BWPS_Login_Slug'); delete_option('BWPS_options'); delete_option('BWPS_versions'); delete_option('bit51_bwps_data'); } $this->do_modules(); $itsec_globals['data']['build'] = $itsec_globals['plugin_build']; update_site_option('itsec_data', $itsec_globals['data']); if ($itsec_old_version < 4030) { ITSEC_Lib::create_database_tables(); //adds username field to lockouts and temp add_site_option('itsec_rewrites_changed', true); } if ($itsec_old_version < 4031) { $banned_option = get_site_option('itsec_ban_users'); if (isset($banned_option['white_list'])) { $banned_white_list = $banned_option['white_list']; $options = get_site_option('itsec_global'); $white_list = isset($options['lockout_white_list']) ? $options['lockout_white_list'] : array(); if (!is_array($white_list)) { $white_list = explode(PHP_EOL, $white_list); } if (!is_array($banned_white_list)) { $banned_white_list = explode(PHP_EOL, $banned_white_list); } $new_white_list = array_merge($white_list, $banned_white_list); $options['lockout_white_list'] = $new_white_list; update_site_option('itsec_global', $options); } } if ($itsec_old_version < 4033) { if (get_site_option('itsec_api_nag') === false) { //show the nag to activate an API key add_site_option('itsec_api_nag', true, false); } } }
/** * Executes lockout and logging for modules * * @since 4.0 * * @param string $module string name of the calling module * @param string $user username of user * * @return void */ public function do_lockout($module, $user = null) { global $wpdb, $itsec_globals; $wpdb->hide_errors(); //Hide database errors in case the tables aren't there $lock_host = null; $lock_user = null; $lock_username = null; $options = $this->lockout_modules[$module]; $host = ITSEC_Lib::get_ip(); if (isset($options['host']) && $options['host'] > 0) { $wpdb->insert($wpdb->base_prefix . 'itsec_temp', array('temp_type' => $options['type'], 'temp_date' => date('Y-m-d H:i:s', $itsec_globals['current_time']), 'temp_date_gmt' => date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']), 'temp_host' => $host)); $host_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . $wpdb->base_prefix . "itsec_temp` WHERE `temp_date_gmt` > '%s' AND `temp_host`='%s';", date('Y-m-d H:i:s', $itsec_globals['current_time_gmt'] - $options['period'] * 60), $host)); if ($host_count >= $options['host']) { $lock_host = $host; } } if ($user !== null && isset($options['user']) && $options['user'] > 0) { $user_id = username_exists(sanitize_text_field($user)); if ($user_id !== null) { $wpdb->insert($wpdb->base_prefix . 'itsec_temp', array('temp_type' => $options['type'], 'temp_date' => date('Y-m-d H:i:s', $itsec_globals['current_time']), 'temp_date_gmt' => date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']), 'temp_user' => intval($user_id), 'temp_username' => sanitize_text_field($user))); $user_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . $wpdb->base_prefix . "itsec_temp` WHERE `temp_date_gmt` > '%s' AND `temp_username`='%s' OR `temp_user`=%s;", date('Y-m-d H:i:s', $itsec_globals['current_time_gmt'] - $options['period'] * 60), sanitize_text_field($user), intval($user_id))); if ($user_count >= $options['user']) { $lock_user = $user_id; } } else { $user = sanitize_text_field($user); $wpdb->insert($wpdb->base_prefix . 'itsec_temp', array('temp_type' => $options['type'], 'temp_date' => date('Y-m-d H:i:s', $itsec_globals['current_time']), 'temp_date_gmt' => date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']), 'temp_username' => $user)); $user_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . $wpdb->base_prefix . "itsec_temp` WHERE `temp_date_gmt` > '%s' AND `temp_username`='%s';", date('Y-m-d H:i:s', $itsec_globals['current_time_gmt'] - $options['period'] * 60), $user)); if ($user_count >= $options['user']) { $lock_username = $user; } } } $error = $wpdb->last_error; if (strlen(trim($error)) > 0) { ITSEC_Lib::create_database_tables(); } if (!$this->is_ip_whitelisted($host) && ($lock_host !== null || $lock_user !== null || $lock_username !== null)) { $this->lockout($options['type'], $options['reason'], $lock_host, $lock_user, $lock_username); } elseif ($lock_host !== null || $lock_user !== null) { global $itsec_logger; $itsec_logger->log_event(__('lockout', 'it-l10n-better-wp-security'), 10, array(__('A whitelisted host has triggered a lockout condition but was not locked out.', 'it-l10n-better-wp-security')), sanitize_text_field($host)); } }
/** * Logs events sent by other modules or systems * * @param string $module the module requesting the log entry * @param int $priority the priority of the log entry (1-10) * @param array $data extra data to log (non-indexed data would be good here) * @param string $host the remote host triggering the event * @param string $username the username triggering the event * @param string $user the user id triggering the event * @param string $url the url triggering the event * @param string $referrer the referrer to the url (if applicable) * * @return void */ public function log_event( $module, $priority = 5, $data = array(), $host = '', $username = '', $user = '', $url = '', $referrer = '' ) { global $wpdb, $itsec_globals; if ( isset( $this->logger_modules[ $module ] ) ) { $options = $this->logger_modules[ $module ]; if ( ! isset( $itsec_globals['settings']['log_type'] ) || $itsec_globals['settings']['log_type'] === 0 || $itsec_globals['settings']['log_type'] == 2 ) { $values = array( 'log_type' => $options['type'], 'log_priority' => intval( $priority ), 'log_function' => $options['function'], 'log_date' => date( 'Y-m-d H:i:s', $itsec_globals['current_time'] ), 'log_date_gmt' => date( 'Y-m-d H:i:s', $itsec_globals['current_time_gmt'] ), 'log_host' => sanitize_text_field( $host ), 'log_username' => sanitize_text_field( $username ), 'log_user' => intval( $user ), 'log_url' => $url, 'log_referrer' => $referrer, 'log_data' => serialize( $data ), ); $columns = '`' . implode( '`, `', array_keys( $values ) ) . '`'; $placeholders = '%s, %d, %s, %s, %s, %s, %s, %s, %s, %s, %s'; $query_format = "INSERT INTO `{$wpdb->base_prefix}itsec_log` ($columns) VALUES ($placeholders)"; $cached_show_errors_setting = $wpdb->hide_errors(); $result = $wpdb->query( $wpdb->prepare( $query_format, $values ) ); if ( ! $result ) { $wpdb->show_errors(); ITSEC_Lib::create_database_tables(); // Attempt the query again. Since errors will now be shown, a remaining issue will be display an error. $result = $wpdb->query( $wpdb->prepare( $query_format, $values ) ); } // Set $wpdb->show_errors back to its original setting. $wpdb->show_errors( $cached_show_errors_setting ); } if ( isset( $itsec_globals['settings']['log_type'] ) && ( $itsec_globals['settings']['log_type'] === 1 || $itsec_globals['settings']['log_type'] == 2 ) ) { $file_data = $this->sanitize_array( $data, true ); $message = $options['type'] . ',' . intval( $priority ) . ',' . $options['function'] . ',' . date( 'Y-m-d H:i:s', $itsec_globals['current_time'] ) . ',' . date( 'Y-m-d H:i:s', $itsec_globals['current_time_gmt'] ) . ',' . sanitize_text_field( $host ) . ',' . sanitize_text_field( $username ) . ',' . ( intval( $user ) === 0 ? '' : intval( $user ) ) . ',' . esc_sql( $url ) . ',' . esc_sql( $referrer ) . ',' . maybe_serialize( $file_data ); error_log( $message . PHP_EOL, 3, $this->log_file ); } } }
/** * Logs events sent by other modules or systems * * @param string $module the module requesting the log entry * @param int $priority the priority of the log entry (1-10) * @param array $data extra data to log (non-indexed data would be good here) * @param string $host the remote host triggering the event * @param string $username the username triggering the event * @param string $user the user id triggering the event * @param string $url the url triggering the event * @param string $referrer the referrer to the url (if applicable) * * @return void */ public function log_event($module, $priority = 5, $data = array(), $host = '', $username = '', $user = '', $url = '', $referrer = '') { global $wpdb, $itsec_globals; if (isset($this->logger_modules[$module])) { $options = $this->logger_modules[$module]; $file_data = $this->sanitize_array($data, true); $sanitized_data = $this->sanitize_array($data); //array of sanitized data if (!isset($itsec_globals['settings']['log_type']) || $itsec_globals['settings']['log_type'] === 0 || $itsec_globals['settings']['log_type'] == 2) { $wpdb->hide_errors(); //Don't show error if table isn't present. Instead we'll just try to reconstruct the tables. $wpdb->insert($wpdb->base_prefix . 'itsec_log', array('log_type' => $options['type'], 'log_priority' => intval($priority), 'log_function' => $options['function'], 'log_date' => date('Y-m-d H:i:s', $itsec_globals['current_time']), 'log_date_gmt' => date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']), 'log_host' => sanitize_text_field($host), 'log_username' => sanitize_text_field($username), 'log_user' => intval($user), 'log_url' => esc_sql($url), 'log_referrer' => esc_sql($referrer), 'log_data' => serialize($sanitized_data))); $error = $wpdb->last_error; if (strlen(trim($error)) > 0) { ITSEC_Lib::create_database_tables(); } } if (isset($itsec_globals['settings']['log_type']) && ($itsec_globals['settings']['log_type'] === 1 || $itsec_globals['settings']['log_type'] == 2)) { $message = $options['type'] . ',' . intval($priority) . ',' . $options['function'] . ',' . date('Y-m-d H:i:s', $itsec_globals['current_time']) . ',' . date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']) . ',' . sanitize_text_field($host) . ',' . sanitize_text_field($username) . ',' . (intval($user) === 0 ? '' : intval($user)) . ',' . esc_sql($url) . ',' . esc_sql($referrer) . ',' . $file_data; error_log($message . PHP_EOL, 3, $this->log_file); } } }
private function _log_event_to_db($module, $priority = 5, $data = array(), $host = '', $username = '', $user = '', $url = '', $referrer = '') { global $wpdb, $itsec_globals; $options = $this->logger_modules[$module]; $values = array('log_type' => $options['type'], 'log_priority' => intval($priority), 'log_function' => $options['function'], 'log_date' => date('Y-m-d H:i:s', $itsec_globals['current_time']), 'log_date_gmt' => date('Y-m-d H:i:s', $itsec_globals['current_time_gmt']), 'log_host' => sanitize_text_field($host), 'log_username' => sanitize_text_field($username), 'log_user' => intval($user), 'log_url' => $url, 'log_referrer' => $referrer, 'log_data' => serialize($data)); $columns = '`' . implode('`, `', array_keys($values)) . '`'; $placeholders = '%s, %d, %s, %s, %s, %s, %s, %s, %s, %s, %s'; $query_format = "INSERT INTO `{$wpdb->base_prefix}itsec_log` ({$columns}) VALUES ({$placeholders})"; $cached_show_errors_setting = $wpdb->hide_errors(); $result = $wpdb->query($wpdb->prepare($query_format, $values)); if (!$result) { $wpdb->show_errors(); ITSEC_Lib::create_database_tables(); // Attempt the query again. Since errors will now be shown, a remaining issue will be display an error. $result = $wpdb->query($wpdb->prepare($query_format, $values)); } // Set $wpdb->show_errors back to its original setting. $wpdb->show_errors($cached_show_errors_setting); }
/** * Update Execution * * @since 4.0 * * @param string $old_version Old version number * * @return void */ private function upgrade_execute($upgrade = false) { global $itsec_old_version, $itsec_globals, $wpdb, $itsec_setup_action; $tables_updated = false; $itsec_setup_action = 'upgrade'; $itsec_old_version = $upgrade; if ($itsec_old_version < 4000) { global $itsec_bwps_options; if (wp_next_scheduled('bwps_backup')) { wp_clear_scheduled_hook('bwps_backup'); } if (is_multisite()) { switch_to_blog(1); $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); restore_current_blog(); } else { $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); } if ($itsec_bwps_options !== false) { $current_options = get_site_option('itsec_global'); if ($current_options === false) { $current_options = $this->defaults; } $current_options['notification_email'] = array(isset($itsec_bwps_options['ll_emailaddress']) && strlen($itsec_bwps_options['ll_emailaddress']) ? $itsec_bwps_options['ll_emailaddress'] : get_option('admin_email')); $current_options['backup_email'] = array(isset($itsec_bwps_options['backup_emailaddress']) && strlen($itsec_bwps_options['backup_emailaddress']) ? $itsec_bwps_options['backup_emailaddress'] : get_option('admin_email')); $current_options['blacklist'] = isset($itsec_bwps_options['ll_blacklistip']) && $itsec_bwps_options['ll_blacklistip'] == 0 ? false : true; $current_options['blacklist_count'] = isset($itsec_bwps_options['ll_blacklistipthreshold']) && intval($itsec_bwps_options['ll_blacklistipthreshold']) > 0 ? intval($itsec_bwps_options['ll_blacklistipthreshold']) : 3; $current_options['write_files'] = isset($itsec_bwps_options['st_writefiles']) && $itsec_bwps_options['st_writefiles'] == 1 ? true : false; $itsec_globals['settings']['write_files'] = $current_options['write_files']; $current_options['did_upgrade'] = true; if (isset($itsec_bwps_options['id_whitelist']) && !is_array($itsec_bwps_options['id_whitelist']) && strlen($itsec_bwps_options['id_whitelist']) > 1) { $raw_hosts = explode(PHP_EOL, $itsec_bwps_options['id_whitelist']); foreach ($raw_hosts as $host) { if (strlen($host) > 1) { $current_options['lockout_white_list'][] = $host; } } } if ($current_options['write_files'] === false) { set_site_transient('ITSEC_SHOW_WRITE_FILES_TOOLTIP', true, 600); } update_site_option('itsec_global', $current_options); } $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_lockouts`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_log`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_d404`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_ll`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_lockouts`;"); delete_option('bwps_file_log'); delete_option('bwps_awaymode'); delete_option('bwps_filecheck'); delete_option('BWPS_Login_Slug'); delete_option('BWPS_options'); delete_option('BWPS_versions'); delete_option('bit51_bwps_data'); } $this->do_modules(); $itsec_globals['data']['build'] = ITSEC_Core::get_plugin_build(); update_site_option('itsec_data', $itsec_globals['data']); if ($itsec_old_version < 4030) { ITSEC_Lib::create_database_tables(); //adds username field to lockouts and temp $tables_updated = true; ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4031) { $banned_option = get_site_option('itsec_ban_users'); if (isset($banned_option['white_list'])) { $banned_white_list = $banned_option['white_list']; $options = get_site_option('itsec_global'); $white_list = isset($options['lockout_white_list']) ? $options['lockout_white_list'] : array(); if (!is_array($white_list)) { $white_list = explode(PHP_EOL, $white_list); } if (!is_array($banned_white_list)) { $banned_white_list = explode(PHP_EOL, $banned_white_list); } $new_white_list = array_merge($white_list, $banned_white_list); $options['lockout_white_list'] = $new_white_list; update_site_option('itsec_global', $options); } } if ($itsec_old_version < 4033) { if (get_site_option('itsec_api_nag') === false) { //show the nag to activate an API key add_site_option('itsec_api_nag', true, false); } } //IPv6 support was added in 4039 if ($itsec_old_version < 4039 && !$tables_updated) { ITSEC_Lib::create_database_tables(); $tables_updated = true; } if ($itsec_old_version < 4040) { $options = get_site_option('itsec_global'); if ($options['log_info']) { $new_log_info = substr(sanitize_title(get_bloginfo('name')), 0, 20) . '-' . wp_generate_password(30, false); $old_file = path_join($options['log_location'], 'event-log-' . $options['log_info'] . '.log'); $new_file = path_join($options['log_location'], 'event-log-' . $new_log_info . '.log'); // If the file exists already, don't update the location unless we successfully move it. if (file_exists($old_file) && rename($old_file, $new_file)) { $options['log_info'] = $new_log_info; } } // Make sure we have an index files to block directory listing in logs directory if (is_dir($options['log_location']) && !file_exists(path_join($options['log_location'], 'index.php'))) { file_put_contents(path_join($options['log_location'], 'index.php'), "<?php\n// Silence is golden."); } $backup_options = get_site_option('itsec_backup'); // Make sure we have an index files to block directory listing in backups directory if (is_dir($backup_options['location']) && !file_exists(path_join($backup_options['location'], 'index.php'))) { file_put_contents(path_join($backup_options['location'], 'index.php'), "<?php\n// Silence is golden."); } update_site_option('itsec_global', $options); } $itsec_modules = ITSEC_Modules::get_instance(); $itsec_modules->run_upgrade($itsec_old_version, ITSEC_Core::get_plugin_build()); }