/** * Read and parse the content of the notification settings template. * * @return string Parsed HTML code for the notification settings panel. */ function sucuriscan_settings_notifications() { global $sucuriscan_notify_options, $sucuriscan_email_subjects; $template_variables = array('NotificationOptions' => '', 'EmailSubjectOptions' => '', 'EmailSubjectCustom.Checked' => '', 'EmailSubjectCustom.Value' => '', 'PrettifyMailsWarningVisibility' => SucuriScanTemplate::visibility(SucuriScanMail::prettify_mails())); if ($sucuriscan_email_subjects) { $email_subject = SucuriScanOption::get_option(':email_subject'); $is_official_subject = false; foreach ($sucuriscan_email_subjects as $subject_format) { if ($email_subject == $subject_format) { $is_official_subject = true; $checked = 'checked="checked"'; } else { $checked = ''; } $template_variables['EmailSubjectOptions'] .= SucuriScanTemplate::get_snippet('settings-emailsubject', array('EmailSubject.Name' => $subject_format, 'EmailSubject.Value' => $subject_format, 'EmailSubject.Checked' => $checked)); } if ($is_official_subject === false) { $template_variables['EmailSubjectCustom.Checked'] = 'checked="checked"'; $template_variables['EmailSubjectCustom.Value'] = SucuriScan::escape($email_subject); } } $counter = 0; $alert_pattern = '/^([a-z]+:)?(.+)/'; foreach ($sucuriscan_notify_options as $alert_type => $alert_label) { $alert_value = SucuriScanOption::get_option($alert_type); $checked = $alert_value == 'enabled' ? 'checked="checked"' : ''; $css_class = $counter % 2 == 0 ? 'alternate' : ''; $alert_icon = ''; if (preg_match($alert_pattern, $alert_label, $match)) { $alert_group = str_replace(':', '', $match[1]); $alert_label = $match[2]; switch ($alert_group) { case 'user': $alert_icon = 'dashicons-before dashicons-admin-users'; break; case 'plugin': $alert_icon = 'dashicons-before dashicons-admin-plugins'; break; case 'theme': $alert_icon = 'dashicons-before dashicons-admin-appearance'; break; } } $template_variables['NotificationOptions'] .= SucuriScanTemplate::get_snippet('settings-notifications', array('Notification.CssClass' => $css_class, 'Notification.Name' => $alert_type, 'Notification.Checked' => $checked, 'Notification.Label' => $alert_label, 'Notification.LabelIcon' => $alert_icon)); $counter += 1; } return SucuriScanTemplate::get_section('settings-notifications', $template_variables); }
/** * Read and parse all the entries in the datastore file where the failed logins * are being kept, this will loop through all these items and generate a table * in HTML code to send as a report via email according to the plugin settings * for the email notifications. * * @param array $failed_logins Information and entries gathered from the failed logins datastore file. * @return boolean Whether the report was sent via email or not. */ function sucuriscan_report_failed_logins($failed_logins = array()) { if ($failed_logins && $failed_logins['count'] > 0) { $prettify_mails = SucuriScanMail::prettify_mails(); $collect_wrong_passwords = sucuriscan_collect_wrong_passwords(); $mail_content = ''; if ($prettify_mails) { $table_html = '<table border="1" cellspacing="0" cellpadding="0">'; // Add the table headers. $table_html .= '<thead>'; $table_html .= '<tr>'; $table_html .= '<th>Username</th>'; if ($collect_wrong_passwords === true) { $table_html .= '<th>Password</th>'; } $table_html .= '<th>IP Address</th>'; $table_html .= '<th>Attempt Timestamp</th>'; $table_html .= '<th>Attempt Date/Time</th>'; $table_html .= '</tr>'; $table_html .= '</thead>'; $table_html .= '<tbody>'; } foreach ($failed_logins['entries'] as $login_data) { if ($prettify_mails) { $table_html .= '<tr>'; $table_html .= '<td>' . esc_attr($login_data['user_login']) . '</td>'; if ($collect_wrong_passwords === true) { $table_html .= '<td>' . esc_attr($login_data['user_password']) . '</td>'; } $table_html .= '<td>' . esc_attr($login_data['remote_addr']) . '</td>'; $table_html .= '<td>' . $login_data['attempt_time'] . '</td>'; $table_html .= '<td>' . $login_data['attempt_date'] . '</td>'; $table_html .= '</tr>'; } else { $mail_content .= "\n"; $mail_content .= 'Username: '******'user_login'] . "\n"; if ($collect_wrong_passwords === true) { $mail_content .= 'Password: '******'user_password'] . "\n"; } $mail_content .= 'IP Address: ' . $login_data['remote_addr'] . "\n"; $mail_content .= 'Attempt Timestamp: ' . $login_data['attempt_time'] . "\n"; $mail_content .= 'Attempt Date/Time: ' . $login_data['attempt_date'] . "\n"; } } if ($prettify_mails) { $table_html .= '</tbody>'; $table_html .= '</table>'; $mail_content = $table_html; } if (SucuriScanEvent::notify_event('bruteforce_attack', $mail_content)) { sucuriscan_reset_failed_logins(); return true; } } return false; }