function sixscan_communication_oracle_reg_register($site_url, $user_email, $user_password, $notice_script_url, &$sixscan_oracle_auth_struct, $partner_id, $partner_key, $dbkey) { $expected = array("site_id", "api_token", "dashboard_token", "verification_token"); try { /* The notice script will be relative to the blog's URL */ $relative_notice_url = substr($notice_script_url, strlen($site_url) + 1); /* Sending registration data to server, using GET */ $request_register_url = SIXSCAN_BODYGUARD_REGISTER_URL . "?platform=" . SIXSCAN_PLATFORM_TYPE . "&platform_version=" . sixscan_common_get_wp_version() . "&platform_locale=" . get_locale() . "¤t_version=" . SIXSCAN_VERSION . "&url={$site_url}&email={$user_email}&password={$user_password}¬ice_script_url={$relative_notice_url}&dbkey={$dbkey}"; /* If partner ID and Key exists, add it to registration request. */ if ($partner_id != "" && $partner_key != "") { $request_register_url .= "&partner_id={$partner_id}&partner_key={$partner_key}"; } $response = sixscan_common_request_network($request_register_url, "", "GET"); $raw_register_data = wp_remote_retrieve_body($response); if (is_wp_error($response)) { $error_string = $response->get_error_message(); $error_string = str_replace($request_register_url, SIXSCAN_BODYGUARD_REGISTER_URL, $error_string); return $error_string; } else { if (200 != wp_remote_retrieve_response_code($response)) { $error_string = "wp_remote_get returned httpd status " . wp_remote_retrieve_response_code($response) . ", data:" . urldecode($raw_register_data); return $error_string; } } $registration_answer = explode("&", $raw_register_data); $request_error_log = ""; /* Register site_id , api_token , dashboard_token , verification_token */ foreach ($registration_answer as $onekey) { list($key, $val) = explode("=", $onekey); $request_error_log = $request_error_log . "{$key}=___&"; /* Because this error is logged , we do not want to send data over the net. Replace the real keys with '___' chars */ $arr_location = array_search($key, $expected); /* If there was some mistake in the way, and we have received a key , which is not in our array. */ if ($arr_location === FALSE) { return "Bad value received from 6Scan server."; } $sixscan_oracle_auth_struct[$key] = trim($val); /* The key was handled , and we can remove it from the array */ unset($expected[$arr_location]); } /* If we have not updated all the required values there was some error during registration */ if (!empty($expected)) { return "Bad value received from 6Scan server."; } /* Return the data from registration server */ return TRUE; } catch (Exception $e) { die($e); } }
function sixscan_signature_engine_update_get($site_id, $api_token, $current_engine_version) { /* Craft an URL to request new signature */ $version_update_url = SIXSCAN_BODYGUARD_6SCAN_UPDATE_APP_URL . "?site_id=" . $site_id . "&api_token=" . $api_token . "¤t_version=" . $current_engine_version . "&platform_version=" . sixscan_common_get_wp_version(); /*Request the new version from server */ $response = sixscan_common_request_network($version_update_url, "", "GET"); if (is_wp_error($response)) { return "wp_remote_get() failed : " . $response->get_error_message(); } $response_code = wp_remote_retrieve_response_code($response); /* The signatures do not need an update */ if (SIXSCAN_UPDATE_LAST_VERSION_RESPONSE_CODE == $response_code) { return TRUE; } /* If the response isn't "you have the latest version" , and "Ok, there is new version" - return error */ if (SIXSCAN_UPDATE_OK_RESPONSE_CODE != $response_code) { return "wp_remote_get() returned status code " . $response_code; } /* Handle the gzipped program here */ $zipped_program = wp_remote_retrieve_body($response); /* Get the headers , and extract the openssl signature from there */ $response_headers = wp_remote_retrieve_headers($response); /* Check the authenticity of new signatures. have to be signed by 6Scan private key */ $ssl_check_result = sixscan_signatures_update_check_ssl_signature($zipped_program, $response_headers); if ($ssl_check_result !== TRUE) { return $ssl_check_result; } if (sixscan_signatures_init_wp_filesystem($response_headers) == NULL) { return "Failed initializing wp_filesystem()"; } global $wp_filesystem; /* Prepare temporary names */ $temp_upgrade_dir_local = trailingslashit(WP_CONTENT_DIR) . trailingslashit("6scan_update"); $temp_upgrade_dir = $wp_filesystem->wp_content_dir() . trailingslashit("6scan_update"); $temp_zip_file_local = trailingslashit(WP_CONTENT_DIR) . "bguard.zip"; $temp_zip_file = $wp_filesystem->wp_content_dir() . "bguard.zip"; /* Create temp directory for update */ if ($wp_filesystem->exists($temp_upgrade_dir)) { $wp_filesystem->delete($temp_upgrade_dir, TRUE); } if ($wp_filesystem->is_dir($temp_upgrade_dir) == FALSE && $wp_filesystem->mkdir($temp_upgrade_dir) == FALSE) { return "Failed creating temp directory for update at " . $temp_upgrade_dir; } /* Write the zip file */ if ($wp_filesystem->exists($temp_zip_file)) { $wp_filesystem->delete($temp_zip_file); } if ($wp_filesystem->put_contents($temp_zip_file, $zipped_program) == FALSE) { return "Failed writing file to " . $temp_zip_file; } /* unzip_file returns mixed on failure. It uses global $wp_filesystem. */ if (unzip_file($temp_zip_file_local, $temp_upgrade_dir) !== TRUE) { return "unzip_file() from {$temp_zip_file} to {$temp_upgrade_dir} failed"; } /* Remove the no longer required zip file */ $wp_filesystem->delete($temp_zip_file); $plugin_main_directory = plugin_dir_path(__FILE__) . "../../"; $plugin_main_directory = $wp_filesystem->wp_plugins_dir() . SIXSCAN_PLUGIN_DIRNAME; $temp_upgrade_dir_internal = sixscan_signatures_update_find_plugin_dir($temp_upgrade_dir_local); if ($temp_upgrade_dir_internal == "") { return "Couldn't find plugin dir in the unzipped folder {$temp_upgrade_dir_local}"; } $temp_upgrade_dir_internal = untrailingslashit($wp_filesystem->find_folder($temp_upgrade_dir_internal)); /* Now bulk copy the rest of files to their places: */ sixscan_signatures_update_move_dir_recursive($temp_upgrade_dir_internal, $plugin_main_directory); /* Remove the tmp directory */ $wp_filesystem->delete($temp_upgrade_dir, TRUE); return TRUE; }