if (isset($_REQUEST[SIXSCAN_NOTICE_VULN_COUNT])) {
$old_count = intval(get_option(SIXSCAN_OPTION_VULNERABITILY_COUNT));
$new_count = intval($_REQUEST[SIXSCAN_NOTICE_VULN_COUNT]);
/* New vulnerability was discovered. Show user the warning message */
if ($new_count > $old_count) {
update_option(SIXSCAN_VULN_MESSAGE_DISMISSED, FALSE);
}
update_option(SIXSCAN_OPTION_VULNERABITILY_COUNT, $new_count);
}
/* Include the update functionality */
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
require_once 'update.php';
/* Activated this blog with 6Scan server */
if (isset($_REQUEST[SIXSCAN_NOTICE_ACCOUNT_ENABLED])) {
if (intval($_REQUEST[SIXSCAN_NOTICE_ACCOUNT_ENABLED]) == 1) {
sixscan_common_set_account_operational(TRUE);
}
}
/* Change WAF options, according to request */
sixscan_waf_set_options_confuguration();
/* Change secure login configuration */
sixscan_login_options_configuration();
/* Default value, in case we don't need to send security env */
$security_result = TRUE;
if (isset($_REQUEST[SIXSCAN_NOTICE_SECURITY_ENV_NAME]) && $_REQUEST[SIXSCAN_NOTICE_SECURITY_ENV_NAME] == 1) {
$security_result = sixscan_send_security_environment($site_id, $api_token);
}
if (isset($_REQUEST[SIXSCAN_NOTICE_SECURITY_LOG_NAME]) && $_REQUEST[SIXSCAN_NOTICE_SECURITY_LOG_NAME] == 1) {
$tmp_result = sixscan_send_security_log($site_id, $api_token);
/* Checking result values, and appending error message, if needed */
if ($security_result === TRUE) {
function sixscan_installation_install($tmp_key)
{
try {
/* Clear the operational flag. It will be set, if activation is successful */
sixscan_common_set_account_operational(FALSE);
global $wp_filesystem;
$current_wp_filesystem = $tmp_key == "" ? 'direct' : 'ftp';
if (is_multisite()) {
$err_message = "6Scan Install <b>Error</b>: 6Scan currently does not support multisite installs. The support will be added soon";
return sixscan_menu_wrap_error_msg($err_message) . sixscan_installation_error_description("Multisite install failed", $current_wp_filesystem);
}
/* Make sure we can create signature file and update the site's .htaccess file */
if (sixscan_common_test_dir_writable($wp_filesystem->abspath()) == FALSE) {
$err_message = "6Scan Install <b>Error</b>: Failed creating signature file at Wordpress directory " . ABSPATH . SIXSCAN_COMM_SIGNATURE_FILENAME . "<br/><br/>Please see <a href='http://codex.wordpress.org/Changing_File_Permissions' target='_blank'>this Wordpress article</a> for more information on how to add write permissions." . "<br/><br/>If you have additional questions, please visit our <a href='http://6scan.com/support' target='_blank'>community</a>";
return sixscan_menu_wrap_error_msg($err_message) . sixscan_installation_error_description("Failed creating signature file", $current_wp_filesystem);
}
if ($wp_filesystem->exists(SIXSCAN_HTACCESS_FILE) && sixscan_common_test_file_writable(SIXSCAN_HTACCESS_FILE) == FALSE) {
$err_message = "6Scan Install <b>Error</b>: Failed writing .htaccess file " . SIXSCAN_HTACCESS_FILE . "<br/><br/>Please see <a href='http://codex.wordpress.org/Changing_File_Permissions' target='_blank'>this Wordpress article</a> for more information on how to add write permissions." . "<br/><br/>If you have additional questions, please visit our <a href='http://6scan.com/support' target='_blank'>community</a>";
return sixscan_menu_wrap_error_msg($err_message) . sixscan_installation_error_description("Failed writing .htaccess file", $current_wp_filesystem);
}
if ($wp_filesystem->is_writable(SIXSCAN_PLUGIN_DIR . "/6scan.php") == FALSE) {
$err_message = "6Scan Install <b>Error</b>: Can't modify 6Scan directory. This usually happens when security permissions do not allow writing to the Wordpress directory." . "<br/><br/>Please see <a href='http://codex.wordpress.org/Changing_File_Permissions' target='_blank'>this Wordpress article</a> for more information on how to add write permissions." . "<br/><br/>If you have additional questions, please visit our <a href='http://6scan.com/support' target='_blank'>community</a>";
return sixscan_menu_wrap_error_msg($err_message) . sixscan_installation_error_description("Failed initializing WP_Filesystem()", $current_wp_filesystem);
}
if (ini_get("allow_url_fopen") == FALSE && !function_exists('curl_init')) {
$err_message = "6Scan Install <b>Error</b>: No libcurl found <b>and</b> \"allow_url_fopen\" in your php.ini is disabled. 6Scan needs at least <b>one</b> transport layer to be enabled, in order to contact its server for automatic updates.<br>" . "*Please see <a href='http://6scan.freshdesk.com/solution/articles/3257-installing-curl-extension-on-a-system' target='_blank'> this FAQ entry</a> in order to enable Curl<br>" . "*Please see <a href='http://6scan.freshdesk.com/solution/categories/3294/folders/6728/articles/2681-i-am-seeing-an-error-that-is-similar-to-could-not-open-handle-for-fopen-' target='_blank'>this FAQ entry</a> for instructions on how to enable the \"allow_url_fopen\" flag<br>" . "<br/><br/>If you have additional questions, please visit our <a href='http://6scan.com/support' target='_blank'>community</a>";
return sixscan_menu_wrap_error_msg($err_message) . sixscan_installation_error_description("No libcurl found and allow_url_fopen is disabled", $current_wp_filesystem);
}
/* Rewrite the htaccess and 6scan-gate file */
$htaccess_install_result = sixscan_htaccess_install();
if ($htaccess_install_result !== TRUE) {
return sixscan_menu_wrap_error_msg($htaccess_install_result['user_message']) . sixscan_installation_error_description($htaccess_install_result['short_description'], $current_wp_filesystem);
}
if (sixscan_common_is_regdata_present() == TRUE) {
if (sixscan_communication_oracle_reg_reactivate(sixscan_common_get_site_id(), sixscan_common_get_api_token()) == TRUE) {
/* There is no real install to go on, just reactivation */
sixscan_common_set_account_operational(TRUE);
sixscan_common_set_account_active(TRUE);
return TRUE;
} else {
sixscan_common_erase_regdata();
}
}
/* Register process */
$server_registration_result = sixscan_installation_register_with_server($tmp_key);
if ($server_registration_result !== TRUE) {
/* If something went wrong in the registration/verification process */
sixscan_common_erase_regdata();
return $server_registration_result . sixscan_installation_error_description("Server registration failed", $current_wp_filesystem);
}
/* Account is now active, but not yet operational ( operation is set by server, when user completes the registration */
sixscan_common_set_account_active(TRUE);
/* Preparing options for further use */
update_option(SIXSCAN_OPTION_COMM_ORACLE_NONCE, 1);
update_option(SIXSCAN_OPTION_COMM_LAST_SIG_UPDATE_NONCE, 0);
update_option(SIXSCAN_OPTION_STAT_SUSPICIOUS_REQ_COUNT, 0);
update_option(SIXSCAN_OPTION_STAT_OK_REQ_COUNT, 0);
update_option(SIXSCAN_OPTION_WAF_REQUESTED, array());
update_option(SIXSCAN_OPTION_LOGIN_SETTINGS, array());
update_option(SIXSCAN_VULN_MESSAGE_DISMISSED, FALSE);
} catch (Exception $e) {
/* Exception aborts the process */
sixscan_common_erase_regdata();
sixscan_common_set_account_active(FALSE);
sixscan_common_set_account_operational(FALSE);
return $e . sixscan_installation_error_description("Exception occured while installing", $current_wp_filesystem);
}
return TRUE;
}