static function run_installer()
 {
     global $wpdb;
     if (function_exists('is_multisite') && is_multisite()) {
         // check if it is a network activation - if so, run the activation function for each blog id
         if (isset($_GET['networkwide']) && $_GET['networkwide'] == 1) {
             $old_blog = $wpdb->blogid;
             // Get all blog ids
             $blogids = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
             foreach ($blogids as $blog_id) {
                 switch_to_blog($blog_id);
                 AIOWPSecurity_Installer::create_db_tables();
                 AIOWPSecurity_Configure_Settings::add_option_values();
             }
             AIOWPSecurity_Installer::create_db_backup_dir();
             //Create a backup dir in the WP uploads directory
             switch_to_blog($old_blog);
             return;
         }
     }
     AIOWPSecurity_Installer::create_db_tables();
     AIOWPSecurity_Configure_Settings::add_option_values();
     AIOWPSecurity_Installer::create_db_backup_dir();
     //Create a backup dir in the WP uploads directory
     AIOWPSecurity_Installer::miscellaneous_tasks();
 }
Esempio n. 2
0
function aiowps_ms_handle_new_blog_creation($blog_id, $user_id, $domain, $path, $site_id, $meta)
{
    global $wpdb;
    if (is_plugin_active_for_network(__FILE__)) {
        if (!class_exists('AIOWPSecurity_Installer')) {
            include_once 'classes/wp-security-installer.php';
        }
        $old_blog = $wpdb->blogid;
        switch_to_blog($blog_id);
        AIOWPSecurity_Installer::create_db_tables();
        switch_to_blog($old_blog);
    }
}
 function db_upgrade_handler()
 {
     if (is_admin()) {
         //Check if DB needs to be upgraded
         if (get_option('aiowpsec_db_version') != AIO_WP_SECURITY_DB_VERSION) {
             include_once 'classes/wp-security-installer.php';
             AIOWPSecurity_Installer::run_installer();
         }
     }
 }
 function __construct()
 {
     global $aio_wp_security;
     if ($aio_wp_security->configs->get_value('aiowps_enable_rename_login_page') == '1') {
         add_action('widgets_init', array(&$this, 'remove_standard_wp_meta_widget'));
         add_filter('retrieve_password_message', array(&$this, 'decode_reset_pw_msg'), 10, 4);
         //Fix for non decoded html entities in password reset link
     }
     add_action('admin_notices', array(&$this, 'reapply_htaccess_rules_notice'));
     if (isset($_REQUEST['aiowps_reapply_htaccess'])) {
         if (strip_tags($_REQUEST['aiowps_reapply_htaccess']) == 1) {
             include_once 'wp-security-installer.php';
             if (AIOWPSecurity_Installer::reactivation_tasks()) {
                 echo '<div class="updated"><p>The AIOWPS .htaccess rules were successfully re-inserted.</p></div>';
             } else {
                 echo '<div class="error"><p>AIOWPS encountered an error when trying to write to your .htaccess file. Please check the logs.</p></div>';
             }
         } elseif (strip_tags($_REQUEST['aiowps_reapply_htaccess']) == 2) {
             //Don't re-write the rules and just delete the temp config item
             delete_option('aiowps_temp_configs');
         }
     }
     if ($aio_wp_security->configs->get_value('aiowps_prevent_site_display_inside_frame') == '1') {
         send_frame_options_header();
         //send X-Frame-Options: SAMEORIGIN in HTTP header
     }
     if ($aio_wp_security->configs->get_value('aiowps_remove_wp_generator_meta_info') == '1') {
         add_filter('the_generator', array(&$this, 'remove_wp_generator_meta_info'));
     }
     //For the cookie based brute force prevention feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_brute_force_attack_prevention') == 1) {
         $bfcf_secret_word = $aio_wp_security->configs->get_value('aiowps_brute_force_secret_word');
         if (isset($_GET[$bfcf_secret_word])) {
             //If URL contains secret word in query param then set cookie and then redirect to the login page
             AIOWPSecurity_Utility::set_cookie_value($bfcf_secret_word, "1");
             AIOWPSecurity_Utility::redirect_to_url(AIOWPSEC_WP_URL . "/wp-admin");
         }
     }
     //For user unlock request feature
     if (isset($_POST['aiowps_unlock_request']) || isset($_POST['aiowps_wp_submit_unlock_request'])) {
         nocache_headers();
         remove_action('wp_head', 'head_addons', 7);
         include_once AIO_WP_SECURITY_PATH . '/other-includes/wp-security-unlock-request.php';
         exit;
     }
     if (isset($_GET['aiowps_auth_key'])) {
         //If URL contains unlock key in query param then process the request
         $unlock_key = strip_tags($_GET['aiowps_auth_key']);
         AIOWPSecurity_User_Login::process_unlock_request($unlock_key);
     }
     //For honeypot feature
     if (isset($_POST['aio_special_field'])) {
         $special_field_value = strip_tags($_POST['aio_special_field']);
         if (!empty($special_field_value)) {
             //This means a robot has submitted the login form!
             //Redirect back to its localhost
             AIOWPSecurity_Utility::redirect_to_url('http://127.0.0.1');
         }
     }
     //For 404 IP lockout feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_404_IP_lockout') == '1') {
         if (!is_user_logged_in() || !current_user_can('administrator')) {
             $this->do_404_lockout_tasks();
         }
     }
     //For login captcha feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_login_captcha') == '1') {
         if (!is_user_logged_in()) {
             add_action('login_form', array(&$this, 'insert_captcha_question_form'));
         }
     }
     //For custom login form captcha feature, ie, when wp_login_form() function is used to generate login form
     if ($aio_wp_security->configs->get_value('aiowps_enable_custom_login_captcha') == '1') {
         if (!is_user_logged_in()) {
             add_filter('login_form_middle', array(&$this, 'insert_captcha_custom_login'), 10, 2);
             //For cases where the WP wp_login_form() function is used
         }
     }
     //For honeypot feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_login_honeypot') == '1') {
         if (!is_user_logged_in()) {
             add_action('login_form', array(&$this, 'insert_honeypot_hidden_field'));
         }
     }
     //For lost password captcha feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_lost_password_captcha') == '1') {
         if (!is_user_logged_in()) {
             add_action('lostpassword_form', array(&$this, 'insert_captcha_question_form'));
             add_action('lostpassword_post', array(&$this, 'process_lost_password_form_post'));
         }
     }
     //For registration page captcha feature
     if (AIOWPSecurity_Utility::is_multisite_install()) {
         $blog_id = get_current_blog_id();
         switch_to_blog($blog_id);
         if ($aio_wp_security->configs->get_value('aiowps_enable_registration_page_captcha') == '1') {
             if (!is_user_logged_in()) {
                 add_action('signup_extra_fields', array(&$this, 'insert_captcha_question_form_multi'));
                 //add_action('preprocess_signup_form', array(&$this, 'process_signup_form_multi'));
                 add_filter('wpmu_validate_user_signup', array(&$this, 'process_signup_form_multi'));
             }
         }
         restore_current_blog();
     } else {
         if ($aio_wp_security->configs->get_value('aiowps_enable_registration_page_captcha') == '1') {
             if (!is_user_logged_in()) {
                 add_action('register_form', array(&$this, 'insert_captcha_question_form'));
             }
         }
     }
     //For comment captcha feature
     if (AIOWPSecurity_Utility::is_multisite_install()) {
         $blog_id = get_current_blog_id();
         switch_to_blog($blog_id);
         if ($aio_wp_security->configs->get_value('aiowps_enable_comment_captcha') == '1') {
             add_action('comment_form_after_fields', array(&$this, 'insert_captcha_question_form'), 1);
             add_action('comment_form_logged_in_after', array(&$this, 'insert_captcha_question_form'), 1);
             add_filter('preprocess_comment', array(&$this, 'process_comment_post'));
         }
         restore_current_blog();
     } else {
         if ($aio_wp_security->configs->get_value('aiowps_enable_comment_captcha') == '1') {
             add_action('comment_form_after_fields', array(&$this, 'insert_captcha_question_form'), 1);
             add_action('comment_form_logged_in_after', array(&$this, 'insert_captcha_question_form'), 1);
             add_filter('preprocess_comment', array(&$this, 'process_comment_post'));
         }
     }
     //For buddypress registration captcha feature
     if ($aio_wp_security->configs->get_value('aiowps_enable_bp_register_captcha') == '1') {
         add_action('bp_account_details_fields', array(&$this, 'insert_captcha_question_form'));
         add_action('bp_signup_validate', array(&$this, 'buddy_press_signup_validate_captcha'));
     }
     //For feature which displays logged in users
     $this->update_logged_in_user_transient();
     //For block fake googlebots feature
     if ($aio_wp_security->configs->get_value('aiowps_block_fake_googlebots') == '1') {
         include_once AIO_WP_SECURITY_PATH . '/classes/wp-security-bot-protection.php';
         AIOWPSecurity_Fake_Bot_Protection::block_fake_googlebots();
     }
     //For 404 event logging
     if ($aio_wp_security->configs->get_value('aiowps_enable_404_logging') == '1') {
         add_action('wp_head', array(&$this, 'check_404_event'));
     }
     //Add more tasks that need to be executed at init time
 }