/**
* Request a malware scan
*
* @since 4.3
*
* @param mixed $current_url the url to scan or null
*
* @return mixed the response from the server or false if the submission was not successful
*/
private function request_url_scan($current_url = null)
{
global $itsec_logger;
$url = 'https://www.virustotal.com/vtapi/v2/url/scan';
//Use the supplied URL if present
if (ITSEC_Lib::validate_url($current_url) === true) {
$current_url = esc_url($current_url);
} else {
$current_url = esc_url($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
}
$args['body'] = array('url' => $current_url, 'apikey' => $this->settings['api_key']);
$response = wp_remote_post($url, $args);
if ($response['response']['code'] == 200 && isset($response['body'])) {
$scan_info = array('type' => 'Malware Scan Requested', 'resource' => $current_url);
$user = wp_get_current_user();
$itsec_logger->log_event('malware', 3, $scan_info, ITSEC_Lib::get_ip(), $user->user_login, $user->ID);
return json_decode(sanitize_text_field($response['body']));
//Valid request
} elseif ($response['response']['code'] == 204) {
return 204;
//Rate limit exceeded
} elseif ($response['response']['code'] == 403) {
return 403;
//Permission denied
} else {
return false;
//unspecified failure
}
}
/**
* Sanitize and validate input
*
* @since 1.6
*
* @param Array $input array of input fields
*
* @return Array Sanitized array
*/
public function sanitize_module_input($input)
{
$input['enabled'] = isset($input['enabled']) && intval($input['enabled'] == 1) ? true : false;
$input['standard'] = isset($input['standard']) && intval($input['standard'] == 1) ? true : false;
$input['standard_interval'] = isset($input['standard_interval']) ? absint($input['standard_interval']) : 5;
//Build an array of items for individual scan
if (isset($input['individual'])) {
foreach ($input['individual'] as $index => $item) {
if (strlen(sanitize_text_field($input['individual'][$index]['resource'])) > 0) {
$input['individual'][$index]['type'] = isset($item['type']) && $item['type'] == 1 ? 1 : 0;
$input['individual'][$index]['resource'] = sanitize_text_field($input['individual'][$index]['resource']);
if ($input['individual'][$index]['type'] === 1) {
if (file_exists(trailingslashit(ITSEC_Lib::get_home_path()) . $input['individual'][$index]['resource']) !== true) {
$input['enabled'] = false;
$type = 'error';
$message = sprintf('%s <strong>%s</strong> %s<br />', __('The resource ', 'it-l10n-ithemes-security-pro'), sanitize_text_field($input['individual'][$index]['resource']), __('is not valid. Please try again.', 'it-l10n-ithemes-security-pro'));
add_settings_error('itsec', esc_attr('settings_updated'), $message, $type);
}
} else {
if (ITSEC_Lib::validate_url($input['individual'][$index]['resource']) != true) {
$input['enabled'] = false;
$type = 'error';
$message = sprintf('%s <strong>%s</strong> %s<br />', __('The resource ', 'it-l10n-ithemes-security-pro'), sanitize_text_field($input['individual'][$index]['resource']), __('is not valid. Please try again.', 'it-l10n-ithemes-security-pro'));
add_settings_error('itsec', esc_attr('settings_updated'), $message, $type);
}
}
} else {
unset($input['individual'][$index]);
}
}
} else {
$input['individual'] = array();
}
//Clean out extras from last scans
if ($input['enabled'] === true) {
$last_scans = get_site_option('itsec_malware_scheduling_last_scans');
if (is_array($last_scans) && sizeof($last_scans) > 0 && is_array($input['individual']) && sizeof($input['individual']) > 0) {
foreach ($last_scans as $resource => $scan) {
$found = false;
//Assume we're no longer scheduling a scan for the item previously scanned
if ($resource === 'standard' || $resource === 'overall') {
$found = true;
//Overall and standard last scans should always be true
}
if ($found === false) {
foreach ($input['individual'] as $item) {
if ($resource == $item['resource']) {
$found = true;
}
}
if ($found === false) {
unset($last_scans[$resource]);
//Remove the resource from last scans if not found
}
}
}
update_site_option('itsec_malware_scheduling_last_scans', $last_scans);
}
} else {
delete_site_option('itsec_malware_scheduling_last_scans');
//If scanned malware scheduling isn't enabled delete the "last scans" data from the options table
}
if (is_multisite()) {
$this->core->show_network_admin_notice(false);
$this->settings = $input;
}
return $input;
}
public function run($arguments)
{
$settings = get_site_option('itsec_malware_scheduling');
//Make sure a valid action is present
if (!isset($arguments['action']) || $arguments['action'] !== 'add' && $arguments['action'] !== 'edit' && $arguments['action'] !== 'delete') {
return array('error' => __('Invalid action. The argument "action" must be equal to "add," "edit" or "delete."', 'it-l10n-ithemes-security-pro'));
}
//Make sure a resource is present
if (!isset($arguments['resource']) || $arguments['resource'] === null) {
return array('error' => __('A valid resource must be included to process malware scheduling item"', 'it-l10n-ithemes-security-pro'));
}
switch ($arguments['action']) {
case 'add':
//Add a scheduled item
if ($settings !== false && isset($settings['individual']) && is_array($settings['individual'])) {
$found = false;
//assume they've requested an invalid resource
foreach ($settings['individual'] as $key => $item) {
if ($item['resource'] == $arguments['resource']) {
$found = $key;
}
}
if ($found !== false) {
//The resource they want to edit isn't scheduled
return array('error' => __('Resource already present. Duplicate resource not added.', 'it-l10n-ithemes-security-pro'));
} else {
if (!isset($arguments['options']) || !is_array($arguments['options']) || !isset($arguments['options']['type']) || !(absint($arguments['options']['type']) <= 1)) {
return array('error' => __('Invalid options for adding resource. Please specify "type".', 'it-l10n-ithemes-security-pro'));
}
$type = absint($arguments['options']['type']);
$resource = trim(sanitize_text_field($arguments['resource']));
if ($type === 0 && ITSEC_Lib::validate_url($resource) === false) {
return array('error' => __('The resource provided does not appear to be a valid URL. Please try again.', 'it-l10n-ithemes-security-pro'));
} elseif ($type === 1 && file_exists(trailingslashit(ABSPATH) . $resource) === false) {
return array('error' => __('The resource provided does not appear to be a valid file. Please try again.', 'it-l10n-ithemes-security-pro'));
}
$item = array('resource' => $resource, 'type' => $type);
$settings['individual'][] = $item;
}
} else {
return array('error' => __('Invalid resource. The resource you are attempting to edit could not be found.', 'it-l10n-ithemes-security-pro'));
}
break;
case 'edit':
//Edit a scheduled item
if ($settings !== false && isset($settings['individual']) && is_array($settings['individual'])) {
$found = false;
//assume they've requested an invalid resource
foreach ($settings['individual'] as $key => $item) {
if ($item['resource'] == $arguments['resource']) {
$found = $key;
}
}
if ($found === false) {
//The resource they want to edit isn't scheduled
return array('error' => __('Invalid resource. The resource you are attempting to edit could not be found.', 'it-l10n-ithemes-security-pro'));
} else {
if (!isset($arguments['options']) || !is_array($arguments['options'])) {
return array('error' => __('Invalid options for editing resource.', 'it-l10n-ithemes-security-pro'));
}
}
} else {
return array('error' => __('Invalid resource. The resource you are attempting to edit could not be found.', 'it-l10n-ithemes-security-pro'));
}
break;
case 'delete':
//Delete a scheduled item
if ($settings !== false && isset($settings['individual']) && is_array($settings['individual'])) {
foreach ($settings['individual'] as $key => $item) {
if ($item['resource'] == $arguments['resource']) {
unset($settings['individual'][$key]);
}
}
} else {
return true;
//There was nothing to delete
}
break;
default:
//An invalid action that somehow wasn't caught before
return array('error' => __('Invalid action. The argument "action" must be equal to "add," "edit" or "delete."', 'it-l10n-ithemes-security-pro'));
break;
}
update_site_option('itsec_malware_scheduling', $settings);
return true;
}
/**
* Execute scheduled scans during plugins_loaded
*
* @since 4.3
*
* @return mixed false on error or void
*/
public function plugins_loaded()
{
global $itsec_globals, $itsec_malware, $itsec_files;
if ($itsec_files->get_file_lock('maleware-scheduling')) {
$last_scans = get_site_option('itsec_malware_scheduling_last_scans');
$scan_executed = false;
//Flag to prevent multiple executions per page load (reduce API overage)
//build the full array of last scans
$last_scans_count = isset($last_scans['count']) ? $last_scans['count'] : 0;
$scan_resources = array();
$scan_meta = array();
for ($i = 0; $i < $last_scans_count + 1; $i++) {
$scans = get_site_option('itsec_malware_scheduling_last_scans_' . $i);
if (is_array($scans)) {
$scan_resources = array_merge($scans, $scan_resources);
}
delete_site_option('itsec_malware_scheduling_last_scans_' . $i);
}
//Always make sure last scans and standard scans are arrays
if (!is_array($last_scans)) {
$last_scans = array();
}
if (!isset($last_scans['overall']) || $last_scans['overall'] < $itsec_globals['current_time_gmt'] - 30) {
//only allow 1 scan every 30 seconds
$queued = get_site_option('itsec_malware_scheduling_report_queue');
if ($queued === false) {
$queued = array();
}
if (sizeof($queued) > 0) {
$reverse_queued = array_reverse($queued);
$resource = array_pop($reverse_queued);
$report = $itsec_malware->scan_report($resource);
$queued = array_reverse($reverse_queued);
}
//process individual scans first
if (isset($this->settings['individual']) && is_array($this->settings['individual'])) {
foreach ($this->settings['individual'] as $item) {
if (isset($item['resource']) && strlen($item['resource']) > 0 && $scan_executed === false && isset($last_scans[$item['resource']]) && $last_scans[$item['resource']] < $itsec_globals['current_time_gmt'] - 604800) {
$scan = $itsec_malware->scheduled_scan($item['type'], $item['resource']);
if (isset($scan['response_code']) && $scan['response_code'] === 1) {
//Don't request a report if it isn't ready
$report = $itsec_malware->scan_report($scan['resource']);
} else {
//Queue result for later
$queued[] = $scan['resource'];
}
$scan_executed = true;
$scan_resources[$item['resource']] = $itsec_globals['current_time_gmt'];
}
}
}
//Standard scheduled scan
if ($scan_executed === false) {
$standard_period = isset($this->settings['standard_interval']) ? absint($this->settings['standard_interval']) * 60 * 60 : 3600;
//get interval in minutes
$resource = ITSEC_Lib::get_current_url();
if (isset($this->settings['standard']) && $this->settings['standard'] === true) {
if (!isset($last_scans['standard']) || !isset($scan_resources[$resource]) || $last_scans['standard'] < $itsec_globals['current_time_gmt'] - $standard_period && $scan_resources[$resource] < $itsec_globals['current_time_gmt'] - 604800) {
$scan = $itsec_malware->scheduled_scan(0, $resource);
if (isset($scan['response_code']) && $scan['response_code'] === 1) {
//Don't request a report if it isn't ready
$report = $itsec_malware->scan_report($scan['resource']);
} else {
//Queue result for later
if (isset($scan['resource'])) {
$queued[] = $scan['resource'];
} elseif (ITSEC_Lib::validate_url($resource) === true) {
$queued[] = $resource;
}
}
$scan_meta['standard'] = $itsec_globals['current_time_gmt'];
$scan_resources[$resource] = $itsec_globals['current_time_gmt'];
}
}
}
//Update scan time and save last scans
$scan_meta['overall'] = $itsec_globals['current_time_gmt'];
$chunk = array_chunk($scan_resources, 100, true);
for ($i = 0; $i < sizeof($chunk); $i++) {
if (is_multisite()) {
update_site_option('itsec_malware_scheduling_last_scans_' . $i, $chunk[$i]);
} else {
add_option('itsec_malware_scheduling_last_scans_' . $i, $chunk[$i], '', false);
}
}
$scan_meta['count'] = sizeof($chunk);
update_site_option('itsec_malware_scheduling_last_scans', $scan_meta);
if (sizeof($queued) > 0) {
update_site_option('itsec_malware_scheduling_report_queue', $queued);
} else {
delete_site_option('itsec_malware_scheduling_report_queue');
}
}
$itsec_files->release_file_lock('maleware-scheduling');
}
}