/**
* Print a list with the failed logins occurred during the last hour.
*
* @return string A list with the failed logins occurred during the last hour.
*/
function sucuriscan_failed_logins_panel()
{
$template_variables = array('FailedLogins.List' => '', 'FailedLogins.Total' => '', 'FailedLogins.MaxFailedLogins' => 0, 'FailedLogins.NoItemsVisibility' => 'visible', 'FailedLogins.WarningVisibility' => 'visible', 'FailedLogins.CollectPasswordsVisibility' => 'visible', 'FailedLogins.PaginationLinks' => '', 'FailedLogins.PaginationVisibility' => 'hidden');
// Define variables for the pagination.
$page_number = SucuriScanTemplate::get_page_number();
$max_per_page = SUCURISCAN_MAX_PAGINATION_BUTTONS;
$page_offset = ($page_number - 1) * $max_per_page;
$page_limit = $page_offset + $max_per_page;
$max_failed_logins = SucuriScanOption::get_option(':maximum_failed_logins');
$notify_bruteforce_attack = SucuriScanOption::get_option(':notify_bruteforce_attack');
$failed_logins = sucuriscan_get_failed_logins();
$old_failed_logins = sucuriscan_get_failed_logins(true);
// Merge the new and old failed logins.
if (is_array($old_failed_logins) && !empty($old_failed_logins)) {
if (is_array($failed_logins) && !empty($failed_logins)) {
$failed_logins = array_merge($failed_logins, $old_failed_logins);
} else {
$failed_logins = $old_failed_logins;
}
}
if ($failed_logins) {
$counter = 0;
for ($key = $page_offset; $key < $page_limit; $key++) {
if (array_key_exists($key, $failed_logins['entries'])) {
$login_data = $failed_logins['entries'][$key];
$css_class = $counter % 2 == 0 ? '' : 'alternate';
$wrong_user_password = '******';
if (sucuriscan_collect_wrong_passwords() === true) {
if (isset($login_data['user_password']) && !empty($login_data['user_password'])) {
$wrong_user_password = SucuriScan::escape($login_data['user_password']);
} else {
$wrong_user_password = '******';
}
}
$template_variables['FailedLogins.List'] .= SucuriScanTemplate::get_snippet('lastlogins-failedlogins', array('FailedLogins.CssClass' => $css_class, 'FailedLogins.Num' => $login_data['attempt_count'], 'FailedLogins.Username' => SucuriScan::escape($login_data['user_login']), 'FailedLogins.Password' => $wrong_user_password, 'FailedLogins.RemoteAddr' => SucuriScan::escape($login_data['remote_addr']), 'FailedLogins.Datetime' => SucuriScan::datetime($login_data['attempt_time']), 'FailedLogins.UserAgent' => SucuriScan::escape($login_data['user_agent'])));
$counter += 1;
}
}
if ($counter > 0) {
$template_variables['FailedLogins.NoItemsVisibility'] = 'hidden';
}
$template_variables['FailedLogins.PaginationLinks'] = SucuriScanTemplate::get_pagination('%%SUCURI.URL.Lastlogins%%#failed-logins', $failed_logins['count'], $max_per_page);
if ($failed_logins['count'] > $max_per_page) {
$template_variables['FailedLogins.PaginationVisibility'] = 'visible';
}
}
$template_variables['FailedLogins.MaxFailedLogins'] = $max_failed_logins;
if ($notify_bruteforce_attack == 'enabled') {
$template_variables['FailedLogins.WarningVisibility'] = 'hidden';
}
if (sucuriscan_collect_wrong_passwords() !== true) {
$template_variables['FailedLogins.CollectPasswordsVisibility'] = 'hidden';
}
return SucuriScanTemplate::get_section('lastlogins-failedlogins', $template_variables);
}
/**
* List the last-logins for all user accounts in the site.
*
* This page will contains information of all the logins of the registered users.
*
* @return string Last-logings for all user accounts.
*/
function sucuriscan_lastlogins_all()
{
$max_per_page = SUCURISCAN_LASTLOGINS_USERSLIMIT;
$page_number = SucuriScanTemplate::get_page_number();
$offset = $max_per_page * $page_number - $max_per_page;
$template_variables = array('UserList' => '', 'UserList.Limit' => $max_per_page, 'UserList.Total' => 0, 'UserList.Pagination' => '', 'UserList.PaginationVisibility' => 'hidden', 'UserList.NoItemsVisibility' => 'visible');
if (!sucuriscan_lastlogins_datastore_is_writable()) {
SucuriScanInterface::error('Last-logins datastore file is not writable: <code>' . sucuriscan_lastlogins_datastore_filepath() . '</code>');
}
$counter = 0;
$last_logins = sucuriscan_get_logins($max_per_page, $offset);
$template_variables['UserList.Total'] = $last_logins['total'];
if ($last_logins['total'] > $max_per_page) {
$template_variables['UserList.PaginationVisibility'] = 'visible';
}
if ($last_logins['total'] > 0) {
$template_variables['UserList.NoItemsVisibility'] = 'hidden';
}
foreach ($last_logins['entries'] as $user) {
$counter += 1;
$css_class = $counter % 2 == 0 ? 'alternate' : '';
$user_dataset = array('UserList.Number' => $user->line_num, 'UserList.UserId' => $user->user_id, 'UserList.Username' => '<em>Unknown</em>', 'UserList.Displayname' => '', 'UserList.Email' => '', 'UserList.Registered' => '', 'UserList.RemoteAddr' => SucuriScan::escape($user->user_remoteaddr), 'UserList.Hostname' => SucuriScan::escape($user->user_hostname), 'UserList.Datetime' => SucuriScan::escape($user->user_lastlogin), 'UserList.TimeAgo' => SucuriScan::time_ago($user->user_lastlogin), 'UserList.UserURL' => admin_url('user-edit.php?user_id=' . $user->user_id), 'UserList.CssClass' => $css_class);
if ($user->user_exists) {
$user_dataset['UserList.Username'] = SucuriScan::escape($user->user_login);
$user_dataset['UserList.Displayname'] = SucuriScan::escape($user->display_name);
$user_dataset['UserList.Email'] = SucuriScan::escape($user->user_email);
$user_dataset['UserList.Registered'] = SucuriScan::escape($user->user_registered);
}
$template_variables['UserList'] .= SucuriScanTemplate::get_snippet('lastlogins-all', $user_dataset);
}
// Generate the pagination for the list.
$template_variables['UserList.Pagination'] = SucuriScanTemplate::get_pagination('%%SUCURI.URL.Lastlogins%%', $last_logins['total'], $max_per_page);
return SucuriScanTemplate::get_section('lastlogins-all', $template_variables);
}
