/**
* A mimic of the `WP_Upgrader::download_package` method that adds a step to store the temp file with a shorter
* file name.
*
* @see WP_Upgrader::download_package()
*
* @param string $package The URI of the package. If this is the full path to an
* existing local file, it will be returned untouched.
*
* @return string|WP_Error The full path to the downloaded package file, or a WP_Error object.
*/
protected function download($package)
{
if (empty($this->filesystem)) {
// try to connect
$this->upgrader->fs_connect(array(WP_CONTENT_DIR, WP_PLUGIN_DIR));
global $wp_filesystem;
// still empty?
if (empty($wp_filesystem)) {
// bail
return false;
}
$this->filesystem = $wp_filesystem;
}
$this->upgrader->skin->feedback('downloading_package', $package);
$download_file = download_url($package);
if (is_wp_error($download_file)) {
return new WP_Error('download_failed', $this->upgrader->strings['download_failed'], $download_file->get_error_message());
}
$file = $this->get_short_filename($download_file);
$moved = $this->filesystem->move($download_file, $file);
if (empty($moved)) {
// we tried, we failed, we bail and let WP do its job
return false;
}
return $file;
}
/**
* @param WP_Filesystem_Base $wp_filesystem
* @throws wfWAFAutoPrependHelperException
*/
public function performInstallation($wp_filesystem)
{
$bootstrapPath = wordfence::getWAFBootstrapPath();
if (!$wp_filesystem->put_contents($bootstrapPath, wordfence::getWAFBootstrapContent($this->currentAutoPrependedFile))) {
throw new wfWAFAutoPrependHelperException('We were unable to create the <code>wordfence-waf.php</code> file
in the root of the WordPress installation. It\'s possible WordPress cannot write to the <code>wordfence-waf.php</code>
file because of file permissions. Please verify the permissions are correct and retry the installation.');
}
$serverConfig = $this->getServerConfig();
$htaccessPath = $this->getHtaccessPath();
$homePath = dirname($htaccessPath);
$userIniPath = $this->getUserIniPath();
$userIni = ini_get('user_ini.filename');
$userIniHtaccessDirectives = '';
if ($userIni) {
$userIniHtaccessDirectives = sprintf('<Files "%s">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
', addcslashes($userIni, '"'));
}
// .htaccess configuration
switch ($serverConfig) {
case 'apache-mod_php':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule mod_php%d.c>\n\tphp_value auto_prepend_file '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", PHP_MAJOR_VERSION, addcslashes($bootstrapPath, "'"));
break;
case 'litespeed':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule LiteSpeed>\nphp_value auto_prepend_file '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($bootstrapPath, "'"));
break;
case 'apache-suphp':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule mod_suphp.c>\n\tsuPHP_ConfigPath '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($homePath, "'"));
break;
case 'cgi':
if ($userIniHtaccessDirectives) {
$autoPrependDirective = sprintf("# Wordfence WAF\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($homePath, "'"));
}
break;
}
if (!empty($autoPrependDirective)) {
// Modify .htaccess
$htaccessContent = $wp_filesystem->get_contents($htaccessPath);
if ($htaccessContent) {
$regex = '/# Wordfence WAF.*?# END Wordfence WAF/is';
if (preg_match($regex, $htaccessContent, $matches)) {
$htaccessContent = preg_replace($regex, $autoPrependDirective, $htaccessContent);
} else {
$htaccessContent .= "\n\n" . $autoPrependDirective;
}
} else {
$htaccessContent = $autoPrependDirective;
}
if (!$wp_filesystem->put_contents($htaccessPath, $htaccessContent)) {
throw new wfWAFAutoPrependHelperException('We were unable to make changes to the .htaccess file. It\'s
possible WordPress cannot write to the .htaccess file because of file permissions, which may have been
set by another security plugin, or you may have set them manually. Please verify the permissions allow
the web server to write to the file, and retry the installation.');
}
if ($serverConfig == 'litespeed') {
// sleep(2);
$wp_filesystem->touch($htaccessPath);
}
}
if ($userIni) {
// .user.ini configuration
switch ($serverConfig) {
case 'cgi':
case 'nginx':
case 'apache-suphp':
case 'litespeed':
case 'iis':
$autoPrependIni = sprintf("; Wordfence WAF\nauto_prepend_file = '%s'\n; END Wordfence WAF\n", addcslashes($bootstrapPath, "'"));
break;
}
if (!empty($autoPrependIni)) {
// Modify .user.ini
$userIniContent = $wp_filesystem->get_contents($userIniPath);
if (is_string($userIniContent)) {
$userIniContent = str_replace('auto_prepend_file', ';auto_prepend_file', $userIniContent);
$regex = '/; Wordfence WAF.*?; END Wordfence WAF/is';
if (preg_match($regex, $userIniContent, $matches)) {
$userIniContent = preg_replace($regex, $autoPrependIni, $userIniContent);
} else {
$userIniContent .= "\n\n" . $autoPrependIni;
}
} else {
$userIniContent = $autoPrependIni;
}
if (!$wp_filesystem->put_contents($userIniPath, $userIniContent)) {
throw new wfWAFAutoPrependHelperException(sprintf('We were unable to make changes to the %1$s file.
It\'s possible WordPress cannot write to the %1$s file because of file permissions.
Please verify the permissions are correct and retry the installation.', basename($userIniPath)));
}
}
}
}
/**
* @param WP_Filesystem_Base $wp_filesystem
* @throws wfWAFAutoPrependHelperException
*/
public function performAutoPrependFileRemoval($wp_filesystem)
{
$bootstrapPath = wordfence::getWAFBootstrapPath();
if (!$wp_filesystem->delete($bootstrapPath)) {
throw new wfWAFAutoPrependHelperException('We were unable to remove the <code>wordfence-waf.php</code> file
in the root of the WordPress installation. It\'s possible WordPress cannot remove the <code>wordfence-waf.php</code>
file because of file permissions. Please verify the permissions are correct and retry the removal.');
}
}
