Esempio n. 1
0
 public static function ajax_saveConfig_callback()
 {
     $reload = '';
     $opts = wfConfig::parseOptions();
     // These are now on the Diagnostics page, so they aren't sent across.
     foreach (self::$diagnosticParams as $param) {
         $opts[$param] = wfConfig::get($param);
     }
     $emails = array();
     foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['alertEmails'])) as $email) {
         if (strlen($email) > 0) {
             $emails[] = $email;
         }
     }
     if (sizeof($emails) > 0) {
         $badEmails = array();
         foreach ($emails as $email) {
             if (!preg_match('/^[^@]+@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,11})$/i', $email)) {
                 $badEmails[] = $email;
             }
         }
         if (sizeof($badEmails) > 0) {
             return array('errorMsg' => "The following emails are invalid: " . wp_kses(implode(', ', $badEmails), array()));
         }
         $opts['alertEmails'] = implode(',', $emails);
     } else {
         $opts['alertEmails'] = '';
     }
     $opts['scan_exclude'] = wfUtils::cleanupOneEntryPerLine($opts['scan_exclude']);
     foreach (explode("\n", $opts['scan_include_extra']) as $regex) {
         if (@preg_match("/{$regex}/", "") === FALSE) {
             return array('errorMsg' => "\"" . esc_html($regex) . "\" is not a valid regular expression");
         }
     }
     $whiteIPs = array();
     foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['whitelisted'])) as $whiteIP) {
         if (strlen($whiteIP) > 0) {
             $whiteIPs[] = $whiteIP;
         }
     }
     if (sizeof($whiteIPs) > 0) {
         $badWhiteIPs = array();
         $range = new wfUserIPRange();
         foreach ($whiteIPs as $whiteIP) {
             $range->setIPString($whiteIP);
             if (!$range->isValidRange()) {
                 $badWhiteIPs[] = $whiteIP;
             }
         }
         if (sizeof($badWhiteIPs) > 0) {
             return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . wp_kses(implode(', ', $badWhiteIPs), array()));
         }
         $opts['whitelisted'] = implode(',', $whiteIPs);
     } else {
         $opts['whitelisted'] = '';
     }
     $validUsers = array();
     $invalidUsers = array();
     foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) {
         $val = trim($val);
         if (strlen($val) > 0) {
             if (get_user_by('login', $val)) {
                 $validUsers[] = $val;
             } else {
                 $invalidUsers[] = $val;
             }
         }
     }
     $opts['loginSec_userBlacklist'] = wfUtils::cleanupOneEntryPerLine($opts['loginSec_userBlacklist']);
     $opts['apiKey'] = trim($opts['apiKey']);
     if ($opts['apiKey'] && !preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) {
         //User entered something but it's garbage.
         return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9.");
     }
     if (sizeof($invalidUsers) > 0) {
         return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . wp_kses(implode(', ', $invalidUsers), array()));
     }
     if (sizeof($validUsers) > 0) {
         $opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
     } else {
         $opts['liveTraf_ignoreUsers'] = '';
     }
     $validIPs = array();
     $invalidIPs = array();
     foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val) {
         if (strlen($val) > 0) {
             if (wfUtils::isValidIP($val)) {
                 $validIPs[] = $val;
             } else {
                 $invalidIPs[] = $val;
             }
         }
     }
     if (sizeof($invalidIPs) > 0) {
         return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . wp_kses(implode(', ', $invalidIPs), array()));
     }
     if (sizeof($validIPs) > 0) {
         $opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
     }
     if (preg_match('/[a-zA-Z0-9\\d]+/', $opts['liveTraf_ignoreUA'])) {
         $opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
     } else {
         $opts['liveTraf_ignoreUA'] = '';
     }
     if (!$opts['other_WFNet']) {
         $wfdb = new wfDB();
         global $wpdb;
         $p = $wpdb->base_prefix;
         $wfdb->queryWrite("delete from {$p}" . "wfBlocks where wfsn=1 and permanent=0");
     }
     if ($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')) {
         $reload = 'reload';
     }
     $regenerateHtaccess = false;
     if (wfConfig::get('bannedURLs', false) != $opts['bannedURLs']) {
         $regenerateHtaccess = true;
     }
     if (!is_numeric($opts['liveTraf_maxRows'])) {
         return array('errorMsg' => 'Please enter a number for the amount of Live Traffic data to store.');
     }
     foreach ($opts as $key => $val) {
         if ($key != 'apiKey') {
             //Don't save API key yet
             wfConfig::set($key, $val);
         }
     }
     if ($regenerateHtaccess && wfConfig::get('cacheType') == 'falcon') {
         wfCache::addHtaccessCode('add');
     }
     if ($opts['autoUpdate'] == '1') {
         wfConfig::enableAutoUpdate();
     } else {
         if ($opts['autoUpdate'] == '0') {
             wfConfig::disableAutoUpdate();
         }
     }
     try {
         if ($opts['disableCodeExecutionUploads']) {
             wfConfig::disableCodeExecutionForUploads();
         } else {
             wfConfig::removeCodeExecutionProtectionForUploads();
         }
     } catch (wfConfigException $e) {
         return array('errorMsg' => $e->getMessage());
     }
     if (!empty($opts['email_summary_enabled'])) {
         wfConfig::set('email_summary_enabled', 1);
         wfConfig::set('email_summary_interval', $opts['email_summary_interval']);
         wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']);
         wfActivityReport::scheduleCronJob();
     } else {
         wfConfig::set('email_summary_enabled', 0);
         wfActivityReport::disableCronJob();
     }
     if (wfConfig::get('other_hideWPVersion')) {
         wfUtils::hideReadme();
     } else {
         wfUtils::showReadme();
     }
     $paidKeyMsg = false;
     if (!$opts['apiKey']) {
         //Empty API key (after trim above), then try to get one.
         $api = new wfAPI('', wfUtils::getWPVersion());
         try {
             $keyData = $api->call('get_anon_api_key');
             if ($keyData['ok'] && $keyData['apiKey']) {
                 wfConfig::set('apiKey', $keyData['apiKey']);
                 wfConfig::set('isPaid', 0);
                 $reload = 'reload';
             } else {
                 throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
             }
         } catch (Exception $e) {
             return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . wp_kses($e->getMessage(), array()));
         }
     } else {
         if ($opts['apiKey'] != wfConfig::get('apiKey')) {
             $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
             try {
                 $res = $api->call('check_api_key', array(), array());
                 if ($res['ok'] && isset($res['isPaid'])) {
                     wfConfig::set('apiKey', $opts['apiKey']);
                     $reload = 'reload';
                     wfConfig::set('isPaid', $res['isPaid']);
                     //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
                     if ($res['isPaid']) {
                         $paidKeyMsg = true;
                     }
                 } else {
                     throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
                 }
             } catch (Exception $e) {
                 return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . wp_kses($e->getMessage(), array()));
             }
         } else {
             $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
             $api->call('ping_api_key', array(), array());
         }
     }
     return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg);
 }
 function save_setting()
 {
     $settings = maybe_unserialize(base64_decode($_POST['settings']));
     if (is_array($settings) && count($settings) > 0) {
         $result = array();
         $reload = '';
         $opts = $settings;
         $validUsers = array();
         $invalidUsers = array();
         foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) {
             $val = trim($val);
             if (strlen($val) > 0) {
                 if (get_user_by('login', $val)) {
                     $validUsers[] = $val;
                 } else {
                     $invalidUsers[] = $val;
                 }
             }
         }
         if (count($invalidUsers) > 0) {
             // return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers)) );
             $result['invalid_users'] = htmlentities(implode(', ', $invalidUsers));
         }
         if (count($validUsers) > 0) {
             $opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
         } else {
             $opts['liveTraf_ignoreUsers'] = '';
         }
         if (!$opts['other_WFNet']) {
             $wfdb = new wfDB();
             global $wpdb;
             $p = $wpdb->base_prefix;
             $wfdb->queryWrite("delete from {$p}" . 'wfBlocks where wfsn=1 and permanent=0');
         }
         $regenerateHtaccess = false;
         if (wfConfig::get('bannedURLs', false) !== $opts['bannedURLs']) {
             $regenerateHtaccess = true;
         }
         foreach ($opts as $key => $val) {
             if (in_array($key, self::$options_filter)) {
                 if ('apiKey' !== $key) {
                     //Don't save API key yet
                     wfConfig::set($key, $val);
                 }
             }
         }
         if ($regenerateHtaccess) {
             wfCache::addHtaccessCode('add');
         }
         if ('1' === $opts['autoUpdate']) {
             wfConfig::enableAutoUpdate();
         } else {
             if ('0' === $opts['autoUpdate']) {
                 wfConfig::disableAutoUpdate();
             }
         }
         if (isset($opts['disableCodeExecutionUploads'])) {
             try {
                 if ($opts['disableCodeExecutionUploads']) {
                     wfConfig::disableCodeExecutionForUploads();
                 } else {
                     wfConfig::removeCodeExecutionProtectionForUploads();
                 }
             } catch (wfConfigException $e) {
                 return array('error' => $e->getMessage());
             }
         }
         if (isset($opts['email_summary_enabled'])) {
             if (!empty($opts['email_summary_enabled'])) {
                 wfConfig::set('email_summary_enabled', 1);
                 wfConfig::set('email_summary_interval', $opts['email_summary_interval']);
                 wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']);
                 wfActivityReport::scheduleCronJob();
             } else {
                 wfConfig::set('email_summary_enabled', 0);
                 wfActivityReport::disableCronJob();
             }
         }
         $sch = isset($opts['scheduleScan']) ? $opts['scheduleScan'] : '';
         if (get_option('mainwp_child_wordfence_cron_time') !== $sch) {
             update_option('mainwp_child_wordfence_cron_time', $sch);
             $sched = wp_next_scheduled('mainwp_child_wordfence_cron_scan');
             if (false !== $sched) {
                 wp_unschedule_event($sched, 'mainwp_child_wordfence_cron_scan');
             }
         }
         $result['cacheType'] = wfConfig::get('cacheType');
         $result['paidKeyMsg'] = false;
         $apiKey = trim($_POST['apiKey']);
         if (!$apiKey) {
             //Empty API key (after trim above), then try to get one.
             $api = new wfAPI('', wfUtils::getWPVersion());
             try {
                 $keyData = $api->call('get_anon_api_key');
                 if ($keyData['ok'] && $keyData['apiKey']) {
                     wfConfig::set('apiKey', $keyData['apiKey']);
                     wfConfig::set('isPaid', 0);
                     $result['apiKey'] = $keyData['apiKey'];
                     $result['isPaid'] = 0;
                     $reload = 'reload';
                 } else {
                     throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
                 }
             } catch (Exception $e) {
                 $result['error'] = 'Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: ' . htmlentities($e->getMessage());
                 return $result;
             }
         } else {
             if (wfConfig::get('apiKey') !== $apiKey) {
                 $api = new wfAPI($apiKey, wfUtils::getWPVersion());
                 try {
                     $res = $api->call('check_api_key', array(), array());
                     if ($res['ok'] && isset($res['isPaid'])) {
                         wfConfig::set('apiKey', $apiKey);
                         wfConfig::set('isPaid', $res['isPaid']);
                         //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
                         $result['apiKey'] = $apiKey;
                         $result['isPaid'] = $res['isPaid'];
                         if ($res['isPaid']) {
                             $result['paidKeyMsg'] = true;
                         }
                         $reload = 'reload';
                     } else {
                         throw new Exception('We could not understand the Wordfence API server reply when updating your API key.');
                     }
                 } catch (Exception $e) {
                     $result['error'] = 'Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage());
                     return $result;
                 }
             } else {
                 try {
                     $api = new wfAPI($apiKey, wfUtils::getWPVersion());
                     $res = $api->call('ping_api_key', array(), array());
                 } catch (Exception $e) {
                     $result['error'] = 'Your options have been saved. However we noticed you do not change your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage());
                     return $result;
                 }
             }
         }
         $result['ok'] = 1;
         $result['reload'] = $reload;
         return $result;
     }
 }
Esempio n. 3
0
	public static function ajax_saveConfig_callback(){
		$reload = '';
		$opts = wfConfig::parseOptions();
		$emails = array();
		foreach(explode(',', preg_replace('/[\r\n\s\t]+/', '', $opts['alertEmails'])) as $email){
			if(strlen($email) > 0){
				$emails[] = $email;
			}
		}
		if(sizeof($emails) > 0){
			$badEmails = array();
			foreach($emails as $email){
				if(! preg_match('/^[^@]+@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,11})$/i', $email)){
					$badEmails[] = $email;
				}
			}
			if(sizeof($badEmails) > 0){
				return array('errorMsg' => "The following emails are invalid: " . wp_kses(implode(', ', $badEmails), array()) );
			}
			$opts['alertEmails'] = implode(',', $emails);
		} else {
			$opts['alertEmails'] = '';
		}
		$opts['scan_exclude'] = preg_replace('/[\r\n\s\t]+/', '', $opts['scan_exclude']);
		$whiteIPs = array();
		foreach(explode(',', preg_replace('/[\r\n\s\t]+/', '', $opts['whitelisted'])) as $whiteIP){
			if(strlen($whiteIP) > 0){
				$whiteIPs[] = $whiteIP;
			}
		}
		if(sizeof($whiteIPs) > 0){
			$badWhiteIPs = array();
			foreach($whiteIPs as $whiteIP){
				if(! preg_match('/^[\[\]\-\d]+\.[\[\]\-\d]+\.[\[\]\-\d]+\.[\[\]\-\d]+$/', $whiteIP)){
					$badWhiteIPs[] = $whiteIP;
				}
			}
			if(sizeof($badWhiteIPs) > 0){
				return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . wp_kses(implode(', ', $badWhiteIPs), array()) );
			}
			$opts['whitelisted'] = implode(',', $whiteIPs);
		} else {
			$opts['whitelisted'] = '';
		}
		$validUsers = array();
		$invalidUsers = array();
		foreach(explode(',', $opts['liveTraf_ignoreUsers']) as $val){
			$val = trim($val);
			if(strlen($val) > 0){
				if(get_user_by('login', $val)){
					$validUsers[] = $val;
				} else {
					$invalidUsers[] = $val;
				}
			}
		}
		$userBlacklist = array();
		foreach(explode(',', $opts['loginSec_userBlacklist']) as $user){
			$user = trim($user);
			if(strlen($user) > 0){
				$userBlacklist[] = $user;
			}
		}
		if(sizeof($userBlacklist) > 0){
			$opts['loginSec_userBlacklist'] = implode(',', $userBlacklist);
		} else {
			$opts['loginSec_userBlacklist'] = '';
		}

		$opts['apiKey'] = trim($opts['apiKey']);
		if($opts['apiKey'] && (! preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) ){ //User entered something but it's garbage.
			return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9.");
		}

		if(sizeof($invalidUsers) > 0){
			return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . wp_kses(implode(', ', $invalidUsers), array()) );
		}
		if(sizeof($validUsers) > 0){
			$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
		} else {
			$opts['liveTraf_ignoreUsers'] = '';
		}

		$validIPs = array();
		$invalidIPs = array();
		foreach(explode(',', preg_replace('/[\r\n\s\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val){
			if(strlen($val) > 0){
				if(preg_match('/^\d+\.\d+\.\d+\.\d+$/', $val)){
					$validIPs[] = $val;
				} else {
					$invalidIPs[] = $val;
				}
			}
		}
		if(sizeof($invalidIPs) > 0){
			return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . wp_kses(implode(', ', $invalidIPs), array()) );
		}
		if(sizeof($validIPs) > 0){
			$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
		}
			
		if(preg_match('/[a-zA-Z0-9\d]+/', $opts['liveTraf_ignoreUA'])){
			$opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
		} else {
			$opts['liveTraf_ignoreUA'] = '';
		}
		if(! $opts['other_WFNet']){	
			$wfdb = new wfDB();
			global $wpdb;
			$p = $wpdb->base_prefix;
			$wfdb->queryWrite("delete from $p"."wfBlocks where wfsn=1 and permanent=0");
		}
		if($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')){
			$reload = 'reload';
		}
		$regenerateHtaccess = false;
		if(wfConfig::get('bannedURLs', false) != $opts['bannedURLs']){
			$regenerateHtaccess = true;
		}

		foreach($opts as $key => $val){
			if($key != 'apiKey'){ //Don't save API key yet
				wfConfig::set($key, $val);
			}
		}
		if($regenerateHtaccess){
			wfCache::addHtaccessCode('add');
		}

		if($opts['autoUpdate'] == '1'){
			wfConfig::enableAutoUpdate();
		} else if($opts['autoUpdate'] == '0'){
			wfConfig::disableAutoUpdate();
		}
		
		try {
			if ($opts['disableCodeExecutionUploads']) {
				wfConfig::disableCodeExecutionForUploads();
			} else {
				wfConfig::removeCodeExecutionProtectionForUploads();
			}
		} catch (wfConfigException $e) {
			return array('errorMsg' => $e->getMessage());
		}
		
		$paidKeyMsg = false;


		if(! $opts['apiKey']){ //Empty API key (after trim above), then try to get one.
			$api = new wfAPI('', wfUtils::getWPVersion());
			try {
				$keyData = $api->call('get_anon_api_key');
				if($keyData['ok'] && $keyData['apiKey']){
					wfConfig::set('apiKey', $keyData['apiKey']);
					wfConfig::set('isPaid', 0);
					$reload = 'reload';
				} else {
					throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
				}
			} catch(Exception $e){
				return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . wp_kses($e->getMessage(), array()) );
			}
		} else if($opts['apiKey'] != wfConfig::get('apiKey')){
			$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
			try {
				$res = $api->call('check_api_key', array(), array());
				if($res['ok'] && isset($res['isPaid'])){
					wfConfig::set('apiKey', $opts['apiKey']);
					$reload = 'reload';
					wfConfig::set('isPaid', $res['isPaid']); //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools.
					if($res['isPaid']){
						$paidKeyMsg = true;
					}
				} else {
					throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
				}
			} catch (Exception $e){
				return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . wp_kses($e->getMessage(), array()) );
			}
		} else {
			$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
			$api->call('ping_api_key', array(), array());
		}
		return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg );
	}