コード例 #1
0
    function render_tab5()
    {
        global $aio_wp_security;
        global $wpdb;
        $events_table_name = AIOWPSEC_TBL_EVENTS;
        AIOWPSecurity_Utility::cleanup_table($events_table_name, 500);
        if (isset($_POST['aiowps_import_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-import-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on import AIOWPS settings!", 4);
                die("Nonce check failed on import AIOWPS settings!");
            }
            if (empty($_POST['aiowps_import_settings_file']) && empty($_POST['aiowps_import_settings_text'])) {
                $this->show_msg_error(__('Please choose a file to import your settings from.', 'aiowpsecurity'));
            } else {
                if (empty($_POST['aiowps_import_settings_file'])) {
                    $import_from = "text";
                } else {
                    $import_from = "file";
                }
                if ($import_from == "file") {
                    //Let's get the uploaded import file path
                    $submitted_import_file_path = trim($_POST['aiowps_import_settings_file']);
                    $attachment_id = AIOWPSecurity_Utility_File::get_attachment_id_from_url($submitted_import_file_path);
                    //we'll need this later for deleting
                    //Verify that file chosen has valid AIOWPS settings contents
                    $aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_file($submitted_import_file_path);
                } else {
                    //Get the string right from the textarea. Still confirm it's in the expected format.
                    $aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_text($_POST['aiowps_import_settings_text']);
                }
                if ($aiowps_settings_file_contents != -1) {
                    //Apply the settings and delete the file (if applicable)
                    $settings_array = json_decode($aiowps_settings_file_contents, true);
                    $aiowps_settings_applied = update_option('aio_wp_security_configs', $settings_array);
                    if (!$aiowps_settings_applied) {
                        //Failed to import settings
                        $aio_wp_security->debug_logger->log_debug("Import AIOWPS settings from " . $import_from . " operation failed!", 4);
                        $this->show_msg_error(__('Import AIOWPS settings from ' . $import_from . ' operation failed!', 'aiowpsecurity'));
                        if ($import_from == "file") {
                            //Delete the uploaded settings file for security purposes
                            wp_delete_attachment($attachment_id, true);
                            if (false === wp_delete_attachment($attachment_id, true)) {
                                $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
                            } else {
                                $this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            }
                        }
                    } else {
                        $aio_wp_security->configs->configs = $settings_array;
                        //Refresh the configs global variable
                        //Just in case user submits partial config settings
                        //Run add_option_values to make sure any missing config items are at least set to default
                        AIOWPSecurity_Configure_Settings::add_option_values();
                        if ($import_from == "file") {
                            //Delete the uploaded settings file for security purposes
                            wp_delete_attachment($attachment_id, true);
                            if (false === wp_delete_attachment($attachment_id, true)) {
                                $this->show_msg_updated(__('Your AIOWPS settings were successfully imported via file input.', 'aiowpsecurity'));
                                $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            } else {
                                $this->show_msg_updated(__('Your AIOWPS settings were successfully imported. The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            }
                        } else {
                            $this->show_msg_updated(__('Your AIOWPS settings were successfully imported via text entry.', 'aiowpsecurity'));
                        }
                        //Now let's refresh the .htaccess file with any modified rules if applicable
                        $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
                        if ($res == -1) {
                            $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
                        }
                    }
                } else {
                    //Invalid settings file
                    $aio_wp_security->debug_logger->log_debug("The contents of your settings file appear invalid!", 4);
                    $this->show_msg_error(__('The contents of your settings file appear invalid. Please check the contents of the file you are trying to import settings from.', 'aiowpsecurity'));
                    if ($import_from == "file") {
                        //Let's also delete the uploaded settings file for security purposes
                        wp_delete_attachment($attachment_id, true);
                        if (false === wp_delete_attachment($attachment_id, true)) {
                            $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
                        } else {
                            $this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                        }
                    }
                }
            }
        }
        ?>
        <h2><?php 
        _e('Export or Import Your AIOWPS Settings', 'aiowpsecurity');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('This section allows you to export or import your All In One WP Security & Firewall settings.', 'aiowpsecurity');
        echo '<br />' . __('This can be handy if you wanted to save time by applying the settings from one site to another site.', 'aiowpsecurity') . '
            <br />' . __('NOTE: Before importing, it is your responsibility to know what settings you are trying to import. Importing settings blindly can cause you to be locked out of your site.', 'aiowpsecurity') . '
            <br />' . __('For Example: If a settings item relies on the domain URL then it may not work correctly when imported into a site with a different domain.', 'aiowpsecurity') . '
            </p>';
        ?>
        </div>

        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Export AIOWPS Settings', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-export-settings-nonce');
        ?>
        <table class="form-table">
            <tr valign="top">
            <span class="description"><?php 
        _e('To export your All In One WP Security & Firewall settings click the button below.', 'aiowpsecurity');
        ?>
</span>
            </tr>
        </table>
        <input type="submit" name="aiowps_export_settings" value="<?php 
        _e('Export AIOWPS Settings', 'aiowpsecurity');
        ?>
" class="button-primary" />
        </form>
        </div></div>
        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Import AIOWPS Settings', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-import-settings-nonce');
        ?>
        <table class="form-table">
            <tr valign="top">
                <span class="description"><?php 
        _e('Use this section to import your All In One WP Security & Firewall settings from a file. Alternatively, copy/paste the contents of your import file into the textarea below.', 'aiowpsecurity');
        ?>
</span>
                <th scope="row"><?php 
        _e('Import File', 'aiowpsecurity');
        ?>
:</th>
                <td>
                    <input type="button" id="aiowps_import_settings_file_button" name="aiowps_import_settings_file_button" class="button rbutton" value="Select Your Import Settings File" />
                    <input name="aiowps_import_settings_file" type="text" id="aiowps_import_settings_file" value="" size="80" />
                    <p class="description">
                        <?php 
        _e('After selecting your file, click the button below to apply the settings to your site.', 'aiowpsecurity');
        ?>
                    </p>
                </td>
            </tr>
            <tr valign="top">
                <th scope="row"><?php 
        _e('Copy/Paste Import Data', 'aiowpsecurity');
        ?>
:</th>
                <td>
                    <textarea name="aiowps_import_settings_text" id="aiowps_import_settings_text" style="width:80%;height:140px;"></textarea>
                </td>
            </tr>
        </table>
        <input type="submit" name="aiowps_import_settings" value="<?php 
        _e('Import AIOWPS Settings', 'aiowpsecurity');
        ?>
" class="button-primary" />
        </form>
        </div></div>
    <?php 
    }
コード例 #2
0
 function aiowps_scheduled_db_cleanup_handler()
 {
     global $aio_wp_security;
     $aio_wp_security->debug_logger->log_debug_cron("DB Cleanup - checking if a cleanup needs to be done now...");
     //Check the events table because this can grow quite large especially when 404 events are being logged
     $events_table_name = AIOWPSEC_TBL_EVENTS;
     $max_rows_event_table = '5000';
     //Keep a max of 5000 rows in the events table
     $max_rows_event_table = apply_filters('aiowps_max_rows_event_table', $max_rows_event_table);
     AIOWPSecurity_Utility::cleanup_table($events_table_name, $max_rows_event_table);
     //Check the failed logins table
     $failed_logins_table_name = AIOWPSEC_TBL_FAILED_LOGINS;
     $max_rows_failed_logins_table = '5000';
     //Keep a max of 5000 rows in the events table
     $max_rows_failed_logins_table = apply_filters('aiowps_max_rows_failed_logins_table', $max_rows_failed_logins_table);
     AIOWPSecurity_Utility::cleanup_table($failed_logins_table_name, $max_rows_failed_logins_table);
     //Check the login activity table
     $login_activity_table_name = AIOWPSEC_TBL_USER_LOGIN_ACTIVITY;
     $max_rows_login_activity_table = '5000';
     //Keep a max of 5000 rows in the events table
     $max_rows_login_activity_table = apply_filters('aiowps_max_rows_login_attempts_table', $max_rows_login_activity_table);
     AIOWPSecurity_Utility::cleanup_table($login_activity_table_name, $max_rows_login_activity_table);
     //Check the global meta table
     $global_meta_table_name = AIOWPSEC_TBL_GLOBAL_META_DATA;
     $max_rows_global_meta_table = '5000';
     //Keep a max of 5000 rows in this table
     $max_rows_global_meta_table = apply_filters('aiowps_max_rows_global_meta_table', $max_rows_global_meta_table);
     AIOWPSecurity_Utility::cleanup_table($global_meta_table_name, $max_rows_global_meta_table);
     //Keep adding other DB cleanup tasks as they arise...
 }
コード例 #3
0
 function aiowps_scheduled_db_cleanup_handler()
 {
     global $aio_wp_security;
     $aio_wp_security->debug_logger->log_debug_cron("DB Cleanup - checking if a cleanup needs to be done now...");
     //Check the events table because this can grow quite large especially when 404 events are being logged
     $events_table_name = AIOWPSEC_TBL_EVENTS;
     $max_rows_event_table = '5000';
     //Keep a max of 5000 rows in the events table
     $max_rows_event_table = apply_filters('aiowps_max_rows_event_table', $max_rows_event_table);
     AIOWPSecurity_Utility::cleanup_table($events_table_name, $max_rows_event_table);
     //Keep adding other DB cleanup tasks as they arise...
 }