function sucuriscan_settings_general_apikey($nonce)
{
$params = array();
$invalid_domain = false;
$api_recovery_modal = '';
$api_registered_modal = '';
// Whether the form to manually add the API key should be shown or not.
$display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false);
if ($nonce) {
if (SucuriScanRequest::post(':plugin_api_key') !== false) {
$user_id = SucuriScanRequest::post(':setup_user');
$user_obj = SucuriScan::get_user_by_id($user_id);
if ($user_obj !== false && user_can($user_obj, 'administrator')) {
// Send request to generate new API key or display form to set manually.
if (SucuriScanAPI::register_site($user_obj->user_email)) {
$api_registered_modal = SucuriScanTemplate::get_modal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered'));
} else {
$display_manual_key_form = true;
}
}
}
// Recover API key through the email registered previously.
if (SucuriScanRequest::post(':recover_key') !== false) {
SucuriScanAPI::recover_key();
SucuriScanEvent::report_info_event('Recovery of the Sucuri API key was requested.');
$api_recovery_modal = SucuriScanTemplate::get_modal('settings-apirecovery', array('Title' => 'Plugin API Key Recovery', 'CssClass' => 'sucuriscan-apirecovery'));
}
}
$api_key = SucuriScanAPI::get_plugin_key();
// Check whether the domain name is valid or not.
if (!$api_key) {
$clean_domain = SucuriScan::get_top_level_domain();
$domain_address = @gethostbyname($clean_domain);
$invalid_domain = (bool) ($domain_address === $clean_domain);
}
$params['APIKey'] = !$api_key ? '<em>(not set)</em>' : $api_key;
$params['APIKey.RecoverVisibility'] = SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form);
$params['APIKey.ManualKeyFormVisibility'] = SucuriScanTemplate::visibility($display_manual_key_form);
$params['APIKey.RemoveVisibility'] = SucuriScanTemplate::visibility((bool) $api_key);
$params['InvalidDomainVisibility'] = SucuriScanTemplate::visibility($invalid_domain);
$params['ModalWhenAPIRegistered'] = $api_registered_modal;
$params['ModalForApiKeyRecovery'] = $api_recovery_modal;
return SucuriScanTemplate::get_section('settings-general-apikey', $params);
}
/**
* Read and parse the content of the general settings template.
*
* @return string Parsed HTML code for the general settings panel.
*/
function sucuriscan_settings_general()
{
global $sucuriscan_emails_per_hour, $sucuriscan_maximum_failed_logins, $sucuriscan_verify_ssl_cert;
// Check the nonce here to populate the value through other functions.
$page_nonce = SucuriScanInterface::check_nonce();
// Process all form submissions.
sucuriscan_settings_form_submissions($page_nonce);
// Register the site, get its API key, and store it locally for future usage.
$api_registered_modal = '';
// Whether the form to manually add the API key should be shown or not.
$display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false);
if ($page_nonce && SucuriScanRequest::post(':plugin_api_key') !== false) {
$registered = SucuriScanAPI::register_site();
if ($registered) {
$api_registered_modal = SucuriScanTemplate::get_modal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered'));
} else {
$display_manual_key_form = true;
}
}
// Get initial variables to decide some things bellow.
$api_key = SucuriScanAPI::get_plugin_key();
$emails_per_hour = SucuriScanOption::get_option(':emails_per_hour');
$maximum_failed_logins = SucuriScanOption::get_option(':maximum_failed_logins');
$verify_ssl_cert = SucuriScanOption::get_option(':verify_ssl_cert');
$audit_report = SucuriScanOption::get_option(':audit_report');
$logs4report = SucuriScanOption::get_option(':logs4report');
$revproxy = SucuriScanOption::get_option(':revproxy');
$invalid_domain = false;
// Check whether the domain name is valid or not.
if (!$api_key) {
$clean_domain = SucuriScan::get_top_level_domain();
$domain_address = @gethostbyname($clean_domain);
$invalid_domain = $domain_address == $clean_domain ? true : false;
}
// Generate the HTML code for the option list in the form select fields.
$emails_per_hour_options = SucuriScanTemplate::get_select_options($sucuriscan_emails_per_hour, $emails_per_hour);
$maximum_failed_logins_options = SucuriScanTemplate::get_select_options($sucuriscan_maximum_failed_logins, $maximum_failed_logins);
$verify_ssl_cert_options = SucuriScanTemplate::get_select_options($sucuriscan_verify_ssl_cert, $verify_ssl_cert);
$template_variables = array('APIKey' => !$api_key ? '<em>(not set)</em>' : $api_key, 'APIKey.RecoverVisibility' => SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form), 'APIKey.ManualKeyFormVisibility' => SucuriScanTemplate::visibility($display_manual_key_form), 'APIKey.RemoveVisibility' => SucuriScanTemplate::visibility((bool) $api_key), 'InvalidDomainVisibility' => SucuriScanTemplate::visibility($invalid_domain), 'NotifyTo' => SucuriScanOption::get_option(':notify_to'), 'EmailsPerHour' => 'Undefined', 'EmailsPerHourOptions' => $emails_per_hour_options, 'MaximumFailedLogins' => 'Undefined', 'MaximumFailedLoginsOptions' => $maximum_failed_logins_options, 'VerifySSLCert' => 'Undefined', 'VerifySSLCertOptions' => $verify_ssl_cert_options, 'RequestTimeout' => SucuriScanOption::get_option(':request_timeout') . ' seconds', 'DatastorePath' => SucuriScanOption::get_option(':datastore_path'), 'CollectWrongPasswords' => 'No collect passwords', 'ModalWhenAPIRegistered' => $api_registered_modal, 'AuditReportStatus' => 'Enabled', 'AuditReportSwitchText' => 'Disable', 'AuditReportSwitchValue' => 'disable', 'AuditReportSwitchCssClass' => 'button-danger', 'AuditReportLimit' => $logs4report, 'ReverseProxyStatus' => 'Enabled', 'ReverseProxySwitchText' => 'Disable', 'ReverseProxySwitchValue' => 'disable', 'ReverseProxySwitchCssClass' => 'button-danger', 'APIProxy.Host' => 'n/a', 'APIProxy.Port' => 'n/a', 'APIProxy.Username' => 'n/a', 'APIProxy.Password' => 'n/a', 'APIProxy.PasswordType' => 'default', 'APIProxy.PasswordText' => 'empty');
if (array_key_exists($emails_per_hour, $sucuriscan_emails_per_hour)) {
$template_variables['EmailsPerHour'] = $sucuriscan_emails_per_hour[$emails_per_hour];
}
if (array_key_exists($maximum_failed_logins, $sucuriscan_maximum_failed_logins)) {
$template_variables['MaximumFailedLogins'] = $sucuriscan_maximum_failed_logins[$maximum_failed_logins];
}
if (array_key_exists($verify_ssl_cert, $sucuriscan_verify_ssl_cert)) {
$template_variables['VerifySSLCert'] = $sucuriscan_verify_ssl_cert[$verify_ssl_cert];
}
if ($audit_report == 'disabled') {
$template_variables['AuditReportStatus'] = 'Disabled';
$template_variables['AuditReportSwitchText'] = 'Enable';
$template_variables['AuditReportSwitchValue'] = 'enable';
$template_variables['AuditReportSwitchCssClass'] = 'button-success';
}
if ($revproxy == 'disabled') {
$template_variables['ReverseProxyStatus'] = 'Disabled';
$template_variables['ReverseProxySwitchText'] = 'Enable';
$template_variables['ReverseProxySwitchValue'] = 'enable';
$template_variables['ReverseProxySwitchCssClass'] = 'button-success';
}
if (sucuriscan_collect_wrong_passwords() === true) {
$template_variables['CollectWrongPasswords'] = '<span class="sucuriscan-label-error">Yes, collect passwords</span>';
}
// Determine if the API calls with pass through a proxy or not.
if (class_exists('WP_HTTP_Proxy')) {
$wp_http_proxy = new WP_HTTP_Proxy();
if ($wp_http_proxy->is_enabled()) {
$proxy_host = SucuriScan::escape($wp_http_proxy->host());
$proxy_port = SucuriScan::escape($wp_http_proxy->port());
$proxy_username = SucuriScan::escape($wp_http_proxy->username());
$proxy_password = SucuriScan::escape($wp_http_proxy->password());
$template_variables['APIProxy.Host'] = $proxy_host;
$template_variables['APIProxy.Port'] = $proxy_port;
$template_variables['APIProxy.Username'] = $proxy_username;
$template_variables['APIProxy.Password'] = $proxy_password;
$template_variables['APIProxy.PasswordType'] = 'info';
$template_variables['APIProxy.PasswordText'] = 'hidden';
}
}
return SucuriScanTemplate::get_section('settings-general', $template_variables);
}
