/** * Print a list with the failed logins occurred during the last hour. * * @return string A list with the failed logins occurred during the last hour. */ function sucuriscan_failed_logins_panel() { $template_variables = array('FailedLogins.List' => '', 'FailedLogins.Total' => '', 'FailedLogins.MaxFailedLogins' => 0, 'FailedLogins.NoItemsVisibility' => 'visible', 'FailedLogins.WarningVisibility' => 'visible', 'FailedLogins.CollectPasswordsVisibility' => 'visible', 'FailedLogins.PaginationLinks' => '', 'FailedLogins.PaginationVisibility' => 'hidden'); // Define variables for the pagination. $page_number = SucuriScanTemplate::get_page_number(); $max_per_page = SUCURISCAN_MAX_PAGINATION_BUTTONS; $page_offset = ($page_number - 1) * $max_per_page; $page_limit = $page_offset + $max_per_page; $max_failed_logins = SucuriScanOption::get_option(':maximum_failed_logins'); $notify_bruteforce_attack = SucuriScanOption::get_option(':notify_bruteforce_attack'); $failed_logins = sucuriscan_get_failed_logins(); $old_failed_logins = sucuriscan_get_failed_logins(true); // Merge the new and old failed logins. if (is_array($old_failed_logins) && !empty($old_failed_logins)) { if (is_array($failed_logins) && !empty($failed_logins)) { $failed_logins = array_merge($failed_logins, $old_failed_logins); } else { $failed_logins = $old_failed_logins; } } if ($failed_logins) { $counter = 0; for ($key = $page_offset; $key < $page_limit; $key++) { if (array_key_exists($key, $failed_logins['entries'])) { $login_data = $failed_logins['entries'][$key]; $css_class = $counter % 2 == 0 ? '' : 'alternate'; $wrong_user_password = '******'; if (sucuriscan_collect_wrong_passwords() === true) { if (isset($login_data['user_password']) && !empty($login_data['user_password'])) { $wrong_user_password = SucuriScan::escape($login_data['user_password']); } else { $wrong_user_password = '******'; } } $template_variables['FailedLogins.List'] .= SucuriScanTemplate::get_snippet('lastlogins-failedlogins', array('FailedLogins.CssClass' => $css_class, 'FailedLogins.Num' => $login_data['attempt_count'], 'FailedLogins.Username' => SucuriScan::escape($login_data['user_login']), 'FailedLogins.Password' => $wrong_user_password, 'FailedLogins.RemoteAddr' => SucuriScan::escape($login_data['remote_addr']), 'FailedLogins.Datetime' => SucuriScan::datetime($login_data['attempt_time']), 'FailedLogins.UserAgent' => SucuriScan::escape($login_data['user_agent']))); $counter += 1; } } if ($counter > 0) { $template_variables['FailedLogins.NoItemsVisibility'] = 'hidden'; } $template_variables['FailedLogins.PaginationLinks'] = SucuriScanTemplate::get_pagination('%%SUCURI.URL.Lastlogins%%#failed-logins', $failed_logins['count'], $max_per_page); if ($failed_logins['count'] > $max_per_page) { $template_variables['FailedLogins.PaginationVisibility'] = 'visible'; } } $template_variables['FailedLogins.MaxFailedLogins'] = $max_failed_logins; if ($notify_bruteforce_attack == 'enabled') { $template_variables['FailedLogins.WarningVisibility'] = 'hidden'; } if (sucuriscan_collect_wrong_passwords() !== true) { $template_variables['FailedLogins.CollectPasswordsVisibility'] = 'hidden'; } return SucuriScanTemplate::get_section('lastlogins-failedlogins', $template_variables); }
/** * List the last-logins for all user accounts in the site. * * This page will contains information of all the logins of the registered users. * * @return string Last-logings for all user accounts. */ function sucuriscan_lastlogins_all() { $max_per_page = SUCURISCAN_LASTLOGINS_USERSLIMIT; $page_number = SucuriScanTemplate::get_page_number(); $offset = $max_per_page * $page_number - $max_per_page; $template_variables = array('UserList' => '', 'UserList.Limit' => $max_per_page, 'UserList.Total' => 0, 'UserList.Pagination' => '', 'UserList.PaginationVisibility' => 'hidden', 'UserList.NoItemsVisibility' => 'visible'); if (!sucuriscan_lastlogins_datastore_is_writable()) { SucuriScanInterface::error('Last-logins datastore file is not writable: <code>' . sucuriscan_lastlogins_datastore_filepath() . '</code>'); } $counter = 0; $last_logins = sucuriscan_get_logins($max_per_page, $offset); $template_variables['UserList.Total'] = $last_logins['total']; if ($last_logins['total'] > $max_per_page) { $template_variables['UserList.PaginationVisibility'] = 'visible'; } if ($last_logins['total'] > 0) { $template_variables['UserList.NoItemsVisibility'] = 'hidden'; } foreach ($last_logins['entries'] as $user) { $counter += 1; $css_class = $counter % 2 == 0 ? 'alternate' : ''; $user_dataset = array('UserList.Number' => $user->line_num, 'UserList.UserId' => $user->user_id, 'UserList.Username' => '<em>Unknown</em>', 'UserList.Displayname' => '', 'UserList.Email' => '', 'UserList.Registered' => '', 'UserList.RemoteAddr' => SucuriScan::escape($user->user_remoteaddr), 'UserList.Hostname' => SucuriScan::escape($user->user_hostname), 'UserList.Datetime' => SucuriScan::escape($user->user_lastlogin), 'UserList.TimeAgo' => SucuriScan::time_ago($user->user_lastlogin), 'UserList.UserURL' => admin_url('user-edit.php?user_id=' . $user->user_id), 'UserList.CssClass' => $css_class); if ($user->user_exists) { $user_dataset['UserList.Username'] = SucuriScan::escape($user->user_login); $user_dataset['UserList.Displayname'] = SucuriScan::escape($user->display_name); $user_dataset['UserList.Email'] = SucuriScan::escape($user->user_email); $user_dataset['UserList.Registered'] = SucuriScan::escape($user->user_registered); } $template_variables['UserList'] .= SucuriScanTemplate::get_snippet('lastlogins-all', $user_dataset); } // Generate the pagination for the list. $template_variables['UserList.Pagination'] = SucuriScanTemplate::get_pagination('%%SUCURI.URL.Lastlogins%%', $last_logins['total'], $max_per_page); return SucuriScanTemplate::get_section('lastlogins-all', $template_variables); }