public static function startScan()
{
wssLog(__METHOD__ . '() triggered ' . PHP_EOL . str_repeat('=', 50));
$settings = WsdWPScanSettings::getSettings();
$scanID = $settings['SCAN_ID'];
$scanState = $settings['SCAN_STATE'];
$scanProgress = $settings['SCAN_PROGRESS'];
$scanResult = $settings['SCAN_RESULT'];
$scanType = $settings['SCAN_TYPE'];
self::$_scanID = $scanID;
wssLog('SCAN DATA', array('$scanID' => $scanID, '$scanState' => $scanState, '$scanProgress' => $scanProgress, '$scanResult' => $scanResult, '$scanType' => $scanType));
// if scan id == 0 there is no scan registered
if (empty($scanID)) {
$failReason = "Internal Error: No scan ID provided.";
wssLog('No scan ID. Ignoring the scan start request.');
self::stopScan(false, $failReason);
return false;
}
//#! if scan state is none
if ($scanState == WsdWPScanSettings::SCAN_STATE_NONE) {
wssLog('Invalid scan state. Ignoring the scan start request.', array('state' => 'SCAN_STATE_NONE'));
return false;
}
//#! if scan in progress
if ($scanState == WsdWPScanSettings::SCAN_STATE_IN_PROGRESS) {
wssLog('Scan is running. Ignoring the scan start request.', array('state' => 'SCAN_STATE_IN_PROGRESS', 'progress' => $scanProgress));
return false;
}
//#! Start scan
//=============================
global $wp_version;
wssLog('WordPress version installed:', array('version' => $wp_version));
if (empty($wp_version)) {
$failReason = __("Could not retrieve the WordPress version.", WpsSettings::TEXT_DOMAIN);
wssLog('Invalid WordPress version detected.');
self::stopScan(false, $failReason);
return false;
}
wssLog('Starting scan.', array('ID' => self::$_scanID));
@ignore_user_abort(true);
@set_time_limit(WpsSettings::WPS_MAX_TIME_EXEC_LIMIT);
//#! update scan state
WsdWPScanSettings::updateSetting('SCAN_STATE', WsdWPScanSettings::SCAN_STATE_IN_PROGRESS);
//#! Request the json file from server depending on the current WP version
$json = null;
$url = WpsSettings::getJsonRepoUrl() . "{$wp_version}.json";
wssLog('Retrieving json file.', array('path' => $url));
$c = @file_get_contents($url);
if (empty($c)) {
$reason = sprintf(__("Error retrieving the json file from server for the detected WordPress version: %s. Scan aborted.", WpsSettings::TEXT_DOMAIN), $wp_version);
wssLog($reason);
self::stopScan(false, $reason);
return false;
} else {
$data = json_decode($c);
wssLog('Json file retrieved from path: ' . $url);
if (is_null($data)) {
$failReason = __('Error decoding the json file. The file might be empty or corrupted.', WpsSettings::TEXT_DOMAIN);
wssLog($failReason, array('path' => $url));
self::stopScan(false, $failReason);
return false;
}
//#! Ensure file is valid
if (isset($data->root) && isset($data->wp_admin) && isset($data->wp_content) && isset($data->wp_includes)) {
$rootFiles = $data->root;
$wpAdminFiles = $data->wp_admin;
$wpContentFiles = $data->wp_content;
$wpIncludesFiles = $data->wp_includes;
if (empty($rootFiles) || empty($wpAdminFiles) || empty($wpContentFiles) || empty($wpIncludesFiles)) {
$failReason = __('Invalid json file retrieved from server.', WpsSettings::TEXT_DOMAIN);
wssLog($failReason, array('path' => $url));
self::stopScan(false, $failReason);
return false;
}
//#! mark as ok for GC
$data = null;
$now = time();
$h24 = 24 * 60 * 60;
$since = 0;
if ($scanType == 0) {
$since = strtotime('midnight');
} elseif ($scanType == 1) {
$since = $now - $h24;
} elseif ($scanType == 2) {
$since = $now - 2 * $h24;
} elseif ($scanType == 3) {
$since = $now - 3 * $h24;
} elseif ($scanType == 4) {
$since = $now - 4 * $h24;
} elseif ($scanType == 5) {
$since = $now - 5 * $h24;
} elseif ($scanType == 6) {
$since = $now - 6 * $h24;
} elseif ($scanType == 7) {
$since = $now - 7 * $h24;
} elseif ($scanType == 8) {
$since = strtotime("-1 months") - $h24 - $now;
}
WsdWPScanSettings::updateSetting('SCAN_PROGRESS', WsdWPScanSettings::SCAN_PROGRESS_ROOT, true);
self::_checkFiles(ABSPATH, $rootFiles, $since, true);
wssLog("root directory scan complete");
WsdWPScanSettings::updateSetting('SCAN_PROGRESS', WsdWPScanSettings::SCAN_PROGRESS_ADMIN);
self::_checkFiles(ABSPATH . 'wp-admin/', $wpAdminFiles, $since, false, false, true);
wssLog("wp-admin directory scan complete");
WsdWPScanSettings::updateSetting('SCAN_PROGRESS', WsdWPScanSettings::SCAN_PROGRESS_CONTENT);
self::_checkFiles(ABSPATH . 'wp-content/', $wpContentFiles, $since, false, true);
wssLog("wp-content directory scan complete");
WsdWPScanSettings::updateSetting('SCAN_PROGRESS', WsdWPScanSettings::SCAN_PROGRESS_INCLUDES);
self::_checkFiles(ABSPATH . 'wp-includes/', $wpIncludesFiles, $since);
wssLog("wp-includes directory scan complete");
//#! Mark scan as completed
self::stopScan(true);
return true;
} else {
$failReason = __('Invalid json file retrieved from server.', WpsSettings::TEXT_DOMAIN);
wssLog($failReason, array('path' => $url));
self::stopScan(false, $failReason);
return false;
}
}
}
} elseif (2 == $result) {
$eInfo['error'] = "Internal Error: could not retrieve the ID for the last added scan.";
} elseif (3 === $result) {
$eInfo['message'] = "Scan successfully registered. It should start in approximately 1 minute. You can come back later on to check on its status.";
$scanSettings = WsdWPScanSettings::getSettings();
$scanProgress = $scanSettings['SCAN_PROGRESS'];
$scanState = $scanSettings['SCAN_STATE'];
$scanType = $scanSettings['SCAN_TYPE'];
$enableSubmit = false;
}
} else {
$eInfo['error'] = "Invalid form.";
}
}
} else {
$scanSettings = WsdWPScanSettings::getSettings();
$scanProgress = $scanSettings['SCAN_PROGRESS'];
$scanState = $scanSettings['SCAN_STATE'];
$scanType = $scanSettings['SCAN_TYPE'];
$enableSubmit = in_array($scanState, array(WsdWPScanSettings::SCAN_STATE_DONE, WsdWPScanSettings::SCAN_STATE_NONE)) ? true : false;
}
//#! Whether or not to show the scan form
$showScanForm = !(isset($_GET) && !empty($_GET['scan']));
?>
<style type="text/css">
.wsdplugin_alert_section_title{ float: none; clear: both; padding: 0 0 !important; }
.wsdplugin_alert_section_title p { font-size: 14px; margin: 10px 7px; line-height: normal; }
#wpCoreScanWrapper, #wpCoreScanReportWrapper { margin: 0 0; display: block; clear: both; }
#wpScanForm { margin-top: 25px;}
#scanStateWrapper {margin-top: 35px;}
[class^="icon-"], [class*=" icon-"] { margin-top: 0 !important;}