public function onAfterInitialise()
{
$ip = AtsystemUtilFilter::getIp();
$continents = $this->cparams->getValue('geoblockcontinents', '');
$continents = empty($continents) ? array() : explode(',', $continents);
$countries = $this->cparams->getValue('geoblockcountries', '');
$countries = empty($countries) ? array() : explode(',', $countries);
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
$continent = $geoip->getContinent($ip);
if (empty($country)) {
$country = '(unknown country)';
}
if (empty($continent)) {
$continent = '(unknown continent)';
}
if ($continent && !empty($continents) && in_array($continent, $continents)) {
$extraInfo = 'Continent : ' . $continent;
$this->exceptionsHandler->blockRequest('geoblocking', null, $extraInfo);
}
if ($country && !empty($countries) && in_array($country, $countries)) {
$extraInfo = 'Country : ' . $country;
$this->exceptionsHandler->blockRequest('geoblocking', null, $extraInfo);
}
}
public function updategeoip()
{
if ($this->csrfProtection) {
$this->_csrfProtection();
}
// Load the GeoIP library if it's not already loaded
if (!class_exists('AkeebaGeoipProvider')) {
if (@file_exists(JPATH_PLUGINS . '/system/akgeoip/lib/akgeoip.php')) {
if (@(include_once JPATH_PLUGINS . '/system/akgeoip/lib/vendor/autoload.php')) {
@(include_once JPATH_PLUGINS . '/system/akgeoip/lib/akgeoip.php');
}
}
}
$geoip = new AkeebaGeoipProvider();
$result = $geoip->updateDatabase();
$url = 'index.php?option=com_admintools';
if ($result === true) {
$msg = JText::_('ATOOLS_GEOBLOCK_MSG_DOWNLOADEDGEOIPDATABASE');
$this->setRedirect($url, $msg);
} else {
$this->setRedirect($url, $result, 'error');
}
}
/**
* Returns the country of the current user using GeoIP detection, as long as we can get their IP from the server,
* the GeoIP Provider plugin is installed and returns results for that IP.
*
* @return string The country code or "XX" when no detection was possible.
*/
private function getCountryFromGeoIP()
{
$country = 'XX';
// If the GeoIP provider is not loaded return "XX" (no country detected)
if (!class_exists('AkeebaGeoipProvider')) {
return $country;
}
// Get the IP from the server
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0';
// If we have a newer FOF version, use it to get the correct IP address of the client
if (class_exists('F0FUtilsIp')) {
$ip = F0FUtilsIp::getIp();
}
// Use GeoIP to detect the country
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
// If detection failed, return "XX" (no country detected)
if (empty($country)) {
$country = 'XX';
}
return $country;
}
/**
* Sends an email upon accessing an administrator page other than the login screen
*/
public function onAfterInitialise()
{
$user = JFactory::getUser();
// Check if the session flag is set (avoid sending thousands of emails!)
$session = JFactory::getSession();
$flag = $session->get('waf.loggedin', 0, 'plg_admintools');
if ($flag == 1) {
return;
}
// Load the component's administrator translation files
$jlang = JFactory::getLanguage();
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, 'en-GB', true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, $jlang->getDefault(), true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, null, true);
// Get the username
$username = $user->username;
// Get the site name
$config = JFactory::getConfig();
if (version_compare(JVERSION, '3.0', 'ge')) {
$sitename = $config->get('sitename');
} else {
$sitename = $config->getValue('config.sitename');
}
// Get the IP address
$ip = AtsystemUtilFilter::getIp();
if (strpos($ip, '::') === 0 && strstr($ip, '.') !== false) {
$ip = substr($ip, strrpos($ip, ':') + 1);
}
$country = '';
$continent = '';
if (class_exists('AkeebaGeoipProvider')) {
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
$continent = $geoip->getContinent($ip);
}
if (empty($country)) {
$country = '(unknown country)';
}
if (empty($continent)) {
$continent = '(unknown continent)';
}
// Construct the replacement table
$substitutions = array('[SITENAME]' => $sitename, '[USERNAME]' => $username, '[IP]' => $ip, '[UASTRING]' => $_SERVER['HTTP_USER_AGENT'], '[COUNTRY]' => $country, '[CONTINENT]' => $continent);
$subject = JText::_('ATOOLS_LBL_WAF_EMAILADMINLOGIN_SUBJECT_21');
$body = JText::_('ATOOLS_LBL_WAF_EMAILADMINLOGIN_BODY_21');
foreach ($substitutions as $k => $v) {
$subject = str_replace($k, $v, $subject);
$body = str_replace($k, $v, $body);
}
// Send the email
$mailer = JFactory::getMailer();
$mailfrom = $config->get('mailfrom');
$fromname = $config->get('fromname');
$recipients = explode(',', $this->cparams->getValue('emailonadminlogin', ''));
$recipients = array_map('trim', $recipients);
foreach ($recipients as $recipient) {
$mailer->setSender(array($mailfrom, $fromname));
$mailer->addRecipient($recipient);
$mailer->setSubject($subject);
$mailer->setBody($body);
$mailer->Send();
}
// Set the flag to prevent sending more emails
$session->set('waf.loggedin', 1, 'plg_admintools');
}
/**
* Processes the form data and creates a new subscription
*/
public function createNewSubscription()
{
// Fetch state and validation variables
$this->setState('opt', '');
$state = $this->getStateVariables();
$validation = $this->getValidation();
// Mark this subscription attempt in the session
JFactory::getSession()->set('apply_validation.' . $state->id, 1, 'com_akeebasubs');
// Step #1.a. Check that the form is valid
// ----------------------------------------------------------------------
$isValid = $this->isValid();
if (!$isValid) {
return false;
}
// Step #1.b. Check that the subscription level is allowed
// ----------------------------------------------------------------------
// Is this actually an allowed subscription level?
$allowedLevels = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->only_once(1)->enabled(1)->getItemList();
$allowed = false;
if (count($allowedLevels)) {
foreach ($allowedLevels as $l) {
if ($l->akeebasubs_level_id == $state->id) {
$allowed = true;
break;
}
}
}
if (!$allowed) {
return false;
}
// Fetch the level's object, used later on
$level = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->getItem($state->id);
// Step #2. Check that the payment plugin exists or return false
// ----------------------------------------------------------------------
$plugins = $this->getPaymentPlugins();
$found = false;
if (!empty($plugins)) {
foreach ($plugins as $plugin) {
if ($plugin->name == $state->paymentmethod) {
$found = true;
break;
}
}
}
if (!$found) {
return false;
}
// Reset the session flag, so that future registrations will merge the
// data from the database
JFactory::getSession()->set('firstrun', true, 'com_akeebasubs');
// Step #2.b. Apply block rules in the Professional release
// ----------------------------------------------------------------------
if (F0FModel::getTmpInstance('Blockrules', 'AkeebasubsModel')->isBlocked($state)) {
throw new Exception(JText::_('JLIB_APPLICATION_ERROR_ACCESS_FORBIDDEN'), 403);
}
// Step #3. Create or update a user record
// ----------------------------------------------------------------------
$user = JFactory::getUser();
$this->setState('user', $user);
$userIsSaved = $this->updateUserInfo(true, $level);
if (!$userIsSaved) {
return false;
} else {
$user = $this->getState('user', $user);
}
// Store the user's ID in the session
$session = JFactory::getSession();
$session->set('subscribes.user_id', $user->id, 'com_akeebasubs');
// Step #4. Create or add user extra fields
// ----------------------------------------------------------------------
// Find an existing record
$dummy = $this->saveCustomFields();
// Step #5. Check for existing subscription records and calculate the subscription expiration date
// ----------------------------------------------------------------------
// First, the question: is this level part of a group?
$haveLevelGroup = false;
if ($level->akeebasubs_levelgroup_id > 0) {
// Is the level group published?
$levelGroup = F0FModel::getTmpInstance('Levelgroups', 'AkeebasubsModel')->getItem($level->akeebasubs_levelgroup_id);
if ($levelGroup instanceof F0FTable) {
$haveLevelGroup = $levelGroup->enabled;
}
}
if ($haveLevelGroup) {
// We have a level group. Get all subscriptions for all levels in
// the group.
$subscriptions = array();
$levelsInGroup = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->levelgroup($level->akeebasubs_levelgroup_id)->getList(true);
foreach ($levelsInGroup as $l) {
$someSubscriptions = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->user_id($user->id)->level($l->akeebasubs_level_id)->paystate('C')->getList(true);
if (count($someSubscriptions)) {
$subscriptions = array_merge($subscriptions, $someSubscriptions);
}
}
} else {
// No level group found. Get subscriptions on the same level.
$subscriptions = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->user_id($user->id)->level($state->id)->paystate('C')->getList(true);
}
$jNow = new JDate();
$now = $jNow->toUnix();
$mNow = $jNow->toSql();
if (empty($subscriptions)) {
$startDate = $now;
} else {
$startDate = $now;
foreach ($subscriptions as $row) {
// Only take into account paid-for subscriptions
if ($row->state != 'C') {
continue;
}
// Calculate the expiration date
$jDate = new JDate($row->publish_down);
$expiryDate = $jDate->toUnix();
// If the subscription expiration date is earlier than today, ignore it
if ($expiryDate < $now) {
continue;
}
// If the previous subscription's expiration date is later than the current start date,
// update the start date to be one second after that.
if ($expiryDate > $startDate) {
$startDate = $expiryDate + 1;
}
// Also mark the old subscription as "communicated". We don't want
// to spam our users with subscription renewal notices or expiration
// notification after they have effectively renewed!
F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->setId($row->akeebasubs_subscription_id)->getItem()->save(array('contact_flag' => 3));
}
}
// Step #6. Create a new subscription record
// ----------------------------------------------------------------------
$nullDate = JFactory::getDbo()->getNullDate();
$level = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->setId($state->id)->getItem();
if ($level->forever) {
$jStartDate = new JDate();
$endDate = '2038-01-01 00:00:00';
} elseif (!is_null($level->fixed_date) && $level->fixed_date != $nullDate) {
$jStartDate = new JDate();
$endDate = $level->fixed_date;
} else {
$jStartDate = new JDate($startDate);
// Subscription duration (length) modifiers, via plugins
$duration_modifier = 0;
JLoader::import('joomla.plugin.helper');
JPluginHelper::importPlugin('akeebasubs');
$app = JFactory::getApplication();
$jResponse = $app->triggerEvent('onValidateSubscriptionLength', array($state));
if (is_array($jResponse) && !empty($jResponse)) {
foreach ($jResponse as $pluginResponse) {
if (empty($pluginResponse)) {
continue;
}
$duration_modifier += $pluginResponse;
}
}
// Calculate the effective duration
$duration = (int) $level->duration + $duration_modifier;
if ($duration <= 0) {
$duration = 0;
}
$duration = $duration * 3600 * 24;
$endDate = $startDate + $duration;
}
$mStartDate = $jStartDate->toSql();
$jEndDate = new JDate($endDate);
$mEndDate = $jEndDate->toSql();
// Store the price validation's "oldsub" and "expiration" keys in
// the subscriptions subcustom array
$subcustom = $state->subcustom;
if (empty($subcustom)) {
$subcustom = array();
} elseif (is_object($subcustom)) {
$subcustom = (array) $subcustom;
}
$priceValidation = $this->validatePrice();
$subcustom['fixdates'] = array('oldsub' => $priceValidation->oldsub, 'allsubs' => $priceValidation->allsubs, 'expiration' => $priceValidation->expiration);
// Serialise custom subscription parameters
$custom_subscription_params = json_encode($subcustom);
// Get the IP address
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0';
if (class_exists('F0FUtilsIp', true)) {
$ip = F0FUtilsIp::getIp();
}
// Get the country from the IP address if the Akeeba GeoIP Provider Plugin is installed and activated
$ip_country = '(Unknown)';
if (class_exists('AkeebaGeoipProvider')) {
$geoip = new AkeebaGeoipProvider();
$ip_country = $geoip->getCountryName($ip);
if (empty($ip_country)) {
$ip_country = '(Unknown)';
}
}
// Setup the new subscription
$data = array('akeebasubs_subscription_id' => null, 'user_id' => $user->id, 'akeebasubs_level_id' => $state->id, 'publish_up' => $mStartDate, 'publish_down' => $mEndDate, 'notes' => '', 'enabled' => $validation->price->gross < 0.01 ? 1 : 0, 'processor' => $validation->price->gross < 0.01 ? 'none' : $state->paymentmethod, 'processor_key' => $validation->price->gross < 0.01 ? $this->_uuid(true) : '', 'state' => $validation->price->gross < 0.01 ? 'C' : 'N', 'net_amount' => $validation->price->net - $validation->price->discount, 'tax_amount' => $validation->price->tax, 'gross_amount' => $validation->price->gross, 'recurring_amount' => $validation->price->recurring, 'tax_percent' => $validation->price->taxrate, 'created_on' => $mNow, 'params' => $custom_subscription_params, 'ip' => $ip, 'ip_country' => $ip_country, 'akeebasubs_coupon_id' => $validation->price->couponid, 'akeebasubs_upgrade_id' => $validation->price->upgradeid, 'contact_flag' => 0, 'prediscount_amount' => $validation->price->net, 'discount_amount' => $validation->price->discount, 'first_contact' => '0000-00-00 00:00:00', 'second_contact' => '0000-00-00 00:00:00', 'akeebasubs_affiliate_id' => 0, 'affiliate_comission' => 0);
$subscription = F0FModel::getTmpInstance('Subscriptions', 'AkeebasubsModel')->getTable();
$subscription->reset();
$subscription->akeebasubs_subscription_id = 0;
$subscription->_dontCheckPaymentID = true;
$result = $subscription->save($data);
$this->_item = $subscription;
// Step #7. Hit the coupon code, if a coupon is indeed used
// ----------------------------------------------------------------------
if ($validation->price->couponid) {
F0FModel::getTmpInstance('Coupons', 'AkeebasubsModel')->setId($validation->price->couponid)->getItem()->hit();
}
// Step #8. Clear the session
// ----------------------------------------------------------------------
$session = JFactory::getSession();
$session->set('validation_cache_data', null, 'com_akeebasubs');
$session->set('apply_validation.' . $state->id, null, 'com_akeebasubs');
// Step #9. Call the specific plugin's onAKPaymentNew() method and get the redirection URL,
// or redirect immediately on auto-activated subscriptions
// ----------------------------------------------------------------------
if ($subscription->gross_amount != 0) {
// Non-zero charges; use the plugins
$app = JFactory::getApplication();
$jResponse = $app->triggerEvent('onAKPaymentNew', array($state->paymentmethod, $user, $level, $subscription));
if (empty($jResponse)) {
return false;
}
foreach ($jResponse as $response) {
if ($response === false) {
continue;
}
$this->paymentForm = $response;
}
} else {
// Zero charges. First apply subscription replacement
if (!class_exists('plgAkpaymentAbstract')) {
require_once JPATH_ADMINISTRATOR . '/components/com_akeebasubs/assets/akpayment.php';
}
$updates = array();
plgAkpaymentAbstract::fixSubscriptionDates($subscription, $updates);
if (!empty($updates)) {
$result = $subscription->save($updates);
$this->_item = $subscription;
}
// and then just redirect
$app = JFactory::getApplication();
$slug = F0FModel::getTmpInstance('Levels', 'AkeebasubsModel')->setId($subscription->akeebasubs_level_id)->getItem()->slug;
$app->redirect(str_replace('&', '&', JRoute::_('index.php?option=com_akeebasubs&layout=default&view=message&slug=' . $slug . '&layout=order&subid=' . $subscription->akeebasubs_subscription_id)));
return false;
}
// Return true
// ----------------------------------------------------------------------
return true;
}
/**
* Checks if an IP address should be automatically banned for raising too many security exceptions over a predefined
* time period.
*
* @param string $reason The reason of the ban
*
* @return void
*/
public function autoBan($reason = 'other')
{
// We need to be able to get our own IP, right?
if (!function_exists('inet_pton')) {
return;
}
// Get the IP
$ip = AtsystemUtilFilter::getIp();
// No point continuing if we can't get an address, right?
if (empty($ip) || $ip == '0.0.0.0') {
return;
}
// Check for repeat offenses
$db = JFactory::getDBO();
$strikes = $this->cparams->getValue('tsrstrikes', 3);
$numfreq = $this->cparams->getValue('tsrnumfreq', 1);
$frequency = $this->cparams->getValue('tsrfrequency', 'hour');
$mindatestamp = 0;
switch ($frequency) {
case 'second':
break;
case 'minute':
$numfreq *= 60;
break;
case 'hour':
$numfreq *= 3600;
break;
case 'day':
$numfreq *= 86400;
break;
case 'ever':
$mindatestamp = 946706400;
// January 1st, 2000
break;
}
JLoader::import('joomla.utilities.date');
$jNow = new JDate();
if ($mindatestamp == 0) {
$mindatestamp = $jNow->toUnix() - $numfreq;
}
$jMinDate = new JDate($mindatestamp);
$minDate = $jMinDate->toSql();
$sql = $db->getQuery(true)->select('COUNT(*)')->from($db->qn('#__admintools_log'))->where($db->qn('logdate') . ' >= ' . $db->q($minDate))->where($db->qn('ip') . ' = ' . $db->q($ip));
$db->setQuery($sql);
try {
$numOffenses = $db->loadResult();
} catch (Exception $e) {
$numOffenses = 0;
}
if ($numOffenses < $strikes) {
return;
}
// Block the IP
$myIP = @inet_pton($ip);
if ($myIP === false) {
return;
}
$myIP = inet_ntop($myIP);
$until = $jNow->toUnix();
$numfreq = $this->cparams->getValue('tsrbannum', 1);
$frequency = $this->cparams->getValue('tsrbanfrequency', 'hour');
switch ($frequency) {
case 'second':
$until += $numfreq;
break;
case 'minute':
$numfreq *= 60;
$until += $numfreq;
break;
case 'hour':
$numfreq *= 3600;
$until += $numfreq;
break;
case 'day':
$numfreq *= 86400;
$until += $numfreq;
break;
case 'ever':
$until = 2145938400;
// January 1st, 2038 (mind you, UNIX epoch runs out on January 19, 2038!)
break;
}
JLoader::import('joomla.utilities.date');
$jMinDate = new JDate($until);
$minDate = $jMinDate->toSql();
$record = (object) array('ip' => $myIP, 'reason' => $reason, 'until' => $minDate);
// If I'm here it means that we have to ban the user. Let's see if this is a simple autoban or
// we have to issue a permaban as a result of several attacks
if ($this->cparams->getValue('permaban', 0)) {
// Ok I have to check the number of autoban
$query = $db->getQuery(true)->select('COUNT(*)')->from($db->qn('#__admintools_ipautobanhistory'))->where($db->qn('ip') . ' = ' . $db->q($myIP));
try {
$bans = $db->setQuery($query)->loadResult();
} catch (Exception $e) {
$bans = 0;
}
$limit = (int) $this->cparams->getValue('permabannum', 0);
if ($limit && $bans >= $limit) {
$block = (object) array('ip' => $myIP, 'description' => 'IP automatically blocked after being banned automatically ' . $bans . ' times');
$db->insertObject('#__admintools_ipblock', $block);
}
}
$db->insertObject('#__admintools_ipautoban', $record);
// Send an optional email
if ($this->cparams->getValue('emailafteripautoban', '')) {
// Load the component's administrator translation files
$jlang = JFactory::getLanguage();
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, 'en-GB', true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, $jlang->getDefault(), true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, null, true);
// Get the site name
$config = JFactory::getConfig();
$sitename = $config->get('sitename');
$country = '';
$continent = '';
if (class_exists('AkeebaGeoipProvider')) {
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
$continent = $geoip->getContinent($ip);
}
if (empty($country)) {
$country = '(unknown country)';
}
if (empty($continent)) {
$continent = '(unknown continent)';
}
$uri = JURI::getInstance();
$url = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port', 'path', 'query', 'fragment'));
$ip_link = $this->cparams->getValue('iplookupscheme', 'http') . '://' . $this->cparams->getValue('iplookup', 'ip-lookup.net/index.php?ip={ip}');
$ip_link = str_replace('{ip}', $ip, $ip_link);
$substitutions = array('[SITENAME]' => $sitename, '[REASON]' => JText::_('COM_ADMINTOOLS_EMAILTEMPLATE_REASON_IPAUTOBAN'), '[DATE]' => gmdate('Y-m-d H:i:s') . " GMT", '[URL]' => $url, '[USER]' => '', '[IP]' => $ip, '[LOOKUP]' => '<a href="' . $ip_link . '">IP Lookup</a>', '[COUNTRY]' => $country, '[CONTINENT]' => $continent, '[UA]' => $_SERVER['HTTP_USER_AGENT'], '[UNTIL]' => $minDate);
// Load the component's administrator translation files
$jlang = JFactory::getLanguage();
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, 'en-GB', true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, $jlang->getDefault(), true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, null, true);
// Let's get the most suitable email template
$template = $this->getEmailTemplate('ipautoban');
// Got no template, the user didn't published any email template, or the template doesn't want us to
// send a notification email. Anyway, let's stop here.
if (!$template) {
return;
} else {
$subject = $template[0];
$body = $template[1];
}
foreach ($substitutions as $k => $v) {
$subject = str_replace($k, $v, $subject);
$body = str_replace($k, $v, $body);
}
// Send the email
$mailer = JFactory::getMailer();
$mailfrom = $config->get('mailfrom');
$fromname = $config->get('fromname');
$mailer->isHtml(true);
$mailer->setSender(array($mailfrom, $fromname));
$mailer->addRecipient($this->cparams->getValue('emailafteripautoban', ''));
$mailer->setSubject($subject);
$mailer->setBody($body);
$mailer->Send();
}
}
/**
* Logs security exceptions
*
* @param string $reason Block reason code
* @param string $extraLogInformation Extra information to be written to the text log file
* @param string $extraLogTableInformation Extra information to be written to the extradata field of the log table (useful for JSON format)
*
* @return bool
*/
public function logBreaches($reason, $extraLogInformation = '', $extraLogTableInformation = '')
{
$reasons_nolog = $this->cparams->getValue('reasons_nolog', 'geoblocking');
$reasons_noemail = $this->cparams->getValue('reasons_noemail', 'geoblocking');
$whitelist_domains = $this->cparams->getValue('whitelist_domains', '.googlebot.com,.search.msn.com');
$reasons_nolog = explode(',', $reasons_nolog);
$reasons_noemail = explode(',', $reasons_noemail);
$whitelist_domains = explode(',', $whitelist_domains);
// === SANITY CHECK - BEGIN ===
// Get our IP address
$ip = AtsystemUtilFilter::getIp();
if (strpos($ip, '::') === 0 && strstr($ip, '.') !== false) {
$ip = substr($ip, strrpos($ip, ':') + 1);
}
// No point continuing if we can't get an address, right?
if (empty($ip) || $ip == '0.0.0.0') {
return false;
}
// Make sure it's not an IP in the safe list
$safeIPs = $this->cparams->getValue('neverblockips', '');
if (!empty($safeIPs)) {
$safeIPs = explode(',', $safeIPs);
if (!empty($safeIPs)) {
if (AtsystemUtilFilter::IPinList($safeIPs)) {
return false;
}
}
}
// Make sure we don't have a list in the administrator white list
if ($this->cparams->getValue('ipwl', 0) == 1) {
$db = JFactory::getDBO();
$sql = $db->getQuery(true)->select($db->qn('ip'))->from($db->qn('#__admintools_adminiplist'));
$db->setQuery($sql);
try {
if (version_compare(JVERSION, '3.0', 'ge')) {
$ipTable = $db->loadColumn();
} else {
$ipTable = $db->loadResultArray();
}
} catch (Exception $e) {
$ipTable = null;
}
if (!empty($ipTable)) {
if (AtsystemUtilFilter::IPinList($ipTable)) {
return false;
}
}
}
// Make sure this IP doesn't resolve to a whitelisted domain
if (!empty($whitelist_domains)) {
$remote_domain = @gethostbyaddr($ip);
if (!empty($remote_domain)) {
foreach ($whitelist_domains as $domain) {
$domain = trim($domain);
if (strrpos($remote_domain, $domain) !== false) {
return true;
}
}
}
}
// === SANITY CHECK - END ===
// DO I have any kind of log? Let's get some extra info
if ($this->cparams->getValue('logbreaches', 0) && !in_array($reason, $reasons_nolog) || $this->cparams->getValue('emailbreaches', '') && !in_array($reason, $reasons_noemail)) {
$uri = JURI::getInstance();
$url = $uri->toString(array('scheme', 'user', 'pass', 'host', 'port', 'path', 'query', 'fragment'));
JLoader::import('joomla.utilities.date');
$date = new JDate();
$user = JFactory::getUser();
if ($user->guest) {
$username = '******';
} else {
$username = $user->username . ' (' . $user->name . ' <' . $user->email . '>)';
}
$country = '';
$continent = '';
if (class_exists('AkeebaGeoipProvider')) {
$geoip = new AkeebaGeoipProvider();
$country = $geoip->getCountryCode($ip);
$continent = $geoip->getContinent($ip);
}
if (empty($country)) {
$country = '(unknown country)';
}
if (empty($continent)) {
$continent = '(unknown continent)';
}
}
if ($this->cparams->getValue('logbreaches', 0) && !in_array($reason, $reasons_nolog)) {
// Logging to file
$config = JFactory::getConfig();
if (version_compare(JVERSION, '3.0', 'ge')) {
$logpath = $config->get('log_path');
} else {
$logpath = $config->getValue('log_path');
}
$fname = $logpath . DIRECTORY_SEPARATOR . 'admintools_breaches.log';
// -- Check the file size. If it's over 1Mb, archive and start a new log.
if (@file_exists($fname)) {
$fsize = filesize($fname);
if ($fsize > 1048756) {
if (@file_exists($fname . '.1')) {
unlink($fname . '.1');
}
@copy($fname, $fname . '.1');
@unlink($fname);
}
}
// -- Log the exception
$fp = @fopen($fname, 'at');
if ($fp !== false) {
fwrite($fp, str_repeat('-', 79) . "\n");
fwrite($fp, "Blocking reason: " . $reason . "\n" . str_repeat('-', 79) . "\n");
fwrite($fp, 'Date/time : ' . gmdate('Y-m-d H:i:s') . " GMT\n");
fwrite($fp, 'URL : ' . $url . "\n");
fwrite($fp, 'User : '******'IP : ' . $ip . "\n");
fwrite($fp, 'Country : ' . $country . "\n");
fwrite($fp, 'Continent : ' . $continent . "\n");
fwrite($fp, 'UA : ' . $_SERVER['HTTP_USER_AGENT'] . "\n");
if (!empty($extraLogInformation)) {
fwrite($fp, $extraLogInformation . "\n");
}
fwrite($fp, "\n\n");
fclose($fp);
}
// ...and write a record to the log table
$db = JFactory::getDBO();
$logEntry = (object) array('logdate' => $date->toSql(), 'ip' => $ip, 'url' => $url, 'reason' => $reason, 'extradata' => $extraLogTableInformation);
try {
$db->insertObject('#__admintools_log', $logEntry);
} catch (Exception $e) {
// Do nothing if the query fails
}
}
$emailbreaches = $this->cparams->getValue('emailbreaches', '');
if (!empty($emailbreaches) && !in_array($reason, $reasons_noemail)) {
// Load the component's administrator translation files
$jlang = JFactory::getLanguage();
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, 'en-GB', true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, $jlang->getDefault(), true);
$jlang->load('com_admintools', JPATH_ADMINISTRATOR, null, true);
// Get the site name
$config = JFactory::getConfig();
if (version_compare(JVERSION, '3.0', 'ge')) {
$sitename = $config->get('sitename');
} else {
$sitename = $config->getValue('config.sitename');
}
// Create a link to lookup the IP
$ip_link = $this->cparams->getValue('iplookupscheme', 'http') . '://' . $this->cparams->getValue('iplookup', 'ip-lookup.net/index.php?ip={ip}');
$ip_link = str_replace('{ip}', $ip, $ip_link);
// Get the reason in human readable format
$txtReason = JText::_('ATOOLS_LBL_REASON_' . strtoupper($reason));
// Get extra information
if ($extraLogTableInformation) {
list($logReason, ) = explode('|', $extraLogTableInformation);
$txtReason .= " ({$logReason})";
}
// Send the email
$mailer = JFactory::getMailer();
if (version_compare(JVERSION, '3.0', 'ge')) {
$mailfrom = $config->get('mailfrom');
$fromname = $config->get('fromname');
} else {
$mailfrom = $config->getValue('config.mailfrom');
$fromname = $config->getValue('config.fromname');
}
// Let's get the most suitable email template
$template = $this->getEmailTemplate($reason);
// Got no template, the user didn't published any email template, or the template doesn't want us to
// send a notification email. Anyway, let's stop here
if (!$template) {
return true;
} else {
$subject = $template[0];
$body = $template[1];
}
$tokens = array('[SITENAME]' => $sitename, '[REASON]' => $txtReason, '[DATE]' => gmdate('Y-m-d H:i:s') . " GMT", '[URL]' => $url, '[USER]' => $username, '[IP]' => $ip, '[LOOKUP]' => '<a href="' . $ip_link . '">IP Lookup</a>', '[COUNTRY]' => $country, '[CONTINENT]' => $continent, '[UA]' => $_SERVER['HTTP_USER_AGENT']);
$subject = str_replace(array_keys($tokens), array_values($tokens), $subject);
$body = str_replace(array_keys($tokens), array_values($tokens), $body);
$recipients = explode(',', $emailbreaches);
$recipients = array_map('trim', $recipients);
foreach ($recipients as $recipient) {
$mailer->isHtml(true);
$mailer->setSender(array($mailfrom, $fromname));
$mailer->addRecipient($recipient);
$mailer->setSubject($subject);
$mailer->setBody($body);
$mailer->Send();
}
}
return true;
}
public function check()
{
if (empty($this->user_id)) {
$user = $this->container->platform->getUser();
$this->user_id = $user->id;
}
if (empty($this->item_id)) {
// Yeah, I know, the Model shouldn't access the input directly but this saves us a lot of code in the
// front-end models where we're logging downloads.
$this->item_id = $this->input->getInt('id', 0);
}
if (empty($this->accessed_on) || $this->accessed_on == '0000-00-00 00:00:00') {
\JLoader::import('joomla.utilities.date');
$date = new \JDate();
$this->accessed_on = $date->toSql();
}
if (empty($this->referer)) {
if (isset($_SERVER['HTTP_REFERER'])) {
$this->referer = $_SERVER['HTTP_REFERER'];
}
}
if (empty($this->ip)) {
$this->ip = Ip::getIp();
if (class_exists('\\AkeebaGeoipProvider')) {
$geoip = new \AkeebaGeoipProvider();
$this->country = $geoip->getCountryCode($this->ip);
}
}
return parent::check();
}
