/**
* @return CSecurityEvent
*/
public static function getInstance()
{
if (is_null(self::$instance)) {
self::$instance = new static();
}
return self::$instance;
}
/**
* @return CSecurityEvent
*/
public static function getInstance()
{
if (is_null(self::$instance)) {
self::$instance = new CSecurityEvent();
}
return self::$instance;
}
/**
* Return WAF events count for Admin's informer popup and Admin's gadget
* @param string $timestampX - from date
* @return integer
*/
public static function GetEventsCount($timestampX = '')
{
return CSecurityEvent::getInstance()->getEventsCount($timestampX);
}
<?php
$module_id = "security";
CModule::IncludeModule($module_id);
/**
* @global CUser $USER
* @global CMain $APPLICATION
**/
$canRead = $USER->CanDoOperation('security_module_settings_read');
$canWrite = $USER->CanDoOperation('security_module_settings_write');
if ($canRead || $canWrite) {
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/options.php");
IncludeModuleLangFile(__FILE__);
$arSyslogFacilities = array("reference_id" => array_keys(CSecurityEvent::getSyslogFacilities()), "reference" => CSecurityEvent::getSyslogFacilities());
$arSyslogPriorities = array("reference_id" => array_keys(CSecurityEvent::getSyslogPriorities()), "reference" => CSecurityEvent::getSyslogPriorities());
$arAllOptions = array(array("", GetMessage("SEC_OPTIONS_IPCHECK"), array("heading")), array("ipcheck_allow_self_block", GetMessage("SEC_OPTIONS_IPCHECK_ALLOW_SELF_BLOCK"), array("checkbox")), array("ipcheck_disable_file", GetMessage("SEC_OPTIONS_IPCHECK_DISABLE_FILE"), array("text", 45)), array("", GetMessage("SEC_OPTIONS_EVENTS"), array("heading")), array("security_event_format", GetMessage("SEC_OPTIONS_EVENT_FORMAT"), array("text", 60)), array("security_event_userinfo_format", GetMessage("SEC_OPTIONS_EVENT_USERINFO_FORMAT"), array("text", 60)), array("security_event_db_active", GetMessage("SEC_OPTIONS_EVENT_DB_ACTIVE"), array("checkbox")), array("security_event_syslog_active", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_ACTIVE"), array("checkbox")), array("security_event_syslog_facility", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_FACILITY"), array("selectbox", $arSyslogFacilities)), array("security_event_syslog_priority", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_PRIORITY"), array("selectbox", $arSyslogPriorities)), array("security_event_file_active", GetMessage("SEC_OPTIONS_EVENT_FILE_ACTIVE"), array("checkbox")), array("security_event_file_path", GetMessage("SEC_OPTIONS_EVENT_FILE_PATH"), array("text", 45)));
$aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB_SET"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_SET")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB_RIGHTS"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_RIGHTS")));
$tabControl = new CAdminTabControl("tabControl", $aTabs);
if ($_SERVER["REQUEST_METHOD"] == "POST" && $_REQUEST["Update"] . $_REQUEST["Apply"] . $_REQUEST["RestoreDefaults"] != "" && $canWrite && check_bitrix_sessid()) {
if ($_REQUEST["RestoreDefaults"] != "") {
COption::RemoveOption($module_id);
} else {
foreach ($arAllOptions as $arOption) {
$name = $arOption[0];
$val = trim($_REQUEST[$name], " \t\n\r");
$type = $arOption[2][0];
if ($type === 'heading') {
continue;
}
if ($type === 'checkbox' && $val != 'Y') {
$val = 'N';
public static function BeforeLocalRedirect(&$url, $skip_security_check)
{
//This define will be used on buffer end handler
if(!defined("BX_SECURITY_LOCAL_REDIRECT"))
// define("BX_SECURITY_LOCAL_REDIRECT", true);
if(array_key_exists("LOCAL_REDIRECTS", $_SESSION))
{
if($_SESSION["LOCAL_REDIRECTS"]["C"] == 0 && strlen($_SESSION["LOCAL_REDIRECTS"]["R"]) == 0)
$_SESSION["LOCAL_REDIRECTS"]["R"] = $_SERVER["HTTP_REFERER"];
$_SESSION["LOCAL_REDIRECTS"]["C"]++;
}
else
{
$_SESSION["LOCAL_REDIRECTS"] = array("C" => 1, "R" => $_SERVER["HTTP_REFERER"]);
}
if($skip_security_check)
return;
/** global CMain $APPLICATION */
global $APPLICATION;
$url_l = str_replace(array("\r", "\n"), "", $url);
//In case of absolute url will check if server to be redirected is our
$bSkipCheck = false;
if(preg_match("/^(http|https):\\/\\/(.*?)\\//i", $url_l, $arMatch))
{
if(defined("BX24_HOST_NAME"))
{
$arSite = array(
"SERVER_NAME" => BX24_HOST_NAME,
"DOMAINS" => ""
);
}
elseif(defined("SITE_ID"))
{
$rsSite = CSite::GetByID(SITE_ID);
$arSite = $rsSite->Fetch();
}
else
{
$arSite = false;
}
if($arSite)
{
if($arMatch[2] === $arSite["SERVER_NAME"])
{
$bSkipCheck = true;
}
elseif($arSite["DOMAINS"])
{
$arDomains = explode("\n", str_replace("\r", "\n", $arSite["DOMAINS"]));
foreach($arDomains as $domain)
{
$domain = trim($domain, " \t\n\r");
if(strlen($domain) > 0)
{
if($domain === substr($arMatch[2], -strlen($domain)))
{
$bSkipCheck = true;
break;
}
}
}
}
}
}
if(!$bSkipCheck && preg_match("/^(http|https|ftp):\\/\\//i", $url_l))
{
$good = true;
if($_SESSION["LOCAL_REDIRECTS"]["C"] > 1)
$REFERER_TO_CHECK = $_SESSION["LOCAL_REDIRECTS"]["R"];
else
$REFERER_TO_CHECK = $_SERVER["HTTP_REFERER"];
if($good && COption::GetOptionString("security", "redirect_referer_check") == "Y")
{
$good &= strlen($REFERER_TO_CHECK) > 0;
}
if($good && strlen($REFERER_TO_CHECK) > 0 && COption::GetOptionString("security", "redirect_referer_site_check") == "Y")
{
$valid_site = ($APPLICATION->IsHTTPS()? "https://": "http://").$_SERVER['HTTP_HOST']."/";
$good &= strpos($REFERER_TO_CHECK, $valid_site) === 0;
}
if($good && COption::GetOptionString("security", "redirect_href_sign") == "Y")
{
$sid = COption::GetOptionString("security", "redirect_sid").$_SERVER["REMOTE_ADDR"];
$good &= md5($sid.":".$url) === $_GET["af"];
}
if(!$good)
{
global $APPLICATION;
if(COption::GetOptionString("security", "redirect_log") == "Y")
CSecurityEvent::getInstance()->doLog(
"SECURITY",
"SECURITY_REDIRECT",
$APPLICATION->GetCurPage(),
$url
);
if(COption::GetOptionString("security", "redirect_action") == "show_message")
{
$timeout = intval(COption::GetOptionString("security", "redirect_message_timeout"));
if($timeout <= 0)
$timeout = 30;
$mess = COption::GetOptionString("security", "redirect_message_warning_".LANGUAGE_ID);
if(strlen($mess) <= 0)
$mess = COption::GetOptionString("security", "redirect_message_warning");
$charset = COption::GetOptionString("security", "redirect_message_charset");
if(strlen($mess) <= 0)
{
$mess = CSecurityRedirect::GetDefaultMessage();
$charset = LANG_CHARSET;
}
$html_mess = str_replace("+", "+", htmlspecialcharsbx($mess));
$url = htmlspecialcharsbx($url);
$html_url = '<nobr><a href="'.$url.'">'.$url.'</a></nobr>';
$html_mess = str_replace("#URL#", $html_url, $html_mess);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?echo $charset?>" />
<meta http-equiv="Refresh" content="<?php
echo $timeout;
?>
; URL=<?php
echo $url;
?>
">
<meta name="robots" content="none" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/adminstyles.css" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/404.css" />
</head>
<body>
<script>if(document.location!=top.location)top.location=document.location;</script>
<div class="error-404">
<table class="error-404" border="0" cellpadding="0" cellspacing="0" align="center">
<tbody><tr class="top">
<td class="left"><div class="empty"></div></td>
<td><div class="empty"></div></td>
<td class="right"><div class="empty"></div></td>
</tr>
<tr>
<td class="left"><div class="empty"></div></td>
<td class="content">
<div class="description">
<table cellpadding="0" cellspacing="0">
<tbody><tr>
<td><div class="icon"></div></td>
<td><?php
echo $html_mess;
?>
</td>
</tr>
</tbody></table>
</div>
</td>
<td class="right"><div class="empty"></div></td>
</tr>
<tr class="bottom">
<td class="left"><div class="empty"></div></td>
<td><div class="empty"></div></td>
<td class="right"><div class="empty"></div></td>
</tr>
</tbody></table>
</div>
</body>
</html>
<?
die();
}
else
{
$url = COption::GetOptionString("security", "redirect_url");
}
}
}
}
/**
* @param $name
* @param $value
* @param $sourceScript
* @return mixed
*/
protected function logVariable($name, $value, $sourceScript)
{
if (defined("ANTIVIRUS_CREATE_TRACE")) {
$this->CreateTrace($name, $value, $sourceScript);
}
return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_XSS2", $name, $value);
}
/**
* @param string $host
* @return bool
*/
protected function log($host)
{
return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_HOST_RESTRICTION', 'HTTP_HOST', $host);
}
<?php
$module_id = "security";
$RIGHT_R = $USER->CanDoOperation('security_module_settings_read');
$RIGHT_W = $USER->CanDoOperation('security_module_settings_write');
if ($RIGHT_R || $RIGHT_W) {
IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/options.php");
IncludeModuleLangFile(__FILE__);
$arSyslogFacilities = array();
$arSyslogFacilities['reference_id'] = array_keys(CSecurityEvent::getSyslogFacilities());
$arSyslogFacilities['reference'] = array_values(CSecurityEvent::getSyslogFacilities());
$arSyslogPriorities = array();
$arSyslogPriorities['reference_id'] = array_keys(CSecurityEvent::getSyslogPriorities());
$arSyslogPriorities['reference'] = array_values(CSecurityEvent::getSyslogPriorities());
$arAllOptions = array(array("", GetMessage("SEC_OPTIONS_IPCHECK") . " ", array("heading")), array("ipcheck_allow_self_block", GetMessage("SEC_OPTIONS_IPCHECK_ALLOW_SELF_BLOCK") . " ", array("checkbox")), array("ipcheck_disable_file", GetMessage("SEC_OPTIONS_IPCHECK_DISABLE_FILE") . " ", array("text", 45)), array("", GetMessage("SEC_OPTIONS_EVENTS") . " ", array("heading")), array("security_event_collect_user_info", GetMessage("SEC_OPTIONS_EVENT_COLLECT_USER_INFO") . " ", array("checkbox")), array("security_event_db_active", GetMessage("SEC_OPTIONS_EVENT_DB_ACTIVE") . " ", array("checkbox")), array("security_event_syslog_active", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_ACTIVE") . " ", array("checkbox")), array("security_event_syslog_facility", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_FACILITY") . " ", array("selectbox", $arSyslogFacilities)), array("security_event_syslog_priority", GetMessage("SEC_OPTIONS_EVENT_SYSLOG_PRIORITY") . " ", array("selectbox", $arSyslogPriorities)), array("security_event_file_active", GetMessage("SEC_OPTIONS_EVENT_FILE_ACTIVE") . " ", array("checkbox")), array("security_event_file_path", GetMessage("SEC_OPTIONS_EVENT_FILE_PATH") . " ", array("text", 45)));
$aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("MAIN_TAB_SET"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_SET")), array("DIV" => "edit2", "TAB" => GetMessage("MAIN_TAB_RIGHTS"), "ICON" => "security_settings", "TITLE" => GetMessage("MAIN_TAB_TITLE_RIGHTS")));
$tabControl = new CAdminTabControl("tabControl", $aTabs);
CModule::IncludeModule($module_id);
if ($REQUEST_METHOD == "POST" && strlen($Update . $Apply . $RestoreDefaults) > 0 && $RIGHT_W && check_bitrix_sessid()) {
if (strlen($RestoreDefaults) > 0) {
COption::RemoveOption($module_id);
} else {
foreach ($arAllOptions as $arOption) {
$name = $arOption[0];
$val = trim($_REQUEST[$name], " \t\n\r");
if ($arOption[2][0] == "checkbox" && $val != "Y") {
$val = "N";
}
COption::SetOptionString($module_id, $name, $val, $arOption[1]);
}
}
/**
* @param string $value
* @param string $name
* @param string $auditorName
* @return bool
*/
protected static function logVariable($value, $name, $auditorName)
{
return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_FILTER_' . $auditorName, $name, $value);
}
/**
* @param string $pValue
* @param string $pName
* @param string $pAuditorName
* @return bool
*/
protected static function logVariable($pValue, $pName, $pAuditorName)
{
return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_" . $pAuditorName, $pName, "==" . base64_encode($pValue));
}
