/**
* Return WAF events count for Admin's informer popup and Admin's gadget
* @param string $timestampX - from date
* @return integer
*/
public static function GetEventsCount($timestampX = '')
{
return CSecurityEvent::getInstance()->getEventsCount($timestampX);
}
public static function BeforeLocalRedirect(&$url, $skip_security_check)
{
//This define will be used on buffer end handler
if(!defined("BX_SECURITY_LOCAL_REDIRECT"))
// define("BX_SECURITY_LOCAL_REDIRECT", true);
if(array_key_exists("LOCAL_REDIRECTS", $_SESSION))
{
if($_SESSION["LOCAL_REDIRECTS"]["C"] == 0 && strlen($_SESSION["LOCAL_REDIRECTS"]["R"]) == 0)
$_SESSION["LOCAL_REDIRECTS"]["R"] = $_SERVER["HTTP_REFERER"];
$_SESSION["LOCAL_REDIRECTS"]["C"]++;
}
else
{
$_SESSION["LOCAL_REDIRECTS"] = array("C" => 1, "R" => $_SERVER["HTTP_REFERER"]);
}
if($skip_security_check)
return;
/** global CMain $APPLICATION */
global $APPLICATION;
$url_l = str_replace(array("\r", "\n"), "", $url);
//In case of absolute url will check if server to be redirected is our
$bSkipCheck = false;
if(preg_match("/^(http|https):\\/\\/(.*?)\\//i", $url_l, $arMatch))
{
if(defined("BX24_HOST_NAME"))
{
$arSite = array(
"SERVER_NAME" => BX24_HOST_NAME,
"DOMAINS" => ""
);
}
elseif(defined("SITE_ID"))
{
$rsSite = CSite::GetByID(SITE_ID);
$arSite = $rsSite->Fetch();
}
else
{
$arSite = false;
}
if($arSite)
{
if($arMatch[2] === $arSite["SERVER_NAME"])
{
$bSkipCheck = true;
}
elseif($arSite["DOMAINS"])
{
$arDomains = explode("\n", str_replace("\r", "\n", $arSite["DOMAINS"]));
foreach($arDomains as $domain)
{
$domain = trim($domain, " \t\n\r");
if(strlen($domain) > 0)
{
if($domain === substr($arMatch[2], -strlen($domain)))
{
$bSkipCheck = true;
break;
}
}
}
}
}
}
if(!$bSkipCheck && preg_match("/^(http|https|ftp):\\/\\//i", $url_l))
{
$good = true;
if($_SESSION["LOCAL_REDIRECTS"]["C"] > 1)
$REFERER_TO_CHECK = $_SESSION["LOCAL_REDIRECTS"]["R"];
else
$REFERER_TO_CHECK = $_SERVER["HTTP_REFERER"];
if($good && COption::GetOptionString("security", "redirect_referer_check") == "Y")
{
$good &= strlen($REFERER_TO_CHECK) > 0;
}
if($good && strlen($REFERER_TO_CHECK) > 0 && COption::GetOptionString("security", "redirect_referer_site_check") == "Y")
{
$valid_site = ($APPLICATION->IsHTTPS()? "https://": "http://").$_SERVER['HTTP_HOST']."/";
$good &= strpos($REFERER_TO_CHECK, $valid_site) === 0;
}
if($good && COption::GetOptionString("security", "redirect_href_sign") == "Y")
{
$sid = COption::GetOptionString("security", "redirect_sid").$_SERVER["REMOTE_ADDR"];
$good &= md5($sid.":".$url) === $_GET["af"];
}
if(!$good)
{
global $APPLICATION;
if(COption::GetOptionString("security", "redirect_log") == "Y")
CSecurityEvent::getInstance()->doLog(
"SECURITY",
"SECURITY_REDIRECT",
$APPLICATION->GetCurPage(),
$url
);
if(COption::GetOptionString("security", "redirect_action") == "show_message")
{
$timeout = intval(COption::GetOptionString("security", "redirect_message_timeout"));
if($timeout <= 0)
$timeout = 30;
$mess = COption::GetOptionString("security", "redirect_message_warning_".LANGUAGE_ID);
if(strlen($mess) <= 0)
$mess = COption::GetOptionString("security", "redirect_message_warning");
$charset = COption::GetOptionString("security", "redirect_message_charset");
if(strlen($mess) <= 0)
{
$mess = CSecurityRedirect::GetDefaultMessage();
$charset = LANG_CHARSET;
}
$html_mess = str_replace("+", "+", htmlspecialcharsbx($mess));
$url = htmlspecialcharsbx($url);
$html_url = '<nobr><a href="'.$url.'">'.$url.'</a></nobr>';
$html_mess = str_replace("#URL#", $html_url, $html_mess);
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?echo $charset?>" />
<meta http-equiv="Refresh" content="<?php
echo $timeout;
?>
; URL=<?php
echo $url;
?>
">
<meta name="robots" content="none" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/adminstyles.css" />
<link rel="stylesheet" type="text/css" href="/bitrix/themes/.default/404.css" />
</head>
<body>
<script>if(document.location!=top.location)top.location=document.location;</script>
<div class="error-404">
<table class="error-404" border="0" cellpadding="0" cellspacing="0" align="center">
<tbody><tr class="top">
<td class="left"><div class="empty"></div></td>
<td><div class="empty"></div></td>
<td class="right"><div class="empty"></div></td>
</tr>
<tr>
<td class="left"><div class="empty"></div></td>
<td class="content">
<div class="description">
<table cellpadding="0" cellspacing="0">
<tbody><tr>
<td><div class="icon"></div></td>
<td><?php
echo $html_mess;
?>
</td>
</tr>
</tbody></table>
</div>
</td>
<td class="right"><div class="empty"></div></td>
</tr>
<tr class="bottom">
<td class="left"><div class="empty"></div></td>
<td><div class="empty"></div></td>
<td class="right"><div class="empty"></div></td>
</tr>
</tbody></table>
</div>
</body>
</html>
<?
die();
}
else
{
$url = COption::GetOptionString("security", "redirect_url");
}
}
}
}
/**
* @param $name
* @param $value
* @param $sourceScript
* @return mixed
*/
protected function logVariable($name, $value, $sourceScript)
{
if (defined("ANTIVIRUS_CREATE_TRACE")) {
$this->CreateTrace($name, $value, $sourceScript);
}
return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_XSS2", $name, $value);
}
/**
* @param string $host
* @return bool
*/
protected function log($host)
{
return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_HOST_RESTRICTION', 'HTTP_HOST', $host);
}
/**
* @param string $value
* @param string $name
* @param string $auditorName
* @return bool
*/
protected static function logVariable($value, $name, $auditorName)
{
return \CSecurityEvent::getInstance()->doLog('SECURITY', 'SECURITY_FILTER_' . $auditorName, $name, $value);
}
/**
* @param string $pValue
* @param string $pName
* @param string $pAuditorName
* @return bool
*/
protected static function logVariable($pValue, $pName, $pAuditorName)
{
return CSecurityEvent::getInstance()->doLog("SECURITY", "SECURITY_FILTER_" . $pAuditorName, $pName, "==" . base64_encode($pValue));
}
