protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
$diff = array_diff_assoc($this->settings, $previous_settings);
if (!empty($diff)) {
ITSEC_Response::regenerate_server_config();
}
if ($this->settings['write_permissions']) {
// Always set permissions to 0444 when saving the settings.
// This ensures that the file permissions are fixed each time the settings are saved.
$new_permissions = 0444;
} else {
if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) {
// Only revert the settings to the defaults when disabling the setting.
// This avoids changing the file permissions when the setting has yet to be enabled and disabled.
$new_permissions = 0664;
}
}
if (isset($new_permissions)) {
// Only change the permissions when needed.
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php';
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php';
$server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path();
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
ITSEC_Lib_File::chmod($server_config_file, $new_permissions);
ITSEC_Lib_File::chmod($wp_config_file, $new_permissions);
ITSEC_Response::reload_module('file-permissions');
}
}
/**
* Sanitize and validate input
*
* @param Array $input array of input fields
*
* @return Array Sanitized array
*/
public function sanitize_module_input( $input ) {
global $itsec_globals;
$input['protect_files'] = ( isset( $input['protect_files'] ) && intval( $input['protect_files'] == 1 ) ? true : false );
$input['directory_browsing'] = ( isset( $input['directory_browsing'] ) && intval( $input['directory_browsing'] == 1 ) ? true : false );
$input['request_methods'] = ( isset( $input['request_methods'] ) && intval( $input['request_methods'] == 1 ) ? true : false );
$input['suspicious_query_strings'] = ( isset( $input['suspicious_query_strings'] ) && intval( $input['suspicious_query_strings'] == 1 ) ? true : false );
$input['non_english_characters'] = ( isset( $input['non_english_characters'] ) && intval( $input['non_english_characters'] == 1 ) ? true : false );
$input['long_url_strings'] = ( isset( $input['long_url_strings'] ) && intval( $input['long_url_strings'] == 1 ) ? true : false );
$input['write_permissions'] = ( isset( $input['write_permissions'] ) && intval( $input['write_permissions'] == 1 ) ? true : false );
$input['wlwmanifest_header'] = ( isset( $input['wlwmanifest_header'] ) && intval( $input['wlwmanifest_header'] == 1 ) ? true : false );
$input['edituri_header'] = ( isset( $input['edituri_header'] ) && intval( $input['edituri_header'] == 1 ) ? true : false );
$input['theme_updates'] = ( isset( $input['theme_updates'] ) && intval( $input['theme_updates'] == 1 ) ? true : false );
$input['plugin_updates'] = ( isset( $input['plugin_updates'] ) && intval( $input['plugin_updates'] == 1 ) ? true : false );
$input['core_updates'] = ( isset( $input['core_updates'] ) && intval( $input['core_updates'] == 1 ) ? true : false );
$input['comment_spam'] = ( isset( $input['comment_spam'] ) && intval( $input['comment_spam'] == 1 ) ? true : false );
$input['file_editor'] = ( isset( $input['file_editor'] ) && intval( $input['file_editor'] == 1 ) ? true : false );
$input['disable_xmlrpc'] = isset( $input['disable_xmlrpc'] ) ? intval( $input['disable_xmlrpc'] ) : 0;
$input['allow_xmlrpc_multiauth'] = isset( $input['allow_xmlrpc_multiauth'] ) ? (bool) $input['allow_xmlrpc_multiauth'] : true;
$input['uploads_php'] = ( isset( $input['uploads_php'] ) && intval( $input['uploads_php'] == 1 ) ? true : false );
$input['safe_jquery'] = ( isset( $input['safe_jquery'] ) && intval( $input['safe_jquery'] == 1 ) ? true : false );
$input['login_errors'] = ( isset( $input['login_errors'] ) && intval( $input['login_errors'] == 1 ) ? true : false );
$input['force_unique_nicename'] = ( isset( $input['force_unique_nicename'] ) && intval( $input['force_unique_nicename'] == 1 ) ? true : false );
$input['disable_unused_author_pages'] = ( isset( $input['disable_unused_author_pages'] ) && intval( $input['disable_unused_author_pages'] == 1 ) ? true : false );
if ( ! isset( $this->settings['allow_xmlrpc_multiauth'] ) ) {
$this->settings['allow_xmlrpc_multiauth'] = null;
}
if (
( $input['protect_files'] !== $this->settings['protect_files'] ||
$input['directory_browsing'] !== $this->settings['directory_browsing'] ||
$input['request_methods'] !== $this->settings['request_methods'] ||
$input['suspicious_query_strings'] !== $this->settings['suspicious_query_strings'] ||
$input['non_english_characters'] !== $this->settings['non_english_characters'] ||
$input['comment_spam'] !== $this->settings['comment_spam'] ||
$input['disable_xmlrpc'] !== $this->settings['disable_xmlrpc'] ||
$input['allow_xmlrpc_multiauth'] !== $this->settings['allow_xmlrpc_multiauth'] ||
$input['uploads_php'] !== $this->settings['uploads_php']
) ||
isset( $itsec_globals['settings']['write_files'] ) && $itsec_globals['settings']['write_files'] === true
) {
add_site_option( 'itsec_rewrites_changed', true );
}
if ( $input['file_editor'] !== $this->settings['file_editor'] ) {
add_site_option( 'itsec_config_changed', true );
}
if ( $input['write_permissions'] === true ) {
// Always set permissions to 0444 when saving the settings.
// This ensures that the file permissions are fixed each time the settings are saved.
$new_permissions = 0444;
} else if ( $input['write_permissions'] !== $this->settings['write_permissions'] ) {
// Only revert the settings to the defaults when disabling the setting.
// This avoids changing the file permissions when the setting has yet to be enabled and disabled.
$new_permissions = 0664;
}
if ( isset( $new_permissions ) ) {
// Only change the permissions when needed.
require_once( trailingslashit( $GLOBALS['itsec_globals']['plugin_dir'] ) . 'core/lib/class-itsec-lib-config-file.php' );
require_once( trailingslashit( $GLOBALS['itsec_globals']['plugin_dir'] ) . 'core/lib/class-itsec-lib-file.php' );
$server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path();
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
ITSEC_Lib_File::chmod( $server_config_file, $new_permissions );
ITSEC_Lib_File::chmod( $wp_config_file, $new_permissions );
}
if ( is_multisite() ) {
$this->settings = $input;
}
return $input;
}
/**
* Change directory permissions.
*
* @since 1.15.0
*
* @param string $dir Full path to the directory to change permissions for.
* @param int $perms New permissions to set.
* @return bool|WP_Error Boolean true if successful, false if not successful, or WP_Error if the chmod() function
* is unavailable.
*/
public static function chmod( $dir, $perms ) {
return ITSEC_Lib_File::chmod( $dir, $perms );
}
