/** * Display a notice message with instructions to continue the setup of the * plugin, this includes the generation of the API key and other steps that need * to be done to fully activate this plugin. * * @return void */ public static function setup_notice() { if (current_user_can('manage_options') && SucuriScan::no_notices_here() === false && !SucuriScanAPI::get_plugin_key() && SucuriScanRequest::post(':plugin_api_key') === false && SucuriScanRequest::post(':recover_key') === false && !SucuriScanRequest::post(':manual_api_key')) { if (SucuriScanRequest::get(':dismiss_setup') !== false) { SucuriScanOption::update_option(':dismiss_setup', 'enabled'); } elseif (SucuriScanOption::is_enabled(':dismiss_setup')) { /* Do not display API key generation form. */ } else { echo SucuriScanTemplate::get_section('setup-notice'); echo SucuriScanTemplate::get_modal('setup-form', array('Visibility' => 'hidden', 'Title' => 'Sucuri API key generation', 'CssClass' => 'sucuriscan-setup-instructions')); } } }
/** * Gather all the checksums (aka. file hashes) of this site, send them, and * analyze them using the Sucuri Monitoring service, this will generate the * audit logs for this site and be part of the integrity checks. * * @param boolean $force_scan Whether the filesystem scan was forced by an administrator user or not. * @return boolean TRUE if the filesystem scan was successful, FALSE otherwise. */ public static function filesystem_scan($force_scan = false) { $minimum_runtime = SUCURISCAN_MINIMUM_RUNTIME; if (self::verify_run($minimum_runtime, $force_scan) && class_exists('SucuriScanFileInfo') && SucuriScanAPI::get_plugin_key()) { self::report_site_version(); $sucuri_fileinfo = new SucuriScanFileInfo(); $sucuri_fileinfo->scan_interface = SucuriScanOption::get_option(':scan_interface'); $signatures = $sucuri_fileinfo->get_directory_tree_md5(ABSPATH); if ($signatures) { $hashes_sent = SucuriScanAPI::send_hashes($signatures); if ($hashes_sent) { SucuriScanOption::update_option(':runtime', time()); return true; } else { SucuriScanInterface::error('The file hashes could not be stored.'); } } else { SucuriScanInterface::error('The file hashes could not be retrieved, the filesystem scan failed.'); } } return false; }
public static function timeoutPage($nonce) { $params = array(); // Update the SiteCheck timeout. if ($nonce) { $timeout = (int) SucuriScanRequest::post(':sitecheck_timeout', '[0-9]+'); if ($timeout > 0) { if ($timeout <= SUCURISCAN_MAX_SITECHECK_TIMEOUT) { $message = 'SiteCheck timeout set to <code>' . $timeout . '</code> seconds.'; SucuriScanOption::update_option(':sitecheck_timeout', $timeout); SucuriScanEvent::report_info_event($message); SucuriScanEvent::notify_event('plugin_change', $message); SucuriScanInterface::info($message); } else { SucuriScanInterface::error('SiteCheck timeout in seconds is too high.'); } } } $params['MaxRequestTimeout'] = SUCURISCAN_MAX_SITECHECK_TIMEOUT; $params['RequestTimeout'] = SucuriScanOption::get_option(':sitecheck_timeout') . ' seconds'; return SucuriScanTemplate::getSection('settings-sitecheck-timeout', $params); }
/** * Determine whether an API response was successful or not checking the expected * generic variables and types, in case of an error a notification will appears * in the administrator panel explaining the result of the operation. * * @param array $response Response object after the HTTP request is executed. * @return boolean Either true or false in case of success or failure of the API response (respectively). */ private static function handle_response($response = array()) { if ($response) { if ($response['body'] instanceof stdClass) { if (isset($response['body']->status)) { if ($response['body']->status == 1) { return true; } else { $action_message = 'Unknown error, there is no more information.'; // Check whether the message list is empty or not. if (isset($response['body']->messages[0])) { $action_message = $response['body']->messages[0] . '.'; } // Keep a copy of the original API response message. $raw_message = $action_message; // Special response for invalid API keys. if (stripos($raw_message, 'log file not found') !== false) { SucuriScanOption::delete_option(':api_key'); $action_message .= ' This generally happens when you add an invalid API key, the' . ' key will be deleted automatically to hide these warnings, if you want to' . ' recover it go to the settings page and use the recover button to send the' . ' key to your email address.'; } // Special response for invalid CloudProxy API keys. if (stripos($raw_message, 'wrong api key') !== false) { SucuriScanOption::delete_option(':cloudproxy_apikey'); SucuriScanOption::delete_option(':revproxy'); $action_message .= ' The CloudProxy API key does not seems to be valid.'; } // Special response for connection time outs. if (stripos($raw_message, 'timed out') !== false) { $current_timeout = SucuriScanOption::get_option(':request_timeout'); if ($current_timeout < 300) { SucuriScanOption::update_option(':request_timeout', 300); } $action_message .= ' This generally happens when the API service fails to respond' . ' in time, you currently have configured the plugin to discard the network' . ' connection after ' . $current_timeout . ' seconds. Wait a few minutes until' . ' the issue is resolved by itself, or change the timeout limit from the general' . ' settings page of the plugin, the option is named "API request timeout".'; } // Stop SSL peer verification on connection failures. if (stripos($raw_message, 'no alternative certificate') || stripos($raw_message, 'error setting certificate')) { SucuriScanOption::update_option(':verify_ssl_cert', 'false'); $action_message .= 'There were some issues with the SSL certificate either in this' . ' server or with the remote API service. The automatic verification of the' . ' certificates has been deactivated to reduce the noise during the execution' . ' of the HTTP requests.'; } SucuriScanInterface::error(sprintf('(%d) %s: %s', SucuriScan::local_time(), ucwords($response['body']->action), $action_message)); } } else { SucuriScanInterface::error('Could not determine the status of an API call.'); } } else { $error_message = 'non JSON-encoded response.'; if (isset($response['response']) && isset($response['response']['message']) && isset($response['response']['code']) && $response['response']['code'] !== 200) { $error_message = sprintf('(%s) %s', $response['response']['code'], $response['response']['message']); } SucuriScanInterface::error('Malformed API response: ' . $error_message); } } return false; }