function block_selected_ips($entries)
{
global $wpdb, $aio_wp_security;
if (is_array($entries)) {
if (isset($_REQUEST['_wp_http_referer'])) {
//Let's go through each entry and block IP
foreach ($entries as $id) {
$ip_address = get_user_meta($id, 'aiowps_registrant_ip', true);
$result = AIOWPSecurity_Blocking::add_ip_to_block_list($ip_address, 'registration_spam');
if ($result === false) {
$aio_wp_security->debug_logger->log_debug("AIOWPSecurity_List_Registered_Users::block_selected_ips() - could not block IP : {$ip_address}", 4);
}
}
$msg = __('The selected IP addresses were successfully added to the permanent block list!', 'all-in-one-wp-security-and-firewall');
$msg .= ' <a href="admin.php?page=' . AIOWPSEC_MAIN_MENU_SLUG . '&tab=tab4" target="_blank">' . __('View Blocked IPs', 'all-in-one-wp-security-and-firewall') . '</a>';
AIOWPSecurity_Admin_Menu::show_msg_updated_st($msg);
}
} elseif ($entries != NULL) {
$nonce = isset($_GET['aiowps_nonce']) ? $_GET['aiowps_nonce'] : '';
if (!isset($nonce) || !wp_verify_nonce($nonce, 'block_ip')) {
$aio_wp_security->debug_logger->log_debug("Nonce check failed for block IP operation of registered user!", 4);
die(__('Nonce check failed for block IP operation of registered user!', 'all-in-one-wp-security-and-firewall'));
}
//Block single IP
$result = AIOWPSecurity_Blocking::add_ip_to_block_list($entries, 'registration_spam');
if ($result === true) {
$msg = __('The selected IP was successfully added to the permanent block list!', 'all-in-one-wp-security-and-firewall');
$msg .= ' <a href="admin.php?page=' . AIOWPSEC_MAIN_MENU_SLUG . '&tab=tab4" target="_blank">' . __('View Blocked IPs', 'all-in-one-wp-security-and-firewall') . '</a>';
AIOWPSecurity_Admin_Menu::show_msg_updated_st($msg);
} else {
$aio_wp_security->debug_logger->log_debug("AIOWPSecurity_List_Registered_Users::block_selected_ips() - could not block IP: {$entries}", 4);
}
}
}
/**
* Will check auto-spam blocking settings and will add IP to blocked table accordingly
* @param $comment_id
*/
function block_comment_ip($comment_id)
{
global $aio_wp_security, $wpdb;
$comment_obj = get_comment($comment_id);
$comment_ip = $comment_obj->comment_author_IP;
//Get number of spam comments from this IP
$sql = $wpdb->prepare("SELECT * FROM {$wpdb->comments}\n WHERE comment_approved = 'spam'\n AND comment_author_IP = %s\n ", $comment_ip);
$comment_data = $wpdb->get_results($sql, ARRAY_A);
$spam_count = count($comment_data);
$min_comment_before_block = $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments_block');
if (!empty($min_comment_before_block) && $spam_count >= $min_comment_before_block - 1) {
AIOWPSecurity_Blocking::add_ip_to_block_list($comment_ip, 'spam');
}
}
function prepare_items()
{
//First, lets decide how many records per page to show
$per_page = 20;
$columns = $this->get_columns();
$hidden = array();
$sortable = $this->get_sortable_columns();
$this->_column_headers = array($columns, $hidden, $sortable);
$this->process_bulk_action();
global $wpdb;
global $aio_wp_security;
$minimum_comments_per_ip = $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments');
if (empty($minimum_comments_per_ip)) {
$minimum_comments_per_ip = 5;
}
/* -- Ordering parameters -- */
//Parameters that are going to be used to order the result
isset($_GET["orderby"]) ? $orderby = strip_tags($_GET["orderby"]) : ($orderby = '');
isset($_GET["order"]) ? $order = strip_tags($_GET["order"]) : ($order = '');
$orderby = !empty($orderby) ? esc_sql($orderby) : 'amount';
$order = !empty($order) ? esc_sql($order) : 'DESC';
$orderby = AIOWPSecurity_Utility::sanitize_value_by_array($orderby, $sortable);
$order = AIOWPSecurity_Utility::sanitize_value_by_array($order, array('DESC' => '1', 'ASC' => '1'));
$sql = $wpdb->prepare("SELECT comment_author_IP, COUNT(*) AS amount\n FROM {$wpdb->comments} \n WHERE comment_approved = 'spam'\n GROUP BY comment_author_IP\n HAVING amount >= %d\n ORDER BY {$orderby} {$order}\n ", $minimum_comments_per_ip);
$data = $wpdb->get_results($sql, ARRAY_A);
//Get all permamnetly blocked IP addresses
$block_list = AIOWPSecurity_Blocking::get_list_blocked_ips();
if (!empty($block_list)) {
foreach ($data as $key => $value) {
if (in_array($value['comment_author_IP'], $block_list)) {
$data[$key]['status'] = 'blocked';
}
}
}
$current_page = $this->get_pagenum();
$total_items = count($data);
$data = array_slice($data, ($current_page - 1) * $per_page, $per_page);
$this->items = $data;
$this->set_pagination_args(array('total_items' => $total_items, 'per_page' => $per_page, 'total_pages' => ceil($total_items / $per_page)));
}
/**
* Will check the current visitor IP against the blocked table
* If IP present will block the visitor from viewing the site
*/
static function check_visitor_ip_and_perform_blocking()
{
global $aio_wp_security, $wpdb;
$visitor_ip = AIOWPSecurity_Utility_IP::get_user_ip_address();
$ip_type = WP_Http::is_ip_address($visitor_ip);
if (empty($ip_type)) {
$aio_wp_security->debug_logger->log_debug("do_general_ip_blocking_tasks: " . $visitor_ip . " is not a valid IP!", 4);
return;
}
//Check if this IP address is in the block list
$blocked = AIOWPSecurity_Blocking::is_ip_blocked($visitor_ip);
//TODO - future feature: add blocking whitelist and check
if (empty($blocked)) {
return;
//Visitor IP is not blocked - allow page to load
} else {
//block this visitor!!
AIOWPSecurity_Utility::redirect_to_url('http://127.0.0.1');
}
return;
}
