function __construct() { // Get The Registry $this->_settings = AVH_FDAS_Settings::getInstance(); $this->_classes = AVH_FDAS_Classes::getInstance(); // Initialize the plugin $this->_core = $this->_classes->load_class('Core', 'plugin', true); $this->_ipcachedb = $this->_classes->load_class('DB', 'plugin', true); $this->screen = 'avh_f_d_a_s_page_avh_first_defense_against_spam_ip_cache_'; $default_status = get_user_option('avhfdas_ip_cache_list_last_view'); if (empty($default_status)) { $default_status = 'all'; } $status = isset($_REQUEST['avhfdas_ip_cache_list_status']) ? $_REQUEST['avhfdas_ip_cache_list_status'] : $default_status; if (!in_array($status, array('all', 'ham', 'spam', 'search'))) { $status = 'all'; } if ($status != $default_status && 'search' != $status) { update_user_meta(get_current_user_id(), 'avhfdas_ip_cache_list_last_view', $status); } if (AVH_Common::getWordpressVersion() >= 3.2) { parent::__construct(array('plural' => 'ips', 'singular' => 'ip', 'ajax' => true)); } else { parent::WP_List_Table(array('plural' => 'ips', 'singular' => 'ip', 'ajax' => true)); } }
/** * Get the user's IP * * @return string */ public static function getUserIp() { $ip = array(); foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (explode(',', $_SERVER[$key]) as $visitors_ip) { $ip[] = str_replace(' ', '', $visitors_ip); } } } // If for some strange reason we don't get an IP we return imemdiately with 0.0.0.0 if (empty($ip)) { return '0.0.0.0'; } $ip = array_values(array_unique($ip)); $return = null; // In PHP 5.3 and up the function filter_var can be used, much quicker as the regular expression check if (AVH_Common::isPHP('5.3')) { foreach ($ip as $i) { if (filter_var($i, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE)) { $return = $i; break; } } } else { $dec_octet = '(?:\\d|[1-9]\\d|1\\d\\d|2[0-4]\\d|25[0-5])'; $ip4_address = $dec_octet . '.' . $dec_octet . '.' . $dec_octet . '.' . $dec_octet; $match = array(); foreach ($ip as $i) { if (preg_match('/^' . $ip4_address . '$/', $i, $match)) { if (preg_match('/^(127\\.|10\\.|192\\.168\\.|172\\.((1[6-9])|(2[0-9])|(3[0-1]))\\.)/', $i)) { continue; } else { $return = $i; break; } } } } if (null === $return) { $return = '0.0.0.0'; } return $return; }
/** * Check the nonce field set with a comment. * * @WordPress Filter preprocess_comment * * @param mixed $commentdata * * @return mixed * @since 1.2 * */ public function filterCheckNonceFieldToComment($commentdata) { // When we're in Admin no need to check the nonce. if (!defined('WP_ADMIN') && !defined('XMLRPC_REQUEST')) { if (empty($commentdata['comment_type'])) { // If it's a trackback or pingback this has a value $nonce = wp_create_nonce('avh-first-defense-against-spam_' . $commentdata['comment_post_ID']); if (!wp_verify_nonce($_POST['_avh_first_defense_against_spam'], 'avh-first-defense-against-spam_' . $commentdata['comment_post_ID'])) { if (1 == $this->_core->getOptionElement('general', 'emailsecuritycheck')) { $to = get_option('admin_email'); $ip = AVH_Visitor::getUserIp(); $sfs_apikey = $this->_core->getOptionElement('sfs', 'sfsapikey'); $commentdata['comment_author_email'] = empty($commentdata['comment_author_email']) ? '*****@*****.**' : $commentdata['comment_author_email']; $subject = sprintf('[%s] AVH First Defense Against Spam - ' . __('Comment security check failed', 'avh-fdas'), wp_specialchars_decode(get_option('blogname'), ENT_QUOTES)); if (isset($_POST['_avh_first_defense_against_spam'])) { $message[] = __('Reason: The nonce check failed.', 'avh-fdas'); } else { $message[] = __('Reason: An attempt was made to directly access wp-comment-post.php', 'avh-fdas'); } $message[] = sprintf(__('Username: %s', 'avh-fdas'), $commentdata['comment_author']); $message[] = sprintf(__('Email: %s', 'avh-fdas'), $commentdata['comment_author_email']); $message[] = sprintf(__('IP: %s', 'avh-fdas'), $ip); $message[] = ''; $message[] = __('Comment trying to post:', 'avh-fdas'); $message[] = __('--- START OF COMMENT ---', 'avh-fdas'); $message[] = $commentdata['comment_content']; $message[] = __('--- END OF COMMENT ---', 'avh-fdas'); $message[] = ''; if ('' != $sfs_apikey && !empty($commentdata['comment_author_email'])) { $q['action'] = 'emailreportspammer'; $q['a'] = $commentdata['comment_author']; $q['e'] = $commentdata['comment_author_email']; $q['i'] = $ip; $q['_avhnonce'] = AVH_Security::createNonce($q['a'] . $q['e'] . $q['i']); $query = $this->_core->BuildQuery($q); $report_url = admin_url('admin.php?' . $query); $message[] = sprintf(__('Report spammer: %s'), $report_url); } $message[] = sprintf(__('For more information: http://www.stopforumspam.com/search?q=%s'), $ip); $blacklisturl = admin_url('admin.php?action=blacklist&i=') . $ip . '&_avhnonce=' . AVH_Security::createNonce($ip); $message[] = sprintf(__('Add to the local blacklist: %s'), $blacklisturl); AVH_Common::sendMail($to, $subject, $message, $this->_settings->getSetting('mail_footer')); } // Only keep track if we have the ability to report add Stop Forum Spam if ('' != $sfs_apikey && !empty($commentdata['comment_author_email'])) { // Prevent a spam attack to overflow the database. if (!$this->_checkDbNonces($q['_avhnonce'])) { $option = get_option($this->_core->getDbNonces()); $option[$q['_avhnonce']] = $q['a'] . $q['e'] . $q['i']; update_option($this->_core->getDbNonces(), $option); } } $m = __('<p>Cheating huh</p>', 'avh-fdas'); $m .= __('<p>Protected by: AVH First Defense Against Spam</p>', 'avh-fdas'); if ($this->_core->getOptionElement('php', 'usehoneypot')) { $m .= $this->_spamcheck->getHtmlHoneyPotUrl(); } wp_die($m); } } } return $commentdata; }
/** * Setup everything needed for the FAQ page * */ function actionLoadPageHook_faq() { add_meta_box('avhecBoxFAQ', __('F.A.Q.', 'avh-ec'), array(&$this, 'metaboxFAQ'), $this->hooks['menu_faq'], 'normal', 'core'); add_meta_box('avhecBoxTranslation', __('Translation', 'avh-ec'), array(&$this, 'metaboxTranslation'), $this->hooks['menu_faq'], 'normal', 'core'); if (AVH_Common::getWordpressVersion() >= 3.1) { add_screen_option('layout_columns', array('max' => 2, 'default' => 2)); } else { add_filter('screen_layout_columns', array(&$this, 'filterScreenLayoutColumns'), 10, 2); } // WordPress core Styles and Scripts wp_enqueue_script('common'); wp_enqueue_script('wp-lists'); wp_enqueue_script('postbox'); // WordPress core Styles wp_admin_css('css/dashboard'); // Plugin Style wp_enqueue_style('avhec-admin-css'); }
/** * Do the HTTP call to and report the spammer * * @param string $username * @param string $email * @param string $ip_addr */ private function _handleReportSpammer($username, $email, $ip_addr) { if (!empty($email)) { $url = 'http://www.stopforumspam.com/add.php'; $call = wp_remote_post($url, array('user-agent' => 'WordPress/AVH ' . AVH_FDAS_Define::PLUGIN_VERSION . '; ' . get_bloginfo('url'), 'body' => array('username' => $username, 'ip_addr' => $ip_addr, 'email' => $email, 'api_key' => $this->_core->getOptionElement('sfs', 'sfsapikey')))); if (is_wp_error($call) || 200 != $call['response']['code']) { $to = get_option('admin_email'); $subject = sprintf('[%s] AVH First Defense Against Spam - ' . __('Error reporting spammer', 'avh-fdas'), wp_specialchars_decode(get_option('blogname'), ENT_QUOTES)); if (is_wp_error($call)) { $message = $call->get_error_messages(); } else { $message[] = $call['body']; } AVH_Common::sendMail($to, $subject, $message, $this->_settings->getSetting('mail_footer')); } } }
/** * Creates a form label. * Label text is not automatically translated. * * echo Form::label('username', 'Username'); * * @param string $input target input * @param string $text label text * @param array $attributes html attributes * * @return string * @uses AVH_Common::attributes */ private function _label($input, $text = null, array $attributes = null) { if ($text === null) { // Use the input name as the text $text = ucwords(preg_replace('/[\\W_]+/', ' ', $input)); } // Set the label target $attributes['for'] = $input; return '<label' . AVH_Common::attributes($attributes) . '>' . $text . '</label>'; }
/** * Handle a spammer found in the IP cache * */ private function _handleSpammerCache() { if ($this->_core_options['ipcache']['email']) { // General part of the email $to = get_option('admin_email'); $subject = sprintf('[%s] AVH First Defense Against Spam - ' . __('Spammer detected [%s]', 'avh-fdas'), wp_specialchars_decode(get_option('blogname'), ENT_QUOTES), $this->_visiting_ip); $message = array(); $message[] = sprintf(__('Spam IP: %s', 'avh-fdas'), $this->_visiting_ip); $message[] = $this->_accessing; $message[] = ''; $message[] = __('IP exists in the cache', 'avh-fdas'); $message[] = ' ' . sprintf(__('Check took: %s', 'avh-fdas'), $this->_spaminfo['cache']['time']); $message[] = ''; // General End $blacklisturl = admin_url('admin.php?action=blacklist&i=') . $this->_visiting_ip . '&_avhnonce=' . AVH_Security::createNonce($this->_visiting_ip); $message[] = sprintf(__('Add to the local blacklist: %s'), $blacklisturl); AVH_Common::sendMail($to, $subject, $message, $this->_settings->getSetting('mail_footer')); } // Update the counter $this->_updateSpamCounter(); // Update Last seen value $this->_ipcachedb->updateIpCache(array('ip' => $this->_visiting_ip, 'lastseen' => current_time('mysql'))); // Terminate the connection $this->_doTerminateConnection(); }
private function _getSearchSql($string, $cols) { if (in_array('ip', $cols)) { $ip = esc_sql(AVH_Common::getIp2long($string)); } $string = esc_sql(like_escape($string)); $searches = array(); foreach ($cols as $col) { if ('ip' == $col) { $searches[] = "{$col} = '{$ip}'"; } $searches[] = "{$col} LIKE '%{$string}%'"; } return ' AND (' . implode(' OR ', $searches) . ')'; }
* GNU General Public License for more details. * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('AVH_FRAMEWORK')) { define('AVH_FRAMEWORK', true); } $_dir = dirname(__FILE__); $_basename = plugin_basename(__FILE__); require_once $_dir . '/libs/avh-registry.php'; require_once $_dir . '/libs/avh-common.php'; require_once $_dir . '/libs/avh-security.php'; require_once $_dir . '/libs/avh-visitor.php'; require_once $_dir . '/class/avh-fdas.registry.php'; require_once $_dir . '/class/avh-fdas.define.php'; if (AVH_Common::getWordpressVersion() >= 2.8) { $_classes = AVH_FDAS_Classes::getInstance(); $_classes->setDir($_dir); $_classes->setClassFilePrefix('avh-fdas.'); $_classes->setClassNamePrefix('AVH_FDAS_'); unset($_classes); $_settings = AVH_FDAS_Settings::getInstance(); $_settings->storeSetting('plugin_dir', $_dir); $_settings->storeSetting('plugin_basename', $_basename); require $_dir . '/avh-fdas.client.php'; } else { add_action('activate_' . AVH_FDAS_Define::PLUGIN_FILE, 'avh_fdas_remove_plugin'); } function avh_fdas_remove_plugin() { $active_plugins = (array) get_option('active_plugins');