/**
* Process the requests sent by the form submissions originated in the integrity
* page, all forms must have a nonce field that will be checked against the one
* generated in the template render function.
*
* @return void
*/
function sucuriscan_integrity_form_submissions()
{
if (SucuriScanInterface::check_nonce()) {
// Force the execution of the filesystem scanner.
if (SucuriScanRequest::post(':force_scan') !== false) {
SucuriScanEvent::notify_event('plugin_change', 'Filesystem scan forced at: ' . date('r'));
SucuriScanEvent::filesystem_scan(true);
sucuriscan_core_files_data(true);
}
// Restore, Remove, Mark as fixed the core files.
$action = SucuriScanRequest::post(':integrity_action');
if ($action !== false) {
if (SucuriScanRequest::post(':process_form') == 1) {
if ($action == 'fixed' || $action == 'delete' || $action == 'restore') {
$cache = new SucuriScanCache('integrity');
$core_files = SucuriScanRequest::post(':corefiles', '_array');
$files_selected = count($core_files);
$files_affected = array();
$files_processed = 0;
$action_titles = array('restore' => 'Core file restored', 'delete' => 'Non-core file deleted', 'fixed' => 'Core file marked as fixed');
if ($core_files) {
$delimiter = '@';
$parts_count = 2;
foreach ($core_files as $file_meta) {
if (strpos($file_meta, $delimiter)) {
$parts = explode($delimiter, $file_meta, $parts_count);
if (count($parts) === $parts_count) {
$file_path = $parts[1];
$status_type = $parts[0];
// Do not use realpath as the file may not exists.
$full_path = ABSPATH . '/' . $file_path;
switch ($action) {
case 'restore':
$file_content = SucuriScanAPI::getOriginalCoreFile($file_path);
if ($file_content) {
$restored = @file_put_contents($full_path, $file_content);
$files_processed += $restored ? 1 : 0;
$files_affected[] = $full_path;
}
break;
case 'fixed':
$cache_key = md5($file_path);
$cache_value = array('file_path' => $file_path, 'file_status' => $status_type, 'ignored_at' => time());
$cached = $cache->add($cache_key, $cache_value);
$files_processed += $cached ? 1 : 0;
$files_affected[] = $full_path;
break;
case 'delete':
if (@unlink($full_path)) {
$files_processed += 1;
$files_affected[] = $full_path;
}
break;
}
}
}
}
// Report files affected as a single event.
if (!empty($files_affected)) {
$message_tpl = count($files_affected) > 1 ? '%s: (multiple entries): %s' : '%s: %s';
$message = sprintf($message_tpl, $action_titles[$action], @implode(',', $files_affected));
switch ($action) {
case 'restore':
SucuriScanEvent::report_info_event($message);
break;
case 'delete':
SucuriScanEvent::report_notice_event($message);
break;
case 'fixed':
SucuriScanEvent::report_warning_event($message);
break;
}
}
SucuriScanInterface::info(sprintf('<b>%d</b> out of <b>%d</b> files were successfully processed.', $files_processed, $files_selected));
} else {
SucuriScanInterface::error('No files were selected.');
}
} else {
SucuriScanInterface::error('Action requested is not supported.');
}
} else {
SucuriScanInterface::error('You need to confirm that you understand the risk of this operation.');
}
}
}
}
