示例#1
0
function sucuriscan_settings_general_apikey($nonce)
{
    $params = array();
    $invalid_domain = false;
    $api_recovery_modal = '';
    $api_registered_modal = '';
    // Whether the form to manually add the API key should be shown or not.
    $display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false);
    if ($nonce) {
        if (SucuriScanRequest::post(':plugin_api_key') !== false) {
            $user_id = SucuriScanRequest::post(':setup_user');
            $user_obj = SucuriScan::get_user_by_id($user_id);
            if ($user_obj !== false && user_can($user_obj, 'administrator')) {
                // Send request to generate new API key or display form to set manually.
                if (SucuriScanAPI::registerSite($user_obj->user_email)) {
                    $api_registered_modal = SucuriScanTemplate::getModal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered'));
                } else {
                    $display_manual_key_form = true;
                }
            }
        }
        // Recover API key through the email registered previously.
        if (SucuriScanRequest::post(':recover_key') !== false) {
            SucuriScanAPI::recoverKey();
            SucuriScanEvent::report_info_event('Recovery of the Sucuri API key was requested.');
            $api_recovery_modal = SucuriScanTemplate::getModal('settings-apirecovery', array('Title' => 'Plugin API Key Recovery', 'CssClass' => 'sucuriscan-apirecovery'));
        }
    }
    $api_key = SucuriScanAPI::getPluginKey();
    // Check whether the domain name is valid or not.
    if (!$api_key) {
        $clean_domain = SucuriScan::get_top_level_domain();
        $domain_address = @gethostbyname($clean_domain);
        $invalid_domain = (bool) ($domain_address === $clean_domain);
    }
    $params['APIKey'] = !$api_key ? '(not set)' : $api_key;
    $params['APIKey.RecoverVisibility'] = SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form);
    $params['APIKey.ManualKeyFormVisibility'] = SucuriScanTemplate::visibility($display_manual_key_form);
    $params['APIKey.RemoveVisibility'] = SucuriScanTemplate::visibility((bool) $api_key);
    $params['InvalidDomainVisibility'] = SucuriScanTemplate::visibility($invalid_domain);
    $params['ModalWhenAPIRegistered'] = $api_registered_modal;
    $params['ModalForApiKeyRecovery'] = $api_recovery_modal;
    return SucuriScanTemplate::getSection('settings-general-apikey', $params);
}
示例#2
0
/**
 * Read and parse the content of the notification settings template.
 *
 * @return string Parsed HTML code for the notification settings panel.
 */
function sucuriscan_settings_notifications()
{
    global $sucuriscan_notify_options, $sucuriscan_email_subjects;
    $template_variables = array('NotificationOptions' => '', 'EmailSubjectOptions' => '', 'EmailSubjectCustom.Checked' => '', 'EmailSubjectCustom.Value' => '', 'PrettifyMailsWarningVisibility' => SucuriScanTemplate::visibility(SucuriScanMail::prettify_mails()));
    if ($sucuriscan_email_subjects) {
        $email_subject = SucuriScanOption::get_option(':email_subject');
        $is_official_subject = false;
        foreach ($sucuriscan_email_subjects as $subject_format) {
            if ($email_subject == $subject_format) {
                $is_official_subject = true;
                $checked = 'checked="checked"';
            } else {
                $checked = '';
            }
            $template_variables['EmailSubjectOptions'] .= SucuriScanTemplate::get_snippet('settings-emailsubject', array('EmailSubject.Name' => $subject_format, 'EmailSubject.Value' => $subject_format, 'EmailSubject.Checked' => $checked));
        }
        if ($is_official_subject === false) {
            $template_variables['EmailSubjectCustom.Checked'] = 'checked="checked"';
            $template_variables['EmailSubjectCustom.Value'] = SucuriScan::escape($email_subject);
        }
    }
    $counter = 0;
    $alert_pattern = '/^([a-z]+:)?(.+)/';
    foreach ($sucuriscan_notify_options as $alert_type => $alert_label) {
        $alert_value = SucuriScanOption::get_option($alert_type);
        $checked = $alert_value == 'enabled' ? 'checked="checked"' : '';
        $css_class = $counter % 2 == 0 ? 'alternate' : '';
        $alert_icon = '';
        if (preg_match($alert_pattern, $alert_label, $match)) {
            $alert_group = str_replace(':', '', $match[1]);
            $alert_label = $match[2];
            switch ($alert_group) {
                case 'user':
                    $alert_icon = 'dashicons-before dashicons-admin-users';
                    break;
                case 'plugin':
                    $alert_icon = 'dashicons-before dashicons-admin-plugins';
                    break;
                case 'theme':
                    $alert_icon = 'dashicons-before dashicons-admin-appearance';
                    break;
            }
        }
        $template_variables['NotificationOptions'] .= SucuriScanTemplate::get_snippet('settings-notifications', array('Notification.CssClass' => $css_class, 'Notification.Name' => $alert_type, 'Notification.Checked' => $checked, 'Notification.Label' => $alert_label, 'Notification.LabelIcon' => $alert_icon));
        $counter += 1;
    }
    return SucuriScanTemplate::get_section('settings-notifications', $template_variables);
}
示例#3
0
function sucuriscan_settings_general_apikey($nonce)
{
    $params = array();
    $invalid_domain = false;
    $api_recovery_modal = '';
    $api_registered_modal = '';
    // Whether the form to manually add the API key should be shown or not.
    $display_manual_key_form = (bool) (SucuriScanRequest::post(':recover_key') !== false);
    if ($nonce) {
        if (!empty($_POST) && SucuriScanOption::settingsInTextFile()) {
            $fpath = SucuriScanOption::optionsFilePath();
            if (!is_writable($fpath)) {
                SucuriScanInterface::error('Storage is not writable: <code>' . $fpath . '</code>');
            }
        }
        // Remove API key from the local storage.
        if (SucuriScanRequest::post(':remove_api_key') !== false) {
            SucuriScanAPI::setPluginKey('');
            wp_clear_scheduled_hook('sucuriscan_scheduled_scan');
            SucuriScanEvent::report_critical_event('Sucuri API key was deleted.');
            SucuriScanEvent::notify_event('plugin_change', 'Sucuri API key removed');
        }
        // Save API key after it was recovered by the administrator.
        if ($api_key = SucuriScanRequest::post(':manual_api_key')) {
            SucuriScanAPI::setPluginKey($api_key, true);
            SucuriScanEvent::schedule_task();
            SucuriScanEvent::report_info_event('Sucuri API key was added manually.');
        }
        // Generate new API key from the API service.
        if (SucuriScanRequest::post(':plugin_api_key') !== false) {
            $user_id = SucuriScanRequest::post(':setup_user');
            $user_obj = SucuriScan::get_user_by_id($user_id);
            if ($user_obj !== false && user_can($user_obj, 'administrator')) {
                // Send request to generate new API key or display form to set manually.
                if (SucuriScanAPI::registerSite($user_obj->user_email)) {
                    $api_registered_modal = SucuriScanTemplate::getModal('settings-apiregistered', array('Title' => 'Site registered successfully', 'CssClass' => 'sucuriscan-apikey-registered'));
                } else {
                    $display_manual_key_form = true;
                }
            }
        }
        // Recover API key through the email registered previously.
        if (SucuriScanRequest::post(':recover_key') !== false) {
            $_GET['recover'] = 'true';
            SucuriScanAPI::recoverKey();
            SucuriScanEvent::report_info_event('Recovery of the Sucuri API key was requested.');
        }
    }
    $api_key = SucuriScanAPI::getPluginKey();
    if (SucuriScanRequest::get('recover') !== false) {
        $api_recovery_modal = SucuriScanTemplate::getModal('settings-apirecovery', array('Title' => 'Plugin API Key Recovery', 'CssClass' => 'sucuriscan-apirecovery'));
    }
    // Check whether the domain name is valid or not.
    if (!$api_key) {
        $clean_domain = SucuriScan::get_top_level_domain();
        $domain_address = @gethostbyname($clean_domain);
        $invalid_domain = (bool) ($domain_address === $clean_domain);
    }
    $params['APIKey'] = !$api_key ? '(not set)' : $api_key;
    $params['APIKey.RecoverVisibility'] = SucuriScanTemplate::visibility(!$api_key && !$display_manual_key_form);
    $params['APIKey.ManualKeyFormVisibility'] = SucuriScanTemplate::visibility($display_manual_key_form);
    $params['APIKey.RemoveVisibility'] = SucuriScanTemplate::visibility((bool) $api_key);
    $params['InvalidDomainVisibility'] = SucuriScanTemplate::visibility($invalid_domain);
    $params['ModalWhenAPIRegistered'] = $api_registered_modal;
    $params['ModalForApiKeyRecovery'] = $api_recovery_modal;
    return SucuriScanTemplate::getSection('settings-general-apikey', $params);
}