public static function ajax_saveConfig_callback() { $reload = ''; $opts = wfConfig::parseOptions(); // These are now on the Diagnostics page, so they aren't sent across. foreach (self::$diagnosticParams as $param) { $opts[$param] = wfConfig::get($param); } $emails = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['alertEmails'])) as $email) { if (strlen($email) > 0) { $emails[] = $email; } } if (sizeof($emails) > 0) { $badEmails = array(); foreach ($emails as $email) { if (!preg_match('/^[^@]+@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,11})$/i', $email)) { $badEmails[] = $email; } } if (sizeof($badEmails) > 0) { return array('errorMsg' => "The following emails are invalid: " . wp_kses(implode(', ', $badEmails), array())); } $opts['alertEmails'] = implode(',', $emails); } else { $opts['alertEmails'] = ''; } $opts['scan_exclude'] = wfUtils::cleanupOneEntryPerLine($opts['scan_exclude']); foreach (explode("\n", $opts['scan_include_extra']) as $regex) { if (@preg_match("/{$regex}/", "") === FALSE) { return array('errorMsg' => "\"" . esc_html($regex) . "\" is not a valid regular expression"); } } $whiteIPs = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['whitelisted'])) as $whiteIP) { if (strlen($whiteIP) > 0) { $whiteIPs[] = $whiteIP; } } if (sizeof($whiteIPs) > 0) { $badWhiteIPs = array(); $range = new wfUserIPRange(); foreach ($whiteIPs as $whiteIP) { $range->setIPString($whiteIP); if (!$range->isValidRange()) { $badWhiteIPs[] = $whiteIP; } } if (sizeof($badWhiteIPs) > 0) { return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . wp_kses(implode(', ', $badWhiteIPs), array())); } $opts['whitelisted'] = implode(',', $whiteIPs); } else { $opts['whitelisted'] = ''; } $validUsers = array(); $invalidUsers = array(); foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) { $val = trim($val); if (strlen($val) > 0) { if (get_user_by('login', $val)) { $validUsers[] = $val; } else { $invalidUsers[] = $val; } } } $opts['loginSec_userBlacklist'] = wfUtils::cleanupOneEntryPerLine($opts['loginSec_userBlacklist']); $opts['apiKey'] = trim($opts['apiKey']); if ($opts['apiKey'] && !preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) { //User entered something but it's garbage. return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9."); } if (sizeof($invalidUsers) > 0) { return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . wp_kses(implode(', ', $invalidUsers), array())); } if (sizeof($validUsers) > 0) { $opts['liveTraf_ignoreUsers'] = implode(',', $validUsers); } else { $opts['liveTraf_ignoreUsers'] = ''; } $validIPs = array(); $invalidIPs = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val) { if (strlen($val) > 0) { if (wfUtils::isValidIP($val)) { $validIPs[] = $val; } else { $invalidIPs[] = $val; } } } if (sizeof($invalidIPs) > 0) { return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . wp_kses(implode(', ', $invalidIPs), array())); } if (sizeof($validIPs) > 0) { $opts['liveTraf_ignoreIPs'] = implode(',', $validIPs); } if (preg_match('/[a-zA-Z0-9\\d]+/', $opts['liveTraf_ignoreUA'])) { $opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']); } else { $opts['liveTraf_ignoreUA'] = ''; } if (!$opts['other_WFNet']) { $wfdb = new wfDB(); global $wpdb; $p = $wpdb->base_prefix; $wfdb->queryWrite("delete from {$p}" . "wfBlocks where wfsn=1 and permanent=0"); } if ($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')) { $reload = 'reload'; } $regenerateHtaccess = false; if (wfConfig::get('bannedURLs', false) != $opts['bannedURLs']) { $regenerateHtaccess = true; } if (!is_numeric($opts['liveTraf_maxRows'])) { return array('errorMsg' => 'Please enter a number for the amount of Live Traffic data to store.'); } foreach ($opts as $key => $val) { if ($key != 'apiKey') { //Don't save API key yet wfConfig::set($key, $val); } } if ($regenerateHtaccess && wfConfig::get('cacheType') == 'falcon') { wfCache::addHtaccessCode('add'); } if ($opts['autoUpdate'] == '1') { wfConfig::enableAutoUpdate(); } else { if ($opts['autoUpdate'] == '0') { wfConfig::disableAutoUpdate(); } } try { if ($opts['disableCodeExecutionUploads']) { wfConfig::disableCodeExecutionForUploads(); } else { wfConfig::removeCodeExecutionProtectionForUploads(); } } catch (wfConfigException $e) { return array('errorMsg' => $e->getMessage()); } if (!empty($opts['email_summary_enabled'])) { wfConfig::set('email_summary_enabled', 1); wfConfig::set('email_summary_interval', $opts['email_summary_interval']); wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']); wfActivityReport::scheduleCronJob(); } else { wfConfig::set('email_summary_enabled', 0); wfActivityReport::disableCronJob(); } if (wfConfig::get('other_hideWPVersion')) { wfUtils::hideReadme(); } else { wfUtils::showReadme(); } $paidKeyMsg = false; if (!$opts['apiKey']) { //Empty API key (after trim above), then try to get one. $api = new wfAPI('', wfUtils::getWPVersion()); try { $keyData = $api->call('get_anon_api_key'); if ($keyData['ok'] && $keyData['apiKey']) { wfConfig::set('apiKey', $keyData['apiKey']); wfConfig::set('isPaid', 0); $reload = 'reload'; } else { throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element."); } } catch (Exception $e) { return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . wp_kses($e->getMessage(), array())); } } else { if ($opts['apiKey'] != wfConfig::get('apiKey')) { $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion()); try { $res = $api->call('check_api_key', array(), array()); if ($res['ok'] && isset($res['isPaid'])) { wfConfig::set('apiKey', $opts['apiKey']); $reload = 'reload'; wfConfig::set('isPaid', $res['isPaid']); //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools. if ($res['isPaid']) { $paidKeyMsg = true; } } else { throw new Exception("We could not understand the Wordfence API server reply when updating your API key."); } } catch (Exception $e) { return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . wp_kses($e->getMessage(), array())); } } else { $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion()); $api->call('ping_api_key', array(), array()); } } return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg); }
function save_setting() { $settings = maybe_unserialize(base64_decode($_POST['settings'])); if (is_array($settings) && count($settings) > 0) { $result = array(); $reload = ''; $opts = $settings; $validUsers = array(); $invalidUsers = array(); foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) { $val = trim($val); if (strlen($val) > 0) { if (get_user_by('login', $val)) { $validUsers[] = $val; } else { $invalidUsers[] = $val; } } } if (count($invalidUsers) > 0) { // return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers)) ); $result['invalid_users'] = htmlentities(implode(', ', $invalidUsers)); } if (count($validUsers) > 0) { $opts['liveTraf_ignoreUsers'] = implode(',', $validUsers); } else { $opts['liveTraf_ignoreUsers'] = ''; } if (!$opts['other_WFNet']) { $wfdb = new wfDB(); global $wpdb; $p = $wpdb->base_prefix; $wfdb->queryWrite("delete from {$p}" . 'wfBlocks where wfsn=1 and permanent=0'); } $regenerateHtaccess = false; if (wfConfig::get('bannedURLs', false) !== $opts['bannedURLs']) { $regenerateHtaccess = true; } foreach ($opts as $key => $val) { if (in_array($key, self::$options_filter)) { if ('apiKey' !== $key) { //Don't save API key yet wfConfig::set($key, $val); } } } if ($regenerateHtaccess) { wfCache::addHtaccessCode('add'); } if ('1' === $opts['autoUpdate']) { wfConfig::enableAutoUpdate(); } else { if ('0' === $opts['autoUpdate']) { wfConfig::disableAutoUpdate(); } } if (isset($opts['disableCodeExecutionUploads'])) { try { if ($opts['disableCodeExecutionUploads']) { wfConfig::disableCodeExecutionForUploads(); } else { wfConfig::removeCodeExecutionProtectionForUploads(); } } catch (wfConfigException $e) { return array('error' => $e->getMessage()); } } if (isset($opts['email_summary_enabled'])) { if (!empty($opts['email_summary_enabled'])) { wfConfig::set('email_summary_enabled', 1); wfConfig::set('email_summary_interval', $opts['email_summary_interval']); wfConfig::set('email_summary_excluded_directories', $opts['email_summary_excluded_directories']); wfActivityReport::scheduleCronJob(); } else { wfConfig::set('email_summary_enabled', 0); wfActivityReport::disableCronJob(); } } $sch = isset($opts['scheduleScan']) ? $opts['scheduleScan'] : ''; if (get_option('mainwp_child_wordfence_cron_time') !== $sch) { update_option('mainwp_child_wordfence_cron_time', $sch); $sched = wp_next_scheduled('mainwp_child_wordfence_cron_scan'); if (false !== $sched) { wp_unschedule_event($sched, 'mainwp_child_wordfence_cron_scan'); } } $result['cacheType'] = wfConfig::get('cacheType'); $result['paidKeyMsg'] = false; $apiKey = trim($_POST['apiKey']); if (!$apiKey) { //Empty API key (after trim above), then try to get one. $api = new wfAPI('', wfUtils::getWPVersion()); try { $keyData = $api->call('get_anon_api_key'); if ($keyData['ok'] && $keyData['apiKey']) { wfConfig::set('apiKey', $keyData['apiKey']); wfConfig::set('isPaid', 0); $result['apiKey'] = $keyData['apiKey']; $result['isPaid'] = 0; $reload = 'reload'; } else { throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element."); } } catch (Exception $e) { $result['error'] = 'Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: ' . htmlentities($e->getMessage()); return $result; } } else { if (wfConfig::get('apiKey') !== $apiKey) { $api = new wfAPI($apiKey, wfUtils::getWPVersion()); try { $res = $api->call('check_api_key', array(), array()); if ($res['ok'] && isset($res['isPaid'])) { wfConfig::set('apiKey', $apiKey); wfConfig::set('isPaid', $res['isPaid']); //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools. $result['apiKey'] = $apiKey; $result['isPaid'] = $res['isPaid']; if ($res['isPaid']) { $result['paidKeyMsg'] = true; } $reload = 'reload'; } else { throw new Exception('We could not understand the Wordfence API server reply when updating your API key.'); } } catch (Exception $e) { $result['error'] = 'Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage()); return $result; } } else { try { $api = new wfAPI($apiKey, wfUtils::getWPVersion()); $res = $api->call('ping_api_key', array(), array()); } catch (Exception $e) { $result['error'] = 'Your options have been saved. However we noticed you do not change your API key and we tried to verify it with the Wordfence servers and received an error: ' . htmlentities($e->getMessage()); return $result; } } } $result['ok'] = 1; $result['reload'] = $reload; return $result; } }
public static function ajax_saveConfig_callback() { $reload = ''; $opts = wfConfig::parseOptions(); $emails = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['alertEmails'])) as $email) { if (strlen($email) > 0) { $emails[] = $email; } } if (sizeof($emails) > 0) { $badEmails = array(); foreach ($emails as $email) { if (!preg_match('/^[^@]+@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,11})$/i', $email)) { $badEmails[] = $email; } } if (sizeof($badEmails) > 0) { return array('errorMsg' => "The following emails are invalid: " . htmlentities(implode(', ', $badEmails))); } $opts['alertEmails'] = implode(',', $emails); } else { $opts['alertEmails'] = ''; } $opts['scan_exclude'] = preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['scan_exclude']); $whiteIPs = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['whitelisted'])) as $whiteIP) { if (strlen($whiteIP) > 0) { $whiteIPs[] = $whiteIP; } } if (sizeof($whiteIPs) > 0) { $badWhiteIPs = array(); foreach ($whiteIPs as $whiteIP) { if (!preg_match('/^[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+\\.[\\[\\]\\-\\d]+$/', $whiteIP)) { $badWhiteIPs[] = $whiteIP; } } if (sizeof($badWhiteIPs) > 0) { return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . htmlentities(implode(', ', $badWhiteIPs))); } $opts['whitelisted'] = implode(',', $whiteIPs); } else { $opts['whitelisted'] = ''; } $validUsers = array(); $invalidUsers = array(); foreach (explode(',', $opts['liveTraf_ignoreUsers']) as $val) { $val = trim($val); if (strlen($val) > 0) { if (get_user_by('login', $val)) { $validUsers[] = $val; } else { $invalidUsers[] = $val; } } } $userBlacklist = array(); foreach (explode(',', $opts['loginSec_userBlacklist']) as $user) { $user = trim($user); if (strlen($user) > 0) { $userBlacklist[] = $user; } } if (sizeof($userBlacklist) > 0) { $opts['loginSec_userBlacklist'] = implode(',', $userBlacklist); } else { $opts['loginSec_userBlacklist'] = ''; } $opts['apiKey'] = trim($opts['apiKey']); if ($opts['apiKey'] && !preg_match('/^[a-fA-F0-9]+$/', $opts['apiKey'])) { //User entered something but it's garbage. return array('errorMsg' => "You entered an API key but it is not in a valid format. It must consist only of characters A to F and 0 to 9."); } if (sizeof($invalidUsers) > 0) { return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers))); } if (sizeof($validUsers) > 0) { $opts['liveTraf_ignoreUsers'] = implode(',', $validUsers); } else { $opts['liveTraf_ignoreUsers'] = ''; } $validIPs = array(); $invalidIPs = array(); foreach (explode(',', preg_replace('/[\\r\\n\\s\\t]+/', '', $opts['liveTraf_ignoreIPs'])) as $val) { if (strlen($val) > 0) { if (preg_match('/^\\d+\\.\\d+\\.\\d+\\.\\d+$/', $val)) { $validIPs[] = $val; } else { $invalidIPs[] = $val; } } } if (sizeof($invalidIPs) > 0) { return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . htmlentities(implode(', ', $invalidIPs))); } if (sizeof($validIPs) > 0) { $opts['liveTraf_ignoreIPs'] = implode(',', $validIPs); } if (preg_match('/[a-zA-Z0-9\\d]+/', $opts['liveTraf_ignoreUA'])) { $opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']); } else { $opts['liveTraf_ignoreUA'] = ''; } if (!$opts['other_WFNet']) { $wfdb = new wfDB(); global $wpdb; $p = $wpdb->base_prefix; $wfdb->queryWrite("delete from {$p}" . "wfBlocks where wfsn=1 and permanent=0"); } if ($opts['howGetIPs'] != wfConfig::get('howGetIPs', '')) { $reload = 'reload'; } $regenerateHtaccess = false; if (wfConfig::get('bannedURLs', false) != $opts['bannedURLs']) { $regenerateHtaccess = true; } foreach ($opts as $key => $val) { if ($key != 'apiKey') { //Don't save API key yet wfConfig::set($key, $val); } } if ($regenerateHtaccess) { wfCache::addHtaccessCode('add'); } if ($opts['autoUpdate'] == '1') { wfConfig::enableAutoUpdate(); } else { if ($opts['autoUpdate'] == '0') { wfConfig::disableAutoUpdate(); } } $paidKeyMsg = false; if (!$opts['apiKey']) { //Empty API key (after trim above), then try to get one. $api = new wfAPI('', wfUtils::getWPVersion()); try { $keyData = $api->call('get_anon_api_key'); if ($keyData['ok'] && $keyData['apiKey']) { wfConfig::set('apiKey', $keyData['apiKey']); wfConfig::set('isPaid', 0); $reload = 'reload'; } else { throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element."); } } catch (Exception $e) { return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . htmlentities($e->getMessage())); } } else { if ($opts['apiKey'] != wfConfig::get('apiKey')) { $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion()); try { $res = $api->call('check_api_key', array(), array()); if ($res['ok'] && isset($res['isPaid'])) { wfConfig::set('apiKey', $opts['apiKey']); $reload = 'reload'; wfConfig::set('isPaid', $res['isPaid']); //res['isPaid'] is boolean coming back as JSON and turned back into PHP struct. Assuming JSON to PHP handles bools. if ($res['isPaid']) { $paidKeyMsg = true; } } else { throw new Exception("We could not understand the Wordfence API server reply when updating your API key."); } } catch (Exception $e) { return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . htmlentities($e->getMessage())); } } else { $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion()); $res = $api->call('ping_api_key', array(), array()); } } return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg); }