function restore_file()
{
$issueID = $_POST['issueID'];
$wfIssues = new wfIssues();
$issue = $wfIssues->getIssueByID($issueID);
if (!$issue) {
return array('cerrorMsg' => 'We could not find that issue in our database.');
}
$dat = $issue['data'];
$result = wordfence::getWPFileContent($dat['file'], $dat['cType'], isset($dat['cName']) ? $dat['cName'] : '', isset($dat['cVersion']) ? $dat['cVersion'] : '');
$file = $dat['file'];
if (isset($result['cerrorMsg']) && $result['cerrorMsg']) {
return $result;
} else {
if (!$result['fileContent']) {
return array('cerrorMsg' => 'We could not get the original file to do a repair.');
}
}
if (preg_match('/\\.\\./', $file)) {
return array('cerrorMsg' => 'An invalid file was specified for repair.');
}
$localFile = ABSPATH . '/' . preg_replace('/^[\\.\\/]+/', '', $file);
$fh = fopen($localFile, 'w');
if (!$fh) {
$err = error_get_last();
if (preg_match('/Permission denied/i', $err['message'])) {
$errMsg = "You don't have permission to repair that file. You need to either fix the file manually using FTP or change the file permissions and ownership so that your web server has write access to repair the file.";
} else {
$errMsg = 'We could not write to that file. The error was: ' . $err['message'];
}
return array('cerrorMsg' => $errMsg);
}
flock($fh, LOCK_EX);
$bytes = fwrite($fh, $result['fileContent']);
flock($fh, LOCK_UN);
fclose($fh);
if ($bytes < 1) {
return array('cerrorMsg' => "We could not write to that file. ({$bytes} bytes written) You may not have permission to modify files on your WordPress server.");
}
$wfIssues->updateIssue($issueID, 'delete');
return array('ok' => 1, 'file' => $localFile);
}
/**
*
*/
public static function ajax_disableDirectoryListing_callback()
{
$issueID = absint($_POST['issueID']);
$wfIssues = new wfIssues();
$issue = $wfIssues->getIssueByID($issueID);
if (!$issue) {
return array('err' => 1, 'errorMsg' => "We could not find that issue in our database.");
}
$wfIssues->deleteIssue($issueID);
$htaccessPath = wfCache::getHtaccessPath();
if (!$htaccessPath) {
return array('err' => 1, 'errorMsg' => "Wordfence could not find your .htaccess file.");
}
$fileContents = file_get_contents($htaccessPath);
if (file_put_contents($htaccessPath, "# Added by Wordfence " . date('r') . "\nOptions -Indexes\n\n" . $fileContents, LOCK_EX)) {
$uploadPaths = wp_upload_dir();
if (!wfScanEngine::isDirectoryListingEnabled($uploadPaths['baseurl'])) {
return array('ok' => 1);
} else {
// Revert any changes done to .htaccess
file_put_contents($htaccessPath, $fileContents, LOCK_EX);
return array('err' => 1, 'errorMsg' => "Updating the .htaccess did not fix the issue. You may need to add <code>Options -Indexes</code>\nto your httpd.conf if using Apache, or find documentation on how to disable directory listing for your web server.");
}
}
return array('err' => 1, 'errorMsg' => "There was an error writing to your .htaccess file.");
}
