PluginProbe ʕ •ᴥ•ʔ
AI Engine – The Chatbot, AI Framework & MCP for WordPress / 2.7.9
AI Engine – The Chatbot, AI Framework & MCP for WordPress v2.7.9
3.5.7 3.5.6 3.5.5 3.5.4 3.5.3 3.5.2 3.5.1 3.5.0 3.4.9 3.4.8 3.4.7 0.2.1 1.6.91 0.2.2 1.6.92 0.2.3 1.6.93 0.2.4 1.6.94 0.2.5 1.6.95 0.2.6 1.6.96 0.2.7 1.6.97 0.2.8 1.6.98 0.2.9 1.6.99 0.3.0 1.7.0 0.3.1 1.7.1 0.3.2 1.7.2 0.3.3 1.7.3 0.3.4 1.7.4 0.3.5 1.7.5 0.3.6 1.7.6 0.4.0 1.7.7 0.4.1 1.7.8 0.4.2 1.7.9 0.4.3 1.8.0 0.4.4 1.8.1 0.4.5 1.8.2 0.4.6 1.8.3 0.4.7 1.8.4 0.4.8 1.8.5 0.4.9 1.8.6 0.5.0 1.8.7 0.5.1 1.8.8 0.5.2 1.8.9 0.5.3 1.9.0 0.5.4 1.9.1 0.5.5 1.9.2 0.5.6 1.9.3 0.5.7 1.9.4 0.5.8 1.9.5 0.5.9 1.9.6 0.6.0 1.9.7 0.6.1 1.9.8 0.6.2 1.9.81 0.6.3 1.9.82 0.6.4 1.9.83 0.6.5 1.9.84 0.6.6 1.9.85 0.6.7 1.9.86 0.6.8 1.9.87 0.6.9 1.9.88 0.7.0 1.9.89 0.7.1 1.9.90 0.7.2 1.9.91 0.7.3 1.9.92 0.7.4 1.9.93 0.7.5 1.9.94 0.7.6 1.9.95 0.7.7 1.9.96 0.7.8 1.9.97 0.7.9 1.9.98 0.8.0 1.9.99 0.8.1 2.0.0 0.8.2 2.0.1 0.8.3 2.0.2 0.8.4 2.0.3 0.8.5 2.0.4 0.8.6 2.0.5 0.8.7 2.0.6 0.8.8 2.0.7 0.8.9 2.0.8 0.9.0 2.0.9 0.9.2 2.1.0 0.9.3 2.1.1 0.9.4 2.1.2 0.9.5 2.1.3 0.9.6 2.1.4 0.9.7 2.1.5 0.9.8 2.1.6 0.9.81 2.1.7 0.9.82 2.1.8 0.9.83 2.1.9 0.9.84 2.2.0 0.9.85 2.2.1 0.9.86 2.2.2 0.9.87 2.2.3 0.9.88 2.2.4 0.9.89 2.2.5 0.9.9 2.2.51 0.9.91 2.2.52 0.9.92 2.2.53 0.9.93 2.2.54 0.9.94 2.2.56 0.9.95 2.2.57 0.9.96 2.2.6 0.9.97 2.2.60 0.9.98 2.2.61 0.9.99 2.2.62 1.0.0 2.2.63 1.0.01 2.2.70 1.0.1 2.2.80 1.0.2 2.2.81 1.0.3 2.2.90 1.0.4 2.2.91 1.0.5 2.2.92 1.0.6 2.2.93 1.0.7 2.2.94 1.0.8 2.2.95 1.0.9 2.3.0 1.1.0 2.3.1 1.1.1 2.3.2 1.1.2 2.3.3 1.1.3 2.3.4 1.1.4 2.3.5 1.1.5 2.3.6 1.1.6 2.3.7 1.1.7 2.3.8 1.1.8 2.3.9 1.1.9 2.4.0 1.2.0 2.4.1 1.2.1 2.4.2 1.2.2 2.4.3 1.2.21 2.4.4 1.2.3 2.4.5 1.2.30 2.4.6 1.3.0 2.4.7 1.3.1 2.4.8 1.3.2 2.4.9 1.3.3 2.5.0 1.3.31 2.5.1 1.3.32 2.5.2 1.3.33 2.5.3 1.3.34 2.5.4 1.3.35 2.5.5 1.3.36 2.5.6 1.3.37 2.5.7 1.3.38 2.5.8 1.3.39 2.5.9 1.3.40 2.6.0 1.3.41 2.6.1 1.3.42 2.6.2 1.3.43 2.6.3 1.3.44 2.6.5 1.3.45 2.6.6 1.3.46 2.6.7 1.3.47 2.6.8 1.3.48 2.6.9 1.3.49 2.7.0 1.3.50 2.7.1 1.3.51 2.7.2 1.3.52 2.7.3 1.3.53 2.7.4 1.3.54 2.7.5 1.3.56 2.7.6 1.3.57 2.7.7 1.3.58 2.7.8 1.3.59 2.7.9 1.3.60 2.8.0 1.3.61 2.8.1 1.3.62 2.8.2 1.3.63 2.8.3 1.3.64 2.8.4 1.3.65 2.8.5 1.3.66 2.8.6 1.3.67 2.8.7 1.3.68 2.8.8 1.3.69 2.8.9 1.3.70 2.9.0 1.3.71 2.9.1 1.3.72 2.9.2 1.3.73 2.9.3 1.3.74 2.9.4 1.3.75 2.9.5 1.3.76 2.9.6 1.3.77 2.9.7 1.3.78 2.9.8 1.3.79 2.9.9 1.3.80 3.0.0 1.3.81 3.0.1 1.3.82 3.0.2 1.3.83 3.0.3 1.3.84 3.0.4 1.3.85 3.0.5 1.3.86 3.0.6 1.3.87 3.0.7 1.3.88 3.0.8 1.3.89 3.0.9 1.3.90 3.1.0 1.3.91 3.1.1 1.3.92 3.1.2 1.3.93 3.1.3 1.3.94 3.1.4 1.3.95 3.1.5 1.3.96 3.1.6 1.3.97 3.1.7 1.3.98 3.1.8 1.3.99 3.1.9 1.4.0 3.2.0 1.4.1 3.2.1 1.4.2 3.2.2 1.4.3 3.2.3 1.4.4 3.2.4 1.4.5 3.2.5 1.4.6 3.2.6 1.4.7 3.2.7 1.4.8 3.2.8 1.4.9 3.2.9 1.5.0 3.3.0 1.5.1 3.3.1 1.5.2 3.3.2 1.5.3 3.3.3 1.5.4 3.3.4 1.5.5 3.3.5 1.5.6 3.3.6 1.5.7 3.3.7 1.5.8 3.3.8 1.5.9 3.3.9 1.6.0 3.4.0 1.6.1 3.4.1 1.6.2 3.4.2 1.6.3 3.4.3 1.6.5 3.4.4 1.6.51 3.4.5 1.6.52 3.4.6 1.6.53 1.6.54 1.6.55 1.6.56 1.6.57 1.6.58 1.6.59 1.6.60 1.6.61 1.6.62 1.6.63 1.6.64 1.6.65 1.6.66 1.6.67 1.6.68 trunk 1.6.69 0.0.1 1.6.70 0.0.2 1.6.71 0.0.3 1.6.72 0.0.4 1.6.73 0.0.5 1.6.74 0.0.6 1.6.75 0.0.7 1.6.76 0.0.8 1.6.77 0.0.9 1.6.78 0.1.0 1.6.79 0.1.1 1.6.81 0.1.2 1.6.82 0.1.3 1.6.83 0.1.4 1.6.84 0.1.5 1.6.85 0.1.6 1.6.86 0.1.7 1.6.87 0.1.8 1.6.88 0.1.9 1.6.89 0.2.0 1.6.90
ai-engine / classes / modules / security.php
ai-engine / classes / modules Last commit date
advisor.php 2 years ago chatbot.php 1 year ago discussions.php 1 year ago files.php 1 year ago gdpr.php 1 year ago security.php 1 year ago tasks.php 2 years ago wand.php 1 year ago
security.php
96 lines
1 <?php
2
3 class Meow_MWAI_Modules_Security {
4 public $core = null;
5 public $banned_ips = [];
6 public $banned_words = [];
7
8 public function __construct( $core ) {
9 $this->core = $core;
10 $this->banned_ips = $this->core->get_option( 'banned_ips' );
11 $this->banned_words = $this->core->get_option( 'banned_words' );
12
13 if ( !empty( $this->banned_ips ) ) {
14 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_ips' ], 5, 3 );
15 }
16 if ( !empty( $this->banned_words ) ) {
17 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_words' ], 5, 3 );
18 }
19 }
20
21 function check_banned_ips( $ok, $query, $limits ) {
22 if ( $ok !== true || empty( $this->banned_ips ) ) {
23 return $ok;
24 }
25 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
26 if ( $this->core->can_access_settings() ) {
27 return $ok;
28 }
29 }
30 $ip = $this->core->get_ip_address( true );
31 if ( $this->is_blocked_ip( $ip, $this->banned_ips ) ) {
32 Meow_MWAI_Logging::warn( "Blocked IP: $ip", '🔒' );
33 throw new Exception( "Your query has been rejected." );
34 }
35 return $ok;
36 }
37
38 function check_banned_words( $ok, $query, $limits ) {
39 if ( $ok !== true || empty( $this->banned_words ) ) {
40 return $ok;
41 }
42 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
43 if ( $this->core->can_access_settings() ) {
44 return $ok;
45 }
46 }
47 $text = $query->get_message();
48 $is_substring_match = $this->core->get_option( 'ignore_word_boundaries' );
49 foreach ( $this->banned_words as $word ) {
50 // Use preg_quote to escape any special characters in the word
51 // This is necessary to safely include $word in the regex pattern
52 // Add the 'u' modifier to enable Unicode support
53 if ( $is_substring_match ) {
54 $pattern = '/' . preg_quote( $word, '/' ) . '/iu'; // no \b
55 }
56 else {
57 $pattern = '/\b' . preg_quote( $word, '/' ) . '\b/iu';
58 }
59 if ( preg_match( $pattern, $text ) ) {
60 Meow_MWAI_Logging::warn( "Blocked word: $word", '🔒' );
61 throw new Exception( "Your query has been rejected." );
62 }
63 }
64 return $ok;
65 }
66
67 function ip_in_range( $ip, $range ) {
68 if ( strpos( $range, '/' ) === false ) {
69 $range .= '/32'; // Convert single IP to CIDR notation
70 }
71 list($range_ip, $subnet) = explode('/', $range, 2);
72 if (filter_var($range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
73 $ip_bin = ip2long($ip);
74 $range_ip_bin = ip2long($range_ip);
75 $subnet_mask = 0xFFFFFFFF << (32 - $subnet);
76 return ($ip_bin & $subnet_mask) == ($range_ip_bin & $subnet_mask);
77 }
78 elseif (filter_var($range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
79 $ip_bin = inet_pton($ip);
80 $range_ip_bin = inet_pton($range_ip);
81 $subnet_mask = str_repeat("\xFF", $subnet >> 3) . str_repeat("\x00", 16 - ($subnet >> 3));
82 $subnet_mask[($subnet >> 3)] = chr(0xFF << (8 - ($subnet & 7)));
83 return ($ip_bin & $subnet_mask) == ($range_ip_bin & $subnet_mask);
84 }
85 return false;
86 }
87
88 function is_blocked_ip( $ip, $blocked_ips) {
89 foreach ( $blocked_ips as $range ) {
90 if ( $this->ip_in_range( $ip, $range ) ) {
91 return true;
92 }
93 }
94 return false;
95 }
96 }