PluginProbe ʕ •ᴥ•ʔ
AI Engine – The Chatbot, AI Framework & MCP for WordPress / 2.8.7
AI Engine – The Chatbot, AI Framework & MCP for WordPress v2.8.7
3.5.7 3.5.6 3.5.5 3.5.4 3.5.3 3.5.2 3.5.1 3.5.0 3.4.9 3.4.8 3.4.7 0.2.1 1.6.91 0.2.2 1.6.92 0.2.3 1.6.93 0.2.4 1.6.94 0.2.5 1.6.95 0.2.6 1.6.96 0.2.7 1.6.97 0.2.8 1.6.98 0.2.9 1.6.99 0.3.0 1.7.0 0.3.1 1.7.1 0.3.2 1.7.2 0.3.3 1.7.3 0.3.4 1.7.4 0.3.5 1.7.5 0.3.6 1.7.6 0.4.0 1.7.7 0.4.1 1.7.8 0.4.2 1.7.9 0.4.3 1.8.0 0.4.4 1.8.1 0.4.5 1.8.2 0.4.6 1.8.3 0.4.7 1.8.4 0.4.8 1.8.5 0.4.9 1.8.6 0.5.0 1.8.7 0.5.1 1.8.8 0.5.2 1.8.9 0.5.3 1.9.0 0.5.4 1.9.1 0.5.5 1.9.2 0.5.6 1.9.3 0.5.7 1.9.4 0.5.8 1.9.5 0.5.9 1.9.6 0.6.0 1.9.7 0.6.1 1.9.8 0.6.2 1.9.81 0.6.3 1.9.82 0.6.4 1.9.83 0.6.5 1.9.84 0.6.6 1.9.85 0.6.7 1.9.86 0.6.8 1.9.87 0.6.9 1.9.88 0.7.0 1.9.89 0.7.1 1.9.90 0.7.2 1.9.91 0.7.3 1.9.92 0.7.4 1.9.93 0.7.5 1.9.94 0.7.6 1.9.95 0.7.7 1.9.96 0.7.8 1.9.97 0.7.9 1.9.98 0.8.0 1.9.99 0.8.1 2.0.0 0.8.2 2.0.1 0.8.3 2.0.2 0.8.4 2.0.3 0.8.5 2.0.4 0.8.6 2.0.5 0.8.7 2.0.6 0.8.8 2.0.7 0.8.9 2.0.8 0.9.0 2.0.9 0.9.2 2.1.0 0.9.3 2.1.1 0.9.4 2.1.2 0.9.5 2.1.3 0.9.6 2.1.4 0.9.7 2.1.5 0.9.8 2.1.6 0.9.81 2.1.7 0.9.82 2.1.8 0.9.83 2.1.9 0.9.84 2.2.0 0.9.85 2.2.1 0.9.86 2.2.2 0.9.87 2.2.3 0.9.88 2.2.4 0.9.89 2.2.5 0.9.9 2.2.51 0.9.91 2.2.52 0.9.92 2.2.53 0.9.93 2.2.54 0.9.94 2.2.56 0.9.95 2.2.57 0.9.96 2.2.6 0.9.97 2.2.60 0.9.98 2.2.61 0.9.99 2.2.62 1.0.0 2.2.63 1.0.01 2.2.70 1.0.1 2.2.80 1.0.2 2.2.81 1.0.3 2.2.90 1.0.4 2.2.91 1.0.5 2.2.92 1.0.6 2.2.93 1.0.7 2.2.94 1.0.8 2.2.95 1.0.9 2.3.0 1.1.0 2.3.1 1.1.1 2.3.2 1.1.2 2.3.3 1.1.3 2.3.4 1.1.4 2.3.5 1.1.5 2.3.6 1.1.6 2.3.7 1.1.7 2.3.8 1.1.8 2.3.9 1.1.9 2.4.0 1.2.0 2.4.1 1.2.1 2.4.2 1.2.2 2.4.3 1.2.21 2.4.4 1.2.3 2.4.5 1.2.30 2.4.6 1.3.0 2.4.7 1.3.1 2.4.8 1.3.2 2.4.9 1.3.3 2.5.0 1.3.31 2.5.1 1.3.32 2.5.2 1.3.33 2.5.3 1.3.34 2.5.4 1.3.35 2.5.5 1.3.36 2.5.6 1.3.37 2.5.7 1.3.38 2.5.8 1.3.39 2.5.9 1.3.40 2.6.0 1.3.41 2.6.1 1.3.42 2.6.2 1.3.43 2.6.3 1.3.44 2.6.5 1.3.45 2.6.6 1.3.46 2.6.7 1.3.47 2.6.8 1.3.48 2.6.9 1.3.49 2.7.0 1.3.50 2.7.1 1.3.51 2.7.2 1.3.52 2.7.3 1.3.53 2.7.4 1.3.54 2.7.5 1.3.56 2.7.6 1.3.57 2.7.7 1.3.58 2.7.8 1.3.59 2.7.9 1.3.60 2.8.0 1.3.61 2.8.1 1.3.62 2.8.2 1.3.63 2.8.3 1.3.64 2.8.4 1.3.65 2.8.5 1.3.66 2.8.6 1.3.67 2.8.7 1.3.68 2.8.8 1.3.69 2.8.9 1.3.70 2.9.0 1.3.71 2.9.1 1.3.72 2.9.2 1.3.73 2.9.3 1.3.74 2.9.4 1.3.75 2.9.5 1.3.76 2.9.6 1.3.77 2.9.7 1.3.78 2.9.8 1.3.79 2.9.9 1.3.80 3.0.0 1.3.81 3.0.1 1.3.82 3.0.2 1.3.83 3.0.3 1.3.84 3.0.4 1.3.85 3.0.5 1.3.86 3.0.6 1.3.87 3.0.7 1.3.88 3.0.8 1.3.89 3.0.9 1.3.90 3.1.0 1.3.91 3.1.1 1.3.92 3.1.2 1.3.93 3.1.3 1.3.94 3.1.4 1.3.95 3.1.5 1.3.96 3.1.6 1.3.97 3.1.7 1.3.98 3.1.8 1.3.99 3.1.9 1.4.0 3.2.0 1.4.1 3.2.1 1.4.2 3.2.2 1.4.3 3.2.3 1.4.4 3.2.4 1.4.5 3.2.5 1.4.6 3.2.6 1.4.7 3.2.7 1.4.8 3.2.8 1.4.9 3.2.9 1.5.0 3.3.0 1.5.1 3.3.1 1.5.2 3.3.2 1.5.3 3.3.3 1.5.4 3.3.4 1.5.5 3.3.5 1.5.6 3.3.6 1.5.7 3.3.7 1.5.8 3.3.8 1.5.9 3.3.9 1.6.0 3.4.0 1.6.1 3.4.1 1.6.2 3.4.2 1.6.3 3.4.3 1.6.5 3.4.4 1.6.51 3.4.5 1.6.52 3.4.6 1.6.53 1.6.54 1.6.55 1.6.56 1.6.57 1.6.58 1.6.59 1.6.60 1.6.61 1.6.62 1.6.63 1.6.64 1.6.65 1.6.66 1.6.67 1.6.68 trunk 1.6.69 0.0.1 1.6.70 0.0.2 1.6.71 0.0.3 1.6.72 0.0.4 1.6.73 0.0.5 1.6.74 0.0.6 1.6.75 0.0.7 1.6.76 0.0.8 1.6.77 0.0.9 1.6.78 0.1.0 1.6.79 0.1.1 1.6.81 0.1.2 1.6.82 0.1.3 1.6.83 0.1.4 1.6.84 0.1.5 1.6.85 0.1.6 1.6.86 0.1.7 1.6.87 0.1.8 1.6.88 0.1.9 1.6.89 0.2.0 1.6.90
ai-engine / classes / modules / security.php
ai-engine / classes / modules Last commit date
advisor.php 1 year ago chatbot.php 1 year ago discussions.php 1 year ago files.php 1 year ago gdpr.php 1 year ago search.php 1 year ago security.php 1 year ago tasks.php 1 year ago wand.php 1 year ago
security.php
97 lines
1 <?php
2
3 class Meow_MWAI_Modules_Security {
4 public $core = null;
5 public $banned_ips = [];
6 public $banned_words = [];
7
8 public function __construct( $core ) {
9 $this->core = $core;
10 $this->banned_ips = $this->core->get_option( 'banned_ips' );
11 $this->banned_words = $this->core->get_option( 'banned_words' );
12
13 if ( !empty( $this->banned_ips ) ) {
14 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_ips' ], 5, 3 );
15 }
16 if ( !empty( $this->banned_words ) ) {
17 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_words' ], 5, 3 );
18 }
19 }
20
21 public function check_banned_ips( $ok, $query, $limits ) {
22 if ( $ok !== true || empty( $this->banned_ips ) ) {
23 return $ok;
24 }
25 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
26 if ( $this->core->can_access_settings() ) {
27 return $ok;
28 }
29 }
30 $ip = $this->core->get_ip_address( true );
31 if ( $this->is_blocked_ip( $ip, $this->banned_ips ) ) {
32 Meow_MWAI_Logging::warn( "Blocked IP: $ip", '🔒' );
33 throw new Exception( 'Your query has been rejected.' );
34 }
35 return $ok;
36 }
37
38 public function check_banned_words( $ok, $query, $limits ) {
39 if ( $ok !== true || empty( $this->banned_words ) ) {
40 return $ok;
41 }
42 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
43 if ( $this->core->can_access_settings() ) {
44 return $ok;
45 }
46 }
47 $text = $query->get_message();
48 $is_substring_match = $this->core->get_option( 'ignore_word_boundaries' );
49 foreach ( $this->banned_words as $word ) {
50 // Use preg_quote to escape any special characters in the word
51 // This is necessary to safely include $word in the regex pattern
52 // Add the 'u' modifier to enable Unicode support
53 if ( $is_substring_match ) {
54 $pattern = '/' . preg_quote( $word, '/' ) . '/iu'; // no \b
55 }
56 else {
57 $pattern = '/\b' . preg_quote( $word, '/' ) . '\b/iu';
58 }
59 if ( preg_match( $pattern, $text ) ) {
60 Meow_MWAI_Logging::warn( "Blocked word: $word", '🔒' );
61 throw new Exception( 'Your query has been rejected.' );
62 }
63 }
64 return $ok;
65 }
66
67 public function ip_in_range( $ip, $range ) {
68 if ( strpos( $range, '/' ) === false ) {
69 $range .= '/32'; // Convert single IP to CIDR notation
70 }
71 list( $range_ip, $subnet ) = explode( '/', $range, 2 );
72 if ( filter_var( $range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
73 $ip_bin = ip2long( $ip );
74 $range_ip_bin = ip2long( $range_ip );
75 $subnet_mask = 0xFFFFFFFF << ( 32 - $subnet );
76 return ( $ip_bin & $subnet_mask ) == ( $range_ip_bin & $subnet_mask );
77 }
78 elseif ( filter_var( $range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 ) ) {
79 $ip_bin = inet_pton( $ip );
80 $range_ip_bin = inet_pton( $range_ip );
81 $subnet_mask = str_repeat( "\xFF", $subnet >> 3 ) . str_repeat( "\x00", 16 - ( $subnet >> 3 ) );
82 $subnet_mask[( $subnet >> 3 )] = chr( 0xFF << ( 8 - ( $subnet & 7 ) ) );
83 return ( $ip_bin & $subnet_mask ) == ( $range_ip_bin & $subnet_mask );
84 }
85 return false;
86 }
87
88 public function is_blocked_ip( $ip, $blocked_ips ) {
89 foreach ( $blocked_ips as $range ) {
90 if ( $this->ip_in_range( $ip, $range ) ) {
91 return true;
92 }
93 }
94 return false;
95 }
96 }
97