PluginProbe ʕ •ᴥ•ʔ
AI Engine – The Chatbot, AI Framework & MCP for WordPress / 3.0.1
AI Engine – The Chatbot, AI Framework & MCP for WordPress v3.0.1
3.5.7 3.5.6 3.5.5 3.5.4 3.5.3 3.5.2 3.5.1 3.5.0 3.4.9 3.4.8 3.4.7 0.2.1 1.6.91 0.2.2 1.6.92 0.2.3 1.6.93 0.2.4 1.6.94 0.2.5 1.6.95 0.2.6 1.6.96 0.2.7 1.6.97 0.2.8 1.6.98 0.2.9 1.6.99 0.3.0 1.7.0 0.3.1 1.7.1 0.3.2 1.7.2 0.3.3 1.7.3 0.3.4 1.7.4 0.3.5 1.7.5 0.3.6 1.7.6 0.4.0 1.7.7 0.4.1 1.7.8 0.4.2 1.7.9 0.4.3 1.8.0 0.4.4 1.8.1 0.4.5 1.8.2 0.4.6 1.8.3 0.4.7 1.8.4 0.4.8 1.8.5 0.4.9 1.8.6 0.5.0 1.8.7 0.5.1 1.8.8 0.5.2 1.8.9 0.5.3 1.9.0 0.5.4 1.9.1 0.5.5 1.9.2 0.5.6 1.9.3 0.5.7 1.9.4 0.5.8 1.9.5 0.5.9 1.9.6 0.6.0 1.9.7 0.6.1 1.9.8 0.6.2 1.9.81 0.6.3 1.9.82 0.6.4 1.9.83 0.6.5 1.9.84 0.6.6 1.9.85 0.6.7 1.9.86 0.6.8 1.9.87 0.6.9 1.9.88 0.7.0 1.9.89 0.7.1 1.9.90 0.7.2 1.9.91 0.7.3 1.9.92 0.7.4 1.9.93 0.7.5 1.9.94 0.7.6 1.9.95 0.7.7 1.9.96 0.7.8 1.9.97 0.7.9 1.9.98 0.8.0 1.9.99 0.8.1 2.0.0 0.8.2 2.0.1 0.8.3 2.0.2 0.8.4 2.0.3 0.8.5 2.0.4 0.8.6 2.0.5 0.8.7 2.0.6 0.8.8 2.0.7 0.8.9 2.0.8 0.9.0 2.0.9 0.9.2 2.1.0 0.9.3 2.1.1 0.9.4 2.1.2 0.9.5 2.1.3 0.9.6 2.1.4 0.9.7 2.1.5 0.9.8 2.1.6 0.9.81 2.1.7 0.9.82 2.1.8 0.9.83 2.1.9 0.9.84 2.2.0 0.9.85 2.2.1 0.9.86 2.2.2 0.9.87 2.2.3 0.9.88 2.2.4 0.9.89 2.2.5 0.9.9 2.2.51 0.9.91 2.2.52 0.9.92 2.2.53 0.9.93 2.2.54 0.9.94 2.2.56 0.9.95 2.2.57 0.9.96 2.2.6 0.9.97 2.2.60 0.9.98 2.2.61 0.9.99 2.2.62 1.0.0 2.2.63 1.0.01 2.2.70 1.0.1 2.2.80 1.0.2 2.2.81 1.0.3 2.2.90 1.0.4 2.2.91 1.0.5 2.2.92 1.0.6 2.2.93 1.0.7 2.2.94 1.0.8 2.2.95 1.0.9 2.3.0 1.1.0 2.3.1 1.1.1 2.3.2 1.1.2 2.3.3 1.1.3 2.3.4 1.1.4 2.3.5 1.1.5 2.3.6 1.1.6 2.3.7 1.1.7 2.3.8 1.1.8 2.3.9 1.1.9 2.4.0 1.2.0 2.4.1 1.2.1 2.4.2 1.2.2 2.4.3 1.2.21 2.4.4 1.2.3 2.4.5 1.2.30 2.4.6 1.3.0 2.4.7 1.3.1 2.4.8 1.3.2 2.4.9 1.3.3 2.5.0 1.3.31 2.5.1 1.3.32 2.5.2 1.3.33 2.5.3 1.3.34 2.5.4 1.3.35 2.5.5 1.3.36 2.5.6 1.3.37 2.5.7 1.3.38 2.5.8 1.3.39 2.5.9 1.3.40 2.6.0 1.3.41 2.6.1 1.3.42 2.6.2 1.3.43 2.6.3 1.3.44 2.6.5 1.3.45 2.6.6 1.3.46 2.6.7 1.3.47 2.6.8 1.3.48 2.6.9 1.3.49 2.7.0 1.3.50 2.7.1 1.3.51 2.7.2 1.3.52 2.7.3 1.3.53 2.7.4 1.3.54 2.7.5 1.3.56 2.7.6 1.3.57 2.7.7 1.3.58 2.7.8 1.3.59 2.7.9 1.3.60 2.8.0 1.3.61 2.8.1 1.3.62 2.8.2 1.3.63 2.8.3 1.3.64 2.8.4 1.3.65 2.8.5 1.3.66 2.8.6 1.3.67 2.8.7 1.3.68 2.8.8 1.3.69 2.8.9 1.3.70 2.9.0 1.3.71 2.9.1 1.3.72 2.9.2 1.3.73 2.9.3 1.3.74 2.9.4 1.3.75 2.9.5 1.3.76 2.9.6 1.3.77 2.9.7 1.3.78 2.9.8 1.3.79 2.9.9 1.3.80 3.0.0 1.3.81 3.0.1 1.3.82 3.0.2 1.3.83 3.0.3 1.3.84 3.0.4 1.3.85 3.0.5 1.3.86 3.0.6 1.3.87 3.0.7 1.3.88 3.0.8 1.3.89 3.0.9 1.3.90 3.1.0 1.3.91 3.1.1 1.3.92 3.1.2 1.3.93 3.1.3 1.3.94 3.1.4 1.3.95 3.1.5 1.3.96 3.1.6 1.3.97 3.1.7 1.3.98 3.1.8 1.3.99 3.1.9 1.4.0 3.2.0 1.4.1 3.2.1 1.4.2 3.2.2 1.4.3 3.2.3 1.4.4 3.2.4 1.4.5 3.2.5 1.4.6 3.2.6 1.4.7 3.2.7 1.4.8 3.2.8 1.4.9 3.2.9 1.5.0 3.3.0 1.5.1 3.3.1 1.5.2 3.3.2 1.5.3 3.3.3 1.5.4 3.3.4 1.5.5 3.3.5 1.5.6 3.3.6 1.5.7 3.3.7 1.5.8 3.3.8 1.5.9 3.3.9 1.6.0 3.4.0 1.6.1 3.4.1 1.6.2 3.4.2 1.6.3 3.4.3 1.6.5 3.4.4 1.6.51 3.4.5 1.6.52 3.4.6 1.6.53 1.6.54 1.6.55 1.6.56 1.6.57 1.6.58 1.6.59 1.6.60 1.6.61 1.6.62 1.6.63 1.6.64 1.6.65 1.6.66 1.6.67 1.6.68 trunk 1.6.69 0.0.1 1.6.70 0.0.2 1.6.71 0.0.3 1.6.72 0.0.4 1.6.73 0.0.5 1.6.74 0.0.6 1.6.75 0.0.7 1.6.76 0.0.8 1.6.77 0.0.9 1.6.78 0.1.0 1.6.79 0.1.1 1.6.81 0.1.2 1.6.82 0.1.3 1.6.83 0.1.4 1.6.84 0.1.5 1.6.85 0.1.6 1.6.86 0.1.7 1.6.87 0.1.8 1.6.88 0.1.9 1.6.89 0.2.0 1.6.90
ai-engine / classes / modules / security.php
ai-engine / classes / modules Last commit date
advisor.php 11 months ago chatbot.php 10 months ago discussions.php 11 months ago files.php 11 months ago gdpr.php 11 months ago search.php 11 months ago security.php 11 months ago tasks.php 11 months ago wand.php 11 months ago
security.php
97 lines
1 <?php
2
3 class Meow_MWAI_Modules_Security {
4 public $core = null;
5 public $banned_ips = [];
6 public $banned_words = [];
7
8 public function __construct( $core ) {
9 $this->core = $core;
10 $this->banned_ips = $this->core->get_option( 'banned_ips' );
11 $this->banned_words = $this->core->get_option( 'banned_words' );
12
13 if ( !empty( $this->banned_ips ) ) {
14 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_ips' ], 5, 3 );
15 }
16 if ( !empty( $this->banned_words ) ) {
17 add_filter( 'mwai_ai_allowed', [ $this, 'check_banned_words' ], 5, 3 );
18 }
19 }
20
21 public function check_banned_ips( $ok, $query, $limits ) {
22 if ( $ok !== true || empty( $this->banned_ips ) ) {
23 return $ok;
24 }
25 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
26 if ( $this->core->can_access_settings() ) {
27 return $ok;
28 }
29 }
30 $ip = $this->core->get_ip_address( true );
31 if ( $this->is_blocked_ip( $ip, $this->banned_ips ) ) {
32 Meow_MWAI_Logging::warn( "Blocked IP: $ip", '🔒' );
33 throw new Exception( 'Your query has been rejected.' );
34 }
35 return $ok;
36 }
37
38 public function check_banned_words( $ok, $query, $limits ) {
39 if ( $ok !== true || empty( $this->banned_words ) ) {
40 return $ok;
41 }
42 if ( is_a( $query, 'Meow_MWAI_Query_Embed' ) ) {
43 if ( $this->core->can_access_settings() ) {
44 return $ok;
45 }
46 }
47 $text = $query->get_message();
48 $is_substring_match = $this->core->get_option( 'ignore_word_boundaries' );
49 foreach ( $this->banned_words as $word ) {
50 // Use preg_quote to escape any special characters in the word
51 // This is necessary to safely include $word in the regex pattern
52 // Add the 'u' modifier to enable Unicode support
53 if ( $is_substring_match ) {
54 $pattern = '/' . preg_quote( $word, '/' ) . '/iu'; // no \b
55 }
56 else {
57 $pattern = '/\b' . preg_quote( $word, '/' ) . '\b/iu';
58 }
59 if ( preg_match( $pattern, $text ) ) {
60 Meow_MWAI_Logging::warn( "Blocked word: $word", '🔒' );
61 throw new Exception( 'Your query has been rejected.' );
62 }
63 }
64 return $ok;
65 }
66
67 public function ip_in_range( $ip, $range ) {
68 if ( strpos( $range, '/' ) === false ) {
69 $range .= '/32'; // Convert single IP to CIDR notation
70 }
71 list( $range_ip, $subnet ) = explode( '/', $range, 2 );
72 if ( filter_var( $range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
73 $ip_bin = ip2long( $ip );
74 $range_ip_bin = ip2long( $range_ip );
75 $subnet_mask = 0xFFFFFFFF << ( 32 - $subnet );
76 return ( $ip_bin & $subnet_mask ) == ( $range_ip_bin & $subnet_mask );
77 }
78 elseif ( filter_var( $range_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 ) ) {
79 $ip_bin = inet_pton( $ip );
80 $range_ip_bin = inet_pton( $range_ip );
81 $subnet_mask = str_repeat( "\xFF", $subnet >> 3 ) . str_repeat( "\x00", 16 - ( $subnet >> 3 ) );
82 $subnet_mask[( $subnet >> 3 )] = chr( 0xFF << ( 8 - ( $subnet & 7 ) ) );
83 return ( $ip_bin & $subnet_mask ) == ( $range_ip_bin & $subnet_mask );
84 }
85 return false;
86 }
87
88 public function is_blocked_ip( $ip, $blocked_ips ) {
89 foreach ( $blocked_ips as $range ) {
90 if ( $this->ip_in_range( $ip, $range ) ) {
91 return true;
92 }
93 }
94 return false;
95 }
96 }
97