PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.3.10
CloudSecure WP Security v1.3.10
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / common.php
cloudsecure-wp-security / modules Last commit date
admin 1 year ago lib 1 year ago captcha.php 2 years ago cloudsecure-wp.php 1 year ago common.php 1 year ago config.php 2 years ago disable-access-system-file.php 1 year ago disable-author-query.php 2 years ago disable-login.php 1 year ago disable-restapi.php 1 year ago disable-xmlrpc.php 1 year ago htaccess.php 1 year ago login-log.php 1 year ago login-notification.php 1 year ago rename-login-page.php 1 year ago restrict-admin-page.php 1 year ago server-error-notification.php 1 year ago two-factor-authentication.php 1 year ago unify-messages.php 2 years ago update-notice.php 2 years ago waf-engine.php 1 year ago waf.php 1 year ago
common.php
297 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once ABSPATH . 'wp-admin/includes/plugin.php';
8 require_once ABSPATH . 'wp-includes/pluggable.php';
9
10 class CloudSecureWP_Common {
11 public const MESSAGES = array(
12 'error_multisite' => 'WordPressマルチサイトには対応していません',
13 'error_htaccess_update' => '.htaccessファイルの更新に失敗しました',
14 'error_conflict_plugin' => '競合するプラグインが有効化されています',
15 );
16
17 public const CONFLICT_PLUGINS = array(
18 array(
19 'name' => 'SiteGuard WP Plugin',
20 'path' => 'siteguard/siteguard.php',
21 ),
22 );
23
24 public const PAGE_404 = 'cloudsecurewp_404';
25 protected const LOGIN_STATUS_SUCCESS = 1;
26 protected const LOGIN_STATUS_FAILED = 2;
27 protected const LOGIN_STATUS_DISABLED = 3;
28 protected const LOGIN_STATUS_DATAS = array(
29 self::LOGIN_STATUS_SUCCESS => '成功',
30 self::LOGIN_STATUS_FAILED => '失敗',
31 self::LOGIN_STATUS_DISABLED => '無効',
32 );
33 protected $info;
34
35 function __construct( array $info ) {
36 $this->info = $info;
37 }
38
39 /**
40 * エラーログ出力
41 *
42 * @param string $msg
43 * @param string $tag
44 * @return bool
45 */
46 protected function error_log( string $msg, string $tag = '' ): bool {
47 $file_path = $this->info['plugin_path'] . 'log/' . date_i18n( 'Ymd_' ) . 'error.log';
48
49 if ( '' !== $tag ) {
50 $tag = '[' . $tag . '] ';
51 } else {
52 $tag = ' ';
53 }
54
55 if ( false === file_put_contents( $file_path, '[' . date_i18n( 'His' ) . ']' . $tag . $msg . "\n", FILE_APPEND | LOCK_EX ) ) {
56 return false;
57 }
58 return true;
59 }
60
61 /**
62 * WP cron 有効判定
63 *
64 * @return bool
65 */
66 protected function cron_enabled(): bool {
67 if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) {
68 return false;
69 }
70 return true;
71 }
72
73 /**
74 * WP mail 送信
75 *
76 * @param string $to
77 * @param string $subject
78 * @param string $body
79 * @return bool
80 */
81 public function wp_send_mail( string $to, string $subject, string $body ): bool {
82 $subject = '' . get_option( 'blogname' ) . '' . $subject;
83
84 if ( @wp_mail( $to, $subject, $body ) ) {
85 return true;
86 }
87 return false;
88 }
89
90 /**
91 * クライアントIP取得
92 *
93 * @return string
94 */
95 public function get_client_ip(): string {
96 return sanitize_text_field( $_SERVER['REMOTE_ADDR'] ?? '' );
97 }
98
99 /**
100 * 競合プラグイン有効判定
101 *
102 * @return string
103 */
104 protected function get_conflict_plugin_name(): string {
105 $plugins = self::CONFLICT_PLUGINS;
106 $ret = '';
107
108 foreach ( $plugins as $plugin_row ) {
109 if ( is_plugin_active( $plugin_row['path'] ) ) {
110 $ret = $plugin_row['name'];
111 break;
112 }
113 }
114
115 return $ret;
116 }
117
118 /**
119 * 管理�
120 のユーザー�
121 報�
122 �件取得
123 */
124 public function get_admin_users(): array {
125 $args = array(
126 'role' => 'administrator',
127 'fields' => 'all',
128 );
129
130 return get_users( $args );
131 }
132
133 /**
134 * �
135 �列からテキストに変換
136 *
137 * @param array $array
138 * @return string
139 */
140 public function array2Text( array $array ): string {
141 return implode( "\n", $array );
142 }
143
144 /**
145 * 動作環境チェック
146 *
147 * @return bool
148 */
149 public function check_environment(): bool {
150 if ( ! is_multisite() ) {
151 if ( '' === $this->get_conflict_plugin_name() ) {
152 return true;
153 }
154 }
155
156 return false;
157 }
158
159 /**
160 * 機能OFF 管理画面に通知表示
161 */
162 public function prepare_admin_notices( $key_feature, $feature ) {
163 if ( ! current_user_can( 'administrator' ) ) {
164 return;
165 }
166
167 ?>
168 <div class="notice notice-error is-dismissible">
169 <p><strong>【CloudSecure WP Security】</strong></p>
170 <p>.htaccessファイルに変更が加えられたため、一時的に<strong><?php esc_html( print( $feature ) ); ?>機能</strong>を無効にしました。</p>
171 <p>再度有効にする場合は、<a href="<?php esc_html( print( admin_url( 'admin.php?page=cloudsecurewp_' . $key_feature ) ) ); ?>">設定画面</a>から機能を有効にしてください。</p>
172 </div>
173 <?php
174 }
175
176
177 /**
178 * USERAGENT 取得
179 *
180 * @return string
181 */
182 public function get_http_user_agent(): string {
183 return sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ?? '' );
184 }
185
186 /**
187 * HTTP_REFERER 取得
188 *
189 * @return string
190 */
191 public function get_http_referer(): string {
192 return sanitize_url( $_SERVER['HTTP_REFERER'] ?? '' );
193 }
194
195 /**
196 * クエリ文字列部分を除いた REQUEST_URI 取得
197 *
198 * @return string
199 */
200 public function get_request_uri(): string {
201 $request_uri = '';
202 if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
203 if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
204 $request_uri = str_replace( '?' . $_SERVER['QUERY_STRING'], '', $_SERVER['REQUEST_URI'] );
205 } else {
206 $request_uri = $_SERVER['REQUEST_URI'];
207 }
208
209 if ( false === $request_uri ) {
210 $request_uri = '';
211 }
212 }
213
214 return $request_uri;
215 }
216
217 /**
218 * REQAUEST_HEADER 取得
219 *
220 * @return array
221 */
222 public function get_http_request_headers(): array {
223 $request_headers = array();
224
225 if ( ! empty( $_SERVER ) ) {
226 foreach ( $_SERVER as $key => $value ) {
227 if ( substr( $key, 0, 5 ) === 'HTTP_' ) {
228 $request_headers[ ucwords( str_replace( '_', '-', strtolower( substr( $key, 5 ) ) ), '-' ) ] = $value;
229 }
230 }
231
232 if ( isset( $_SERVER['CONTENT_TYPE'] ) ) {
233 $request_headers['Content-Type'] = $_SERVER['CONTENT_TYPE'];
234 }
235 }
236
237 return $request_headers;
238 }
239
240 /**
241 * 年月日取得
242 *
243 * @param string $delimiter
244 * @return string
245 */
246 public function get_date( string $delimiter = '/' ): string {
247 return date_i18n( "Y{$delimiter}m{$delimiter}d" );
248 }
249
250 /**
251 * 時分秒取得
252 *
253 * @return string
254 */
255 public function get_time(): string {
256 return date_i18n( 'H:i:s' );
257 }
258
259 /**
260 * ログインステータス�
261 報取得
262 */
263 public function get_login_status_datas(): array {
264 return self::LOGIN_STATUS_DATAS;
265 }
266
267 /**
268 * 404
269 */
270 public function page404(): void {
271 $page = get_404_template();
272
273 if ( '' !== $page ) {
274 global $wp_query;
275
276 status_header( 404 );
277 nocache_headers();
278 $wp_query->set_404();
279 include $page;
280
281 } else {
282 wp_safe_redirect( home_url( self::PAGE_404 ) );
283 }
284
285 exit;
286 }
287
288 /**
289 * 403
290 */
291 public function page403(): void {
292 status_header( 403, 'Forbidden' );
293 nocache_headers();
294 exit;
295 }
296 }
297