PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.3
CloudSecure WP Security v1.4.3
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / common.php
cloudsecure-wp-security / modules Last commit date
admin 4 months ago cli 8 months ago lib 4 months ago captcha.php 2 years ago cloudsecure-wp.php 4 months ago common.php 4 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 1 year ago disable-restapi.php 7 months ago disable-xmlrpc.php 1 year ago htaccess.php 5 months ago login-log.php 4 months ago login-notification.php 1 year ago rename-login-page.php 1 year ago restrict-admin-page.php 10 months ago server-error-notification.php 1 year ago two-factor-authentication.php 4 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 4 months ago waf.php 4 months ago
common.php
304 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once ABSPATH . 'wp-admin/includes/plugin.php';
8 require_once ABSPATH . 'wp-includes/pluggable.php';
9
10 class CloudSecureWP_Common {
11 public const MESSAGES = array(
12 'error_multisite' => 'WordPressマルチサイトには対応していません',
13 'error_htaccess_update' => '.htaccessファイルの更新に失敗しました',
14 'error_conflict_plugin' => '競合するプラグインが有効化されています',
15 );
16
17 public const CONFLICT_PLUGINS = array(
18 array(
19 'name' => 'SiteGuard WP Plugin',
20 'path' => 'siteguard/siteguard.php',
21 ),
22 );
23
24 public const PAGE_404 = 'cloudsecurewp_404';
25 protected const LOGIN_STATUS_SUCCESS = 1;
26 protected const LOGIN_STATUS_FAILED = 2;
27 protected const LOGIN_STATUS_DISABLED = 3;
28 protected const LOGIN_STATUS_DATAS = array(
29 self::LOGIN_STATUS_SUCCESS => '成功',
30 self::LOGIN_STATUS_FAILED => '失敗',
31 self::LOGIN_STATUS_DISABLED => '無効',
32 );
33
34 protected const METHOD_PAGE = 1;
35 protected const METHOD_XMLRPC = 2;
36 protected const METHODS = array(
37 self::METHOD_PAGE => 'ログインページ',
38 self::METHOD_XMLRPC => 'XML-RPC',
39 );
40 protected $info;
41
42 function __construct( array $info ) {
43 $this->info = $info;
44 }
45
46 /**
47 * エラーログ出力
48 *
49 * @param string $msg
50 * @param string $tag
51 * @return bool
52 */
53 protected function error_log( string $msg, string $tag = '' ): bool {
54 $file_path = $this->info['plugin_path'] . 'log/' . date_i18n( 'Ymd_' ) . 'error.log';
55
56 if ( '' !== $tag ) {
57 $tag = '[' . $tag . '] ';
58 } else {
59 $tag = ' ';
60 }
61
62 if ( false === file_put_contents( $file_path, '[' . date_i18n( 'His' ) . ']' . $tag . $msg . "\n", FILE_APPEND | LOCK_EX ) ) {
63 return false;
64 }
65 return true;
66 }
67
68 /**
69 * WP cron 有効判定
70 *
71 * @return bool
72 */
73 protected function cron_enabled(): bool {
74 if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) {
75 return false;
76 }
77 return true;
78 }
79
80 /**
81 * WP mail 送信
82 *
83 * @param string $to
84 * @param string $subject
85 * @param string $body
86 * @return bool
87 */
88 public function wp_send_mail( string $to, string $subject, string $body ): bool {
89 $subject = '' . get_option( 'blogname' ) . '' . $subject;
90
91 if ( @wp_mail( $to, $subject, $body ) ) {
92 return true;
93 }
94 return false;
95 }
96
97 /**
98 * クライアントIP取得
99 *
100 * @return string
101 */
102 public function get_client_ip(): string {
103 return sanitize_text_field( $_SERVER['REMOTE_ADDR'] ?? '' );
104 }
105
106 /**
107 * 競合プラグイン有効判定
108 *
109 * @return string
110 */
111 protected function get_conflict_plugin_name(): string {
112 $plugins = self::CONFLICT_PLUGINS;
113 $ret = '';
114
115 foreach ( $plugins as $plugin_row ) {
116 if ( is_plugin_active( $plugin_row['path'] ) ) {
117 $ret = $plugin_row['name'];
118 break;
119 }
120 }
121
122 return $ret;
123 }
124
125 /**
126 * 管理�
127 のユーザー�
128 報�
129 �件取得
130 */
131 public function get_admin_users(): array {
132 $args = array(
133 'role' => 'administrator',
134 'fields' => 'all',
135 );
136
137 return get_users( $args );
138 }
139
140 /**
141 * �
142 �列からテキストに変換
143 *
144 * @param array $array
145 * @return string
146 */
147 public function array2Text( array $array ): string {
148 return implode( "\n", $array );
149 }
150
151 /**
152 * 動作環境チェック
153 *
154 * @return bool
155 */
156 public function check_environment(): bool {
157 if ( ! is_multisite() ) {
158 if ( '' === $this->get_conflict_plugin_name() ) {
159 return true;
160 }
161 }
162
163 return false;
164 }
165
166 /**
167 * 機能OFF 管理画面に通知表示
168 */
169 public function prepare_admin_notices( $key_feature, $feature ) {
170 if ( ! current_user_can( 'administrator' ) ) {
171 return;
172 }
173
174 ?>
175 <div class="notice notice-error is-dismissible">
176 <p><strong>【CloudSecure WP Security】</strong></p>
177 <p>.htaccessファイルに変更が加えられたため、一時的に<strong><?php esc_html( print( $feature ) ); ?>機能</strong>を無効にしました。</p>
178 <p>再度有効にする場合は、<a href="<?php esc_html( print( admin_url( 'admin.php?page=cloudsecurewp_' . $key_feature ) ) ); ?>">設定画面</a>から機能を有効にしてください。</p>
179 </div>
180 <?php
181 }
182
183
184 /**
185 * USERAGENT 取得
186 *
187 * @return string
188 */
189 public function get_http_user_agent(): string {
190 return sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ?? '' );
191 }
192
193 /**
194 * HTTP_REFERER 取得
195 *
196 * @return string
197 */
198 public function get_http_referer(): string {
199 return sanitize_url( $_SERVER['HTTP_REFERER'] ?? '' );
200 }
201
202 /**
203 * クエリ文字列部分を除いた REQUEST_URI 取得
204 *
205 * @return string
206 */
207 public function get_request_uri(): string {
208 $request_uri = '';
209 if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
210 if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
211 $request_uri = str_replace( '?' . $_SERVER['QUERY_STRING'], '', $_SERVER['REQUEST_URI'] );
212 } else {
213 $request_uri = $_SERVER['REQUEST_URI'];
214 }
215
216 if ( false === $request_uri ) {
217 $request_uri = '';
218 }
219 }
220
221 return $request_uri;
222 }
223
224 /**
225 * REQAUEST_HEADER 取得
226 *
227 * @return array
228 */
229 public function get_http_request_headers(): array {
230 $request_headers = array();
231
232 if ( ! empty( $_SERVER ) ) {
233 foreach ( $_SERVER as $key => $value ) {
234 if ( substr( $key, 0, 5 ) === 'HTTP_' ) {
235 $request_headers[ ucwords( str_replace( '_', '-', strtolower( substr( $key, 5 ) ) ), '-' ) ] = $value;
236 }
237 }
238
239 if ( isset( $_SERVER['CONTENT_TYPE'] ) ) {
240 $request_headers['Content-Type'] = $_SERVER['CONTENT_TYPE'];
241 }
242 }
243
244 return $request_headers;
245 }
246
247 /**
248 * 年月日取得
249 *
250 * @param string $delimiter
251 * @return string
252 */
253 public function get_date( string $delimiter = '/' ): string {
254 return date_i18n( "Y{$delimiter}m{$delimiter}d" );
255 }
256
257 /**
258 * 時分秒取得
259 *
260 * @return string
261 */
262 public function get_time(): string {
263 return date_i18n( 'H:i:s' );
264 }
265
266 /**
267 * ログインステータス�
268 報取得
269 */
270 public function get_login_status_datas(): array {
271 return self::LOGIN_STATUS_DATAS;
272 }
273
274 /**
275 * 404
276 */
277 public function page404(): void {
278 $page = get_404_template();
279
280 if ( '' !== $page ) {
281 global $wp_query;
282
283 status_header( 404 );
284 nocache_headers();
285 $wp_query->set_404();
286 include $page;
287
288 } else {
289 wp_safe_redirect( home_url( self::PAGE_404 ) );
290 }
291
292 exit;
293 }
294
295 /**
296 * 403
297 */
298 public function page403(): void {
299 status_header( 403, 'Forbidden' );
300 nocache_headers();
301 exit;
302 }
303 }
304