PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.8
CloudSecure WP Security v1.4.8
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / common.php
cloudsecure-wp-security / modules Last commit date
admin 2 months ago cli 2 months ago lib 3 months ago captcha.php 3 months ago cloudsecure-wp.php 2 months ago common.php 2 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 2 months ago disable-restapi.php 2 months ago disable-xmlrpc.php 1 year ago htaccess.php 3 months ago login-log.php 2 months ago login-notification.php 1 year ago rename-login-page.php 3 months ago restrict-admin-page.php 3 months ago server-error-notification.php 2 months ago two-factor-authentication.php 2 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 3 months ago waf.php 2 months ago
common.php
305 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once ABSPATH . 'wp-admin/includes/plugin.php';
8 require_once ABSPATH . 'wp-includes/pluggable.php';
9
10 class CloudSecureWP_Common {
11 public const MESSAGES = array(
12 'error_multisite' => 'WordPressマルチサイトには対応していません',
13 'error_htaccess_update' => '.htaccessファイルの更新に失敗しました',
14 'error_conflict_plugin' => '競合するプラグインが有効化されています',
15 );
16
17 public const CONFLICT_PLUGINS = array(
18 array(
19 'name' => 'SiteGuard WP Plugin',
20 'path' => 'siteguard/siteguard.php',
21 ),
22 );
23
24 public const PAGE_404 = 'cloudsecurewp_404';
25 protected const LOGIN_STATUS_SUCCESS = 1;
26 protected const LOGIN_STATUS_FAILED = 2;
27 protected const LOGIN_STATUS_DISABLED = 3;
28 protected const LOGIN_STATUS_DATAS = array(
29 self::LOGIN_STATUS_SUCCESS => '成功',
30 self::LOGIN_STATUS_FAILED => '失敗',
31 self::LOGIN_STATUS_DISABLED => '無効',
32 );
33
34 protected const METHOD_PAGE = 1;
35 protected const METHOD_XMLRPC = 2;
36 protected const METHODS = array(
37 self::METHOD_PAGE => 'ログインページ',
38 self::METHOD_XMLRPC => 'XML-RPC',
39 );
40 protected $info;
41
42 function __construct( array $info ) {
43 $this->info = $info;
44 }
45
46 /**
47 * エラーログ出力
48 *
49 * @param string $msg
50 * @param string $tag
51 * @return bool
52 */
53 protected function error_log( string $msg, string $tag = '' ): bool {
54 $file_path = $this->info['plugin_path'] . 'log/' . date_i18n( 'Ymd_' ) . 'error.log';
55
56 if ( '' !== $tag ) {
57 $tag = '[' . $tag . '] ';
58 } else {
59 $tag = ' ';
60 }
61
62 $msg = str_replace( array( "\r\n", "\r", "\n" ), ' ', $msg );
63 if ( false === file_put_contents( $file_path, '[' . date_i18n( 'His' ) . ']' . $tag . $msg . "\n", FILE_APPEND | LOCK_EX ) ) {
64 return false;
65 }
66 return true;
67 }
68
69 /**
70 * WP cron 有効判定
71 *
72 * @return bool
73 */
74 protected function cron_enabled(): bool {
75 if ( defined( 'DISABLE_WP_CRON' ) && DISABLE_WP_CRON ) {
76 return false;
77 }
78 return true;
79 }
80
81 /**
82 * WP mail 送信
83 *
84 * @param string $to
85 * @param string $subject
86 * @param string $body
87 * @return bool
88 */
89 public function wp_send_mail( string $to, string $subject, string $body ): bool {
90 $subject = '' . get_option( 'blogname' ) . '' . $subject . '|CloudSecure WP Security';
91
92 if ( @wp_mail( $to, $subject, $body ) ) {
93 return true;
94 }
95 return false;
96 }
97
98 /**
99 * クライアントIP取得
100 *
101 * @return string
102 */
103 public function get_client_ip(): string {
104 return sanitize_text_field( $_SERVER['REMOTE_ADDR'] ?? '' );
105 }
106
107 /**
108 * 競合プラグイン有効判定
109 *
110 * @return string
111 */
112 protected function get_conflict_plugin_name(): string {
113 $plugins = self::CONFLICT_PLUGINS;
114 $ret = '';
115
116 foreach ( $plugins as $plugin_row ) {
117 if ( is_plugin_active( $plugin_row['path'] ) ) {
118 $ret = $plugin_row['name'];
119 break;
120 }
121 }
122
123 return $ret;
124 }
125
126 /**
127 * 管理�
128 のユーザー�
129 報�
130 �件取得
131 */
132 public function get_admin_users(): array {
133 $args = array(
134 'role' => 'administrator',
135 'fields' => 'all',
136 );
137
138 return get_users( $args );
139 }
140
141 /**
142 * �
143 �列からテキストに変換
144 *
145 * @param array $array
146 * @return string
147 */
148 public function array2Text( array $array ): string {
149 return implode( "\n", $array );
150 }
151
152 /**
153 * 動作環境チェック
154 *
155 * @return bool
156 */
157 public function check_environment(): bool {
158 if ( ! is_multisite() ) {
159 if ( '' === $this->get_conflict_plugin_name() ) {
160 return true;
161 }
162 }
163
164 return false;
165 }
166
167 /**
168 * 機能OFF 管理画面に通知表示
169 */
170 public function prepare_admin_notices( $key_feature, $feature ) {
171 if ( ! current_user_can( 'administrator' ) ) {
172 return;
173 }
174
175 ?>
176 <div class="notice notice-error is-dismissible">
177 <p><strong>【CloudSecure WP Security】</strong></p>
178 <p>.htaccessファイルに変更が加えられたため、一時的に<strong><?php echo esc_html( $feature ); ?>機能</strong>を無効にしました。</p>
179 <p>再度有効にする場合は、<a href="<?php echo esc_url( admin_url( 'admin.php?page=cloudsecurewp_' . $key_feature ) ); ?>">設定画面</a>から機能を有効にしてください。</p>
180 </div>
181 <?php
182 }
183
184
185 /**
186 * USERAGENT 取得
187 *
188 * @return string
189 */
190 public function get_http_user_agent(): string {
191 return sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ?? '' );
192 }
193
194 /**
195 * HTTP_REFERER 取得
196 *
197 * @return string
198 */
199 public function get_http_referer(): string {
200 return sanitize_url( $_SERVER['HTTP_REFERER'] ?? '' );
201 }
202
203 /**
204 * クエリ文字列部分を除いた REQUEST_URI 取得
205 *
206 * @return string
207 */
208 public function get_request_uri(): string {
209 $request_uri = '';
210 if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
211 if ( ! empty( $_SERVER['QUERY_STRING'] ) ) {
212 $request_uri = str_replace( '?' . $_SERVER['QUERY_STRING'], '', $_SERVER['REQUEST_URI'] );
213 } else {
214 $request_uri = $_SERVER['REQUEST_URI'];
215 }
216
217 if ( false === $request_uri ) {
218 $request_uri = '';
219 }
220 }
221
222 return $request_uri;
223 }
224
225 /**
226 * REQAUEST_HEADER 取得
227 *
228 * @return array
229 */
230 public function get_http_request_headers(): array {
231 $request_headers = array();
232
233 if ( ! empty( $_SERVER ) ) {
234 foreach ( $_SERVER as $key => $value ) {
235 if ( substr( $key, 0, 5 ) === 'HTTP_' ) {
236 $request_headers[ ucwords( str_replace( '_', '-', strtolower( substr( $key, 5 ) ) ), '-' ) ] = $value;
237 }
238 }
239
240 if ( isset( $_SERVER['CONTENT_TYPE'] ) ) {
241 $request_headers['Content-Type'] = $_SERVER['CONTENT_TYPE'];
242 }
243 }
244
245 return $request_headers;
246 }
247
248 /**
249 * 年月日取得
250 *
251 * @param string $delimiter
252 * @return string
253 */
254 public function get_date( string $delimiter = '/' ): string {
255 return date_i18n( "Y{$delimiter}m{$delimiter}d" );
256 }
257
258 /**
259 * 時分秒取得
260 *
261 * @return string
262 */
263 public function get_time(): string {
264 return date_i18n( 'H:i:s' );
265 }
266
267 /**
268 * ログインステータス�
269 報取得
270 */
271 public function get_login_status_datas(): array {
272 return self::LOGIN_STATUS_DATAS;
273 }
274
275 /**
276 * 404
277 */
278 public function page404(): void {
279 $page = get_404_template();
280
281 if ( '' !== $page ) {
282 global $wp_query;
283
284 status_header( 404 );
285 nocache_headers();
286 $wp_query->set_404();
287 include $page;
288
289 } else {
290 wp_safe_redirect( home_url( self::PAGE_404 ) );
291 }
292
293 exit;
294 }
295
296 /**
297 * 403
298 */
299 public function page403(): void {
300 status_header( 403, 'Forbidden' );
301 nocache_headers();
302 exit;
303 }
304 }
305