includes
4 weeks ago
server
4 weeks ago
tests
4 weeks ago
wordpress
4 weeks ago
class-rsssl-htaccess-file-manager.php
4 weeks ago
cron.php
4 weeks ago
deactivate-integration.php
4 weeks ago
firewall-manager.php
4 weeks ago
functions.php
4 weeks ago
index.php
4 weeks ago
integrations.php
4 weeks ago
notices.php
4 weeks ago
security.php
4 weeks ago
sync-settings.php
4 weeks ago
tests.php
4 weeks ago
integrations.php
172 lines
| 1 | <?php |
| 2 | defined( 'ABSPATH' ) or die(); |
| 3 | global $rsssl_integrations_list; |
| 4 | $rsssl_integrations_list = apply_filters( 'rsssl_integrations', array( |
| 5 | 'user-registration' => array( |
| 6 | 'folder' => 'wordpress', |
| 7 | 'option_id' => 'disable_anyone_can_register', |
| 8 | ), |
| 9 | |
| 10 | 'file-editing' => array( |
| 11 | 'folder' => 'wordpress', |
| 12 | 'option_id' => 'disable_file_editing', |
| 13 | ), |
| 14 | |
| 15 | 'hide-wp-version' => array( |
| 16 | 'folder' => 'wordpress', |
| 17 | 'option_id' => 'hide_wordpress_version', |
| 18 | ), |
| 19 | |
| 20 | 'user-enumeration' => array( |
| 21 | 'folder' => 'wordpress', |
| 22 | 'option_id' => 'disable_user_enumeration', |
| 23 | ), |
| 24 | |
| 25 | 'block-code-execution-uploads' => array( |
| 26 | 'folder' => 'wordpress', |
| 27 | 'impact' => 'medium', |
| 28 | 'risk' => 'low', |
| 29 | 'option_id' => 'block_code_execution_uploads', |
| 30 | ), |
| 31 | |
| 32 | 'prevent-login-info-leakage' => array( |
| 33 | 'folder' => 'wordpress', |
| 34 | 'option_id' => 'disable_login_feedback', |
| 35 | ), |
| 36 | 'disable-indexing' => array( |
| 37 | 'folder' => 'server', |
| 38 | 'option_id' => 'disable_indexing', |
| 39 | 'has_deactivation' => true, |
| 40 | ), |
| 41 | |
| 42 | 'rename-admin-user' => array( |
| 43 | 'folder' => 'wordpress', |
| 44 | 'option_id' => 'rename_admin_user', |
| 45 | ), |
| 46 | 'display-name-is-login-name' => array( |
| 47 | 'folder' => 'wordpress', |
| 48 | 'option_id' => 'block_display_is_login', |
| 49 | ), |
| 50 | |
| 51 | 'disable-xmlrpc' => array( |
| 52 | 'folder' => 'wordpress', |
| 53 | 'option_id' => 'disable_xmlrpc', |
| 54 | 'always_include' => false, |
| 55 | ), |
| 56 | 'class-rsssl-two-factor' => array( |
| 57 | 'folder' => 'wordpress/two-fa', |
| 58 | 'option_id' => 'login_protection_enabled', |
| 59 | 'always_include' => false, |
| 60 | ), |
| 61 | ) ); |
| 62 | |
| 63 | /** |
| 64 | * Check if this plugin's integration is enabled |
| 65 | * @param string $plugin |
| 66 | * @param array $details |
| 67 | * |
| 68 | * @return bool |
| 69 | */ |
| 70 | if ( ! function_exists('rsssl_is_integration_enabled') ) { |
| 71 | function rsssl_is_integration_enabled( $plugin, $details ) { |
| 72 | global $rsssl_integrations_list; |
| 73 | if ( ! array_key_exists( $plugin, $rsssl_integrations_list ) ) { |
| 74 | return false; |
| 75 | } |
| 76 | if ( $details['always_include'] ) { |
| 77 | return true; |
| 78 | } |
| 79 | |
| 80 | //if an integration was just enabled, we keep it enabled until it removes itself from the list. |
| 81 | //only for admin users |
| 82 | if ( rsssl_is_in_deactivation_list( $plugin ) ) { |
| 83 | return true; |
| 84 | } |
| 85 | |
| 86 | $field_id = $details['option_id'] ?? false; |
| 87 | if ( ! $field_id ) { |
| 88 | return false; |
| 89 | } |
| 90 | |
| 91 | $field_value = $details['option_value'] ?? false; |
| 92 | $stored_value = rsssl_get_option( $field_id ); |
| 93 | if ( $field_value ) { |
| 94 | $invert = false; |
| 95 | $condition_met = false; |
| 96 | if (strpos($field_value, 'NOT') === 0) { |
| 97 | $invert = true; |
| 98 | $field_value = str_replace( 'NOT ', '', $field_value); |
| 99 | } |
| 100 | if ( $stored_value === $field_value ) { |
| 101 | $condition_met = true; |
| 102 | } |
| 103 | if ( $invert ) { |
| 104 | $condition_met = !$condition_met; |
| 105 | } |
| 106 | return $condition_met; |
| 107 | } else if ( $stored_value ) { |
| 108 | return true; |
| 109 | } |
| 110 | |
| 111 | return false; |
| 112 | } |
| 113 | } |
| 114 | /** |
| 115 | * code loaded without privileges to allow integrations between plugins and services, when enabled. |
| 116 | */ |
| 117 | if ( ! function_exists('rsssl_integrations') ) { |
| 118 | function rsssl_integrations() { |
| 119 | |
| 120 | $safe_mode = defined( 'RSSSL_SAFE_MODE' ) && RSSSL_SAFE_MODE; |
| 121 | |
| 122 | global $rsssl_integrations_list; |
| 123 | foreach ( $rsssl_integrations_list as $plugin => $details ) { |
| 124 | $details = wp_parse_args( $details, |
| 125 | [ |
| 126 | 'option_id' => false, |
| 127 | 'always_include' => false, |
| 128 | 'folder' => false, |
| 129 | 'admin_only' => false, |
| 130 | 'is_pro' => false, |
| 131 | ] |
| 132 | ); |
| 133 | |
| 134 | if ( $details['admin_only'] && ! rsssl_admin_logged_in() ) { |
| 135 | continue; |
| 136 | } |
| 137 | |
| 138 | if ( rsssl_is_integration_enabled( $plugin, $details ) ) { |
| 139 | $path = apply_filters( 'rsssl_integrations_path', rsssl_path, $plugin, $details ); |
| 140 | |
| 141 | $file = $path . 'security/' . $details['folder'] . "/" . $plugin . '.php'; |
| 142 | if ( ! file_exists( $file ) && $safe_mode ) { |
| 143 | continue; |
| 144 | } |
| 145 | require_once( $file ); |
| 146 | } |
| 147 | } |
| 148 | } |
| 149 | } |
| 150 | add_action( 'plugins_loaded', 'rsssl_integrations', 10 ); |
| 151 | add_action( 'rsssl_after_saved_fields', 'rsssl_integrations', 20 ); |
| 152 | |
| 153 | /** |
| 154 | * Check if a plugin is on the deactivation list |
| 155 | * |
| 156 | * @param string $plugin |
| 157 | * |
| 158 | * @return bool |
| 159 | */ |
| 160 | if ( ! function_exists('rsssl_is_in_deactivation_list') ) { |
| 161 | function rsssl_is_in_deactivation_list( string $plugin ): bool { |
| 162 | if ( ! is_admin() || ! is_user_logged_in() ) { |
| 163 | return false; |
| 164 | } |
| 165 | |
| 166 | if ( ! is_array( get_option( 'rsssl_deactivate_list', [] ) ) ) { |
| 167 | delete_option( 'rsssl_deactivate_list' ); |
| 168 | } |
| 169 | |
| 170 | return in_array( $plugin, get_option( 'rsssl_deactivate_list', [] ) ); |
| 171 | } |
| 172 | } |