PluginProbe ʕ •ᴥ•ʔ
SiteGuard WP Plugin / 1.0.4
SiteGuard WP Plugin v1.0.4
1.8.6 1.8.6-beta1 1.8.6-beta2 1.8.4 1.8.5 1.8.3 1.8.2 1.8.1 trunk 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.2.0 1.2.1 1.2.2 1.2.3 1.4.3 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.7.0 1.7.1 1.7.10 1.7.11 1.7.12 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.0-beta1 1.8.0-beta2 1.8.0-beta3 1.8.0-beta4
siteguard / classes / siteguard-admin-filter.php
siteguard / classes Last commit date
siteguard-admin-filter.php 11 years ago siteguard-base.php 11 years ago siteguard-captcha.php 11 years ago siteguard-config.php 11 years ago siteguard-disable-pingback.php 11 years ago siteguard-htaccess.php 11 years ago siteguard-login-history.php 11 years ago siteguard-login-lock.php 11 years ago siteguard-rename-login.php 11 years ago siteguard-waf-exclude-rule.php 11 years ago
siteguard-admin-filter.php
113 lines
1 <?php
2
3 class SiteGuard_AdminFilter extends SiteGuard_Base {
4 public static $htaccess_mark = '#==== SITEGUARD_ADMIN_FILTER_SETTINGS';
5
6 function __construct( ) {
7 define( 'SITEGUARD_TABLE_LOGIN', 'siteguard_login' );
8 add_action( 'wp_login', array( $this, 'handler_wp_login' ), 1, 2 );
9 }
10 function get_mark( ) {
11 return SiteGuard_AdminFilter::$htaccess_mark;
12 }
13 function init( ) {
14 global $wpdb, $config;
15 $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN;
16 $sql = 'CREATE TABLE ' . $table_name . " (
17 ip_address varchar(40) NOT NULL DEFAULT '',
18 status INT NOT NULL DEFAULT 0,
19 count INT NOT NULL DEFAULT 0,
20 last_login_time datetime,
21 UNIQUE KEY ip_address (ip_address)
22 )
23 CHARACTER SET 'utf8';";
24 require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
25 dbDelta( $sql );
26 $config->set( 'admin_filter_exclude_path', 'css,images,admin-ajax.php' );
27 if ( $this->check_module( 'rewrite' ) ) {
28 $config->set( 'admin_filter_enable', '1' );
29 $config->update( );
30 $this->feature_on( $_SERVER['REMOTE_ADDR'] );
31 } else {
32 $config->set( 'admin_filter_enable', '0' );
33 $config->update( );
34 }
35 }
36 function handler_wp_login( $login, $current_user ) {
37 global $htaccess, $config;
38
39 if ( '' == $current_user->user_login ) {
40 return;
41 }
42 if ( 1 == $config->get( 'admin_filter_enable' ) ) {
43 $this->feature_on( $_SERVER['REMOTE_ADDR'] );
44 }
45 }
46 function cvt_exclude( $exclude ) {
47 return str_replace( ',', '|', $exclude );
48 }
49 function update_settings( $ip_address ) {
50 global $wpdb, $config;
51 $htaccess_str = '';
52 $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN;
53 $exclude_path = $config->get( 'admin_filter_exclude_path' );
54
55 $now_str = current_time( 'mysql' );
56 $now_bin = strtotime( $now_str );
57
58 $wpdb->query( 'START TRANSACTION' );
59 $wpdb->query( "DELETE FROM $table_name WHERE status = 1 AND last_login_time < SYSDATE() - INTERVAL 1 DAY;" );
60 $data = array(
61 'ip_address' => $ip_address,
62 'status' => 1,
63 'count' => 0,
64 'last_login_time' => $now_str,
65 );
66 $result = $wpdb->get_row( $wpdb->prepare( "SELECT status from $table_name WHERE ip_address = %s", $ip_address ) );
67 if ( null == $result ) {
68 $wpdb->insert( $table_name, $data );
69 } else {
70 $wpdb->update( $table_name, $data, array( 'ip_address' => $ip_address ) );
71 }
72 $parse_url = parse_url( site_url( ) );
73 if ( false == $parse_url ) {
74 $base = '/';
75 } else {
76 if ( isset( $parse_url['path'] ) ) {
77 $base = $parse_url['path'] . '/';
78 } else {
79 $base = '/';
80 }
81 }
82 $htaccess_str .= "<IfModule mod_rewrite.c>\n";
83 $htaccess_str .= " RewriteEngine on\n";
84 $htaccess_str .= " RewriteBase $base\n";
85 $htaccess_str .= " RewriteRule ^404-siteguard - [L] /\n";
86 $htaccess_str .= ' RewriteCond %{REMOTE_ADDR} !(127.0.0.1|'. $_SERVER['SERVER_ADDR'] . ")\n";
87 $results = $wpdb->get_col( "SELECT ip_address FROM $table_name;" );
88 if ( $results ) {
89 foreach ( $results as $ip ) {
90 $htaccess_str .= ' RewriteCond %{REMOTE_ADDR} !' . $ip . "\n";
91 }
92 }
93 $htaccess_str .= ' RewriteRule wp-admin/(?!'.$this->cvt_exclude( $exclude_path ).")(.*) 404-siteguard [L]\n";
94 $htaccess_str .= "</IfModule>\n";
95
96 $wpdb->query( 'COMMIT' );
97
98 return $htaccess_str;
99 }
100 function feature_on( $ip_addres ) {
101 global $htaccess, $config;
102 $mark = $this->get_mark( );
103 $data = $this->update_settings( $ip_addres );
104 $htaccess->update_settings( $mark, $data );
105 }
106 function feature_off( ) {
107 $mark = SiteGuard_AdminFilter::get_mark( );
108 SiteGuard_Htaccess::clear_settings( $mark );
109 }
110 }
111
112 ?>
113