siteguard-admin-filter.php
11 years ago
siteguard-base.php
11 years ago
siteguard-captcha.php
11 years ago
siteguard-config.php
11 years ago
siteguard-disable-pingback.php
11 years ago
siteguard-htaccess.php
11 years ago
siteguard-login-history.php
11 years ago
siteguard-login-lock.php
11 years ago
siteguard-rename-login.php
11 years ago
siteguard-waf-exclude-rule.php
11 years ago
siteguard-htaccess.php
195 lines
| 1 | <?php |
| 2 | |
| 3 | class SiteGuard_Htaccess extends SiteGuard_Base { |
| 4 | public static $htaccess_mark_start = '#SITEGUARD_PLUGIN_SETTINGS_START'; |
| 5 | public static $htaccess_mark_end = '#SITEGUARD_PLUGIN_SETTINGS_END'; |
| 6 | |
| 7 | function __construct( ) { |
| 8 | } |
| 9 | static function get_htaccess_file( ) { |
| 10 | return ABSPATH.'.htaccess'; |
| 11 | } |
| 12 | static function get_tmp_dir( ) { |
| 13 | return SITEGUARD_PATH . 'tmp/'; |
| 14 | } |
| 15 | static function get_htaccess_new_file( ) { |
| 16 | return tempnam( SiteGuard_Htaccess::get_tmp_dir( ), 'htaccess_' ); |
| 17 | } |
| 18 | static function make_tmp_dir( ) { |
| 19 | $dir = SiteGuard_Htaccess::get_tmp_dir( ); |
| 20 | if ( ! wp_mkdir_p( $dir ) ) { |
| 21 | siteguard_error_log( "make tempdir failed: $dir" ); |
| 22 | return false; |
| 23 | } |
| 24 | $htaccess_file = $dir . '.htaccess'; |
| 25 | |
| 26 | if ( file_exists( $htaccess_file ) ) { |
| 27 | return true; |
| 28 | } |
| 29 | |
| 30 | if ( $handle = @fopen( $htaccess_file, 'w' ) ) { |
| 31 | fwrite( $handle, 'Order deny,allow' . "\n" ); |
| 32 | fwrite( $handle, 'Deny from all' . "\n" ); |
| 33 | fclose( $handle ); |
| 34 | } |
| 35 | |
| 36 | return true; |
| 37 | } |
| 38 | function clear_settings( $mark ) { |
| 39 | if ( ! SiteGuard_Htaccess::make_tmp_dir( ) ) { |
| 40 | return false; |
| 41 | } |
| 42 | if ( '' == $mark ) { |
| 43 | $mark_start = SiteGuard_Htaccess::$htaccess_mark_start; |
| 44 | $mark_end = SiteGuard_Htaccess::$htaccess_mark_end; |
| 45 | } else { |
| 46 | $mark_start = $mark . '_START'; |
| 47 | $mark_end = $mark . '_END'; |
| 48 | } |
| 49 | $flag_settings = false; |
| 50 | $current_file = SiteGuard_Htaccess::get_htaccess_file( ); |
| 51 | if ( ! file_exists( $current_file ) ) { |
| 52 | @touch( $current_file ); |
| 53 | @chmod( $current_file, 0604 ); |
| 54 | } |
| 55 | $fr = @fopen( $current_file, 'r' ); |
| 56 | if ( null == $fr ) { |
| 57 | siteguard_error_log( "fopen failed: $current_file" ); |
| 58 | return false; |
| 59 | } |
| 60 | $new_file = SiteGuard_Htaccess::get_htaccess_new_file( ); |
| 61 | $fw = @fopen( $new_file, 'w' ); |
| 62 | if ( null == $fw ) { |
| 63 | siteguard_error_log( "fopen failed: $new_file" ); |
| 64 | return false; |
| 65 | } |
| 66 | while ( ! feof( $fr ) ) { |
| 67 | $line = fgets( $fr, 4096 ); |
| 68 | if ( false !== strpos( $line, $mark_start ) ) { |
| 69 | $flag_settings = true; |
| 70 | } |
| 71 | if ( false == $flag_settings ) { |
| 72 | fputs( $fw, $line, 4096 ); |
| 73 | } |
| 74 | if ( true == $flag_settings && false !== strpos( $line, $mark_end ) ) { |
| 75 | $flag_settings = false; |
| 76 | } |
| 77 | } |
| 78 | fclose( $fr ); |
| 79 | fclose( $fw ); |
| 80 | @chmod( $new_file, 0604 ); |
| 81 | if ( ! rename( $new_file, $current_file ) ) { |
| 82 | siteguard_error_log( "rename failed: $new_file $current_file" ); |
| 83 | return false; |
| 84 | } |
| 85 | return true; |
| 86 | } |
| 87 | function update_settings( $mark, $data ) { |
| 88 | if ( ! SiteGuard_Htaccess::make_tmp_dir( ) ) { |
| 89 | return false; |
| 90 | } |
| 91 | $flag_write = false; |
| 92 | $flag_through = true; |
| 93 | $flag_wp = false; |
| 94 | $flag_wp_set = false; |
| 95 | $wp_settings = ''; |
| 96 | $mark_start = $mark . '_START'; |
| 97 | $mark_end = $mark . '_END'; |
| 98 | $mark_wp_start = '# BEGIN WordPress'; |
| 99 | $mark_wp_end = '# END WordPress'; |
| 100 | $current_file = SiteGuard_Htaccess::get_htaccess_file( ); |
| 101 | if ( ! file_exists( $current_file ) ) { |
| 102 | @touch( $current_file ); |
| 103 | @chmod( $current_file, 0604 ); |
| 104 | } |
| 105 | if ( ! is_readable( $current_file ) ) { |
| 106 | siteguard_error_log( "file not readable: $current_file" ); |
| 107 | return false; |
| 108 | } |
| 109 | $fr = @fopen( $current_file, 'r' ); |
| 110 | if ( null == $fr ) { |
| 111 | siteguard_error_log( "fopen failed: $current_file" ); |
| 112 | return false; |
| 113 | } |
| 114 | $new_file = SiteGuard_Htaccess::get_htaccess_new_file( ); |
| 115 | if ( ! is_writable( $new_file ) ) { |
| 116 | siteguard_error_log( "file not writable: $new_file" ); |
| 117 | return false; |
| 118 | } |
| 119 | $fw = @fopen( $new_file, 'w' ); |
| 120 | if ( null == $fw ) { |
| 121 | siteguard_error_log( "fopen failed: $new_file" ); |
| 122 | return false; |
| 123 | } |
| 124 | while ( ! feof( $fr ) ) { |
| 125 | $line = fgets( $fr, 4096 ); |
| 126 | |
| 127 | // Save WordPress settings. |
| 128 | // WordPress settings has to be written after SiteGuard settings. |
| 129 | if ( false == $flag_write && false == $flag_wp_set && false !== strpos( $line, $mark_wp_start ) ) { |
| 130 | $flag_wp = true; |
| 131 | $flag_wp_set = true; |
| 132 | } |
| 133 | if ( $flag_wp_set ) { |
| 134 | $wp_settings .= $line; |
| 135 | if ( false !== strpos( $line, $mark_wp_end ) ) { |
| 136 | $flag_wp_set = false; |
| 137 | } |
| 138 | continue; |
| 139 | } |
| 140 | |
| 141 | if ( false !== strpos( $line, $mark_start ) ) { |
| 142 | fwrite( $fw, $line , strlen( $line ) ); |
| 143 | fwrite( $fw, $data, strlen( $data ) ); |
| 144 | $flag_write = true; |
| 145 | $flag_through = false; |
| 146 | continue; |
| 147 | } |
| 148 | if ( false == $flag_write && false !== strpos( $line, SiteGuard_Htaccess::$htaccess_mark_end ) ) { |
| 149 | fwrite( $fw, $mark_start . "\n", strlen( $mark_start ) + 1 ); |
| 150 | fwrite( $fw, $data, strlen( $data ) ); |
| 151 | fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 ); |
| 152 | $flag_write = true; |
| 153 | } |
| 154 | if ( false == $flag_through && false !== strpos( $line, $mark_end ) ) { |
| 155 | $flag_through = true; |
| 156 | } |
| 157 | if ( $flag_through ) { |
| 158 | fwrite( $fw, $line, strlen( $line ) ); |
| 159 | if ( false == $flag_wp && false !== strpos( $line, $mark_wp_start ) ) { |
| 160 | $flag_wp = true; |
| 161 | } |
| 162 | } |
| 163 | } |
| 164 | if ( false == $flag_write ) { |
| 165 | fwrite( $fw, SiteGuard_Htaccess::$htaccess_mark_start . "\n", strlen( SiteGuard_Htaccess::$htaccess_mark_start ) + 1 ); |
| 166 | fwrite( $fw, $mark_start . "\n", strlen( $mark_start ) + 1 ); |
| 167 | fwrite( $fw, $data, strlen( $data ) ); |
| 168 | fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 ); |
| 169 | fwrite( $fw, SiteGuard_Htaccess::$htaccess_mark_end . "\n", strlen( SiteGuard_Htaccess::$htaccess_mark_end ) + 1 ); |
| 170 | } |
| 171 | // Write saved WordPress Settings |
| 172 | if ( '' != $wp_settings ) { |
| 173 | fwrite( $fw, "\n", 1 ); |
| 174 | fwrite( $fw, $wp_settings, strlen ( $wp_settings ) ); |
| 175 | fwrite( $fw, "\n", 1 ); |
| 176 | // Write empty WordPress Settings |
| 177 | } else if ( false == $flag_wp ) { |
| 178 | fwrite( $fw, "\n", 1 ); |
| 179 | fwrite( $fw, $mark_wp_start . "\n", strlen ( $mark_wp_start ) + 1 ); |
| 180 | fwrite( $fw, $mark_wp_end . "\n", strlen ( $mark_wp_end ) + 1 ); |
| 181 | fwrite( $fw, "\n", 1 ); |
| 182 | } |
| 183 | fclose( $fr ); |
| 184 | fclose( $fw ); |
| 185 | @chmod( $new_file, 0604 ); |
| 186 | if ( ! rename( $new_file, $current_file ) ) { |
| 187 | siteguard_error_log( "rename failed: $new_file $current_file" ); |
| 188 | return false; |
| 189 | } |
| 190 | return true; |
| 191 | } |
| 192 | } |
| 193 | |
| 194 | ?> |
| 195 |