PluginProbe ʕ •ᴥ•ʔ
SiteGuard WP Plugin / 1.0.4
SiteGuard WP Plugin v1.0.4
1.8.6 1.8.6-beta1 1.8.6-beta2 1.8.4 1.8.5 1.8.3 1.8.2 1.8.1 trunk 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.2.0 1.2.1 1.2.2 1.2.3 1.4.3 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.7.0 1.7.1 1.7.10 1.7.11 1.7.12 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.0-beta1 1.8.0-beta2 1.8.0-beta3 1.8.0-beta4
siteguard / classes / siteguard-waf-exclude-rule.php
siteguard / classes Last commit date
siteguard-admin-filter.php 11 years ago siteguard-base.php 11 years ago siteguard-captcha.php 11 years ago siteguard-config.php 11 years ago siteguard-disable-pingback.php 11 years ago siteguard-htaccess.php 11 years ago siteguard-login-history.php 11 years ago siteguard-login-lock.php 11 years ago siteguard-rename-login.php 11 years ago siteguard-waf-exclude-rule.php 11 years ago
siteguard-waf-exclude-rule.php
234 lines
1 <?php
2
3 define( 'SITEGUARD_WAF_EXCLUDE_RULE', 'waf_exclude_rule' );
4
5 class SiteGuard_WAF_Exclude_Rule extends SiteGuard_Base {
6 public static $htaccess_mark = '#==== SITEGUARD_SG_WHITE_LIST_SETTINGS';
7
8 function __construct( ) {
9 }
10 function get_mark( ) {
11 return SiteGuard_WAF_Exclude_Rule::$htaccess_mark;
12 }
13 function init( ) {
14 global $config;
15 $config->set( 'waf_exclude_rule_enable', '0' );
16 $this->clear_rules( );
17 $config->update( );
18 }
19 function get_enable( ) {
20 global $config;
21 $enable = $config->get( 'waf_exclude_rule_enable' );
22 return $enable;
23 }
24 function set_enable( $enable ) {
25 global $config;
26 if ( '0' != $enable && '1' != $enable ) {
27 return false;
28 }
29 $config->set( 'waf_exclude_rule_enable', $enable );
30 $config->update( );
31 return true;
32 }
33 function cvt_exclude( $exclude ) {
34 return str_replace( ',', '|', $exclude );
35 }
36 function get_max_id( $rules ) {
37 $result = 0;
38 foreach ( $rules as $rule ) {
39 if ( isset( $rule['ID'] ) && $result < $rule['ID'] ) {
40 $result = $rule['ID'];
41 }
42 }
43 return $result;
44 }
45 function input_check( $id, $filename, &$sig, $comment ) {
46 $errors = new WP_Error( );
47 if ( ! is_numeric( $id ) ) {
48 $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) );
49 }
50 if ( empty( $sig ) ) {
51 $errors->add( 'white_list_error', esc_html__( 'ERROR: Signature is required', 'siteguard' ) );
52 } else {
53 $tmp_sig = str_ireplace( 'SiteGuard_User_ExcludeSig ', '', $sig );
54 $tmp_sig = str_replace( ' ', '', $tmp_sig );
55 $tmp_sig = preg_replace( "/\r\n(\r\n)+/", "\r\n", $tmp_sig );
56 $tmp_sig = preg_replace( "/\r\n$/", '', $tmp_sig );
57 $tmp_sig = preg_replace( "/\n\n+/", "\n", $tmp_sig );
58 $tmp_sig = preg_replace( "/\n$/", '', $tmp_sig );
59 if ( preg_match( '/^[a-zA-Z0-9-\r\n]+$/', $tmp_sig ) != 1 ) {
60 $errors->add( 'white_list_error', esc_html__( 'ERROR: Syntax Error in Signature', 'siteguard' ) );
61 } else {
62 $sig = $tmp_sig;
63 }
64 }
65
66 if ( count( $errors->errors ) > 0 ) {
67 return $errors;
68 }
69 return true;
70 }
71 function add_rule( $filename, $sig, $comment ) {
72 global $config;
73
74 // check
75 $errors = $this->input_check( 1, $filename, $sig, $comment );
76 if ( is_wp_error( $errors ) ) {
77 return $errors;
78 }
79 $sig = str_ireplace( 'SiteGuard_User_ExcludeSig', '', $sig );
80 $sig = str_replace( ' ', '', $sig );
81 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
82 $rule = array(
83 'ID' => $this->get_max_id( $rules ) + 1,
84 'filename' => $filename,
85 'sig' => $sig,
86 'comment' => $comment,
87 );
88 array_push( $rules, $rule );
89 $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules );
90 $config->update( );
91 return true;
92 }
93 function clear_rules( ) {
94 global $config;
95 $empty = array();
96 $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $empty );
97 $config->update( );
98 }
99 function get_rules( ) {
100 global $config;
101 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
102 return $rules;
103 }
104 function get_rule( $id, &$offset ) {
105 global $config;
106 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
107 $idx = 0;
108 foreach ( $rules as $rule ) {
109 if ( isset( $rule['ID'] ) && $rule['ID'] == $id ) {
110 $offset = $idx;
111 return $rule;
112 }
113 $idx ++;
114 }
115 $offset = -1;
116 return false;
117 }
118 function delete_rule( $ids ) {
119 global $config;
120 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
121 foreach ( $ids as $id ) {
122 $offset = 0;
123 $rule = $this->get_rule( $id, $offset );
124 if ( false === $rule ) {
125 continue;
126 }
127 array_splice( $rules, $offset, 1 );
128 $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules );
129 }
130 $config->update( );
131 return true;
132 }
133 function set_rule_itr( $new_rule ) {
134 global $config;
135 $errors = new WP_Error();
136
137 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
138 if ( isset( $new_rule['ID'] ) ) {
139 $id = $new_rule['ID'];
140 } else {
141 $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) );
142 return $errors;
143 }
144 $offset = 0;
145 $rule = $this->get_rule( $id, $offset );
146 if ( false === $rule ) {
147 $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) );
148 return $errors;
149 }
150 array_splice( $rules, $offset, 1, array( $new_rule ) );
151 $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules );
152 $config->update( );
153 return true;
154 }
155 function set_rule( $id, $filename, $sig, $comment ) {
156 // check
157 $errors = $this->input_check( $id, $filename, $sig, $comment );
158 if ( is_wp_error( $errors ) ) {
159 return $errors;
160 }
161
162 $new_rule = array(
163 'ID' => (int) $id,
164 'filename' => $filename,
165 'sig' => $sig,
166 'comment' => $comment,
167 );
168 return $this->set_rule_itr( $new_rule );
169 }
170 function cvt_csrf2comma( $signatures ) {
171 $result = preg_replace( "/(\r\n)+/", "\r\n", $signatures );
172 $result = str_replace( "\r\n", ',', $result );
173 $result = str_replace( "\r\n", ',', $result );
174 $result = str_replace( "\r", ',', $result );
175 $result = str_replace( "\n", ',', $result );
176 return $result;
177 }
178 // for SiteGuard Lite Ver1.x
179 function output_ExcludeSig_1( $sig_str ) {
180 $result = '';
181 $csv = $this->cvt_csrf2comma( $sig_str );
182 $sigs = preg_split( '/,/', $csv );
183 foreach ( $sigs as $sig ) {
184 $sig = str_replace( ' ', '', $sig );
185 if ( strlen( $sig ) > 0 ) {
186 $result .= ' SiteGuard_User_ExcludeSig '. $sig . "\n";
187 }
188 }
189 return $result;
190 }
191 // for SiteGuard Lite Ver2.x
192 function output_ExcludeSig_2( $sig_str ) {
193 return ' SiteGuard_User_ExcludeSig '. $this->cvt_csrf2comma( $sig_str ) . "\n";
194 }
195 function update_settings( ) {
196 global $config;
197 $htaccess_str = '';
198 $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE );
199 if ( '' == $rules ) {
200 return;
201 }
202
203 $htaccess_str .= "<IfModule mod_siteguard.c>\n";
204 foreach ( $rules as $rule ) {
205 if ( isset( $rule['filename'] ) && isset( $rule['sig'] ) ) {
206 $filename = $rule['filename'];
207 $sig = $rule['sig'];
208 if ( ! empty( $filename ) ) {
209 $htaccess_str .= " <Files $filename >\n";
210 $htaccess_str .= $this->output_ExcludeSig_1( $sig );
211 $htaccess_str .= " </Files>\n";
212 } else {
213 $htaccess_str .= $this->output_ExcludeSig_1( $sig );
214 }
215 }
216 }
217 $htaccess_str .= "</IfModule>\n";
218
219 return $htaccess_str;
220 }
221 function feature_on( ) {
222 global $htaccess;
223 $data = $this->update_settings( );
224 $mark = $this->get_mark( );
225 $htaccess->update_settings( $mark, $data );
226 }
227 function feature_off( ) {
228 $mark = SiteGuard_WAF_Exclude_Rule::get_mark( );
229 SiteGuard_Htaccess::clear_settings( $mark );
230 }
231 }
232
233 ?>
234