siteguard-admin-filter.php
11 years ago
siteguard-base.php
11 years ago
siteguard-captcha.php
11 years ago
siteguard-config.php
11 years ago
siteguard-disable-pingback.php
11 years ago
siteguard-htaccess.php
11 years ago
siteguard-login-history.php
11 years ago
siteguard-login-lock.php
11 years ago
siteguard-rename-login.php
11 years ago
siteguard-waf-exclude-rule.php
11 years ago
siteguard-waf-exclude-rule.php
234 lines
| 1 | <?php |
| 2 | |
| 3 | define( 'SITEGUARD_WAF_EXCLUDE_RULE', 'waf_exclude_rule' ); |
| 4 | |
| 5 | class SiteGuard_WAF_Exclude_Rule extends SiteGuard_Base { |
| 6 | public static $htaccess_mark = '#==== SITEGUARD_SG_WHITE_LIST_SETTINGS'; |
| 7 | |
| 8 | function __construct( ) { |
| 9 | } |
| 10 | function get_mark( ) { |
| 11 | return SiteGuard_WAF_Exclude_Rule::$htaccess_mark; |
| 12 | } |
| 13 | function init( ) { |
| 14 | global $config; |
| 15 | $config->set( 'waf_exclude_rule_enable', '0' ); |
| 16 | $this->clear_rules( ); |
| 17 | $config->update( ); |
| 18 | } |
| 19 | function get_enable( ) { |
| 20 | global $config; |
| 21 | $enable = $config->get( 'waf_exclude_rule_enable' ); |
| 22 | return $enable; |
| 23 | } |
| 24 | function set_enable( $enable ) { |
| 25 | global $config; |
| 26 | if ( '0' != $enable && '1' != $enable ) { |
| 27 | return false; |
| 28 | } |
| 29 | $config->set( 'waf_exclude_rule_enable', $enable ); |
| 30 | $config->update( ); |
| 31 | return true; |
| 32 | } |
| 33 | function cvt_exclude( $exclude ) { |
| 34 | return str_replace( ',', '|', $exclude ); |
| 35 | } |
| 36 | function get_max_id( $rules ) { |
| 37 | $result = 0; |
| 38 | foreach ( $rules as $rule ) { |
| 39 | if ( isset( $rule['ID'] ) && $result < $rule['ID'] ) { |
| 40 | $result = $rule['ID']; |
| 41 | } |
| 42 | } |
| 43 | return $result; |
| 44 | } |
| 45 | function input_check( $id, $filename, &$sig, $comment ) { |
| 46 | $errors = new WP_Error( ); |
| 47 | if ( ! is_numeric( $id ) ) { |
| 48 | $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) ); |
| 49 | } |
| 50 | if ( empty( $sig ) ) { |
| 51 | $errors->add( 'white_list_error', esc_html__( 'ERROR: Signature is required', 'siteguard' ) ); |
| 52 | } else { |
| 53 | $tmp_sig = str_ireplace( 'SiteGuard_User_ExcludeSig ', '', $sig ); |
| 54 | $tmp_sig = str_replace( ' ', '', $tmp_sig ); |
| 55 | $tmp_sig = preg_replace( "/\r\n(\r\n)+/", "\r\n", $tmp_sig ); |
| 56 | $tmp_sig = preg_replace( "/\r\n$/", '', $tmp_sig ); |
| 57 | $tmp_sig = preg_replace( "/\n\n+/", "\n", $tmp_sig ); |
| 58 | $tmp_sig = preg_replace( "/\n$/", '', $tmp_sig ); |
| 59 | if ( preg_match( '/^[a-zA-Z0-9-\r\n]+$/', $tmp_sig ) != 1 ) { |
| 60 | $errors->add( 'white_list_error', esc_html__( 'ERROR: Syntax Error in Signature', 'siteguard' ) ); |
| 61 | } else { |
| 62 | $sig = $tmp_sig; |
| 63 | } |
| 64 | } |
| 65 | |
| 66 | if ( count( $errors->errors ) > 0 ) { |
| 67 | return $errors; |
| 68 | } |
| 69 | return true; |
| 70 | } |
| 71 | function add_rule( $filename, $sig, $comment ) { |
| 72 | global $config; |
| 73 | |
| 74 | // check |
| 75 | $errors = $this->input_check( 1, $filename, $sig, $comment ); |
| 76 | if ( is_wp_error( $errors ) ) { |
| 77 | return $errors; |
| 78 | } |
| 79 | $sig = str_ireplace( 'SiteGuard_User_ExcludeSig', '', $sig ); |
| 80 | $sig = str_replace( ' ', '', $sig ); |
| 81 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 82 | $rule = array( |
| 83 | 'ID' => $this->get_max_id( $rules ) + 1, |
| 84 | 'filename' => $filename, |
| 85 | 'sig' => $sig, |
| 86 | 'comment' => $comment, |
| 87 | ); |
| 88 | array_push( $rules, $rule ); |
| 89 | $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules ); |
| 90 | $config->update( ); |
| 91 | return true; |
| 92 | } |
| 93 | function clear_rules( ) { |
| 94 | global $config; |
| 95 | $empty = array(); |
| 96 | $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $empty ); |
| 97 | $config->update( ); |
| 98 | } |
| 99 | function get_rules( ) { |
| 100 | global $config; |
| 101 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 102 | return $rules; |
| 103 | } |
| 104 | function get_rule( $id, &$offset ) { |
| 105 | global $config; |
| 106 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 107 | $idx = 0; |
| 108 | foreach ( $rules as $rule ) { |
| 109 | if ( isset( $rule['ID'] ) && $rule['ID'] == $id ) { |
| 110 | $offset = $idx; |
| 111 | return $rule; |
| 112 | } |
| 113 | $idx ++; |
| 114 | } |
| 115 | $offset = -1; |
| 116 | return false; |
| 117 | } |
| 118 | function delete_rule( $ids ) { |
| 119 | global $config; |
| 120 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 121 | foreach ( $ids as $id ) { |
| 122 | $offset = 0; |
| 123 | $rule = $this->get_rule( $id, $offset ); |
| 124 | if ( false === $rule ) { |
| 125 | continue; |
| 126 | } |
| 127 | array_splice( $rules, $offset, 1 ); |
| 128 | $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules ); |
| 129 | } |
| 130 | $config->update( ); |
| 131 | return true; |
| 132 | } |
| 133 | function set_rule_itr( $new_rule ) { |
| 134 | global $config; |
| 135 | $errors = new WP_Error(); |
| 136 | |
| 137 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 138 | if ( isset( $new_rule['ID'] ) ) { |
| 139 | $id = $new_rule['ID']; |
| 140 | } else { |
| 141 | $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) ); |
| 142 | return $errors; |
| 143 | } |
| 144 | $offset = 0; |
| 145 | $rule = $this->get_rule( $id, $offset ); |
| 146 | if ( false === $rule ) { |
| 147 | $errors->add( 'white_list_error', esc_html__( 'ERROR: Invalid input value.', 'siteguard' ) ); |
| 148 | return $errors; |
| 149 | } |
| 150 | array_splice( $rules, $offset, 1, array( $new_rule ) ); |
| 151 | $config->set( SITEGUARD_WAF_EXCLUDE_RULE, $rules ); |
| 152 | $config->update( ); |
| 153 | return true; |
| 154 | } |
| 155 | function set_rule( $id, $filename, $sig, $comment ) { |
| 156 | // check |
| 157 | $errors = $this->input_check( $id, $filename, $sig, $comment ); |
| 158 | if ( is_wp_error( $errors ) ) { |
| 159 | return $errors; |
| 160 | } |
| 161 | |
| 162 | $new_rule = array( |
| 163 | 'ID' => (int) $id, |
| 164 | 'filename' => $filename, |
| 165 | 'sig' => $sig, |
| 166 | 'comment' => $comment, |
| 167 | ); |
| 168 | return $this->set_rule_itr( $new_rule ); |
| 169 | } |
| 170 | function cvt_csrf2comma( $signatures ) { |
| 171 | $result = preg_replace( "/(\r\n)+/", "\r\n", $signatures ); |
| 172 | $result = str_replace( "\r\n", ',', $result ); |
| 173 | $result = str_replace( "\r\n", ',', $result ); |
| 174 | $result = str_replace( "\r", ',', $result ); |
| 175 | $result = str_replace( "\n", ',', $result ); |
| 176 | return $result; |
| 177 | } |
| 178 | // for SiteGuard Lite Ver1.x |
| 179 | function output_ExcludeSig_1( $sig_str ) { |
| 180 | $result = ''; |
| 181 | $csv = $this->cvt_csrf2comma( $sig_str ); |
| 182 | $sigs = preg_split( '/,/', $csv ); |
| 183 | foreach ( $sigs as $sig ) { |
| 184 | $sig = str_replace( ' ', '', $sig ); |
| 185 | if ( strlen( $sig ) > 0 ) { |
| 186 | $result .= ' SiteGuard_User_ExcludeSig '. $sig . "\n"; |
| 187 | } |
| 188 | } |
| 189 | return $result; |
| 190 | } |
| 191 | // for SiteGuard Lite Ver2.x |
| 192 | function output_ExcludeSig_2( $sig_str ) { |
| 193 | return ' SiteGuard_User_ExcludeSig '. $this->cvt_csrf2comma( $sig_str ) . "\n"; |
| 194 | } |
| 195 | function update_settings( ) { |
| 196 | global $config; |
| 197 | $htaccess_str = ''; |
| 198 | $rules = $config->get( SITEGUARD_WAF_EXCLUDE_RULE ); |
| 199 | if ( '' == $rules ) { |
| 200 | return; |
| 201 | } |
| 202 | |
| 203 | $htaccess_str .= "<IfModule mod_siteguard.c>\n"; |
| 204 | foreach ( $rules as $rule ) { |
| 205 | if ( isset( $rule['filename'] ) && isset( $rule['sig'] ) ) { |
| 206 | $filename = $rule['filename']; |
| 207 | $sig = $rule['sig']; |
| 208 | if ( ! empty( $filename ) ) { |
| 209 | $htaccess_str .= " <Files $filename >\n"; |
| 210 | $htaccess_str .= $this->output_ExcludeSig_1( $sig ); |
| 211 | $htaccess_str .= " </Files>\n"; |
| 212 | } else { |
| 213 | $htaccess_str .= $this->output_ExcludeSig_1( $sig ); |
| 214 | } |
| 215 | } |
| 216 | } |
| 217 | $htaccess_str .= "</IfModule>\n"; |
| 218 | |
| 219 | return $htaccess_str; |
| 220 | } |
| 221 | function feature_on( ) { |
| 222 | global $htaccess; |
| 223 | $data = $this->update_settings( ); |
| 224 | $mark = $this->get_mark( ); |
| 225 | $htaccess->update_settings( $mark, $data ); |
| 226 | } |
| 227 | function feature_off( ) { |
| 228 | $mark = SiteGuard_WAF_Exclude_Rule::get_mark( ); |
| 229 | SiteGuard_Htaccess::clear_settings( $mark ); |
| 230 | } |
| 231 | } |
| 232 | |
| 233 | ?> |
| 234 |