PluginProbe ʕ •ᴥ•ʔ
SiteGuard WP Plugin / 1.2.2
SiteGuard WP Plugin v1.2.2
1.8.6 1.8.6-beta1 1.8.6-beta2 1.8.4 1.8.5 1.8.3 1.8.2 1.8.1 trunk 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.2.0 1.2.1 1.2.2 1.2.3 1.4.3 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.7.0 1.7.1 1.7.10 1.7.11 1.7.12 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.0-beta1 1.8.0-beta2 1.8.0-beta3 1.8.0-beta4
siteguard / classes / siteguard-admin-filter.php
siteguard / classes Last commit date
siteguard-admin-filter.php 11 years ago siteguard-base.php 11 years ago siteguard-captcha.php 11 years ago siteguard-config.php 11 years ago siteguard-disable-pingback.php 11 years ago siteguard-htaccess.php 11 years ago siteguard-login-alert.php 11 years ago siteguard-login-history.php 11 years ago siteguard-login-lock.php 11 years ago siteguard-rename-login.php 11 years ago siteguard-updates-notify.php 11 years ago siteguard-waf-exclude-rule.php 11 years ago
siteguard-admin-filter.php
110 lines
1 <?php
2
3 class SiteGuard_AdminFilter extends SiteGuard_Base {
4 public static $htaccess_mark = '#==== SITEGUARD_ADMIN_FILTER_SETTINGS';
5
6 function __construct( ) {
7 define( 'SITEGUARD_TABLE_LOGIN', 'siteguard_login' );
8 add_action( 'wp_login', array( $this, 'handler_wp_login' ), 1, 2 );
9 }
10 static function get_mark( ) {
11 return SiteGuard_AdminFilter::$htaccess_mark;
12 }
13 function init( ) {
14 global $wpdb, $config;
15 $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN;
16 $sql = 'CREATE TABLE ' . $table_name . " (
17 ip_address varchar(40) NOT NULL DEFAULT '',
18 status INT NOT NULL DEFAULT 0,
19 count INT NOT NULL DEFAULT 0,
20 last_login_time datetime,
21 UNIQUE KEY ip_address (ip_address)
22 )
23 CHARACTER SET 'utf8';";
24 require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
25 dbDelta( $sql );
26 $config->set( 'admin_filter_exclude_path', 'css,images,admin-ajax.php' );
27 $config->set( 'admin_filter_enable', '0' );
28 $config->update( );
29 }
30 function handler_wp_login( $login, $current_user ) {
31 global $htaccess, $config;
32
33 if ( '' == $current_user->user_login ) {
34 return;
35 }
36 if ( 1 == $config->get( 'admin_filter_enable' ) ) {
37 $this->feature_on( $_SERVER['REMOTE_ADDR'] );
38 }
39 }
40 function cvt_exclude( $exclude ) {
41 return str_replace( ',', '|', $exclude );
42 }
43 function update_settings( $ip_address ) {
44 global $wpdb, $config;
45 $htaccess_str = '';
46 $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN;
47 $exclude_paths = preg_split( '/,/', $config->get( 'admin_filter_exclude_path' ) );
48
49 $now_str = current_time( 'mysql' );
50 $now_bin = strtotime( $now_str );
51
52 $wpdb->query( 'START TRANSACTION' );
53 $wpdb->query( "DELETE FROM $table_name WHERE status = 1 AND last_login_time < SYSDATE() - INTERVAL 1 DAY;" );
54 $data = array(
55 'ip_address' => $ip_address,
56 'status' => 1,
57 'count' => 0,
58 'last_login_time' => $now_str,
59 );
60 $result = $wpdb->get_row( $wpdb->prepare( "SELECT status from $table_name WHERE ip_address = %s", $ip_address ) );
61 if ( null == $result ) {
62 $wpdb->insert( $table_name, $data );
63 } else {
64 $wpdb->update( $table_name, $data, array( 'ip_address' => $ip_address ) );
65 }
66 $parse_url = parse_url( site_url( ) );
67 if ( false == $parse_url ) {
68 $base = '/';
69 } else {
70 if ( isset( $parse_url['path'] ) ) {
71 $base = $parse_url['path'] . '/';
72 } else {
73 $base = '/';
74 }
75 }
76 $htaccess_str .= "<IfModule mod_rewrite.c>\n";
77 $htaccess_str .= " RewriteEngine on\n";
78 $htaccess_str .= " RewriteBase $base\n";
79 $htaccess_str .= " RewriteRule ^404-siteguard - [L]\n";
80 foreach ( $exclude_paths as $path ) {
81 $htaccess_str .= ' RewriteRule ^wp-admin/' . trim( $path ) . " - [L]\n";
82 }
83 $htaccess_str .= ' RewriteCond %{REMOTE_ADDR} !(127.0.0.1|'. $_SERVER['SERVER_ADDR'] . ")\n";
84 $results = $wpdb->get_col( "SELECT ip_address FROM $table_name;" );
85 if ( $results ) {
86 foreach ( $results as $ip ) {
87 $htaccess_str .= ' RewriteCond %{REMOTE_ADDR} !' . $ip . "\n";
88 }
89 }
90 $htaccess_str .= " RewriteRule ^wp-admin 404-siteguard [L]\n";
91 $htaccess_str .= "</IfModule>\n";
92
93 $wpdb->query( 'COMMIT' );
94
95 return $htaccess_str;
96 }
97 function feature_on( $ip_addres ) {
98 global $htaccess, $config;
99 $mark = $this->get_mark( );
100 $data = $this->update_settings( $ip_addres );
101 return $htaccess->update_settings( $mark, $data );
102 }
103 static function feature_off( ) {
104 $mark = SiteGuard_AdminFilter::get_mark( );
105 SiteGuard_Htaccess::clear_settings( $mark );
106 }
107 }
108
109 ?>
110