siteguard-admin-filter.php
3 years ago
siteguard-base.php
3 years ago
siteguard-captcha.php
3 years ago
siteguard-config.php
3 years ago
siteguard-disable-author-query.php
3 years ago
siteguard-disable-pingback.php
3 years ago
siteguard-disable-xmlrpc.php
3 years ago
siteguard-htaccess.php
3 years ago
siteguard-login-alert.php
3 years ago
siteguard-login-history.php
3 years ago
siteguard-login-lock.php
3 years ago
siteguard-rename-login.php
2 years ago
siteguard-updates-notify.php
3 years ago
siteguard-waf-exclude-rule.php
3 years ago
siteguard-admin-filter.php
124 lines
| 1 | <?php |
| 2 | |
| 3 | class SiteGuard_AdminFilter extends SiteGuard_Base { |
| 4 | public static $htaccess_mark = '#==== SITEGUARD_ADMIN_FILTER_SETTINGS'; |
| 5 | |
| 6 | function __construct() { |
| 7 | define( 'SITEGUARD_TABLE_LOGIN', 'siteguard_login' ); |
| 8 | add_action( 'wp_login', array( $this, 'handler_wp_login' ), 1, 2 ); |
| 9 | } |
| 10 | static function get_mark() { |
| 11 | return self::$htaccess_mark; |
| 12 | } |
| 13 | function init() { |
| 14 | global $wpdb, $siteguard_config; |
| 15 | $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN; |
| 16 | $sql = 'CREATE TABLE ' . $table_name . " ( |
| 17 | ip_address varchar(40) NOT NULL DEFAULT '', |
| 18 | status INT NOT NULL DEFAULT 0, |
| 19 | count INT NOT NULL DEFAULT 0, |
| 20 | last_login_time datetime, |
| 21 | UNIQUE KEY ip_address (ip_address) |
| 22 | ) |
| 23 | CHARACTER SET 'utf8';"; |
| 24 | require_once ABSPATH . 'wp-admin/includes/upgrade.php'; |
| 25 | dbDelta( $sql ); |
| 26 | $siteguard_config->set( 'admin_filter_exclude_path', 'css,images,admin-ajax.php,load-styles.php,site-health.php' ); |
| 27 | $siteguard_config->set( 'admin_filter_enable', '0' ); |
| 28 | $siteguard_config->update(); |
| 29 | } |
| 30 | function handler_wp_login( $login, $current_user ) { |
| 31 | global $siteguard_htaccess, $siteguard_config; |
| 32 | |
| 33 | if ( '' == $current_user->user_login ) { |
| 34 | return; |
| 35 | } |
| 36 | if ( 1 == $siteguard_config->get( 'admin_filter_enable' ) ) { |
| 37 | $this->feature_on( $this->get_ip() ); |
| 38 | } |
| 39 | } |
| 40 | function cvt_exclude( $exclude ) { |
| 41 | return str_replace( ',', '|', $exclude ); |
| 42 | } |
| 43 | function cvt_status_for_1_2_5( $ip_address ) { |
| 44 | global $wpdb; |
| 45 | $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN; |
| 46 | $wpdb->update( $table_name, array( 'status' => 0 ), array( 'ip_address' => $ip_address ) ); |
| 47 | } |
| 48 | function get_rewrite_cond( $ip ) { |
| 49 | return ' RewriteCond %{REMOTE_ADDR} !^' . str_replace( '.', '\.', $ip ) . "$\n"; |
| 50 | } |
| 51 | function update_settings( $ip_address ) { |
| 52 | global $wpdb, $siteguard_config; |
| 53 | $htaccess_str = ''; |
| 54 | $table_name = $wpdb->prefix . SITEGUARD_TABLE_LOGIN; |
| 55 | $exclude_paths = preg_split( '/,/', $siteguard_config->get( 'admin_filter_exclude_path' ) ); |
| 56 | |
| 57 | $now_str = current_time( 'mysql' ); |
| 58 | $now_bin = strtotime( $now_str ); |
| 59 | |
| 60 | $wpdb->query( 'START TRANSACTION' ); |
| 61 | $wpdb->query( $wpdb->prepare( "DELETE FROM $table_name WHERE status = %d AND last_login_time < SYSDATE() - INTERVAL 1 DAY;", SITEGUARD_LOGIN_SUCCESS ) ); |
| 62 | $data = array( |
| 63 | 'ip_address' => $ip_address, |
| 64 | 'status' => SITEGUARD_LOGIN_SUCCESS, |
| 65 | 'count' => 0, |
| 66 | 'last_login_time' => $now_str, |
| 67 | ); |
| 68 | $result = $wpdb->get_row( $wpdb->prepare( "SELECT status from $table_name WHERE ip_address = %s", $ip_address ) ); |
| 69 | if ( null == $result ) { |
| 70 | $wpdb->insert( $table_name, $data ); |
| 71 | } else { |
| 72 | $wpdb->update( $table_name, $data, array( 'ip_address' => $ip_address ) ); |
| 73 | } |
| 74 | $parse_url = parse_url( site_url() ); |
| 75 | if ( false === $parse_url ) { |
| 76 | $base = '/'; |
| 77 | } else { |
| 78 | if ( isset( $parse_url['path'] ) ) { |
| 79 | $base = $parse_url['path'] . '/'; |
| 80 | } else { |
| 81 | $base = '/'; |
| 82 | } |
| 83 | } |
| 84 | $htaccess_str .= "<IfModule mod_rewrite.c>\n"; |
| 85 | $htaccess_str .= " RewriteEngine on\n"; |
| 86 | $htaccess_str .= " RewriteBase $base\n"; |
| 87 | $htaccess_str .= " RewriteRule ^404-siteguard - [L]\n"; |
| 88 | foreach ( $exclude_paths as $path ) { |
| 89 | $htaccess_str .= ' RewriteRule ^wp-admin/' . trim( str_replace( '.', '\.', $path ) ) . " - [L]\n"; |
| 90 | } |
| 91 | $results = $wpdb->get_col( $wpdb->prepare( "SELECT ip_address FROM $table_name WHERE status = %d;", SITEGUARD_LOGIN_SUCCESS ) ); |
| 92 | if ( $results ) { |
| 93 | foreach ( $results as $ip ) { |
| 94 | $htaccess_str .= $this->get_rewrite_cond( $ip ); |
| 95 | } |
| 96 | } |
| 97 | $server_ip = $this->get_server_ip(); |
| 98 | if ( false !== $server_ip ) { |
| 99 | $htaccess_str .= $this->get_rewrite_cond( $server_ip ); |
| 100 | } |
| 101 | $htaccess_str .= $this->get_rewrite_cond( '127.0.0.1' ); |
| 102 | $htaccess_str .= $this->get_rewrite_cond( '::1' ); |
| 103 | $htaccess_str .= " RewriteRule ^wp-admin 404-siteguard [L]\n"; |
| 104 | $htaccess_str .= "</IfModule>\n"; |
| 105 | |
| 106 | $wpdb->query( 'COMMIT' ); |
| 107 | |
| 108 | return $htaccess_str; |
| 109 | } |
| 110 | function feature_on( $ip_address ) { |
| 111 | global $siteguard_htaccess, $siteguard_config; |
| 112 | if ( false === SiteGuard_Htaccess::check_permission() ) { |
| 113 | return false; |
| 114 | } |
| 115 | $mark = $this->get_mark(); |
| 116 | $data = $this->update_settings( $ip_address ); |
| 117 | return $siteguard_htaccess->update_settings( $mark, $data ); |
| 118 | } |
| 119 | static function feature_off() { |
| 120 | $mark = self::get_mark(); |
| 121 | return SiteGuard_Htaccess::clear_settings( $mark ); |
| 122 | } |
| 123 | } |
| 124 |