PluginProbe ʕ •ᴥ•ʔ
SiteGuard WP Plugin / 1.7.7
SiteGuard WP Plugin v1.7.7
1.8.7 1.8.6 1.8.6-beta1 1.8.6-beta2 1.8.4 1.8.5 1.8.3 1.8.2 1.8.1 trunk 1.0.0 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.2.0 1.2.1 1.2.2 1.2.3 1.4.3 1.5.0 1.5.1 1.5.2 1.6.0 1.6.1 1.7.0 1.7.1 1.7.10 1.7.11 1.7.12 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.0-beta1 1.8.0-beta2 1.8.0-beta3 1.8.0-beta4
siteguard / classes / siteguard-htaccess.php
siteguard / classes Last commit date
siteguard-admin-filter.php 3 years ago siteguard-base.php 3 years ago siteguard-captcha.php 3 years ago siteguard-config.php 3 years ago siteguard-disable-author-query.php 3 years ago siteguard-disable-pingback.php 3 years ago siteguard-disable-xmlrpc.php 3 years ago siteguard-htaccess.php 3 years ago siteguard-login-alert.php 3 years ago siteguard-login-history.php 3 years ago siteguard-login-lock.php 3 years ago siteguard-rename-login.php 2 years ago siteguard-updates-notify.php 3 years ago siteguard-waf-exclude-rule.php 3 years ago
siteguard-htaccess.php
278 lines
1 <?php
2
3 class SiteGuard_Htaccess extends SiteGuard_Base {
4 const HTACCESS_PERMISSION = 0604;
5 const HTACCESS_MARK_START = '#SITEGUARD_PLUGIN_SETTINGS_START';
6 const HTACCESS_MARK_END = '#SITEGUARD_PLUGIN_SETTINGS_END';
7
8 function __construct() {
9 }
10 static function get_htaccess_file() {
11 return ABSPATH . '.htaccess';
12 }
13 static function get_tmp_dir() {
14 return SITEGUARD_PATH . 'tmp/';
15 }
16 static function test_htaccess() {
17 return true;
18 // $result = wp_remote_get( SITEGUARD_URL_PATH . 'test/siteguard-test.php' );
19 // if ( ! is_wp_error( $result ) && 200 === $result['response']['code'] ) {
20 // return true;
21 // }
22 // return false;
23 }
24 static function get_htaccess_new_file() {
25 return tempnam( self::get_tmp_dir(), 'htaccess_' );
26 }
27 static function make_tmp_dir() {
28 $dir = self::get_tmp_dir();
29 if ( ! wp_mkdir_p( $dir ) ) {
30 siteguard_error_log( "make tempdir failed: $dir" );
31 return false;
32 }
33 $htaccess_file = $dir . '.htaccess';
34
35 if ( file_exists( $htaccess_file ) ) {
36 $lines = file( $htaccess_file );
37 $res = preg_grep( '/IfModule authz_core_module/', $lines );
38 if ( ! empty( $res ) ) {
39 return true;
40 }
41 }
42
43 if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
44 fwrite( $handle, '<IfModule authz_core_module>' . "\n" );
45 fwrite( $handle, ' Require all denied' . "\n" );
46 fwrite( $handle, '</IfModule>' . "\n" );
47 fwrite( $handle, '<IfModule !authz_core_module>' . "\n" );
48 fwrite( $handle, ' Order deny,allow' . "\n" );
49 fwrite( $handle, ' Deny from all' . "\n" );
50 fwrite( $handle, '</IfModule>' . "\n" );
51 fclose( $handle );
52 }
53
54 return true;
55 }
56 static function is_exists_setting( $mark ) {
57 $result = false;
58 if ( '' === $mark ) {
59 $mark_start = self::HTACCESS_MARK_START;
60 $mark_end = self::HTACCESS_MARK_END;
61 } else {
62 $mark_start = $mark . '_START';
63 $mark_end = $mark . '_END';
64 }
65 $current_file = self::get_htaccess_file();
66 if ( ! file_exists( $current_file ) ) {
67 return $result;
68 }
69 $fr = @fopen( $current_file, 'r' );
70 if ( null === $fr ) {
71 return $result;
72 }
73 $line_num = 0;
74 $start_line = 0;
75 $end_line = 0;
76 while ( ! feof( $fr ) ) {
77 $line = fgets( $fr, 4096 );
78 $line_num++;
79 if ( false !== strpos( $line, $mark_start ) ) {
80 $start_line = $line_num;
81 }
82 if ( false !== strpos( $line, $mark_end ) ) {
83 $end_line = $line_num;
84 if ( $start_line > 0 && ( $end_line - $start_line ) > 1 ) {
85 $result = true;
86 }
87 break;
88 }
89 }
90 @fclose( $fr );
91
92 return $result;
93 }
94 static function check_permission( $flag_create = true ) {
95 $file = self::get_htaccess_file();
96 if ( true === $flag_create ) {
97 self::get_apply_permission( $file );
98 }
99 if ( ! is_readable( $file ) ) {
100 siteguard_error_log( "file not readable: $file" );
101 return false;
102 }
103 if ( ! is_writable( $file ) ) {
104 siteguard_error_log( "file not writable: $file" );
105 return false;
106 }
107 $path = pathinfo( $file, PATHINFO_DIRNAME );
108 if ( ! is_writable( $path ) ) {
109 siteguard_error_log( 'directory not writable: ' . $path );
110 return false;
111 }
112 return true;
113 }
114 static function get_apply_permission_itr( $file ) {
115 clearstatcache();
116 $perm = intval( substr( sprintf( '%o', fileperms( $file ) ), -4 ), 8 );
117 return $perm;
118 }
119 static function get_apply_permission( $file ) {
120 $perm = self::HTACCESS_PERMISSION;
121 if ( file_exists( $file ) ) {
122 $perm = self::get_apply_permission_itr( $file );
123 } else {
124 @touch( $file );
125 }
126 @chmod( $file, $perm );
127 return $perm;
128 }
129 static function clear_settings( $mark ) {
130 if ( ! self::make_tmp_dir() ) {
131 return false;
132 }
133 if ( '' === $mark ) {
134 $mark_start = self::HTACCESS_MARK_START;
135 $mark_end = self::HTACCESS_MARK_END;
136 } else {
137 $mark_start = $mark . '_START';
138 $mark_end = $mark . '_END';
139 }
140 $flag_settings = false;
141 $current_file = self::get_htaccess_file();
142 $perm = self::get_apply_permission( $current_file );
143 if ( ! self::check_permission( false ) ) {
144 return false;
145 }
146 $fr = @fopen( $current_file, 'r' );
147 if ( null === $fr ) {
148 siteguard_error_log( "fopen failed: $current_file" );
149 return false;
150 }
151 $new_file = self::get_htaccess_new_file();
152 $fw = @fopen( $new_file, 'w' );
153 if ( null === $fw ) {
154 siteguard_error_log( "fopen failed: $new_file" );
155 return false;
156 }
157 while ( ! feof( $fr ) ) {
158 $line = fgets( $fr, 4096 );
159 if ( false !== strpos( $line, $mark_start ) ) {
160 $flag_settings = true;
161 }
162 if ( false === $flag_settings ) {
163 fputs( $fw, $line, 4096 );
164 }
165 if ( true == $flag_settings && false !== strpos( $line, $mark_end ) ) {
166 $flag_settings = false;
167 }
168 }
169 fclose( $fr );
170 fclose( $fw );
171 @chmod( $new_file, $perm );
172 if ( ! rename( $new_file, $current_file ) ) {
173 siteguard_error_log( "rename failed: $new_file $current_file" );
174 return false;
175 }
176 return true;
177 }
178 function update_settings( $mark, $data ) {
179 if ( ! self::make_tmp_dir() ) {
180 return false;
181 }
182 $flag_write = false;
183 $flag_through = true;
184 $flag_wp = false;
185 $flag_wp_set = false;
186 $wp_settings = '';
187 $mark_start = $mark . '_START';
188 $mark_end = $mark . '_END';
189 $mark_wp_start = '# BEGIN WordPress';
190 $mark_wp_end = '# END WordPress';
191 $current_file = self::get_htaccess_file();
192 $perm = self::get_apply_permission( $current_file );
193 if ( ! self::check_permission( false ) ) {
194 return false;
195 }
196 $fr = @fopen( $current_file, 'r' );
197 if ( null === $fr ) {
198 siteguard_error_log( "fopen failed: $current_file" );
199 return false;
200 }
201 $new_file = self::get_htaccess_new_file();
202 if ( ! is_writable( $new_file ) ) {
203 siteguard_error_log( "file not writable: $new_file" );
204 return false;
205 }
206 $fw = @fopen( $new_file, 'w' );
207 if ( null === $fw ) {
208 siteguard_error_log( "fopen failed: $new_file" );
209 return false;
210 }
211 while ( ! feof( $fr ) ) {
212 $line = fgets( $fr, 4096 );
213
214 // Save WordPress settings.
215 // WordPress settings has to be written after SiteGuard settings.
216 if ( false === $flag_write && false == $flag_wp_set && false !== strpos( $line, $mark_wp_start ) ) {
217 $flag_wp = true;
218 $flag_wp_set = true;
219 }
220 if ( $flag_wp_set ) {
221 $wp_settings .= $line;
222 if ( false !== strpos( $line, $mark_wp_end ) ) {
223 $flag_wp_set = false;
224 }
225 continue;
226 }
227
228 if ( false !== strpos( $line, $mark_start ) ) {
229 fwrite( $fw, $line, strlen( $line ) );
230 fwrite( $fw, $data, strlen( $data ) );
231 $flag_write = true;
232 $flag_through = false;
233 continue;
234 }
235 if ( false === $flag_write && false !== strpos( $line, self::HTACCESS_MARK_END ) ) {
236 fwrite( $fw, $mark_start . "\n", strlen( $mark_start ) + 1 );
237 fwrite( $fw, $data, strlen( $data ) );
238 fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
239 $flag_write = true;
240 }
241 if ( false === $flag_through && false !== strpos( $line, $mark_end ) ) {
242 $flag_through = true;
243 }
244 if ( $flag_through ) {
245 fwrite( $fw, $line, strlen( $line ) );
246 if ( false === $flag_wp && false !== strpos( $line, $mark_wp_start ) ) {
247 $flag_wp = true;
248 }
249 }
250 }
251 if ( false === $flag_write ) {
252 fwrite( $fw, "\n" . self::HTACCESS_MARK_START . "\n", strlen( self::HTACCESS_MARK_START ) + 2 );
253 fwrite( $fw, $mark_start . "\n", strlen( $mark_start ) + 1 );
254 fwrite( $fw, $data, strlen( $data ) );
255 fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
256 fwrite( $fw, self::HTACCESS_MARK_END . "\n", strlen( self::HTACCESS_MARK_END ) + 1 );
257 }
258 if ( '' != $wp_settings ) { // Write saved WordPress Settings
259 fwrite( $fw, "\n", 1 );
260 fwrite( $fw, $wp_settings, strlen( $wp_settings ) );
261 fwrite( $fw, "\n", 1 );
262 } elseif ( false === $flag_wp ) { // Write empty WordPress Settings
263 fwrite( $fw, "\n", 1 );
264 fwrite( $fw, $mark_wp_start . "\n", strlen( $mark_wp_start ) + 1 );
265 fwrite( $fw, $mark_wp_end . "\n", strlen( $mark_wp_end ) + 1 );
266 fwrite( $fw, "\n", 1 );
267 }
268 fclose( $fr );
269 fclose( $fw );
270 @chmod( $new_file, $perm );
271 if ( ! rename( $new_file, $current_file ) ) {
272 siteguard_error_log( "rename failed: $new_file $current_file" );
273 return false;
274 }
275 return true;
276 }
277 }
278