PluginProbe ʕ •ᴥ•ʔ
Wordfence Security – Firewall, Malware Scan, and Login Security / 1.4.6
Wordfence Security – Firewall, Malware Scan, and Login Security v1.4.6
8.2.2 8.2.1 8.2.0 3.7.1 3.7.2 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.8.8 3.8.9 3.9.1 4.0.1 4.0.2 4.0.3 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.0.9 5.1.1 5.1.2 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.1 5.3.10 5.3.11 5.3.12 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.3.7 5.3.8 5.3.9 6.0.1 6.0.10 6.0.11 6.0.12 6.0.14 6.0.15 6.0.16 6.0.17 6.0.18 6.0.19 6.0.2 6.0.20 6.0.21 6.0.22 6.0.23 6.0.24 6.0.25 6.0.3 6.0.4 6.0.5 6.0.6 6.0.7 6.0.8 6.0.9 6.1.1 6.1.10 6.1.11 6.1.12 6.1.14 6.1.15 6.1.16 6.1.17 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.1.8 6.1.9 6.2.0 6.2.1 6.2.10 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.2.8 6.2.9 6.3.0 6.3.1 6.3.10 6.3.11 6.3.12 6.3.14 6.3.15 6.3.16 6.3.17 6.3.18 6.3.19 6.3.2 6.3.20 6.3.21 6.3.22 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1.0 7.1.1 7.1.10 7.1.11 7.1.12 7.1.14 7.1.15 7.1.16 7.1.17 7.1.18 7.1.19 7.1.2 7.1.20 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.10.0 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 7.10.6 7.10.7 7.11.0 7.11.1 7.11.2 7.11.3 7.11.4 7.11.5 7.11.6 7.11.7 7.2.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3.1 7.3.2 7.3.3 7.3.4 7.3.5 7.3.6 7.4.0 7.4.1 7.4.10 7.4.11 7.4.12 7.4.14 7.4.2 7.4.3 trunk 7.4.4 1.1 7.4.5 1.2 7.4.6 1.3 7.4.7 1.3.1 7.4.8 1.3.2 7.4.9 1.3.3 7.5.0 1.4.2 7.5.1 1.4.3 7.5.10 1.4.4 7.5.11 1.4.5 7.5.2 1.4.6 7.5.3 1.4.7 7.5.4 1.4.8 7.5.5 1.5.1 7.5.6 1.5.2 7.5.7 1.5.3 7.5.8 1.5.4 7.5.9 1.5.5 7.6.0 1.5.6 7.6.1 2.0.1 7.6.2 2.0.2 7.7.0 2.0.3 7.7.1 2.0.5 7.8.0 2.0.6 7.8.1 2.0.7 7.8.2 2.1.0 7.9.0 2.1.1 7.9.1 2.1.2 7.9.2 2.1.3 7.9.3 2.1.4 8.0.0 2.1.5 8.0.1 3.0.2 8.0.2 3.0.3 8.0.3 3.0.4 8.0.4 3.0.5 8.0.5 3.0.6 8.1.0 3.0.7 8.1.1 3.0.8 8.1.2 3.0.9 8.1.3 3.1.0 8.1.4 3.1.1 v1.4.1 3.1.2 3.1.4 3.1.6 3.2.1 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.4 3.4.5 3.5.1 3.5.2 3.6.1 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.6.9
wordfence / lib / wfIssues.php
wordfence / lib Last commit date
Diff 14 years ago geshi 14 years ago .htaccess 14 years ago Diff.php 14 years ago IPTraf.php 14 years ago diffResult.php 14 years ago dropAll.php 14 years ago email_genericAlert.php 14 years ago email_newIssues.php 14 years ago geshi.php 14 years ago menu_activity.php 14 years ago menu_blockedIPs.php 14 years ago menu_config.php 14 years ago menu_options.php 14 years ago menu_scan.php 14 years ago sysinfo.php 14 years ago wf503.php 14 years ago wfAPI.php 14 years ago wfAction.php 14 years ago wfBrowscap.php 14 years ago wfBrowscapCache.php 14 years ago wfConfig.php 14 years ago wfCrawl.php 14 years ago wfDB.php 14 years ago wfDict.php 14 years ago wfIssues.php 14 years ago wfLockedOut.php 14 years ago wfLog.php 14 years ago wfModTracker.php 14 years ago wfRate.php 14 years ago wfScanEngine.php 14 years ago wfSchema.php 14 years ago wfUtils.php 14 years ago wfViewResult.php 14 years ago wordfenceClass.php 14 years ago wordfenceConstants.php 14 years ago wordfenceHash.php 14 years ago wordfenceScanner.php 14 years ago wordfenceURLHoover.php 14 years ago
wfIssues.php
242 lines
1 <?php
2 require_once('wfUtils.php');
3 class wfIssues {
4 private $updateCalled = false;
5 public $lastError = '';
6 private $issuesTable = '';
7 private $newIssues = array();
8 public $totalIssues = 0;
9 public $totalCriticalIssues = 0;
10 public $totalWarningIssues = 0;
11 public function __construct(){
12 global $wpdb;
13 $this->issuesTable = $wpdb->base_prefix . 'wfIssues';
14 }
15 public function addIssue($type, $severity,
16
17 $ignoreP, /* some piece of data used for md5 for permanent ignores */
18 $ignoreC, /* some piece of data used for md5 for ignoring until something changes */
19 $shortMsg, $longMsg, $templateData
20 ){
21
22
23 $ignoreP = md5($ignoreP);
24 $ignoreC = md5($ignoreC);
25 $rec = $this->getDB()->querySingleRec("select status, ignoreP, ignoreC from " . $this->issuesTable . " where (ignoreP='%s' OR ignoreC='%s')", $ignoreP, $ignoreC);
26 if($rec){
27 if($rec['status'] == 'new' && ($rec['ignoreC'] == $ignoreC || $rec['ignoreP'] == $ignoreP)){ return; }
28 if($rec['status'] == 'ignoreC' && $rec['ignoreC'] == $ignoreC){ return; }
29 if($rec['status'] == 'ignoreP' && $rec['ignoreP'] == $ignoreP){ return; }
30 }
31
32 $this->totalIssues++;
33 if($severity == 1){
34 $this->totalCriticalIssues++;
35 } else if($severity == 2){
36 $this->totalWarningIssues++;
37 }
38 $this->newIssues[] = array(
39 'type' => $type,
40 'severity' => $severity,
41 'ignoreP' => $ignoreP,
42 'ignoreC' => $ignoreC,
43 'shortMsg' => $shortMsg,
44 'longMsg' => $longMsg,
45 'tmplData' => $templateData
46 );
47
48 $this->getDB()->query("insert into " . $this->issuesTable . " (time, status, type, severity, ignoreP, ignoreC, shortMsg, longMsg, data) values (unix_timestamp(), '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s')",
49 'new',
50 $type,
51 $severity,
52 $ignoreP,
53 $ignoreC,
54 $shortMsg,
55 $longMsg,
56 serialize($templateData)
57 );
58 }
59 public function deleteIgnored(){
60 $this->getDB()->query("delete from " . $this->issuesTable . " where status='ignoreP' or status='ignoreC'");
61 }
62 public function deleteNew(){
63 $this->getDB()->query("delete from " . $this->issuesTable . " where status='new'");
64 }
65 public function ignoreAllNew(){
66 $this->getDB()->query("update " . $this->issuesTable . " set status='ignoreC' where status='new'");
67 }
68 public function emailNewIssues(){
69 $level = wfConfig::getAlertLevel();
70 $emails = wfConfig::getAlertEmails();
71 $subject = "[Wordfence Alert] Problems found on " . get_bloginfo('name', 'raw');
72
73 if(sizeof($emails) < 1){ return; }
74 if($level < 1){ return; }
75 if($level == 2 && $this->totalCriticalIssues < 1 && $this->totalWarningIssues < 1){ return; }
76 if($level == 1 && $this->totalCriticalIssues < 1){ return; }
77 $emailedIssues = wfConfig::get_ser('emailedIssuesList', array());
78 $finalIssues = array();
79 foreach($this->newIssues as $newIssue){
80 $alreadyEmailed = false;
81 foreach($emailedIssues as $emailedIssue){
82 if($newIssue['ignoreP'] == $emailedIssue['ignoreP'] || $newIssue['ignoreC'] == $emailedIssue['ignoreC']){
83 $alreadyEmailed = true;
84 break;
85 }
86 }
87 if(! $alreadyEmailed){
88 $finalIssues[] = $newIssue;
89 }
90 }
91 if(sizeof($finalIssues) < 1){ return; }
92
93 $totalWarningIssues = 0;
94 $totalCriticalIssues = 0;
95 foreach($finalIssues as $i){
96 $emailedIssues[] = array( 'ignoreC' => $i['ignoreC'], 'ignoreP' => $i['ignoreP'] );
97 if($i['severity'] == 1){
98 $totalCriticalIssues++;
99 } else if($i['severity'] == 2){
100 $totalWarningIssues++;
101 }
102 }
103 wfConfig::set_ser('emailedIssuesList', $emailedIssues);
104 if($level == 2 && $totalCriticalIssues < 1 && $totalWarningIssues < 1){ return; }
105 if($level == 1 && $totalCriticalIssues < 1){ return; }
106 $content = wfUtils::tmpl('email_newIssues.php', array(
107 'issues' => $finalIssues,
108 'totalCriticalIssues' => $totalCriticalIssues,
109 'totalWarningIssues' => $totalWarningIssues,
110 'level' => $level
111 ));
112 wp_mail(implode(',', $emails), $subject, $content);
113 }
114 public function deleteIssue($id){
115 $this->getDB()->query("delete from " . $this->issuesTable . " where id=%d", $id);
116 }
117 public function updateIssue($id, $status){ //ignoreC, ignoreP, delete or new
118 $currentStatus = $this->getDB()->querySingle("select status from " . $this->issuesTable . " where id=%d", $id);
119 if($status == 'delete'){
120 $this->getDB()->query("delete from " . $this->issuesTable . " where id=%d", $id);
121 } else if($status == 'ignoreC' || $status == 'ignoreP' || $status == 'new'){
122 $this->getDB()->query("update " . $this->issuesTable . " set status='%s' where id=%d", $status, $id);
123 }
124 }
125 public function getIssueByID($id){
126 $rec = $this->getDB()->querySingleRec("select * from " . $this->issuesTable . " where id=%d", $id);
127 $rec['data'] = unserialize($rec['data']);
128 return $rec;
129 }
130 public function getIssues(){
131 $issues = wfConfig::get('wf_issues', array());
132 $ret = array(
133 'new' => array(),
134 'ignored' => array()
135 );
136 $q1 = $this->getDB()->query("select * from " . $this->issuesTable . " order by time desc");
137 while($i = mysql_fetch_assoc($q1)){
138 $i['data'] = unserialize($i['data']);
139 $i['timeAgo'] = wfUtils::makeTimeAgo(time() - $i['time']);
140 if($i['status'] == 'new'){
141 $ret['new'][] = $i;
142 } else if($i['status'] == 'ignoreP' || $i['status'] == 'ignoreC'){
143 $ret['ignored'][] = $i;
144 } else {
145 error_log("Issue has bad status: " . $i['status']);
146 continue;
147 }
148 }
149 foreach($ret as $status => &$issueList){
150 for($i = 0; $i < sizeof($issueList); $i++){
151 if($issueList[$i]['type'] == 'file'){
152 $localFile = ABSPATH . '/' . preg_replace('/^[\.\/]+/', '', $issueList[$i]['data']['file']);
153 if(file_exists($localFile)){
154 $issueList[$i]['data']['fileExists'] = true;
155 } else {
156 $issueList[$i]['data']['fileExists'] = '';
157 }
158 }
159 $issueList[$i]['issueIDX'] = $i;
160 }
161 }
162 return $ret; //array of lists of issues by status
163 }
164 public function updateSummaryItem($key, $val){
165 $arr = wfConfig::get_ser('wf_summaryItems', array());
166 $arr[$key] = $val;
167 $arr['lastUpdate'] = time();
168 wfConfig::set_ser('wf_summaryItems', $arr);
169 }
170 public function getSummaryItem($key){
171 $arr = wfConfig::get_ser('wf_summaryItems', array());
172 if(array_key_exists($key, $arr)){
173 return $arr[$key];
174 } else { return ''; }
175 }
176 public function summaryUpdateRequired(){
177 $last = $this->getSummaryItem('lastUpdate');
178 if( (! $last) || (time() - $last > (86400 * 7))){
179 return true;
180 }
181 return false;
182 }
183 public function getSummaryItems(){
184 if(! $this->updateCalled){
185 $this->updateCalled = true;
186 $this->updateSummaryItems();
187 }
188 $arr = wfConfig::get_ser('wf_summaryItems', array());
189 $arr['scanTimeAgo'] = wfUtils::makeTimeAgo(sprintf('%.0f', time() - $arr['scanTime']));
190 $arr['scanRunning'] = wfConfig::get('wf_scanRunning') ? '1' : '0';
191 $arr['scheduledScansEnabled'] = wfConfig::get('scheduledScansEnabled');
192 $secsToGo = wp_next_scheduled('wordfence_scheduled_scan') - time();
193 if($secsToGo < 1){
194 $nextRun = 'now';
195 } else {
196 $nextRun = wfUtils::makeTimeAgo($secsToGo) . ' from now';
197 }
198 $arr['nextRun'] = $nextRun;
199
200 $arr['totalCritical'] = $this->getDB()->querySingle("select count(*) as cnt from " . $this->issuesTable . " where status='new' and severity=1");
201 $arr['totalWarning'] = $this->getDB()->querySingle("select count(*) as cnt from " . $this->issuesTable . " where status='new' and severity=2");
202
203 return $arr;
204 }
205 private function updateSummaryItems(){
206 global $wpdb;
207 $dat = array();
208 $users = $wpdb->get_col($wpdb->prepare("SELECT $wpdb->users.ID FROM $wpdb->users"));
209 $dat['totalUsers'] = sizeof($users);
210 $res1 = $wpdb->get_col($wpdb->prepare("SELECT count(*) as cnt FROM $wpdb->posts where post_type='page' and post_status NOT IN ('auto-draft')")); $dat['totalPages'] = $res1['0'];
211 $res1 = $wpdb->get_col($wpdb->prepare("SELECT count(*) as cnt FROM $wpdb->posts where post_type='post' and post_status NOT IN ('auto-draft')")); $dat['totalPosts'] = $res1['0'];
212 $res1 = $wpdb->get_col($wpdb->prepare("SELECT count(*) as cnt FROM $wpdb->comments")); $dat['totalComments'] = $res1['0'];
213 $res1 = $wpdb->get_col($wpdb->prepare("SELECT count(*) as cnt FROM $wpdb->term_taxonomy where taxonomy='category'")); $dat['totalCategories'] = $res1['0'];
214 $res1 = $wpdb->get_col($wpdb->prepare("show tables")); $dat['totalTables'] = sizeof($res1);
215 $totalRows = 0;
216 foreach($res1 as $table){
217 $res2 = $wpdb->get_col($wpdb->prepare("select count(*) from $table"));
218 $totalRows += $res2[0];
219 }
220 $dat['totalRows'] = $totalRows;
221 $arr = wfConfig::get_ser('wf_summaryItems', array());
222 foreach($dat as $key => $val){
223 $arr[$key] = $val;
224 }
225 wfConfig::set_ser('wf_summaryItems', $arr);
226 }
227 public function setScanTimeNow(){
228 $this->updateSummaryItem('scanTime', microtime(true));
229 }
230 public function getScanTime(){
231 return $this->getSummaryItem('scanTime');
232 }
233 private function getDB(){
234 if(! $this->db){
235 $this->db = new wfDB();
236 }
237 return $this->db;
238 }
239 }
240
241 ?>
242