PluginProbe ʕ •ᴥ•ʔ
Wordfence Security – Firewall, Malware Scan, and Login Security / 3.2.4
Wordfence Security – Firewall, Malware Scan, and Login Security v3.2.4
8.2.2 8.2.1 8.2.0 3.7.1 3.7.2 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.8.8 3.8.9 3.9.1 4.0.1 4.0.2 4.0.3 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.0.9 5.1.1 5.1.2 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.1 5.3.10 5.3.11 5.3.12 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.3.7 5.3.8 5.3.9 6.0.1 6.0.10 6.0.11 6.0.12 6.0.14 6.0.15 6.0.16 6.0.17 6.0.18 6.0.19 6.0.2 6.0.20 6.0.21 6.0.22 6.0.23 6.0.24 6.0.25 6.0.3 6.0.4 6.0.5 6.0.6 6.0.7 6.0.8 6.0.9 6.1.1 6.1.10 6.1.11 6.1.12 6.1.14 6.1.15 6.1.16 6.1.17 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.1.8 6.1.9 6.2.0 6.2.1 6.2.10 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.2.8 6.2.9 6.3.0 6.3.1 6.3.10 6.3.11 6.3.12 6.3.14 6.3.15 6.3.16 6.3.17 6.3.18 6.3.19 6.3.2 6.3.20 6.3.21 6.3.22 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1.0 7.1.1 7.1.10 7.1.11 7.1.12 7.1.14 7.1.15 7.1.16 7.1.17 7.1.18 7.1.19 7.1.2 7.1.20 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.10.0 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 7.10.6 7.10.7 7.11.0 7.11.1 7.11.2 7.11.3 7.11.4 7.11.5 7.11.6 7.11.7 7.2.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3.1 7.3.2 7.3.3 7.3.4 7.3.5 7.3.6 7.4.0 7.4.1 7.4.10 7.4.11 7.4.12 7.4.14 7.4.2 7.4.3 trunk 7.4.4 1.1 7.4.5 1.2 7.4.6 1.3 7.4.7 1.3.1 7.4.8 1.3.2 7.4.9 1.3.3 7.5.0 1.4.2 7.5.1 1.4.3 7.5.10 1.4.4 7.5.11 1.4.5 7.5.2 1.4.6 7.5.3 1.4.7 7.5.4 1.4.8 7.5.5 1.5.1 7.5.6 1.5.2 7.5.7 1.5.3 7.5.8 1.5.4 7.5.9 1.5.5 7.6.0 1.5.6 7.6.1 2.0.1 7.6.2 2.0.2 7.7.0 2.0.3 7.7.1 2.0.5 7.8.0 2.0.6 7.8.1 2.0.7 7.8.2 2.1.0 7.9.0 2.1.1 7.9.1 2.1.2 7.9.2 2.1.3 7.9.3 2.1.4 8.0.0 2.1.5 8.0.1 3.0.2 8.0.2 3.0.3 8.0.3 3.0.4 8.0.4 3.0.5 8.0.5 3.0.6 8.1.0 3.0.7 8.1.1 3.0.8 8.1.2 3.0.9 8.1.3 3.1.0 8.1.4 3.1.1 v1.4.1 3.1.2 3.1.4 3.1.6 3.2.1 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.4 3.4.5 3.5.1 3.5.2 3.6.1 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.6.9
wordfence / lib / wfDB.php
wordfence / lib Last commit date
Diff 14 years ago .htaccess 14 years ago Diff.php 14 years ago GeoIP.dat 13 years ago IPTraf.php 13 years ago diffResult.php 14 years ago email_genericAlert.php 14 years ago email_newIssues.php 14 years ago email_unlockRequest.php 14 years ago menu_activity.php 13 years ago menu_blockedIPs.php 13 years ago menu_countryBlocking.php 13 years ago menu_options.php 13 years ago menu_scan.php 13 years ago menu_scanSchedule.php 13 years ago schedWeekEntry.php 13 years ago sysinfo.php 14 years ago unknownFiles.php 13 years ago viewFullActivityLog.php 13 years ago wf503.php 13 years ago wfAPI.php 13 years ago wfAction.php 14 years ago wfArray.php 13 years ago wfBrowscap.php 14 years ago wfBrowscapCache.php 14 years ago wfBulkCountries.php 13 years ago wfConfig.php 13 years ago wfCountryMap.php 13 years ago wfCrawl.php 13 years ago wfDB.php 13 years ago wfDict.php 14 years ago wfGeoIP.php 13 years ago wfIssues.php 13 years ago wfLockedOut.php 14 years ago wfLog.php 13 years ago wfModTracker.php 14 years ago wfRate.php 14 years ago wfScanEngine.php 13 years ago wfSchema.php 13 years ago wfUnlockMsg.php 14 years ago wfUtils.php 13 years ago wfViewResult.php 14 years ago wordfenceClass.php 13 years ago wordfenceConstants.php 13 years ago wordfenceHash.php 13 years ago wordfenceScanner.php 13 years ago wordfenceURLHoover.php 13 years ago
wfDB.php
234 lines
1 <?php
2 class wfDB {
3 private $dbh = false;
4 private static $dbhCache = array();
5 private $dbhost = false;
6 private $dbpassword = false;
7 private $dbname = false;
8 private $dbuser = false;
9 private $createNewHandle = false;
10 public $errorMsg = false;
11 public function __construct($createNewHandle = false, $dbhost = false, $dbuser = false, $dbpassword = false, $dbname = false){
12 $this->createNewHandle = $createNewHandle;
13 if($dbhost && $dbuser && $dbpassword && $dbname){
14 $this->dbhost = $dbhost;
15 $this->dbuser = $dbuser;
16 $this->dbpassword = $dbpassword;
17 $this->dbname = $dbname;
18 } else {
19 global $wpdb;
20 if(! $wpdb){
21 self::criticalError("The WordPress variable wpdb is not defined. Wordfence can't function without this being defined as it is in all standard WordPress installs.");
22 return;
23 }
24 $sources = array(
25 array('dbhost', 'DB_HOST'),
26 array('dbuser', 'DB_USER'),
27 array('dbpassword', 'DB_PASSWORD'),
28 array('dbname', 'DB_NAME')
29 );
30 foreach($sources as $src){
31 $prop = $src[0];
32 if(isset($wpdb->$prop)){
33 $this->$prop = $wpdb->$prop;
34 } else if(defined($src[1])){
35 $this->$prop = constant($src[1]);
36 } else {
37 self::criticalError("Wordfence DB connect error. wpdb.$prop is not set and " . $src[1] . " is not defined.");
38 return;
39 }
40 }
41 }
42 $this->connectHandle();
43 }
44 private function connectHandle(){
45 //We tried reusing wpdb but got disconnection errors from many users.
46 $handleKey = md5($this->dbhost . $this->dbuser . $this->dbpassword . $this->dbname);
47 //Use a cached handle if it exists and is still connected
48 if( (! $this->createNewHandle) && isset(self::$dbhCache[$handleKey]) && mysql_ping(self::$dbhCache[$handleKey]) ){
49 $this->dbh = self::$dbhCache[$handleKey];
50 } else {
51 //This close call is to deal with versions of mysql prior to 5.0.3 which auto-recommend when callig ping. So the conditional above may have reconnected this handle, so we disconnect it before reconnecting, if it's connected.
52 if(isset(self::$dbhCache[$handleKey]) && mysql_ping(self::$dbhCache[$handleKey])){
53 mysql_close(self::$dbhCache[$handleKey]);
54 unset(self::$dbhCache[$handleKey]);
55 }
56 $dbh = mysql_connect($this->dbhost, $this->dbuser, $this->dbpassword, true );
57 mysql_select_db($this->dbname, $dbh);
58 if($this->createNewHandle){
59 $this->dbh = $dbh;
60 } else {
61 self::$dbhCache[$handleKey] = $dbh;
62 $this->dbh = self::$dbhCache[$handleKey];
63 }
64 $this->query("SET NAMES 'utf8'");
65 $this->queryIgnoreError("SET GLOBAL max_allowed_packet=256*1024*1024");
66 //$this->queryIgnoreError("SET GLOBAL wait_timeout=28800");
67 $this->queryIgnoreError("SET @@wait_timeout=30800"); //Changing to session setting bc user may not have super privilege
68 }
69 }
70 public function reconnect(){
71 if((! $this->dbh) || (! mysql_ping($this->dbh)) ){
72 $this->connectHandle();
73 }
74 }
75 public function querySingleRec(){
76 $this->reconnect();
77 $this->errorMsg = false;
78 $args = func_get_args();
79 if(sizeof($args) == 1){
80 $query = $args[0];
81 } else if(sizeof($args) > 1){
82 $query = call_user_func_array('sprintf', $args);
83 } else {
84 $this->handleError("No arguments passed to querySingle()");
85 }
86 $res = mysql_query($query, $this->dbh);
87 $this->handleError();
88 return mysql_fetch_assoc($res); //returns false if no rows found
89 }
90 public function handleError($err = false){
91 if(! $err){
92 $err = mysql_error();
93 }
94 if($err){
95 $trace=debug_backtrace();
96 $first=array_shift($trace);
97 $caller=array_shift($trace);
98 $msg = "Wordfence DB error in " . $caller['file'] . " line " . $caller['line'] . ": $err";
99 global $wpdb;
100 $statusTable = $wpdb->base_prefix . 'wfStatus';
101 $this->reconnect(); //Putting reconnect here so it doesn't mess with the mysql_error() call
102 mysql_query(sprintf("insert into " . $statusTable . " (ctime, level, type, msg) values (%s, %d, '%s', '%s')",
103 mysql_real_escape_string(sprintf('%.6f', microtime(true))),
104 mysql_real_escape_string(1),
105 mysql_real_escape_string('error'),
106 mysql_real_escape_string($msg)), $this->dbh);
107 error_log($msg);
108 return;
109 }
110 }
111 public function querySingle(){
112 $this->reconnect();
113 $this->errorMsg = false;
114 $args = func_get_args();
115 if(sizeof($args) == 1){
116 $query = $args[0];
117 } else if(sizeof($args) > 1){
118 for($i = 1; $i < sizeof($args); $i++){
119 $args[$i] = mysql_real_escape_string($args[$i]);
120 }
121 $query = call_user_func_array('sprintf', $args);
122 } else {
123 $this->handleError("No arguments passed to querySingle()");
124 }
125 $res = mysql_query($query, $this->dbh);
126 $this->handleError();
127 if(! $res){
128 return false;
129 }
130 $row = mysql_fetch_array($res, MYSQL_NUM);
131 if(! is_array($row)){ return false; }
132 return $row[0];
133 }
134 public function query(){ //sprintfString, arguments
135 $this->reconnect();
136 $this->errorMsg = false;
137 $args = func_get_args();
138 $isStatusQuery = false;
139 if(sizeof($args) == 1){
140 if(preg_match('/Wordfence DB error/i', $args[0])){
141 $isStatusQuery = true;
142 }
143 $res = mysql_query($args[0], $this->dbh);
144 } else if(sizeof($args) > 1){
145 for($i = 1; $i < sizeof($args); $i++){
146 if(preg_match('/Wordfence DB error/i', $args[$i])){
147 $isStatusQuery = true;
148 }
149 $args[$i] = mysql_real_escape_string($args[$i]);
150 }
151 $res = mysql_query(call_user_func_array('sprintf', $args), $this->dbh);
152 } else {
153 $this->handleError("No arguments passed to query()");
154 }
155 $this->handleError();
156 return $res;
157 }
158 public function queryIgnoreError(){ //sprintfString, arguments
159 $this->reconnect();
160 $this->errorMsg = false;
161 $args = func_get_args();
162 if(sizeof($args) == 1){
163 $res = mysql_query($args[0], $this->dbh);
164 } else if(sizeof($args) > 1){
165 for($i = 1; $i < sizeof($args); $i++){
166 $args[$i] = mysql_real_escape_string($args[$i]);
167 }
168 $res = mysql_query(call_user_func_array('sprintf', $args), $this->dbh);
169 } else {
170 $this->handleError("No arguments passed to query()");
171 }
172 return $res;
173 }
174
175 private static function criticalError($msg){
176 $msg = "Wordfence critical database error: $msg";
177 error_log($msg);
178 return;
179 }
180 public function columnExists($table, $col){
181 global $wpdb; $prefix = $wpdb->base_prefix;
182 $table = $prefix . $table;
183 $q = $this->query("desc $table");
184 while($row = mysql_fetch_assoc($q)){
185 if($row['Field'] == $col){
186 return true;
187 }
188 }
189 return false;
190 }
191 public function dropColumn($table, $col){
192 global $wpdb; $prefix = $wpdb->base_prefix;
193 $table = $prefix . $table;
194 $this->query("alter table $table drop column $col");
195 }
196 public function createKeyIfNotExists($table, $col, $keyName){
197 global $wpdb; $prefix = $wpdb->base_prefix;
198 $table = $prefix . $table;
199 $exists = $this->querySingle("show tables like '$table'");
200 $keyFound = false;
201 if($exists){
202 $q = $this->query("show keys from $table");
203 if($q){
204 while($row = mysql_fetch_assoc($q)){
205 if($row['Key_name'] == $keyName){
206 $keyFound = true;
207 }
208 }
209 }
210 }
211 if(! $keyFound){
212 $this->query("alter table $table add KEY $keyName($col)");
213 }
214 }
215 public function getDBH(){ return $this->dbh; }
216 public function getMaxAllowedPacketBytes(){
217 $rec = $this->querySingleRec("show variables like 'max_allowed_packet'");
218 return $rec['Value'];
219 }
220 public function prefix(){
221 global $wpdb;
222 return $wpdb->base_prefix;
223 }
224 public function getAffectedRows(){
225 return mysql_affected_rows($this->dbh);
226 }
227 public function truncate($table){ //Ensures everything is deleted if user is using MySQL >= 5.1.16 and does not have "drop" privileges
228 $this->query("truncate table $table");
229 $this->query("delete from $table");
230 }
231 }
232
233 ?>
234