PluginProbe ʕ •ᴥ•ʔ
Wordfence Security – Firewall, Malware Scan, and Login Security / 5.1.2
Wordfence Security – Firewall, Malware Scan, and Login Security v5.1.2
8.2.2 8.2.1 8.2.0 3.7.1 3.7.2 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.8.6 3.8.7 3.8.8 3.8.9 3.9.1 4.0.1 4.0.2 4.0.3 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.0.9 5.1.1 5.1.2 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3.1 5.3.10 5.3.11 5.3.12 5.3.2 5.3.3 5.3.4 5.3.5 5.3.6 5.3.7 5.3.8 5.3.9 6.0.1 6.0.10 6.0.11 6.0.12 6.0.14 6.0.15 6.0.16 6.0.17 6.0.18 6.0.19 6.0.2 6.0.20 6.0.21 6.0.22 6.0.23 6.0.24 6.0.25 6.0.3 6.0.4 6.0.5 6.0.6 6.0.7 6.0.8 6.0.9 6.1.1 6.1.10 6.1.11 6.1.12 6.1.14 6.1.15 6.1.16 6.1.17 6.1.2 6.1.3 6.1.4 6.1.5 6.1.6 6.1.7 6.1.8 6.1.9 6.2.0 6.2.1 6.2.10 6.2.2 6.2.3 6.2.4 6.2.5 6.2.6 6.2.7 6.2.8 6.2.9 6.3.0 6.3.1 6.3.10 6.3.11 6.3.12 6.3.14 6.3.15 6.3.16 6.3.17 6.3.18 6.3.19 6.3.2 6.3.20 6.3.21 6.3.22 6.3.3 6.3.4 6.3.5 6.3.6 6.3.7 6.3.8 6.3.9 7.0.1 7.0.2 7.0.3 7.0.4 7.0.5 7.1.0 7.1.1 7.1.10 7.1.11 7.1.12 7.1.14 7.1.15 7.1.16 7.1.17 7.1.18 7.1.19 7.1.2 7.1.20 7.1.3 7.1.4 7.1.5 7.1.6 7.1.7 7.1.8 7.1.9 7.10.0 7.10.1 7.10.2 7.10.3 7.10.4 7.10.5 7.10.6 7.10.7 7.11.0 7.11.1 7.11.2 7.11.3 7.11.4 7.11.5 7.11.6 7.11.7 7.2.1 7.2.2 7.2.3 7.2.4 7.2.5 7.3.1 7.3.2 7.3.3 7.3.4 7.3.5 7.3.6 7.4.0 7.4.1 7.4.10 7.4.11 7.4.12 7.4.14 7.4.2 7.4.3 trunk 7.4.4 1.1 7.4.5 1.2 7.4.6 1.3 7.4.7 1.3.1 7.4.8 1.3.2 7.4.9 1.3.3 7.5.0 1.4.2 7.5.1 1.4.3 7.5.10 1.4.4 7.5.11 1.4.5 7.5.2 1.4.6 7.5.3 1.4.7 7.5.4 1.4.8 7.5.5 1.5.1 7.5.6 1.5.2 7.5.7 1.5.3 7.5.8 1.5.4 7.5.9 1.5.5 7.6.0 1.5.6 7.6.1 2.0.1 7.6.2 2.0.2 7.7.0 2.0.3 7.7.1 2.0.5 7.8.0 2.0.6 7.8.1 2.0.7 7.8.2 2.1.0 7.9.0 2.1.1 7.9.1 2.1.2 7.9.2 2.1.3 7.9.3 2.1.4 8.0.0 2.1.5 8.0.1 3.0.2 8.0.2 3.0.3 8.0.3 3.0.4 8.0.4 3.0.5 8.0.5 3.0.6 8.1.0 3.0.7 8.1.1 3.0.8 8.1.2 3.0.9 8.1.3 3.1.0 8.1.4 3.1.1 v1.4.1 3.1.2 3.1.4 3.1.6 3.2.1 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.3.2 3.3.3 3.3.4 3.3.5 3.3.6 3.3.7 3.4.1 3.4.4 3.4.5 3.5.1 3.5.2 3.6.1 3.6.3 3.6.4 3.6.5 3.6.6 3.6.7 3.6.8 3.6.9
wordfence / lib / wfAPI.php
wordfence / lib Last commit date
Diff 14 years ago whois 12 years ago .htaccess 14 years ago Diff.php 14 years ago GeoIP.dat 11 years ago IPTraf.php 11 years ago conntest.php 11 years ago dashboard.php 11 years ago diffResult.php 14 years ago email_genericAlert.php 11 years ago email_newIssues.php 11 years ago email_unlockRequest.php 11 years ago menuHeader.php 11 years ago menu_activity.php 11 years ago menu_blockedIPs.php 11 years ago menu_countryBlocking.php 11 years ago menu_options.php 11 years ago menu_rangeBlocking.php 11 years ago menu_scan.php 11 years ago menu_scanSchedule.php 11 years ago menu_sitePerf.php 11 years ago menu_sitePerfStats.php 11 years ago menu_twoFactor.php 11 years ago menu_whois.php 11 years ago pageTitle.php 13 years ago schedWeekEntry.php 12 years ago sysinfo.php 14 years ago unknownFiles.php 13 years ago viewFullActivityLog.php 13 years ago wf503.php 12 years ago wfAPI.php 11 years ago wfAction.php 14 years ago wfArray.php 13 years ago wfBrowscap.php 11 years ago wfBrowscapCache.php 11 years ago wfBulkCountries.php 13 years ago wfCache.php 11 years ago wfConfig.php 11 years ago wfCountryMap.php 13 years ago wfCrawl.php 12 years ago wfDB.php 11 years ago wfDict.php 14 years ago wfGeoIP.php 13 years ago wfIssues.php 11 years ago wfLockedOut.php 13 years ago wfLog.php 11 years ago wfRate.php 14 years ago wfScan.php 11 years ago wfScanEngine.php 11 years ago wfSchema.php 11 years ago wfUnlockMsg.php 13 years ago wfUtils.php 11 years ago wfViewResult.php 14 years ago wordfenceClass.php 11 years ago wordfenceConstants.php 11 years ago wordfenceHash.php 11 years ago wordfenceScanner.php 11 years ago wordfenceURLHoover.php 11 years ago
wfAPI.php
196 lines
1 <?php
2 require_once('wordfenceConstants.php');
3 require_once('wordfenceClass.php');
4 class wfAPI {
5 public $lastHTTPStatus = '';
6 public $lastCurlErrorNo = '';
7 private $curlContent = 0;
8 private $APIKey = '';
9 private $wordpressVersion = '';
10 private static $maintMsg = "The Wordfence scanning server could not be contacted.";
11 public function __construct($apiKey, $wordpressVersion){
12 $this->APIKey = $apiKey;
13 $this->wordpressVersion = $wordpressVersion;
14 }
15 public function getStaticURL($url){ // In the form '/something.bin' without quotes
16 return $this->getURL($this->getAPIURL() . $url);
17 }
18 public function call($action, $getParams = array(), $postParams = array()){
19 $json = $this->getURL($this->getAPIURL() . '/v' . WORDFENCE_API_VERSION . '/?' . $this->makeAPIQueryString() . '&' . self::buildQuery(
20 array_merge(
21 array('action' => $action),
22 $getParams
23 )), $postParams);
24 if(! $json){
25 throw new Exception("We received an empty data response from the Wordfence scanning servers when calling the '$action' function.");
26 }
27
28 $dat = json_decode($json, true);
29 if(isset($dat['_isPaidKey'])){
30 wfConfig::set('keyExpDays', $dat['_keyExpDays']);
31 if($dat['_keyExpDays'] > -1){
32 wfConfig::set('isPaid', 1);
33 } else if($dat['_keyExpDays'] < 0){
34 wfConfig::set('isPaid', '');
35 }
36 }
37
38 if(! is_array($dat)){
39 throw new Exception("We received a data structure that is not the expected array when contacting the Wordfence scanning servers and calling the '$action' function.");
40 }
41 if(is_array($dat) && isset($dat['errorMsg'])){
42 throw new Exception($dat['errorMsg']);
43 }
44 return $dat;
45 }
46 public function curlWrite($h, $d){
47 $this->curlContent .= $d;
48 return strlen($d);
49 }
50 protected function getURL($url, $postParams = array()){
51 if(function_exists('curl_init')){
52 $this->curlDataWritten = 0;
53 $this->curlContent = "";
54 $curl = curl_init($url);
55 curl_setopt ($curl, CURLOPT_TIMEOUT, 900);
56 curl_setopt ($curl, CURLOPT_USERAGENT, "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]') );
57 curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
58 curl_setopt ($curl, CURLOPT_HEADER, 0);
59 curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
60 curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
61 curl_setopt ($curl, CURLOPT_WRITEFUNCTION, array($this, 'curlWrite'));
62 curl_setopt($curl, CURLOPT_POST, true);
63 curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
64 wordfence::status(4, 'info', "CURL fetching URL: " . $url);
65 $curlResult = curl_exec($curl);
66
67 $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
68 $this->lastCurlErrorNo = curl_errno($curl);
69 if($httpStatus == 200){
70 curl_close($curl);
71 return $this->curlContent;
72 } else {
73 $cerror = curl_error($curl);
74 curl_close($curl);
75 throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [$httpStatus] and the curl error number was [" . $this->lastCurlErrorNo . "] " . ($cerror ? (' and the error from CURL was: ' . $cerror) : ''));
76 }
77 } else {
78 wordfence::status(4, 'info', "Fetching URL with file_get: " . $url);
79 $data = $this->fileGet($url, $postParams);
80 if($data === false){
81 $err = error_get_last();
82 if($err){
83 throw new Exception("We received an error response when trying to contact the Wordfence scanning servers using PHP's file_get_contents function. The error was: " . var_export($err, true));
84 } else {
85 throw new Exception("We received an empty response when trying to contact the Wordfence scanning servers using PHP's file_get_contents function.");
86 }
87 }
88 return $data;
89 }
90
91 }
92 private function fileGet($url, $postParams){
93 $body = "";
94 if(is_array($postParams)){
95 $bodyArr = array();
96 foreach($postParams as $key => $val){
97 $bodyArr[] = urlencode($key) . '=' . urlencode($val);
98 }
99 $body = implode('&', $bodyArr);
100 } else {
101 $body = $postParams;
102 }
103 $opts = array('http' =>
104 array(
105 'method' => 'POST',
106 'content' => $body,
107 'header' => "Content-Type: application/x-www-form-urlencoded\r\n",
108 'timeout' => 60
109 )
110 );
111 $context = stream_context_create($opts);
112 return @file_get_contents($url, false, $context, -1);
113 }
114 public function binCall($func, $postData){
115 $url = $this->getAPIURL() . '/v' . WORDFENCE_API_VERSION . '/?' . $this->makeAPIQueryString() . '&action=' . $func;
116 if(function_exists('curl_init')){
117 $curl = curl_init($url);
118 curl_setopt ($curl, CURLOPT_TIMEOUT, 900);
119 //curl_setopt($curl, CURLOPT_VERBOSE, true);
120 curl_setopt ($curl, CURLOPT_USERAGENT, "Wordfence");
121 curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
122 curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
123 curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
124 curl_setopt($curl, CURLOPT_POST, true);
125 if($postData){
126 curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
127 } else {
128 curl_setopt($curl, CURLOPT_POSTFIELDS, array());
129 }
130 $data = curl_exec($curl);
131
132 $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
133 if($httpStatus != 200){
134 $cError = curl_error($curl);
135 curl_close($curl);
136 if($cError){
137 throw new Exception("We received an error response when trying to fetch binary data from the Wordfence scanning server. The HTTP status was [$httpStatus] with error: $cError");
138 } else {
139 throw new Exception("We received an error HTTP response when trying to fetch binary data from the Wordfence scanning server: [$httpStatus]");
140 }
141 }
142 } else {
143 $data = $this->fileGet($url, $postData);
144 if($data === false){
145 $err = error_get_last();
146 if($err){
147 throw new Exception("We received an error response when trying to fetch binary data from the Wordfence scanning server using file_get_contents: $err");
148 } else {
149 throw new Exception("We received an error when trying to fetch binary data from the Wordfence scanning server using file_get_contents. There was no message explaining the error.");
150 }
151 }
152 $httpStatus = '200';
153 }
154 if(preg_match('/\{.*errorMsg/', $data)){
155 $jdat = @json_decode($data, true);
156 if(is_array($jdat) && $jdat['errorMsg']){
157 throw new Exception($jdat['errorMsg']);
158 }
159 }
160 return array('code' => $httpStatus, 'data' => $data);
161 }
162 public function makeAPIQueryString(){
163 $siteurl = '';
164 if(function_exists('get_bloginfo')){
165 if(is_multisite()){
166 $siteurl = network_home_url();
167 $siteurl = rtrim($siteurl, '/'); //Because previously we used get_bloginfo and it returns http://example.com without a '/' char.
168 } else {
169 $siteurl = home_url();
170 }
171 }
172 return self::buildQuery(array(
173 'v' => $this->wordpressVersion,
174 's' => $siteurl,
175 'k' => $this->APIKey
176 ));
177 }
178 private function buildQuery($data){
179 if(version_compare(phpversion(), '5.1.2', '>=')){
180 return http_build_query($data, '', '&'); //arg_separator parameter was only added in PHP 5.1.2. We do this because some PHP.ini's have arg_separator.output set to '&amp;'
181 } else {
182 return http_build_query($data);
183 }
184 }
185 private function getAPIURL(){
186 $ssl_supported = false;
187 if(defined('CURL_VERSION_SSL') && function_exists('curl_version')){
188 $version = curl_version();
189 $ssl_supported = ($version['features'] & CURL_VERSION_SSL);
190 }
191 return $ssl_supported ? WORDFENCE_API_URL_SEC : WORDFENCE_API_URL_NONSEC;
192 }
193 }
194
195 ?>
196