wfConfig.php — Wordfence Security – Firewall, Malware Scan, and Login Security 5.1.2

wordfence / lib / wfConfig.php

wordfence / lib Last commit date

wfConfig.php

710 lines

1	<?php
2	class wfConfig {
3	public static $diskCache = array();
4	private static $diskCacheDisabled = false; //enables if we detect a write fail so we don't keep calling stat()
5	private static $table = false;
6	private static $cache = array();
7	private static $DB = false;
8	private static $tmpFileHeader = "<?php\n/* Wordfence temporary file security header */\necho \"Nothing to see here!\\n\"; exit(0);\n?>";
9	private static $tmpDirCache = false;
10	public static $securityLevels = array(
11	array( //level 0
12	"checkboxes" => array(
13	"alertOn_critical" => false,
14	"alertOn_warnings" => false,
15	"alertOn_throttle" => false,
16	"alertOn_block" => false,
17	"alertOn_loginLockout" => false,
18	"alertOn_lostPasswdForm" => false,
19	"alertOn_adminLogin" => false,
20	"alertOn_nonAdminLogin" => false,
21	"liveTrafficEnabled" => true,
22	"advancedCommentScanning" => false,
23	"checkSpamIP" => false,
24	"spamvertizeCheck" => false,
25	"liveTraf_ignorePublishers" => true,
26	//"perfLoggingEnabled" => false,
27	"scheduledScansEnabled" => false,
28	"scansEnabled_public" => false,
29	"scansEnabled_heartbleed" => true,
30	"scansEnabled_core" => false,
31	"scansEnabled_themes" => false,
32	"scansEnabled_plugins" => false,
33	"scansEnabled_malware" => false,
34	"scansEnabled_fileContents" => false,
35	"scansEnabled_posts" => false,
36	"scansEnabled_comments" => false,
37	"scansEnabled_passwds" => false,
38	"scansEnabled_diskSpace" => false,
39	"scansEnabled_options" => false,
40	"scansEnabled_dns" => false,
41	"scansEnabled_scanImages" => false,
42	"scansEnabled_highSense" => false,
43	"scansEnabled_oldVersions" => false,
44	"firewallEnabled" => false,
45	"blockFakeBots" => false,
46	"autoBlockScanners" => false,
47	"loginSecurityEnabled" => false,
48	"loginSec_lockInvalidUsers" => false,
49	"loginSec_maskLoginErrors" => false,
50	"loginSec_blockAdminReg" => false,
51	"loginSec_disableAuthorScan" => false,
52	"other_hideWPVersion" => false,
53	"other_noAnonMemberComments" => false,
54	"other_scanComments" => false,
55	"other_pwStrengthOnUpdate" => false,
56	"other_WFNet" => true,
57	"other_scanOutside" => false,
58	"deleteTablesOnDeact" => false,
59	"disableCookies" => false,
60	"startScansRemotely" => false,
61	"addCacheComment" => false,
62	"allowHTTPSCaching" => false,
63	"debugOn" => false
64	),
65	"otherParams" => array(
66	'securityLevel' => '0',
67	"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'scan_exclude' => '', 'whitelisted' => '', 'bannedURLs' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '', 'alert_maxHourly' => 0, 'loginSec_userBlacklist' => '',
68	"neverBlockBG" => "neverBlockVerified",
69	"loginSec_countFailMins" => "5",
70	"loginSec_lockoutMins" => "5",
71	'loginSec_strongPasswds' => '',
72	'loginSec_maxFailures' => "500",
73	'loginSec_maxForgotPasswd' => "500",
74	'maxGlobalRequests' => "DISABLED",
75	'maxGlobalRequests_action' => "throttle",
76	'maxRequestsCrawlers' => "DISABLED",
77	'maxRequestsCrawlers_action' => "throttle",
78	'maxRequestsHumans' => "DISABLED",
79	'maxRequestsHumans_action' => "throttle",
80	'max404Crawlers' => "DISABLED",
81	'max404Crawlers_action' => "throttle",
82	'max404Humans' => "DISABLED",
83	'max404Humans_action' => "throttle",
84	'maxScanHits' => "DISABLED",
85	'maxScanHits_action' => "throttle",
86	'blockedTime' => "300"
87	)
88	),
89	array( //level 1
90	"checkboxes" => array(
91	"alertOn_critical" => true,
92	"alertOn_warnings" => false,
93	"alertOn_throttle" => false,
94	"alertOn_block" => true,
95	"alertOn_loginLockout" => true,
96	"alertOn_lostPasswdForm" => false,
97	"alertOn_adminLogin" => true,
98	"alertOn_nonAdminLogin" => false,
99	"liveTrafficEnabled" => true,
100	"advancedCommentScanning" => false,
101	"checkSpamIP" => false,
102	"spamvertizeCheck" => false,
103	"liveTraf_ignorePublishers" => true,
104	//"perfLoggingEnabled" => false,
105	"scheduledScansEnabled" => true,
106	"scansEnabled_public" => false,
107	"scansEnabled_heartbleed" => true,
108	"scansEnabled_core" => true,
109	"scansEnabled_themes" => false,
110	"scansEnabled_plugins" => false,
111	"scansEnabled_malware" => true,
112	"scansEnabled_fileContents" => true,
113	"scansEnabled_posts" => true,
114	"scansEnabled_comments" => true,
115	"scansEnabled_passwds" => true,
116	"scansEnabled_diskSpace" => true,
117	"scansEnabled_options" => true,
118	"scansEnabled_dns" => true,
119	"scansEnabled_scanImages" => false,
120	"scansEnabled_highSense" => false,
121	"scansEnabled_oldVersions" => true,
122	"firewallEnabled" => true,
123	"blockFakeBots" => false,
124	"autoBlockScanners" => true,
125	"loginSecurityEnabled" => true,
126	"loginSec_lockInvalidUsers" => false,
127	"loginSec_maskLoginErrors" => true,
128	"loginSec_blockAdminReg" => true,
129	"loginSec_disableAuthorScan" => true,
130	"other_hideWPVersion" => true,
131	"other_noAnonMemberComments" => true,
132	"other_scanComments" => true,
133	"other_pwStrengthOnUpdate" => true,
134	"other_WFNet" => true,
135	"other_scanOutside" => false,
136	"deleteTablesOnDeact" => false,
137	"disableCookies" => false,
138	"startScansRemotely" => false,
139	"addCacheComment" => false,
140	"allowHTTPSCaching" => false,
141	"debugOn" => false
142	),
143	"otherParams" => array(
144	'securityLevel' => '1',
145	"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'scan_exclude' => '', 'whitelisted' => '', 'bannedURLs' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '', 'alert_maxHourly' => 0, 'loginSec_userBlacklist' => '',
146	"neverBlockBG" => "neverBlockVerified",
147	"loginSec_countFailMins" => "5",
148	"loginSec_lockoutMins" => "5",
149	'loginSec_strongPasswds' => 'pubs',
150	'loginSec_maxFailures' => "50",
151	'loginSec_maxForgotPasswd' => "50",
152	'maxGlobalRequests' => "DISABLED",
153	'maxGlobalRequests_action' => "throttle",
154	'maxRequestsCrawlers' => "DISABLED",
155	'maxRequestsCrawlers_action' => "throttle",
156	'maxRequestsHumans' => "DISABLED",
157	'maxRequestsHumans_action' => "throttle",
158	'max404Crawlers' => "DISABLED",
159	'max404Crawlers_action' => "throttle",
160	'max404Humans' => "DISABLED",
161	'max404Humans_action' => "throttle",
162	'maxScanHits' => "DISABLED",
163	'maxScanHits_action' => "throttle",
164	'blockedTime' => "300"
165	)
166	),
167	array( //level 2
168	"checkboxes" => array(
169	"alertOn_critical" => true,
170	"alertOn_warnings" => true,
171	"alertOn_throttle" => false,
172	"alertOn_block" => true,
173	"alertOn_loginLockout" => true,
174	"alertOn_lostPasswdForm" => true,
175	"alertOn_adminLogin" => true,
176	"alertOn_nonAdminLogin" => false,
177	"liveTrafficEnabled" => true,
178	"advancedCommentScanning" => false,
179	"checkSpamIP" => false,
180	"spamvertizeCheck" => false,
181	"liveTraf_ignorePublishers" => true,
182	//"perfLoggingEnabled" => false,
183	"scheduledScansEnabled" => true,
184	"scansEnabled_public" => false,
185	"scansEnabled_heartbleed" => true,
186	"scansEnabled_core" => true,
187	"scansEnabled_themes" => false,
188	"scansEnabled_plugins" => false,
189	"scansEnabled_malware" => true,
190	"scansEnabled_fileContents" => true,
191	"scansEnabled_posts" => true,
192	"scansEnabled_comments" => true,
193	"scansEnabled_passwds" => true,
194	"scansEnabled_diskSpace" => true,
195	"scansEnabled_options" => true,
196	"scansEnabled_dns" => true,
197	"scansEnabled_scanImages" => false,
198	"scansEnabled_highSense" => false,
199	"scansEnabled_oldVersions" => true,
200	"firewallEnabled" => true,
201	"blockFakeBots" => false,
202	"autoBlockScanners" => true,
203	"loginSecurityEnabled" => true,
204	"loginSec_lockInvalidUsers" => false,
205	"loginSec_maskLoginErrors" => true,
206	"loginSec_blockAdminReg" => true,
207	"loginSec_disableAuthorScan" => true,
208	"other_hideWPVersion" => true,
209	"other_noAnonMemberComments" => true,
210	"other_scanComments" => true,
211	"other_pwStrengthOnUpdate" => true,
212	"other_WFNet" => true,
213	"other_scanOutside" => false,
214	"deleteTablesOnDeact" => false,
215	"disableCookies" => false,
216	"startScansRemotely" => false,
217	"addCacheComment" => false,
218	"allowHTTPSCaching" => false,
219	"debugOn" => false
220	),
221	"otherParams" => array(
222	'securityLevel' => '2',
223	"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'scan_exclude' => '', 'whitelisted' => '', 'bannedURLs' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '', 'alert_maxHourly' => 0, 'loginSec_userBlacklist' => '',
224	"neverBlockBG" => "neverBlockVerified",
225	"loginSec_countFailMins" => "240",
226	"loginSec_lockoutMins" => "240",
227	'loginSec_strongPasswds' => 'pubs',
228	'loginSec_maxFailures' => "20",
229	'loginSec_maxForgotPasswd' => "20",
230	'maxGlobalRequests' => "DISABLED",
231	'maxGlobalRequests_action' => "throttle",
232	'maxRequestsCrawlers' => "DISABLED",
233	'maxRequestsCrawlers_action' => "throttle",
234	'maxRequestsHumans' => "DISABLED",
235	'maxRequestsHumans_action' => "throttle",
236	'max404Crawlers' => "DISABLED",
237	'max404Crawlers_action' => "throttle",
238	'max404Humans' => "DISABLED",
239	'max404Humans_action' => "throttle",
240	'maxScanHits' => "DISABLED",
241	'maxScanHits_action' => "throttle",
242	'blockedTime' => "300"
243	)
244	),
245	array( //level 3
246	"checkboxes" => array(
247	"alertOn_critical" => true,
248	"alertOn_warnings" => true,
249	"alertOn_throttle" => false,
250	"alertOn_block" => true,
251	"alertOn_loginLockout" => true,
252	"alertOn_lostPasswdForm" => true,
253	"alertOn_adminLogin" => true,
254	"alertOn_nonAdminLogin" => false,
255	"liveTrafficEnabled" => true,
256	"advancedCommentScanning" => false,
257	"checkSpamIP" => false,
258	"spamvertizeCheck" => false,
259	"liveTraf_ignorePublishers" => true,
260	//"perfLoggingEnabled" => false,
261	"scheduledScansEnabled" => true,
262	"scansEnabled_public" => false,
263	"scansEnabled_heartbleed" => true,
264	"scansEnabled_core" => true,
265	"scansEnabled_themes" => false,
266	"scansEnabled_plugins" => false,
267	"scansEnabled_malware" => true,
268	"scansEnabled_fileContents" => true,
269	"scansEnabled_posts" => true,
270	"scansEnabled_comments" => true,
271	"scansEnabled_passwds" => true,
272	"scansEnabled_diskSpace" => true,
273	"scansEnabled_options" => true,
274	"scansEnabled_dns" => true,
275	"scansEnabled_scanImages" => false,
276	"scansEnabled_highSense" => false,
277	"scansEnabled_oldVersions" => true,
278	"firewallEnabled" => true,
279	"blockFakeBots" => false,
280	"autoBlockScanners" => true,
281	"loginSecurityEnabled" => true,
282	"loginSec_lockInvalidUsers" => false,
283	"loginSec_maskLoginErrors" => true,
284	"loginSec_blockAdminReg" => true,
285	"loginSec_disableAuthorScan" => true,
286	"other_hideWPVersion" => true,
287	"other_noAnonMemberComments" => true,
288	"other_scanComments" => true,
289	"other_pwStrengthOnUpdate" => true,
290	"other_WFNet" => true,
291	"other_scanOutside" => false,
292	"deleteTablesOnDeact" => false,
293	"disableCookies" => false,
294	"startScansRemotely" => false,
295	"addCacheComment" => false,
296	"allowHTTPSCaching" => false,
297	"debugOn" => false
298	),
299	"otherParams" => array(
300	'securityLevel' => '3',
301	"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'scan_exclude' => '', 'whitelisted' => '', 'bannedURLs' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '', 'alert_maxHourly' => 0, 'loginSec_userBlacklist' => '',
302	"neverBlockBG" => "neverBlockVerified",
303	"loginSec_countFailMins" => "1440",
304	"loginSec_lockoutMins" => "1440",
305	'loginSec_strongPasswds' => 'all',
306	'loginSec_maxFailures' => "10",
307	'loginSec_maxForgotPasswd' => "10",
308	'maxGlobalRequests' => "960",
309	'maxGlobalRequests_action' => "throttle",
310	'maxRequestsCrawlers' => "960",
311	'maxRequestsCrawlers_action' => "throttle",
312	'maxRequestsHumans' => "60",
313	'maxRequestsHumans_action' => "throttle",
314	'max404Crawlers' => "60",
315	'max404Crawlers_action' => "throttle",
316	'max404Humans' => "60",
317	'max404Humans_action' => "throttle",
318	'maxScanHits' => "30",
319	'maxScanHits_action' => "throttle",
320	'blockedTime' => "1800"
321	)
322	),
323	array( //level 4
324	"checkboxes" => array(
325	"alertOn_critical" => true,
326	"alertOn_warnings" => true,
327	"alertOn_throttle" => false,
328	"alertOn_block" => true,
329	"alertOn_loginLockout" => true,
330	"alertOn_lostPasswdForm" => true,
331	"alertOn_adminLogin" => true,
332	"alertOn_nonAdminLogin" => false,
333	"liveTrafficEnabled" => true,
334	"advancedCommentScanning" => false,
335	"checkSpamIP" => false,
336	"spamvertizeCheck" => false,
337	"liveTraf_ignorePublishers" => true,
338	//"perfLoggingEnabled" => false,
339	"scheduledScansEnabled" => true,
340	"scansEnabled_public" => false,
341	"scansEnabled_heartbleed" => true,
342	"scansEnabled_core" => true,
343	"scansEnabled_themes" => false,
344	"scansEnabled_plugins" => false,
345	"scansEnabled_malware" => true,
346	"scansEnabled_fileContents" => true,
347	"scansEnabled_posts" => true,
348	"scansEnabled_comments" => true,
349	"scansEnabled_passwds" => true,
350	"scansEnabled_diskSpace" => true,
351	"scansEnabled_options" => true,
352	"scansEnabled_dns" => true,
353	"scansEnabled_scanImages" => false,
354	"scansEnabled_highSense" => false,
355	"scansEnabled_oldVersions" => true,
356	"firewallEnabled" => true,
357	"blockFakeBots" => true,
358	"autoBlockScanners" => true,
359	"loginSecurityEnabled" => true,
360	"loginSec_lockInvalidUsers" => true,
361	"loginSec_maskLoginErrors" => true,
362	"loginSec_blockAdminReg" => true,
363	"loginSec_disableAuthorScan" => true,
364	"other_hideWPVersion" => true,
365	"other_noAnonMemberComments" => true,
366	"other_scanComments" => true,
367	"other_pwStrengthOnUpdate" => true,
368	"other_WFNet" => true,
369	"other_scanOutside" => false,
370	"deleteTablesOnDeact" => false,
371	"disableCookies" => false,
372	"startScansRemotely" => false,
373	"addCacheComment" => false,
374	"allowHTTPSCaching" => false,
375	"debugOn" => false
376	),
377	"otherParams" => array(
378	'securityLevel' => '4',
379	"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'scan_exclude' => '', 'whitelisted' => '', 'bannedURLs' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '', 'alert_maxHourly' => 0, 'loginSec_userBlacklist' => '',
380	"neverBlockBG" => "neverBlockVerified",
381	"loginSec_countFailMins" => "1440",
382	"loginSec_lockoutMins" => "1440",
383	'loginSec_strongPasswds' => 'all',
384	'loginSec_maxFailures' => "5",
385	'loginSec_maxForgotPasswd' => "5",
386	'maxGlobalRequests' => "960",
387	'maxGlobalRequests_action' => "throttle",
388	'maxRequestsCrawlers' => "960",
389	'maxRequestsCrawlers_action' => "throttle",
390	'maxRequestsHumans' => "30",
391	'maxRequestsHumans_action' => "block",
392	'max404Crawlers' => "30",
393	'max404Crawlers_action' => "block",
394	'max404Humans' => "60",
395	'max404Humans_action' => "block",
396	'maxScanHits' => "10",
397	'maxScanHits_action' => "block",
398	'blockedTime' => "7200"
399	)
400	)
401	);
402	public static function setDefaults(){
403	foreach(self::$securityLevels[2]['checkboxes'] as $key => $val){
404	if(self::get($key) === false){
405	self::set($key, $val ? '1' : '0');
406	}
407	}
408	foreach(self::$securityLevels[2]['otherParams'] as $key => $val){
409	if(self::get($key) === false){
410	self::set($key, $val);
411	}
412	}
413	self::set('encKey', substr(wfUtils::bigRandomHex(),0 ,16) );
414	if(self::get('maxMem', false) === false ){
415	self::set('maxMem', '256');
416	}
417	if(self::get('other_scanOutside', false) === false){
418	self::set('other_scanOutside', 0);
419	}
420	}
421	public static function parseOptions(){
422	$ret = array();
423	foreach(self::$securityLevels[2]['checkboxes'] as $key => $val){ //value is not used. We just need the keys for validation
424	$ret[$key] = isset($_POST[$key]) ? '1' : '0';
425	}
426	foreach(self::$securityLevels[2]['otherParams'] as $key => $val){
427	if(isset($_POST[$key])){
428	$ret[$key] = $_POST[$key];
429	} else {
430	error_log("Missing options param \"$key\" when parsing parameters.");
431	}
432	}
433	/* for debugging only:
434	foreach($_POST as $key => $val){
435	if($key != 'action' && $key != 'nonce' && (! array_key_exists($key, self::$checkboxes)) && (! array_key_exists($key, self::$otherParams)) ){
436	error_log("Unrecognized option: $key");
437	}
438	}
439	*/
440	return $ret;
441	}
442	public static function setArray($arr){
443	foreach($arr as $key => $val){
444	self::set($key, $val);
445	}
446	}
447	public static function clearCache(){
448	self::$cache = array();
449	}
450	public static function getHTML($key){
451	return htmlspecialchars(self::get($key));
452	}
453	public static function inc($key){
454	$val = self::get($key, false);
455	if(! $val){
456	$val = 0;
457	}
458	self::set($key, $val + 1);
459	}
460	public static function set($key, $val){
461	if(is_array($val)){
462	$msg = "wfConfig::set() got an array as second param with key: $key and value: " . var_export($val, true);
463	wordfence::status(1, 'error', $msg);
464	return;
465	}
466
467	self::getDB()->queryWrite("insert into " . self::table() . " (name, val) values ('%s', '%s') ON DUPLICATE KEY UPDATE val='%s'", $key, $val, $val);
468	self::$cache[$key] = $val;
469	self::clearDiskCache();
470	}
471	private static function getCacheFile(){
472	return wfUtils::getPluginBaseDir() . 'wordfence/tmp/configCache.php';
473	}
474	public static function clearDiskCache(){
475	//When we write to the cache we just trash the whole cache on the first write. Second write won't get called because we've disabled the cache.
476	// Neither will anything be loaded from the cache for the rest of this request and it also won't be updated.
477	// On the next request presumably we won't be doing a set() and so the cache will be populated again and continue to be used
478	// for each request as long as set() isn't called which would start the whole process over again.
479	if(! self::$diskCacheDisabled){ //We haven't had a write error to cache (so the cache is working) and clearDiskCache has not been called already
480	$cacheFile = self::getCacheFile();
481	@unlink($cacheFile);
482	wfConfig::$diskCache = array();
483	}
484	self::$diskCacheDisabled = true;
485	}
486	public static function get($key, $default = false){
487	if(! isset(self::$cache[$key])){
488	$val = self::loadFromDiskCache($key);
489	//$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
490	if(isset($val)){
491	self::$cache[$key] = $val;
492	} else {
493	self::$cache[$key] = $default;
494	}
495	}
496	return self::$cache[$key];
497	}
498	public static function loadFromDiskCache($key){
499	if(! self::$diskCacheDisabled){
500	if(isset(wfConfig::$diskCache[$key])){
501	return wfConfig::$diskCache[$key];
502	}
503
504	$cacheFile = self::getCacheFile();
505	if(is_file($cacheFile)){
506	//require($cacheFile); //will only require the file on first parse through this code. But we dynamically update the var and update the file with each get
507	try {
508	$cont = @file_get_contents($cacheFile);
509	if(strpos($cont, '<?php') === 0){ //"<?php die() XX"
510	$cont = substr($cont, strlen(self::$tmpFileHeader));
511	wfConfig::$diskCache = @unserialize($cont);
512	if(isset(wfConfig::$diskCache) && is_array(wfConfig::$diskCache) && isset(wfConfig::$diskCache[$key])){
513	return wfConfig::$diskCache[$key];
514	}
515	} //Else don't return a cached value because this is an old file without the php header so we're going to rewrite it.
516	} catch(Exception $err){ } //file_get or unserialize may fail, so just fail quietly.
517	}
518	}
519	$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
520	if(self::$diskCacheDisabled){ return $val; }
521	wfConfig::$diskCache[$key] = isset($val) ? $val : '';
522	try {
523	$bytesWritten = @file_put_contents($cacheFile, self::$tmpFileHeader . serialize(wfConfig::$diskCache), LOCK_EX);
524	} catch(Exception $err2){}
525	if(! $bytesWritten){
526	self::$diskCacheDisabled = true;
527	}
528	return $val;
529	}
530	public static function get_ser($key, $default, $canUseDisk = false){ //When using disk, reading a value deletes it.
531	//If we can use disk, check if there are any values stored on disk first and read them instead of the DB if there are values
532	if($canUseDisk){
533	$filename = 'wordfence_tmpfile_' . $key . '.php';
534	$dir = self::getTempDir();
535	if($dir){
536	$obj = false;
537	$foundFiles = false;
538	$fullFile = $dir . $filename;
539	if(file_exists($fullFile)){
540	wordfence::status(4, 'info', "Loading serialized data from file $fullFile");
541	$obj = unserialize(substr(file_get_contents($fullFile), strlen(self::$tmpFileHeader))); //Strip off security header and unserialize
542	if(! $obj){
543	wordfence::status(2, 'error', "Could not unserialize file $fullFile");
544	}
545	self::deleteOldTempFile($fullFile);
546	}
547	if($obj){ //If we managed to deserialize something, clean ALL tmp dirs of this file and return obj
548	return $obj;
549	}
550	}
551	}
552
553	$res = self::getDB()->querySingle("select val from " . self::table() . " where name=%s", $key);
554	self::getDB()->flush(); //clear cache
555	if($res){
556	return unserialize($res);
557	}
558	return $default;
559	}
560	public static function set_ser($key, $val, $canUseDisk = false){
561	//We serialize some very big values so this is memory efficient. We don't make any copies of $val and don't use ON DUPLICATE KEY UPDATE
562	// because we would have to concatenate $val twice into the query which could also exceed max packet for the mysql server
563	$serialized = serialize($val);
564	$val = '';
565	$tempFilename = 'wordfence_tmpfile_' . $key . '.php';
566	if((strlen($serialized) * 1.1) > self::getDB()->getMaxAllowedPacketBytes()){ //If it's greater than max_allowed_packet + 10% for escaping and SQL
567	if($canUseDisk){
568	$dir = self::getTempDir();
569	$potentialDirs = self::getPotentialTempDirs();
570	if($dir){
571	$fh = false;
572	$fullFile = $dir . $tempFilename;
573	self::deleteOldTempFile($fullFile);
574	$fh = fopen($fullFile, 'w');
575	if($fh){
576	wordfence::status(4, 'info', "Serialized data for $key is " . strlen($serialized) . " bytes and is greater than max_allowed packet so writing it to disk file: " . $fullFile);
577	} else {
578	wordfence::status(1, 'error', "Your database doesn't allow big packets so we have to use files to store temporary data and Wordfence can't find a place to write them. Either ask your admin to increase max_allowed_packet on your MySQL database, or make one of the following directories writable by your web server: " . implode(', ', $potentialDirs));
579	return false;
580	}
581	fwrite($fh, self::$tmpFileHeader);
582	fwrite($fh, $serialized);
583	fclose($fh);
584	return true;
585	} else {
586	wordfence::status(1, 'error', "Your database doesn't allow big packets so we have to use files to store temporary data and Wordfence can't find a place to write them. Either ask your admin to increase max_allowed_packet on your MySQL database, or make one of the following directories writable by your web server: " . implode(', ', $potentialDirs));
587	return false;
588	}
589
590	} else {
591	wordfence::status(1, 'error', "Wordfence tried to save a variable with name '$key' and your database max_allowed_packet is set to be too small. This particular variable can't be saved to disk. Please ask your administrator to increase max_allowed_packet. Thanks.");
592	return false;
593	}
594	} else {
595	//Delete temp files on disk or else the DB will be written to but get_ser will see files on disk and read them instead
596	$tempDir = self::getTempDir();
597	if($tempDir){
598	self::deleteOldTempFile($tempDir . $tempFilename);
599	}
600	$exists = self::getDB()->querySingle("select name from " . self::table() . " where name='%s'", $key);
601	if($exists){
602	self::getDB()->queryWrite("update " . self::table() . " set val=%s where name=%s", $serialized, $key);
603	} else {
604	self::getDB()->queryWrite("insert IGNORE into " . self::table() . " (name, val) values (%s, %s)", $key, $serialized);
605	}
606	}
607	self::getDB()->flush();
608	return true;
609	}
610	private static function deleteOldTempFile($filename){
611	if(file_exists($filename)){
612	@unlink($filename);
613	}
614	}
615	private static function getTempDir(){
616	if(! self::$tmpDirCache){
617	$dirs = self::getPotentialTempDirs();
618	$finalDir = 'notmp';
619	wfUtils::errorsOff();
620	foreach($dirs as $dir){
621	$dir = rtrim($dir, '/') . '/';
622	$fh = @fopen($dir . 'wftmptest.txt', 'w');
623	if(! $fh){ continue; }
624	$bytes = @fwrite($fh, 'test');
625	if($bytes != 4){ @fclose($fh); continue; }
626	@fclose($fh);
627	if(! @unlink($dir . 'wftmptest.txt')){ continue; }
628	$finalDir = $dir;
629	break;
630	}
631	wfUtils::errorsOn();
632	self::$tmpDirCache = $finalDir;
633	}
634	if(self::$tmpDirCache == 'notmp'){
635	return false;
636	} else {
637	return self::$tmpDirCache;
638	}
639	}
640	private static function getPotentialTempDirs() {
641	return array(wfUtils::getPluginBaseDir() . 'wordfence/tmp/', sys_get_temp_dir(), ABSPATH . 'wp-content/uploads/');
642	}
643	public static function f($key){
644	echo esc_attr(self::get($key));
645	}
646	public static function cbp($key){
647	if(self::get('isPaid') && self::get($key)){
648	echo ' checked ';
649	}
650	}
651	public static function cb($key){
652	if(self::get($key)){
653	echo ' checked ';
654	}
655	}
656	public static function sel($key, $val, $isDefault = false){
657	if((! self::get($key)) && $isDefault){ echo ' selected '; }
658	if(self::get($key) == $val){ echo ' selected '; }
659	}
660	public static function getArray(){
661	$ret = array();
662	$q = self::getDB()->querySelect("select name, val from " . self::table());
663	foreach($q as $row){
664	self::$cache[$row['name']] = $row['val'];
665	}
666	return self::$cache;
667	}
668	private static function getDB(){
669	if(! self::$DB){
670	self::$DB = new wfDB();
671	}
672	return self::$DB;
673	}
674	private static function table(){
675	if(! self::$table){
676	global $wpdb;
677	self::$table = $wpdb->base_prefix . 'wfConfig';
678	}
679	return self::$table;
680	}
681	public static function haveAlertEmails(){
682	$emails = self::getAlertEmails();
683	return sizeof($emails) > 0 ? true : false;
684	}
685	public static function getAlertEmails(){
686	$dat = explode(',', self::get('alertEmails'));
687	$emails = array();
688	foreach($dat as $email){
689	if(preg_match('/\@/', $email)){
690	$emails[] = trim($email);
691	}
692	}
693	return $emails;
694	}
695	public static function getAlertLevel(){
696	if(self::get('alertOn_warnings')){
697	return 2;
698	} else if(self::get('alertOn_critical')){
699	return 1;
700	} else {
701	return 0;
702	}
703	}
704	public static function liveTrafficEnabled(){
705	if( (! self::get('liveTrafficEnabled')) \|\| self::get('cacheType') == 'falcon' \|\| self::get('cacheType') == 'php'){ return false; }
706	return true;
707	}
708	}
709	?>
710