当前位置: 首页>>代码示例>>PHP>>正文


PHP AIOWPSecurity_Utility_Htaccess类代码示例

本文整理汇总了PHP中AIOWPSecurity_Utility_Htaccess的典型用法代码示例。如果您正苦于以下问题:PHP AIOWPSecurity_Utility_Htaccess类的具体用法?PHP AIOWPSecurity_Utility_Htaccess怎么用?PHP AIOWPSecurity_Utility_Htaccess使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了AIOWPSecurity_Utility_Htaccess类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: do_other_admin_side_init_tasks

 function do_other_admin_side_init_tasks()
 {
     global $aio_wp_security;
     //***New Feature improvement for Cookie Based Brute Force Protection***//
     //The old "test cookie" used to be too easy to guess because someone could just read the code and get the value.
     //So now we will drop a more secure test cookie using a 10 digit random string
     if ($aio_wp_security->configs->get_value('aiowps_enable_brute_force_attack_prevention') == '1') {
         // This code is for users who had this feature saved using an older release. This will drop the new more secure test cookie to the browser and will write it to the .htaccess file too
         $test_cookie = $aio_wp_security->configs->get_value('aiowps_cookie_brute_test');
         if (empty($test_cookie)) {
             $random_suffix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
             $test_cookie_name = 'aiowps_cookie_test_' . $random_suffix;
             $aio_wp_security->configs->set_value('aiowps_cookie_brute_test', $test_cookie_name);
             $aio_wp_security->configs->save_config();
             //save the value
             AIOWPSecurity_Utility::set_cookie_value($test_cookie_name, "1");
             //Write this new cookie to the .htaccess file
             $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
             if ($res == -1) {
                 $aio_wp_security->debug_logger->log_debug("Error writing new test cookie with random suffix to .htaccess file!", 4);
             }
         }
     }
     //For cookie test form submission case
     if (isset($_GET['page']) && $_GET['page'] == AIOWPSEC_BRUTE_FORCE_MENU_SLUG && isset($_GET['tab']) && $_GET['tab'] == 'tab2') {
         global $aio_wp_security;
         if (isset($_POST['aiowps_do_cookie_test_for_bfla'])) {
             $random_suffix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
             $test_cookie_name = 'aiowps_cookie_test_' . $random_suffix;
             $aio_wp_security->configs->set_value('aiowps_cookie_brute_test', $test_cookie_name);
             $aio_wp_security->configs->save_config();
             //save the value
             AIOWPSecurity_Utility::set_cookie_value($test_cookie_name, "1");
             $cur_url = "admin.php?page=" . AIOWPSEC_BRUTE_FORCE_MENU_SLUG . "&tab=tab2";
             $redirect_url = AIOWPSecurity_Utility::add_query_data_to_url($cur_url, 'aiowps_cookie_test', "1");
             AIOWPSecurity_Utility::redirect_to_url($redirect_url);
         }
         if (isset($_POST['aiowps_enable_brute_force_attack_prevention'])) {
             $brute_force_feature_secret_word = sanitize_text_field($_POST['aiowps_brute_force_secret_word']);
             if (empty($brute_force_feature_secret_word)) {
                 $brute_force_feature_secret_word = "aiowps_secret";
             }
             AIOWPSecurity_Utility::set_cookie_value($brute_force_feature_secret_word, "1");
         }
         if (isset($_REQUEST['aiowps_cookie_test'])) {
             $test_cookie = $aio_wp_security->configs->get_value('aiowps_cookie_brute_test');
             $cookie_val = AIOWPSecurity_Utility::get_cookie_value($test_cookie);
             if (empty($cookie_val)) {
                 $aio_wp_security->configs->set_value('aiowps_cookie_test_success', '');
             } else {
                 $aio_wp_security->configs->set_value('aiowps_cookie_test_success', '1');
             }
             $aio_wp_security->configs->save_config();
             //save the value
         }
     }
     if (isset($_POST['aiowps_save_wp_config'])) {
         $nonce = $_REQUEST['_wpnonce'];
         if (!wp_verify_nonce($nonce, 'aiowpsec-save-wp-config-nonce')) {
             $aio_wp_security->debug_logger->log_debug("Nonce check failed on wp_config file save!", 4);
             die("Nonce check failed on wp_config file save!");
         }
         $wp_config_path = AIOWPSecurity_Utility_File::get_wp_config_file_path();
         $result = AIOWPSecurity_Utility_File::backup_and_rename_wp_config($wp_config_path);
         //Backup the wp_config.php file
         AIOWPSecurity_Utility_File::download_a_file_option1($wp_config_path, "wp-config-backup.txt");
     }
     //Handle export settings
     if (isset($_POST['aiowps_export_settings'])) {
         $nonce = $_REQUEST['_wpnonce'];
         if (!wp_verify_nonce($nonce, 'aiowpsec-export-settings-nonce')) {
             $aio_wp_security->debug_logger->log_debug("Nonce check failed on export AIOWPS settings!", 4);
             die("Nonce check failed on export AIOWPS settings!");
         }
         $config_data = get_option('aio_wp_security_configs');
         $output = json_encode($config_data);
         AIOWPSecurity_Utility_File::download_content_to_a_file($output);
     }
 }
开发者ID:Bakerpedia,项目名称:Development_Site5,代码行数:79,代码来源:wp-security-admin-init.php

示例2: blacklist_ip_address

 function blacklist_ip_address($entries)
 {
     global $wpdb, $aio_wp_security;
     $bl_ip_addresses = $aio_wp_security->configs->get_value('aiowps_banned_ip_addresses');
     //get the currently saved blacklisted IPs
     $ip_list_array = AIOWPSecurity_Utility_IP::create_ip_list_array_from_string_with_newline($bl_ip_addresses);
     if (is_array($entries)) {
         //Get the selected IP addresses
         $id_list = "(" . implode(",", $entries) . ")";
         //Create comma separate list for DB operation
         $events_table = AIOWPSEC_TBL_EVENTS;
         $query = "SELECT ip_or_host FROM {$events_table} WHERE ID IN " . $id_list;
         $results = $wpdb->get_col($query);
         if (empty($results)) {
             AIOWPSecurity_Admin_Menu::show_msg_error_st(__('Could not process the request because the IP addresses for the selected entries could not be found!', 'WPS'));
             return false;
         } else {
             foreach ($results as $entry) {
                 $ip_list_array[] = $entry;
             }
         }
     } elseif ($entries != NULL) {
         //Blacklist single record
         $ip_list_array[] = $entries;
     }
     $payload = AIOWPSecurity_Utility_IP::validate_ip_list($ip_list_array, 'blacklist');
     if ($payload[0] == 1) {
         //success case
         $result = 1;
         $list = $payload[1];
         $banned_ip_data = implode(PHP_EOL, $list);
         $aio_wp_security->configs->set_value('aiowps_enable_blacklisting', '1');
         //Force blacklist feature to be enabled
         $aio_wp_security->configs->set_value('aiowps_banned_ip_addresses', $banned_ip_data);
         $aio_wp_security->configs->save_config();
         //Save the configuration
         $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
         //now let's write to the .htaccess file
         if ($write_result == -1) {
             AIOWPSecurity_Admin_Menu::show_msg_error_st(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'aiowpsecurity'));
             $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Blacklist_Menu - The plugin was unable to write to the .htaccess file.");
         } else {
             AIOWPSecurity_Admin_Menu::show_msg_updated_st(__('The selected IP addresses have been added to the blacklist and will be permanently blocked!', 'WPS'));
         }
     } else {
         $result = -1;
         $error_msg = $payload[1][0];
         AIOWPSecurity_Admin_Menu::show_msg_error_st($error_msg);
     }
 }
开发者ID:Rudchyk,项目名称:wp-framework,代码行数:50,代码来源:wp-security-list-404.php

示例3: render_tab1

    function render_tab1()
    {
        global $aio_wp_security;
        global $aiowps_feature_mgr;
        $result = 1;
        if (isset($_POST['aiowps_save_blacklist_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-blacklist-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed for save blacklist settings!", 4);
                die(__('Nonce check failed for save blacklist settings!', 'all-in-one-wp-security-and-firewall'));
            }
            if (isset($_POST["aiowps_enable_blacklisting"]) && empty($_POST['aiowps_banned_ip_addresses']) && empty($_POST['aiowps_banned_user_agents'])) {
                $this->show_msg_error('You must submit at least one IP address or one User Agent value or both!', 'all-in-one-wp-security-and-firewall');
            } else {
                if (!empty($_POST['aiowps_banned_ip_addresses'])) {
                    $ip_addresses = $_POST['aiowps_banned_ip_addresses'];
                    $ip_list_array = AIOWPSecurity_Utility_IP::create_ip_list_array_from_string_with_newline($ip_addresses);
                    $payload = AIOWPSecurity_Utility_IP::validate_ip_list($ip_list_array, 'blacklist');
                    if ($payload[0] == 1) {
                        //success case
                        $result = 1;
                        $list = $payload[1];
                        $banned_ip_data = implode(PHP_EOL, $list);
                        $aio_wp_security->configs->set_value('aiowps_banned_ip_addresses', $banned_ip_data);
                        $_POST['aiowps_banned_ip_addresses'] = '';
                        //Clear the post variable for the banned address list
                    } else {
                        $result = -1;
                        $error_msg = $payload[1][0];
                        $this->show_msg_error($error_msg);
                    }
                } else {
                    $aio_wp_security->configs->set_value('aiowps_banned_ip_addresses', '');
                    //Clear the IP address config value
                }
                if (!empty($_POST['aiowps_banned_user_agents'])) {
                    $result = $result * $this->validate_user_agent_list();
                } else {
                    //clear the user agent list
                    $aio_wp_security->configs->set_value('aiowps_banned_user_agents', '');
                }
                if ($result == 1) {
                    $aio_wp_security->configs->set_value('aiowps_enable_blacklisting', isset($_POST["aiowps_enable_blacklisting"]) ? '1' : '');
                    $aio_wp_security->configs->save_config();
                    //Save the configuration
                    //Recalculate points after the feature status/options have been altered
                    $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
                    $this->show_msg_settings_updated();
                    $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
                    //now let's write to the .htaccess file
                    if (!$write_result) {
                        $this->show_msg_error(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'all-in-one-wp-security-and-firewall'));
                        $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Blacklist_Menu - The plugin was unable to write to the .htaccess file.");
                    }
                }
            }
        }
        ?>
        <h2><?php 
        _e('Ban IPs or User Agents', 'all-in-one-wp-security-and-firewall');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('The All In One WP Security Blacklist feature gives you the option of banning certain host IP addresses or ranges and also user agents.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('This feature will deny total site access for users which have IP addresses or user agents matching those which you have configured in the settings below.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('The plugin achieves this by making appropriate modifications to your .htaccess file.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('By blocking people via the .htaccess file your are using the most secure first line of defence which denies all access to blacklisted visitors as soon as they hit your hosting server.', 'all-in-one-wp-security-and-firewall') . '
            </p>';
        ?>
        </div>
        <div class="aio_grey_box">
            <?php 
        $addon_link = '<strong><a href="http://www.site-scanners.com/country-blocking-addon/" target="_blank">Country Blocking Addon</a></strong>';
        $info_msg = sprintf(__('You may also be interested in our %s.', 'all-in-one-wp-security-and-firewall'), $addon_link);
        $info_msg2 = __('This addon allows you to automatically block IP addresses based on their country of origin.', 'all-in-one-wp-security-and-firewall');
        echo '<p>' . $info_msg . '<br />' . $info_msg2 . '</p>';
        ?>
        </div>

        <div class="postbox">
        <h3 class="hndle"><label for="title"><?php 
        _e('IP Hosts and User Agent Blacklist Settings', 'all-in-one-wp-security-and-firewall');
        ?>
</label></h3>
        <div class="inside">
        <?php 
        //Display security info badge
        global $aiowps_feature_mgr;
        $aiowps_feature_mgr->output_feature_details_badge("blacklist-manager-ip-user-agent-blacklisting");
        ?>
    
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-blacklist-settings-nonce');
        ?>
        <div class="aio_orange_box">
            <p>
            <?php 
        $read_link = '<a href="https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin#advanced_features_note" target="_blank">must read this message</a>';
//.........这里部分代码省略.........
开发者ID:crazyyy,项目名称:bessarabia,代码行数:101,代码来源:wp-security-blacklist-menu.php

示例4: prevent_image_hotlinks

 static function prevent_image_hotlinks()
 {
     global $aio_wp_security;
     $rules = '';
     if ($aio_wp_security->configs->get_value('aiowps_prevent_hotlinking') == '1') {
         $url_string = AIOWPSecurity_Utility_Htaccess::return_regularized_url(AIOWPSEC_WP_URL);
         if ($url_string == FALSE) {
             $url_string = AIOWPSEC_WP_URL;
         }
         $rules .= AIOWPSecurity_Utility_Htaccess::$prevent_image_hotlinks_marker_start . PHP_EOL;
         //Add feature marker start
         $rules .= '<IfModule mod_rewrite.c>
                     RewriteEngine on
                     RewriteCond %{HTTP_REFERER} !^$' . PHP_EOL;
         $rules .= ' RewriteCond %{REQUEST_FILENAME} -f' . PHP_EOL;
         $rules .= ' RewriteCond %{REQUEST_FILENAME} \\.(gif|jpe?g?|png)$ [NC]' . PHP_EOL;
         $rules .= ' RewriteCond %{HTTP_REFERER} !^' . $url_string . ' [NC]' . PHP_EOL;
         $rules .= ' RewriteRule \\.(gif|jpe?g?|png)$ - [F,NC,L]
                    </IfModule>' . PHP_EOL;
         $rules .= AIOWPSecurity_Utility_Htaccess::$prevent_image_hotlinks_marker_end . PHP_EOL;
         //Add feature marker end
     }
     return $rules;
 }
开发者ID:Bakerpedia,项目名称:Development_Site5,代码行数:24,代码来源:wp-security-utility-htaccess.php

示例5: render_tab7

    function render_tab7()
    {
        global $aio_wp_security;
        if (isset($_POST['aiowps_save_custom_rules_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-save-custom-rules-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed for save custom rules settings!", 4);
                die("Nonce check failed for save custom rules settings!");
            }
            //Save settings
            if (isset($_POST["aiowps_enable_custom_rules"]) && empty($_POST['aiowps_custom_rules'])) {
                $this->show_msg_error('You must enter some .htaccess directives code in the text box below', 'all-in-one-wp-security-and-firewall');
            } else {
                if (!empty($_POST['aiowps_custom_rules'])) {
                    // Undo magic quotes that are automatically added to `$_GET`,
                    // `$_POST`, `$_COOKIE`, and `$_SERVER` by WordPress as
                    // they corrupt any custom rule with backslash in it...
                    $custom_rules = stripslashes($_POST['aiowps_custom_rules']);
                } else {
                    $aio_wp_security->configs->set_value('aiowps_custom_rules', '');
                    //Clear the custom rules config value
                }
                $aio_wp_security->configs->set_value('aiowps_custom_rules', $custom_rules);
                $aio_wp_security->configs->set_value('aiowps_enable_custom_rules', isset($_POST["aiowps_enable_custom_rules"]) ? '1' : '');
                $aio_wp_security->configs->save_config();
                //Save the configuration
                $this->show_msg_settings_updated();
                $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
                //now let's write to the .htaccess file
                if (!$write_result) {
                    $this->show_msg_error(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'all-in-one-wp-security-and-firewall'));
                    $aio_wp_security->debug_logger->log_debug("Custom Rules feature - The plugin was unable to write to the .htaccess file.");
                }
            }
        }
        ?>
        <h2><?php 
        _e('Custom .htaccess Rules Settings', 'all-in-one-wp-security-and-firewall');
        ?>
</h2>
        <form action="" method="POST">
            <?php 
        wp_nonce_field('aiowpsec-save-custom-rules-settings-nonce');
        ?>
            <div class="aio_blue_box">
                <?php 
        $info_msg = '';
        $info_msg .= '<p>' . __('This feature can be used to apply your own custom .htaccess rules and directives.', 'all-in-one-wp-security-and-firewall') . '</p>';
        $info_msg .= '<p>' . __('It is useful for when you want to tweak our existing firewall rules or when you want to add your own.', 'all-in-one-wp-security-and-firewall') . '</p>';
        $info_msg .= '<p>' . __('NOTE: This feature can only used if your site is hosted in an apache or similar web server.', 'all-in-one-wp-security-and-firewall') . '</p>';
        echo $info_msg;
        ?>
            </div>
            <div class="aio_yellow_box">
                <?php 
        $info_msg_2 = '<p>' . __('<strong>Warning</strong>: Only use this feature if you know what you are doing.', 'all-in-one-wp-security-and-firewall') . '</p>';
        $info_msg_2 .= '<p>' . __('Incorrect .htaccess rules or directives can break or prevent access to your site.', 'all-in-one-wp-security-and-firewall') . '</p>';
        $info_msg_2 .= '<p>' . __('It is your responsibility to ensure that you are entering the correct code!', 'all-in-one-wp-security-and-firewall') . '</p>';
        $info_msg_2 .= '<p>' . __('If you break your site you will need to access your server via FTP or something similar and then edit your .htaccess file and delete the changes you made.', 'all-in-one-wp-security-and-firewall') . '</p>';
        echo $info_msg_2;
        ?>
            </div>

            <div class="postbox">
                <h3 class="hndle"><label for="title"><?php 
        _e('Custom .htaccess Rules', 'all-in-one-wp-security-and-firewall');
        ?>
</label></h3>
                <div class="inside">
                    <table class="form-table">
                        <tr valign="top">
                            <th scope="row"><?php 
        _e('Enable Custom .htaccess Rules', 'all-in-one-wp-security-and-firewall');
        ?>
:</th>
                            <td>
                                <input name="aiowps_enable_custom_rules" type="checkbox"<?php 
        if ($aio_wp_security->configs->get_value('aiowps_enable_custom_rules') == '1') {
            echo ' checked="checked"';
        }
        ?>
 value="1"/>
                                <span class="description"><?php 
        _e('Check this if you want to enable custom rules entered in the text box below', 'all-in-one-wp-security-and-firewall');
        ?>
</span>
                            </td>
                        </tr>
                        <tr valign="top">
                            <th scope="row"><?php 
        _e('Enter Custom .htaccess Rules:', 'all-in-one-wp-security-and-firewall');
        ?>
</th>
                            <td>
                                <textarea name="aiowps_custom_rules" rows="35" cols="50"><?php 
        echo htmlspecialchars($aio_wp_security->configs->get_value('aiowps_custom_rules'));
        ?>
</textarea>
                                <br />
                                <span class="description"><?php 
//.........这里部分代码省略.........
开发者ID:arobbins,项目名称:spellestate,代码行数:101,代码来源:wp-security-firewall-menu.php

示例6: render_tab4

    function render_tab4()
    {
        global $aio_wp_security;
        global $aiowps_feature_mgr;
        $result = 1;
        $your_ip_address = AIOWPSecurity_Utility_IP::get_user_ip_address();
        if (isset($_POST['aiowps_save_whitelist_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-whitelist-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed for save whitelist settings!", 4);
                die(__('Nonce check failed for save whitelist settings!', 'all-in-one-wp-security-and-firewall'));
            }
            if (isset($_POST["aiowps_enable_whitelisting"]) && empty($_POST['aiowps_allowed_ip_addresses'])) {
                $this->show_msg_error('You must submit at least one IP address!', 'all-in-one-wp-security-and-firewall');
            } else {
                if (!empty($_POST['aiowps_allowed_ip_addresses'])) {
                    $ip_addresses = $_POST['aiowps_allowed_ip_addresses'];
                    $ip_list_array = AIOWPSecurity_Utility_IP::create_ip_list_array_from_string_with_newline($ip_addresses);
                    $payload = AIOWPSecurity_Utility_IP::validate_ip_list($ip_list_array, 'whitelist');
                    if ($payload[0] == 1) {
                        //success case
                        $result = 1;
                        $list = $payload[1];
                        $whitelist_ip_data = implode(PHP_EOL, $list);
                        $aio_wp_security->configs->set_value('aiowps_allowed_ip_addresses', $whitelist_ip_data);
                        $_POST['aiowps_allowed_ip_addresses'] = '';
                        //Clear the post variable for the banned address list
                    } else {
                        $result = -1;
                        $error_msg = htmlspecialchars($payload[1][0]);
                        $this->show_msg_error($error_msg);
                    }
                } else {
                    $aio_wp_security->configs->set_value('aiowps_allowed_ip_addresses', '');
                    //Clear the IP address config value
                }
                if ($result == 1) {
                    $aio_wp_security->configs->set_value('aiowps_enable_whitelisting', isset($_POST["aiowps_enable_whitelisting"]) ? '1' : '');
                    $aio_wp_security->configs->save_config();
                    //Save the configuration
                    //Recalculate points after the feature status/options have been altered
                    $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
                    $this->show_msg_settings_updated();
                    $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
                    //now let's write to the .htaccess file
                    if (!$write_result) {
                        $this->show_msg_error(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'all-in-one-wp-security-and-firewall'));
                        $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_whitelist_Menu - The plugin was unable to write to the .htaccess file.");
                    }
                }
            }
        }
        ?>
        <h2><?php 
        _e('Login Whitelist', 'all-in-one-wp-security-and-firewall');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('The All In One WP Security Whitelist feature gives you the option of only allowing certain IP addresses or ranges to have access to your WordPress login page.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('This feature will deny login access for all IP addresses which are not in your whitelist as configured in the settings below.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('The plugin achieves this by writing the appropriate directives to your .htaccess file.', 'all-in-one-wp-security-and-firewall') . '
            <br />' . __('By allowing/blocking IP addresses via the .htaccess file your are using the most secure first line of defence because login access will only be granted to whitelisted IP addresses and other addresses will be blocked as soon as they try to access your login page.', 'all-in-one-wp-security-and-firewall') . '
            </p>';
        ?>
        </div>
        <div class="aio_yellow_box">
            <?php 
        $brute_force_login_feature_link = '<a href="admin.php?page=' . AIOWPSEC_BRUTE_FORCE_MENU_SLUG . '&tab=tab2" target="_blank">Cookie-Based Brute Force Login Prevention</a>';
        $rename_login_feature_link = '<a href="admin.php?page=' . AIOWPSEC_BRUTE_FORCE_MENU_SLUG . '&tab=tab1" target="_blank">Rename Login Page</a>';
        echo '<p>' . sprintf(__('Attention: If in addition to enabling the white list feature, you also have one of the %s or %s features enabled, <strong>you will still need to use your secret word or special slug in the URL when trying to access your WordPress login page</strong>.', 'all-in-one-wp-security-and-firewall'), $brute_force_login_feature_link, $rename_login_feature_link) . '</p>
            <p>' . __('These features are NOT functionally related. Having both of them enabled on your site means you are creating 2 layers of security.', 'all-in-one-wp-security-and-firewall') . '</p>';
        ?>
        </div>

        <div class="postbox">
        <h3 class="hndle"><label for="title"><?php 
        _e('Login IP Whitelist Settings', 'all-in-one-wp-security-and-firewall');
        ?>
</label></h3>
        <div class="inside">
        <?php 
        //Display security info badge
        global $aiowps_feature_mgr;
        $aiowps_feature_mgr->output_feature_details_badge("whitelist-manager-ip-login-whitelisting");
        ?>
    
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-whitelist-settings-nonce');
        ?>
            
        <table class="form-table">
            <tr valign="top">
                <th scope="row"><?php 
        _e('Enable IP Whitelisting', 'all-in-one-wp-security-and-firewall');
        ?>
:</th>
                <td>
                <input name="aiowps_enable_whitelisting" type="checkbox"<?php 
//.........这里部分代码省略.........
开发者ID:crazyyy,项目名称:bessarabia,代码行数:101,代码来源:wp-security-brute-force-menu.php

示例7: reactivation_tasks

 static function reactivation_tasks()
 {
     global $aio_wp_security;
     $temp_cfgs = get_option('aiowps_temp_configs');
     if ($temp_cfgs !== FALSE) {
         //Case where previously installed plugin was reactivated
         //Let's copy the original configs back to the options table
         $updated = update_option('aio_wp_security_configs', $temp_cfgs);
         if ($updated === FALSE) {
             $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Installer::run_installer() - Update of option settings failed upon plugin activation!", 4);
         }
         $aio_wp_security->configs->configs = $temp_cfgs;
         //copy the original configs to memory
         //Now let's write any rules to the .htaccess file if necessary
         $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
         if ($res == -1) {
             $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Deactivation::run_deactivation_tasks() - Could not write to the .htaccess file. Please check the file permissions.", 4);
             return false;
         }
         delete_option('aiowps_temp_configs');
         return true;
     } else {
         $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Deactivation::run_deactivation_tasks() - Original config settings not found!", 4);
         return false;
     }
 }
开发者ID:yarylo,项目名称:cerkva.pp.ua,代码行数:26,代码来源:wp-security-installer.php

示例8: block_spammer_ip_records

 function block_spammer_ip_records($entries)
 {
     global $wpdb, $aio_wp_security;
     $raw_banned_ip_list = $aio_wp_security->configs->get_value('aiowps_banned_ip_addresses');
     $currently_banned_ips = explode(PHP_EOL, $aio_wp_security->configs->get_value('aiowps_banned_ip_addresses'));
     if (is_array($entries)) {
         //Bulk selection using checkboxes were used
         foreach ($entries as $ip_add) {
             if (!empty($currently_banned_ips) && !(sizeof($currently_banned_ips) == 1 && trim($currently_banned_ips[0]) == '')) {
                 //Check if the IP address is already in the blacklist. If not add it to the list.
                 if (!in_array($ip_add, $currently_banned_ips)) {
                     $raw_banned_ip_list .= PHP_EOL . $ip_add;
                 }
             } else {
                 //if blacklist is currently empty just add all IP addresses to the list regardless
                 $raw_banned_ip_list .= PHP_EOL . $ip_add;
             }
         }
     } else {
         if ($entries != NULL) {
             //individual entry where "block" link was clicked
             //Check if the IP address is already in the blacklist. If not add it to the list.
             if (!in_array($entries, $currently_banned_ips)) {
                 $raw_banned_ip_list .= PHP_EOL . $entries;
             }
         }
     }
     //Let's save the selected IP addresses to the blacklist config
     $aio_wp_security->configs->set_value('aiowps_banned_ip_addresses', $raw_banned_ip_list);
     //Save the blocked IP address config variable with the newly added addresses
     $aio_wp_security->configs->save_config();
     AIOWPSecurity_Admin_Menu::show_msg_updated_st(__('The selected IP addresses were saved in the blacklist configuration settings.', 'aiowpsecurity'));
     //Let's check if the Enable Blacklisting flag has been set - If so, we will write the new data to the .htaccess file.
     if ($aio_wp_security->configs->get_value('aiowps_enable_blacklisting') == '1') {
         $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
         if ($write_result == -1) {
             AIOWPSecurity_Admin_Menu::show_msg_error_st(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'aiowpsecurity'));
             $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Blacklist_Menu - The plugin was unable to write to the .htaccess file.");
         } else {
             AIOWPSecurity_Admin_Menu::show_msg_updated_st(__('The .htaccess file was successfully modified to include the selected IP addresses.', 'aiowpsecurity'));
         }
     } else {
         $blacklist_settings_link = '<a href="admin.php?page=' . AIOWPSEC_BLACKLIST_MENU_SLUG . '">Ban Users</a>';
         $info_msg = '<p>' . __('NOTE: The .htaccess file was not modified because you have disabled the "Enable IP or User Agent Blacklisting" check box.', 'aiowpsecurity') . '<br />' . sprintf(__('To block these IP addresses you will need to enable the above flag in the %s menu', 'aiowpsecurity'), $blacklist_settings_link) . '</p>';
         AIOWPSecurity_Admin_Menu::show_msg_updated_st($info_msg);
     }
 }
开发者ID:benytocarlo,项目名称:wordpress-package,代码行数:47,代码来源:wp-security-list-comment-spammer-ip.php

示例9: turn_off_all_firewall_rules

 static function turn_off_all_firewall_rules()
 {
     global $aio_wp_security;
     $aio_wp_security->configs->set_value('aiowps_enable_blacklisting', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_whitelisting', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_basic_firewall', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_pingback_firewall', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_block_debug_log_file_access', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_disable_index_views', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_disable_trace_and_track', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_forbid_proxy_comments', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_deny_bad_query_strings', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_advanced_char_string_filter', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_5g_firewall', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_6g_firewall', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_brute_force_attack_prevention', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_custom_rules', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_custom_rules', '');
     $aio_wp_security->configs->set_value('aiowps_prevent_default_wp_file_access', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_spambot_blocking', '');
     //Checkbox
     //404 detection
     $aio_wp_security->configs->set_value('aiowps_enable_404_logging', '');
     //Checkbox
     $aio_wp_security->configs->set_value('aiowps_enable_404_IP_lockout', '');
     //Checkbox
     //Prevent Image Hotlinks
     $aio_wp_security->configs->set_value('aiowps_prevent_hotlinking', '');
     //Checkbox
     $aio_wp_security->configs->save_config();
     //Refresh the .htaccess file based on the new settings
     $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
     if ($res == -1) {
         $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_Configure_Settings::turn_off_all_firewall_rules() - Could not write to the .htaccess file. Please check the file permissions.", 4);
     }
 }
开发者ID:steveferrar,项目名称:camarco.co.uk,代码行数:51,代码来源:wp-security-configure-settings.php

示例10: render_tab3

    function render_tab3()
    {
        global $aio_wp_security;
        global $aiowps_feature_mgr;
        if (isset($_POST['aiowps_save_wp_file_access_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-prevent-default-wp-file-access-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on enable basic firewall settings!", 4);
                die("Nonce check failed on enable basic firewall settings!");
            }
            //Save settings
            if (isset($_POST['aiowps_prevent_default_wp_file_access'])) {
                $aio_wp_security->configs->set_value('aiowps_prevent_default_wp_file_access', '1');
            } else {
                $aio_wp_security->configs->set_value('aiowps_prevent_default_wp_file_access', '');
            }
            //Commit the config settings
            $aio_wp_security->configs->save_config();
            //Recalculate points after the feature status/options have been altered
            $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
            //Now let's write the applicable rules to the .htaccess file
            $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
            if ($res) {
                $this->show_msg_updated(__('You have successfully saved the Prevent Access to Default WP Files configuration.', 'aiowpsecurity'));
            } else {
                if ($res == -1) {
                    $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
                }
            }
        }
        ?>
        <h2><?php 
        _e('WordPress Files', 'aiowpsecurity');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        $info_msg = sprintf(__('This feature allows you to prevent access to files such as %s, %s and %s which are delivered with all WP installations.', 'aiowpsecurity'), 'readme.html', 'license.txt', 'wp-config-sample.php');
        echo '<p>' . $info_msg . '</p>' . '<p>' . __('By preventing access to these files you are hiding some key pieces of information (such as WordPress version info) from potential hackers.', 'aiowpsecurity') . '</p>';
        ?>
        </div>

        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Prevent Access to Default WP Files', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <?php 
        //Display security info badge
        global $aiowps_feature_mgr;
        $aiowps_feature_mgr->output_feature_details_badge("block-wp-files-access");
        ?>
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-prevent-default-wp-file-access-nonce');
        ?>
            
        <table class="form-table">
            <tr valign="top">
                <th scope="row"><?php 
        _e('Prevent Access to WP Default Install Files', 'aiowpsecurity');
        ?>
:</th>                
                <td>
                <input name="aiowps_prevent_default_wp_file_access" type="checkbox"<?php 
        if ($aio_wp_security->configs->get_value('aiowps_prevent_default_wp_file_access') == '1') {
            echo ' checked="checked"';
        }
        ?>
 value="1"/>
                <span class="description"><?php 
        _e('Check this if you want to prevent access to readme.html, license.txt and wp-config-sample.php.', 'aiowpsecurity');
        ?>
</span>
                </td>
            </tr>            
        </table>
        <input type="submit" name="aiowps_save_wp_file_access_settings" value="<?php 
        _e('Save Setting', 'aiowpsecurity');
        ?>
" class="button-primary" />
        </form>
        </div></div>
        <?php 
    }
开发者ID:Rudchyk,项目名称:wp-framework,代码行数:86,代码来源:wp-security-filesystem-menu.php

示例11: render_tab5

    function render_tab5()
    {
        global $aio_wp_security;
        global $wpdb;
        $events_table_name = AIOWPSEC_TBL_EVENTS;
        AIOWPSecurity_Utility::cleanup_table($events_table_name, 500);
        if (isset($_POST['aiowps_import_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-import-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on import AIOWPS settings!", 4);
                die("Nonce check failed on import AIOWPS settings!");
            }
            if (empty($_POST['aiowps_import_settings_file']) && empty($_POST['aiowps_import_settings_text'])) {
                $this->show_msg_error(__('Please choose a file to import your settings from.', 'aiowpsecurity'));
            } else {
                if (empty($_POST['aiowps_import_settings_file'])) {
                    $import_from = "text";
                } else {
                    $import_from = "file";
                }
                if ($import_from == "file") {
                    //Let's get the uploaded import file path
                    $submitted_import_file_path = trim($_POST['aiowps_import_settings_file']);
                    $attachment_id = AIOWPSecurity_Utility_File::get_attachment_id_from_url($submitted_import_file_path);
                    //we'll need this later for deleting
                    //Verify that file chosen has valid AIOWPS settings contents
                    $aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_file($submitted_import_file_path);
                } else {
                    //Get the string right from the textarea. Still confirm it's in the expected format.
                    $aiowps_settings_file_contents = $this->check_if_valid_aiowps_settings_text($_POST['aiowps_import_settings_text']);
                }
                if ($aiowps_settings_file_contents != -1) {
                    //Apply the settings and delete the file (if applicable)
                    $settings_array = json_decode($aiowps_settings_file_contents, true);
                    $aiowps_settings_applied = update_option('aio_wp_security_configs', $settings_array);
                    if (!$aiowps_settings_applied) {
                        //Failed to import settings
                        $aio_wp_security->debug_logger->log_debug("Import AIOWPS settings from " . $import_from . " operation failed!", 4);
                        $this->show_msg_error(__('Import AIOWPS settings from ' . $import_from . ' operation failed!', 'aiowpsecurity'));
                        if ($import_from == "file") {
                            //Delete the uploaded settings file for security purposes
                            wp_delete_attachment($attachment_id, true);
                            if (false === wp_delete_attachment($attachment_id, true)) {
                                $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
                            } else {
                                $this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            }
                        }
                    } else {
                        $aio_wp_security->configs->configs = $settings_array;
                        //Refresh the configs global variable
                        //Just in case user submits partial config settings
                        //Run add_option_values to make sure any missing config items are at least set to default
                        AIOWPSecurity_Configure_Settings::add_option_values();
                        if ($import_from == "file") {
                            //Delete the uploaded settings file for security purposes
                            wp_delete_attachment($attachment_id, true);
                            if (false === wp_delete_attachment($attachment_id, true)) {
                                $this->show_msg_updated(__('Your AIOWPS settings were successfully imported via file input.', 'aiowpsecurity'));
                                $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            } else {
                                $this->show_msg_updated(__('Your AIOWPS settings were successfully imported. The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                            }
                        } else {
                            $this->show_msg_updated(__('Your AIOWPS settings were successfully imported via text entry.', 'aiowpsecurity'));
                        }
                        //Now let's refresh the .htaccess file with any modified rules if applicable
                        $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
                        if ($res == -1) {
                            $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
                        }
                    }
                } else {
                    //Invalid settings file
                    $aio_wp_security->debug_logger->log_debug("The contents of your settings file appear invalid!", 4);
                    $this->show_msg_error(__('The contents of your settings file appear invalid. Please check the contents of the file you are trying to import settings from.', 'aiowpsecurity'));
                    if ($import_from == "file") {
                        //Let's also delete the uploaded settings file for security purposes
                        wp_delete_attachment($attachment_id, true);
                        if (false === wp_delete_attachment($attachment_id, true)) {
                            $this->show_msg_error(__('The deletion of the import file failed. Please delete this file manually via the media menu for security purposes.', 'aiowpsecurity'));
                        } else {
                            $this->show_msg_updated(__('The file you uploaded was also deleted for security purposes because it contains security settings details.', 'aiowpsecurity'));
                        }
                    }
                }
            }
        }
        ?>
        <h2><?php 
        _e('Export or Import Your AIOWPS Settings', 'aiowpsecurity');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('This section allows you to export or import your All In One WP Security & Firewall settings.', 'aiowpsecurity');
        echo '<br />' . __('This can be handy if you wanted to save time by applying the settings from one site to another site.', 'aiowpsecurity') . '
            <br />' . __('NOTE: Before importing, it is your responsibility to know what settings you are trying to import. Importing settings blindly can cause you to be locked out of your site.', 'aiowpsecurity') . '
            <br />' . __('For Example: If a settings item relies on the domain URL then it may not work correctly when imported into a site with a different domain.', 'aiowpsecurity') . '
            </p>';
//.........这里部分代码省略.........
开发者ID:pankajsinghjarial,项目名称:SYLC-AMERICAN,代码行数:101,代码来源:wp-security-settings-menu.php

示例12: render_tab1

    function render_tab1()
    {
        global $aiowps_feature_mgr;
        global $aio_wp_security;
        if (isset($_POST['aiowps_apply_comment_spam_prevention_settings'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-comment-spam-settings-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on save comment spam settings!", 4);
                die("Nonce check failed on save comment spam settings!");
            }
            //Save settings
            $random_20_digit_string = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(20);
            //Generate random 20 char string for use during captcha encode/decode
            $aio_wp_security->configs->set_value('aiowps_captcha_secret_key', $random_20_digit_string);
            $aio_wp_security->configs->set_value('aiowps_enable_comment_captcha', isset($_POST["aiowps_enable_comment_captcha"]) ? '1' : '');
            $aio_wp_security->configs->set_value('aiowps_enable_spambot_blocking', isset($_POST["aiowps_enable_spambot_blocking"]) ? '1' : '');
            //Commit the config settings
            $aio_wp_security->configs->save_config();
            //Recalculate points after the feature status/options have been altered
            $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
            //Now let's write the applicable rules to the .htaccess file
            $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
            if ($res) {
                $this->show_msg_updated(__('Settings were successfully saved', 'aiowpsecurity'));
            } else {
                if ($res == -1) {
                    $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
                }
            }
        }
        ?>
        <h2><?php 
        _e('Comment SPAM Settings', 'aiowpsecurity');
        ?>
</h2>
        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-comment-spam-settings-nonce');
        ?>
            

        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Add Captcha To Comments Form', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('This feature will add a simple math captcha field in the WordPress comments form.', 'aiowpsecurity') . '<br />' . __('Adding a captcha field in the comment form is a simple way of greatly reducing SPAM comments from bots without using .htaccess rules.', 'aiowpsecurity') . '</p>';
        ?>
        </div>
        <?php 
        //Display security info badge
        $aiowps_feature_mgr->output_feature_details_badge("comment-form-captcha");
        if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1) {
            //Hide config settings if MS and not main site
            AIOWPSecurity_Utility::display_multisite_message();
        } else {
            ?>
        <table class="form-table">
            <tr valign="top">
                <th scope="row"><?php 
            _e('Enable Captcha On Comment Forms', 'aiowpsecurity');
            ?>
:</th>                
                <td>
                <input name="aiowps_enable_comment_captcha" type="checkbox"<?php 
            if ($aio_wp_security->configs->get_value('aiowps_enable_comment_captcha') == '1') {
                echo ' checked="checked"';
            }
            ?>
 value="1"/>
                <span class="description"><?php 
            _e('Check this if you want to insert a captcha field on the comment forms', 'aiowpsecurity');
            ?>
</span>
                </td>
            </tr>            
        </table>
        <?php 
        }
        //End if statement
        ?>
        </div></div>
            
        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Block Spambot Comments', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('A large portion of WordPress blog comment SPAM is mainly produced by automated bots and not necessarily by humans. ', 'aiowpsecurity') . '<br />' . __('This feature will greatly minimize the useless and unecessary traffic and load on your server resulting from SPAM comments by blocking all comment requests which do not originate from your domain.', 'aiowpsecurity') . '<br />' . __('In other words, if the comment was not submitted by a human who physically submitted the comment on your site, the request will be blocked.', 'aiowpsecurity') . '</p>';
        ?>
        </div>
        <?php 
        //Display security info badge
        $aiowps_feature_mgr->output_feature_details_badge("block-spambots");
//.........这里部分代码省略.........
开发者ID:roycocup,项目名称:enclothed,代码行数:101,代码来源:wp-security-spam-menu.php

示例13: refresh_firewall_rules

 /**
  * Refreshes the firewall rules in .htaccess file
  * eg: if permalink settings changed and white list enabled
  * @param $old_permalink_structure
  * @param $permalink_structure
  */
 function refresh_firewall_rules($old_permalink_structure, $permalink_structure)
 {
     global $aio_wp_security;
     //If white list enabled need to re-adjust the .htaccess rules
     if ($aio_wp_security->configs->get_value('aiowps_enable_whitelisting') == '1') {
         $write_result = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
         //now let's write to the .htaccess file
         if ($write_result == -1) {
             $this->show_msg_error(__('The plugin was unable to write to the .htaccess file. Please edit file manually.', 'all-in-one-wp-security-and-firewall'));
             $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_whitelist_Menu - The plugin was unable to write to the .htaccess file.");
         }
     }
 }
开发者ID:steveferrar,项目名称:camarco.co.uk,代码行数:19,代码来源:wp-security-general-init-tasks.php

示例14: render_tab5

    function render_tab5()
    {
        global $aio_wp_security;
        global $aiowps_feature_mgr;
        if (isset($_POST['aiowps_save_prevent_hotlinking'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-prevent-hotlinking-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on prevent hotlinking options save!", 4);
                die("Nonce check failed on prevent hotlinking options save!");
            }
            $aio_wp_security->configs->set_value('aiowps_prevent_hotlinking', isset($_POST["aiowps_prevent_hotlinking"]) ? '1' : '');
            $aio_wp_security->configs->save_config();
            //Recalculate points after the feature status/options have been altered
            $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
            //Now let's write the applicable rules to the .htaccess file
            $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
            if ($res) {
                $this->show_msg_updated(__('Settings were successfully saved', 'aiowpsecurity'));
            } else {
                if ($res == -1) {
                    $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
                }
            }
        }
        ?>
        <h2><?php 
        _e('Prevent Image Hotlinking', 'aiowpsecurity');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('A Hotlink is where someone displays an image on their site which is actually located on your site by using a direct link to the source of the image on your server.', 'aiowpsecurity');
        echo '<br />' . __('Due to the fact that the image being displayed on the other person\'s site is coming from your server, this can cause leaking of bandwidth and resources for you because your server has to present this image for the people viewing it on someone elses\'s site.', 'aiowpsecurity');
        echo '<br />' . __('This feature will prevent people from directly hotlinking images from your site\'s pages by writing some directives in your .htaccess file.', 'aiowpsecurity') . '</p>';
        ?>
        </div>

        <div class="postbox">
        <h3><label for="title"><?php 
        _e('Prevent Hotlinking', 'aiowpsecurity');
        ?>
</label></h3>
        <div class="inside">
        <?php 
        //Display security info badge
        global $aiowps_feature_mgr;
        $aiowps_feature_mgr->output_feature_details_badge("prevent-hotlinking");
        ?>

        <form action="" method="POST">
        <?php 
        wp_nonce_field('aiowpsec-prevent-hotlinking-nonce');
        ?>
            
        <table class="form-table">
            <tr valign="top">
                <th scope="row"><?php 
        _e('Prevent Image Hotlinking', 'aiowpsecurity');
        ?>
:</th>                
                <td>
                <input name="aiowps_prevent_hotlinking" type="checkbox"<?php 
        if ($aio_wp_security->configs->get_value('aiowps_prevent_hotlinking') == '1') {
            echo ' checked="checked"';
        }
        ?>
 value="1"/>
                <span class="description"><?php 
        _e('Check this if you want to prevent hotlinking to images on your site.', 'aiowpsecurity');
        ?>
</span>
                </td>
            </tr>            
        </table>
        <input type="submit" name="aiowps_save_prevent_hotlinking" value="<?php 
        _e('Save Settings', 'aiowpsecurity');
        ?>
" class="button-primary" />
        </form>
        </div></div>
    <?php 
    }
开发者ID:roycocup,项目名称:enclothed,代码行数:82,代码来源:wp-security-firewall-menu.php

示例15: render_tab2

    function render_tab2()
    {
        global $aio_wp_security;
        if (isset($_POST['aiowps_save_htaccess'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-save-htaccess-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file save!", 4);
                die("Nonce check failed on htaccess file save!");
            }
            $htaccess_path = ABSPATH . '.htaccess';
            $result = AIOWPSecurity_Utility_File::backup_and_rename_htaccess($htaccess_path);
            //Backup the htaccess file
            if ($result) {
                $random_prefix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
                $aiowps_backup_dir = WP_CONTENT_DIR . '/' . AIO_WP_SECURITY_BACKUPS_DIR_NAME;
                if (rename($aiowps_backup_dir . '/' . '.htaccess.backup', $aiowps_backup_dir . '/' . $random_prefix . '_htaccess_backup.txt')) {
                    echo '<div id="message" class="updated fade"><p>';
                    _e('Your .htaccess file was successfully backed up! Using an FTP program go to the "/wp-content/aiowps_backups" directory to save a copy of the file to your computer.', 'aiowpsecurity');
                    echo '</p></div>';
                } else {
                    $aio_wp_security->debug_logger->log_debug("htaccess file rename failed during backup!", 4);
                    $this->show_msg_error(__('htaccess file rename failed during backup. Please check your root directory for the backup file using FTP.', 'aiowpsecurity'));
                }
            } else {
                $aio_wp_security->debug_logger->log_debug("htaccess - Backup operation failed!", 4);
                $this->show_msg_error(__('htaccess backup failed.', 'aiowpsecurity'));
            }
        }
        if (isset($_POST['aiowps_restore_htaccess_button'])) {
            $nonce = $_REQUEST['_wpnonce'];
            if (!wp_verify_nonce($nonce, 'aiowpsec-restore-htaccess-nonce')) {
                $aio_wp_security->debug_logger->log_debug("Nonce check failed on htaccess file restore!", 4);
                die("Nonce check failed on htaccess file restore!");
            }
            if (empty($_POST['aiowps_htaccess_file'])) {
                $this->show_msg_error(__('Please choose a .htaccess to restore from.', 'aiowpsecurity'));
            } else {
                //Let's copy the uploaded .htaccess file into the active root file
                $new_htaccess_file_path = trim($_POST['aiowps_htaccess_file']);
                //TODO
                //Verify that file chosen has contents which are relevant to .htaccess file
                $is_htaccess = AIOWPSecurity_Utility_Htaccess::check_if_htaccess_contents($new_htaccess_file_path);
                if ($is_htaccess == 1) {
                    $active_root_htaccess = ABSPATH . '.htaccess';
                    if (!copy($new_htaccess_file_path, $active_root_htaccess)) {
                        //Failed to make a backup copy
                        $aio_wp_security->debug_logger->log_debug("htaccess - Restore from .htaccess operation failed!", 4);
                        $this->show_msg_error(__('htaccess file restore failed. Please attempt to restore the .htaccess manually using FTP.', 'aiowpsecurity'));
                    } else {
                        $this->show_msg_updated(__('Your .htaccess file has successfully been restored!', 'aiowpsecurity'));
                    }
                } else {
                    $aio_wp_security->debug_logger->log_debug("htaccess restore failed - Contents of restore file appear invalid!", 4);
                    $this->show_msg_error(__('htaccess Restore operation failed! Please check the contents of the file you are trying to restore from.', 'aiowpsecurity'));
                }
            }
        }
        ?>
        <h2><?php 
        _e('.htaccess File Operations', 'aiowpsecurity');
        ?>
</h2>
        <div class="aio_blue_box">
            <?php 
        echo '<p>' . __('Your ".htaccess" file is a key component of your website\'s security and it can be modified to implement various levels of protection mechanisms.', 'aiowpsecurity') . '
            <br />' . __('This feature allows you to backup and save your currently active .htaccess file should you need to re-use the the backed up file in the future.', 'aiowpsecurity') . '
            <br />' . __('You can also restore your site\'s .htaccess settings using a backed up .htaccess file.', 'aiowpsecurity') . '    
            </p>';
        ?>
        </div>
        <?php 
        if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1) {
            //Hide config settings if MS and not main site
            AIOWPSecurity_Utility::display_multisite_message();
        } else {
            ?>
        <div class="postbox">
        <h3><label for="title"><?php 
            _e('Save the current .htaccess file', 'aiowpsecurity');
            ?>
</label></h3>
        <div class="inside">
        <form action="" method="POST">
        <?php 
            wp_nonce_field('aiowpsec-save-htaccess-nonce');
            ?>
            <p class="description"><?php 
            _e('Click the button below to backup and save the currently active .htaccess file.', 'aiowpsecurity');
            ?>
</p>
            <input type="submit" name="aiowps_save_htaccess" value="<?php 
            _e('Backup .htaccess File', 'aiowpsecurity');
            ?>
" class="button-primary" />
        </form>
        </div></div>
        <div class="postbox">
        <h3><label for="title"><?php 
            _e('Restore from a backed up .htaccess file', 'aiowpsecurity');
            ?>
//.........这里部分代码省略.........
开发者ID:roycocup,项目名称:enclothed,代码行数:101,代码来源:wp-security-settings-menu.php


注:本文中的AIOWPSecurity_Utility_Htaccess类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。