本文整理汇总了PHP中wordfence类的典型用法代码示例。如果您正苦于以下问题:PHP wordfence类的具体用法?PHP wordfence怎么用?PHP wordfence使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了wordfence类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getURL
protected function getURL($url, $postParams = array())
{
wordfence::status(4, 'info', "Calling Wordfence API v" . WORDFENCE_API_VERSION . ":" . $url);
if (!function_exists('wp_remote_post')) {
require_once ABSPATH . WPINC . 'http.php';
}
$ssl_verify = (bool) wfConfig::get('ssl_verify');
$args = array('timeout' => 900, 'user-agent' => "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]'), 'body' => $postParams, 'sslverify' => $ssl_verify);
if (!$ssl_verify) {
// Some versions of cURL will complain that SSL verification is disabled but the CA bundle was supplied.
$args['sslcertificates'] = false;
}
$response = wp_remote_post($url, $args);
$this->lastHTTPStatus = (int) wp_remote_retrieve_response_code($response);
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
throw new Exception("There was an " . ($error_message ? '' : 'unknown ') . "error connecting to the the Wordfence scanning servers" . ($error_message ? ": {$error_message}" : '.'));
}
if (!empty($response['response']['code'])) {
$this->lastHTTPStatus = (int) $response['response']['code'];
}
if (200 != $this->lastHTTPStatus) {
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [{$this->lastHTTPStatus}]");
}
$this->curlContent = wp_remote_retrieve_body($response);
return $this->curlContent;
}示例2: scan
function scan()
{
if ($this->_checkWordFence()) {
return wordfence::ajax_scan_callback();
} else {
return array('error' => "Word Fence plugin is not activated", 'error_code' => 'wordfence_plugin_is_not_activated');
}
}示例3: getURL
protected function getURL($url, $postParams = array()){
if(function_exists('curl_init')){
$this->curlDataWritten = 0;
$this->curlContent = "";
$curl = curl_init($url);
if(defined('WP_PROXY_HOST') && defined('WP_PROXY_PORT') && wfUtils::hostNotExcludedFromProxy($url) ){
curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, 0);
curl_setopt($curl, CURLOPT_PROXY, WP_PROXY_HOST . ':' . WP_PROXY_PORT);
if(defined('WP_PROXY_USERNAME') && defined('WP_PROXY_PASSWORD')){
curl_setopt($curl, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD);
}
}
curl_setopt ($curl, CURLOPT_TIMEOUT, 900);
curl_setopt ($curl, CURLOPT_USERAGENT, "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]') );
curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt ($curl, CURLOPT_HEADER, 0);
curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt ($curl, CURLOPT_WRITEFUNCTION, array($this, 'curlWrite'));
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
wordfence::status(4, 'info', "CURL fetching URL: " . $url);
curl_exec($curl);
$httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
$this->lastCurlErrorNo = curl_errno($curl);
if($httpStatus == 200){
curl_close($curl);
return $this->curlContent;
} else {
$cerror = curl_error($curl);
curl_close($curl);
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [$httpStatus] and the curl error number was [" . $this->lastCurlErrorNo . "] " . ($cerror ? (' and the error from CURL was: ' . $cerror) : ''));
}
} else {
wordfence::status(4, 'info', "Fetching URL with file_get: " . $url);
$data = $this->fileGet($url, $postParams);
if($data === false){
$err = error_get_last();
if($err){
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers using PHP's file_get_contents function. The error was: " . var_export($err, true));
} else {
throw new Exception("We received an empty response when trying to contact the Wordfence scanning servers using PHP's file_get_contents function.");
}
}
return $data;
}
}示例4: getURL
protected function getURL($url, $postParams = array())
{
wordfence::status(4, 'info', "Calling Wordfence API v" . WORDFENCE_API_VERSION . ":" . $url);
if (!function_exists('wp_remote_post')) {
require_once ABSPATH . WPINC . 'http.php';
}
$response = wp_remote_post($url, array('timeout' => 900, 'user-agent' => "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]'), 'body' => $postParams));
$this->lastHTTPStatus = (int) wp_remote_retrieve_response_code($response);
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
throw new Exception("There was an " . ($error_message ? '' : 'unknown ') . "error connecting to the the Wordfence scanning servers" . ($error_message ? ": {$error_message}" : '.'));
}
if (!empty($response['response']['code'])) {
$this->lastHTTPStatus = (int) $response['response']['code'];
}
if (200 != $this->lastHTTPStatus) {
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [{$this->lastHTTPStatus}]");
}
$this->curlContent = wp_remote_retrieve_body($response);
return $this->curlContent;
}示例5: processFile
private function processFile($realFile)
{
$file = substr($realFile, $this->striplen);
if (!$this->stoppedOnFile && microtime(true) - $this->startTime > $this->engine->maxExecTime) {
//max X seconds but don't allow fork if we're looking for the file we stopped on. Search mode is VERY fast.
$this->stoppedOnFile = $file;
wordfence::status(4, 'info', "Calling fork() from wordfenceHash::processFile with maxExecTime: " . $this->engine->maxExecTime);
$this->engine->fork();
//exits
}
//Put this after the fork, that way we will at least scan one more file after we fork if it takes us more than 10 seconds to search for the stoppedOnFile
if ($this->stoppedOnFile && $file != $this->stoppedOnFile) {
return;
} else {
if ($this->stoppedOnFile && $file == $this->stoppedOnFile) {
$this->stoppedOnFile = false;
//Continue scanning
}
}
if (wfUtils::fileTooBig($realFile)) {
wordfence::status(4, 'info', "Skipping file larger than max size: {$realFile}");
return;
}
if (function_exists('memory_get_usage')) {
wordfence::status(4, 'info', "Scanning: {$realFile} (Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
} else {
wordfence::status(4, 'info', "Scanning: {$realFile}");
}
$wfHash = self::wfHash($realFile);
if ($wfHash) {
$md5 = strtoupper($wfHash[0]);
$shac = strtoupper($wfHash[1]);
$knownFile = 0;
if ($this->malwareEnabled && $this->isMalwarePrefix($md5)) {
$this->possibleMalware[] = array($file, $md5);
}
if (isset($this->knownFiles['core'][$file])) {
if (strtoupper($this->knownFiles['core'][$file]) == $shac) {
$knownFile = 1;
} else {
if ($this->coreEnabled) {
$localFile = ABSPATH . '/' . preg_replace('/^[\\.\\/]+/', '', $file);
$fileContents = @file_get_contents($localFile);
if ($fileContents && !preg_match('/<\\?' . 'php[\\r\\n\\s\\t]*\\/\\/[\\r\\n\\s\\t]*Silence is golden\\.[\\r\\n\\s\\t]*(?:\\?>)?[\\r\\n\\s\\t]*$/s', $fileContents)) {
//<?php
if (!$this->isSafeFile($shac)) {
$this->haveIssues['core'] = true;
$this->engine->addIssue('file', 1, 'coreModified' . $file . $md5, 'coreModified' . $file, 'WordPress core file modified: ' . $file, "This WordPress core file has been modified and differs from the original file distributed with this version of WordPress.", array('file' => $file, 'cType' => 'core', 'canDiff' => true, 'canFix' => true, 'canDelete' => false));
}
}
}
}
} else {
if (isset($this->knownFiles['plugins'][$file])) {
if (in_array($shac, $this->knownFiles['plugins'][$file])) {
$knownFile = 1;
} else {
if ($this->pluginsEnabled) {
if (!$this->isSafeFile($shac)) {
$itemName = $this->knownFiles['plugins'][$file][0];
$itemVersion = $this->knownFiles['plugins'][$file][1];
$cKey = $this->knownFiles['plugins'][$file][2];
$this->haveIssues['plugins'] = true;
$this->engine->addIssue('file', 2, 'modifiedplugin' . $file . $md5, 'modifiedplugin' . $file, 'Modified plugin file: ' . $file, "This file belongs to plugin \"{$itemName}\" version \"{$itemVersion}\" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don't manage their code correctly. [See our FAQ on www.wordfence.com for more info]", array('file' => $file, 'cType' => 'plugin', 'canDiff' => true, 'canFix' => true, 'canDelete' => false, 'cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
}
}
}
} else {
if (isset($this->knownFiles['themes'][$file])) {
if (in_array($shac, $this->knownFiles['themes'][$file])) {
$knownFile = 1;
} else {
if ($this->themesEnabled) {
if (!$this->isSafeFile($shac)) {
$itemName = $this->knownFiles['themes'][$file][0];
$itemVersion = $this->knownFiles['themes'][$file][1];
$cKey = $this->knownFiles['themes'][$file][2];
$this->haveIssues['themes'] = true;
$this->engine->addIssue('file', 2, 'modifiedtheme' . $file . $md5, 'modifiedtheme' . $file, 'Modified theme file: ' . $file, "This file belongs to theme \"{$itemName}\" version \"{$itemVersion}\" and has been modified from the original distribution. It is common for site owners to modify their theme files, so if you have modified this file yourself you can safely ignore this warning.", array('file' => $file, 'cType' => 'theme', 'canDiff' => true, 'canFix' => true, 'canDelete' => false, 'cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
}
}
}
}
}
}
// knownFile means that the file is both part of core or a known plugin or theme AND that we recognize the file's hash.
// we could split this into files who's path we recognize and file's who's path we recognize AND who have a valid sig.
// But because we want to scan files who's sig we don't recognize, regardless of known path or not, we only need one "knownFile" field.
$this->db->queryWrite("insert into " . $this->db->prefix() . "wfFileMods (filename, filenameMD5, knownFile, oldMD5, newMD5) values ('%s', unhex(md5('%s')), %d, '', unhex('%s')) ON DUPLICATE KEY UPDATE newMD5=unhex('%s'), knownFile=%d", $file, $file, $knownFile, $md5, $md5, $knownFile);
//Now that we know we can open the file, lets update stats
if (preg_match('/\\.(?:js|html|htm|css)$/i', $realFile)) {
$this->linesOfJCH += sizeof(file($realFile));
} else {
if (preg_match('/\\.php$/i', $realFile)) {
$this->linesOfPHP += sizeof(file($realFile));
}
}
$this->totalFiles++;
$this->totalData += filesize($realFile);
//We already checked if file overflows int in the fileTooBig routine above
//.........这里部分代码省略.........
示例6: autoUpdate
public static function autoUpdate()
{
try {
if (getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) {
$lastEmail = self::get('lastLiteSpdEmail', false);
if (!$lastEmail || time() - (int) $lastEmail > 86400 * 30) {
self::set('lastLiteSpdEmail', time());
wordfence::alert("Wordfence Upgrade not run. Please modify your .htaccess", "To preserve the integrity of your website we are not running Wordfence auto-update.\n" . "You are running the LiteSpeed web server which has been known to cause a problem with Wordfence auto-update.\n" . "Please go to your website now and make a minor change to your .htaccess to fix this.\n" . "You can find out how to make this change at:\n" . "https://support.wordfence.com/solution/articles/1000129050-running-wordfence-under-litespeed-web-server-and-preventing-process-killing-or\n" . "\nAlternatively you can disable auto-update on your website to stop receiving this message and upgrade Wordfence manually.\n", '127.0.0.1');
}
return;
}
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
require_once ABSPATH . 'wp-admin/includes/misc.php';
/* We were creating show_message here so that WP did not write to STDOUT. This had the strange effect of throwing an error about redeclaring show_message function, but only when a crawler hit the site and triggered the cron job. Not a human. So we're now just require'ing misc.php which does generate output, but that's OK because it is a loopback cron request.
if(! function_exists('show_message')){
function show_message($msg = 'null'){}
}
*/
define('FS_METHOD', 'direct');
require_once ABSPATH . 'wp-includes/update.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
wp_update_plugins();
ob_start();
$upgrader = new Plugin_Upgrader();
$upret = $upgrader->upgrade('wordfence/wordfence.php');
if ($upret) {
$cont = file_get_contents(WP_PLUGIN_DIR . '/wordfence/wordfence.php');
if (wfConfig::get('alertOn_update') == '1' && preg_match('/Version: (\\d+\\.\\d+\\.\\d+)/', $cont, $matches)) {
wordfence::alert("Wordfence Upgraded to version " . $matches[1], "Your Wordfence installation has been upgraded to version " . $matches[1], '127.0.0.1');
}
}
$output = @ob_get_contents();
@ob_end_clean();
} catch (Exception $e) {
}
}示例7: dataForFile
/**
* @param string $file
* @return array
*/
private function dataForFile($file, $fullPath = null)
{
$loader = $this->scanEngine->getKnownFilesLoader();
$data = array();
if ($isKnownFile = $loader->isKnownFile($file)) {
if ($loader->isKnownCoreFile($file)) {
$data['cType'] = 'core';
} else {
if ($loader->isKnownPluginFile($file)) {
$data['cType'] = 'plugin';
list($itemName, $itemVersion, $cKey) = $loader->getKnownPluginData($file);
$data = array_merge($data, array('cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
} else {
if ($loader->isKnownThemeFile($file)) {
$data['cType'] = 'theme';
list($itemName, $itemVersion, $cKey) = $loader->getKnownThemeData($file);
$data = array_merge($data, array('cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
}
}
}
}
$suppressDelete = false;
$canRegenerate = false;
if ($fullPath !== null) {
$bootstrapPath = wordfence::getWAFBootstrapPath();
$htaccessPath = get_home_path() . '.htaccess';
$userIni = ini_get('user_ini.filename');
$userIniPath = false;
if ($userIni) {
$userIniPath = get_home_path() . $userIni;
}
if ($fullPath == $htaccessPath) {
$suppressDelete = true;
} else {
if ($userIniPath !== false && $fullPath == $userIniPath) {
$suppressDelete = true;
} else {
if ($fullPath == $bootstrapPath) {
$suppressDelete = true;
$canRegenerate = true;
}
}
}
}
$data['canDiff'] = $isKnownFile;
$data['canFix'] = $isKnownFile;
$data['canDelete'] = !$isKnownFile && !$canRegenerate && !$suppressDelete;
$data['canRegenerate'] = $canRegenerate;
return $data;
}示例8: restore_file
function restore_file()
{
$issueID = $_POST['issueID'];
$wfIssues = new wfIssues();
$issue = $wfIssues->getIssueByID($issueID);
if (!$issue) {
return array('cerrorMsg' => "We could not find that issue in our database.");
}
$dat = $issue['data'];
$result = wordfence::getWPFileContent($dat['file'], $dat['cType'], isset($dat['cName']) ? $dat['cName'] : '', isset($dat['cVersion']) ? $dat['cVersion'] : '');
$file = $dat['file'];
if (isset($result['cerrorMsg']) && $result['cerrorMsg']) {
return $result;
} else {
if (!$result['fileContent']) {
return array('cerrorMsg' => "We could not get the original file to do a repair.");
}
}
if (preg_match('/\\.\\./', $file)) {
return array('cerrorMsg' => "An invalid file was specified for repair.");
}
$localFile = ABSPATH . '/' . preg_replace('/^[\\.\\/]+/', '', $file);
$fh = fopen($localFile, 'w');
if (!$fh) {
$err = error_get_last();
if (preg_match('/Permission denied/i', $err['message'])) {
$errMsg = "You don't have permission to repair that file. You need to either fix the file manually using FTP or change the file permissions and ownership so that your web server has write access to repair the file.";
} else {
$errMsg = "We could not write to that file. The error was: " . $err['message'];
}
return array('cerrorMsg' => $errMsg);
}
flock($fh, LOCK_EX);
$bytes = fwrite($fh, $result['fileContent']);
flock($fh, LOCK_UN);
fclose($fh);
if ($bytes < 1) {
return array('cerrorMsg' => "We could not write to that file. ({$bytes} bytes written) You may not have permission to modify files on your WordPress server.");
}
$wfIssues->updateIssue($issueID, 'delete');
return array('ok' => 1, 'file' => $localFile);
}示例9: getIPsGeo
public static function getIPsGeo($IPs)
{
//works with int or dotted. Outputs same format it receives.
$IPs = array_unique($IPs);
$toResolve = array();
$db = new wfDB();
global $wpdb;
$locsTable = $wpdb->base_prefix . 'wfLocs';
$IPLocs = array();
foreach ($IPs as $IP) {
$isBinaryIP = !self::isValidIP($IP);
if ($isBinaryIP) {
$ip_printable = wfUtils::inet_ntop($IP);
$ip_bin = $IP;
} else {
$ip_printable = $IP;
$ip_bin = wfUtils::inet_pton($IP);
}
$row = $db->querySingleRec("select IP, ctime, failed, city, region, countryName, countryCode, lat, lon, unix_timestamp() - ctime as age from " . $locsTable . " where IP=%s", $ip_bin);
if ($row) {
if ($row['age'] > WORDFENCE_MAX_IPLOC_AGE) {
$db->queryWrite("delete from " . $locsTable . " where IP=%s", $row['IP']);
} else {
if ($row['failed'] == 1) {
$IPLocs[$ip_printable] = false;
} else {
$row['IP'] = self::inet_ntop($row['IP']);
$IPLocs[$ip_printable] = $row;
}
}
}
if (!isset($IPLocs[$ip_printable])) {
$toResolve[] = $ip_printable;
}
}
if (sizeof($toResolve) > 0) {
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
try {
$freshIPs = $api->call('resolve_ips', array(), array('ips' => implode(',', $toResolve)));
if (is_array($freshIPs)) {
foreach ($freshIPs as $IP => $value) {
$IP_bin = wfUtils::inet_pton($IP);
if ($value == 'failed') {
$db->queryWrite("insert IGNORE into " . $locsTable . " (IP, ctime, failed) values (%s, unix_timestamp(), 1)", $IP_bin);
$IPLocs[$IP] = false;
} else {
if (is_array($value)) {
for ($i = 0; $i <= 5; $i++) {
//Prevent warnings in debug mode about uninitialized values
if (!isset($value[$i])) {
$value[$i] = '';
}
}
$db->queryWrite("insert IGNORE into " . $locsTable . " (IP, ctime, failed, city, region, countryName, countryCode, lat, lon) values (%s, unix_timestamp(), 0, '%s', '%s', '%s', '%s', %s, %s)", $IP_bin, $value[3], $value[2], $value[1], $value[0], $value[4], $value[5]);
$IPLocs[$IP] = array('IP' => $IP, 'city' => $value[3], 'region' => $value[2], 'countryName' => $value[1], 'countryCode' => $value[0], 'lat' => $value[4], 'lon' => $value[5]);
}
}
}
}
} catch (Exception $e) {
wordfence::status(2, 'error', "Call to Wordfence API to resolve IPs failed: " . $e->getMessage());
return array();
}
}
return $IPLocs;
}示例10: writeScanningStatus
private function writeScanningStatus()
{
wordfence::status(2, 'info', "Scanned contents of " . $this->totalFilesScanned . " additional files at " . sprintf('%.2f', $this->totalFilesScanned / (microtime(true) - $this->startTime)) . " per second");
}示例11: uninstall
public function uninstall()
{
/** @var WP_Filesystem_Base $wp_filesystem */
global $wp_filesystem;
$htaccessPath = $this->getHtaccessPath();
$userIniPath = $this->getUserIniPath();
$adminURL = admin_url('/');
$allow_relaxed_file_ownership = true;
$homePath = dirname($htaccessPath);
ob_start();
if (false === ($credentials = request_filesystem_credentials($adminURL, '', false, $homePath, array('version', 'locale'), $allow_relaxed_file_ownership))) {
ob_end_clean();
return false;
}
if (!WP_Filesystem($credentials, $homePath, $allow_relaxed_file_ownership)) {
// Failed to connect, Error and request again
request_filesystem_credentials($adminURL, '', true, ABSPATH, array('version', 'locale'), $allow_relaxed_file_ownership);
ob_end_clean();
return false;
}
if ($wp_filesystem->errors->get_error_code()) {
ob_end_clean();
return false;
}
ob_end_clean();
if ($wp_filesystem->is_file($htaccessPath)) {
$htaccessContent = $wp_filesystem->get_contents($htaccessPath);
$regex = '/# Wordfence WAF.*?# END Wordfence WAF/is';
if (preg_match($regex, $htaccessContent, $matches)) {
$htaccessContent = preg_replace($regex, '', $htaccessContent);
if (!$wp_filesystem->put_contents($htaccessPath, $htaccessContent)) {
return false;
}
}
}
if ($wp_filesystem->is_file($userIniPath)) {
$userIniContent = $wp_filesystem->get_contents($userIniPath);
$regex = '/; Wordfence WAF.*?; END Wordfence WAF/is';
if (preg_match($regex, $userIniContent, $matches)) {
$userIniContent = preg_replace($regex, '', $userIniContent);
if (!$wp_filesystem->put_contents($userIniPath, $userIniContent)) {
return false;
}
}
}
$bootstrapPath = wordfence::getWAFBootstrapPath();
if ($wp_filesystem->is_file($bootstrapPath)) {
$wp_filesystem->delete($bootstrapPath);
}
return true;
}示例12: processFile
private function processFile($realFile)
{
$file = substr($realFile, $this->striplen);
if (wfUtils::fileTooBig($realFile)) {
wordfence::status(4, 'info', "Skipping file larger than max size: {$realFile}");
return;
}
if (function_exists('memory_get_usage')) {
wordfence::status(4, 'info', "Scanning: {$realFile} (Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
} else {
wordfence::status(4, 'info', "Scanning: {$realFile}");
}
wfUtils::beginProcessingFile($file);
$wfHash = self::wfHash($realFile);
if ($wfHash) {
$md5 = strtoupper($wfHash[0]);
$shac = strtoupper($wfHash[1]);
$knownFile = 0;
if ($this->malwareEnabled && $this->isMalwarePrefix($md5)) {
$this->possibleMalware[] = array($file, $md5);
}
$knownFileExclude = wordfenceScanner::getExcludeFilePattern(wordfenceScanner::EXCLUSION_PATTERNS_KNOWN_FILES);
$allowKnownFileScan = true;
if ($knownFileExclude) {
$allowKnownFileScan = !preg_match($knownFileExclude, $realFile);
}
if ($allowKnownFileScan) {
if ($this->coreUnknownEnabled && !$this->alertedOnUnknownWordPressVersion && empty($this->knownFiles['core'])) {
require ABSPATH . 'wp-includes/version.php';
//defines $wp_version
$this->alertedOnUnknownWordPressVersion = true;
$this->haveIssues['coreUnknown'] = true;
$this->engine->addIssue('coreUnknown', 2, 'coreUnknown' . $wp_version, 'coreUnknown' . $wp_version, 'Unknown WordPress core version: ' . $wp_version, "The core files scan will not be run because this version of WordPress is not currently indexed by Wordfence. This may be due to using a prerelease version or because the servers are still indexing a new release. If you are using an official WordPress release, this issue will automatically dismiss once the version is indexed and another scan is run.", array());
}
if (isset($this->knownFiles['core'][$file])) {
if (strtoupper($this->knownFiles['core'][$file]) == $shac) {
$knownFile = 1;
} else {
if ($this->coreEnabled) {
$localFile = ABSPATH . '/' . preg_replace('/^[\\.\\/]+/', '', $file);
$fileContents = @file_get_contents($localFile);
if ($fileContents && !preg_match('/<\\?' . 'php[\\r\\n\\s\\t]*\\/\\/[\\r\\n\\s\\t]*Silence is golden\\.[\\r\\n\\s\\t]*(?:\\?>)?[\\r\\n\\s\\t]*$/s', $fileContents)) {
//<?php
if (!$this->isSafeFile($shac)) {
$this->haveIssues['core'] = true;
$this->engine->addIssue('knownfile', 1, 'coreModified' . $file . $md5, 'coreModified' . $file, 'WordPress core file modified: ' . $file, "This WordPress core file has been modified and differs from the original file distributed with this version of WordPress.", array('file' => $file, 'cType' => 'core', 'canDiff' => true, 'canFix' => true, 'canDelete' => false));
}
}
}
}
} else {
if (isset($this->knownFiles['plugins'][$file])) {
if (in_array($shac, $this->knownFiles['plugins'][$file])) {
$knownFile = 1;
} else {
if ($this->pluginsEnabled) {
if (!$this->isSafeFile($shac)) {
$itemName = $this->knownFiles['plugins'][$file][0];
$itemVersion = $this->knownFiles['plugins'][$file][1];
$cKey = $this->knownFiles['plugins'][$file][2];
$this->haveIssues['plugins'] = true;
$this->engine->addIssue('knownfile', 2, 'modifiedplugin' . $file . $md5, 'modifiedplugin' . $file, 'Modified plugin file: ' . $file, "This file belongs to plugin \"{$itemName}\" version \"{$itemVersion}\" and has been modified from the file that is distributed by WordPress.org for this version. Please use the link to see how the file has changed. If you have modified this file yourself, you can safely ignore this warning. If you see a lot of changed files in a plugin that have been made by the author, then try uninstalling and reinstalling the plugin to force an upgrade. Doing this is a workaround for plugin authors who don't manage their code correctly. [See our FAQ on www.wordfence.com for more info]", array('file' => $file, 'cType' => 'plugin', 'canDiff' => true, 'canFix' => true, 'canDelete' => false, 'cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
}
}
}
} else {
if (isset($this->knownFiles['themes'][$file])) {
if (in_array($shac, $this->knownFiles['themes'][$file])) {
$knownFile = 1;
} else {
if ($this->themesEnabled) {
if (!$this->isSafeFile($shac)) {
$itemName = $this->knownFiles['themes'][$file][0];
$itemVersion = $this->knownFiles['themes'][$file][1];
$cKey = $this->knownFiles['themes'][$file][2];
$this->haveIssues['themes'] = true;
$this->engine->addIssue('knownfile', 2, 'modifiedtheme' . $file . $md5, 'modifiedtheme' . $file, 'Modified theme file: ' . $file, "This file belongs to theme \"{$itemName}\" version \"{$itemVersion}\" and has been modified from the original distribution. It is common for site owners to modify their theme files, so if you have modified this file yourself you can safely ignore this warning.", array('file' => $file, 'cType' => 'theme', 'canDiff' => true, 'canFix' => true, 'canDelete' => false, 'cName' => $itemName, 'cVersion' => $itemVersion, 'cKey' => $cKey));
}
}
}
} else {
if ($this->coreUnknownEnabled && !$this->alertedOnUnknownWordPressVersion) {
//Check for unknown files in system directories
$restrictedWordPressFolders = array(ABSPATH . 'wp-admin/', ABSPATH . WPINC . '/');
foreach ($restrictedWordPressFolders as $path) {
if (strpos($realFile, $path) === 0) {
$this->haveIssues['coreUnknown'] = true;
$this->engine->addIssue('knownfile', 2, 'coreUnknown' . $file . $md5, 'coreUnknown' . $file, 'Unknown file in WordPress core: ' . $file, "This file is in a WordPress core location but is not distributed with this version of WordPress. This is usually due to it being left over from a previous WordPress update, but it may also have been added by another plugin or a malicious file added by an attacker.", array('file' => $file, 'cType' => 'core', 'canDiff' => false, 'canFix' => false, 'canDelete' => true));
}
}
}
}
}
}
}
// knownFile means that the file is both part of core or a known plugin or theme AND that we recognize the file's hash.
// we could split this into files who's path we recognize and file's who's path we recognize AND who have a valid sig.
// But because we want to scan files who's sig we don't recognize, regardless of known path or not, we only need one "knownFile" field.
$this->db->queryWrite("insert into " . $this->db->prefix() . "wfFileMods (filename, filenameMD5, knownFile, oldMD5, newMD5) values ('%s', unhex(md5('%s')), %d, '', unhex('%s')) ON DUPLICATE KEY UPDATE newMD5=unhex('%s'), knownFile=%d", $file, $file, $knownFile, $md5, $md5, $knownFile);
$this->totalFiles++;
//.........这里部分代码省略.........
示例13: getBaddies
public function getBaddies()
{
$allHostKeys = array();
$stime = microtime(true);
$allHostKeys = array();
if ($this->useDB) {
$q1 = $this->db->querySelect("select distinct hostKey as hostKey from {$this->table}");
foreach ($q1 as $hRec) {
$allHostKeys[] = $hRec['hostKey'];
}
} else {
$allHostKeys = $this->hostKeys;
}
//Now call API and check if any hostkeys are bad.
//This is a shortcut, because if no hostkeys are bad it saves us having to check URLs
if (sizeof($allHostKeys) > 0) {
//If we don't have any hostkeys, then we won't have any URL's to check either.
//Hostkeys are 4 byte sha256 prefixes
//Returned value is 2 byte shorts which are array indexes for bad keys that were passed in the original list
$this->dbg("Checking " . sizeof($allHostKeys) . " hostkeys");
if ($this->debug) {
foreach ($allHostKeys as $key) {
$this->dbg("Checking hostkey: " . bin2hex($key));
}
}
wordfence::status(2, 'info', "Checking " . sizeof($allHostKeys) . " host keys against Wordfence scanning servers.");
$resp = $this->api->binCall('check_host_keys', implode('', $allHostKeys));
wordfence::status(2, 'info', "Done host key check.");
$this->dbg("Done hostkey check");
$badHostKeys = array();
if ($resp['code'] == 200) {
if (strlen($resp['data']) > 0) {
$dataLen = strlen($resp['data']);
if ($dataLen % 2 != 0) {
$this->errorMsg = "Invalid data length received from Wordfence server: " . $dataLen;
return false;
}
for ($i = 0; $i < $dataLen; $i += 2) {
$idxArr = unpack('n', substr($resp['data'], $i, 2));
$idx = $idxArr[1];
if (isset($allHostKeys[$idx])) {
$badHostKeys[] = $allHostKeys[$idx];
$this->dbg("Got bad hostkey for record: " . var_export($allHostKeys[$idx], true));
} else {
$this->dbg("Bad allHostKeys index: {$idx}");
$this->errorMsg = "Bad allHostKeys index: {$idx}";
return false;
}
}
}
} else {
$this->errorMsg = "Wordfence server responded with an error. HTTP code " . $resp['code'] . " and data: " . $resp['data'];
return false;
}
if (sizeof($badHostKeys) > 0) {
$urlsToCheck = array();
$totalURLs = 0;
//need to figure out which id's have bad hostkeys
//need to feed in all URL's from those id's where the hostkey matches a URL
foreach ($badHostKeys as $badHostKey) {
if ($this->useDB) {
//Putting a 10000 limit in here for sites that have a huge number of items with the same URL that repeats.
// This is an edge case. But if the URLs are malicious then presumably the admin will fix the malicious URLs
// and on subsequent scans the items (owners) that are above the 10000 limit will appear.
$q1 = $this->db->querySelect("select owner, host, path from {$this->table} where hostKey='%s' limit 10000", $badHostKey);
foreach ($q1 as $rec) {
$url = 'http://' . $rec['host'] . $rec['path'];
if (!isset($urlsToCheck[$rec['owner']])) {
$urlsToCheck[$rec['owner']] = array();
}
if (!in_array($url, $urlsToCheck[$rec['owner']])) {
$urlsToCheck[$rec['owner']][] = $url;
$totalURLs++;
}
}
} else {
foreach ($this->hostList as $rec) {
if ($rec['hostKey'] == $badHostKey) {
$url = 'http://' . $rec['host'] . $rec['path'];
if (!isset($urlsToCheck[$rec['owner']])) {
$urlsToCheck[$rec['owner']] = array();
}
if (!in_array($url, $urlsToCheck[$rec['owner']])) {
$urlsToCheck[$rec['owner']][] = $url;
$totalURLs++;
}
}
}
}
}
if (sizeof($urlsToCheck) > 0) {
wordfence::status(2, 'info', "Checking " . $totalURLs . " URLs from " . sizeof($urlsToCheck) . " sources.");
$badURLs = $this->api->call('check_bad_urls', array(), array('toCheck' => json_encode($urlsToCheck)));
wordfence::status(2, 'info', "Done URL check.");
$this->dbg("Done URL check");
if (is_array($badURLs) && sizeof($badURLs) > 0) {
$finalResults = array();
foreach ($badURLs as $file => $badSiteList) {
if (!isset($finalResults[$file])) {
$finalResults[$file] = array();
//.........这里部分代码省略.........
示例14: status
private static function status($level, $type, $msg)
{
wordfence::status($level, $type, $msg);
}示例15: set_ser
public static function set_ser($key, $val, $canUseDisk = false)
{
//We serialize some very big values so this is memory efficient. We don't make any copies of $val and don't use ON DUPLICATE KEY UPDATE
// because we would have to concatenate $val twice into the query which could also exceed max packet for the mysql server
$serialized = serialize($val);
$val = '';
$tempFilename = 'wordfence_tmpfile_' . $key . '.php';
if (strlen($serialized) * 1.1 > self::getDB()->getMaxAllowedPacketBytes()) {
//If it's greater than max_allowed_packet + 10% for escaping and SQL
if ($canUseDisk) {
$dir = self::getTempDir();
if ($dir) {
$fh = false;
$fullFile = $dir . $tempFilename;
self::deleteOldTempFile($fullFile);
$fh = fopen($fullFile, 'w');
if ($fh) {
wordfence::status(4, 'info', "Serialized data for {$key} is " . strlen($serialized) . " bytes and is greater than max_allowed packet so writing it to disk file: " . $fullFile);
} else {
wordfence::status(1, 'error', "Your database doesn't allow big packets so we have to use files to store temporary data and Wordfence can't find a place to write them. Either ask your admin to increase max_allowed_packet on your MySQL database, or make one of the following directories writable by your web server: " . implode(', ', $dirs));
return false;
}
fwrite($fh, self::$tmpFileHeader);
fwrite($fh, $serialized);
fclose($fh);
return true;
} else {
wordfence::status(1, 'error', "Wordfence tried to save a variable with name '{$key}' and your database max_allowed_packet is set to be too small. We then tried to save it to disk, but you don't have a temporary directory that is writable. You can fix this by making the /wp-content/plugins/wordfence/tmp/ directory writable by your web server. Or by increasing your max_allowed_packet configuration variable in your mysql database.");
return false;
}
} else {
wordfence::status(1, 'error', "Wordfence tried to save a variable with name '{$key}' and your database max_allowed_packet is set to be too small. This particular variable can't be saved to disk. Please ask your administrator to increase max_allowed_packet and also report this in the Wordfence forums because it may be a bug. Thanks.");
return false;
}
} else {
//Delete temp files on disk or else the DB will be written to but get_ser will see files on disk and read them instead
$tempDir = self::getTempDir();
if ($tempDir) {
self::deleteOldTempFile($tempDir . $tempFilename);
}
$exists = self::getDB()->querySingle("select name from " . self::table() . " where name='%s'", $key);
if ($exists) {
self::getDB()->queryWrite("update " . self::table() . " set val=%s where name=%s", $serialized, $key);
} else {
self::getDB()->queryWrite("insert IGNORE into " . self::table() . " (name, val) values (%s, %s)", $key, $serialized);
}
}
self::getDB()->flush();
return true;
}