本文整理汇总了PHP中wfUtils类的典型用法代码示例。如果您正苦于以下问题:PHP wfUtils类的具体用法?PHP wfUtils怎么用?PHP wfUtils使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了wfUtils类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: checkPluginUpdates
/**
* Check if any plugins need an update.
*
* @return $this
*/
public function checkPluginUpdates()
{
$this->plugin_updates = array();
if (!function_exists('wp_update_plugins')) {
require_once ABSPATH . WPINC . '/update.php';
}
if (!function_exists('plugins_api')) {
require_once ABSPATH . '/wp-admin/includes/plugin-install.php';
}
wp_update_plugins();
// Check for Plugin updates
$update_plugins = get_site_transient('update_plugins');
if ($update_plugins && !empty($update_plugins->response)) {
foreach ($update_plugins->response as $plugin => $vals) {
if (!function_exists('get_plugin_data')) {
require_once ABSPATH . '/wp-admin/includes/plugin.php';
}
$pluginFile = wfUtils::getPluginBaseDir() . $plugin;
$data = get_plugin_data($pluginFile);
$data['pluginFile'] = $pluginFile;
$data['newVersion'] = $vals->new_version;
$data['slug'] = $vals->slug;
$data['wpURL'] = rtrim($vals->url, '/');
//Check the vulnerability database
$result = $this->api->call('plugin_vulnerability_check', array(), array('slug' => $vals->slug, 'fromVersion' => $data['Version'], 'toVersion' => $vals->new_version));
$data['vulnerabilityPatched'] = isset($result['vulnerable']) && $result['vulnerable'];
$this->plugin_updates[] = $data;
}
}
return $this;
}
开发者ID:TeamSubjectMatter,项目名称:juddfoundation,代码行数:36,代码来源:wfUpdateCheck.php
示例2: setDefaults
public static function setDefaults()
{
foreach (self::$defaultConfig['checkboxes'] as $key => $config) {
$val = $config['value'];
$autoload = $config['autoload'];
if (self::get($key) === false) {
self::set($key, $val ? '1' : '0', $autoload);
}
}
foreach (self::$defaultConfig['otherParams'] as $key => $val) {
if (self::get($key) === false) {
self::set($key, $val);
}
}
self::set('encKey', substr(wfUtils::bigRandomHex(), 0, 16));
if (self::get('maxMem', false) === false) {
self::set('maxMem', '256');
}
if (self::get('other_scanOutside', false) === false) {
self::set('other_scanOutside', 0);
}
if (self::get('email_summary_enabled')) {
wfActivityReport::scheduleCronJob();
} else {
wfActivityReport::disableCronJob();
}
}
开发者ID:adamplabarge,项目名称:bermstyle,代码行数:27,代码来源:wfConfig.php
示例3: doCurlTest
function doCurlTest($protocol)
{
if (!function_exists('curl_init')) {
echo "<br /><b style='color: #F00;'>CURL is not installed</b>. Asking your hosting provider to install and enable CURL may improve any connection problems.</b><br />\n";
return;
}
echo "<br /><b>STARTING CURL {$protocol} CONNECTION TEST....</b><br />\n";
global $curlContent;
$curlContent = "";
$curl = curl_init($protocol . '://noc1.wordfence.com/');
if (defined('WP_PROXY_HOST') && defined('WP_PROXY_PORT') && wfUtils::hostNotExcludedFromProxy('noc1.wordfence.com')) {
curl_setopt($curl, CURLOPT_HTTPPROXYTUNNEL, 0);
curl_setopt($curl, CURLOPT_PROXY, WP_PROXY_HOST . ':' . WP_PROXY_PORT);
if (defined('WP_PROXY_USERNAME') && defined('WP_PROXY_PASSWORD')) {
curl_setopt($curl, CURLOPT_PROXYUSERPWD, WP_PROXY_USERNAME . ':' . WP_PROXY_PASSWORD);
}
}
curl_setopt($curl, CURLOPT_TIMEOUT, 900);
curl_setopt($curl, CURLOPT_USERAGENT, "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]'));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_WRITEFUNCTION, 'curlWrite');
curl_exec($curl);
$httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if (strpos($curlContent, 'Your site did not send an API key') !== false) {
echo "Curl connectivity test passed.<br /><br />\n";
} else {
$curlErrorNo = curl_errno($curl);
$curlError = curl_error($curl);
echo "Curl connectivity test failed with response: <pre>{$curlContent}</pre>";
echo "<br />Curl HTTP status: {$httpStatus}<br />Curl error code: {$curlErrorNo}<br />Curl Error: {$curlError}<br /><br />\n";
}
}
开发者ID:arobbins,项目名称:davis,代码行数:35,代码来源:conntest.php
示例4: load
function load()
{
if ($this->_checkWordFence()) {
if (wfUtils::isScanRunning()) {
return array('scan' => 'yes');
} else {
return wordfence::ajax_loadIssues_callback();
}
} else {
return array('warning' => "Word Fence plugin is not activated");
}
}
开发者ID:Trideon,项目名称:gigolo,代码行数:12,代码来源:wordfence.class.php
示例5: verifyCrawlerPTR
public static function verifyCrawlerPTR($hostPattern, $IP)
{
global $wpdb;
$table = $wpdb->base_prefix . 'wfCrawlers';
$db = new wfDB();
$IPn = wfUtils::inet_aton($IP);
$status = $db->querySingle("select status from {$table} where IP=%s and patternSig=UNHEX(MD5('%s')) and lastUpdate > unix_timestamp() - %d", $IPn, $hostPattern, WORDFENCE_CRAWLER_VERIFY_CACHE_TIME);
if ($status) {
if ($status == 'verified') {
return true;
} else {
return false;
}
}
$wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
$host = wfUtils::reverseLookup($IP);
if (!$host) {
$db->queryWrite("insert into {$table} (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'noPTR', '', 'noPTR', '');
return false;
}
if (preg_match($hostPattern, $host)) {
$resultIPs = gethostbynamel($host);
$addrsMatch = false;
foreach ($resultIPs as $resultIP) {
if ($resultIP == $IP) {
$addrsMatch = true;
break;
}
}
if ($addrsMatch) {
$db->queryWrite("insert into {$table} (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'verified', $host, 'verified', $host);
return true;
} else {
$db->queryWrite("insert into {$table} (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'fwdFail', $host, 'fwdFail', $host);
return false;
}
} else {
$db->queryWrite("insert into {$table} (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'badPTR', $host, 'badPTR', $host);
return false;
}
}
开发者ID:HandsomeDogStudio,项目名称:peanutbutterplan,代码行数:41,代码来源:wfCrawl.php
示例6: checkPluginUpdates
/**
* Check if any plugins need an update.
*
* @return $this
*/
public function checkPluginUpdates()
{
$this->plugin_updates = array();
if (!function_exists('wp_update_plugins')) {
require_once ABSPATH . WPINC . '/update.php';
}
wp_update_plugins();
// Check for Plugin updates
$update_plugins = get_site_transient('update_plugins');
if ($update_plugins && !empty($update_plugins->response)) {
foreach ($update_plugins->response as $plugin => $vals) {
if (!function_exists('get_plugin_data')) {
require_once ABSPATH . '/wp-admin/includes/plugin.php';
}
$pluginFile = wfUtils::getPluginBaseDir() . $plugin;
$data = get_plugin_data($pluginFile);
$data['newVersion'] = $vals->new_version;
$this->plugin_updates[] = $data;
}
}
return $this;
}
开发者ID:adams0917,项目名称:woocommerce_eht,代码行数:27,代码来源:wfUpdateCheck.php
示例7: scan
/**
* @param wfScanEngine $forkObj
* @return array
*/
public function scan($forkObj)
{
$this->scanEngine = $forkObj;
$loader = $this->scanEngine->getKnownFilesLoader();
if (!$this->startTime) {
$this->startTime = microtime(true);
}
if (!$this->lastStatusTime) {
$this->lastStatusTime = microtime(true);
}
$db = new wfDB();
$lastCount = 'whatever';
$excludePattern = self::getExcludeFilePattern(self::EXCLUSION_PATTERNS_USER & self::EXCLUSION_PATTERNS_MALWARE);
while (true) {
$thisCount = $db->querySingle("select count(*) from " . $db->prefix() . "wfFileMods where oldMD5 != newMD5 and knownFile=0");
if ($thisCount == $lastCount) {
//count should always be decreasing. If not, we're in an infinite loop so lets catch it early
break;
}
$lastCount = $thisCount;
$res1 = $db->querySelect("select filename, filenameMD5, hex(newMD5) as newMD5 from " . $db->prefix() . "wfFileMods where oldMD5 != newMD5 and knownFile=0 limit 500");
if (sizeof($res1) < 1) {
break;
}
foreach ($res1 as $rec1) {
$db->queryWrite("update " . $db->prefix() . "wfFileMods set oldMD5 = newMD5 where filenameMD5='%s'", $rec1['filenameMD5']);
//A way to mark as scanned so that if we come back from a sleep we don't rescan this one.
$file = $rec1['filename'];
if ($excludePattern && preg_match($excludePattern, $file)) {
continue;
}
$fileSum = $rec1['newMD5'];
if (!file_exists($this->path . $file)) {
continue;
}
$fileExt = '';
if (preg_match('/\\.([a-zA-Z\\d\\-]{1,7})$/', $file, $matches)) {
$fileExt = strtolower($matches[1]);
}
$isPHP = false;
if (preg_match('/\\.(?:php(?:\\d+)?|phtml)(\\.|$)/i', $file)) {
$isPHP = true;
}
$dontScanForURLs = false;
if (!wfConfig::get('scansEnabled_highSense') && (preg_match('/^(?:\\.htaccess|wp\\-config\\.php)$/', $file) || $file === ini_get('user_ini.filename'))) {
$dontScanForURLs = true;
}
$isScanImagesFile = false;
if (!$isPHP && preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png|sql|js|tbz2?|bz2?|xz|zip|tgz|gz|tar|log|err\\d+)$/', $fileExt)) {
if (wfConfig::get('scansEnabled_scanImages')) {
$isScanImagesFile = true;
} else {
continue;
}
}
$isHighSensitivityFile = false;
if (strtolower($fileExt) == 'sql') {
if (wfConfig::get('scansEnabled_highSense')) {
$isHighSensitivityFile = true;
} else {
continue;
}
}
if (wfUtils::fileTooBig($this->path . $file)) {
//We can't use filesize on 32 bit systems for files > 2 gigs
//We should not need this check because files > 2 gigs are not hashed and therefore won't be received back as unknowns from the API server
//But we do it anyway to be safe.
wordfence::status(2, 'error', "Encountered file that is too large: {$file} - Skipping.");
continue;
}
wfUtils::beginProcessingFile($file);
$fsize = filesize($this->path . $file);
//Checked if too big above
if ($fsize > 1000000) {
$fsize = sprintf('%.2f', $fsize / 1000000) . "M";
} else {
$fsize = $fsize . "B";
}
if (function_exists('memory_get_usage')) {
wordfence::status(4, 'info', "Scanning contents: {$file} (Size:{$fsize} Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
} else {
wordfence::status(4, 'info', "Scanning contents: {$file} (Size: {$fsize})");
}
$stime = microtime(true);
$fh = @fopen($this->path . $file, 'r');
if (!$fh) {
continue;
}
$totalRead = 0;
$dataForFile = $this->dataForFile($file);
while (!feof($fh)) {
$data = fread($fh, 1 * 1024 * 1024);
//read 1 megs max per chunk
$totalRead += strlen($data);
if ($totalRead < 1) {
break;
//.........这里部分代码省略.........
开发者ID:VizualAbstract,项目名称:Marilyn,代码行数:101,代码来源:wordfenceScanner.php
示例8:
<?php
if (!wfUtils::isAdmin()) {
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head>
<title>Wordfence System Info</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel='stylesheet' id='wordfence-main-style-css' href='<?php
echo wfUtils::getBaseURL();
?>
/css/phpinfo.css?ver=<?php
echo WORDFENCE_VERSION;
?>
' type='text/css' media='all' />
<body>
<?php
ob_start();
phpinfo(INFO_ALL);
$out = ob_get_clean();
$out = str_replace('width="600"', 'width="900"', $out);
$out = preg_replace('/<hr.*?PHP Credits.*?<\\/h1>/s', '', $out);
$out = preg_replace('/<a [^>]+>/', '', $out);
$out = preg_replace('/<\\/a>/', '', $out);
$out = preg_replace('/<title>[^<]*<\\/title>/', '', $out);
echo $out;
?>
<div class="diffFooter">© 2011 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
开发者ID:roycocup,项目名称:enclothed,代码行数:31,代码来源:sysinfo.php
示例9: restoreReadmeForUpgrade
/**
* This is the only hook I see to tie into WP's core update process.
* Since we hide the readme.html to prevent the WordPress version from being discovered, it breaks the upgrade
* process because it cannot copy the previous readme.html.
*
* @param string $string
* @return string
*/
public static function restoreReadmeForUpgrade($string)
{
static $didRun;
if (!isset($didRun)) {
$didRun = true;
wfUtils::showReadme();
register_shutdown_function('wfUtils::hideReadme');
}
return $string;
}
开发者ID:ashenkar,项目名称:sanga,代码行数:18,代码来源:wordfenceClass.php
示例10: gethostbyname
<?php
if (!wfUtils::isAdmin()) {
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head>
<title>Wordfence Connectivity Tester</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<body>
<h1>Wordfence connectivity tester</h1>
<br /><br />
DNS lookup for noc1.wordfence.com returns: <?php
echo gethostbyname('noc1.wordfence.com');
?>
<br /><br />
<?php
$curlContent = "";
function curlWrite($h, $d)
{
global $curlContent;
$curlContent .= $d;
return strlen($d);
}
function doWPostTest($protocol)
{
echo "<br /><b>Starting wp_remote_post() test</b><br />\n";
$cronURL = admin_url('admin-ajax.php');
$cronURL = preg_replace('/^(https?:\\/\\/)/i', '://noc1.wordfence.com/scanptest/', $cronURL);
开发者ID:roycocup,项目名称:enclothed,代码行数:31,代码来源:conntest.php
示例11: toSQL
/**
* Return a set of where clauses to use in MySQL.
*
* @param string $column
* @return false|null|string
*/
public function toSQL($column = 'ip')
{
/** @var wpdb $wpdb */
global $wpdb;
$ip_string = $this->getIPString();
if (strpos($ip_string, '.') !== false && preg_match('/\\[\\d+\\-\\d+\\]/', $ip_string)) {
$whiteParts = explode('.', $ip_string);
$sql = "(SUBSTR({$column}, 1, 12) = LPAD(CHAR(0xff, 0xff), 12, CHAR(0)) AND ";
for ($i = 0, $j = 24; $i <= 3; $i++, $j -= 8) {
// MySQL can only perform bitwise operations on integers
$conv = sprintf('CAST(CONV(HEX(SUBSTR(%s, 13, 8)), 16, 10) as UNSIGNED INTEGER)', $column);
if (preg_match('/^\\[(\\d+)\\-(\\d+)\\]$/', $whiteParts[$i], $m)) {
$sql .= $wpdb->prepare("{$conv} >> {$j} & 0xFF BETWEEN %d AND %d", $m[1], $m[2]);
} else {
$sql .= $wpdb->prepare("{$conv} >> {$j} & 0xFF = %d", $whiteParts[$i]);
}
$sql .= ' AND ';
}
$sql = substr($sql, 0, -5) . ')';
return $sql;
} else {
if (strpos($ip_string, ':') !== false && preg_match('/\\[[a-f0-9]+\\-[a-f0-9]+\\]/', $ip_string)) {
$whiteParts = explode(':', strtolower(self::expandIPv6Range($ip_string)));
$sql = '(';
for ($i = 0; $i <= 7; $i++) {
// MySQL can only perform bitwise operations on integers
$conv = sprintf('CAST(CONV(HEX(SUBSTR(%s, %d, 8)), 16, 10) as UNSIGNED INTEGER)', $column, $i < 4 ? 1 : 9);
$j = 16 * (3 - $i % 4);
if (preg_match('/^\\[([a-f0-9]+)\\-([a-f0-9]+)\\]$/', $whiteParts[$i], $m)) {
$sql .= $wpdb->prepare("{$conv} >> {$j} & 0xFFFF BETWEEN 0x%x AND 0x%x", hexdec($m[1]), hexdec($m[2]));
} else {
$sql .= $wpdb->prepare("{$conv} >> {$j} & 0xFFFF = 0x%x", hexdec($whiteParts[$i]));
}
$sql .= ' AND ';
}
$sql = substr($sql, 0, -5) . ')';
return $sql;
}
}
return $wpdb->prepare("({$column} = %s)", wfUtils::inet_pton($ip_string));
}
开发者ID:TomFarrow,项目名称:wordpress-stackable,代码行数:47,代码来源:wfLog.php
示例12:
?>
7&dir=<?php
echo $sortIDX == 7 && $sortDir == 'fwd' ? 'rev' : 'fwd';
?>
">Permissions</a></th>
<th><a href="<?php
echo $sortLink;
?>
1&dir=<?php
echo $sortIDX == 1 && $sortDir == 'fwd' ? 'rev' : 'fwd';
?>
">Full file path</a></th>
</tr>
<?php
for ($i = 0; $i < sizeof($files); $i++) {
echo '<tr><td>' . wfUtils::formatBytes($files[$i][2]) . '</td><td>' . wfUtils::makeTimeAgo(time() - $files[$i][3]) . ' ago.</td><td>' . $files[$i][5] . '</td><td>' . $files[$i][6] . '</td><td>' . $files[$i][7] . '</td><td><a href="' . $files[$i][4] . '" target="_blank">' . $files[$i][1] . '</a></td></tr>';
}
echo "</table>";
} else {
?>
<p style="margin: 40px; font-size: 20px;">
You either have not completed a scan recently, or there were no files found on your system that are not in the WordPress official repository for Core files, themes and plugins.
</p>
<?php
}
?>
<div class="diffFooter">© 2011 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
</body>
</html>
开发者ID:roycocup,项目名称:enclothed,代码行数:30,代码来源:unknownFiles.php
示例13: wfHash
public static function wfHash($file)
{
wfUtils::errorsOff();
$md5 = @md5_file($file, false);
wfUtils::errorsOn();
if (!$md5) {
return false;
}
$fp = @fopen($file, "rb");
if (!$fp) {
return false;
}
$ctx = hash_init('sha256');
while (!feof($fp)) {
hash_update($ctx, str_replace(array("\n", "\r", "\t", " "), "", fread($fp, 65536)));
}
$shac = hash_final($ctx, false);
return array($md5, $shac);
}
开发者ID:adams0917,项目名称:woocommerce_eht,代码行数:19,代码来源:wordfenceHash.php
示例14: htaccess
public static function htaccess()
{
if (is_readable(ABSPATH . '/.htaccess') && !wfUtils::isNginx()) {
return file_get_contents(ABSPATH . '/.htaccess');
}
return "";
}
开发者ID:VizualAbstract,项目名称:Marilyn,代码行数:7,代码来源:wfUtils.php
示例15: wp_create_nonce
<ul>
<li>
<a href="<?php
echo wfUtils::siteURLRelative();
?>
?_wfsf=sysinfo&nonce=<?php
echo wp_create_nonce('wp-ajax');
?>
"
target="_blank">Click to view your system's configuration in a new window</a>
<a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_configuration_in_a_new_window"
target="_blank" class="wfhelp"></a></li>
<li>
<a href="<?php
echo wfUtils::siteURLRelative();
?>
?_wfsf=testmem&nonce=<?php
echo wp_create_nonce('wp-ajax');
?>
"
target="_blank">Test your WordPress host's available memory</a>
<a href="http://docs.wordfence.com/en/Wordfence_options#Test_your_WordPress_host.27s_available_memory"
target="_blank" class="wfhelp"></a>
</li>
<li>
Send a test email from this WordPress server to an email address:<a
href="http://docs.wordfence.com/en/Wordfence_options#Send_a_test_email_from_this_WordPress_server_to_an_email_address"
target="_blank" class="wfhelp"></a>
<input type="text" id="testEmailDest" value="" size="20" maxlength="255" class="wfConfigElem"/>
<input class="button" type="button" value="Send Test Email"
开发者ID:GafaMX,项目名称:operaciondespierta.org,代码行数:30,代码来源:menu_diagnostic.php
示例16:
<?php
if (!wfUtils::isNginx()) {
?>
<a href="#" onclick="WFAD.disableDirectoryListing('${id}'); return false;">Fix this issue</a>
<?php
}
?>
<a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</a>
<a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreC'); return false;">Ignore this issue</a>
{{/if}}
{{if status == 'ignoreC' || status == 'ignoreP'}}
<a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring this issue</a>
{{/if}}
</div>
<?php
if (!wfUtils::isNginx()) {
?>
{{if (status == 'new')}}
<div class="wfIssueOptions">
<strong style="width: auto;">Manual Fix:</strong>
Add <code>Options -Indexes</code> to your .htaccess file.
</div>
{{/if}}
<?php
}
?>
</div>
</div>
</script>
开发者ID:ashenkar,项目名称:sanga,代码行数:31,代码来源:menu_scan.php
示例17: scan
public function scan($forkObj)
{
if (!$this->startTime) {
$this->startTime = microtime(true);
}
if (!$this->lastStatusTime) {
$this->lastStatusTime = microtime(true);
}
$db = new wfDB();
$lastCount = 'whatever';
$excludePattern = false;
if (wfConfig::get('scan_exclude', false)) {
$exParts = explode(',', wfConfig::get('scan_exclude'));
foreach ($exParts as &$exPart) {
$exPart = preg_quote($exPart);
$exPart = preg_replace('/\\\\\\*/', '.*', $exPart);
}
$excludePattern = '/^(?:' . implode('|', $exParts) . ')$/i';
}
while (true) {
$thisCount = $db->querySingle("select count(*) from " . $db->prefix() . "wfFileMods where oldMD5 != newMD5 and knownFile=0");
if ($thisCount == $lastCount) {
//count should always be decreasing. If not, we're in an infinite loop so lets catch it early
break;
}
$lastCount = $thisCount;
$res1 = $db->querySelect("select filename, filenameMD5, hex(newMD5) as newMD5 from " . $db->prefix() . "wfFileMods where oldMD5 != newMD5 and knownFile=0 limit 500");
if (sizeof($res1) < 1) {
break;
}
foreach ($res1 as $rec1) {
$db->queryWrite("update " . $db->prefix() . "wfFileMods set oldMD5 = newMD5 where filenameMD5='%s'", $rec1['filenameMD5']);
//A way to mark as scanned so that if we come back from a sleep we don't rescan this one.
$file = $rec1['filename'];
if ($excludePattern && preg_match($excludePattern, $file)) {
continue;
}
$fileSum = $rec1['newMD5'];
if (!file_exists($this->path . $file)) {
continue;
}
$fileExt = '';
if (preg_match('/\\.([a-zA-Z\\d\\-]{1,7})$/', $file, $matches)) {
$fileExt = strtolower($matches[1]);
}
$isPHP = false;
if (preg_match('/^(?:php|phtml|php\\d+)$/', $fileExt)) {
$isPHP = true;
}
$dontScanForURLs = false;
if (!wfConfig::get('scansEnabled_highSense') && (preg_match('/^(?:\\.htaccess|wp\\-config\\.php)$/', $file) || preg_match('/^(?:sql|tbz|tgz|gz|tar|log|err\\d+)$/', $fileExt))) {
$dontScanForURLs = true;
}
if (preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png)$/', $fileExt) && !wfConfig::get('scansEnabled_scanImages')) {
continue;
}
if (!wfConfig::get('scansEnabled_highSense') && strtolower($fileExt) == 'sql') {
//
continue;
}
if (wfUtils::fileTooBig($this->path . $file)) {
//We can't use filesize on 32 bit systems for files > 2 gigs
//We should not need this check because files > 2 gigs are not hashed and therefore won't be received back as unknowns from the API server
//But we do it anyway to be safe.
wordfence::status(2, 'error', "Encountered file that is too large: {$file} - Skipping.");
continue;
}
$fsize = filesize($this->path . $file);
//Checked if too big above
if ($fsize > 1000000) {
$fsize = sprintf('%.2f', $fsize / 1000000) . "M";
} else {
$fsize = $fsize . "B";
}
if (function_exists('memory_get_usage')) {
wordfence::status(4, 'info', "Scanning contents: {$file} (Size:{$fsize} Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
} else {
wordfence::status(4, 'info', "Scanning contents: {$file} (Size: {$fsize})");
}
$stime = microtime(true);
$fh = @fopen($this->path . $file, 'r');
if (!$fh) {
continue;
}
$totalRead = 0;
while (!feof($fh)) {
$data = fread($fh, 1 * 1024 * 1024);
//read 1 megs max per chunk
$totalRead += strlen($data);
if ($totalRead < 1) {
break;
}
if ($isPHP || wfConfig::get('scansEnabled_scanImages')) {
if (strpos($data, '$allowed' . 'Sites') !== false && strpos($data, "define ('VER" . "SION', '1.") !== false && strpos($data, "TimThum" . "b script created by") !== false) {
if (!$this->isSafeFile($this->path . $file)) {
$this->addResult(array('type' => 'file', 'severity' => 1, 'ignoreP' => $this->path . $file, 'ignoreC' => $fileSum, 'shortMsg' => "File is an old version of TimThumb which is vulnerable.", 'longMsg' => "This file appears to be an old version of the TimThumb script which makes your system vulnerable to attackers. Please upgrade the theme or plugin that uses this or remove it.", 'data' => array('file' => $file, 'canDiff' => false, 'canFix' => false, 'canDelete' => true)));
break;
}
} else {
if (strpos($file, 'lib/wordfenceScanner.php') === false && preg_match($this->patterns['sigPattern'], $data, $matches)) {
//.........这里部分代码省略.........
开发者ID:HandsomeDogStudio,项目名称:peanutbutterplan,代码行数:101,代码来源:wordfenceScanner.php
示例18: startScan
public static function startScan($isFork = false)
{
if (!$isFork) {
//beginning of scan
wfConfig::inc('totalScansRun');
wfConfig::set('wfKillRequested', 0);
wordfence::status(4, 'info', "Entering start scan routine");
if (wfUtils::isScanRunning()) {
return "A scan is already running. Use the kill link if you would like to terminate the current scan.";
}
}
$timeout = self::getMaxExecutionTime() - 2;
//2 seconds shorter than max execution time which ensures that only 2 HTTP processes are ever occupied
$testURL = admin_url('admin-ajax.php?action=wordfence_testAjax');
if (!wfConfig::get('startScansRemotely', false)) {
$testResult = wp_remote_post($testURL, array('timeout' => $timeout, 'blocking' => true, 'sslverify' => false, 'headers' => array()));
wordfence::status(4, 'info', "Test result of scan start URL fetch: " . var_export($testResult, true));
}
$cronKey = wfUtils::bigRandomHex();
wfConfig::set('currentCronKey', time() . ',' . $cronKey);
if (!wfConfig::get('startScansRemotely', false) && !is_wp_error($testResult) && is_array($testResult) && strstr($testResult['body'], 'WFSCANTESTOK') !== false) {
//ajax requests can be sent by the server to itself
$cronURL = 'admin-ajax.php?action=wordfence_doScan&isFork=' . ($isFork ? '1' : '0') . '&cronKey=' . $cronKey;
$cronURL = admin_url($cronURL);
$headers = array();
wordfence::status(4, 'info', "Starting cron with normal ajax at URL {$cronURL}");
wp_remote_get($cronURL, array('timeout' => $timeout, 'blocking' => true, 'sslverify' => false, 'headers' => $headers));
wordfence::status(4, 'info', "Scan process ended after forking.");
} else {
$cronURL = admin_url('admin-ajax.php');
$cronURL = preg_replace('/^(https?:\\/\\/)/i', '$1noc1.wordfence.com/scanp/', $cronURL);
$cronURL .= '?action=wordfence_doScan&isFork=' . ($isFork ? '1' : '0') . '&cronKey=' . $cronKey;
$headers = array();
wordfence::status(4, 'info', "Starting cron via proxy at URL {$cronURL}");
wp_remote_get($cronURL, array('timeout' => $timeout, 'blocking' => true, 'sslverify' => false, 'headers' => $headers));
wordfence::status(4, 'info', "Scan process ended after forking.");
}
return false;
//No error
}
开发者ID:rinodung,项目名称:myfreetheme,代码行数:40,代码来源:wfScanEngine.php
示例19: id
<div data-bind="if: !groupBy()">
<div id="wf-lt-listings" data-bind="foreach: listings">
<div data-bind="attr: { id: ('wfActEvent_' + id()), 'class': cssClasses }">
<table border="0" cellpadding="1" cellspacing="0">
<tr>
<td>
<span data-bind="if: action() != 'loginOK' && user()">
<span data-bind="html: user.avatar" class="wfAvatar"></span>
<a data-bind="attr: { href: user.editLink }, text: user().display_name"
target="_blank"></a>
</span>
<span data-bind="if: loc()">
<span data-bind="if: action() != 'loginOK' && user()"> in</span>
<img data-bind="attr: { src: '<?php
echo wfUtils::getBaseURL() . 'images/flags/';
?>
' + loc().countryCode.toLowerCase() + '.png',
alt: loc().countryName, title: loc().countryName }" width="16"
height="11"
class="wfFlag"/>
<a data-bind="text: (loc().city ? loc().city + ', ' : '') + loc().countryName,
attr: { href: 'http://maps.google.com/maps?q=' + loc().lat + ',' + loc().lon + '&z=6' }"
target="_blank"></a>
</span>
<span data-bind="if: !loc()">
<span
data-bind="text: action() != 'loginOK' && user() ? 'at an' : 'An'"></span> unknown location at IP <a
data-bind="text: IP, attr: { href: WFAD.makeIPTrafLink(IP()) }"
target="_blank"></a>
</span>
开发者ID:GafaMX,项目名称:operaciondespierta.org,代码行数:30,代码来源:menu_activity.php
示例20: foreach
<th>Block Count</th>
</tr>
</thead>
<tbody>
<?php
if ($top_ips_blocked) {
?>
<?php
foreach ($top_ips_blocked as $row) {
?>
<tr class="<?php
echo wfHelperString::cycle('odd', 'even');
?>
">
<td><code><?php
echo wfUtils::inet_ntop($row->IP);
?>
</code></td>
<td>
<?php
if ($row->countryCode) {
?>
<img src="//www.wordfence.com/images/flags/<?php
echo esc_attr(strtolower($row->countryCode));
?>
.png" class="wfFlag" height="11" width="16" alt="<?php
echo esc_attr($row->countryName);
?>
" title="<?php
echo esc_attr($row->countryName);
?>
开发者ID:arobbins,项目名称:davis,代码行数:31,代码来源:activity-report.php
注:本文中的wfUtils类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论