AntiVirus - Version 1.4.0

Version Description

Download this release

Release Info

Developer patrickrobrecht
Plugin Icon 128x128 AntiVirus
Version 1.4.0
Comparing to
See all releases

Code changes from version 1.3.10 to 1.4.0

Files changed (12) hide show
  1. CHANGELOG.md +224 -0
  2. LICENSE.txt +339 -0
  3. README.md +17 -49
  4. antivirus.php +20 -1039
  5. css/style.css +91 -94
  6. css/style.min.css +1 -1
  7. inc/class-antivirus-checkinternals.php +320 -0
  8. inc/class-antivirus-checksumverifier.php +175 -0
  9. inc/class-antivirus-safebrowsing.php +127 -0
  10. inc/class-antivirus.php +824 -0
  11. js/script.js +206 -180
  12. js/script.min.js +11 -1
CHANGELOG.md ADDED
@@ -0,0 +1,224 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # Changelog
2
+
3
+ ### 1.4.0 ###
4
+ * **English**
5
+ * Option to provide a custom key for the Google Safe Browsing API
6
+ * Scan files of parent theme if a child theme is active
7
+ * Verify checksums of WP core files (integrated functionality from _Checksum Verifier_ plugin)
8
+ * Ability to enable _Safe Browsing_ and _Checksum Verifier_ as cronjob without Theme scan
9
+ * **Deutsch**
10
+ * Möglichkeit einen eigenen Schlüssel für die Google Safe Browsing API zu verwenden
11
+ * Dateien des übergeordneten Themes scannen, falls ein Child-Theme aktiv ist
12
+ * Verifiziere Prüfsummen der WP Core Dateien (Funktionalität des _Checksum Verifier_ Plugins integriert)
13
+ * Möglichkeit _Safe Browsing_ und _Checksum Verifier_ als Cronjob ohne Theme-Scan zu aktivieren
14
+
15
+
16
+ ### 1.3.10 ###
17
+ * **English**
18
+ * Updated PayPal link for donations
19
+ * Improve coding standards
20
+ * Translation fixes, improvements and cleanups
21
+ * Better documentation
22
+ * Some minor markup, styling, accessibility and security improvements
23
+ * Update to Safe Browsing API v4 (fixing false positive email notifications)
24
+ * PHP 7.x compatibility fixes
25
+ * Better regex to prevent false positives in file scans
26
+ * **Deutsch**
27
+ * Aktualisierung des PayPal Senden-Buttons
28
+ * Verbesserung der Coding-Standards
29
+ * Kleinere Korrektur und Verbesserungen an den Übersetzungen
30
+ * Bessere Dokumentation
31
+ * Einige kleine Verbesserungen an Markup, Styles, Barrierefreiheit und Sicherheit
32
+ * Aktualisierung der Safe-Browsing-API auf Version 4 (zur Verhinderung von False-Positive E-Mail-Benachrichtigungen)
33
+ * PHP 7.x Kompatibilitätsanpassungen
34
+ * Ein besserer regulärer Ausdruck zur Vermeidung von False-Positives beim Datei-Scan
35
+
36
+ ### 1.3.9 ###
37
+ * **English**
38
+ * generated a POT file
39
+ * added German formal translation
40
+ * updated, translated + formatted README.md
41
+ * updated expired link URLs in plugin and languages files
42
+ * updated [plugin authors](https://pluginkollektiv.org/hello-world/)
43
+ * **Deutsch**
44
+ * Eine POT-Datei erstellt
45
+ * formale deutsche Übersetzung (Sie) hinzugefügt
46
+ * README.md aktualisiert, übersetzt und formatiert
47
+ * Abgelaufene Link-Adressen in dem Plug-in und in den Sprachdateien aktualisiert
48
+ * [Plugin Author](https://pluginkollektiv.org/de/hallo-welt/) aktualisiert
49
+
50
+ ### 1.3.8 ###
51
+ * **English**
52
+ * Detection and warning for the [MailPoet Vulnerability](http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html)
53
+ * **Deutsch**
54
+ * Erkennung der [MailPoet-Sicherheitslücke](http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html)
55
+
56
+ ### 1.3.7 ###
57
+ * **English**
58
+ * Update the Google Safe Browsing Lookup API to v3.1
59
+ * **Deutsch**
60
+ * Aktualisierung auf Safe Browsing Lookup API 3.1
61
+
62
+ ### 1.3.6 ###
63
+ * **English**
64
+ * Code revision and data validation
65
+ * **Deutsch**
66
+ * Code-Revision und Datenvalidierung
67
+
68
+ ### 1.3.5 ###
69
+ * **English**
70
+ * Optimizations for WordPress 3.8
71
+ * **Deutsch**
72
+ * Optimierungen für WordPress 3.8
73
+
74
+ ### 1.3.4 ###
75
+ * **English**
76
+ * [Google Safe Browsing](http://en.wikipedia.org/wiki/Google_Safe_Browsing) for malware and phishing monitoring with e-mail notification.
77
+ [Additional information](https://antivirus.pluginkollektiv.org/2013/05/08/new-features-in-antivirus-for-wordpress/)
78
+ * **Deutsch**
79
+ * Benachrichtigung per E-Mail, sobald [Google Safe Browsing](http://en.wikipedia.org/wiki/Google_Safe_Browsing) Malware im Blog erkennt.
80
+ [Mehr](https://antivirus.pluginkollektiv.org/de/2013/05/08/neue-funktion-im-antivirus-fuer-wordpress/)
81
+
82
+ ### 1.3.3 ###
83
+ * **English**
84
+ * Add inspection for iFrames
85
+ * Retina support for teaser and screenshot
86
+ * **Deutsch**
87
+ * Inspektion für iFrames hinzugefügt
88
+ * Retina-Unterstützung für Teaser und Screenshot
89
+
90
+ ### 1.3.2 ###
91
+ * **English**
92
+ * Remove the check for include and require commands (#wpforce)
93
+ * **Deutsch**
94
+ * Überprüfung für include und require Befehle entfernt (#wpforce)
95
+
96
+ ### 1.3.1 ###
97
+ * **English**
98
+ * Compatibility with WordPress 3.4
99
+ * High-resolution plugin icon for retina displays
100
+ * Remove icon from the admin sidebar
101
+ * System requirements: From PHP 5.0 to PHP 5.1
102
+ * **Deutsch**
103
+ * Kompatibilität mit Wordpress 3.4
104
+ * Hochauflösendes Plugin Symbol für Retina-Bildschirme
105
+ * Symbol aus der Admin-Sidebar entfernbar
106
+ * Systemvorraussetzungen: von PHP 5.0 auf PHP 5.1 angehoben
107
+
108
+ ### 1.3 ###
109
+ * **English**
110
+ * Xmas Edition
111
+ * **Deutsch**
112
+ * Weihnachtsausgabe
113
+
114
+ ### 1.2 ###
115
+ * **English**
116
+ * "Virus suspected" alert in the admin bar
117
+ * Fix for the manual scan link on dashboard
118
+ * More detailed checks for existing malware
119
+ * Code adjustments for WordPress 3.3
120
+ * **Deutsch**
121
+ * "Virusverdacht" Alarm in der Admin-Bar
122
+ * Den manuellen Prüfen-Link auf dem Dashboard behoben
123
+ * Genauere Prüfung für bekannte Malware
124
+ * Quelltextanpassungen für Wordpress 3.3
125
+
126
+ ### 1.1 ###
127
+ * **English**
128
+ * Testing for templates with empty content
129
+ * Minimum requirement upgraded to 2.8 and PHP5
130
+ * Code improvements for more speed
131
+ * GUI changes
132
+ * **Deutsch**
133
+ * Tests für Vorlagen mit leerem Inhalt
134
+ * Mindestvorrausetzungen auf 2.8 und PHP5 angehoben
135
+ * Quelltext-Verbesserungen für mehr Geschwindigkeit
136
+ * Benutzeroberflächen-Änderungen
137
+
138
+ ### 1.0 ###
139
+ * **English**
140
+ * More security checks (Email & Regexp)
141
+ * **Deutsch**
142
+ * Mehr Sicherheitskontrollen (E-Mail & Regexp)
143
+
144
+ ### 0.9 ###
145
+ * **English**
146
+ * Changes for the current WordPress virus
147
+ * **Deutsch**
148
+ * Änderungen für den aktuellen Wordpress-Virus
149
+
150
+ ### 0.8 ###
151
+ * **English**
152
+ * Support for WordPress 3.0
153
+ * System requirements: WordPress 2.7
154
+ * Code optimization
155
+ * **Deutsch**
156
+ * WordPress 3.0 Unterstützung
157
+ * Systemvorraussetzung: WordPress 2.7
158
+ * Quelltext optimiert
159
+
160
+ ### 0.7 ###
161
+ * **English**
162
+ * Advanced templates check
163
+ * **Deutsch**
164
+ * Erweiterte Vorlagen-Prüfungen
165
+
166
+ ### 0.6 ###
167
+ * **English**
168
+ * WordPress 2.9 support
169
+ * **Deutsch**
170
+ * Unterstützung für WordPress 2.9
171
+
172
+ ### 0.5 ###
173
+ * **English**
174
+ * Add security scan for the current [WordPress permalink back door](http://mashable.com/2009/09/05/wordpress-attack/)
175
+ * Software architecture changes
176
+ * **Deutsch**
177
+ * Sicherheits-Überprüfung für die aktuelle [Wordpress Permalink Hintertür](http://mashable.com/2009/09/05/wordpress-attack/) hinzugefügt
178
+ * Software-Architektur Änderungen
179
+
180
+ ### 0.4 ###
181
+ * **English**
182
+ * Adds support for WordPress new changelog readme.txt standard
183
+ * Various changes for more speed, usability and security
184
+ * **Deutsch**
185
+ * Unterstützung für den neuen Changelog readme.txt Standard von Wordpress
186
+ * Verschiedene Änderungen für mehr Geschwindigkeit, Benutzerfreundlichkeit und Sicherheit
187
+
188
+ ### 0.3 ###
189
+ * **English**
190
+ * Add alternate e-mail address (admin e-mail address as default)
191
+ * Admin notice on dashboard where it has found the virus suspicion
192
+ * Added blog URL in e-mail
193
+ * WordPress 2.8 support
194
+ * Check for hidden iframes
195
+ * Bugfix for IE problem with box positions
196
+ * Cleanup the source code
197
+ * Language support for Persian
198
+ * **Deutsch**
199
+ * Möglichkeit eine alternative E-Mail-Adresse hinzuzufügen (Admin E-Mail-Adresse als Standard)
200
+ * Admin Mitteilung auf dem Dashboard, wo ein Virus-Verdacht gefunden wurde
201
+ * Blog-URL in E-Mail hinzugefügt
202
+ * Unterstützung von WordPress 2.8
203
+ * Überprüfung nach versteckten Iframes
204
+ * Fehlerbehebung für IE Problem mit Box-Positionen
205
+ * Bereinigung des Quelltextes
206
+ * Sprachunterstützung für Persisch
207
+
208
+ ### 0.2 ###
209
+ * **English**
210
+ * Whitelist: Mark the suspicion as "No virus"
211
+ * Improving the output formatting
212
+ * Add WPlize library for option data
213
+ * Language support for Italian
214
+ * **Deutsch**
215
+ * Weiße Liste: Einen Verdacht als "kein Virus" markieren
216
+ * Verbesserung der Ausgabeformatierung
217
+ * WPlize Bibliothek für Optionsdaten hinzugefügt
218
+ * Sprachunterstützung für Italienisch
219
+
220
+ ### 0.1 ###
221
+ * **English**
222
+ * AntiVirus for WordPress goes online
223
+ * **Deutsch**
224
+ * AntiVirus für Wordpress geht online
LICENSE.txt ADDED
@@ -0,0 +1,339 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ GNU GENERAL PUBLIC LICENSE
2
+ Version 2, June 1991
3
+
4
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc., <http://fsf.org/>
5
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
6
+ Everyone is permitted to copy and distribute verbatim copies
7
+ of this license document, but changing it is not allowed.
8
+
9
+ Preamble
10
+
11
+ The licenses for most software are designed to take away your
12
+ freedom to share and change it. By contrast, the GNU General Public
13
+ License is intended to guarantee your freedom to share and change free
14
+ software--to make sure the software is free for all its users. This
15
+ General Public License applies to most of the Free Software
16
+ Foundation's software and to any other program whose authors commit to
17
+ using it. (Some other Free Software Foundation software is covered by
18
+ the GNU Lesser General Public License instead.) You can apply it to
19
+ your programs, too.
20
+
21
+ When we speak of free software, we are referring to freedom, not
22
+ price. Our General Public Licenses are designed to make sure that you
23
+ have the freedom to distribute copies of free software (and charge for
24
+ this service if you wish), that you receive source code or can get it
25
+ if you want it, that you can change the software or use pieces of it
26
+ in new free programs; and that you know you can do these things.
27
+
28
+ To protect your rights, we need to make restrictions that forbid
29
+ anyone to deny you these rights or to ask you to surrender the rights.
30
+ These restrictions translate to certain responsibilities for you if you
31
+ distribute copies of the software, or if you modify it.
32
+
33
+ For example, if you distribute copies of such a program, whether
34
+ gratis or for a fee, you must give the recipients all the rights that
35
+ you have. You must make sure that they, too, receive or can get the
36
+ source code. And you must show them these terms so they know their
37
+ rights.
38
+
39
+ We protect your rights with two steps: (1) copyright the software, and
40
+ (2) offer you this license which gives you legal permission to copy,
41
+ distribute and/or modify the software.
42
+
43
+ Also, for each author's protection and ours, we want to make certain
44
+ that everyone understands that there is no warranty for this free
45
+ software. If the software is modified by someone else and passed on, we
46
+ want its recipients to know that what they have is not the original, so
47
+ that any problems introduced by others will not reflect on the original
48
+ authors' reputations.
49
+
50
+ Finally, any free program is threatened constantly by software
51
+ patents. We wish to avoid the danger that redistributors of a free
52
+ program will individually obtain patent licenses, in effect making the
53
+ program proprietary. To prevent this, we have made it clear that any
54
+ patent must be licensed for everyone's free use or not licensed at all.
55
+
56
+ The precise terms and conditions for copying, distribution and
57
+ modification follow.
58
+
59
+ GNU GENERAL PUBLIC LICENSE
60
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
61
+
62
+ 0. This License applies to any program or other work which contains
63
+ a notice placed by the copyright holder saying it may be distributed
64
+ under the terms of this General Public License. The "Program", below,
65
+ refers to any such program or work, and a "work based on the Program"
66
+ means either the Program or any derivative work under copyright law:
67
+ that is to say, a work containing the Program or a portion of it,
68
+ either verbatim or with modifications and/or translated into another
69
+ language. (Hereinafter, translation is included without limitation in
70
+ the term "modification".) Each licensee is addressed as "you".
71
+
72
+ Activities other than copying, distribution and modification are not
73
+ covered by this License; they are outside its scope. The act of
74
+ running the Program is not restricted, and the output from the Program
75
+ is covered only if its contents constitute a work based on the
76
+ Program (independent of having been made by running the Program).
77
+ Whether that is true depends on what the Program does.
78
+
79
+ 1. You may copy and distribute verbatim copies of the Program's
80
+ source code as you receive it, in any medium, provided that you
81
+ conspicuously and appropriately publish on each copy an appropriate
82
+ copyright notice and disclaimer of warranty; keep intact all the
83
+ notices that refer to this License and to the absence of any warranty;
84
+ and give any other recipients of the Program a copy of this License
85
+ along with the Program.
86
+
87
+ You may charge a fee for the physical act of transferring a copy, and
88
+ you may at your option offer warranty protection in exchange for a fee.
89
+
90
+ 2. You may modify your copy or copies of the Program or any portion
91
+ of it, thus forming a work based on the Program, and copy and
92
+ distribute such modifications or work under the terms of Section 1
93
+ above, provided that you also meet all of these conditions:
94
+
95
+ a) You must cause the modified files to carry prominent notices
96
+ stating that you changed the files and the date of any change.
97
+
98
+ b) You must cause any work that you distribute or publish, that in
99
+ whole or in part contains or is derived from the Program or any
100
+ part thereof, to be licensed as a whole at no charge to all third
101
+ parties under the terms of this License.
102
+
103
+ c) If the modified program normally reads commands interactively
104
+ when run, you must cause it, when started running for such
105
+ interactive use in the most ordinary way, to print or display an
106
+ announcement including an appropriate copyright notice and a
107
+ notice that there is no warranty (or else, saying that you provide
108
+ a warranty) and that users may redistribute the program under
109
+ these conditions, and telling the user how to view a copy of this
110
+ License. (Exception: if the Program itself is interactive but
111
+ does not normally print such an announcement, your work based on
112
+ the Program is not required to print an announcement.)
113
+
114
+ These requirements apply to the modified work as a whole. If
115
+ identifiable sections of that work are not derived from the Program,
116
+ and can be reasonably considered independent and separate works in
117
+ themselves, then this License, and its terms, do not apply to those
118
+ sections when you distribute them as separate works. But when you
119
+ distribute the same sections as part of a whole which is a work based
120
+ on the Program, the distribution of the whole must be on the terms of
121
+ this License, whose permissions for other licensees extend to the
122
+ entire whole, and thus to each and every part regardless of who wrote it.
123
+
124
+ Thus, it is not the intent of this section to claim rights or contest
125
+ your rights to work written entirely by you; rather, the intent is to
126
+ exercise the right to control the distribution of derivative or
127
+ collective works based on the Program.
128
+
129
+ In addition, mere aggregation of another work not based on the Program
130
+ with the Program (or with a work based on the Program) on a volume of
131
+ a storage or distribution medium does not bring the other work under
132
+ the scope of this License.
133
+
134
+ 3. You may copy and distribute the Program (or a work based on it,
135
+ under Section 2) in object code or executable form under the terms of
136
+ Sections 1 and 2 above provided that you also do one of the following:
137
+
138
+ a) Accompany it with the complete corresponding machine-readable
139
+ source code, which must be distributed under the terms of Sections
140
+ 1 and 2 above on a medium customarily used for software interchange; or,
141
+
142
+ b) Accompany it with a written offer, valid for at least three
143
+ years, to give any third party, for a charge no more than your
144
+ cost of physically performing source distribution, a complete
145
+ machine-readable copy of the corresponding source code, to be
146
+ distributed under the terms of Sections 1 and 2 above on a medium
147
+ customarily used for software interchange; or,
148
+
149
+ c) Accompany it with the information you received as to the offer
150
+ to distribute corresponding source code. (This alternative is
151
+ allowed only for noncommercial distribution and only if you
152
+ received the program in object code or executable form with such
153
+ an offer, in accord with Subsection b above.)
154
+
155
+ The source code for a work means the preferred form of the work for
156
+ making modifications to it. For an executable work, complete source
157
+ code means all the source code for all modules it contains, plus any
158
+ associated interface definition files, plus the scripts used to
159
+ control compilation and installation of the executable. However, as a
160
+ special exception, the source code distributed need not include
161
+ anything that is normally distributed (in either source or binary
162
+ form) with the major components (compiler, kernel, and so on) of the
163
+ operating system on which the executable runs, unless that component
164
+ itself accompanies the executable.
165
+
166
+ If distribution of executable or object code is made by offering
167
+ access to copy from a designated place, then offering equivalent
168
+ access to copy the source code from the same place counts as
169
+ distribution of the source code, even though third parties are not
170
+ compelled to copy the source along with the object code.
171
+
172
+ 4. You may not copy, modify, sublicense, or distribute the Program
173
+ except as expressly provided under this License. Any attempt
174
+ otherwise to copy, modify, sublicense or distribute the Program is
175
+ void, and will automatically terminate your rights under this License.
176
+ However, parties who have received copies, or rights, from you under
177
+ this License will not have their licenses terminated so long as such
178
+ parties remain in full compliance.
179
+
180
+ 5. You are not required to accept this License, since you have not
181
+ signed it. However, nothing else grants you permission to modify or
182
+ distribute the Program or its derivative works. These actions are
183
+ prohibited by law if you do not accept this License. Therefore, by
184
+ modifying or distributing the Program (or any work based on the
185
+ Program), you indicate your acceptance of this License to do so, and
186
+ all its terms and conditions for copying, distributing or modifying
187
+ the Program or works based on it.
188
+
189
+ 6. Each time you redistribute the Program (or any work based on the
190
+ Program), the recipient automatically receives a license from the
191
+ original licensor to copy, distribute or modify the Program subject to
192
+ these terms and conditions. You may not impose any further
193
+ restrictions on the recipients' exercise of the rights granted herein.
194
+ You are not responsible for enforcing compliance by third parties to
195
+ this License.
196
+
197
+ 7. If, as a consequence of a court judgment or allegation of patent
198
+ infringement or for any other reason (not limited to patent issues),
199
+ conditions are imposed on you (whether by court order, agreement or
200
+ otherwise) that contradict the conditions of this License, they do not
201
+ excuse you from the conditions of this License. If you cannot
202
+ distribute so as to satisfy simultaneously your obligations under this
203
+ License and any other pertinent obligations, then as a consequence you
204
+ may not distribute the Program at all. For example, if a patent
205
+ license would not permit royalty-free redistribution of the Program by
206
+ all those who receive copies directly or indirectly through you, then
207
+ the only way you could satisfy both it and this License would be to
208
+ refrain entirely from distribution of the Program.
209
+
210
+ If any portion of this section is held invalid or unenforceable under
211
+ any particular circumstance, the balance of the section is intended to
212
+ apply and the section as a whole is intended to apply in other
213
+ circumstances.
214
+
215
+ It is not the purpose of this section to induce you to infringe any
216
+ patents or other property right claims or to contest validity of any
217
+ such claims; this section has the sole purpose of protecting the
218
+ integrity of the free software distribution system, which is
219
+ implemented by public license practices. Many people have made
220
+ generous contributions to the wide range of software distributed
221
+ through that system in reliance on consistent application of that
222
+ system; it is up to the author/donor to decide if he or she is willing
223
+ to distribute software through any other system and a licensee cannot
224
+ impose that choice.
225
+
226
+ This section is intended to make thoroughly clear what is believed to
227
+ be a consequence of the rest of this License.
228
+
229
+ 8. If the distribution and/or use of the Program is restricted in
230
+ certain countries either by patents or by copyrighted interfaces, the
231
+ original copyright holder who places the Program under this License
232
+ may add an explicit geographical distribution limitation excluding
233
+ those countries, so that distribution is permitted only in or among
234
+ countries not thus excluded. In such case, this License incorporates
235
+ the limitation as if written in the body of this License.
236
+
237
+ 9. The Free Software Foundation may publish revised and/or new versions
238
+ of the General Public License from time to time. Such new versions will
239
+ be similar in spirit to the present version, but may differ in detail to
240
+ address new problems or concerns.
241
+
242
+ Each version is given a distinguishing version number. If the Program
243
+ specifies a version number of this License which applies to it and "any
244
+ later version", you have the option of following the terms and conditions
245
+ either of that version or of any later version published by the Free
246
+ Software Foundation. If the Program does not specify a version number of
247
+ this License, you may choose any version ever published by the Free Software
248
+ Foundation.
249
+
250
+ 10. If you wish to incorporate parts of the Program into other free
251
+ programs whose distribution conditions are different, write to the author
252
+ to ask for permission. For software which is copyrighted by the Free
253
+ Software Foundation, write to the Free Software Foundation; we sometimes
254
+ make exceptions for this. Our decision will be guided by the two goals
255
+ of preserving the free status of all derivatives of our free software and
256
+ of promoting the sharing and reuse of software generally.
257
+
258
+ NO WARRANTY
259
+
260
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
261
+ FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
262
+ OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
263
+ PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
264
+ OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
265
+ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
266
+ TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
267
+ PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
268
+ REPAIR OR CORRECTION.
269
+
270
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
271
+ WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
272
+ REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
273
+ INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
274
+ OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
275
+ TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
276
+ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
277
+ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
278
+ POSSIBILITY OF SUCH DAMAGES.
279
+
280
+ END OF TERMS AND CONDITIONS
281
+
282
+ How to Apply These Terms to Your New Programs
283
+
284
+ If you develop a new program, and you want it to be of the greatest
285
+ possible use to the public, the best way to achieve this is to make it
286
+ free software which everyone can redistribute and change under these terms.
287
+
288
+ To do so, attach the following notices to the program. It is safest
289
+ to attach them to the start of each source file to most effectively
290
+ convey the exclusion of warranty; and each file should have at least
291
+ the "copyright" line and a pointer to where the full notice is found.
292
+
293
+ {description}
294
+ Copyright (C) {year} {fullname}
295
+
296
+ This program is free software; you can redistribute it and/or modify
297
+ it under the terms of the GNU General Public License as published by
298
+ the Free Software Foundation; either version 2 of the License, or
299
+ (at your option) any later version.
300
+
301
+ This program is distributed in the hope that it will be useful,
302
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
303
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
304
+ GNU General Public License for more details.
305
+
306
+ You should have received a copy of the GNU General Public License along
307
+ with this program; if not, write to the Free Software Foundation, Inc.,
308
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
309
+
310
+ Also add information on how to contact you by electronic and paper mail.
311
+
312
+ If the program is interactive, make it output a short notice like this
313
+ when it starts in an interactive mode:
314
+
315
+ Gnomovision version 69, Copyright (C) year name of author
316
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
317
+ This is free software, and you are welcome to redistribute it
318
+ under certain conditions; type `show c' for details.
319
+
320
+ The hypothetical commands `show w' and `show c' should show the appropriate
321
+ parts of the General Public License. Of course, the commands you use may
322
+ be called something other than `show w' and `show c'; they could even be
323
+ mouse-clicks or menu items--whatever suits your program.
324
+
325
+ You should also get your employer (if you work as a programmer) or your
326
+ school, if any, to sign a "copyright disclaimer" for the program, if
327
+ necessary. Here is a sample; alter the names:
328
+
329
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
330
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
331
+
332
+ {signature of Ty Coon}, 1 April 1989
333
+ Ty Coon, President of Vice
334
+
335
+ This General Public License does not permit incorporating your program into
336
+ proprietary programs. If your program is a subroutine library, you may
337
+ consider it more useful to permit linking proprietary applications with the
338
+ library. If this is what you want to do, use the GNU Lesser General
339
+ Public License instead of this License.
README.md CHANGED
@@ -2,9 +2,10 @@
2
  * Contributors: pluginkollektiv
3
  * Tags: antivirus, malware, scanner, phishing, safe browsing, vulnerability
4
  * Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW
5
- * Requires at least: 3.8
6
- * Tested up to: 5.1
7
- * Stable tag: 1.3.10
 
8
  * License: GPLv2 or later
9
  * License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -12,17 +13,15 @@ Security plugin to protect your blog or website against exploits and spam inject
12
 
13
  ## Description ##
14
  *AntiVirus for WordPress* is a easy-to-use, safe tool to harden your WordPress site against exploits, malware and spam injections.
15
- You can configure *AntiVirus* to perform an automated daily scan of your theme files and database tables. If the plugin happens to detect any suspicious code injections, it will send out a notification to a previously configured e-mail address.
16
 
17
  In case your WordPress site has been hacked, *AntiVirus* will help you to become aware of the problem very quickly in order for you to take immediate action.
18
 
19
- [](http://coderisk.com/wp/plugin/antivirus/RIPS-x1EDAuZC-C)
20
-
21
  ### Features ###
22
  * Virus alert in the admin bar
23
  * Cleaning up after plugin removal
24
  * Daily scan with email notifications
25
- * Database tables and theme templates checks
26
  * Whitelist solution: Mark suspected cases as "no virus"
27
  * Manual check of template files with alerts on suspected cases
28
  * Optional: Google Safe Browsing for malware and phishing monitoring.
@@ -39,26 +38,25 @@ In case your WordPress site has been hacked, *AntiVirus* will help you to become
39
 
40
  ### Credits ###
41
  * Author: [Sergej Müller](https://sergejmueller.github.io/)
42
- * Maintainers: [pluginkollektiv](http://pluginkollektiv.org/)
43
-
44
- ## Installation ##
45
- * If you don’t know how to install a plugin for WordPress, [here’s how](https://codex.wordpress.org/Managing_Plugins#Installing_Plugins).
46
 
47
- ### Requirements ###
48
- * PHP 5.2.4 or greater
49
- * WordPress 3.8 or greater
50
 
51
  ## Frequently Asked Questions ##
52
 
53
  ### Will AntiVirus protect my site from being hacked? ###
54
  Not literally "protect from". The plugin’s purpose is to *detect* any "hack" that has already happened and enable you to take immediate action upon it.
55
 
56
- A complete documentation is available in the [GitHub repository Wiki](https://github.com/pluginkollektiv/antivirus/wiki).
57
 
58
  ## Changelog ##
59
 
60
- ### 1.3.10 ###
 
 
 
 
61
 
 
62
  * Updated PayPal link for donations
63
  * Improve coding standards
64
  * Translation fixes, improvements and cleanups
@@ -75,43 +73,13 @@ A complete documentation is available in the [GitHub repository Wiki](https://gi
75
  * updated expired link URLs in plugin and languages files
76
  * updated [plugin authors](https://gist.github.com/glueckpress/f058c0ab973d45a72720)
77
 
78
- ### 1.3.8 ###
79
- * Detection and warning for the [MailPoet Vulnerability](http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html)
80
-
81
- ### 1.3.7 ###
82
- * Update the Google Safe Browsing Lookup API to v3.1
83
-
84
- ### 1.3.6 ###
85
- * Code revision and data validation
86
-
87
- ### 1.3.5 ###
88
- * Optimizations for WordPress 3.8
89
-
90
- ### 1.3.4 ###
91
- * [Google Safe Browsing](http://en.wikipedia.org/wiki/Google_Safe_Browsing) for malware and phishing monitoring with e-mail notification. [Additional information on Google+](https://plus.google.com/110569673423509816572/posts/H72FFwvna1i) (only german)
92
-
93
- ### 1.3.3 ###
94
- * Add inspection for iFrames
95
- * Retina support for teaser and screenshot
96
-
97
- ### 1.3.2 ###
98
- * Remove the check for include and require commands (#wpforce)
99
-
100
- ### 1.3.1 ###
101
- * Compatibility with WordPress 3.4
102
- * High-resolution plugin icon for retina displays
103
- * Remove icon from the admin sidebar
104
- * System requirements: From PHP 5.0 to PHP 5.1
105
-
106
- ### 1.3 ###
107
- * Xmas Edition
108
-
109
  For the complete changelog, check out our [GitHub repository](https://github.com/pluginkollektiv/antivirus).
110
 
111
  ## Upgrade Notice ##
112
 
113
- ### 1.3.10 ###
114
- This is a maintenance release, fixing our Google Safe Browsing lookup and some minor issues.
115
 
116
  ## Screenshots ##
117
  1. WordPress AntiVirus settings
 
2
  * Contributors: pluginkollektiv
3
  * Tags: antivirus, malware, scanner, phishing, safe browsing, vulnerability
4
  * Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW
5
+ * Requires at least: 4.6
6
+ * Requires PHP: 5.2
7
+ * Tested up to: 5.6
8
+ * Stable tag: 1.4.0
9
  * License: GPLv2 or later
10
  * License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
 
13
 
14
  ## Description ##
15
  *AntiVirus for WordPress* is a easy-to-use, safe tool to harden your WordPress site against exploits, malware and spam injections.
16
+ You can configure *AntiVirus* to perform an automated daily scan of your theme files. If the plugin happens to detect any suspicious code injections, it will send out a notification to a previously configured e-mail address.
17
 
18
  In case your WordPress site has been hacked, *AntiVirus* will help you to become aware of the problem very quickly in order for you to take immediate action.
19
 
 
 
20
  ### Features ###
21
  * Virus alert in the admin bar
22
  * Cleaning up after plugin removal
23
  * Daily scan with email notifications
24
+ * Theme template checks
25
  * Whitelist solution: Mark suspected cases as "no virus"
26
  * Manual check of template files with alerts on suspected cases
27
  * Optional: Google Safe Browsing for malware and phishing monitoring.
38
 
39
  ### Credits ###
40
  * Author: [Sergej Müller](https://sergejmueller.github.io/)
41
+ * Maintainers: [pluginkollektiv](https://pluginkollektiv.org)
 
 
 
42
 
 
 
 
43
 
44
  ## Frequently Asked Questions ##
45
 
46
  ### Will AntiVirus protect my site from being hacked? ###
47
  Not literally "protect from". The plugin’s purpose is to *detect* any "hack" that has already happened and enable you to take immediate action upon it.
48
 
49
+ A complete documentation is available on the [AntiVirus website](https://antivirus.pluginkollektiv.org/documentation/).
50
 
51
  ## Changelog ##
52
 
53
+ ### 1.4.0 ###
54
+ * Option to provide a custom key for the Google Safe Browsing API
55
+ * Scan files of parent theme if a child theme is active
56
+ * Verify checksums of WP core files (integrated functionality from _Checksum Verifier_ plugin)
57
+ * Ability to enable _Safe Browsing_ and _Checksum Verifier_ as cronjob without Theme scan
58
 
59
+ ### 1.3.10 ###
60
  * Updated PayPal link for donations
61
  * Improve coding standards
62
  * Translation fixes, improvements and cleanups
73
  * updated expired link URLs in plugin and languages files
74
  * updated [plugin authors](https://gist.github.com/glueckpress/f058c0ab973d45a72720)
75
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
76
  For the complete changelog, check out our [GitHub repository](https://github.com/pluginkollektiv/antivirus).
77
 
78
  ## Upgrade Notice ##
79
 
80
+ ### 1.4.0 ###
81
+ This is a feature release which integrates the functionality from _Checksum Verifier_ plugin.
82
 
83
  ## Screenshots ##
84
  1. WordPress AntiVirus settings
85
+ 2. Theme scan results
antivirus.php CHANGED
@@ -4,11 +4,11 @@
4
  * Description: Security plugin to protect your blog or website against exploits and spam injections.
5
  * Author: pluginkollektiv
6
  * Author URI: https://pluginkollektiv.org
7
- * Plugin URI: https://wordpress.org/plugins/antivirus/
8
  * Text Domain: antivirus
9
  * License: GPLv2 or later
10
  * License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
- * Version: 1.3.10
12
  *
13
  * @package AntiVirus
14
  */
@@ -36,1051 +36,32 @@ if ( ! class_exists( 'WP' ) ) {
36
  die();
37
  }
38
 
 
 
39
  /**
40
- * Main plugin class.
 
 
41
  */
42
- class AntiVirus {
43
- /**
44
- * The basename of a plugin.
45
- *
46
- * @var string
47
- */
48
- private static $base;
49
-
50
- /**
51
- * Pseudo constructor.
52
- */
53
- public static function instance() {
54
- new self();
55
- }
56
-
57
- /**
58
- * Constructor.
59
- *
60
- * Should not be called directly,
61
- *
62
- * @see AntiVirus::instance()
63
- */
64
- public function __construct() {
65
- // Don't run during autosave or XML-RPC request.
66
- if ( ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) || ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) ) {
67
- return;
68
- }
69
-
70
- // Save the plugin basename.
71
- self::$base = plugin_basename( __FILE__ );
72
-
73
- // Run the daily cronjob.
74
- if ( defined( 'DOING_CRON' ) ) {
75
- add_action( 'antivirus_daily_cronjob', array( __CLASS__, 'do_daily_cronjob' ) );
76
- }
77
-
78
- if ( is_admin() ) {
79
- /* AJAX */
80
- if ( defined( 'DOING_AJAX' ) ) {
81
- add_action( 'wp_ajax_get_ajax_response', array( __CLASS__, 'get_ajax_response' ) );
82
- } else {
83
- /* Actions */
84
- add_action( 'admin_menu', array( __CLASS__, 'add_sidebar_menu' ) );
85
- add_action( 'admin_notices', array( __CLASS__, 'show_dashboard_notice' ) );
86
- add_action( 'deactivate_' . self::$base, array( __CLASS__, 'clear_scheduled_hook' ) );
87
- add_action( 'plugin_row_meta', array( __CLASS__, 'init_row_meta' ), 10, 2 );
88
- add_action( 'plugin_action_links_' . self::$base, array( __CLASS__, 'init_action_links' ) );
89
- }
90
- }
91
- }
92
-
93
- /**
94
- * Adds a link to the plugin settings in the plugin list table.
95
- *
96
- * @param array $data Plugin action links.
97
- * @return array The modified action links array.
98
- */
99
- public static function init_action_links( $data ) {
100
- // Only add link if user has permissions to view them.
101
- if ( ! current_user_can( 'manage_options' ) ) {
102
- return $data;
103
- }
104
-
105
- return array_merge(
106
- $data,
107
- array(
108
- sprintf(
109
- '<a href="%s">%s</a>',
110
- add_query_arg(
111
- array(
112
- 'page' => 'antivirus',
113
- ),
114
- admin_url( 'options-general.php' )
115
- ),
116
- __( 'Settings', 'antivirus' )
117
- ),
118
- )
119
  );
120
  }
 
121
 
122
- /**
123
- * Adds a donation link to the second row in the plugin list table.
124
- *
125
- * @param array $data Plugin links array.
126
- * @param string $page The current row identifier.
127
- * @return array The modified links array.
128
- */
129
- public static function init_row_meta( $data, $page ) {
130
- if ( $page !== self::$base ) {
131
- return $data;
132
- }
133
-
134
- return array_merge(
135
- $data,
136
- array(
137
- '<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW" target="_blank" rel="noopener noreferrer">' . esc_html__( 'Donate', 'antivirus' ) . '</a>',
138
- '<a href="https://wordpress.org/support/plugin/antivirus" target="_blank" rel="noopener noreferrer">' . esc_html__( 'Support', 'antivirus' ) . '</a>',
139
- )
140
- );
141
- }
142
-
143
- /**
144
- * Plugin activation hook.
145
- */
146
- public static function activation() {
147
- // Add default option.
148
- add_option(
149
- 'antivirus',
150
- array(),
151
- '',
152
- 'no'
153
- );
154
-
155
- // Add cron schedule.
156
- if ( self::_get_option( 'cronjob_enable' ) ) {
157
- self::_add_scheduled_hook();
158
- }
159
- }
160
-
161
- /**
162
- * Plugin deactivation hook.
163
- */
164
- public static function deactivation() {
165
- self::clear_scheduled_hook();
166
- }
167
-
168
- /**
169
- * Plugin uninstall hook.
170
- */
171
- public static function uninstall() {
172
- delete_option( 'antivirus' );
173
- }
174
-
175
- /**
176
- * Get a plugin option value.
177
- *
178
- * @param string $field Option name.
179
- * @return string The option value.
180
- */
181
- private static function _get_option( $field ) {
182
- $options = wp_parse_args(
183
- get_option( 'antivirus' ),
184
- array(
185
- 'cronjob_enable' => 0,
186
- 'cronjob_alert' => 0,
187
- 'safe_browsing' => 0,
188
- 'notify_email' => '',
189
- 'white_list' => '',
190
- )
191
- );
192
-
193
- return ( empty( $options[ $field ] ) ? '' : $options[ $field ] );
194
- }
195
-
196
- /**
197
- * Update an option in the database.
198
- *
199
- * @param string $field The option name.
200
- * @param string|int $value The option value.
201
- */
202
- private static function _update_option( $field, $value ) {
203
- self::_update_options(
204
- array(
205
- $field => $value,
206
- )
207
- );
208
- }
209
-
210
- /**
211
- * Update multiple options in the database.
212
- *
213
- * @param array $data An associative array of option fields and values.
214
- */
215
- private static function _update_options( $data ) {
216
- update_option(
217
- 'antivirus',
218
- array_merge(
219
- (array) get_option( 'antivirus' ),
220
- $data
221
- )
222
- );
223
- }
224
-
225
- /**
226
- * Initialize the cronjob.
227
- *
228
- * Schedules the AntiVirus cronjob to run daily.
229
- */
230
- private static function _add_scheduled_hook() {
231
- if ( ! wp_next_scheduled( 'antivirus_daily_cronjob' ) ) {
232
- wp_schedule_event(
233
- time(),
234
- 'daily',
235
- 'antivirus_daily_cronjob'
236
- );
237
- }
238
- }
239
-
240
- /**
241
- * Cancel the daily cronjob.
242
- */
243
- public static function clear_scheduled_hook() {
244
- if ( wp_next_scheduled( 'antivirus_daily_cronjob' ) ) {
245
- wp_clear_scheduled_hook( 'antivirus_daily_cronjob' );
246
- }
247
- }
248
-
249
- /**
250
- * Cronjob callback.
251
- */
252
- public static function do_daily_cronjob() {
253
- // Check if cronjob is enabled in the plugin.
254
- if ( ! self::_get_option( 'cronjob_enable' ) ) {
255
- return;
256
- }
257
-
258
- // Check the Safe Browsing API.
259
- self::_check_safe_browsing();
260
-
261
- // Check the theme and permalinks.
262
- self::_check_blog_internals();
263
- }
264
-
265
- /**
266
- * Pings the Safe Browsing API to see if the website is infected.
267
- */
268
- private static function _check_safe_browsing() {
269
- // Check if option is enabled in the plugin.
270
- if ( ! self::_get_option( 'safe_browsing' ) ) {
271
- return;
272
- }
273
-
274
- // Request the API.
275
- $response = wp_remote_post(
276
- sprintf(
277
- 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=%s',
278
- 'AIzaSyCGHXUd7vQAySRLNiC5y1M_wzR2W0kCVKI'
279
- ),
280
- array(
281
- 'headers' => array(
282
- 'Content-Type' => 'application/json',
283
- ),
284
- 'body' => json_encode(
285
- array(
286
- 'client' => array(
287
- 'clientId' => 'wpantivirus',
288
- 'clientVersion' => '1.3.10'
289
- ),
290
- 'threatInfo' => array(
291
- 'threatTypes' => array(
292
- 'THREAT_TYPE_UNSPECIFIED',
293
- 'MALWARE',
294
- 'SOCIAL_ENGINEERING',
295
- 'UNWANTED_SOFTWARE',
296
- 'POTENTIALLY_HARMFUL_APPLICATION'
297
- ),
298
- 'platformTypes' => array( 'ANY_PLATFORM' ),
299
- 'threatEntryTypes' => array( 'URL' ),
300
- 'threatEntries' => array(
301
- array( 'url' => urlencode( get_bloginfo( 'url' ) ) ),
302
- )
303
- )
304
- )
305
- )
306
- )
307
- );
308
-
309
- // API error?
310
- if ( is_wp_error( $response ) ) {
311
- return;
312
- }
313
-
314
- // Get the JSON response of the API request.
315
- $response_json = json_decode(wp_remote_retrieve_body( $response ), true);
316
-
317
- // All clear, nothing bad detected.
318
- if ( wp_remote_retrieve_response_code( $response ) === 200 && empty( $response_json ) ) {
319
- return;
320
- }
321
-
322
- // Send notification.
323
- self::_send_warning_notification(
324
- esc_html__( 'Safe Browsing Alert', 'antivirus' ),
325
- sprintf(
326
- "%s\r\nhttps://transparencyreport.google.com/safe-browsing/search?url=%s&hl=%s",
327
- esc_html__( 'Please check the Google Safe Browsing diagnostic page:', 'antivirus' ),
328
- urlencode( get_bloginfo( 'url' ) ),
329
- substr( get_locale(), 0, 2 )
330
- )
331
- );
332
- }
333
-
334
- /**
335
- * Check blog internals like theme files and the permalink structure.
336
- */
337
- private static function _check_blog_internals() {
338
- // Execute checks.
339
- if ( ! self::_check_theme_files() && ! self::_check_permalink_structure() ) {
340
- return;
341
- }
342
-
343
- // Send notification.
344
- self::_send_warning_notification(
345
- esc_html__( 'Virus suspected', 'antivirus' ),
346
- sprintf(
347
- "%s\r\n%s",
348
- esc_html__( 'The daily antivirus scan of your blog suggests alarm.', 'antivirus' ),
349
- get_bloginfo( 'url' )
350
- )
351
- );
352
-
353
- // Store alert in database.
354
- self::_update_option(
355
- 'cronjob_alert',
356
- 1
357
- );
358
- }
359
-
360
- /**
361
- * Send a warning via email that something was detected.
362
- *
363
- * @param string $subject Subject of the notification email.
364
- * @param string $body Email body.
365
- */
366
- private static function _send_warning_notification( $subject, $body ) {
367
- // Get recipient email address.
368
- $email = self::_get_option( 'notify_email' );
369
-
370
- // Get admin email address if nothing is stored.
371
- if ( ! is_email( $email ) ) {
372
- $email = get_bloginfo( 'admin_email' );
373
- }
374
-
375
- // Send email.
376
- wp_mail(
377
- $email,
378
- sprintf(
379
- '[%s] %s',
380
- get_bloginfo( 'name' ),
381
- $subject
382
- ),
383
- sprintf(
384
- "%s\r\n\r\n\r\n%s\r\n%s\r\n",
385
- $body,
386
- esc_html__( 'Notify message by AntiVirus for WordPress', 'antivirus' ),
387
- esc_html__( 'http://wpantivirus.com', 'antivirus' )
388
- )
389
- );
390
- }
391
-
392
- /**
393
- * Add sub menu page to the options main menu.
394
- */
395
- public static function add_sidebar_menu() {
396
- $page = add_options_page(
397
- __( 'AntiVirus', 'antivirus' ),
398
- __( 'AntiVirus', 'antivirus' ),
399
- 'manage_options',
400
- 'antivirus',
401
- array(
402
- __CLASS__,
403
- 'show_admin_menu',
404
- )
405
- );
406
-
407
- add_action( 'admin_print_styles-' . $page, array( __CLASS__, 'add_enqueue_style' ) );
408
- add_action( 'admin_print_scripts-' . $page, array( __CLASS__, 'add_enqueue_script' ) );
409
- }
410
-
411
- /**
412
- * Enqueue our JavaScript.
413
- */
414
- public static function add_enqueue_script() {
415
- // Get plugin data.
416
- $data = get_plugin_data( __FILE__ );
417
-
418
- // Enqueue the JavaScript.
419
- wp_enqueue_script(
420
- 'av_script',
421
- plugins_url( 'js/script.min.js', __FILE__ ),
422
- array( 'jquery' ),
423
- $data['Version']
424
- );
425
-
426
- // Localize script data.
427
- wp_localize_script(
428
- 'av_script',
429
- 'av_settings',
430
- array(
431
- 'nonce' => wp_create_nonce( 'av_ajax_nonce' ),
432
- 'theme' => esc_js( urlencode( self::_get_theme_name() ) ),
433
- 'msg_1' => esc_js( __( 'This is not a virus', 'antivirus' ) ),
434
- 'msg_2' => esc_js( __( 'View line', 'antivirus' ) ),
435
- 'msg_3' => esc_js( __( 'Scan finished', 'antivirus' ) ),
436
- )
437
- );
438
- }
439
-
440
- /**
441
- * Enqueue our stylesheet.
442
- */
443
- public static function add_enqueue_style() {
444
- // Get plugin data.
445
- $data = get_plugin_data( __FILE__ );
446
-
447
- // Enqueue the stylesheet.
448
- wp_enqueue_style(
449
- 'av_css',
450
- plugins_url( 'css/style.min.css', __FILE__ ),
451
- array(),
452
- $data['Version']
453
- );
454
- }
455
-
456
- /**
457
- * Get the currently activated theme.
458
- *
459
- * @return array|false An array holding the theme data or false on failure.
460
- */
461
- private static function _get_current_theme() {
462
- $theme = wp_get_theme();
463
- $name = $theme->get( 'Name' );
464
- $slug = $theme->get_stylesheet();
465
- $files = $theme->get_files( 'php', 1 );
466
-
467
- // Check if empty.
468
- if ( empty( $name ) || empty( $files ) ) {
469
- return false;
470
- }
471
-
472
- return array(
473
- 'Name' => $name,
474
- 'Slug' => $slug,
475
- 'Template Files' => $files,
476
- );
477
- }
478
-
479
- /**
480
- * Get all the files belonging to the current theme.
481
- *
482
- * @return array|false Theme files or false on failure.
483
- */
484
- private static function _get_theme_files() {
485
- // Check if the theme exists.
486
- if ( ! $theme = self::_get_current_theme() ) {
487
- return false;
488
- }
489
-
490
- // Check its files.
491
- if ( empty( $theme['Template Files'] ) ) {
492
- return false;
493
- }
494
-
495
- // Returns the files, stripping out the content dir from the paths.
496
- return array_unique(
497
- array_map(
498
- array( 'AntiVirus', '_strip_content_dir' ),
499
- $theme['Template Files']
500
- )
501
- );
502
- }
503
-
504
- /**
505
- * Strip out the content dir from a path.
506
- *
507
- * @param string $string
508
- *
509
- * @return string
510
- */
511
- private static function _strip_content_dir( $string ) {
512
- return str_replace( array( WP_CONTENT_DIR, "wp-content" ), "", $string );
513
- }
514
-
515
- /**
516
- * Get the name of the currently activated theme.
517
- *
518
- * @return string|false The theme name or false on failure.
519
- */
520
- private static function _get_theme_name() {
521
- if ( $theme = self::_get_current_theme() ) {
522
- if ( ! empty( $theme['Slug'] ) ) {
523
- return $theme['Slug'];
524
- }
525
- if ( ! empty( $theme['Name'] ) ) {
526
- return $theme['Name'];
527
- }
528
- }
529
-
530
- return false;
531
- }
532
-
533
- /**
534
- * Get the whitelist.
535
- *
536
- * @return array MD5 hashes of whitelisted files.
537
- */
538
- private static function _get_white_list() {
539
- return explode(
540
- ':',
541
- self::_get_option( 'white_list' )
542
- );
543
- }
544
-
545
- /**
546
- * Ajax response handler.
547
- */
548
- public static function get_ajax_response() {
549
- // Check referer.
550
- check_ajax_referer( 'av_ajax_nonce' );
551
-
552
- // Check if there really is some data.
553
- if ( empty( $_POST['_action_request'] ) ) {
554
- exit();
555
- }
556
-
557
- // Check user permissions.
558
- if ( ! current_user_can( 'manage_options' ) ) {
559
- return;
560
- }
561
-
562
- $values = array();
563
-
564
- // Get value based on request.
565
- switch ( $_POST['_action_request'] ) {
566
- case 'get_theme_files':
567
- self::_update_option(
568
- 'cronjob_alert',
569
- 0
570
- );
571
-
572
- $values = self::_get_theme_files();
573
- break;
574
-
575
- case 'check_theme_file':
576
- if ( ! empty( $_POST['_theme_file'] ) && $lines = self::_check_theme_file( $_POST['_theme_file'] ) ) {
577
- foreach ( $lines as $num => $line ) {
578
- foreach ( $line as $string ) {
579
- $values[] = $num;
580
- $values[] = htmlentities( $string, ENT_QUOTES );
581
- $values[] = md5( $num . $string );
582
- }
583
- }
584
- }
585
- break;
586
-
587
- case 'update_white_list':
588
- if ( ! empty( $_POST['_file_md5'] ) && preg_match( '/^[a-f0-9]{32}$/', $_POST['_file_md5'] ) ) {
589
- self::_update_option(
590
- 'white_list',
591
- implode(
592
- ':',
593
- array_unique(
594
- array_merge(
595
- self::_get_white_list(),
596
- array( $_POST['_file_md5'] )
597
- )
598
- )
599
- )
600
- );
601
-
602
- $values = array( $_POST['_file_md5'] );
603
- }
604
- break;
605
-
606
- default:
607
- break;
608
- }
609
-
610
- // Send response.
611
- if ( $values ) {
612
- wp_send_json(
613
- array(
614
- 'data' => array_values( $values ),
615
- 'nonce' => $_POST['_ajax_nonce'],
616
- )
617
- );
618
- }
619
-
620
- exit();
621
- }
622
-
623
- /**
624
- * Get file contents
625
- *
626
- * @param string $file File path.
627
- * @return array An array containing all the lines of the file.
628
- */
629
- private static function _get_file_content( $file ) {
630
- return file( WP_CONTENT_DIR . $file );
631
- }
632
-
633
- /**
634
- * Shorten a string, append ellipsis.
635
- *
636
- * @param string $line The line.
637
- * @param string $tag The tag we're looking for.
638
- * @param int $max Maximum number of chars on each side.
639
- * @return string|false The shortened string or false on failure.
640
- */
641
- private static function _get_dotted_line( $line, $tag, $max = 100 ) {
642
- // No values?
643
- if ( ! $line || ! $tag ) {
644
- return false;
645
- }
646
-
647
- // Return tag if it's higher than the maximum.
648
- if ( strlen( $tag ) > $max ) {
649
- return $tag;
650
- }
651
-
652
- // Get difference between the tag and the maximum.
653
- $left = round( ( $max - strlen( $tag ) ) / 2 );
654
-
655
- // Quote regular expression characters.
656
- $tag = preg_quote( $tag );
657
-
658
- // Shorten string on the right side.
659
- $output = preg_replace(
660
- '/(' . $tag . ')(.{' . $left . '}).{0,}$/',
661
- '$1$2 ...',
662
- $line
663
- );
664
-
665
- // Shorten string on the left side.
666
- $output = preg_replace(
667
- '/^.{0,}(.{' . $left . ',})(' . $tag . ')/',
668
- '... $1$2',
669
- $output
670
- );
671
-
672
- return $output;
673
- }
674
-
675
- /**
676
- * Get the regular expression for all disallowed words/functions.
677
- *
678
- * @return string Regular expression.
679
- */
680
- private static function _php_match_pattern() {
681
- return '/\b(assert|file_get_contents|curl_exec|popen|proc_open|unserialize|eval|base64_encode|base64_decode|create_function|exec|shell_exec|system|passthru|ob_get_contents|file|curl_init|readfile|fopen|fsockopen|pfsockopen|fclose|fread|file_put_contents)\b\s*?\(/';
682
- }
683
-
684
- /**
685
- * Check a specific line number.
686
- *
687
- * @param string $line The line to check.
688
- * @param int $num Line number.
689
- * @return array|bool An array of matched lines or false on failure.
690
- */
691
- private static function _check_file_line( $line = '', $num ) {
692
- // Trim value.
693
- $line = trim( (string) $line );
694
-
695
- // Make sure the values aren't empty.
696
- if ( ! $line || ! isset( $num ) ) {
697
- return false;
698
- }
699
-
700
- $results = array();
701
- $output = array();
702
-
703
- // Check if the regex matches.
704
- preg_match_all(
705
- self::_php_match_pattern(),
706
- $line,
707
- $matches
708
- );
709
-
710
- // Save matches.
711
- if ( $matches[1] ) {
712
- $results = $matches[1];
713
- }
714
-
715
- // Search for base64 encoded strings.
716
- preg_match_all(
717
- '/[\'\"\$\\ \/]*?([a-zA-Z0-9]{' . strlen( base64_encode( 'sergej + swetlana = love.' ) ) . ',})/', /* get length of my life ;) */
718
- $line,
719
- $matches
720
- );
721
-
722
- // Save matches.
723
- if ( $matches[1] ) {
724
- $results = array_merge( $results, $matches[1] );
725
- }
726
-
727
- // Look for frames.
728
- preg_match_all(
729
- '/<\s*?(i?frame)/',
730
- $line,
731
- $matches
732
- );
733
-
734
- // Save matches.
735
- if ( $matches[1] ) {
736
- $results = array_merge( $results, $matches[1] );
737
- }
738
-
739
- // Look for the MailPoet vulnerability.
740
- preg_match_all(
741
- '/explode\s?\(chr\s?\(\s?\(\d{3}\s?-\s?\d{3}\s?\)\s?\)\s?,/',
742
- $line,
743
- $matches
744
- );
745
-
746
- // Save matches.
747
- if ( $matches[0] ) {
748
- $results = array_merge( $results, $matches[0] );
749
- }
750
-
751
- // Look for `get_option` calls.
752
- preg_match(
753
- '/get_option\s*\(\s*[\'"](.*?)[\'"]\s*\)/',
754
- $line,
755
- $matches
756
- );
757
-
758
- // Check option.
759
- if ( $matches && $matches[1] && self::_check_file_line( get_option( $matches[1] ), $num ) ) {
760
- array_push( $results, 'get_option' );
761
- }
762
-
763
- if ( $results ) {
764
- // Remove duplicates.
765
- $results = array_unique( $results );
766
-
767
- // Get whitelist.
768
- $md5 = self::_get_white_list();
769
-
770
- // Loop through results.
771
- foreach ( $results as $tag ) {
772
- $string = str_replace(
773
- $tag,
774
- '@span@' . $tag . '@/span@',
775
- self::_get_dotted_line( $line, $tag )
776
- );
777
-
778
- // Add line to output if it's not on the whitelist.
779
- if ( ! in_array( md5( $num . $string ), $md5 ) ) {
780
- $output[] = $string;
781
- }
782
- }
783
-
784
- return $output;
785
- }
786
-
787
- return false;
788
- }
789
-
790
- /**
791
- * Check the files of the currently activated theme.
792
- *
793
- * @return array|false Results array or false on failure.
794
- */
795
- private static function _check_theme_files() {
796
- // Check if there are any files.
797
- if ( ! $files = self::_get_theme_files() ) {
798
- return false;
799
- }
800
-
801
- $results = array();
802
-
803
- // Loop through files.
804
- foreach ( $files as $file ) {
805
- if ( $result = self::_check_theme_file( $file ) ) {
806
- $results[ $file ] = $result;
807
- }
808
- }
809
-
810
- // Return results if found.
811
- if ( ! empty( $results ) ) {
812
- return $results;
813
- }
814
-
815
- return false;
816
- }
817
-
818
- /**
819
- * Check a single file.
820
- *
821
- * @param string $file File path.
822
- * @return array|false Results array or false on failure.
823
- */
824
- private static function _check_theme_file( $file ) {
825
- // Simple file path check.
826
- if ( filter_var( $file, FILTER_SANITIZE_URL ) !== $file ) {
827
- return false;
828
- }
829
-
830
- // Sanitize file string.
831
- if ( validate_file( $file ) !== 0 ) {
832
- return false;
833
- }
834
-
835
- // No file?
836
- if ( ! $file ) {
837
- return false;
838
- }
839
-
840
- // Get file content.
841
- $content = self::_get_file_content( $file );
842
-
843
- if ( ! $content ) {
844
- return false;
845
- }
846
-
847
- $results = array();
848
-
849
- // Loop through lines.
850
- foreach ( $content as $num => $line ) {
851
- if ( $result = self::_check_file_line( $line, $num ) ) {
852
- $results[ $num ] = $result;
853
- }
854
- }
855
-
856
- // Return results if found.
857
- if ( ! empty( $results ) ) {
858
- return $results;
859
- }
860
-
861
- return false;
862
- }
863
-
864
- /**
865
- * Check the permalink structure.
866
- *
867
- * @return array|false Results array or false on failure.
868
- */
869
- private static function _check_permalink_structure() {
870
- $structure = get_option( 'permalink_structure' );
871
-
872
- if ( ! $structure ) {
873
- return false;
874
- }
875
-
876
- // Regex check.
877
- preg_match_all(
878
- self::_php_match_pattern(),
879
- $structure,
880
- $matches
881
- );
882
-
883
- // Save matches.
884
- if ( $matches[1] ) {
885
- return $matches[1];
886
- }
887
-
888
- return false;
889
- }
890
-
891
- /**
892
- * Show notice on the dashboard.
893
- */
894
- public static function show_dashboard_notice() {
895
- // Only show notice if there's an alert.
896
- if ( ! self::_get_option( 'cronjob_alert' ) ) {
897
- return;
898
- }
899
-
900
- // Display warning.
901
- echo sprintf(
902
- '<div class="error"><p><strong>%1$s:</strong> %2$s <a href="%3$s">%4$s &rarr;</a></p></div>',
903
- esc_html__( 'Virus suspected', 'antivirus' ),
904
- esc_html__( 'The daily antivirus scan of your blog suggests alarm.', 'antivirus' ),
905
- esc_url( add_query_arg(
906
- array(
907
- 'page' => 'antivirus',
908
- ),
909
- admin_url( 'options-general.php' )
910
- ) ),
911
- esc_html__( 'Manual malware scan', 'antivirus' )
912
- );
913
- }
914
-
915
- /**
916
- * Print the settings page.
917
- */
918
- public static function show_admin_menu() {
919
- // Save updates.
920
- if ( ! empty( $_POST ) ) {
921
- // Check the referer.
922
- check_admin_referer( 'antivirus' );
923
-
924
- // Save values.
925
- $options = array(
926
- 'cronjob_enable' => (int) ( ! empty( $_POST['av_cronjob_enable'] ) ),
927
- 'notify_email' => sanitize_email( @$_POST['av_notify_email'] ),
928
- 'safe_browsing' => (int) ( ! empty( $_POST['av_safe_browsing'] ) ),
929
- );
930
-
931
- // No cronjob?
932
- if ( empty( $options['cronjob_enable'] ) ) {
933
- $options['notify_email'] = '';
934
- $options['safe_browsing'] = 0;
935
- }
936
-
937
- // Stop cron if it was disabled.
938
- if ( $options['cronjob_enable'] && ! self::_get_option( 'cronjob_enable' ) ) {
939
- self::_add_scheduled_hook();
940
- } else if ( ! $options['cronjob_enable'] && self::_get_option( 'cronjob_enable' ) ) {
941
- self::clear_scheduled_hook();
942
- }
943
-
944
- // Save options.
945
- self::_update_options( $options ); ?>
946
-
947
- <div id="message" class="notice notice-success">
948
- <p>
949
- <strong>
950
- <?php esc_html_e( 'Settings saved.', 'antivirus' ); ?>
951
- </strong>
952
- </p>
953
- </div>
954
- <?php } ?>
955
-
956
- <div class="wrap" id="av_main">
957
- <h1>
958
- <?php esc_html_e( 'AntiVirus', 'antivirus' ); ?>
959
- </h1>
960
-
961
- <table class="form-table">
962
- <tr>
963
- <th scope="row">
964
- <?php esc_html_e( 'Manual malware scan', 'antivirus' ); ?>
965
- </th>
966
- <td>
967
- <div class="inside" id="av_manual_scan">
968
- <p>
969
- <a href="#" class="button button-primary">
970
- <?php esc_html_e( 'Scan the theme templates now', 'antivirus' ); ?>
971
- </a>
972
- <span class="alert"></span>
973
- </p>
974
-
975
- <div class="output"></div>
976
- </div>
977
- </td>
978
- </tr>
979
- </table>
980
-
981
-
982
- <form method="post" action="<?php echo esc_url( admin_url( 'options-general.php?page=antivirus' ) ); ?>">
983
- <?php wp_nonce_field( 'antivirus' ) ?>
984
-
985
- <table class="form-table">
986
- <tr>
987
- <th scope="row">
988
- <?php esc_html_e( 'Daily malware scan', 'antivirus' ); ?>
989
- </th>
990
- <td>
991
- <fieldset>
992
- <label for="av_cronjob_enable">
993
- <input type="checkbox" name="av_cronjob_enable" id="av_cronjob_enable"
994
- value="1" <?php checked( self::_get_option( 'cronjob_enable' ), 1 ) ?> />
995
- <?php esc_html_e( 'Check the theme templates for malware', 'antivirus' ); ?>
996
- </label>
997
-
998
- <p class="description">
999
- <?php
1000
- if ( $timestamp = wp_next_scheduled( 'antivirus_daily_cronjob' ) ) {
1001
- echo sprintf(
1002
- '%s: %s',
1003
- esc_html__( 'Next Run', 'antivirus' ),
1004
- date_i18n( 'd.m.Y H:i:s', $timestamp + get_option( 'gmt_offset' ) * 3600 )
1005
- );
1006
- }
1007
- ?>
1008
- </p>
1009
-
1010
- <br/>
1011
-
1012
- <label for="av_safe_browsing">
1013
- <input type="checkbox" name="av_safe_browsing" id="av_safe_browsing"
1014
- value="1" <?php checked( self::_get_option( 'safe_browsing' ), 1 ) ?> />
1015
- <?php esc_html_e( 'Malware detection by Google Safe Browsing', 'antivirus' ); ?>
1016
- </label>
1017
-
1018
- <p class="description">
1019
- <?php esc_html_e( 'Diagnosis and notification in suspicion case', 'antivirus' ); ?>
1020
- </p>
1021
-
1022
- <br/>
1023
-
1024
- <label for="av_notify_email"><?php esc_html_e( 'Email address for notifications', 'antivirus' ); ?></label>
1025
- <input type="text" name="av_notify_email" id="av_notify_email"
1026
- value="<?php esc_attr_e( self::_get_option( 'notify_email' ) ); ?>"
1027
- class="regular-text"
1028
- placeholder="<?php esc_attr_e( 'Email address for notifications', 'antivirus' ); ?>" />
1029
-
1030
-
1031
- <p class="description">
1032
- <?php esc_html_e( 'If the field is empty, the blog admin will be notified', 'antivirus' ); ?>
1033
- </p>
1034
- </fieldset>
1035
- </td>
1036
- </tr>
1037
 
1038
- <tr>
1039
- <th scope="row">
1040
- <input type="submit" class="button button-primary" value="<?php esc_attr_e( 'Save Changes', 'antivirus' ) ?>"/>
1041
- </th>
1042
- <td>
1043
- <?php
1044
- printf(
1045
- '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
1046
- 'https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW',
1047
- esc_html__( 'Donate', 'antivirus' )
1048
- );
1049
- ?>
1050
- &bull;
1051
- <?php
1052
- printf(
1053
- '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
1054
- esc_attr__( 'https://wordpress.org/plugins/antivirus/faq/', 'antivirus' ),
1055
- esc_html__( 'FAQ', 'antivirus' )
1056
- );
1057
- ?>
1058
- &bull;
1059
- <?php
1060
- printf(
1061
- '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
1062
- 'https://github.com/pluginkollektiv/antivirus/wiki',
1063
- esc_html__( 'Manual', 'antivirus' )
1064
- );
1065
- ?>
1066
- &bull;
1067
- <?php
1068
- printf(
1069
- '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
1070
- 'https://wordpress.org/support/plugin/antivirus',
1071
- esc_html__( 'Support', 'antivirus' )
1072
- );
1073
- ?>
1074
- </td>
1075
- </tr>
1076
- </table>
1077
- </form>
1078
- </div>
1079
- <?php }
1080
- }
1081
 
1082
  // Initialize the plugin.
1083
- add_action( 'plugins_loaded', array( 'AntiVirus', 'instance' ), 99 );
1084
 
1085
  /* Hooks */
1086
  register_activation_hook( __FILE__, array( 'AntiVirus', 'activation' ) );
4
  * Description: Security plugin to protect your blog or website against exploits and spam injections.
5
  * Author: pluginkollektiv
6
  * Author URI: https://pluginkollektiv.org
7
+ * Plugin URI: https://antivirus.pluginkollektiv.org
8
  * Text Domain: antivirus
9
  * License: GPLv2 or later
10
  * License URI: http://www.gnu.org/licenses/gpl-2.0.html
11
+ * Version: 1.4.0
12
  *
13
  * @package AntiVirus
14
  */
36
  die();
37
  }
38
 
39
+ define( 'ANTIVIRUS_FILE', __FILE__ );
40
+
41
  /**
42
+ * Plugin autoloader.
43
+ *
44
+ * @param string $class The classname.
45
  */
46
+ function antivirus_autoload( $class ) {
47
+ if ( in_array( $class, array( 'AntiVirus', 'AntiVirus_CheckInternals', 'AntiVirus_SafeBrowsing', 'AntiVirus_ChecksumVerifier' ), true ) ) {
48
+ require_once sprintf(
49
+ '%s%s%s%sclass-%s.php',
50
+ dirname( __FILE__ ),
51
+ DIRECTORY_SEPARATOR,
52
+ 'inc',
53
+ DIRECTORY_SEPARATOR,
54
+ strtolower( str_replace( '_', '-', $class ) )
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
55
  );
56
  }
57
+ }
58
 
59
+ // Register autoloader.
60
+ spl_autoload_register( 'antivirus_autoload' );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
61
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
62
 
63
  // Initialize the plugin.
64
+ add_action( 'plugins_loaded', array( 'AntiVirus', 'init' ), 99 );
65
 
66
  /* Hooks */
67
  register_activation_hook( __FILE__, array( 'AntiVirus', 'activation' ) );
css/style.css CHANGED
@@ -1,94 +1,91 @@
1
- /* @group Manual Scan */
2
-
3
- #av_manual_scan {
4
- height: 1%;
5
- overflow: hidden;
6
- }
7
- #av_manual_scan a.button {
8
- float: left;
9
- }
10
- #av_manual_scan .alert {
11
- float: left;
12
- color: green;
13
- margin: 0 10px;
14
- border: 1px solid green;
15
- display: none;
16
- height: 26px;
17
- line-height: 26px;
18
- padding: 0 10px;
19
- background: #fff;
20
- border-radius: 3px;
21
- }
22
-
23
- #av_main .inside .output {
24
- clear: both;
25
- height: 1%;
26
- margin: 0 0 0 -6px;
27
- padding: 0 0 6px;
28
- overflow: hidden;
29
- }
30
- #av_main .inside .output div {
31
- float: left;
32
- color: #FFF;
33
- margin: 12px 6px 0;
34
- padding: 8px 12px 10px;
35
- background: orange;
36
- border-radius: 3px;
37
-
38
- transition: background-color 0.5s linear;
39
- -o-transition: background-color 0.5s linear;
40
- -ms-transition: background-color 0.5s linear;
41
- -moz-transition: background-color 0.5s linear;
42
- -webkit-transition: background-color 0.5s linear;
43
- }
44
- #av_main .inside .output div.done {
45
- background: green;
46
- }
47
- #av_main .inside .output div.danger {
48
- width: 97%;
49
- background: red;
50
- }
51
- #av_main .inside .output div p {
52
- padding: 10px;
53
- overflow: hidden;
54
- background: #F9F9F9;
55
- white-space: nowrap;
56
- border-radius: 3px;
57
- }
58
- #av_main .inside .output div p a {
59
- float: left;
60
- color: #646464;
61
- margin: 0 6px 12px 0;
62
- display: block;
63
- border: 1px solid #b4b9be;
64
- padding: 2px 5px;
65
- background: #f2f2f2;
66
- text-decoration: none;
67
- border-radius: 3px;
68
- }
69
- #av_main .inside .output div p a:hover {
70
- color: #000;
71
- border: 1px solid #646464;
72
- }
73
- #av_main .inside .output div p code {
74
- clear: both;
75
- float: left;
76
- color: #000;
77
- padding: 2px 5px;
78
- border-radius: 3px;
79
- }
80
- #av_main .inside .output div p code span {
81
- padding: 2px;
82
- background: yellow;
83
- }
84
-
85
- /* @end group */
86
-
87
-
88
- /* @group WordPress 3.8 Fix */
89
-
90
- #av_notify_email {
91
- line-height: 1.5;
92
- }
93
-
94
- /* @end group */
1
+ /* @group Manual Scan */
2
+
3
+ #av_manual_scan {
4
+ height: 1%;
5
+ overflow: hidden;
6
+ }
7
+
8
+ #av_manual_scan a.button {
9
+ float: left;
10
+ }
11
+
12
+ #av_manual_scan .alert {
13
+ float: left;
14
+ color: #008000;
15
+ margin: 0 10px;
16
+ border: 1px solid #008000;
17
+ display: none;
18
+ height: 26px;
19
+ line-height: 26px;
20
+ padding: 0 10px;
21
+ background: #fff;
22
+ border-radius: 3px;
23
+ }
24
+
25
+ #av_main .inside .output {
26
+ clear: both;
27
+ height: 1%;
28
+ margin: 0 0 0 -6px;
29
+ padding: 0 0 6px;
30
+ overflow: hidden;
31
+ }
32
+
33
+ #av_main .inside .output div {
34
+ float: left;
35
+ color: #fff;
36
+ margin: 12px 6px 0;
37
+ padding: 8px 12px 10px;
38
+ background: #ffa500;
39
+ border-radius: 3px;
40
+
41
+ transition: background-color 0.5s linear;
42
+ -o-transition: background-color 0.5s linear;
43
+ -ms-transition: background-color 0.5s linear;
44
+ -moz-transition: background-color 0.5s linear;
45
+ -webkit-transition: background-color 0.5s linear;
46
+ }
47
+
48
+ #av_main .inside .output div.done {
49
+ background: #008000;
50
+ }
51
+
52
+ #av_main .inside .output div.danger {
53
+ width: 97%;
54
+ background: #f00;
55
+ }
56
+
57
+ #av_main .inside .output div p {
58
+ padding: 10px;
59
+ overflow: hidden;
60
+ background: #f9f9f9;
61
+ white-space: nowrap;
62
+ border-radius: 3px;
63
+ }
64
+
65
+ #av_main .inside .output div p a {
66
+ margin: 0 6px 12px 0;
67
+ }
68
+
69
+ #av_main .inside .output div p code {
70
+ clear: both;
71
+ float: left;
72
+ color: #000;
73
+ padding: 2px 5px;
74
+ border-radius: 3px;
75
+ }
76
+
77
+ #av_main .inside .output div p code span {
78
+ padding: 2px;
79
+ background: #ff0;
80
+ }
81
+
82
+ /* @end group */
83
+
84
+
85
+ /* @group WordPress 3.8 Fix */
86
+
87
+ #av_notify_email {
88
+ line-height: 1.5;
89
+ }
90
+
91
+ /* @end group */
 
 
 
css/style.min.css CHANGED
@@ -1 +1 @@
1
- #av_manual_scan{height:1%;overflow:hidden}#av_manual_scan a.button{float:left}#av_manual_scan .alert{float:left;color:green;margin:0 10px;border:1px solid green;display:none;height:26px;line-height:26px;padding:0 10px;background:#fff;border-radius:3px}#av_main .inside .output{clear:both;height:1%;margin:0 0 0 -6px;padding:0 0 6px;overflow:hidden}#av_main .inside .output div{float:left;color:#fff;margin:12px 6px 0;padding:8px 12px 10px;background:orange;border-radius:3px;transition:background-color .5s linear;-o-transition:background-color .5s linear;-ms-transition:background-color .5s linear;-moz-transition:background-color .5s linear;-webkit-transition:background-color .5s linear}#av_main .inside .output div.done{background:green}#av_main .inside .output div.danger{width:97%;background:red}#av_main .inside .output div p{padding:10px;overflow:hidden;background:#f9f9f9;white-space:nowrap;border-radius:3px}#av_main .inside .output div p a{float:left;color:#646464;margin:0 6px 12px 0;display:block;border:1px solid #b4b9be;padding:2px 5px;background:#f2f2f2;text-decoration:none;border-radius:3px}#av_main .inside .output div p a:hover{color:#000;border:1px solid #646464}#av_main .inside .output div p code{clear:both;float:left;color:#000;padding:2px 5px;border-radius:3px}#av_main .inside .output div p code span{padding:2px;background:#ff0}#av_notify_email{line-height:1.5}
1
+ #av_manual_scan{height:1%;overflow:hidden}#av_manual_scan a.button{float:left}#av_manual_scan .alert{float:left;color:green;margin:0 10px;border:1px solid green;display:none;height:26px;line-height:26px;padding:0 10px;background:#fff;border-radius:3px}#av_main .inside .output{clear:both;height:1%;margin:0 0 0 -6px;padding:0 0 6px;overflow:hidden}#av_main .inside .output div{float:left;color:#fff;margin:12px 6px 0;padding:8px 12px 10px;background:#ffa500;border-radius:3px;transition:background-color 0.5s linear;-o-transition:background-color 0.5s linear;-ms-transition:background-color 0.5s linear;-moz-transition:background-color 0.5s linear;-webkit-transition:background-color 0.5s linear}#av_main .inside .output div.done{background:green}#av_main .inside .output div.danger{width:97%;background:red}#av_main .inside .output div p{padding:10px;overflow:hidden;background:#f9f9f9;white-space:nowrap;border-radius:3px}#av_main .inside .output div p a{margin:0 6px 12px 0}#av_main .inside .output div p code{clear:both;float:left;color:#000;padding:2px 5px;border-radius:3px}#av_main .inside .output div p code span{padding:2px;background:#ff0}#av_notify_email{line-height:1.5}
inc/class-antivirus-checkinternals.php ADDED
@@ -0,0 +1,320 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * AntiVirus: Check Blog Internals module.
4
+ *
5
+ * @package AntiVirus
6
+ * @subpackage CheckInternals
7
+ */
8
+
9
+ // Quit.
10
+ defined( 'ABSPATH' ) || exit;
11
+
12
+
13
+ /**
14
+ * AntiVirus_CheckInternals
15
+ *
16
+ * @since 1.4 Ported from "Checksum Verifier" plugin.
17
+ */
18
+ class AntiVirus_CheckInternals extends AntiVirus {
19
+
20
+ /**
21
+ * Check blog internals like theme files and the permalink structure.
22
+ */
23
+ public static function check_blog_internals() {
24
+ // Execute checks.
25
+ if ( ! self::_check_theme_files() && ! self::_check_permalink_structure() ) {
26
+ return;
27
+ }
28
+
29
+ // Send notification.
30
+ self::_send_warning_notification(
31
+ esc_html__( 'Virus suspected', 'antivirus' ),
32
+ sprintf(
33
+ "%s\r\n%s",
34
+ esc_html__( 'The daily antivirus scan of your blog suggests alarm.', 'antivirus' ),
35
+ get_bloginfo( 'url' )
36
+ )
37
+ );
38
+
39
+ // Store alert in database.
40
+ self::_update_option(
41
+ 'cronjob_alert',
42
+ 1
43
+ );
44
+ }
45
+
46
+ /**
47
+ * Check the files of the currently activated theme.
48
+ *
49
+ * @return array|false Results array or false on failure.
50
+ */
51
+ public static function _check_theme_files() {
52
+ // Check if there are any files.
53
+ $files = self::_get_theme_files();
54
+ if ( ! $files ) {
55
+ return false;
56
+ }
57
+
58
+ $results = array();
59
+
60
+ // Loop through files.
61
+ foreach ( $files as $file ) {
62
+ $result = self::check_theme_file( $file );
63
+ if ( $result ) {
64
+ $results[ $file ] = $result;
65
+ }
66
+ }
67
+
68
+ // Return results if found.
69
+ if ( ! empty( $results ) ) {
70
+ return $results;
71
+ }
72
+
73
+ return false;
74
+ }
75
+
76
+ /**
77
+ * Check a single file.
78
+ *
79
+ * @param string $file File path.
80
+ *
81
+ * @return array|false Results array or false on failure.
82
+ */
83
+ public static function check_theme_file( $file ) {
84
+ // Simple file path check.
85
+ if ( filter_var( $file, FILTER_SANITIZE_URL ) !== $file ) {
86
+ return false;
87
+ }
88
+
89
+ // Sanitize file string.
90
+ if ( validate_file( $file ) !== 0 ) {
91
+ return false;
92
+ }
93
+
94
+ // No file?
95
+ if ( ! $file ) {
96
+ return false;
97
+ }
98
+
99
+ // Get file content.
100
+ $content = self::_get_file_content( $file );
101
+
102
+ if ( ! $content ) {
103
+ return false;
104
+ }
105
+
106
+ $results = array();
107
+
108
+ // Loop through lines.
109
+ foreach ( $content as $num => $line ) {
110
+ $result = self::_check_file_line( $line, $num );
111
+ if ( $result ) {
112
+ $results[ $num ] = $result;
113
+ }
114
+ }
115
+
116
+ // Return results if found.
117
+ if ( ! empty( $results ) ) {
118
+ return $results;
119
+ }
120
+
121
+ return false;
122
+ }
123
+
124
+ /**
125
+ * Check the permalink structure.
126
+ *
127
+ * @return array|false Results array or false on failure.
128
+ */
129
+ private static function _check_permalink_structure() {
130
+ $structure = get_option( 'permalink_structure' );
131
+
132
+ if ( ! $structure ) {
133
+ return false;
134
+ }
135
+
136
+ // Regex check.
137
+ preg_match_all(
138
+ self::_php_match_pattern(),
139
+ $structure,
140
+ $matches
141
+ );
142
+
143
+ // Save matches.
144
+ if ( $matches[1] ) {
145
+ return $matches[1];
146
+ }
147
+
148
+ return false;
149
+ }
150
+
151
+ /**
152
+ * Get the regular expression for all disallowed words/functions.
153
+ *
154
+ * @return string Regular expression.
155
+ */
156
+ private static function _php_match_pattern() {
157
+ return '/\b(assert|file_get_contents|curl_exec|popen|proc_open|unserialize|eval|base64_encode|base64_decode|create_function|exec|shell_exec|system|passthru|ob_get_contents|file|curl_init|readfile|fopen|fsockopen|pfsockopen|fclose|fread|file_put_contents)\b\s*?\(/';
158
+ }
159
+
160
+ /**
161
+ * Check a specific line number.
162
+ *
163
+ * @param string $line The line to check.
164
+ * @param int $num Line number.
165
+ *
166
+ * @return array|bool An array of matched lines or false on failure.
167
+ */
168
+ private static function _check_file_line( $line = '', $num ) {
169
+ // Trim value.
170
+ $line = trim( (string) $line );
171
+
172
+ // Make sure the values aren't empty.
173
+ if ( ! $line || ! isset( $num ) ) {
174
+ return false;
175
+ }
176
+
177
+ $results = array();
178
+ $output = array();
179
+
180
+ // Check if the regex matches.
181
+ preg_match_all(
182
+ self::_php_match_pattern(),
183
+ $line,
184
+ $matches
185
+ );
186
+
187
+ // Save matches.
188
+ if ( $matches[1] ) {
189
+ $results = $matches[1];
190
+ }
191
+
192
+ // Search for base64 encoded strings.
193
+ preg_match_all(
194
+ '/[\'\"\$\\ \/]*?([a-zA-Z0-9]{' . strlen( base64_encode( 'sergej + swetlana = love.' ) ) . ',})/', /* get length of my life ;) */
195
+ $line,
196
+ $matches
197
+ );
198
+
199
+ // Save matches.
200
+ if ( $matches[1] ) {
201
+ $results = array_merge( $results, $matches[1] );
202
+ }
203
+
204
+ // Look for frames.
205
+ preg_match_all(
206
+ '/<\s*?(i?frame)/',
207
+ $line,
208
+ $matches
209
+ );
210
+
211
+ // Save matches.
212
+ if ( $matches[1] ) {
213
+ $results = array_merge( $results, $matches[1] );
214
+ }
215
+
216
+ // Look for the MailPoet vulnerability.
217
+ preg_match_all(
218
+ '/explode\s?\(chr\s?\(\s?\(\d{3}\s?-\s?\d{3}\s?\)\s?\)\s?,/',
219
+ $line,
220
+ $matches
221
+ );
222
+
223
+ // Save matches.
224
+ if ( $matches[0] ) {
225
+ $results = array_merge( $results, $matches[0] );
226
+ }
227
+
228
+ // Look for `get_option` calls.
229
+ preg_match(
230
+ '/get_option\s*\(\s*[\'"](.*?)[\'"]\s*\)/',
231
+ $line,
232
+ $matches
233
+ );
234
+
235
+ // Check option.
236
+ if ( $matches && $matches[1] && self::_check_file_line( get_option( $matches[1] ), $num ) ) {
237
+ array_push( $results, 'get_option' );
238
+ }
239
+
240
+ if ( $results ) {
241
+ // Remove duplicates.
242
+ $results = array_unique( $results );
243
+
244
+ // Get whitelist.
245
+ $md5 = self::_get_white_list();
246
+
247
+ // Loop through results.
248
+ foreach ( $results as $tag ) {
249
+ $string = str_replace(
250
+ $tag,
251
+ '@span@' . $tag . '@/span@',
252
+ self::_get_dotted_line( $line, $tag )
253
+ );
254
+
255
+ // Add line to output if it's not on the whitelist.
256
+ if ( ! in_array( md5( $num . $string ), $md5 ) ) {
257
+ $output[] = $string;
258
+ }
259
+ }
260
+
261
+ return $output;
262
+ }
263
+
264
+ return false;
265
+ }
266
+
267
+ /**
268
+ * Get file contents
269
+ *
270
+ * @param string $file File path.
271
+ *
272
+ * @return array An array containing all the lines of the file.
273
+ */
274
+ private static function _get_file_content( $file ) {
275
+ return file( WP_CONTENT_DIR . $file );
276
+ }
277
+
278
+ /**
279
+ * Shorten a string, append ellipsis.
280
+ *
281
+ * @param string $line The line.
282
+ * @param string $tag The tag we're looking for.
283
+ * @param int $max Maximum number of chars on each side.
284
+ *
285
+ * @return string|false The shortened string or false on failure.
286
+ */
287
+ private static function _get_dotted_line( $line, $tag, $max = 100 ) {
288
+ // No values?
289
+ if ( ! $line || ! $tag ) {
290
+ return false;
291
+ }
292
+
293
+ // Return tag if it's higher than the maximum.
294
+ if ( strlen( $tag ) > $max ) {
295
+ return $tag;
296
+ }
297
+
298
+ // Get difference between the tag and the maximum.
299
+ $left = round( ( $max - strlen( $tag ) ) / 2 );
300
+
301
+ // Quote regular expression characters.
302
+ $tag = preg_quote( $tag );
303
+
304
+ // Shorten string on the right side.
305
+ $output = preg_replace(
306
+ '/(' . $tag . ')(.{' . $left . '}).{0,}$/',
307
+ '$1$2 ...',
308
+ $line
309
+ );
310
+
311
+ // Shorten string on the left side.
312
+ $output = preg_replace(
313
+ '/^.{0,}(.{' . $left . ',})(' . $tag . ')/',
314
+ '... $1$2',
315
+ $output
316
+ );
317
+
318
+ return $output;
319
+ }
320
+ }
inc/class-antivirus-checksumverifier.php ADDED
@@ -0,0 +1,175 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * AntiVirus: Checksum Verifier module.
4
+ *
5
+ * @package AntiVirus
6
+ * @subpackage ChecksumVerifier
7
+ */
8
+
9
+ // Quit.
10
+ defined( 'ABSPATH' ) || exit;
11
+
12
+
13
+ /**
14
+ * AntiVirus_ChecksumVerifier
15
+ *
16
+ * @since 1.4 Ported from "Checksum Verifier" plugin.
17
+ */
18
+ class AntiVirus_ChecksumVerifier extends AntiVirus {
19
+
20
+ /**
21
+ * Perform the check
22
+ */
23
+ public static function verify_files() {
24
+ // Get checksums via API.
25
+ $checksums = self::get_checksums();
26
+ if ( ! $checksums ) {
27
+ return;
28
+ }
29
+
30
+ // Loop files and match checksums.
31
+ $matches = self::match_checksums( $checksums );
32
+
33
+ if ( ! empty( $matches ) ) {
34
+ // Notification mail.
35
+ self::_send_warning_notification(
36
+ esc_html__( 'Checksum Verifier Alert', 'antivirus' ),
37
+ sprintf(
38
+ "%s:\r\n\r\n- %s",
39
+ esc_html__( 'Official checksums do not match for the following files', 'antivirus' ),
40
+ implode( "\r\n- ", $matches )
41
+ )
42
+ );
43
+
44
+ // Write to log.
45
+ if ( defined( 'WP_DEBUG_LOG' ) && WP_DEBUG_LOG ) {
46
+ error_log(
47
+ sprintf(
48
+ '%s: %s',
49
+ esc_html__( 'Checksums do not match for the following files', 'antivirus' ),
50
+ implode( ', ', $matches )
51
+ )
52
+ );
53
+ }
54
+ }
55
+ }
56
+
57
+
58
+ /**
59
+ * Get file checksums.
60
+ *
61
+ * @return array|boolean Checksums getting from API or FALSE on errors.
62
+ */
63
+ private static function get_checksums() {
64
+ // Blog information.
65
+ $version = get_bloginfo( 'version' );
66
+ $language = get_locale();
67
+
68
+ // Transient name.
69
+ $transient = sprintf(
70
+ 'checksums_%s',
71
+ base64_encode( $version . $language )
72
+ );
73
+
74
+ // Read from cache.
75
+ $checksums = get_site_transient( $transient );
76
+ if ( $checksums ) {
77
+ return $checksums;
78
+ }
79
+
80
+ // Start API request.
81
+ $response = wp_remote_get(
82
+ add_query_arg(
83
+ array(
84
+ 'version' => $version,
85
+ 'locale' => $language,
86
+ ),
87
+ 'https://api.wordpress.org/core/checksums/1.0/'
88
+ )
89
+ );
90
+
91
+ // Check response code.
92
+ if ( wp_remote_retrieve_response_code( $response ) !== 200 ) {
93
+ return false;
94
+ }
95
+
96
+ // JSON magic.
97
+ $json = json_decode(
98
+ wp_remote_retrieve_body( $response )
99
+ );
100
+
101
+ // Exit on JSON error.
102
+ if ( null === $json ) {
103
+ return false;
104
+ }
105
+
106
+ // Checksums exists?
107
+ if ( empty( $json->checksums ) ) {
108
+ return false;
109
+ }
110
+
111
+ // Eat it.
112
+ $checksums = $json->checksums;
113
+
114
+ // Save into the cache.
115
+ set_site_transient(
116
+ $transient,
117
+ $checksums,
118
+ DAY_IN_SECONDS
119
+ );
120
+
121
+ return $checksums;
122
+ }
123
+
124
+
125
+ /**
126
+ * Matching of MD5 hashes
127
+ *
128
+ * @param array $checksums File checksums.
129
+ *
130
+ * @return array File paths
131
+ *
132
+ * @hook array antivirus_checksum_verifier_ignore_files
133
+ */
134
+ private static function match_checksums( $checksums ) {
135
+ // Ignore files filter.
136
+ $ignore_files = (array) apply_filters(
137
+ 'antivirus_checksum_verifier_ignore_files',
138
+ array(
139
+ 'wp-config-sample.php',
140
+ 'wp-includes/version.php',
141
+ 'readme.html', // Default readme file.
142
+ 'readme-ja.html', // Japanese readme, shipped up to 3.9 (ja).
143
+ 'liesmich.html', // German readme (de_DE).
144
+ 'olvasdel.html', // Hungarian readme (hu_HU).
145
+ 'procitajme.html', // Croatian readme (hr).
146
+ )
147
+ );
148
+
149
+ // Init matches.
150
+ $matches = array();
151
+
152
+ // Loop files.
153
+ foreach ( $checksums as $file => $checksum ) {
154
+ // Skip ignored files and wp-content directory.
155
+ if ( 0 === strpos( $file, 'wp-content/' ) || in_array( $file, $ignore_files, true ) ) {
156
+ continue;
157
+ }
158
+
159
+ // File path.
160
+ $file_path = ABSPATH . $file;
161
+
162
+ // File check.
163
+ if ( 0 !== validate_file( $file_path ) || ! file_exists( $file_path ) ) {
164
+ continue;
165
+ }
166
+
167
+ // Compare MD5 hashes.
168
+ if ( md5_file( $file_path ) !== $checksum ) {
169
+ $matches[] = $file;
170
+ }
171
+ }
172
+
173
+ return $matches;
174
+ }
175
+ }
inc/class-antivirus-safebrowsing.php ADDED
@@ -0,0 +1,127 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * AntiVirus: Safe Browsing module.
4
+ *
5
+ * @package AntiVirus
6
+ * @subpackage SafeBrowsing
7
+ */
8
+
9
+ // Quit.
10
+ defined( 'ABSPATH' ) || exit;
11
+
12
+
13
+ /**
14
+ * AntiVirus_SafeBrowsing
15
+ *
16
+ * @since 1.4 Extracted from main class.
17
+ */
18
+ class AntiVirus_SafeBrowsing extends AntiVirus {
19
+
20
+ /**
21
+ * Pings the Safe Browsing API to see if the website is infected.
22
+ */
23
+ public static function check_safe_browsing() {
24
+ // Check if API key is provided in config.
25
+ $key = parent::_get_option( 'safe_browsing_key' );
26
+ $custom_key = true;
27
+ // Fallback to default key if not.
28
+ if ( empty( $key ) ) {
29
+ $key = 'AIzaSyCGHXUd7vQAySRLNiC5y1M_wzR2W0kCVKI';
30
+ $custom_key = false;
31
+ }
32
+
33
+ // Request the API.
34
+ $response = wp_remote_post(
35
+ sprintf(
36
+ 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=%s',
37
+ $key
38
+ ),
39
+ array(
40
+ 'headers' => array(
41
+ 'Content-Type' => 'application/json',
42
+ ),
43
+ 'body' => json_encode(
44
+ array(
45
+ 'client' => array(
46
+ 'clientId' => 'wpantivirus',
47
+ 'clientVersion' => '1.4.0',
48
+ ),
49
+ 'threatInfo' => array(
50
+ 'threatTypes' => array(
51
+ 'THREAT_TYPE_UNSPECIFIED',
52
+ 'MALWARE',
53
+ 'SOCIAL_ENGINEERING',
54
+ 'UNWANTED_SOFTWARE',
55
+ 'POTENTIALLY_HARMFUL_APPLICATION',
56
+ ),
57
+ 'platformTypes' => array( 'ANY_PLATFORM' ),
58
+ 'threatEntryTypes' => array( 'URL' ),
59
+ 'threatEntries' => array(
60
+ array( 'url' => urlencode( get_bloginfo( 'url' ) ) ),
61
+ ),
62
+ ),
63
+ )
64
+ ),
65
+ )
66
+ );
67
+
68
+ // API error?
69
+ if ( is_wp_error( $response ) ) {
70
+ return;
71
+ }
72
+
73
+ // Get the response code and JSON response of the API request.
74
+ $response_code = wp_remote_retrieve_response_code( $response );
75
+ $response_json = json_decode( wp_remote_retrieve_body( $response ), true );
76
+
77
+ if ( 200 === $response_code ) {
78
+ // Successful request.
79
+ if ( ! empty( $response_json ) ) {
80
+ // Send notification.
81
+ self::_send_warning_notification(
82
+ esc_html__( 'Safe Browsing Alert', 'antivirus' ),
83
+ sprintf(
84
+ "%s\r\nhttps://transparencyreport.google.com/safe-browsing/search?url=%s&hl=%s",
85
+ esc_html__( 'Google has found a problem on your page and probably listed it on a blacklist. It is likely that your website or your hosting account has been hacked and malware or phishing code was installed. We recommend to check your site. For more details please check the Google Safe Browsing diagnostic page:', 'antivirus' ),
86
+ urlencode( get_bloginfo( 'url' ) ),
87
+ substr( get_locale(), 0, 2 )
88
+ )
89
+ );
90
+ }
91
+ } elseif ( 400 === $response_code || 403 === $response_code ) {
92
+ // Invalid request (most likely invalid key) or expired/exceeded key.
93
+ $mail_body = sprintf(
94
+ "%s\r\n\r\n%s",
95
+ esc_html__( 'Checking yout site against the Google Safe Browsing API has failed.', 'antivirus' ),
96
+ esc_html__( 'This does not mean that your site has been infected, but that the status could not be determinined.', 'antivirus' )
97
+ );
98
+
99
+ // Add (sanitized) error message, if available.
100
+ if ( isset( $response_json['error']['message'] ) ) {
101
+ $mail_body .= sprintf(
102
+ "\r\n\r\n%s:\r\n %s\r\n",
103
+ esc_html__( 'Error message from API', 'antivirus' ),
104
+ filter_var( $response_json['error']['message'], FILTER_SANITIZE_STRING )
105
+ );
106
+ }
107
+
108
+ // Add advice to solve the problem, depending on the key (custom or default).
109
+ if ( $custom_key ) {
110
+ $mail_body .= sprintf(
111
+ "\r\n%s",
112
+ esc_html__( 'Please check if your API key is correct and its limit not exceeded. If everything is correct and the error persists for the next requests, please contact the Plugin support.', 'antivirus' )
113
+ );
114
+ } else {
115
+ $mail_body .= sprintf(
116
+ "\r\n%s",
117
+ esc_html__( 'This might be due to an exceeded rate limit on the shared API key. To ensure this does not happen please consider providing your own key using the Plugin settings page.', 'antivirus' )
118
+ );
119
+ }
120
+
121
+ self::_send_warning_notification(
122
+ esc_html__( 'Safe Browsing check failed', 'antivirus' ),
123
+ $mail_body
124
+ );
125
+ }
126
+ }
127
+ }
inc/class-antivirus.php ADDED
@@ -0,0 +1,824 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * AntiVirus: Main class.
4
+ *
5
+ * @package AntiVirus
6
+ */
7
+
8
+ // Quit.
9
+ defined( 'ABSPATH' ) || exit;
10
+
11
+
12
+ /**
13
+ * AntiVirus: Main plugin class.
14
+ */
15
+ class AntiVirus {
16
+ /**
17
+ * The basename of a plugin.
18
+ *
19
+ * @var string
20
+ */
21
+ private static $base;
22
+
23
+ /**
24
+ * Pseudo constructor.
25
+ *
26
+ * @deprecated Since 1.4, use init() instead.
27
+ * @see AntiVirus::init()
28
+ */
29
+ public static function instance() {
30
+ self::init();
31
+ }
32
+
33
+ /**
34
+ * Initialize the plugin.
35
+ *
36
+ * @since 1.4
37
+ */
38
+ public static function init() {
39
+ // Don't run during autosave or XML-RPC request.
40
+ if ( ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) || ( defined( 'XMLRPC_REQUEST' ) && XMLRPC_REQUEST ) ) {
41
+ return;
42
+ }
43
+
44
+ // Save the plugin basename.
45
+ self::$base = plugin_basename( ANTIVIRUS_FILE );
46
+
47
+ // Register the daily cronjob.
48
+ add_action( 'antivirus_daily_cronjob', array( __CLASS__, 'do_daily_cronjob' ) );
49
+
50
+ if ( is_admin() ) {
51
+ /* AJAX */
52
+ if ( defined( 'DOING_AJAX' ) ) {
53
+ add_action( 'wp_ajax_get_ajax_response', array( __CLASS__, 'get_ajax_response' ) );
54
+ } else {
55
+ /* Actions */
56
+ add_action( 'admin_menu', array( __CLASS__, 'add_sidebar_menu' ) );
57
+ add_action( 'admin_notices', array( __CLASS__, 'show_dashboard_notice' ) );
58
+ add_action( 'deactivate_' . self::$base, array( __CLASS__, 'clear_scheduled_hook' ) );
59
+ add_action( 'plugin_row_meta', array( __CLASS__, 'init_row_meta' ), 10, 2 );
60
+ add_action( 'plugin_action_links_' . self::$base, array( __CLASS__, 'init_action_links' ) );
61
+ }
62
+ }
63
+ }
64
+
65
+ /**
66
+ * Constructor.
67
+ *
68
+ * Should not be called directly,
69
+ *
70
+ * @deprecated Since 1.4, use init() instead.
71
+ * @see AntiVirus::init()
72
+ */
73
+ public function __construct() {
74
+ // Nothing to construct, just run the initialization for backwards compatibility.
75
+ self::init();
76
+ }
77
+
78
+ /**
79
+ * Adds a link to the plugin settings in the plugin list table.
80
+ *
81
+ * @param array $data Plugin action links.
82
+ *
83
+ * @return array The modified action links array.
84
+ */
85
+ public static function init_action_links( $data ) {
86
+ // Only add link if user has permissions to view them.
87
+ if ( ! current_user_can( 'manage_options' ) ) {
88
+ return $data;
89
+ }
90
+
91
+ return array_merge(
92
+ $data,
93
+ array(
94
+ sprintf(
95
+ '<a href="%s">%s</a>',
96
+ add_query_arg(
97
+ array(
98
+ 'page' => 'antivirus',
99
+ ),
100
+ admin_url( 'options-general.php' )
101
+ ),
102
+ __( 'Settings', 'antivirus' )
103
+ ),
104
+ )
105
+ );
106
+ }
107
+
108
+ /**
109
+ * Adds a donation link to the second row in the plugin list table.
110
+ *
111
+ * @param array $data Plugin links array.
112
+ * @param string $page The current row identifier.
113
+ *
114
+ * @return array The modified links array.
115
+ */
116
+ public static function init_row_meta( $data, $page ) {
117
+ if ( $page !== self::$base ) {
118
+ return $data;
119
+ }
120
+
121
+ return array_merge(
122
+ $data,
123
+ array(
124
+ '<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW" target="_blank" rel="noopener noreferrer">' . esc_html__( 'Donate', 'antivirus' ) . '</a>',
125
+ '<a href="https://wordpress.org/support/plugin/antivirus" target="_blank" rel="noopener noreferrer">' . esc_html__( 'Support', 'antivirus' ) . '</a>',
126
+ )
127
+ );
128
+ }
129
+
130
+ /**
131
+ * Plugin activation hook.
132
+ */
133
+ public static function activation() {
134
+ // Add default option.
135
+ add_option(
136
+ 'antivirus',
137
+ array(),
138
+ '',
139
+ 'no'
140
+ );
141
+
142
+ // Add cron schedule.
143
+ if ( self::_cron_enabled( self::_get_options() ) ) {
144
+ self::_add_scheduled_hook();
145
+ }
146
+ }
147
+
148
+ /**
149
+ * Plugin deactivation hook.
150
+ */
151
+ public static function deactivation() {
152
+ self::clear_scheduled_hook();
153
+ }
154
+
155
+ /**
156
+ * Plugin uninstall hook.
157
+ */
158
+ public static function uninstall() {
159
+ delete_option( 'antivirus' );
160
+ }
161
+
162
+ /**
163
+ * Get a plugin options array.
164
+ *
165
+ * @return array The options array.
166
+ * @since 1.4 Extracted from _get_option() for use with _cron_enabled().
167
+ */
168
+ private static function _get_options() {
169
+ return wp_parse_args(
170
+ get_option( 'antivirus' ),
171
+ array(
172
+ 'cronjob_enable' => 0,
173
+ 'cronjob_alert' => 0,
174
+ 'safe_browsing' => 0,
175
+ 'safe_browsing_key' => '',
176
+ 'checksum_verifier' => 0,
177
+ 'notify_email' => '',
178
+ 'white_list' => '',
179
+ )
180
+ );
181
+ }
182
+
183
+ /**
184
+ * Get a plugin option value.
185
+ *
186
+ * @param string $field Option name.
187
+ *
188
+ * @return string The option value.
189
+ */
190
+ protected static function _get_option( $field ) {
191
+ $options = self::_get_options();
192
+
193
+ return ( empty( $options[ $field ] ) ? '' : $options[ $field ] );
194
+ }
195
+
196
+ /**
197
+ * Update an option in the database.
198
+ *
199
+ * @param string $field The option name.
200
+ * @param string|int $value The option value.
201
+ */
202
+ protected static function _update_option( $field, $value ) {
203
+ self::_update_options(
204
+ array(
205
+ $field => $value,
206
+ )
207
+ );
208
+ }
209
+
210
+ /**
211
+ * Update multiple options in the database.
212
+ *
213
+ * @param array $data An associative array of option fields and values.
214
+ */
215
+ private static function _update_options( $data ) {
216
+ update_option(
217
+ 'antivirus',
218
+ array_merge(
219
+ (array) get_option( 'antivirus' ),
220
+ $data
221
+ )
222
+ );
223
+ }
224
+
225
+ /**
226
+ * Initialize the cronjob.
227
+ *
228
+ * Schedules the AntiVirus cronjob to run daily.
229
+ */
230
+ private static function _add_scheduled_hook() {
231
+ if ( ! wp_next_scheduled( 'antivirus_daily_cronjob' ) ) {
232
+ wp_schedule_event(
233
+ time(),
234
+ 'daily',
235
+ 'antivirus_daily_cronjob'
236
+ );
237
+ }
238
+ }
239
+
240
+ /**
241
+ * Is at least one cron check enabled?
242
+ *
243
+ * @param array $options Options wo perform the checks on.
244
+ *
245
+ * @return bool TRUE, if at least one check is enabled.
246
+ * @since 1.4
247
+ */
248
+ private static function _cron_enabled( $options ) {
249
+ return ( isset( $options['cronjob_enable'] ) && $options['cronjob_enable'] )
250
+ || ( isset( $options['safe_browsing'] ) && $options['safe_browsing'] )
251
+ || ( isset( $options['checksum_verifier'] ) && $options['checksum_verifier'] );
252
+ }
253
+
254
+ /**
255
+ * Cancel the daily cronjob.
256
+ */
257
+ public static function clear_scheduled_hook() {
258
+ if ( wp_next_scheduled( 'antivirus_daily_cronjob' ) ) {
259
+ wp_clear_scheduled_hook( 'antivirus_daily_cronjob' );
260
+ }
261
+ }
262
+
263
+ /**
264
+ * Cronjob callback.
265
+ */
266
+ public static function do_daily_cronjob() {
267
+ // Check the theme and permalinks.
268
+ if ( self::_get_option( 'cronjob_enable' ) ) {
269
+ AntiVirus_CheckInternals::check_blog_internals();
270
+ }
271
+
272
+ // Check the Safe Browsing API.
273
+ if ( self::_get_option( 'safe_browsing' ) ) {
274
+ AntiVirus_SafeBrowsing::check_safe_browsing();
275
+ }
276
+
277
+ // Check the theme and permalinks.
278
+ if ( self::_get_option( 'checksum_verifier' ) ) {
279
+ AntiVirus_ChecksumVerifier::verify_files();
280
+ }
281
+ }
282
+
283
+ /**
284
+ * Send a warning via email that something was detected.
285
+ *
286
+ * @param string $subject Subject of the notification email.
287
+ * @param string $body Email body.
288
+ */
289
+ protected static function _send_warning_notification( $subject, $body ) {
290
+ // Get recipient email address.
291
+ $email = self::_get_option( 'notify_email' );
292
+
293
+ // Get admin email address if nothing is stored.
294
+ if ( ! is_email( $email ) ) {
295
+ $email = get_bloginfo( 'admin_email' );
296
+ }
297
+
298
+ // Send email.
299
+ wp_mail(
300
+ $email,
301
+ sprintf(
302
+ '[%s] %s',
303
+ get_bloginfo( 'name' ),
304
+ $subject
305
+ ),
306
+ sprintf(
307
+ "%s\r\n\r\n\r\n%s\r\n%s\r\n",
308
+ $body,
309
+ esc_html__( 'Notify message by AntiVirus for WordPress', 'antivirus' ),
310
+ esc_html__( 'https://antivirus.pluginkollektiv.org', 'antivirus' )
311
+ )
312
+ );
313
+ }
314
+
315
+ /**
316
+ * Add sub menu page to the options main menu.
317
+ */
318
+ public static function add_sidebar_menu() {
319
+ $page = add_options_page(
320
+ __( 'AntiVirus', 'antivirus' ),
321
+ __( 'AntiVirus', 'antivirus' ),
322
+ 'manage_options',
323
+ 'antivirus',
324
+ array(
325
+ __CLASS__,
326
+ 'show_admin_menu',
327
+ )
328
+ );
329
+
330
+ add_action( 'admin_print_styles-' . $page, array( __CLASS__, 'add_enqueue_style' ) );
331
+ add_action( 'admin_print_scripts-' . $page, array( __CLASS__, 'add_enqueue_script' ) );
332
+ }
333
+
334
+ /**
335
+ * Enqueue our JavaScript.
336
+ */
337
+ public static function add_enqueue_script() {
338
+ // Get plugin data.
339
+ $data = get_plugin_data( ANTIVIRUS_FILE );
340
+
341
+ // Enqueue the JavaScript.
342
+ wp_enqueue_script(
343
+ 'av_script',
344
+ plugins_url( 'js/script.min.js', ANTIVIRUS_FILE ),
345
+ array( 'jquery' ),
346
+ $data['Version']
347
+ );
348
+
349
+ // Localize script data.
350
+ wp_localize_script(
351
+ 'av_script',
352
+ 'av_settings',
353
+ array(
354
+ 'nonce' => wp_create_nonce( 'av_ajax_nonce' ),
355
+ 'msg_1' => esc_js( __( 'Dismiss', 'antivirus' ) ),
356
+ 'msg_3' => esc_js( __( 'Scan finished', 'antivirus' ) ),
357
+ 'msg_4' => esc_js( __( 'Dismiss false positive virus detection', 'antivirus' ) ),
358
+ )
359
+ );
360
+ }
361
+
362
+ /**
363
+ * Enqueue our stylesheet.
364
+ */
365
+ public static function add_enqueue_style() {
366
+ // Get plugin data.
367
+ $data = get_plugin_data( ANTIVIRUS_FILE );
368
+
369
+ // Enqueue the stylesheet.
370
+ wp_enqueue_style(
371
+ 'av_css',
372
+ plugins_url( 'css/style.min.css', ANTIVIRUS_FILE ),
373
+ array(),
374
+ $data['Version']
375
+ );
376
+ }
377
+
378
+ /**
379
+ * Get the currently activated theme.
380
+ *
381
+ * @param WP_Theme|false $theme Theme to parse.
382
+ *
383
+ * @return array|false An array holding the theme data or false on failure.
384
+ *
385
+ * @since 1.4 Added $theme parameter.
386
+ */
387
+ private static function _get_theme_data( $theme ) {
388
+ // Break recursion if no valid (parent) theme is given.
389
+ if ( ! $theme ) {
390
+ return false;
391
+ }
392
+
393
+ // Extract data.
394
+ $name = $theme->get( 'Name' );
395
+ $slug = $theme->get_stylesheet();
396
+ $files = $theme->get_files( 'php', 1 );
397
+
398
+ // Append parent's data, if we got a child theme.
399
+ $parent = self::_get_theme_data( $theme->parent() );
400
+
401
+ // Return false if there are no files in current theme and no parent.
402
+ if ( empty( $files ) && ! $parent ) {
403
+ return false;
404
+ }
405
+
406
+ return array(
407
+ 'Name' => $name,
408
+ 'Slug' => $slug,
409
+ 'Template Files' => $files,
410
+ 'Parent' => $parent,
411
+ );
412
+ }
413
+
414
+ /**
415
+ * Get all the files belonging to the current theme.
416
+ *
417
+ * @return array|false Theme files or false on failure.
418
+ */
419
+ protected static function _get_theme_files() {
420
+ // Check if the theme exists.
421
+ $theme = self::_get_theme_data( wp_get_theme() );
422
+ if ( ! $theme ) {
423
+ return false;
424
+ }
425
+
426
+ $files = $theme['Template Files'];
427
+
428
+ // Append parent files, if available.
429
+ $parent = $theme['Parent'];
430
+ while ( false !== $parent ) {
431
+ $files = array_merge( $files, $parent['Template Files'] );
432
+ $parent = $parent['Parent'];
433
+ }
434
+
435
+ // Check its files.
436
+ if ( empty( $files ) ) {
437
+ return false;
438
+ }
439
+
440
+ // Returns the files, stripping out the content dir from the paths.
441
+ return array_unique(
442
+ array_map(
443
+ array( 'AntiVirus', '_strip_content_dir' ),
444
+ $files
445
+ )
446
+ );
447
+ }
448
+
449
+ /**
450
+ * Strip out the content dir from a path.
451
+ *
452
+ * @param string $string Path to strip from.
453
+ *
454
+ * @return string The stripped path.
455
+ */
456
+ private static function _strip_content_dir( $string ) {
457
+ return str_replace( array( WP_CONTENT_DIR, 'wp-content' ), '', $string );
458
+ }
459
+
460
+ /**
461
+ * Get the name of the currently activated theme.
462
+ *
463
+ * @return string|false The theme name or false on failure.
464
+ */
465
+ private static function _get_theme_name() {
466
+ $theme = self::_get_theme_data( wp_get_theme() );
467
+ if ( $theme ) {
468
+ if ( ! empty( $theme['Slug'] ) ) {
469
+ return $theme['Slug'];
470
+ }
471
+ if ( ! empty( $theme['Name'] ) ) {
472
+ return $theme['Name'];
473
+ }
474
+ }
475
+
476
+ return false;
477
+ }
478
+
479
+ /**
480
+ * Get the whitelist.
481
+ *
482
+ * @return array MD5 hashes of whitelisted files.
483
+ */
484
+ protected static function _get_white_list() {
485
+ return explode(
486
+ ':',
487
+ self::_get_option( 'white_list' )
488
+ );
489
+ }
490
+
491
+ /**
492
+ * Ajax response handler.
493
+ */
494
+ public static function get_ajax_response() {
495
+ // Check referer.
496
+ check_ajax_referer( 'av_ajax_nonce' );
497
+
498
+ // Check if there really is some data.
499
+ if ( empty( $_POST['_action_request'] ) ) {
500
+ exit();
501
+ }
502
+
503
+ // Check user permissions.
504
+ if ( ! current_user_can( 'manage_options' ) ) {
505
+ return;
506
+ }
507
+
508
+ $values = array();
509
+
510
+ // Get value based on request.
511
+ switch ( $_POST['_action_request'] ) {
512
+ case 'get_theme_files':
513
+ self::_update_option(
514
+ 'cronjob_alert',
515
+ 0
516
+ );
517
+
518
+ $values = self::_get_theme_files();
519
+ break;
520
+
521
+ case 'check_theme_file':
522
+ if ( ! empty( $_POST['_theme_file'] ) ) {
523
+ $theme_file = sanitize_file_name( wp_unslash( $_POST['_theme_file'] ) );
524
+ $lines = AntiVirus_CheckInternals::check_theme_file( $theme_file );
525
+ if ( $lines ) {
526
+ foreach ( $lines as $num => $line ) {
527
+ foreach ( $line as $string ) {
528
+ $values[] = $num;
529
+ $values[] = htmlentities( $string, ENT_QUOTES, 'UTF-8' );
530
+ $values[] = md5( $num . $string );
531
+ }
532
+ }
533
+ }
534
+ }
535
+ break;
536
+
537
+ case 'update_white_list':
538
+ if ( ! empty( $_POST['_file_md5'] ) ) {
539
+ $file_md5 = sanitize_text_field( wp_unslash( $_POST['_file_md5'] ) );
540
+ if ( preg_match( '/^[a-f0-9]{32}$/', $file_md5 ) ) {
541
+ self::_update_option(
542
+ 'white_list',
543
+ implode(
544
+ ':',
545
+ array_unique(
546
+ array_merge(
547
+ self::_get_white_list(),
548
+ array( $file_md5 )
549
+ )
550
+ )
551
+ )
552
+ );
553
+
554
+ $values = array( $file_md5 );
555
+ }
556
+ }
557
+ break;
558
+
559
+ default:
560
+ break;
561
+ }
562
+
563
+ // Send response.
564
+ if ( $values ) {
565
+ if ( isset( $_POST['_ajax_nonce'] ) ) {
566
+ $nonce = sanitize_text_field( wp_unslash( $_POST['_ajax_nonce'] ) );
567
+ } else {
568
+ $nonce = '';
569
+ }
570
+
571
+ wp_send_json(
572
+ array(
573
+ 'data' => array_values( $values ),
574
+ 'nonce' => $nonce,
575
+ )
576
+ );
577
+ }
578
+
579
+ exit();
580
+ }
581
+
582
+ /**
583
+ * Show notice on the dashboard.
584
+ */
585
+ public static function show_dashboard_notice() {
586
+ // Only show notice if there's an alert.
587
+ if ( ! self::_get_option( 'cronjob_alert' ) ) {
588
+ return;
589
+ }
590
+
591
+ // Display warning.
592
+ echo sprintf(
593
+ '<div class="error"><p><strong>%1$s:</strong> %2$s <a href="%3$s">%4$s &rarr;</a></p></div>',
594
+ esc_html__( 'Virus suspected', 'antivirus' ),
595
+ esc_html__( 'The daily antivirus scan of your blog suggests alarm.', 'antivirus' ),
596
+ esc_url(
597
+ add_query_arg(
598
+ array(
599
+ 'page' => 'antivirus',
600
+ ),
601
+ admin_url( 'options-general.php' )
602
+ )
603
+ ),
604
+ esc_html__( 'Manual malware scan', 'antivirus' )
605
+ );
606
+ }
607
+
608
+ /**
609
+ * Print the settings page.
610
+ */
611
+ public static function show_admin_menu() {
612
+ // Save updates.
613
+ if ( ! empty( $_POST ) ) {
614
+ // Check the referer.
615
+ check_admin_referer( 'antivirus' );
616
+
617
+ // Save values.
618
+ $options = array(
619
+ 'cronjob_enable' => (int) ( ! empty( $_POST['av_cronjob_enable'] ) ),
620
+ 'notify_email' => ( ! empty( $_POST['av_notify_email'] ) ) ? sanitize_email( wp_unslash( $_POST['av_notify_email'] ) ) : '',
621
+ 'safe_browsing' => (int) ( ! empty( $_POST['av_safe_browsing'] ) ),
622
+ 'safe_browsing_key' => ( ! empty( $_POST['av_safe_browsing_key'] ) ) ? sanitize_text_field( wp_unslash( $_POST['av_safe_browsing_key'] ) ) : '',
623
+ 'checksum_verifier' => (int) ( ! empty( $_POST['av_checksum_verifier'] ) ),
624
+ );
625
+
626
+ // No cronjob?
627
+ if ( ! self::_cron_enabled( $options ) ) {
628
+ $options['notify_email'] = '';
629
+ }
630
+
631
+ // No Safe Browsing?
632
+ if ( ! $options['safe_browsing'] ) {
633
+ $options['safe_browsing_key'] = '';
634
+ }
635
+
636
+ // Stop cron if it was disabled.
637
+ if ( self::_cron_enabled( $options ) && ! self::_cron_enabled( self::_get_options() ) ) {
638
+ self::_add_scheduled_hook();
639
+ } else if ( ! self::_cron_enabled( $options ) && self::_cron_enabled( self::_get_options() ) ) {
640
+ self::clear_scheduled_hook();
641
+ }
642
+
643
+ // Save options.
644
+ self::_update_options( $options ); ?>
645
+
646
+ <div id="message" class="notice notice-success">
647
+ <p>
648
+ <strong>
649
+ <?php esc_html_e( 'Settings saved.', 'antivirus' ); ?>
650
+ </strong>
651
+ </p>
652
+ </div>
653
+ <?php } ?>
654
+
655
+ <div class="wrap" id="av_main">
656
+ <h1>
657
+ <?php esc_html_e( 'AntiVirus', 'antivirus' ); ?>
658
+ </h1>
659
+
660
+ <table class="form-table">
661
+ <tr>
662
+ <th scope="row">
663
+ <?php esc_html_e( 'Manual malware scan', 'antivirus' ); ?>
664
+ </th>
665
+ <td>
666
+ <div class="inside" id="av_manual_scan">
667
+ <p>
668
+ <a href="#" class="button button-primary">
669
+ <?php esc_html_e( 'Scan the theme templates now', 'antivirus' ); ?>
670
+ </a>
671
+ <span class="alert"></span>
672
+ </p>
673
+
674
+ <div class="output"></div>
675
+ </div>
676
+ </td>
677
+ </tr>
678
+ </table>
679
+
680
+
681
+ <form id="av_settings" method="post" action="<?php echo esc_url( admin_url( 'options-general.php?page=antivirus' ) ); ?>">
682
+ <?php wp_nonce_field( 'antivirus' ); ?>
683
+
684
+ <table class="form-table">
685
+ <tr>
686
+ <th scope="row">
687
+ <?php esc_html_e( 'Daily malware scan', 'antivirus' ); ?>
688
+ </th>
689
+ <td>
690
+ <fieldset>
691
+ <label for="av_cronjob_enable">
692
+ <input type="checkbox" name="av_cronjob_enable" id="av_cronjob_enable"
693
+ value="1" <?php checked( self::_get_option( 'cronjob_enable' ), 1 ); ?> />
694
+ <?php esc_html_e( 'Check the theme templates for malware', 'antivirus' ); ?>
695
+ </label>
696
+
697
+ <p class="description">
698
+ <?php
699
+ $timestamp = wp_next_scheduled( 'antivirus_daily_cronjob' );
700
+ if ( $timestamp ) {
701
+ echo sprintf(
702
+ '%s: %s',
703
+ esc_html__( 'Next Run', 'antivirus' ),
704
+ esc_html( date_i18n( 'd.m.Y H:i:s', $timestamp + get_option( 'gmt_offset' ) * 3600 ) )
705
+ );
706
+ }
707
+ ?>
708
+ </p>
709
+ </fieldset>
710
+
711
+ <br/>
712
+
713
+ <fieldset>
714
+ <label for="av_safe_browsing">
715
+ <input type="checkbox" name="av_safe_browsing" id="av_safe_browsing"
716
+ value="1" <?php checked( self::_get_option( 'safe_browsing' ), 1 ); ?> />
717
+ <?php esc_html_e( 'Malware detection by Google Safe Browsing', 'antivirus' ); ?>
718
+ </label>
719
+
720
+ <p class="description">
721
+ <?php
722
+ /* translators: Link for transparency report in english */
723
+ $start_tag = sprintf( '<a href="%s">', esc_attr__( 'https://transparencyreport.google.com/safe-browsing/search?hl=en', 'antivirus' ) );
724
+ $end_tag = '</a>';
725
+ echo wp_kses(
726
+ /* translators: First placeholder (%s) starting link tag to transparency report, second placeholder closing link tag */
727
+ sprintf( __( 'Diagnosis and notification in suspicion case. For more details read %1$s the transparency report %2$s.', 'antivirus' ), $start_tag, $end_tag ),
728
+ array( 'a' => array( 'href' => array() ) )
729
+ );
730
+ ?>
731
+ </p>
732
+
733
+ <br/>
734
+
735
+ <label for="av_safe_browsing_key">
736
+ <?php esc_html_e( 'Safe Browsing API key', 'antivirus' ); ?>
737
+ </label>
738
+ <br/>
739
+ <input type="text" name="av_safe_browsing_key" id="av_safe_browsing_key"
740
+ value="<?php echo esc_attr( self::_get_option( 'safe_browsing_key' ) ); ?>" />
741
+
742
+ <p class="description">
743
+ <?php
744
+ esc_html_e( 'Provide a custom key for the Google Safe Browsing API (v4). If this value is left empty, a fallback will be used. However, to ensure valid results due to rate limitations, it is recommended to use your own key.', 'antivirus' );
745
+ ?>
746
+ </p>
747
+ </fieldset>
748
+
749
+ <br/>
750
+
751
+ <fieldset>
752
+ <label for="av_checksum_verifier">
753
+ <input type="checkbox" name="av_checksum_verifier" id="av_checksum_verifier"
754
+ value="1" <?php checked( self::_get_option( 'checksum_verifier' ), 1 ); ?> />
755
+ <?php esc_html_e( 'Checksum verification of WP core files', 'antivirus' ); ?>
756
+ </label>
757
+
758
+ <p class="description">
759
+ <?php
760
+ esc_html_e( 'Matches checksums of all WordPress core files against the values provided by the official API.', 'antivirus' );
761
+ ?>
762
+ </p>
763
+ </fieldset>
764
+
765
+ <br/>
766
+
767
+ <fieldset>
768
+ <label for="av_notify_email"><?php esc_html_e( 'Email address for notifications', 'antivirus' ); ?></label>
769
+ <input type="text" name="av_notify_email" id="av_notify_email"
770
+ value="<?php echo esc_attr( self::_get_option( 'notify_email' ) ); ?>"
771
+ class="regular-text"
772
+ placeholder="<?php esc_attr_e( 'Email address for notifications', 'antivirus' ); ?>" />
773
+
774
+ <p class="description">
775
+ <?php esc_html_e( 'If the field is empty, the blog admin will be notified', 'antivirus' ); ?>
776
+ </p>
777
+ </fieldset>
778
+ </td>
779
+ </tr>
780
+
781
+ <tr>
782
+ <th scope="row">
783
+ <input type="submit" class="button button-primary" value="<?php esc_attr_e( 'Save Changes', 'antivirus' ); ?>"/>
784
+ </th>
785
+ <td>
786
+ <?php
787
+ printf(
788
+ '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
789
+ 'https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TD4AMD2D8EMZW',
790
+ esc_html__( 'Donate', 'antivirus' )
791
+ );
792
+ ?>
793
+ &bull;
794
+ <?php
795
+ printf(
796
+ '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
797
+ esc_attr__( 'https://wordpress.org/plugins/antivirus/faq/', 'antivirus' ),
798
+ esc_html__( 'FAQ', 'antivirus' )
799
+ );
800
+ ?>
801
+ &bull;
802
+ <?php
803
+ printf(
804
+ '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
805
+ 'https://antivirus.pluginkollektiv.org/documentation/',
806
+ esc_html__( 'Documentation', 'antivirus' )
807
+ );
808
+ ?>
809
+ &bull;
810
+ <?php
811
+ printf(
812
+ '<a href="%s" target="_blank" rel="noopener noreferrer">%s</a>',
813
+ 'https://wordpress.org/support/plugin/antivirus',
814
+ esc_html__( 'Support', 'antivirus' )
815
+ );
816
+ ?>
817
+ </td>
818
+ </tr>
819
+ </table>
820
+ </form>
821
+ </div>
822
+ <?php
823
+ }
824
+ }
js/script.js CHANGED
@@ -1,180 +1,206 @@
1
- jQuery(document).ready(
2
- function($) {
3
- /* Init */
4
- av_nonce = av_settings.nonce;
5
- av_theme = av_settings.theme;
6
- av_msg_1 = av_settings.msg_1;
7
- av_msg_2 = av_settings.msg_2;
8
- av_msg_3 = av_settings.msg_3;
9
-
10
- /* Einzelne Datei prüfen */
11
- function check_theme_file(current) {
12
- /* ID umwandeln */
13
- var id = parseInt(current || 0);
14
-
15
- /* File ermitteln */
16
- var file = av_files[id];
17
-
18
- /* Request starten */
19
- $.post(
20
- ajaxurl,
21
- {
22
- 'action': 'get_ajax_response',
23
- '_ajax_nonce': av_nonce,
24
- '_theme_file': file,
25
- '_action_request': 'check_theme_file'
26
- },
27
- function(input) {
28
- /* Wert initialisieren */
29
- var item = $('#av_template_' + id);
30
-
31
- /* Daten vorhanden? */
32
- if ( input ) {
33
- /* Sicherheitscheck */
34
- if ( !input.nonce || input.nonce != av_nonce ) {
35
- return;
36
- }
37
-
38
- /* Farblich anpassen */
39
- item.addClass('danger');
40
-
41
- /* Init */
42
- var i,
43
- lines = input.data,
44
- len = lines.length;
45
-
46
- /* Zeilen loopen */
47
- for (i = 0; i < len; i = i + 3) {
48
- var num = parseInt(lines[i]) + 1,
49
- md5 = lines[i + 2],
50
- line = lines[i + 1].replace(/@span@/g, '<span>').replace(/@\/span@/g, '</span>'),
51
- file = item.text();
52
-
53
- item.append('<p><a href="#" id="' + md5 + '">' + av_msg_1 + '</a> <code>' + line + '</code></p>');
54
-
55
- $('#' + md5).click(
56
- function() {
57
- $.post(
58
- ajaxurl,
59
- {
60
- 'action': 'get_ajax_response',
61
- '_ajax_nonce': av_nonce,
62
- '_file_md5': $(this).attr('id'),
63
- '_action_request': 'update_white_list'
64
- },
65
- function(input) {
66
- /* Keine Daten? */
67
- if (!input) {
68
- return;
69
- }
70
-
71
- /* Sicherheitscheck */
72
- if (!input.nonce || input.nonce != av_nonce) {
73
- return;
74
- }
75
-
76
- var parent = $('#' + input.data[0]).parent();
77
-
78
- if (parent.parent().children().length <= 1) {
79
- parent.parent().hide('slow').remove();
80
- }
81
- parent.hide('slow').remove();
82
- }
83
- );
84
-
85
- return false;
86
- }
87
- );
88
- }
89
- } else {
90
- item.addClass('done');
91
- }
92
-
93
- /* Counter erhöhen */
94
- av_files_loaded ++;
95
-
96
- /* Hinweis ausgeben */
97
- if ( av_files_loaded >= av_files_total ) {
98
- $('#av_manual_scan .alert').text(av_msg_3).fadeIn().fadeOut().fadeIn().fadeOut().fadeIn().animate({opacity: 1.0}, 500).fadeOut(
99
- 'slow',
100
- function() {
101
- $(this).empty();
102
- }
103
- );
104
- } else {
105
- check_theme_file(id + 1);
106
- }
107
- }
108
- );
109
- }
110
-
111
- /* Tempates Check */
112
- $('#av_manual_scan a.button').click(
113
- function() {
114
- /* Request */
115
- $.post(
116
- ajaxurl,
117
- {
118
- action: 'get_ajax_response',
119
- _ajax_nonce: av_nonce,
120
- _action_request: 'get_theme_files'
121
- },
122
- function(input) {
123
- /* Keine Daten? */
124
- if ( !input ) {
125
- return;
126
- }
127
-
128
- /* Sicherheitscheck */
129
- if ( !input.nonce || input.nonce != av_nonce ) {
130
- return;
131
- }
132
-
133
- /* Wert initialisieren */
134
- var output = '';
135
-
136
- /* Globale Werte */
137
- av_files = input.data;
138
- av_files_total = av_files.length;
139
- av_files_loaded = 0;
140
-
141
- /* Files visualisieren */
142
- jQuery.each(
143
- av_files,
144
- function(i, val) {
145
- output += '<div id="av_template_' + i + '">' + val + '</div>';
146
- }
147
- );
148
-
149
- /* Werte zuweisen */
150
- $('#av_manual_scan .alert').empty();
151
- $('#av_manual_scan .output').empty().append(output);
152
-
153
- /* Files loopen */
154
- check_theme_file();
155
- }
156
- );
157
-
158
- return false;
159
- }
160
- );
161
-
162
- /* Checkboxen markieren */
163
- function manage_options() {
164
- var $$ = $('#av_cronjob_enable'),
165
- input = $$.parents('fieldset').find(':text, :checkbox').not($$);
166
-
167
- if ( typeof $.fn.prop === 'function' ) {
168
- input.prop('disabled', !$$.prop('checked'));
169
- } else {
170
- input.attr('disabled', !$$.attr('checked'));
171
- }
172
- }
173
-
174
- /* Checkbox überwachen */
175
- $('#av_cronjob_enable').click(manage_options);
176
-
177
- /* Fire! */
178
- manage_options();
179
- }
180
- );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ jQuery( document ).ready(
2
+ function( $ ) {
3
+ // Initialize.
4
+ var avNonce = av_settings.nonce;
5
+ var avMsg1 = av_settings.msg_1;
6
+ var avMsg3 = av_settings.msg_3;
7
+ var avMsg4 = av_settings.msg_4;
8
+ var avFiles = [];
9
+ var avFilesLoaded;
10
+
11
+ /**
12
+ * Scan a single file.
13
+ *
14
+ * @param {number} current File index to scan.
15
+ */
16
+ function checkThemeFile( current ) {
17
+ // Sanitize ID.
18
+ var id = parseInt( current || 0 );
19
+
20
+ // Get corresponding file.
21
+ var file = avFiles[id];
22
+
23
+ // Issue the request.
24
+ $.post(
25
+ ajaxurl,
26
+ {
27
+ action: 'get_ajax_response',
28
+ _ajax_nonce: avNonce,
29
+ _theme_file: file,
30
+ _action_request: 'check_theme_file',
31
+ },
32
+ function( input ) {
33
+ // Initialize value.
34
+ var item = $( '#av_template_' + id );
35
+ var i;
36
+ var lines;
37
+ var line;
38
+ var md5;
39
+
40
+ // Data present?
41
+ if ( input ) {
42
+ /* Sicherheitscheck */
43
+ if ( ! input.nonce || input.nonce !== avNonce ) {
44
+ return;
45
+ }
46
+
47
+ // Set highlighting color.
48
+ item.addClass( 'danger' );
49
+
50
+ // Initialize lines of current file.
51
+ lines = input.data;
52
+
53
+ // Loop through lines.
54
+ for ( i = 0; i < lines.length; i = i + 3 ) {
55
+ md5 = lines[i + 2];
56
+ line = lines[i + 1].replace( /@span@/g, '<span>' ).replace( /@\/span@/g, '</span>' );
57
+
58
+ item.append( '<p><a href="#" id="' + md5 + '" class="button" title="' + avMsg4 + '">' + avMsg1 + '</a> <code>' + line + '</code></p>' );
59
+
60
+ $( '#' + md5 ).click(
61
+ function() {
62
+ $.post(
63
+ ajaxurl,
64
+ {
65
+ action: 'get_ajax_response',
66
+ _ajax_nonce: avNonce,
67
+ _file_md5: $( this ).attr( 'id' ),
68
+ _action_request: 'update_white_list',
69
+ },
70
+ function( res ) {
71
+ var parent;
72
+
73
+ // No data received?
74
+ if ( ! res ) {
75
+ return;
76
+ }
77
+
78
+ // Security check.
79
+ if ( ! res.nonce || res.nonce !== avNonce ) {
80
+ return;
81
+ }
82
+
83
+ parent = $( '#' + res.data[0] ).parent();
84
+
85
+ if ( parent.parent().children().length <= 1 ) {
86
+ parent.parent().hide( 'slow' ).remove();
87
+ }
88
+ parent.hide( 'slow' ).remove();
89
+ }
90
+ );
91
+
92
+ return false;
93
+ }
94
+ );
95
+ }
96
+ } else {
97
+ item.addClass( 'done' );
98
+ }
99
+
100
+ // Increment counter.
101
+ avFilesLoaded++;
102
+
103
+ // Output notification.
104
+ if ( avFilesLoaded >= avFiles.length ) {
105
+ $( '#av_manual_scan .alert' ).text( avMsg3 ).fadeIn().fadeOut().fadeIn().fadeOut().fadeIn().animate( { opacity: 1.0 }, 500 ).fadeOut(
106
+ 'slow',
107
+ function() {
108
+ $( this ).empty();
109
+ }
110
+ );
111
+ } else {
112
+ checkThemeFile( id + 1 );
113
+ }
114
+ }
115
+ );
116
+ }
117
+
118
+ // Check templates.
119
+ $( '#av_manual_scan a.button' ).click(
120
+ function() {
121
+ // Request.
122
+ $.post(
123
+ ajaxurl,
124
+ {
125
+ action: 'get_ajax_response',
126
+ _ajax_nonce: avNonce,
127
+ _action_request: 'get_theme_files',
128
+ },
129
+ function( input ) {
130
+ // Initialize output value.
131
+ var output = '';
132
+
133
+ // No data received?
134
+ if ( ! input ) {
135
+ return;
136
+ }
137
+
138
+ // Security check.
139
+ if ( ! input.nonce || input.nonce !== avNonce ) {
140
+ return;
141
+ }
142
+
143
+ // Update global values.
144
+ avFiles = input.data;
145
+ avFilesLoaded = 0;
146
+
147
+ // Visualize files.
148
+ jQuery.each(
149
+ avFiles,
150
+ function( i, val ) {
151
+ output += '<div id="av_template_' + i + '">' + val + '</div>';
152
+ }
153
+ );
154
+
155
+ // assign values.
156
+ $( '#av_manual_scan .alert' ).empty();
157
+ $( '#av_manual_scan .output' ).empty().append( output );
158
+
159
+ // Start loop through files.
160
+ checkThemeFile();
161
+ }
162
+ );
163
+
164
+ return false;
165
+ }
166
+ );
167
+
168
+ /**
169
+ * Manage dependent option inputs.
170
+ */
171
+ function manageOptions( ) {
172
+ var cbSelectors = [ '#av_cronjob_enable', '#av_safe_browsing', '#av_checksum_verifier' ];
173
+ var anyEnabled = false;
174
+
175
+ cbSelectors.forEach( function( c ) {
176
+ var cb = $( c );
177
+ var inputs = cb.parents( 'fieldset' ).find( ':text, :checkbox' ).not( cb );
178
+ var enabled;
179
+
180
+ // Disable all other inputs of current fieldset, if unchecked.
181
+ if ( typeof $.fn.prop === 'function' ) {
182
+ enabled = !! cb.prop( 'checked' );
183
+ inputs.prop( 'disabled', ! enabled );
184
+ } else {
185
+ enabled = !! cb.attr( 'checked' );
186
+ inputs.attr( 'disabled', ! enabled );
187
+ }
188
+
189
+ anyEnabled = anyEnabled || enabled;
190
+ } );
191
+
192
+ // Enable email notification if any module is enabled.
193
+ if ( typeof $.fn.prop === 'function' ) {
194
+ $( '#av_notify_email' ).prop( 'disabled', ! anyEnabled );
195
+ } else {
196
+ $( '#av_notify_email' ).attr( 'disabled', ! anyEnabled );
197
+ }
198
+ }
199
+
200
+ // Watch checkboxes.
201
+ $( '#av_settings input[type=checkbox]' ).click( manageOptions );
202
+
203
+ // Handle initial checkbox values.
204
+ manageOptions();
205
+ }
206
+ );
js/script.min.js CHANGED
@@ -1 +1,11 @@
1
- jQuery(document).ready(function(l){function e(){var e=l("#av_cronjob_enable"),a=e.parents("fieldset").find(":text, :checkbox").not(e);"function"==typeof l.fn.prop?a.prop("disabled",!e.prop("checked")):a.attr("disabled",!e.attr("checked"))}av_nonce=av_settings.nonce,av_theme=av_settings.theme,av_msg_1=av_settings.msg_1,av_msg_2=av_settings.msg_2,av_msg_3=av_settings.msg_3,l("#av_manual_scan a.button").click(function(){return l.post(ajaxurl,{action:"get_ajax_response",_ajax_nonce:av_nonce,_action_request:"get_theme_files"},function(e){if(e&&e.nonce&&e.nonce==av_nonce){var n="";av_files=e.data,av_files_total=av_files.length,av_files_loaded=0,jQuery.each(av_files,function(e,a){n+='<div id="av_template_'+e+'">'+a+"</div>"}),l("#av_manual_scan .alert").empty(),l("#av_manual_scan .output").empty().append(n),function c(e){var i=parseInt(e||0),a=av_files[i];l.post(ajaxurl,{action:"get_ajax_response",_ajax_nonce:av_nonce,_theme_file:a,_action_request:"check_theme_file"},function(e){var a=l("#av_template_"+i);if(e){if(!e.nonce||e.nonce!=av_nonce)return;a.addClass("danger");var n,t=e.data,_=t.length;for(n=0;n<_;n+=3){parseInt(t[n]);var o=t[n+2],s=t[n+1].replace(/@span@/g,"<span>").replace(/@\/span@/g,"</span>");a.text(),a.append('<p><a href="#" id="'+o+'">'+av_msg_1+"</a> <code>"+s+"</code></p>"),l("#"+o).click(function(){return l.post(ajaxurl,{action:"get_ajax_response",_ajax_nonce:av_nonce,_file_md5:l(this).attr("id"),_action_request:"update_white_list"},function(e){if(e&&e.nonce&&e.nonce==av_nonce){var a=l("#"+e.data[0]).parent();a.parent().children().length<=1&&a.parent().hide("slow").remove(),a.hide("slow").remove()}}),!1})}}else a.addClass("done");av_files_loaded++,av_files_loaded>=av_files_total?l("#av_manual_scan .alert").text(av_msg_3).fadeIn().fadeOut().fadeIn().fadeOut().fadeIn().animate({opacity:1},500).fadeOut("slow",function(){l(this).empty()}):c(i+1)})}()}}),!1}),l("#av_cronjob_enable").click(e),e()});
 
 
 
 
 
 
 
 
 
 
1
+ jQuery(document).ready(function($){var avNonce=av_settings.nonce;var avMsg1=av_settings.msg_1;var avMsg3=av_settings.msg_3;var avMsg4=av_settings.msg_4;var avFiles=[];var avFilesLoaded;function checkThemeFile(current){var id=parseInt(current||0);var file=avFiles[id];$.post(ajaxurl,{action:'get_ajax_response',_ajax_nonce:avNonce,_theme_file:file,_action_request:'check_theme_file',},function(input){var item=$('#av_template_'+id);var i;var lines;var line;var md5;if(input){if(!input.nonce||input.nonce!==avNonce){return}
2
+ item.addClass('danger');lines=input.data;for(i=0;i<lines.length;i=i+3){md5=lines[i+2];line=lines[i+1].replace(/@span@/g,'<span>').replace(/@\/span@/g,'</span>');item.append('<p><a href="#" id="'+md5+'" class="button" title="'+avMsg4+'">'+avMsg1+'</a> <code>'+line+'</code></p>');$('#'+md5).click(function(){$.post(ajaxurl,{action:'get_ajax_response',_ajax_nonce:avNonce,_file_md5:$(this).attr('id'),_action_request:'update_white_list',},function(res){var parent;if(!res){return}
3
+ if(!res.nonce||res.nonce!==avNonce){return}
4
+ parent=$('#'+res.data[0]).parent();if(parent.parent().children().length<=1){parent.parent().hide('slow').remove()}
5
+ parent.hide('slow').remove()});return!1})}}else{item.addClass('done')}
6
+ avFilesLoaded++;if(avFilesLoaded>=avFiles.length){$('#av_manual_scan .alert').text(avMsg3).fadeIn().fadeOut().fadeIn().fadeOut().fadeIn().animate({opacity:1.0},500).fadeOut('slow',function(){$(this).empty()})}else{checkThemeFile(id+1)}})}
7
+ $('#av_manual_scan a.button').click(function(){$.post(ajaxurl,{action:'get_ajax_response',_ajax_nonce:avNonce,_action_request:'get_theme_files',},function(input){var output='';if(!input){return}
8
+ if(!input.nonce||input.nonce!==avNonce){return}
9
+ avFiles=input.data;avFilesLoaded=0;jQuery.each(avFiles,function(i,val){output+='<div id="av_template_'+i+'">'+val+'</div>'});$('#av_manual_scan .alert').empty();$('#av_manual_scan .output').empty().append(output);checkThemeFile()});return!1});function manageOptions(){var cbSelectors=['#av_cronjob_enable','#av_safe_browsing','#av_checksum_verifier'];var anyEnabled=!1;cbSelectors.forEach(function(c){var cb=$(c);var inputs=cb.parents('fieldset').find(':text, :checkbox').not(cb);var enabled;if(typeof $.fn.prop==='function'){enabled=!!cb.prop('checked');inputs.prop('disabled',!enabled)}else{enabled=!!cb.attr('checked');inputs.attr('disabled',!enabled)}
10
+ anyEnabled=anyEnabled||enabled});if(typeof $.fn.prop==='function'){$('#av_notify_email').prop('disabled',!anyEnabled)}else{$('#av_notify_email').attr('disabled',!anyEnabled)}}
11
+ $('#av_settings input[type=checkbox]').click(manageOptions);manageOptions()})