WordPress Backup & Security Plugin – BlogVault - Version 4.2

Version Description

  • Firewall in prepend mode
  • Robust Firewall and Login protection
  • Robust write callbacks
  • Without FTP cleanup and restore support
Download this release

Release Info

Developer ritesh.soni36
Plugin Icon 128x128 WordPress Backup & Security Plugin – BlogVault
Version 4.2
Comparing to
See all releases

Code changes from version 3.4 to 4.2

Files changed (41) hide show
  1. account.php +8 -2
  2. blogvault.php +22 -18
  3. callback/handler.php +14 -17
  4. callback/request.php +2 -2
  5. callback/wings/account.php +3 -2
  6. callback/wings/db.php +11 -4
  7. callback/wings/fs.php +53 -0
  8. callback/wings/fs_write.php +453 -0
  9. callback/wings/fw.php +0 -62
  10. callback/wings/info.php +46 -42
  11. callback/wings/ipstore.php +3 -4
  12. callback/wings/lp.php +0 -74
  13. callback/wings/misc.php +4 -16
  14. callback/wings/protect.php +66 -23
  15. callback/wings/{monit.php → watch.php} +62 -9
  16. info.php +24 -7
  17. protect/base.php +29 -0
  18. protect/fw/config.php +117 -0
  19. protect/fw/fw.php +347 -0
  20. protect/{wp_fw → fw}/request.php +21 -43
  21. protect/prepend/ignitor.php +9 -0
  22. protect/prepend/info.php +17 -0
  23. protect/prepend/ipstore.php +49 -0
  24. protect/prepend/logger.php +20 -0
  25. protect/prepend/protect.php +76 -0
  26. protect/protect.php +0 -58
  27. protect/{ipstore.php → wp/ipstore.php} +17 -0
  28. protect/{logger.php → wp/logger.php} +0 -0
  29. protect/wp/lp/config.php +25 -0
  30. protect/{wp_lp → wp/lp}/lp.php +12 -13
  31. protect/wp/protect.php +75 -0
  32. protect/wp_fw/config.php +0 -251
  33. protect/wp_fw/fw.php +0 -597
  34. protect/wp_lp/config.php +0 -82
  35. readme.txt +8 -2
  36. recover.php +1 -1
  37. wp_actions.php +1 -2
  38. wp_admin.php +16 -3
  39. wp_api.php +11 -8
  40. wp_db.php +15 -1
  41. wp_site_info.php +13 -3
account.php CHANGED
@@ -42,6 +42,10 @@ if (!class_exists('BVAccount')) :
42
  return $str;
43
  }
44
 
 
 
 
 
45
  public static function apiPublicAccount($settings) {
46
  $pubkey = $settings->getOption(self::$api_public_key);
47
  return self::find($settings, $pubkey);
@@ -98,6 +102,7 @@ if (!class_exists('BVAccount')) :
98
  }
99
 
100
  public function newAuthParams($version) {
 
101
  $args = array();
102
  $time = time();
103
  $sig = sha1($this->public.$this->secret.$time.$version);
@@ -106,6 +111,7 @@ if (!class_exists('BVAccount')) :
106
  $args['bvPublic'] = $this->public;
107
  $args['bvVersion'] = $version;
108
  $args['sha1'] = '1';
 
109
  return $args;
110
  }
111
 
@@ -118,7 +124,7 @@ if (!class_exists('BVAccount')) :
118
  self::update($settings, $accounts);
119
  }
120
 
121
- public function respInfo() {
122
  return array(
123
  "public" => substr($this->public, 0, 6),
124
  "sigmatch" => substr($this->sig_match, 0, 6)
@@ -179,4 +185,4 @@ if (!class_exists('BVAccount')) :
179
  return array_key_exists($pubkey, $accounts);
180
  }
181
  }
182
- endif;
42
  return $str;
43
  }
44
 
45
+ public static function sanitizeKey($key) {
46
+ return preg_replace('/[^a-zA-Z0-9_\-]/', '', $key);
47
+ }
48
+
49
  public static function apiPublicAccount($settings) {
50
  $pubkey = $settings->getOption(self::$api_public_key);
51
  return self::find($settings, $pubkey);
102
  }
103
 
104
  public function newAuthParams($version) {
105
+ $bvinfo = new BVInfo($settings);
106
  $args = array();
107
  $time = time();
108
  $sig = sha1($this->public.$this->secret.$time.$version);
111
  $args['bvPublic'] = $this->public;
112
  $args['bvVersion'] = $version;
113
  $args['sha1'] = '1';
114
+ $args['plugname'] = $bvinfo->plugname;
115
  return $args;
116
  }
117
 
124
  self::update($settings, $accounts);
125
  }
126
 
127
+ public function info() {
128
  return array(
129
  "public" => substr($this->public, 0, 6),
130
  "sigmatch" => substr($this->sig_match, 0, 6)
185
  return array_key_exists($pubkey, $accounts);
186
  }
187
  }
188
+ endif;
blogvault.php CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://blogvault.net
5
  Description: Easiest way to backup & secure your WordPress site
6
  Author: Backup by BlogVault
7
  Author URI: https://blogvault.net
8
- Version: 3.4
9
  Network: True
10
  */
11
 
@@ -28,6 +28,7 @@ Network: True
28
  /* Global response array */
29
 
30
  if (!defined('ABSPATH')) exit;
 
31
  require_once dirname( __FILE__ ) . '/wp_settings.php';
32
  require_once dirname( __FILE__ ) . '/wp_site_info.php';
33
  require_once dirname( __FILE__ ) . '/wp_db.php';
@@ -55,7 +56,7 @@ add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
55
  ##WPCLIMODULE##
56
  if (is_admin()) {
57
  require_once dirname( __FILE__ ) . '/wp_admin.php';
58
- $wpadmin = new BVWPAdmin($bvsettings, $bvsiteinfo);
59
  add_action('admin_init', array($wpadmin, 'initHandler'));
60
  add_filter('all_plugins', array($wpadmin, 'initBranding'));
61
  add_filter('plugin_row_meta', array($wpadmin, 'hidePluginDetails'), 10, 2);
@@ -65,6 +66,7 @@ if (is_admin()) {
65
  add_action('admin_menu', array($wpadmin, 'menu'));
66
  }
67
  add_filter('plugin_action_links', array($wpadmin, 'settingsLink'), 10, 2);
 
68
  add_action('admin_notices', array($wpadmin, 'activateWarning'));
69
  ##ADMINENQUEUESCRIPTS##
70
  }
@@ -80,7 +82,7 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
80
  require_once dirname( __FILE__ ) . '/callback/request.php';
81
  require_once dirname( __FILE__ ) . '/recover.php';
82
 
83
- $pubkey = $_REQUEST['pubkey'];
84
 
85
  if (array_key_exists('rcvracc', $_REQUEST)) {
86
  $account = BVRecover::find($bvsettings, $pubkey);
@@ -92,13 +94,16 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
92
  $response = new BVCallbackResponse($request->bvb64cksize);
93
 
94
  if ($account && (1 === $account->authenticate($request))) {
 
 
 
95
  require_once dirname( __FILE__ ) . '/callback/handler.php';
96
  $params = $request->processParams($_REQUEST);
97
  if ($params === false) {
98
  $resp = array(
99
- "account_info" => $account->respInfo(),
100
- "request_info" => $request->respInfo(),
101
- "bvinfo" => $bvinfo->respInfo(),
102
  "statusmsg" => "BVPRMS_CORRUPTED"
103
  );
104
  $response->terminate($resp);
@@ -115,9 +120,9 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
115
  }
116
  } else {
117
  $resp = array(
118
- "account_info" => $account ? $account->respInfo() : array("error" => "ACCOUNT_NOT_FOUND"),
119
- "request_info" => $request->respInfo(),
120
- "bvinfo" => $bvinfo->respInfo(),
121
  "statusmsg" => "FAILED_AUTH",
122
  "api_pubkey" => substr(BVAccount::getApiPublicKey($bvsettings), 0, 8),
123
  "def_sigmatch" => substr(BVAccount::getSigMatch($request, BVRecover::getDefaultSecret($bvsettings)), 0, 8)
@@ -126,16 +131,15 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
126
  }
127
  } else {
128
  if ($bvinfo->isProtectModuleEnabled()) {
129
- require_once dirname( __FILE__ ) . '/protect/protect.php';
130
- require_once dirname( __FILE__ ) . '/protect/ipstore.php';
131
- $bvprotect = new BVProtect($bvdb, $bvsettings);
132
- $bvprotect->init();
133
- }
134
 
135
  if ($bvinfo->isDynSyncModuleEnabled()) {
136
- require_once dirname( __FILE__ ) . '/wp_dynsync.php';
137
- $dynsync = new BVWPDynSync($bvdb, $bvsettings);
138
- $dynsync->init();
139
- }
140
 
141
  }
5
  Description: Easiest way to backup & secure your WordPress site
6
  Author: Backup by BlogVault
7
  Author URI: https://blogvault.net
8
+ Version: 4.2
9
  Network: True
10
  */
11
 
28
  /* Global response array */
29
 
30
  if (!defined('ABSPATH')) exit;
31
+
32
  require_once dirname( __FILE__ ) . '/wp_settings.php';
33
  require_once dirname( __FILE__ ) . '/wp_site_info.php';
34
  require_once dirname( __FILE__ ) . '/wp_db.php';
56
  ##WPCLIMODULE##
57
  if (is_admin()) {
58
  require_once dirname( __FILE__ ) . '/wp_admin.php';
59
+ $wpadmin = new BVWPAdmin($bvsettings, $bvsiteinfo, $bvapi);
60
  add_action('admin_init', array($wpadmin, 'initHandler'));
61
  add_filter('all_plugins', array($wpadmin, 'initBranding'));
62
  add_filter('plugin_row_meta', array($wpadmin, 'hidePluginDetails'), 10, 2);
66
  add_action('admin_menu', array($wpadmin, 'menu'));
67
  }
68
  add_filter('plugin_action_links', array($wpadmin, 'settingsLink'), 10, 2);
69
+ add_action('admin_head', array($wpadmin, 'removeAdminNotices'), 3);
70
  add_action('admin_notices', array($wpadmin, 'activateWarning'));
71
  ##ADMINENQUEUESCRIPTS##
72
  }
82
  require_once dirname( __FILE__ ) . '/callback/request.php';
83
  require_once dirname( __FILE__ ) . '/recover.php';
84
 
85
+ $pubkey = BVAccount::sanitizeKey($_REQUEST['pubkey']);
86
 
87
  if (array_key_exists('rcvracc', $_REQUEST)) {
88
  $account = BVRecover::find($bvsettings, $pubkey);
94
  $response = new BVCallbackResponse($request->bvb64cksize);
95
 
96
  if ($account && (1 === $account->authenticate($request))) {
97
+ define('BVBASEPATH', plugin_dir_path(__FILE__));
98
+
99
+
100
  require_once dirname( __FILE__ ) . '/callback/handler.php';
101
  $params = $request->processParams($_REQUEST);
102
  if ($params === false) {
103
  $resp = array(
104
+ "account_info" => $account->info(),
105
+ "request_info" => $request->info(),
106
+ "bvinfo" => $bvinfo->info(),
107
  "statusmsg" => "BVPRMS_CORRUPTED"
108
  );
109
  $response->terminate($resp);
120
  }
121
  } else {
122
  $resp = array(
123
+ "account_info" => $account ? $account->info() : array("error" => "ACCOUNT_NOT_FOUND"),
124
+ "request_info" => $request->info(),
125
+ "bvinfo" => $bvinfo->info(),
126
  "statusmsg" => "FAILED_AUTH",
127
  "api_pubkey" => substr(BVAccount::getApiPublicKey($bvsettings), 0, 8),
128
  "def_sigmatch" => substr(BVAccount::getSigMatch($request, BVRecover::getDefaultSecret($bvsettings)), 0, 8)
131
  }
132
  } else {
133
  if ($bvinfo->isProtectModuleEnabled()) {
134
+ require_once dirname( __FILE__ ) . '/protect/wp/protect.php';
135
+ $bvprotect = new BVProtect($bvdb, $bvsettings);
136
+ $bvprotect->run();
137
+ }
 
138
 
139
  if ($bvinfo->isDynSyncModuleEnabled()) {
140
+ require_once dirname( __FILE__ ) . '/wp_dynsync.php';
141
+ $dynsync = new BVWPDynSync($bvdb, $bvsettings);
142
+ $dynsync->init();
143
+ }
144
 
145
  }
callback/handler.php CHANGED
@@ -10,6 +10,7 @@ if (!class_exists('BVCallbackHandler')) :
10
  public $request;
11
  public $account;
12
  public $response;
 
13
 
14
  public function __construct($db, $settings, $siteinfo, $request, $account, $response) {
15
  $this->db = $db;
@@ -18,6 +19,7 @@ if (!class_exists('BVCallbackHandler')) :
18
  $this->request = $request;
19
  $this->account = $account;
20
  $this->response = $response;
 
21
  }
22
 
23
  public function bvAdmExecuteWithoutUser() {
@@ -30,17 +32,16 @@ if (!class_exists('BVCallbackHandler')) :
30
 
31
  public function execute($resp = array()) {
32
  $this->routeRequest();
33
- $bvinfo = new BVInfo($this->settings);
34
  $resp = array(
35
- "request_info" => $this->request->respInfo(),
36
- "site_info" => $this->siteinfo->respInfo(),
37
- "account_info" => $this->account->respInfo(),
38
- "bvinfo" => $bvinfo->respInfo(),
39
  "api_pubkey" => substr(BVAccount::getApiPublicKey($this->settings), 0, 8)
40
  );
41
  $this->response->terminate($resp);
42
  }
43
-
44
  public function routeRequest() {
45
  switch ($this->request->wing) {
46
  case 'manage':
@@ -67,17 +68,9 @@ if (!class_exists('BVCallbackHandler')) :
67
  require_once dirname( __FILE__ ) . '/wings/ipstore.php';
68
  $module = new BVIPStoreCallback($this);
69
  break;
70
- case 'fw':
71
- require_once dirname( __FILE__ ) . '/wings/fw.php';
72
- $module = new BVFirewallCallback($this);
73
- break;
74
- case 'lp':
75
- require_once dirname( __FILE__ ) . '/wings/lp.php';
76
- $module = new BVLoginProtectCallback($this);
77
- break;
78
- case 'monit':
79
- require_once dirname( __FILE__ ) . '/wings/monit.php';
80
- $module = new BVMonitCallback($this);
81
  break;
82
  case 'brand':
83
  require_once dirname( __FILE__ ) . '/wings/brand.php';
@@ -91,6 +84,10 @@ if (!class_exists('BVCallbackHandler')) :
91
  require_once dirname( __FILE__ ) . '/wings/account.php';
92
  $module = new BVAccountCallback($this);
93
  break;
 
 
 
 
94
  default:
95
  require_once dirname( __FILE__ ) . '/wings/misc.php';
96
  $module = new BVMiscCallback($this);
10
  public $request;
11
  public $account;
12
  public $response;
13
+ public $bvinfo;
14
 
15
  public function __construct($db, $settings, $siteinfo, $request, $account, $response) {
16
  $this->db = $db;
19
  $this->request = $request;
20
  $this->account = $account;
21
  $this->response = $response;
22
+ $this->bvinfo = new BVInfo($this->settings);
23
  }
24
 
25
  public function bvAdmExecuteWithoutUser() {
32
 
33
  public function execute($resp = array()) {
34
  $this->routeRequest();
 
35
  $resp = array(
36
+ "request_info" => $this->request->info(),
37
+ "site_info" => $this->siteinfo->info(),
38
+ "account_info" => $this->account->info(),
39
+ "bvinfo" => $this->bvinfo->info(),
40
  "api_pubkey" => substr(BVAccount::getApiPublicKey($this->settings), 0, 8)
41
  );
42
  $this->response->terminate($resp);
43
  }
44
+
45
  public function routeRequest() {
46
  switch ($this->request->wing) {
47
  case 'manage':
68
  require_once dirname( __FILE__ ) . '/wings/ipstore.php';
69
  $module = new BVIPStoreCallback($this);
70
  break;
71
+ case 'wtch':
72
+ require_once dirname( __FILE__ ) . '/wings/watch.php';
73
+ $module = new BVWatchCallback($this);
 
 
 
 
 
 
 
 
74
  break;
75
  case 'brand':
76
  require_once dirname( __FILE__ ) . '/wings/brand.php';
84
  require_once dirname( __FILE__ ) . '/wings/account.php';
85
  $module = new BVAccountCallback($this);
86
  break;
87
+ case 'fswrt':
88
+ require_once dirname( __FILE__ ) . '/wings/fs_write.php';
89
+ $module = new BVFSWriteCallback();
90
+ break;
91
  default:
92
  require_once dirname( __FILE__ ) . '/wings/misc.php';
93
  $module = new BVMiscCallback($this);
callback/request.php CHANGED
@@ -40,7 +40,7 @@ if (!class_exists('BVCallbackRequest')) :
40
  return array_key_exists('apicall', $this->params);
41
  }
42
 
43
- public function respInfo() {
44
  $info = array(
45
  "requestedsig" => $this->sig,
46
  "requestedtime" => $this->time,
@@ -89,7 +89,7 @@ if (!class_exists('BVCallbackRequest')) :
89
  if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms']) &&
90
  array_key_exists('bvprmsmac', $in_params) && isset($in_params['bvprmsmac'])) {
91
  $digest_algo = 'SHA1';
92
- $sent_mac = $in_params['bvprmsmac'];
93
 
94
  if (array_key_exists('bvprmshshalgo', $in_params) && isset($in_params['bvprmshshalgo'])) {
95
  $digest_algo = $in_params['bvprmshshalgo'];
40
  return array_key_exists('apicall', $this->params);
41
  }
42
 
43
+ public function info() {
44
  $info = array(
45
  "requestedsig" => $this->sig,
46
  "requestedtime" => $this->time,
89
  if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms']) &&
90
  array_key_exists('bvprmsmac', $in_params) && isset($in_params['bvprmsmac'])) {
91
  $digest_algo = 'SHA1';
92
+ $sent_mac = BVAccount::sanitizeKey($in_params['bvprmsmac']);
93
 
94
  if (array_key_exists('bvprmshshalgo', $in_params) && isset($in_params['bvprmshshalgo'])) {
95
  $digest_algo = $in_params['bvprmshshalgo'];
callback/wings/account.php CHANGED
@@ -21,7 +21,7 @@ class BVAccountCallback extends BVCallbackBase {
21
  $resp = array("status" => BVAccount::exists($this->settings, $params['public']));
22
  break;
23
  case "rmacc":
24
- $resp = array("status" => $account->remove($params['public']));
25
  break;
26
  case "updt":
27
  $info = array();
@@ -32,7 +32,8 @@ class BVAccountCallback extends BVCallbackBase {
32
  $resp = array("status" => BVAccount::exists($this->settings, $params['pubkey']));
33
  break;
34
  case "updtapikey":
35
- $resp = array("status" => BVAccount::updateApiPublicKey($this->settings, $params['pubkey']));
 
36
  break;
37
  case "rmdefsec":
38
  $resp = array("status" => $settings->deleteOption('bvDefaultSecret'));
21
  $resp = array("status" => BVAccount::exists($this->settings, $params['public']));
22
  break;
23
  case "rmacc":
24
+ $resp = array("status" => BVAccount::remove($this->settings, $params['public']));
25
  break;
26
  case "updt":
27
  $info = array();
32
  $resp = array("status" => BVAccount::exists($this->settings, $params['pubkey']));
33
  break;
34
  case "updtapikey":
35
+ BVAccount::updateApiPublicKey($this->settings, $params['pubkey']);
36
+ $resp = array("status" => $this->settings->getOption(BVAccount::$api_public_key));
37
  break;
38
  case "rmdefsec":
39
  $resp = array("status" => $settings->deleteOption('bvDefaultSecret'));
callback/wings/db.php CHANGED
@@ -9,9 +9,13 @@ class BVDBCallback extends BVCallbackBase {
9
  public $stream;
10
  public $account;
11
 
 
 
12
  public function __construct($callback_handler) {
13
  $this->db = $callback_handler->db;
14
  $this->account = $callback_handler->account;
 
 
15
  }
16
 
17
  public function getLastID($pkeys, $end_row) {
@@ -64,6 +68,9 @@ class BVDBCallback extends BVCallbackBase {
64
  $db = $this->db;
65
  $params = $request->params;
66
  $stream_init_info = BVStream::startStream($this->account, $request);
 
 
 
67
  if (array_key_exists('stream', $stream_init_info)) {
68
  $this->stream = $stream_init_info['stream'];
69
  switch ($request->method) {
@@ -140,17 +147,17 @@ class BVDBCallback extends BVCallbackBase {
140
  $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, true);
141
  break;
142
  case "tblexists":
143
- $resp = array("tblexists" => $db->isTablePresent($params['tablename']));
144
  break;
145
  case "crttbl":
146
  $usedbdelta = array_key_exists('usedbdelta', $params);
147
- $resp = array("crttbl" => $db->createTable($params['query'], $params['tablename'], $usedbdelta));
148
  break;
149
  case "drptbl":
150
- $resp = array("drptbl" => $db->dropBVTable($params['name']));
151
  break;
152
  case "trttbl":
153
- $resp = array("trttbl" => $db->truncateBVTable($params['name']));
154
  break;
155
  case "altrtbl":
156
  $resp = array("altrtbl" => $db->alterBVTable($params['query'], $params['query']));
9
  public $stream;
10
  public $account;
11
 
12
+ public static $bvTables = array("fw_requests", "lp_requests", "ip_store");
13
+
14
  public function __construct($callback_handler) {
15
  $this->db = $callback_handler->db;
16
  $this->account = $callback_handler->account;
17
+ $this->siteinfo = $callback_handler->siteinfo;
18
+ $this->bvinfo = $callback_handler->bvinfo;
19
  }
20
 
21
  public function getLastID($pkeys, $end_row) {
68
  $db = $this->db;
69
  $params = $request->params;
70
  $stream_init_info = BVStream::startStream($this->account, $request);
71
+
72
+
73
+
74
  if (array_key_exists('stream', $stream_init_info)) {
75
  $this->stream = $stream_init_info['stream'];
76
  switch ($request->method) {
147
  $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, true);
148
  break;
149
  case "tblexists":
150
+ $resp = array("tblexists" => $db->isTablePresent($params['table']));
151
  break;
152
  case "crttbl":
153
  $usedbdelta = array_key_exists('usedbdelta', $params);
154
+ $resp = array("crttbl" => $db->createTable($params['query'], $params['table'], $usedbdelta));
155
  break;
156
  case "drptbl":
157
+ $resp = array("drptbl" => $db->dropBVTable($params['table']));
158
  break;
159
  case "trttbl":
160
+ $resp = array("trttbl" => $db->truncateBVTable($params['table']));
161
  break;
162
  case "altrtbl":
163
  $resp = array("altrtbl" => $db->alterBVTable($params['query'], $params['query']));
callback/wings/fs.php CHANGED
@@ -8,6 +8,8 @@ class BVFSCallback extends BVCallbackBase {
8
  public $stream;
9
  public $account;
10
 
 
 
11
  public function __construct($callback_handler) {
12
  $this->account = $callback_handler->account;
13
  }
@@ -149,6 +151,34 @@ class BVFSCallback extends BVCallbackBase {
149
  return $md5;
150
  }
151
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
152
  function getFilesStats($files, $offset = 0, $limit = 0, $bsize = 102400, $md5 = false) {
153
  $result = array();
154
  foreach ($files as $file) {
@@ -207,6 +237,9 @@ class BVFSCallback extends BVCallbackBase {
207
  function process($request) {
208
  $params = $request->params;
209
  $stream_init_info = BVStream::startStream($this->account, $request);
 
 
 
210
  if (array_key_exists('stream', $stream_init_info)) {
211
  $this->stream = $stream_init_info['stream'];
212
  switch ($request->method) {
@@ -264,6 +297,26 @@ class BVFSCallback extends BVCallbackBase {
264
  $directoryList = glob($initdir.$regex, $glob_option);
265
  $resp = $this->getFilesStats($directoryList);
266
  break;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
267
  default:
268
  $resp = false;
269
  }
8
  public $stream;
9
  public $account;
10
 
11
+ public static $cwAllowedFiles = array(".htaccess", ".user.ini", "malcare-waf.php");
12
+
13
  public function __construct($callback_handler) {
14
  $this->account = $callback_handler->account;
15
  }
151
  return $md5;
152
  }
153
 
154
+ function getFilesContent($files, $withContent = true) {
155
+ $result = array();
156
+ foreach ($files as $file) {
157
+ $fdata = $this->fileStat($file);
158
+ $absfile = ABSPATH.$file;
159
+
160
+ if (is_dir($absfile) && !is_link($absfile)) {
161
+ $fdata['is_dir'] = true;
162
+ } else {
163
+ if (!is_readable($file)) {
164
+ $fdata['error'] = 'file not readable';
165
+ } else {
166
+ if ($withContent === true) {
167
+ if ($content = file_get_contents($absfile)) {
168
+ $fdata['content'] = $content;
169
+ } else {
170
+ $fdata['error'] = 'unable to read file';
171
+ }
172
+ }
173
+ }
174
+ }
175
+
176
+ $result[$file] = $fdata;
177
+ }
178
+
179
+ return $result;
180
+ }
181
+
182
  function getFilesStats($files, $offset = 0, $limit = 0, $bsize = 102400, $md5 = false) {
183
  $result = array();
184
  foreach ($files as $file) {
237
  function process($request) {
238
  $params = $request->params;
239
  $stream_init_info = BVStream::startStream($this->account, $request);
240
+
241
+
242
+
243
  if (array_key_exists('stream', $stream_init_info)) {
244
  $this->stream = $stream_init_info['stream'];
245
  switch ($request->method) {
297
  $directoryList = glob($initdir.$regex, $glob_option);
298
  $resp = $this->getFilesStats($directoryList);
299
  break;
300
+ case "dirsexists":
301
+ $resp = array();
302
+ $dirs = $params['dirs'];
303
+
304
+ foreach ($dirs as $dir) {
305
+ $path = ABSPATH.$dir;
306
+ if (file_exists($path) && is_dir($path) && !is_link($path)) {
307
+ $resp[$dir] = true;
308
+ } else {
309
+ $resp[$dir] = false;
310
+ }
311
+ }
312
+
313
+ $resp["status"] = "Done";
314
+ break;
315
+ case "gtfilescntent":
316
+ $files = $params['files'];
317
+ $withContent = array_key_exists('withcontent', $params) ? $params['withcontent'] : true;
318
+ $resp = array("files_content" => $this->getFilesContent($files, $withContent));
319
+ break;
320
  default:
321
  $resp = false;
322
  }
callback/wings/fs_write.php ADDED
@@ -0,0 +1,453 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVFSWriteCallback')) :
5
+
6
+ class BVFSWriteCallback extends BVCallbackBase {
7
+
8
+ const MEGABYTE = 1024 * 1024;
9
+
10
+ public function __construct() {
11
+ }
12
+
13
+ public function removeFiles($files) {
14
+ $result = array();
15
+
16
+ foreach($files as $file) {
17
+ $file_result = array();
18
+
19
+ if (file_exists($file)) {
20
+
21
+ $file_result['status'] = unlink($file);
22
+ if ($file_result['status'] === false) {
23
+ $file_result['error'] = "UNLINK_FAILED";
24
+ }
25
+
26
+ } else {
27
+ $file_result['status'] = true;
28
+ $file_result['error'] = "NOT_PRESENT";
29
+ }
30
+
31
+ $result[$file] = $file_result;
32
+ }
33
+
34
+ $result['status'] = true;
35
+ return $result;
36
+ }
37
+
38
+ public function makeDirs($dirs) {
39
+ $result = array();
40
+
41
+ foreach($dirs as $dir) {
42
+ $dir_result = array();
43
+
44
+ if (file_exists($dir)) {
45
+
46
+ if (is_dir($dir)) {
47
+ $dir_result['status'] = true;
48
+ $dir_result['message'] = "DIR_ALREADY_PRESENT";
49
+ } else {
50
+ $dir_result['status'] = false;
51
+ $dir_result['error'] = "FILE_PRESENT_IN_PLACE_OF_DIR";
52
+ }
53
+
54
+ } else {
55
+
56
+ $dir_result['status'] = mkdir($dir);
57
+ if ($dir_result['status'] === false) {
58
+ $dir_result['error'] = "MKDIR_FAILED";
59
+ }
60
+
61
+ }
62
+
63
+ $result[$dir] = $dir_result;
64
+ }
65
+
66
+ $result['status'] = true;
67
+ return $result;
68
+ }
69
+
70
+ public function removeDirs($dirs) {
71
+ $result = array();
72
+
73
+ foreach($dirs as $dir) {
74
+ $dir_result = array();
75
+
76
+ if (is_dir($dir) && !is_link($dir)) {
77
+
78
+ if ($this->isEmptyDir($dir)) {
79
+
80
+ $dir_result['status'] = rmdir($dir);
81
+ if ($dir_result['status'] === false) {
82
+ $dir_result['error'] = "RMDIR_FAILED";
83
+ }
84
+
85
+ } else {
86
+ $dir_result['status'] = false;
87
+ $dir_result['error'] = "NOT_EMPTY";
88
+ }
89
+
90
+ } else {
91
+ $dir_result['status'] = false;
92
+ $dir_result['error'] = "NOT_DIR";
93
+ }
94
+
95
+ $result[$dir] = $dir_result;
96
+ }
97
+
98
+ $result['status'] = true;
99
+ return $result;
100
+ }
101
+
102
+ public function isEmptyDir($dir) {
103
+ $handle = opendir($dir);
104
+
105
+ while (false !== ($entry = readdir($handle))) {
106
+ if ($entry != "." && $entry != "..") {
107
+ closedir($handle);
108
+ return false;
109
+ }
110
+ }
111
+ closedir($handle);
112
+
113
+ return true;
114
+ }
115
+
116
+ public function doChmod($path_infos) {
117
+ $result = array();
118
+
119
+ foreach($path_infos as $path => $mode) {
120
+ $path_result = array();
121
+
122
+ if (file_exists($path)) {
123
+
124
+ $path_result['status'] = chmod($path, $mode);
125
+ if ($path_result['status'] === false) {
126
+ $path_result['error'] = "CHMOD_FAILED";
127
+ }
128
+
129
+ } else {
130
+ $path_result['status'] = false;
131
+ $path_result['error'] = "NOT_FOUND";
132
+ }
133
+
134
+ $result[$path] = $path_result;
135
+ }
136
+
137
+ $result['status'] = true;
138
+ return $result;
139
+ }
140
+
141
+ public function concatFiles($ifiles, $ofile, $bsize, $offset) {
142
+ if (($offset !== 0) && (!file_exists($ofile))) {
143
+ return array(
144
+ 'status' => false,
145
+ 'error' => 'OFILE_NOT_FOUND_BEFORE_CONCAT'
146
+ );
147
+ }
148
+
149
+ if (file_exists($ofile) && ($offset !== 0)) {
150
+ $handle = fopen($ofile, 'rb+');
151
+ } else {
152
+ $handle = fopen($ofile, 'wb+');
153
+ }
154
+
155
+ if ($handle === false) {
156
+ return array(
157
+ 'status' => false,
158
+ 'error' => 'FOPEN_FAILED'
159
+ );
160
+ }
161
+
162
+ if ($offset !== 0) {
163
+ if (fseek($handle, $offset, SEEK_SET) === -1) {
164
+ return array(
165
+ 'status' => false,
166
+ 'error' => 'FSEEK_FAILED'
167
+ );
168
+ }
169
+ }
170
+
171
+ $total_written = 0;
172
+ foreach($ifiles as $file) {
173
+ $fp = fopen($file, 'rb');
174
+ if ($fp === false) {
175
+ return array(
176
+ 'status' => false,
177
+ 'error' => "UNABLE_TO_OPEN_TMP_OFILE_FOR_READING"
178
+ );
179
+ }
180
+
181
+ while (!feof($fp)) {
182
+ $content = fread($fp, $bsize);
183
+ if ($content === false) {
184
+ return array(
185
+ 'status' => false,
186
+ 'error' => "UNABLE_TO_READ_INFILE",
187
+ 'filename' => $file
188
+ );
189
+ }
190
+
191
+ $written = fwrite($handle, $content);
192
+ if ($written === false) {
193
+ return array(
194
+ 'status' => false,
195
+ 'error' => "UNABLE_TO_WRITE_TO_OFILE",
196
+ 'filename' => $file
197
+ );
198
+ }
199
+ $total_written += $written;
200
+ }
201
+
202
+ fclose($fp);
203
+ }
204
+
205
+ $result = array();
206
+ $result['fclose'] = fclose($handle);
207
+
208
+ if (file_exists($ofile) && ($total_written != 0)) {
209
+ $result['status'] = true;
210
+ $result['fsize'] = filesize($ofile);
211
+ $result['total_written'] = $total_written;
212
+ } else {
213
+ $result['status'] = false;
214
+ $result['error'] = 'CONCATINATED_FILE_FAILED';
215
+ }
216
+
217
+ return $result;
218
+ }
219
+
220
+ public function renameFiles($path_infos) {
221
+ $result = array();
222
+
223
+ foreach($path_infos as $oldpath => $newpath) {
224
+ $action_result = array();
225
+ $failed = array();
226
+
227
+ if (file_exists($oldpath)) {
228
+
229
+ $action_result['status'] = rename($oldpath, $newpath);
230
+ if ($action_result['status'] === false) {
231
+ $action_result['error'] = "RENAME_FAILED";
232
+ }
233
+
234
+ } else {
235
+ $action_result['status'] = false;
236
+ $action_result['error'] = "NOT_FOUND";
237
+ }
238
+
239
+ $result[$oldpath] = $action_result;
240
+ }
241
+
242
+ $result['status'] = true;
243
+ return $result;
244
+ }
245
+
246
+ public function curlFile($ifile_url, $ofile, $timeout) {
247
+ $fp = fopen($ofile, "wb+");
248
+ if ($fp === false) {
249
+ return array(
250
+ 'error' => 'FOPEN_FAILED_FOR_TEMP_OFILE'
251
+ );
252
+ }
253
+
254
+ $result = array();
255
+ $ch = curl_init($ifile_url);
256
+ curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
257
+ curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
258
+ curl_setopt($ch, CURLOPT_HEADER, 0);
259
+ curl_setopt($ch, CURLOPT_FILE, $fp);
260
+
261
+ if (!curl_exec($ch)) {
262
+ $result['error'] = curl_error($ch);
263
+ $result['errorno'] = curl_errno($ch);
264
+ }
265
+
266
+ curl_close($ch);
267
+ fclose($fp);
268
+
269
+ return $result;
270
+ }
271
+
272
+ public function wgetFile($ifile_url, $ofile) {
273
+ $result = array();
274
+ system("wget -nv -O $ofile $ifile_url 2>&1 > /dev/null", $retval);
275
+
276
+ if ($retval !== 0) {
277
+ $result['error'] = "WGET_ERROR";
278
+ }
279
+
280
+ return $result;
281
+ }
282
+
283
+ public function streamCopyFile($ifile_url, $ofile) {
284
+ $result = array();
285
+ $handle = fopen($ifile_url, "rb");
286
+
287
+ if ($handle === false) {
288
+ return array(
289
+ 'error' => "UNABLE_TO_OPEN_REMOTE_FILE_STREAM"
290
+ );
291
+ }
292
+
293
+ $fp = fopen($ofile, "wb+");
294
+ if ($fp === false) {
295
+ fclose($handle);
296
+
297
+ return array(
298
+ 'error' => 'FOPEN_FAILED_FOR_OFILE'
299
+ );
300
+ }
301
+
302
+ if (stream_copy_to_stream($handle, $fp) === false) {
303
+ $result['error'] = "UNABLE_TO_WRITE_TO_TMP_OFILE";
304
+ }
305
+
306
+ fclose($handle);
307
+ fclose($fp);
308
+
309
+ return $result;
310
+ }
311
+
312
+ public function writeContentToFile($content, $ofile) {
313
+ $result = array();
314
+
315
+ $fp = fopen($ofile, "wb+");
316
+ if ($fp === false) {
317
+ return array(
318
+ 'error' => 'FOPEN_FAILED_FOR_TEMP_OFILE'
319
+ );
320
+ }
321
+
322
+ if (fwrite($fp, $content) === false) {
323
+ $resp['error'] = "UNABLE_TO_WRITE_TO_TMP_OFILE";
324
+ }
325
+ fclose($fp);
326
+
327
+ return $result;
328
+ }
329
+
330
+ public function moveUploadedFile($ofile) {
331
+ $result = array();
332
+
333
+ if (isset($_FILES['myfile'])) {
334
+ $myfile = $_FILES['myfile'];
335
+ $is_upload_ok = false;
336
+
337
+ switch ($myfile['error']) {
338
+ case UPLOAD_ERR_OK:
339
+ $is_upload_ok = true;
340
+ break;
341
+ case UPLOAD_ERR_NO_FILE:
342
+ $result['error'] = "UPLOADERR_NO_FILE";
343
+ break;
344
+ case UPLOAD_ERR_INI_SIZE:
345
+ case UPLOAD_ERR_FORM_SIZE:
346
+ $result['error'] = "UPLOADERR_FORM_SIZE";
347
+ break;
348
+ default:
349
+ $result['error'] = "UPLOAD_ERR_UNKNOWN";
350
+ }
351
+
352
+ if ($is_upload_ok && !isset($myfile['tmp_name'])) {
353
+ $result['error'] = "MYFILE_TMP_NAME_NOT_FOUND";
354
+ $is_upload_ok = false;
355
+ }
356
+
357
+ if ($is_upload_ok) {
358
+ if (move_uploaded_file($myfile['tmp_name'], $ofile) === false) {
359
+ $result['error'] = 'MOVE_UPLOAD_FILE_FAILED';
360
+ }
361
+ }
362
+
363
+ } else {
364
+ $result['error'] = "FILE_NOT_PRESENT_IN_FILES";
365
+ }
366
+
367
+ return $result;
368
+ }
369
+
370
+
371
+ public function uploadFile($params) {
372
+ $resp = array();
373
+ $ofile = $params['ofile'];
374
+
375
+ switch($params['protocol']) {
376
+ case "curl":
377
+ $timeout = isset($params['timeout']) ? $params['timeout'] : 60;
378
+ $ifile_url = isset($params['ifileurl']) ? $params['ifileurl'] : null;
379
+
380
+ $resp = $this->curlFile($ifile_url, $ofile, $timeout);
381
+ break;
382
+ case "wget":
383
+ $ifile_url = isset($params['ifileurl']) ? $params['ifileurl'] : null;
384
+
385
+ $resp = $this->wgetFile($ifile_url, $ofile);
386
+ break;
387
+ case "streamcopy":
388
+ $ifile_url = isset($params['ifileurl']) ? $params['ifileurl'] : null;
389
+
390
+ $resp = $this->streamCopyFile($ifile_url, $ofile);
391
+ break;
392
+ case "httpcontenttransfer":
393
+ $resp = $this->writeContentToFile($params['content'], $ofile);
394
+ break;
395
+ case "httpfiletransfer":
396
+ $resp = $this->moveUploadedFile($ofile);
397
+ break;
398
+ default:
399
+ $resp['error'] = "INVALID_PROTOCOL";
400
+ }
401
+
402
+ if (isset($resp['error'])) {
403
+ $resp['status'] = false;
404
+ } else {
405
+
406
+ if (file_exists($ofile)) {
407
+ $resp['status'] = true;
408
+ $resp['fsize'] = filesize($ofile);
409
+ } else {
410
+ $resp['status'] = false;
411
+ $resp['error'] = "OFILE_NOT_FOUND";
412
+ }
413
+
414
+ }
415
+
416
+ return $resp;
417
+ }
418
+
419
+ public function process($request) {
420
+ $params = $request->params;
421
+
422
+ switch ($request->method) {
423
+ case "rmfle":
424
+ $resp = $this->removeFiles($params['files']);
425
+ break;
426
+ case "chmd":
427
+ $resp = $this->doChmod($params['pathinfos']);
428
+ break;
429
+ case "mkdr":
430
+ $resp = $this->makeDirs($params['dirs']);
431
+ break;
432
+ case "rmdr":
433
+ $resp = $this->removeDirs($params['dirs']);
434
+ break;
435
+ case "renmefle":
436
+ $resp = $this->renameFiles($params['pathinfos']);
437
+ break;
438
+ case "wrtfle":
439
+ $resp = $this->uploadFile($params);
440
+ break;
441
+ case "cncatfls":
442
+ $bsize = (isset($params['bsize'])) ? $params['bsize'] : (8 * BVFSWriteCallback::MEGABYTE);
443
+ $offset = (isset($params['offset'])) ? $params['offset'] : 0;
444
+ $resp = $this->concatFiles($params['infiles'], $params['ofile'], $bsize, $offset);
445
+ break;
446
+ default:
447
+ $resp = false;
448
+ }
449
+
450
+ return $resp;
451
+ }
452
+ }
453
+ endif;
callback/wings/fw.php DELETED
@@ -1,62 +0,0 @@
1
- <?php
2
-
3
- if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVFirewallCallback')) :
5
-
6
- require_once dirname( __FILE__ ) . '/../../protect/wp_fw/config.php';
7
-
8
- class BVFirewallCallback {
9
- public $db;
10
- public $settings;
11
-
12
- public function __construct($callback_handler) {
13
- $this->db = $callback_handler->db;
14
- $this->settings = $callback_handler->settings;
15
- }
16
-
17
- public function process($request) {
18
- $params = $request->params;
19
- $config = new BVWPFWConfig($this->db, $this->settings);
20
- switch ($request->method) {
21
- case "clrconfig":
22
- $resp = array("clearconfig" => $config->clear());
23
- break;
24
- case "setmode":
25
- $config->setMode($params['mode']);
26
- $resp = array("setmode" => $config->getMode());
27
- break;
28
- case "dsblrules":
29
- $config->setDisabledRules($params['disabled_rules']);
30
- $resp = array("disabled_rules" => $config->getDisabledRules());
31
- break;
32
- case "adtrls":
33
- $config->setAuditRules($params['audit_rules']);
34
- $resp = array("audit_rules" => $config->getAuditRules());
35
- break;
36
- case "setrulesmode":
37
- $config->setRulesMode($params['rules_mode']);
38
- $resp = array("rules_mode" => $config->getRulesMode());
39
- break;
40
- case "setreqprofilingmode":
41
- $config->setReqProfilingMode($params['req_profiling_mode']);
42
- $resp = array("req_profiling_mode" => $config->getReqProfilingMode());
43
- break;
44
- case "stbypslevl":
45
- $config->setBypassLevel($params['bypslevl']);
46
- $resp = array("bypslevl" => $config->getBypassLevel());
47
- break;
48
- case "stcstmrls":
49
- $config->setCustomRoles($params['cstmrls']);
50
- $resp = array("cstmrls" => $config->getCustomRoles());
51
- break;
52
- case "stcookiemode":
53
- $config->setCookieMode($params['mode']);
54
- $resp = array("mode" => $config->getCookieMode());
55
- break;
56
- default:
57
- $resp = false;
58
- }
59
- return $resp;
60
- }
61
- }
62
- endif;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
callback/wings/info.php CHANGED
@@ -96,11 +96,13 @@ class BVInfoCallback extends BVCallbackBase {
96
 
97
  public function getSystemInfo() {
98
  $sys_info = array(
99
- 'serverip' => $_SERVER['SERVER_ADDR'],
100
  'host' => $_SERVER['HTTP_HOST'],
101
  'phpversion' => phpversion(),
102
  'AF_INET6' => defined('AF_INET6')
103
  );
 
 
 
104
  if (function_exists('get_current_user')) {
105
  $sys_info['user'] = get_current_user();
106
  }
@@ -134,6 +136,7 @@ class BVInfoCallback extends BVCallbackBase {
134
  'wpversion' => $wp_version,
135
  'dbversion' => $wp_db_version,
136
  'abspath' => ABSPATH,
 
137
  'uploadpath' => $upload_dir['basedir'],
138
  'uploaddir' => wp_upload_dir(),
139
  'contentdir' => defined('WP_CONTENT_DIR') ? WP_CONTENT_DIR : null,
@@ -203,51 +206,11 @@ class BVInfoCallback extends BVCallbackBase {
203
  $data['dynsync'] = $settings->getOption('bvDynSyncActive');
204
  $data['woodyn'] = $settings->getOption('bvWooDynSync');
205
  $data['dynplug'] = $settings->getOption('bvdynplug');
206
- $data['ptplug'] = $settings->getOption('bvptplug');
207
- $data['fw'] = $this->getFWConfig();
208
- $data['lp'] = $this->getLPConfig();
209
  $data['brand'] = $settings->getOption($this->bvinfo->brand_option);
210
  $data['badgeinfo'] = $settings->getOption($this->bvinfo->badgeinfo);
211
  }
212
 
213
- public function getLPConfig() {
214
- $config = array();
215
- $settings = $this->settings;
216
- $mode = $settings->getOption('bvlpmode');
217
- $cplimit = $settings->getOption('bvlpcaptchalimit');
218
- $tplimit = $settings->getOption('bvlptempblocklimit');
219
- $bllimit = $settings->getOption('bvlpblockAllLimit');
220
- $config['mode'] = intval($mode ? $mode : 1);
221
- $config['captcha_limit'] = intval($cplimit ? $cplimit : 3);
222
- $config['temp_block_limit'] = intval($tplimit? $tplimit : 6);
223
- $config['block_all_limit'] = intval($bllimit ? $bllimit : 100);
224
- return $config;
225
- }
226
-
227
- public function getFWConfig() {
228
- $config = array();
229
- $settings = $this->settings;
230
- $mode = $settings->getOption('bvfwmode');
231
- $drules = $settings->getOption('bvfwdisabledrules');
232
- $arules = $settings->getOption('bvfwauditrules');
233
- $rmode = $settings->getOption('bvfwrulesmode');
234
- $reqprofilingmode = $settings->getOption('bvfwreqprofilingmode');
235
- $bypass_level = $settings->getOption('bvfwbypasslevel');
236
- $custom_roles = $settings->getOption('bvfwcustomroles');
237
- $cookiemode = $settings->getOption('bvfwcookiemode');
238
- $cookiekey = (string) $settings->getOption('bvfwcookiekey');
239
- $config['mode'] = intval($mode ? $mode : 1);
240
- $config['disabled_rules'] = $drules ? $drules : array();
241
- $config['audit_rules'] = $arules ? $arules : array();
242
- $config['rules_mode'] = intval($rmode ? $rmode : 1);
243
- $config['req_profiling_mode'] = intval($reqprofilingmode ? $reqprofilingmode : 1);
244
- $config['bypslevl'] = intval($bypass_level ? $bypass_level : 2);
245
- $config['cstmrls'] = $custom_roles ? $custom_roles : array();
246
- $config['cookiemode'] = intval($cookiemode ? $cookiemode : 2);
247
- $config['cookiekey'] = $cookiekey;
248
- return $config;
249
- }
250
-
251
  public function dbconf(&$info) {
252
  $db = $this->db;
253
  if (defined('DB_CHARSET'))
@@ -256,6 +219,15 @@ class BVInfoCallback extends BVCallbackBase {
256
  $info['charset_collate'] = $db->getCharsetCollate();
257
  return $info;
258
  }
 
 
 
 
 
 
 
 
 
259
 
260
  public function activate() {
261
  $resp = array();
@@ -266,6 +238,15 @@ class BVInfoCallback extends BVCallbackBase {
266
  return array('actinfo' => $resp);
267
  }
268
 
 
 
 
 
 
 
 
 
 
269
  public function process($request) {
270
  $db = $this->db;
271
  $params = $request->params;
@@ -273,6 +254,9 @@ class BVInfoCallback extends BVCallbackBase {
273
  case "activateinfo":
274
  $resp = $this->activate();
275
  break;
 
 
 
276
  case "gtpsts":
277
  $count = 5;
278
  if (array_key_exists('count', $params))
@@ -294,6 +278,13 @@ class BVInfoCallback extends BVCallbackBase {
294
  case "gtwp":
295
  $resp = $this->getWpInfo();
296
  break;
 
 
 
 
 
 
 
297
  case "getoption":
298
  $resp = array("option" => $this->settings->getOption($params['name']));
299
  break;
@@ -309,6 +300,19 @@ class BVInfoCallback extends BVCallbackBase {
309
  $transient = $this->objectToArray($transient);
310
  $resp = array("transient" => $transient);
311
  break;
 
 
 
 
 
 
 
 
 
 
 
 
 
312
  default:
313
  $resp = false;
314
  }
96
 
97
  public function getSystemInfo() {
98
  $sys_info = array(
 
99
  'host' => $_SERVER['HTTP_HOST'],
100
  'phpversion' => phpversion(),
101
  'AF_INET6' => defined('AF_INET6')
102
  );
103
+ if (array_key_exists('SERVER_ADDR', $_SERVER)) {
104
+ $sys_info['serverip'] = $_SERVER['SERVER_ADDR'];
105
+ }
106
  if (function_exists('get_current_user')) {
107
  $sys_info['user'] = get_current_user();
108
  }
136
  'wpversion' => $wp_version,
137
  'dbversion' => $wp_db_version,
138
  'abspath' => ABSPATH,
139
+ 'bvpluginpath' => defined('BVBASEPATH') ? BVBASEPATH : null,
140
  'uploadpath' => $upload_dir['basedir'],
141
  'uploaddir' => wp_upload_dir(),
142
  'contentdir' => defined('WP_CONTENT_DIR') ? WP_CONTENT_DIR : null,
206
  $data['dynsync'] = $settings->getOption('bvDynSyncActive');
207
  $data['woodyn'] = $settings->getOption('bvWooDynSync');
208
  $data['dynplug'] = $settings->getOption('bvdynplug');
209
+ $data['protect'] = $settings->getOption('bvptconf');
 
 
210
  $data['brand'] = $settings->getOption($this->bvinfo->brand_option);
211
  $data['badgeinfo'] = $settings->getOption($this->bvinfo->badgeinfo);
212
  }
213
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
214
  public function dbconf(&$info) {
215
  $db = $this->db;
216
  if (defined('DB_CHARSET'))
219
  $info['charset_collate'] = $db->getCharsetCollate();
220
  return $info;
221
  }
222
+
223
+ public function cookieInfo() {
224
+ $resp = array();
225
+ if (defined('COOKIEPATH'))
226
+ $resp['cookiepath'] = COOKIEPATH;
227
+ if (defined('COOKIE_DOMAIN'))
228
+ $resp['cookiedomain'] = COOKIE_DOMAIN;
229
+ return array('cookieinfo' => $resp);
230
+ }
231
 
232
  public function activate() {
233
  $resp = array();
238
  return array('actinfo' => $resp);
239
  }
240
 
241
+ public function getHostInfo() {
242
+ $host_info = $_SERVER;
243
+ $host_info['PHP_SERVER_NAME'] = php_uname('\n');
244
+ if (array_key_exists('IS_PRESSABLE', get_defined_constants())) {
245
+ $host_info['IS_PRESSABLE'] = true;
246
+ }
247
+ return array('host_info' => $host_info);
248
+ }
249
+
250
  public function process($request) {
251
  $db = $this->db;
252
  $params = $request->params;
254
  case "activateinfo":
255
  $resp = $this->activate();
256
  break;
257
+ case "ckeyinfo":
258
+ $resp = $this->cookieInfo();
259
+ break;
260
  case "gtpsts":
261
  $count = 5;
262
  if (array_key_exists('count', $params))
278
  case "gtwp":
279
  $resp = $this->getWpInfo();
280
  break;
281
+ case "gtallhdrs":
282
+ $data = (function_exists('getallheaders')) ? getallheaders() : false;
283
+ $resp = array("allhdrs" => $data);
284
+ break;
285
+ case "gtsvr":
286
+ $resp = array("svr" => $_SERVER);
287
+ break;
288
  case "getoption":
289
  $resp = array("option" => $this->settings->getOption($params['name']));
290
  break;
300
  $transient = $this->objectToArray($transient);
301
  $resp = array("transient" => $transient);
302
  break;
303
+ case "gthost":
304
+ $resp = $this->getHostInfo();
305
+ break;
306
+ case "gtplinfo":
307
+ $args = array(
308
+ 'slug' => wp_unslash($params['slug'])
309
+ );
310
+ $action = $params['action'];
311
+ $args = (object) $args;
312
+ $args = apply_filters('plugins_api_args', $args, $action);
313
+ $data = apply_filters('plugins_api', false, $action, $args);
314
+ $resp = array("plugins_info" => $data);
315
+ break;
316
  default:
317
  $resp = false;
318
  }
callback/wings/ipstore.php CHANGED
@@ -3,7 +3,7 @@
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('BVIPStoreCallback')) :
5
 
6
- require_once dirname( __FILE__ ) . '/../../protect/ipstore.php';
7
 
8
  class BVIPStoreCallback extends BVCallbackBase {
9
  public $db;
@@ -87,9 +87,8 @@ class BVIPStoreCallback extends BVCallbackBase {
87
  case "insrtips":
88
  $values = $params['values'];
89
  $fields = $params['fields'];
90
- $rmfilter = $params['rmfilter'];
91
- if ($rmfilter) {
92
- $db->deleteBVTableContent($table, $rmfilter);
93
  }
94
  $this->insertIPs($bvTable, $fields, $values);
95
  $resp = array("offset" => $this->getIPStoreOffset($bvTable, $auto_increment_offset));
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('BVIPStoreCallback')) :
5
 
6
+ require_once dirname( __FILE__ ) . '/../../protect/wp/ipstore.php';
7
 
8
  class BVIPStoreCallback extends BVCallbackBase {
9
  public $db;
87
  case "insrtips":
88
  $values = $params['values'];
89
  $fields = $params['fields'];
90
+ if (array_key_exists('rmfilter', $params)) {
91
+ $db->deleteBVTableContent($table, $params['rmfilter']);
 
92
  }
93
  $this->insertIPs($bvTable, $fields, $values);
94
  $resp = array("offset" => $this->getIPStoreOffset($bvTable, $auto_increment_offset));
callback/wings/lp.php DELETED
@@ -1,74 +0,0 @@
1
- <?php
2
-
3
- if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVLoginProtectCallback')) :
5
-
6
- require_once dirname( __FILE__ ) . '/../../protect/wp_lp/lp.php';
7
-
8
- class BVLoginProtectCallback extends BVCallbackBase {
9
- public $db;
10
- public $settings;
11
-
12
- public function __construct($callback_handler) {
13
- $this->db = $callback_handler->db;
14
- $this->settings = $callback_handler->settings;
15
- }
16
-
17
- public function unBlockLogins() {
18
- $this->settings->deleteTransient('bvlp_block_logins');
19
- $this->settings->setTransient('bvlp_allow_logins', 'true', 1800);
20
- return $this->settings->getTransient('bvlp_allow_logins');
21
- }
22
-
23
- public function blockLogins($time) {
24
- $this->settings->deleteTransient('bvlp_allow_logins');
25
- $this->settings->setTransient('bvlp_block_logins', 'true', $time);
26
- return $this->settings->getTransient('bvlp_block_logins');
27
- }
28
-
29
- public function unBlockIP($ip, $attempts, $time) {
30
- $transient_name = BVWPLP::$unblock_ip_transient.$ip;
31
- $this->settings->setTransient($transient_name, $attempts, $time);
32
- return $this->settings->getTransient($transient_name);
33
- }
34
-
35
- public function process($request) {
36
- $params = $request->params;
37
- $config = new BVWPLPConfig($this->db, $this->settings);
38
- switch ($request->method) {
39
- case "clrconfig":
40
- $resp = array("clearconfig" => $config->clear());
41
- break;
42
- case "setmode":
43
- $config->setMode($params['mode']);
44
- $resp = array("setmode" => $config->getMode());
45
- break;
46
- case "setcaptchalimit":
47
- $config->setCaptchaLimit($params['captcha_limit']);
48
- $resp = array("captcha_limit" => $config->getCaptchaLimit());
49
- break;
50
- case "settmpblklimit":
51
- $config->setTempBlockLimit($params['temp_block_limit']);
52
- $resp = array("temp_block_limit" => $config->getTempBlockLimit());
53
- break;
54
- case "setblkalllimit":
55
- $config->setBlockAllLimit($params['block_all_limit']);
56
- $resp = array("block_all_limit" => $config->getBlockAllLimit());
57
- break;
58
- case "unblklogins":
59
- $resp = array("unblocklogins" => $this->unBlockLogins());
60
- break;
61
- case "blklogins":
62
- $time = array_key_exists('time', $params) ? $params['time'] : 1800;
63
- $resp = array("blocklogins" => $this->blockLogins($time));
64
- break;
65
- case "unblkip":
66
- $resp = array("unblockip" => $this->unBlockIP($params['ip'], $params['attempts'], $params['time']));
67
- break;
68
- default:
69
- $resp = false;
70
- }
71
- return $resp;
72
- }
73
- }
74
- endif;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
callback/wings/misc.php CHANGED
@@ -23,9 +23,9 @@ class BVMiscCallback extends BVCallbackBase {
23
  switch ($request->method) {
24
  case "dummyping":
25
  $resp = array();
26
- $resp = array_merge($resp, $this->siteinfo->respInfo());
27
- $resp = array_merge($resp, $this->account->respInfo());
28
- $resp = array_merge($resp, $this->bvinfo->respInfo());
29
  break;
30
  case "enablebadge":
31
  $option = $bvinfo->badgeinfo;
@@ -52,14 +52,6 @@ class BVMiscCallback extends BVCallbackBase {
52
  $settings->deleteOption('bvdynplug');
53
  $resp = array("unsetdynplug" => $settings->getOption('bvdynplug'));
54
  break;
55
- case "setptplug":
56
- $settings->updateOption('bvptplug', $params['ptplug']);
57
- $resp = array("setptplug" => $settings->getOption('bvptplug'));
58
- break;
59
- case "unsetptplug":
60
- $settings->deleteOption('bvptlug');
61
- $resp = array("unsetptplug" => $settings->getOption('bvptlug'));
62
- break;
63
  case "wpupplgs":
64
  $resp = array("wpupdateplugins" => wp_update_plugins());
65
  break;
@@ -69,10 +61,6 @@ class BVMiscCallback extends BVCallbackBase {
69
  case "wpupcre":
70
  $resp = array("wpupdatecore" => wp_version_check());
71
  break;
72
- case "rmmonitime":
73
- $this->settings->deleteOption('bvmonittime');
74
- $resp = array("rmmonitime" => !$bvinfo->getMonitTime());
75
- break;
76
  case "phpinfo":
77
  phpinfo();
78
  die();
@@ -86,4 +74,4 @@ class BVMiscCallback extends BVCallbackBase {
86
  return $resp;
87
  }
88
  }
89
- endif;
23
  switch ($request->method) {
24
  case "dummyping":
25
  $resp = array();
26
+ $resp = array_merge($resp, $this->siteinfo->info());
27
+ $resp = array_merge($resp, $this->account->info());
28
+ $resp = array_merge($resp, $this->bvinfo->info());
29
  break;
30
  case "enablebadge":
31
  $option = $bvinfo->badgeinfo;
52
  $settings->deleteOption('bvdynplug');
53
  $resp = array("unsetdynplug" => $settings->getOption('bvdynplug'));
54
  break;
 
 
 
 
 
 
 
 
55
  case "wpupplgs":
56
  $resp = array("wpupdateplugins" => wp_update_plugins());
57
  break;
61
  case "wpupcre":
62
  $resp = array("wpupdatecore" => wp_version_check());
63
  break;
 
 
 
 
64
  case "phpinfo":
65
  phpinfo();
66
  die();
74
  return $resp;
75
  }
76
  }
77
+ endif;
callback/wings/protect.php CHANGED
@@ -3,7 +3,9 @@
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('BVProtectCallback')) :
5
 
6
- require_once dirname( __FILE__ ) . '/../../protect/protect.php';
 
 
7
 
8
  class BVProtectCallback extends BVCallbackBase {
9
  public $db;
@@ -14,10 +16,40 @@ class BVProtectCallback extends BVCallbackBase {
14
  $this->settings = $callback_handler->settings;
15
  }
16
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
17
  public function process($request) {
18
  $bvinfo = new BVInfo($this->settings);
19
- $protect = new BVProtect($this->db, $this->settings);
20
  $params = $request->params;
 
21
  switch ($request->method) {
22
  case "gtipprobeinfo":
23
  $resp = array();
@@ -31,41 +63,52 @@ class BVProtectCallback extends BVCallbackBase {
31
  }
32
  }
33
  $resp["hdrsinfo"] = $hdrsinfo;
34
- if ($iphdr = $this->settings->getOption($bvinfo->ip_header_option)) {
35
- $resp["iphdr"] = $iphdr;
36
- }
 
 
 
 
 
 
 
 
 
37
  break;
38
  case "gtraddr":
39
  $raddr = array_key_exists('REMOTE_ADDR', $_SERVER) ? $_SERVER['REMOTE_ADDR'] : false;
40
  $resp = array("raddr" => $raddr);
41
  break;
42
- case "gtallhdrs":
43
- $data = (function_exists('getallheaders')) ? getallheaders() : false;
44
- $resp = array("allhdrs" => $data);
 
 
 
45
  break;
46
- case "gtsvr":
47
- $resp = array("svr" => $_SERVER);
 
48
  break;
49
- case "gtip":
50
- $resp = array("ip" => $protect->getIP());
51
  break;
52
- case "stiphdr":
53
- $option_name = $bvinfo->ip_header_option;
54
- $iphdr = array('hdr' => $params['hdr'], 'pos' => $params['pos']);
55
- $this->settings->updateOption($option_name, $iphdr);
56
- $resp = array("iphdr" => $this->settings->getOption($option_name));
57
  break;
58
- case "gtiphdr":
59
- $resp = array("iphdr" => $this->settings->getOption($bvinfo->ip_header_option));
60
  break;
61
- case "rmiphdr":
62
- $option_name = $bvinfo->ip_header_option;
63
- $this->settings->deleteOption($option_name);
64
- $resp = array("iphdr" => $this->settings->getOption($option_name));
65
  break;
66
  default:
67
  $resp = false;
68
  }
 
69
  return $resp;
70
  }
71
  }
3
  if (!defined('ABSPATH')) exit;
4
  if (!class_exists('BVProtectCallback')) :
5
 
6
+ require_once dirname( __FILE__ ) . '/../../protect/wp/protect.php';
7
+ require_once dirname( __FILE__ ) . '/../../protect/fw/config.php';
8
+ require_once dirname( __FILE__ ) . '/../../protect/wp/lp/config.php';
9
 
10
  class BVProtectCallback extends BVCallbackBase {
11
  public $db;
16
  $this->settings = $callback_handler->settings;
17
  }
18
 
19
+ public function serverConfig() {
20
+ return array(
21
+ 'software' => $_SERVER['SERVER_SOFTWARE'],
22
+ 'sapi' => (function_exists('php_sapi_name')) ? php_sapi_name() : false,
23
+ 'has_apache_get_modules' => function_exists('apache_get_modules'),
24
+ 'posix_getuid' => (function_exists('posix_getuid')) ? posix_getuid() : null,
25
+ 'uid' => (function_exists('getmyuid')) ? getmyuid() : null,
26
+ 'user_ini' => ini_get('user_ini.filename'),
27
+ 'php_major_version' => PHP_MAJOR_VERSION
28
+ );
29
+ }
30
+
31
+ public function unBlockLogins() {
32
+ $this->settings->deleteTransient('bvlp_block_logins');
33
+ $this->settings->setTransient('bvlp_allow_logins', 'true', 1800);
34
+ return $this->settings->getTransient('bvlp_allow_logins');
35
+ }
36
+
37
+ public function blockLogins($time) {
38
+ $this->settings->deleteTransient('bvlp_allow_logins');
39
+ $this->settings->setTransient('bvlp_block_logins', 'true', $time);
40
+ return $this->settings->getTransient('bvlp_block_logins');
41
+ }
42
+
43
+ public function unBlockIP($ip, $attempts, $time) {
44
+ $transient_name = BVWPLP::$unblock_ip_transient.$ip;
45
+ $this->settings->setTransient($transient_name, $attempts, $time);
46
+ return $this->settings->getTransient($transient_name);
47
+ }
48
+
49
  public function process($request) {
50
  $bvinfo = new BVInfo($this->settings);
 
51
  $params = $request->params;
52
+
53
  switch ($request->method) {
54
  case "gtipprobeinfo":
55
  $resp = array();
63
  }
64
  }
65
  $resp["hdrsinfo"] = $hdrsinfo;
66
+ break;
67
+ case "gtptcnf":
68
+ $resp = array('conf' => $this->settings->getOption('bvptconf'));
69
+ break;
70
+ case "clrcnf":
71
+ $this->settings->deleteOption('bvptconf');
72
+ $this->settings->deleteOption('bvptplug');
73
+ $resp = array("clearconfig" => true);
74
+ break;
75
+ case "docnf":
76
+ $this->settings->updateOption('bvptconf', $params['conf']);
77
+ $resp = array('conf' => $this->settings->getOption('bvptconf'));
78
  break;
79
  case "gtraddr":
80
  $raddr = array_key_exists('REMOTE_ADDR', $_SERVER) ? $_SERVER['REMOTE_ADDR'] : false;
81
  $resp = array("raddr" => $raddr);
82
  break;
83
+ case "svrcnf":
84
+ $resp = array("serverconfig" => $this->serverConfig());
85
+ break;
86
+ case "setptplug":
87
+ $this->settings->updateOption('bvptplug', $params['ptplug']);
88
+ $resp = array("setptplug" => $this->settings->getOption('bvptplug'));
89
  break;
90
+ case "unsetptplug":
91
+ $this->settings->deleteOption('bvptlug');
92
+ $resp = array("unsetptplug" => $this->settings->getOption('bvptlug'));
93
  break;
94
+ case "unblklogins":
95
+ $resp = array("unblocklogins" => $this->unBlockLogins());
96
  break;
97
+ case "blklogins":
98
+ $time = array_key_exists('time', $params) ? $params['time'] : 1800;
99
+ $resp = array("blocklogins" => $this->blockLogins($time));
 
 
100
  break;
101
+ case "unblkip":
102
+ $resp = array("unblockip" => $this->unBlockIP($params['ip'], $params['attempts'], $params['time']));
103
  break;
104
+ case "rmwatchtime":
105
+ $this->settings->deleteOption('bvwatchtime');
106
+ $resp = array("rmwatchtime" => !$bvinfo->getWatchTime());
 
107
  break;
108
  default:
109
  $resp = false;
110
  }
111
+
112
  return $resp;
113
  }
114
  }
callback/wings/{monit.php → watch.php} RENAMED
@@ -1,9 +1,9 @@
1
  <?php
2
 
3
  if (!defined('ABSPATH')) exit;
4
- if (!class_exists('BVMonitCallback')) :
5
 
6
- class BVMonitCallback extends BVCallbackBase {
7
  public $db;
8
  public $settings;
9
 
@@ -31,20 +31,65 @@ class BVMonitCallback extends BVCallbackBase {
31
  return $this->db->deleteBVTableContent($name, $filter);
32
  }
33
 
34
- public function setMonitTime() {
35
- return $this->settings->updateOption('bvmonittime', time());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
36
  }
37
 
38
  public function process($request) {
39
  $db = $this->db;
40
  $settings = $this->settings;
41
- $this->setMonitTime();
42
  $params = $request->params;
 
43
  switch ($request->method) {
44
  case "getdata":
45
  $resp = array();
 
46
  if (array_key_exists('lp', $params)) {
47
- require_once dirname( __FILE__ ) . '/../../protect/wp_lp/config.php';
48
  $lp_params = $params['lp'];
49
  $limit = intval(urldecode($lp_params['limit']));
50
  $filter = urldecode($lp_params['filter']);
@@ -52,15 +97,22 @@ class BVMonitCallback extends BVCallbackBase {
52
  $table = $db->getBVTable(BVWPLPConfig::$requests_table);
53
  $resp["lplogs"] = $this->getData($table, $limit, $filter);
54
  }
 
 
 
 
 
 
55
  if (array_key_exists('fw', $params)) {
56
- require_once dirname( __FILE__ ) . '/../../protect/wp_fw/config.php';
57
  $fw_params = $params['fw'];
58
  $limit = intval(urldecode($fw_params['limit']));
59
  $filter = urldecode($fw_params['filter']);
60
- $db->deleteBVTableContent(BVWPFWConfig::$requests_table, $fw_params['rmfilter']);
61
- $table = $db->getBVTable(BVWPFWConfig::$requests_table);
62
  $resp["fwlogs"] = $this->getData($table, $limit, $filter);
63
  }
 
64
  if (array_key_exists('dynevent', $params)) {
65
  require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
66
  $isdynsyncactive = $settings->getOption('bvDynSyncActive');
@@ -76,6 +128,7 @@ class BVMonitCallback extends BVCallbackBase {
76
  $resp["status"] = true;
77
  }
78
  }
 
79
  $resp["status"] = "done";
80
  break;
81
  case "rmdata":
1
  <?php
2
 
3
  if (!defined('ABSPATH')) exit;
4
+ if (!class_exists('BVWatchCallback')) :
5
 
6
+ class BVWatchCallback extends BVCallbackBase {
7
  public $db;
8
  public $settings;
9
 
31
  return $this->db->deleteBVTableContent($name, $filter);
32
  }
33
 
34
+ public function setWatchTime() {
35
+ return $this->settings->updateOption('bvwatchtime', time());
36
+ }
37
+
38
+ public function getFWPrependLog($params) {
39
+ $result = array();
40
+ $fname = $params['fname'];
41
+ $limit = intval($params['limit']);
42
+
43
+ if (file_exists($fname)) {
44
+
45
+ $result['exists'] = true;
46
+ $tmpfname = $fname."tmp";
47
+
48
+ if (!@rename($fname, $tmpfname)) {
49
+
50
+ $result = array('status' => 'Error', 'message' => 'UNABLE_TO_RENAME_LOGFILE');
51
+
52
+ } else {
53
+
54
+ if (file_exists($tmpfname)) {
55
+
56
+ $fsize = filesize($tmpfname);
57
+ $result["size"] = $fsize;
58
+
59
+ if ($fsize <= $limit) {
60
+
61
+ $result['content'] = file_get_contents($tmpfname);
62
+
63
+ } else {
64
+ $handle = fopen($tmpfname, "rb");
65
+ $result['content'] = fread($handle, $limit);
66
+ $result['incomplete'] = true;
67
+ fclose($handle);
68
+ }
69
+
70
+ $result['tmpfile'] = unlink($tmpfname);
71
+ } else {
72
+ $result['tmpfile'] = 'DOES_NOT_EXISTS';
73
+ }
74
+
75
+ }
76
+ }
77
+
78
+ return $result;
79
  }
80
 
81
  public function process($request) {
82
  $db = $this->db;
83
  $settings = $this->settings;
84
+ $this->setWatchTime();
85
  $params = $request->params;
86
+
87
  switch ($request->method) {
88
  case "getdata":
89
  $resp = array();
90
+
91
  if (array_key_exists('lp', $params)) {
92
+ require_once dirname( __FILE__ ) . '/../../protect/wp/lp/config.php';
93
  $lp_params = $params['lp'];
94
  $limit = intval(urldecode($lp_params['limit']));
95
  $filter = urldecode($lp_params['filter']);
97
  $table = $db->getBVTable(BVWPLPConfig::$requests_table);
98
  $resp["lplogs"] = $this->getData($table, $limit, $filter);
99
  }
100
+
101
+ if (array_key_exists('prelog', $params)) {
102
+ $prelog_params = $params['prelog'];
103
+ $resp["prelog"] = $this->getFWPrependLog($prelog_params);
104
+ }
105
+
106
  if (array_key_exists('fw', $params)) {
107
+ require_once dirname( __FILE__ ) . '/../../protect/fw/config.php';
108
  $fw_params = $params['fw'];
109
  $limit = intval(urldecode($fw_params['limit']));
110
  $filter = urldecode($fw_params['filter']);
111
+ $db->deleteBVTableContent(BVFWConfig::$requests_table, $fw_params['rmfilter']);
112
+ $table = $db->getBVTable(BVFWConfig::$requests_table);
113
  $resp["fwlogs"] = $this->getData($table, $limit, $filter);
114
  }
115
+
116
  if (array_key_exists('dynevent', $params)) {
117
  require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
118
  $isdynsyncactive = $settings->getOption('bvDynSyncActive');
128
  $resp["status"] = true;
129
  }
130
  }
131
+
132
  $resp["status"] = "done";
133
  break;
134
  case "rmdata":
info.php CHANGED
@@ -9,17 +9,23 @@ if (!class_exists('BVInfo')) :
9
  public $badgeinfo = 'bvbadge';
10
  public $ip_header_option = 'bvipheader';
11
  public $brand_option = 'bvbrand';
12
- public $version = '3.4';
13
  public $webpage = 'https://blogvault.net';
14
  public $appurl = 'https://app.blogvault.net';
15
  public $slug = 'blogvault-real-time-backup/blogvault.php';
16
  public $plug_redirect = 'bvredirect';
17
  public $logo = '../img/bvlogo.png';
 
18
 
19
  public function __construct($settings) {
20
  $this->settings = $settings;
21
  }
22
 
 
 
 
 
 
23
  public function getBrandInfo() {
24
  return $this->settings->getOption($this->brand_option);
25
  }
@@ -29,11 +35,20 @@ if (!class_exists('BVInfo')) :
29
  if ($brand && array_key_exists('menuname', $brand)) {
30
  return $brand['menuname'];
31
  }
 
32
  return $this->brandname;
33
  }
34
 
35
- public function getMonitTime() {
36
- $time = $this->settings->getOption('bvmonittime');
 
 
 
 
 
 
 
 
37
  return ($time ? $time : 0);
38
  }
39
 
@@ -48,10 +63,10 @@ if (!class_exists('BVInfo')) :
48
  return $this->appurl;
49
  }
50
  }
51
-
52
  public function isActivePlugin() {
53
  $expiry_time = time() - (3 * 24 * 3600);
54
- return ($this->getMonitTime() > $expiry_time);
55
  }
56
 
57
  public function isProtectModuleEnabled() {
@@ -63,6 +78,7 @@ if (!class_exists('BVInfo')) :
63
  return ($this->settings->getOption('bvdynplug') === $this->plugname) &&
64
  $this->isActivePlugin();
65
  }
 
66
  public function isActivateRedirectSet() {
67
  return ($this->settings->getOption($this->plug_redirect) === 'yes') ? true : false;
68
  }
@@ -75,10 +91,11 @@ if (!class_exists('BVInfo')) :
75
  return $this->getBrandName() === 'BlogVault';
76
  }
77
 
78
- public function respInfo() {
79
  return array(
80
  "bvversion" => $this->version,
81
- "sha1" => "true"
 
82
  );
83
  }
84
  }
9
  public $badgeinfo = 'bvbadge';
10
  public $ip_header_option = 'bvipheader';
11
  public $brand_option = 'bvbrand';
12
+ public $version = '4.2';
13
  public $webpage = 'https://blogvault.net';
14
  public $appurl = 'https://app.blogvault.net';
15
  public $slug = 'blogvault-real-time-backup/blogvault.php';
16
  public $plug_redirect = 'bvredirect';
17
  public $logo = '../img/bvlogo.png';
18
+ public $brand_icon = '/img/icon.png';
19
 
20
  public function __construct($settings) {
21
  $this->settings = $settings;
22
  }
23
 
24
+ public function canOverrideCW() {
25
+ $scanOption = $this->settings->getOption('bvoverridecw');
26
+ return (isset($scanOption) && $scanOption == 1);
27
+ }