Version Description
- Fixing bug which prevented a user from activating/deactivating the plugin
Download this release
Release Info
Developer | furkan811 |
Plugin | Cloudflare |
Version | 1.3.22 |
Comparing to | |
See all releases |
Version 1.3.22
- IpRange.php +210 -0
- IpRewrite.php +109 -0
- cloudflare.php +609 -0
- readme.txt +191 -0
IpRange.php
ADDED
@@ -0,0 +1,210 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
* ip_in_range.php - Function to determine if an IP is located in a
|
4 |
+
* specific range as specified via several alternative
|
5 |
+
* formats.
|
6 |
+
*
|
7 |
+
* Network ranges can be specified as:
|
8 |
+
* 1. Wildcard format: 1.2.3.*
|
9 |
+
* 2. CIDR format: 1.2.3/24 OR 1.2.3.4/255.255.255.0
|
10 |
+
* 3. Start-End IP format: 1.2.3.0-1.2.3.255
|
11 |
+
*
|
12 |
+
* Return value BOOLEAN : ip_in_range($ip, $range);
|
13 |
+
*
|
14 |
+
* Copyright 2008: Paul Gregg <pgregg@pgregg.com>
|
15 |
+
* 10 January 2008
|
16 |
+
* Version: 1.2
|
17 |
+
*
|
18 |
+
* Source website: http://www.pgregg.com/projects/php/ip_in_range/
|
19 |
+
* Version 1.2
|
20 |
+
*
|
21 |
+
* This software is Donationware - if you feel you have benefited from
|
22 |
+
* the use of this tool then please consider a donation. The value of
|
23 |
+
* which is entirely left up to your discretion.
|
24 |
+
* http://www.pgregg.com/donate/
|
25 |
+
*
|
26 |
+
* Please do not remove this header, or source attibution from this file.
|
27 |
+
*/
|
28 |
+
|
29 |
+
/*
|
30 |
+
* Modified by James Greene <james@cloudflare.com> to include IPV6 support
|
31 |
+
* (original version only supported IPV4).
|
32 |
+
* 21 May 2012
|
33 |
+
*/
|
34 |
+
|
35 |
+
namespace CloudFlare;
|
36 |
+
|
37 |
+
class IpRange
|
38 |
+
{
|
39 |
+
// ipv4_in_range
|
40 |
+
// This function takes 2 arguments, an IP address and a "range" in several
|
41 |
+
// different formats.
|
42 |
+
// Network ranges can be specified as:
|
43 |
+
// 1. Wildcard format: 1.2.3.*
|
44 |
+
// 2. CIDR format: 1.2.3/24 OR 1.2.3.4/255.255.255.0
|
45 |
+
// 3. Start-End IP format: 1.2.3.0-1.2.3.255
|
46 |
+
// The function will return true if the supplied IP is within the range.
|
47 |
+
// Note little validation is done on the range inputs - it expects you to
|
48 |
+
// use one of the above 3 formats.
|
49 |
+
public static function ipv4_in_range($ip, $range) {
|
50 |
+
if (strpos($range, '/') !== false) {
|
51 |
+
// $range is in IP/NETMASK format
|
52 |
+
list($range, $netmask) = explode('/', $range, 2);
|
53 |
+
if (strpos($netmask, '.') !== false) {
|
54 |
+
// $netmask is a 255.255.0.0 format
|
55 |
+
$netmask = str_replace('*', '0', $netmask);
|
56 |
+
$netmask_dec = ip2long($netmask);
|
57 |
+
return ( (ip2long($ip) & $netmask_dec) == (ip2long($range) & $netmask_dec) );
|
58 |
+
} else {
|
59 |
+
// $netmask is a CIDR size block
|
60 |
+
// fix the range argument
|
61 |
+
$x = explode('.', $range);
|
62 |
+
while(count($x)<4) $x[] = '0';
|
63 |
+
list($a,$b,$c,$d) = $x;
|
64 |
+
$range = sprintf("%u.%u.%u.%u", empty($a)?'0':$a, empty($b)?'0':$b,empty($c)?'0':$c,empty($d)?'0':$d);
|
65 |
+
$range_dec = ip2long($range);
|
66 |
+
$ip_dec = ip2long($ip);
|
67 |
+
|
68 |
+
# Strategy 1 - Create the netmask with 'netmask' 1s and then fill it to 32 with 0s
|
69 |
+
#$netmask_dec = bindec(str_pad('', $netmask, '1') . str_pad('', 32-$netmask, '0'));
|
70 |
+
|
71 |
+
# Strategy 2 - Use math to create it
|
72 |
+
$wildcard_dec = pow(2, (32-$netmask)) - 1;
|
73 |
+
$netmask_dec = ~ $wildcard_dec;
|
74 |
+
|
75 |
+
return (($ip_dec & $netmask_dec) == ($range_dec & $netmask_dec));
|
76 |
+
}
|
77 |
+
} else {
|
78 |
+
// range might be 255.255.*.* or 1.2.3.0-1.2.3.255
|
79 |
+
if (strpos($range, '*') !==false) { // a.b.*.* format
|
80 |
+
// Just convert to A-B format by setting * to 0 for A and 255 for B
|
81 |
+
$lower = str_replace('*', '0', $range);
|
82 |
+
$upper = str_replace('*', '255', $range);
|
83 |
+
$range = "$lower-$upper";
|
84 |
+
}
|
85 |
+
|
86 |
+
if (strpos($range, '-')!==false) { // A-B format
|
87 |
+
list($lower, $upper) = explode('-', $range, 2);
|
88 |
+
$lower_dec = (float)sprintf("%u",ip2long($lower));
|
89 |
+
$upper_dec = (float)sprintf("%u",ip2long($upper));
|
90 |
+
$ip_dec = (float)sprintf("%u",ip2long($ip));
|
91 |
+
return ( ($ip_dec>=$lower_dec) && ($ip_dec<=$upper_dec) );
|
92 |
+
}
|
93 |
+
return false;
|
94 |
+
}
|
95 |
+
}
|
96 |
+
|
97 |
+
public static function ip2long6($ip) {
|
98 |
+
if (substr_count($ip, '::')) {
|
99 |
+
$ip = str_replace('::', str_repeat(':0000', 8 - substr_count($ip, ':')) . ':', $ip);
|
100 |
+
}
|
101 |
+
|
102 |
+
$ip = explode(':', $ip);
|
103 |
+
$r_ip = '';
|
104 |
+
foreach ($ip as $v) {
|
105 |
+
$r_ip .= str_pad(base_convert($v, 16, 2), 16, 0, STR_PAD_LEFT);
|
106 |
+
}
|
107 |
+
|
108 |
+
return base_convert($r_ip, 2, 10);
|
109 |
+
}
|
110 |
+
|
111 |
+
// Get the ipv6 full format and return it as a decimal value.
|
112 |
+
public static function get_ipv6_full($ip)
|
113 |
+
{
|
114 |
+
$pieces = explode ("/", $ip, 2);
|
115 |
+
$left_piece = $pieces[0];
|
116 |
+
$right_piece = null;
|
117 |
+
if (count($pieces) > 1) $right_piece = $pieces[1];
|
118 |
+
|
119 |
+
// Extract out the main IP pieces
|
120 |
+
$ip_pieces = explode("::", $left_piece, 2);
|
121 |
+
$main_ip_piece = $ip_pieces[0];
|
122 |
+
$last_ip_piece = null;
|
123 |
+
if (count($ip_pieces) > 1) $last_ip_piece = $ip_pieces[1];
|
124 |
+
|
125 |
+
// Pad out the shorthand entries.
|
126 |
+
$main_ip_pieces = explode(":", $main_ip_piece);
|
127 |
+
foreach($main_ip_pieces as $key=>$val) {
|
128 |
+
$main_ip_pieces[$key] = str_pad($main_ip_pieces[$key], 4, "0", STR_PAD_LEFT);
|
129 |
+
}
|
130 |
+
|
131 |
+
// Check to see if the last IP block (part after ::) is set
|
132 |
+
$last_piece = "";
|
133 |
+
$size = count($main_ip_pieces);
|
134 |
+
if (trim($last_ip_piece) != "") {
|
135 |
+
$last_piece = str_pad($last_ip_piece, 4, "0", STR_PAD_LEFT);
|
136 |
+
|
137 |
+
// Build the full form of the IPV6 address considering the last IP block set
|
138 |
+
for ($i = $size; $i < 7; $i++) {
|
139 |
+
$main_ip_pieces[$i] = "0000";
|
140 |
+
}
|
141 |
+
$main_ip_pieces[7] = $last_piece;
|
142 |
+
}
|
143 |
+
else {
|
144 |
+
// Build the full form of the IPV6 address
|
145 |
+
for ($i = $size; $i < 8; $i++) {
|
146 |
+
$main_ip_pieces[$i] = "0000";
|
147 |
+
}
|
148 |
+
}
|
149 |
+
|
150 |
+
// Rebuild the final long form IPV6 address
|
151 |
+
$final_ip = implode(":", $main_ip_pieces);
|
152 |
+
|
153 |
+
return self::ip2long6($final_ip);
|
154 |
+
}
|
155 |
+
|
156 |
+
|
157 |
+
// Determine whether the IPV6 address is within range.
|
158 |
+
// $ip is the IPV6 address in decimal format to check if its within the IP range created by the cloudflare IPV6 address, $range_ip.
|
159 |
+
// $ip and $range_ip are converted to full IPV6 format.
|
160 |
+
// Returns true if the IPV6 address, $ip, is within the range from $range_ip. False otherwise.
|
161 |
+
public static function ipv6_in_range($ip, $range_ip)
|
162 |
+
{
|
163 |
+
$pieces = explode ("/", $range_ip, 2);
|
164 |
+
$left_piece = $pieces[0];
|
165 |
+
$right_piece = $pieces[1];
|
166 |
+
|
167 |
+
// Extract out the main IP pieces
|
168 |
+
$ip_pieces = explode("::", $left_piece, 2);
|
169 |
+
$main_ip_piece = $ip_pieces[0];
|
170 |
+
$last_ip_piece = $ip_pieces[1];
|
171 |
+
|
172 |
+
// Pad out the shorthand entries.
|
173 |
+
$main_ip_pieces = explode(":", $main_ip_piece);
|
174 |
+
foreach($main_ip_pieces as $key=>$val) {
|
175 |
+
$main_ip_pieces[$key] = str_pad($main_ip_pieces[$key], 4, "0", STR_PAD_LEFT);
|
176 |
+
}
|
177 |
+
|
178 |
+
// Create the first and last pieces that will denote the IPV6 range.
|
179 |
+
$first = $main_ip_pieces;
|
180 |
+
$last = $main_ip_pieces;
|
181 |
+
|
182 |
+
// Check to see if the last IP block (part after ::) is set
|
183 |
+
$last_piece = "";
|
184 |
+
$size = count($main_ip_pieces);
|
185 |
+
if (trim($last_ip_piece) != "") {
|
186 |
+
$last_piece = str_pad($last_ip_piece, 4, "0", STR_PAD_LEFT);
|
187 |
+
|
188 |
+
// Build the full form of the IPV6 address considering the last IP block set
|
189 |
+
for ($i = $size; $i < 7; $i++) {
|
190 |
+
$first[$i] = "0000";
|
191 |
+
$last[$i] = "ffff";
|
192 |
+
}
|
193 |
+
$main_ip_pieces[7] = $last_piece;
|
194 |
+
}
|
195 |
+
else {
|
196 |
+
// Build the full form of the IPV6 address
|
197 |
+
for ($i = $size; $i < 8; $i++) {
|
198 |
+
$first[$i] = "0000";
|
199 |
+
$last[$i] = "ffff";
|
200 |
+
}
|
201 |
+
}
|
202 |
+
|
203 |
+
// Rebuild the final long form IPV6 address
|
204 |
+
$first = self::ip2long6(implode(":", $first));
|
205 |
+
$last = self::ip2long6(implode(":", $last));
|
206 |
+
$in_range = ($ip >= $first && $ip <= $last);
|
207 |
+
|
208 |
+
return $in_range;
|
209 |
+
}
|
210 |
+
}
|
IpRewrite.php
ADDED
@@ -0,0 +1,109 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace CloudFlare;
|
4 |
+
|
5 |
+
class IpRewrite {
|
6 |
+
static protected $is_cf = NULL;
|
7 |
+
static protected $original_ip = FALSE;
|
8 |
+
static protected $rewritten_ip = FALSE;
|
9 |
+
|
10 |
+
static protected $cf_ipv4 = array(
|
11 |
+
"199.27.128.0/21",
|
12 |
+
"173.245.48.0/20",
|
13 |
+
"103.21.244.0/22",
|
14 |
+
"103.22.200.0/22",
|
15 |
+
"103.31.4.0/22",
|
16 |
+
"141.101.64.0/18",
|
17 |
+
"108.162.192.0/18",
|
18 |
+
"190.93.240.0/20",
|
19 |
+
"188.114.96.0/20",
|
20 |
+
"197.234.240.0/22",
|
21 |
+
"198.41.128.0/17",
|
22 |
+
"162.158.0.0/15",
|
23 |
+
"104.16.0.0/12",
|
24 |
+
"172.64.0.0/13"
|
25 |
+
);
|
26 |
+
|
27 |
+
static protected $cf_ipv6 = array(
|
28 |
+
"2400:cb00::/32",
|
29 |
+
"2606:4700::/32",
|
30 |
+
"2803:f800::/32",
|
31 |
+
"2405:b500::/32",
|
32 |
+
"2405:8100::/32"
|
33 |
+
);
|
34 |
+
|
35 |
+
// Returns boolean
|
36 |
+
public static function isCloudFlare()
|
37 |
+
{
|
38 |
+
self::rewrite();
|
39 |
+
return self::$is_cf;
|
40 |
+
}
|
41 |
+
|
42 |
+
// Returns IP Address or false on error
|
43 |
+
public static function getRewrittenIP()
|
44 |
+
{
|
45 |
+
self::rewrite();
|
46 |
+
return self::$rewritten_ip;
|
47 |
+
}
|
48 |
+
|
49 |
+
// Returns IP Address or false on error
|
50 |
+
public static function getOriginalIP()
|
51 |
+
{
|
52 |
+
self::rewrite();
|
53 |
+
return self::$original_ip;
|
54 |
+
}
|
55 |
+
|
56 |
+
// Helper method for testing, should not be used in production
|
57 |
+
public static function reset()
|
58 |
+
{
|
59 |
+
self::$is_cf = NULL;
|
60 |
+
self::$original_ip = FALSE;
|
61 |
+
self::$rewritten_ip = FALSE;
|
62 |
+
}
|
63 |
+
|
64 |
+
/*
|
65 |
+
* Protected function to handle the rewriting of CloudFlare IP Addresses to end-user IP Addresses
|
66 |
+
*
|
67 |
+
* ** NOTE: This function will ultimately rewrite $_SERVER["REMOTE_ADDR"] if the site is on CloudFlare
|
68 |
+
*/
|
69 |
+
protected static function rewrite()
|
70 |
+
{
|
71 |
+
// only should be run once per page load
|
72 |
+
if (self::$is_cf !== NULL) {
|
73 |
+
return;
|
74 |
+
}
|
75 |
+
|
76 |
+
// Set this based on the presence of the header, so it is true even if IP has already been rewritten
|
77 |
+
self::$is_cf = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? TRUE : FALSE;
|
78 |
+
|
79 |
+
// Store original remote address in $original_ip
|
80 |
+
self::$original_ip = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : FALSE;
|
81 |
+
|
82 |
+
// Process original_ip if on cloudflare
|
83 |
+
if (self::$is_cf && self::$original_ip) {
|
84 |
+
// Check for IPv4 v. IPv6
|
85 |
+
if (strpos(self::$original_ip, ":") === FALSE) {
|
86 |
+
foreach (self::$cf_ipv4 as $range) {
|
87 |
+
if (IpRange::ipv4_in_range(self::$original_ip, $range)) {
|
88 |
+
if (self::$is_cf) {
|
89 |
+
self::$rewritten_ip = $_SERVER["REMOTE_ADDR"] =
|
90 |
+
$_SERVER["HTTP_CF_CONNECTING_IP"];
|
91 |
+
}
|
92 |
+
break;
|
93 |
+
}
|
94 |
+
}
|
95 |
+
} else {
|
96 |
+
$ipv6 = IpRange::get_ipv6_full(self::$original_ip);
|
97 |
+
foreach (self::$cf_ipv6 as $range) {
|
98 |
+
if (IpRange::ipv6_in_range($ipv6, $range)) {
|
99 |
+
if (self::$is_cf) {
|
100 |
+
self::$rewritten_ip = $_SERVER["REMOTE_ADDR"] =
|
101 |
+
$_SERVER["HTTP_CF_CONNECTING_IP"];
|
102 |
+
}
|
103 |
+
break;
|
104 |
+
}
|
105 |
+
}
|
106 |
+
}
|
107 |
+
}
|
108 |
+
}
|
109 |
+
}
|
cloudflare.php
ADDED
@@ -0,0 +1,609 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
Plugin Name: CloudFlare
|
4 |
+
Plugin URI: http://www.cloudflare.com/wiki/CloudFlareWordPressPlugin
|
5 |
+
Description: CloudFlare integrates your blog with the CloudFlare platform.
|
6 |
+
Version: 1.3.22
|
7 |
+
Author: Ian Pye, Jerome Chen, James Greene, Simon Moore, David Fritsch, John Wineman (CloudFlare Team)
|
8 |
+
License: GPLv2
|
9 |
+
*/
|
10 |
+
|
11 |
+
/*
|
12 |
+
This program is free software; you can redistribute it and/or modify
|
13 |
+
it under the terms of the GNU General Public License as published by
|
14 |
+
the Free Software Foundation; version 2 of the License.
|
15 |
+
|
16 |
+
This program is distributed in the hope that it will be useful,
|
17 |
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
18 |
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
19 |
+
GNU General Public License for more details.
|
20 |
+
|
21 |
+
You should have received a copy of the GNU General Public License
|
22 |
+
along with this program; if not, write to the Free Software
|
23 |
+
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
24 |
+
|
25 |
+
Plugin adapted from the Akismet WP plugin.
|
26 |
+
|
27 |
+
*/
|
28 |
+
|
29 |
+
define('CLOUDFLARE_VERSION', '1.3.22');
|
30 |
+
define('CLOUDFLARE_API_URL', 'https://www.cloudflare.com/api_json.html');
|
31 |
+
define('CLOUDFLARE_SPAM_URL', 'https://www.cloudflare.com/ajax/external-event.html');
|
32 |
+
|
33 |
+
require_once("IpRewrite.php");
|
34 |
+
require_once("IpRange.php");
|
35 |
+
|
36 |
+
use CloudFlare\IpRewrite;
|
37 |
+
|
38 |
+
$cfPostKeys = array("cloudflare_zone_name", "key", "email", "dev_mode", "protocol_rewrite");
|
39 |
+
|
40 |
+
foreach($_POST as $key => $value) {
|
41 |
+
if(in_array($key, $cfPostKeys)) {
|
42 |
+
$_POST[$key] = cloudflare_filter_xss($_POST[$key]);
|
43 |
+
}
|
44 |
+
}
|
45 |
+
|
46 |
+
function cloudflare_filter_xss($input) {
|
47 |
+
return htmlentities($input, ENT_QUOTES | ENT_HTML5, "UTF-8");
|
48 |
+
}
|
49 |
+
|
50 |
+
|
51 |
+
// Make sure we don't expose any info if called directly
|
52 |
+
if ( !function_exists( 'add_action' ) ) {
|
53 |
+
echo "Hi there! I'm just a plugin, not much I can do when called directly.";
|
54 |
+
exit;
|
55 |
+
}
|
56 |
+
|
57 |
+
function cloudflare_init() {
|
58 |
+
global $is_cf;
|
59 |
+
|
60 |
+
$is_cf = IpRewrite::isCloudFlare();
|
61 |
+
|
62 |
+
add_action('admin_menu', 'cloudflare_config_page');
|
63 |
+
}
|
64 |
+
add_action('init', 'cloudflare_init',1);
|
65 |
+
|
66 |
+
function cloudflare_admin_init() {
|
67 |
+
|
68 |
+
}
|
69 |
+
|
70 |
+
add_action('admin_init', 'cloudflare_admin_init');
|
71 |
+
|
72 |
+
function cloudflare_plugin_action_links( $links ) {
|
73 |
+
$links[] = '<a href="'. get_admin_url(null, 'options-general.php?page=cloudflare') .'">Settings</a>';
|
74 |
+
return $links;
|
75 |
+
}
|
76 |
+
|
77 |
+
add_filter( 'plugin_action_links_' . plugin_basename(__FILE__), 'cloudflare_plugin_action_links' );
|
78 |
+
|
79 |
+
function cloudflare_config_page() {
|
80 |
+
if (function_exists('add_options_page')) {
|
81 |
+
add_options_page(__('CloudFlare Configuration'), __('CloudFlare'), 'manage_options', 'cloudflare', 'cloudflare_conf');
|
82 |
+
}
|
83 |
+
}
|
84 |
+
|
85 |
+
function load_cloudflare_keys () {
|
86 |
+
global $cloudflare_api_key, $cloudflare_api_email, $cloudflare_zone_name, $cloudflare_protocol_rewrite;
|
87 |
+
$cloudflare_api_key = get_option('cloudflare_api_key');
|
88 |
+
$cloudflare_api_email = get_option('cloudflare_api_email');
|
89 |
+
$cloudflare_zone_name = get_option('cloudflare_zone_name');
|
90 |
+
$cloudflare_protocol_rewrite = load_protocol_rewrite();
|
91 |
+
}
|
92 |
+
|
93 |
+
function load_protocol_rewrite() {
|
94 |
+
return get_option('cloudflare_protocol_rewrite', 1);
|
95 |
+
}
|
96 |
+
|
97 |
+
function cloudflare_conf() {
|
98 |
+
|
99 |
+
if ( function_exists('current_user_can') && !current_user_can('manage_options') )
|
100 |
+
die(__('Cheatin’ uh?'));
|
101 |
+
global $cloudflare_zone_name, $cloudflare_api_key, $cloudflare_api_email, $cloudflare_protocol_rewrite, $is_cf;
|
102 |
+
global $wpdb;
|
103 |
+
|
104 |
+
load_cloudflare_keys();
|
105 |
+
|
106 |
+
$messages = array(
|
107 |
+
'ip_restore_on' => array('text' => __('Plugin Status: True visitor IP is being restored')),
|
108 |
+
'comment_spam_on' => array('text' => __('Plugin Status: CloudFlare will be notified when you mark comments as spam')),
|
109 |
+
'comment_spam_off' => array('text' => __('Plugin Status: CloudFlare will NOT be notified when you mark comments as spam, enter your API details below')),
|
110 |
+
'dev_mode_on' => array('text' => __('Development mode is On. Happy blogging!')),
|
111 |
+
'dev_mode_off' => array('text' => __('Development mode is Off. Happy blogging!')),
|
112 |
+
'protocol_rewrite_on' => array('text' => __('Protocol rewriting is On. Happy blogging!')),
|
113 |
+
'protocol_rewrite_off' => array('text' => __('Protocol rewriting is Off. Happy blogging!')),
|
114 |
+
'manual_entry' => array('text' => __('Enter your CloudFlare domain name, e-mail address and API key below')),
|
115 |
+
'options_saved' => array('text' => __('Options Saved')),
|
116 |
+
);
|
117 |
+
|
118 |
+
$notices = array();
|
119 |
+
$warnings = array();
|
120 |
+
$errors = array();
|
121 |
+
|
122 |
+
$notices[] = 'ip_restore_on';
|
123 |
+
|
124 |
+
// get raw domain - may include www.
|
125 |
+
$urlparts = parse_url(site_url());
|
126 |
+
$raw_domain = $urlparts["host"];
|
127 |
+
|
128 |
+
// if we don't have a domain name already populated
|
129 |
+
if (empty($cloudflare_zone_name)) {
|
130 |
+
|
131 |
+
if (!empty($cloudflare_api_key) && !empty($cloudflare_api_email)) {
|
132 |
+
// Attempt to get the matching host from CF
|
133 |
+
$getDomain = get_domain($cloudflare_api_key, $cloudflare_api_email, $raw_domain);
|
134 |
+
|
135 |
+
// If not found, default to pulling the domain via client side.
|
136 |
+
if (is_wp_error($getDomain)) {
|
137 |
+
$messages['get_domain_failed'] = array('text' => __('Unable to automatically get domain - ' . $getDomain->get_error_message() . ' - please tell us your domain in the form below'));
|
138 |
+
$warnings[] = 'get_domain_failed';
|
139 |
+
}
|
140 |
+
else {
|
141 |
+
update_option('cloudflare_zone_name', esc_sql($getDomain));
|
142 |
+
update_option('cloudflare_zone_name_set_once', "TRUE");
|
143 |
+
load_cloudflare_keys();
|
144 |
+
}
|
145 |
+
}
|
146 |
+
}
|
147 |
+
|
148 |
+
$db_results = array();
|
149 |
+
|
150 |
+
if ( isset($_POST['submit'])
|
151 |
+
&& check_admin_referer('cloudflare-db-api','cloudflare-db-api-nonce') ) {
|
152 |
+
|
153 |
+
if ( function_exists('current_user_can') && !current_user_can('manage_options') ) {
|
154 |
+
die(__('Cheatin’ uh?'));
|
155 |
+
}
|
156 |
+
|
157 |
+
$zone_name = $_POST['cloudflare_zone_name'];
|
158 |
+
$key = $_POST['key'];
|
159 |
+
$email = $_POST['email'];
|
160 |
+
$dev_mode = esc_sql($_POST["dev_mode"]);
|
161 |
+
$protocol_rewrite = esc_sql($_POST["protocol_rewrite"]);
|
162 |
+
|
163 |
+
if ( empty($zone_name) ) {
|
164 |
+
$zone_status = 'empty';
|
165 |
+
$zone_message = 'Your domain name has been cleared.';
|
166 |
+
delete_option('cloudflare_zone_name');
|
167 |
+
} else {
|
168 |
+
$zone_message = 'Your domain name has been saved.';
|
169 |
+
update_option('cloudflare_zone_name', esc_sql($zone_name));
|
170 |
+
update_option('cloudflare_zone_name_set_once', "TRUE");
|
171 |
+
}
|
172 |
+
|
173 |
+
if ( empty($key) ) {
|
174 |
+
$key_status = 'empty';
|
175 |
+
$key_message = 'Your key has been cleared.';
|
176 |
+
delete_option('cloudflare_api_key');
|
177 |
+
} else {
|
178 |
+
$key_message = 'Your key has been verified.';
|
179 |
+
update_option('cloudflare_api_key', esc_sql($key));
|
180 |
+
update_option('cloudflare_api_key_set_once', "TRUE");
|
181 |
+
}
|
182 |
+
|
183 |
+
if ( empty($email) || !is_email($email) ) {
|
184 |
+
$email_status = 'empty';
|
185 |
+
$email_message = 'Your email has been cleared.';
|
186 |
+
delete_option('cloudflare_api_email');
|
187 |
+
} else {
|
188 |
+
$email_message = 'Your email has been verified.';
|
189 |
+
update_option('cloudflare_api_email', esc_sql($email));
|
190 |
+
update_option('cloudflare_api_email_set_once', "TRUE");
|
191 |
+
}
|
192 |
+
|
193 |
+
if (in_array($protocol_rewrite, array("0","1")) === TRUE) {
|
194 |
+
update_option('cloudflare_protocol_rewrite', $protocol_rewrite);
|
195 |
+
}
|
196 |
+
|
197 |
+
// update the values
|
198 |
+
load_cloudflare_keys();
|
199 |
+
|
200 |
+
if ($cloudflare_api_key != "" && $cloudflare_api_email != "" && $cloudflare_zone_name != "" && $dev_mode != "") {
|
201 |
+
|
202 |
+
$result = set_dev_mode(esc_sql($cloudflare_api_key), esc_sql($cloudflare_api_email), $cloudflare_zone_name, $dev_mode);
|
203 |
+
|
204 |
+
if (is_wp_error($result)) {
|
205 |
+
trigger_error($result->get_error_message(), E_USER_WARNING);
|
206 |
+
$messages['set_dev_mode_failed'] = array('text' => __('Unable to set development mode - ' . $result->get_error_message() . ' - try logging into cloudflare.com to set development mode'));
|
207 |
+
$errors[] = 'set_dev_mode_failed';
|
208 |
+
}
|
209 |
+
else {
|
210 |
+
if ($dev_mode && $result->result == 'success') {
|
211 |
+
$notices[] = 'dev_mode_on';
|
212 |
+
}
|
213 |
+
else if (!$dev_mode && $result->result == 'success') {
|
214 |
+
$notices[] = 'dev_mode_off';
|
215 |
+
}
|
216 |
+
}
|
217 |
+
}
|
218 |
+
|
219 |
+
$notices[] = 'options_saved';
|
220 |
+
}
|
221 |
+
|
222 |
+
if (!empty($cloudflare_api_key) && !empty($cloudflare_api_email) && !empty($cloudflare_zone_name)) {
|
223 |
+
$dev_mode = get_dev_mode_status($cloudflare_api_key, $cloudflare_api_email, $cloudflare_zone_name);
|
224 |
+
|
225 |
+
if (is_wp_error($dev_mode)) {
|
226 |
+
$messages['get_dev_mode_failed'] = array('text' => __('Unable to get current development mode status - ' . $dev_mode->get_error_message()));
|
227 |
+
$errors[] = 'get_dev_mode_failed';
|
228 |
+
}
|
229 |
+
}
|
230 |
+
else {
|
231 |
+
$warnings[] = 'manual_entry';
|
232 |
+
}
|
233 |
+
|
234 |
+
if (!empty($cloudflare_api_key) && !empty($cloudflare_api_email)) $notices[] = 'comment_spam_on';
|
235 |
+
else $warnings[] = 'comment_spam_off';
|
236 |
+
|
237 |
+
?>
|
238 |
+
<div class="wrap">
|
239 |
+
|
240 |
+
<?php if ($is_cf) { ?>
|
241 |
+
<h3>You are currently using CloudFlare!</h3>
|
242 |
+
<?php } ?>
|
243 |
+
|
244 |
+
<?php if ($notices) { foreach ( $notices as $m ) { ?>
|
245 |
+
<div class="updated" style="border-left-color: #7ad03a; padding: 10px;"><?php echo $messages[$m]['text']; ?></div>
|
246 |
+
<?php } } ?>
|
247 |
+
|
248 |
+
<?php if ($warnings) { foreach ( $warnings as $m ) { ?>
|
249 |
+
<div class="updated" style="border-left-color: #ffba00; padding: 10px;"><em><?php echo $messages[$m]['text']; ?></em></div>
|
250 |
+
<?php } } ?>
|
251 |
+
|
252 |
+
<?php if ($errors) { foreach ( $errors as $m ) { ?>
|
253 |
+
<div class="updated" style="border-left-color: #dd3d36; padding: 10px;"><b><?php echo $messages[$m]['text']; ?></b></div>
|
254 |
+
<?php } } ?>
|
255 |
+
|
256 |
+
<h4><?php _e('CLOUDFLARE WORDPRESS PLUGIN:'); ?></h4>
|
257 |
+
|
258 |
+
CloudFlare has developed a plugin for WordPress. By using the CloudFlare WordPress Plugin, you receive:
|
259 |
+
<ol>
|
260 |
+
<li>Correct IP Address information for comments posted to your site</li>
|
261 |
+
<li>Better protection as spammers from your WordPress blog get reported to CloudFlare</li>
|
262 |
+
<li>If cURL is installed, you can enter your CloudFlare API details so you can toggle <a href="https://support.cloudflare.com/hc/en-us/articles/200168246-What-does-CloudFlare-Development-mode-mean-" target="_blank">Development mode</a> on/off using the form below</li>
|
263 |
+
</ol>
|
264 |
+
|
265 |
+
<h4>VERSION COMPATIBILITY:</h4>
|
266 |
+
|
267 |
+
The plugin is compatible with WordPress version 2.8.6 and later. The plugin will not install unless you have a compatible platform.
|
268 |
+
|
269 |
+
<h4>THINGS YOU NEED TO KNOW:</h4>
|
270 |
+
|
271 |
+
<ol>
|
272 |
+
<li>The main purpose of this plugin is to ensure you have no change to your originating IPs when using CloudFlare. Since CloudFlare acts a reverse proxy, connecting IPs now come from CloudFlare's range. This plugin will ensure you can continue to see the originating IP. Once you install the plugin, the IP benefit will be activated.</li>
|
273 |
+
|
274 |
+
<li>Every time you click the 'spam' button on your blog, this threat information is sent to CloudFlare to ensure you are constantly getting the best site protection.</li>
|
275 |
+
|
276 |
+
<li>We recommend that any user on CloudFlare with WordPress use this plugin. </li>
|
277 |
+
|
278 |
+
<li>NOTE: This plugin is complementary to Akismet and W3 Total Cache. We recommend that you continue to use those services.</li>
|
279 |
+
|
280 |
+
</ol>
|
281 |
+
|
282 |
+
<h4>MORE INFORMATION ON CLOUDFLARE:</h4>
|
283 |
+
|
284 |
+
CloudFlare is a service that makes websites load faster and protects sites from online spammers and hackers. Any website with a root domain (ie www.mydomain.com) can use CloudFlare. On average, it takes less than 5 minutes to sign up. You can learn more here: <a href="http://www.cloudflare.com/" target="_blank">CloudFlare.com</a>.
|
285 |
+
|
286 |
+
<hr />
|
287 |
+
|
288 |
+
<form action="" method="post" id="cloudflare-conf">
|
289 |
+
<?php wp_nonce_field('cloudflare-db-api','cloudflare-db-api-nonce'); ?>
|
290 |
+
<?php if (get_option('cloudflare_api_key') && get_option('cloudflare_api_email')) { ?>
|
291 |
+
<?php } else { ?>
|
292 |
+
<p><?php printf(__('Input your API key from your CloudFlare Accounts Settings page here. To find your API key, log in to <a href="%1$s">CloudFlare</a> and go to \'Account\'.'), 'https://www.cloudflare.com/a/account/my-account'); ?></p>
|
293 |
+
<?php } ?>
|
294 |
+
<h3><label for="cloudflare_zone_name"><?php _e('CloudFlare Domain Name'); ?></label></h3>
|
295 |
+
<p>
|
296 |
+
<input id="cloudflare_zone_name" name="cloudflare_zone_name" type="text" size="50" maxlength="255" value="<?php echo $cloudflare_zone_name; ?>" style="font-family: 'Courier New', Courier, mono; font-size: 1.5em;" /> (<?php _e('<a href="https://www.cloudflare.com/a/overview" target="_blank">Get this?</a>'); ?>)
|
297 |
+
</p>
|
298 |
+
<p>E.g. Enter domain.com not www.domain.com / blog.domain.com</p>
|
299 |
+
<?php if (isset($zone_message)) echo sprintf('<p>%s</p>', $zone_message); ?>
|
300 |
+
<h3><label for="key"><?php _e('CloudFlare API Key'); ?></label></h3>
|
301 |
+
<p>
|
302 |
+
<input id="key" name="key" type="text" size="50" maxlength="48" value="<?php echo get_option('cloudflare_api_key'); ?>" style="font-family: 'Courier New', Courier, mono; font-size: 1.5em;" /> (<?php _e('<a href="https://www.cloudflare.com/a/account/my-account" target="_blank">Get this?</a>'); ?>)
|
303 |
+
</p>
|
304 |
+
<?php if (isset($key_message)) echo sprintf('<p>%s</p>', $key_message); ?>
|
305 |
+
|
306 |
+
<h3><label for="email"><?php _e('CloudFlare API Email'); ?></label></h3>
|
307 |
+
<p>
|
308 |
+
<input id="email" name="email" type="text" size="50" maxlength="48" value="<?php echo get_option('cloudflare_api_email'); ?>" style="font-family: 'Courier New', Courier, mono; font-size: 1.5em;" /> (<?php _e('<a href="https://www.cloudflare.com/a/account/my-account" target="_blank">Get this?</a>'); ?>)
|
309 |
+
</p>
|
310 |
+
<?php if (isset($key_message)) echo sprintf('<p>%s</p>', $key_message); ?>
|
311 |
+
|
312 |
+
<h3><label for="dev_mode"><?php _e('Development Mode'); ?></label> <span style="font-size:9pt;">(<a href="https://support.cloudflare.com/hc/en-us/articles/200168246-What-does-CloudFlare-Development-mode-mean-" target="_blank">What is this?</a>)</span></h3>
|
313 |
+
|
314 |
+
<div style="font-family: 'Courier New', Courier, mono; font-size: 1.5em;">
|
315 |
+
<input type="radio" name="dev_mode" value="0" <?php if ($dev_mode == "off") echo "checked"; ?>> Off
|
316 |
+
<input type="radio" name="dev_mode" value="1" <?php if ($dev_mode == "on") echo "checked"; ?>> On
|
317 |
+
</div>
|
318 |
+
|
319 |
+
<h3><label for="protocol_rewrite"><?php _e('HTTPS Protocol Rewriting'); ?></label> <span style="font-size:9pt;">(<a href="https://support.cloudflare.com/hc/en-us/articles/203652674" target="_blank">What is this?</a>)</span></h3>
|
320 |
+
|
321 |
+
<div style="font-family: 'Courier New', Courier, mono; font-size: 1.5em;">
|
322 |
+
<input type="radio" name="protocol_rewrite" value="0" <?php if ($cloudflare_protocol_rewrite == 0) echo "checked"; ?>> Off
|
323 |
+
<input type="radio" name="protocol_rewrite" value="1" <?php if ($cloudflare_protocol_rewrite == 1) echo "checked"; ?>> On
|
324 |
+
</div>
|
325 |
+
|
326 |
+
<p class="submit"><input type="submit" name="submit" value="<?php _e('Update options »'); ?>" /></p>
|
327 |
+
</form>
|
328 |
+
|
329 |
+
<?php // </div> ?>
|
330 |
+
</div>
|
331 |
+
<?php
|
332 |
+
}
|
333 |
+
|
334 |
+
// Now actually allow CF to see when a comment is approved/not-approved.
|
335 |
+
function cloudflare_set_comment_status($id, $status) {
|
336 |
+
|
337 |
+
if ($status == 'spam') {
|
338 |
+
|
339 |
+
global $cloudflare_api_key, $cloudflare_api_email;
|
340 |
+
|
341 |
+
load_cloudflare_keys();
|
342 |
+
|
343 |
+
if (!$cloudflare_api_key || !$cloudflare_api_email) {
|
344 |
+
return;
|
345 |
+
}
|
346 |
+
|
347 |
+
$comment = get_comment($id);
|
348 |
+
|
349 |
+
// make sure we have a comment
|
350 |
+
if (!is_null($comment)) {
|
351 |
+
|
352 |
+
$payload = array(
|
353 |
+
"a" => $comment->comment_author,
|
354 |
+
"am" => $comment->comment_author_email,
|
355 |
+
"ip" => $comment->comment_author_IP,
|
356 |
+
"con" => substr($comment->comment_content, 0, 100)
|
357 |
+
);
|
358 |
+
|
359 |
+
$payload = urlencode(json_encode($payload));
|
360 |
+
|
361 |
+
$args = array(
|
362 |
+
'method' => 'GET',
|
363 |
+
'timeout' => 20,
|
364 |
+
'sslverify' => true,
|
365 |
+
'user-agent' => 'CloudFlare/WordPress/'.CLOUDFLARE_VERSION,
|
366 |
+
);
|
367 |
+
|
368 |
+
$url = sprintf('%s?evnt_v=%s&u=%s&tkn=%s&evnt_t=%s', CLOUDFLARE_SPAM_URL, $payload, $cloudflare_api_email, $cloudflare_api_key, 'WP_SPAM');
|
369 |
+
|
370 |
+
// fire and forget here, for better or worse
|
371 |
+
wp_remote_get($url, $args);
|
372 |
+
}
|
373 |
+
|
374 |
+
// ajax/external-event.html?email=ian@cloudflare.com&t=94606855d7e42adf3b9e2fd004c7660b941b8e55aa42d&evnt_v={%22dd%22:%22d%22}&evnt_t=WP_SPAM
|
375 |
+
}
|
376 |
+
}
|
377 |
+
|
378 |
+
add_action('wp_set_comment_status', 'cloudflare_set_comment_status', 1, 2);
|
379 |
+
|
380 |
+
function get_dev_mode_status($token, $email, $zone) {
|
381 |
+
|
382 |
+
$fields = array(
|
383 |
+
'a'=>"zone_load",
|
384 |
+
'tkn'=>$token,
|
385 |
+
'email'=>$email,
|
386 |
+
'z'=>$zone
|
387 |
+
);
|
388 |
+
|
389 |
+
$result = cloudflare_curl(CLOUDFLARE_API_URL, $fields, true);
|
390 |
+
|
391 |
+
if (is_wp_error($result)) {
|
392 |
+
trigger_error($result->get_error_message(), E_USER_WARNING);
|
393 |
+
return $result;
|
394 |
+
}
|
395 |
+
|
396 |
+
if ($result->response->zone->obj->zone_status_class == "status-dev-mode") {
|
397 |
+
return "on";
|
398 |
+
}
|
399 |
+
|
400 |
+
return "off";
|
401 |
+
}
|
402 |
+
|
403 |
+
function set_dev_mode($token, $email, $zone, $value) {
|
404 |
+
|
405 |
+
$fields = array(
|
406 |
+
'a'=>"devmode",
|
407 |
+
'tkn'=>$token,
|
408 |
+
'email'=>$email,
|
409 |
+
'z'=>$zone,
|
410 |
+
'v'=>$value
|
411 |
+
);
|
412 |
+
|
413 |
+
$result = cloudflare_curl(CLOUDFLARE_API_URL, $fields, true);
|
414 |
+
|
415 |
+
if (is_wp_error($result)) {
|
416 |
+
trigger_error($result->get_error_message(), E_USER_WARNING);
|
417 |
+
return $result;
|
418 |
+
}
|
419 |
+
|
420 |
+
return $result;
|
421 |
+
}
|
422 |
+
|
423 |
+
function get_domain($token, $email, $raw_domain) {
|
424 |
+
|
425 |
+
$fields = array(
|
426 |
+
'a'=>"zone_load_multi",
|
427 |
+
'tkn'=>$token,
|
428 |
+
'email'=>$email
|
429 |
+
);
|
430 |
+
|
431 |
+
$result = cloudflare_curl(CLOUDFLARE_API_URL, $fields, true);
|
432 |
+
|
433 |
+
if (is_wp_error($result)) {
|
434 |
+
trigger_error($result->get_error_message(), E_USER_WARNING);
|
435 |
+
return $result;
|
436 |
+
}
|
437 |
+
|
438 |
+
$zone_count = $result->response->zones->count;
|
439 |
+
$zone_names = array();
|
440 |
+
|
441 |
+
if ($zone_count < 1) {
|
442 |
+
return new WP_Error('match_domain', 'API did not return any domains');
|
443 |
+
}
|
444 |
+
else {
|
445 |
+
for ($i = 0; $i < $zone_count; $i++) {
|
446 |
+
$zone_names[] = $result->response->zones->objs[$i]->zone_name;
|
447 |
+
}
|
448 |
+
|
449 |
+
$match = match_domain_to_zone($raw_domain, $zone_names);
|
450 |
+
|
451 |
+
if (is_null($match)) {
|
452 |
+
return new WP_Error('match_domain', 'Unable to automatically find your domain (no match)');
|
453 |
+
}
|
454 |
+
else {
|
455 |
+
return $match;
|
456 |
+
}
|
457 |
+
}
|
458 |
+
}
|
459 |
+
|
460 |
+
/**
|
461 |
+
* @param $domain string the domain portion of the WP URL
|
462 |
+
* @param $zone_names array an array of zone_names to compare against
|
463 |
+
*
|
464 |
+
* @returns null|string null in the case of a failure, string in the case of a match
|
465 |
+
*/
|
466 |
+
function match_domain_to_zone($domain, $zones) {
|
467 |
+
|
468 |
+
$splitDomain = explode('.', $domain);
|
469 |
+
$totalParts = count($splitDomain);
|
470 |
+
|
471 |
+
// minimum parts for a complete zone match will be 2, e.g. blah.com
|
472 |
+
for ($i = 0; $i <= ($totalParts - 2); $i++) {
|
473 |
+
$copy = $splitDomain;
|
474 |
+
$currentDomain = implode('.', array_splice($copy, $i));
|
475 |
+
foreach ($zones as $zone_name) {
|
476 |
+
if (strtolower($currentDomain) == strtolower($zone_name)) {
|
477 |
+
return $zone_name;
|
478 |
+
}
|
479 |
+
}
|
480 |
+
}
|
481 |
+
|
482 |
+
return null;
|
483 |
+
}
|
484 |
+
|
485 |
+
/**
|
486 |
+
* @param $url string the URL to curl
|
487 |
+
* @param $fields array an associative array of arguments for POSTing
|
488 |
+
* @param $json boolean attempt to decode response as JSON
|
489 |
+
*
|
490 |
+
* @returns WP_ERROR|string|object in the case of an error, otherwise a $result string or JSON object
|
491 |
+
*/
|
492 |
+
function cloudflare_curl($url, $fields = array(), $json = true) {
|
493 |
+
|
494 |
+
$args = array(
|
495 |
+
'method' => 'GET',
|
496 |
+
'timeout' => 20,
|
497 |
+
'sslverify' => true,
|
498 |
+
'user-agent' => 'CloudFlare/WordPress/'.CLOUDFLARE_VERSION,
|
499 |
+
);
|
500 |
+
|
501 |
+
if (!empty($fields)) {
|
502 |
+
$args['method'] = 'POST';
|
503 |
+
$args['body'] = $fields;
|
504 |
+
}
|
505 |
+
|
506 |
+
$response = wp_remote_request($url, $args);
|
507 |
+
|
508 |
+
// if we have an array, we have a HTTP Response
|
509 |
+
if (is_array($response)) {
|
510 |
+
// Always expect a HTTP 200 from the API
|
511 |
+
|
512 |
+
// HERE BE DRAGONS
|
513 |
+
// WP_HTTP does not return conistent types - cURL seems to return an int for the reponse code, streams returns a string.
|
514 |
+
if (intval($response['response']['code']) !== 200) {
|
515 |
+
// Invalid response code
|
516 |
+
return new WP_Error('cloudflare', sprintf('CloudFlare API returned a HTTP Error: %s - %s', $response['response']['code'], $response['response']['message']));
|
517 |
+
}
|
518 |
+
else {
|
519 |
+
if ($json == true) {
|
520 |
+
$result = json_decode($response['body']);
|
521 |
+
// not a perfect test, but better than nothing perhaps
|
522 |
+
if ($result == null) {
|
523 |
+
return new WP_Error('json_decode', sprintf('Unable to decode JSON response'), $result);
|
524 |
+
}
|
525 |
+
|
526 |
+
// check for the CloudFlare API failure response
|
527 |
+
if (property_exists($result, 'result') && $result->result !== 'success') {
|
528 |
+
$msg = 'Unknown Error';
|
529 |
+
if (property_exists($result, 'msg') && !empty($result->msg)) $msg = $result->msg;
|
530 |
+
return new WP_Error('cloudflare', $msg);
|
531 |
+
}
|
532 |
+
|
533 |
+
return $result;
|
534 |
+
}
|
535 |
+
else {
|
536 |
+
return $response['body'];
|
537 |
+
}
|
538 |
+
}
|
539 |
+
}
|
540 |
+
else if (is_wp_error($response)) {
|
541 |
+
return $response;
|
542 |
+
}
|
543 |
+
|
544 |
+
// Should never happen!
|
545 |
+
return new WP_Error('unknown_wp_http_error', sprintf('Unknown response from wp_remote_request - unable to contact CloudFlare API'));
|
546 |
+
}
|
547 |
+
|
548 |
+
function cloudflare_buffer_wrapup($buffer) {
|
549 |
+
// Check for a Content-Type header. Currently only apply rewriting to "text/html" or undefined
|
550 |
+
$headers = headers_list();
|
551 |
+
$content_type = null;
|
552 |
+
|
553 |
+
foreach ($headers as $header) {
|
554 |
+
if (strpos(strtolower($header), 'content-type:') === 0) {
|
555 |
+
$pieces = explode(':', strtolower($header));
|
556 |
+
$content_type = trim($pieces[1]);
|
557 |
+
break;
|
558 |
+
}
|
559 |
+
}
|
560 |
+
|
561 |
+
if (is_null($content_type) || substr($content_type, 0, 9) === 'text/html') {
|
562 |
+
// replace href or src attributes within script, link, base, and img tags with just "//" for protocol
|
563 |
+
$re = "/(<(script|link|base|img|form)([^>]*)(href|src|action)=[\"'])https?:\\/\\//i";
|
564 |
+
$subst = "$1//";
|
565 |
+
$return = preg_replace($re, $subst, $buffer);
|
566 |
+
|
567 |
+
// on regex error, skip overwriting buffer
|
568 |
+
if ($return) {
|
569 |
+
$buffer = $return;
|
570 |
+
}
|
571 |
+
}
|
572 |
+
|
573 |
+
return $buffer;
|
574 |
+
}
|
575 |
+
|
576 |
+
function cloudflare_buffer_init() {
|
577 |
+
// load just the single option, defaulting to on
|
578 |
+
$cloudflare_protocol_rewrite = load_protocol_rewrite();
|
579 |
+
|
580 |
+
if ($cloudflare_protocol_rewrite == 1) {
|
581 |
+
ob_start('cloudflare_buffer_wrapup');
|
582 |
+
}
|
583 |
+
}
|
584 |
+
|
585 |
+
add_action('plugins_loaded', 'cloudflare_buffer_init');
|
586 |
+
|
587 |
+
// wordpress 4.4 srcset ssl fix
|
588 |
+
// Shoutout to @bhubbard: https://wordpress.org/support/topic/44-https-rewritte-aint-working-with-images?replies=12
|
589 |
+
function cloudflare_ssl_srcset( $sources ) {
|
590 |
+
$cloudflare_protocol_rewrite = load_protocol_rewrite();
|
591 |
+
|
592 |
+
if ($cloudflare_protocol_rewrite == 1) {
|
593 |
+
foreach ( $sources as &$source ) {
|
594 |
+
$re = "/https?:\\/\\//i";
|
595 |
+
$subst = "//";
|
596 |
+
$return = preg_replace($re, $subst, $source['url']);
|
597 |
+
|
598 |
+
if ($return) {
|
599 |
+
$source['url'] = $return;
|
600 |
+
}
|
601 |
+
}
|
602 |
+
|
603 |
+
return $sources;
|
604 |
+
}
|
605 |
+
|
606 |
+
return $sources;
|
607 |
+
}
|
608 |
+
|
609 |
+
add_filter( 'wp_calculate_image_srcset', 'cloudflare_ssl_srcset' );
|
readme.txt
ADDED
@@ -0,0 +1,191 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
=== CloudFlare ===
|
2 |
+
Contributors: i3149, jchen329, jamescf, simon-says, dfritsch
|
3 |
+
Tags: cloudflare, comments, spam, cdn, free, website, performance, speed
|
4 |
+
Requires at least: 2.8
|
5 |
+
Tested up to: 4.1
|
6 |
+
Stable tag: 1.3.22
|
7 |
+
License: GPLv2
|
8 |
+
|
9 |
+
The CloudFlare WordPress Plugin ensures your WordPress blog is running optimally on the CloudFlare platform.
|
10 |
+
|
11 |
+
== Description ==
|
12 |
+
|
13 |
+
CloudFlare has developed a plugin for WordPress. By using the CloudFlare WordPress Plugin, you receive:
|
14 |
+
|
15 |
+
* Correct IP Address information for comments posted to your site
|
16 |
+
|
17 |
+
* Better protection as spammers from your WordPress blog get reported to CloudFlare
|
18 |
+
|
19 |
+
THINGS YOU NEED TO KNOW:
|
20 |
+
|
21 |
+
* The main purpose of this plugin is to ensure you have no change to your originating IPs when using CloudFlare. Since CloudFlare acts a reverse proxy, connecting IPs now come from CloudFlare's range. This plugin will ensure you can continue to see the originating IP.
|
22 |
+
|
23 |
+
* Every time you click the 'spam' button on your blog, this threat information is sent to CloudFlare to ensure you are constantly getting the best site protection.
|
24 |
+
|
25 |
+
* We recommend any WordPress and CloudFlare user use this plugin. For more best practices around using WordPress and CloudFlare, see: https://support.cloudflare.com/hc/en-us/articles/201717894-Using-CloudFlare-and-WordPress-Five-Easy-First-Steps
|
26 |
+
|
27 |
+
MORE INFORMATION ON CLOUDFLARE:
|
28 |
+
|
29 |
+
CloudFlare is a service that makes websites load faster and protects sites from online spammers and hackers. Any website with a root domain (ie www.mydomain.com) can use CloudFlare. On average, it takes less than 5 minutes to sign up. You can learn more here: [CloudFlare.com](https://www.cloudflare.com/overview.html).
|
30 |
+
|
31 |
+
== Installation ==
|
32 |
+
|
33 |
+
Upload the CloudFlare plugin to your blog, Activate it, and you're done!
|
34 |
+
|
35 |
+
You will also want to sign up your blog with CloudFlare.com
|
36 |
+
|
37 |
+
[Read more](http://blog.cloudflare.com/introducing-the-cloudflare-wordpress-plugin) on why we created this plugin.
|
38 |
+
|
39 |
+
== Changelog ==
|
40 |
+
= 1.3.22 =
|
41 |
+
|
42 |
+
* Fixing bug which prevented a user from activating/deactivating the plugin
|
43 |
+
|
44 |
+
= 1.3.21 =
|
45 |
+
|
46 |
+
* Added input sanitization.
|
47 |
+
|
48 |
+
= 1.3.20 =
|
49 |
+
|
50 |
+
* Updated the method to restore visitor IPs
|
51 |
+
* Updated the URL rewrite to be compatible with WordPress 4.4
|
52 |
+
|
53 |
+
= 1.3.18 =
|
54 |
+
|
55 |
+
* Bug: Clean up headers debugging message that can be displayed in some cases
|
56 |
+
|
57 |
+
= 1.3.17 =
|
58 |
+
|
59 |
+
* Limit http protocol rewriting to text/html Content-Type
|
60 |
+
|
61 |
+
= 1.3.16 =
|
62 |
+
|
63 |
+
* Update regex to not alter the canonical url
|
64 |
+
|
65 |
+
= 1.3.15 =
|
66 |
+
|
67 |
+
* Plugin settings are now found under Settings -> CloudFlare
|
68 |
+
* Plugin is now using the WordPress HTTP_API - this will give better support to those in hosting environments without cURL or an up to date CA cert bundle
|
69 |
+
* Fixes to squash some PHP Warnings. Relocated error logging to only happen in WP_DEBUG mode
|
70 |
+
* Added Protocol Rewriting option to support Flexible SSL
|
71 |
+
|
72 |
+
= 1.3.14 =
|
73 |
+
|
74 |
+
* Improved logic to detect the customer domain, with added option for a manual override
|
75 |
+
* Standardised error display
|
76 |
+
* Updated CloudFlare IP Ranges
|
77 |
+
|
78 |
+
= 1.3.13 =
|
79 |
+
|
80 |
+
* Clarified error messaging in the plugin further
|
81 |
+
* Added cURL error detection to explain issues with server installed cert bundles
|
82 |
+
|
83 |
+
= 1.3.12 =
|
84 |
+
|
85 |
+
* Removed use of php short-code in a couple of places
|
86 |
+
* Added some cURL / json_decode error handling to output to the screen any failures
|
87 |
+
* Reformatted error / notice display slightly
|
88 |
+
|
89 |
+
= 1.3.11 =
|
90 |
+
|
91 |
+
* Adjusted a line syntax to account for differing PHP configurations.
|
92 |
+
|
93 |
+
= 1.3.10 =
|
94 |
+
|
95 |
+
* Added IP ranges.
|
96 |
+
|
97 |
+
= 1.3.9 =
|
98 |
+
* Made adjustment to syntax surrounding cURL detection for PHP installations that do not have short_open_tag enabled.
|
99 |
+
|
100 |
+
= 1.3.8 =
|
101 |
+
* Fixed issue with invalid header.
|
102 |
+
* Updated IP ranges
|
103 |
+
* Fixed support link
|
104 |
+
|
105 |
+
= 1.3.7 =
|
106 |
+
* Remove Database Optimizer related text.
|
107 |
+
|
108 |
+
= 1.3.6 =
|
109 |
+
* Remove Database Optimizer.
|
110 |
+
|
111 |
+
= 1.3.5 =
|
112 |
+
* Disable Development Mode option if cURL not installed. Will Use JSONP in future release to allow domains without cURL to use Development Mode.
|
113 |
+
|
114 |
+
= 1.3.4 =
|
115 |
+
* Add in IPV6 support and Development Mode option to wordpress plugin settings page. Remove cached IP range text file.
|
116 |
+
|
117 |
+
= 1.3.3 =
|
118 |
+
* Bump stable version number.
|
119 |
+
|
120 |
+
= 1.3.2.Beta =
|
121 |
+
* BETA RELEASE: IPv6 support - Pull the IPv6 range from https://www.cloudflare.com/ips-v6. Added Development Mode option to wordpress plugin settings page.
|
122 |
+
|
123 |
+
= 1.2.4 =
|
124 |
+
* Pull the IP range from https://www.cloudflare.com/ips-v4. Modified to keep all files within cloudflare plugin directory.
|
125 |
+
|
126 |
+
= 1.2.3 =
|
127 |
+
* Updated with new IP range
|
128 |
+
|
129 |
+
= 1.2.2 =
|
130 |
+
* Restricted database optimization to administrators
|
131 |
+
|
132 |
+
= 1.2.1 =
|
133 |
+
* Increased load priority to avoid conflicts with other plugins
|
134 |
+
|
135 |
+
= 1.2.0 =
|
136 |
+
|
137 |
+
* WP 3.3 compatibility.
|
138 |
+
|
139 |
+
= 1.1.9 =
|
140 |
+
|
141 |
+
* Includes latest CloudFlare IP allocation -- 108.162.192.0/18.
|
142 |
+
|
143 |
+
= 1.1.8 =
|
144 |
+
|
145 |
+
* WP 3.2 compatibility.
|
146 |
+
|
147 |
+
= 1.1.7 =
|
148 |
+
|
149 |
+
* Implements several security updates.
|
150 |
+
|
151 |
+
= 1.1.6 =
|
152 |
+
|
153 |
+
* Includes latest CloudFlare IP allocation -- 141.101.64.0/18.
|
154 |
+
|
155 |
+
= 1.1.5 =
|
156 |
+
|
157 |
+
* Includes latest CloudFlare IP allocation -- 103.22.200.0/22.
|
158 |
+
|
159 |
+
= 1.1.4 =
|
160 |
+
|
161 |
+
* Updated messaging.
|
162 |
+
|
163 |
+
= 1.1.3 =
|
164 |
+
|
165 |
+
* Better permission checking for DB optimizer.
|
166 |
+
* Added CloudFlare's latest /20 to the list of CloudFlare IP ranges.
|
167 |
+
|
168 |
+
= 1.1.2 =
|
169 |
+
|
170 |
+
* Fixed several broken help links.
|
171 |
+
* Fixed confusing error message.
|
172 |
+
|
173 |
+
= 1.1.1 =
|
174 |
+
|
175 |
+
* Fix for Admin menus which are breaking when page variable contains '-'.
|
176 |
+
|
177 |
+
= 1.1.0 =
|
178 |
+
|
179 |
+
* Added a box to input CloudFlare API credentials.
|
180 |
+
* Added a call to CloudFlare's report spam API when a comment is marked as spam.
|
181 |
+
|
182 |
+
= 1.0.1 =
|
183 |
+
|
184 |
+
* Fix to check that it is OK to add a header before adding one.
|
185 |
+
|
186 |
+
= 1.0.0 =
|
187 |
+
|
188 |
+
* Initial feature set
|
189 |
+
* Set RemoteIP header correctly.
|
190 |
+
* On comment spam, send the offending IP to CloudFlare.
|
191 |
+
* Clean up DB on load.
|