Version Description
- Activity Log for Woocommerce events
- Minor Improvements in Firewall
- Minor Improvements
Download this release
Release Info
Developer | ritesh.soni36 |
Plugin | MalCare WordPress Security Plugin – Malware Scanner, Cleaner, Security Firewall |
Version | 4.55 |
Comparing to | |
See all releases |
Code changes from version 4.54 to 4.55
- account.php +1 -1
- callback/wings/misc.php +16 -2
- callback/wings/protect.php +0 -20
- info.php +23 -3
- malcare.php +7 -4
- protect/fw/fw.php +33 -4
- protect/fw/request.php +17 -4
- protect/wp/lp/lp.php +2 -0
- protect/wp/protect.php +4 -2
- readme.txt +7 -2
- wp_actions.php +5 -0
- wp_actlog.php +233 -15
account.php
CHANGED
@@ -183,7 +183,7 @@ if (!class_exists('MCAccount')) :
|
|
183 |
}
|
184 |
$this->sig_match = self::getSigMatch($request, $this->secret);
|
185 |
if ($this->sig_match !== $request->sig) {
|
186 |
-
return
|
187 |
}
|
188 |
$this->settings->updateOption('bvLastRecvTime', $time);
|
189 |
return 1;
|
183 |
}
|
184 |
$this->sig_match = self::getSigMatch($request, $this->secret);
|
185 |
if ($this->sig_match !== $request->sig) {
|
186 |
+
return false;
|
187 |
}
|
188 |
$this->settings->updateOption('bvLastRecvTime', $time);
|
189 |
return 1;
|
callback/wings/misc.php
CHANGED
@@ -106,8 +106,22 @@ class BVMiscCallback extends BVCallbackBase {
|
|
106 |
$resp = array("status" => $settings->updateOption('bv_site_settings', $params['bv_site_settings']));
|
107 |
break;
|
108 |
case "stsrvcs":
|
109 |
-
$
|
110 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
111 |
break;
|
112 |
default:
|
113 |
$resp = false;
|
106 |
$resp = array("status" => $settings->updateOption('bv_site_settings', $params['bv_site_settings']));
|
107 |
break;
|
108 |
case "stsrvcs":
|
109 |
+
$resp = array();
|
110 |
+
$deleted_configs = array();
|
111 |
+
$updated_configs = array();
|
112 |
+
if (array_key_exists("configs_to_delete", $params)) {
|
113 |
+
foreach($params["configs_to_delete"] as $config_name) {
|
114 |
+
$deleted_configs[$config_name] = $settings->deleteOption($config_name);
|
115 |
+
}
|
116 |
+
}
|
117 |
+
if (array_key_exists("configs_to_update", $params)) {
|
118 |
+
foreach($params["configs_to_update"] as $config_name => $config_value) {
|
119 |
+
$settings->updateOption($config_name, $config_value);
|
120 |
+
$updated_configs[$config_name] = $settings->getOption($config_name);
|
121 |
+
}
|
122 |
+
}
|
123 |
+
$resp["updated_configs"] = $updated_configs;
|
124 |
+
$resp["deleted_configs"] = $deleted_configs;
|
125 |
break;
|
126 |
default:
|
127 |
$resp = false;
|
callback/wings/protect.php
CHANGED
@@ -64,18 +64,6 @@ class BVProtectCallback extends BVCallbackBase {
|
|
64 |
}
|
65 |
$resp["hdrsinfo"] = $hdrsinfo;
|
66 |
break;
|
67 |
-
case "gtptcnf":
|
68 |
-
$resp = array('conf' => $this->settings->getOption('bvptconf'));
|
69 |
-
break;
|
70 |
-
case "clrcnf":
|
71 |
-
$this->settings->deleteOption('bvptconf');
|
72 |
-
$this->settings->deleteOption('bvptplug');
|
73 |
-
$resp = array("clearconfig" => true);
|
74 |
-
break;
|
75 |
-
case "docnf":
|
76 |
-
$this->settings->updateOption('bvptconf', $params['conf']);
|
77 |
-
$resp = array('conf' => $this->settings->getOption('bvptconf'));
|
78 |
-
break;
|
79 |
case "gtrulcnf":
|
80 |
$resp = array('conf' => $this->settings->getOption('bvruleset'));
|
81 |
break;
|
@@ -94,14 +82,6 @@ class BVProtectCallback extends BVCallbackBase {
|
|
94 |
case "svrcnf":
|
95 |
$resp = array("serverconfig" => $this->serverConfig());
|
96 |
break;
|
97 |
-
case "setptplug":
|
98 |
-
$this->settings->updateOption('bvptplug', $params['ptplug']);
|
99 |
-
$resp = array("setptplug" => $this->settings->getOption('bvptplug'));
|
100 |
-
break;
|
101 |
-
case "unsetptplug":
|
102 |
-
$this->settings->deleteOption('bvptlug');
|
103 |
-
$resp = array("unsetptplug" => $this->settings->getOption('bvptlug'));
|
104 |
-
break;
|
105 |
case "unblklogins":
|
106 |
$resp = array("unblocklogins" => $this->unBlockLogins());
|
107 |
break;
|
64 |
}
|
65 |
$resp["hdrsinfo"] = $hdrsinfo;
|
66 |
break;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
67 |
case "gtrulcnf":
|
68 |
$resp = array('conf' => $this->settings->getOption('bvruleset'));
|
69 |
break;
|
82 |
case "svrcnf":
|
83 |
$resp = array("serverconfig" => $this->serverConfig());
|
84 |
break;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
85 |
case "unblklogins":
|
86 |
$resp = array("unblocklogins" => $this->unBlockLogins());
|
87 |
break;
|
info.php
CHANGED
@@ -10,7 +10,7 @@ if (!class_exists('MCInfo')) :
|
|
10 |
public $badgeinfo = 'mcbadge';
|
11 |
public $ip_header_option = 'mcipheader';
|
12 |
public $brand_option = 'mcbrand';
|
13 |
-
public $version = '4.
|
14 |
public $webpage = 'https://www.malcare.com';
|
15 |
public $appurl = 'https://app.malcare.com';
|
16 |
public $slug = 'malcare-security/malcare.php';
|
@@ -19,11 +19,32 @@ if (!class_exists('MCInfo')) :
|
|
19 |
public $brand_icon = '/img/icon.png';
|
20 |
public $services_option_name = 'mcconfig';
|
21 |
|
|
|
|
|
22 |
public function __construct($settings) {
|
23 |
$this->settings = $settings;
|
24 |
$this->config = $this->settings->getOption($this->services_option_name);
|
25 |
}
|
26 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
public function canSetCWBranding() {
|
28 |
if (MCWPSiteInfo::isCWServer()) {
|
29 |
|
@@ -87,8 +108,7 @@ if ($bvinfo->canSetCWBranding()) {
|
|
87 |
}
|
88 |
|
89 |
public function isProtectModuleEnabled() {
|
90 |
-
return
|
91 |
-
$this->isActivePlugin();
|
92 |
}
|
93 |
|
94 |
public function isDynSyncModuleEnabled() {
|
10 |
public $badgeinfo = 'mcbadge';
|
11 |
public $ip_header_option = 'mcipheader';
|
12 |
public $brand_option = 'mcbrand';
|
13 |
+
public $version = '4.55';
|
14 |
public $webpage = 'https://www.malcare.com';
|
15 |
public $appurl = 'https://app.malcare.com';
|
16 |
public $slug = 'malcare-security/malcare.php';
|
19 |
public $brand_icon = '/img/icon.png';
|
20 |
public $services_option_name = 'mcconfig';
|
21 |
|
22 |
+
const DB_VERSION = '2';
|
23 |
+
|
24 |
public function __construct($settings) {
|
25 |
$this->settings = $settings;
|
26 |
$this->config = $this->settings->getOption($this->services_option_name);
|
27 |
}
|
28 |
|
29 |
+
public function getCurrentDBVersion() {
|
30 |
+
$bvconfig = $this->config;
|
31 |
+
if ($bvconfig && array_key_exists('db_version', $bvconfig)) {
|
32 |
+
return $bvconfig['db_version'];
|
33 |
+
}
|
34 |
+
return false;
|
35 |
+
}
|
36 |
+
|
37 |
+
public function hasValidDBVersion() {
|
38 |
+
return MCInfo::DB_VERSION === $this->getCurrentDBVersion();
|
39 |
+
}
|
40 |
+
|
41 |
+
public static function getRequestID() {
|
42 |
+
if (!defined("BV_REQUEST_ID")) {
|
43 |
+
define("BV_REQUEST_ID", uniqid(mt_rand()));
|
44 |
+
}
|
45 |
+
return BV_REQUEST_ID;
|
46 |
+
}
|
47 |
+
|
48 |
public function canSetCWBranding() {
|
49 |
if (MCWPSiteInfo::isCWServer()) {
|
50 |
|
108 |
}
|
109 |
|
110 |
public function isProtectModuleEnabled() {
|
111 |
+
return $this->isServiceActive("protect");
|
|
|
112 |
}
|
113 |
|
114 |
public function isDynSyncModuleEnabled() {
|
malcare.php
CHANGED
@@ -5,7 +5,7 @@ Plugin URI: https://www.malcare.com
|
|
5 |
Description: MalCare Security - Free Malware Scanner, Protection & Security for WordPress
|
6 |
Author: MalCare Security
|
7 |
Author URI: https://www.malcare.com
|
8 |
-
Version: 4.
|
9 |
Network: True
|
10 |
*/
|
11 |
|
@@ -52,6 +52,7 @@ register_activation_hook(__FILE__, array($wp_action, 'activate'));
|
|
52 |
register_deactivation_hook(__FILE__, array($wp_action, 'deactivate'));
|
53 |
|
54 |
add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
|
|
|
55 |
|
56 |
if (defined('WP_CLI') && WP_CLI) {
|
57 |
require_once dirname( __FILE__ ) . '/wp_cli.php';
|
@@ -136,7 +137,8 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
|
|
136 |
$response->terminate($resp);
|
137 |
}
|
138 |
} else {
|
139 |
-
if ($
|
|
|
140 |
require_once dirname( __FILE__ ) . '/protect/wp/protect.php';
|
141 |
$bvprotect = new BVProtect($bvdb, $bvsettings);
|
142 |
$bvprotect->init();
|
@@ -145,13 +147,14 @@ if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "
|
|
145 |
}
|
146 |
}
|
147 |
|
148 |
-
|
149 |
-
|
150 |
require_once dirname( __FILE__ ) . '/wp_actlog.php';
|
151 |
$bvconfig = $bvinfo->config;
|
152 |
$actlog = new BVWPActLog($bvdb, $bvsettings, $bvinfo, $bvconfig['activity_log']);
|
153 |
$actlog->init();
|
154 |
}
|
155 |
|
|
|
156 |
##WPAUTOUPDATEBLOCKMODULE##
|
157 |
}
|
5 |
Description: MalCare Security - Free Malware Scanner, Protection & Security for WordPress
|
6 |
Author: MalCare Security
|
7 |
Author URI: https://www.malcare.com
|
8 |
+
Version: 4.55
|
9 |
Network: True
|
10 |
*/
|
11 |
|
52 |
register_deactivation_hook(__FILE__, array($wp_action, 'deactivate'));
|
53 |
|
54 |
add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
|
55 |
+
add_action('clear_bv_services_config', array($wp_action, 'clear_bv_services_config'));
|
56 |
|
57 |
if (defined('WP_CLI') && WP_CLI) {
|
58 |
require_once dirname( __FILE__ ) . '/wp_cli.php';
|
137 |
$response->terminate($resp);
|
138 |
}
|
139 |
} else {
|
140 |
+
if ($bvinfo->hasValidDBVersion()) {
|
141 |
+
if ($bvinfo->isProtectModuleEnabled()) {
|
142 |
require_once dirname( __FILE__ ) . '/protect/wp/protect.php';
|
143 |
$bvprotect = new BVProtect($bvdb, $bvsettings);
|
144 |
$bvprotect->init();
|
147 |
}
|
148 |
}
|
149 |
|
150 |
+
##DYNSYNCMODULE##
|
151 |
+
if ($bvinfo->isServiceActive('activity_log')) {
|
152 |
require_once dirname( __FILE__ ) . '/wp_actlog.php';
|
153 |
$bvconfig = $bvinfo->config;
|
154 |
$actlog = new BVWPActLog($bvdb, $bvsettings, $bvinfo, $bvconfig['activity_log']);
|
155 |
$actlog->init();
|
156 |
}
|
157 |
|
158 |
+
}
|
159 |
##WPAUTOUPDATEBLOCKMODULE##
|
160 |
}
|
protect/fw/fw.php
CHANGED
@@ -174,7 +174,7 @@ class BVFW {
|
|
174 |
}
|
175 |
}
|
176 |
|
177 |
-
public function terminateRequest($category
|
178 |
$this->request->setCategory($category);
|
179 |
$this->request->setStatus(BVWPRequest::BLOCKED);
|
180 |
$this->request->setRespCode(403);
|
@@ -188,6 +188,7 @@ class BVFW {
|
|
188 |
<div style='text-align: center; padding: 10% 0; font-family: Arial, Helvetica, sans-serif;'>
|
189 |
<div><p>$brandname</p></div>
|
190 |
<p>Blocked because of Malicious Activities</p>
|
|
|
191 |
</div>
|
192 |
</div>
|
193 |
");
|
@@ -403,13 +404,13 @@ class BVFW {
|
|
403 |
switch ($action["type"]) {
|
404 |
case "ALLOW":
|
405 |
$this->break_rule_evaluation = true;
|
|
|
406 |
return;
|
407 |
case "BLOCK":
|
408 |
-
$this->terminateRequest(BVWPRequest::
|
409 |
return;
|
410 |
case "INSPECT":
|
411 |
-
|
412 |
-
//call_user_func_array(array($this, "profileRequestInfo"), $this->ruleEvaluator->getArgs($action["args"]));
|
413 |
break;
|
414 |
case "DEBUG":
|
415 |
//TODO
|
@@ -423,5 +424,33 @@ class BVFW {
|
|
423 |
}
|
424 |
}
|
425 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
426 |
}
|
427 |
endif;
|
174 |
}
|
175 |
}
|
176 |
|
177 |
+
public function terminateRequest($category) {
|
178 |
$this->request->setCategory($category);
|
179 |
$this->request->setStatus(BVWPRequest::BLOCKED);
|
180 |
$this->request->setRespCode(403);
|
188 |
<div style='text-align: center; padding: 10% 0; font-family: Arial, Helvetica, sans-serif;'>
|
189 |
<div><p>$brandname</p></div>
|
190 |
<p>Blocked because of Malicious Activities</p>
|
191 |
+
<p>Reference ID: " . $this->request->getRequestID() . "</p>
|
192 |
</div>
|
193 |
</div>
|
194 |
");
|
404 |
switch ($action["type"]) {
|
405 |
case "ALLOW":
|
406 |
$this->break_rule_evaluation = true;
|
407 |
+
$this->request->setCategory(BVWPRequest::RULE_ALLOWED);
|
408 |
return;
|
409 |
case "BLOCK":
|
410 |
+
$this->terminateRequest(BVWPRequest::RULE_BLOCKED);
|
411 |
return;
|
412 |
case "INSPECT":
|
413 |
+
$this->inspectRequest();
|
|
|
414 |
break;
|
415 |
case "DEBUG":
|
416 |
//TODO
|
424 |
}
|
425 |
}
|
426 |
}
|
427 |
+
|
428 |
+
public function inspectRequest() {
|
429 |
+
$this->request->updateRulesInfo('inspect', "headers", $this->request->getHeaders());
|
430 |
+
$this->request->updateRulesInfo('inspect', "getParams", $this->request->getGetParams());
|
431 |
+
$this->request->updateRulesInfo('inspect', "postParams", $this->getPostParamsToLog($this->request->getPostParams()));
|
432 |
+
$this->request->updateRulesInfo('inspect', "cookies", $this->request->getCookies());
|
433 |
+
}
|
434 |
+
|
435 |
+
function getPostParamsToLog($params) {
|
436 |
+
$result = array();
|
437 |
+
if (is_array($params)) {
|
438 |
+
foreach ($params as $key => $value) {
|
439 |
+
if (is_array($value)) {
|
440 |
+
$result[$key] = $this->getPostParamsToLog($value);
|
441 |
+
} else {
|
442 |
+
$valsize = $this->getLength($value);
|
443 |
+
if ($valsize > 1024) {
|
444 |
+
$result[$key] = "Data too long: {$valsize}";
|
445 |
+
} elseif (!$this->canLogValue($key)) {
|
446 |
+
$result[$key] = "Sensitive Data";
|
447 |
+
} else {
|
448 |
+
$result[$key] = $value;
|
449 |
+
}
|
450 |
+
}
|
451 |
+
}
|
452 |
+
}
|
453 |
+
return $result;
|
454 |
+
}
|
455 |
}
|
456 |
endif;
|
protect/fw/request.php
CHANGED
@@ -27,9 +27,14 @@ class BVWPRequest {
|
|
27 |
const BYPASSED = 3;
|
28 |
|
29 |
#category
|
30 |
-
const BLACKLISTED
|
31 |
-
const
|
32 |
-
const
|
|
|
|
|
|
|
|
|
|
|
33 |
|
34 |
public function __construct($ip) {
|
35 |
$fileNames = array();
|
@@ -207,7 +212,8 @@ class BVWPRequest {
|
|
207 |
"referer" => $referer,
|
208 |
"status" => $this->getStatus(),
|
209 |
"category" => $this->getCategory(),
|
210 |
-
"rules_info" => $rules_info
|
|
|
211 |
);
|
212 |
return $data;
|
213 |
}
|
@@ -313,6 +319,13 @@ class BVWPRequest {
|
|
313 |
return $this->timestamp;
|
314 |
}
|
315 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
316 |
public function getServerValue($key) {
|
317 |
if (isset($_SERVER) && array_key_exists($key, $_SERVER)) {
|
318 |
return $_SERVER[$key];
|
27 |
const BYPASSED = 3;
|
28 |
|
29 |
#category
|
30 |
+
const BLACKLISTED = 1;
|
31 |
+
const NORMAL = 10;
|
32 |
+
const WHITELISTED = 20;
|
33 |
+
const BOT_BLOCKED = 30;
|
34 |
+
const COUNTRY_BLOCKED = 40;
|
35 |
+
const USER_BLACKLISTED = 50;
|
36 |
+
const RULE_BLOCKED = 60;
|
37 |
+
const RULE_ALLOWED = 70;
|
38 |
|
39 |
public function __construct($ip) {
|
40 |
$fileNames = array();
|
212 |
"referer" => $referer,
|
213 |
"status" => $this->getStatus(),
|
214 |
"category" => $this->getCategory(),
|
215 |
+
"rules_info" => $rules_info,
|
216 |
+
"request_id" => $this->getRequestID()
|
217 |
);
|
218 |
return $data;
|
219 |
}
|
319 |
return $this->timestamp;
|
320 |
}
|
321 |
|
322 |
+
public function getRequestID() {
|
323 |
+
if (!defined("BV_REQUEST_ID")) {
|
324 |
+
define("BV_REQUEST_ID", uniqid(mt_rand()));
|
325 |
+
}
|
326 |
+
return BV_REQUEST_ID;
|
327 |
+
}
|
328 |
+
|
329 |
public function getServerValue($key) {
|
330 |
if (isset($_SERVER) && array_key_exists($key, $_SERVER)) {
|
331 |
return $_SERVER[$key];
|
protect/wp/lp/lp.php
CHANGED
@@ -116,6 +116,7 @@ class BVWPLP {
|
|
116 |
<div><p><img src=".plugins_url('/../../../img/icon.png', __FILE__)."><h2>Login Protection</h2><h3>powered by</h3><h2>"
|
117 |
.$brandname."</h2></p><div>
|
118 |
<p>" . $templates[$this->getCategory()]. "</p>
|
|
|
119 |
</div>
|
120 |
</div>";
|
121 |
}
|
@@ -161,6 +162,7 @@ class BVWPLP {
|
|
161 |
"time" => $this->time,
|
162 |
"category" => $this->getCategory(),
|
163 |
"username" => $this->getUserName(),
|
|
|
164 |
"message" => $this->getMessage());
|
165 |
$this->logger->log($data);
|
166 |
}
|
116 |
<div><p><img src=".plugins_url('/../../../img/icon.png', __FILE__)."><h2>Login Protection</h2><h3>powered by</h3><h2>"
|
117 |
.$brandname."</h2></p><div>
|
118 |
<p>" . $templates[$this->getCategory()]. "</p>
|
119 |
+
<p>Reference ID: " . MCInfo::getRequestID() . "</p>
|
120 |
</div>
|
121 |
</div>";
|
122 |
}
|
162 |
"time" => $this->time,
|
163 |
"category" => $this->getCategory(),
|
164 |
"username" => $this->getUserName(),
|
165 |
+
"request_id" => MCInfo::getRequestID(),
|
166 |
"message" => $this->getMessage());
|
167 |
$this->logger->log($data);
|
168 |
}
|
protect/wp/protect.php
CHANGED
@@ -29,8 +29,10 @@ class BVProtect {
|
|
29 |
$bvipstore->init();
|
30 |
$bvinfo = new MCInfo($this->settings);
|
31 |
|
32 |
-
$config = $this->settings->getOption(
|
33 |
-
if (
|
|
|
|
|
34 |
$config = array();
|
35 |
}
|
36 |
|
29 |
$bvipstore->init();
|
30 |
$bvinfo = new MCInfo($this->settings);
|
31 |
|
32 |
+
$config = $this->settings->getOption($bvinfo->services_option_name);
|
33 |
+
if (array_key_exists('protect', $config)) {
|
34 |
+
$config = $config['protect'];
|
35 |
+
} else {
|
36 |
$config = array();
|
37 |
}
|
38 |
|
readme.txt
CHANGED
@@ -4,9 +4,9 @@ Tags: security, wordpress security, security plugin, firewall, malware scanner,
|
|
4 |
Plugin URI: https://www.malcare.com
|
5 |
Donate link: https://www.malcare.com
|
6 |
Requires at least: 4.0
|
7 |
-
Tested up to: 5.
|
8 |
Requires PHP: 5.4.0
|
9 |
-
Stable tag: 4.
|
10 |
License: GPLv2 or later
|
11 |
License URI: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)
|
12 |
|
@@ -397,6 +397,11 @@ These are available on our website: [Terms of Service](https://www.malcare.com/t
|
|
397 |
8. MalCare’s Uptime Monitoring notifies if a website goes down so that you can handle the situation before starting to lose visitors.
|
398 |
|
399 |
== CHANGELOG ==
|
|
|
|
|
|
|
|
|
|
|
400 |
= 4.54 =
|
401 |
* Added Support For Multi Table Callbacks
|
402 |
* Added Firewall Rule Evaluator
|
4 |
Plugin URI: https://www.malcare.com
|
5 |
Donate link: https://www.malcare.com
|
6 |
Requires at least: 4.0
|
7 |
+
Tested up to: 5.7
|
8 |
Requires PHP: 5.4.0
|
9 |
+
Stable tag: 4.55
|
10 |
License: GPLv2 or later
|
11 |
License URI: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)
|
12 |
|
397 |
8. MalCare’s Uptime Monitoring notifies if a website goes down so that you can handle the situation before starting to lose visitors.
|
398 |
|
399 |
== CHANGELOG ==
|
400 |
+
= 4.55 =
|
401 |
+
* Activity Log for Woocommerce events
|
402 |
+
* Minor Improvements in Firewall
|
403 |
+
* Minor Improvements
|
404 |
+
|
405 |
= 4.54 =
|
406 |
* Added Support For Multi Table Callbacks
|
407 |
* Added Firewall Rule Evaluator
|
wp_actions.php
CHANGED
@@ -39,6 +39,11 @@ if (!class_exists('MCWPAction')) :
|
|
39 |
do_action('clear_pt_config');
|
40 |
do_action('clear_ip_store');
|
41 |
##CLEARDYNSYNCCONFIG##
|
|
|
|
|
|
|
|
|
|
|
42 |
}
|
43 |
|
44 |
public function footerHandler() {
|
39 |
do_action('clear_pt_config');
|
40 |
do_action('clear_ip_store');
|
41 |
##CLEARDYNSYNCCONFIG##
|
42 |
+
do_action('clear_bv_services_config');
|
43 |
+
}
|
44 |
+
|
45 |
+
public function clear_bv_services_config() {
|
46 |
+
$this->settings->deleteOption($this->bvinfo->services_option_name);
|
47 |
}
|
48 |
|
49 |
public function footerHandler() {
|
wp_actlog.php
CHANGED
@@ -14,7 +14,7 @@ if (!class_exists('BVWPActLog')) :
|
|
14 |
$this->db = $db;
|
15 |
$this->settings = $settings;
|
16 |
$this->bvinfo = $info;
|
17 |
-
$this->request_id =
|
18 |
$this->ip_header = array_key_exists('ip_header', $config) ? $config['ip_header'] : false;
|
19 |
}
|
20 |
|
@@ -40,6 +40,7 @@ if (!class_exists('BVWPActLog')) :
|
|
40 |
$data = array('id' => $comment_id);
|
41 |
if (!empty($comment)) {
|
42 |
$data['author'] = $comment->comment_author;
|
|
|
43 |
}
|
44 |
return $data;
|
45 |
}
|
@@ -75,6 +76,54 @@ if (!class_exists('BVWPActLog')) :
|
|
75 |
return $data;
|
76 |
}
|
77 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
78 |
function add_activity($event_data) {
|
79 |
$user = wp_get_current_user();
|
80 |
$values = array();
|
@@ -84,7 +133,7 @@ if (!class_exists('BVWPActLog')) :
|
|
84 |
}
|
85 |
$values["request_id"] = $this->request_id;
|
86 |
$values["site_id"] = get_current_blog_id();
|
87 |
-
$values["ip"] =
|
88 |
$values["event_type"] = current_filter();
|
89 |
$values["event_data"] = maybe_serialize($event_data);
|
90 |
$values["time"] = time();
|
@@ -111,7 +160,7 @@ if (!class_exists('BVWPActLog')) :
|
|
111 |
|
112 |
function comment_handler($comment_id) {
|
113 |
$comment = $this->get_comment($comment_id);
|
114 |
-
$post = $this->get_post($comment
|
115 |
$event_data = array(
|
116 |
"comment" => $comment,
|
117 |
"post" => $post
|
@@ -132,18 +181,28 @@ if (!class_exists('BVWPActLog')) :
|
|
132 |
|
133 |
function post_handler($post_id) {
|
134 |
$post = $this->get_post($post_id);
|
135 |
-
$event_data = array(
|
136 |
-
|
137 |
-
|
|
|
|
|
|
|
|
|
|
|
138 |
$this->add_activity($event_data);
|
139 |
}
|
140 |
|
141 |
function post_saved_handler($post_id, $post, $update) {
|
142 |
$post = $this->get_post($post_id);
|
143 |
-
$event_data = array(
|
144 |
-
|
145 |
-
"
|
146 |
-
)
|
|
|
|
|
|
|
|
|
|
|
147 |
$this->add_activity($event_data);
|
148 |
}
|
149 |
|
@@ -158,8 +217,8 @@ if (!class_exists('BVWPActLog')) :
|
|
158 |
function term_updation_handler($data, $term_id) {
|
159 |
$term = $this->get_term($term_id);
|
160 |
$event_data = array(
|
161 |
-
"
|
162 |
-
"
|
163 |
);
|
164 |
$this->add_activity($event_data);
|
165 |
return $data;
|
@@ -207,13 +266,152 @@ if (!class_exists('BVWPActLog')) :
|
|
207 |
$this->add_activity($event_data);
|
208 |
}
|
209 |
|
210 |
-
function
|
211 |
$event_data = array(
|
212 |
"blog" => $this->get_blog($blog->blog_id)
|
213 |
);
|
214 |
$this->add_activity($event_data);
|
215 |
}
|
216 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
217 |
/* ADDING ACTION AND LISTENERS FOR SENSING EVENTS. */
|
218 |
public function add_actions_and_listeners() {
|
219 |
/* SENSORS FOR POST AND PAGE CHANGES */
|
@@ -247,17 +445,37 @@ if (!class_exists('BVWPActLog')) :
|
|
247 |
add_action('switch_theme', array($this, 'theme_action_handler'));
|
248 |
|
249 |
/* SENSORS FOR MULTISITE CHANGES */
|
250 |
-
add_action('
|
251 |
add_action('archive_blog', array($this, 'mu_handler'));
|
252 |
add_action('unarchive_blog', array( $this, 'mu_handler'));
|
253 |
add_action('activate_blog', array($this, 'mu_handler'));
|
254 |
add_action('deactivate_blog', array($this, 'mu_handler'));
|
255 |
-
add_action('wp_delete_site', array($this, '
|
256 |
|
257 |
/* SENSORS USER ACTIONS AT FRONTEND */
|
258 |
add_action('wp_login', array($this, 'user_login_handler'), 10, 2);
|
259 |
add_action('wp_logout', array( $this, 'user_logout_handler'), 5, 1);
|
260 |
add_action('password_reset', array( $this, 'password_reset_handler'), 10, 2);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
261 |
}
|
262 |
}
|
263 |
endif;
|
14 |
$this->db = $db;
|
15 |
$this->settings = $settings;
|
16 |
$this->bvinfo = $info;
|
17 |
+
$this->request_id = MCInfo::getRequestID();
|
18 |
$this->ip_header = array_key_exists('ip_header', $config) ? $config['ip_header'] : false;
|
19 |
}
|
20 |
|
40 |
$data = array('id' => $comment_id);
|
41 |
if (!empty($comment)) {
|
42 |
$data['author'] = $comment->comment_author;
|
43 |
+
$data['post_id'] = $comment->comment_post_ID;
|
44 |
}
|
45 |
return $data;
|
46 |
}
|
76 |
return $data;
|
77 |
}
|
78 |
|
79 |
+
function wc_get_attribute($attribute_id, $attribute_data = null) {
|
80 |
+
$data = array('id' => $attribute_id);
|
81 |
+
if (!is_null($attribute_data) && is_array($attribute_data)) {
|
82 |
+
$data['name'] = $attribute_data['attribute_label'];
|
83 |
+
$data['slug'] = $attribute_data['attribute_name'];
|
84 |
+
} else {
|
85 |
+
$attribute = wc_get_attribute($attribute_id);
|
86 |
+
if (!empty($attribute)) {
|
87 |
+
$data['name'] = $attribute->name;
|
88 |
+
$data['slug'] = substr($attribute->slug, 3);
|
89 |
+
}
|
90 |
+
}
|
91 |
+
return $data;
|
92 |
+
}
|
93 |
+
|
94 |
+
function wc_get_tax_rate($tax_rate_id, $tax_rate) {
|
95 |
+
$data = array('id' => $tax_rate_id);
|
96 |
+
if (!empty($tax_rate)) {
|
97 |
+
$data['name'] = array_key_exists('tax_rate_name', $tax_rate) ? $tax_rate['tax_rate_name'] : '';
|
98 |
+
$data['country'] = array_key_exists('tax_rate_country', $tax_rate) ? $tax_rate['tax_rate_country'] : '';
|
99 |
+
$data['rate'] = array_key_exists('tax_rate', $tax_rate) ? $tax_rate['tax_rate'] : '';
|
100 |
+
}
|
101 |
+
return $data;
|
102 |
+
}
|
103 |
+
|
104 |
+
function get_ip($ipHeader) {
|
105 |
+
$ip = '127.0.0.1';
|
106 |
+
if ($ipHeader && is_array($ipHeader)) {
|
107 |
+
if (array_key_exists($ipHeader['hdr'], $_SERVER)) {
|
108 |
+
$_ips = preg_split("/(,| |\t)/", $_SERVER[$ipHeader['hdr']]);
|
109 |
+
if (array_key_exists(intval($ipHeader['pos']), $_ips)) {
|
110 |
+
$ip = $_ips[intval($ipHeader['pos'])];
|
111 |
+
}
|
112 |
+
}
|
113 |
+
} else if (array_key_exists('REMOTE_ADDR', $_SERVER)) {
|
114 |
+
$ip = $_SERVER['REMOTE_ADDR'];
|
115 |
+
}
|
116 |
+
|
117 |
+
$ip = trim($ip);
|
118 |
+
if (preg_match('/^\[([0-9a-fA-F:]+)\](:[0-9]+)$/', $ip, $matches)) {
|
119 |
+
$ip = $matches[1];
|
120 |
+
} elseif (preg_match('/^([0-9.]+)(:[0-9]+)$/', $ip, $matches)) {
|
121 |
+
$ip = $matches[1];
|
122 |
+
}
|
123 |
+
|
124 |
+
return $ip;
|
125 |
+
}
|
126 |
+
|
127 |
function add_activity($event_data) {
|
128 |
$user = wp_get_current_user();
|
129 |
$values = array();
|
133 |
}
|
134 |
$values["request_id"] = $this->request_id;
|
135 |
$values["site_id"] = get_current_blog_id();
|
136 |
+
$values["ip"] = $this->get_ip($this->ip_header);
|
137 |
$values["event_type"] = current_filter();
|
138 |
$values["event_data"] = maybe_serialize($event_data);
|
139 |
$values["time"] = time();
|
160 |
|
161 |
function comment_handler($comment_id) {
|
162 |
$comment = $this->get_comment($comment_id);
|
163 |
+
$post = $this->get_post($comment['post_id']);
|
164 |
$event_data = array(
|
165 |
"comment" => $comment,
|
166 |
"post" => $post
|
181 |
|
182 |
function post_handler($post_id) {
|
183 |
$post = $this->get_post($post_id);
|
184 |
+
$event_data = array();
|
185 |
+
if ($post["type"] === "product") {
|
186 |
+
$event_data["product"] = $post;
|
187 |
+
} elseif ($post["type"] === "shop_order") {
|
188 |
+
$event_data["order"] = $post;
|
189 |
+
} else {
|
190 |
+
$event_data["post"] = $post;
|
191 |
+
}
|
192 |
$this->add_activity($event_data);
|
193 |
}
|
194 |
|
195 |
function post_saved_handler($post_id, $post, $update) {
|
196 |
$post = $this->get_post($post_id);
|
197 |
+
$event_data = array();
|
198 |
+
if ($post["type"] === "product") {
|
199 |
+
$event_data["product"] = $post;
|
200 |
+
} elseif ($post["type"] === "shop_order") {
|
201 |
+
$event_data["order"] = $post;
|
202 |
+
} else {
|
203 |
+
$event_data["post"] = $post;
|
204 |
+
}
|
205 |
+
$event_data["updated"] = $update;
|
206 |
$this->add_activity($event_data);
|
207 |
}
|
208 |
|
217 |
function term_updation_handler($data, $term_id) {
|
218 |
$term = $this->get_term($term_id);
|
219 |
$event_data = array(
|
220 |
+
"term" => $term,
|
221 |
+
"new_term" => $data
|
222 |
);
|
223 |
$this->add_activity($event_data);
|
224 |
return $data;
|
266 |
$this->add_activity($event_data);
|
267 |
}
|
268 |
|
269 |
+
function mu_site_handler($blog) {
|
270 |
$event_data = array(
|
271 |
"blog" => $this->get_blog($blog->blog_id)
|
272 |
);
|
273 |
$this->add_activity($event_data);
|
274 |
}
|
275 |
|
276 |
+
function woocommerce_attribute_created_handler($attribute_id, $attribute_data) {
|
277 |
+
$event_data = array(
|
278 |
+
"attribute" => $this->wc_get_attribute($attribute_id, $attribute_data)
|
279 |
+
);
|
280 |
+
$this->add_activity($event_data);
|
281 |
+
}
|
282 |
+
|
283 |
+
function woocommerce_attribute_handler($attribute_id) {
|
284 |
+
$event_data = array(
|
285 |
+
"attribute" => $this->wc_get_attribute($attribute_id)
|
286 |
+
);
|
287 |
+
$this->add_activity($event_data);
|
288 |
+
}
|
289 |
+
|
290 |
+
function woocommerce_tax_rate_handler($tax_rate_id, $tax_rate) {
|
291 |
+
$event_data = array(
|
292 |
+
"tax_rate" => $this->wc_get_tax_rate($tax_rate_id, $tax_rate)
|
293 |
+
);
|
294 |
+
$this->add_activity($event_data);
|
295 |
+
}
|
296 |
+
|
297 |
+
function woocommerce_tax_rate_deleted_handler($tax_rate_id) {
|
298 |
+
$event_data = array(
|
299 |
+
"tax_rate" => array("id" => $tax_rate_id)
|
300 |
+
);
|
301 |
+
$this->add_activity($event_data);
|
302 |
+
}
|
303 |
+
|
304 |
+
function woocommerce_grant_product_download_access_handler($data) {
|
305 |
+
$event_data = array(
|
306 |
+
"download_id" => $data['download_id'],
|
307 |
+
"user_id" => $data['user_id'],
|
308 |
+
"order_id" => $data['order_id'],
|
309 |
+
"product_id" => $data['product_id']
|
310 |
+
);
|
311 |
+
$this->add_activity($event_data);
|
312 |
+
}
|
313 |
+
|
314 |
+
function woocommerce_revoke_access_to_product_download_handler($download_id, $product_id, $order_id) {
|
315 |
+
$event_data = array(
|
316 |
+
"download_id" => $download_id,
|
317 |
+
"product_id" => $product_id,
|
318 |
+
"order_id" => $order_id
|
319 |
+
);
|
320 |
+
$this->add_activity($event_data);
|
321 |
+
}
|
322 |
+
|
323 |
+
function woocommerce_shipping_zone_method_handler($instance_id, $method_id, $zone_id) {
|
324 |
+
$event_data = array(
|
325 |
+
"instance_id" => absint ($instance_id),
|
326 |
+
"method_id" => $method_id,
|
327 |
+
"zone_id" => $zone_id
|
328 |
+
);
|
329 |
+
$this->add_activity($event_data);
|
330 |
+
}
|
331 |
+
|
332 |
+
function get_plugin_update_data($plugins) {
|
333 |
+
$data = array();
|
334 |
+
if (!empty($plugins) && defined('WP_PLUGIN_DIR')) {
|
335 |
+
foreach ($plugins as $plugin) {
|
336 |
+
$plugin_data = get_plugin_data(WP_PLUGIN_DIR . '/' . $plugin);
|
337 |
+
$install_data = array('title' => $plugin_data['Name'], 'version' => $plugin_data['Version']);
|
338 |
+
array_push($data, $install_data);
|
339 |
+
}
|
340 |
+
}
|
341 |
+
return $data;
|
342 |
+
}
|
343 |
+
|
344 |
+
function get_theme_update_data($themes) {
|
345 |
+
$data = array();
|
346 |
+
if (!empty($themes)) {
|
347 |
+
foreach ($themes as $theme) {
|
348 |
+
$theme_data = wp_get_theme($theme);
|
349 |
+
$install_data = array('title' => $theme_data['Name'], 'version' => $theme_data['Version']);
|
350 |
+
array_push($data, $install_data);
|
351 |
+
}
|
352 |
+
}
|
353 |
+
return $data;
|
354 |
+
}
|
355 |
+
|
356 |
+
function get_plugin_install_data($upgrader) {
|
357 |
+
$data = array();
|
358 |
+
if ($upgrader->bulk != "1") {
|
359 |
+
$plugin_data = $upgrader->new_plugin_data;
|
360 |
+
$install_data = array('title' => $plugin_data['Name'], 'version' => $plugin_data['Version']);
|
361 |
+
array_push($data, $install_data);
|
362 |
+
}
|
363 |
+
return $data;
|
364 |
+
}
|
365 |
+
|
366 |
+
function get_theme_install_data($upgrader) {
|
367 |
+
$data = array();
|
368 |
+
$theme_data = $upgrader->new_theme_data;
|
369 |
+
$install_data = array('title' => $theme_data['Name'], 'version' => $theme_data['Version']);
|
370 |
+
array_push($data, $install_data);
|
371 |
+
return $data;
|
372 |
+
}
|
373 |
+
|
374 |
+
function get_update_data($options) {
|
375 |
+
global $wp_version;
|
376 |
+
$event_data = array('action' => 'update');
|
377 |
+
if ($options['type'] === 'plugin') {
|
378 |
+
$event_data['type'] = 'plugin';
|
379 |
+
$event_data['plugins'] = $this->get_plugin_update_data($options['plugins']);
|
380 |
+
}
|
381 |
+
else if ($options['type'] === 'theme') {
|
382 |
+
$event_data['type'] = 'theme';
|
383 |
+
$event_data['themes'] = $this->get_theme_update_data($options['themes']);
|
384 |
+
}
|
385 |
+
else if ($options['type'] === 'core') {
|
386 |
+
$event_data['type'] = 'core';
|
387 |
+
$event_data['wp_core'] = array('prev_version' => $wp_version);
|
388 |
+
}
|
389 |
+
return $event_data;
|
390 |
+
}
|
391 |
+
|
392 |
+
function get_install_data($upgrader, $options) {
|
393 |
+
$event_data = array('action' => 'install');
|
394 |
+
if ($options['type'] === 'plugin') {
|
395 |
+
$event_data['type'] = 'plugin';
|
396 |
+
$event_data['plugins'] = $this->get_plugin_install_data($upgrader);
|
397 |
+
}
|
398 |
+
else if ($options['type'] === 'theme') {
|
399 |
+
$event_data['type'] = 'theme';
|
400 |
+
$event_data['themes'] = $this->get_theme_install_data($upgrader);
|
401 |
+
}
|
402 |
+
return $event_data;
|
403 |
+
}
|
404 |
+
|
405 |
+
function upgrade_handler($upgrader, $data) {
|
406 |
+
$event_data = array();
|
407 |
+
if ($data['action'] === 'update') {
|
408 |
+
$event_data = $this->get_update_data($data);
|
409 |
+
} else if ($data['action'] === 'install') {
|
410 |
+
$event_data = $this->get_install_data($upgrader, $data);
|
411 |
+
}
|
412 |
+
$this->add_activity($event_data);
|
413 |
+
}
|
414 |
+
|
415 |
/* ADDING ACTION AND LISTENERS FOR SENSING EVENTS. */
|
416 |
public function add_actions_and_listeners() {
|
417 |
/* SENSORS FOR POST AND PAGE CHANGES */
|
445 |
add_action('switch_theme', array($this, 'theme_action_handler'));
|
446 |
|
447 |
/* SENSORS FOR MULTISITE CHANGES */
|
448 |
+
add_action('wp_insert_site', array($this, 'mu_site_handler'));
|
449 |
add_action('archive_blog', array($this, 'mu_handler'));
|
450 |
add_action('unarchive_blog', array( $this, 'mu_handler'));
|
451 |
add_action('activate_blog', array($this, 'mu_handler'));
|
452 |
add_action('deactivate_blog', array($this, 'mu_handler'));
|
453 |
+
add_action('wp_delete_site', array($this, 'mu_site_handler'));
|
454 |
|
455 |
/* SENSORS USER ACTIONS AT FRONTEND */
|
456 |
add_action('wp_login', array($this, 'user_login_handler'), 10, 2);
|
457 |
add_action('wp_logout', array( $this, 'user_logout_handler'), 5, 1);
|
458 |
add_action('password_reset', array( $this, 'password_reset_handler'), 10, 2);
|
459 |
+
|
460 |
+
/* SENSOR FOR PLUGIN, THEME, WPCORE UPGRADES */
|
461 |
+
add_action('upgrader_process_complete', array($this, 'upgrade_handler'), 10, 2);
|
462 |
+
|
463 |
+
/* SENSORS FOR WOOCOMMERCE EVENTS */
|
464 |
+
add_action('woocommerce_attribute_added', array($this, 'woocommerce_attribute_created_handler'), 10, 2);
|
465 |
+
add_action('woocommerce_attribute_updated', array($this, 'woocommerce_attribute_handler'), 10, 1);
|
466 |
+
add_action('woocommerce_before_attribute_delete', array($this, 'woocommerce_attribute_handler'), 10, 1);
|
467 |
+
add_action('woocommerce_attribute_deleted', array($this, 'woocommerce_attribute_handler'), 10, 1);
|
468 |
+
|
469 |
+
add_action('woocommerce_tax_rate_added', array($this, 'woocommerce_tax_rate_handler'), 10, 2);
|
470 |
+
add_action('woocommerce_tax_rate_deleted', array($this, 'woocommerce_tax_rate_deleted_handler'), 10, 1);
|
471 |
+
add_action('woocommerce_tax_rate_updated', array($this, 'woocommerce_tax_rate_handler'), 10, 2);
|
472 |
+
|
473 |
+
add_action('woocommerce_grant_product_download_access', array($this, 'woocommerce_grant_product_download_access_handler'), 10, 1);
|
474 |
+
add_action('woocommerce_ajax_revoke_access_to_product_download', array($this, 'woocommerce_revoke_access_to_product_download_handler'), 10, 3);
|
475 |
+
|
476 |
+
add_action('woocommerce_shipping_zone_method_added', array($this, 'woocommerce_shipping_zone_method_handler'), 10, 3);
|
477 |
+
add_action('woocommerce_shipping_zone_method_status_toggled', array($this, 'woocommerce_shipping_zone_method_handler'), 10, 3);
|
478 |
+
add_action('woocommerce_shipping_zone_method_deleted', array($this, 'woocommerce_shipping_zone_method_handler'), 10, 3);
|
479 |
}
|
480 |
}
|
481 |
endif;
|