SiteGuard WP Plugin - Version 1.0.3

Version Description

Fix a problem that "Rename Login" does not work, if you change Permalink settings
Fix the collision of class name of Really Simple CAPTCHA

Release Info

Developer	jp-secure
Plugin	SiteGuard WP Plugin
Version	1.0.3
Comparing to
See all releases

Code changes from version 1.0.2 to 1.0.3

Files changed (7) hide show

classes/siteguard-base.php +17 -15
classes/siteguard-captcha.php +2 -2
classes/siteguard-htaccess.php +49 -14
classes/siteguard-rename-login.php +3 -19
readme.txt +5 -2
really-simple-captcha/siteguard-really-simple-captcha.php +386 -0
siteguard.php +23 -3

classes/siteguard-base.php CHANGED Viewed

@@ -1,23 +1,25 @@
             <?php
             class SiteGuard_Base {
             	function __construct() {
+            	}
-            -
            	function error_log( $message ) {
-            -
            		$logfile = SITEGUARD_PATH . 'error.log';
-            -
            		$f = @fopen( $logfile, 'a+' );
-            -
            		if ( false != $f ) {
-            -
            			fwrite( $f, date_i18n( 'Y/m/d H:i:s:' ) . $message . "\n" );
-            -
            			fclose( $f );
-            -
            		}
-            -
            	}
-            -
            	function error_dump( $title, $obj ) {
-            -
            		ob_start();
-            -
            		var_dump( $obj );
-            -
            		$msg = ob_get_contents( );
-            -
            		ob_end_clean( );
-            -
            		$this->error_log( "$title: $msg" );
-            -
            	}
             	function is_switch_value( $value ) {
             		if ( '0' == $value || '1' == $value ) {
             			return true;


1	<?php
2
3	+ function siteguard_error_log( $message ) {
4	+ $logfile = SITEGUARD_PATH . 'error.log';
5	+ $f = @fopen( $logfile, 'a+' );
6	+ if ( false != $f ) {
7	+ fwrite( $f, date_i18n( 'Y/m/d H:i:s:' ) . $message . "\n" );
8	+ fclose( $f );
9	+ }
10	+ }
11	+
12	+ function siteguard_error_dump( $title, $obj ) {
13	+ ob_start();
14	+ var_dump( $obj );
15	+ $msg = ob_get_contents( );
16	+ ob_end_clean( );
17	+ siteguard_error_log( "$title: $msg" );
18	+ }
19	+
20	class SiteGuard_Base {
21	function __construct() {
22	}















23	function is_switch_value( $value ) {
24	if ( '0' == $value \|\| '1' == $value ) {
25	return true;

classes/siteguard-captcha.php CHANGED Viewed

	@@ -1,6 +1,6 @@
1	<?php
2
3	- include_once( SITEGUARD_PATH . 'really-simple-captcha/really-simple-captcha.php' );
4
5	class SiteGuard_CAPTCHA extends SiteGuard_Base {
6	var $captcha;
	@@ -10,7 +10,7 @@ class SiteGuard_CAPTCHA extends SiteGuard_Base {
10	function __construct( ) {
11	global $config;
12	if ( '1' == $config->get( 'captcha_enable' ) ) {
13	- $this->captcha = new ~~ReallySimpleCaptcha~~( );
14	$this->captcha->bg = array( 255, 255, 255 );
15
16	add_filter( 'shake_error_codes', array( $this, 'handler_shake_error_codes' ) );


1	<?php
2
3	+ include_once( SITEGUARD_PATH . 'really-simple-captcha/siteguard-really-simple-captcha.php' );
4
5	class SiteGuard_CAPTCHA extends SiteGuard_Base {
6	var $captcha;

10	function __construct( ) {
11	global $config;
12	if ( '1' == $config->get( 'captcha_enable' ) ) {
13	+ $this->captcha = new SiteGuardReallySimpleCaptcha( );
14	$this->captcha->bg = array( 255, 255, 255 );
15
16	add_filter( 'shake_error_codes', array( $this, 'handler_shake_error_codes' ) );

classes/siteguard-htaccess.php CHANGED Viewed

	@@ -18,7 +18,7 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
18	static function make_tmp_dir( ) {
19	$dir = SiteGuard_Htaccess::get_tmp_dir( );
20	if ( ! wp_mkdir_p( $dir ) ) {
21	- ~~$this->error_log~~( "make tempdir failed: $dir" );
22	return false;
23	}
24	$htaccess_file = $dir . '.htaccess';
	@@ -54,13 +54,13 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
54	}
55	$fr = @fopen( $current_file, 'r' );
56	if ( null == $fr ) {
57	- ~~$this->error_log~~( "fopen failed: $current_file" );
58	return false;
59	}
60	$new_file = SiteGuard_Htaccess::get_htaccess_new_file( );
61	$fw = @fopen( $new_file, 'w' );
62	if ( null == $fw ) {
63	- ~~$this->error_log~~( "fopen failed: $new_file" );
64	return false;
65	}
66	while ( ! feof( $fr ) ) {
	@@ -79,7 +79,7 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
79	fclose( $fw );
80	@chmod( $new_file, 0604 );
81	if ( ! rename( $new_file, $current_file ) ) {
82	- ~~$this->error_log~~( "rename failed: $new_file $current_file" );
83	return false;
84	}
85	return true;
	@@ -88,36 +88,56 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
88	if ( ! SiteGuard_Htaccess::make_tmp_dir( ) ) {
89	return false;
90	}
91	- $flag_write = false;
92	$flag_through = true;
93	- $~~mark_start~~ = ~~$mark . '_START'~~;
94	- $~~mark_end~~ = ~~$mark . '_END'~~;
95	- $~~current_file~~ = ~~SiteGuard_Htaccess::get_htaccess_file( )~~;





96	if ( ! file_exists( $current_file ) ) {
97	@touch( $current_file );
98	@chmod( $current_file, 0604 );
99	}
100	if ( ! is_readable( $current_file ) ) {
101	- ~~$this->error_log~~( "file not readable: $current_file" );
102	return false;
103	}
104	$fr = @fopen( $current_file, 'r' );
105	if ( null == $fr ) {
106	- ~~$this->error_log~~( "fopen failed: $current_file" );
107	return false;
108	}
109	$new_file = SiteGuard_Htaccess::get_htaccess_new_file( );
110	if ( ! is_writable( $new_file ) ) {
111	- ~~$this->error_log~~( "file not writable: $new_file" );
112	return false;
113	}
114	$fw = @fopen( $new_file, 'w' );
115	if ( null == $fw ) {
116	- ~~$this->error_log~~( "fopen failed: $new_file" );
117	return false;
118	}
119	while ( ! feof( $fr ) ) {
120	$line = fgets( $fr, 4096 );















121	if ( false !== strpos( $line, $mark_start ) ) {
122	fwrite( $fw, $line , strlen( $line ) );
123	fwrite( $fw, $data, strlen( $data ) );
	@@ -131,11 +151,14 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
131	fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
132	$flag_write = true;
133	}
134	- if ( false == $flag_through && false !== strpos( $line, $~~mark~~ ~~. '_END'~~ ) ) {
135	$flag_through = true;
136	}
137	if ( $flag_through ) {
138	fwrite( $fw, $line, strlen( $line ) );



139	}
140	}
141	if ( false == $flag_write ) {
	@@ -145,11 +168,23 @@ class SiteGuard_Htaccess extends SiteGuard_Base {
145	fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
146	fwrite( $fw, SiteGuard_Htaccess::$htaccess_mark_end . "\n", strlen( SiteGuard_Htaccess::$htaccess_mark_end ) + 1 );
147	}












148	fclose( $fr );
149	fclose( $fw );
150	@chmod( $new_file, 0604 );
151	if ( ! rename( $new_file, $current_file ) ) {
152	- ~~$this->error_log~~( "rename failed: $new_file $current_file" );
153	return false;
154	}
155	return true;


18	static function make_tmp_dir( ) {
19	$dir = SiteGuard_Htaccess::get_tmp_dir( );
20	if ( ! wp_mkdir_p( $dir ) ) {
21	+ siteguard_error_log( "make tempdir failed: $dir" );
22	return false;
23	}
24	$htaccess_file = $dir . '.htaccess';

54	}
55	$fr = @fopen( $current_file, 'r' );
56	if ( null == $fr ) {
57	+ siteguard_error_log( "fopen failed: $current_file" );
58	return false;
59	}
60	$new_file = SiteGuard_Htaccess::get_htaccess_new_file( );
61	$fw = @fopen( $new_file, 'w' );
62	if ( null == $fw ) {
63	+ siteguard_error_log( "fopen failed: $new_file" );
64	return false;
65	}
66	while ( ! feof( $fr ) ) {

79	fclose( $fw );
80	@chmod( $new_file, 0604 );
81	if ( ! rename( $new_file, $current_file ) ) {
82	+ siteguard_error_log( "rename failed: $new_file $current_file" );
83	return false;
84	}
85	return true;

88	if ( ! SiteGuard_Htaccess::make_tmp_dir( ) ) {
89	return false;
90	}
91	+ $flag_write = false;
92	$flag_through = true;
93	+ $flag_wp = false;
94	+ $flag_wp_set = false;
95	+ $wp_settings = '';
96	+ $mark_start = $mark . '_START';
97	+ $mark_end = $mark . '_END';
98	+ $mark_wp_start = '# BEGIN WordPress';
99	+ $mark_wp_end = '# END WordPress';
100	+ $current_file = SiteGuard_Htaccess::get_htaccess_file( );
101	if ( ! file_exists( $current_file ) ) {
102	@touch( $current_file );
103	@chmod( $current_file, 0604 );
104	}
105	if ( ! is_readable( $current_file ) ) {
106	+ siteguard_error_log( "file not readable: $current_file" );
107	return false;
108	}
109	$fr = @fopen( $current_file, 'r' );
110	if ( null == $fr ) {
111	+ siteguard_error_log( "fopen failed: $current_file" );
112	return false;
113	}
114	$new_file = SiteGuard_Htaccess::get_htaccess_new_file( );
115	if ( ! is_writable( $new_file ) ) {
116	+ siteguard_error_log( "file not writable: $new_file" );
117	return false;
118	}
119	$fw = @fopen( $new_file, 'w' );
120	if ( null == $fw ) {
121	+ siteguard_error_log( "fopen failed: $new_file" );
122	return false;
123	}
124	while ( ! feof( $fr ) ) {
125	$line = fgets( $fr, 4096 );
126	+
127	+ // Save WordPress settings.
128	+ // WordPress settings has to be written after SiteGuard settings.
129	+ if ( false == $flag_write && false == $flag_wp_set && false !== strpos( $line, $mark_wp_start ) ) {
130	+ $flag_wp = true;
131	+ $flag_wp_set = true;
132	+ }
133	+ if ( $flag_wp_set ) {
134	+ $wp_settings .= $line;
135	+ if ( false !== strpos( $line, $mark_wp_end ) ) {
136	+ $flag_wp_set = false;
137	+ }
138	+ continue;
139	+ }
140	+
141	if ( false !== strpos( $line, $mark_start ) ) {
142	fwrite( $fw, $line , strlen( $line ) );
143	fwrite( $fw, $data, strlen( $data ) );

151	fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
152	$flag_write = true;
153	}
154	+ if ( false == $flag_through && false !== strpos( $line, $mark_end ) ) {
155	$flag_through = true;
156	}
157	if ( $flag_through ) {
158	fwrite( $fw, $line, strlen( $line ) );
159	+ if ( false == $flag_wp && false !== strpos( $line, $mark_wp_start ) ) {
160	+ $flag_wp = true;
161	+ }
162	}
163	}
164	if ( false == $flag_write ) {

168	fwrite( $fw, $mark_end . "\n", strlen( $mark_end ) + 1 );
169	fwrite( $fw, SiteGuard_Htaccess::$htaccess_mark_end . "\n", strlen( SiteGuard_Htaccess::$htaccess_mark_end ) + 1 );
170	}
171	+ // Write saved WordPress Settings
172	+ if ( '' != $wp_settings ) {
173	+ fwrite( $fw, "\n", 1 );
174	+ fwrite( $fw, $wp_settings, strlen ( $wp_settings ) );
175	+ fwrite( $fw, "\n", 1 );
176	+ // Write empty WordPress Settings
177	+ } else if ( false == $flag_wp ) {
178	+ fwrite( $fw, "\n", 1 );
179	+ fwrite( $fw, $wp_mark_start . "\n", strlen ( $wp_wp_mark_start ) + 1 );
180	+ fwrite( $fw, $wp_mark_end . "\n", strlen ( $wp_wp_mark_end ) + 1 );
181	+ fwrite( $fw, "\n", 1 );
182	+ }
183	fclose( $fr );
184	fclose( $fw );
185	@chmod( $new_file, 0604 );
186	if ( ! rename( $new_file, $current_file ) ) {
187	+ siteguard_error_log( "rename failed: $new_file $current_file" );
188	return false;
189	}
190	return true;

classes/siteguard-rename-login.php CHANGED Viewed

	@@ -90,12 +90,6 @@ class SiteGuard_RenameLogin extends SiteGuard_Base {
90	$result = $this->convert_url( $link );
91	return $result;
92	}
93	- function flush_rules( ) {
94	- global $wp_rewrite;
95	- if ( is_object( $wp_rewrite ) ) {
96	- $wp_rewrite->flush_rules( );
97	- }
98	- }
99	function insert_rewrite_rules( $rules ) {
100	global $config;
101	$custom_login_url = $config->get( 'renamelogin_path' );
	@@ -126,24 +120,14 @@ class SiteGuard_RenameLogin extends SiteGuard_Base {
126	return $htaccess_str;
127	}
128	function feature_on( ) {
129	- global $htaccess~~, $config~~;
130	-
131	- $custom_login_url = $config->get( 'renamelogin_path' );
132	- add_rewrite_rule( $custom_login_url.'(.*)$', 'wp-login.php$1', 'top' );
133	- $this->flush_rules( );
134	-
135	$data = $this->update_settings( );
136	$mark = $this->get_mark( );
137	- $htaccess->update_settings( $mark, $data );
138	}
139	function feature_off( ) {
140	- global $wp_rewrite;
141	- if ( is_object( $wp_rewrite ) ) {
142	- flush_rewrite_rules( );
143	- }
144	-
145	$mark = SiteGuard_RenameLogin::get_mark( );
146	- SiteGuard_Htaccess::clear_settings( $mark );
147	}
148	function set_404( ) {
149	global $wp_query;


90	$result = $this->convert_url( $link );
91	return $result;
92	}






93	function insert_rewrite_rules( $rules ) {
94	global $config;
95	$custom_login_url = $config->get( 'renamelogin_path' );

120	return $htaccess_str;
121	}
122	function feature_on( ) {
123	+ global $htaccess;





124	$data = $this->update_settings( );
125	$mark = $this->get_mark( );
126	+ return $htaccess->update_settings( $mark, $data );
127	}
128	function feature_off( ) {





129	$mark = SiteGuard_RenameLogin::get_mark( );
130	+ return SiteGuard_Htaccess::clear_settings( $mark );
131	}
132	function set_404( ) {
133	global $wp_query;

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate link: -
4	Tags: security, waf
5	Requires at least: 3.9
6	Tested up to: 4.0
7	- Stable tag: 1.0.2
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
	@@ -18,7 +18,7 @@ This plugin is a security plugin that specializes in the login attack of brute f
18	Notes
19
20	* It does not support the multisite function of WordPress.
21	- * It only supports Apache for Web servers.
22	* To use the CAPTCHA function, the expansion library “mbstring” and “gd” should be installed on php.
23	* To use the management page filter function and login page change function, “mod_rewrite” should be loaded on Apache.
24	* To use the WAF Tuning Support, WAF ( SiteGuard Lite ) should be installed on Apache.
	@@ -81,6 +81,9 @@ By creating the WAF exclude rule, the WAF protection function can be activated w
81	http://www.jp-secure.com/cont/products/siteguard_wp_plugin/faq_en.html
82
83	== Changelog ==



84	= 1.0.2 =
85	* Fix a minor html escape leakage
86	* Reduced the problem of affinity with other plugin [WordPress HTTPS (SSL)]


4	Tags: security, waf
5	Requires at least: 3.9
6	Tested up to: 4.0
7	+ Stable tag: 1.0.3
8	License: GPLv2 or later
9	License URI: http://www.gnu.org/licenses/gpl-2.0.html
10

18	Notes
19
20	* It does not support the multisite function of WordPress.
21	+ * It only supports Apache 2.x for Web servers.
22	* To use the CAPTCHA function, the expansion library “mbstring” and “gd” should be installed on php.
23	* To use the management page filter function and login page change function, “mod_rewrite” should be loaded on Apache.
24	* To use the WAF Tuning Support, WAF ( SiteGuard Lite ) should be installed on Apache.

81	http://www.jp-secure.com/cont/products/siteguard_wp_plugin/faq_en.html
82
83	== Changelog ==
84	+ = 1.0.3 =
85	+ * Fix a problem that "Rename Login" does not work, if you change Permalink settings
86	+ * Fix the collision of class name of Really Simple CAPTCHA
87	= 1.0.2 =
88	* Fix a minor html escape leakage
89	* Reduced the problem of affinity with other plugin [WordPress HTTPS (SSL)]

really-simple-captcha/siteguard-really-simple-captcha.php ADDED Viewed

	@@ -0,0 +1,386 @@


1	+ <?php
2	+ /*
3	+ This function based on Really Simple CAPTCHA 1.8.
4	+ modify matters
5	+ * add Hiragana ( Japanese ) CAPTCHA
6	+ * add randam line
7	+
8	+ Base-Plugin Name: Really Simple CAPTCHA
9	+ Base-Plugin URI: http://contactform7.com/captcha/
10	+ Base-Description: Really Simple CAPTCHA is a CAPTCHA module intended to be called from other plugins. It is originally created for my Contact Form 7 plugin.
11	+ Base-Author: Takayuki Miyoshi
12	+ Base-Version: 1.8
13	+ Base-Author URI: http://ideasilo.wordpress.com/
14	+ */
15	+
16	+ /* Copyright 2007-2014 Takayuki Miyoshi (email: takayukister at gmail.com)
17	+
18	+ This program is free software; you can redistribute it and/or modify
19	+ it under the terms of the GNU General Public License as published by
20	+ the Free Software Foundation; either version 2 of the License, or
21	+ (at your option) any later version.
22	+
23	+ This program is distributed in the hope that it will be useful,
24	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
25	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26	+ GNU General Public License for more details.
27	+
28	+ You should have received a copy of the GNU General Public License
29	+ along with this program; if not, write to the Free Software
30	+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
31	+ */
32	+
33	+ class SiteGuardReallySimpleCaptcha extends SiteGuard_Base {
34	+
35	+ public function __construct() {
36	+
37	+ /* Mode of character set alphabet(en) or hiragana(jp) */
38	+ $this->lang_mode = 'jp';
39	+
40	+ /* Length of a word in an image */
41	+ $this->char_length = 4;
42	+
43	+ /* Directory temporary keeping CAPTCHA images and corresponding text files */
44	+ $this->tmp_dir = path_join( dirname( __FILE__ ), 'tmp' );
45	+
46	+ /* Array of CAPTCHA image size. Width and height */
47	+ $this->img_size = array( 72, 24 );
48	+
49	+ /* Background color of CAPTCHA image. RGB color 0-255 */
50	+ $this->bg = array( 255, 255, 255 );
51	+
52	+ /* Foreground (character) color of CAPTCHA image. RGB color 0-255 */
53	+ $this->fg = array( 0, 0, 0 );
54	+
55	+ /* Coordinates for a text in an image. I don't know the meaning. Just adjust. */
56	+ $this->base = array( 6, 18 );
57	+
58	+ /* Font size */
59	+ $this->font_size = 14;
60	+
61	+ /* Width of a character */
62	+ $this->font_char_width = 15;
63	+
64	+ /* Image type. 'png', 'gif' or 'jpeg' */
65	+ $this->img_type = 'png';
66	+
67	+ /* Mode of temporary image files */
68	+ $this->file_mode = 0444;
69	+
70	+ /* Mode of temporary answer text files */
71	+ $this->answer_file_mode = 0440;
72	+
73	+ }
74	+
75	+ /**
76	+ * Generate and return a random word.
77	+ *
78	+ * @return string Random word with $chars characters x $char_length length
79	+ */
80	+ public function generate_random_word() {
81	+
82	+ /* Characters available in images */
83	+ $chars_en = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
84	+ $chars_jp = 'あいうえおかきくけこさしすせそたちつてとなにぬねのはひふへほまみむめもやゆよん';
85	+
86	+ $word = '';
87	+
88	+ if( $this->lang_mode == 'jp' ) {
89	+ $this->chars = $chars_jp;
90	+ } else {
91	+ $this->chars = $chars_en;
92	+ }
93	+
94	+ for ( $i = 0; $i < $this->char_length; $i++ ) {
95	+ $pos = mt_rand( 0, mb_strlen( $this->chars ) - 1 );
96	+ $char = mb_substr( $this->chars, $pos, 1 );
97	+ $word .= $char;
98	+ }
99	+
100	+ return $word;
101	+ }
102	+
103	+ /**
104	+ * Generate CAPTCHA image and corresponding answer file.
105	+ *
106	+ * @param string $prefix File prefix used for both files
107	+ * @param string $word Random word generated by generate_random_word()
108	+ * @return string\|bool The file name of the CAPTCHA image. Return false if temp directory is not available.
109	+ */
110	+ public function generate_image( $prefix, $word ) {
111	+ if ( ! $this->make_tmp_dir() )
112	+ return false;
113	+
114	+ $this->cleanup();
115	+
116	+ /* Array of fonts. Randomly picked up per character */
117	+ if( $this->lang_mode == 'jp' ) {
118	+ $this->fonts = array(
119	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-black.ttf',
120	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-bold.ttf',
121	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-heavy.ttf',
122	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-light.ttf',
123	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-medium.ttf',
124	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-regular.ttf',
125	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1c-hiragana-thin.ttf',
126	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1m-hiragana-bold.ttf',
127	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1m-hiragana-light.ttf',
128	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1m-hiragana-medium.ttf',
129	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1m-hiragana-regular.ttf',
130	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1m-hiragana-thin.ttf',
131	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1mn-hiragana-bold.ttf',
132	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1mn-hiragana-light.ttf',
133	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1mn-hiragana-medium.ttf',
134	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1mn-hiragana-regular.ttf',
135	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1mn-hiragana-thin.ttf',
136	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-black.ttf',
137	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-bold.ttf',
138	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-heavy.ttf',
139	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-light.ttf',
140	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-medium.ttf',
141	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-regular.ttf',
142	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-1p-hiragana-thin.ttf',
143	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-black.ttf',
144	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-bold.ttf',
145	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-heavy.ttf',
146	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-light.ttf',
147	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-medium.ttf',
148	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-regular.ttf',
149	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2c-hiragana-thin.ttf',
150	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2m-hiragana-bold.ttf',
151	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2m-hiragana-light.ttf',
152	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2m-hiragana-medium.ttf',
153	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2m-hiragana-regular.ttf',
154	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2m-hiragana-thin.ttf',
155	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-black.ttf',
156	+ dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-bold.ttf',
157	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-heavy.ttf',
158	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-light.ttf',
159	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-medium.ttf',
160	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-regular.ttf',
161	+ //dirname( __FILE__ ) . '/mplus-TESTFLIGHT-058/mplus-2p-hiragana-thin.ttf',
162	+ );
163	+ } else {
164	+ $this->fonts = array(
165	+ dirname( __FILE__ ) . '/gentium/GenBkBasR.ttf',
166	+ dirname( __FILE__ ) . '/gentium/GenBkBasI.ttf',
167	+ dirname( __FILE__ ) . '/gentium/GenBkBasBI.ttf',
168	+ dirname( __FILE__ ) . '/gentium/GenBkBasB.ttf',
169	+ );
170	+ }
171	+
172	+ $dir = trailingslashit( $this->tmp_dir );
173	+ $filename = null;
174	+
175	+ if ( $im = imagecreatetruecolor( $this->img_size[0], $this->img_size[1] ) ) {
176	+ $bg = imagecolorallocate( $im, $this->bg[0], $this->bg[1], $this->bg[2] );
177	+ $fg = imagecolorallocate( $im, $this->fg[0], $this->fg[1], $this->fg[2] );
178	+
179	+ imagefill( $im, 0, 0, $bg );
180	+
181	+ // randam lines
182	+ for( $i = 0; $i < 5; $i++ ) {
183	+ $color = imagecolorallocate( $im, 196, 196, 196 );
184	+ imageline( $im, mt_rand( 0, $this->img_size[0] - 1 ), mt_rand( 0, $this->img_size[1] - 1 ),
185	+ mt_rand( 0, $this->img_size[0] - 1 ), mt_rand( 0, $this->img_size[1] - 1 ),
186	+ $color );
187	+ }
188	+
189	+ $x = $this->base[0] + mt_rand( -2, 2 );
190	+
191	+ for ( $i = 0; $i < mb_strlen( $word ); $i++ ) {
192	+ $font = $this->fonts[array_rand( $this->fonts )];
193	+ $font = $this->normalize_path( $font );
194	+ imagettftext( $im, $this->font_size, mt_rand( -12, 12 ), $x,
195	+ $this->base[1] + mt_rand( -2, 2 ), $fg, $font, mb_substr( $word, $i, 1 ) );
196	+ $x += $this->font_char_width;
197	+ }
198	+
199	+ switch ( $this->img_type ) {
200	+ case 'jpeg':
201	+ $filename = sanitize_file_name( $prefix . '.jpeg' );
202	+ $file = $this->normalize_path( $dir . $filename );
203	+ imagejpeg( $im, $file );
204	+ break;
205	+ case 'gif':
206	+ $filename = sanitize_file_name( $prefix . '.gif' );
207	+ $file = $this->normalize_path( $dir . $filename );
208	+ imagegif( $im, $file );
209	+ break;
210	+ case 'png':
211	+ default:
212	+ $filename = sanitize_file_name( $prefix . '.png' );
213	+ $file = $this->normalize_path( $dir . $filename );
214	+ imagepng( $im, $file );
215	+ }
216	+
217	+ imagedestroy( $im );
218	+ @chmod( $file, $this->file_mode );
219	+ }
220	+
221	+ $this->generate_answer_file( $prefix, $word );
222	+
223	+ return $filename;
224	+ }
225	+
226	+ /**
227	+ * Generate answer file corresponding to CAPTCHA image.
228	+ *
229	+ * @param string $prefix File prefix used for answer file
230	+ * @param string $word Random word generated by generate_random_word()
231	+ */
232	+ public function generate_answer_file( $prefix, $word ) {
233	+ $dir = trailingslashit( $this->tmp_dir );
234	+ $answer_file = $dir . sanitize_file_name( $prefix . '.txt' );
235	+ $answer_file = $this->normalize_path( $answer_file );
236	+
237	+ if ( $fh = @fopen( $answer_file, 'w' ) ) {
238	+ $word = strtoupper( $word );
239	+ $salt = wp_generate_password( 64 );
240	+ $hash = hash_hmac( 'md5', $word, $salt );
241	+
242	+ $code = $salt . '\|' . $hash;
243	+
244	+ fwrite( $fh, $code );
245	+ fclose( $fh );
246	+ }
247	+
248	+ @chmod( $answer_file, $this->answer_file_mode );
249	+ }
250	+
251	+ /**
252	+ * Check a response against the code kept in the temporary file.
253	+ *
254	+ * @param string $prefix File prefix used for both files
255	+ * @param string $response CAPTCHA response
256	+ * @return bool Return true if the two match, otherwise return false.
257	+ */
258	+ public function check( $prefix, $response ) {
259	+ if ( 0 == strlen( $prefix ) ) {
260	+ return false;
261	+ }
262	+
263	+ $response = str_replace( array( " ", "\t" ), '', $response );
264	+ $response = strtoupper( $response );
265	+
266	+ $dir = trailingslashit( $this->tmp_dir );
267	+ $filename = sanitize_file_name( $prefix . '.txt' );
268	+ $file = $this->normalize_path( $dir . $filename );
269	+
270	+ if ( @is_readable( $file ) && ( $code = file_get_contents( $file ) ) ) {
271	+ $code = explode( '\|', $code, 2 );
272	+
273	+ $salt = $code[0];
274	+ $hash = $code[1];
275	+ if ( hash_hmac( 'md5', $response, $salt ) == $hash )
276	+ return true;
277	+ }
278	+
279	+ return false;
280	+ }
281	+
282	+ /**
283	+ * Remove temporary files with given prefix.
284	+ *
285	+ * @param string $prefix File prefix
286	+ */
287	+ public function remove( $prefix ) {
288	+ $suffixes = array( '.jpeg', '.gif', '.png', '.php', '.txt' );
289	+
290	+ foreach ( $suffixes as $suffix ) {
291	+ $dir = trailingslashit( $this->tmp_dir );
292	+ $filename = sanitize_file_name( $prefix . $suffix );
293	+ $file = $this->normalize_path( $dir . $filename );
294	+
295	+ if ( @is_file( $file ) ) {
296	+ unlink( $file );
297	+ }
298	+ }
299	+ }
300	+
301	+ /**
302	+ * Clean up dead files older than given length of time.
303	+ *
304	+ * @param int $minutes Consider older files than this time as dead files
305	+ * @return int\|bool The number of removed files. Return false if error occurred.
306	+ */
307	+ public function cleanup( $minutes = 60 ) {
308	+ $dir = trailingslashit( $this->tmp_dir );
309	+ $dir = $this->normalize_path( $dir );
310	+
311	+ if ( ! @is_dir( $dir ) \|\| ! @is_readable( $dir ) )
312	+ return false;
313	+
314	+ $is_win = ( 'WIN' === strtoupper( substr( PHP_OS, 0, 3 ) ) );
315	+
316	+ if ( ! ( $is_win ? win_is_writable( $dir ) : @is_writable( $dir ) ) )
317	+ return false;
318	+
319	+ $count = 0;
320	+
321	+ if ( $handle = @opendir( $dir ) ) {
322	+ while ( false !== ( $filename = readdir( $handle ) ) ) {
323	+ if ( ! preg_match( '/^[0-9]+\.(php\|txt\|png\|gif\|jpeg)$/', $filename ) )
324	+ continue;
325	+
326	+ $file = $this->normalize_path( $dir . $filename );
327	+
328	+ $stat = @stat( $file );
329	+ if ( ( $stat['mtime'] + $minutes * 60 ) < time() ) {
330	+ @unlink( $file );
331	+ $count += 1;
332	+ }
333	+ }
334	+
335	+ closedir( $handle );
336	+ }
337	+
338	+ return $count;
339	+ }
340	+
341	+ /**
342	+ * Make a temporary directory and generate .htaccess file in it.
343	+ *
344	+ * @return bool True on successful create, false on failure.
345	+ */
346	+ public function make_tmp_dir() {
347	+ $dir = trailingslashit( $this->tmp_dir );
348	+ $dir = $this->normalize_path( $dir );
349	+
350	+ if ( ! wp_mkdir_p( $dir ) )
351	+ return false;
352	+
353	+ $htaccess_file = $this->normalize_path( $dir . '.htaccess' );
354	+
355	+ if ( file_exists( $htaccess_file ) )
356	+ return true;
357	+
358	+ if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
359	+ fwrite( $handle, 'Order deny,allow' . "\n" );
360	+ fwrite( $handle, 'Deny from all' . "\n" );
361	+ fwrite( $handle, '<Files ~ "^[0-9A-Za-z]+\\.(jpeg\|gif\|png)$">' . "\n" );
362	+ fwrite( $handle, ' Allow from all' . "\n" );
363	+ fwrite( $handle, '</Files>' . "\n" );
364	+ fclose( $handle );
365	+ }
366	+
367	+ return true;
368	+ }
369	+
370	+ /**
371	+ * Normalize a filesystem path.
372	+ *
373	+ * This should be replaced by wp_normalize_path when the plugin's
374	+ * minimum requirement becomes WordPress 3.9 or higher.
375	+ *
376	+ * @param string $path Path to normalize.
377	+ * @return string Normalized path.
378	+ */
379	+ private function normalize_path( $path ) {
380	+ $path = str_replace( '\\', '/', $path );
381	+ $path = preg_replace( '\|/+\|', '/', $path );
382	+ return $path;
383	+ }
384	+ }
385	+
386	+ ?>

siteguard.php CHANGED Viewed

	@@ -7,7 +7,7 @@ Author: JP-Secure
7	Author URI: http://www.jp-secure.com/eng/
8	Text Domain: siteguard
9	Domain Path: /languages/
10	- Version: 1.0.2
11	*/
12
13	/* Copyright 2014 JP-Secure Inc
	@@ -30,6 +30,8 @@ if ( ! defined( 'ABSPATH' ) ) {
30	exit;
31	}
32


33	define( 'SITEGUARD_PATH', plugin_dir_path( __FILE__ ) );
34	define( 'SITEGUARD_URL_PATH', plugin_dir_url( __FILE__ ) );
35
	@@ -73,7 +75,6 @@ $waf_exclude_rule = new SiteGuard_WAF_Exclude_Rule( );
73	function siteguard_activate( ) {
74	global $admin_filter, $rename_login, $login_history, $captcha, $loginlock, $pingback, $waf_exclude_rule;
75
76	- flush_rewrite_rules();
77	$admin_filter->init();
78	$rename_login->init();
79	$login_history->init();
	@@ -86,7 +87,6 @@ register_activation_hook( __FILE__, 'siteguard_activate' );
86
87	function siteguard_deactivate( ) {
88	global $config;
89	- flush_rewrite_rules();
90	$config->set( 'siteguard_meta_version', '0.0' );
91	$config->update( );
92	SiteGuard_RenameLogin::feature_off( );
	@@ -95,11 +95,13 @@ function siteguard_deactivate( ) {
95	}
96	register_deactivation_hook( __FILE__, 'siteguard_deactivate' );
97

98	class SiteGuard extends SiteGuard_Base {
99	var $menu_init;
100	function __construct( ) {
101	if ( is_admin( ) ) {
102	$this->menu_init = new SiteGuard_Menu_Init( );

103	}
104	add_action( 'plugins_loaded', array( $this, 'plugins_loaded' ) );
105	}
	@@ -110,6 +112,24 @@ class SiteGuard extends SiteGuard_Base {
110	dirname( plugin_basename( __FILE__ ) ) . '/languages'
111	);
112	}


















113	}
114	$siteguard = new SiteGuard;
115	?>


7	Author URI: http://www.jp-secure.com/eng/
8	Text Domain: siteguard
9	Domain Path: /languages/
10	+ Version: 1.0.3
11	*/
12
13	/* Copyright 2014 JP-Secure Inc

30	exit;
31	}
32
33	+ define( 'SITEGUARD_VERSION', '1.0.3' );
34	+
35	define( 'SITEGUARD_PATH', plugin_dir_path( __FILE__ ) );
36	define( 'SITEGUARD_URL_PATH', plugin_dir_url( __FILE__ ) );
37

75	function siteguard_activate( ) {
76	global $admin_filter, $rename_login, $login_history, $captcha, $loginlock, $pingback, $waf_exclude_rule;
77

78	$admin_filter->init();
79	$rename_login->init();
80	$login_history->init();

87
88	function siteguard_deactivate( ) {
89	global $config;

90	$config->set( 'siteguard_meta_version', '0.0' );
91	$config->update( );
92	SiteGuard_RenameLogin::feature_off( );

95	}
96	register_deactivation_hook( __FILE__, 'siteguard_deactivate' );
97
98	+
99	class SiteGuard extends SiteGuard_Base {
100	var $menu_init;
101	function __construct( ) {
102	if ( is_admin( ) ) {
103	$this->menu_init = new SiteGuard_Menu_Init( );
104	+ add_action( 'admin_init', array( $this, 'upgrade' ) );
105	}
106	add_action( 'plugins_loaded', array( $this, 'plugins_loaded' ) );
107	}

112	dirname( plugin_basename( __FILE__ ) ) . '/languages'
113	);
114	}
115	+ function upgrade( ) {
116	+ global $config, $rename_login;
117	+ $upgrade_ok = true;
118	+ $old_version = $config->get( 'version' );
119	+ if ( '' == $old_version ) {
120	+ $old_version = '0.0.0';
121	+ }
122	+ if ( version_compare( $old_version, '1.0.3' ) < 0 ) {
123	+ if ( '1' == $config->get( 'renamelogin_enable' ) ) {
124	+ if ( true != $rename_login->feature_on( ) ) {
125	+ $upgrade_ok = false;
126	+ }
127	+ }
128	+ }
129	+ if ( $upgrade_ok && $old_version != SITEGUARD_VERSION ) {
130	+ $config->set( 'version', SITEGUARD_VERSION );
131	+ }
132	+ }
133	}
134	$siteguard = new SiteGuard;
135	?>