Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.4.7

Version Description

  • Cleaning up the code a bit.
  • Only displaying last login messages to admin users.
  • Storing the logs into a log file instead of the db.
Download this release

Release Info

Developer yorman
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.4.7
Comparing to
See all releases

Code changes from version 1.4.6 to 1.4.7

Files changed (4) hide show
  1. inc/css/sucuriscan-default-css.css +5 -0
  2. inc/tpl/sucuri-wp-lastlogins.html.tpl +0 -30
  3. readme.txt +6 -2
  4. sucuri.php +105 -212
inc/css/sucuriscan-default-css.css CHANGED
@@ -94,3 +94,8 @@
94
  .sucuri-hidden{
95
  display: none !important
96
  }
 
 
 
 
 
94
  .sucuri-hidden{
95
  display: none !important
96
  }
97
+
98
+ .sucuri-inline-error{
99
+ font-weight: bold;
100
+ color: #ff0000;
101
+ }
inc/tpl/sucuri-wp-lastlogins.html.tpl CHANGED
@@ -12,36 +12,6 @@
12
  </div>
13
  </div>
14
 
15
- <div id="poststuff" class="sucuri-%%SUCURI.LastLoginsSettings.Display%%">
16
- <div class="postbox">
17
- <h3>User logins settings</h3>
18
- <div class="inside">
19
- <form method="POST">
20
- <input type="hidden" name="sucuri_lastlogins_nonce" value="%%SUCURI.LastLoginsNonce%%" />
21
-
22
- <p>As part of the administrator accounts, you can choose who can see alerts of Last-Logins in the Wordpress Dashboard.</p>
23
- <label>
24
- <input type="radio" name="lastlogin_alerts" value="enable_everyone" %%SUCURI.LastLoginsAlerts.EnableEveryone%% />
25
- Enable last logins warnings for everyone.
26
- </label>
27
- <br />
28
- <label>
29
- <input type="radio" name="lastlogin_alerts" value="disable_everyone" %%SUCURI.LastLoginsAlerts.DisableEveryone%% />
30
- Disable last login flashs for everyone.
31
- </label>
32
- <br />
33
- <label>
34
- <input type="radio" name="lastlogin_alerts" value="just_admins" %%SUCURI.LastLoginsAlerts.JustAdmins%% />
35
- Disable last logins for any non admins.
36
- </label>
37
- <p>
38
- <input type="submit" value="Save values" class="button-primary" />
39
- </p>
40
- </form>
41
- </div>
42
- </div>
43
- </div><!-- End poststuff -->
44
-
45
  <table class="wp-list-table widefat">
46
  <thead>
47
  <tr>
12
  </div>
13
  </div>
14
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
15
  <table class="wp-list-table widefat">
16
  <thead>
17
  <tr>
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: dd@sucuri.net, dremeda
3
  Donate Link: http://sitecheck.sucuri.net
4
  Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
  Requires at least:3.2
6
- Stable tag:1.4.6
7
  Tested up to: 3.6
8
 
9
  The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
@@ -23,7 +23,6 @@ Sucuri SiteCheck detects various types of malware, SPAM injections, website erro
23
  * PHP Mailers
24
  * Phishing Attempts
25
  * Malicious Redirects
26
- * Backdoors (e.g., C99, R57, Webshells)
27
  * Anomalies
28
  * Drive-by-Downloads
29
  * IP Cloaking
@@ -67,6 +66,11 @@ the compromise on your site).
67
 
68
  == Changelog ==
69
 
 
 
 
 
 
70
  = 1.4.6 =
71
  * Increasing last login table to the last 100 entries.
72
 
3
  Donate Link: http://sitecheck.sucuri.net
4
  Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
  Requires at least:3.2
6
+ Stable tag:1.4.7
7
  Tested up to: 3.6
8
 
9
  The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
23
  * PHP Mailers
24
  * Phishing Attempts
25
  * Malicious Redirects
 
26
  * Anomalies
27
  * Drive-by-Downloads
28
  * IP Cloaking
66
 
67
  == Changelog ==
68
 
69
+ = 1.4.7 =
70
+ * Cleaning up the code a bit.
71
+ * Only displaying last login messages to admin users.
72
+ * Storing the logs into a log file instead of the db.
73
+
74
  = 1.4.6 =
75
  * Increasing last login table to the last 100 entries.
76
 
sucuri.php CHANGED
@@ -7,7 +7,7 @@ Description: The <a href="http://sucuri.net">Sucuri Security</a> - SiteCheck Mal
7
  You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
 
9
  Author: Sucuri Security
10
- Version: 1.4.6
11
  Author URI: http://sucuri.net
12
  */
13
 
@@ -23,17 +23,11 @@ if(!function_exists('add_action'))
23
  @ignore_user_abort(TRUE);
24
 
25
  define('SUCURISCAN','sucuriscan');
26
- define('SUCURISCAN_VERSION','1.4.6');
27
  define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
28
  define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
- /* Sucuri Free/Paid Plugin will use the same tablename, check: sucuriscan_lastlogins_table_exists() */
30
- define('SUCURISCAN_LASTLOGINS_TABLENAME', "{$table_prefix}sucuri_lastlogins");
31
- define('SUCURISCAN_LASTLOGINS_TABLEVERSION', '1.0');
32
  define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
33
 
34
- register_activation_hook(__FILE__, 'sucuriscan_plugin_activation');
35
- register_deactivation_hook(__FILE__, 'sucuriscan_plugin_deactivation');
36
-
37
  /* Requires files. */
38
  add_action( 'admin_enqueue_scripts', 'sucuriscan_admin_script_style_registration', 1 );
39
  function sucuriscan_admin_script_style_registration() { ?>
@@ -57,43 +51,6 @@ function sucuriscan_dir_filepath($path = '')
57
  return($wp_dir_array['basedir']."/sucuri/$path");
58
  }
59
 
60
- /* sucuri_plugin_activation:
61
- * Creates the internal files / directories used by the plugin.
62
- * Returns 0 on error and 1 on success.
63
- */
64
- function sucuriscan_plugin_activation()
65
- {
66
- if( function_exists('sucuriscan_capabilities') ){
67
- sucuriscan_capabilities('add');
68
- }
69
- return(1);
70
- }
71
-
72
- function sucuriscan_plugin_deactivation()
73
- {
74
- if( function_exists('sucuriscan_capabilities') ){
75
- sucuriscan_capabilities('remove');
76
- }
77
- return TRUE;
78
- }
79
-
80
- function sucuriscan_capabilities($action=NULL){
81
- $allowed_actions = array( 'add', 'remove' );
82
-
83
- if( in_array($action, $allowed_actions) ){
84
- $roles = get_editable_roles();
85
- foreach($roles as $role_name=>$role_info){
86
- /* $role_info = Array( name => String, capabilities => Array ) */
87
- $role_object = get_role($role_name);
88
- if( $action='add' ){
89
- $role_object->add_cap('sucuriscan_cap_lastlogins');
90
- }elseif( $action=='remove' ){
91
- $role_object->remove_cap('sucuriscan_cap_lastlogins');
92
- }
93
- }
94
- }
95
- }
96
-
97
  /* Starting Sucuri Scan side bar. */
98
  function sucuriscan_menu()
99
  {
@@ -111,7 +68,7 @@ function sucuriscan_menu()
111
  add_submenu_page('sucuriscan', 'Post-Hack', 'Post-Hack', 'manage_options',
112
  'sucuriscan_posthack', 'sucuriscan_posthack_page');
113
 
114
- add_submenu_page('sucuriscan', 'Last Logins', 'Last Logins', 'sucuriscan_cap_lastlogins',
115
  'sucuriscan_lastlogins', 'sucuriscan_lastlogins_page');
116
  }
117
 
@@ -120,54 +77,26 @@ function sucuriscan_menu()
120
  function sucuri_scan_page()
121
  {
122
  $U_ERROR = NULL;
123
- if(!current_user_can('manage_options'))
124
- {
125
  wp_die(__('You do not have sufficient permissions to access this page: Sucuri Malware Scanner') );
126
  }
127
 
128
- if(isset($_POST['wpsucuri-doscan']))
129
- {
 
 
 
 
130
  sucuriscan_print_scan();
131
  return(1);
132
  }
133
 
134
- /* Setting's header. */
135
- echo '<div class="wrap">';
136
- echo '<h2 id="warnings_hook"></h2>';
137
- echo '<div class="sucuriscan_header"><img src="'.SUCURI_URL.'/inc/images/logo.png">';
138
- sucuriscan_pagestop("SiteCheck Scanner");
139
- echo '</div>';
140
-
141
- echo '<div class="postbox-container" style="width:75%;">';
142
- echo '<div class="sucuriscan-maincontent">';
143
-
144
- echo '<div class="postbox">';
145
- echo '<div class="inside">';
146
- echo '<h2 align="center">Scan your site for malware using <a href="http://sitecheck.sucuri.net">Sucuri SiteCheck</a> right in your WordPress dashboard.</h2>';
147
- echo '</div>';
148
- echo '</div>';
149
- ?>
150
-
151
- <form action="" method="post">
152
- <input type="hidden" name="wpsucuri-doscan" value="wpsucuri-doscan" />
153
- <input class="button button-primary button-hero load-customize" type="submit" name="wpsucuri_doscanrun" value="Scan this site now!" />
154
- </form>
155
-
156
- <p><strong>If you have any questions about these checks or this plugin, contact us at <a href="mailto:info@sucuri.net">info@sucuri.net</a> or visit <a href="http://sucuri.net">sucuri.net</a></strong></p>
157
-
158
- </div><!-- End sucuriscan-maincontent -->
159
- </div><!-- End postbox-container -->
160
-
161
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
162
-
163
- </div><!-- End Wrap -->
164
-
165
- <?php
166
  }
167
 
168
  function sucuriscan_print_scan()
169
  {
170
- $myresults = wp_remote_get("http://sitecheck.sucuri.net/scanner/?serialized&clear&fromwp&scan=".home_url(), array("timeout" => 180));
171
 
172
  if(is_wp_error($myresults))
173
  {
@@ -290,7 +219,7 @@ function sucuriscan_print_scan()
290
  </div><!-- End sucuriscan-maincontent -->
291
  </div><!-- End postbox-container -->
292
 
293
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
294
 
295
  </div><!-- End Wrap -->
296
 
@@ -339,7 +268,7 @@ function sucuriscan_hardening_page()
339
  </div><!-- End sucuriscan-maincontent -->
340
  </div><!-- End postbox-container -->
341
 
342
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
343
 
344
  </div><!-- End Wrap -->
345
 
@@ -374,7 +303,7 @@ function sucuriscan_core_integrity_page()
374
  </div><!-- End sucuriscan-maincontent -->
375
  </div><!-- End postbox-container -->
376
 
377
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
378
 
379
  </div><!-- End Wrap -->
380
 
@@ -435,7 +364,7 @@ function sucuriscan_prettify_mail($subject='', $message='', $data_set=array())
435
  $mail_variables[$var_key] = $var_value;
436
  }
437
 
438
- return sucuriscan_get_template("sucuri-wp-notification.{$prettify_type}.tpl", $mail_variables);
439
  }
440
 
441
  function sucuriscan_get_template($template='', $template_variables=array()){
@@ -453,7 +382,7 @@ function sucuriscan_get_template($template='', $template_variables=array()){
453
 
454
  function sucuriscan_wp_sidebar_gen()
455
  {
456
- return sucuriscan_get_template('sucuri-wp-sidebar.html.tpl');
457
  }
458
 
459
  function sucuriscan_get_new_config_keys()
@@ -623,7 +552,7 @@ function sucuriscan_posthack_page()
623
  // Fill the user list for ResetPassword action.
624
  $user_list = get_users();
625
  foreach($user_list as $user){
626
- $user_snippet = sucuriscan_get_template('sucuri-wp-resetpassword.snippet.tpl', array(
627
  'ResetPassword.UserId'=>$user->ID,
628
  'ResetPassword.Username'=>$user->user_login,
629
  'ResetPassword.Displayname'=>$user->display_name,
@@ -632,7 +561,7 @@ function sucuriscan_posthack_page()
632
  $template_variables['ResetPassword.UserList'] .= $user_snippet;
633
  }
634
 
635
- echo sucuriscan_get_template('sucuri-wp-posthack.html.tpl', $template_variables);
636
  }
637
 
638
  function sucuriscan_get_remoteaddr()
@@ -659,7 +588,7 @@ function sucuriscan_get_remoteaddr()
659
 
660
  function sucuriscan_lastlogins_page()
661
  {
662
- if( !current_user_can('sucuriscan_cap_lastlogins') )
663
  {
664
  wp_die(__('You do not have sufficient permissions to access this page: Sucuri Last-Logins') );
665
  }
@@ -671,45 +600,15 @@ function sucuriscan_lastlogins_page()
671
  'SucuriWPSidebar'=>sucuriscan_wp_sidebar_gen(),
672
  'UserList'=>'',
673
  'CurrentURL'=>site_url().'/wp-admin/admin.php?page='.$_GET['page'],
674
- 'LastLoginsAlerts.EnableEveryone'=>'',
675
- 'LastLoginsAlerts.DisableEveryone'=>'',
676
- 'LastLoginsAlerts.JustAdmins'=>''
677
  );
678
 
679
- $can_edit_settings = current_user_can('manage_options') ? TRUE : FALSE;
680
- $template_variables['LastLoginsSettings.Display'] = $can_edit_settings ? '' : 'hidden';
681
-
682
- if(
683
- isset($_POST['sucuri_lastlogins_nonce'])
684
- && wp_verify_nonce($_POST['sucuri_lastlogins_nonce'], 'sucuriscan_lastlogins_nonce')
685
- ){
686
- if( $can_edit_settings ){
687
- update_option('sucuri_lastlogins_alerts', $_POST['lastlogin_alerts']);
688
- sucuriscan_admin_notice('updated', '<strong>OK.</strong> New settings saved!');
689
- }else{
690
- sucuriscan_admin_notice('error', '<strong>Error.</strong> You do not have permissions to change these settings.');
691
- }
692
- }
693
-
694
- switch( get_option('sucuri_lastlogins_alerts') ){
695
- case 'disable_everyone':
696
- $template_variables['LastLoginsAlerts.DisableEveryone'] = 'checked="checked"';
697
- break;
698
- case 'just_admins':
699
- $template_variables['LastLoginsAlerts.JustAdmins'] = 'checked="checked"';
700
- break;
701
- case 'enable_everyone':
702
- default:
703
- $template_variables['LastLoginsAlerts.EnableEveryone'] = 'checked="checked"';
704
- break;
705
- }
706
-
707
- $limit = isset($_GET['limit']) ? intval($_GET['limit']) : SUCURI_LASTLOGINS_USERSLIMIT;
708
  $template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
709
 
710
  $user_list = sucuriscan_get_logins($limit);
711
  foreach($user_list as $user){
712
- $user_snippet = sucuriscan_get_template('sucuri-wp-lastlogins.snippet.tpl', array(
713
  'UserList.UserId'=>intval($user->ID),
714
  'UserList.Username'=>( !is_null($user->user_login) ? $user->user_login : '<em>Unknown</em>' ),
715
  'UserList.Email'=>$user->user_email,
@@ -719,90 +618,102 @@ function sucuriscan_lastlogins_page()
719
  $template_variables['UserList'] .= $user_snippet;
720
  }
721
 
722
- echo sucuriscan_get_template('sucuri-wp-lastlogins.html.tpl', $template_variables);
723
  }
724
 
725
- if( !function_exists('sucuri_lastlogins_table_exists') ){
726
- function sucuriscan_lastlogins_table_exists()
727
- {
728
- global $wpdb;
729
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
730
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
731
- $upgrade_table = FALSE;
732
-
733
- if(
734
- $wpdb->get_var("SHOW TABLES LIKE '{$table_name}'")!=$table_name
735
- || get_option('sucuriscan_lastlogin_table_version')!=SUCURISCAN_LASTLOGINS_TABLEVERSION
736
- ){
737
- $upgrade_table = TRUE;
738
- }
739
 
740
- if( $upgrade_table ){
741
- $sql = 'CREATE TABLE `'.$table_name.'` (
742
- id int(11) NOT NULL AUTO_INCREMENT,
743
- user_id bigint(20) NOT NULL,
744
- user_login varchar(60),
745
- user_remoteaddr varchar(255),
746
- user_hostname varchar(255),
747
- user_lastlogin DATETIME DEFAULT "0000-00-00 00:00:00" NOT NULL,
748
- UNIQUE KEY id (id)
749
- )';
750
-
751
- require_once(ABSPATH.'wp-admin/includes/upgrade.php');
752
- if( !dbDelta($sql) ){
753
- sucuriscan_admin_notice('error', '<strong>Sucuri WP Plugin</strong>. Error upgrading Last-Logins table: '.$upgrade_process);
754
- }
755
- }
756
  }
757
  }
758
- add_action('plugins_loaded', 'sucuriscan_lastlogins_table_exists');
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
759
  }
760
 
761
  if( !function_exists('sucuri_set_lastlogin') ){
762
- function sucuriscan_set_lastlogin($user_login='')
763
- {
764
- global $wpdb;
765
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
766
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
767
  $current_user = get_user_by('login', $user_login);
768
  $remote_addr = sucuriscan_get_remoteaddr();
769
 
770
- $wpdb->insert($table_name, array(
771
  'user_id'=>$current_user->ID,
772
  'user_login'=>$current_user->user_login,
773
  'user_remoteaddr'=>$remote_addr,
774
  'user_hostname'=>@gethostbyaddr($remote_addr),
775
  'user_lastlogin'=>current_time('mysql')
776
- ));
 
 
777
  }
778
  }
779
  add_action('wp_login', 'sucuriscan_set_lastlogin', 50);
780
  }
781
 
782
- function sucuriscan_get_logins($limit=10, $user_id=0)
783
- {
784
- global $wpdb;
785
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
786
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
 
 
 
 
 
 
 
 
 
 
 
 
787
 
788
- $sql = "SELECT * FROM {$table_name} LEFT JOIN {$wpdb->prefix}users ON {$table_name}.user_id = {$wpdb->prefix}users.ID";
789
- if( !current_user_can('manage_options') ){
790
- $current_user = wp_get_current_user();
791
- $sql .= chr(32)."WHERE {$wpdb->prefix}users.user_login = '{$current_user->user_login}'";
792
- }
793
- if( $user_id>0 ){
794
- $where_append = strpos('WHERE ', $sql)===FALSE ? 'WHERE' : 'AND';
795
- $sql .= chr(32)."{$where_append} {$table_name}.user_id = '{$user_id}'";
796
- }
797
- $sql .= chr(32)."ORDER BY {$table_name}.id DESC";
798
- if( preg_match('/^([0-9]+)$/', $limit) && $limit>0 ){
799
- $sql .= chr(32)."LIMIT {$limit}";
800
- }
801
 
802
- return $wpdb->get_results($sql);
 
 
 
 
 
 
 
 
 
 
 
 
803
  }
804
 
805
- return FALSE;
806
  }
807
 
808
  if( !function_exists('sucuri_login_redirect') ){
@@ -817,37 +728,19 @@ if( !function_exists('sucuri_login_redirect') ){
817
  }
818
 
819
  if( !function_exists('sucuri_get_user_lastlogin') ){
820
- function sucuriscan_get_user_lastlogin()
821
- {
822
- global $wpdb;
823
- if( isset($_GET['sucuriscan_lastlogin_message']) && defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
824
- switch( get_option('sucuri_lastlogins_alerts') ){
825
- case 'disable_everyone':
826
- $display_alert = FALSE;
827
- break;
828
- case 'just_admins':
829
- $display_alert = current_user_can('manage_options') ? TRUE : FALSE;
830
- break;
831
- case 'enable_everyone':
832
- default:
833
- $display_alert = TRUE;
834
- break;
835
- }
836
-
837
- if($display_alert){
838
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
839
- $current_user = wp_get_current_user();
840
 
841
- // Select the penultimate entry, not the last one.
842
- $sql = "SELECT * FROM {$table_name} WHERE user_id = '{$current_user->ID}' ORDER BY user_lastlogin DESC LIMIT 1,1";
843
- $row = $wpdb->get_row($sql);
844
 
845
- if($row){
846
- $message_tpl = 'The last time you logged in was: %s, from %s - %s';
847
- $lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
848
- $lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
849
- sucuriscan_admin_notice('updated', $lastlogin_message);
850
- }
851
  }
852
  }
853
  }
7
  You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
 
9
  Author: Sucuri Security
10
+ Version: 1.4.7
11
  Author URI: http://sucuri.net
12
  */
13
 
23
  @ignore_user_abort(TRUE);
24
 
25
  define('SUCURISCAN','sucuriscan');
26
+ define('SUCURISCAN_VERSION','1.4.7');
27
  define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
28
  define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
 
 
 
29
  define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
30
 
 
 
 
31
  /* Requires files. */
32
  add_action( 'admin_enqueue_scripts', 'sucuriscan_admin_script_style_registration', 1 );
33
  function sucuriscan_admin_script_style_registration() { ?>
51
  return($wp_dir_array['basedir']."/sucuri/$path");
52
  }
53
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
54
  /* Starting Sucuri Scan side bar. */
55
  function sucuriscan_menu()
56
  {
68
  add_submenu_page('sucuriscan', 'Post-Hack', 'Post-Hack', 'manage_options',
69
  'sucuriscan_posthack', 'sucuriscan_posthack_page');
70
 
71
+ add_submenu_page('sucuriscan', 'Last Logins', 'Last Logins', 'manage_options',
72
  'sucuriscan_lastlogins', 'sucuriscan_lastlogins_page');
73
  }
74
 
77
  function sucuri_scan_page()
78
  {
79
  $U_ERROR = NULL;
80
+ if( !current_user_can('manage_options') ){
 
81
  wp_die(__('You do not have sufficient permissions to access this page: Sucuri Malware Scanner') );
82
  }
83
 
84
+ $template_variables = array(
85
+ 'PluginURL'=>SUCURI_URL,
86
+ 'Sidebar'=>sucuriscan_get_template('sidebar.html.tpl')
87
+ );
88
+
89
+ if( isset($_POST['wpsucuri-doscan']) ){
90
  sucuriscan_print_scan();
91
  return(1);
92
  }
93
 
94
+ echo sucuriscan_get_template('initial-page.html.tpl', $template_variables);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
95
  }
96
 
97
  function sucuriscan_print_scan()
98
  {
99
+ $myresults = wp_remote_get('http://sitecheck.sucuri.net/scanner/?serialized&clear&fromwp&scan='.home_url(), array('timeout' => 180));
100
 
101
  if(is_wp_error($myresults))
102
  {
219
  </div><!-- End sucuriscan-maincontent -->
220
  </div><!-- End postbox-container -->
221
 
222
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
223
 
224
  </div><!-- End Wrap -->
225
 
268
  </div><!-- End sucuriscan-maincontent -->
269
  </div><!-- End postbox-container -->
270
 
271
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
272
 
273
  </div><!-- End Wrap -->
274
 
303
  </div><!-- End sucuriscan-maincontent -->
304
  </div><!-- End postbox-container -->
305
 
306
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
307
 
308
  </div><!-- End Wrap -->
309
 
364
  $mail_variables[$var_key] = $var_value;
365
  }
366
 
367
+ return sucuriscan_get_template("notification.{$prettify_type}.tpl", $mail_variables);
368
  }
369
 
370
  function sucuriscan_get_template($template='', $template_variables=array()){
382
 
383
  function sucuriscan_wp_sidebar_gen()
384
  {
385
+ return sucuriscan_get_template('sidebar.html.tpl');
386
  }
387
 
388
  function sucuriscan_get_new_config_keys()
552
  // Fill the user list for ResetPassword action.
553
  $user_list = get_users();
554
  foreach($user_list as $user){
555
+ $user_snippet = sucuriscan_get_template('resetpassword.snippet.tpl', array(
556
  'ResetPassword.UserId'=>$user->ID,
557
  'ResetPassword.Username'=>$user->user_login,
558
  'ResetPassword.Displayname'=>$user->display_name,
561
  $template_variables['ResetPassword.UserList'] .= $user_snippet;
562
  }
563
 
564
+ echo sucuriscan_get_template('posthack.html.tpl', $template_variables);
565
  }
566
 
567
  function sucuriscan_get_remoteaddr()
588
 
589
  function sucuriscan_lastlogins_page()
590
  {
591
+ if( !current_user_can('manage_options') )
592
  {
593
  wp_die(__('You do not have sufficient permissions to access this page: Sucuri Last-Logins') );
594
  }
600
  'SucuriWPSidebar'=>sucuriscan_wp_sidebar_gen(),
601
  'UserList'=>'',
602
  'CurrentURL'=>site_url().'/wp-admin/admin.php?page='.$_GET['page'],
603
+ 'LastLogins.DatastoreWritable'=>sucuriscan_lastlogins_datastore_is_writable() ? 'hidden' : 'visible',
 
 
604
  );
605
 
606
+ $limit = isset($_GET['limit']) ? intval($_GET['limit']) : SUCURISCAN_LASTLOGINS_USERSLIMIT;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
607
  $template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
608
 
609
  $user_list = sucuriscan_get_logins($limit);
610
  foreach($user_list as $user){
611
+ $user_snippet = sucuriscan_get_template('lastlogins.snippet.tpl', array(
612
  'UserList.UserId'=>intval($user->ID),
613
  'UserList.Username'=>( !is_null($user->user_login) ? $user->user_login : '<em>Unknown</em>' ),
614
  'UserList.Email'=>$user->user_email,
618
  $template_variables['UserList'] .= $user_snippet;
619
  }
620
 
621
+ echo sucuriscan_get_template('lastlogins.html.tpl', $template_variables);
622
  }
623
 
624
+ function sucuriscan_lastlogins_datastore_exists(){
625
+ $plugin_upload_folder = sucuriscan_dir_filepath();
626
+ $datastore_filepath = rtrim($plugin_upload_folder,'/').'/sucuri-lastlogins.php';
 
 
 
 
 
 
 
 
 
 
 
627
 
628
+ if( !file_exists($datastore_filepath) ){
629
+ if( @file_put_contents($datastore_filepath, "<?php exit(0); ?>\n", LOCK_EX) ){
630
+ @chmod($datastore_filepath, 0644);
 
 
 
 
 
 
 
 
 
 
 
 
 
631
  }
632
  }
633
+
634
+ return file_exists($datastore_filepath) ? $datastore_filepath : FALSE;
635
+ }
636
+
637
+ function sucuriscan_lastlogins_datastore_is_writable(){
638
+ $datastore_filepath = sucuriscan_lastlogins_datastore_exists();
639
+ if($datastore_filepath){
640
+ if( !is_writable($datastore_filepath) ){
641
+ @chmod($datastore_filepath, 0644);
642
+ }
643
+ return is_writable($datastore_filepath) ? $datastore_filepath : FALSE;
644
+ }
645
+ return FALSE;
646
+ }
647
+
648
+ function sucuriscan_lastlogins_datastore_is_readable(){
649
+ $datastore_filepath = sucuriscan_lastlogins_datastore_exists();
650
+ if( $datastore_filepath && is_readable($datastore_filepath) ){
651
+ return $datastore_filepath;
652
+ }
653
+ return FALSE;
654
  }
655
 
656
  if( !function_exists('sucuri_set_lastlogin') ){
657
+ function sucuriscan_set_lastlogin($user_login=''){
658
+ $datastore_filepath = sucuriscan_lastlogins_datastore_is_writable();
659
+
660
+ if($datastore_filepath){
 
661
  $current_user = get_user_by('login', $user_login);
662
  $remote_addr = sucuriscan_get_remoteaddr();
663
 
664
+ $login_info = array(
665
  'user_id'=>$current_user->ID,
666
  'user_login'=>$current_user->user_login,
667
  'user_remoteaddr'=>$remote_addr,
668
  'user_hostname'=>@gethostbyaddr($remote_addr),
669
  'user_lastlogin'=>current_time('mysql')
670
+ );
671
+
672
+ @file_put_contents($datastore_filepath, serialize($login_info)."\n", FILE_APPEND);
673
  }
674
  }
675
  add_action('wp_login', 'sucuriscan_set_lastlogin', 50);
676
  }
677
 
678
+ function sucuriscan_get_logins($limit=10, $user_id=0){
679
+ $lastlogins = array();
680
+ $datastore_filepath = sucuriscan_lastlogins_datastore_is_readable();
681
+
682
+ if($datastore_filepath){
683
+ $parsed_lines = 0;
684
+ $lastlogins_lines = array_reverse(file($datastore_filepath));
685
+ foreach($lastlogins_lines as $line){
686
+ $line = str_replace("\n", '', $line);
687
+ if( preg_match('/^a:/', $line) ){
688
+ $user_lastlogin = unserialize($line);
689
+
690
+ /* Only administrators can see all login stats */
691
+ if( !current_user_can('manage_options') ){
692
+ $current_user = wp_get_current_user();
693
+ if( $current_user->user_login!=$user_lastlogin['user_login'] ){ continue; }
694
+ }
695
 
696
+ /* If an User_Id was specified when this function was called, filter by that number */
697
+ if( $user_id>0 ){
698
+ if( $user_lastlogin['user_id']!=$user_id ){ continue; }
699
+ }
 
 
 
 
 
 
 
 
 
700
 
701
+ /* Get the WP_User object and add extra information from the last-login data */
702
+ $user_account = get_userdata($user_lastlogin['user_id']);
703
+ foreach($user_lastlogin as $user_extrainfo_key=>$user_extrainfo_value){
704
+ $user_account->data->{$user_extrainfo_key} = $user_extrainfo_value;
705
+ }
706
+ $lastlogins[] = $user_account;
707
+ $parsed_lines += 1;
708
+ }
709
+
710
+ if( preg_match('/^([0-9]+)$/', $limit) && $limit>0 ){
711
+ if( $parsed_lines>=$limit ){ break; }
712
+ }
713
+ }
714
  }
715
 
716
+ return $lastlogins;
717
  }
718
 
719
  if( !function_exists('sucuri_login_redirect') ){
728
  }
729
 
730
  if( !function_exists('sucuri_get_user_lastlogin') ){
731
+ function sucuriscan_get_user_lastlogin(){
732
+ if( isset($_GET['sucuriscan_lastlogin_message']) && current_user_can('manage_options') ){
733
+ $current_user = wp_get_current_user();
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
734
 
735
+ // Select the penultimate entry, not the last one.
736
+ $user_lastlogins = sucuriscan_get_logins(2, $current_user->ID);
737
+ $row = isset($user_lastlogins[1]) ? $user_lastlogins[1] : FALSE;
738
 
739
+ if($row){
740
+ $message_tpl = 'The last time you logged in was: %s, from %s - %s';
741
+ $lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
742
+ $lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
743
+ sucuriscan_admin_notice('updated', $lastlogin_message);
 
744
  }
745
  }
746
  }