Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.4.7

Version Description

  • Cleaning up the code a bit.
  • Only displaying last login messages to admin users.
  • Storing the logs into a log file instead of the db.
Download this release

Release Info

Developer yorman
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.4.7
Comparing to
See all releases

Code changes from version 1.4.6 to 1.4.7

inc/css/sucuriscan-default-css.css CHANGED
@@ -94,3 +94,8 @@
94
.sucuri-hidden{
95
display: none !important
96
}
94
.sucuri-hidden{
95
display: none !important
96
}
97
+
98
+ .sucuri-inline-error{
99
+ font-weight: bold;
100
+ color: #ff0000;
101
+ }
inc/tpl/sucuri-wp-lastlogins.html.tpl CHANGED
@@ -12,36 +12,6 @@
12
</div>
13
</div>
14
15
- <div id="poststuff" class="sucuri-%%SUCURI.LastLoginsSettings.Display%%">
16
- <div class="postbox">
17
- <h3>User logins settings</h3>
18
- <div class="inside">
19
- <form method="POST">
20
- <input type="hidden" name="sucuri_lastlogins_nonce" value="%%SUCURI.LastLoginsNonce%%" />
21
-
22
- <p>As part of the administrator accounts, you can choose who can see alerts of Last-Logins in the Wordpress Dashboard.</p>
23
- <label>
24
- <input type="radio" name="lastlogin_alerts" value="enable_everyone" %%SUCURI.LastLoginsAlerts.EnableEveryone%% />
25
- Enable last logins warnings for everyone.
26
- </label>
27
- <br />
28
- <label>
29
- <input type="radio" name="lastlogin_alerts" value="disable_everyone" %%SUCURI.LastLoginsAlerts.DisableEveryone%% />
30
- Disable last login flashs for everyone.
31
- </label>
32
- <br />
33
- <label>
34
- <input type="radio" name="lastlogin_alerts" value="just_admins" %%SUCURI.LastLoginsAlerts.JustAdmins%% />
35
- Disable last logins for any non admins.
36
- </label>
37
- <p>
38
- <input type="submit" value="Save values" class="button-primary" />
39
- </p>
40
- </form>
41
- </div>
42
- </div>
43
- </div><!-- End poststuff -->
44
-
45
<table class="wp-list-table widefat">
46
<thead>
47
<tr>
12
</div>
13
</div>
14
15
<table class="wp-list-table widefat">
16
<thead>
17
<tr>
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: dd@sucuri.net, dremeda
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
- Stable tag:1.4.6
7
Tested up to: 3.6
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
@@ -23,7 +23,6 @@ Sucuri SiteCheck detects various types of malware, SPAM injections, website erro
23
* PHP Mailers
24
* Phishing Attempts
25
* Malicious Redirects
26
- * Backdoors (e.g., C99, R57, Webshells)
27
* Anomalies
28
* Drive-by-Downloads
29
* IP Cloaking
@@ -67,6 +66,11 @@ the compromise on your site).
67
68
== Changelog ==
69
70
= 1.4.6 =
71
* Increasing last login table to the last 100 entries.
72
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, scan, spam, virus, sucuri, WordPress,
5
Requires at least:3.2
6
+ Stable tag:1.4.7
7
Tested up to: 3.6
8
9
The Sucuri Security - SiteCheck Malware Scanner plugin enables you to scan your WordPress site using Sucuri SiteCheck and verify the integrity of your core files right in your dashboard. It also includes post-hack options to help you reset passwords and secret keys in case it has been already hacked.
23
* PHP Mailers
24
* Phishing Attempts
25
* Malicious Redirects
26
* Anomalies
27
* Drive-by-Downloads
28
* IP Cloaking
66
67
== Changelog ==
68
69
+ = 1.4.7 =
70
+ * Cleaning up the code a bit.
71
+ * Only displaying last login messages to admin users.
72
+ * Storing the logs into a log file instead of the db.
73
+
74
= 1.4.6 =
75
* Increasing last login table to the last 100 entries.
76
sucuri.php CHANGED
@@ -7,7 +7,7 @@ Description: The <a href="http://sucuri.net">Sucuri Security</a> - SiteCheck Mal
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
Author: Sucuri Security
10
- Version: 1.4.6
11
Author URI: http://sucuri.net
12
*/
13
@@ -23,17 +23,11 @@ if(!function_exists('add_action'))
23
@ignore_user_abort(TRUE);
24
25
define('SUCURISCAN','sucuriscan');
26
- define('SUCURISCAN_VERSION','1.4.6');
27
define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
28
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
- /* Sucuri Free/Paid Plugin will use the same tablename, check: sucuriscan_lastlogins_table_exists() */
30
- define('SUCURISCAN_LASTLOGINS_TABLENAME', "{$table_prefix}sucuri_lastlogins");
31
- define('SUCURISCAN_LASTLOGINS_TABLEVERSION', '1.0');
32
define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
33
34
- register_activation_hook(__FILE__, 'sucuriscan_plugin_activation');
35
- register_deactivation_hook(__FILE__, 'sucuriscan_plugin_deactivation');
36
-
37
/* Requires files. */
38
add_action( 'admin_enqueue_scripts', 'sucuriscan_admin_script_style_registration', 1 );
39
function sucuriscan_admin_script_style_registration() { ?>
@@ -57,43 +51,6 @@ function sucuriscan_dir_filepath($path = '')
57
return($wp_dir_array['basedir']."/sucuri/$path");
58
}
59
60
- /* sucuri_plugin_activation:
61
- * Creates the internal files / directories used by the plugin.
62
- * Returns 0 on error and 1 on success.
63
- */
64
- function sucuriscan_plugin_activation()
65
- {
66
- if( function_exists('sucuriscan_capabilities') ){
67
- sucuriscan_capabilities('add');
68
- }
69
- return(1);
70
- }
71
-
72
- function sucuriscan_plugin_deactivation()
73
- {
74
- if( function_exists('sucuriscan_capabilities') ){
75
- sucuriscan_capabilities('remove');
76
- }
77
- return TRUE;
78
- }
79
-
80
- function sucuriscan_capabilities($action=NULL){
81
- $allowed_actions = array( 'add', 'remove' );
82
-
83
- if( in_array($action, $allowed_actions) ){
84
- $roles = get_editable_roles();
85
- foreach($roles as $role_name=>$role_info){
86
- /* $role_info = Array( name => String, capabilities => Array ) */
87
- $role_object = get_role($role_name);
88
- if( $action='add' ){
89
- $role_object->add_cap('sucuriscan_cap_lastlogins');
90
- }elseif( $action=='remove' ){
91
- $role_object->remove_cap('sucuriscan_cap_lastlogins');
92
- }
93
- }
94
- }
95
- }
96
-
97
/* Starting Sucuri Scan side bar. */
98
function sucuriscan_menu()
99
{
@@ -111,7 +68,7 @@ function sucuriscan_menu()
111
add_submenu_page('sucuriscan', 'Post-Hack', 'Post-Hack', 'manage_options',
112
'sucuriscan_posthack', 'sucuriscan_posthack_page');
113
114
- add_submenu_page('sucuriscan', 'Last Logins', 'Last Logins', 'sucuriscan_cap_lastlogins',
115
'sucuriscan_lastlogins', 'sucuriscan_lastlogins_page');
116
}
117
@@ -120,54 +77,26 @@ function sucuriscan_menu()
120
function sucuri_scan_page()
121
{
122
$U_ERROR = NULL;
123
- if(!current_user_can('manage_options'))
124
- {
125
wp_die(__('You do not have sufficient permissions to access this page: Sucuri Malware Scanner') );
126
}
127
128
- if(isset($_POST['wpsucuri-doscan']))
129
- {
130
sucuriscan_print_scan();
131
return(1);
132
}
133
134
- /* Setting's header. */
135
- echo '<div class="wrap">';
136
- echo '<h2 id="warnings_hook"></h2>';
137
- echo '<div class="sucuriscan_header"><img src="'.SUCURI_URL.'/inc/images/logo.png">';
138
- sucuriscan_pagestop("SiteCheck Scanner");
139
- echo '</div>';
140
-
141
- echo '<div class="postbox-container" style="width:75%;">';
142
- echo '<div class="sucuriscan-maincontent">';
143
-
144
- echo '<div class="postbox">';
145
- echo '<div class="inside">';
146
- echo '<h2 align="center">Scan your site for malware using <a href="http://sitecheck.sucuri.net">Sucuri SiteCheck</a> right in your WordPress dashboard.</h2>';
147
- echo '</div>';
148
- echo '</div>';
149
- ?>
150
-
151
- <form action="" method="post">
152
- <input type="hidden" name="wpsucuri-doscan" value="wpsucuri-doscan" />
153
- <input class="button button-primary button-hero load-customize" type="submit" name="wpsucuri_doscanrun" value="Scan this site now!" />
154
- </form>
155
-
156
- <p><strong>If you have any questions about these checks or this plugin, contact us at <a href="mailto:info@sucuri.net">info@sucuri.net</a> or visit <a href="http://sucuri.net">sucuri.net</a></strong></p>
157
-
158
- </div><!-- End sucuriscan-maincontent -->
159
- </div><!-- End postbox-container -->
160
-
161
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
162
-
163
- </div><!-- End Wrap -->
164
-
165
- <?php
166
}
167
168
function sucuriscan_print_scan()
169
{
170
- $myresults = wp_remote_get("http://sitecheck.sucuri.net/scanner/?serialized&clear&fromwp&scan=".home_url(), array("timeout" => 180));
171
172
if(is_wp_error($myresults))
173
{
@@ -290,7 +219,7 @@ function sucuriscan_print_scan()
290
</div><!-- End sucuriscan-maincontent -->
291
</div><!-- End postbox-container -->
292
293
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
294
295
</div><!-- End Wrap -->
296
@@ -339,7 +268,7 @@ function sucuriscan_hardening_page()
339
</div><!-- End sucuriscan-maincontent -->
340
</div><!-- End postbox-container -->
341
342
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
343
344
</div><!-- End Wrap -->
345
@@ -374,7 +303,7 @@ function sucuriscan_core_integrity_page()
374
</div><!-- End sucuriscan-maincontent -->
375
</div><!-- End postbox-container -->
376
377
- <?php echo sucuriscan_get_template('sucuri-wp-sidebar.html.tpl') ?>
378
379
</div><!-- End Wrap -->
380
@@ -435,7 +364,7 @@ function sucuriscan_prettify_mail($subject='', $message='', $data_set=array())
435
$mail_variables[$var_key] = $var_value;
436
}
437
438
- return sucuriscan_get_template("sucuri-wp-notification.{$prettify_type}.tpl", $mail_variables);
439
}
440
441
function sucuriscan_get_template($template='', $template_variables=array()){
@@ -453,7 +382,7 @@ function sucuriscan_get_template($template='', $template_variables=array()){
453
454
function sucuriscan_wp_sidebar_gen()
455
{
456
- return sucuriscan_get_template('sucuri-wp-sidebar.html.tpl');
457
}
458
459
function sucuriscan_get_new_config_keys()
@@ -623,7 +552,7 @@ function sucuriscan_posthack_page()
623
// Fill the user list for ResetPassword action.
624
$user_list = get_users();
625
foreach($user_list as $user){
626
- $user_snippet = sucuriscan_get_template('sucuri-wp-resetpassword.snippet.tpl', array(
627
'ResetPassword.UserId'=>$user->ID,
628
'ResetPassword.Username'=>$user->user_login,
629
'ResetPassword.Displayname'=>$user->display_name,
@@ -632,7 +561,7 @@ function sucuriscan_posthack_page()
632
$template_variables['ResetPassword.UserList'] .= $user_snippet;
633
}
634
635
- echo sucuriscan_get_template('sucuri-wp-posthack.html.tpl', $template_variables);
636
}
637
638
function sucuriscan_get_remoteaddr()
@@ -659,7 +588,7 @@ function sucuriscan_get_remoteaddr()
659
660
function sucuriscan_lastlogins_page()
661
{
662
- if( !current_user_can('sucuriscan_cap_lastlogins') )
663
{
664
wp_die(__('You do not have sufficient permissions to access this page: Sucuri Last-Logins') );
665
}
@@ -671,45 +600,15 @@ function sucuriscan_lastlogins_page()
671
'SucuriWPSidebar'=>sucuriscan_wp_sidebar_gen(),
672
'UserList'=>'',
673
'CurrentURL'=>site_url().'/wp-admin/admin.php?page='.$_GET['page'],
674
- 'LastLoginsAlerts.EnableEveryone'=>'',
675
- 'LastLoginsAlerts.DisableEveryone'=>'',
676
- 'LastLoginsAlerts.JustAdmins'=>''
677
);
678
679
- $can_edit_settings = current_user_can('manage_options') ? TRUE : FALSE;
680
- $template_variables['LastLoginsSettings.Display'] = $can_edit_settings ? '' : 'hidden';
681
-
682
- if(
683
- isset($_POST['sucuri_lastlogins_nonce'])
684
- && wp_verify_nonce($_POST['sucuri_lastlogins_nonce'], 'sucuriscan_lastlogins_nonce')
685
- ){
686
- if( $can_edit_settings ){
687
- update_option('sucuri_lastlogins_alerts', $_POST['lastlogin_alerts']);
688
- sucuriscan_admin_notice('updated', '<strong>OK.</strong> New settings saved!');
689
- }else{
690
- sucuriscan_admin_notice('error', '<strong>Error.</strong> You do not have permissions to change these settings.');
691
- }
692
- }
693
-
694
- switch( get_option('sucuri_lastlogins_alerts') ){
695
- case 'disable_everyone':
696
- $template_variables['LastLoginsAlerts.DisableEveryone'] = 'checked="checked"';
697
- break;
698
- case 'just_admins':
699
- $template_variables['LastLoginsAlerts.JustAdmins'] = 'checked="checked"';
700
- break;
701
- case 'enable_everyone':
702
- default:
703
- $template_variables['LastLoginsAlerts.EnableEveryone'] = 'checked="checked"';
704
- break;
705
- }
706
-
707
- $limit = isset($_GET['limit']) ? intval($_GET['limit']) : SUCURI_LASTLOGINS_USERSLIMIT;
708
$template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
709
710
$user_list = sucuriscan_get_logins($limit);
711
foreach($user_list as $user){
712
- $user_snippet = sucuriscan_get_template('sucuri-wp-lastlogins.snippet.tpl', array(
713
'UserList.UserId'=>intval($user->ID),
714
'UserList.Username'=>( !is_null($user->user_login) ? $user->user_login : '<em>Unknown</em>' ),
715
'UserList.Email'=>$user->user_email,
@@ -719,90 +618,102 @@ function sucuriscan_lastlogins_page()
719
$template_variables['UserList'] .= $user_snippet;
720
}
721
722
- echo sucuriscan_get_template('sucuri-wp-lastlogins.html.tpl', $template_variables);
723
}
724
725
- if( !function_exists('sucuri_lastlogins_table_exists') ){
726
- function sucuriscan_lastlogins_table_exists()
727
- {
728
- global $wpdb;
729
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
730
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
731
- $upgrade_table = FALSE;
732
-
733
- if(
734
- $wpdb->get_var("SHOW TABLES LIKE '{$table_name}'")!=$table_name
735
- || get_option('sucuriscan_lastlogin_table_version')!=SUCURISCAN_LASTLOGINS_TABLEVERSION
736
- ){
737
- $upgrade_table = TRUE;
738
- }
739
740
- if( $upgrade_table ){
741
- $sql = 'CREATE TABLE `'.$table_name.'` (
742
- id int(11) NOT NULL AUTO_INCREMENT,
743
- user_id bigint(20) NOT NULL,
744
- user_login varchar(60),
745
- user_remoteaddr varchar(255),
746
- user_hostname varchar(255),
747
- user_lastlogin DATETIME DEFAULT "0000-00-00 00:00:00" NOT NULL,
748
- UNIQUE KEY id (id)
749
- )';
750
-
751
- require_once(ABSPATH.'wp-admin/includes/upgrade.php');
752
- if( !dbDelta($sql) ){
753
- sucuriscan_admin_notice('error', '<strong>Sucuri WP Plugin</strong>. Error upgrading Last-Logins table: '.$upgrade_process);
754
- }
755
- }
756
}
757
}
758
- add_action('plugins_loaded', 'sucuriscan_lastlogins_table_exists');
759
}
760
761
if( !function_exists('sucuri_set_lastlogin') ){
762
- function sucuriscan_set_lastlogin($user_login='')
763
- {
764
- global $wpdb;
765
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
766
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
767
$current_user = get_user_by('login', $user_login);
768
$remote_addr = sucuriscan_get_remoteaddr();
769
770
- $wpdb->insert($table_name, array(
771
'user_id'=>$current_user->ID,
772
'user_login'=>$current_user->user_login,
773
'user_remoteaddr'=>$remote_addr,
774
'user_hostname'=>@gethostbyaddr($remote_addr),
775
'user_lastlogin'=>current_time('mysql')
776
- ));
777
}
778
}
779
add_action('wp_login', 'sucuriscan_set_lastlogin', 50);
780
}
781
782
- function sucuriscan_get_logins($limit=10, $user_id=0)
783
- {
784
- global $wpdb;
785
- if( defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
786
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
787
788
- $sql = "SELECT * FROM {$table_name} LEFT JOIN {$wpdb->prefix}users ON {$table_name}.user_id = {$wpdb->prefix}users.ID";
789
- if( !current_user_can('manage_options') ){
790
- $current_user = wp_get_current_user();
791
- $sql .= chr(32)."WHERE {$wpdb->prefix}users.user_login = '{$current_user->user_login}'";
792
- }
793
- if( $user_id>0 ){
794
- $where_append = strpos('WHERE ', $sql)===FALSE ? 'WHERE' : 'AND';
795
- $sql .= chr(32)."{$where_append} {$table_name}.user_id = '{$user_id}'";
796
- }
797
- $sql .= chr(32)."ORDER BY {$table_name}.id DESC";
798
- if( preg_match('/^([0-9]+)#x2F;', $limit) && $limit>0 ){
799
- $sql .= chr(32)."LIMIT {$limit}";
800
- }
801
802
- return $wpdb->get_results($sql);
803
}
804
805
- return FALSE;
806
}
807
808
if( !function_exists('sucuri_login_redirect') ){
@@ -817,37 +728,19 @@ if( !function_exists('sucuri_login_redirect') ){
817
}
818
819
if( !function_exists('sucuri_get_user_lastlogin') ){
820
- function sucuriscan_get_user_lastlogin()
821
- {
822
- global $wpdb;
823
- if( isset($_GET['sucuriscan_lastlogin_message']) && defined('SUCURISCAN_LASTLOGINS_TABLENAME') ){
824
- switch( get_option('sucuri_lastlogins_alerts') ){
825
- case 'disable_everyone':
826
- $display_alert = FALSE;
827
- break;
828
- case 'just_admins':
829
- $display_alert = current_user_can('manage_options') ? TRUE : FALSE;
830
- break;
831
- case 'enable_everyone':
832
- default:
833
- $display_alert = TRUE;
834
- break;
835
- }
836
-
837
- if($display_alert){
838
- $table_name = SUCURISCAN_LASTLOGINS_TABLENAME;
839
- $current_user = wp_get_current_user();
840
841
- // Select the penultimate entry, not the last one.
842
- $sql = "SELECT * FROM {$table_name} WHERE user_id = '{$current_user->ID}' ORDER BY user_lastlogin DESC LIMIT 1,1";
843
- $row = $wpdb->get_row($sql);
844
845
- if($row){
846
- $message_tpl = 'The last time you logged in was: %s, from %s - %s';
847
- $lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
848
- $lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
849
- sucuriscan_admin_notice('updated', $lastlogin_message);
850
- }
851
}
852
}
853
}
7
You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
9
Author: Sucuri Security
10
+ Version: 1.4.7
11
Author URI: http://sucuri.net
12
*/
13
23
@ignore_user_abort(TRUE);
24
25
define('SUCURISCAN','sucuriscan');
26
+ define('SUCURISCAN_VERSION','1.4.7');
27
define( 'SUCURI_URL',plugin_dir_url( __FILE__ ));
28
define('SUCURISCAN_PLUGIN_FOLDER', 'sucuri-scanner');
29
define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 100);
30
31
/* Requires files. */
32
add_action( 'admin_enqueue_scripts', 'sucuriscan_admin_script_style_registration', 1 );
33
function sucuriscan_admin_script_style_registration() { ?>
51
return($wp_dir_array['basedir']."/sucuri/$path");
52
}
53
54
/* Starting Sucuri Scan side bar. */
55
function sucuriscan_menu()
56
{
68
add_submenu_page('sucuriscan', 'Post-Hack', 'Post-Hack', 'manage_options',
69
'sucuriscan_posthack', 'sucuriscan_posthack_page');
70
71
+ add_submenu_page('sucuriscan', 'Last Logins', 'Last Logins', 'manage_options',
72
'sucuriscan_lastlogins', 'sucuriscan_lastlogins_page');
73
}
74
77
function sucuri_scan_page()
78
{
79
$U_ERROR = NULL;
80
+ if( !current_user_can('manage_options') ){
81
wp_die(__('You do not have sufficient permissions to access this page: Sucuri Malware Scanner') );
82
}
83
84
+ $template_variables = array(
85
+ 'PluginURL'=>SUCURI_URL,
86
+ 'Sidebar'=>sucuriscan_get_template('sidebar.html.tpl')
87
+ );
88
+
89
+ if( isset($_POST['wpsucuri-doscan']) ){
90
sucuriscan_print_scan();
91
return(1);
92
}
93
94
+ echo sucuriscan_get_template('initial-page.html.tpl', $template_variables);
95
}
96
97
function sucuriscan_print_scan()
98
{
99
+ $myresults = wp_remote_get('http://sitecheck.sucuri.net/scanner/?serialized&clear&fromwp&scan='.home_url(), array('timeout' => 180));
100
101
if(is_wp_error($myresults))
102
{
219
</div><!-- End sucuriscan-maincontent -->
220
</div><!-- End postbox-container -->
221
222
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
223
224
</div><!-- End Wrap -->
225
268
</div><!-- End sucuriscan-maincontent -->
269
</div><!-- End postbox-container -->
270
271
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
272
273
</div><!-- End Wrap -->
274
303
</div><!-- End sucuriscan-maincontent -->
304
</div><!-- End postbox-container -->
305
306
+ <?php echo sucuriscan_get_template('sidebar.html.tpl') ?>
307
308
</div><!-- End Wrap -->
309
364
$mail_variables[$var_key] = $var_value;
365
}
366
367
+ return sucuriscan_get_template("notification.{$prettify_type}.tpl", $mail_variables);
368
}
369
370
function sucuriscan_get_template($template='', $template_variables=array()){
382
383
function sucuriscan_wp_sidebar_gen()
384
{
385
+ return sucuriscan_get_template('sidebar.html.tpl');
386
}
387
388
function sucuriscan_get_new_config_keys()
552
// Fill the user list for ResetPassword action.
553
$user_list = get_users();
554
foreach($user_list as $user){
555
+ $user_snippet = sucuriscan_get_template('resetpassword.snippet.tpl', array(
556
'ResetPassword.UserId'=>$user->ID,
557
'ResetPassword.Username'=>$user->user_login,
558
'ResetPassword.Displayname'=>$user->display_name,
561
$template_variables['ResetPassword.UserList'] .= $user_snippet;
562
}
563
564
+ echo sucuriscan_get_template('posthack.html.tpl', $template_variables);
565
}
566
567
function sucuriscan_get_remoteaddr()
588
589
function sucuriscan_lastlogins_page()
590
{
591
+ if( !current_user_can('manage_options') )
592
{
593
wp_die(__('You do not have sufficient permissions to access this page: Sucuri Last-Logins') );
594
}
600
'SucuriWPSidebar'=>sucuriscan_wp_sidebar_gen(),
601
'UserList'=>'',
602
'CurrentURL'=>site_url().'/wp-admin/admin.php?page='.$_GET['page'],
603
+ 'LastLogins.DatastoreWritable'=>sucuriscan_lastlogins_datastore_is_writable() ? 'hidden' : 'visible',
604
);
605
606
+ $limit = isset($_GET['limit']) ? intval($_GET['limit']) : SUCURISCAN_LASTLOGINS_USERSLIMIT;
607
$template_variables['UserList.ShowAll'] = $limit>0 ? 'visible' : 'hidden';
608
609
$user_list = sucuriscan_get_logins($limit);
610
foreach($user_list as $user){
611
+ $user_snippet = sucuriscan_get_template('lastlogins.snippet.tpl', array(
612
'UserList.UserId'=>intval($user->ID),
613
'UserList.Username'=>( !is_null($user->user_login) ? $user->user_login : '<em>Unknown</em>' ),
614
'UserList.Email'=>$user->user_email,
618
$template_variables['UserList'] .= $user_snippet;
619
}
620
621
+ echo sucuriscan_get_template('lastlogins.html.tpl', $template_variables);
622
}
623
624
+ function sucuriscan_lastlogins_datastore_exists(){
625
+ $plugin_upload_folder = sucuriscan_dir_filepath();
626
+ $datastore_filepath = rtrim($plugin_upload_folder,'/').'/sucuri-lastlogins.php';
627
628
+ if( !file_exists($datastore_filepath) ){
629
+ if( @file_put_contents($datastore_filepath, "<?php exit(0); ?>\n", LOCK_EX) ){
630
+ @chmod($datastore_filepath, 0644);
631
}
632
}
633
+
634
+ return file_exists($datastore_filepath) ? $datastore_filepath : FALSE;
635
+ }
636
+
637
+ function sucuriscan_lastlogins_datastore_is_writable(){
638
+ $datastore_filepath = sucuriscan_lastlogins_datastore_exists();
639
+ if($datastore_filepath){
640
+ if( !is_writable($datastore_filepath) ){
641
+ @chmod($datastore_filepath, 0644);
642
+ }
643
+ return is_writable($datastore_filepath) ? $datastore_filepath : FALSE;
644
+ }
645
+ return FALSE;
646
+ }
647
+
648
+ function sucuriscan_lastlogins_datastore_is_readable(){
649
+ $datastore_filepath = sucuriscan_lastlogins_datastore_exists();
650
+ if( $datastore_filepath && is_readable($datastore_filepath) ){
651
+ return $datastore_filepath;
652
+ }
653
+ return FALSE;
654
}
655
656
if( !function_exists('sucuri_set_lastlogin') ){
657
+ function sucuriscan_set_lastlogin($user_login=''){
658
+ $datastore_filepath = sucuriscan_lastlogins_datastore_is_writable();
659
+
660
+ if($datastore_filepath){
661
$current_user = get_user_by('login', $user_login);
662
$remote_addr = sucuriscan_get_remoteaddr();
663
664
+ $login_info = array(
665
'user_id'=>$current_user->ID,
666
'user_login'=>$current_user->user_login,
667
'user_remoteaddr'=>$remote_addr,
668
'user_hostname'=>@gethostbyaddr($remote_addr),
669
'user_lastlogin'=>current_time('mysql')
670
+ );
671
+
672
+ @file_put_contents($datastore_filepath, serialize($login_info)."\n", FILE_APPEND);
673
}
674
}
675
add_action('wp_login', 'sucuriscan_set_lastlogin', 50);
676
}
677
678
+ function sucuriscan_get_logins($limit=10, $user_id=0){
679
+ $lastlogins = array();
680
+ $datastore_filepath = sucuriscan_lastlogins_datastore_is_readable();
681
+
682
+ if($datastore_filepath){
683
+ $parsed_lines = 0;
684
+ $lastlogins_lines = array_reverse(file($datastore_filepath));
685
+ foreach($lastlogins_lines as $line){
686
+ $line = str_replace("\n", '', $line);
687
+ if( preg_match('/^a:/', $line) ){
688
+ $user_lastlogin = unserialize($line);
689
+
690
+ /* Only administrators can see all login stats */
691
+ if( !current_user_can('manage_options') ){
692
+ $current_user = wp_get_current_user();
693
+ if( $current_user->user_login!=$user_lastlogin['user_login'] ){ continue; }
694
+ }
695
696
+ /* If an User_Id was specified when this function was called, filter by that number */
697
+ if( $user_id>0 ){
698
+ if( $user_lastlogin['user_id']!=$user_id ){ continue; }
699
+ }
700
701
+ /* Get the WP_User object and add extra information from the last-login data */
702
+ $user_account = get_userdata($user_lastlogin['user_id']);
703
+ foreach($user_lastlogin as $user_extrainfo_key=>$user_extrainfo_value){
704
+ $user_account->data->{$user_extrainfo_key} = $user_extrainfo_value;
705
+ }
706
+ $lastlogins[] = $user_account;
707
+ $parsed_lines += 1;
708
+ }
709
+
710
+ if( preg_match('/^([0-9]+)#x2F;', $limit) && $limit>0 ){
711
+ if( $parsed_lines>=$limit ){ break; }
712
+ }
713
+ }
714
}
715
716
+ return $lastlogins;
717
}
718
719
if( !function_exists('sucuri_login_redirect') ){
728
}
729
730
if( !function_exists('sucuri_get_user_lastlogin') ){
731
+ function sucuriscan_get_user_lastlogin(){
732
+ if( isset($_GET['sucuriscan_lastlogin_message']) && current_user_can('manage_options') ){
733
+ $current_user = wp_get_current_user();
734
735
+ // Select the penultimate entry, not the last one.
736
+ $user_lastlogins = sucuriscan_get_logins(2, $current_user->ID);
737
+ $row = isset($user_lastlogins[1]) ? $user_lastlogins[1] : FALSE;
738
739
+ if($row){
740
+ $message_tpl = 'The last time you logged in was: %s, from %s - %s';
741
+ $lastlogin_message = sprintf( $message_tpl, date('Y/M/d'), $row->user_remoteaddr, $row->user_hostname );
742
+ $lastlogin_message .= chr(32).'(<a href="'.site_url('wp-admin/admin.php?page='.SUCURISCAN.'_lastlogins').'">View Last-Logins</a>)';
743
+ sucuriscan_admin_notice('updated', $lastlogin_message);
744
}
745
}
746
}