The WP Remote WordPress Plugin

Version Description

Integrating with BlogVault.

2.8.4.3 (11 January 2019)

Backport bug fix for theme updates from v3.0.a
Plugins will now be re-installed if they vanish and add in user_abort prevention.

2.8.4.2 (9 January 2019)

Backport WPEngine bug fix from v3.0.a

2.8.4.1 (3 December 2017)

Correct handling of up_to_date error

2.8.4 (3 December 2017)

Modify error message response in certain situations

2.8.3 (21 November 2017)

Add endpoint to validate plugin update
Improved error handling
Fix 'Clear Api' redirect

2.8.2 (25 October 2017)

Change settings page function name for compatibility
Allow the WP Remote API key to be updated from CLI

2.8.1 (10 October 2017)

Add link to clear API key from the plugin settings page.
Prevent WP Remote from clearing the API key on deactivation
Clear API key on uninstall

Download this release

Release Info

Developer	ritesh.soni36
Plugin	The WP Remote WordPress Plugin
Version	3.2
Comparing to
See all releases

Code changes from version 2.8.4.3 to 3.2

Files changed (83) hide show

.travis.yml +0 -27
CONTRIBUTING.md +0 -13
account.php +182 -0
admin/add_new_acc.php +28 -0
admin/header.php +21 -0
admin/main_page.php +38 -0
admin/top_box.php +5 -0
bin/install-wp-tests.sh +0 -32
callback/base.php +24 -0
callback/handler.php +114 -0
callback/request.php +179 -0
callback/response.php +36 -0
callback/streams.php +241 -0
callback/wings/account.php +58 -0
callback/wings/brand.php +54 -0
callback/wings/bv_upgrader_skin.php +67 -0
callback/wings/db.php +171 -0
callback/wings/dynsync.php +90 -0
callback/wings/fs.php +280 -0
callback/wings/fw.php +62 -0
callback/wings/info.php +318 -0
callback/wings/ipstore.php +115 -0
callback/wings/lp.php +74 -0
callback/wings/manage.php +532 -0
callback/wings/misc.php +89 -0
callback/wings/monit.php +92 -0
callback/wings/protect.php +72 -0
css/bvmui.min.css +1 -0
css/bvplugin.min.css +1 -0
img/as_seen_in.png +0 -0
img/bv.png +0 -0
img/bv_badge.png +0 -0
img/bv_for_free.jpg +0 -0
img/icon.png +0 -0
img/lock.png +0 -0
img/malcare-wordpress-security.png +0 -0
img/mclogo.png +0 -0
img/wprlogo.png +0 -0
info.php +85 -0
license.txt +385 -0
{cli → old_wpremote/cli}/wprp.cli.php +0 -0
{inc → old_wpremote/inc}/class-wprp-automatic-upgrader-skin.php +0 -0
{inc → old_wpremote/inc}/class-wprp-core-upgrader-skin.php +0 -0
{inc → old_wpremote/inc}/class-wprp-plugin-upgrader-skin.php +0 -0
{inc → old_wpremote/inc}/class-wprp-theme-upgrader-skin.php +0 -0
{languages → old_wpremote/languages}/index.php +0 -0
{languages → old_wpremote/languages}/wp-remote-wordpress-plugin.mo +0 -0
{languages → old_wpremote/languages}/wp-remote-wordpress-plugin.pot +0 -0
old_wpremote/plugin.php +283 -0
wprp.api.php → old_wpremote/wprp.api.php +0 -0
wprp.backups.php → old_wpremote/wprp.backups.php +0 -0
wprp.compatability.php → old_wpremote/wprp.compatability.php +0 -0
wprp.content.php → old_wpremote/wprp.content.php +0 -0
wprp.hm.backup.php → old_wpremote/wprp.hm.backup.php +0 -0
wprp.integration.php → old_wpremote/wprp.integration.php +0 -0
wprp.log.php → old_wpremote/wprp.log.php +0 -0
wprp.plugins.php → old_wpremote/wprp.plugins.php +0 -0
wprp.themes.php → old_wpremote/wprp.themes.php +0 -0
phpunit.xml +0 -14
plugin.php +111 -278
protect/ipstore.php +97 -0
protect/logger.php +24 -0
protect/protect.php +58 -0
protect/wp_fw/config.php +251 -0
protect/wp_fw/fw.php +597 -0
protect/wp_fw/request.php +324 -0
protect/wp_lp/config.php +82 -0
protect/wp_lp/lp.php +242 -0
readme.txt +17 -237
recover.php +47 -0
screenshot-1.png +0 -0
screenshot-2.png +0 -0
screenshot-3.png +0 -0
tests/bootstrap.php +0 -10
tests/pluginsTest.php +0 -11
wp_actions.php +53 -0
wp_admin.php +183 -0
wp_api.php +38 -0
wp_db.php +172 -0
wp_dynsync.php +572 -0
wp_settings.php +54 -0
wp_site_info.php +79 -0
wprp.admin.php +0 -116

.travis.yml DELETED Viewed

@@ -1,27 +0,0 @@
-            -
            language: php
-            -
-            -
            php:
-            -
                - 5.2
-            -
                - 5.3
-            -
                - 5.4
-            -
-            -
            env:
-            -
                - WP_VERSION=master WP_MULTISITE=0
-            -
                - WP_VERSION=master WP_MULTISITE=1
-            -
                - WP_VERSION=3.5.1 WP_MULTISITE=0
-            -
                - WP_VERSION=3.5.1 WP_MULTISITE=1
-            -
                - WP_VERSION=3.4 WP_MULTISITE=0
-            -
                - WP_VERSION=3.4 WP_MULTISITE=1
-            -
                - WP_VERSION=3.3 WP_MULTISITE=0
-            -
                - WP_VERSION=3.3 WP_MULTISITE=1
-            -
                - WP_VERSION=3.2 WP_MULTISITE=0
-            -
                - WP_VERSION=3.2 WP_MULTISITE=1
-            -
-            -
            notifications:
-            -
                secure: "gwybVEhn3tYVngWMegtYJ0dfSBjLa1+0LsD9LXypHtyMjkUBuoEu0NWkupkp4HA27Euq5Cryg01vhWhy7+8kUIFeSnkYDqcvIHduPvyYqSwaZFNEgINZ/2OiQOomg23C+/sYxqzmXeFiRChHvR26/9FfhLSDqvGPZ4/n/URRFgg="
-            -
-            -
            before_script:
-            -
                - export WP_TESTS_DIR=/tmp/wordpress-tests/
-            -
                - bash bin/install-wp-tests.sh wordpress_test root '' $WP_VERSION
-            -
-            -
            script: phpunit

CONTRIBUTING.md DELETED Viewed

@@ -1,13 +0,0 @@
-            -
            ## Contribution guidelines ##
-            -
-            -
            ## Workflow ##
-            -
-            -
            * Develop on a feature branch and send a pull request for review.
-            -
            * Assign the pull request to one of the following contacts:
-            -
                * Primary: Theo Savage [@tcrsavage](https://github.com/tcrsavage)
-            -
                * Secondary: Joe Hoyle [@joe_hoyle](https://github.com/joehoyle)
-            -
-            -
            ## Coding Standards ##
-            -
-            -
            Please follow these recommendations
-            -
            [http://codex.wordpress.org/WordPress_Coding_Standards](http://codex.wordpress.org/WordPress_Coding_Standards)

account.php ADDED Viewed

	@@ -0,0 +1,182 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRAccount')) :
5	+ class WPRAccount {
6	+ public $settings;
7	+ public $public;
8	+ public $secret;
9	+ public $sig_match;
10	+ public static $api_public_key = 'bvApiPublic';
11	+ public static $accounts_list = 'bvAccountsList';
12	+
13	+ public function __construct($settings, $public, $secret) {
14	+ $this->settings = $settings;
15	+ $this->public = $public;
16	+ $this->secret = $secret;
17	+ }
18	+
19	+ public static function find($settings, $public) {
20	+ $accounts = self::allAccounts($settings);
21	+ if (array_key_exists($public, $accounts) && isset($accounts[$public]['secret'])) {
22	+ $secret = $accounts[$public]['secret'];
23	+ }
24	+ if (empty($secret) \|\| (strlen($secret) < 32)) {
25	+ return null;
26	+ }
27	+ return new self($settings, $public, $secret);
28	+ }
29	+
30	+ public static function update($settings, $allAccounts) {
31	+ $settings->updateOption(self::$accounts_list, $allAccounts);
32	+ }
33	+
34	+ public static function randString($length) {
35	+ $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
36	+
37	+ $str = "";
38	+ $size = strlen($chars);
39	+ for( $i = 0; $i < $length; $i++ ) {
40	+ $str .= $chars[rand(0, $size - 1)];
41	+ }
42	+ return $str;
43	+ }
44	+
45	+ public static function apiPublicAccount($settings) {
46	+ $pubkey = $settings->getOption(self::$api_public_key);
47	+ return self::find($settings, $pubkey);
48	+ }
49	+
50	+ public static function updateApiPublicKey($settings, $pubkey) {
51	+ $settings->updateOption(self::$api_public_key, $pubkey);
52	+ }
53	+
54	+ public static function getApiPublicKey($settings) {
55	+ return $settings->getOption(self::$api_public_key);
56	+ }
57	+
58	+ public static function getPlugName($settings) {
59	+ $bvinfo = new WPRInfo($settings);
60	+ return $bvinfo->plugname;
61	+ }
62	+
63	+ public static function allAccounts($settings) {
64	+ $accounts = $settings->getOption(self::$accounts_list);
65	+ if (!is_array($accounts)) {
66	+ $accounts = array();
67	+ }
68	+ return $accounts;
69	+ }
70	+
71	+ public static function accountsByPlugname($settings) {
72	+ $accounts = self::allAccounts($settings);
73	+ $accountsByPlugname = array();
74	+ $plugname = self::getPlugName($settings);
75	+ foreach ($accounts as $pubkey => $value) {
76	+ if (array_key_exists($plugname, $value) && $value[$plugname] == 1) {
77	+ $accountsByPlugname[$pubkey] = $value;
78	+ }
79	+ }
80	+ return $accountsByPlugname;
81	+ }
82	+
83	+ public static function isConfigured($settings) {
84	+ $accounts = self::accountsByPlugname($settings);
85	+ return (sizeof($accounts) >= 1);
86	+ }
87	+
88	+ public static function setup($settings) {
89	+ $bvinfo = new WPRInfo($settings);
90	+ $settings->updateOption($bvinfo->plug_redirect, 'yes');
91	+ $settings->updateOption('bvActivateTime', time());
92	+ }
93	+
94	+ public function authenticatedUrl($method) {
95	+ $bvinfo = new WPRInfo($this->settings);
96	+ $qstr = http_build_query($this->newAuthParams($bvinfo->version));
97	+ return $bvinfo->appUrl().$method."?".$qstr;
98	+ }
99	+
100	+ public function newAuthParams($version) {
101	+ $args = array();
102	+ $time = time();
103	+ $sig = sha1($this->public.$this->secret.$time.$version);
104	+ $args['sig'] = $sig;
105	+ $args['bvTime'] = $time;
106	+ $args['bvPublic'] = $this->public;
107	+ $args['bvVersion'] = $version;
108	+ $args['sha1'] = '1';
109	+ return $args;
110	+ }
111	+
112	+ public static function addAccount($settings, $public, $secret) {
113	+ $accounts = self::allAccounts($settings);
114	+ if (!isset($public, $accounts)) {
115	+ $accounts[$public] = array();
116	+ }
117	+ $accounts[$public]['secret'] = $secret;
118	+ self::update($settings, $accounts);
119	+ }
120	+
121	+ public function respInfo() {
122	+ return array(
123	+ "public" => substr($this->public, 0, 6),
124	+ "sigmatch" => substr($this->sig_match, 0, 6)
125	+ );
126	+ }
127	+
128	+ public static function getSigMatch($request, $secret) {
129	+ $method = $request->method;
130	+ $time = $request->time;
131	+ $version = $request->version;
132	+ if ($request->is_sha1) {
133	+ $sig_match = sha1($method.$secret.$time.$version);
134	+ } else {
135	+ $sig_match = md5($method.$secret.$time.$version);
136	+ }
137	+ return $sig_match;
138	+ }
139	+
140	+ public function authenticate($request) {
141	+ $time = $request->time;
142	+ if ($time < intval($this->settings->getOption('bvLastRecvTime')) - 300) {
143	+ return false;
144	+ }
145	+ $this->sig_match = self::getSigMatch($request, $this->secret);
146	+ if ($this->sig_match !== $request->sig) {
147	+ return $sig_match;
148	+ }
149	+ $this->settings->updateOption('bvLastRecvTime', $time);
150	+ return 1;
151	+ }
152	+
153	+ public function updateInfo($info) {
154	+ $accounts = self::allAccounts($this->settings);
155	+ $plugname = self::getPlugName($this->settings);
156	+ $pubkey = $info['pubkey'];
157	+ if (!array_key_exists($pubkey, $accounts)) {
158	+ $accounts[$pubkey] = array();
159	+ }
160	+ $accounts[$pubkey]['lastbackuptime'] = time();
161	+ $accounts[$pubkey][$plugname] = true;
162	+ $accounts[$pubkey]['url'] = $info['url'];
163	+ $accounts[$pubkey]['email'] = $info['email'];
164	+ self::update($this->settings, $accounts);
165	+ }
166	+
167	+ public static function remove($settings, $pubkey) {
168	+ $accounts = self::allAccounts($settings);
169	+ if (array_key_exists($pubkey, $accounts)) {
170	+ unset($accounts[$pubkey]);
171	+ self::update($settings, $accounts);
172	+ return true;
173	+ }
174	+ return false;
175	+ }
176	+
177	+ public static function exists($settings, $pubkey) {
178	+ $accounts = self::allAccounts($settings);
179	+ return array_key_exists($pubkey, $accounts);
180	+ }
181	+ }
182	+ endif;

admin/add_new_acc.php ADDED Viewed

	@@ -0,0 +1,28 @@


1	+ <?php
2	+ $signupFormTitle = "Let's add your site for remote management";
3	+ $signupPurpose = array("Manage", "Others");
4	+ $signupButtonText = "Get started";
5	+ $signupButtonColor = "#25bea0";
6	+ ?>
7	+ <div id="content-wrapper" style="width: 99%">
8	+ <div class="mui-container-fluid" style="padding: 0px;">
9	+ <div style="padding-left: 0px; width: 80%; margin: 0 auto;">
10	+ <br>
11	+ <div class="bv-box" style="padding-top: 10px; padding-bottom: 10px; margin: 0 auto;">
12	+ <?php require_once dirname( __FILE__ ) . "/top_box.php";?>
13	+ </div>
14	+ <div class="mui-panel new-account-panel">
15	+ <form dummy=">" action="<?php echo $this->bvinfo->appUrl(); ?>/plugin/bvstart" style="padding-top:10px; margin: 0px;" onsubmit="document.getElementById('get-started').disabled = true;" method="post" name="signup">
16	+ <div style="width: 800px; margin: 0 auto; padding: 10px;">
17	+ <div class="mui--text-title form-title"><?php echo $signupFormTitle; ?></div>
18	+ <input type='hidden' name='bvsrc' value='wpplugin' />
19	+ <?php echo $this->siteInfoTags(); ?>
20	+ <input type="text" class="bv-input" id="email" name="email" style="width:430px;" placeholder="Enter your email" required>
21	+ <button id="get-started" class="mui-btn mui-btn--raised mui-btn--primaryi get-started-button" type="submit" style="background: <?php echo $signupButtonColor; ?>;"><?php echo $signupButtonText; ?></button><br/>
22	+ <input type="checkbox" name="consent" value="1" required/>I agree to WPRemote <a href="https://wpremote.com/tos/" target="_blank" rel="noopener noreferrer">Terms of Service</a> and <a href="https://wpremote.com/privacy/" target="_blank" rel="noopener noreferrer">Privacy Policy</a>
23	+ </div>
24	+ </form>
25	+ <br/>
26	+ </div>
27	+ </div>
28	+ </div>

admin/header.php ADDED Viewed

	@@ -0,0 +1,21 @@


1	+ <?php
2	+ $pluginSlug = "wpremote";
3	+ $headerLogoLink = $this->getWebPage() . "/?utm_source=mc_plugin_lp_logo&utm_medium=logo_link&utm_campaign=mc_plugin_lp_header&utm_term=header_logo&utm_content=image_link";
4	+ ?>
5	+ <div id="content-wrapper" style="width: 99%;">
6	+ <!-- Content HTML goes here -->
7	+ <div class="mui-container-fluid">
8	+ <div class="mui--appbar-height"></div>
9	+ <br><br>
10	+ <div class="mui-row">
11	+
12	+ <div style="background: linear-gradient(to right, #2c3e50, #586f87); overflow: hidden;">
13	+ <a href="<?php echo $headerLogoLink; ?>"><img src="<?php echo plugins_url($this->getPluginLogo(), __FILE__); ?>" style="width:13%; padding: 10px;"></a>
14	+ <div class="top-links">
15	+ <span class="bv-top-button"><a href="https://wordpress.org/support/plugin/<?php echo $pluginSlug; ?>/reviews/#new-post">Leave a Review</a></span>
16	+ <span class="bv-top-button"><a href="https://wordpress.org/support/plugin/<?php echo $pluginSlug; ?>/">Need Help?</a></span>
17	+ </div>
18	+ </div>
19	+ </div>
20	+ </div>
21	+ </div>

admin/main_page.php ADDED Viewed

	@@ -0,0 +1,38 @@


1	+ <div id="content-wrapper">
2	+ <div class="bv-box" style= "width: 800px; margin: 20px auto; overflow: hidden; padding: 15px;">
3	+ <?php require_once dirname( __FILE__ ) . "/top_box.php";?>
4	+ </div>
5	+ <div class="mui-container-fluid">
6	+ <?php $accounts = WPRAccount::allAccounts($this->settings);?>
7	+ <div class="mui-panel" style="width:800px; margin:0 auto;border:1px solid #CCC;">
8	+ <div class="mui--text-body1" style="text-align:center;font-size:18px;">Accounts associated with this website.</div><br/>
9	+ <table cellpadding="10" style="width:700px; margin:0 auto;border:1px solid black;">
10	+ <tr style="text-align:center;font-size:15px;border: 1px solid black;"> <th> Account Email</th><th>Last Synced At</th><th></th></tr>
11	+ <?php
12	+ $nonce = wp_create_nonce( 'bvnonce' );
13	+ foreach($accounts as $key => $value){
14	+ ?>
15	+ <form dummy=">" action="" style="padding:0 2% 2em 1%;" method="post">
16	+ <input type='hidden' name='bvnonce' value="<?php echo $nonce ?>" />
17	+ <input type='hidden' name='pubkey' value="<?php echo $key ?>" />
18	+ <tr style="text-align:center;font-size:15px;border: 1px solid black;">
19	+ <td >
20	+ <?php echo $value['email'] ?>
21	+ </td>
22	+ <td>
23	+ <?php echo date('Y-m-d H:i:s', $value['lastbackuptime']); ?>
24	+ </td>
25	+ <td >
26	+ <input type='submit' class="button-primary" value='Disconnect' name='disconnect'>
27	+ </td>
28	+ </tr>
29	+ </form>
30	+ <?php } ?>
31	+ </table>
32	+ <div class="mui-col-md-12 mui-col-md-offset-3" style="padding-top:2%;">
33	+ <a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->bvinfo->appUrl(); ?> target="_blank">Visit Dashboard</a>
34	+ <a class="mui-btn mui-btn--raised mui-btn--primary" href=<?php echo $this->mainUrl('&add_account=true'); ?> >Connect New Account</a>
35	+ </div>
36	+ </div>
37	+ </div>
38	+ </div>

admin/top_box.php ADDED Viewed

	@@ -0,0 +1,5 @@


1	+ <?php
2	+ $mainTitle = "Now you can manage this site from your WP Remote Dashboard";
3	+ ?>
4	+ <div style = "text-align: center; font-size: x-large; font-weight:400; margin-top:2%"><?php echo $mainTitle; ?></div>
5	+ <br/><br/>

bin/install-wp-tests.sh DELETED Viewed

@@ -1,32 +0,0 @@
-            -
            #!/usr/bin/env bash
-            -
-            -
            if [ $# -lt 3 ]; then
-            -
            	echo "usage: $0 <db-name> <db-user> <db-pass> [wp-version]"
-            -
            	exit 1
-            -
            fi
-            -
-            -
            DB_NAME=$1
-            -
            DB_USER=$2
-            -
            DB_PASS=$3
-            -
            WP_VERSION=${4-master}
-            -
-            -
            set -ex
-            -
-            -
            # set up a WP install
-            -
            WP_CORE_DIR=/tmp/wordpress/
-            -
            mkdir -p $WP_CORE_DIR
-            -
            wget -nv -O /tmp/wordpress.tar.gz https://github.com/WordPress/WordPress/tarball/$WP_VERSION
-            -
            tar --strip-components=1 -zxmf /tmp/wordpress.tar.gz -C $WP_CORE_DIR
-            -
-            -
            # set up testing suite
-            -
            svn co --ignore-externals --quiet http://unit-tests.svn.wordpress.org/trunk/ $WP_TESTS_DIR
-            -
-            -
            cd $WP_TESTS_DIR
-            -
            cp wp-tests-config-sample.php wp-tests-config.php
-            -
            sed -i "s:dirname( __FILE__ ) . '/wordpress/':'$WP_CORE_DIR':" wp-tests-config.php
-            -
            sed -i "s/yourdbnamehere/$DB_NAME/" wp-tests-config.php
-            -
            sed -i "s/yourusernamehere/$DB_USER/" wp-tests-config.php
-            -
            sed -i "s/yourpasswordhere/$DB_PASS/" wp-tests-config.php
-            -
-            -
            # create database
-            -
            mysqladmin create $DB_NAME --user="$DB_USER" --password="$DB_PASS"

callback/base.php ADDED Viewed

	@@ -0,0 +1,24 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVCallbackBase')) :
5	+
6	+ class BVCallbackBase {
7	+ public function objectToArray($obj) {
8	+ return json_decode(json_encode($obj), true);
9	+ }
10	+
11	+ public function base64Encode($data, $chunk_size) {
12	+ if ($chunk_size) {
13	+ $out = "";
14	+ $len = strlen($data);
15	+ for ($i = 0; $i < $len; $i += $chunk_size) {
16	+ $out .= base64_encode(substr($data, $i, $chunk_size));
17	+ }
18	+ } else {
19	+ $out = base64_encode($data);
20	+ }
21	+ return $out;
22	+ }
23	+ }
24	+ endif;

callback/handler.php ADDED Viewed

	@@ -0,0 +1,114 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVCallbackHandler')) :
5	+
6	+ class BVCallbackHandler {
7	+ public $db;
8	+ public $settings;
9	+ public $siteinfo;
10	+ public $request;
11	+ public $account;
12	+ public $response;
13	+
14	+ public function __construct($db, $settings, $siteinfo, $request, $account, $response) {
15	+ $this->db = $db;
16	+ $this->settings = $settings;
17	+ $this->siteinfo = $siteinfo;
18	+ $this->request = $request;
19	+ $this->account = $account;
20	+ $this->response = $response;
21	+ }
22	+
23	+ public function bvAdmExecuteWithoutUser() {
24	+ $this->execute(array("bvadmwithoutuser" => true));
25	+ }
26	+
27	+ public function bvAdmExecuteWithUser() {
28	+ $this->execute(array("bvadmwithuser" => true));
29	+ }
30	+
31	+ public function execute($resp = array()) {
32	+ $this->routeRequest();
33	+ $bvinfo = new WPRInfo($this->settings);
34	+ $resp = array(
35	+ "request_info" => $this->request->respInfo(),
36	+ "site_info" => $this->siteinfo->respInfo(),
37	+ "account_info" => $this->account->respInfo(),
38	+ "bvinfo" => $bvinfo->respInfo(),
39	+ "api_pubkey" => substr(WPRAccount::getApiPublicKey($this->settings), 0, 8)
40	+ );
41	+ $this->response->terminate($resp);
42	+ }
43	+
44	+ public function routeRequest() {
45	+ switch ($this->request->wing) {
46	+ case 'manage':
47	+ require_once dirname( __FILE__ ) . '/wings/manage.php';
48	+ $module = new BVManageCallback($this);
49	+ break;
50	+ case 'fs':
51	+ require_once dirname( __FILE__ ) . '/wings/fs.php';
52	+ $module = new BVFSCallback($this);
53	+ break;
54	+ case 'db':
55	+ require_once dirname( __FILE__ ) . '/wings/db.php';
56	+ $module = new BVDBCallback($this);
57	+ break;
58	+ case 'info':
59	+ require_once dirname( __FILE__ ) . '/wings/info.php';
60	+ $module = new BVInfoCallback($this);
61	+ break;
62	+ case 'dynsync':
63	+ require_once dirname( __FILE__ ) . '/wings/dynsync.php';
64	+ $module = new BVDynSyncCallback($this);
65	+ break;
66	+ case 'ipstr':
67	+ require_once dirname( __FILE__ ) . '/wings/ipstore.php';
68	+ $module = new BVIPStoreCallback($this);
69	+ break;
70	+ case 'fw':
71	+ require_once dirname( __FILE__ ) . '/wings/fw.php';
72	+ $module = new BVFirewallCallback($this);
73	+ break;
74	+ case 'lp':
75	+ require_once dirname( __FILE__ ) . '/wings/lp.php';
76	+ $module = new BVLoginProtectCallback($this);
77	+ break;
78	+ case 'monit':
79	+ require_once dirname( __FILE__ ) . '/wings/monit.php';
80	+ $module = new BVMonitCallback($this);
81	+ break;
82	+ case 'brand':
83	+ require_once dirname( __FILE__ ) . '/wings/brand.php';
84	+ $module = new BVBrandCallback($this);
85	+ break;
86	+ case 'pt':
87	+ require_once dirname( __FILE__ ) . '/wings/protect.php';
88	+ $module = new BVProtectCallback($this);
89	+ break;
90	+ case 'act':
91	+ require_once dirname( __FILE__ ) . '/wings/account.php';
92	+ $module = new BVAccountCallback($this);
93	+ break;
94	+ default:
95	+ require_once dirname( __FILE__ ) . '/wings/misc.php';
96	+ $module = new BVMiscCallback($this);
97	+ break;
98	+ }
99	+ $resp = $module->process($this->request);
100	+ if ($resp === false) {
101	+ $resp = array(
102	+ "statusmsg" => "Bad Command",
103	+ "status" => false);
104	+ }
105	+ $resp = array(
106	+ $this->request->wing => array(
107	+ $this->request->method => $resp
108	+ )
109	+ );
110	+ $this->response->addStatus("callbackresponse", $resp);
111	+ return 1;
112	+ }
113	+ }
114	+ endif;

callback/request.php ADDED Viewed

	@@ -0,0 +1,179 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVCallbackRequest')) :
5	+ class BVCallbackRequest {
6	+ public $params;
7	+ public $method;
8	+ public $wing;
9	+ public $is_afterload;
10	+ public $is_admin_ajax;
11	+ public $is_debug;
12	+ public $account;
13	+ public $calculated_mac;
14	+ public $sig;
15	+ public $time;
16	+ public $version;
17	+ public $is_sha1;
18	+ public $bvb64stream;
19	+ public $bvb64cksize;
20	+ public $checksum;
21	+
22	+ public function __construct($account, $in_params) {
23	+ $this->params = array();
24	+ $this->account = $account;
25	+ $this->wing = $in_params['wing'];
26	+ $this->method = $in_params['bvMethod'];
27	+ $this->is_afterload = array_key_exists('afterload', $in_params);
28	+ $this->is_admin_ajax = array_key_exists('adajx', $in_params);
29	+ $this->is_debug = array_key_exists('bvdbg', $in_params);
30	+ $this->sig = $in_params['sig'];
31	+ $this->time = intval($in_params['bvTime']);
32	+ $this->version = $in_params['bvVersion'];
33	+ $this->is_sha1 = array_key_exists('sha1', $in_params);
34	+ $this->bvb64stream = isset($in_params['bvb64stream']);
35	+ $this->bvb64cksize = array_key_exists('bvb64cksize', $in_params) ? intval($in_params['bvb64cksize']) : false;
36	+ $this->checksum = array_key_exists('checksum', $in_params) ? $in_params['checksum'] : false;
37	+ }
38	+
39	+ public function isAPICall() {
40	+ return array_key_exists('apicall', $this->params);
41	+ }
42	+
43	+ public function respInfo() {
44	+ $info = array(
45	+ "requestedsig" => $this->sig,
46	+ "requestedtime" => $this->time,
47	+ "requestedversion" => $this->version
48	+ );
49	+ if ($this->is_debug) {
50	+ $info["inreq"] = $this->params;
51	+ }
52	+ if ($this->is_admin_ajax) {
53	+ $info["adajx"] = true;
54	+ }
55	+ if ($this->is_afterload) {
56	+ $info["afterload"] = true;
57	+ }
58	+ if ($this->calculated_mac) {
59	+ $info["calculated_mac"] = $this->calculated_mac;
60	+ }
61	+ return $info;
62	+ }
63	+
64	+ public function processParams($in_params) {
65	+ $params = array();
66	+
67	+ if (array_key_exists('obend', $in_params) && function_exists('ob_end_clean'))
68	+ @ob_end_clean();
69	+
70	+ if (array_key_exists('op_reset', $in_params) && function_exists('output_reset_rewrite_vars'))
71	+ @output_reset_rewrite_vars();
72	+
73	+ if (array_key_exists('binhead', $in_params)) {
74	+ header("Content-type: application/binary");
75	+ header('Content-Transfer-Encoding: binary');
76	+ }
77	+
78	+ if (array_key_exists('concat', $in_params)) {
79	+ foreach ($in_params['concat'] as $key) {
80	+ $concated = '';
81	+ $count = intval($in_params[$key]);
82	+ for ($i = 1; $i <= $count; $i++) {
83	+ $concated .= $in_params[$key."_bv_".$i];
84	+ }
85	+ $in_params[$key] = $concated;
86	+ }
87	+ }
88	+
89	+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms']) &&
90	+ array_key_exists('bvprmsmac', $in_params) && isset($in_params['bvprmsmac'])) {
91	+ $digest_algo = 'SHA1';
92	+ $sent_mac = $in_params['bvprmsmac'];
93	+
94	+ if (array_key_exists('bvprmshshalgo', $in_params) && isset($in_params['bvprmshshalgo'])) {
95	+ $digest_algo = $in_params['bvprmshshalgo'];
96	+ }
97	+
98	+ $calculated_mac = hash_hmac($digest_algo, $in_params['bvprms'], $this->account->secret);
99	+ $this->calculated_mac = substr($calculated_mac, 0, 6);
100	+
101	+ if ($this->compare_mac($sent_mac, $calculated_mac) === true) {
102	+
103	+ if (array_key_exists('b64', $in_params)) {
104	+ foreach ($in_params['b64'] as $key) {
105	+ if (is_array($in_params[$key])) {
106	+ $in_params[$key] = array_map('base64_decode', $in_params[$key]);
107	+ } else {
108	+ $in_params[$key] = base64_decode($in_params[$key]);
109	+ }
110	+ }
111	+ }
112	+
113	+ if (array_key_exists('unser', $in_params)) {
114	+ foreach ($in_params['unser'] as $key) {
115	+ $in_params[$key] = json_decode($in_params[$key], TRUE);
116	+ }
117	+ }
118	+
119	+ if (array_key_exists('sersafe', $in_params)) {
120	+ $key = $in_params['sersafe'];
121	+ $in_params[$key] = BVCallbackRequest::serialization_safe_decode($in_params[$key]);
122	+ }
123	+
124	+ if (array_key_exists('bvprms', $in_params) && isset($in_params['bvprms'])) {
125	+ $params = $in_params['bvprms'];
126	+ }
127	+
128	+ if (array_key_exists('clacts', $in_params)) {
129	+ foreach ($in_params['clacts'] as $action) {
130	+ remove_all_actions($action);
131	+ }
132	+ }
133	+
134	+ if (array_key_exists('clallacts', $in_params)) {
135	+ global $wp_filter;
136	+ foreach ( $wp_filter as $filter => $val ){
137	+ remove_all_actions($filter);
138	+ }
139	+ }
140	+
141	+ if (array_key_exists('memset', $in_params)) {
142	+ $val = intval(urldecode($in_params['memset']));
143	+ @ini_set('memory_limit', $val.'M');
144	+ }
145	+
146	+ return $params;
147	+ }
148	+ }
149	+
150	+ return false;
151	+ }
152	+
153	+ private function compare_mac($l_hash, $r_hash) {
154	+ if (!is_string($l_hash) \|\| !is_string($r_hash)) {
155	+ return false;
156	+ }
157	+
158	+ if (strlen($l_hash) !== strlen($r_hash)) {
159	+ return false;
160	+ }
161	+
162	+ if (function_exists('hash_equals')) {
163	+ return hash_equals($l_hash, $r_hash);
164	+ } else {
165	+ return $l_hash === $r_hash;
166	+ }
167	+ }
168	+
169	+ public static function serialization_safe_decode($data) {
170	+ if (is_array($data)) {
171	+ $data = array_map(array('BVCallbackRequest', 'serialization_safe_decode'), $data);
172	+ } elseif (is_string($data)) {
173	+ $data = base64_decode($data);
174	+ }
175	+
176	+ return $data;
177	+ }
178	+ }
179	+ endif;

callback/response.php ADDED Viewed

	@@ -0,0 +1,36 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVCallbackResponse')) :
5	+
6	+ class BVCallbackResponse extends BVCallbackBase {
7	+ public $status;
8	+ public $bvb64cksize;
9	+
10	+ public function __construct($bvb64cksize) {
11	+ $this->status = array("blogvault" => "response");
12	+ $this->bvb64cksize = $bvb64cksize;
13	+ }
14	+
15	+ public function addStatus($key, $value) {
16	+ $this->status[$key] = $value;
17	+ }
18	+
19	+ public function addArrayToStatus($key, $value) {
20	+ if (!isset($this->status[$key])) {
21	+ $this->status[$key] = array();
22	+ }
23	+ $this->status[$key][] = $value;
24	+ }
25	+
26	+ public function terminate($resp = array()) {
27	+ $resp = array_merge($this->status, $resp);
28	+ $resp["signature"] = "Blogvault API";
29	+ $response = "bvbvbvbvbv".serialize($resp)."bvbvbvbvbv";
30	+ $response = "bvb64bvb64".$this->base64Encode($response, $this->bvb64cksize)."bvb64bvb64";
31	+ die($response);
32	+
33	+ exit;
34	+ }
35	+ }
36	+ endif;

callback/streams.php ADDED Viewed

	@@ -0,0 +1,241 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVRespStream')) :
5	+
6	+ class BVStream extends BVCallbackBase {
7	+ public $bvb64stream;
8	+ public $bvb64cksize;
9	+ public $checksum;
10	+
11	+ function __construct($request) {
12	+ $this->bvb64stream = $request->bvb64stream;
13	+ $this->bvb64cksize = $request->bvb64cksize;
14	+ $this->checksum = $request->checksum;
15	+ }
16	+
17	+ public function writeChunk($chunk) {
18	+ }
19	+
20	+ public static function startStream($account, $request) {
21	+ $result = array();
22	+ $params = $request->params;
23	+ $stream = new BVRespStream($request);
24	+ if ($request->isAPICall()) {
25	+ $stream = new BVHttpStream($request);
26	+ if (!$stream->connect()) {
27	+ $apicallstatus = array(
28	+ "httperror" => "Cannot Open Connection to Host",
29	+ "streamerrno" => $stream->errno,
30	+ "streamerrstr" => $stream->errstr
31	+ );
32	+ return array("apicallstatus" => $apicallstatus);
33	+ }
34	+ if (array_key_exists('acbmthd', $params)) {
35	+ $qstr = http_build_query(array('bvapicheck' => $params['bvapicheck']));
36	+ $url = '/bvapi/'.$params['acbmthd']."?".$qstr;
37	+ if (array_key_exists('acbqry', $params)) {
38	+ $url .= "&".$params['acbqry'];
39	+ }
40	+ $stream->multipartChunkedPost($url);
41	+ } else {
42	+ return array("apicallstatus" => array("httperror" => "ApiCall method not present"));
43	+ }
44	+ }
45	+ return array('stream' => $stream);
46	+ }
47	+
48	+ public function writeStream($_string) {
49	+ if (strlen($_string) > 0) {
50	+ $chunk = "";
51	+ if ($this->bvb64stream) {
52	+ $chunk_size = $this->bvb64cksize;
53	+ $_string = $this->base64Encode($_string, $chunk_size);
54	+ $chunk .= "BVB64" . ":";
55	+ }
56	+ $chunk .= (strlen($_string) . ":" . $_string);
57	+ if ($this->checksum == 'crc32') {
58	+ $chunk = "CRC32" . ":" . crc32($_string) . ":" . $chunk;
59	+ } else if ($this->checksum == 'md5') {
60	+ $chunk = "MD5" . ":" . md5($_string) . ":" . $chunk;
61	+ }
62	+ $this->writeChunk($chunk);
63	+ }
64	+ }
65	+ }
66	+
67	+ class BVRespStream extends BVStream {
68	+ function __construct($request) {
69	+ parent::__construct($request);
70	+ }
71	+
72	+ public function writeChunk($_string) {
73	+ echo "ckckckckck".$_string."ckckckckck";
74	+ }
75	+
76	+ public function endStream() {
77	+ echo "rerererere";
78	+
79	+ return array();
80	+ }
81	+ }
82	+
83	+ class BVHttpStream extends BVStream {
84	+ var $user_agent = 'BVHttpStream';
85	+ var $host;
86	+ var $port;
87	+ var $timeout = 20;
88	+ var $conn;
89	+ var $errno;
90	+ var $errstr;
91	+ var $boundary;
92	+ var $apissl;
93	+
94	+ function __construct($request) {
95	+ parent::__construct($request);
96	+ $this->host = $request->params['apihost'];
97	+ $this->port = intval($request->params['apiport']);
98	+ $this->apissl = array_key_exists('apissl', $request->params);
99	+ }
100	+
101	+ public function connect() {
102	+ if ($this->apissl && function_exists('stream_socket_client')) {
103	+ $this->conn = stream_socket_client("ssl://".$this->host.":".$this->port, $errno, $errstr, $this->timeout);
104	+ } else {
105	+ $this->conn = @fsockopen($this->host, $this->port, $errno, $errstr, $this->timeout);
106	+ }
107	+ if (!$this->conn) {
108	+ $this->errno = $errno;
109	+ $this->errstr = $errstr;
110	+ return false;
111	+ }
112	+ socket_set_timeout($this->conn, $this->timeout);
113	+ return true;
114	+ }
115	+
116	+ public function write($data) {
117	+ fwrite($this->conn, $data);
118	+ }
119	+
120	+ public function sendChunk($data) {
121	+ $this->write(sprintf("%x\r\n", strlen($data)));
122	+ $this->write($data);
123	+ $this->write("\r\n");
124	+ }
125	+
126	+ public function sendRequest($method, $url, $headers = array(), $body = null) {
127	+ $def_hdrs = array("Connection" => "keep-alive",
128	+ "Host" => $this->host);
129	+ $headers = array_merge($def_hdrs, $headers);
130	+ $request = strtoupper($method)." ".$url." HTTP/1.1\r\n";
131	+ if (null != $body) {
132	+ $headers["Content-length"] = strlen($body);
133	+ }
134	+ foreach($headers as $key=>$val) {
135	+ $request .= $key.":".$val."\r\n";
136	+ }
137	+ $request .= "\r\n";
138	+ if (null != $body) {
139	+ $request .= $body;
140	+ }
141	+ $this->write($request);
142	+ return $request;
143	+ }
144	+
145	+ public function post($url, $headers = array(), $body = "") {
146	+ if(is_array($body)) {
147	+ $b = "";
148	+ foreach($body as $key=>$val) {
149	+ $b .= $key."=".urlencode($val)."&";
150	+ }
151	+ $body = substr($b, 0, strlen($b) - 1);
152	+ }
153	+ $this->sendRequest("POST", $url, $headers, $body);
154	+ }
155	+
156	+ public function streamedPost($url, $headers = array()) {
157	+ $headers['Transfer-Encoding'] = "chunked";
158	+ $this->sendRequest("POST", $url, $headers);
159	+ }
160	+
161	+ public function multipartChunkedPost($url) {
162	+ $mph = array(
163	+ "Content-Disposition" => "form-data; name=bvinfile; filename=data",
164	+ "Content-Type" => "application/octet-stream"
165	+ );
166	+ $rnd = rand(100000, 999999);
167	+ $this->boundary = "----".$rnd;
168	+ $prologue = "--".$this->boundary."\r\n";
169	+ foreach($mph as $key=>$val) {
170	+ $prologue .= $key.":".$val."\r\n";
171	+ }
172	+ $prologue .= "\r\n";
173	+ $headers = array('Content-Type' => "multipart/form-data; boundary=".$this->boundary);
174	+ $this->streamedPost($url, $headers);
175	+ $this->sendChunk($prologue);
176	+ }
177	+
178	+ public function writeChunk($data) {
179	+ $this->sendChunk($data);
180	+ }
181	+
182	+ public function closeChunk() {
183	+ $this->sendChunk("");
184	+ }
185	+
186	+ public function endStream() {
187	+ $epilogue = "\r\n\r\n--".$this->boundary."--\r\n";
188	+ $this->sendChunk($epilogue);
189	+ $this->closeChunk();
190	+
191	+ $result = array();
192	+ $resp = $this->getResponse();
193	+ if (array_key_exists('httperror', $resp)) {
194	+ $result["httperror"] = $resp['httperror'];
195	+ } else {
196	+ $result["respstatus"] = $resp['status'];
197	+ $result["respstatus_string"] = $resp['status_string'];
198	+ }
199	+ return array("apicallstatus" => $result);
200	+ }
201	+
202	+ public function getResponse() {
203	+ $response = array();
204	+ $response['headers'] = array();
205	+ $state = 1;
206	+ $conlen = 0;
207	+ stream_set_timeout($this->conn, 300);
208	+ while (!feof($this->conn)) {
209	+ $line = fgets($this->conn, 4096);
210	+ if (1 == $state) {
211	+ if (!preg_match('/HTTP\/(\\d\\.\\d)\\s(\\d+)\\s(.*)/', $line, $m)) {
212	+ $response['httperror'] = "Status code line invalid: ".htmlentities($line);
213	+ return $response;
214	+ }
215	+ $response['http_version'] = $m[1];
216	+ $response['status'] = $m[2];
217	+ $response['status_string'] = $m[3];
218	+ $state = 2;
219	+ } else if (2 == $state) {
220	+ # End of headers
221	+ if (2 == strlen($line)) {
222	+ if ($conlen > 0)
223	+ $response['body'] = fread($this->conn, $conlen);
224	+ return $response;
225	+ }
226	+ if (!preg_match('/([^:]+):\\s(.)/', $line, $m)) {
227	+ // Skip to the next header
228	+ continue;
229	+ }
230	+ $key = strtolower(trim($m[1]));
231	+ $val = trim($m[2]);
232	+ $response['headers'][$key] = $val;
233	+ if ($key == "content-length") {
234	+ $conlen = intval($val);
235	+ }
236	+ }
237	+ }
238	+ return $response;
239	+ }
240	+ }
241	+ endif;

callback/wings/account.php ADDED Viewed

	@@ -0,0 +1,58 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVAccountCallback')) :
5	+ class BVAccountCallback extends BVCallbackBase {
6	+ public $account;
7	+ public $settings;
8	+
9	+ public function __construct($callback_handler) {
10	+ $this->account = $callback_handler->account;
11	+ $this->settings = $callback_handler->settings;
12	+ }
13	+
14	+ function process($request) {
15	+ $params = $request->params;
16	+ $account = $this->account;
17	+ $settings = $this->settings;
18	+ switch ($request->method) {
19	+ case "addacc":
20	+ WPRAccount::addAccount($this->settings, $params['public'], $params['secret']);
21	+ $resp = array("status" => WPRAccount::exists($this->settings, $params['public']));
22	+ break;
23	+ case "rmacc":
24	+ $resp = array("status" => $account->remove($params['public']));
25	+ break;
26	+ case "updt":
27	+ $info = array();
28	+ $info['email'] = $params['email'];
29	+ $info['url'] = $params['url'];
30	+ $info['pubkey'] = $params['pubkey'];
31	+ $account->updateInfo($info);
32	+ $resp = array("status" => WPRAccount::exists($this->settings, $params['pubkey']));
33	+ break;
34	+ case "updtapikey":
35	+ $resp = array("status" => WPRAccount::updateApiPublicKey($this->settings, $params['pubkey']));
36	+ break;
37	+ case "rmdefsec":
38	+ $resp = array("status" => $settings->deleteOption('bvDefaultSecret'));
39	+ break;
40	+ case "rmbvkeys":
41	+ $resp = array("status" => $settings->deleteOption('bvKeys'));
42	+ break;
43	+ case "rmdefpub":
44	+ $resp = array("status" => $settings->deleteOption('bvDefaultPublic'));
45	+ break;
46	+ case "rmoldbvacc":
47	+ $resp = array("status" => $settings->deleteOption('bvAccounts'));
48	+ break;
49	+ case "fetch":
50	+ $resp = array("status" => WPRAccount::allAccounts($this->settings));
51	+ break;
52	+ default:
53	+ $resp = false;
54	+ }
55	+ return $resp;
56	+ }
57	+ }
58	+ endif;

callback/wings/brand.php ADDED Viewed

	@@ -0,0 +1,54 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVBrandCallback')) :
5	+
6	+ class BVBrandCallback extends BVCallbackBase {
7	+ public $settings;
8	+
9	+ public function __construct($callback_handler) {
10	+ $this->settings = $callback_handler->settings;
11	+ }
12	+
13	+ public function process($request) {
14	+ $bvinfo = new WPRInfo($this->settings);
15	+ $option_name = $bvinfo->brand_option;
16	+ $params = $request->params;
17	+ switch($request->method) {
18	+ case 'setbrand':
19	+ $brandinfo = array();
20	+ if (array_key_exists('hide', $params)) {
21	+ $brandinfo['hide'] = $params['hide'];
22	+ } else {
23	+ $brandinfo['name'] = $params['name'];
24	+ $brandinfo['title'] = $params['title'];
25	+ $brandinfo['description'] = $params['description'];
26	+ $brandinfo['pluginuri'] = $params['pluginuri'];
27	+ $brandinfo['author'] = $params['author'];
28	+ $brandinfo['authorname'] = $params['authorname'];
29	+ $brandinfo['authoruri'] = $params['authoruri'];
30	+ $brandinfo['menuname'] = $params['menuname'];
31	+ $brandinfo['logo'] = $params['logo'];
32	+ $brandinfo['webpage'] = $params['webpage'];
33	+ $brandinfo['appurl'] = $params['appurl'];
34	+ if (array_key_exists('hide_plugin_details', $params)) {
35	+ $brandinfo['hide_plugin_details'] = $params['hide_plugin_details'];
36	+ }
37	+ if (array_key_exists('hide_from_menu', $params)) {
38	+ $brandinfo['hide_from_menu'] = $params['hide_from_menu'];
39	+ }
40	+ }
41	+ $this->settings->updateOption($option_name, $brandinfo);
42	+ $resp = array("setbrand" => $this->settings->getOption($option_name));
43	+ break;
44	+ case 'rmbrand':
45	+ $this->settings->deleteOption($option_name);
46	+ $resp = array("rmbrand" => !$this->settings->getOption($option_name));
47	+ break;
48	+ default:
49	+ $resp = false;
50	+ }
51	+ return $resp;
52	+ }
53	+ }
54	+ endif;

callback/wings/bv_upgrader_skin.php ADDED Viewed

	@@ -0,0 +1,67 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVUpgraderSkin')) :
5	+ class BVUpgraderSkin extends WP_Upgrader_Skin {
6	+ public $status = array();
7	+ public $action = '';
8	+ public $plugin_info = array();
9	+ public $theme_info = array();
10	+ public $language_update = null;
11	+
12	+ function __construct($type, $package = '') {
13	+ $this->action = $type;
14	+ $this->package = $package;
15	+ parent::__construct(array());
16	+ }
17	+
18	+ function header() {}
19	+
20	+ function footer() {}
21	+
22	+ function get_key() {
23	+ $key = "bvgeneral";
24	+ switch ($this->action) {
25	+ case "theme_upgrade":
26	+ if (!empty($this->theme_info))
27	+ $key = $this->theme_info['Name'];
28	+ break;
29	+ case "plugin_upgrade":
30	+ if (!empty($this->plugin_info))
31	+ $key = $this->plugin_info['Name'];
32	+ break;
33	+ case "installer":
34	+ if (!empty($this->package))
35	+ $key = $this->package;
36	+ break;
37	+ case "upgrade_translations":
38	+ if (null != $this->language_update)
39	+ $key = $this->language_update->package;
40	+ break;
41	+ }
42	+ return $key;
43	+ }
44	+
45	+ function error($errors) {
46	+ $key = $this->get_key();
47	+ $message = array();
48	+ $message['error'] = true;
49	+ if (is_string($errors)) {
50	+ $message['message'] = $errors;
51	+ } elseif (is_wp_error($errors) && $errors->get_error_code()) {
52	+ $message['data'] = $errors->get_error_data();
53	+ $message['code'] = $errors->get_error_code();
54	+ }
55	+ $this->status[$this->action.':'.$key][] = $message;
56	+ }
57	+
58	+ function feedback($string) {
59	+ if ( empty($string) )
60	+ return;
61	+ $key = $this->get_key();
62	+ $message = array();
63	+ $message['message'] = $string;
64	+ $this->status[$this->action.':'.$key][] = $message;
65	+ }
66	+ }
67	+ endif;

callback/wings/db.php ADDED Viewed

	@@ -0,0 +1,171 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVDBCallback')) :
5	+ require_once dirname( __FILE__ ) . '/../streams.php';
6	+
7	+ class BVDBCallback extends BVCallbackBase {
8	+ public $db;
9	+ public $stream;
10	+ public $account;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->account = $callback_handler->account;
15	+ }
16	+
17	+ public function getLastID($pkeys, $end_row) {
18	+ $last_ids = array();
19	+ foreach($pkeys as $pk) {
20	+ $last_ids[$pk] = $end_row[$pk];
21	+ }
22	+ return $last_ids;
23	+ }
24	+
25	+ public function getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, $include_rows = false) {
26	+ $tinfo = array();
27	+
28	+ $rows_count = $this->db->rowsCount($table);
29	+ $result = array('count' => $rows_count);
30	+ if ($limit == 0) {
31	+ $limit = $rows_count;
32	+ }
33	+ $srows = 1;
34	+ while (($limit > 0) && ($srows > 0)) {
35	+ if ($bsize > $limit)
36	+ $bsize = $limit;
37	+ $rows = $this->db->getTableContent($table, '*', $filter, $bsize, $offset);
38	+ $srows = sizeof($rows);
39	+ $data = array();
40	+ $data["offset"] = $offset;
41	+ $data["size"] = $srows;
42	+ $data["md5"] = md5(serialize($rows));
43	+ array_push($tinfo, $data);
44	+ if (!empty($pkeys) && $srows > 0) {
45	+ $end_row = end($rows);
46	+ $last_ids = $this->getLastID($pkeys, $end_row);
47	+ $data['last_ids'] = $last_ids;
48	+ $result['last_ids'] = $last_ids;
49	+ }
50	+ if ($include_rows) {
51	+ $data["rows"] = $rows;
52	+ $str = serialize($data);
53	+ $this->stream->writeStream($str);
54	+ }
55	+ $offset += $srows;
56	+ $limit -= $srows;
57	+ }
58	+ $result['size'] = $offset;
59	+ $result['tinfo'] = $tinfo;
60	+ return $result;
61	+ }
62	+
63	+ public function process($request) {
64	+ $db = $this->db;
65	+ $params = $request->params;
66	+ $stream_init_info = BVStream::startStream($this->account, $request);
67	+ if (array_key_exists('stream', $stream_init_info)) {
68	+ $this->stream = $stream_init_info['stream'];
69	+ switch ($request->method) {
70	+ case "gettbls":
71	+ $resp = array("tables" => $db->showTables());
72	+ break;
73	+ case "tblstatus":
74	+ $resp = array("statuses" => $db->showTableStatus());
75	+ break;
76	+ case "tablekeys":
77	+ $table = urldecode($params['table']);
78	+ $resp = array("table_keys" => $db->tableKeys($table));
79	+ break;
80	+ case "describetable":
81	+ $table = urldecode($params['table']);
82	+ $resp = array("table_description" => $db->describeTable($table));
83	+ break;
84	+ case "checktable":
85	+ $table = urldecode($params['table']);
86	+ $type = urldecode($params['type']);
87	+ $resp = array("status" => $db->checkTable($table, $type));
88	+ break;
89	+ case "repairtable":
90	+ $table = urldecode($params['table']);
91	+ $resp = array("status" => $db->repairTable($table));
92	+ break;
93	+ case "gettcrt":
94	+ $table = urldecode($params['table']);
95	+ $resp = array("create" => $db->showTableCreate($table));
96	+ break;
97	+ case "getrowscount":
98	+ $table = urldecode($params['table']);
99	+ $resp = array("count" => $db->rowsCount($table));
100	+ break;
101	+ case "gettablecontent":
102	+ $result = array();
103	+ $table = urldecode($params['table']);
104	+ $fields = urldecode($params['fields']);
105	+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
106	+ $limit = intval(urldecode($params['limit']));
107	+ $offset = intval(urldecode($params['offset']));
108	+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
109	+ $result['timestamp'] = time();
110	+ $result['tablename'] = $table;
111	+ $rows = $db->getTableContent($table, $fields, $filter, $limit, $offset);
112	+ $srows = sizeof($rows);
113	+ if (!empty($pkeys) && $srows > 0) {
114	+ $end_row = end($rows);
115	+ $result['last_ids'] = $this->getLastID($pkeys, $end_row);
116	+ }
117	+ $result["rows"] = $rows;
118	+ $resp = $result;
119	+ break;
120	+ case "tableinfo":
121	+ $table = urldecode($params['table']);
122	+ $offset = intval(urldecode($params['offset']));
123	+ $limit = intval(urldecode($params['limit']));
124	+ $bsize = intval(urldecode($params['bsize']));
125	+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
126	+ $rcount = intval(urldecode($params['rcount']));
127	+ $tname = urldecode($params['tname']);
128	+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
129	+ $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, false);
130	+ break;
131	+ case "uploadrows":
132	+ $table = urldecode($params['table']);
133	+ $offset = intval(urldecode($params['offset']));
134	+ $limit = intval(urldecode($params['limit']));
135	+ $bsize = intval(urldecode($params['bsize']));
136	+ $filter = (array_key_exists('filter', $params)) ? urldecode($params['filter']) : "";
137	+ $rcount = intval(urldecode($params['rcount']));
138	+ $tname = urldecode($params['tname']);
139	+ $pkeys = (array_key_exists('pkeys', $params)) ? $params['pkeys'] : array();
140	+ $resp = $this->getTableData($table, $tname, $rcount, $offset, $limit, $bsize, $filter, $pkeys, true);
141	+ break;
142	+ case "tblexists":
143	+ $resp = array("tblexists" => $db->isTablePresent($params['tablename']));
144	+ break;
145	+ case "crttbl":
146	+ $usedbdelta = array_key_exists('usedbdelta', $params);
147	+ $resp = array("crttbl" => $db->createTable($params['query'], $params['tablename'], $usedbdelta));
148	+ break;
149	+ case "drptbl":
150	+ $resp = array("drptbl" => $db->dropBVTable($params['name']));
151	+ break;
152	+ case "trttbl":
153	+ $resp = array("trttbl" => $db->truncateBVTable($params['name']));
154	+ break;
155	+ case "altrtbl":
156	+ $resp = array("altrtbl" => $db->alterBVTable($params['query'], $params['query']));
157	+ break;
158	+ default:
159	+ $resp = false;
160	+ }
161	+ $end_stream_info = $this->stream->endStream();
162	+ if (!empty($end_stream_info) && is_array($resp)) {
163	+ $resp = array_merge($resp, $end_stream_info);
164	+ }
165	+ } else {
166	+ $resp = $stream_init_info;
167	+ }
168	+ return $resp;
169	+ }
170	+ }
171	+ endif;

callback/wings/dynsync.php ADDED Viewed

	@@ -0,0 +1,90 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVDynSyncCallback')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
7	+
8	+ class BVDynSyncCallback extends BVCallbackBase {
9	+ public $db;
10	+ public $settings;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->settings = $callback_handler->settings;
15	+ }
16	+
17	+ public function dropDynSyncTable() {
18	+ return $this->db->dropBVTable(BVWPDynSync::$dynsync_table);
19	+ }
20	+
21	+ public function createDynSyncTable($usedbdelta = false) {
22	+ $db = $this->db;
23	+ $charset_collate = $db->getCharsetCollate();
24	+ $table = $this->db->getBVTable(BVWPDynSync::$dynsync_table);
25	+ $query = "CREATE TABLE $table (
26	+ id bigint(20) NOT NULL AUTO_INCREMENT,
27	+ site_id int NOT NULL,
28	+ event_type varchar(40) NOT NULL DEFAULT '',
29	+ event_tag varchar(40) NOT NULL DEFAULT '',
30	+ event_data text NOT NULL DEFAULT '',
31	+ PRIMARY KEY (id)
32	+ ) $charset_collate;";
33	+ return $db->createTable($query, BVWPDynSync::$dynsync_table, $usedbdelta);
34	+ }
35	+
36	+ public function process($request) {
37	+ $settings = $this->settings;
38	+ $params = $request->params;
39	+ switch ($request->method) {
40	+ case "truncdynsynctable":
41	+ $resp = array("status" => $this->db->truncateBVTable(BVWPDynSync::$dynsync_table));
42	+ break;
43	+ case "dropdynsynctable":
44	+ $resp = array("status" => $this->dropDynSyncTable());
45	+ break;
46	+ case "createdynsynctable":
47	+ $usedbdelta = array_key_exists('usedbdelta', $params);
48	+ $resp = array("status" => $this->createDynSyncTable($usedbdelta));
49	+ break;
50	+ case "setdynsync":
51	+ if (array_key_exists('dynplug', $params)) {
52	+ $settings->updateOption('bvdynplug', $params['dynplug']);
53	+ } else {
54	+ $settings->deleteOption('bvdynplug');
55	+ }
56	+ $settings->updateOption('bvDynSyncActive', $params['dynsync']);
57	+ $resp = array("status" => "done");
58	+ break;
59	+ case "setwoodyn":
60	+ $resp = array("status" => $settings->updateOption('bvWooDynSync', $params['woodyn']));
61	+ break;
62	+ case "setignorednames":
63	+ switch ($params['table']) {
64	+ case "options":
65	+ $settings->updateOption('bvIgnoredOptions', $params['names']);
66	+ break;
67	+ case "postmeta":
68	+ $settings->updateOption('bvIgnoredPostmeta', $params['names']);
69	+ break;
70	+ }
71	+ $resp = array("status" => "done");
72	+ break;
73	+ case "getignorednames":
74	+ switch ($params['table']) {
75	+ case "options":
76	+ $names = $settings->getOption('bvIgnoredOptions');
77	+ break;
78	+ case "postmeta":
79	+ $names = $settings->getOption('bvIgnoredPostmeta');
80	+ break;
81	+ }
82	+ $resp = array("names", $names);
83	+ break;
84	+ default:
85	+ $resp = false;
86	+ }
87	+ return $resp;
88	+ }
89	+ }
90	+ endif;

callback/wings/fs.php ADDED Viewed

	@@ -0,0 +1,280 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVFSCallback')) :
5	+ require_once dirname( __FILE__ ) . '/../streams.php';
6	+
7	+ class BVFSCallback extends BVCallbackBase {
8	+ public $stream;
9	+ public $account;
10	+
11	+ public function __construct($callback_handler) {
12	+ $this->account = $callback_handler->account;
13	+ }
14	+
15	+ function fileStat($relfile) {
16	+ $absfile = ABSPATH.$relfile;
17	+ $fdata = array();
18	+ $fdata["filename"] = $relfile;
19	+ $stats = @stat($absfile);
20	+ if ($stats) {
21	+ foreach (preg_grep('#size\|uid\|gid\|mode\|mtime#i', array_keys($stats)) as $key ) {
22	+ $fdata[$key] = $stats[$key];
23	+ }
24	+ if (is_link($absfile)) {
25	+ $fdata["link"] = @readlink($absfile);
26	+ }
27	+ } else {
28	+ $fdata["failed"] = true;
29	+ }
30	+ return $fdata;
31	+ }
32	+
33	+ function scanFilesUsingGlob($initdir = "./", $offset = 0, $limit = 0, $bsize = 512, $recurse = true, $regex = '{.??,}*') {
34	+ $i = 0;
35	+ $dirs = array();
36	+ $dirs[] = $initdir;
37	+ $bfc = 0;
38	+ $bfa = array();
39	+ $current = 0;
40	+ $abspath = realpath(ABSPATH).'/';
41	+ $abslen = strlen($abspath);
42	+ # XNOTE: $recurse cannot be used directly here
43	+ while ($i < count($dirs)) {
44	+ $dir = $dirs[$i];
45	+
46	+ foreach (glob($abspath.$dir.$regex, GLOB_NOSORT \| GLOB_BRACE) as $absfile) {
47	+ $relfile = substr($absfile, $abslen);
48	+ if (is_dir($absfile) && !is_link($absfile)) {
49	+ $dirs[] = $relfile."/";
50	+ }
51	+ $current++;
52	+ if ($offset >= $current)
53	+ continue;
54	+ if (($limit != 0) && (($current - $offset) > $limit)) {
55	+ $i = count($dirs);
56	+ break;
57	+ }
58	+ $bfa[] = $this->fileStat($relfile);
59	+ $bfc++;
60	+ if ($bfc == $bsize) {
61	+ $str = serialize($bfa);
62	+ $this->stream->writeStream($str);
63	+ $bfc = 0;
64	+ $bfa = array();
65	+ }
66	+ }
67	+ $regex = '{.??,}*';
68	+ $i++;
69	+ if ($recurse == false)
70	+ break;
71	+ }
72	+ if ($bfc != 0) {
73	+ $str = serialize($bfa);
74	+ $this->stream->writeStream($str);
75	+ }
76	+ return array("status" => "done");
77	+ }
78	+
79	+ function scanFiles($initdir = "./", $offset = 0, $limit = 0, $bsize = 512, $recurse = true) {
80	+ $i = 0;
81	+ $dirs = array();
82	+ $dirs[] = $initdir;
83	+ $bfc = 0;
84	+ $bfa = array();
85	+ $current = 0;
86	+ while ($i < count($dirs)) {
87	+ $dir = $dirs[$i];
88	+ $d = @opendir(ABSPATH.$dir);
89	+ if ($d) {
90	+ while (($file = readdir($d)) !== false) {
91	+ if ($file == '.' \|\| $file == '..') { continue; }
92	+ $relfile = $dir.$file;
93	+ $absfile = ABSPATH.$relfile;
94	+ if (is_dir($absfile) && !is_link($absfile)) {
95	+ $dirs[] = $relfile."/";
96	+ }
97	+ $current++;
98	+ if ($offset >= $current)
99	+ continue;
100	+ if (($limit != 0) && (($current - $offset) > $limit)) {
101	+ $i = count($dirs);
102	+ break;
103	+ }
104	+ $bfa[] = $this->fileStat($relfile);
105	+ $bfc++;
106	+ if ($bfc == $bsize) {
107	+ $str = serialize($bfa);
108	+ $this->stream->writeStream($str);
109	+ $bfc = 0;
110	+ $bfa = array();
111	+ }
112	+ }
113	+ closedir($d);
114	+ }
115	+ $i++;
116	+ if ($recurse == false)
117	+ break;
118	+ }
119	+ if ($bfc != 0) {
120	+ $str = serialize($bfa);
121	+ $this->stream->writeStream($str);
122	+ }
123	+ return array("status" => "done");
124	+ }
125	+
126	+ function calculateMd5($absfile, $fdata, $offset, $limit, $bsize) {
127	+ if ($offset == 0 && $limit == 0) {
128	+ $md5 = md5_file($absfile);
129	+ } else {
130	+ if ($limit == 0)
131	+ $limit = $fdata["size"];
132	+ if ($offset + $limit < $fdata["size"])
133	+ $limit = $fdata["size"] - $offset;
134	+ $handle = fopen($absfile, "rb");
135	+ $ctx = hash_init('md5');
136	+ fseek($handle, $offset, SEEK_SET);
137	+ $dlen = 1;
138	+ while (($limit > 0) && ($dlen > 0)) {
139	+ if ($bsize > $limit)
140	+ $bsize = $limit;
141	+ $d = fread($handle, $bsize);
142	+ $dlen = strlen($d);
143	+ hash_update($ctx, $d);
144	+ $limit -= $dlen;
145	+ }
146	+ fclose($handle);
147	+ $md5 = hash_final($ctx);
148	+ }
149	+ return $md5;
150	+ }
151	+
152	+ function getFilesStats($files, $offset = 0, $limit = 0, $bsize = 102400, $md5 = false) {
153	+ $result = array();
154	+ foreach ($files as $file) {
155	+ $fdata = $this->fileStat($file);
156	+ $absfile = ABSPATH.$file;
157	+ if (!is_readable($absfile)) {
158	+ $result["missingfiles"][] = $file;
159	+ continue;
160	+ }
161	+ if ($md5 === true) {
162	+ $fdata["md5"] = $this->calculateMd5($absfile, $fdata, $offset, $limit, $bsize);
163	+ }
164	+ $result["stats"][] = $fdata;
165	+ }
166	+ return $result;
167	+ }
168	+
169	+ function uploadFiles($files, $offset = 0, $limit = 0, $bsize = 102400) {
170	+ $result = array();
171	+ foreach ($files as $file) {
172	+ if (!is_readable(ABSPATH.$file)) {
173	+ $result["missingfiles"][] = $file;
174	+ continue;
175	+ }
176	+ $handle = fopen(ABSPATH.$file, "rb");
177	+ if (($handle != null) && is_resource($handle)) {
178	+ $fdata = $this->fileStat($file);
179	+ $_limit = $limit;
180	+ $_bsize = $bsize;
181	+ if ($_limit == 0)
182	+ $_limit = $fdata["size"];
183	+ if ($offset + $_limit > $fdata["size"])
184	+ $_limit = $fdata["size"] - $offset;
185	+ $fdata["limit"] = $_limit;
186	+ $sfdata = serialize($fdata);
187	+ $this->stream->writeStream($sfdata);
188	+ fseek($handle, $offset, SEEK_SET);
189	+ $dlen = 1;
190	+ while (($_limit > 0) && ($dlen > 0)) {
191	+ if ($_bsize > $_limit)
192	+ $_bsize = $_limit;
193	+ $d = fread($handle, $_bsize);
194	+ $dlen = strlen($d);
195	+ $this->stream->writeStream($d);
196	+ $_limit -= $dlen;
197	+ }
198	+ fclose($handle);
199	+ } else {
200	+ $result["unreadablefiles"][] = $file;
201	+ }
202	+ }
203	+ $result["status"] = "done";
204	+ return $result;
205	+ }
206	+
207	+ function process($request) {
208	+ $params = $request->params;
209	+ $stream_init_info = BVStream::startStream($this->account, $request);
210	+ if (array_key_exists('stream', $stream_init_info)) {
211	+ $this->stream = $stream_init_info['stream'];
212	+ switch ($request->method) {
213	+ case "scanfilesglob":
214	+ $initdir = urldecode($params['initdir']);
215	+ $offset = intval(urldecode($params['offset']));
216	+ $limit = intval(urldecode($params['limit']));
217	+ $bsize = intval(urldecode($params['bsize']));
218	+ $regex = urldecode($params['regex']);
219	+ $recurse = true;
220	+ if (array_key_exists('recurse', $params) && $params["recurse"] == "false") {
221	+ $recurse = false;
222	+ }
223	+ $resp = $this->scanFilesUsingGlob($initdir, $offset, $limit, $bsize, $recurse, $regex);
224	+ break;
225	+ case "scanfiles":
226	+ $initdir = urldecode($params['initdir']);
227	+ $offset = intval(urldecode($params['offset']));
228	+ $limit = intval(urldecode($params['limit']));
229	+ $bsize = intval(urldecode($params['bsize']));
230	+ $recurse = true;
231	+ if (array_key_exists('recurse', $params) && $params["recurse"] == "false") {
232	+ $recurse = false;
233	+ }
234	+ $resp = $this->scanFiles($initdir, $offset, $limit, $bsize, $recurse);
235	+ break;
236	+ case "getfilesstats":
237	+ $files = $params['files'];
238	+ $offset = intval(urldecode($params['offset']));
239	+ $limit = intval(urldecode($params['limit']));
240	+ $bsize = intval(urldecode($params['bsize']));
241	+ $md5 = false;
242	+ if (array_key_exists('md5', $params)) {
243	+ $md5 = true;
244	+ }
245	+ $resp = $this->getFilesStats($files, $offset, $limit, $bsize, $md5);
246	+ break;
247	+ case "sendmanyfiles":
248	+ $files = $params['files'];
249	+ $offset = intval(urldecode($params['offset']));
250	+ $limit = intval(urldecode($params['limit']));
251	+ $bsize = intval(urldecode($params['bsize']));
252	+ $resp = $this->uploadFiles($files, $offset, $limit, $bsize);
253	+ break;
254	+ case "filelist":
255	+ $initdir = $params['initdir'];
256	+ $glob_option = GLOB_MARK;
257	+ if(array_key_exists('onlydir', $params)) {
258	+ $glob_option = GLOB_ONLYDIR;
259	+ }
260	+ $regex = "*";
261	+ if(array_key_exists('regex', $params)){
262	+ $regex = $params['regex'];
263	+ }
264	+ $directoryList = glob($initdir.$regex, $glob_option);
265	+ $resp = $this->getFilesStats($directoryList);
266	+ break;
267	+ default:
268	+ $resp = false;
269	+ }
270	+ $end_stream_info = $this->stream->endStream();
271	+ if (!empty($end_stream_info) && is_array($resp)) {
272	+ $resp = array_merge($resp, $end_stream_info);
273	+ }
274	+ } else {
275	+ $resp = $stream_init_info;
276	+ }
277	+ return $resp;
278	+ }
279	+ }
280	+ endif;

callback/wings/fw.php ADDED Viewed

	@@ -0,0 +1,62 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVFirewallCallback')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/../../protect/wp_fw/config.php';
7	+
8	+ class BVFirewallCallback {
9	+ public $db;
10	+ public $settings;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->settings = $callback_handler->settings;
15	+ }
16	+
17	+ public function process($request) {
18	+ $params = $request->params;
19	+ $config = new BVWPFWConfig($this->db, $this->settings);
20	+ switch ($request->method) {
21	+ case "clrconfig":
22	+ $resp = array("clearconfig" => $config->clear());
23	+ break;
24	+ case "setmode":
25	+ $config->setMode($params['mode']);
26	+ $resp = array("setmode" => $config->getMode());
27	+ break;
28	+ case "dsblrules":
29	+ $config->setDisabledRules($params['disabled_rules']);
30	+ $resp = array("disabled_rules" => $config->getDisabledRules());
31	+ break;
32	+ case "adtrls":
33	+ $config->setAuditRules($params['audit_rules']);
34	+ $resp = array("audit_rules" => $config->getAuditRules());
35	+ break;
36	+ case "setrulesmode":
37	+ $config->setRulesMode($params['rules_mode']);
38	+ $resp = array("rules_mode" => $config->getRulesMode());
39	+ break;
40	+ case "setreqprofilingmode":
41	+ $config->setReqProfilingMode($params['req_profiling_mode']);
42	+ $resp = array("req_profiling_mode" => $config->getReqProfilingMode());
43	+ break;
44	+ case "stbypslevl":
45	+ $config->setBypassLevel($params['bypslevl']);
46	+ $resp = array("bypslevl" => $config->getBypassLevel());
47	+ break;
48	+ case "stcstmrls":
49	+ $config->setCustomRoles($params['cstmrls']);
50	+ $resp = array("cstmrls" => $config->getCustomRoles());
51	+ break;
52	+ case "stcookiemode":
53	+ $config->setCookieMode($params['mode']);
54	+ $resp = array("mode" => $config->getCookieMode());
55	+ break;
56	+ default:
57	+ $resp = false;
58	+ }
59	+ return $resp;
60	+ }
61	+ }
62	+ endif;

callback/wings/info.php ADDED Viewed

	@@ -0,0 +1,318 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVInfoCallback')) :
5	+
6	+ class BVInfoCallback extends BVCallbackBase {
7	+ public $db;
8	+ public $settings;
9	+ public $siteinfo;
10	+ public $bvinfo;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->siteinfo = $callback_handler->siteinfo;
15	+ $this->settings = $callback_handler->settings;
16	+ $this->bvinfo = new WPRInfo($this->settings);
17	+ }
18	+
19	+ public function getPosts($post_type, $count = 5) {
20	+ $output = array();
21	+ $args = array('numberposts' => $count, 'post_type' => $post_type);
22	+ $posts = get_posts($args);
23	+ $keys = array('post_title', 'guid', 'ID', 'post_date');
24	+ $result = array();
25	+ foreach ($posts as $post) {
26	+ $pdata = array();
27	+ $post_array = get_object_vars($post);
28	+ foreach ($keys as $key) {
29	+ $pdata[$key] = $post_array[$key];
30	+ }
31	+ $result["posts"][] = $pdata;
32	+ }
33	+ return $result;
34	+ }
35	+
36	+ public function getStats() {
37	+ return array(
38	+ "posts" => get_object_vars(wp_count_posts()),
39	+ "pages" => get_object_vars(wp_count_posts("page")),
40	+ "comments" => get_object_vars(wp_count_comments())
41	+ );
42	+ }
43	+
44	+ public function getPlugins() {
45	+ if (!function_exists('get_plugins')) {
46	+ require_once (ABSPATH."wp-admin/includes/plugin.php");
47	+ }
48	+ $plugins = get_plugins();
49	+ $result = array();
50	+ foreach ($plugins as $plugin_file => $plugin_data) {
51	+ $pdata = array(
52	+ 'file' => $plugin_file,
53	+ 'title' => $plugin_data['Title'],
54	+ 'version' => $plugin_data['Version'],
55	+ 'active' => is_plugin_active($plugin_file),
56	+ 'network' => $plugin_data['Network']
57	+ );
58	+ $result["plugins"][] = $pdata;
59	+ }
60	+ return $result;
61	+ }
62	+
63	+ public function themeToArray($theme) {
64	+ if (is_object($theme)) {
65	+ $pdata = array(
66	+ 'name' => $theme->Name,
67	+ 'title' => $theme->Title,
68	+ 'stylesheet' => $theme->get_stylesheet(),
69	+ 'template' => $theme->Template,
70	+ 'version' => $theme->Version
71	+ );
72	+ } else {
73	+ $pdata = array(
74	+ 'name' => $theme["Name"],
75	+ 'title' => $theme["Title"],
76	+ 'stylesheet' => $theme["Stylesheet"],
77	+ 'template' => $theme["Template"],
78	+ 'version' => $theme["Version"]
79	+ );
80	+ }
81	+ return $pdata;
82	+ }
83	+
84	+ public function getThemes() {
85	+ $result = array();
86	+ $themes = function_exists('wp_get_themes') ? wp_get_themes() : get_themes();
87	+ foreach($themes as $theme) {
88	+ $pdata = $this->themeToArray($theme);
89	+ $result["themes"][] = $pdata;
90	+ }
91	+ $theme = function_exists('wp_get_theme') ? wp_get_theme() : get_current_theme();
92	+ $pdata = $this->themeToArray($theme);
93	+ $result["currenttheme"] = $pdata;
94	+ return $result;
95	+ }
96	+
97	+ public function getSystemInfo() {
98	+ $sys_info = array(
99	+ 'serverip' => $_SERVER['SERVER_ADDR'],
100	+ 'host' => $_SERVER['HTTP_HOST'],
101	+ 'phpversion' => phpversion(),
102	+ 'AF_INET6' => defined('AF_INET6')
103	+ );
104	+ if (function_exists('get_current_user')) {
105	+ $sys_info['user'] = get_current_user();
106	+ }
107	+ if (function_exists('getmygid')) {
108	+ $sys_info['gid'] = getmygid();
109	+ }
110	+ if (function_exists('getmyuid')) {
111	+ $sys_info['uid'] = getmyuid();
112	+ }
113	+ if (function_exists('posix_getuid')) {
114	+ $sys_info['webuid'] = posix_getuid();
115	+ $sys_info['webgid'] = posix_getgid();
116	+ }
117	+ return array("sys" => $sys_info);
118	+ }
119	+
120	+ public function getWpInfo() {
121	+ global $wp_version, $wp_db_version, $wp_local_package;
122	+ $siteinfo = $this->siteinfo;
123	+ $db = $this->db;
124	+ $upload_dir = wp_upload_dir();
125	+
126	+ $wp_info = array(
127	+ 'dbprefix' => $db->dbprefix(),
128	+ 'wpmu' => $siteinfo->isMultisite(),
129	+ 'mainsite' => $siteinfo->isMainSite(),
130	+ 'name' => get_bloginfo('name'),
131	+ 'siteurl' => $siteinfo->siteurl(),
132	+ 'homeurl' => $siteinfo->homeurl(),
133	+ 'charset' => get_bloginfo('charset'),
134	+ 'wpversion' => $wp_version,
135	+ 'dbversion' => $wp_db_version,
136	+ 'abspath' => ABSPATH,
137	+ 'uploadpath' => $upload_dir['basedir'],
138	+ 'uploaddir' => wp_upload_dir(),
139	+ 'contentdir' => defined('WP_CONTENT_DIR') ? WP_CONTENT_DIR : null,
140	+ 'contenturl' => defined('WP_CONTENT_URL') ? WP_CONTENT_URL : null,
141	+ 'plugindir' => defined('WP_PLUGIN_DIR') ? WP_PLUGIN_DIR : null,
142	+ 'dbcharset' => defined('DB_CHARSET') ? DB_CHARSET : null,
143	+ 'disallow_file_edit' => defined('DISALLOW_FILE_EDIT'),
144	+ 'disallow_file_mods' => defined('DISALLOW_FILE_MODS'),
145	+ 'custom_users' => defined('CUSTOM_USER_TABLE') ? CUSTOM_USER_TABLE : null,
146	+ 'custom_usermeta' => defined('CUSTOM_USERMETA_TABLE') ? CUSTOM_USERMETA_TABLE : null,
147	+ 'locale' => get_locale(),
148	+ 'wp_local_string' => $wp_local_package,
149	+ 'charset_collate' => $db->getCharsetCollate()
150	+ );
151	+ return array("wp" => $wp_info);
152	+ }
153	+
154	+ public function getUsers($args = array(), $full) {
155	+ $results = array();
156	+ $users = get_users($args);
157	+ if ('true' == $full) {
158	+ $results = $this->objectToArray($users);
159	+ } else {
160	+ foreach( (array) $users as $user) {
161	+ $result = array();
162	+ $result['user_email'] = $user->user_email;
163	+ $result['ID'] = $user->ID;
164	+ $result['roles'] = $user->roles;
165	+ $result['user_login'] = $user->user_login;
166	+ $result['display_name'] = $user->display_name;
167	+ $result['user_registered'] = $user->user_registered;
168	+ $result['user_status'] = $user->user_status;
169	+ $result['user_url'] = $user->url;
170	+
171	+ $results[] = $result;
172	+ }
173	+ }
174	+ return array("users" => $results);
175	+ }
176	+
177	+ public function availableFunctions(&$info) {
178	+ if (extension_loaded('openssl')) {
179	+ $info['openssl'] = "1";
180	+ }
181	+ if (function_exists('is_ssl') && is_ssl()) {
182	+ $info['https'] = "1";
183	+ }
184	+ if (function_exists('openssl_public_encrypt')) {
185	+ $info['openssl_public_encrypt'] = "1";
186	+ }
187	+ if (function_exists('openssl_public_decrypt')) {
188	+ $info['openssl_public_decrypt'] = "1";
189	+ }
190	+ $info['sha1'] = "1";
191	+ $info['apissl'] = "1";
192	+ if (function_exists('base64_encode')) {
193	+ $info['b64encode'] = true;
194	+ }
195	+ if (function_exists('base64_decode')) {
196	+ $info['b64decode'] = true;
197	+ }
198	+ return $info;
199	+ }
200	+
201	+ public function servicesInfo(&$data) {
202	+ $settings = $this->settings;
203	+ $data['dynsync'] = $settings->getOption('bvDynSyncActive');
204	+ $data['woodyn'] = $settings->getOption('bvWooDynSync');
205	+ $data['dynplug'] = $settings->getOption('bvdynplug');
206	+ $data['ptplug'] = $settings->getOption('bvptplug');
207	+ $data['fw'] = $this->getFWConfig();
208	+ $data['lp'] = $this->getLPConfig();
209	+ $data['brand'] = $settings->getOption($this->bvinfo->brand_option);
210	+ $data['badgeinfo'] = $settings->getOption($this->bvinfo->badgeinfo);
211	+ }
212	+
213	+ public function getLPConfig() {
214	+ $config = array();
215	+ $settings = $this->settings;
216	+ $mode = $settings->getOption('bvlpmode');
217	+ $cplimit = $settings->getOption('bvlpcaptchalimit');
218	+ $tplimit = $settings->getOption('bvlptempblocklimit');
219	+ $bllimit = $settings->getOption('bvlpblockAllLimit');
220	+ $config['mode'] = intval($mode ? $mode : 1);
221	+ $config['captcha_limit'] = intval($cplimit ? $cplimit : 3);
222	+ $config['temp_block_limit'] = intval($tplimit? $tplimit : 6);
223	+ $config['block_all_limit'] = intval($bllimit ? $bllimit : 100);
224	+ return $config;
225	+ }
226	+
227	+ public function getFWConfig() {
228	+ $config = array();
229	+ $settings = $this->settings;
230	+ $mode = $settings->getOption('bvfwmode');
231	+ $drules = $settings->getOption('bvfwdisabledrules');
232	+ $arules = $settings->getOption('bvfwauditrules');
233	+ $rmode = $settings->getOption('bvfwrulesmode');
234	+ $reqprofilingmode = $settings->getOption('bvfwreqprofilingmode');
235	+ $bypass_level = $settings->getOption('bvfwbypasslevel');
236	+ $custom_roles = $settings->getOption('bvfwcustomroles');
237	+ $cookiemode = $settings->getOption('bvfwcookiemode');
238	+ $cookiekey = (string) $settings->getOption('bvfwcookiekey');
239	+ $config['mode'] = intval($mode ? $mode : 1);
240	+ $config['disabled_rules'] = $drules ? $drules : array();
241	+ $config['audit_rules'] = $arules ? $arules : array();
242	+ $config['rules_mode'] = intval($rmode ? $rmode : 1);
243	+ $config['req_profiling_mode'] = intval($reqprofilingmode ? $reqprofilingmode : 1);
244	+ $config['bypslevl'] = intval($bypass_level ? $bypass_level : 2);
245	+ $config['cstmrls'] = $custom_roles ? $custom_roles : array();
246	+ $config['cookiemode'] = intval($cookiemode ? $cookiemode : 2);
247	+ $config['cookiekey'] = $cookiekey;
248	+ return $config;
249	+ }
250	+
251	+ public function dbconf(&$info) {
252	+ $db = $this->db;
253	+ if (defined('DB_CHARSET'))
254	+ $info['dbcharset'] = DB_CHARSET;
255	+ $info['dbprefix'] = $db->dbprefix();
256	+ $info['charset_collate'] = $db->getCharsetCollate();
257	+ return $info;
258	+ }
259	+
260	+ public function activate() {
261	+ $resp = array();
262	+ $this->siteinfo->basic($resp);
263	+ $this->servicesInfo($resp);
264	+ $this->dbconf($resp);
265	+ $this->availableFunctions($resp);
266	+ return array('actinfo' => $resp);
267	+ }
268	+
269	+ public function process($request) {
270	+ $db = $this->db;
271	+ $params = $request->params;
272	+ switch ($request->method) {
273	+ case "activateinfo":
274	+ $resp = $this->activate();
275	+ break;
276	+ case "gtpsts":
277	+ $count = 5;
278	+ if (array_key_exists('count', $params))
279	+ $count = $params['count'];
280	+ $resp = $this->getPosts($params['post_type'], $count);
281	+ break;
282	+ case "gtsts":
283	+ $resp = $this->getStats();
284	+ break;
285	+ case "gtplgs":
286	+ $resp = $this->getPlugins();
287	+ break;
288	+ case "gtthms":
289	+ $resp = $this->getThemes();
290	+ break;
291	+ case "gtsym":
292	+ $resp = $this->getSystemInfo();
293	+ break;
294	+ case "gtwp":
295	+ $resp = $this->getWpInfo();
296	+ break;
297	+ case "getoption":
298	+ $resp = array("option" => $this->settings->getOption($params['name']));
299	+ break;
300	+ case "gtusrs":
301	+ $full = false;
302	+ if (array_key_exists('full', $params))
303	+ $full = true;
304	+ $resp = $this->getUsers($params['args'], $full);
305	+ break;
306	+ case "gttrnsnt":
307	+ $transient = $this->settings->getTransient($params['name']);
308	+ if ($transient && array_key_exists('asarray', $params))
309	+ $transient = $this->objectToArray($transient);
310	+ $resp = array("transient" => $transient);
311	+ break;
312	+ default:
313	+ $resp = false;
314	+ }
315	+ return $resp;
316	+ }
317	+ }
318	+ endif;

callback/wings/ipstore.php ADDED Viewed

	@@ -0,0 +1,115 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVIPStoreCallback')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/../../protect/ipstore.php';
7	+
8	+ class BVIPStoreCallback extends BVCallbackBase {
9	+ public $db;
10	+
11	+ public function __construct($callback_handler) {
12	+ $this->db = $callback_handler->db;
13	+ }
14	+
15	+ public function updateBVTableContent($table, $value, $filter) {
16	+ $this->db->query("UPDATE $table SET $value $filter;");
17	+ }
18	+
19	+ public function insertBVTableContent($table, $fields, $value) {
20	+ $this->db->query("INSERT INTO $table $fields values $value;");
21	+ }
22	+
23	+ public function deleteIPs($table, $rmfilters) {
24	+ if (is_array($rmfilters)) {
25	+ foreach ($rmfilters as $rmfilter) {
26	+ $rmfilter = base64_decode($rmfilter);
27	+ $this->db->deleteBVTableContent($table, $rmfilter);
28	+ }
29	+ }
30	+ }
31	+
32	+ public function insertIPs($table, $fields, $values) {
33	+ if (is_array($values)) {
34	+ foreach ($values as $value) {
35	+ $value = base64_decode($value);
36	+ $this->insertBVTableContent($table, $fields, $value);
37	+ }
38	+ }
39	+ }
40	+
41	+ public function updateIPs($table, $value, $filters) {
42	+ if (is_array($filters)) {
43	+ foreach ($filters as $filter) {
44	+ $filter = base64_decode($filter);
45	+ $this->updateBVTableContent($table, $value, $filter);
46	+ }
47	+ }
48	+ }
49	+
50	+ public function getIPs($table, $auto_increment_offset, $type, $category) {
51	+ $query = "SELECT `start_ip_range` FROM $table WHERE id < $auto_increment_offset AND `type` = $type AND ";
52	+ $query .= ($category == BVIPStore::FW) ? "`is_fw` = true;" : "`is_lp` = true;";
53	+ return $this->db->getCol($query);
54	+ }
55	+
56	+ public function getIPStoreOffset($table, $auto_increment_offset) {
57	+ $db = $this->db;
58	+ return intval($db->getVar("SELECT MAX(id) FROM $table WHERE id < $auto_increment_offset"));
59	+ }
60	+
61	+ public function getIPStoreInfo($table, $auto_increment_offset) {
62	+ $db = $this->db;
63	+ $info = array();
64	+ $info['fw_blacklisted_ips'] = $this->getIPs($table, $auto_increment_offset, BVIPStore::BLACKLISTED, BVIPStore::FW);
65	+ $info['lp_blacklisted_ips'] = $this->getIPs($table, $auto_increment_offset, BVIPStore::BLACKLISTED, BVIPStore::LP);
66	+ $info['fw_whitelisted_ips'] = $this->getIPs($table, $auto_increment_offset, BVIPStore::WHITELISTED, BVIPStore::FW);
67	+ $info['lp_whitelisted_ips'] = $this->getIPs($table, $auto_increment_offset, BVIPStore::WHITELISTED, BVIPStore::LP);
68	+ $info['ip_store_offset'] = $this->getIPStoreOffset($table, $auto_increment_offset);
69	+ $info['country_ips_size'] = intval($db->getVar("SELECT COUNT(id) FROM $table WHERE id >= $auto_increment_offset"));
70	+ return $info;
71	+ }
72	+
73	+ public function process($request) {
74	+ $db = $this->db;
75	+ $params = $request->params;
76	+ $table = $params['table'];
77	+ $bvTable = $db->getBVTable($table);
78	+ $auto_increment_offset = $params['auto_increment_offset'];
79	+ if (!$db->isTablePresent($bvTable)) {
80	+ $resp = array("info" => false);
81	+ } else {
82	+ switch ($request->method) {
83	+ case "ipstrinfo":
84	+ $info = $this->getIPStoreInfo($bvTable, $auto_increment_offset);
85	+ $resp = array("info" => $info);
86	+ break;
87	+ case "insrtips":
88	+ $values = $params['values'];
89	+ $fields = $params['fields'];
90	+ $rmfilter = $params['rmfilter'];
91	+ if ($rmfilter) {
92	+ $db->deleteBVTableContent($table, $rmfilter);
93	+ }
94	+ $this->insertIPs($bvTable, $fields, $values);
95	+ $resp = array("offset" => $this->getIPStoreOffset($bvTable, $auto_increment_offset));
96	+ break;
97	+ case "dltips":
98	+ $rmfilters = $params['rmfilters'];
99	+ $this->deleteIPs($table, $rmfilters);
100	+ $resp = array("offset" => $this->getIPStoreOffset($bvTable, $auto_increment_offset));
101	+ break;
102	+ case "updtips":
103	+ $value = $params['value'];
104	+ $filters = $params['filters'];
105	+ $this->updateIPs($bvTable, $value, $filters);
106	+ $resp = array("offset" => $this->getIPStoreOffset($bvTable, $auto_increment_offset));
107	+ break;
108	+ default:
109	+ $resp = false;
110	+ }
111	+ return $resp;
112	+ }
113	+ }
114	+ }
115	+ endif;

callback/wings/lp.php ADDED Viewed

	@@ -0,0 +1,74 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVLoginProtectCallback')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/../../protect/wp_lp/lp.php';
7	+
8	+ class BVLoginProtectCallback extends BVCallbackBase {
9	+ public $db;
10	+ public $settings;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->settings = $callback_handler->settings;
15	+ }
16	+
17	+ public function unBlockLogins() {
18	+ $this->settings->deleteTransient('bvlp_block_logins');
19	+ $this->settings->setTransient('bvlp_allow_logins', 'true', 1800);
20	+ return $this->settings->getTransient('bvlp_allow_logins');
21	+ }
22	+
23	+ public function blockLogins($time) {
24	+ $this->settings->deleteTransient('bvlp_allow_logins');
25	+ $this->settings->setTransient('bvlp_block_logins', 'true', $time);
26	+ return $this->settings->getTransient('bvlp_block_logins');
27	+ }
28	+
29	+ public function unBlockIP($ip, $attempts, $time) {
30	+ $transient_name = BVWPLP::$unblock_ip_transient.$ip;
31	+ $this->settings->setTransient($transient_name, $attempts, $time);
32	+ return $this->settings->getTransient($transient_name);
33	+ }
34	+
35	+ public function process($request) {
36	+ $params = $request->params;
37	+ $config = new BVWPLPConfig($this->db, $this->settings);
38	+ switch ($request->method) {
39	+ case "clrconfig":
40	+ $resp = array("clearconfig" => $config->clear());
41	+ break;
42	+ case "setmode":
43	+ $config->setMode($params['mode']);
44	+ $resp = array("setmode" => $config->getMode());
45	+ break;
46	+ case "setcaptchalimit":
47	+ $config->setCaptchaLimit($params['captcha_limit']);
48	+ $resp = array("captcha_limit" => $config->getCaptchaLimit());
49	+ break;
50	+ case "settmpblklimit":
51	+ $config->setTempBlockLimit($params['temp_block_limit']);
52	+ $resp = array("temp_block_limit" => $config->getTempBlockLimit());
53	+ break;
54	+ case "setblkalllimit":
55	+ $config->setBlockAllLimit($params['block_all_limit']);
56	+ $resp = array("block_all_limit" => $config->getBlockAllLimit());
57	+ break;
58	+ case "unblklogins":
59	+ $resp = array("unblocklogins" => $this->unBlockLogins());
60	+ break;
61	+ case "blklogins":
62	+ $time = array_key_exists('time', $params) ? $params['time'] : 1800;
63	+ $resp = array("blocklogins" => $this->blockLogins($time));
64	+ break;
65	+ case "unblkip":
66	+ $resp = array("unblockip" => $this->unBlockIP($params['ip'], $params['attempts'], $params['time']));
67	+ break;
68	+ default:
69	+ $resp = false;
70	+ }
71	+ return $resp;
72	+ }
73	+ }
74	+ endif;

callback/wings/manage.php ADDED Viewed

	@@ -0,0 +1,532 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVManageCallback')) :
5	+ class BVManageCallback extends BVCallbackBase {
6	+ public $settings;
7	+ public $skin;
8	+
9	+ public function __construct($callback_handler) {
10	+ $this->settings = $callback_handler->settings;
11	+ }
12	+
13	+ function getError($err) {
14	+ return $this->objectToArray($err);
15	+ }
16	+
17	+ function is_pantheon() {
18	+ return (!empty($_ENV['PANTHEON_ENVIRONMENT']) && $_ENV['PANTHEON_ENVIRONMENT'] !== 'dev');
19	+ }
20	+
21	+ function isServerWritable() {
22	+ if ($this->is_pantheon()) {
23	+ return false;
24	+ }
25	+
26	+ if ((!defined('FTP_HOST') \|\| !defined('FTP_USER')) && (get_filesystem_method(array(), false) != 'direct')) {
27	+ return false;
28	+ } else {
29	+ return true;
30	+ }
31	+ }
32	+
33	+ function include_files() {
34	+ @include_once ABSPATH.'wp-admin/includes/file.php';
35	+ @include_once ABSPATH.'wp-admin/includes/plugin.php';
36	+ @include_once ABSPATH.'wp-admin/includes/theme.php';
37	+ @include_once ABSPATH.'wp-admin/includes/misc.php';
38	+ @include_once ABSPATH.'wp-admin/includes/template.php';
39	+ @include_once ABSPATH.'wp-includes/pluggable.php';
40	+ @include_once ABSPATH.'wp-admin/includes/class-wp-upgrader.php';
41	+ @include_once ABSPATH.'wp-admin/includes/user.php';
42	+ @include_once ABSPATH.'wp-includes/registration.php';
43	+ @include_once ABSPATH.'wp-admin/includes/update.php';
44	+ @require_once ABSPATH.'wp-admin/includes/update-core.php';
45	+ }
46	+
47	+ function edit($args) {
48	+ $result = array();
49	+ if ($args['type'] == 'plugins') {
50	+ $result['plugins'] = $this->editPlugins($args);
51	+ } elseif ($args['type'] == 'themes') {
52	+ $result['themes'] = $this->editThemes($args);
53	+ } elseif ($args['type'] == 'users') {
54	+ $result['users'] = $this->editWpusers($args);
55	+ }
56	+ return $result;
57	+ }
58	+
59	+ function editPlugins($args) {
60	+ $result = array();
61	+ $plugins = $args['items'];
62	+ foreach ($plugins as $plugin) {
63	+ if (array_key_exists('network', $plugin)) {
64	+ $networkwide = $plugin['network'];
65	+ } else {
66	+ $networkwide = false;
67	+ }
68	+ switch ($args['action']) {
69	+ case 'activate':
70	+ $res = activate_plugin($plugin['file'], '', $networkwide);
71	+ break;
72	+ case 'deactivate':
73	+ $res = deactivate_plugins(array($plugin['file']), false, $networkwide);
74	+ break;
75	+ case 'delete':
76	+ $res = delete_plugins(array($plugin['file']));
77	+ break;
78	+ case 'deactivate_delete':
79	+ $res = deactivate_plugins(array($plugin['file']), false, $networkwide);
80	+ if ($res \|\| is_wp_error($res))
81	+ break;
82	+ $res = delete_plugins(array($plugin['file']));
83	+ default:
84	+ break;
85	+ }
86	+ if (is_wp_error($res)) {
87	+ $res = array('status' => "Error", 'message' => $res->get_error_message());
88	+ } elseif ($res === false) {
89	+ $res = array('status' => "Error", 'message' => "Failed to perform action.");
90	+ } else {
91	+ $res = array('status' => "Done");
92	+ }
93	+ $result[$plugin['file']] = $res;
94	+ }
95	+ return $result;
96	+ }
97	+
98	+ function editThemes($args) {
99	+ $result = array();
100	+ $themes = $args['items'];
101	+ foreach ($themes as $theme) {
102	+ switch ($args['action']) {
103	+ case 'activate':
104	+ $res = switch_theme($theme['template'], $theme['stylesheet']);
105	+ break;
106	+ case 'delete':
107	+ $res = delete_theme($theme['stylesheet']);
108	+ break;
109	+ default:
110	+ break;
111	+ }
112	+
113	+ if (is_wp_error($res)) {
114	+ $res = array('status' => "Error", 'message' => $res->get_error_message());
115	+ } elseif ($res === false) {
116	+ $res = array('status' => "Error", 'message' => "Failed to perform action.");
117	+ } else {
118	+ $res = array( 'status' => "Done");
119	+ }
120	+ $result[$theme['template']] = $res;
121	+ }
122	+ return $result;
123	+ }
124	+
125	+ function editWpusers($args) {
126	+ $result = array();
127	+ $items = $args['items'];
128	+ foreach ($items as $item) {
129	+ $res = array();
130	+ $user = get_user_by('id', $item['id']);
131	+ if ($user) {
132	+ switch ($args['action']) {
133	+ case 'changerole':
134	+ $data = array();
135	+ $data['role'] = $item['newrole'];
136	+ $data['ID'] = $user->ID;
137	+ $res = wp_update_user($data);
138	+ break;
139	+ case 'changepass':
140	+ $data = array();
141	+ $data['user_pass'] = $item['newpass'];
142	+ $data['ID'] = $user->ID;
143	+ $res = wp_update_user($data);
144	+ break;
145	+ case 'delete':
146	+ if (array_key_exists('reassign', $args)) {
147	+ $user_to = get_user_by('id', $args['reassign']);
148	+ if ($user_to != false) {
149	+ $res = wp_delete_user($user->ID, $user_to->ID);
150	+ } else {
151	+ $res = array('status' => "Error", 'message' => 'Reassigned user doesnot exists');
152	+ }
153	+ } else {
154	+ $res = wp_delete_user($user->ID);
155	+ }
156	+ break;
157	+ }
158	+ if (is_wp_error($res)) {
159	+ $res = array('status' => "Error", 'message' => $res->get_error_message());
160	+ } else {
161	+ $res = array( 'status' => "Done");
162	+ }
163	+ } else {
164	+ $res = array('status' => "Error", 'message' => "Unable to find user");
165	+ }
166	+ $result[$item['id']] = $res;
167	+ }
168	+ return $result;
169	+ }
170	+
171	+ function addUser($args) {
172	+ if (username_exists($args['user_login'])) {
173	+ return array('status' => "Error", 'message' => "Username already exists");
174	+ }
175	+ if (email_exists($args['user_email'])) {
176	+ return array('status' => "Error", 'message' => "Email already exists");
177	+ }
178	+ $result = wp_insert_user($args);
179	+ if ( !is_wp_error( $result ) ) {
180	+ return array('status' => "Done", 'user_id' => $result);
181	+ } else {
182	+ return array('status' => "Error", 'message' => $this->getError($result));
183	+ }
184	+ }
185	+
186	+ function upgrade($params = null, $has_bv_skin = false) {
187	+ $result = array();
188	+ $premium_upgrades = array();
189	+ if (array_key_exists('core', $params) && !empty($params['core'])) {
190	+ $result['core'] = $this->upgradeCore($params['core']);
191	+ }
192	+ if (array_key_exists('translations', $params) && !empty($params['translations'])) {
193	+ $result['translations'] = $this->upgradeTranslations($params['translations'], $has_bv_skin);
194	+ }
195	+ if (array_key_exists('plugins', $params) && !empty($params['plugins'])) {
196	+ $files = array();
197	+ foreach ($params['plugins'] as $plugin) {
198	+ $files[] = $plugin['file'];
199	+ }
200	+ if (!empty($files)) {
201	+ $result['plugins'] = $this->upgradePlugins($files, $has_bv_skin);
202	+ }
203	+ }
204	+ if (array_key_exists('themes', $params) && !empty($params['themes'])) {
205	+ $templates = array();
206	+ foreach ($params['themes'] as $theme) {
207	+ $templates[] = $theme['template'];
208	+ }
209	+ if (!empty($templates)) {
210	+ $result['themes'] = $this->upgradeThemes($templates, $has_bv_skin);
211	+ }
212	+ }
213	+ return $result;
214	+ }
215	+
216	+ function get_translation_updates() {
217	+ $updates = array();
218	+ $transients = array( 'update_core' => 'core', 'update_plugins' => 'plugin', 'update_themes' => 'theme' );
219	+ foreach ( $transients as $transient => $type ) {
220	+ $transient = $this->settings->getTransient( $transient );
221	+ if ( empty( $transient->translations ) )
222	+ continue;
223	+
224	+ foreach ( $transient->translations as $translation ) {
225	+ $updates[] = (object) $translation;
226	+ }
227	+ }
228	+ return $updates;
229	+ }
230	+
231	+ function upgradeTranslations($translations, $has_bv_skin = false) {
232	+ $language_updates = $this->get_translation_updates();
233	+ $valid_updates = array();
234	+ $result = array();
235	+ if (!empty($language_updates)) {
236	+ foreach($language_updates as $update) {
237	+ if ($update && in_array($update->package, $translations)) {
238	+ $valid_updates[] = $update;
239	+ }
240	+ }
241	+ }
242	+ if (!empty($valid_updates)) {
243	+ if (class_exists('Language_Pack_Upgrader')) {
244	+ if ($has_bv_skin) {
245	+ require_once( "bv_upgrader_skin.php" );
246	+ $skin = new BVUpgraderSkin("upgrade_translations");
247	+ $this->skin = $skin;
248	+ } else {
249	+ $skin = new Language_Pack_Upgrader_Skin(array());
250	+ }
251	+ $upgrader = new Language_Pack_Upgrader($skin);
252	+ $result = $upgrader->bulk_upgrade($valid_updates);
253	+ if (is_array($result) && !empty($result)) {
254	+ foreach ($result as $translate_tmp => $translate_info) {
255	+ if (is_wp_error($translate_info) \|\| empty($translate_info)) {
256	+ $error = (!empty($translate_info)) ? is_wp_error($translate_info) : "Upgrade failed";
257	+ return array('status' => "Error", 'message' => $error);
258	+ }
259	+ }
260	+ }
261	+ return array('status' => "Done");
262	+ }
263	+ }
264	+ return array('status' => "Error", 'message' => "Upgrade failed");
265	+ }
266	+
267	+ function upgradeCore($args) {
268	+ global $wp_filesystem, $wp_version;
269	+ $core = $this->settings->getTransient('update_core');
270	+ $core_update_index = intval($args['coreupdateindex']);
271	+ if (isset($core->updates) && !empty($core->updates)) {
272	+ $to_update = $core->updates[$core_update_index];
273	+ } else {
274	+ return array('status' => "Error", "message" => "Updates not available");
275	+ }
276	+ $resp = array("Core_Upgrader", class_exists('Core_Upgrader'));
277	+ if (version_compare($wp_version, '3.1.9', '>')) {
278	+ $core = new Core_Upgrader();
279	+ $result = $core->upgrade($to_update);
280	+ if (is_wp_error($result)) {
281	+ return array('status' => "Error", "message" => $this->getError($result));
282	+ } else {
283	+ return array('status' => 'Done');
284	+ }
285	+ } else {
286	+ $resp = array("wp_update_core", function_exists('wp_update_core'));
287	+ if (function_exists('wp_update_core')) {
288	+ $result = wp_update_core($to_update);
289	+ if (is_wp_error($result)) {
290	+ return array('status' => "Error", "message" => $this->getError($result));
291	+ } else {
292	+ return array('status' => 'Done');
293	+ }
294	+ }
295	+
296	+ $resp = array("WP_Upgrader", class_exists('WP_Upgrader'));
297	+ if (class_exists('WP_Upgrader')) {
298	+ $upgrader = new WP_Upgrader();
299	+
300	+ $res = $upgrader->fs_connect(
301	+ array(
302	+ ABSPATH,
303	+ WP_CONTENT_DIR,
304	+ )
305	+ );
306	+ if (is_wp_error($res)) {
307	+ return array('status' => "Error", "message" => $this->getError($res));
308	+ }
309	+
310	+ $wp_dir = trailingslashit($wp_filesystem->abspath());
311	+
312	+ $core_package = false;
313	+ if (isset($to_update->package) && !empty($to_update->package)) {
314	+ $core_package = $to_update->package;
315	+ } elseif (isset($to_update->packages->full) && !empty($to_update->packages->full)) {
316	+ $core_package = $to_update->packages->full;
317	+ }
318	+
319	+ $download = $upgrader->download_package($core_package);
320	+ if (is_wp_error($download)) {
321	+ return array('status' => "Error", "message" => $this->getError($download));
322	+ }
323	+ $working_dir = $upgrader->unpack_package($download);
324	+ if (is_wp_error($working_dir)) {
325	+ return array('status' => "Error", "message" => $this->getError($working_dir));
326	+ }
327	+
328	+ if (!$wp_filesystem->copy($working_dir.'/wordpress/wp-admin/includes/update-core.php', $wp_dir.'wp-admin/includes/update-core.php', true)) {
329	+ $wp_filesystem->delete($working_dir, true);
330	+ return array('status' => "Error", "message" => "Unable to move files.");
331	+ }
332	+
333	+ $wp_filesystem->chmod($wp_dir.'wp-admin/includes/update-core.php', FS_CHMOD_FILE);
334	+
335	+ $result = update_core($working_dir, $wp_dir);
336	+
337	+ if (is_wp_error($result)) {
338	+ return array('status' => "Error", "message" => $this->getError($result));
339	+ }
340	+ return array('status' => 'Done');
341	+ }
342	+ }
343	+ }
344	+
345	+ function upgradePlugins($plugins, $has_bv_skin = false) {
346	+ $result = array();
347	+ if (class_exists('Plugin_Upgrader')) {
348	+ if ($has_bv_skin) {
349	+ require_once( "bv_upgrader_skin.php" );
350	+ $skin = new BVUpgraderSkin("plugin_upgrade");
351	+ $this->skin = $skin;
352	+ } else {
353	+ $skin = new Bulk_Plugin_Upgrader_Skin();
354	+ }
355	+ $upgrader = new Plugin_Upgrader($skin);
356	+ $result = $upgrader->bulk_upgrade($plugins);
357	+ }
358	+ foreach($plugins as $file) {
359	+ $res = $result[$file];
360	+ if (!$res \|\| is_wp_error($res)) {
361	+ $result[$file] = array('status' => "Error");
362	+ } else {
363	+ $result[$file] = array('status' => "Done");
364	+ }
365	+ }
366	+ return $result;
367	+ }
368	+
369	+ function upgradeThemes($themes, $has_bv_skin = false) {
370	+ $result = array();
371	+ if (class_exists('Theme_Upgrader')) {
372	+ if ($has_bv_skin) {
373	+ require_once( "bv_upgrader_skin.php" );
374	+ $skin = new BVUpgraderSkin("theme_upgrade");
375	+ $this->skin = $skin;
376	+ } else {
377	+ $skin = new Bulk_Theme_Upgrader_Skin();
378	+ }
379	+ $upgrader = new Theme_Upgrader($skin);
380	+ $result = $upgrader->bulk_upgrade($themes);
381	+ }
382	+ foreach($themes as $template) {
383	+ $res = $result[$template];
384	+ if (!$res \|\| is_wp_error($res)) {
385	+ $result[$template] = array('status' => "Error");
386	+ } else {
387	+ $result[$template] = array('status' => "Done");
388	+ }
389	+ }
390	+ return $result;
391	+ }
392	+
393	+ function install($params, $has_bv_skin = false) {
394	+ $result = array();
395	+ if (isset($params['plugins'])) {
396	+ foreach ($params['plugins'] as $plugin) {
397	+ if (!array_key_exists('plugins', $result))
398	+ $result["plugins"] = array();
399	+ $plugin['dest'] = WP_PLUGIN_DIR;
400	+ $res = $this->installPackage($plugin, $has_bv_skin);
401	+ $pluginName = $plugin['package'];
402	+ $result["plugins"][$pluginName] = $res;
403	+ }
404	+ }
405	+ if (isset($params['themes'])) {
406	+ foreach ($params['themes'] as $theme) {
407	+ if (!array_key_exists('themes', $result))
408	+ $result["themes"] = array();
409	+ $theme['dest'] = WP_CONTENT_DIR.'/themes';
410	+ $res = $this->installPackage($theme, $has_bv_skin);
411	+ $themeName = $theme['package'];
412	+ $result["themes"][$themeName] = $res;
413	+ }
414	+ }
415	+ return $result;
416	+ }
417	+
418	+ function installPackage($params, $has_bv_skin = false) {
419	+ global $wp_filesystem;
420	+
421	+ if (!isset($params['package']) \|\| empty($params['package'])) {
422	+ return array('status' => "Error", 'message' => "No package is sent");
423	+ }
424	+ $valid_domain_regex = "/^(http\|https):\/\/[\-\w]*\.(blogvault\.net\|w\.org\|wp\.org\|wordpress\.org)\//";
425	+ if (preg_match($valid_domain_regex, $params['package']) !== 1) {
426	+ return array('status' => "Error", 'message' => "Invalid package domain");
427	+ }
428	+ if ($has_bv_skin) {
429	+ require_once( "bv_upgrader_skin.php" );
430	+ $skin = new BVUpgraderSkin("installer", $params['package']);
431	+ $this->skin = $skin;
432	+ } else {
433	+ $skin = new WP_Upgrader_Skin();
434	+ }
435	+ $upgrader = new WP_Upgrader($skin);
436	+ $upgrader->init();
437	+ $destination = $params['dest'];
438	+ $clear_destination = isset($params['cleardest']) ? $params['cleardest'] : false;
439	+ $package_url = $params['package'];
440	+ $key = basename($package_url);
441	+ $res = $upgrader->run(
442	+ array(
443	+ 'package' => $package_url,
444	+ 'destination' => $destination,
445	+ 'clear_destination' => $clear_destination,
446	+ 'clear_working' => true,
447	+ 'hook_extra' => array(),
448	+ )
449	+ );
450	+ if (is_wp_error($res)) {
451	+ $res = array('status' => "Error", 'message' => $this->getError($res));
452	+ } else {
453	+ $res = array( 'status' => "Done");
454	+ }
455	+ return $res;
456	+ }
457	+
458	+ function getPremiumUpdates() {
459	+ return apply_filters( 'mwp_premium_update_notification', array() );
460	+ }
461	+
462	+ function getPremiumUpgradesInfo() {
463	+ return apply_filters( 'mwp_premium_perform_update', array() );
464	+ }
465	+
466	+ function autoLogin($username, $isHttps) {
467	+ $user = get_user_by('login', $username);
468	+ if ($user != FALSE) {
469	+ wp_set_current_user( $user->ID );
470	+ if ($isHttps) {
471	+ wp_set_auth_cookie( $user->ID, false, true );
472	+ } else {
473	+ # As we are not sure about wp-cofig.php settings for sure login
474	+ wp_set_auth_cookie( $user->ID, false, true );
475	+ wp_set_auth_cookie( $user->ID, false, false );
476	+ }
477	+ $redirect_to = get_admin_url();
478	+ wp_safe_redirect( $redirect_to );
479	+ exit;
480	+ }
481	+ }
482	+
483	+ function process($request) {
484	+ global $wp_filesystem;
485	+ $this->include_files();
486	+
487	+ if (!$this->is_pantheon() && !$wp_filesystem) {
488	+ WP_Filesystem();
489	+ }
490	+
491	+ $params = $request->params;
492	+ $resp = array();
493	+ switch ($request->method) {
494	+ case "adusr":
495	+ $resp = array("adduser" => $this->addUser($params['args']));
496	+ break;
497	+ case "upgrde":
498	+ $has_bv_skin = array_key_exists('bvskin', $params);
499	+ $resp = array("upgrades" => $this->upgrade($params['args'], $has_bv_skin));
500	+ break;
501	+ case "edt":
502	+ $resp = array("edit" => $this->edit($params['args']));
503	+ break;
504	+ case "instl":
505	+ $has_bv_skin = array_key_exists('bvskin', $params);
506	+ $resp = array("install" => $this->install($params['args'], $has_bv_skin));
507	+ break;
508	+ case "getpremiumupdates":
509	+ $resp = array("premiumupdates" => $this->getPremiumUpdates());
510	+ break;
511	+ case "getpremiumupgradesinfo":
512	+ $resp = array("premiumupgradesinfo" => $this->getPremiumUpgradesInfo());
513	+ break;
514	+ case "wrteble":
515	+ $resp = array("writeable" => $this->isServerWritable());
516	+ break;
517	+ case "atolgn":
518	+ $isHttps = false;
519	+ if (array_key_exists('https', $params))
520	+ $isHttps = true;
521	+ $resp = array("autologin" => $this->autoLogin($params['username'], $isHttps));
522	+ break;
523	+ default:
524	+ $resp = false;
525	+ }
526	+ if ($this->skin && is_array($resp)) {
527	+ $resp = array_merge($resp, $this->skin->status);
528	+ }
529	+ return $resp;
530	+ }
531	+ }
532	+ endif;

callback/wings/misc.php ADDED Viewed

	@@ -0,0 +1,89 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVMiscCallback')) :
5	+
6	+ class BVMiscCallback extends BVCallbackBase {
7	+ public $settings;
8	+ public $bvinfo;
9	+ public $siteinfo;
10	+ public $account;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->settings = $callback_handler->settings;
14	+ $this->siteinfo = $callback_handler->siteinfo;
15	+ $this->account = $callback_handler->account;
16	+ $this->bvinfo = new WPRInfo($callback_handler->settings);
17	+ }
18	+
19	+ public function process($request) {
20	+ $bvinfo = $this->bvinfo;
21	+ $settings = $this->settings;
22	+ $params = $request->params;
23	+ switch ($request->method) {
24	+ case "dummyping":
25	+ $resp = array();
26	+ $resp = array_merge($resp, $this->siteinfo->respInfo());
27	+ $resp = array_merge($resp, $this->account->respInfo());
28	+ $resp = array_merge($resp, $this->bvinfo->respInfo());
29	+ break;
30	+ case "enablebadge":
31	+ $option = $bvinfo->badgeinfo;
32	+ $badgeinfo = array();
33	+ $badgeinfo['badgeurl'] = $params['badgeurl'];
34	+ $badgeinfo['badgeimg'] = $params['badgeimg'];
35	+ $badgeinfo['badgealt'] = $params['badgealt'];
36	+ $settings->updateOption($option, $badgeinfo);
37	+ $resp = array("status" => $settings->getOption($option));
38	+ break;
39	+ case "disablebadge":
40	+ $option = $bvinfo->badgeinfo;
41	+ $settings->deleteOption($option);
42	+ $resp = array("status" => !$settings->getOption($option));
43	+ break;
44	+ case "getoption":
45	+ $resp = array('getoption' => $settings->getOption($params['opkey']));
46	+ break;
47	+ case "setdynplug":
48	+ $settings->updateOption('bvdynplug', $params['dynplug']);
49	+ $resp = array("setdynplug" => $settings->getOption('bvdynplug'));
50	+ break;
51	+ case "unsetdynplug":
52	+ $settings->deleteOption('bvdynplug');
53	+ $resp = array("unsetdynplug" => $settings->getOption('bvdynplug'));
54	+ break;
55	+ case "setptplug":
56	+ $settings->updateOption('bvptplug', $params['ptplug']);
57	+ $resp = array("setptplug" => $settings->getOption('bvptplug'));
58	+ break;
59	+ case "unsetptplug":
60	+ $settings->deleteOption('bvptlug');
61	+ $resp = array("unsetptplug" => $settings->getOption('bvptlug'));
62	+ break;
63	+ case "wpupplgs":
64	+ $resp = array("wpupdateplugins" => wp_update_plugins());
65	+ break;
66	+ case "wpupthms":
67	+ $resp = array("wpupdatethemes" => wp_update_themes());
68	+ break;
69	+ case "wpupcre":
70	+ $resp = array("wpupdatecore" => wp_version_check());
71	+ break;
72	+ case "rmmonitime":
73	+ $this->settings->deleteOption('bvmonittime');
74	+ $resp = array("rmmonitime" => !$bvinfo->getMonitTime());
75	+ break;
76	+ case "phpinfo":
77	+ phpinfo();
78	+ die();
79	+ break;
80	+ case "dlttrsnt":
81	+ $resp = array("dlttrsnt" => $settings->deleteTransient($params['key']));
82	+ break;
83	+ default:
84	+ $resp = false;
85	+ }
86	+ return $resp;
87	+ }
88	+ }
89	+ endif;

callback/wings/monit.php ADDED Viewed

	@@ -0,0 +1,92 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVMonitCallback')) :
5	+
6	+ class BVMonitCallback extends BVCallbackBase {
7	+ public $db;
8	+ public $settings;
9	+
10	+ public function __construct($callback_handler) {
11	+ $this->db = $callback_handler->db;
12	+ $this->settings = $callback_handler->settings;
13	+ }
14	+
15	+ public function getData($table, $limit = 0, $filter = "") {
16	+ $result = array();
17	+ $data = array();
18	+ $rows = $this->db->getTableContent($table, '*', $filter, $limit);
19	+ $last_id = 0;
20	+ foreach ($rows as $row) {
21	+ $result[] = $row;
22	+ $last_id = $row['id'];
23	+ }
24	+ $data['last_id'] = $last_id;
25	+ $data['rows'] = $result;
26	+ return $data;
27	+ }
28	+
29	+ public function deleteBvDynamicEvents($filter = "") {
30	+ $name = BVWPDynSync::$dynsync_table;
31	+ return $this->db->deleteBVTableContent($name, $filter);
32	+ }
33	+
34	+ public function setMonitTime() {
35	+ return $this->settings->updateOption('bvmonittime', time());
36	+ }
37	+
38	+ public function process($request) {
39	+ $db = $this->db;
40	+ $settings = $this->settings;
41	+ $this->setMonitTime();
42	+ $params = $request->params;
43	+ switch ($request->method) {
44	+ case "getdata":
45	+ $resp = array();
46	+ if (array_key_exists('lp', $params)) {
47	+ require_once dirname( __FILE__ ) . '/../../protect/wp_lp/config.php';
48	+ $lp_params = $params['lp'];
49	+ $limit = intval(urldecode($lp_params['limit']));
50	+ $filter = urldecode($lp_params['filter']);
51	+ $db->deleteBVTableContent(BVWPLPConfig::$requests_table, $lp_params['rmfilter']);
52	+ $table = $db->getBVTable(BVWPLPConfig::$requests_table);
53	+ $resp["lplogs"] = $this->getData($table, $limit, $filter);
54	+ }
55	+ if (array_key_exists('fw', $params)) {
56	+ require_once dirname( __FILE__ ) . '/../../protect/wp_fw/config.php';
57	+ $fw_params = $params['fw'];
58	+ $limit = intval(urldecode($fw_params['limit']));
59	+ $filter = urldecode($fw_params['filter']);
60	+ $db->deleteBVTableContent(BVWPFWConfig::$requests_table, $fw_params['rmfilter']);
61	+ $table = $db->getBVTable(BVWPFWConfig::$requests_table);
62	+ $resp["fwlogs"] = $this->getData($table, $limit, $filter);
63	+ }
64	+ if (array_key_exists('dynevent', $params)) {
65	+ require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
66	+ $isdynsyncactive = $settings->getOption('bvDynSyncActive');
67	+ if ($isdynsyncactive == 'yes') {
68	+ $limit = intval(urldecode($params['limit']));
69	+ $filter = urldecode($params['filter']);
70	+ $this->deleteBvDynamicEvents($params['rmfilter']);
71	+ $table = $db->getBVTable(BVWPDynSync::$dynsync_table);
72	+ $data = $this->getData($table, $limit, $filter);
73	+ $resp['last_id'] = $data['last_id'];
74	+ $resp['events'] = $data['rows'];
75	+ $resp['timestamp'] = time();
76	+ $resp["status"] = true;
77	+ }
78	+ }
79	+ $resp["status"] = "done";
80	+ break;
81	+ case "rmdata":
82	+ require_once dirname( __FILE__ ) . '/../../wp_dynsync.php';
83	+ $filter = urldecode($params['filter']);
84	+ $resp = array("status" => $this->deleteBvDynamicEvents($filter));
85	+ break;
86	+ default:
87	+ $resp = false;
88	+ }
89	+ return $resp;
90	+ }
91	+ }
92	+ endif;

callback/wings/protect.php ADDED Viewed

	@@ -0,0 +1,72 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVProtectCallback')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/../../protect/protect.php';
7	+
8	+ class BVProtectCallback extends BVCallbackBase {
9	+ public $db;
10	+ public $settings;
11	+
12	+ public function __construct($callback_handler) {
13	+ $this->db = $callback_handler->db;
14	+ $this->settings = $callback_handler->settings;
15	+ }
16	+
17	+ public function process($request) {
18	+ $bvinfo = new WPRInfo($this->settings);
19	+ $protect = new BVProtect($this->db, $this->settings);
20	+ $params = $request->params;
21	+ switch ($request->method) {
22	+ case "gtipprobeinfo":
23	+ $resp = array();
24	+ $headers = $params['hdrs'];
25	+ $hdrsinfo = array();
26	+ if ($headers && is_array($headers)) {
27	+ foreach($headers as $hdr) {
28	+ if (array_key_exists($hdr, $_SERVER)) {
29	+ $hdrsinfo[$hdr] = $_SERVER[$hdr];
30	+ }
31	+ }
32	+ }
33	+ $resp["hdrsinfo"] = $hdrsinfo;
34	+ if ($iphdr = $this->settings->getOption($bvinfo->ip_header_option)) {
35	+ $resp["iphdr"] = $iphdr;
36	+ }
37	+ break;
38	+ case "gtraddr":
39	+ $raddr = array_key_exists('REMOTE_ADDR', $_SERVER) ? $_SERVER['REMOTE_ADDR'] : false;
40	+ $resp = array("raddr" => $raddr);
41	+ break;
42	+ case "gtallhdrs":
43	+ $data = (function_exists('getallheaders')) ? getallheaders() : false;
44	+ $resp = array("allhdrs" => $data);
45	+ break;
46	+ case "gtsvr":
47	+ $resp = array("svr" => $_SERVER);
48	+ break;
49	+ case "gtip":
50	+ $resp = array("ip" => $protect->getIP());
51	+ break;
52	+ case "stiphdr":
53	+ $option_name = $bvinfo->ip_header_option;
54	+ $iphdr = array('hdr' => $params['hdr'], 'pos' => $params['pos']);
55	+ $this->settings->updateOption($option_name, $iphdr);
56	+ $resp = array("iphdr" => $this->settings->getOption($option_name));
57	+ break;
58	+ case "gtiphdr":
59	+ $resp = array("iphdr" => $this->settings->getOption($bvinfo->ip_header_option));
60	+ break;
61	+ case "rmiphdr":
62	+ $option_name = $bvinfo->ip_header_option;
63	+ $this->settings->deleteOption($option_name);
64	+ $resp = array("iphdr" => $this->settings->getOption($option_name));
65	+ break;
66	+ default:
67	+ $resp = false;
68	+ }
69	+ return $resp;
70	+ }
71	+ }
72	+ endif;

css/bvmui.min.css ADDED Viewed

	@@ -0,0 +1 @@

+ /*! normalize.css v5.0.0 | MIT License | github.com/necolas/normalize.css */.mui-appbar{background-color:#2196f3;color:#FFF}.mui-btn{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase;color:rgba(0,0,0,0.87);background-color:#FFF;-webkit-transition:all .2s ease-in-out;transition:all .2s ease-in-out;display:inline-block;height:36px;padding:0 26px;margin:6px 0;border:0;border-radius:2px;cursor:pointer;-ms-touch-action:manipulation;touch-action:manipulation;background-image:none;text-align:center;line-height:36px;vertical-align:middle;white-space:nowrap;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;font-size:14px;font-family:inherit;letter-spacing:.03em;position:relative;overflow:hidden}.mui-btn:hover,.mui-btn:focus,.mui-btn:active{color:rgba(0,0,0,0.87);background-color:white}.mui-btn[disabled]:hover,.mui-btn[disabled]:focus,.mui-btn[disabled]:active{color:rgba(0,0,0,0.87);background-color:#FFF}.mui-btn.mui-btn--flat{color:rgba(0,0,0,0.87);background-color:transparent}.mui-btn.mui-btn--flat:hover,.mui-btn.mui-btn--flat:focus,.mui-btn.mui-btn--flat:active{color:rgba(0,0,0,0.87);background-color:#f2f2f2}.mui-btn.mui-btn--flat[disabled]:hover,.mui-btn.mui-btn--flat[disabled]:focus,.mui-btn.mui-btn--flat[disabled]:active{color:rgba(0,0,0,0.87);background-color:transparent}.mui-btn:hover,.mui-btn:focus,.mui-btn:active{outline:0;text-decoration:none;color:rgba(0,0,0,0.87)}.mui-btn:hover,.mui-btn:focus{-webkit-box-shadow:0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:hover,.mui-btn:focus{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}}@supports(-ms-ime-align:auto){.mui-btn:hover,.mui-btn:focus{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}}.mui-btn:active:hover{-webkit-box-shadow:0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn:active:hover{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}}@supports(-ms-ime-align:auto){.mui-btn:active:hover{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}}.mui-btn:disabled,.mui-btn.mui--is-disabled{cursor:not-allowed;pointer-events:none;opacity:.60;-webkit-box-shadow:none;box-shadow:none}.mui-btn+.mui-btn{margin-left:8px}.mui-btn--flat{background-color:transparent}.mui-btn--flat:hover,.mui-btn--flat:focus,.mui-btn--flat:active,.mui-btn--flat:active:hover{-webkit-box-shadow:none;box-shadow:none;background-color:#f2f2f2}.mui-btn--raised,.mui-btn--fab{-webkit-box-shadow:0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--raised,.mui-btn--fab{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}}@supports(-ms-ime-align:auto){.mui-btn--raised,.mui-btn--fab{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 2px rgba(0,0,0,0.12),0 2px 2px rgba(0,0,0,0.2)}}.mui-btn--raised:active,.mui-btn--fab:active{-webkit-box-shadow:0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-btn--raised:active,.mui-btn--fab:active{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}}@supports(-ms-ime-align:auto){.mui-btn--raised:active,.mui-btn--fab:active{-webkit-box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2);box-shadow:0 -1px 2px rgba(0,0,0,0.12),-1px 0 2px rgba(0,0,0,0.12),0 0 4px rgba(0,0,0,0.12),1px 3px 4px rgba(0,0,0,0.2)}}.mui-btn--fab{position:relative;padding:0;width:55px;height:55px;line-height:55px;border-radius:50%;z-index:1}.mui-btn--primary{color:#FFF;background-color:#2196f3}.mui-btn--primary:hover,.mui-btn--primary:focus,.mui-btn--primary:active{color:#FFF;background-color:#39a1f4}.mui-btn--primary[disabled]:hover,.mui-btn--primary[disabled]:focus,.mui-btn--primary[disabled]:active{color:#FFF;background-color:#2196f3}.mui-btn--primary.mui-btn--flat{color:#2196f3;background-color:transparent}.mui-btn--primary.mui-btn--flat:hover,.mui-btn--primary.mui-btn--flat:focus,.mui-btn--primary.mui-btn--flat:active{color:#2196f3;background-color:#f2f2f2}.mui-btn--primary.mui-btn--flat[disabled]:hover,.mui-btn--primary.mui-btn--flat[disabled]:focus,.mui-btn--primary.mui-btn--flat[disabled]:active{color:#2196f3;background-color:transparent}.mui-btn--dark{color:#FFF;background-color:#424242}.mui-btn--dark:hover,.mui-btn--dark:focus,.mui-btn--dark:active{color:#FFF;background-color:#4f4f4f}.mui-btn--dark[disabled]:hover,.mui-btn--dark[disabled]:focus,.mui-btn--dark[disabled]:active{color:#FFF;background-color:#424242}.mui-btn--dark.mui-btn--flat{color:#424242;background-color:transparent}.mui-btn--dark.mui-btn--flat:hover,.mui-btn--dark.mui-btn--flat:focus,.mui-btn--dark.mui-btn--flat:active{color:#424242;background-color:#f2f2f2}.mui-btn--dark.mui-btn--flat[disabled]:hover,.mui-btn--dark.mui-btn--flat[disabled]:focus,.mui-btn--dark.mui-btn--flat[disabled]:active{color:#424242;background-color:transparent}.mui-btn--danger{color:#FFF;background-color:#f44336}.mui-btn--danger:hover,.mui-btn--danger:focus,.mui-btn--danger:active{color:#FFF;background-color:#f55a4e}.mui-btn--danger[disabled]:hover,.mui-btn--danger[disabled]:focus,.mui-btn--danger[disabled]:active{color:#FFF;background-color:#f44336}.mui-btn--danger.mui-btn--flat{color:#f44336;background-color:transparent}.mui-btn--danger.mui-btn--flat:hover,.mui-btn--danger.mui-btn--flat:focus,.mui-btn--danger.mui-btn--flat:active{color:#f44336;background-color:#f2f2f2}.mui-btn--danger.mui-btn--flat[disabled]:hover,.mui-btn--danger.mui-btn--flat[disabled]:focus,.mui-btn--danger.mui-btn--flat[disabled]:active{color:#f44336;background-color:transparent}.mui-btn--accent{color:#FFF;background-color:#ff4081}.mui-btn--accent:hover,.mui-btn--accent:focus,.mui-btn--accent:active{color:#FFF;background-color:#ff5a92}.mui-btn--accent[disabled]:hover,.mui-btn--accent[disabled]:focus,.mui-btn--accent[disabled]:active{color:#FFF;background-color:#ff4081}.mui-btn--accent.mui-btn--flat{color:#ff4081;background-color:transparent}.mui-btn--accent.mui-btn--flat:hover,.mui-btn--accent.mui-btn--flat:focus,.mui-btn--accent.mui-btn--flat:active{color:#ff4081;background-color:#f2f2f2}.mui-btn--accent.mui-btn--flat[disabled]:hover,.mui-btn--accent.mui-btn--flat[disabled]:focus,.mui-btn--accent.mui-btn--flat[disabled]:active{color:#ff4081;background-color:transparent}.mui-btn--small{height:30.6px;line-height:30.6px;padding:0 16px;font-size:13px}.mui-btn--large{height:54px;line-height:54px;padding:0 26px;font-size:14px}.mui-btn--fab.mui-btn--small{width:44px;height:44px;line-height:44px}.mui-btn--fab.mui-btn--large{width:75px;height:75px;line-height:75px}.mui-radio,.mui-checkbox{position:relative;display:block;margin-top:10px;margin-bottom:10px}.mui-radio>label,.mui-checkbox>label{min-height:20px;padding-left:20px;margin-bottom:0;font-weight:normal;cursor:pointer}.mui-radio input:disabled,.mui-checkbox input:disabled{cursor:not-allowed}.mui-radio input:focus,.mui-checkbox input:focus{outline:thin dotted;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}.mui-radio>label>input[type="radio"],.mui-radio--inline>label>input[type="radio"],.mui-checkbox>label>input[type="checkbox"],.mui-checkbox--inline>label>input[type="checkbox"]{position:absolute;margin-left:-20px;margin-top:4px}.mui-radio+.mui-radio,.mui-checkbox+.mui-checkbox{margin-top:-5px}.mui-radio--inline,.mui-checkbox--inline{display:inline-block;padding-left:20px;margin-bottom:0;vertical-align:middle;font-weight:normal;cursor:pointer}.mui-radio--inline>input[type="radio"],.mui-radio--inline>input[type="checkbox"],.mui-radio--inline>label>input[type="radio"],.mui-radio--inline>label>input[type="checkbox"],.mui-checkbox--inline>input[type="radio"],.mui-checkbox--inline>input[type="checkbox"],.mui-checkbox--inline>label>input[type="radio"],.mui-checkbox--inline>label>input[type="checkbox"]{margin:4px 0 0;line-height:normal}.mui-radio--inline+.mui-radio--inline,.mui-checkbox--inline+.mui-checkbox--inline{margin-top:0;margin-left:10px}.mui-container{-webkit-box-sizing:border-box;box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container:before,.mui-container:after{content:" ";display:table}.mui-container:after{clear:both}@media(min-width:544px){.mui-container{max-width:570px}}@media(min-width:768px){.mui-container{max-width:740px}}@media(min-width:992px){.mui-container{max-width:960px}}@media(min-width:1200px){.mui-container{max-width:1170px}}.mui-container-fluid{-webkit-box-sizing:border-box;box-sizing:border-box;margin-right:auto;margin-left:auto;padding-left:15px;padding-right:15px}.mui-container-fluid:before,.mui-container-fluid:after{content:" ";display:table}.mui-container-fluid:after{clear:both}.mui-divider{display:block;height:1px;background-color:rgba(0,0,0,0.12)}.mui--divider-top{border-top:1px solid rgba(0,0,0,0.12)}.mui--divider-bottom{border-bottom:1px solid rgba(0,0,0,0.12)}.mui--divider-left{border-left:1px solid rgba(0,0,0,0.12)}.mui--divider-right{border-right:1px solid rgba(0,0,0,0.12)}.mui-dropdown{display:inline-block;position:relative}[data-mui-toggle="dropdown"]{outline:0}.mui-dropdown__menu{position:absolute;top:100%;left:0;display:none;min-width:160px;padding:5px 0;margin:2px 0 0;list-style:none;font-size:14px;text-align:left;background-color:#FFF;border-radius:2px;z-index:1;background-clip:padding-box}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,0.12);border-left:1px solid rgba(0,0,0,0.12)}}@supports(-ms-ime-align:auto){.mui-dropdown__menu{border-top:1px solid rgba(0,0,0,0.12);border-left:1px solid rgba(0,0,0,0.12)}}.mui-dropdown__menu.mui--is-open{display:block}.mui-dropdown__menu>li>a{display:block;padding:3px 20px;clear:both;font-weight:normal;line-height:1.429;color:rgba(0,0,0,0.87);text-decoration:none;white-space:nowrap}.mui-dropdown__menu>li>a:hover,.mui-dropdown__menu>li>a:focus{text-decoration:none;color:rgba(0,0,0,0.87);background-color:#eee}.mui-dropdown__menu>.mui--is-disabled>a,.mui-dropdown__menu>.mui--is-disabled>a:hover,.mui-dropdown__menu>.mui--is-disabled>a:focus{color:#eee}.mui-dropdown__menu>.mui--is-disabled>a:hover,.mui-dropdown__menu>.mui--is-disabled>a:focus{text-decoration:none;background-color:transparent;background-image:none;cursor:not-allowed}.mui-dropdown__menu--right{left:auto;right:0}.mui-form legend{display:block;width:100%;padding:0;margin-bottom:10px;font-size:21px;color:rgba(0,0,0,0.87);line-height:inherit;border:0}.mui-form fieldset{border:0;padding:0;margin:0 0 20px 0}@media(min-width:544px){.mui-form--inline .mui-textfield{display:inline-block;vertical-align:bottom;margin-bottom:0}.mui-form--inline .mui-radio,.mui-form--inline .mui-checkbox{display:inline-block;margin-top:0;margin-bottom:0;vertical-align:middle}.mui-form--inline .mui-radio>label,.mui-form--inline .mui-checkbox>label{padding-left:0}.mui-form--inline .mui-radio>label>input[type="radio"],.mui-form--inline .mui-checkbox>label>input[type="checkbox"]{position:relative;margin-left:0}.mui-form--inline .mui-select{display:inline-block;vertical-align:bottom;margin-bottom:0}.mui-form--inline .mui-btn{margin-bottom:0;margin-top:0;vertical-align:bottom}}.mui-row{margin-left:-15px;margin-right:-15px}.mui-row:before,.mui-row:after{content:" ";display:table}.mui-row:after{clear:both}.mui-col-xs-1,.mui-col-sm-1,.mui-col-md-1,.mui-col-lg-1,.mui-col-xs-2,.mui-col-sm-2,.mui-col-md-2,.mui-col-lg-2,.mui-col-xs-3,.mui-col-sm-3,.mui-col-md-3,.mui-col-lg-3,.mui-col-xs-4,.mui-col-sm-4,.mui-col-md-4,.mui-col-lg-4,.mui-col-xs-5,.mui-col-sm-5,.mui-col-md-5,.mui-col-lg-5,.mui-col-xs-6,.mui-col-sm-6,.mui-col-md-6,.mui-col-lg-6,.mui-col-xs-7,.mui-col-sm-7,.mui-col-md-7,.mui-col-lg-7,.mui-col-xs-8,.mui-col-sm-8,.mui-col-md-8,.mui-col-lg-8,.mui-col-xs-9,.mui-col-sm-9,.mui-col-md-9,.mui-col-lg-9,.mui-col-xs-10,.mui-col-sm-10,.mui-col-md-10,.mui-col-lg-10,.mui-col-xs-11,.mui-col-sm-11,.mui-col-md-11,.mui-col-lg-11,.mui-col-xs-12,.mui-col-sm-12,.mui-col-md-12,.mui-col-lg-12{-webkit-box-sizing:border-box;box-sizing:border-box;min-height:1px;padding-left:15px;padding-right:15px}.mui-col-xs-1,.mui-col-xs-2,.mui-col-xs-3,.mui-col-xs-4,.mui-col-xs-5,.mui-col-xs-6,.mui-col-xs-7,.mui-col-xs-8,.mui-col-xs-9,.mui-col-xs-10,.mui-col-xs-11,.mui-col-xs-12{float:left}.mui-col-xs-1{width:8.33333%}.mui-col-xs-2{width:16.66667%}.mui-col-xs-3{width:25%}.mui-col-xs-4{width:33.33333%}.mui-col-xs-5{width:41.66667%}.mui-col-xs-6{width:50%}.mui-col-xs-7{width:58.33333%}.mui-col-xs-8{width:66.66667%}.mui-col-xs-9{width:75%}.mui-col-xs-10{width:83.33333%}.mui-col-xs-11{width:91.66667%}.mui-col-xs-12{width:100%}.mui-col-xs-offset-0{margin-left:0}.mui-col-xs-offset-1{margin-left:8.33333%}.mui-col-xs-offset-2{margin-left:16.66667%}.mui-col-xs-offset-3{margin-left:25%}.mui-col-xs-offset-4{margin-left:33.33333%}.mui-col-xs-offset-5{margin-left:41.66667%}.mui-col-xs-offset-6{margin-left:50%}.mui-col-xs-offset-7{margin-left:58.33333%}.mui-col-xs-offset-8{margin-left:66.66667%}.mui-col-xs-offset-9{margin-left:75%}.mui-col-xs-offset-10{margin-left:83.33333%}.mui-col-xs-offset-11{margin-left:91.66667%}.mui-col-xs-offset-12{margin-left:100%}@media(min-width:544px){.mui-col-sm-1,.mui-col-sm-2,.mui-col-sm-3,.mui-col-sm-4,.mui-col-sm-5,.mui-col-sm-6,.mui-col-sm-7,.mui-col-sm-8,.mui-col-sm-9,.mui-col-sm-10,.mui-col-sm-11,.mui-col-sm-12{float:left}.mui-col-sm-1{width:8.33333%}.mui-col-sm-2{width:16.66667%}.mui-col-sm-3{width:25%}.mui-col-sm-4{width:33.33333%}.mui-col-sm-5{width:41.66667%}.mui-col-sm-6{width:50%}.mui-col-sm-7{width:58.33333%}.mui-col-sm-8{width:66.66667%}.mui-col-sm-9{width:75%}.mui-col-sm-10{width:83.33333%}.mui-col-sm-11{width:91.66667%}.mui-col-sm-12{width:100%}.mui-col-sm-offset-0{margin-left:0}.mui-col-sm-offset-1{margin-left:8.33333%}.mui-col-sm-offset-2{margin-left:16.66667%}.mui-col-sm-offset-3{margin-left:25%}.mui-col-sm-offset-4{margin-left:33.33333%}.mui-col-sm-offset-5{margin-left:41.66667%}.mui-col-sm-offset-6{margin-left:50%}.mui-col-sm-offset-7{margin-left:58.33333%}.mui-col-sm-offset-8{margin-left:66.66667%}.mui-col-sm-offset-9{margin-left:75%}.mui-col-sm-offset-10{margin-left:83.33333%}.mui-col-sm-offset-11{margin-left:91.66667%}.mui-col-sm-offset-12{margin-left:100%}}@media(min-width:768px){.mui-col-md-1,.mui-col-md-2,.mui-col-md-3,.mui-col-md-4,.mui-col-md-5,.mui-col-md-6,.mui-col-md-7,.mui-col-md-8,.mui-col-md-9,.mui-col-md-10,.mui-col-md-11,.mui-col-md-12{float:left}.mui-col-md-1{width:8.33333%}.mui-col-md-2{width:16.66667%}.mui-col-md-3{width:25%}.mui-col-md-4{width:33.33333%}.mui-col-md-5{width:41.66667%}.mui-col-md-6{width:50%}.mui-col-md-7{width:58.33333%}.mui-col-md-8{width:66.66667%}.mui-col-md-9{width:75%}.mui-col-md-10{width:83.33333%}.mui-col-md-11{width:91.66667%}.mui-col-md-12{width:100%}.mui-col-md-offset-0{margin-left:0}.mui-col-md-offset-1{margin-left:8.33333%}.mui-col-md-offset-2{margin-left:16.66667%}.mui-col-md-offset-3{margin-left:25%}.mui-col-md-offset-4{margin-left:33.33333%}.mui-col-md-offset-5{margin-left:41.66667%}.mui-col-md-offset-6{margin-left:50%}.mui-col-md-offset-7{margin-left:58.33333%}.mui-col-md-offset-8{margin-left:66.66667%}.mui-col-md-offset-9{margin-left:75%}.mui-col-md-offset-10{margin-left:83.33333%}.mui-col-md-offset-11{margin-left:91.66667%}.mui-col-md-offset-12{margin-left:100%}}@media(min-width:992px){.mui-col-lg-1,.mui-col-lg-2,.mui-col-lg-3,.mui-col-lg-4,.mui-col-lg-5,.mui-col-lg-6,.mui-col-lg-7,.mui-col-lg-8,.mui-col-lg-9,.mui-col-lg-10,.mui-col-lg-11,.mui-col-lg-12{float:left}.mui-col-lg-1{width:8.33333%}.mui-col-lg-2{width:16.66667%}.mui-col-lg-3{width:25%}.mui-col-lg-4{width:33.33333%}.mui-col-lg-5{width:41.66667%}.mui-col-lg-6{width:50%}.mui-col-lg-7{width:58.33333%}.mui-col-lg-8{width:66.66667%}.mui-col-lg-9{width:75%}.mui-col-lg-10{width:83.33333%}.mui-col-lg-11{width:91.66667%}.mui-col-lg-12{width:100%}.mui-col-lg-offset-0{margin-left:0}.mui-col-lg-offset-1{margin-left:8.33333%}.mui-col-lg-offset-2{margin-left:16.66667%}.mui-col-lg-offset-3{margin-left:25%}.mui-col-lg-offset-4{margin-left:33.33333%}.mui-col-lg-offset-5{margin-left:41.66667%}.mui-col-lg-offset-6{margin-left:50%}.mui-col-lg-offset-7{margin-left:58.33333%}.mui-col-lg-offset-8{margin-left:66.66667%}.mui-col-lg-offset-9{margin-left:75%}.mui-col-lg-offset-10{margin-left:83.33333%}.mui-col-lg-offset-11{margin-left:91.66667%}.mui-col-lg-offset-12{margin-left:100%}}@media(min-width:1200px){.mui-col-xl-1,.mui-col-xl-2,.mui-col-xl-3,.mui-col-xl-4,.mui-col-xl-5,.mui-col-xl-6,.mui-col-xl-7,.mui-col-xl-8,.mui-col-xl-9,.mui-col-xl-10,.mui-col-xl-11,.mui-col-xl-12{float:left}.mui-col-xl-1{width:8.33333%}.mui-col-xl-2{width:16.66667%}.mui-col-xl-3{width:25%}.mui-col-xl-4{width:33.33333%}.mui-col-xl-5{width:41.66667%}.mui-col-xl-6{width:50%}.mui-col-xl-7{width:58.33333%}.mui-col-xl-8{width:66.66667%}.mui-col-xl-9{width:75%}.mui-col-xl-10{width:83.33333%}.mui-col-xl-11{width:91.66667%}.mui-col-xl-12{width:100%}.mui-col-xl-offset-0{margin-left:0}.mui-col-xl-offset-1{margin-left:8.33333%}.mui-col-xl-offset-2{margin-left:16.66667%}.mui-col-xl-offset-3{margin-left:25%}.mui-col-xl-offset-4{margin-left:33.33333%}.mui-col-xl-offset-5{margin-left:41.66667%}.mui-col-xl-offset-6{margin-left:50%}.mui-col-xl-offset-7{margin-left:58.33333%}.mui-col-xl-offset-8{margin-left:66.66667%}.mui-col-xl-offset-9{margin-left:75%}.mui-col-xl-offset-10{margin-left:83.33333%}.mui-col-xl-offset-11{margin-left:91.66667%}.mui-col-xl-offset-12{margin-left:100%}}.mui-panel{padding:15px;margin-bottom:20px;border-radius:0;background-color:#FFF;-webkit-box-shadow:0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12);box-shadow:0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12)}.mui-panel:before,.mui-panel:after{content:" ";display:table}.mui-panel:after{clear:both}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-panel{-webkit-box-shadow:0 -1px 2px 0 rgba(0,0,0,0.12),-1px 0 2px 0 rgba(0,0,0,0.12),0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12);box-shadow:0 -1px 2px 0 rgba(0,0,0,0.12),-1px 0 2px 0 rgba(0,0,0,0.12),0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12)}}@supports(-ms-ime-align:auto){.mui-panel{-webkit-box-shadow:0 -1px 2px 0 rgba(0,0,0,0.12),-1px 0 2px 0 rgba(0,0,0,0.12),0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12);box-shadow:0 -1px 2px 0 rgba(0,0,0,0.12),-1px 0 2px 0 rgba(0,0,0,0.12),0 2px 2px 0 rgba(0,0,0,0.16),0 0 2px 0 rgba(0,0,0,0.12)}}.mui-select{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-select:focus{outline:0}.mui-select:focus>select{height:33px;margin-bottom:-1px;border-color:#2196f3;border-width:2px}.mui-select>select{display:block;height:32px;width:100%;appearance:none;-webkit-appearance:none;-moz-appearance:none;outline:0;border:0;border-bottom:1px solid rgba(0,0,0,0.26);border-radius:0;-webkit-box-shadow:none;box-shadow:none;background-color:transparent;background-image:url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIGhlaWdodD0iNiIgd2lkdGg9IjEwIj48cG9seWdvbiBwb2ludHM9IjAsMCAxMCwwIDUsNiIgc3R5bGU9ImZpbGw6cmdiYSgwLDAsMCwuMjQpOyIvPjwvc3ZnPg==");background-repeat:no-repeat;background-position:right center;cursor:pointer;color:rgba(0,0,0,0.87);font-size:16px;font-family:inherit;line-height:inherit;padding:0 25px 0 0}.mui-select>select::-ms-expand{display:none}.mui-select>select:focus{outline:0;height:33px;margin-bottom:-1px;border-color:#2196f3;border-width:2px}.mui-select>select:disabled{color:rgba(0,0,0,0.38);cursor:not-allowed;background-color:transparent;opacity:1}.mui-select>select:-moz-focusring{color:transparent;text-shadow:0 0 0 #000}.mui-select>select:focus::-ms-value{background:0;color:rgba(0,0,0,0.87)}.mui-select>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,0.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-select:focus>label,.mui-select>select:focus ~ label{color:#2196f3}.mui-select__menu{position:absolute;z-index:2;min-width:100%;overflow-y:auto;padding:8px 0;-webkit-box-sizing:border-box;box-sizing:border-box;background-color:#FFF;font-size:16px}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.mui-select__menu{border-left:1px solid rgba(0,0,0,0.12);border-top:1px solid rgba(0,0,0,0.12)}}@supports(-ms-ime-align:auto){.mui-select__menu{border-left:1px solid rgba(0,0,0,0.12);border-top:1px solid rgba(0,0,0,0.12)}}.mui-select__menu>div{padding:0 22px;height:42px;line-height:42px;cursor:pointer;white-space:nowrap}.mui-select__menu>div.mui--is-selected{background-color:#eee}.mui-select__menu>div.mui--is-disabled{color:rgba(0,0,0,0.38);cursor:not-allowed}.mui-select__menu>div:not(.mui-optgroup__label):not(.mui--is-disabled):hover{background-color:#e0e0e0}.mui-optgroup__option{text-indent:1em}.mui-optgroup__label{color:rgba(0,0,0,0.54);font-size:.9em}.mui-table{width:100%;max-width:100%;margin-bottom:20px}.mui-table>thead>tr>th,.mui-table>tbody>tr>th,.mui-table>tfoot>tr>th{text-align:left}.mui-table>thead>tr>th,.mui-table>thead>tr>td,.mui-table>tbody>tr>th,.mui-table>tbody>tr>td,.mui-table>tfoot>tr>th,.mui-table>tfoot>tr>td{padding:10px;line-height:1.429}.mui-table>thead>tr>th{border-bottom:2px solid rgba(0,0,0,0.12);font-weight:700}.mui-table>tbody+tbody{border-top:2px solid rgba(0,0,0,0.12)}.mui-table.mui-table--bordered>tbody>tr>td{border-bottom:1px solid rgba(0,0,0,0.12)}.mui-tabs__bar{list-style:none;padding-left:0;margin-bottom:0;background-color:transparent;white-space:nowrap;overflow-x:auto}.mui-tabs__bar>li{display:inline-block}.mui-tabs__bar>li>a{display:block;white-space:nowrap;text-transform:uppercase;font-weight:500;font-size:14px;color:rgba(0,0,0,0.87);cursor:default;height:48px;line-height:48px;padding-left:24px;padding-right:24px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-tabs__bar>li>a:hover{text-decoration:none}.mui-tabs__bar>li.mui--is-active{border-bottom:2px solid #2196f3}.mui-tabs__bar>li.mui--is-active>a{color:#2196f3}.mui-tabs__bar.mui-tabs__bar--justified{display:table;width:100%;table-layout:fixed}.mui-tabs__bar.mui-tabs__bar--justified>li{display:table-cell}.mui-tabs__bar.mui-tabs__bar--justified>li>a{text-align:center;padding-left:0;padding-right:0}.mui-tabs__pane{display:none}.mui-tabs__pane.mui--is-active{display:block}.mui-textfield{display:block;padding-top:15px;margin-bottom:20px;position:relative}.mui-textfield>label{position:absolute;top:0;display:block;width:100%;color:rgba(0,0,0,0.54);font-size:12px;font-weight:400;line-height:15px;overflow-x:hidden;text-overflow:ellipsis;white-space:nowrap}.mui-textfield>textarea{padding-top:5px}.mui-textfield>input:focus ~ label,.mui-textfield>textarea:focus ~ label{color:#2196f3}.mui-textfield--float-label>label{position:absolute;-webkit-transform:translate(0px,15px);transform:translate(0px,15px);font-size:16px;line-height:32px;color:rgba(0,0,0,0.26);text-overflow:clip;cursor:text;pointer-events:none}.mui-textfield--float-label>input:focus ~ label,.mui-textfield--float-label>textarea:focus ~ label{-webkit-transform:translate(0px,0px);transform:translate(0px,0px);font-size:12px;line-height:15px;text-overflow:ellipsis}.mui-textfield--float-label>input:not(:focus).mui--is-not-empty ~ label,.mui-textfield--float-label>input:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield--float-label>input:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield--float-label>textarea:not(:focus).mui--is-not-empty ~ label,.mui-textfield--float-label>textarea:not(:focus)[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield--float-label>textarea:not(:focus):not(:empty):not(.mui--is-empty):not(.mui--is-not-empty) ~ label{color:rgba(0,0,0,0.54);font-size:12px;line-height:15px;-webkit-transform:translate(0px,0px);transform:translate(0px,0px);text-overflow:ellipsis}.mui-textfield--wrap-label{display:table;width:100%;padding-top:0}.mui-textfield--wrap-label:not(.mui-textfield--float-label)>label{display:table-header-group;position:static;white-space:normal;overflow-x:visible}.mui-textfield>input,.mui-textfield>textarea{-webkit-box-sizing:border-box;box-sizing:border-box;display:block;background-color:transparent;color:rgba(0,0,0,0.87);border:0;border-bottom:1px solid rgba(0,0,0,0.26);outline:0;width:100%;padding:0;-webkit-box-shadow:none;box-shadow:none;border-radius:0;font-size:16px;font-family:inherit;line-height:inherit;background-image:none}.mui-textfield>input:focus,.mui-textfield>textarea:focus{border-color:#2196f3;border-width:2px}.mui-textfield>input:disabled,.mui-textfield>input:-moz-read-only,.mui-textfield>textarea:disabled,.mui-textfield>textarea:-moz-read-only{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input:disabled,.mui-textfield>input:read-only,.mui-textfield>textarea:disabled,.mui-textfield>textarea:read-only{cursor:not-allowed;background-color:transparent;opacity:1}.mui-textfield>input::-webkit-input-placeholder,.mui-textfield>textarea::-webkit-input-placeholder{color:rgba(0,0,0,0.26);opacity:1}.mui-textfield>input:-ms-input-placeholder,.mui-textfield>textarea:-ms-input-placeholder{color:rgba(0,0,0,0.26);opacity:1}.mui-textfield>input::-ms-input-placeholder,.mui-textfield>textarea::-ms-input-placeholder{color:rgba(0,0,0,0.26);opacity:1}.mui-textfield>input::placeholder,.mui-textfield>textarea::placeholder{color:rgba(0,0,0,0.26);opacity:1}.mui-textfield>input{height:32px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>textarea{min-height:64px}.mui-textfield>textarea[rows]:not([rows="2"]):focus{margin-bottom:-1px}.mui-textfield>input:focus{height:33px;margin-bottom:-1px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):not(:required),.mui-textfield>textarea:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:not(:required),.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>textarea:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>textarea:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>textarea:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty){border-color:#f44336;border-width:2px}.mui-textfield>input:invalid:not(:focus):not(:required),.mui-textfield>input:invalid:not(:focus):required.mui--is-not-empty,.mui-textfield>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched,.mui-textfield>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:not(:required),.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-not-empty,.mui-textfield>input:not(:focus).mui--is-invalid:required.mui--is-empty.mui--is-touched,.mui-textfield>input:not(:focus).mui--is-invalid:required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty),.mui-textfield>input:not(:focus).mui--is-invalid:required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty){height:33px;margin-bottom:-1px}.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):not(:required) ~ label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required.mui--is-not-empty ~ label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield.mui-textfield--float-label>input:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):not(:required) ~ label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required.mui--is-not-empty ~ label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required[value]:not([value=""]):not(.mui--is-empty):not(.mui--is-not-empty) ~ label,.mui-textfield.mui-textfield--float-label>textarea:invalid:not(:focus):required:not(:empty):not(.mui--is-empty):not(.mui--is-not-empty) ~ label{color:#f44336}.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):not(:required) ~ label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-empty.mui--is-touched ~ label,.mui-textfield:not(.mui-textfield--float-label)>input:invalid:not(:focus):required.mui--is-not-empty ~ label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):not(:required) ~ label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-empty.mui--is-touched ~ label,.mui-textfield:not(.mui-textfield--float-label)>textarea:invalid:not(:focus):required.mui--is-not-empty ~ label{color:#f44336}.mui-textfield.mui-textfield--float-label>.mui--is-invalid.mui--is-not-empty:not(:focus) ~ label{color:#f44336}.mui-textfield:not(.mui-textfield--float-label)>.mui--is-invalid:not(:focus) ~ label{color:#f44336}.mui--no-transition{-webkit-transition:none!important;transition:none!important}.mui--no-user-select{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.mui-caret{display:inline-block;width:0;height:0;margin-left:2px;vertical-align:middle;border-top:4px solid;border-right:4px solid transparent;border-left:4px solid transparent}.mui--text-left{text-align:left!important}.mui--text-right{text-align:right!important}.mui--text-center{text-align:center!important}.mui--text-justify{text-align:justify!important}.mui--text-nowrap{white-space:nowrap!important}.mui--align-baseline{vertical-align:baseline!important}.mui--align-top{vertical-align:top!important}.mui--align-middle{vertical-align:middle!important}.mui--align-bottom{vertical-align:bottom!important}.mui--text-dark{color:rgba(0,0,0,0.87)}.mui--text-dark-secondary{color:rgba(0,0,0,0.54)}.mui--text-dark-hint{color:rgba(0,0,0,0.38)}.mui--text-light{color:#FFF}.mui--text-light-secondary{color:rgba(255,255,255,0.7)}.mui--text-light-hint{color:rgba(255,255,255,0.3)}.mui--text-accent{color:rgba(255,64,129,0.87)}.mui--text-accent-secondary{color:rgba(255,64,129,0.54)}.mui--text-accent-hint{color:rgba(255,64,129,0.38)}.mui--text-black{color:#000}.mui--text-white{color:#FFF}.mui--text-danger{color:#f44336}.mui--bg-primary{background-color:#2196f3}.mui--bg-primary-dark{background-color:#1976d2}.mui--bg-primary-light{background-color:#bbdefb}.mui--bg-accent{background-color:#ff4081}.mui--bg-accent-dark{background-color:#f50057}.mui--bg-accent-light{background-color:#ff80ab}.mui--bg-danger{background-color:#f44336}.mui-list--unstyled{padding-left:0;list-style:none}.mui-list--inline{padding-left:0;list-style:none;margin-left:-5px}.mui-list--inline>li{display:inline-block;padding-left:5px;padding-right:5px}.mui--z1,.mui-dropdown__menu,.mui-select__menu{-webkit-box-shadow:0 1px 3px rgba(0,0,0,0.12),0 1px 2px rgba(0,0,0,0.24);box-shadow:0 1px 3px rgba(0,0,0,0.12),0 1px 2px rgba(0,0,0,0.24)}.mui--z2{-webkit-box-shadow:0 3px 6px rgba(0,0,0,0.16),0 3px 6px rgba(0,0,0,0.23);box-shadow:0 3px 6px rgba(0,0,0,0.16),0 3px 6px rgba(0,0,0,0.23)}.mui--z3{-webkit-box-shadow:0 10px 20px rgba(0,0,0,0.19),0 6px 6px rgba(0,0,0,0.23);box-shadow:0 10px 20px rgba(0,0,0,0.19),0 6px 6px rgba(0,0,0,0.23)}.mui--z4{-webkit-box-shadow:0 14px 28px rgba(0,0,0,0.25),0 10px 10px rgba(0,0,0,0.22);box-shadow:0 14px 28px rgba(0,0,0,0.25),0 10px 10px rgba(0,0,0,0.22)}.mui--z5{-webkit-box-shadow:0 19px 38px rgba(0,0,0,0.3),0 15px 12px rgba(0,0,0,0.22);box-shadow:0 19px 38px rgba(0,0,0,0.3),0 15px 12px rgba(0,0,0,0.22)}.mui--clearfix:before,.mui--clearfix:after{content:" ";display:table}.mui--clearfix:after{clear:both}.mui--pull-right{float:right!important}.mui--pull-left{float:left!important}.mui--hide{display:none!important}.mui--show{display:block!important}.mui--invisible{visibility:hidden}.mui--overflow-hidden{overflow:hidden!important}.mui--overflow-hidden-x{overflow-x:hidden!important}.mui--overflow-hidden-y{overflow-y:hidden!important}.mui--visible-xs-block,.mui--visible-xs-inline,.mui--visible-xs-inline-block,.mui--visible-sm-block,.mui--visible-sm-inline,.mui--visible-sm-inline-block,.mui--visible-md-block,.mui--visible-md-inline,.mui--visible-md-inline-block,.mui--visible-lg-block,.mui--visible-lg-inline,.mui--visible-lg-inline-block,.mui--visible-xl-block,.mui--visible-xl-inline,.mui--visible-xl-inline-block{display:none!important}@media(max-width:543px){.mui-visible-xs{display:block!important}table.mui-visible-xs{display:table}tr.mui-visible-xs{display:table-row!important}th.mui-visible-xs,td.mui-visible-xs{display:table-cell!important}.mui--visible-xs-block{display:block!important}.mui--visible-xs-inline{display:inline!important}.mui--visible-xs-inline-block{display:inline-block!important}}@media(min-width:544px) and (max-width:767px){.mui-visible-sm{display:block!important}table.mui-visible-sm{display:table}tr.mui-visible-sm{display:table-row!important}th.mui-visible-sm,td.mui-visible-sm{display:table-cell!important}.mui--visible-sm-block{display:block!important}.mui--visible-sm-inline{display:inline!important}.mui--visible-sm-inline-block{display:inline-block!important}}@media(min-width:768px) and (max-width:991px){.mui-visible-md{display:block!important}table.mui-visible-md{display:table}tr.mui-visible-md{display:table-row!important}th.mui-visible-md,td.mui-visible-md{display:table-cell!important}.mui--visible-md-block{display:block!important}.mui--visible-md-inline{display:inline!important}.mui--visible-md-inline-block{display:inline-block!important}}@media(min-width:992px) and (max-width:1199px){.mui-visible-lg{display:block!important}table.mui-visible-lg{display:table}tr.mui-visible-lg{display:table-row!important}th.mui-visible-lg,td.mui-visible-lg{display:table-cell!important}.mui--visible-lg-block{display:block!important}.mui--visible-lg-inline{display:inline!important}.mui--visible-lg-inline-block{display:inline-block!important}}@media(min-width:1200px){.mui-visible-xl{display:block!important}table.mui-visible-xl{display:table}tr.mui-visible-xl{display:table-row!important}th.mui-visible-xl,td.mui-visible-xl{display:table-cell!important}.mui--visible-xl-block{display:block!important}.mui--visible-xl-inline{display:inline!important}.mui--visible-xl-inline-block{display:inline-block!important}}@media(max-width:543px){.mui--hidden-xs{display:none!important}}@media(min-width:544px) and (max-width:767px){.mui--hidden-sm{display:none!important}}@media(min-width:768px) and (max-width:991px){.mui--hidden-md{display:none!important}}@media(min-width:992px) and (max-width:1199px){.mui--hidden-lg{display:none!important}}@media(min-width:1200px){.mui--hidden-xl{display:none!important}}.mui-scrlock--showbar-y{overflow-y:scroll!important}.mui-scrlock--showbar-x{overflow-x:scroll!important}#mui-overlay{position:fixed;top:0;right:0;bottom:0;left:0;z-index:99999999;background-color:rgba(0,0,0,0.2);overflow:auto}.mui-btn__ripple-container{position:absolute;top:0;left:0;display:block;height:100%;width:100%;overflow:hidden;z-index:0;pointer-events:none}.mui-ripple{position:absolute;top:0;left:0;border-radius:50%;opacity:0;pointer-events:none;-webkit-transform:scale(0.0001,0.0001);transform:scale(0.0001,0.0001)}.mui-ripple.mui--is-animating{-webkit-transform:none;transform:none;-webkit-transition:width .3s cubic-bezier(0,0,0.2,1),height .3s cubic-bezier(0,0,0.2,1),opacity .3s cubic-bezier(0,0,0.2,1),-webkit-transform .3s cubic-bezier(0,0,0.2,1);transition:width .3s cubic-bezier(0,0,0.2,1),height .3s cubic-bezier(0,0,0.2,1),opacity .3s cubic-bezier(0,0,0.2,1),-webkit-transform .3s cubic-bezier(0,0,0.2,1);transition:transform .3s cubic-bezier(0,0,0.2,1),width .3s cubic-bezier(0,0,0.2,1),height .3s cubic-bezier(0,0,0.2,1),opacity .3s cubic-bezier(0,0,0.2,1);transition:transform .3s cubic-bezier(0,0,0.2,1),width .3s cubic-bezier(0,0,0.2,1),height .3s cubic-bezier(0,0,0.2,1),opacity .3s cubic-bezier(0,0,0.2,1),-webkit-transform .3s cubic-bezier(0,0,0.2,1)}.mui-ripple.mui--is-visible{opacity:.3}.mui-btn .mui-ripple{background-color:#a6a6a6}.mui-btn--primary .mui-ripple{background-color:#FFF}.mui-btn--dark .mui-ripple{background-color:#FFF}.mui-btn--danger .mui-ripple{background-color:#FFF}.mui-btn--accent .mui-ripple{background-color:#FFF}.mui-btn--flat .mui-ripple{background-color:#a6a6a6}.mui--text-display4{font-weight:300;font-size:112px;line-height:112px}.mui--text-display3{font-weight:400;font-size:56px;line-height:56px}.mui--text-display2{font-weight:400;font-size:45px;line-height:48px}.mui--text-display1,h1{font-weight:400;font-size:34px;line-height:40px}.mui--text-headline,h2{font-weight:400;font-size:24px;line-height:32px}.mui--text-title,h3{font-weight:400;font-size:20px;line-height:28px}.mui--text-subhead,h4{font-weight:400;font-size:16px;line-height:24px}.mui--text-body2,h5{font-weight:500;font-size:14px;line-height:24px}.mui--text-body1{font-weight:400;font-size:14px;line-height:20px}.mui--text-caption{font-weight:400;font-size:12px;line-height:16px}.mui--text-menu{font-weight:500;font-size:13px;line-height:17px}.mui--text-button{font-weight:500;font-size:14px;line-height:18px;text-transform:uppercase}

css/bvplugin.min.css ADDED Viewed

	@@ -0,0 +1 @@

+ .bv-box,.new-account-panel{-webkit-box-shadow:0 2px 2px 0 rgba(0,0,0,.24),0 0 2px 0 rgba(0,0,0,.24)}<style>.header{background:#25bea0}.top-links{width:400px;float:right;margin-top:15px}.bv-top-button{padding:5px;margin:5px;border:1px solid #17252A;display:inline-block;background:#17252A;border-radius:5px;float:right}.bv-top-button:hover{background:rgba(0,0,0,.6)}.bv-top-button a{text-decoration:none;color:#FFF}.main-title{text-align:center;font-size:32px;margin:10px;text-decoration:underline;font-weight:700}.bv-box{background:#FFF}.new-account-panel{margin-top:10px;margin-bottom:0;border:1px solid #000}.bv-input{font-size:20px;height:40px!important}.bv-tick{color:#52BE80;font-weight:700;padding-left:3px}h2{margin:0;padding:0}.form-title{font-size:24px;margin-bottom:10px}.select-purpose{width:200px;vertical-align:baseline !important;height:40px}.get-started-button{margin-left:10px;height:40px;margin-top:0;font-weight:700;color:#FFF}.side{float:left;margin-top:15px;padding-left:0;padding-right:0}.side-box{padding:0;border:1px solid #000}.side-box-title{font-size:14px;background:#17252a;text-align:center;color:#FFF}.bv-upgrade-button{background:#FF6037;width:80%;margin:0 auto 10px;text-align:center;padding:10px;border-radius:5px}.bv-upgrade-button a{color:#FFF;text-decoration:none;font-size:18px}.footer-logo{margin-right:30px}

img/as_seen_in.png ADDED Viewed

Binary file

img/bv.png ADDED Viewed

Binary file

img/bv_badge.png ADDED Viewed

Binary file

img/bv_for_free.jpg ADDED Viewed

Binary file

img/icon.png ADDED Viewed

Binary file

img/lock.png ADDED Viewed

Binary file

img/malcare-wordpress-security.png ADDED Viewed

Binary file

img/mclogo.png ADDED Viewed

Binary file

img/wprlogo.png ADDED Viewed

Binary file

info.php ADDED Viewed

	@@ -0,0 +1,85 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRInfo')) :
5	+ class WPRInfo {
6	+ public $settings;
7	+ public $plugname = 'wpremote';
8	+ public $brandname = 'WP Remote';
9	+ public $badgeinfo = 'wprbadge';
10	+ public $ip_header_option = 'wpripheader';
11	+ public $brand_option = 'wprbrand';
12	+ public $version = '3.2';
13	+ public $webpage = 'https://wpremote.com';
14	+ public $appurl = 'https://app.wpremote.com';
15	+ public $slug = 'wpremote/wpremote.php';
16	+ public $plug_redirect = 'wprredirect';
17	+ public $logo = '../img/wprlogo.png';
18	+
19	+ public function __construct($settings) {
20	+ $this->settings = $settings;
21	+ }
22	+
23	+ public function getBrandInfo() {
24	+ return $this->settings->getOption($this->brand_option);
25	+ }
26	+
27	+ public function getBrandName() {
28	+ $brand = $this->getBrandInfo();
29	+ if ($brand && array_key_exists('menuname', $brand)) {
30	+ return $brand['menuname'];
31	+ }
32	+ return $this->brandname;
33	+ }
34	+
35	+ public function getMonitTime() {
36	+ $time = $this->settings->getOption('bvmonittime');
37	+ return ($time ? $time : 0);
38	+ }
39	+
40	+ public function appUrl() {
41	+ if (defined('BV_APP_URL')) {
42	+ return BV_APP_URL;
43	+ } else {
44	+ $brand = $this->getBrandInfo();
45	+ if ($brand && array_key_exists('appurl', $brand)) {
46	+ return $brand['appurl'];
47	+ }
48	+ return $this->appurl;
49	+ }
50	+ }
51	+
52	+ public function isActivePlugin() {
53	+ $expiry_time = time() - (3 * 24 * 3600);
54	+ return ($this->getMonitTime() > $expiry_time);
55	+ }
56	+
57	+ public function isProtectModuleEnabled() {
58	+ return ($this->settings->getOption('bvptplug') === $this->plugname) &&
59	+ $this->isActivePlugin();
60	+ }
61	+
62	+ public function isDynSyncModuleEnabled() {
63	+ return ($this->settings->getOption('bvdynplug') === $this->plugname) &&
64	+ $this->isActivePlugin();
65	+ }
66	+ public function isActivateRedirectSet() {
67	+ return ($this->settings->getOption($this->plug_redirect) === 'yes') ? true : false;
68	+ }
69	+
70	+ public function isMalcare() {
71	+ return $this->getBrandName() === 'MalCare - Pro';
72	+ }
73	+
74	+ public function isBlogvault() {
75	+ return $this->getBrandName() === 'BlogVault';
76	+ }
77	+
78	+ public function respInfo() {
79	+ return array(
80	+ "bvversion" => $this->version,
81	+ "sha1" => "true"
82	+ );
83	+ }
84	+ }
85	+ endif;

license.txt ADDED Viewed

	@@ -0,0 +1,385 @@


1	+ WordPress - Web publishing software
2	+
3	+ Copyright 2015 by the contributors
4	+
5	+ This program is free software; you can redistribute it and/or modify
6	+ it under the terms of the GNU General Public License as published by
7	+ the Free Software Foundation; either version 2 of the License, or
8	+ (at your option) any later version.
9	+
10	+ This program is distributed in the hope that it will be useful,
11	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
12	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13	+ GNU General Public License for more details.
14	+
15	+ You should have received a copy of the GNU General Public License
16	+ along with this program; if not, write to the Free Software
17	+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18	+
19	+ This program incorporates work covered by the following copyright and
20	+ permission notices:
21	+
22	+ b2 is (c) 2001, 2002 Michel Valdrighi - m@tidakada.com -
23	+ http://tidakada.com
24	+
25	+ Wherever third party code has been used, credit has been given in the code's
26	+ comments.
27	+
28	+ b2 is released under the GPL
29	+
30	+ and
31	+
32	+ WordPress - Web publishing software
33	+
34	+ Copyright 2003-2010 by the contributors
35	+
36	+ WordPress is released under the GPL
37	+
38	+ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
39	+
40	+ GNU GENERAL PUBLIC LICENSE
41	+ Version 2, June 1991
42	+
43	+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
44	+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
45	+ Everyone is permitted to copy and distribute verbatim copies
46	+ of this license document, but changing it is not allowed.
47	+
48	+ Preamble
49	+
50	+ The licenses for most software are designed to take away your
51	+ freedom to share and change it. By contrast, the GNU General Public
52	+ License is intended to guarantee your freedom to share and change free
53	+ software--to make sure the software is free for all its users. This
54	+ General Public License applies to most of the Free Software
55	+ Foundation's software and to any other program whose authors commit to
56	+ using it. (Some other Free Software Foundation software is covered by
57	+ the GNU Lesser General Public License instead.) You can apply it to
58	+ your programs, too.
59	+
60	+ When we speak of free software, we are referring to freedom, not
61	+ price. Our General Public Licenses are designed to make sure that you
62	+ have the freedom to distribute copies of free software (and charge for
63	+ this service if you wish), that you receive source code or can get it
64	+ if you want it, that you can change the software or use pieces of it
65	+ in new free programs; and that you know you can do these things.
66	+
67	+ To protect your rights, we need to make restrictions that forbid
68	+ anyone to deny you these rights or to ask you to surrender the rights.
69	+ These restrictions translate to certain responsibilities for you if you
70	+ distribute copies of the software, or if you modify it.
71	+
72	+ For example, if you distribute copies of such a program, whether
73	+ gratis or for a fee, you must give the recipients all the rights that
74	+ you have. You must make sure that they, too, receive or can get the
75	+ source code. And you must show them these terms so they know their
76	+ rights.
77	+
78	+ We protect your rights with two steps: (1) copyright the software, and
79	+ (2) offer you this license which gives you legal permission to copy,
80	+ distribute and/or modify the software.
81	+
82	+ Also, for each author's protection and ours, we want to make certain
83	+ that everyone understands that there is no warranty for this free
84	+ software. If the software is modified by someone else and passed on, we
85	+ want its recipients to know that what they have is not the original, so
86	+ that any problems introduced by others will not reflect on the original
87	+ authors' reputations.
88	+
89	+ Finally, any free program is threatened constantly by software
90	+ patents. We wish to avoid the danger that redistributors of a free
91	+ program will individually obtain patent licenses, in effect making the
92	+ program proprietary. To prevent this, we have made it clear that any
93	+ patent must be licensed for everyone's free use or not licensed at all.
94	+
95	+ The precise terms and conditions for copying, distribution and
96	+ modification follow.
97	+
98	+ GNU GENERAL PUBLIC LICENSE
99	+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
100	+
101	+ 0. This License applies to any program or other work which contains
102	+ a notice placed by the copyright holder saying it may be distributed
103	+ under the terms of this General Public License. The "Program", below,
104	+ refers to any such program or work, and a "work based on the Program"
105	+ means either the Program or any derivative work under copyright law:
106	+ that is to say, a work containing the Program or a portion of it,
107	+ either verbatim or with modifications and/or translated into another
108	+ language. (Hereinafter, translation is included without limitation in
109	+ the term "modification".) Each licensee is addressed as "you".
110	+
111	+ Activities other than copying, distribution and modification are not
112	+ covered by this License; they are outside its scope. The act of
113	+ running the Program is not restricted, and the output from the Program
114	+ is covered only if its contents constitute a work based on the
115	+ Program (independent of having been made by running the Program).
116	+ Whether that is true depends on what the Program does.
117	+
118	+ 1. You may copy and distribute verbatim copies of the Program's
119	+ source code as you receive it, in any medium, provided that you
120	+ conspicuously and appropriately publish on each copy an appropriate
121	+ copyright notice and disclaimer of warranty; keep intact all the
122	+ notices that refer to this License and to the absence of any warranty;
123	+ and give any other recipients of the Program a copy of this License
124	+ along with the Program.
125	+
126	+ You may charge a fee for the physical act of transferring a copy, and
127	+ you may at your option offer warranty protection in exchange for a fee.
128	+
129	+ 2. You may modify your copy or copies of the Program or any portion
130	+ of it, thus forming a work based on the Program, and copy and
131	+ distribute such modifications or work under the terms of Section 1
132	+ above, provided that you also meet all of these conditions:
133	+
134	+ a) You must cause the modified files to carry prominent notices
135	+ stating that you changed the files and the date of any change.
136	+
137	+ b) You must cause any work that you distribute or publish, that in
138	+ whole or in part contains or is derived from the Program or any
139	+ part thereof, to be licensed as a whole at no charge to all third
140	+ parties under the terms of this License.
141	+
142	+ c) If the modified program normally reads commands interactively
143	+ when run, you must cause it, when started running for such
144	+ interactive use in the most ordinary way, to print or display an
145	+ announcement including an appropriate copyright notice and a
146	+ notice that there is no warranty (or else, saying that you provide
147	+ a warranty) and that users may redistribute the program under
148	+ these conditions, and telling the user how to view a copy of this
149	+ License. (Exception: if the Program itself is interactive but
150	+ does not normally print such an announcement, your work based on
151	+ the Program is not required to print an announcement.)
152	+
153	+ These requirements apply to the modified work as a whole. If
154	+ identifiable sections of that work are not derived from the Program,
155	+ and can be reasonably considered independent and separate works in
156	+ themselves, then this License, and its terms, do not apply to those
157	+ sections when you distribute them as separate works. But when you
158	+ distribute the same sections as part of a whole which is a work based
159	+ on the Program, the distribution of the whole must be on the terms of
160	+ this License, whose permissions for other licensees extend to the
161	+ entire whole, and thus to each and every part regardless of who wrote it.
162	+
163	+ Thus, it is not the intent of this section to claim rights or contest
164	+ your rights to work written entirely by you; rather, the intent is to
165	+ exercise the right to control the distribution of derivative or
166	+ collective works based on the Program.
167	+
168	+ In addition, mere aggregation of another work not based on the Program
169	+ with the Program (or with a work based on the Program) on a volume of
170	+ a storage or distribution medium does not bring the other work under
171	+ the scope of this License.
172	+
173	+ 3. You may copy and distribute the Program (or a work based on it,
174	+ under Section 2) in object code or executable form under the terms of
175	+ Sections 1 and 2 above provided that you also do one of the following:
176	+
177	+ a) Accompany it with the complete corresponding machine-readable
178	+ source code, which must be distributed under the terms of Sections
179	+ 1 and 2 above on a medium customarily used for software interchange; or,
180	+
181	+ b) Accompany it with a written offer, valid for at least three
182	+ years, to give any third party, for a charge no more than your
183	+ cost of physically performing source distribution, a complete
184	+ machine-readable copy of the corresponding source code, to be
185	+ distributed under the terms of Sections 1 and 2 above on a medium
186	+ customarily used for software interchange; or,
187	+
188	+ c) Accompany it with the information you received as to the offer
189	+ to distribute corresponding source code. (This alternative is
190	+ allowed only for noncommercial distribution and only if you
191	+ received the program in object code or executable form with such
192	+ an offer, in accord with Subsection b above.)
193	+
194	+ The source code for a work means the preferred form of the work for
195	+ making modifications to it. For an executable work, complete source
196	+ code means all the source code for all modules it contains, plus any
197	+ associated interface definition files, plus the scripts used to
198	+ control compilation and installation of the executable. However, as a
199	+ special exception, the source code distributed need not include
200	+ anything that is normally distributed (in either source or binary
201	+ form) with the major components (compiler, kernel, and so on) of the
202	+ operating system on which the executable runs, unless that component
203	+ itself accompanies the executable.
204	+
205	+ If distribution of executable or object code is made by offering
206	+ access to copy from a designated place, then offering equivalent
207	+ access to copy the source code from the same place counts as
208	+ distribution of the source code, even though third parties are not
209	+ compelled to copy the source along with the object code.
210	+
211	+ 4. You may not copy, modify, sublicense, or distribute the Program
212	+ except as expressly provided under this License. Any attempt
213	+ otherwise to copy, modify, sublicense or distribute the Program is
214	+ void, and will automatically terminate your rights under this License.
215	+ However, parties who have received copies, or rights, from you under
216	+ this License will not have their licenses terminated so long as such
217	+ parties remain in full compliance.
218	+
219	+ 5. You are not required to accept this License, since you have not
220	+ signed it. However, nothing else grants you permission to modify or
221	+ distribute the Program or its derivative works. These actions are
222	+ prohibited by law if you do not accept this License. Therefore, by
223	+ modifying or distributing the Program (or any work based on the
224	+ Program), you indicate your acceptance of this License to do so, and
225	+ all its terms and conditions for copying, distributing or modifying
226	+ the Program or works based on it.
227	+
228	+ 6. Each time you redistribute the Program (or any work based on the
229	+ Program), the recipient automatically receives a license from the
230	+ original licensor to copy, distribute or modify the Program subject to
231	+ these terms and conditions. You may not impose any further
232	+ restrictions on the recipients' exercise of the rights granted herein.
233	+ You are not responsible for enforcing compliance by third parties to
234	+ this License.
235	+
236	+ 7. If, as a consequence of a court judgment or allegation of patent
237	+ infringement or for any other reason (not limited to patent issues),
238	+ conditions are imposed on you (whether by court order, agreement or
239	+ otherwise) that contradict the conditions of this License, they do not
240	+ excuse you from the conditions of this License. If you cannot
241	+ distribute so as to satisfy simultaneously your obligations under this
242	+ License and any other pertinent obligations, then as a consequence you
243	+ may not distribute the Program at all. For example, if a patent
244	+ license would not permit royalty-free redistribution of the Program by
245	+ all those who receive copies directly or indirectly through you, then
246	+ the only way you could satisfy both it and this License would be to
247	+ refrain entirely from distribution of the Program.
248	+
249	+ If any portion of this section is held invalid or unenforceable under
250	+ any particular circumstance, the balance of the section is intended to
251	+ apply and the section as a whole is intended to apply in other
252	+ circumstances.
253	+
254	+ It is not the purpose of this section to induce you to infringe any
255	+ patents or other property right claims or to contest validity of any
256	+ such claims; this section has the sole purpose of protecting the
257	+ integrity of the free software distribution system, which is
258	+ implemented by public license practices. Many people have made
259	+ generous contributions to the wide range of software distributed
260	+ through that system in reliance on consistent application of that
261	+ system; it is up to the author/donor to decide if he or she is willing
262	+ to distribute software through any other system and a licensee cannot
263	+ impose that choice.
264	+
265	+ This section is intended to make thoroughly clear what is believed to
266	+ be a consequence of the rest of this License.
267	+
268	+ 8. If the distribution and/or use of the Program is restricted in
269	+ certain countries either by patents or by copyrighted interfaces, the
270	+ original copyright holder who places the Program under this License
271	+ may add an explicit geographical distribution limitation excluding
272	+ those countries, so that distribution is permitted only in or among
273	+ countries not thus excluded. In such case, this License incorporates
274	+ the limitation as if written in the body of this License.
275	+
276	+ 9. The Free Software Foundation may publish revised and/or new versions
277	+ of the General Public License from time to time. Such new versions will
278	+ be similar in spirit to the present version, but may differ in detail to
279	+ address new problems or concerns.
280	+
281	+ Each version is given a distinguishing version number. If the Program
282	+ specifies a version number of this License which applies to it and "any
283	+ later version", you have the option of following the terms and conditions
284	+ either of that version or of any later version published by the Free
285	+ Software Foundation. If the Program does not specify a version number of
286	+ this License, you may choose any version ever published by the Free Software
287	+ Foundation.
288	+
289	+ 10. If you wish to incorporate parts of the Program into other free
290	+ programs whose distribution conditions are different, write to the author
291	+ to ask for permission. For software which is copyrighted by the Free
292	+ Software Foundation, write to the Free Software Foundation; we sometimes
293	+ make exceptions for this. Our decision will be guided by the two goals
294	+ of preserving the free status of all derivatives of our free software and
295	+ of promoting the sharing and reuse of software generally.
296	+
297	+ NO WARRANTY
298	+
299	+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
300	+ FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
301	+ OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
302	+ PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
303	+ OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
304	+ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
305	+ TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
306	+ PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
307	+ REPAIR OR CORRECTION.
308	+
309	+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
310	+ WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
311	+ REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
312	+ INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
313	+ OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
314	+ TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
315	+ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
316	+ PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
317	+ POSSIBILITY OF SUCH DAMAGES.
318	+
319	+ END OF TERMS AND CONDITIONS
320	+
321	+ How to Apply These Terms to Your New Programs
322	+
323	+ If you develop a new program, and you want it to be of the greatest
324	+ possible use to the public, the best way to achieve this is to make it
325	+ free software which everyone can redistribute and change under these terms.
326	+
327	+ To do so, attach the following notices to the program. It is safest
328	+ to attach them to the start of each source file to most effectively
329	+ convey the exclusion of warranty; and each file should have at least
330	+ the "copyright" line and a pointer to where the full notice is found.
331	+
332	+ <one line to give the program's name and a brief idea of what it does.>
333	+ Copyright (C) <year> <name of author>
334	+
335	+ This program is free software; you can redistribute it and/or modify
336	+ it under the terms of the GNU General Public License as published by
337	+ the Free Software Foundation; either version 2 of the License, or
338	+ (at your option) any later version.
339	+
340	+ This program is distributed in the hope that it will be useful,
341	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
342	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
343	+ GNU General Public License for more details.
344	+
345	+ You should have received a copy of the GNU General Public License along
346	+ with this program; if not, write to the Free Software Foundation, Inc.,
347	+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
348	+
349	+ Also add information on how to contact you by electronic and paper mail.
350	+
351	+ If the program is interactive, make it output a short notice like this
352	+ when it starts in an interactive mode:
353	+
354	+ Gnomovision version 69, Copyright (C) year name of author
355	+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
356	+ This is free software, and you are welcome to redistribute it
357	+ under certain conditions; type `show c' for details.
358	+
359	+ The hypothetical commands `show w' and `show c' should show the appropriate
360	+ parts of the General Public License. Of course, the commands you use may
361	+ be called something other than `show w' and `show c'; they could even be
362	+ mouse-clicks or menu items--whatever suits your program.
363	+
364	+ You should also get your employer (if you work as a programmer) or your
365	+ school, if any, to sign a "copyright disclaimer" for the program, if
366	+ necessary. Here is a sample; alter the names:
367	+
368	+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
369	+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
370	+
371	+ <signature of Ty Coon>, 1 April 1989
372	+ Ty Coon, President of Vice
373	+
374	+ This General Public License does not permit incorporating your program into
375	+ proprietary programs. If your program is a subroutine library, you may
376	+ consider it more useful to permit linking proprietary applications with the
377	+ library. If this is what you want to do, use the GNU Lesser General
378	+ Public License instead of this License.
379	+
380	+ WRITTEN OFFER
381	+
382	+ The source code for any program binaries or compressed scripts that are
383	+ included with WordPress can be freely obtained at the following URL:
384	+
385	+ https://wordpress.org/download/source/

{cli → old_wpremote/cli}/wprp.cli.php RENAMED Viewed

File without changes

{inc → old_wpremote/inc}/class-wprp-automatic-upgrader-skin.php RENAMED Viewed

File without changes

{inc → old_wpremote/inc}/class-wprp-core-upgrader-skin.php RENAMED Viewed

File without changes

{inc → old_wpremote/inc}/class-wprp-plugin-upgrader-skin.php RENAMED Viewed

File without changes

{inc → old_wpremote/inc}/class-wprp-theme-upgrader-skin.php RENAMED Viewed

File without changes

{languages → old_wpremote/languages}/index.php RENAMED Viewed

File without changes

{languages → old_wpremote/languages}/wp-remote-wordpress-plugin.mo RENAMED Viewed

File without changes

{languages → old_wpremote/languages}/wp-remote-wordpress-plugin.pot RENAMED Viewed

File without changes

old_wpremote/plugin.php ADDED Viewed

	@@ -0,0 +1,283 @@


1	+ <?php
2	+
3	+ if ( ! defined( 'WPR_URL' ) )
4	+ define( 'WPR_URL', 'https://wpremote.com/' );
5	+
6	+ if ( ! defined( 'WPR_LANG_DIR' ) )
7	+ define( 'WPR_LANG_DIR', apply_filters( 'wpr_filter_lang_dir', trailingslashit( WPRP_PLUGIN_PATH ) . trailingslashit( 'languages' ) ) );
8	+
9	+ // Don't activate on anything less than PHP 5.2.4
10	+ if ( version_compare( phpversion(), '5.2.4', '<' ) ) {
11	+
12	+ require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
13	+ deactivate_plugins( WPRP_PLUGIN_SLUG . '/wpremote.php' );
14	+
15	+ if ( isset( $_GET['action'] ) && ( $_GET['action'] == 'activate' \|\| $_GET['action'] == 'error_scrape' ) )
16	+ die( __( 'WP Remote requires PHP version 5.2.4 or greater.', 'wpremote' ) );
17	+
18	+ }
19	+
20	+ require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
21	+
22	+ if ( get_option( 'wprp_enable_log' ) )
23	+ require_once( WPRP_PLUGIN_PATH . '/wprp.log.php' );
24	+
25	+ // Backups require 3.1
26	+ if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
27	+
28	+ require_once( WPRP_PLUGIN_PATH . '/wprp.hm.backup.php' );
29	+ require_once( WPRP_PLUGIN_PATH . '/wprp.backups.php' );
30	+
31	+ }
32	+
33	+ /**
34	+ * Get a needed URL on the WP Remote site
35	+ *
36	+ * @param string $uri URI for the URL (optional)
37	+ * @return string $url Fully-qualified URL to WP Remote
38	+ */
39	+ function wprp_get_wpr_url( $uri = '' ) {
40	+
41	+ if ( empty( $uri ) )
42	+ return WPR_URL;
43	+
44	+ $url = rtrim( WPR_URL, '/' );
45	+ $uri = trim( $uri, '/' );
46	+ return $url . '/' . $uri . '/';
47	+ }
48	+
49	+ /**
50	+ * Catch the API calls and load the API
51	+ *
52	+ * @return null
53	+ */
54	+ function wprp_catch_api_call() {
55	+
56	+ if ( empty( $_POST['wpr_verify_key'] ) )
57	+ return;
58	+
59	+ require_once( WPRP_PLUGIN_PATH . '/wprp.integration.php' );
60	+ require_once( WPRP_PLUGIN_PATH . '/wprp.plugins.php' );
61	+ require_once( WPRP_PLUGIN_PATH . '/wprp.themes.php' );
62	+ require_once( WPRP_PLUGIN_PATH . '/wprp.content.php' );
63	+
64	+ require_once( WPRP_PLUGIN_PATH . '/wprp.api.php' );
65	+
66	+ exit;
67	+
68	+ }
69	+ add_action( 'init', 'wprp_catch_api_call', 100 );
70	+
71	+
72	+ /**
73	+ * Check for a bat signal from the mothership
74	+ *
75	+ * @since 2.7.0
76	+ */
77	+ function wprp_check_bat_signal() {
78	+
79	+ $bat_signal_key = 'wprp_bat_signal';
80	+
81	+ if ( false === get_transient( $bat_signal_key ) ) {
82	+
83	+ $bat_signal_url = trailingslashit( WPR_URL ) . 'bat-signal/';
84	+ $response = wp_remote_get( $bat_signal_url );
85	+ $response_body = wp_remote_retrieve_body( $response );
86	+ if ( 'destroy the evidence!' == trim( $response_body ) )
87	+ delete_option( 'wpr_api_key' );
88	+
89	+ // One request per day
90	+ set_transient( $bat_signal_key, 'the coast is clear', 60 * 60 * 24 );
91	+ }
92	+
93	+ }
94	+ add_action( 'init', 'wprp_check_bat_signal' );
95	+
96	+ /**
97	+ * Get the stored WPR API key
98	+ *
99	+ * @return mixed
100	+ */
101	+ function wprp_get_api_keys() {
102	+ $keys = apply_filters( 'wpr_api_keys', get_option( 'wpr_api_key' ) );
103	+ if ( ! empty( $keys ) )
104	+ return (array)$keys;
105	+ else
106	+ return array();
107	+ }
108	+
109	+ function wprp_plugin_update_check() {
110	+
111	+ $plugin_data = get_plugin_data( __FILE__ );
112	+
113	+ // define the plugin version
114	+ define( 'WPRP_VERSION', $plugin_data['Version'] );
115	+
116	+ // Fire the update action
117	+ if ( WPRP_VERSION !== get_option( 'wprp_plugin_version' ) )
118	+ wprp_update();
119	+
120	+ }
121	+ add_action( 'admin_init', 'wprp_plugin_update_check' );
122	+
123	+ /**
124	+ * Run any update code and update the current version in the db
125	+ *
126	+ * @access public
127	+ * @return void
128	+ */
129	+ function wprp_update() {
130	+
131	+ /**
132	+ * Remove the old _wpremote_backups directory
133	+ */
134	+ $uploads_dir = wp_upload_dir();
135	+
136	+ $old_wpremote_dir = trailingslashit( $uploads_dir['basedir'] ) . '_wpremote_backups';
137	+
138	+ if ( file_exists( $old_wpremote_dir ) )
139	+ WPRP_Backups::rmdir_recursive( $old_wpremote_dir );
140	+
141	+ // If BackUpWordPress isn't installed then lets just delete the whole backups directory
142	+ if ( ! defined( 'HMBKP_PLUGIN_PATH' ) && $path = get_option( 'hmbkp_path' ) ) {
143	+
144	+ WPRP_Backups::rmdir_recursive( $path );
145	+
146	+ delete_option( 'hmbkp_path' );
147	+ delete_option( 'hmbkp_default_path' );
148	+ delete_option( 'hmbkp_plugin_version' );
149	+
150	+ }
151	+
152	+ // Update the version stored in the db
153	+ if ( get_option( 'wprp_plugin_version' ) !== WPRP_VERSION )
154	+ update_option( 'wprp_plugin_version', WPRP_VERSION );
155	+
156	+ }
157	+
158	+ function _wprp_upgrade_core() {
159	+
160	+ if ( defined( 'DISALLOW_FILE_MODS' ) && DISALLOW_FILE_MODS )
161	+ return new WP_Error( 'disallow-file-mods', __( "File modification is disabled with the DISALLOW_FILE_MODS constant.", 'wpremote' ) );
162	+
163	+ include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
164	+ include_once ( ABSPATH . 'wp-admin/includes/upgrade.php' );
165	+ include_once ( ABSPATH . 'wp-includes/update.php' );
166	+ require_once ( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
167	+ require_once WPRP_PLUGIN_PATH . 'inc/class-wprp-core-upgrader-skin.php';
168	+
169	+ // check for filesystem access
170	+ if ( ! _wpr_check_filesystem_access() )
171	+ return new WP_Error( 'filesystem-not-writable', __( 'The filesystem is not writable with the supplied credentials', 'wpremote' ) );
172	+
173	+ // force refresh
174	+ wp_version_check();
175	+
176	+ $updates = get_core_updates();
177	+
178	+ if ( is_wp_error( $updates ) \|\| ! $updates )
179	+ return new WP_Error( 'no-update-available' );
180	+
181	+ $update = reset( $updates );
182	+
183	+ if ( ! $update )
184	+ return new WP_Error( 'no-update-available' );
185	+
186	+ $skin = new WPRP_Core_Upgrader_Skin();
187	+
188	+ $upgrader = new Core_Upgrader( $skin );
189	+ $result = $upgrader->upgrade($update);
190	+
191	+ if ( is_wp_error( $result ) )
192	+ return $result;
193	+
194	+ global $wp_current_db_version, $wp_db_version;
195	+
196	+ // we have to include version.php so $wp_db_version
197	+ // will take the version of the updated version of wordpress
198	+ require( ABSPATH . WPINC . '/version.php' );
199	+
200	+ wp_upgrade();
201	+
202	+ return true;
203	+ }
204	+
205	+ function _wpr_check_filesystem_access() {
206	+
207	+ ob_start();
208	+ $success = request_filesystem_credentials( '' );
209	+ ob_end_clean();
210	+
211	+ return (bool) $success;
212	+ }
213	+
214	+ function _wpr_set_filesystem_credentials( $credentials ) {
215	+
216	+ if ( empty( $_POST['filesystem_details'] ) )
217	+ return $credentials;
218	+
219	+ $_credentials = array(
220	+ 'username' => $_POST['filesystem_details']['credentials']['username'],
221	+ 'password' => $_POST['filesystem_details']['credentials']['password'],
222	+ 'hostname' => $_POST['filesystem_details']['credentials']['hostname'],
223	+ 'connection_type' => $_POST['filesystem_details']['method']
224	+ );
225	+
226	+ // check whether the credentials can be used
227	+ if ( ! WP_Filesystem( $_credentials ) ) {
228	+ return $credentials;
229	+ }
230	+
231	+ return $_credentials;
232	+ }
233	+ add_filter( 'request_filesystem_credentials', '_wpr_set_filesystem_credentials' );
234	+
235	+ /**
236	+ *
237	+ */
238	+ function wprp_translations_init() {
239	+
240	+ if ( is_admin() ) {
241	+
242	+ /** Set unique textdomain string */
243	+ $wprp_textdomain = 'wpremote';
244	+
245	+ /** The 'plugin_locale' filter is also used by default in load_plugin_textdomain() */
246	+ $plugin_locale = apply_filters( 'plugin_locale', get_locale(), $wprp_textdomain );
247	+
248	+ /** Set filter for WordPress languages directory */
249	+ $wprp_wp_lang_dir = apply_filters(
250	+ 'wprp_filter_wp_lang_dir',
251	+ trailingslashit( WP_LANG_DIR ) . trailingslashit( 'wp-remote' ) . $wprp_textdomain . '-' . $plugin_locale . '.mo'
252	+ );
253	+
254	+ /** Translations: First, look in WordPress' "languages" folder = custom & update-secure! */
255	+ load_textdomain( $wprp_textdomain, $wprp_wp_lang_dir );
256	+
257	+ /** Translations: Secondly, look in plugin's "languages" folder = default */
258	+ load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
259	+ }
260	+ }
261	+ add_action( 'plugins_loaded', 'wprp_translations_init' );
262	+
263	+ /**
264	+ * Format a WP User object into a better
265	+ * object for the API
266	+ */
267	+ function wprp_format_user_obj( $user_obj ) {
268	+ $new_user_obj = new stdClass;
269	+
270	+ foreach( $user_obj->data as $key => $value ) {
271	+ $new_user_obj->$key = $value;
272	+ }
273	+
274	+ $new_user_obj->roles = $user_obj->roles;
275	+ $new_user_obj->caps = $user_obj->caps;
276	+
277	+ return $new_user_obj;
278	+ }
279	+
280	+ // == CLI == //
281	+ if ( defined( 'WP_CLI' ) && WP_CLI ) {
282	+ require_once 'cli/wprp.cli.php';
283	+ }

wprp.api.php → old_wpremote/wprp.api.php RENAMED Viewed

File without changes

wprp.backups.php → old_wpremote/wprp.backups.php RENAMED Viewed

File without changes

wprp.compatability.php → old_wpremote/wprp.compatability.php RENAMED Viewed

File without changes

wprp.content.php → old_wpremote/wprp.content.php RENAMED Viewed

File without changes

wprp.hm.backup.php → old_wpremote/wprp.hm.backup.php RENAMED Viewed

File without changes

wprp.integration.php → old_wpremote/wprp.integration.php RENAMED Viewed

File without changes

wprp.log.php → old_wpremote/wprp.log.php RENAMED Viewed

File without changes

wprp.plugins.php → old_wpremote/wprp.plugins.php RENAMED Viewed

File without changes

wprp.themes.php → old_wpremote/wprp.themes.php RENAMED Viewed

File without changes

phpunit.xml DELETED Viewed

@@ -1,14 +0,0 @@
-            -
            <phpunit
-            -
            	bootstrap="tests/bootstrap.php"
-            -
            	backupGlobals="false"
-            -
            	colors="true"
-            -
            	convertErrorsToExceptions="true"
-            -
            	convertNoticesToExceptions="true"
-            -
            	convertWarningsToExceptions="true"
-            -
            	>
-            -
            	<testsuites>
-            -
            		<testsuite>
-            -
            			<directory>./tests/</directory>
-            -
            		</testsuite>
-            -
            	</testsuites>
-            -
            </phpunit>

plugin.php CHANGED Viewed

@@ -1,19 +1,19 @@
             <?php
-            -
             /*
             Plugin Name: WP Remote
             Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>.
-            -
            Version: 2.8.4.3
-            -
            Author: maekit
-            -
            Author URI: https://maek.it/
-            -
            */
-            -
            /*  Copyright 2017 maekit  (email : hello@maek.it)
                 This program is free software; you can redistribute it and/or modify
-            -
                it under the terms of the GNU General Public License as published by
-            -
                the Free Software Foundation; either version 2 of the License, or
-            -
                (at your option) any later version.
                 This program is distributed in the hope that it will be useful,
                 but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -22,295 +22,128 @@ Author URI: https://maek.it/
                 You should have received a copy of the GNU General Public License
                 along with this program; if not, write to the Free Software
-            -
                Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
             */
-            -
            define( 'WPRP_PLUGIN_SLUG', 'wpremote' );
-            -
            define( 'WPRP_PLUGIN_BASE',  plugin_basename(__FILE__) );
-            -
            define( 'WPRP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) );
-            -
-            -
            if ( ! defined( 'WPR_URL' ) )
-            -
            	define( 'WPR_URL', 'https://wpremote.com/' );
-            -
-            -
            if ( ! defined( 'WPR_API_URL' ) )
-            -
            	define( 'WPR_API_URL', 'https://wpremote.com/api/json/' );
-            -
-            -
            if ( ! defined( 'WPR_LANG_DIR' ) )
-            -
            	define( 'WPR_LANG_DIR', apply_filters( 'wpr_filter_lang_dir', trailingslashit( WPRP_PLUGIN_PATH ) . trailingslashit( 'languages' ) ) );
-            -
-            -
            // Don't activate on anything less than PHP 5.2.4
-            -
            if ( version_compare( phpversion(), '5.2.4', '<' ) ) {
-            -
-            -
            	require_once( ABSPATH . 'wp-admin/includes/plugin.php' );
-            -
            	deactivate_plugins( WPRP_PLUGIN_SLUG . '/plugin.php' );
-            -
-            -
            	if ( isset( $_GET['action'] ) && ( $_GET['action'] == 'activate' || $_GET['action'] == 'error_scrape' ) )
-            -
            		die( __( 'WP Remote requires PHP version 5.2.4 or greater.', 'wpremote' ) );
-            -
-            -
            }
-            -
-            -
            require_once( WPRP_PLUGIN_PATH . '/wprp.admin.php' );
-            -
            require_once( WPRP_PLUGIN_PATH . '/wprp.compatability.php' );
-            -
-            -
            if ( get_option( 'wprp_enable_log' ) )
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.log.php' );
-            -
-            -
            // Backups require 3.1
-            -
            if ( version_compare( get_bloginfo( 'version' ), '3.1', '>=' ) ) {
-            -
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.hm.backup.php' );
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.backups.php' );
-            -
-            -
            }
-            -
-            -
            /**
-            -
             * Get a needed URL on the WP Remote site
-            -
             *
-            -
             * @param string      $uri     URI for the URL (optional)
-            -
             * @return string     $url     Fully-qualified URL to WP Remote
-            -
             */
-            -
            function wprp_get_wpr_url( $uri = '' ) {
-            -
-            -
            	if ( empty( $uri ) )
-            -
            		return WPR_URL;
-            -
-            -
            	$url = rtrim( WPR_URL, '/' );
-            -
            	$uri = trim( $uri, '/' );
-            -
            	return $url . '/' . $uri . '/';
-            -
            }
-            -
-            -
            /**
-            -
             * Catch the API calls and load the API
-            -
             *
-            -
             * @return null
-            -
             */
-            -
            function wprp_catch_api_call() {
-            -
-            -
            	if ( empty( $_POST['wpr_verify_key'] ) )
-            -
            		return;
-            -
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.integration.php' );
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.plugins.php' );
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.themes.php' );
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.content.php' );
-            -
-            -
            	require_once( WPRP_PLUGIN_PATH . '/wprp.api.php' );
-            -
-            -
            	exit;
-            -
-            -
            }
-            -
            add_action( 'init', 'wprp_catch_api_call', 100 );
-            -
-            -
-            -
            /**
-            -
             * Check for a bat signal from the mothership
-            -
             *
-            -
             * @since 2.7.0
-            -
             */
-            -
            function wprp_check_bat_signal() {
-            -
-            -
            	$bat_signal_key = 'wprp_bat_signal';
-            -
-            -
            	if ( false === get_transient( $bat_signal_key ) ) {
-            -
-            -
            		$bat_signal_url = trailingslashit( WPR_URL ) . 'bat-signal/';
-            -
            		$response = wp_remote_get( $bat_signal_url );
-            -
            		$response_body = wp_remote_retrieve_body( $response );
-            -
            		if ( 'destroy the evidence!' == trim( $response_body ) )
-            -
            			delete_option( 'wpr_api_key' );
-            -
-            -
            		// One request per day
-            -
            		set_transient( $bat_signal_key, 'the coast is clear', 60 * 60 * 24 );
-            -
            	}
-            -
-            -
            }
-            -
            add_action( 'init', 'wprp_check_bat_signal' );
-            -
-            -
            /**
-            -
             * Get the stored WPR API key
-            -
             *
-            -
             * @return mixed
-            -
             */
-            -
            function wprp_get_api_keys() {
-            -
            	$keys = apply_filters( 'wpr_api_keys', get_option( 'wpr_api_key' ) );
-            -
            	if ( ! empty( $keys ) )
-            -
            		return (array)$keys;
-            -
            	else
-            -
            		return array();
-            -
            }
-            -
-            -
            function wprp_plugin_update_check() {
-            -
            	$plugin_data = get_plugin_data( __FILE__ );
-            -
-            -
            	// define the plugin version
-            -
            	define( 'WPRP_VERSION', $plugin_data['Version'] );
-            -
-            -
            	// Fire the update action
-            -
            	if ( WPRP_VERSION !== get_option( 'wprp_plugin_version' ) )
-            -
            		wprp_update();
+            }
-            -
            add_action( 'admin_init', 'wprp_plugin_update_check' );
-            -
-            -
            /**
-            -
             * Run any update code and update the current version in the db
-            -
             *
-            -
             * @access public
-            -
             * @return void
-            -
             */
-            -
            function wprp_update() {
-            -
-            -
            	/**
-            -
            	 * Remove the old _wpremote_backups directory
-            -
            	 */
-            -
            	$uploads_dir = wp_upload_dir();
-            -
-            -
            	$old_wpremote_dir = trailingslashit( $uploads_dir['basedir'] ) . '_wpremote_backups';
-            -
-            -
            	if ( file_exists( $old_wpremote_dir ) )
-            -
            		WPRP_Backups::rmdir_recursive( $old_wpremote_dir );
-            -
-            -
            	// If BackUpWordPress isn't installed then lets just delete the whole backups directory
-            -
            	if ( ! defined( 'HMBKP_PLUGIN_PATH' ) && $path = get_option( 'hmbkp_path' ) ) {
-            -
-            -
            		WPRP_Backups::rmdir_recursive( $path );
-            -
-            -
            		delete_option( 'hmbkp_path' );
-            -
            		delete_option( 'hmbkp_default_path' );
-            -
            		delete_option( 'hmbkp_plugin_version' );
+            	}
-            -
-            -
            	// Update the version stored in the db
-            -
            	if ( get_option( 'wprp_plugin_version' ) !== WPRP_VERSION )
-            -
            		update_option( 'wprp_plugin_version', WPRP_VERSION );
-            -
-            -
            }
-            -
-            -
            function _wprp_upgrade_core()  {
-            -
-            -
            	if ( defined( 'DISALLOW_FILE_MODS' ) && DISALLOW_FILE_MODS )
-            -
            		return new WP_Error( 'disallow-file-mods', __( "File modification is disabled with the DISALLOW_FILE_MODS constant.", 'wpremote' ) );
-            -
-            -
            	include_once ( ABSPATH . 'wp-admin/includes/admin.php' );
-            -
            	include_once ( ABSPATH . 'wp-admin/includes/upgrade.php' );
-            -
            	include_once ( ABSPATH . 'wp-includes/update.php' );
-            -
            	require_once ( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
-            -
            	require_once WPRP_PLUGIN_PATH . 'inc/class-wprp-core-upgrader-skin.php';
-            -
-            -
            	// check for filesystem access
-            -
            	if ( ! _wpr_check_filesystem_access() )
-            -
            		return new WP_Error( 'filesystem-not-writable', __( 'The filesystem is not writable with the supplied credentials', 'wpremote' ) );
-            -
-            -
            	// force refresh
-            -
            	wp_version_check();
-            -
-            -
            	$updates = get_core_updates();
-            -
-            -
            	if ( is_wp_error( $updates ) || ! $updates )
-            -
            		return new WP_Error( 'no-update-available' );
-            -
-            -
            	$update = reset( $updates );
-            -
-            -
            	if ( ! $update )
-            -
            		return new WP_Error( 'no-update-available' );
-            -
-            -
            	$skin = new WPRP_Core_Upgrader_Skin();
-            -
-            -
            	$upgrader = new Core_Upgrader( $skin );
-            -
            	$result = $upgrader->upgrade($update);
-            -
-            -
            	if ( is_wp_error( $result ) )
-            -
            		return $result;
-            -
-            -
            	global $wp_current_db_version, $wp_db_version;
-            -
-            -
            	// we have to include version.php so $wp_db_version
-            -
            	// will take the version of the updated version of wordpress
-            -
            	require( ABSPATH . WPINC . '/version.php' );
-            -
-            -
            	wp_upgrade();
-            -
-            -
            	return true;
+            }
-            -
            function _wpr_check_filesystem_access() {
-            -
            	ob_start();
-            -
            	$success = request_filesystem_credentials( '' );
-            -
            	ob_end_clean();
-            -
-            -
            	return (bool) $success;
+            }
-            -
            function _wpr_set_filesystem_credentials( $credentials ) {
-            -
-            -
            	if ( empty( $_POST['filesystem_details'] ) )
-            -
            		return $credentials;
-            -
            	$_credentials = array(
-            -
            		'username' => $_POST['filesystem_details']['credentials']['username'],
-            -
            		'password' => $_POST['filesystem_details']['credentials']['password'],
-            -
            		'hostname' => $_POST['filesystem_details']['credentials']['hostname'],
-            -
            		'connection_type' => $_POST['filesystem_details']['method']
-            -
            	);
-            -
            	// check whether the credentials can be used
-            -
            	if ( ! WP_Filesystem( $_credentials ) ) {
-            -
            		return $credentials;
+            	}
-            -
            	return $_credentials;
-            -
            }
-            -
            add_filter( 'request_filesystem_credentials', '_wpr_set_filesystem_credentials' );
-            -
-            -
            /**
-            -
             *
-            -
             */
-            -
            function wprp_translations_init() {
-            -
-            -
            	if ( is_admin() ) {
-            -
-            -
            		/** Set unique textdomain string */
-            -
            		$wprp_textdomain = 'wpremote';
-            -
-            -
            		/** The 'plugin_locale' filter is also used by default in load_plugin_textdomain() */
-            -
            		$plugin_locale = apply_filters( 'plugin_locale', get_locale(), $wprp_textdomain );
-            -
-            -
            		/** Set filter for WordPress languages directory */
-            -
            		$wprp_wp_lang_dir = apply_filters(
-            -
            			'wprp_filter_wp_lang_dir',
-            -
            				trailingslashit( WP_LANG_DIR ) . trailingslashit( 'wp-remote' ) . $wprp_textdomain . '-' . $plugin_locale . '.mo'
             		);
-            -
-            -
            		/** Translations: First, look in WordPress' "languages" folder = custom & update-secure! */
-            -
            		load_textdomain( $wprp_textdomain, $wprp_wp_lang_dir );
-            -
-            -
            		/** Translations: Secondly, look in plugin's "languages" folder = default */
-            -
            		load_plugin_textdomain( $wprp_textdomain, FALSE, WPR_LANG_DIR );
+            	}
+            }
-            -
            add_action( 'plugins_loaded', 'wprp_translations_init' );
-            -
-            -
            /**
-            -
             * Format a WP User object into a better
-            -
             * object for the API
-            -
             */
-            -
            function wprp_format_user_obj( $user_obj ) {
-            -
            	$new_user_obj = new stdClass;
-            -
-            -
            	foreach( $user_obj->data as $key => $value ) {
-            -
            		$new_user_obj->$key = $value;
-            -
            	}
-            -
-            -
            	$new_user_obj->roles = $user_obj->roles;
-            -
            	$new_user_obj->caps = $user_obj->caps;
-            -
            	return $new_user_obj;
+            }
-            -
            // == CLI == //
-            -
            if ( defined( 'WP_CLI' ) && WP_CLI ) {
-            -
                require_once 'cli/wprp.cli.php';
+            }

             <?php
             /*
             Plugin Name: WP Remote
+            +
            Plugin URI: https://wpremote.com
             Description: Manage your WordPress site with <a href="https://wpremote.com/">WP Remote</a>.
+            +
            Author: WP Remote
+            +
            Author URI: https://wpremote.com
+            +
            Version: 3.2
+            +
            Network: True
+            +
             */
+            +
            /*  Copyright 2017  WP Remote  (email : support@wpremote.com)
                 This program is free software; you can redistribute it and/or modify
+            +
                it under the terms of the GNU General Public License, version 2, as
+            +
                published by the Free Software Foundation.
                 This program is distributed in the hope that it will be useful,
                 but WITHOUT ANY WARRANTY; without even the implied warranty of
                 You should have received a copy of the GNU General Public License
                 along with this program; if not, write to the Free Software
+            +
                Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
             */
+            +
            /* Global response array */
+            +
            if (!defined('ABSPATH')) exit;
+            +
            if (get_option( 'wpr_api_key' ) !== false) {
+            +
            	define( 'WPRP_PLUGIN_SLUG', 'wpremote' );
+            +
            	define( 'WPRP_PLUGIN_BASE',  plugin_basename(__FILE__) );
+            +
            	define( 'WPRP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) . 'old_wpremote/' );
+            +
            	require 'old_wpremote/plugin.php';
+            }
+            +
            require_once dirname( __FILE__ ) . '/wp_settings.php';
+            +
            require_once dirname( __FILE__ ) . '/wp_site_info.php';
+            +
            require_once dirname( __FILE__ ) . '/wp_db.php';
+            +
            require_once dirname( __FILE__ ) . '/wp_api.php';
+            +
            require_once dirname( __FILE__ ) . '/wp_actions.php';
+            +
            require_once dirname( __FILE__ ) . '/info.php';
+            +
            require_once dirname( __FILE__ ) . '/account.php';
+            +
+            +
+            +
            $bvsettings = new WPRWPSettings();
+            +
            $bvsiteinfo = new WPRWPSiteInfo();
+            +
            $bvdb = new WPRWPDb();
+            +
+            +
+            +
            $bvapi = new WPRWPAPI($bvsettings);
+            +
            $bvinfo = new WPRInfo($bvsettings);
+            +
            $wp_action = new WPRWPAction($bvsettings, $bvsiteinfo, $bvapi);
+            +
+            +
            register_uninstall_hook(__FILE__, array('WPRWPAction', 'uninstall'));
+            +
            register_activation_hook(__FILE__, array($wp_action, 'activate'));
+            +
            register_deactivation_hook(__FILE__, array($wp_action, 'deactivate'));
+            +
+            +
            add_action('wp_footer', array($wp_action, 'footerHandler'), 100);
+            +
+            +
            ##WPCLIMODULE##
+            +
            if (is_admin()) {
+            +
            	require_once dirname( __FILE__ ) . '/wp_admin.php';
+            +
            	$wpadmin = new WPRWPAdmin($bvsettings, $bvsiteinfo);
+            +
            	add_action('admin_init', array($wpadmin, 'initHandler'));
+            +
            	add_filter('all_plugins', array($wpadmin, 'initBranding'));
+            +
            	add_filter('plugin_row_meta', array($wpadmin, 'hidePluginDetails'), 10, 2);
+            +
            	if ($bvsiteinfo->isMultisite()) {
+            +
            		add_action('network_admin_menu', array($wpadmin, 'menu'));
+            +
            	} else {
+            +
            		add_action('admin_menu', array($wpadmin, 'menu'));
+            	}
+            +
            	add_filter('plugin_action_links', array($wpadmin, 'settingsLink'), 10, 2);
+            +
            	add_action('admin_notices', array($wpadmin, 'activateWarning'));
+            +
            	##ADMINENQUEUESCRIPTS##
+            }
+            +
            if ((array_key_exists('bvreqmerge', $_POST)) || (array_key_exists('bvreqmerge', $_GET))) {
+            +
            	$_REQUEST = array_merge($_GET, $_POST);
+            }
+            +
            if ((array_key_exists('bvplugname', $_REQUEST)) && ($_REQUEST['bvplugname'] == "wpremote")) {
+            +
            	require_once dirname( __FILE__ ) . '/callback/base.php';
+            +
            	require_once dirname( __FILE__ ) . '/callback/response.php';
+            +
            	require_once dirname( __FILE__ ) . '/callback/request.php';
+            +
            	require_once dirname( __FILE__ ) . '/recover.php';
+            +
            	$pubkey = $_REQUEST['pubkey'];
+            +
            	if (array_key_exists('rcvracc', $_REQUEST)) {
+            +
            		$account = WPRRecover::find($bvsettings, $pubkey);
+            +
            	} else {
+            +
            		$account = WPRAccount::find($bvsettings, $pubkey);
+            	}
+            +
            	$request = new BVCallbackRequest($account, $_REQUEST);
+            +
            	$response = new BVCallbackResponse($request->bvb64cksize);
+            +
+            +
            	if ($account && (1 === $account->authenticate($request))) {
+            +
            		require_once dirname( __FILE__ ) . '/callback/handler.php';
+            +
            		$params = $request->processParams($_REQUEST);
+            +
            		if ($params === false) {
+            +
            			$resp = array(
+            +
            				"account_info" => $account->respInfo(),
+            +
            				"request_info" => $request->respInfo(),
+            +
            				"bvinfo" => $bvinfo->respInfo(),
+            +
            				"statusmsg" => "BVPRMS_CORRUPTED"
+            +
            			);
+            +
            			$response->terminate($resp);
+            +
            		}
+            +
            		$request->params = $params;
+            +
            		$callback_handler = new BVCallbackHandler($bvdb, $bvsettings, $bvsiteinfo, $request, $account, $response);
+            +
            		if ($request->is_afterload) {
+            +
            			add_action('wp_loaded', array($callback_handler, 'execute'));
+            +
            		} else if ($request->is_admin_ajax) {
+            +
            			add_action('wp_ajax_bvadm', array($callback_handler, 'bvAdmExecuteWithUser'));
+            +
            			add_action('wp_ajax_nopriv_bvadm', array($callback_handler, 'bvAdmExecuteWithoutUser'));
+            +
            		} else {
+            +
            			$callback_handler->execute();
+            +
            		}
+            +
            	} else {
+            +
            		$resp = array(
+            +
            			"account_info" => $account ? $account->respInfo() : array("error" => "ACCOUNT_NOT_FOUND"),
+            +
            			"request_info" => $request->respInfo(),
+            +
            			"bvinfo" => $bvinfo->respInfo(),
+            +
            			"statusmsg" => "FAILED_AUTH",
+            +
            			"api_pubkey" => substr(WPRAccount::getApiPublicKey($bvsettings), 0, 8),
+            +
            			"def_sigmatch" => substr(WPRAccount::getSigMatch($request, WPRRecover::getDefaultSecret($bvsettings)), 0, 8)
             		);
+            +
            		$response->terminate($resp);
+            	}
+            +
            } else {
+            +
            	if ($bvinfo->isProtectModuleEnabled()) {
+            +
            	require_once dirname( __FILE__ ) . '/protect/protect.php';
+            +
            	require_once dirname( __FILE__ ) . '/protect/ipstore.php';
+            +
            	$bvprotect = new BVProtect($bvdb, $bvsettings);
+            +
            	$bvprotect->init();
+            }
+            +
            	if ($bvinfo->isDynSyncModuleEnabled()) {
+            +
            	require_once dirname( __FILE__ ) . '/wp_dynsync.php';
+            +
            	$dynsync = new BVWPDynSync($bvdb, $bvsettings);
+            +
            	$dynsync->init();
+            }
+            }

protect/ipstore.php ADDED Viewed

	@@ -0,0 +1,97 @@


1	+ <?php
2	+ if (!defined('ABSPATH')) exit;
3	+ if (!class_exists('BVIPStore')) :
4	+
5	+ class BVIPStore {
6	+
7	+ public $db;
8	+ public static $name = 'ip_store';
9	+
10	+ #TYPE
11	+ const BLACKLISTED = 1;
12	+ const WHITELISTED = 2;
13	+
14	+ #CATEGORY
15	+ const FW = 3;
16	+ const LP = 4;
17	+
18	+ function __construct($db) {
19	+ $this->db = $db;
20	+ }
21	+
22	+ function init() {
23	+ add_action('clear_ip_store', array($this, 'clearConfig'));
24	+ }
25	+
26	+ public function clearConfig() {
27	+ $this->db->dropBVTable(BVIPStore::$name);
28	+ }
29	+
30	+ public function hasIPv6Support() {
31	+ return defined('AF_INET6');
32	+ }
33	+
34	+ public static function isValidIP($ip) {
35	+ return filter_var($ip, FILTER_VALIDATE_IP) !== false;
36	+ }
37	+
38	+ public function bvInetPton($ip) {
39	+ $pton = $this->isValidIP($ip) ? ($this->hasIPv6Support() ? inet_pton($ip) : $this->_bvInetPton($ip)) : false;
40	+ return $pton;
41	+ }
42	+
43	+ public function _bvInetPton($ip) {
44	+ if (preg_match('/^(?:\d{1,3}(?:\.\|$)){4}/', $ip)) {
45	+ $octets = explode('.', $ip);
46	+ $bin = chr($octets[0]) . chr($octets[1]) . chr($octets[2]) . chr($octets[3]);
47	+ return $bin;
48	+ }
49	+
50	+ if (preg_match('/^((?:[\da-f]{1,4}(?::\|)){0,8})(::)?((?:[\da-f]{1,4}(?::\|)){0,8})$/i', $ip)) {
51	+ if ($ip === '::') {
52	+ return "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
53	+ }
54	+ $colon_count = substr_count($ip, ':');
55	+ $dbl_colon_pos = strpos($ip, '::');
56	+ if ($dbl_colon_pos !== false) {
57	+ $ip = str_replace('::', str_repeat(':0000',
58	+ (($dbl_colon_pos === 0 \|\| $dbl_colon_pos === strlen($ip) - 2) ? 9 : 8) - $colon_count) . ':', $ip);
59	+ $ip = trim($ip, ':');
60	+ }
61	+
62	+ $ip_groups = explode(':', $ip);
63	+ $ipv6_bin = '';
64	+ foreach ($ip_groups as $ip_group) {
65	+ $ipv6_bin .= pack('H*', str_pad($ip_group, 4, '0', STR_PAD_LEFT));
66	+ }
67	+
68	+ return strlen($ipv6_bin) === 16 ? $ipv6_bin : false;
69	+ }
70	+
71	+ if (preg_match('/^(?:\:(?:\:0{1,4}){0,4}\:\|(?:0{1,4}\:){5})ffff\:(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$/i', $ip, $matches)) {
72	+ $octets = explode('.', $matches[1]);
73	+ return chr($octets[0]) . chr($octets[1]) . chr($octets[2]) . chr($octets[3]);
74	+ }
75	+
76	+ return false;
77	+ }
78	+
79	+ public function checkIPPresent($ip, $type, $category) {
80	+ $db = $this->db;
81	+ $table = $db->getBVTable(BVIPStore::$name);
82	+ if ($db->isTablePresent($table)) {
83	+ $binIP = $this->bvInetPton($ip);
84	+ if ($binIP !== false) {
85	+ $category_str = ($category == BVIPStore::FW) ? "`is_fw` = true" : "`is_lp` = true";
86	+ $query_str = "SELECT * FROM $table WHERE %s >= `start_ip_range` && %s <= `end_ip_range` && " . $category_str . " && `type` = %d LIMIT 1;";
87	+ $query = $db->prepare($query_str, array($binIP, $binIP, $type));
88	+ if ($db->getVar($query) > 0)
89	+ return true;
90	+ }
91	+ return false;
92	+ }
93	+ return false;
94	+ }
95	+
96	+ }
97	+ endif;

protect/logger.php ADDED Viewed

	@@ -0,0 +1,24 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVLogger')) :
5	+ class BVLogger {
6	+ public $db;
7	+ public $table;
8	+ const MAXROWCOUNT = 100000;
9	+
10	+ function __construct($db, $table) {
11	+ $this->db = $db;
12	+ $this->table = $table;
13	+ }
14	+
15	+ public function log($data) {
16	+ if (is_array($data)) {
17	+ $tablename = $this->db->getBVTable($this->table);
18	+ if ($this->db->rowsCount($tablename) > BVLogger::MAXROWCOUNT)
19	+ $this->db->deleteRowsFromtable($this->table, 1);
20	+ $this->db->replaceIntoBVTable($this->table, $data);
21	+ }
22	+ }
23	+ }
24	+ endif;

protect/protect.php ADDED Viewed

	@@ -0,0 +1,58 @@


1	+ <?php
2	+ if (!defined('ABSPATH')) exit;
3	+ if (!class_exists('BVProtect')) :
4	+
5	+ require_once dirname( __FILE__ ) . '/logger.php';
6	+ require_once dirname( __FILE__ ) . '/ipstore.php';
7	+ require_once dirname( __FILE__ ) . '/wp_fw/fw.php';
8	+ require_once dirname( __FILE__ ) . '/wp_lp/lp.php';
9	+
10	+ class BVProtect {
11	+ public $db;
12	+ public $settings;
13	+
14	+ function __construct($db, $settings) {
15	+ $this->settings = $settings;
16	+ $this->db = $db;
17	+ }
18	+
19	+ public function init() {
20	+ $bvipstore = new BVIPStore($this->db);
21	+ $bvipstore->init();
22	+ $ip = $this->getIP();
23	+ $fw = new BVWPFW($this->db, $this->settings, $ip, $bvipstore);
24	+ if ($fw->config->isActive()) {
25	+ $fw->init();
26	+ $fw->execute();
27	+ }
28	+ add_action('clear_fw_config', array($fw->config, 'clear'));
29	+ $lp = new BVWPLP($this->db, $this->settings, $ip, $bvipstore);
30	+ if ($lp->isActive()) {
31	+ $lp->init();
32	+ }
33	+ add_action('clear_lp_config', array($lp->config, 'clear'));
34	+ }
35	+
36	+ public function getIP() {
37	+ $ip = '127.0.0.1';
38	+ $bvinfo = new WPRInfo($this->settings);
39	+ if (($ipHeader = $this->settings->getOption($bvinfo->ip_header_option)) && is_array($ipHeader)) {
40	+ if (array_key_exists($ipHeader['hdr'], $_SERVER)) {
41	+ $_ips = preg_split("/(,\| \|\t)/", $_SERVER[$ipHeader['hdr']]);
42	+ if (array_key_exists(intval($ipHeader['pos']), $_ips)) {
43	+ $ip = $_ips[intval($ipHeader['pos'])];
44	+ }
45	+ }
46	+ } else if (array_key_exists('REMOTE_ADDR', $_SERVER)) {
47	+ $ip = $_SERVER['REMOTE_ADDR'];
48	+ }
49	+ $ip = trim($ip);
50	+ if (preg_match('/^\[([0-9a-fA-F:]+)\](:[0-9]+)$/', $ip, $matches)) {
51	+ $ip = $matches[1];
52	+ } elseif (preg_match('/^([0-9.]+)(:[0-9]+)$/', $ip, $matches)) {
53	+ $ip = $matches[1];
54	+ }
55	+ return $ip;
56	+ }
57	+ }
58	+ endif;

protect/wp_fw/config.php ADDED Viewed

	@@ -0,0 +1,251 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPFWConfig')) :
5	+ class BVWPFWConfig {
6	+ public $db;
7	+ public $settings;
8	+ public static $requests_table = 'fw_requests';
9	+ public static $allRules = array(108, 112, 114, 115, 132, 133, 145, 146, 155, 156, 165, 167, 168, 169, 171, 172, 173, 174, 175, 176, 177, 178);
10	+ public static $roleLevels = array(
11	+ 'administrator' => BVWPFWConfig::ROLE_LEVEL_ADMIN,
12	+ 'editor' => BVWPFWConfig::ROLE_LEVEL_EDITOR,
13	+ 'author' => BVWPFWConfig::ROLE_LEVEL_AUTHOR,
14	+ 'contributor' => BVWPFWConfig::ROLE_LEVEL_CONTRIBUTOR,
15	+ 'subscriber' => BVWPFWConfig::ROLE_LEVEL_SUBSCRIBER
16	+ );
17	+
18	+ function __construct($db, $settings) {
19	+ $this->db = $db;
20	+ $this->settings = $settings;
21	+ }
22	+
23	+ #mode
24	+ const DISABLED = 1;
25	+ const AUDIT = 2;
26	+ const PROTECT = 3;
27	+
28	+ #Rule Mode
29	+ const DISABLEDRULE = 1;
30	+ const AUDITRULE = 2;
31	+ const PROTECTRULE = 3;
32	+
33	+ #Request Profiling Mode
34	+ const REQ_PROFILING_MODE_DISABLED = 1;
35	+ const REQ_PROFILING_MODE_NORMAL = 2;
36	+ const REQ_PROFILING_MODE_DEBUG = 3;
37	+
38	+ #Cookie Mode
39	+ const COOKIE_MODE_ENABLED = 1;
40	+ const COOKIE_MODE_DISABLED = 2;
41	+
42	+ #Role Level
43	+ const ROLE_LEVEL_SUBSCRIBER = 1;
44	+ const ROLE_LEVEL_CONTRIBUTOR = 2;
45	+ const ROLE_LEVEL_AUTHOR = 3;
46	+ const ROLE_LEVEL_EDITOR = 4;
47	+ const ROLE_LEVEL_ADMIN = 5;
48	+ const ROLE_LEVEL_CUSTOM = 6;
49	+
50	+ public static function isDisabledRule($mode) {
51	+ return ($mode === BVWPFWConfig::DISABLEDRULE);
52	+ }
53	+
54	+ public static function isProtectingRule($mode) {
55	+ return ($mode === BVWPFWConfig::PROTECTRULE);
56	+ }
57	+
58	+ public static function isAuditingRule($mode) {
59	+ return ($mode === BVWPFWConfig::AUDITRULE);
60	+ }
61	+
62	+ public function isActive() {
63	+ return ($this->getMode() !== BVWPFWConfig::DISABLED);
64	+ }
65	+
66	+ public function isProtecting() {
67	+ return ($this->getMode() === BVWPFWConfig::PROTECT);
68	+ }
69	+
70	+ public function isAuditing() {
71	+ return ($this->getMode() === BVWPFWConfig::AUDIT);
72	+ }
73	+
74	+ public function isReqProfilingModeDebug() {
75	+ return ($this->getReqProfilingMode() === BVWPFWConfig::REQ_PROFILING_MODE_DEBUG);
76	+ }
77	+
78	+ public function canProfileReqInfo() {
79	+ return ($this->getReqProfilingMode() !== BVWPFWConfig::REQ_PROFILING_MODE_DISABLED);
80	+ }
81	+
82	+ public function canSetCookie() {
83	+ return ($this->getCookieMode() === BVWPFWConfig::COOKIE_MODE_ENABLED);
84	+ }
85	+
86	+ public function getRules() {
87	+ $rules = array("audit" => array(), "protect" => array());
88	+ $isAudit = false;
89	+ $rulesMode = $this->getRulesMode();
90	+ if (BVWPFWConfig::isDisabledRule($rulesMode)) {
91	+ return $rules;
92	+ }
93	+ $isAudit = ($this->isAuditing() \|\| BVWPFWConfig::isAuditingRule($rulesMode));
94	+ $rulesInfo = array();
95	+ foreach ($this->getAuditRules() as $rule)
96	+ $rulesInfo[$rule] = BVWPFWConfig::AUDITRULE;
97	+ foreach ($this->getDisabledRules() as $rule)
98	+ $rulesInfo[$rule] = BVWPFWConfig::DISABLEDRULE;
99	+ foreach (BVWPFWConfig::$allRules as $rule) {
100	+ if (isset($rulesInfo[$rule])) {
101	+ if (BVWPFWConfig::isAuditingRule($rulesInfo[$rule])) {
102	+ $rules["audit"][$rule] = BVWPFWConfig::AUDITRULE;
103	+ }
104	+ } else {
105	+ if ($isAudit) {
106	+ $rules["audit"][$rule] = BVWPFWConfig::AUDITRULE;
107	+ } else {
108	+ $rules["protect"][$rule] = BVWPFWConfig::PROTECTRULE;
109	+ }
110	+ }
111	+ }
112	+ return $rules;
113	+ }
114	+
115	+ public function setMode($mode) {
116	+ if (!$mode) {
117	+ $this->settings->deleteOption('bvfwmode');
118	+ } else {
119	+ $this->settings->updateOption('bvfwmode', intval($mode));
120	+ }
121	+ }
122	+
123	+ public function setRulesMode($mode) {
124	+ if (!$mode) {
125	+ $this->settings->deleteOption('bvfwrulesmode');
126	+ } else {
127	+ $this->settings->updateOption('bvfwrulesmode', intval($mode));
128	+ }
129	+ }
130	+
131	+ public function setCookieMode($mode) {
132	+ if (!$mode) {
133	+ $this->settings->deleteOption('bvfwcookiemode');
134	+ } else {
135	+ $this->settings->updateOption('bvfwcookiemode', intval($mode));
136	+ }
137	+ }
138	+
139	+ public function setCookieKey($key) {
140	+ if (!$key) {
141	+ $this->settings->deleteOption('bvfwcookiekey');
142	+ } else {
143	+ $this->settings->updateOption('bvfwcookiekey', strval($key));
144	+ }
145	+ }
146	+
147	+ public function setReqProfilingMode($mode) {
148	+ if (!$mode) {
149	+ $this->settings->deleteOption('bvfwreqprofilingmode');
150	+ } else {
151	+ $this->settings->updateOption('bvfwreqprofilingmode', intval($mode));
152	+ }
153	+ }
154	+
155	+ public function setDisabledRules($rules) {
156	+ if (!$rules) {
157	+ $this->settings->deleteOption('bvfwdisabledrules');
158	+ } else {
159	+ $this->settings->updateOption('bvfwdisabledrules', $rules);
160	+ }
161	+ }
162	+
163	+ public function setBypassLevel($level) {
164	+ if (!$level) {
165	+ $this->settings->deleteOption('bvfwbypasslevel');
166	+ } else {
167	+ $this->settings->updateOption('bvfwbypasslevel', $level);
168	+ }
169	+ }
170	+
171	+ public function setCustomRoles($roles) {
172	+ if (!$roles) {
173	+ $this->settings->deleteOption('bvfwcutomroles');
174	+ } else {
175	+ $this->settings->updateOption('bvfwcustomroles', $roles);
176	+ }
177	+ }
178	+
179	+ public function setAuditRules($rules) {
180	+ if (!$rules) {
181	+ $this->settings->deleteOption('bvfwauditrules');
182	+ } else {
183	+ $this->settings->updateOption('bvfwauditrules', $rules);
184	+ }
185	+ }
186	+
187	+ public function getMode() {
188	+ $mode = $this->settings->getOption('bvfwmode');
189	+ return intval($mode ? $mode : BVWPFWConfig::DISABLED);
190	+ }
191	+
192	+ public function getRulesMode() {
193	+ $mode = $this->settings->getOption('bvfwrulesmode');
194	+ return intval($mode ? $mode : BVWPFWConfig::DISABLED);
195	+ }
196	+
197	+ public function getCookieMode() {
198	+ $mode = $this->settings->getOption('bvfwcookiemode');
199	+ return intval($mode ? $mode : BVWPFWConfig::COOKIE_MODE_DISABLED);
200	+ }
201	+
202	+ public function getCookieKey() {
203	+ $key = (string) $this->settings->getOption('bvfwcookiekey');
204	+ if ($key === '') {
205	+ $key = WPRAccount::randString(32);
206	+ $this->setCookieKey($key);
207	+ }
208	+ return $key;
209	+ }
210	+
211	+ public function getReqProfilingMode() {
212	+ $mode = $this->settings->getOption('bvfwreqprofilingmode');
213	+ return intval($mode ? $mode : BVWPFWConfig::REQ_PROFILING_MODE_DISABLED);
214	+ }
215	+
216	+ public function getDisabledRules() {
217	+ $rules = $this->settings->getOption('bvfwdisabledrules');
218	+ return ($rules ? $rules : array());
219	+ }
220	+
221	+ public function getAuditRules() {
222	+ $rules = $this->settings->getOption('bvfwauditrules');
223	+ return ($rules ? $rules : array());
224	+ }
225	+
226	+ public function getBypassLevel() {
227	+ $level = $this->settings->getOption('bvfwbypasslevel');
228	+ return intval($level ? $level : BVWPFWConfig::ROLE_LEVEL_CONTRIBUTOR);
229	+ }
230	+
231	+ public function getCustomRoles() {
232	+ $roles = $this->settings->getOption('bvfwcustomroles');
233	+ return ($roles ? $roles : array());
234	+ }
235	+
236	+ public function clear() {
237	+ $this->setMode(false);
238	+ $this->setRulesMode(false);
239	+ $this->setBypassLevel(false);
240	+ $this->setCustomRoles(false);
241	+ $this->setCookieMode(false);
242	+ $this->setCookieKey(false);
243	+ $this->setDisabledRules(false);
244	+ $this->setAuditRules(false);
245	+ $this->setReqProfilingMode(false);
246	+ $this->db->dropBVTable(BVWPFWConfig::$requests_table);
247	+ $this->settings->deleteOption('bvptplug');
248	+ return true;
249	+ }
250	+ }
251	+ endif;

protect/wp_fw/fw.php ADDED Viewed

	@@ -0,0 +1,597 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPFW')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/config.php';
7	+ require_once dirname( __FILE__ ) . '/request.php';
8	+
9	+ class BVWPFW {
10	+ public $db;
11	+ public $settings;
12	+ public $request;
13	+ public $config;
14	+ public $ipstore;
15	+ public $category;
16	+ public $logger;
17	+ private $currRuleInfo;
18	+
19	+ const SQLIREGEX = '/(?:[^\\w<]\|\\/\\\\![0-9]\|^)(?:
20	+ @@HOSTNAME\|
21	+ ALTER\|ANALYZE\|ASENSITIVE\|
22	+ BEFORE\|BENCHMARK\|BETWEEN\|BIGINT\|BINARY\|BLOB\|
23	+ CALL\|CASE\|CHANGE\|CHAR\|CHARACTER\|CHAR_LENGTH\|COLLATE\|COLUMN\|CONCAT\|CONDITION\|CONSTRAINT\|CONTINUE\|CONVERT\|CREATE\|CROSS\|CURRENT_DATE\|CURRENT_TIME\|CURRENT_TIMESTAMP\|CURRENT_USER\|CURSOR\|
24	+ DATABASE\|DATABASES\|DAY_HOUR\|DAY_MICROSECOND\|DAY_MINUTE\|DAY_SECOND\|DECIMAL\|DECLARE\|DEFAULT\|DELAYED\|DELETE\|DESCRIBE\|DETERMINISTIC\|DISTINCT\|DISTINCTROW\|DOUBLE\|DROP\|DUAL\|DUMPFILE\|
25	+ EACH\|ELSE\|ELSEIF\|ELT\|ENCLOSED\|ESCAPED\|EXISTS\|EXIT\|EXPLAIN\|EXTRACTVALUE\|
26	+ FETCH\|FLOAT\|FLOAT4\|FLOAT8\|FORCE\|FOREIGN\|FROM\|FULLTEXT\|
27	+ GRANT\|GROUP\|HAVING\|HEX\|HIGH_PRIORITY\|HOUR_MICROSECOND\|HOUR_MINUTE\|HOUR_SECOND\|
28	+ IFNULL\|IGNORE\|INDEX\|INFILE\|INNER\|INOUT\|INSENSITIVE\|INSERT\|INTERVAL\|ISNULL\|ITERATE\|
29	+ JOIN\|KILL\|LEADING\|LEAVE\|LIMIT\|LINEAR\|LINES\|LOAD\|LOAD_FILE\|LOCALTIME\|LOCALTIMESTAMP\|LOCK\|LONG\|LONGBLOB\|LONGTEXT\|LOOP\|LOW_PRIORITY\|
30	+ MASTER_SSL_VERIFY_SERVER_CERT\|MATCH\|MAXVALUE\|MEDIUMBLOB\|MEDIUMINT\|MEDIUMTEXT\|MID\|MIDDLEINT\|MINUTE_MICROSECOND\|MINUTE_SECOND\|MODIFIES\|
31	+ NATURAL\|NO_WRITE_TO_BINLOG\|NULL\|NUMERIC\|OPTION\|ORD\|ORDER\|OUTER\|OUTFILE\|
32	+ PRECISION\|PRIMARY\|PRIVILEGES\|PROCEDURE\|PROCESSLIST\|PURGE\|
33	+ RANGE\|READ_WRITE\|REGEXP\|RELEASE\|REPEAT\|REQUIRE\|RESIGNAL\|RESTRICT\|RETURN\|REVOKE\|RLIKE\|ROLLBACK\|
34	+ SCHEMA\|SCHEMAS\|SECOND_MICROSECOND\|SELECT\|SENSITIVE\|SEPARATOR\|SHOW\|SIGNAL\|SLEEP\|SMALLINT\|SPATIAL\|SPECIFIC\|SQLEXCEPTION\|SQLSTATE\|SQLWARNING\|SQL_BIG_RESULT\|SQL_CALC_FOUND_ROWS\|SQL_SMALL_RESULT\|STARTING\|STRAIGHT_JOIN\|SUBSTR\|
35	+ TABLE\|TERMINATED\|TINYBLOB\|TINYINT\|TINYTEXT\|TRAILING\|TRANSACTION\|TRIGGER\|
36	+ UNDO\|UNHEX\|UNION\|UNLOCK\|UNSIGNED\|UPDATE\|UPDATEXML\|USAGE\|USING\|UTC_DATE\|UTC_TIME\|UTC_TIMESTAMP\|
37	+ VALUES\|VARBINARY\|VARCHAR\|VARCHARACTER\|VARYING\|WHEN\|WHERE\|WHILE\|WRITE\|YEAR_MONTH\|ZEROFILL)(?=[^\\w]\|$)/ix';
38	+
39	+ const XSSREGEX = '/(?:
40	+ #tags
41	+ (?:\\<\|\\+ADw\\-\|\\xC2\\xBC)(script\|iframe\|svg\|object\|embed\|applet\|link\|style\|meta\|\\/\\/\|\\?xml\\-stylesheet)(?:[^\\w]\|\\xC2\\xBE)\|
42	+ #protocols
43	+ (?:^\|[^\\w])(?:(?:\\s(?:&\\#(?:x06a\|0106)\|j)\\s(?:&\\#(?:x061\|097)\|a)\\s(?:&\\#(?:x076\|0118)\|v)\\s(?:&\\#(?:x061\|097)\|a)\|\\s(?:&\\#(?:x076\|0118)\|v)\\s(?:&\\#(?:x062\|098)\|b)\|\\s(?:&\\#(?:x065\|0101)\|e)\\s(?:&\\#(?:x063\|099)\|c)\\s(?:&\\#(?:x06d\|0109)\|m)\\s(?:&\\#(?:x061\|097)\|a)\|\\s(?:&\\#(?:x06c\|0108)\|l)\\s(?:&\\#(?:x069\|0105)\|i)\\s(?:&\\#(?:x076\|0118)\|v)\\s(?:&\\#(?:x065\|0101)\|e))\\s(?:&\\#(?:x073\|0115)\|s)\\s(?:&\\#(?:x063\|099)\|c)\\s(?:&\\#(?:x072\|0114)\|r)\\s(?:&\\#(?:x069\|0105)\|i)\\s(?:&\\#(?:x070\|0112)\|p)\\s(?:&\\#(?:x074\|0116)\|t)\|\\s(?:&\\#(?:x06d\|0109)\|m)\\s(?:&\\#(?:x068\|0104)\|h)\\s(?:&\\#(?:x074\|0116)\|t)\\s(?:&\\#(?:x06d\|0109)\|m)\\s(?:&\\#(?:x06c\|0108)\|l)\|\\s(?:&\\#(?:x06d\|0109)\|m)\\s(?:&\\#(?:x06f\|0111)\|o)\\s(?:&\\#(?:x063\|099)\|c)\\s(?:&\\#(?:x068\|0104)\|h)\\s(?:&\\#(?:x061\|097)\|a)\|\\s(?:&\\#(?:x064\|0100)\|d)\\s(?:&\\#(?:x061\|097)\|a)\\s(?:&\\#(?:x074\|0116)\|t)\\s(?:&\\#(?:x061\|097)\|a)(?!(?:&\\#(?:x03a\|058)\|\\:)(?:&\\#(?:x069\|0105)\|i)(?:&\\#(?:x06d\|0109)\|m)(?:&\\#(?:x061\|097)\|a)(?:&\\#(?:x067\|0103)\|g)(?:&\\#(?:x065\|0101)\|e)(?:&\\#(?:x02f\|047)\|\\/)(?:(?:&\\#(?:x070\|0112)\|p)(?:&\\#(?:x06e\|0110)\|n)(?:&\\#(?:x067\|0103)\|g)\|(?:&\\#(?:x062\|098)\|b)(?:&\\#(?:x06d\|0109)\|m)(?:&\\#(?:x070\|0112)\|p)\|(?:&\\#(?:x067\|0103)\|g)(?:&\\#(?:x069\|0105)\|i)(?:&\\#(?:x066\|0102)\|f)\|(?:&\\#(?:x070\|0112)\|p)?(?:&\\#(?:x06a\|0106)\|j)(?:&\\#(?:x070\|0112)\|p)(?:&\\#(?:x065\|0101)\|e)(?:&\\#(?:x067\|0103)\|g)\|(?:&\\#(?:x074\|0116)\|t)(?:&\\#(?:x069\|0105)\|i)(?:&\\#(?:x066\|0102)\|f)(?:&\\#(?:x066\|0102)\|f)\|(?:&\\#(?:x073\|0115)\|s)(?:&\\#(?:x076\|0118)\|v)(?:&\\#(?:x067\|0103)\|g)(?:&\\#(?:x02b\|043)\|\\+)(?:&\\#(?:x078\|0120)\|x)(?:&\\#(?:x06d\|0109)\|m)(?:&\\#(?:x06c\|0108)\|l))(?:(?:&\\#(?:x03b\|059)\|;)(?:&\\#(?:x063\|099)\|c)(?:&\\#(?:x068\|0104)\|h)(?:&\\#(?:x061\|097)\|a)(?:&\\#(?:x072\|0114)\|r)(?:&\\#(?:x073\|0115)\|s)(?:&\\#(?:x065\|0101)\|e)(?:&\\#(?:x074\|0116)\|t)(?:&\\#(?:x03d\|061)\|=)[\\-a-z0-9]+)?(?:(?:&\\#(?:x03b\|059)\|;)(?:&\\#(?:x062\|098)\|b)(?:&\\#(?:x061\|097)\|a)(?:&\\#(?:x073\|0115)\|s)(?:&\\#(?:x065\|0101)\|e)(?:&\\#(?:x036\|054)\|6)(?:&\\#(?:x034\|052)\|4))?(?:&\\#(?:x02c\|044)\|,)))\\s(?:&\\#(?:x03a\|0*58)\|&colon\|\\:)\|
44	+ #css expression
45	+ (?:^\|[^\\w])(?:(?:\\\\065\|\\\\045\|e)(?:\\/\\.?\\\\/)(?:\\\\078\|\\\\058\|x)(?:\\/\\.?\\\\/)(?:\\\\070\|\\\\050\|p)(?:\\/\\.?\\\\/)(?:\\\\072\|\\\\052\|r)(?:\\/\\.?\\\\/)(?:\\\\065\|\\\\045\|e)(?:\\/\\.?\\\\/)(?:\\\\073\|\\\\053\|s)(?:\\/\\.?\\\\/)(?:\\\\073\|\\\\053\|s)(?:\\/\\.?\\\\/)(?:\\\\069\|\\\\049\|i)(?:\\/\\.?\\\\/)(?:\\\\06f\|\\\\04f\|o)(?:\\/\\.?\\\\/)(?:\\\\06e\|\\\\04e\|n))[^\\w]?(?:\\\\028\|\\()\|
46	+ #css properties
47	+ (?:^\|[^\\w])(?:(?:(?:\\\\062\|\\\\042\|b)(?:\\/\\.?\\\\/)(?:\\\\065\|\\\\045\|e)(?:\\/\\.?\\\\/)(?:\\\\068\|\\\\048\|h)(?:\\/\\.?\\\\/)(?:\\\\061\|\\\\041\|a)(?:\\/\\.?\\\\/)(?:\\\\076\|\\\\056\|v)(?:\\/\\.?\\\\/)(?:\\\\069\|\\\\049\|i)(?:\\/\\.?\\\\/)(?:\\\\06f\|\\\\04f\|o)(?:\\/\\.?\\\\/)(?:\\\\072\|\\\\052\|r)(?:\\/\\.?\\\\/))\|(?:(?:\\\\02d\|\\\\02d\|-)(?:\\/\\.?\\\\/)(?:\\\\06d\|\\\\04d\|m)(?:\\/\\.?\\\\/)(?:\\\\06f\|\\\\04f\|o)(?:\\/\\.?\\\\/)(?:\\\\07a\|\\\\05a\|z)(?:\\/\\.?\\\\/)(?:\\\\02d\|\\\\02d\|-)(?:\\/\\.?\\\\/)(?:\\\\062\|\\\\042\|b)(?:\\/\\.?\\\\/)(?:\\\\069\|\\\\049\|i)(?:\\/\\.?\\\\/)(?:\\\\06e\|\\\\04e\|n)(?:\\/\\.?\\\\/)(?:\\\\064\|\\\\044\|d)(?:\\/\\.?\\\\/)(?:\\\\069\|\\\\049\|i)(?:\\/\\.?\\\\/)(?:\\\\06e\|\\\\04e\|n)(?:\\/\\.?\\\\/)(?:\\\\067\|\\\\047\|g)(?:\\/\\.?\\\\/)))[^\\w](?:\\\\03a\|\\\\03a\|:)[^\\w](?:\\\\075\|\\\\055\|u)(?:\\\\072\|\\\\052\|r)(?:\\\\06c\|\\\\04c\|l)\|
48	+ #properties
49	+ (?:^\|[^\\w])(?:on(?:abort\|activate\|afterprint\|afterupdate\|autocomplete\|autocompleteerror\|beforeactivate\|beforecopy\|beforecut\|beforedeactivate\|beforeeditfocus\|beforepaste\|beforeprint\|beforeunload\|beforeupdate\|blur\|bounce\|cancel\|canplay\|canplaythrough\|cellchange\|change\|click\|close\|contextmenu\|controlselect\|copy\|cuechange\|cut\|dataavailable\|datasetchanged\|datasetcomplete\|dblclick\|deactivate\|drag\|dragend\|dragenter\|dragleave\|dragover\|dragstart\|drop\|durationchange\|emptied\|encrypted\|ended\|error\|errorupdate\|filterchange\|finish\|focus\|focusin\|focusout\|formchange\|forminput\|hashchange\|help\|input\|invalid\|keydown\|keypress\|keyup\|languagechange\|layoutcomplete\|load\|loadeddata\|loadedmetadata\|loadstart\|losecapture\|message\|mousedown\|mouseenter\|mouseleave\|mousemove\|mouseout\|mouseover\|mouseup\|mousewheel\|move\|moveend\|movestart\|mozfullscreenchange\|mozfullscreenerror\|mozpointerlockchange\|mozpointerlockerror\|offline\|online\|page\|pagehide\|pageshow\|paste\|pause\|play\|playing\|popstate\|progress\|propertychange\|ratechange\|readystatechange\|reset\|resize\|resizeend\|resizestart\|rowenter\|rowexit\|rowsdelete\|rowsinserted\|scroll\|search\|seeked\|seeking\|select\|selectstart\|show\|stalled\|start\|storage\|submit\|suspend\|timer\|timeupdate\|toggle\|unload\|volumechange\|waiting\|webkitfullscreenchange\|webkitfullscreenerror\|wheel)\|formaction\|data\\-bind\|ev:event)[^\\w]
50	+ )/ix';
51	+
52	+ const BYPASS_COOKIE = "bvfw-bypass-cookie";
53	+ const IP_COOKIE = "bvfw-ip-cookie";
54	+
55	+ public function __construct($db, $settings, $ip, $ipstore) {
56	+ $this->db = $db;
57	+ $this->settings = $settings;
58	+ $this->config = new BVWPFWConfig($db, $settings);
59	+ $this->request = new BVWPRequest($ip);
60	+ $this->ipstore = $ipstore;
61	+ $this->logger = new BVLogger($db, BVWPFWConfig::$requests_table);
62	+ }
63	+
64	+ public function init() {
65	+ if ($this->config->canSetCookie()) {
66	+ add_action('init', array($this, 'setBypassCookie'));
67	+ $this->setIPCookie();
68	+ }
69	+ add_filter('status_header', array($this->request, 'captureRespCode'));
70	+ register_shutdown_function(array($this, 'log'));
71	+ }
72	+
73	+ public function setcookie($name, $value, $expire, $path = COOKIEPATH, $domain = COOKIE_DOMAIN) {
74	+ if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
75	+ $secure = function_exists('is_ssl') ? is_ssl() : false;
76	+ @setcookie($name, $value, $expire, $path, $domain, $secure, true);
77	+ } else {
78	+ @setcookie($name, $value, $expire, $path);
79	+ }
80	+ }
81	+
82	+ public function setBypassCookie() {
83	+ if (function_exists('is_user_logged_in') && is_user_logged_in() && !$this->hasValidBypassCookie()) {
84	+ $roleLevel = $this->getCurrentRoleLevel();
85	+ $bypassLevel = $this->config->getBypassLevel();
86	+ if ($roleLevel >= $bypassLevel) {
87	+ $cookie = $this->generateBypassCookie();
88	+ $this->setcookie(BVWPFW::BYPASS_COOKIE, $cookie, time() + 43200);
89	+ }
90	+ }
91	+ }
92	+
93	+ public function generateBypassCookie() {
94	+ $time = floor(time() / 43200);
95	+ $bypassLevel = $this->config->getBypassLevel();
96	+ $cookiekey = $this->config->getCookieKey();
97	+ return sha1($bypassLevel.$time.$cookiekey);
98	+ }
99	+
100	+ public function hasValidBypassCookie() {
101	+ $cookie = (string) $this->request->getCookies(BVWPFW::BYPASS_COOKIE);
102	+ return ($this->config->canSetCookie() && ($cookie === $this->generateBypassCookie()));
103	+ }
104	+
105	+ public function setIPCookie() {
106	+ if (!$this->request->getCookies(BVWPFW::IP_COOKIE)) {
107	+ $ip = $this->request->getIP();
108	+ $cookiekey = $this->config->getCookieKey();
109	+ $time = floor(time() / 3600);
110	+ $cookie = sha1($ip.$time.$cookiekey);
111	+ $this->setcookie(BVWPFW::IP_COOKIE, $cookie, time() + 3600);
112	+ }
113	+ }
114	+
115	+ public function getBVCookies() {
116	+ $cookies = array();
117	+ $cookies[BVWPFW::IP_COOKIE] = (string) $this->request->getCookies(BVWPFW::IP_COOKIE);
118	+ return $cookies;
119	+ }
120	+
121	+ public function getCurrentRoleLevel() {
122	+ if (function_exists('current_user_can')) {
123	+ if (function_exists('is_super_admin') && is_super_admin()) {
124	+ return BVWPFWConfig::ROLE_LEVEL_ADMIN;
125	+ }
126	+ foreach ($this->config->getCustomRoles() as $role) {
127	+ if (current_user_can($role)) {
128	+ return BVWPFWConfig::ROLE_LEVEL_CUSTOM;
129	+ }
130	+ }
131	+ foreach (BVWPFWConfig::$roleLevels as $role => $level) {
132	+ if (current_user_can($role)) {
133	+ return $level;
134	+ }
135	+ }
136	+ }
137	+ return 0;
138	+ }
139	+
140	+ public function log() {
141	+ if ($this->config->canSetCookie()) {
142	+ $canlog = !$this->hasValidBypassCookie();
143	+ } else {
144	+ $canlog = (!function_exists('is_user_logged_in') \|\| !is_user_logged_in());
145	+ }
146	+ if ($canlog) {
147	+ $this->logger->log($this->request->getDataToLog());
148	+ }
149	+ }
150	+
151	+ public function terminateRequest($category = BVWPRequest::NORMAL) {
152	+ $info = new WPRInfo($this->settings);
153	+ $this->request->setCategory($category);
154	+ $this->request->setStatus(BVWPRequest::BLOCKED);
155	+ $this->request->setRespCode(403);
156	+ header("Cache-Control: no-cache, no-store, must-revalidate");
157	+ header("Pragma: no-cache");
158	+ header("Expires: 0");
159	+ header('HTTP/1.0 403 Forbidden');
160	+ $brandname = $info->getBrandName();
161	+ die("
162	+ <div style='height: 98vh;'>
163	+ <div style='text-align: center; padding: 10% 0; font-family: Arial, Helvetica, sans-serif;'>
164	+ <div><p><img src=".plugins_url('/../../img/icon.png', __FILE__)."><h2>Firewall</h2><h3>powered by</h3><h2>"
165	+ .$brandname."</h2></p><div>
166	+ <p>Blocked because of Malicious Activities</p>
167	+ </div>
168	+ </div>
169	+ ");
170	+ }
171	+
172	+ public function isBlacklistedIP() {
173	+ return $this->ipstore->checkIPPresent($this->request->getIP(), BVIPStore::BLACKLISTED, BVIPStore::FW);
174	+ }
175	+
176	+ public function isWhitelistedIP() {
177	+ return $this->ipstore->checkIPPresent($this->request->getIP(), BVIPStore::WHITELISTED, BVIPStore::FW);
178	+ }
179	+
180	+ public function canBypassFirewall() {
181	+ if ($this->isWhitelistedIP() \|\| $this->hasValidBypassCookie()) {
182	+ $this->request->setCategory(BVWPRequest::WHITELISTED);
183	+ $this->request->setStatus(BVWPRequest::BYPASSED);
184	+ return true;
185	+ }
186	+ return false;
187	+ }
188	+
189	+ public function execute() {
190	+ if ($this->config->canProfileReqInfo()) {
191	+ $result = array();
192	+ $result += $this->profileRequestInfo($this->request->getBody(),
193	+ $this->config->isReqProfilingModeDebug(), 'BODY_');
194	+ $result += $this->profileRequestInfo($this->request->getQueryString(),
195	+ true, 'GET_');
196	+ $result += $this->profileRequestInfo($this->request->getFiles(),
197	+ true, 'FILES_');
198	+ $result += $this->profileRequestInfo($this->getBVCookies(),
199	+ true, 'COOKIES_');
200	+ if (strpos($this->request->getPath(), 'admin-ajax.php') !== false) {
201	+ $result += array('BODY_ADMIN_AJAX_ACTION' => $this->request->getBody('action'));
202	+ $result += array('GET_ADMIN_AJAX_ACTION' => $this->request->getQueryString('action'));
203	+ }
204	+ if (strpos($this->request->getPath(), 'admin-post.php') !== false) {
205	+ $result += array('BODY_ADMIN_POST_ACTION' => $this->request->getBody('action'));
206	+ $result += array('GET_ADMIN_POST_ACTION' => $this->request->getQueryString('action'));
207	+ }
208	+ $this->request->updateReqInfo($result);
209	+ }
210	+ if (!$this->canBypassFirewall()) {
211	+ $rules = $this->config->getRules();
212	+ $this->matchRules($rules["audit"]);
213	+ if ($this->config->isProtecting()) {
214	+ if ($this->isBlacklistedIP()) {
215	+ $this->terminateRequest(BVWPRequest::BLACKLISTED);
216	+ }
217	+ if ($this->matchRules($rules["protect"], true)) {
218	+ $this->terminateRequest();
219	+ }
220	+ }
221	+ }
222	+ }
223	+
224	+ public function getServerValue($key) {
225	+ if (isset($_SERVER) && array_key_exists($key, $_SERVER)) {
226	+ return $_SERVER[$key];
227	+ }
228	+ return null;
229	+ }
230	+
231	+ public function match($pattern, $subject, $key = NULL) {
232	+ if (is_array($subject)) {
233	+ foreach ($subject as $k => $v) {
234	+ $k = ($key !== NULL) ? $key.'-'.$k : NULL;
235	+ if ($this->match($pattern, $v, $k)) {
236	+ return true;
237	+ }
238	+ }
239	+ } else {
240	+ if (preg_match((string) $pattern, (string) $subject) > 0) {
241	+ if ($key !== NULL) {
242	+ $this->currRuleInfo[$key] = $this->getLength($subject);
243	+ }
244	+ return true;
245	+ }
246	+ }
247	+ return false;
248	+ }
249	+
250	+ public function matchCount($pattern, $subject) {
251	+ $count = 0;
252	+ if (is_array($subject)) {
253	+ foreach ($subject as $val) {
254	+ $count += $this->matchCount($pattern, $val);
255	+ }
256	+ return $count;
257	+ } else {
258	+ $count = preg_match_all((string) $pattern, (string) $subject, $matches);
259	+ return ($count === false ? 0 : $count);
260	+ }
261	+ }
262	+
263	+ public function matchMD5($str, $val) {
264	+ return md5((string) $str) === $val;
265	+ }
266	+
267	+ public function getLength($val) {
268	+ $length = 0;
269	+ if (is_array($val)) {
270	+ foreach ($val as $v) {
271	+ $length += $this->getLength($v);
272	+ }
273	+ return $length;
274	+ } else {
275	+ return strlen((string) $val);
276	+ }
277	+ }
278	+
279	+ public function equals($value, $subject) {
280	+ return $value == $subject;
281	+ }
282	+
283	+ public function notEquals($value, $subject) {
284	+ return $value != $subject;
285	+ }
286	+
287	+ public function profileRequestInfo($params, $debug = false, $prefix = '') {
288	+ $result = array();
289	+ if (is_array($params)) {
290	+ foreach ($params as $key => $value) {
291	+ $currkey = $prefix . $key;
292	+ if (is_array($value)) {
293	+ $result = $result + $this->profileRequestInfo($value, $debug, $currkey . '_');
294	+ } else {
295	+ $result[$currkey] = array();
296	+ $valsize = $this->getLength($value);
297	+ $result[$currkey]["size"] = $valsize;
298	+ if ($debug === true && $valsize < 256) {
299	+ $result[$currkey]["value"] = $value;
300	+ continue;
301	+ }
302	+
303	+ if (preg_match('/^\d+$/', $value)) {
304	+ $result[$currkey]["numeric"] = true;
305	+ } else if (preg_match('/^\w+$/', $value)) {
306	+ $result[$currkey]["regular_word"] = true;
307	+ } else if (preg_match('/^\S+$/', $value)) {
308	+ $result[$currkey]["special_word"] = true;
309	+ } else if (preg_match('/^[\w\s]+$/', $value)) {
310	+ $result[$currkey]["regular_sentence"] = true;
311	+ } else if (preg_match('/^[\w\W]+$/', $value)) {
312	+ $result[$currkey]["special_chars_sentence"] = true;
313	+ }
314	+
315	+ if (preg_match('/^\b((25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])\.){3}
316	+ (25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])\b$/x', $value)) {
317	+ $result[$currkey]["ipv4"] = true;
318	+ } else if (preg_match('/\b((25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])\.){3}
319	+ (25[0-5]\|2[0-4][0-9]\|1[0-9][0-9]\|[1-9]?[0-9])\b/x', $value)) {
320	+ $result[$currkey]["embeded_ipv4"] = true;
321	+ } else if (preg_match('/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}\|
322	+ ([0-9a-fA-F]{1,4}:){1,7}:\|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}\|
323	+ ([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}\|([0-9a-fA-F]{1,4}:){1,4}
324	+ (:[0-9a-fA-F]{1,4}){1,3}\|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}\|
325	+ ([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}\|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})\|
326	+ :((:[0-9a-fA-F]{1,4}){1,7}\|:)\|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}\|
327	+ ::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3}
328	+ (25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]\|
329	+ (2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3}(25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9]))$/x', $value)) {
330	+ $result[$currkey]["ipv6"] = true;
331	+ } else if (preg_match('/(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}\|
332	+ ([0-9a-fA-F]{1,4}:){1,7}:\|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}\|
333	+ ([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}\|([0-9a-fA-F]{1,4}:){1,4}
334	+ (:[0-9a-fA-F]{1,4}){1,3}\|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}\|
335	+ ([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}\|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})\|
336	+ :((:[0-9a-fA-F]{1,4}){1,7}\|:)\|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}\|
337	+ ::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3}
338	+ (25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]\|
339	+ (2[0-4]\|1{0,1}[0-9]){0,1}[0-9])\.){3}(25[0-5]\|(2[0-4]\|1{0,1}[0-9]){0,1}[0-9]))/x', $value)) {
340	+ $result[$currkey]["embeded_ipv6"] = true;
341	+ }
342	+
343	+ if (preg_match('/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$/', $value)) {
344	+ $result[$currkey]["email"] = true;
345	+ } else if (preg_match('/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}/', $value)) {
346	+ $result[$currkey]["embeded_email"] = true;
347	+ }
348	+
349	+ if (preg_match('/^(http\|ftp)s?:\/\/\S+$/i', $value)) {
350	+ $result[$currkey]["link"] = true;
351	+ } else if (preg_match('/(http\|ftp)s?:\/\/\S+$/i', $value)) {
352	+ $result[$currkey]["embeded_link"] = true;
353	+ }
354	+
355	+ if (preg_match('/<(html\|head\|title\|base\|link\|meta\|style\|picture\|source\|img\|
356	+ iframe\|embed\|object\|param\|video\|audio\|track\|map\|area\|form\|label\|input\|button\|
357	+ select\|datalist\|optgroup\|option\|textarea\|output\|progress\|meter\|fieldset\|legend\|
358	+ script\|noscript\|template\|slot\|canvas)/ix', $value)) {
359	+ $result[$currkey]["embeded_html"] = true;
360	+ }
361	+
362	+ if (preg_match('/\.(jpg\|jpeg\|png\|gif\|ico\|pdf\|doc\|docx\|ppt\|pptx\|pps\|ppsx\|odt\|xls\|zip\|gzip\|
363	+ xlsx\|psd\|mp3\|m4a\|ogg\|wav\|mp4\|m4v\|mov\|wmv\|avi\|mpg\|ogv\|3gp\|3g2\|php\|html\|phtml\|js\|css)/ix', $value)) {
364	+ $result[$currkey]["file"] = true;
365	+ }
366	+
367	+ if ($this->matchCount(BVWPFW::SQLIREGEX, $value) >= 2) {
368	+ $result[$currkey]["sql"] = true;
369	+ }
370	+ }
371	+ }
372	+ }
373	+ return $result;
374	+ }
375	+
376	+ public function matchRules($rules = array(), $isProtect = false) {
377	+ if (empty($rules)) {
378	+ return false;
379	+ }
380	+ if (isset($rules[108])) {
381	+ $this->currRuleInfo = array();
382	+ if ($this->match(BVWPFW::XSSREGEX, $this->request->getQueryString(), "GET")) {
383	+ $this->request->updateRulesInfo(108, $this->currRuleInfo);
384	+ if ($isProtect) return true;
385	+ }
386	+ }
387	+ if (isset($rules[112])) {
388	+ $this->currRuleInfo = array();
389	+ if ($this->match('/\\/wp\\-admin[\\/]+admin\\-ajax\\.php/', $this->request->getPath()) &&
390	+ (($this->equals('revslider_show_image', $this->request->getQueryString('action')) && $this->match('/\\.php$/i', $this->request->getQueryString('img'), "img")) or
391	+ ($this->equals('revslider_show_image', $this->request->getBody('action')) && $this->match('/\\.php$/i', $this->request->getQueryString('img'), "img")))) {
392	+ $this->request->updateRulesInfo(112, $this->currRuleInfo);
393	+ if ($isProtect) return true;
394	+ }
395	+ }
396	+ if (isset($rules[114])) {
397	+ $this->currRuleInfo = array();
398	+ if ($this->match('/<\\!(?:DOCTYPE\|ENTITY)\\s+(?:%\\s*)?\\w+\\s+SYSTEM/i', $this->request->getBody(), "BODY") or
399	+ $this->match('/<\\!(?:DOCTYPE\|ENTITY)\\s+(?:%\\s*)?\\w+\\s+SYSTEM/i', $this->request->getQueryString(), "GET")) {
400	+ $this->request->updateRulesInfo(114, $this->currRuleInfo);
401	+ if ($isProtect) return true;
402	+ }
403	+ }
404	+ if (isset($rules[115])) {
405	+ $this->currRuleInfo = array();
406	+ if ($this->match('#/wp\\-admin/admin\\-ajax\\.php$#i', $this->getServerValue('SCRIPT_FILENAME')) &&
407	+ ($this->equals('update-plugin', $this->request->getBody('action')) or $this->equals('update-plugin', $this->request->getQueryString('action'))) && ($this->match('/(^\|\\/\|\\\\\|%2f\|%5c)\\.\\.(\\\\\|\\/\|%2f\|%5c)/i', $this->request->getBody(), "BODY") or
408	+ ($this->match('/(^\|\\/\|\\\\\|%2f\|%5c)\\.\\.(\\\\\|\\/\|%2f\|%5c)/i', $this->request->getQueryString(), "GET")))) {
409	+ $this->request->updateRulesInfo(115, $this->currRuleInfo);
410	+ if ($isProtect) return true;
411	+ }
412	+ }
413	+ if (isset($rules[132])) {
414	+ $this->currRuleInfo = array();
415	+ if (($this->equals('Y', $this->request->getBody('kentopvc_hidden'))) &&
416	+ ((!$this->match('/^1?$/', $this->request->getBody('kento_pvc_hide'), "kento_pvc_hide")) or
417	+ (!$this->match('/^1?$/', $this->request->getBody('kento_pvc_uniq'), "kento_pvc_uniq")) or
418	+ (!$this->match('/^1?$/', $this->request->getBody('kento_pvc_posttype'), "kento_pvc_posttype")) or
419	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getBody('kento_pvc_today_text'), "kento_pvc_today_text")) or
420	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getBody('kento_pvc_total_text'), "kento_pvc_total_text")) or
421	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getBody('kento_pvc_numbers_lang'), "kento_pvc_numbers_lang")))) {
422	+ $this->request->updateRulesInfo(132, $this->currRuleInfo);
423	+ if ($isProtect) return true;
424	+ }
425	+ }
426	+ if (isset($rules[133])) {
427	+ $this->currRuleInfo = array();
428	+ if ((($this->match('#/wp\\-mobile\\-detector[/]+resize\\.php#i', $this->request->getPath())) or
429	+ ($this->match('#/wp\\-mobile\\-detector[/]+timthumb\\.php#i', $this->request->getPath()))) &&
430	+ ((($this->getLength($this->request->getBody('src')) > 0) &&
431	+ (!$this->match('/\\.(?:png\|gif\|jpg\|jpeg\|jif\|jfif\|svg)$/i', $this->request->getBody('src'), "src"))) or
432	+ (($this->getLength($this->request->getQueryString('src'))) &&
433	+ (!$this->match('/\\.(?:png\|gif\|jpg\|jpeg\|jif\|jfif\|svg)$/i', $this->request->getQueryString('src'), "src"))))) {
434	+ $this->request->updateRulesInfo(133, $this->currRuleInfo);
435	+ if ($isProtect) return true;
436	+ }
437	+ }
438	+ if (isset($rules[145])) {
439	+ $this->currRuleInfo = array();
440	+ if ((($this->match('/Abonti\|aggregator\|AhrefsBot\|asterias\|BDCbot\|BLEXBot\|BuiltBotTough\|Bullseye\|BunnySlippers\|ca\\-crawler\|CCBot\|Cegbfeieh\|CheeseBot\|CherryPicker\|CopyRightCheck\|cosmos\|Crescent\|discobot\|DittoSpyder\|DotBot\|Download Ninja\|EasouSpider\|EmailCollector\|EmailSiphon\|EmailWolf\|EroCrawler\|Exabot\|ExtractorPro\|Fasterfox\|FeedBooster\|Foobot\|Genieo\|grub\\-client\|Harvest\|hloader\|httplib\|HTTrack\|humanlinks\|ieautodiscovery\|InfoNaviRobot\|IstellaBot\|Java\\/1\\.\|JennyBot\|k2spider\|Kenjin Spider\|Keyword Density\\/0\\.9\|larbin\|LexiBot\|libWeb\|libwww\|LinkextractorPro\|linko\|LinkScan\\/8\\.1a Unix\|LinkWalker\|LNSpiderguy\|lwp\\-trivial\|magpie\|Mata Hari\|MaxPointCrawler\|MegaIndex\|Microsoft URL Control\|MIIxpc\|Mippin\|Missigua Locator\|Mister PiX\|MJ12bot\|moget\|MSIECrawler\|NetAnts\|NICErsPRO\|Niki\\-Bot\|NPBot\|Nutch\|Offline Explorer\|Openfind\|panscient\\.com\|PHP\\/5\\.\\{\|ProPowerBot\\/2\\.14\|ProWebWalker\|Python\\-urllib\|QueryN Metasearch\|RepoMonkey\|RMA\|SemrushBot\|SeznamBot\|SISTRIX\|sitecheck\\.Internetseer\\.com\|SiteSnagger\|SnapPreviewBot\|Sogou\|SpankBot\|spanner\|spbot\|Spinn3r\|suzuran\|Szukacz\\/1\\.4\|Teleport\|Telesoft\|The Intraformant\|TheNomad\|TightTwatBot\|Titan\|toCrawl\\/UrlDispatcher\|True_Robot\|turingos\|TurnitinBot\|UbiCrawler\|UnisterBot\|URLy Warning\|VCI\|WBSearchBot\|Web Downloader\\/6\\.9\|Web Image Collector\|WebAuto\|WebBandit\|WebCopier\|WebEnhancer\|WebmasterWorldForumBot\|WebReaper\|WebSauger\|Website Quester\|Webster Pro\|WebStripper\|WebZip\|Wotbox\|wsr\\-agent\|WWW\\-Collector\\-E\|Xenu\|Zao\|Zeus\|ZyBORG\|coccoc\|Incutio\|lmspider\|memoryBot\|SemrushBot\|serf\|Unknown\|uptime files/i', $this->request->getHeader('User-Agent'), "User-Agent")) &&
441	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('User-Agent'), "User-Agent"))) or
442	+ (($this->match('/semalt\\.com\|kambasoft\\.com\|savetubevideo\\.com\|buttons\\-for\\-website\\.com\|sharebutton\\.net\|soundfrost\\.org\|srecorder\\.com\|softomix\\.com\|softomix\\.net\|myprintscreen\\.com\|joinandplay\\.me\|fbfreegifts\\.com\|openmediasoft\\.com\|zazagames\\.org\|extener\\.org\|openfrost\\.com\|openfrost\\.net\|googlsucks\\.com\|best\\-seo\\-offer\\.com\|buttons\\-for\\-your\\-website\\.com\|www\\.Get\\-Free\\-Traffic\\-Now\\.com\|best\\-seo\\-solution\\.com\|buy\\-cheap\\-online\\.info\|site3\\.free\\-share\\-buttons\\.com\|webmaster\\-traffic\\.co/i', $this->request->getHeader('Referer'), "Referer")) &&
443	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('User-Agent'), "User-Agent")))) {
444	+ $this->request->updateRulesInfo(145, $this->currRuleInfo);
445	+ if ($isProtect) return true;
446	+ }
447	+ }
448	+ if (isset($rules[146])) {
449	+ $this->currRuleInfo = array();
450	+ if ($this->match('/sitemap_.?<.?(:?_\\d+)?\\.xml(:?\\.gz)?/i', $this->request->getPath())) {
451	+ $this->request->updateRulesInfo(146, $this->currRuleInfo);
452	+ if ($isProtect) return true;
453	+ }
454	+ }
455	+ if (isset($rules[155])) {
456	+ $this->currRuleInfo = array();
457	+ if (($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('Client-IP'), "Client-IP")) or
458	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('X-Forwarded'), "X-Forwarded")) or
459	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('X-Cluster-Client-IP'), "X-Cluster-Client-IP")) or
460	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('Forwarded-For'), "Forwarded-For")) or
461	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getHeader('Forwarded'), "Forwarded"))) {
462	+ $this->request->updateRulesInfo(155, $this->currRuleInfo);
463	+ if ($isProtect) return true;
464	+ }
465	+ }
466	+ if (isset($rules[156])) {
467	+ $this->currRuleInfo = array();
468	+ if ($this->match('#/wp\\-admin/admin\\-ajax\\.php$#i', $this->getServerValue('SCRIPT_FILENAME')) and
469	+ (($this->match(BVWPFW::SQLIREGEX, $this->request->getBody('umm_user'), "umm_user")) or
470	+ ($this->match(BVWPFW::SQLIREGEX, $this->request->getQueryString('umm_user'), "umm_user")))) {
471	+ $this->request->updateRulesInfo(156, $this->currRuleInfo);
472	+ if ($isProtect) return true;
473	+ }
474	+ }
475	+ if (isset($rules[165])) {
476	+ $this->currRuleInfo = array();
477	+ if ($this->match('/O:\\d+:"(?!stdClass")[^"]+":/', $this->request->getCookies('ecwid_oauth_state'), "ecwid_oauth_state")) {
478	+ $this->request->updateRulesInfo(165, $this->currRuleInfo);
479	+ if ($isProtect) return true;
480	+ }
481	+ }
482	+ if (isset($rules[167])) {
483	+ $this->currRuleInfo = array();
484	+ if ((!$this->match('/\\.(jpe?g\|png\|mpeg\|mov\|flv\|pdf\|docx?\|txt\|csv\|avi\|mp3\|wma\|wav)($\|\\.)/i', $this->request->getFileNames())) &&
485	+ ($this->getLength($this->request->getBody('save_bepro_listing')) > 0)) {
486	+ $this->request->updateRulesInfo(167, $this->currRuleInfo);
487	+ if ($isProtect) return true;
488	+ }
489	+ }
490	+ if (isset($rules[168])) {
491	+ $this->currRuleInfo = array();
492	+ if (($this->match('#/wp\\-admin/admin\\-ajax\\.php$#i', $this->getServerValue('SCRIPT_FILENAME'))) &&
493	+ ($this->equals('master-slider', $this->request->getQueryString('page'))) &&
494	+ ($this->getLength($this->request->getBody('page')) > 0) &&
495	+ ($this->notEquals('master-slider', $this->request->getBody('page')))) {
496	+ $this->request->updateRulesInfo(168, $this->currRuleInfo);
497	+ if ($isProtect) return true;
498	+ }
499	+ }
500	+ if (isset($rules[169])) {
501	+ $this->currRuleInfo = array();
502	+ if (($this->equals('fancybox-for-wordpress', $this->request->getQueryString('page'))) &&
503	+ ($this->match(BVWPFW::XSSREGEX, $this->request->getBody('mfbfw'), "mfbfw"))) {
504	+ $this->request->updateRulesInfo(169, $this->currRuleInfo);
505	+ if ($isProtect) return true;
506	+ }
507	+ }
508	+ if (isset($rules[171])) {
509	+ $this->currRuleInfo = array();
510	+ if ((($this->match('#wp-json/wp/v\\d+/posts/#i', $this->request->getPath())) or
511	+ ($this->match('#/wp/v\\d+/posts/#i', $this->request->getQueryString('rest_route'), "rest_route"))) &&
512	+ ($this->match('/[^0-9]/', $this->request->getQueryString('id'), "id"))) {
513	+ $this->request->updateRulesInfo(171, $this->currRuleInfo);
514	+ if ($isProtect) return true;
515	+ }
516	+ }
517	+ if (isset($rules[172])) {
518	+ $this->currRuleInfo = array();
519	+ $pattern = '`\b(?i:(?:conf(?:ig(?:ur(?:e\|ation)\|\.inc\|_global)?)?)\|settings?(?:\.?inc)?)\.php$`';
520	+ if ((($this->match($pattern, $this->getServerValue('SCRIPT_FILENAME'), "SCRIPT_FILENAME")) or
521	+ ($this->match($pattern, $this->request->getQueryString(), "GET")))) {
522	+ $this->request->updateRulesInfo(172, $this->currRuleInfo);
523	+ if ($isProtect) return true;
524	+ }
525	+ }
526	+ if (isset($rules[173])) {
527	+ $this->currRuleInfo = array();
528	+ $pattern = '`(?:\.{2}[\/]+)`';
529	+ if ((($this->match($pattern, $this->request->getBody(), "BODY")) or
530	+ ($this->match($pattern, $this->request->getQueryString(), "GET")) or
531	+ ($this->match($pattern, $this->request->getCookies(), "COOKIE")) or
532	+ ($this->match($pattern, $this->request->getHeader('User-Agent'), "HEADER")))) {
533	+ $this->request->updateRulesInfo(173, $this->currRuleInfo);
534	+ if ($isProtect) return true;
535	+ }
536	+ }
537	+ if (isset($rules[174])) {
538	+ $this->currRuleInfo = array();
539	+ $pattern = '`\\b(?:\\$?_(COOKIE\|ENV\|FILES\|(?:GE\|POS\|REQUES)T\|SE(RVER\|SSION))\|HTTP_(?:(?:POST\|GET)_VARS\|RAW_POST_DATA)\|GLOBALS)\\s[=\\[)]\|\\W\\$\\{\\s[\'"]\\w+[\'"]`';
540	+ if ((($this->match($pattern, $this->request->getBody(), "BODY")) or
541	+ ($this->match($pattern, $this->request->getQueryString(), "GET")) or
542	+ ($this->match($pattern, $this->request->getCookies(), "COOKIE")) or
543	+ ($this->match($pattern, $this->request->getHeader('User-Agent'), "User-Agent")) or
544	+ ($this->match($pattern, $this->request->getHeader('Referer'), "Referer")) or
545	+ ($this->match($pattern, $this->getServerValue('PATH_INFO'), "PATH_INFO")))) {
546	+ $this->request->updateRulesInfo(174, $this->currRuleInfo);
547	+ if ($isProtect) return true;
548	+ }
549	+ }
550	+ if (isset($rules[175])) {
551	+ $this->currRuleInfo = array();
552	+ $pattern = '`\\b(?i:eval)\\s\\(\\s(?i:base64_decode\|exec\|file_get_contents\|gzinflate\|passthru\|shell_exec\|stripslashes\|system)\\s*\\(`';
553	+ if ((($this->match($pattern, $this->request->getBody(), "BODY")) or
554	+ ($this->match($pattern, $this->request->getQueryString(), "GET")) or
555	+ ($this->match($pattern, $this->request->getCookies(), "COOKIE")) or
556	+ ($this->match($pattern, $this->request->getHeader('User-Agent'), "User-Agent")))) {
557	+ $this->request->updateRulesInfo(175, $this->currRuleInfo);
558	+ if ($isProtect) return true;
559	+ }
560	+ }
561	+ if (isset($rules[176])) {
562	+ $this->currRuleInfo = array();
563	+ $pattern = '`(?:<\\?(?![Xx][Mm][Ll]).?(?:\\$_?(?:COOKIE\|ENV\|FILES\|GLOBALS\|(?:GE\|POS\|REQUES)T\|SE(RVER\|SSION))\\s[=\\[)]\|\\b(?i:array_map\|assert\|base64_(?:de\|en)code\|curl_exec\|eval\|(?:ex\|im)plode\|file(?:_get_contents)?\|fsockopen\|function_exists\|gzinflate\|move_uploaded_file\|passthru\|[ep]reg_replace\|phpinfo\|stripslashes\|strrev\|substr\|system\|(?:shell_)?exec)\\s(?:/\\.+?\\/\\s)?\\())\|#!/(?:usr\|bin)/.+?\\s\|\\W\\$\\{\\s*[\'"]\\w+[\'"]`';
564	+ if ((($this->match($pattern, $this->request->getBody(), "BODY")) or
565	+ ($this->match($pattern, $this->request->getQueryString(), "GET")) or
566	+ ($this->match($pattern, $this->request->getCookies(), "COOKIE")) or
567	+ ($this->match($pattern, $this->request->getHeader('User-Agent'), "User-Agent")))) {
568	+ $this->request->updateRulesInfo(176, $this->currRuleInfo);
569	+ if ($isProtect) return true;
570	+ }
571	+ }
572	+ if (isset($rules[177])) {
573	+ $this->currRuleInfo = array();
574	+ if ((($this->matchCount(BVWPFW::SQLIREGEX, $this->request->getBody()) > 2) or
575	+ ($this->matchCount(BVWPFW::SQLIREGEX, $this->request->getQueryString()) > 2) or
576	+ ($this->matchCount(BVWPFW::SQLIREGEX, $this->request->getCookies()) > 2) or
577	+ ($this->matchCount(BVWPFW::SQLIREGEX, $this->request->getHeader('User-Agent')) > 2))) {
578	+ $this->request->updateRulesInfo(177, $this->currRuleInfo);
579	+ if ($isProtect) return true;
580	+ }
581	+ }
582	+ if (isset($rules[178])) {
583	+ $this->currRuleInfo = array();
584	+ $pattern = '`(?: \\W(?:background(-image)?\|-moz-binding)\\s:[^}]?\\burl\\s\$[^)]+?(https?:)?//\\w\|<(?i:applet\|div\|embed\|form\|i?frame(?:set)?\|i(?:mg\|sindex)\|link\|m(?:eta\|arquee)\|object\|script\|textarea)\\b.=.?>\|\\bdocument\\s\\.\\s(?:body\|cookie\|domain\|location\|open\|write(?:ln)?)\\b\|\\blocation\\s\\.\\s(?:href\|replace)\\b\|\\bwindow\\s\\.\\s(?:open\|location)\\b\|\\b(?:alert\|confirm\|eval\|expression\|prompt\|set(?:Timeout\|Interval)\|String\\s\\.\\sfromCharCode\|\\.\\ssubstr)\\b\\s\\(.?\$\|(?i)<\\ss\\st\\sy\\sl\\se\\b.?>.?<\\s/\\ss\\st\\sy\\sl\\se\\b.?>\|(?i)<[a-z].+?\\bon[a-z]{3,29}\\b\\s=.{5}\|(?i)<.+?\\bon[a-z]{3,29}\\b\\s=\\s[\'"](?!\\sreturn false\\b).?[\'"].+?>\|(?i)<\\ss\\sc\\sr\\si\\sp\\st\\b.?>.?<\\s/\\ss\\sc\\sr\\si\\sp\\st.?>\|<.+?(?i)\\b(?:href\|(?:form)?action\|background\|code\|data\|location\|name\|poster\|src\|value)\\s=\\s[\'"]?(?:(?:f\|ht)tps?:)?//\\w+\\.\\w\|\\batob\\s(?:[\'"\\x60]\\s\\]\\s)?\$\\s([\'"\\x60])[a-zA-Z0-9/+=]+\\1\\s\$\|<.+?(?i)[a-z]+\\s=.?(?:java\|vb)script:.+?> \|<x:script\\b.?>.?</x:script.?>\|\\+A(?:Dw\|ACIAPgA8)-.+?\\+AD4(?:APAAi)?-\|[{}+[\\]\\s]\\+\\s\\[\\s]\\s\\)\\s\\[[{!}+[\\]\\s]\|(?i)<[a-z]+/[a-z]+.+?=.+?>\|\\[\\s\\]\\s\\[\\s[\'"\\x60]filter[\'"\\x60]\\s\\]\\s\\[\\s[\'"\\x60]constructor[\'"\\x60]\\s\\]\\s\$\\s\|\\b(?:document\|window\|this)\\s\\[.+?\\]\\s[\\[(]\|(?:(?:\\b(?:self\|this\|top\|window)\\s\\[.+?\\]\|\\(\\s(?:alert\|confirm\|eval\|expression\|prompt)\\s\$\|\\[.?\\]\\s\\.\\sfind)\|(?:\\.\\s(?:re(?:ject\|place)\|constructor)))\\s\$.?\$\|\\b(\\w+)\\s=\\s(?:alert\|confirm\|eval\|expression\|prompt)\\s[;,]\\1\\s\$.?\$)`';
585	+ if ((($this->match($pattern, $this->request->getBody(), "BODY")) or
586	+ ($this->match($pattern, $this->request->getQueryString(), "GET")) or
587	+ ($this->match($pattern, $this->request->getCookies(), "COOKIE")) or
588	+ ($this->match($pattern, $this->request->getHeader('User-Agent'), "User-Agent")) or
589	+ ($this->match($pattern, $this->request->getHeader('Referer'), "Referer")))) {
590	+ $this->request->updateRulesInfo(178, $this->currRuleInfo);
591	+ if ($isProtect) return true;
592	+ }
593	+ }
594	+ return false;
595	+ }
596	+ }
597	+ endif;

protect/wp_fw/request.php ADDED Viewed

	@@ -0,0 +1,324 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPRequest')) :
5	+ class BVWPRequest {
6	+ private $fileNames;
7	+ private $files;
8	+ private $headers;
9	+ private $host;
10	+ private $ip;
11	+ private $method;
12	+ private $path;
13	+ private $queryString;
14	+ private $timestamp;
15	+ private $uri;
16	+ private $body;
17	+ private $cookies;
18	+ private $respcode;
19	+ private $status;
20	+ private $rulesInfo;
21	+ private $reqInfo;
22	+
23	+ #status
24	+ const ALLOWED = 1;
25	+ const BLOCKED = 2;
26	+ const BYPASSED = 3;
27	+
28	+ #category
29	+ const BLACKLISTED = 1;
30	+ const WHITELISTED = 2;
31	+ const NORMAL = 3;
32	+
33	+ public function __construct($ip) {
34	+ $fileNames = array();
35	+ $headers = array();
36	+ $host = '';
37	+ $method = '';
38	+ $path = '';
39	+ $this->ip = $ip;
40	+ $this->rulesInfo = array();
41	+ $this->reqInfo = array();
42	+ $this->setRespCode(0);
43	+ $this->setCategory(BVWPRequest::NORMAL);
44	+ $this->setStatus(BVWpRequest::ALLOWED);
45	+ $this->setTimestamp(time());
46	+ $this->setQueryString(BVWPRequest::removeMagicQuotes($_GET));
47	+ $this->setCookies(BVWPRequest::removeMagicQuotes($_COOKIE));
48	+ $this->setBody(BVWPRequest::removeMagicQuotes($_POST));
49	+ $this->setFiles(BVWPRequest::removeMagicQuotes($_FILES));
50	+ if (!empty($_FILES)) {
51	+ foreach ($_FILES as $input => $file) {
52	+ $fileNames[$input] = BVWPRequest::removeMagicQuotes($file['name']);
53	+ }
54	+ }
55	+ $this->setFileNames($fileNames);
56	+ if (is_array($_SERVER)) {
57	+ foreach ($_SERVER as $key => $value) {
58	+ if (strpos($key, 'HTTP_') === 0) {
59	+ $header = substr($key, 5);
60	+ $header = str_replace(array(' ', '_'), array('', ' '), $header);
61	+ $header = ucwords(strtolower($header));
62	+ $header = str_replace(' ', '-', $header);
63	+ $headers[$header] = BVWPRequest::removeMagicQuotes($value);
64	+ }
65	+ }
66	+ if (array_key_exists('CONTENT_TYPE', $_SERVER)) {
67	+ $headers['Content-Type'] = BVWPRequest::removeMagicQuotes($_SERVER['CONTENT_TYPE']);
68	+ }
69	+ if (array_key_exists('CONTENT_LENGTH', $_SERVER)) {
70	+ $headers['Content-Length'] = BVWPRequest::removeMagicQuotes($_SERVER['CONTENT_LENGTH']);
71	+ }
72	+ if (array_key_exists('REFERER', $_SERVER)) {
73	+ $headers['Referer'] = BVWPRequest::removeMagicQuotes($_SERVER['REFERER']);
74	+ }
75	+ if (array_key_exists('HTTP_USER_AGENT', $_SERVER)) {
76	+ $headers['User-Agent'] = BVWPRequest::removeMagicQuotes($_SERVER['HTTP_USER_AGENT']);
77	+ }
78	+
79	+ if (array_key_exists('Host', $headers)) {
80	+ $host = $headers['Host'];
81	+ } else if (array_key_exists('SERVER_NAME', $_SERVER)) {
82	+ $host = BVWPRequest::removeMagicQuotes($_SERVER['SERVER_NAME']);
83	+ }
84	+
85	+ $method = array_key_exists('REQUEST_METHOD', $_SERVER) ? BVWPRequest::removeMagicQuotes($_SERVER['REQUEST_METHOD']) : 'GET';
86	+ $uri = array_key_exists('REQUEST_URI', $_SERVER) ? BVWPRequest::removeMagicQuotes($_SERVER['REQUEST_URI']) : '';
87	+ $_uri = parse_url($uri);
88	+ $path = (is_array($_uri) && array_key_exists('path', $_uri)) ? $_uri['path'] : $uri;
89	+ }
90	+ $this->setHeaders($headers);
91	+ $this->setHost($host);
92	+ $this->setMethod($method);
93	+ $this->setUri($uri);
94	+ $this->setPath($path);
95	+ }
96	+
97	+ public function setStatus($status) {
98	+ $this->status = $status;
99	+ }
100	+
101	+ public function setCategory($category) {
102	+ $this->category = $category;
103	+ }
104	+
105	+ public function setBody($body) {
106	+ $this->body = $body;
107	+ }
108	+
109	+ public function setCookies($cookies) {
110	+ $this->cookies = $cookies;
111	+ }
112	+
113	+ public function setFileNames($fileNames) {
114	+ $this->fileNames = $fileNames;
115	+ }
116	+
117	+ public function setFiles($files) {
118	+ $this->files = $files;
119	+ }
120	+
121	+ public function setHeaders($headers) {
122	+ $this->headers = $headers;
123	+ }
124	+
125	+ public function setRespCode($code) {
126	+ $this->respcode = $code;
127	+ }
128	+
129	+ public function getRespCode() {
130	+ return $this->respcode;
131	+ }
132	+
133	+ public function setHost($host) {
134	+ $this->host = $host;
135	+ }
136	+
137	+ public function setMethod($method) {
138	+ $this->method = $method;
139	+ }
140	+
141	+ public function setPath($path) {
142	+ $this->path = $path;
143	+ }
144	+
145	+ public function setQueryString($queryString) {
146	+ $this->queryString = $queryString;
147	+ }
148	+
149	+ public function setTimestamp($timestamp) {
150	+ $this->timestamp = $timestamp;
151	+ }
152	+
153	+ public function setUri($uri) {
154	+ $this->uri = $uri;
155	+ }
156	+
157	+ public function updateRulesInfo($key, $value) {
158	+ $this->rulesInfo[$key] = $value;
159	+ }
160	+
161	+ public function getRulesInfo() {
162	+ return $this->rulesInfo;
163	+ }
164	+
165	+ public function updateReqInfo($info) {
166	+ if (is_array($info)) {
167	+ $this->reqInfo = $this->reqInfo + $info;
168	+ }
169	+ }
170	+
171	+ public function getReqInfo() {
172	+ return $this->reqInfo;
173	+ }
174	+
175	+ public function getStatus() {
176	+ return $this->status;
177	+ }
178	+
179	+ public function getCategory() {
180	+ return $this->category;
181	+ }
182	+
183	+ public function captureRespCode($status_header) {
184	+ if (preg_match('/HTTP\/(\\d\\.\\d)\\s(\\d+)\\s(.*)/', $status_header, $tokens)) {
185	+ $this->setRespCode(intval($tokens[2]));
186	+ }
187	+ return $status_header;
188	+ }
189	+
190	+ public function getDataToLog() {
191	+ $referer = $this->getHeader('Referer') ? $this->getHeader('Referer') : '';
192	+ $user_agent = $this->getHeader('User-Agent') ? $this->getHeader('User-Agent') : '';
193	+ $rules_info = maybe_serialize($this->getRulesInfo());
194	+ $req_info = maybe_serialize($this->getReqInfo());
195	+ if (strlen($req_info) > 16000) {
196	+ $req_info = maybe_serialize(array("keys" => array_keys($this->getReqInfo())));
197	+ if (strlen($req_info) > 16000) {
198	+ $req_info = maybe_serialize(array("bv_over_size" => true));
199	+ }
200	+ }
201	+ $data = array(
202	+ "path" => $this->getPath(),
203	+ "filenames" => maybe_serialize($this->getFileNames()),
204	+ "host" => $this->getHost(),
205	+ "time" => $this->getTimeStamp(),
206	+ "ip" => $this->getIP(),
207	+ "method" => $this->getMethod(),
208	+ "query_string" => $req_info,
209	+ "user_agent" => $user_agent,
210	+ "resp_code" => $this->getRespCode(),
211	+ "referer" => $referer,
212	+ "status" => $this->getStatus(),
213	+ "category" => $this->getCategory(),
214	+ "rules_info" => $rules_info
215	+ );
216	+ return $data;
217	+ }
218	+
219	+ protected function getKeyVal($array, $key) {
220	+ if (is_array($array)) {
221	+ if (is_array($key)) {
222	+ $_key = array_shift($key);
223	+ if (array_key_exists($_key, $array)) {
224	+ if (count($key) > 0) {
225	+ return $this->getKeyVal($array[$_key], $key);
226	+ } else {
227	+ return $array[$_key];
228	+ }
229	+ }
230	+ } else {
231	+ return array_key_exists($key, $array) ? $array[$key] : null;
232	+ }
233	+ }
234	+ return null;
235	+ }
236	+
237	+ public function getBody() {
238	+ if (func_num_args() > 0) {
239	+ $args = func_get_args();
240	+ return $this->getKeyVal($this->body, $args);
241	+ }
242	+ return $this->body;
243	+ }
244	+
245	+ public function getCookies() {
246	+ if (func_num_args() > 0) {
247	+ $args = func_get_args();
248	+ return $this->getKeyVal($this->cookies, $args);
249	+ }
250	+ return $this->cookies;
251	+ }
252	+
253	+ public function getQueryString() {
254	+ if (func_num_args() > 0) {
255	+ $args = func_get_args();
256	+ return $this->getKeyVal($this->queryString, $args);
257	+ }
258	+ return $this->queryString;
259	+ }
260	+
261	+ public function getHeader($key) {
262	+ if (array_key_exists($key, $this->headers)) {
263	+ return $this->headers[$key];
264	+ }
265	+ return null;
266	+ }
267	+
268	+ public function getFiles() {
269	+ if (func_num_args() > 0) {
270	+ $args = func_get_args();
271	+ return $this->getKeyVal($this->files, $args);
272	+ }
273	+ return $this->files;
274	+ }
275	+
276	+ public function getFileNames() {
277	+ if (func_num_args() > 0) {
278	+ $args = func_get_args();
279	+ return $this->getKeyVal($this->fileNames, $args);
280	+ }
281	+ return $this->fileNames;
282	+ }
283	+
284	+ public function getHost() {
285	+ return $this->host;
286	+ }
287	+
288	+ public function getURI() {
289	+ return $this->uri;
290	+ }
291	+
292	+ public function getPath() {
293	+ return $this->path;
294	+ }
295	+
296	+ public function getIP() {
297	+ return $this->ip;
298	+ }
299	+
300	+ public function getMethod() {
301	+ return $this->method;
302	+ }
303	+
304	+ public function getTimestamp() {
305	+ return $this->timestamp;
306	+ }
307	+
308	+ public static function removeMagicQuotes($value) {
309	+ if (function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc()) {
310	+ return BVWPRequest::removeSlashesRecursively($value);
311	+ }
312	+ return $value;
313	+ }
314	+
315	+ public static function removeSlashesRecursively($value) {
316	+ if (is_array($value)) {
317	+ $value = array_map(array('self', 'removeSlashesRecursively',), $value);
318	+ } else if (is_string($value)) {
319	+ $value = stripslashes($value);
320	+ }
321	+ return $value;
322	+ }
323	+ }
324	+ endif;

protect/wp_lp/config.php ADDED Viewed

	@@ -0,0 +1,82 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPLPConfig')) :
5	+ class BVWPLPConfig {
6	+ public $db;
7	+ public $settings;
8	+ public static $requests_table = 'lp_requests';
9	+
10	+ #mode
11	+ const DISABLED = 1;
12	+ const AUDIT = 2;
13	+ const PROTECT = 3;
14	+
15	+ public function __construct($db, $settings) {
16	+ $this->db = $db;
17	+ $this->settings = $settings;
18	+ }
19	+
20	+ public function setMode($mode) {
21	+ if (!$mode) {
22	+ $this->settings->deleteOption('bvlpmode');
23	+ } else {
24	+ $this->settings->updateOption('bvlpmode', intval($mode));
25	+ }
26	+ }
27	+
28	+ public function setCaptchaLimit($count) {
29	+ if (!$count) {
30	+ $this->settings->deleteOption('bvlpcaptchaLimit');
31	+ } else {
32	+ $this->settings->updateOption('bvlpcaptchaLimit', intval($count));
33	+ }
34	+ }
35	+
36	+ public function setTempBlockLimit($count) {
37	+ if (!$count) {
38	+ $this->settings->deleteOption('bvlptempblocklimit');
39	+ } else {
40	+ $this->settings->updateOption('bvlptempblocklimit', intval($count));
41	+ }
42	+ }
43	+
44	+ public function setBlockAllLimit($count) {
45	+ if (!$count) {
46	+ $this->settings->deleteOption('bvlpblockalllimit');
47	+ } else {
48	+ $this->settings->updateOption('bvlpblockalllimit', intval($count));
49	+ }
50	+ }
51	+
52	+ public function getMode() {
53	+ $mode = $this->settings->getOption('bvlpmode');
54	+ return intval($mode ? $mode : BVWPLPConfig::DISABLED);
55	+ }
56	+
57	+ public function getCaptchaLimit() {
58	+ $limit = $this->settings->getOption('bvlpcaptchalimit');
59	+ return ($limit ? $limit : 3);
60	+ }
61	+
62	+ public function getTempBlockLimit() {
63	+ $limit = $this->settings->getOption('bvlptempblocklimit');
64	+ return ($limit ? $limit : 10);
65	+ }
66	+
67	+ public function getBlockAllLimit() {
68	+ $limit = $this->settings->getOption('bvlpblockAlllimit');
69	+ return ($limit ? $limit : 100);
70	+ }
71	+
72	+ public function clear() {
73	+ $this->setMode(false);
74	+ $this->setCaptchaLimit(false);
75	+ $this->setTempBlockLimit(false);
76	+ $this->setBlockAllLimit(false);
77	+ $this->db->dropBVTable(BVWPLPConfig::$requests_table);
78	+ $this->settings->deleteOption('bvptplug');
79	+ return true;
80	+ }
81	+ }
82	+ endif;

protect/wp_lp/lp.php ADDED Viewed

	@@ -0,0 +1,242 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPLP')) :
5	+
6	+ require_once dirname( __FILE__ ) . '/config.php';
7	+
8	+ class BVWPLP {
9	+ public $db;
10	+ public $settings;
11	+ private $ip;
12	+ private $time;
13	+ private $category;
14	+ private $username;
15	+ private $message;
16	+ public $config;
17	+ public $logger;
18	+ public $ipstore;
19	+ public static $requests_table = 'lp_requests';
20	+ public static $unblock_ip_transient = 'bvlp_unblock_ip';
21	+
22	+ #status
23	+ const LOGINFAILURE = 1;
24	+ const LOGINSUCCESS = 2;
25	+ const LOGINBLOCKED = 3;
26	+
27	+ #categories
28	+ const CAPTCHABLOCK = 1;
29	+ const TEMPBLOCK = 2;
30	+ const ALLBLOCKED = 3;
31	+ const UNBLOCKED = 4;
32	+ const BLACKLISTED = 5;
33	+ const BYPASSED = 6;
34	+ const ALLOWED = 7;
35	+
36	+ public function __construct($db, $settings, $ip, $ipstore) {
37	+ $this->db = $db;
38	+ $this->settings = $settings;
39	+ $this->ip = $ip;
40	+ $this->config = new BVWPLPConfig($db, $settings);
41	+ $this->ipstore = $ipstore;
42	+ $this->logger = new BVLogger($db, BVWPLPConfig::$requests_table);
43	+ $this->time = strtotime(date("Y-m-d H:i:s"));
44	+ }
45	+
46	+ public function init() {
47	+ add_filter('authenticate', array($this, 'loginInit'), 30, 3);
48	+ add_action('wp_login', array($this, 'loginSuccess'));
49	+ add_action('wp_login_failed', array($this, 'loginFailed'));
50	+ }
51	+
52	+ public function setMessage($message) {
53	+ $this->message = $message;
54	+ }
55	+
56	+ public function setUserName($username) {
57	+ $this->username = $username;
58	+ }
59	+
60	+ public function setCategory($category) {
61	+ $this->category = $category;
62	+ }
63	+
64	+ public function getCaptchaLink() {
65	+ $account = WPRAccount::apiPublicAccount($this->settings);
66	+ $url = $account->authenticatedUrl('/captcha/solve');
67	+ $url .= "&adminurl=".base64_encode(get_admin_url());
68	+ return $url;
69	+ }
70	+
71	+ public function getUserName() {
72	+ return $this->username ? $this->username : '';
73	+ }
74	+
75	+ public function getMessage() {
76	+ return $this->message ? $this->message : '';
77	+ }
78	+
79	+ public function getCategory() {
80	+ return $this->category ? $this->category : BVWPLP::ALLOWED;
81	+ }
82	+
83	+ public function getCaptchaLimit() {
84	+ return $this->config->getCaptchaLimit();
85	+ }
86	+
87	+ public function getTempBlockLimit() {
88	+ return $this->config->getTempBlockLimit();
89	+ }
90	+
91	+ public function getBlockAllLimit() {
92	+ return $this->config->getBlockAllLimit();
93	+ }
94	+
95	+ public function getLoginLogsTable() {
96	+ global $bvdb;
97	+ return $bvdb->getBVTable(BVWPLP::$requests_table);
98	+ }
99	+
100	+ public function getAllowLoginsTransient() {
101	+ return $this->settings->getTransient('bvlp_allow_logins');
102	+ }
103	+
104	+ public function getBlockLoginsTransient() {
105	+ return $this->settings->getTransient('bvlp_block_logins');
106	+ }
107	+
108	+ public function terminateTemplate() {
109	+ $info = new WPRInfo($this->settings);
110	+ $brandname = $info->getBrandName();
111	+ $templates = array (
112	+ 1 => "<p>Too many failed attempts, You are barred from logging into this site.</p><a href=".$this->getCaptchaLink()."
113	+ class='btn btn-default'>Click here</a> to unblock yourself.",
114	+ 2 => "You cannot login to this site for 30 minutes because of too many failed login attempts.",
115	+ 3 => "<p>Logins to this site are currently blocked.</p><a href=".$this->getCaptchaLink()."
116	+ class='btn btn-default'>Click here</a> to unblock yourself.",
117	+ 5 => "Your IP is blacklisted."
118	+ );
119	+ return "
120	+ <div style='height: 98vh;'>
121	+ <div style='text-align: center; padding: 10% 0; font-family: Arial, Helvetica, sans-serif;'>
122	+ <div><p><img src=".plugins_url('/../../img/icon.png', __FILE__)."><h2>Login Protection</h2><h3>powered by</h3><h2>"
123	+ .$brandname."</h2></p><div>
124	+ <p>" . $templates[$this->getCategory()]. "</p>
125	+ </div>
126	+ </div>";
127	+ }
128	+
129	+ public function isProtecting() {
130	+ return ($this->config->getMode() === BVWPLPConfig::PROTECT);
131	+ }
132	+
133	+ public function isActive() {
134	+ return ($this->config->getMode() !== BVWPLPConfig::DISABLED);
135	+ }
136	+
137	+ public function isBlacklistedIP() {
138	+ return $this->ipstore->checkIPPresent($this->ip, BVIPStore::BLACKLISTED, BVIPStore::LP);
139	+ }
140	+
141	+ public function isWhitelistedIP() {
142	+ return $this->ipstore->checkIPPresent($this->ip, BVIPStore::WHITELISTED, BVIPStore::LP);
143	+ }
144	+
145	+ public function isUnBlockedIP() {
146	+ $transient_name = BVWPLP::$unblock_ip_transient.$this->ip;
147	+ $attempts = $this->settings->getTransient($transient_name);
148	+ if ($attempts && $attempts > 0) {
149	+ $this->settings->setTransient($transient_name, $attempts - 1, 600 * $attempts);
150	+ return true;
151	+ }
152	+ return false;
153	+ }
154	+
155	+ public function isLoginBlocked() {
156	+ if ($this->getAllowLoginsTransient() \|\|
157	+ ($this->getLoginCount(BVWPLP::LOGINFAILURE) < $this->getBlockAllLimit())) {
158	+ return false;
159	+ }
160	+ return true;
161	+ }
162	+
163	+ public function log($status) {
164	+ $data = array (
165	+ "ip" => $this->ip,
166	+ "status" => $status,
167	+ "time" => $this->time,
168	+ "category" => $this->getCategory(),
169	+ "username" => $this->getUserName(),
170	+ "message" => $this->getMessage());
171	+ $this->logger->log($data);
172	+ }
173	+
174	+ public function terminateLogin() {
175	+ $this->setMessage('Login Blocked');
176	+ $this->log(BVWPLP::LOGINBLOCKED);
177	+ if ($this->isProtecting()) {
178	+ header("Cache-Control: no-cache, no-store, must-revalidate");
179	+ header("Pragma: no-cache");
180	+ header("Expires: 0");
181	+ header('HTTP/1.0 403 Forbidden');
182	+ die($this->terminateTemplate());
183	+ exit;
184	+ }
185	+ }
186	+
187	+ public function loginInit($user, $username = '', $password = '') {
188	+ if ($this->isUnBlockedIP()) {
189	+ $this->setCategory(BVWPLP::UNBLOCKED);
190	+ } else {
191	+ $failed_attempts = $this->getLoginCount(BVWPLP::LOGINFAILURE, $this->ip);
192	+ if ($this->isBlacklistedIP()) {
193	+ $this->setCategory(BVWPLP::BLACKLISTED);
194	+ $this->terminateLogin();
195	+ } else if ($this->isKnownLogin() \|\| $this->isWhitelistedIP()) {
196	+ $this->setCategory(BVWPLP::BYPASSED);
197	+ } else if ($this->isLoginBlocked()) {
198	+ $this->setCategory(BVWPLP::ALLBLOCKED);
199	+ $this->terminateLogin();
200	+ } else if ($failed_attempts >= $this->getTempBlockLimit()) {
201	+ $this->setCategory(BVWPLP::TEMPBLOCK);
202	+ $this->terminateLogin();
203	+ } else if ($failed_attempts >= $this->getCaptchaLimit()) {
204	+ $this->setCategory(BVWPLP::CAPTCHABLOCK);
205	+ $this->terminateLogin();
206	+ }
207	+ }
208	+ if (!empty($user) && !empty($password) && is_wp_error($user)) {
209	+ $this->setMessage($user->get_error_code());
210	+ }
211	+ return $user;
212	+ }
213	+
214	+ public function loginFailed($username) {
215	+ $this->setUserName($username);
216	+ $this->log(BVWPLP::LOGINFAILURE);
217	+ }
218	+
219	+ public function loginSuccess($username) {
220	+ $this->setUserName($username);
221	+ $this->setMessage('Login Success');
222	+ $this->log(BVWPLP::LOGINSUCCESS);
223	+ }
224	+
225	+ public function isKnownLogin() {
226	+ return $this->getLoginCount(BVWPLP::LOGINSUCCESS, $this->ip, 3600) > 0;
227	+ }
228	+
229	+ public function getLoginCount($status, $ip = null, $gap = 1800) {
230	+ $db = $this->db;
231	+ $table = $db->getBVTable(BVWPLP::$requests_table);
232	+ $query = $db->prepare("SELECT COUNT(*) as count from `$table` WHERE status=%d && time > %d", array($status, ($this->time - $gap)));
233	+ if ($ip) {
234	+ $query .= $db->prepare(" && ip=%s", $ip);
235	+ }
236	+ $rows = $db->getResult($query);
237	+ if (!$rows)
238	+ return 0;
239	+ return intval($rows[0]['count']);
240	+ }
241	+ }
242	+ endif;

readme.txt CHANGED Viewed

@@ -1,26 +1,24 @@
             === The WP Remote WordPress Plugin ===
-            -
            Contributors: jeramynirodha, bmett, humanmade, willmot, joehoyle, danielbachhuber, mattheu, pauldewouters, cuvelier, tcrsavage
-            -
            Tags: wpremote, remote administration, multiple wordpress
-            -
            Requires at least: 3.0
-            -
            Tested up to: 4.9
-            -
            Stable tag: 2.8.4.3
-            -
-            -
            WP Remote is a free web app that enables you to easily manage all of your WordPress powered sites from one place.
-            -
-            -
            == Description ==
-            -
-            -
            The WP Remote WordPress Plugin works with [WP Remote](https://wpremote.com/) to enable you to remotely manage and update all your WordPress sites.
             = Features =
-            -
            * Free to monitor and update an unlimited number of sites.
             * Track and update all of your WordPress sites from one place.
             * Track and update all of your WordPress plugins and themes from one place.
-            -
            * Schedule automatic backups to AWS, SFTP, FTP.
-            -
            * Perform manual backups of your WordPress database and files.
-            -
            * Download previous backups from the one place.
             * Install and activate plugins and themes from the one place.
-            -
            * Early beta access to [maekit](https://maek.it/) web design business platform.
             = Support =
@@ -32,42 +30,9 @@ You can email us at support@wpremote.com for support.
 . Activate the plugin.
 . Sign up for an account at wpremote.com and add your site.
-            -
            == Frequently Asked Questions ==
-            -
-            -
            ** I've forgotten my password **
-            -
            Use the “I’ve forgotten my password” link on the log-in screen to generate an email with a link to reset your password.
-            -
-            -
            https://wpremote.com/login/lost-password/
-            -
-            -
            ** How do I fix the “Does not appear to be a valid URL” message? **
-            -
-            -
            1. If the domain name has been typed incorrectly:
-            -
            The easiest way to ensure you have the correct domain name is to open your site in a different browser window and then copy and paste the site address.
-            -
-            -
            2. If you have made recent changes to your DNS/Nameservers records:
-            -
            If this is the case then just give it a little more time and try again later.
-            -
-            -
            **What if I want to back up my site to another destination?**
-            -
-            -
            You can also store your backups on your own Amazon S3 or you can upload backups to your own server via FTP or SFTP.
-            -
-            -
            **How do I restore my site from a backup?**
-            -
-            -
            WP Remote does not provide an automated way to restore your site. We recommend downloading a copy of your backup, unzipping it and then uploading to your site's server via FTP/SSH. Database importing can be done via your PHPMyAdmin interface or a similar tool - Your database backup can be found in the root folder of your downloaded backup zip.
-            -
-            -
            **Further Support & Feedback**
-            -
-            -
            General support questions should be posted in the <a href="http://wordpress.org/support/plugin/wpremote">WordPress support forums.</a>
-            -
-            -
            You can email us at support@wpremote.com for support.
-            -
-            -
            == Screenshots ==
-            -
-            -
            1. The WP Remote dashboard at wpremote.com
-            -
            2. See all of the plugins and themes needing update across all Sites in one view.
-            -
            3. Download nightly Automatic Backups.
-            -
-            -
            == Changelog ==
             #### 2.8.4.3 (11 January 2019)
@@ -102,188 +67,3 @@ You can email us at support@wpremote.com for support.
             * Add link to clear API key from the plugin settings page.
             * Prevent WP Remote from clearing the API key on deactivation
             * Clear API key on uninstall
-            -
-            -
            #### 2.8.0.1 (31 August 2017)
-            -
-            -
            * Bug fix for PHP < 5.4
-            -
-            -
            #### 2.8.0 (30 August 2017)
-            -
-            -
            * Modify plugin activation and return plugin active status to WP Remote
-            -
-            -
            #### 2.7.9.2 (25 August 2017)
-            -
-            -
            * Bug fix for php 5.4 and lower
-            -
-            -
            #### 2.7.9.1 (25 August 2017)
-            -
-            -
            * Add Fallback method for when current user isn't found
-            -
-            -
            #### 2.7.9 (22 August 2017)
-            -
-            -
            * Query DB to find an admin user to run updates
-            -
-            -
            #### 2.7.8 (20 July 2017)
-            -
-            -
            * Replaced mysql class and functions with mysqli
-            -
-            -
            #### 2.7.7 (20 April 2017)
-            -
-            -
            * Fixed fatal error with backup location
-            -
-            -
            #### 2.7.6 (18 Sept 2014)
-            -
-            -
            * Fixed issue with plugins not being reactivated when updated on an MU WordPress install
-            -
            * Fixed issue with child themes reporting an available update whenever the parent theme has an available update
-            -
-            -
            #### 2.7.5 (10 Sept 2014)
-            -
-            -
            * Fixed WordPress 4.0 issues with json_encode of a WP_Error object which would result in malformed responses from the WP_Remote WordPress plugin
-            -
            * Added FAQ to readme
-            -
            * Updated incompatible plugins list
-            -
-            -
            #### 2.7.3 (12 May 2014)
-            -
-            -
            * Added the ability to return basic content information for the site - post count, user count, plugin count etc.
-            -
            * Updated contribution guidelines
-            -
-            -
            #### 2.7.2 (22 January 2014)
-            -
-            -
            * Misc improvements to the accuracy of the backup restart mechanism.
-            -
            * Inline styles to insure the API key prompt always appears, even if a theme or plugin may hide admin notices.
-            -
-            -
            #### 2.7.1 (23 December 2013)
-            -
-            -
            * Bug fix: Restore plugin and theme installation mechanism.
-            -
            * Bug fix: On some hosts where `getmypid()` wasn't permitted, the backup process would be prematurely reported as killed.
-            -
-            -
            #### 2.7.0 (19 November 2013)
-            -
-            -
            * Improved durability of backups where the backup process can take more than 90 seconds.
-            -
            * New API support for posts, comments, and fixed support for users (oops).
-            -
            * Reporting and update integration with premium plugins that support ManageWP's API implementation.
-            -
            * Plugin, theme, and core updates now respect the `DISALLOW_FILE_MODS` constant.
-            -
-            -
            #### 2.6.7 (27 October 2013)
-            -
-            -
            * API improvement: specify database- and file-only backups
-            -
            * Bug fix: Make the backup download URL accessible on Apache servers again. The protective .htaccess was being generated with the wrong key.
-            -
-            -
            #### 2.6.6 (23 October 2013)
-            -
-            -
            * Bug fix: Due to some files moving around, WP Remote wasn't able to properly update the current version of the plugin.
-            -
-            -
            #### 2.6.5 (23 October 2013)
-            -
-            -
            * Incorporated a more reliable plugin re-activation process after update.
-            -
            * Bug fix: Properly delete backup folders for failed backups. Users may want to look inside of `/wp-content/` for any folders named as `*-backups`. If they were created by WP Remote, they can be safely deleted.
-            -
            * Bug fix: Log the proper fields in history when a new user is created.
-            -
-            -
            #### 2.6.4 (2 October 2013)
-            -
-            -
            * Misc API improvements for Premium.
-            -
            * Bug fix: Disable all premium plugin and theme updates. Causing fatals too often.
-            -
            * Bug fix: Restore FTP-based core, theme, and plugin updates by properly accessing the passed credentials.
-            -
-            -
            #### 2.6.3 (10 September 2013)
-            -
-            -
            * Bug fix: Disabled updating BackupBuddy through WP Remote for BackupBuddy v4.1.1 and greater. BackupBuddy changed its custom update mechanism (as it's a premium plugin), which caused the WP Remote plugin not to function properly.
-            -
-            -
            #### 2.6.2 (2 September 2013)
-            -
-            -
            * Bug fix: Reactivating plugin after plugin upgrade.
-            -
-            -
            #### 2.6.1 (26 August 2013)
-            -
-            -
            * Add multiple API keys to your WP Remote plugin with a `wpr_api_keys` filter if you'd like to use more than WP Remote account with the site.
-            -
            * Plugin now supports localization. Please feel free to [submit your translation](http://translate.hmn.md/projects).
-            -
            * Update `HM Backup` to v2.3
-            -
            * Bug fix: Properly handle timestamp values in database backups.
-            -
            * Bug fix: Use super randomized backup directories.
-            -
-            -
            #### 2.6
-            -
-            -
            * Change to using better hmac style authentication
-            -
            * Fix error for sites running =< WordPress 3.1
-            -
-            -
            #### 2.5
-            -
-            -
            * Remove BackUpWordPress, backups are now handled by the `HM Backup` class.
-            -
            * BackUpWordPress can now be used alongside WP Remote without issues.
-            -
            * Exclude `.git` and `.svn` folders from backups automatically.
-            -
-            -
            #### 2.4.12 & 2.4.13
-            -
-            -
            * Upgrade bundled BackUpWordPress to 2.1.3.
-            -
            * Fix an issue with Download Site on Apache servers.
-            -
            * Set the correct location for the BackUpWordPress language files.
-            -
-            -
            #### 2.4.10 + 2.4.11
-            -
-            -
            * Plugin release shenaningans.
-            -
-            -
            #### 2.4.9
-            -
-            -
            * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by `url_shorten` being called outside the admin.
-            -
-            -
            #### 2.4.8
-            -
-            -
            * Pull in latest BackUpWordPress which fixes a possible Fatal error caused by misc.php being included to early.
-            -
-            -
            #### 2.4.7
-            -
-            -
            * Update to BackUpWordPress 2.1
-            -
            * Fix an issue that could cause backups to be run when they shouldn't have.
-            -
            * Only hide the backups menu item if the site doesn't have any non wpremote schedules.
-            -
            * Hide all BackUpWordPress admin notices.
-            -
            * Fix the button styles for the save API Key button in WordPress 3.5
-            -
            * Fix a possible warning in the WP_Filesystem integration, props @tillkruess (github).
-            -
            * Support for updating the Pagelines premium theme, props @tillkruess (github)
-            -
-            -
            #### 2.4.6
-            -
-            -
            * Support for updating the BackupBuddy premium plugin, props @tillkruess (github)
-            -
-            -
            #### 2.4.1 - 2.4.5
-            -
-            -
            * Minor bug fixes
-            -
-            -
            #### 2.4
-            -
-            -
            * Backups are now powered by BackUpWordPress.
-            -
            * The BackUpWordPress Plugin can no longer be run alongside WP Remote.
-            -
            * Show a message if a security plugin is active which could affect WP Remote.
-            -
            * Emphasise that you can deactivate the plugin to clear your API key.
-            -
-            -
            #### 2.3.1
-            -
-            -
            * PHP 5.2.4 compat.
-            -
-            -
            #### 2.3
-            -
-            -
            * WP_Filesystem support for servers which don't allow PHP direct filesystem access.
-            -
            * Support for monitoring and updating Gravity Forms.
-            -
-            -
            #### 2.2.5
-            -
-            -
            * Implemented API call for Core updates
-            -
-            -
            #### 2.2.4
-            -
-            -
            * Fixed excludes for backups directories
-            -
            * Started on remote core upgrades
-            -
            * Fix memory limit in WP 3.1
-            -
-            -
            #### 2.2.3
-            -
-            -
            * Use WPR_HM_Backup instead of HM_Backup (fixes compatibilty with backupwordpress)
-            -
-            -
            #### 2.2
-            -
-            -
            * Start keeping a changelog of plugin changes
-            -
            * Pass home_url, site_url and admin_url to WP Remote instead of guessing at them, fixes issues with the urls being wrong for non-standard WordPress installs
-            -
            * Better error message when you have the wrong API key entered.
-            -
-            -
            ## Contribution guidelines ##
-            -
-            -
            see https://github.com/MyWorkAus/WP-Remote-WordPress-Plugin/blob/master/CONTRIBUTING.md

             === The WP Remote WordPress Plugin ===
+            +
            Contributors: BlogVault Backup
+            +
            Tags: wpremote, remote administration, multiple wordpress, backup, wordpress backup
+            +
            Plugin URI: https://wpremote.com/
+            +
            Donate link: https://app.wpremote.com/home/signup
+            +
            Requires at least: 4.0
+            +
            Tested up to: 5.2.1
+            +
            Stable tag: 3.2
+            +
            License: GPLv2 or later
+            +
            License URI: [http://www.gnu.org/licenses/gpl-2.0.html](http://www.gnu.org/licenses/gpl-2.0.html)
+            +
+            +
            == DESCRIPTION ==
+            +
            The WP Remote WordPress Plugin works with [WP Remote](https://app.wpremote.com/) to enable you to remotely manage and update all your WordPress sites.
+            +
            WP Remote has been acquired by BlogVault.
             = Features =
+            +
            * Free to update an unlimited number of sites.
             * Track and update all of your WordPress sites from one place.
             * Track and update all of your WordPress plugins and themes from one place.
             * Install and activate plugins and themes from the one place.
             = Support =
 . Activate the plugin.
 . Sign up for an account at wpremote.com and add your site.
+            +
            == CHANGELOG ==
+            +
            = 3.2 =
+            +
            * Integrating with BlogVault.
             #### 2.8.4.3 (11 January 2019)
             * Add link to clear API key from the plugin settings page.
             * Prevent WP Remote from clearing the API key on deactivation
             * Clear API key on uninstall

recover.php ADDED Viewed

	@@ -0,0 +1,47 @@


1	+ <?php
2	+ if (!defined('ABSPATH')) exit;
3	+ if (!class_exists('WPRRecover')) :
4	+ class WPRRecover {
5	+ public static $default_secret_key = 'bvSecretKey';
6	+
7	+ public static function defaultSecret($settings) {
8	+ $secret = self::getDefaultSecret($settings);
9	+ if (empty($secret)) {
10	+ $secret = WPRAccount::randString(32);
11	+ self::updateDefaultSecret($settings, $secret);
12	+ }
13	+ return $secret;
14	+ }
15	+
16	+ public static function deleteDefaultSecret($settings) {
17	+ $settings->deleteOption(self::$default_secret_key);
18	+ }
19	+
20	+ public static function getDefaultSecret($settings) {
21	+ return $settings->getOption(self::$default_secret_key);
22	+ }
23	+
24	+ public static function updateDefaultSecret($settings, $secret) {
25	+ $settings->updateOption(self::$default_secret_key, $secret);
26	+ }
27	+
28	+ public static function validate($pubkey) {
29	+ if ($pubkey && strlen($pubkey) >= 32) {
30	+ return true;
31	+ } else {
32	+ return false;
33	+ }
34	+ }
35	+
36	+ public static function find($settings, $pubkey) {
37	+ if (!self::validate($pubkey)) {
38	+ return null;
39	+ }
40	+ $secret = self::getDefaultSecret($settings);
41	+ if (!empty($secret) && (strlen($secret) >= 32)) {
42	+ $account = new WPRAccount($settings, $pubkey, $secret);
43	+ }
44	+ return $account;
45	+ }
46	+ }
47	+ endif;

screenshot-1.png DELETED Viewed

Binary file

screenshot-2.png DELETED Viewed

Binary file

screenshot-3.png DELETED Viewed

Binary file

tests/bootstrap.php DELETED Viewed

@@ -1,10 +0,0 @@
-            -
            <?php
-            -
-            -
            require_once getenv( 'WP_TESTS_DIR' ) . '/includes/functions.php';
-            -
-            -
            function _manually_load_plugin() {
-            -
            	require dirname( __FILE__ ) . '/../plugin.php';
-            -
            }
-            -
            tests_add_filter( 'muplugins_loaded', '_manually_load_plugin' );
-            -
-            -
            require getenv( 'WP_TESTS_DIR' ) . '/includes/bootstrap.php';

tests/pluginsTest.php DELETED Viewed

@@ -1,11 +0,0 @@
-            -
            <?php
-            -
-            -
            /**
-            -
             */
-            -
            class WPRemotePluginsTestCase extends WP_UnitTestCase {
-            -
-            -
            	function testGetPlugins() {
-            -
-            -
            		$this->assertTrue( function_exists( 'wprp_catch_api_call' ) );
-            -
            	}
-            -
            }

wp_actions.php ADDED Viewed

	@@ -0,0 +1,53 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPAction')) :
5	+ class WPRWPAction {
6	+ public $settings;
7	+ public $siteinfo;
8	+ public $bvinfo;
9	+ public $bvapi;
10	+
11	+ public function __construct($settings, $siteinfo, $bvapi) {
12	+ $this->settings = $settings;
13	+ $this->siteinfo = $siteinfo;
14	+ $this->bvapi = $bvapi;
15	+ $this->bvinfo = new WPRInfo($settings);
16	+ }
17	+
18	+ public function activate() {
19	+ if (!isset($_REQUEST['blogvaultkey'])) {
20	+ ##BVKEYSLOCATE##
21	+ }
22	+ if (WPRAccount::isConfigured($this->settings)) {
23	+ /* This informs the server about the activation */
24	+ $info = array();
25	+ $this->siteinfo->basic($info);
26	+ $this->bvapi->pingbv('/bvapi/activate', $info);
27	+ } else {
28	+ WPRAccount::setup($this->settings);
29	+ }
30	+ }
31	+
32	+ public function deactivate() {
33	+ $info = array();
34	+ $this->siteinfo->basic($info);
35	+ $this->bvapi->pingbv('/bvapi/deactivate', $info);
36	+ }
37	+
38	+ public static function uninstall() {
39	+ do_action('clear_lp_config');
40	+ do_action('clear_fw_config');
41	+ do_action('clear_ip_store');
42	+ do_action('clear_dynsync_config');
43	+ }
44	+
45	+ public function footerHandler() {
46	+ $bvfooter = $this->settings->getOption($this->bvinfo->badgeinfo);
47	+ if ($bvfooter) {
48	+ echo '<div style="max-width:150px;min-height:70px;margin:0 auto;text-align:center;position:relative;">
49	+ <a href='.$bvfooter['badgeurl'].' target="_blank" ><img src="'.plugins_url($bvfooter['badgeimg'], __FILE__).'" alt="'.$bvfooter['badgealt'].'" /></a></div>';
50	+ }
51	+ }
52	+ }
53	+ endif;

wp_admin.php ADDED Viewed

	@@ -0,0 +1,183 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPAdmin')) :
5	+
6	+ class WPRWPAdmin {
7	+ public $settings;
8	+ public $siteinfo;
9	+ public $bvinfo;
10	+
11	+ function __construct($settings, $siteinfo) {
12	+ $this->settings = $settings;
13	+ $this->siteinfo = $siteinfo;
14	+ $this->bvinfo = new WPRInfo($this->settings);
15	+ }
16	+
17	+ public function mainUrl($_params = '') {
18	+ if (function_exists('network_admin_url')) {
19	+ return network_admin_url('admin.php?page='.$this->bvinfo->plugname.$_params);
20	+ } else {
21	+ return admin_url('admin.php?page='.$this->bvinfo->plugname.$_params);
22	+ }
23	+ }
24	+
25	+ public function initHandler() {
26	+ if (!current_user_can('activate_plugins'))
27	+ return;
28	+
29	+ if (array_key_exists('bvnonce', $_REQUEST) &&
30	+ wp_verify_nonce($_REQUEST['bvnonce'], "bvnonce") &&
31	+ array_key_exists('blogvaultkey', $_REQUEST) &&
32	+ (strlen($_REQUEST['blogvaultkey']) == 64) &&
33	+ (array_key_exists('page', $_REQUEST) &&
34	+ $_REQUEST['page'] == $this->bvinfo->plugname)) {
35	+ $keys = str_split($_REQUEST['blogvaultkey'], 32);
36	+ WPRAccount::addAccount($this->settings, $keys[0], $keys[1]);
37	+ if (array_key_exists('redirect', $_REQUEST)) {
38	+ $location = $_REQUEST['redirect'];
39	+ wp_redirect($this->bvinfo->appUrl()."/dash/redir?q=".urlencode($location));
40	+ exit();
41	+ }
42	+ }
43	+ if ($this->bvinfo->isActivateRedirectSet()) {
44	+ $this->settings->updateOption($this->bvinfo->plug_redirect, 'no');
45	+ wp_redirect($this->mainUrl());
46	+ }
47	+ }
48	+
49	+ public function menu() {
50	+ $brand = $this->bvinfo->getBrandInfo();
51	+ if (!$brand \|\| (!array_key_exists('hide', $brand) && !array_key_exists('hide_from_menu', $brand))) {
52	+ $bname = $this->bvinfo->getBrandName();
53	+ add_menu_page($bname, $bname, 'manage_options', $this->bvinfo->plugname,
54	+ array($this, 'adminPage'), plugins_url('img/icon.png', __FILE__ ));
55	+ }
56	+ }
57	+
58	+ public function hidePluginDetails($plugin_metas, $slug) {
59	+ $brand = $this->bvinfo->getBrandInfo();
60	+ $bvslug = $this->bvinfo->slug;
61	+
62	+ if ($slug === $bvslug && $brand && array_key_exists('hide_plugin_details', $brand)){
63	+ foreach ($plugin_metas as $pluginKey => $pluginValue) {
64	+ if (strpos($pluginValue, sprintf('>%s<', translate('View details')))) {
65	+ unset($plugin_metas[$pluginKey]);
66	+ break;
67	+ }
68	+ }
69	+ }
70	+ return $plugin_metas;
71	+ }
72	+
73	+ public function settingsLink($links, $file) {
74	+ #XNOTE: Fix this
75	+ if ( $file == plugin_basename( dirname(__FILE__).'/blogvault.php' ) ) {
76	+ $brand = $this->bvinfo->getBrandInfo();
77	+ if (!$brand \|\| !array_key_exists('hide_plugin_details', $brand)) {
78	+ $links[] = '<a href="'.$this->mainUrl().'">'.__( 'Settings' ).'</a>';
79	+ }
80	+ }
81	+ return $links;
82	+ }
83	+
84	+ public function getPluginLogo() {
85	+ $brand = $this->bvinfo->getBrandInfo();
86	+ if ($brand && array_key_exists('logo', $brand)) {
87	+ return $brand['logo'];
88	+ }
89	+ return $this->bvinfo->logo;
90	+ }
91	+
92	+ public function getWebPage() {
93	+ $brand = $this->bvinfo->getBrandInfo();
94	+ if ($brand && array_key_exists('webpage', $brand)) {
95	+ return $brand['webpage'];
96	+ }
97	+ return $this->bvinfo->webpage;
98	+ }
99	+
100	+ public function siteInfoTags() {
101	+ require_once dirname( __FILE__ ) . '/recover.php';
102	+ $bvnonce = wp_create_nonce("bvnonce");
103	+ $public = WPRAccount::getApiPublicKey($this->settings);
104	+ $secret = WPRRecover::defaultSecret($this->settings);
105	+ $tags = "<input type='hidden' name='url' value='".$this->siteinfo->wpurl()."'/>\n".
106	+ "<input type='hidden' name='homeurl' value='".$this->siteinfo->homeurl()."'/>\n".
107	+ "<input type='hidden' name='siteurl' value='".$this->siteinfo->siteurl()."'/>\n".
108	+ "<input type='hidden' name='dbsig' value='".$this->siteinfo->dbsig(false)."'/>\n".
109	+ "<input type='hidden' name='plug' value='".$this->bvinfo->plugname."'/>\n".
110	+ "<input type='hidden' name='adminurl' value='".$this->mainUrl()."'/>\n".
111	+ "<input type='hidden' name='bvversion' value='".$this->bvinfo->version."'/>\n".
112	+ "<input type='hidden' name='serverip' value='".$_SERVER["SERVER_ADDR"]."'/>\n".
113	+ "<input type='hidden' name='abspath' value='".ABSPATH."'/>\n".
114	+ "<input type='hidden' name='secret' value='".$secret."'/>\n".
115	+ "<input type='hidden' name='public' value='".$public."'/>\n".
116	+ "<input type='hidden' name='bvnonce' value='".$bvnonce."'/>\n";
117	+ return $tags;
118	+ }
119	+
120	+ public function activateWarning() {
121	+ global $hook_suffix;
122	+ if (!WPRAccount::isConfigured($this->settings) && $hook_suffix == 'index.php' ) {
123	+ ?>
124	+ <div id="message" class="updated" style="padding: 8px; font-size: 16px; background-color: #dff0d8">
125	+ <a class="button-primary" href="<?php echo $this->mainUrl(); ?>">Activate WPRemote</a>
126	+    <b>Almost Done:</b> Activate your WPRemote account to backup & secure your site.
127	+ </div>
128	+ <?php
129	+ }
130	+ }
131	+
132	+ public function adminPage() {
133	+ wp_enqueue_style( 'bvsurface', plugins_url('css/bvmui.min.css', __FILE__));
134	+ wp_enqueue_style( 'bvplugin', plugins_url('css/bvplugin.min.css', __FILE__));
135	+ if (isset($_REQUEST['bvnonce']) && wp_verify_nonce( $_REQUEST['bvnonce'], 'bvnonce' )) {
136	+ WPRAccount::remove($_REQUEST['pubkey']);
137	+ }
138	+ require_once dirname( __FILE__ ) . '/admin/header.php';
139	+ if (WPRAccount::isConfigured($this->settings)) {
140	+ if (!isset($_REQUEST['add_account'])) {
141	+ require_once dirname( __FILE__ ) . '/admin/main_page.php';
142	+ } else {
143	+ require_once dirname( __FILE__ ) . '/admin/add_new_acc.php';
144	+ }
145	+ } else {
146	+ require_once dirname( __FILE__ ) . '/admin/add_new_acc.php';
147	+ }
148	+ }
149	+
150	+ public function initBranding($plugins) {
151	+ $slug = $this->bvinfo->slug;
152	+ $brand = $this->bvinfo->getBrandInfo();
153	+ if ($brand) {
154	+ if (array_key_exists('hide', $brand)) {
155	+ unset($plugins[$slug]);
156	+ } else {
157	+ if (array_key_exists('name', $brand)) {
158	+ $plugins[$slug]['Name'] = $brand['name'];
159	+ }
160	+ if (array_key_exists('title', $brand)) {
161	+ $plugins[$slug]['Title'] = $brand['title'];
162	+ }
163	+ if (array_key_exists('description', $brand)) {
164	+ $plugins[$slug]['Description'] = $brand['description'];
165	+ }
166	+ if (array_key_exists('authoruri', $brand)) {
167	+ $plugins[$slug]['AuthorURI'] = $brand['authoruri'];
168	+ }
169	+ if (array_key_exists('author', $brand)) {
170	+ $plugins[$slug]['Author'] = $brand['author'];
171	+ }
172	+ if (array_key_exists('authorname', $brand)) {
173	+ $plugins[$slug]['AuthorName'] = $brand['authorname'];
174	+ }
175	+ if (array_key_exists('pluginuri', $brand)) {
176	+ $plugins[$slug]['PluginURI'] = $brand['pluginuri'];
177	+ }
178	+ }
179	+ }
180	+ return $plugins;
181	+ }
182	+ }
183	+ endif;

wp_api.php ADDED Viewed

	@@ -0,0 +1,38 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPAPI')) :
5	+ class WPRWPAPI {
6	+ public $settings;
7	+
8	+ public function __construct($settings) {
9	+ $this->settings = $settings;
10	+ }
11	+
12	+ public function pingbv($method, $body, $public = false) {
13	+ if ($public) {
14	+ $this->create_request_params($method, $public);
15	+ } else {
16	+ $accounts = WPRAccount::allAccounts($this->settings);
17	+ foreach ($accounts as $pubkey => $value ) {
18	+ $this->create_request_params($method, $pubkey);
19	+ }
20	+ }
21	+ }
22	+
23	+ public function create_request_params($method, $pubkey) {
24	+ $account = WPRAccount::find($this->settings, $pubkey);
25	+ $url = $account->authenticatedUrl($method);
26	+ $this->http_request($url, $body);
27	+ }
28	+
29	+ public function http_request($url, $body) {
30	+ $_body = array(
31	+ 'method' => 'POST',
32	+ 'timeout' => 15,
33	+ 'body' => $body);
34	+
35	+ return wp_remote_post($url, $_body);
36	+ }
37	+ }
38	+ endif;

wp_db.php ADDED Viewed

	@@ -0,0 +1,172 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPDb')) :
5	+
6	+ class WPRWPDb {
7	+ public function dbprefix() {
8	+ global $wpdb;
9	+ $prefix = $wpdb->base_prefix ? $wpdb->base_prefix : $wpdb->prefix;
10	+ return $prefix;
11	+ }
12	+
13	+ public function prepare($query, $args) {
14	+ global $wpdb;
15	+ return $wpdb->prepare($query, $args);
16	+ }
17	+
18	+ public function getSiteId() {
19	+ global $wpdb;
20	+ return $wpdb->siteid;
21	+ }
22	+
23	+ public function getResult($query, $obj = ARRAY_A) {
24	+ global $wpdb;
25	+ return $wpdb->get_results($query, $obj);
26	+ }
27	+
28	+ public function query($query) {
29	+ global $wpdb;
30	+ return $wpdb->query($query);
31	+ }
32	+
33	+ public function getVar($query, $col = 0, $row = 0) {
34	+ global $wpdb;
35	+ return $wpdb->get_var($query, $col, $row);
36	+ }
37	+
38	+ public function getCol($query, $col = 0) {
39	+ global $wpdb;
40	+ return $wpdb->get_col($query, $col);
41	+ }
42	+
43	+ public function tableName($table) {
44	+ return $table[0];
45	+ }
46	+
47	+ public function showTables() {
48	+ $tables = $this->getResult("SHOW TABLES", ARRAY_N);
49	+ return array_map(array($this, 'tableName'), $tables);
50	+ }
51	+
52	+ public function showTableStatus() {
53	+ return $this->getResult("SHOW TABLE STATUS");
54	+ }
55	+
56	+ public function tableKeys($table) {
57	+ return $this->getResult("SHOW KEYS FROM $table;");
58	+ }
59	+
60	+ public function describeTable($table) {
61	+ return $this->getResult("DESCRIBE $table;");
62	+ }
63	+
64	+ public function checkTable($table, $type) {
65	+ return $this->getResult("CHECK TABLE $table $type;");
66	+ }
67	+
68	+ public function repairTable($table) {
69	+ return $this->getResult("REPAIR TABLE $table;");
70	+ }
71	+
72	+ public function showTableCreate($table) {
73	+ return $this->getVar("SHOW CREATE TABLE $table;", 1);
74	+ }
75	+
76	+ public function rowsCount($table) {
77	+ $count = $this->getVar("SELECT COUNT(*) FROM $table;");
78	+ return intval($count);
79	+ }
80	+
81	+ public function createTable($query, $name, $usedbdelta = false) {
82	+ $table = $this->getBVTable($name);
83	+ if (!$this->isTablePresent($table)) {
84	+ if ($usedbdelta) {
85	+ if (!function_exists('dbDelta'))
86	+ require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
87	+ dbDelta($query);
88	+ } else {
89	+ $this->query($query);
90	+ }
91	+ }
92	+ return $this->isTablePresent($table);
93	+ }
94	+
95	+ public function alterBVTable($query, $name) {
96	+ $resp = false;
97	+ $table = $this->getBVTable($name);
98	+ if ($this->isTablePresent($table)) {
99	+ $resp = $this->query($query);
100	+ }
101	+ return $resp;
102	+ }
103	+
104	+ public function getTableContent($table, $fields = '*', $filter = '', $limit = 0, $offset = 0) {
105	+ $query = "SELECT $fields from $table $filter";
106	+ if ($limit > 0)
107	+ $query .= " LIMIT $limit";
108	+ if ($offset > 0)
109	+ $query .= " OFFSET $offset";
110	+ $rows = $this->getResult($query);
111	+ return $rows;
112	+ }
113	+
114	+ public function isTablePresent($table) {
115	+ return ($this->getVar("SHOW TABLES LIKE '$table'") === $table);
116	+ }
117	+
118	+ public function getCharsetCollate() {
119	+ global $wpdb;
120	+ return $wpdb->get_charset_collate();
121	+ }
122	+
123	+ public function getWPTable($name) {
124	+ return ($this->dbprefix() . $name);
125	+ }
126	+
127	+ public function getBVTable($name) {
128	+ return ($this->getWPTable("bv_" . $name));
129	+ }
130	+
131	+ public function truncateBVTable($name) {
132	+ $table = $this->getBVTable($name);
133	+ if ($this->isTablePresent($table)) {
134	+ return $this->query("TRUNCATE TABLE $table;");
135	+ } else {
136	+ return false;
137	+ }
138	+ }
139	+
140	+ public function deleteBVTableContent($name, $filter = "") {
141	+ $table = $this->getBVTable($name);
142	+ if ($this->isTablePresent($table)) {
143	+ return $this->query("DELETE FROM $table $filter;");
144	+ } else {
145	+ return false;
146	+ }
147	+ }
148	+
149	+ public function dropBVTable($name) {
150	+ $table = $this->getBVTable($name);
151	+ if ($this->isTablePresent($table)) {
152	+ $this->query("DROP TABLE IF EXISTS $table;");
153	+ }
154	+ return !$this->isTablePresent($table);
155	+ }
156	+
157	+ public function deleteRowsFromtable($name, $count = 1) {
158	+ $table = $this->getBVTable($name);
159	+ if ($this->isTablePresent($table)) {
160	+ return $this->getResult("DELETE FROM $table LIMIT $count;");
161	+ } else {
162	+ return false;
163	+ }
164	+ }
165	+
166	+ public function replaceIntoBVTable($name, $value) {
167	+ global $wpdb;
168	+ $table = $this->getBVTable($name);
169	+ return $wpdb->replace($table, $value);
170	+ }
171	+ }
172	+ endif;

wp_dynsync.php ADDED Viewed

	@@ -0,0 +1,572 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('BVWPDynSync')) :
5	+
6	+ class BVWPDynSync {
7	+
8	+ public static $dynsync_table = 'dynamic_sync';
9	+ public $db;
10	+ public $settings;
11	+
12	+ public function __construct($db, $settings) {
13	+ $this->db = $db;
14	+ $this->settings = $settings;
15	+ }
16	+
17	+ function init() {
18	+ $this->add_actions_and_listeners();
19	+ add_action('clear_dynsync_config', array($this, 'clearConfig'));
20	+ }
21	+
22	+ public function clearConfig() {
23	+ $this->settings->deleteOption('bvdynplug');
24	+ $this->settings->deleteOption('bvDynSyncActive');
25	+ $this->settings->deleteOption('bvWooDynSync');
26	+ $this->db->dropBVTable(BVWPDynSync::$dynsync_table);
27	+ }
28	+
29	+ function add_event($event_type, $event_data) {
30	+ global $wp_current_filter;
31	+ $site_id = get_current_blog_id();
32	+ $values = array ( "event_type" => $event_type, "event_tag" => end($wp_current_filter), "event_data" => maybe_serialize($event_data), "site_id" => $site_id);
33	+ $this->db->replaceIntoBVTable(BVWPDynSync::$dynsync_table, $values);
34	+ }
35	+
36	+ function add_db_event($table, $message) {
37	+ $_msg = array();
38	+ $_msg['table'] = $table;
39	+ $_msg['data'] = $message;
40	+ $this->add_event('db', $_msg);
41	+ }
42	+
43	+ function post_action_handler($post_id) {
44	+ if (current_filter() == 'delete_post')
45	+ $msg_type = 'delete';
46	+ else
47	+ $msg_type = 'edit';
48	+ $this->add_db_event('posts', array('ID' => $post_id, 'msg_type' => $msg_type));
49	+ }
50	+
51	+ function get_ignored_postmeta() {
52	+ $defaults = array(
53	+ '_excluded_links'
54	+ );
55	+ $ignored_postmeta = $this->settings->getOption('bvIgnoredPostmeta');
56	+ if (empty($ignored_postmeta)) {
57	+ $ignored_postmeta = array();
58	+ }
59	+ return array_unique(array_merge($defaults, $ignored_postmeta));
60	+ }
61	+
62	+ function postmeta_insert_handler($meta_id, $post_id, $meta_key, $meta_value='') {
63	+ if (in_array($meta_key, $this->get_ignored_postmeta(), true))
64	+ return;
65	+ $this->add_db_event('postmeta', array('meta_id' => $meta_id));
66	+ }
67	+
68	+ function postmeta_modification_handler($meta_id, $object_id, $meta_key, $meta_value) {
69	+ if (in_array($meta_key, $this->get_ignored_postmeta(), true))
70	+ return;
71	+ if (!is_array($meta_id))
72	+ return $this->add_db_event('postmeta', array('meta_id' => $meta_id));
73	+ foreach ($meta_id as $id) {
74	+ $this->add_db_event('postmeta', array('meta_id' => $id));
75	+ }
76	+ }
77	+
78	+ function postmeta_action_handler($meta_id, $post_id = null, $meta_key = null) {
79	+ if (in_array($meta_key, $this->get_ignored_postmeta(), true))
80	+ return;
81	+ if ( !is_array($meta_id) )
82	+ return $this->add_db_event('postmeta', array('meta_id' => $meta_id));
83	+ foreach ( $meta_id as $id )
84	+ $this->add_db_event('postmeta', array('meta_id' => $id));
85	+ }
86	+
87	+ function comment_action_handler($comment_id) {
88	+ if (current_filter() == 'delete_comment')
89	+ $msg_type = 'delete';
90	+ else
91	+ $msg_type = 'edit';
92	+ if (!is_array($comment_id)) {
93	+ if (wp_get_comment_status($comment_id) != 'spam')
94	+ $this->add_db_event('comments', array('comment_ID' => $comment_id, 'msg_type' => $msg_type));
95	+ } else {
96	+ foreach ($comment_id as $id) {
97	+ if (wp_get_comment_status($comment_id) != 'spam')
98	+ $this->add_db_event('comments', array('comment_ID' => $idi, 'msg_type' => $msg_type));
99	+ }
100	+ }
101	+ }
102	+
103	+ function commentmeta_insert_handler($meta_id, $comment_id = null) {
104	+ if (empty($comment_id) \|\| wp_get_comment_status($comment_id) != 'spam')
105	+ $this->add_db_event('commentmeta', array('meta_id' => $meta_id));
106	+ }
107	+
108	+ function commentmeta_modification_handler($meta_id, $object_id, $meta_key, $meta_value) {
109	+ if (current_filter() == 'deleted_comment_meta')
110	+ $msg_type = 'delete';
111	+ else
112	+ $msg_type = 'edit';
113	+ if (!is_array($meta_id))
114	+ return $this->add_db_event('commentmeta', array('meta_id' => $meta_id, 'msg_type' => $msg_type));
115	+ foreach ($meta_id as $id) {
116	+ $this->add_db_event('commentmeta', array('meta_id' => $id, 'msg_type' => $msg_type));
117	+ }
118	+ }
119	+
120	+ function userid_action_handler($user_or_id) {
121	+ if (is_object($user_or_id))
122	+ $userid = intval( $user_or_id->ID );
123	+ else
124	+ $userid = intval( $user_or_id );
125	+ if ( !$userid )
126	+ return;
127	+ if (current_filter() == 'deleted_user')
128	+ $msg_type = 'delete';
129	+ else
130	+ $msg_type = 'edit';
131	+
132	+ $this->add_db_event('users', array('ID' => $userid));
133	+ }
134	+
135	+ function usermeta_insert_handler($umeta_id, $user_id = null) {
136	+ $this->add_db_event('usermeta', array('umeta_id' => $umeta_id));
137	+ }
138	+
139	+ function usermeta_modification_handler($umeta_id, $object_id, $meta_key, $meta_value = '') {
140	+ if (current_filter() == 'delete_usermeta')
141	+ $msg_type = 'delete';
142	+ else
143	+ $msg_type = 'edit';
144	+ if (!is_array($umeta_id))
145	+ return $this->add_db_event('usermeta', array('umeta_id' => $umeta_id, 'msg_type' => $msg_type));
146	+ foreach ($umeta_id as $id) {
147	+ $this->add_db_event('usermeta', array('umeta_id' => $id, 'msg_type' => $msg_type));
148	+ }
149	+ }
150	+
151	+ function link_action_handler($link_id) {
152	+ $this->add_db_event('links', array('link_id' => $link_id));
153	+ }
154	+
155	+ function edited_terms_handler($term_id, $taxonomy = null) {
156	+ $this->add_db_event('terms', array('term_id' => $term_id));
157	+ }
158	+
159	+ function term_handler($term_id, $tt_id, $taxonomy) {
160	+ $this->add_db_event('terms', array('term_id' => $term_id));
161	+ $this->term_taxonomy_handler($tt_id, $taxonomy);
162	+ }
163	+
164	+ function delete_term_handler($term, $tt_id, $taxonomy, $deleted_term ) {
165	+ $this->add_db_event('terms', array('term_id' => $term, 'msg_type' => 'delete'));
166	+ }
167	+
168	+ function term_taxonomy_handler($tt_id, $taxonomy = null) {
169	+ $this->add_db_event('term_taxonomy', array('term_taxonomy_id' => $tt_id));
170	+ }
171	+
172	+ function term_taxonomies_handler($tt_ids) {
173	+ foreach((array)$tt_ids as $tt_id) {
174	+ $this->term_taxonomy_handler($tt_id);
175	+ }
176	+ }
177	+
178	+ function term_relationship_handler($object_id, $term_id) {
179	+ $this->add_db_event('term_relationships', array('term_taxonomy_id' => $term_id, 'object_id' => $object_id));
180	+ }
181	+
182	+ function term_relationships_handler($object_id, $term_ids) {
183	+ foreach ((array)$term_ids as $term_id) {
184	+ $this->term_relationship_handler($object_id, $term_id);
185	+ }
186	+ }
187	+
188	+ function set_object_terms_handler( $object_id, $terms, $tt_ids ) {
189	+ $this->term_relationships_handler( $object_id, $tt_ids );
190	+ }
191	+
192	+ function get_ignored_options() {
193	+ $defaults = array(
194	+ 'cron',
195	+ 'wpsupercache_gc_time',
196	+ 'rewrite_rules',
197	+ 'akismet_spam_count',
198	+ 'iwp_client_user_hit_count',
199	+ '_disqus_sync_lock',
200	+ 'stats_cache'
201	+ );
202	+ $ignored_options = $this->settings->getOption('bvIgnoredOptions');
203	+ if (empty($ignored_options)) {
204	+ $ignored_options = array();
205	+ }
206	+ return array_unique(array_merge($defaults, $ignored_options));
207	+ }
208	+
209	+ function get_ping_permission($option_name) {
210	+ $ping_permitted = true;
211	+ $ignored_options = $this->get_ignored_options();
212	+ foreach($ignored_options as $val) {
213	+ if ($val{0} == '/') {
214	+ if (preg_match($val, $option_name))
215	+ $ping_permitted = false;
216	+ } else {
217	+ if ($val == $option_name)
218	+ $ping_permitted = false;
219	+ }
220	+ if (!$ping_permitted)
221	+ break;
222	+ }
223	+ return $ping_permitted;
224	+ }
225	+
226	+ function option_handler($option_name) {
227	+ if (current_filter() == 'deleted_option')
228	+ $msg_type = 'delete';
229	+ else
230	+ $msg_type = 'edit';
231	+ $ping_permitted = $this->get_ping_permission($option_name);
232	+ if ($ping_permitted)
233	+ $this->add_db_event('options', array('option_name' => $option_name, 'msg_type' => 'delete'));
234	+ return $option_name;
235	+ }
236	+
237	+ function theme_action_handler($theme) {
238	+ $this->add_event('themes', array('theme' => $this->settings->getOption('stylesheet')));
239	+ }
240	+
241	+ function plugin_action_handler($plugin='') {
242	+ $this->add_event('plugins', array('name' => $plugin));
243	+ }
244	+
245	+ function upload_handler($file) {
246	+ $this->add_event('uploads', array('file' => $file['file']));
247	+ return $file;
248	+ }
249	+
250	+ function wpmu_new_blog_create_handler($site_id) {
251	+ $this->add_db_event('blogs', array('site_id' => $site_id));
252	+ }
253	+
254	+ function sitemeta_handler($option) {
255	+ $ping_permitted = $this->get_ping_permission($option);
256	+ if ($ping_permitted && is_multisite()) {
257	+ $this->add_db_event('sitemeta', array('site_id' => $this->db->getSiteId(), 'meta_key' => $option));
258	+ }
259	+ return $ping_permitted;
260	+ }
261	+
262	+ /* WOOCOMMERCE SUPPORT FUNCTIONS BEGINS FROM HERE*/
263	+
264	+ function woocommerce_resume_order_handler($order_id) {
265	+ $this->add_db_event('woocommerce_order_items', array('order_id' => $order_id, 'msg_type' => 'delete'));
266	+ $meta_ids = array();
267	+ $itemmeta_table = $this->db->getWPTable('woocommerce_order_itemmeta');
268	+ $items_table = $this->db->getWPTable('woocommerce_order_items');
269	+ foreach( $this->db->getResult($this->db->prepare("SELECT {$itemmeta_table}.meta_id FROM {$itemmeta_table} INNER JOIN {$items_table} WHERE {$items_table}.order_item_id = {$itemmeta_table}.order_item_id AND {$items_table}.order_id = %d", $order_id)) as $key => $row) {
270	+ if (!in_array($row->meta_id, $meta_ids, true)) {
271	+ $meta_ids[] = $row->meta_id;
272	+ $this->add_db_event('woocommerce_order_itemmeta', array('meta_id' => $row->meta_id, 'msg_type' => 'delete'));
273	+ }
274	+ }
275	+ }
276	+
277	+ function woocommerce_new_order_item_handler($item_id, $item, $order_id) {
278	+ $this->add_db_event('woocommerce_order_items', array('order_item_id' => $item_id));
279	+ $this->add_db_event('woocommerce_order_itemmeta', array('order_item_id' => $item_id));
280	+ }
281	+
282	+ function woocommerce_update_order_item_handler($item_id, $args){
283	+ $this->add_db_event('woocommerce_order_items', array('order_item_id' => $item_id));
284	+ }
285	+
286	+ function woocommerce_delete_order_item_handler($item_id) {
287	+ $this->add_db_event('woocommerce_order_itemmeta', array('order_item_id' => $item_id, 'msg_type' => 'delete'));
288	+ $this->add_db_event('woocommerce_order_items', array('order_item_id' => $item_id, 'msg_type' => 'delete'));
289	+ }
290	+
291	+ function woocommerce_downloadable_product_permissions_delete_handler($bool, $download_id, $product_id, $order) {
292	+ $this->add_db_event('woocommerce_downloadable_product_permissions', array('order_id' => $order->id, 'product_id' => $product_id, 'download_id' => $download_id));
293	+ return true;
294	+ }
295	+
296	+ function woocommerce_attribute_added_handler($attribute_id, $attribute) {
297	+ $this->add_db_event('woocommerce_attribute_taxonomies', array('attribute_id' => $attribute_id));
298	+ }
299	+
300	+ function woocommerce_attribute_updated_handler($attribute_id, $attribute, $old_attribute_name) {
301	+ $this->add_db_event('woocommerce_attribute_taxonomies', array('attribute_id' => $attribute_id));
302	+ # $woocommerce->attribute_taxonomy_name( $attribute_name )
303	+ $this->add_db_event('term_taxonomy', array('taxonomy' => wc_attribute_taxonomy_name($attribute['attribute_name'])));
304	+ # sanitize_title( $attribute_name )
305	+ $this->add_db_event('woocommerce_termmeta', array('meta_key' => 'order_pa_' . $attribute['attribute_name']));#deprecated
306	+ $this->add_db_event('termmeta', array('meta_key' => 'order_pa_' . $attribute['attribute_name']));
307	+ $this->add_db_event('postmeta', array('meta_key' => '_product_attributes'));
308	+ # sanitize_title( $attribute_name )
309	+ $this->add_db_event('postmeta', array('meta_key' => 'attribute_pa_' . $attribute['attribute_name']));
310	+ }
311	+
312	+ function woocommerce_attribute_deleted_handler($attribute_id, $attribute_name, $taxonomy) {
313	+ return $this->add_db_event('woocommerce_attribute_taxonomies', array('attribute_id' => $attribute_id, 'msg_type' => 'delete'));
314	+ }
315	+
316	+ function woocommerce_revoke_access_to_product_download_handler($download_id, $product_id, $order_id, $permission_id ) {
317	+ $this->add_db_event('woocommerce_downloadable_product_permissions', array('permission_id' => $permission_id, 'msg_type' => 'delete'));
318	+ }
319	+
320	+ function woocommerce_tax_rate_handler($tax_rate_id, $_tax_rate) {
321	+ $this->add_db_event('woocommerce_tax_rates', array('tax_rate_id' => $tax_rate_id));
322	+ $this->add_db_event('woocommerce_tax_rate_locations', array('tax_rate_id' => $tax_rate_id));
323	+ }
324	+
325	+ function woocommerce_tax_rate_deleted_handler($tax_rate_id) {
326	+ $this->add_db_event('woocommerce_tax_rates', array('tax_rate_id' => $tax_rate_id, 'msg_type' => 'delete'));
327	+ $this->add_db_event('woocommerce_tax_rate_locations', array('tax_rate_id' => $tax_rate_id, 'msg_type' => 'delete'));
328	+ }
329	+
330	+ function woocommerce_grant_product_download_access_handler($data) {
331	+ $this->add_db_event('woocommerce_downloadable_product_permissions', array('download_id' => $data['download_id'], 'user_id' => $data['user_id'], 'order_id' => $data['order_id'], 'product_id' => $data['product_id']));
332	+ }
333	+
334	+ function woocommerce_download_product_handler($user_email, $order_key, $product_id, $user_id, $download_id, $order_id) {
335	+ $this->add_db_event('woocommerce_downloadable_product_permissions', array('order_id' => $order_id, 'user_id' => $user_id, 'order_key' => $order_key, 'product_id' => $product_id));
336	+ }
337	+
338	+ function woocommerce_delete_order_items_handler($postid) {
339	+ $meta_ids = array();
340	+ $order_item_ids = array();
341	+ foreach( $this->db->getResult("SELECT {$this->db->dbprefix}woocommerce_order_itemmeta.meta_id, {$this->db->dbprefix}woocommerce_order_items.order_item_id FROM {$this->db->dbprefix}woocommerce_order_items JOIN {$this->db->dbprefix}woocommerce_order_itemmeta ON {$this->db->dbprefix}woocommerce_order_items.order_item_id = {$this->db->dbprefix}woocommerce_order_itemmeta.order_item_id WHERE {$this->db->dbprefix}woocommerce_order_items.order_id = '{$postid}'") as $key => $row) {
342	+ if (!in_array($row->meta_id, $meta_ids, true)) {
343	+ $meta_ids[] = $row->meta_id;
344	+ $this->add_db_event('woocommerce_order_itemmeta', array('meta_id' => $row->meta_id, 'msg_type' => 'delete'));
345	+ }
346	+ if (!in_array($row->order_item_id, $order_item_ids, true)) {
347	+ $order_item_ids[] = $row->order_item_id;
348	+ $this->add_db_event('woocommerce_order_items', array('order_item_id' => $row->order_item_id, 'msg_type' => 'delete'));
349	+ }
350	+ }
351	+ }
352	+
353	+ function woocommerce_payment_token_handler($token_id) {
354	+ $this->add_db_event('woocommerce_payment_tokens', array('token_id' => $token_id));
355	+ }
356	+
357	+ function woocommerce_payment_token_deleted_handler($token_id, $object) {
358	+ $this->add_db_event('woocommerce_payment_tokens', array('token_id' => $token_id, 'msg_type' => 'delete'));
359	+ $this->add_db_event('woocommerce_payment_tokenmeta', array('payment_token_id' => $token_id, 'msg_type' => 'delete'));
360	+ }
361	+
362	+ function woocommerce_shipping_zone_method_added_handler($instance_id, $method_id, $zone_id) {
363	+ $this->add_db_event('woocommerce_shipping_zone_methods', array('instance_id' => $instance_id));
364	+ $this->add_db_event('woocommerce_shipping_zones', array('zone_id' => $zone_id));
365	+ $this->add_db_event('woocommerce_shipping_zone_locations', array('zone_id' => $zone_id));
366	+ }
367	+
368	+ function woocommerce_shipping_zone_method_deleted_handler($instance_id, $method_id, $zone_id) {
369	+ $this->add_db_event('woocommerce_shipping_zone_methods', array('instance_id' => $instance_id, 'msg_type' => 'delete'));
370	+ }
371	+
372	+ function woocommerce_shipping_zone_method_status_toggled_handler($instance_id, $method_id, $zone_id, $is_enabled) {
373	+ $this->add_db_event('woocommerce_shipping_zone_methods', array('instance_id' => absint( $instance_id )));
374	+ }
375	+
376	+ function woocommerce_deleted_order_downloadable_permissions_handler($post_id) {
377	+ $this->add_db_event('woocommerce_downloadable_product_permissions', array('order_id' => $post_id, 'msg_type' => 'delete'));
378	+ }
379	+
380	+ function woocommerce_delete_shipping_zone_handler($zone_id) {
381	+ $this->add_db_event('woocommerce_shipping_zone_methods', array('zone_id' => $zone_id, 'msg_type' => 'delete'));
382	+ $this->add_db_event('woocommerce_shipping_zone_locations', array('zone_id' => $zone_id, 'msg_type' => 'delete'));
383	+ $this->add_db_event('woocommerce_shipping_zones', array('zone_id' => $zone_id, 'msg_type' => 'delete'));
384	+ }
385	+
386	+ function woocommerce_webhook_handler($webhook_id) {
387	+ $this->add_db_event('wc_webhooks', array('webhook_id' => $webhook_id));
388	+ }
389	+
390	+ function woocommerce_webhook_delete_handler($webhook_id, $webhook) {
391	+ $this->add_db_event('wc_webhooks', array('webhook_id' => $webhook_id, 'msg_type' => 'delete'));
392	+ }
393	+
394	+ function woocommerce_delete_shipping_zone_method_handler($instance_id) {
395	+ $this->add_db_event('woocommerce_shipping_zone_methods', array('instance_id' => $instance_id, 'msg_type' => 'delete'));
396	+ }
397	+
398	+ function woocommerce_order_term_meta_handler($meta_id, $object_id, $meta_key, $meta_value) {
399	+ if (current_filter() == 'deleted_order_item_meta')
400	+ $msg_type = 'delete';
401	+ else
402	+ $msg_type = 'edit';
403	+ if (!is_array($meta_id)) {
404	+ $this->add_db_event('woocommerce_order_itemmeta', array('meta_id' => $meta_id, 'msg_type' => $msg_type));
405	+ } else {
406	+ foreach ($meta_id as $id) {
407	+ $this->add_db_event('woocommerce_order_itemmeta', array('meta_id' => $id, 'msg_type' => $msg_type));
408	+ }
409	+ }
410	+ }
411	+
412	+ function woocommerce_payment_token_meta_handler($meta_id, $object_id, $meta_key, $meta_value) {
413	+ if (current_filter() == 'deleted_payment_token_meta')
414	+ $msg_type = 'delete';
415	+ else
416	+ $msg_type = 'edit';
417	+ if (!is_array($meta_id)) {
418	+ $this->add_db_event('woocommerce_payment_tokenmeta', array('meta_id' => $meta_id, 'msg_type' => $msg_type));
419	+ } else {
420	+ foreach ($meta_id as $id) {
421	+ $this->add_db_event('woocommerce_payment_tokenmeta', array('meta_id' => $id, 'msg_type' => $msg_type));
422	+ }
423	+ }
424	+ }
425	+
426	+ function woocommerce_api_product_attribute_handler($id, $data) {
427	+ $this->add_db_event('woocommerce_attribute_taxonomies', array('attribute_id' => $id));
428	+ }
429	+
430	+
431	+ /* ADDING ACTION AND LISTENERS FOR CAPTURING EVENTS. */
432	+ public function add_actions_and_listeners() {
433	+ /* CAPTURING EVENTS FOR WP_COMMENTS TABLE */
434	+ add_action('delete_comment', array($this, 'comment_action_handler'));
435	+ add_action('wp_set_comment_status', array($this, 'comment_action_handler'));
436	+ add_action('trashed_comment', array($this, 'comment_action_handler'));
437	+ add_action('untrashed_comment', array($this, 'comment_action_handler'));
438	+ add_action('wp_insert_comment', array($this, 'comment_action_handler'));
439	+ add_action('comment_post', array($this, 'comment_action_handler'));
440	+ add_action('edit_comment', array($this, 'comment_action_handler'));
441	+
442	+ /* CAPTURING EVENTS FOR WP_COMMENTMETA TABLE */
443	+ add_action('added_comment_meta', array($this, 'commentmeta_insert_handler' ), 10, 2);
444	+ add_action('updated_comment_meta', array($this, 'commentmeta_modification_handler'), 10, 4);
445	+ add_action('deleted_comment_meta', array($this, 'commentmeta_modification_handler'), 10, 4);
446	+
447	+ /* CAPTURING EVENTS FOR WP_USERMETA TABLE */
448	+ add_action('added_user_meta', array($this, 'usermeta_insert_handler' ), 10, 2);
449	+ add_action('updated_user_meta', array($this, 'usermeta_modification_handler' ), 10, 4);
450	+ add_action('deleted_user_meta', array($this, 'usermeta_modification_handler' ), 10, 4);
451	+ add_action('added_usermeta', array( $this, 'usermeta_modification_handler'), 10, 4);
452	+ add_action('update_usermeta', array( $this, 'usermeta_modification_handler'), 10, 4);
453	+ add_action('delete_usermeta', array( $this, 'usermeta_modification_handler'), 10, 4);
454	+
455	+ /* CAPTURING EVENTS FOR WP_USERS TABLE */
456	+ add_action('user_register', array($this, 'userid_action_handler'));
457	+ add_action('password_reset', array($this, 'userid_action_handler'));
458	+ add_action('profile_update', array($this, 'userid_action_handler'));
459	+ add_action('deleted_user', array($this, 'userid_action_handler'));
460	+
461	+ /* CAPTURING EVENTS FOR WP_POSTS TABLE */
462	+ add_action('delete_post', array($this, 'post_action_handler'));
463	+ add_action('trash_post', array($this, 'post_action_handler'));
464	+ add_action('untrash_post', array($this, 'post_action_handler'));
465	+ add_action('edit_post', array($this, 'post_action_handler'));
466	+ add_action('save_post', array($this, 'post_action_handler'));
467	+ add_action('wp_insert_post', array($this, 'post_action_handler'));
468	+ add_action('edit_attachment', array($this, 'post_action_handler'));
469	+ add_action('add_attachment', array($this, 'post_action_handler'));
470	+ add_action('delete_attachment', array($this, 'post_action_handler'));
471	+ add_action('private_to_published', array($this, 'post_action_handler'));
472	+ add_action('wp_restore_post_revision', array($this, 'post_action_handler'));
473	+
474	+ /* CAPTURING EVENTS FOR WP_POSTMETA TABLE */
475	+ // Why events for both delete and deleted
476	+ add_action('added_post_meta', array($this, 'postmeta_insert_handler'), 10, 4);
477	+ add_action('update_post_meta', array($this, 'postmeta_modification_handler'), 10, 4);
478	+ add_action('updated_post_meta', array($this, 'postmeta_modification_handler'), 10, 4);
479	+ add_action('delete_post_meta', array($this, 'postmeta_modification_handler'), 10, 4);
480	+ add_action('deleted_post_meta', array($this, 'postmeta_modification_handler'), 10, 4);
481	+ add_action('added_postmeta', array($this, 'postmeta_action_handler'), 10, 3);
482	+ add_action('update_postmeta', array($this, 'postmeta_action_handler'), 10, 3);
483	+ add_action('delete_postmeta', array($this, 'postmeta_action_handler'), 10, 3);
484	+
485	+ /* CAPTURING EVENTS FOR WP_LINKS TABLE */
486	+ add_action('edit_link', array($this, 'link_action_handler'));
487	+ add_action('add_link', array($this, 'link_action_handler'));
488	+ add_action('delete_link', array($this, 'link_action_handler'));
489	+
490	+ /* CAPTURING EVENTS FOR WP_TERM AND WP_TERM_TAXONOMY TABLE */
491	+ add_action('created_term', array($this, 'term_handler'), 10, 3);
492	+ add_action('edited_term', array( $this, 'term_handler' ), 10, 3);
493	+ add_action('edited_terms', array($this, 'edited_terms_handler'), 10, 2);
494	+ add_action('delete_term', array($this, 'delete_term_handler'), 10, 4);
495	+ add_action('edit_term_taxonomy', array($this, 'term_taxonomy_handler'), 10, 2);
496	+ add_action('delete_term_taxonomy', array($this, 'term_taxonomy_handler'));
497	+ add_action('edit_term_taxonomies', array($this, 'term_taxonomies_handler'));
498	+ add_action('add_term_relationship', array($this, 'term_relationship_handler'), 10, 2);
499	+ add_action('delete_term_relationships', array($this, 'term_relationships_handler'), 10, 2);
500	+ add_action('set_object_terms', array($this, 'set_object_terms_handler'), 10, 3);
501	+
502	+ add_action('switch_theme', array($this, 'theme_action_handler'));
503	+ add_action('activate_plugin', array($this, 'plugin_action_handler'));
504	+ add_action('deactivate_plugin', array($this, 'plugin_action_handler'));
505	+
506	+ /* CAPTURING EVENTS FOR WP_OPTIONS */
507	+ add_action('deleted_option', array($this, 'option_handler'));
508	+ add_action('updated_option', array($this, 'option_handler'));
509	+ add_action('added_option', array($this, 'option_handler'));
510	+
511	+ /* CAPTURING EVENTS FOR FILES UPLOAD */
512	+ add_action('wp_handle_upload', array($this, 'upload_handler'));
513	+
514	+ /* These are applicable only in case of WPMU */
515	+ /* XNOTE: Handle registration_log_handler from within the server */
516	+ add_action('wpmu_new_blog', array($this, 'wpmu_new_blog_create_handler'), 10, 1);
517	+ add_action('refresh_blog_details', array($this, 'wpmu_new_blog_create_handler'), 10, 1);
518	+ add_action('delete_site_option',array($this, 'sitemeta_handler'), 10, 1);
519	+ add_action('add_site_option', array($this, 'sitemeta_handler'), 10, 1);
520	+ add_action('update_site_option', array($this, 'sitemeta_handler'), 10, 1);
521	+
522	+ $is_woo_dyn = $this->settings->getOption('bvWooDynSync');
523	+ if ($is_woo_dyn == 'yes') {
524	+ add_action('woocommerce_resume_order', array($this, 'woocommerce_resume_order_handler'), 10, 1);
525	+ add_action('woocommerce_new_order_item', array($this, 'woocommerce_new_order_item_handler'), 10, 3);
526	+ add_action('woocommerce_update_order_item', array($this, 'woocommerce_update_order_item_handler'), 10, 2);
527	+ add_action('woocommerce_delete_order_item', array($this, 'woocommerce_delete_order_item_handler'), 10, 1);
528	+ add_action('woocommerce_delete_order_items', array($this, 'woocommerce_delete_order_items_handler'), 10, 1);
529	+ add_action('added_order_item_meta', array($this, 'woocommerce_order_term_meta_handler' ), 10, 4);
530	+ add_action('updated_order_item_meta', array($this, 'woocommerce_order_term_meta_handler'), 10, 4);
531	+ add_action('deleted_order_item_meta', array($this, 'woocommerce_order_term_meta_handler'), 10, 4);
532	+
533	+ add_action('woocommerce_attribute_added', array($this, 'woocommerce_attribute_added_handler' ), 10, 2 );
534	+ add_action('woocommerce_attribute_updated', array($this, 'woocommerce_attribute_updated_handler'), 10, 3 );
535	+ add_action('woocommerce_attribute_deleted', array($this, 'woocommerce_attribute_deleted_handler'), 10, 3 );
536	+
537	+ add_action('woocommerce_tax_rate_added', array($this, 'woocommerce_tax_rate_handler'), 10, 2);
538	+ add_action('woocommerce_tax_rate_deleted', array($this, 'woocommerce_tax_rate_deleted_handler'), 10, 1);
539	+ add_action('woocommerce_tax_rate_updated', array($this, 'woocommerce_tax_rate_handler'), 10, 2);
540	+
541	+ add_action('woocommerce_new_webhook', array($this, 'woocommerce_webhook_handler'), 10, 1);
542	+ add_action('woocommerce_webhook_updated', array($this, 'woocommerce_webhook_handler'), 10, 1);
543	+ add_action('woocommerce_webhook_deleted', array($this, 'woocommerce_webhook_delete_handler'), 10, 2);
544	+
545	+ add_action('woocommerce_download_product', array($this, 'woocommerce_download_product_handler'), 10, 6);
546	+ add_action('woocommerce_grant_product_download_access', array($this, 'woocommerce_grant_product_download_access_handler'), 10, 1);
547	+ add_action('woocommerce_ajax_revoke_access_to_product_download', array($this, 'woocommerce_revoke_access_to_product_download_handler'), 10, 4);
548	+ add_action('woocommerce_deleted_order_downloadable_permissions', array($this, 'woocommerce_deleted_order_downloadable_permissions_handler'), 10, 1);
549	+ add_filter('woocommerce_process_product_file_download_paths_remove_access_to_old_file', array($this, 'woocommerce_downloadable_product_permissions_delete_handler', 10, 4));
550	+
551	+ add_action('woocommerce_new_payment_token', array($this, 'woocommerce_payment_token_handler'), 10, 1);
552	+ add_action('woocommerce_payment_token_created', array($this, 'woocommerce_payment_token_handler'), 10, 1);
553	+ add_action('woocommerce_payment_token_updated', array($this, 'woocommerce_payment_token_handler'), 10, 1);
554	+ add_action('woocommerce_payment_token_deleted', array($this, 'woocommerce_payment_token_deleted_handler'), 10, 2);
555	+ add_action('added_payment_token_meta', array($this, 'woocommerce_payment_token_meta_handler' ), 10, 4);
556	+ add_action('updated_payment_token_meta', array($this, 'woocommerce_payment_token_meta_handler'), 10, 4);
557	+ add_action('deleted_payment_token_meta', array($this, 'woocommerce_payment_token_meta_handler'), 10, 4);
558	+
559	+
560	+ add_action('woocommerce_shipping_zone_method_added', array($this, 'woocommerce_shipping_zone_method_added_handler'), 10, 3);
561	+ add_action('woocommerce_shipping_zone_method_status_toggled', array($this, 'woocommerce_shipping_zone_method_status_toggled_handler'), 10, 4);
562	+ add_action('woocommerce_shipping_zone_method_deleted', array($this, 'woocommerce_shipping_zone_method_deleted_handler'), 10, 3);
563	+
564	+ add_action('woocommerce_delete_shipping_zone', array($this, 'woocommerce_delete_shipping_zone_handler'), 10, 1);
565	+ add_action('woocommerce_delete_shipping_zone_method', array($this, 'woocommerce_delete_shipping_zone_method_handler'), 10, 1);
566	+
567	+ add_action('woocommerce_api_create_product_attribute', array($this, 'woocommerce_api_product_attribute_handler'), 10, 2);
568	+ add_action('woocommerce_api_edit_product_attribute', array($this, 'woocommerce_api_product_attribute_handler'), 10, 2);
569	+ }
570	+ }
571	+ }
572	+ endif;

wp_settings.php ADDED Viewed

	@@ -0,0 +1,54 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPSettings')) :
5	+ class WPRWPSettings {
6	+ public function getOption($key) {
7	+ $res = false;
8	+ if (function_exists('get_site_option')) {
9	+ $res = get_site_option($key, false);
10	+ }
11	+ if ($res === false) {
12	+ $res = get_option($key, false);
13	+ }
14	+ return $res;
15	+ }
16	+
17	+ public function deleteOption($key) {
18	+ if (function_exists('delete_site_option')) {
19	+ return delete_site_option($key);
20	+ } else {
21	+ return delete_option($key);
22	+ }
23	+ }
24	+
25	+ public function updateOption($key, $value) {
26	+ if (function_exists('update_site_option')) {
27	+ return update_site_option($key, $value);
28	+ } else {
29	+ return update_option($key, $value);
30	+ }
31	+ }
32	+
33	+ public function setTransient($name, $value, $time) {
34	+ if (function_exists('set_site_transient')) {
35	+ return set_site_transient($name, $value, $time);
36	+ }
37	+ return false;
38	+ }
39	+
40	+ public function deleteTransient($name) {
41	+ if (function_exists('delete_site_transient')) {
42	+ return delete_site_transient($name);
43	+ }
44	+ return false;
45	+ }
46	+
47	+ public function getTransient($name) {
48	+ if (function_exists('get_site_transient')) {
49	+ return get_site_transient($name);
50	+ }
51	+ return false;
52	+ }
53	+ }
54	+ endif;

wp_site_info.php ADDED Viewed

	@@ -0,0 +1,79 @@


1	+ <?php
2	+
3	+ if (!defined('ABSPATH')) exit;
4	+ if (!class_exists('WPRWPSiteInfo')) :
5	+
6	+ class WPRWPSiteInfo {
7	+ public function wpurl() {
8	+ if (function_exists('network_site_url'))
9	+ return network_site_url();
10	+ else
11	+ return get_bloginfo('wpurl');
12	+ }
13	+
14	+ public function siteurl() {
15	+ if (function_exists('site_url')) {
16	+ return site_url();
17	+ } else {
18	+ return get_bloginfo('wpurl');
19	+ }
20	+ }
21	+
22	+ public function homeurl() {
23	+ if (function_exists('home_url')) {
24	+ return home_url();
25	+ } else {
26	+ return get_bloginfo('url');
27	+ }
28	+ }
29	+
30	+ public function isMultisite() {
31	+ if (function_exists('is_multisite'))
32	+ return is_multisite();
33	+ return false;
34	+ }
35	+
36	+ public function isMainSite() {
37	+ if (!function_exists('is_main_site' ) \|\| !$this->isMultisite())
38	+ return true;
39	+ return is_main_site();
40	+ }
41	+
42	+ public function respInfo() {
43	+ $info = array();
44	+ $this->basic($info);
45	+ $info['dbsig'] = $this->dbsig(false);
46	+ $info["serversig"] = $this->serversig(false);
47	+ return $info;
48	+ }
49	+
50	+ public function basic(&$info) {
51	+ $info['wpurl'] = $this->wpurl();
52	+ $info['siteurl'] = $this->siteurl();
53	+ $info['homeurl'] = $this->homeurl();
54	+ $info['serverip'] = $_SERVER['SERVER_ADDR'];
55	+ $info['abspath'] = ABSPATH;
56	+ }
57	+
58	+ public function serversig($full = false) {
59	+ $sig = sha1($_SERVER['SERVER_ADDR'].ABSPATH);
60	+ if ($full)
61	+ return $sig;
62	+ else
63	+ return substr($sig, 0, 6);
64	+ }
65	+
66	+ public function dbsig($full = false) {
67	+ if (defined('DB_USER') && defined('DB_NAME') &&
68	+ defined('DB_PASSWORD') && defined('DB_HOST')) {
69	+ $sig = sha1(DB_USER.DB_NAME.DB_PASSWORD.DB_HOST);
70	+ } else {
71	+ $sig = "bvnone".WPRAccount::randString(34);
72	+ }
73	+ if ($full)
74	+ return $sig;
75	+ else
76	+ return substr($sig, 0, 6);
77	+ }
78	+ }
79	+ endif;

wprp.admin.php DELETED Viewed

@@ -1,116 +0,0 @@
-            -
            <?php
-            -
-            -
            /**
-            -
             * Register the wpr_api_key settings
-            -
             *
-            -
             * @return null
-            -
             */
-            -
            function wprp_setup_admin() {
-            -
            	register_setting( 'wpr-settings', 'wpr_api_key' );
-            -
            }
-            -
-            -
            add_action( 'admin_menu', 'wprp_setup_admin' );
-            -
-            -
            /**
-            -
             * Add API Key form
-            -
             *
-            -
             * Only shown if no API Key
-            -
             *
-            -
             * @return null
-            -
             */
-            -
            function wprp_add_api_key_admin_notice() { ?>
-            -
-            -
            	<div id="wprp-message" class="updated" style="display:block !important;">
-            -
-            -
            		<form method="post" action="options.php">
-            -
-            -
            			<p>
-            -
-            -
            				<strong><?php _e( 'WP Remote is almost ready', 'wpremote' ); ?></strong>, <label style="vertical-align: baseline;" for="wpr_api_key"><?php _e( 'enter your API key to continue', 'wpremote' ); ?></label>
-            -
-            -
            				<input type="text" style="margin-left: 5px; margin-right: 5px; " class="code regular-text" id="wpr_api_key" name="wpr_api_key" />
-            -
-            -
            				<input type="submit" value="<?php _e( 'Save API Key','wpremote' ); ?>" class="button-primary" />
-            -
-            -
            			</p>
-            -
-            -
            			<p>
-            -
-            -
            				<strong><?php _e( 'Don\'t have a WP Remote account yet?','wpremote' ); ?></strong> <a href="<?php echo esc_url( wprp_get_wpr_url( '/register/' ) ); ?>" target="_blank"><?php _e( 'Sign up','wpremote' ); ?></a>, <?php _e( 'register your site, and report back once you\'ve grabbed your API key.','wpremote' ); ?>
-            -
-            -
            			</p>
-            -
-            -
            			<style>#message { display : none; }</style>
-            -
-            -
            			<?php settings_fields( 'wpr-settings' );
-            -
-            -
            			// Output any sections defined for page sl-settings
-            -
            			do_settings_sections( 'wpr-settings' ); ?>
-            -
-            -
            		</form>
-            -
-            -
            	</div>
-            -
-            -
-            -
            <?php }
-            -
-            -
            if ( ! wprp_get_api_keys() )
-            -
            	add_action( 'admin_notices', 'wprp_add_api_key_admin_notice' );
-            -
-            -
            /**
-            -
             * Success message for a newly added API Key
-            -
             *
-            -
             * @return null
-            -
             */
-            -
            function wprp_api_key_added_admin_notice() {
-            -
-            -
            	if ( function_exists( 'get_current_screen' ) && get_current_screen()->base != 'plugins' || empty( $_GET['settings-updated'] ) || ! wprp_get_api_keys() )
-            -
            		return; ?>
-            -
-            -
            	<div id="wprp-message" class="updated">
-            -
            		<p><strong><?php _e( 'WP Remote API Key successfully added' ); ?></strong>, close this window to go back to <a href="<?php echo esc_url( wprp_get_wpr_url( '/app/' ) ); ?>"><?php _e( 'WP Remote','wpremote' ); ?></a>.</p>
-            -
            	</div>
-            -
-            -
            <?php }
-            -
            add_action( 'admin_notices', 'wprp_api_key_added_admin_notice' );
-            -
-            -
            /**
-            -
             * Delete the API key on activate and deactivate
-            -
             *
-            -
             * @return null
-            -
             */
-            -
            function delete_wpr_options() {
-            -
            	delete_option( 'wpr_api_key' );
-            -
            }
-            -
            // Plugin uninstall hook
-            -
            register_uninstall_hook(WPRP_PLUGIN_BASE, 'delete_wpr_options');
-            -
-            -
            /**
-            -
             * Clear API key from plugin page setting link
-            -
             */
-            -
            function wprp_plugin_add_settings_link( $links ) {
-            -
                $settings_link = '<a href="options-general.php?page=wpremote">' . __( 'Clear API key' ) . '</a>';
-            -
                array_unshift($links, $settings_link);
-            -
                return $links;
-            -
            }
-            -
-            -
            add_filter( "plugin_action_links_" . WPRP_PLUGIN_BASE, 'wprp_plugin_add_settings_link' );
-            -
-            -
            /**
-            -
             * Register WPR Pages
-            -
             */
-            -
            function wpr_register_pages() {
-            -
                add_submenu_page( null, __('WP Remote Settings'), __('WP Remote Settings'), 'activate_plugins', 'wpremote', 'wpr_settings_page' );
-            -
            }
-            -
            add_action('admin_menu', 'wpr_register_pages');
-            -
-            -
            /**
-            -
             * Show settings page
-            -
             *  TODO: Implement a more comprehensive setting page
-            -
             */
-            -
            function wpr_settings_page( ) {
-            -
                delete_wpr_options();
-            -
                // TODO : Build proper settings page
-            -
                echo 'Successfully cleared API key. Redirecting back to the plugins page...';
-            -
                echo '<meta http-equiv="refresh" content="0; url=' . admin_url( 'plugins.php' ) . '" />';
-            -
            }

The WP Remote WordPress Plugin - Version 3.2

Version Description

2.8.4.3 (11 January 2019)

2.8.4.2 (9 January 2019)

2.8.4.1 (3 December 2017)

2.8.4 (3 December 2017)

2.8.3 (21 November 2017)

2.8.2 (25 October 2017)

2.8.1 (10 October 2017)

Release Info

Code changes from version 2.8.4.3 to 3.2