find_folder( SIXSCAN_HTACCESS_6SCAN ) ); } define( 'SIXSCAN_SIGNATURE_SRC', SIXSCAN_PLUGIN_DIR . '/data/' . SIXSCAN_COMM_SIGNATURE_FILENAME ); function sixscan_common_get_signature_src( $is_direct = TRUE ){ if ( $is_direct == TRUE ) return SIXSCAN_SIGNATURE_SRC; global $wp_filesystem; return untrailingslashit( $wp_filesystem->find_folder( SIXSCAN_SIGNATURE_SRC ) ); } define( 'SIXSCAN_HTACCESS_6SCAN_GATE_SOURCE', SIXSCAN_PLUGIN_DIR . '/data/' . SIXSCAN_HTACCESS_6SCAN_GATE_FILE_NAME ); function sixscan_common_get_gate_src( $is_direct = TRUE ){ if ( $is_direct == TRUE ) return SIXSCAN_HTACCESS_6SCAN_GATE_SOURCE; global $wp_filesystem; return untrailingslashit( $wp_filesystem->find_folder( SIXSCAN_HTACCESS_6SCAN_GATE_SOURCE ) ); } define( 'SIXSCAN_ANALYZER_LOG_FILEPATH', SIXSCAN_PLUGIN_DIR . SIXSCAN_SECURITY_LOG_FILENAME ); } define( 'SIXSCAN_COMMON_DASHBOARD_URL', 'six-scan-dashboard' ); define( 'SIXSCAN_COMMON_SETTINGS_URL', 'six-scan-settings' ); define( 'SIXSCAN_COMMON_SUPPORT_URL', 'six-scan-support' ); define( 'SIXSCAN_COMMON_DASHBOARD_URL_MAIN', 'dashboard' ); define( 'SIXSCAN_COMMON_DASHBOARD_URL_SETTINGS', 'dashboard_settings' ); define( 'SIXSCAN_COMMON_DASHBOARD_URL_WIDGET', 'dashboard_widget' ); define( 'SIXSCAN_COMMON_DASHBOARD_URL_BACKUP', 'backup_dashboard' ); define( 'SIXSCAN_SIGNATURE_HEADER_NAME', 'x-6scan-signature' ); define( 'SIXSCAN_SIGNATURE_REQ_KEY', 'x-6scan-db_encryption_key' ); define( 'SIXSCAN_SIGNATURE_PUBLIC_KEY', <<abspath() . '.htaccess'; } function sixscan_common_get_htaccess_dest_path( $is_direct = TRUE ){ if ( $is_direct == TRUE ) return ABSPATH . SIXSCAN_HTACCESS_6SCAN_GATE_FILE_NAME; global $wp_filesystem; return $wp_filesystem->abspath() . SIXSCAN_HTACCESS_6SCAN_GATE_FILE_NAME; } function sixscan_common_get_signature_dest_path( $is_direct = TRUE ){ if ( $is_direct == TRUE ) return ABSPATH . SIXSCAN_COMM_SIGNATURE_FILENAME; global $wp_filesystem; return $wp_filesystem->abspath() . SIXSCAN_COMM_SIGNATURE_FILENAME; } function sixscan_common_set_site_id( $site_id ){ update_option( SIXSCAN_OPTION_MENU_SITE_ID , $site_id ); } function sixscan_common_get_site_id(){ return get_option ( SIXSCAN_OPTION_MENU_SITE_ID ); } function sixscan_common_set_api_token( $api_token ){ update_option( SIXSCAN_OPTION_MENU_API_TOKEN , $api_token ); } function sixscan_common_get_api_token(){ return get_option( SIXSCAN_OPTION_MENU_API_TOKEN ); } function sixscan_common_set_verification_token( $verification_token ){ update_option( SIXSCAN_OPTION_MENU_VERIFICATION_TOKEN , $verification_token ); } function sixscan_common_get_verification_token(){ return get_option( SIXSCAN_OPTION_MENU_VERIFICATION_TOKEN ); } function sixscan_common_set_dashboard_token( $dashboard_token ){ update_option( SIXSCAN_OPTION_MENU_DASHBOARD_TOKEN , $dashboard_token ); } function sixscan_common_get_dashboard_token(){ return get_option( SIXSCAN_OPTION_MENU_DASHBOARD_TOKEN ); } function sixscan_common_is_account_operational(){ return get_option( SIXSCAN_OPTION_MENU_IS_ACCOUNT_OPERATIONAL ); } function sixscan_common_set_account_operational( $reg_val ){ update_option( SIXSCAN_OPTION_MENU_IS_ACCOUNT_OPERATIONAL , $reg_val ); } function sixscan_common_is_account_active(){ return get_option( SIXSCAN_OPTIONS_SETUP_ACCOUNT ); } function sixscan_common_set_account_active( $active_val ){ update_option( SIXSCAN_OPTIONS_SETUP_ACCOUNT , $active_val ); } function sixscan_common_is_partner_version(){ $partner_file_path = trailingslashit( dirname( __FILE__ ) ) . SIXSCAN_PARTNER_INFO_FILENAME; return file_exists( $partner_file_path ); } /* Based on http://phpseclib.sourceforge.net/ package */ function sixscan_common_encrypt_string( $plain_data , $key ){ if ( class_exists( 'Crypt_RC4' ) == FALSE ){ require_once( SIXSCAN_PLUGIN_DIR . "modules/signatures/Crypt/RC4.php" ); } $rc4_encr = new Crypt_RC4(); $rc4_encr->setKey( $key ); return $rc4_encr->encrypt( $plain_data ); } /* Based on http://phpseclib.sourceforge.net/ package */ function sixscan_common_decrypt_string( $encr_data , $key ){ if ( class_exists( 'Crypt_RC4' ) == FALSE ){ require_once( SIXSCAN_PLUGIN_DIR . "modules/signatures/Crypt/RC4.php" ); } $rc4_encr = new Crypt_RC4(); $rc4_encr->setKey( $key ); return $rc4_encr->decrypt( $encr_data ); } function sixscan_wordpress_admin_set_cookie_callback(){ /* Admin is getting auth cookie, other users do not */ if ( current_user_can( 'administrator' ) ){ if ( ! isset ( $_COOKIE[ SIXSCAN_ADMIN_ACCESS_COOKIE_NAME ] ) ) setcookie( SIXSCAN_ADMIN_ACCESS_COOKIE_NAME , sixscan_common_get_auth_cookie_val() , time() + 3600 , COOKIEPATH , COOKIE_DOMAIN , false); } else{ if ( isset ( $_COOKIE[ SIXSCAN_ADMIN_ACCESS_COOKIE_NAME ] ) ) setcookie( SIXSCAN_ADMIN_ACCESS_COOKIE_NAME , '' , time() - 3600 , COOKIEPATH , COOKIE_DOMAIN , false); } } function sixscan_common_get_auth_cookie_val(){ return 'cgcNkBEFpLrw82pgObc1' . md5 ( 'saltZ4uhPMtFYs6Ldn3jsxNS' . sixscan_common_get_verification_token() . sixscan_common_get_api_token() ); } function sixscan_common_get_auth_cookie_code (){ $reg_key = sixscan_common_get_auth_cookie_val(); return ''; } /* Checks whether user is registered with the server */ function sixscan_common_is_regdata_present() { if ( ( sixscan_common_get_site_id() == FALSE ) || ( sixscan_common_get_api_token() == FALSE ) || ( sixscan_common_get_verification_token() == FALSE ) || ( sixscan_common_get_dashboard_token() == FALSE ) ) return FALSE; return TRUE; } function sixscan_common_erase_regdata(){ sixscan_common_set_site_id( FALSE ); sixscan_common_set_api_token( FALSE ); sixscan_common_set_verification_token( FALSE ); sixscan_common_set_dashboard_token( FALSE ); } function sixscan_common_run_signature_check_request(){ require_once( ABSPATH . WPINC . '/pluggable.php' ); global $sixscan_signature_request; if ( isset( $sixscan_signature_request ) ) foreach ( $sixscan_signature_request as $one_signature_req ){ if ( call_user_func_array( $one_signature_req[ 'func_name' ] , $one_signature_req[ 'param_array' ] ) != $one_signature_req[ 'expected_result' ] ) return false; } return true; } function sixscan_common_is_fopen_working(){ $url = SIXSCAN_BODYGUARD_PING_URL; $arrContext = array( 'http' => array( 'method' => 'GET' , 'user_agent' => 'SIXSCAN_SUBMITTER' , 'max_redirects' => 6 , 'protocol_version' => (float) '1.1' , 'header' => '' , 'ignore_errors' => true , 'timeout' => 30 , 'ssl' => array( 'verify_peer' => false , 'verify_host' => false ) ) ); $proxy = new WP_HTTP_Proxy(); if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { $arrContext[ 'http' ][ 'proxy' ] = 'tcp://' . $proxy->host() . ':' . $proxy->port(); $arrContext[ 'http' ][ 'request_fulluri' ] = true; if ( $proxy->use_authentication() ) $arrContext[ 'http' ][ 'header' ] .= $proxy->authentication_header() . "\r\n"; } $context = stream_context_create( $arrContext ); $handle = @fopen( $url , 'r' , false , $context ); if ( ! $handle ){ $last_error = error_get_last(); $fopen_info = "failed. Last error: " . print_r( $last_error , TRUE ) . "\n"; return $fopen_info; } else{ fclose( $handle ); return TRUE; } } function sixscan_common_generate_random_string(){ /* Random enough for our needs */ return ( sha1( 'OBpjnNrFXA' . md5( 'RZc3LJKCti' . mt_rand() . mt_rand() . time() ) ) ); } function sixscan_common_get_wp_version(){ /* The global $wp_version is sometimes blocked by other plugins. Parse it ourselves: */ $wpversion_file_data = file_get_contents( ABSPATH . '/wp-includes/version.php' ); $pattern = '/wp_version\s+=\s+\'([0-9.]+)\'/'; preg_match($pattern, $wpversion_file_data, $matches); return $matches[1]; } /* Windows servers sometimes require special handling */ function sixscan_common_is_windows_os(){ return ( strtoupper( substr( PHP_OS , 0 , 3) ) === 'WIN' ); } function sixscan_common_gather_system_information_for_anonymous_support_ticket(){ $submission_data = "\n"; $submission_data .= "OS: " . PHP_OS . " \n"; $submission_data .= "Server info: " . print_r( $_SERVER , TRUE ); $regdata_status = sixscan_common_is_regdata_present(); $submission_data .= "Regdata present: $regdata_status\n"; $write_method = ( get_option( SIXSCAN_OPTION_WPFS_CONFIG ) === FALSE ) ? "Direct_access" : "WP_filesystem"; $submission_data .= "Write method: $write_method\n"; /* Check , whether site can access external resources */ $url = SIXSCAN_BODYGUARD_REGISTER_URL; $proxy = new WP_HTTP_Proxy(); if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) $is_through_proxy = "true"; else $is_through_proxy = "false"; $submission_data .= "Is access through proxy: $is_through_proxy\n"; $htaccess_contents = file_get_contents( sixscan_common_get_htaccess_file_path( TRUE ) ); if ( $htaccess_contents == FALSE ) $htaccess_contents = "Empty"; $submission_data .= "Htaccess contents: $htaccess_contents\n"; $plugin_list = get_plugins(); $submission_data .= "Plugins: " . print_r( $plugin_list , TRUE ) . "\n"; $phpinif_info = ini_get_all(); $submission_data .= "phpinfo(): " . print_r( $phpinif_info , true ) . "\n"; return $submission_data; } function sixscan_common_error_handler( $error_level , $error_message , $error_file , $error_line ){ print "Error level $error_level: Message: $error_message. Occured in file $error_file:$error_line\n"; } function sixscan_common_fatal_error(){ $error = error_get_last(); if ( isset( $error ) ){ if ( $error[ 'type' ] == E_ERROR || $error[ 'type' ] == E_PARSE || $error[ 'type' ] == E_COMPILE_ERROR || $error[ 'type' ] == E_CORE_ERROR ){ print_r( $error ); } } } function sixscan_common_test_dir_writable( $dir_name ){ global $wp_filesystem; $tmp_fname = trailingslashit( $dir_name ) . 'sixscantmp_'; $ftmp_result = $wp_filesystem->put_contents( $tmp_fname , 'write_test' ); if ( $ftmp_result === FALSE ) return FALSE; /* Cleanup */ $wp_filesystem->delete( $tmp_fname ); return TRUE; } function sixscan_common_test_file_writable( $fname ){ global $wp_filesystem; if ( $wp_filesystem->method != 'direct') return $wp_filesystem->is_writable( $fname ); $fp = fopen( $fname , 'a+' ); if ( $fp == FALSE ) return FALSE; fclose( $fp ); return TRUE; } function sixscan_common_show_all_errors(){ /* Enable reporting of all errors. (Except E_SCTRICT, which we don't need) */ set_error_handler( 'sixscan_common_error_handler' , E_ALL ); register_shutdown_function( 'sixscan_common_fatal_error' ); } function sixscan_common_request_network( $request_url , $request_data , $request_type = "GET" ){ $request_params = array( 'timeout' => SIXSCAN_COMM_REQUEST_TIMEOUT_SEC , 'redirection' => 5 , 'httpversion' => '1.1' , 'blocking' => true , 'sslverify' => false , /* We have found out , that there are lots of users , who don't have their ca-certificates configured , and SSL connect fails. If you want to force SSL CA verification , change this rule to 'true' */ 'headers' => array() , 'body' => $request_data , 'cookies' => array() ); $req_function = ( $request_type == "GET" ) ? 'wp_remote_get' : 'wp_remote_post'; /* Retry the request several times, until failing */ for ( $retry_counter = 0 ; $retry_counter < SIXSCAN_COMM_REQUEST_RETRIES ; $retry_counter++ ){ $response = $req_function( $request_url , $request_params ); if ( is_wp_error( $response ) == FALSE ) return $response; } return $response; } ?>