<?php
/**
 * @package actifend
 * @version 1.4.5
 */
/*
  Plugin Name: ActiFend
  Plugin URI: http://dsdinfosec.com
  Description: ActiFend Plugin is designed to enhance your web security. This Plugin sends your access logs to a SIEM + Incident Response Platform where they're analyzed to detect attacks on your web site. Security Alerts are sent to the ActiFend Mobile App. ActiFend helps you to Actively Defend your web site.
  Author: DSDInfosec
  Version: 1.4.5
  Author URI: http://dsdinfosec.com
*/

/** ABSPATH - usually the root directory for wordpress files
 * app-root on shared hosting installation
 * apache2 doc folder /var/www/html for dedicated hosting installation
 */
if (!defined('ABSPATH'))
    define('ABSPATH', dirname(__FILE__) . '/');

ini_set('max_execution_time', 600);
ini_set('memory_limit','512M');

$actifend_dependencies = array(
    'wp_die',
    'add_action',
    'add_filter',
    'remove_filter',
    'wp_remote_get',
    'wp_remote_request'
);

// Terminate execution if any of the functions mentioned above is not defined.
foreach ($actifend_dependencies as $dependency) {
    if (!function_exists($dependency)) {
        exit(0);
    }
}


// Remove the WordPress version number generator meta-tag
function dsdaf_remove_wp_version() { return ''; }
add_filter('the_generator', 'dsdaf_remove_wp_version');

// Include all necessary plugin files
require('actifendConstants.php');
require('Utility.php');
require('actifendClass.php');
require('ActifendUserRegister.php');
require('ActifendAccessAlerts.php');
require('ActifendIPBlock.php');
require('ActifendBackup.php');
require('ActifendRestoreBackup.php');
require('ActifendFileIntegrity.php');

// Initiate temp dir
Actifend::initTmpDir();

// display any activation errors on the screen
if (get_option('actifendActivated') != 1) {
    add_action('activated_plugin','actifend_save_activation_error');
    function actifend_save_activation_error(){
        update_option('actifend_plugin_act_error', ob_get_contents());
    }
}

//Remove Table on pluging uninstallation
register_deactivation_hook(__FILE__, 'actifend_remove');

function actifend_remove() {
    // Let Actifend know that plugin has been deactivated
    Actifend::pluginDeactivationLog();
    Actifend::actifend_dropTable();
    Actifend::clear_actifend_crons();
    // remove cron schedules
    remove_filter('cron_schedules', 'Actifend::actifend_crons');
    // remove actifend options
    $actifend_option_names = array(
        'actifendActivated',
        'actifend_plugin_act_error',
        'FilePrivilegesInsufficient',
        'ActifendBackupStatus',
        'ActifendRestoreStatus',
        'mapp_activated',
        'actifend_usage_category',
        'actifend_subs_validity');

    foreach ($actifend_option_names as $option_name) {
        delete_option($option_name);
        delete_site_option($option_name);
    }

    // remove actions
    Actifend::remove_actifend_actions();
    debug_log("Actifend Plugin Deactivated!");
}

//Create Table on Installing the plugin
register_activation_hook(__FILE__, 'actifend_init');

function actifend_init() {
    try {
        debug_log("Activating Actifend!");
        update_option('actifendActivated', 0);
        // start output buffers
        ob_end_clean();
        ob_start();
        Actifend::actifend_prerequisiteTest();
        debug_log("Pre-requisite tests completed.");
        Actifend::actifend_dropTable();
        // Create required tables in wordpress db
        debug_log("Starting to create Actifend tables ...");
        Actifend::actifend_createTables();
        // set cookie with one hour expiry
        setcookie("ActifendRedirect", 'OK', time()+3600);
        $userRegObj = new ActifendUserRegister;
        $userRegObj->autoRegisterTrial();
        // take a snapshot of the files for integrity checking
        Utility::initFileSystem();
        global $wp_filesystem;
        $integrity = new ActifendFileIntegrity( $wp_filesystem->abspath() );
        $integrity->createBaseline();
        // enable cron jobs
        Actifend::enable_actifend_crons();

        debug_log("Actifend registration not yet complete!");
    } catch (Exception $e) {
        echo $e->getMessage();
        update_option('actifend_plugin_act_error', ob_get_contents());
        add_action('admin_notices', 'Actifend::activation_warning');
        deactivate_plugins( plugin_basename( __FILE__ ) );
    }
 }

//Registration process  (Screen after installation)
add_action('admin_menu', 'actifend_get_email');

function actifend_get_email() {
    if ( !Actifend::isAdmin(wp_get_current_user())) {
        debug_log("Current user does not have Admin privileges.");
        return;
    }

    $currentUrl = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    $_currentUrl =  explode('?', $currentUrl);
    if(count($_currentUrl) > 1) {
        $_currentUrl = $_currentUrl[0];
        $_mapp = explode('&', $_currentUrl[1]);
        if (count($_mapp) > 2) {
            update_option('mapp_activated', 1);
        }
    } else {
        $_currentUrl = $currentUrl;
    }

    $PHP_SELF = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];

    if (($_currentUrl == $PHP_SELF) && (@$_COOKIE['ActifendRedirect'] == 'OK') ){
        // unset cookie
        setcookie("ActifendRedirect", 'OK', 1);
        header("Location: " . ACTIFEND_PLUGIN_URL);
        exit;
    }

    add_menu_page('ActiFend',
                  'ActiFend',
                  'manage_options',
                  'get_actifend_email',
                  'actifend_show_form',
                  plugins_url('actifend/images/ActiFend_16x21_icon.png'),
                  1);
    debug_log("actifend_get_email executed!");
}

function actifend_show_form() {
    debug_log('Entered actifend_show_form function.');
    if(get_option('actifend_plugin_act_error', false)) {
        add_action('admin_notices', 'Actifend::activation_warning');
    }

    $actifend_dir = plugin_dir_path(__FILE__);
    if (get_option('actifendActivated') == 0) {
        require_once(trailingslashit($actifend_dir) . "form.php");
    } else {
        $utiObj = new Utility;
        $result = $utiObj->getActifendInfo();
        if ($result->actifend_email != 'None') {
            $asset_id       = $result->asset_id;
            $actifend_email = $result->actifend_email;
            $utiObj->get_asset_status(get_site_url(), $actifend_email);
            if (get_option('mapp_activated') == 1) {
                require_once(trailingslashit($actifend_dir) . "usage.php");
            } else {
                require_once(trailingslashit($actifend_dir) . "store.php");
            }
        } else {
            debug_log("actifend_email not updated in the db.");
        }
    }
}


if (!function_exists('actifend_onboarding_notice')) {
    add_action("admin_notices", "actifend_onboarding_notice");
    /**
     * actifend_email_optin_notice
     * serve admin notice if the user has not completed step 2
     * @return void
     */
    function actifend_onboarding_notice() {
        try {
            if(! Actifend::isAdmin(wp_get_current_user())) exit();
            global $pagenow;
            // Calculate the time difference
            $currentTime = new DateTime(date('Y-m-d H:i:s'));
            $validTill = get_option('actifend_subs_validity');
            $validTill = new DateTime(date('Y-m-d H:i:s', strtotime($validTill)));
            $diff = $currentTime->diff($validTill);
            // If valid till is less than current time
            if ($diff->invert == 1) {
                $days = -$diff->days;
            } else {
                $days = $diff->days;
            }
            $hours   = $diff->h;
            $minutes = $diff->i;
            $totalMinutes = $hours * 60 + $minutes;

            if ($pagenow == 'index.php') {
                if ($diff->invert == 1) {
                    $subsMessage = __('Your subscription has <strong style="color:red">expired</strong>. Please renew from ActiFend App.');
                    echo '<div id="mapp_activate" class="notice notice-error is-dismissible"><p><strong>ActiFend: </strong>' . $subsMessage . '</p></div>';
                }elseif ($days > 0 && $days <= 3) {
                    $subsMessage = __('Your subscription ends in <strong>');
                    $subsMessage .= (string)$days;
                    if ($days == 1) $daysStr = ' day'; else $daysStr = ' days';
                    $subsMessage .= $daysStr;
                    $subsMessage .= __('</strong>.  Please renew from ActiFend app.');
                    echo '<div id="mapp_activate" class="notice notice-info is-dismissible"><p><strong>ActiFend: </strong>' . $subsMessage . '</p></div>';
                }elseif ($days == 0 && $hours >= 1) {
                    $subsMessage = __('Your subscription ends in <strong style="color:red">');
                    $subsMessage .= (string)$hours;
                    if ($hours == 1) $hourStr = ' hour'; else $hourStr = ' hours';
                    $subsMessage .= $hourStr;
                    $subsMessage .= __('</strong>.  Please renew from ActiFend app.');
                    echo '<div id="mapp_activate" class="notice notice-warning is-dismissible"><p><strong>ActiFend: </strong>' . $subsMessage . '</p></div>';
                }elseif ($days == 0 && $totalMinutes < 60) {
                    $subsMessage = __('Your subscription ends in <strong style="color:red">');
                    $subsMessage .= (string)$minutes;
                    $subsMessage .= __(' minutes</strong>.  Please renew from ActiFend app.');
                    echo '<div id="mapp_activate" class="notice notice-warning is-dismissible"><p><strong>ActiFend: </strong>' . $subsMessage . '</p></div>';
                }
            }

            if ($pagenow == 'plugins.php') {
                $page_url = admin_url('admin.php?page=get_actifend_email');
                if (get_option('actifendActivated') == 0 && get_option('mapp_activated') == 0)
                {
                    $message = __('To access the ActiFend security dashboard, please link your email address to your ActiFend account for authentication. ');
                    $message .= "\x20<a href='" . $page_url . "'><i>Okay, Take me there.</i></a>";
                    echo '<div id="optin_incomplete" style="vertical-align: middle" class="notice notice-warning is-dismissible"><p><strong>ActiFend: </strong>' . $message . '</p></div>';
                }
                elseif (get_option('actifendActivated') == 1 && get_option('mapp_activated') == 0)
                {
                    $message = __('Install Mobile App and Enable ActiFend Mobile Security Center, for Actively defending your website. ');
                    $message .= "\x20<a href='" . $page_url . "'><i>OK. Take me there!</i></a>";
                    echo '<div id="mapp_activate" class="notice notice-info is-dismissible"><p><strong>ActiFend: </strong>' . $message . '</p></div>';
                }
                else
                {
                    return;
                }
                debug_log('actifend_onboarding_notice executed!');
            }
        } catch (Exception $e) {
            debug_log($e->getMessage());
            return;
        }
    }
}


if (! function_exists('actifend_usage_notice')) {
    add_action("admin_notices", "actifend_usage_notice");
    /**
     * actifend_usage_notice
     * serve admin notice based on the effective usage of MSC
     * @return void
     */
    function actifend_usage_notice() {
        try {
            if(! Actifend::isAdmin(wp_get_current_user())) exit();
            global $pagenow;
            $ignoreNotice = get_user_meta(get_current_user_id(), 'dismiss_actifend_usage_notice');
            if ( $pagenow == 'plugins.php' && ! $ignoreNotice) {
                $page_url = admin_url('admin.php?page=get_actifend_email');
                $category = get_option('actifend_usage_category', 'HEALTHY');
                if (get_option("mapp_activated") == 1
                    && ($category != 'HEALTHY')) {

                    if ($category == 'CRITICAL') {
                        $className = "notice notice-error is-dismissible";
                        $message = __('Security Alerts are pending ... please use the ActiFend App and act on them.');
                    } else {
                        $className = "notice notice-warning is-dismissible";
                        $message = __('Vulnerabilities found in website ... please use the ActiFend App and act on them.');
                    }

                    echo "<div id='usage_notice' style='vertical-align: middle;' class='" . $className . "'><p><strong>ActiFend: </strong>";
                    printf( $message . ' | <a href="%1$s">Dismiss Notice</a>', '?actifend_dismiss_usage_notice=0');
                    echo "</p></div>";
                }
            }

        } catch (Exception $e) {
            debug_log($e->getMessage());
            return;
        }
    }
}

function actifend_dismiss_usage_notice()  {
    if ( isset($_GET['actifend_dismiss_usage_notice']) && '0' == $_GET['actifend_dismiss_usage_notice'] ) {
        add_user_meta( get_current_user_id(), 'dismiss_actifend_usage_notice', 'true', true );
        debug_log("Usage notice user meta data updated");
    }
}

function reset_dismiss_usage_notice() {
    update_user_meta( get_current_user_id(), 'dismiss_actifend_usage_notice', 'false');
    debug_log("Usage notice user meta data reset!");
}


/**
 * This function writes to debug log if WP_DEBUG and WP_DEBUG_LOG are set to true
 * These settings are done in wp-config.php file
 */
function debug_log($message) {
    if ( WP_DEBUG === TRUE ) {
        if ( is_array($message) || is_object($message) ) {
            error_log( print_r($message, true) );
        } else {
            error_log( $message );
        }
    }
}

// Add actifend crons to wordpress cron schedules
add_filter('cron_schedules', 'Actifend::actifend_crons');
// Add actions required for actifend to function
Actifend::add_actifend_actions();

function wordpressBackup() {
    $backup = new ActifendBackup;
    $backup->actifend_backup_process();
}

function wordpressRestore() {
    $restore = new ActifendRestoreBackup;
    $restore->actifend_restore_process();
}

function fileIntegrityCheck() {
    Utility::initFileSystem();
    global $wp_filesystem;

    $integrity = new ActifendFileIntegrity( $wp_filesystem->abspath() );
    $integrity->getModifiedFiles_bySize_and_mtime();
}

function loginFailureAccess() {
    $loginObj = new ActifendAccessAlerts;
    $loginObj->loginFailure();
}

function logInSuccess() {
    $loginObj = new ActifendAccessAlerts;
    $loginObj->loginSuccess();
}

function AccessLogs() {
    $loginObj = new ActifendAccessAlerts;
    $var = $loginObj->actifend_push_logs();
}

function pluginUpdatelog() {
    $loginObj = new ActifendAccessAlerts;
    $loginObj->actifend_updatePlugin_logs();
    debug_log('pluginUpdatelog function executed.');
}

function updateInstallationLogs() {
    $updateObj = new ActifendAccessAlerts;
    $updateObj->actifendUpdateInstallTrigger();
    debug_log('updateInstallationLogs function executed.');
}

function availableWordPressUpdates() {
    $themeloginObj = new ActifendAccessAlerts;
    $themeloginObj->actifend_wordpress_updates_available();
    debug_log('availableWordPressUpdates function executed.');
}

function actifendUpdatetheme() {
    $upthemeObj = new ActifendAccessAlerts;
    $upthemeObj->actifend_update_theme();
    debug_log('actifendUpdatetheme function executed.');
}

function getBlockedIPList() {
    $ipObj = new ActifendIPBlock;
    $ipObj->actifendGetBlockedIpsList();
    debug_log('getBlockedIPList function executed.');
}

function getIPListToBlock() {
    $blockIp = new ActifendIPBlock;
    $blockIp->actifendIpListForBlock();
    debug_log('getIPListToBlock function executed.');
}

function DeleteBlockedIPs() {
    $delObj = new ActifendIPBlock;
    $delObj->actifend_delete_ip_list();
    debug_log('DeleteBlockedIPs function executed.');
}

function ping_site() {
    $url = home_url() . '/wp-cron.php?doing_wp_cron';
    wp_remote_get($url);
    debug_log('ping_site function executed.');
}
?>