'render_tab1', ); function __construct() { $this->render_menu_page(); } function set_menu_tabs() { $this->menu_tabs = array( 'tab1' => __('File Change Detection','aiowpsecurity'), ); } function get_current_tab() { $tab_keys = array_keys($this->menu_tabs); $tab = isset( $_GET['tab'] ) ? $_GET['tab'] : $tab_keys[0]; return $tab; } /* * Renders our tabs of this menu as nav items */ function render_menu_tabs() { $current_tab = $this->get_current_tab(); echo '

'; foreach ( $this->menu_tabs as $tab_key => $tab_caption ) { $active = $current_tab == $tab_key ? 'nav-tab-active' : ''; echo '' . $tab_caption . ''; } echo '

'; } /* * The menu rendering goes here */ function render_menu_page() { $this->set_menu_tabs(); $tab = $this->get_current_tab(); ?>

render_menu_tabs(); //$tab_keys = array_keys($this->menu_tabs); call_user_func(array(&$this, $this->menu_tabs_handler[$tab])); ?>

configs->set_value('aiowps_fcds_change_detected', FALSE); $aio_wp_security->configs->save_config(); //Display the last scan results $this->display_last_scan_results(); } if (isset($_POST['aiowps_manual_fcd_scan'])) { $nonce=$_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-fcd-manual-scan-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed for manual file change detection scan operation!",4); die(__('Nonce check failed for manual file change detection scan operation!','aiowpsecurity')); } $result = $aio_wp_security->filescan_obj->execute_file_change_detection_scan(); //If this is first scan display special message if ($result['initial_scan'] == 1) { $this->show_msg_updated(__('The plugin has detected that this is your first file change detection scan. The file details from this scan will be used to detect file changes for future scans!','aiowpsecurity')); } // else // { // $aio_wp_security->debug_logger->log_debug("Manual File Change Detection scan operation failed!",4); // $this->show_msg_error(__('Manual File Change Detection scan operation failed!','aiowpsecurity')); // } } if(isset($_POST['aiowps_schedule_fcd_scan']))//Do form submission tasks { $error = ''; $reset_scan_data = FALSE; $file_types = ''; $files = ''; $nonce=$_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, 'aiowpsec-scheduled-fcd-scan-nonce')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed for file change detection scan options save!",4); die("Nonce check failed for file change detection scan options save!"); } $fcd_scan_frequency = sanitize_text_field($_POST['aiowps_fcd_scan_frequency']); if(!is_numeric($fcd_scan_frequency)) { $error .= '
'.__('You entered a non numeric value for the "backup time interval" field. It has been set to the default value.','aiowpsecurity'); $fcd_scan_frequency = '4';//Set it to the default value for this field } if (!empty($_POST['aiowps_fcd_exclude_filetypes'])) { $file_types = trim($_POST['aiowps_fcd_exclude_filetypes']); //$file_types_array = preg_split( '/\r\n|\r|\n/', $file_types ); //Get the currently saved config value and check if this has changed. If so do another scan to reset the scan data so it omits these filetypes if ($file_types != $aio_wp_security->configs->get_value('aiowps_fcd_exclude_filetypes')) { $reset_scan_data = TRUE; } } if (!empty($_POST['aiowps_fcd_exclude_files'])) { $files = trim($_POST['aiowps_fcd_exclude_files']); //Get the currently saved config value and check if this has changed. If so do another scan to reset the scan data so it omits these files/dirs if ($files != $aio_wp_security->configs->get_value('aiowps_fcd_exclude_files')) { $reset_scan_data = TRUE; } } $email_address = sanitize_email($_POST['aiowps_fcd_scan_email_address']); if(!is_email($email_address)) { $error .= '

'.__('You have entered an incorrect email address format. It has been set to your WordPress admin email as default.','aiowpsecurity').'

'; $email_address = get_bloginfo('admin_email'); //Set the default value to the blog admin email } if($error) { $this->show_msg_error(__('Attention!','aiowpsecurity').$error); } //Save all the form values to the options $aio_wp_security->configs->set_value('aiowps_enable_automated_fcd_scan',isset($_POST["aiowps_enable_automated_fcd_scan"])?'1':''); $aio_wp_security->configs->set_value('aiowps_fcd_scan_frequency',absint($fcd_scan_frequency)); $aio_wp_security->configs->set_value('aiowps_fcd_scan_interval',$_POST["aiowps_fcd_scan_interval"]); $aio_wp_security->configs->set_value('aiowps_fcd_exclude_filetypes',$file_types); $aio_wp_security->configs->set_value('aiowps_fcd_exclude_files',$files); $aio_wp_security->configs->set_value('aiowps_send_fcd_scan_email',isset($_POST["aiowps_send_fcd_scan_email"])?'1':''); $aio_wp_security->configs->set_value('aiowps_fcd_scan_email_address',$email_address); $aio_wp_security->configs->save_config(); //Recalculate points after the feature status/options have been altered $aiowps_feature_mgr->check_feature_status_and_recalculate_points(); $this->show_msg_settings_updated(); //Let's check if backup interval was set to less than 24 hours if (isset($_POST["aiowps_enable_automated_fcd_scan"]) && ($fcd_scan_frequency < 24) && $_POST["aiowps_fcd_scan_interval"]==0) { $alert_user_msg = 'ATTENTION: You have configured your file change detection scan to occur at least once daily. For most websites we recommended that you choose a less frequent schedule such as once every few days, once a week or once a month. Choosing a less frequent schedule will also help reduce your server load.'; $this->show_msg_updated(__($alert_user_msg, 'aiowpsecurity')); } if($reset_scan_data) { //Clear old scan row and ask user to perform a fresh scan to reset the data $aiowps_global_meta_tbl_name = AIOWPSEC_TBL_GLOBAL_META_DATA; $where = array('meta_key1' => 'file_change_detection', 'meta_value1' => 'file_scan_data'); $wpdb->delete( $aiowps_global_meta_tbl_name, $where); $result = $aio_wp_security->filescan_obj->execute_file_change_detection_scan(); $new_scan_alert = __('NEW SCAN COMPLETED: The plugin has detected that you have made changes to the "File Types To Ignore" or "Files To Ignore" fields. In order to ensure that future scan results are accurate, the old scan data has been refreshed.', 'aiowpsecurity'); $this->show_msg_updated($new_scan_alert); } } //Display an alert warning message if a file change was detected if ($aio_wp_security->configs->get_value('aiowps_fcds_change_detected')) { $error_msg = __('All In One WP Security & Firewall has detected that there was a change in your host\'s files.', 'aiowpsecurity'); $button = '

'; $error_msg .= $button; $this->show_msg_error($error_msg); } ?>

'.__('If given an opportunity hackers can insert their code or files into your system which they can then use to carry out malicious acts on your site.', 'aiowpsecurity'). '
'.__('Being informed of any changes in your files can be a good way to quickly prevent a hacker from causing damage to your website.', 'aiowpsecurity'). '
'.__('In general, WordPress core and plugin files and file types such as ".php" or ".js" should not change often and when they do, it is important that you are made aware when a change occurs and which file was affected.', 'aiowpsecurity'). '
'.__('The "File Change Detection Feature" will notify you of any file change which occurs on your system, including the addition and deletion of files by performing a regular automated or manual scan of your system\'s files.', 'aiowpsecurity'). '
'.__('This feature also allows you to exclude certain files or folders from the scan in cases where you know that they change often as part of their normal operation. (For example log files and certain caching plugin files may change often and hence you may choose to exclude such files from the file change detection scan)', 'aiowpsecurity').'

'; ?>

output_feature_details_badge("scan-file-change-detection"); ?>

:	configs->get_value('aiowps_enable_automated_fcd_scan')=='1') echo ' checked="checked"'; ?> value="1"/>
:
:	<?php echo $aio_wp_security->configs->get_value('aiowps_fcd_exclude_filetypes'); ?> + '.__('You can exclude file types from the scan which would not normally pose any security threat if they were changed. These can include things such as image files.', 'aiowpsecurity').' '; echo ' '.__('Example: If you want the scanner to ignore files of type jpg, png, and bmp, then you would enter the following:', 'aiowpsecurity').' '; echo ' '.__('jpg', 'aiowpsecurity').' '; echo ' '.__('png', 'aiowpsecurity').' '; echo ' '.__('bmp', 'aiowpsecurity').' '; ?>
:	<?php echo $aio_wp_security->configs->get_value('aiowps_fcd_exclude_files'); ?> + '.__('You can exclude specific files/directories from the scan which would not normally pose any security threat if they were changed. These can include things such as log files.', 'aiowpsecurity').' '; echo ' '.__('Example: If you want the scanner to ignore certain files in different directories or whole directories, then you would enter the following:', 'aiowpsecurity').' '; echo ' '.__('cache/config/master.php', 'aiowpsecurity').' '; echo ' '.__('somedirectory', 'aiowpsecurity').' '; ?>
:	configs->get_value('aiowps_send_fcd_scan_email')=='1') echo ' checked="checked"'; ?> value="1"/>

get_row($query, ARRAY_A); if ($scan_db_data === NULL) { //TODO: Failure scenario $aio_wp_security->debug_logger->log_debug("display_last_scan_results() - DB query for scan results data from global meta table returned NULL!",4); return; } $date_last_scan = $scan_db_data['date_time']; $scan_results_unserialized = maybe_unserialize($scan_db_data['meta_value5']); ?>

'.__('The following files were added to your host.', 'aiowpsecurity').'

'; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; foreach ($scan_results_unserialized['files_added'] as $key=>$value) { $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; $files_added_output .= ''; } $files_added_output .= '

'.__('File','aiowpsecurity').'	'.__('File Size','aiowpsecurity').'	'.__('File Modified','aiowpsecurity').'
'.$key.'	'.$value['filesize'].'	'.date('Y-m-d H:i:s',$value['last_modified']).'

'; echo $files_added_output; } echo '

'; if (!empty($scan_results_unserialized['files_removed'])) { //Output table of files removed echo '

'.__('The following files were removed from your host.', 'aiowpsecurity').'

'; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; foreach ($scan_results_unserialized['files_removed'] as $key=>$value) { $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; $files_removed_output .= ''; } $files_removed_output .= '

'.__('File','aiowpsecurity').'	'.__('File Size','aiowpsecurity').'	'.__('File Modified','aiowpsecurity').'
'.$key.'	'.$value['filesize'].'	'.date('Y-m-d H:i:s',$value['last_modified']).'

'; echo $files_removed_output; } echo '

'; if (!empty($scan_results_unserialized['files_changed'])) { //Output table of files changed echo '

'.__('The following files were changed on your host.', 'aiowpsecurity').'

'; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; foreach ($scan_results_unserialized['files_changed'] as $key=>$value) { $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; $files_changed_output .= ''; } $files_changed_output .= '

'.__('File','aiowpsecurity').'	'.__('File Size','aiowpsecurity').'	'.__('File Modified','aiowpsecurity').'
'.$key.'	'.$value['filesize'].'	'.date('Y-m-d H:i:s',$value['last_modified']).'

'; echo $files_changed_output; } ?>