Changeset 1762549
- Timestamp:
- 11/10/2017 06:38:13 AM (8 years ago)
- Location:
- ose-firewall/trunk
- Files:
-
- 10 added
- 33 edited
-
assets/config/define.php (modified) (2 diffs)
-
assets/views/cfscan.php (modified) (2 diffs)
-
assets/views/scanreport.php (modified) (2 diffs)
-
assets/views/whitelistmgmt.php (modified) (1 diff)
-
classes/App/Controller/CfscanController.php (modified) (1 diff)
-
classes/App/Controller/WhitelistmgmtController.php (modified) (1 diff)
-
classes/App/Model/CfscanModel.php (modified) (1 diff)
-
classes/App/Model/WhitelistmgmtModel.php (modified) (1 diff)
-
classes/Library/RemoteLogin/RemoteLogin.php (modified) (1 diff)
-
classes/Library/downloader/oseDownloader.php (modified) (5 diffs)
-
classes/Library/fwscannerv7/emailNotificationMgmt.php (modified) (1 diff)
-
classes/Library/fwscannerv7/fwscannerv7.php (modified) (2 diffs)
-
classes/Library/fwscannerv7/whitelistmgmt.php (modified) (1 diff)
-
classes/Library/oem/218.php (modified) (3 diffs)
-
classes/Library/oseFirewallAjax.php (modified) (2 diffs)
-
classes/Library/oseFirewallJoomla.php (modified) (1 diff)
-
classes/Library/oseFirewallWordpress.php (modified) (1 diff)
-
classes/Library/vsscanner/cfscanner.php (modified) (1 diff)
-
classes/Library/vsscanner/vsscanner.php (modified) (2 diffs)
-
classes/Library/vsscanstat/vsscanstat.php (modified) (2 diffs)
-
ose_firewall_badge.php (modified) (1 diff)
-
ose_wordpress_firewall.php (modified) (1 diff)
-
protected/data/backup-pathfolder (added)
-
protected/tmp (added)
-
public/css/main.css (modified) (3 diffs)
-
public/css/oem/218/custom.css (modified) (2 diffs)
-
public/css/v4.css (modified) (1 diff)
-
public/js/app.js (modified) (1 diff)
-
public/js/cfscan.js (modified) (6 diffs)
-
public/js/oem/218/custom.js (modified) (1 diff)
-
public/js/rulesets.js (modified) (1 diff)
-
public/js/scanreport.js (modified) (1 diff)
-
public/js/whitelistmgmt.js (modified) (1 diff)
-
public/messages/fr_FR.php (modified) (3 diffs)
-
readme.txt (modified) (2 diffs)
-
vendor/centrora (added)
-
vendor/centrora/BaseTest.php (added)
-
vendor/centrora/GitActivationPanelTest.php (added)
-
vendor/centrora/GitbackupTest.php (added)
-
vendor/centrora/index.html (added)
-
vendor/centrora/joomlaEnv.php (added)
-
vendor/centrora/phpunit-4.8.24.phar (added)
-
vendor/centrora/test.php (added)
Legend:
- Unmodified
- Added
- Removed
-
ose-firewall/trunk/assets/config/define.php
r1730340 r1762549 46 46 define("ACCOUNT_API","https://account-api-dev.centrora.com.au/"); 47 47 define("UPDATE_API","https://update-api-dev.centrora.com/"); 48 define("DOWNLOAD_CORE_FILES","https://update-api-dev.centrora.com.au/download/getCoreFile"); 48 49 }else { 49 50 define('API_SERVER','https://api2.centrora.com/'); //LIVE … … 58 59 define("ACCOUNT_API","https://account-api.centrora.com/"); 59 60 define("UPDATE_API","https://update-api.centrora.com/"); 61 define("DOWNLOAD_CORE_FILES","https://update-api.centrora.com/download/getCoreFile"); 60 62 } 61 63 define('FIREWALL_VERSION_CHECK_THRESHOLD',1); //1 hour -
ose-firewall/trunk/assets/views/cfscan.php
r1730340 r1762549 39 39 </div> 40 40 </div> 41 <div class="col-sm-3"> 42 <div id="suspicious_btn" class="cfscan-line-1" 43 style="padding-left: 10px; cursor: pointer;"> 44 <div class="title-icon"><i class="fa fa-ban"></i></div> 45 <div class="title-content"> 46 Non-default system<br> Files: <span class="scan-file-number" 47 id="qua-file">0</span> 48 </div> 49 </div> 50 </div> 51 <div class="col-sm-3"> 52 <div id="missing_btn" class="cfscan-line-1" style="cursor: pointer;"> 53 <div class="title-icon"><i class="fa fa-times"></i></div> 54 <div class="title-content"> 55 Missing<br> Files: <span class="scan-file-number" 56 id="cle-file">0</span> 57 </div> 58 </div> 59 </div> 41 <?php if(oseFirewallBase::isSuite()) {?> 42 <div class="col-sm-3"> 43 <div id="suspicious_btn" class="cfscan-line-1" 44 style="padding-left: 10px; cursor: pointer;"> 45 <div class="title-icon"><i class="fa fa-ban"></i></div> 46 <div class="title-content"> 47 Non-default system<br> Files: <span class="scan-file-number" 48 id="qua-file">0</span> 49 </div> 50 </div> 51 </div> 52 <div class="col-sm-3"> 53 <div id="missing_btn" class="cfscan-line-1" style="cursor: pointer;"> 54 <div class="title-icon"><i class="fa fa-times"></i></div> 55 <div class="title-content"> 56 Missing<br> Files: <span class="scan-file-number" 57 id="cle-file">0</span> 58 </div> 59 </div> 60 </div> 61 <?php }else {?> 62 <div class="col-sm-2"> 63 <div id="suspicious_btn" class="cfscan-line-1" 64 style="padding-left: 10px; cursor: pointer;"> 65 <div class="title-icon"><i class="fa fa-ban"></i></div> 66 <div class="title-content"> 67 Non-default system<br> Files: <span class="scan-file-number" 68 id="qua-file">0</span> 69 </div> 70 </div> 71 </div> 72 <div class="col-sm-2"> 73 <div id="missing_btn" class="cfscan-line-1" style="cursor: pointer;"> 74 <div class="title-icon"><i class="fa fa-times"></i></div> 75 <div class="title-content"> 76 Missing<br> Files: <span class="scan-file-number" 77 id="cle-file">0</span> 78 </div> 79 </div> 80 </div> 81 <div class="col-sm-2"> 82 <div id="cf-div-update" class="vs-line-1"> 83 <div class="vs-line-1-title"> <i id="icon-refresh" class="fa fa-refresh"></i></div> 84 <div class="vs-line-1-content"> 85 <span id="cf-sig"></span></div> 86 </div> 87 <div id="cf-div-uptodate" class="vs-line-1"> 88 <div class="vs-line-1-title"> Core File are Up-to Date</div> 89 <div class="vs-line-1-content"> 90 <p id="cf-uptodate"></p></div> 91 </div> 92 </div> 93 <?php }?> 94 95 60 96 </div> 61 97 <div class="row row-set" style="padding-right: 20px;"> … … 194 230 <div class="form-group"> 195 231 <div id="board"></div> 232 <div id="coreFilesDownload"></div> 196 233 <div> 197 234 <button type="submit" class="btn btn-sm" id='save-button' disabled><i -
ose-firewall/trunk/assets/views/scanreport.php
r1730340 r1762549 119 119 <th><?php oLang::_('O_FILE_NAME'); ?></th> 120 120 <th><?php oLang::_('O_CHECKSTATUS'); ?></th> 121 <th><?php oLang::_(' O_CONFIDENCE'); ?></th>121 <th><?php oLang::_('SIZE'); ?></th> 122 122 <th><?php oLang::_('VIEW'); ?></th> 123 123 <th><input id='checkbox' type='checkbox'></th> … … 130 130 <th><?php oLang::_('O_FILE_NAME'); ?></th> 131 131 <th><?php oLang::_('O_CHECKSTATUS'); ?></th> 132 <th><?php oLang::_(' O_CONFIDENCE'); ?></th>132 <th><?php oLang::_('SIZE'); ?></th> 133 133 <th><?php oLang::_('VIEW'); ?></th> 134 134 <th></th> -
ose-firewall/trunk/assets/views/whitelistmgmt.php
r1730897 r1762549 129 129 <?php oLang::_('CENTRORA_SECURITY_AUTO_SCAN2');?> 130 130 </div> 131 131 <!-- code to allow the users to add default white list variables --> 132 <?php 133 if($this->model->checkDefaultWhiteListVariablesV7()) { 134 ?> 135 <div id= "addwhitelistvars" class="alert alert-danger"> 136 <div class="false-alert-variables"><?php oLang::_('O_DEFAULT_VARIABLES_WARNING'); ?> 137 <button class="btn btn-sm mr5 mb10" type="button" onClick="defaultWhiteListVariablesv7()" style="float: right;"><i class="text-success glyphicon glyphicon-ok-sign"></i> <?php oLang::_('O_DEFAULT_VARIABLE_BUTTON'); ?></button> 138 </div> 139 </div> 140 <?php 141 } 142 // end of code to add default white list variables 143 ?> 132 144 <div style="padding-bottom: 170px; padding-top: 25px;" class="col-sm-3 bg-transparent-white"> 133 145 <button data-target="#formModal" data-toggle="modal" class="upload-btns wl-btns"><i class="text-primary glyphicon glyphicon-plus-sign"></i> <?php oLang::_('ADD_A_VARIABLE'); ?></button> -
ose-firewall/trunk/classes/App/Controller/CfscanController.php
r1387925 r1762549 89 89 $this->model->returnJSON($results); 90 90 } 91 92 public function action_checkCoreFilesExists() 93 { 94 $this->model->loadRequest(); 95 $results = $this->model->checkCoreFilesExixts(); 96 $this->model->returnJSON($results); 97 } 98 public function action_downloadCoreFiles() 99 { 100 $this->model->loadRequest(); 101 $cms = $this->model->getVar('cms', null); 102 $version = $this->model->getVar('version', null); 103 $results = $this->model->downloadCoreFiles($cms, $version); 104 $this->model->returnJSON($results); 105 } 106 public function action_checkCoreFilesExistsSuite() 107 { 108 $this->model->loadRequest(); 109 $cms = $this->model->getVar('cms', null); 110 $version = $this->model->getVar('version', null); 111 $results = $this->model->checkCoreFilesExistsSuite($cms,$version); 112 $this->model->returnJSON($results); 113 } 91 114 } 92 115 -
ose-firewall/trunk/classes/App/Controller/WhitelistmgmtController.php
r1730897 r1762549 107 107 $this->model->returnJSON($result); 108 108 } 109 public function action_defaultWhiteListVariablesV7() 110 { 111 $this->model->loadRequest(); 112 $result = $this->model->defaultWhiteListVariablesV7(); 113 $this->model->returnJSON($result); 114 } 109 115 } -
ose-firewall/trunk/classes/App/Model/CfscanModel.php
r1730340 r1762549 130 130 return $return; 131 131 } 132 public function checkCoreFilesExixts() 133 { 134 oseFirewall::callLibClass('vsscanner', 'cfscanner'); 135 $scanner = new cfScanner (); 136 $return = $scanner->coreFileExists(); 137 return $return; 138 } 139 public function downloadCoreFiles($cms, $version) 140 { 141 oseFirewall::callLibClass('vsscanner', 'cfscanner'); 142 $scanner = new cfScanner (); 143 $return = $scanner->download_CoreFiles($cms,$version); 144 return $return; 145 } 146 public function checkCoreFilesExistsSuite($cms,$version) 147 { 148 oseFirewall::callLibClass('vsscanner', 'cfscanner'); 149 $scanner = new cfScanner (); 150 $return = $scanner->coreFileExistsSuite($cms,$version); 151 return $return; 152 } 132 153 } -
ose-firewall/trunk/classes/App/Model/WhitelistmgmtModel.php
r1730897 r1762549 103 103 return $result; 104 104 } 105 public function defaultWhiteListVariablesV7() 106 { 107 $result = $this->whitelistgmt->defaultWhiteListVariablesV7(); 108 return $result; 109 } 110 public function checkDefaultWhiteListVariablesV7() 111 { 112 $result = $this->whitelistgmt->checkDefaultWhiteListVariablesV7(); 113 return $result; 114 } 105 115 } -
ose-firewall/trunk/classes/Library/RemoteLogin/RemoteLogin.php
r1741247 r1762549 331 331 $ip = $this->getRealIP(); 332 332 // Centrora server IP List; 333 $iplist = array('49.255.209.82', '108.162.216.190', '158.69.56.254', '175.45.147.116', '149.56.117.155', '2607:5300:60:81ab::','10.42.153.241','139.99.131.27','10.42.117.76','10.42.160.218','10.42.180.129' );333 $iplist = array('49.255.209.82', '108.162.216.190', '158.69.56.254', '175.45.147.116', '149.56.117.155', '2607:5300:60:81ab::','10.42.153.241','139.99.131.27','10.42.117.76','10.42.160.218','10.42.180.129','167.114.1.205','192.99.100.56'); 334 334 $enabled_proxy = true; 335 335 if (isset($_SERVER['http_proxy']) && !empty($_SERVER['http_proxy']) && $enabled_proxy==true) { -
ose-firewall/trunk/classes/Library/downloader/oseDownloader.php
r1730340 r1762549 30 30 class oseDownloader 31 31 { 32 33 34 private $url = null; 35 32 private $type = null; 33 private $key = null; 34 private $url = null; 35 private $live_url = null; 36 36 37 37 public function __construct($type, $key = null, $version = null) 38 39 40 38 { 39 $this->type = $type; 40 $this->key = $key; 41 41 $this->version = $version; 42 $this->live_url = "https://www.centrora.com/?"; 43 $this->url = $this->live_url."download=1&downloadKey=".$this->key; 44 oseFirewall::loadFiles(); 45 } 46 47 private function setPHPSetting () { 48 if (function_exists('ini_set')) 49 { 50 ini_set("allow_url_fopen", 1); 51 } 52 if (function_exists('ini_get')) 53 { 54 if (ini_get('allow_url_fopen') == 0) 55 { 56 //oseAjax::aJaxReturn(false, 'ERROR', 'The PHP function \'allow_url_fopen\' is turned off, please turn it on to allow the task to continue.', FALSE); 57 } 58 } 59 } 60 61 62 public function downloadPatternsFiles($type,$url) 63 { 64 $this->setPHPSetting (); 65 if($type == "ath") 66 { 42 $this->live_url = "https://www.centrora.com/?"; 43 $this->url = $this->live_url . "download=1&downloadKey=" . $this->key; 44 oseFirewall::loadFiles(); 45 } 46 47 private function setPHPSetting() 48 { 49 if (function_exists('ini_set')) { 50 ini_set("allow_url_fopen", 1); 51 } 52 if (function_exists('ini_get')) { 53 if (ini_get('allow_url_fopen') == 0) { 54 //oseAjax::aJaxReturn(false, 'ERROR', 'The PHP function \'allow_url_fopen\' is turned off, please turn it on to allow the task to continue.', FALSE); 55 } 56 } 57 } 58 59 60 public function downloadPatternsFiles($type, $url) 61 { 62 $this->setPHPSetting(); 63 if ($type == "ath") { 67 64 $file = TEMP_FIREWALL_PATTERNS_FILE; 68 } else{65 } else { 69 66 $file = TEMP_VIRUS_SIGNATURE_FILE; 70 67 } 71 68 $url_fopen = ini_get('allow_url_fopen'); 72 if ($url_fopen == true) 73 { 69 if ($url_fopen == true) { 74 70 $target1 = $this->downloadThroughFopen($url, $file); 75 if($target1 == false || isset($target1['status']) && $target1['status'] == 0) 76 { 77 $target = $this->downloadThroughCURL ($url, $file); 78 }else{ 71 if ($target1 == false || isset($target1['status']) && $target1['status'] == 0) { 72 $target = $this->downloadThroughCURL($url, $file); 73 } else { 79 74 $target = $target1; 80 75 } 81 } 82 else 83 { 84 $target = $this->downloadThroughCURL ($url, $file); 85 } 86 if(file_exists($file)) 87 { 76 } else { 77 $target = $this->downloadThroughCURL($url, $file); 78 } 79 $contents = file_get_contents($file); 80 if (file_exists($file) && !empty($contents)) { 88 81 return oseFirewallBase::prepareSuccessMessage("The file has been downloaded"); 89 } else{82 } else { 90 83 //file does not exists 91 if($type == "avs") 92 { 93 $msg = "There was some problem in downloading the Virus Pattern file".CENTRORA_SUPOORT; 94 }else{ 95 $msg = "There was some problem in downloading the Firewall Signature File".CENTRORA_SUPOORT; 96 } 97 if(isset($target['status']) && $target['status'] ==0 && isset($target['info'])) 98 { 84 if ($type == "avs") { 85 $msg = "There was some problem in downloading the Virus Pattern file" . CENTRORA_SUPOORT; 86 } else { 87 $msg = "There was some problem in downloading the Firewall Signature File" . CENTRORA_SUPOORT; 88 } 89 if (isset($target['status']) && $target['status'] == 0 && isset($target['info'])) { 99 90 //incorrect format from the server 100 91 return $target; 101 } else {92 } else { 102 93 return oseFirewallBase::prepareErrorMessage($msg); 103 94 } … … 106 97 107 98 108 109 110 private function downloadThroughFopen ($url, $target = null) { 111 ini_set('user_agent','Centrora Security Plugin Request Agent;'); 112 $inputHandle = fopen($url, "r"); 113 if (!$inputHandle) 114 { 115 return false; 116 } 117 $meta_data = stream_get_meta_data($inputHandle); 118 if(!empty($meta_data) && isset($meta_data['wrapper_data']) && isset($meta_data['wrapper_data']['headers']) && empty($meta_data['wrapper_data']['headers'])) 99 private function downloadThroughFopen($url, $target = null) 100 { 101 ini_set('user_agent', 'Centrora Security Plugin Request Agent;'); 102 $inputHandle = fopen($url, "r"); 103 if (!$inputHandle) { 104 return false; 105 } 106 $meta_data = stream_get_meta_data($inputHandle); 107 if (!empty($meta_data) && isset($meta_data['wrapper_data']) && isset($meta_data['wrapper_data']['headers']) && empty($meta_data['wrapper_data']['headers'])) { 108 return false; 109 } 110 // Initialise contents buffer 111 $contents = null; 112 while (!feof($inputHandle)) { 113 $contents .= fread($inputHandle, 8192); 114 if ($contents === false) { 115 return false; 116 } 117 } 118 // Write buffer to file 119 if (!empty($contents) && $url == VIRUS_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_UPDATE_DOWNLOAD_URL) //TODO : MISSING CONDITION FOR $url == "" 119 120 { 120 return false; 121 } 122 // Initialise contents buffer 123 $contents = null; 124 while (!feof($inputHandle)) 125 { 126 $contents .= fread($inputHandle, 8192); 127 if ($contents === false) 128 { 129 return false; 130 } 131 } 132 // Write buffer to file 133 if(!empty($contents) && $url == VIRUS_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_UPDATE_DOWNLOAD_URL) //TODO : MISSING CONDITION FOR $url == "" 134 { 135 $result = $this->writePatternsFile($contents,$target); 121 $result = $this->writePatternsFile($contents, $target); 136 122 fclose($inputHandle); 137 123 return $result; 138 } else {124 } else { 139 125 $handle = is_int(file_put_contents($target, $contents)) ? true : false; 140 if ($handle) 141 { 126 if ($handle) { 142 127 // Close file pointer resource 143 128 fclose($inputHandle); … … 146 131 } 147 132 148 149 150 private function writePatternsFile($content, $target)133 } 134 135 private function writePatternsFile($content, $target) 151 136 { 152 137 //PREPARE CONTENTS … … 154 139 $base_decoded = base64_decode($content); 155 140 $decoded = json_decode($base_decoded); 156 if (property_exists($decoded,"version") && property_exists($decoded,"pattern")) {141 if (property_exists($decoded, "version") && property_exists($decoded, "pattern")) { 157 142 $content_formatted['version'] = $decoded->version; 158 143 $contents1 = ($decoded->pattern); … … 165 150 $result = file_put_contents($target, $filecontent); 166 151 return ($result == false) ? false : true; 167 }else{ 168 return oseFirewallBase::prepareErrorMessage("The downloaded file is not in correct format <br/> The downloaded file content is :<br/>".$content); 169 } 170 } 171 private function downloadThroughCURL ($url, $target = false) { 172 $curl = curl_init($url); 173 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 174 curl_setopt($curl, CURLOPT_USERAGENT, 'Centrora Security Downloader Agent'); 175 176 $contents = curl_exec($curl); 177 curl_close($curl); 178 if(!empty($contents) && $url == VIRUS_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_UPDATE_DOWNLOAD_URL) 152 } else { 153 return oseFirewallBase::prepareErrorMessage("The downloaded file is not in correct format <br/> The downloaded file content is :<br/>" . $content); 154 } 155 } 156 157 private function downloadThroughCURL($url, $target = false) 158 { 159 $curl = curl_init($url); 160 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 161 curl_setopt($curl, CURLOPT_USERAGENT, 'Centrora Security Downloader Agent'); 162 163 $contents = curl_exec($curl); 164 curl_close($curl); 165 if (!empty($contents) && $url == VIRUS_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_DOWNLOAD_URL || $url == FIREWALL_PATTERN_UPDATE_DOWNLOAD_URL) { 166 $return = $this->writePatternsFile($contents, $target);; 167 } else { 168 $return = (file_put_contents($target, $contents) != false) ? $target : false; 169 } 170 return $return; 171 } 172 173 public function updateVersion($type, $version) 174 { 175 $db = oseFirewall::getDBO(); 176 $query = "SELECT * FROM `#__osefirewall_versions` WHERE `type` = " . $db->QuoteValue(substr($type, 0, 4)); 177 $db->setQuery($query); 178 $result = $db->loadObject(); 179 if (empty($result)) { 180 $varValues = array( 181 'version_id' => 'NULL', 182 'number' => $version, 183 'type' => $type 184 ); 185 $id = $db->addData('insert', '#__osefirewall_versions', null, null, $varValues); 186 } else { 187 $varValues = array( 188 'number' => $version, 189 'type' => $type 190 ); 191 $id = $db->addData('update', '#__osefirewall_versions', 'version_id', $result->version_id, $varValues); 192 } 193 $db->closeDBO(); 194 return $id; 195 } 196 197 private function mergeString($scanURL, $content) 198 { 199 $url = ""; 200 foreach ($content as $key => $value) { 201 $tmp[] = @$key . '=' . urlencode(@$value); 202 } 203 $workstring = implode("&", $tmp); 204 $url .= $scanURL . "&" . $workstring; 205 return $url; 206 } 207 208 public function sendRequest($content) 209 { 210 $url = $this->mergeString($this->live_url, $content); 211 // Get cURL resource 212 $curl = curl_init(); 213 // Set some options - we are passing in a useragent too here 214 curl_setopt_array($curl, array( 215 CURLOPT_RETURNTRANSFER => 1, 216 CURLOPT_URL => $url, 217 CURLOPT_USERAGENT => 'Centrora Security Plugin Request Agent' 218 )); 219 // Send the request & save response to $resp 220 $resp = curl_exec($curl); 221 // Close request to clear up some resources 222 curl_close($curl); 223 return $resp; 224 } 225 226 public function getAPIkey() 227 { 228 $db = oseFirewall::getDBO(); 229 $query = "SELECT `value` FROM `#__ose_secConfig` WHERE `key` = 'privateAPIKey'"; 230 $db->setQuery($query); 231 $result = $db->loadResult(); 232 $db->closeDBO(); 233 return $result['value']; 234 } 235 236 public function getRemoteAPIKey() 237 { 238 $content = $this->getRemoteConnectionContent('checkSubstatus'); 239 $response = $this->sendRequest($content); 240 return $response; 241 } 242 243 private function getRemoteConnectionContent($task) 244 { 245 oseFirewall::loadUsers(); 246 $users = new oseUsers('firewall'); 247 $content = array(); 248 $content['url'] = oseFirewall::getSiteURL(); 249 $content['remoteChecking'] = true; 250 $content['task'] = $task; 251 $content['admin_email'] = $users->getUserEmail(); 252 $content['option'] = $_POST['option']; 253 if (class_exists('SConfig')) { 254 $content['cms'] = 'st'; 255 } else if (class_exists('JConfig')) { 256 $content['cms'] = 'jl'; 257 } else if (defined('WPLANG')) { 258 $content['cms'] = 'wp'; 259 } 260 return $content; 261 } 262 263 public function getEmailConfig() 264 { 265 $db = oseFirewall::getDBO(); 266 $query = "SELECT `value` FROM `#__ose_secConfig` WHERE `key` = 'receiveEmail'"; 267 $db->setQuery($query); 268 $result = $db->loadResult(); 269 $db->closeDBO(); 270 if ($result['value'] == 0 && $result['value'] != NULL) { 271 return 0; 272 } else { 273 return 1; 274 } 275 } 276 277 public function checkScheduleScanning() 278 { 279 $content = $this->getRemoteConnectionContent('scheduleScanning'); 280 $response = $this->sendRequest($content); 281 return $response; 282 } 283 284 protected function generateRandomString($length = 10) 285 { 286 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 287 $randomString = ''; 288 for ($i = 0; $i < $length; $i++) { 289 $randomString .= $characters[rand(0, strlen($characters) - 1)]; 290 } 291 return $randomString; 292 } 293 294 private function downloadContentsThroughFOpen($url) 295 { 296 ini_set("display_errors", "on"); 297 ini_set('user_agent', 'Centrora Security Plugin Request Agent;'); 298 $inputHandle = fopen($url, "r"); 299 if (!$inputHandle) { 300 return false; 301 } 302 $meta_data = stream_get_meta_data($inputHandle); 303 // echo "downloaded meta data is : "; 304 // print_r($meta_data);exit; 305 if (!empty($meta_data) && isset($meta_data['wrapper_data']) && isset($meta_data['wrapper_data']['headers']) && empty($meta_data['wrapper_data']['headers'])) { 306 return false; 307 } 308 // Initialise contents buffer 309 $contents = null; 310 while (!feof($inputHandle)) { 311 $contents .= fread($inputHandle, 8192); 312 if ($contents === false) { 313 return false; 314 } 315 } 316 return $contents; 317 } 318 319 private function downloadContentsThroughCurl($url) 320 { 321 $curl = curl_init($url); 322 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 323 curl_setopt($curl, CURLOPT_USERAGENT, 'Centrora Security Downloader Agent'); 324 curl_setopt($curl, CURLOPT_TIMEOUT, 300); 325 curl_setopt($curl, CURLOPT_BUFFERSIZE, 10485764); 326 $contents = curl_exec($curl); 327 curl_close($curl); 328 return $contents; 329 } 330 331 332 public function downloadCoreFiles($url,$cms,$version) 333 { 334 $destination = false; 335 $target = $this->downloadContentsThroughCurl($url); 336 if(empty($target)) 179 337 { 180 $return = $this->writePatternsFile($contents,$target);; 181 }else { 182 $return = (file_put_contents($target, $contents)!= false)? $target : false; 183 } 184 return $return; 185 } 186 public function updateVersion ($type, $version) { 187 $db = oseFirewall::getDBO (); 188 $query = "SELECT * FROM `#__osefirewall_versions` WHERE `type` = ". $db->QuoteValue(substr($type, 0, 4)); 189 $db->setQuery($query); 190 $result = $db->loadObject(); 191 if (empty($result)) 192 { 193 $varValues = array ( 194 'version_id' => 'NULL', 195 'number' => $version, 196 'type' => $type 197 ); 198 $id = $db->addData('insert', '#__osefirewall_versions', null, null, $varValues); 199 } 200 else 201 { 202 $varValues = array ( 203 'number' => $version, 204 'type' => $type 205 ); 206 $id = $db->addData('update', '#__osefirewall_versions', 'version_id', $result->version_id, $varValues); 207 } 208 $db->closeDBO (); 209 return $id; 210 } 211 212 private function mergeString($scanURL, $content) 213 { 214 $url = ""; 215 foreach ($content as $key => $value) 216 { 217 $tmp[] = @$key.'='.urlencode(@$value); 218 } 219 $workstring = implode("&", $tmp); 220 $url .= $scanURL."&".$workstring; 221 return $url; 222 } 223 public function sendRequest($content) 224 { 225 $url = $this->mergeString ($this->live_url, $content); 226 // Get cURL resource 227 $curl = curl_init(); 228 // Set some options - we are passing in a useragent too here 229 curl_setopt_array($curl, array( 230 CURLOPT_RETURNTRANSFER => 1, 231 CURLOPT_URL => $url, 232 CURLOPT_USERAGENT => 'Centrora Security Plugin Request Agent' 233 )); 234 // Send the request & save response to $resp 235 $resp = curl_exec($curl); 236 // Close request to clear up some resources 237 curl_close($curl); 238 return $resp; 239 } 240 public function getAPIkey () { 241 $db = oseFirewall::getDBO (); 242 $query = "SELECT `value` FROM `#__ose_secConfig` WHERE `key` = 'privateAPIKey'"; 243 $db->setQuery($query); 244 $result = $db->loadResult(); 245 $db->closeDBO (); 246 return $result['value']; 247 } 248 249 public function getRemoteAPIKey () { 250 $content = $this->getRemoteConnectionContent('checkSubstatus'); 251 $response = $this->sendRequest($content); 252 return $response; 253 } 254 private function getRemoteConnectionContent ($task) { 255 oseFirewall::loadUsers (); 256 $users = new oseUsers('firewall'); 257 $content = array (); 258 $content['url'] = oseFirewall::getSiteURL(); 259 $content['remoteChecking'] = true; 260 $content['task'] = $task; 261 $content['admin_email'] = $users->getUserEmail(); 262 $content['option'] = $_POST['option']; 263 if (class_exists('SConfig')) 264 { 265 $content['cms'] = 'st'; 266 } 267 else if (class_exists('JConfig')) 268 { 269 $content['cms'] = 'jl'; 270 } 271 else if (defined('WPLANG')) 272 { 273 $content['cms'] = 'wp'; 274 } 275 return $content; 276 } 277 public function getEmailConfig () { 278 $db = oseFirewall::getDBO (); 279 $query = "SELECT `value` FROM `#__ose_secConfig` WHERE `key` = 'receiveEmail'"; 280 $db->setQuery($query); 281 $result = $db->loadResult(); 282 $db->closeDBO (); 283 if ($result['value'] == 0 && $result['value']!=NULL) 284 { 285 return 0; 286 } 287 else 288 { 289 return 1; 290 } 291 } 292 public function checkScheduleScanning () { 293 $content = $this->getRemoteConnectionContent('scheduleScanning'); 294 $response = $this->sendRequest($content); 295 return $response; 296 } 297 protected function generateRandomString($length = 10) 298 { 299 $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 300 $randomString = ''; 301 for ($i = 0; $i < $length; $i++) 302 { 303 $randomString .= $characters[rand(0, strlen($characters) - 1)]; 304 } 305 return $randomString; 306 } 338 return oseFirewallBase::prepareErrorMessage("There was some problem in downloading the core files ".CONTACT_SUPPORT); 339 } 340 if($cms == "wordpress") 341 { 342 $destination = OSE_FWDATA."/wpHashList/$version.zip"; 343 }else if($cms == "joomla") 344 { 345 $destination = OSE_FWDATA."/jHashList/$version.zip"; 346 } 347 $file = fopen($destination, "w+"); 348 fputs($file, $target); 349 fclose($file); 350 if (file_exists($destination)) { 351 return oseFirewallBase::prepareSuccessMessage($destination); 352 } else { 353 return oseFirewallBase::prepareErrorMessage("Core file cannot be download " . CONTACT_SUPPORT); 354 } 307 355 } 356 } -
ose-firewall/trunk/classes/Library/fwscannerv7/emailNotificationMgmt.php
r1730897 r1762549 452 452 public function getTimeStats($monthstats) 453 453 { 454 $count = count($monthstats['monthstats_values']);454 $count = array_sum($monthstats['monthstats_values']); 455 455 return $count; 456 456 } -
ose-firewall/trunk/classes/Library/fwscannerv7/fwscannerv7.php
r1741247 r1762549 925 925 //has nested structure 926 926 $converted_keys = $this->getConvertedKeys($key,$type); 927 if(count($converted_keys) == 1) 928 { 929 $result[$converted_keys[0]] = $value; 930 }elseif(count($converted_keys) == 2) { 931 $result[$converted_keys[0]][$converted_keys[1]] = $value; 932 }elseif(count($converted_keys) == 3) { 933 $result[$converted_keys[0]][$converted_keys[1]][$converted_keys[2]] = $value; 934 }else { 935 return $this->prepareErrorMessage("the array has mnkre thhan 3 layers"); 936 } 937 927 $converted_array = $this->addArrayLevels($converted_keys,$value); 928 return $converted_array; 938 929 } 939 930 else { … … 943 934 } 944 935 return $result; 936 } 937 938 //recursive function to dynamically add dimensions to the array based on the count of keys 939 public function addArrayLevels($keys,$value) 940 { 941 $return = []; 942 $key = array_shift($keys); 943 if ($keys) { 944 $return[$key] = $this->addArrayLevels($keys, $value); 945 } else { 946 $return[$key] = $value; 947 } 948 return $return; 945 949 } 946 950 -
ose-firewall/trunk/classes/Library/fwscannerv7/whitelistmgmt.php
r1730897 r1762549 611 611 612 612 } 613 614 public function checkDefaultWhiteListVariablesV7() 615 { 616 $defaultwhitelist_variable = array("POST.json", "POST.jform"); //needs to be in lower case because getwhitelist is in lowercase 617 oseFirewall::callLibClass('fwscannerv7','whitelistmgmt'); 618 $whitelistvars = $this->getWhiteListEntitiesfromDB(); 619 if(isset($whitelistvars['status']) && $whitelistvars['status']=="ERROR") 620 { 621 return true; 622 }else{ 623 if(empty($whitelistvars)) 624 { 625 return true; 626 } 627 foreach($whitelistvars as $whitelistvar) 628 { 629 $formattedVar = $whitelistvar['request_type'].".".$whitelistvar['entity']; 630 if(in_array($formattedVar,$defaultwhitelist_variable)) 631 { 632 $defaultwhitelist_variable = array_diff($defaultwhitelist_variable,array($formattedVar)); 633 } 634 } 635 if(empty($defaultwhitelist_variable)) 636 { 637 return false; 638 }else{ 639 return true; 640 } 641 } 642 643 } 644 645 646 public function defaultWhiteListVariablesV7() 647 { 648 $defaultwhitelist_variable = array("POST.json", "POST.jform"); 649 $whitelistvars = $this->getWhiteListEntitiesfromDB(); 650 if(isset($whitelistvars['status']) && $whitelistvars['status']=="ERROR") 651 { 652 foreach($defaultwhitelist_variable as $var) 653 { 654 $temp1= $this->addWhiteListEntity($var); 655 if($temp1['status']==0) 656 { 657 return $temp1; 658 } 659 } 660 return oseFirewallBase::prepareSuccessMessage("Default white list variables has been successfully added"); 661 }else{ 662 if(empty($whitelistvars)) 663 { 664 foreach($defaultwhitelist_variable as $var) 665 { 666 $temp1= $this->addWhiteListEntity($var); 667 if($temp1['status']==0) 668 { 669 return $temp1; 670 } 671 } 672 return oseFirewallBase::prepareSuccessMessage("Default white list variables has been successfully added"); 673 } 674 foreach($whitelistvars as $whitelistvar) 675 { 676 $formattedVar = $whitelistvar['request_type'].".".$whitelistvar['entity']; 677 if(in_array($formattedVar,$defaultwhitelist_variable)) 678 { 679 $defaultwhitelist_variable= array_diff($defaultwhitelist_variable,array($formattedVar)); 680 } 681 } 682 if(empty($defaultwhitelist_variable)) 683 { 684 return oseFirewallBase::prepareSuccessMessage("White list variables are Upto date"); 685 }else{ 686 foreach($defaultwhitelist_variable as $var) 687 { 688 $temp1= $this->addWhiteListEntity($var); 689 if($temp1['status']==0) 690 { 691 return $temp1; 692 } 693 } 694 return oseFirewallBase::prepareSuccessMessage("Default white list variables has been successfully added"); 695 } 696 } 697 698 } 613 699 } -
ose-firewall/trunk/classes/Library/oem/218.php
r1581581 r1762549 103 103 return '<li><a href="http://www.webandwire.de" title="Home">Quick links: <i class="glyphicon glyphicon-home"></i> <span class="hidden-xs hidden-sm hidden-md">'.OSE_WORDPRESS_FIREWALL_SHORT.'</span> </a></li>'; 104 104 } 105 106 105 public function getCalltoAction() 107 106 { 107 if(OSE_CMS == "joomla") 108 { 109 $ose_fwpubliccurl = OSE_FWPUBLICURL.ODS; 110 }else { 111 $ose_fwpubliccurl = OSE_FWPUBLICURL; 112 } 108 113 return '<div class="row row-set" style="margin-top:14px;"> 109 114 <div class="col-sm-12" style="padding-left: 0px; padding-right: 20px;"> 110 115 <a href="https://webandwire.de/" target="_blank"><div class="call-to-action"> 111 116 <div class="call-to-action-txt"> 112 <img width="35" height="35" alt="C_puma" src="'. OSE_FWPUBLICURL.'css/oem/'.$this->customer_id.'/imgs/logo-header.png"> 117 <img width="35" height="35" alt="C_puma" src="'.$ose_fwpubliccurl.'css/oem/'.$this->customer_id.'/imgs/favicon.ico"> 113 118 Schedule your scanning and update with WEBandWIRE PagePROTECT <sup>Now</sup></div> 114 119 </div></a> … … 122 127 } 123 128 129 130 124 131 public function getCallToActionAndFooter() 125 132 { 126 return '<div class="row row-set" style="margin-top:14px;"> 127 <div class="col-sm-12" style="padding-left: 0px; padding-right: 20px;"> 133 if(OSE_CMS == "joomla") 134 { 135 $ose_fwpubliccurl = OSE_FWPUBLICURL.ODS; 136 }else { 137 $ose_fwpubliccurl = OSE_FWPUBLICURL; 138 } 139 return '<div class="row row-set footer-box" style="margin-top:14px;"> 140 <div class="col-sm-12 footer-innerbox" style="padding-left: 0px; padding-right: 20px;"> 128 141 <a href="https://webandwire.de/" target="_blank"><div class="call-to-action"> 129 142 <div class="call-to-action-txt"> 130 <img width="35" height="35" alt="C_puma" src="'. OSE_FWPUBLICURL.'css/oem/'.$this->customer_id.'/imgs/logo-header.png"> 143 <img width="35" height="35" alt="C_puma" src="'.$ose_fwpubliccurl.'css/oem/'.$this->customer_id.'/imgs/favicon.ico"> 131 144 Schedule your scanning and update with WEBandWIRE PagePROTECT <sup>Now</sup></div> 132 145 </div></a> … … 141 154 <div id="footer" class="col-sm-12"> 142 155 <p class="pull-center"> 143 WEBandWIRE PagePROTECT is a portfolio of WEBandWIRE Internet- und EDV-Dienstleistungen. © <?php echo date("Y"); ?> <a156 WEBandWIRE PagePROTECT is a portfolio of WEBandWIRE Internet- und EDV-Dienstleistungen. © <?php echo date("Y"); ?> <a 144 157 href="https://webandwire.de/" target="_blank">WEBandWIRE PagePROTECT</a>. All Rights Reserved. <br /> Credits 145 158 to: <a href="http://www.centrora.com" target="_blank">Centrora Security!®</a> -
ose-firewall/trunk/classes/Library/oseFirewallAjax.php
r1741247 r1762549 99 99 public static function loadActionCfscan() 100 100 { 101 $actions = array('cfscan', 'addToAi', 'catchVirusMD5', 'check' );101 $actions = array('cfscan', 'addToAi', 'catchVirusMD5', 'check','checkCoreFilesExists','downloadCoreFiles','checkCoreFilesExistsSuite'); 102 102 parent::loadActions($actions); 103 103 } … … 226 226 public static function loadActionWhitelistmgmt() 227 227 { 228 $actions = array('getEntityList','scan','filter','whitelist','clearAll','deleteItem','addEntity','loadDefaultVariables','importVariables','getSEOConfiguration' );228 $actions = array('getEntityList','scan','filter','whitelist','clearAll','deleteItem','addEntity','loadDefaultVariables','importVariables','getSEOConfiguration','defaultWhiteListVariablesV7'); 229 229 parent::loadActions($actions); 230 230 } -
ose-firewall/trunk/classes/Library/oseFirewallJoomla.php
r1741247 r1762549 441 441 } 442 442 $head .='<div class="served-websites">We are now serving <span id="numofWebsite"></span> websites.</div>'; 443 $head .='<div class="ad-banner2"> 444 <div class="ad-banner-container2"> 445 <div class="ad-banner-rectangle2"> 446 <div class="ad-banner-notification-text2"> 447 <i class="fa fa-bell" aria-hidden="true"></i> 448 <span>Centrora Security Hosting secured with Centrora Security Solutions<br> 449 Excellent Performance, Affordable Cost, High Security, and Reliable Stability. <br> 450 1 - VPS - VPS Basic starting from only $28.6 / month. <br> 451 2 - Dedicated Servers - Best performance guaranteed. 452 </span> 453 </div> 454 </div> 455 </div> 456 </div>'; 443 457 $head .= oseFirewall::getmenus(); 444 458 -
ose-firewall/trunk/classes/Library/oseFirewallWordpress.php
r1741247 r1762549 531 531 } 532 532 $head .='<div class="served-websites">We are now serving <span id="numofWebsite"></span> websites.</div>'; 533 $head .='<div class="ad-banner2"> 534 <div class="ad-banner-container2"> 535 <div class="ad-banner-rectangle2"> 536 <div class="ad-banner-notification-text2"> 537 <i class="fa fa-bell" aria-hidden="true"></i> 538 <span>Centrora Security Hosting secured with Centrora Security Solutions<br> 539 Excellent Performance, Affordable Cost, High Security, and Reliable Stability. <br> 540 1 - VPS - VPS Basic starting from only $28.6 / month. <br> 541 2 - Dedicated Servers - Best performance guaranteed. 542 </span> 543 </div> 544 </div> 545 </div> 546 </div>'; 547 533 548 $head .= oseFirewall::getmenus(); 534 549 $head .= '</div>'; -
ose-firewall/trunk/classes/Library/vsscanner/cfscanner.php
r1741247 r1762549 834 834 return $results; 835 835 } 836 837 838 839 public function coreFileExists() 840 { 841 if(oseFirewallBase::isSuite()) 842 { 843 return oseFirewallBase::prepareCustomMessage(2,"Suite version"); 844 } 845 if(OSE_CMS == "wordpress") 846 { 847 global $wp_version; 848 $hashes = OSE_FWDATA . ODS . 'wpHashList' . ODS . 'hashes-' . $wp_version . '.php'; 849 if(file_exists($hashes)) 850 { 851 $result['status'] = 1 ; 852 $result['info'] = "Wordpress Core file exists"; 853 return $result; 854 }else { 855 $result['status'] = 0 ; 856 $result['info'] = "The file containing hashes of all WordPress core files currently not available <br/> Missing $hashes file <br/> " . CONTACT_SUPPORT; 857 $result['version'] = $wp_version; 858 $result['cms'] = OSE_CMS; 859 return $result; 860 } 861 }elseif(OSE_CMS == "joomla"){ 862 $version = $this->getCurrentJoomlaVersion(); 863 $jcorefile = OSE_FWDATA . ODS . 'jHashList' . ODS . 'jcore' . $version . '.php'; 864 $hashes = OSE_FWDATA . ODS . 'jHashList' . ODS . $version . '.csv'; 865 if(file_exists($jcorefile) && file_exists($jcorefile)) 866 { 867 $result['status'] = 1 ; 868 $result['info'] = "Joomla Core file exists"; 869 return $result; 870 }else{ 871 $result['status'] = 0 ; 872 $result['info'] = "The file containing hashes of all Joomla core files currently not available <br/> Missing $jcorefile and $hashes file <br/> " . CONTACT_SUPPORT; 873 $result['version'] = $version; 874 $result['cms'] = OSE_CMS; 875 return $result; 876 } 877 } 878 879 } 880 881 public function download_CoreFiles($cms,$version) 882 { 883 $cms = oseFirewallBase::cleanupVar($cms); 884 $version = oseFirewallBase::cleanupVar($version); 885 $targetFolder = false; 886 if(!empty($cms) && !empty($version)) 887 { 888 if($cms == "wordpress") 889 { 890 $targetFolder = OSE_FWDATA."/wpHashList"; 891 }else if($cms == "joomla") 892 { 893 $targetFolder = OSE_FWDATA."/jHashList"; 894 } 895 if(!empty($targetFolder) && !file_exists($targetFolder)) 896 { 897 mkdir($targetFolder); 898 } 899 $url = DOWNLOAD_CORE_FILES."&cms=$cms&version=$version"; 900 oseFirewall::callLibClass('downloader', 'oseDownloader'); 901 $downloader = new oseDownloader('core'); 902 $downloadedContent = $downloader->downloadCoreFiles($url,$cms,$version); 903 if(!empty($downloadedContent) && isset($downloadedContent['status']) && $downloadedContent['status']==0) 904 { 905 return $downloadedContent; 906 }else{ 907 $unzip_result = $this->unzipCoreFiles($downloadedContent['info'],$cms,$version,$targetFolder); 908 return $unzip_result; 909 } 910 911 }else{ 912 return oseFirewallBase::prepareErrorMessage("Cms or version no is empty"); 913 } 914 915 } 916 917 public function unzipCoreFiles($filepath,$cms,$version,$targetFolder) 918 { 919 if(file_exists($filepath)) 920 { 921 $zip = new ZipArchive; 922 $res = $zip->open($filepath); 923 if ($res === true) { 924 $zip->extractTo($targetFolder); 925 $zip->close(); 926 unlink($filepath); 927 if($cms=="joomla" && file_exists($targetFolder."/jcore$version.php") && file_exists($targetFolder."/$version.csv")) 928 { 929 return oseFirewallBase::prepareSuccessMessage("Joomla - $version core files has been unzipped"); 930 }else if($cms == "wordpress" && file_exists($targetFolder."/hashes-$version.php")) 931 { 932 return oseFirewallBase::prepareSuccessMessage("Wordpress - $version core files has been unzipped"); 933 }else{ 934 return oseFirewallBase::prepareErrorMessage("$cms - $version files cannot be unzipped"); 935 } 936 } else { 937 return oseFirewallBase::prepareErrorMessage("There was some problem in handling the zip files ".CONTACT_SUPPORT); 938 } 939 }else{ 940 return oseFirewallBase::prepareErrorMessage("$cms - $version zip folder does not exists "); 941 } 942 } 943 944 945 946 public function coreFileExistsSuite($cms,$version) 947 { 948 if($cms == "wordpress") 949 { 950 $hashes = OSE_FWDATA . ODS . 'wpHashList' . ODS . 'hashes-' . $version . '.php'; 951 if(file_exists($hashes)) 952 { 953 $result['status'] = 1 ; 954 $result['info'] = "Wordpress Core file exists"; 955 return $result; 956 }else { 957 $result['status'] = 0 ; 958 $result['info'] = "The file containing hashes of all WordPress core files currently not available <br/> Missing $hashes file <br/> " . CONTACT_SUPPORT; 959 $result['version'] = $version; 960 $result['cms'] = $cms; 961 return $result; 962 } 963 }elseif($cms == "joomla"){ 964 $jcorefile = OSE_FWDATA . ODS . 'jHashList' . ODS . 'jcore' . $version . '.php'; 965 $hashes = OSE_FWDATA . ODS . 'jHashList' . ODS . $version . '.csv'; 966 if(file_exists($jcorefile) && file_exists($jcorefile)) 967 { 968 $result['status'] = 1 ; 969 $result['info'] = "Joomla Core file exists"; 970 return $result; 971 }else{ 972 $result['status'] = 0 ; 973 $result['info'] = "The file containing hashes of all Joomla core files currently not available <br/> Missing $jcorefile and $hashes file <br/> " . CONTACT_SUPPORT; 974 $result['version'] = $version; 975 $result['cms'] = $cms; 976 return $result; 977 } 978 } 979 980 } 981 982 836 983 } 837 984 -
ose-firewall/trunk/classes/Library/vsscanner/vsscanner.php
r1730340 r1762549 491 491 $needle = "com_ose_firewall/protected/data"; 492 492 $needle2 = "modules/mod_pwebcontact/helpers/sobipro.php"; 493 if(strpos($path,$needle) == false && strpos($path,$needle) == false) { 493 $needle3= "media/widgetkit"; 494 if(strpos($path,$needle) == false && strpos($path,$needle2) == false && strpos($path,$needle3) == false) { 494 495 if (is_file($path) && $this->getFileInformation($path) && !strstr($path, '.git/') && !strstr($path, OSE_FWDATA . ODS . 'vsscanPath') && substr($path, -9) != '.svn-base') { 495 496 $extension = substr($path, -4); … … 514 515 $needle = "com_ose_firewall/protected/data"; 515 516 $needle2 = "modules/mod_pwebcontact/helpers/sobipro.php"; 516 if(strpos($path,$needle) == false && strpos($path,$needle) == false) { 517 $needle3= "media/widgetkit"; 518 if(strpos($path,$needle) == false && strpos($path,$needle2) == false && strpos($path,$needle3) == false) { 517 519 if (is_file($path) && $this->getFileInformation($path) && !strstr($path, '.git/') && !strstr($path, OSE_FWDATA . ODS . 'vsscanPath') && substr($path, -9) != '.svn-base') { 518 520 $extension = substr($path, -4); -
ose-firewall/trunk/classes/Library/vsscanstat/vsscanstat.php
r1730340 r1762549 181 181 $where = $this->db->implodeWhere($this->where); 182 182 // Get Records Query; 183 $return['data'] = $this->getAllRecords ($where); 183 $temp = $this->getAllRecords ($where); 184 $return['data'] = $this->getFormattedScanResults($temp); 184 185 $counts = $this->getAllCounts($where); 185 186 $return['recordsTotal'] = $counts['recordsTotal']; … … 187 188 return $return; 188 189 } 190 191 public function getFormattedScanResults($records) 192 { 193 $final_Result = array(); 194 if(empty($records)) 195 { 196 return false; 197 }else{ 198 foreach($records as $key=>$val) 199 { 200 $final_Result[$key] = $val; 201 $final_Result[$key]->size = $this->getyFileSize($val->filename); 202 } 203 return $final_Result; 204 } 205 } 206 public function getyFileSize($file) 207 { 208 if(file_exists($file)) 209 { 210 return $this->filesize_formatted($file); 211 }else{ 212 return "0.00 KB"; 213 } 214 } 215 216 public function filesize_formatted($path) 217 { 218 $size = filesize($path); 219 $units = array( 'B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'); 220 $power = $size > 0 ? floor(log($size, 1024)) : 0; 221 return number_format($size / pow(1024, $power), 2, '.', ',') . ' ' . $units[$power]; 222 } 223 224 189 225 public function getMalwareTotal () { 190 226 oseFirewall::callLibClass('convertviews','convertviews'); -
ose-firewall/trunk/ose_firewall_badge.php
r1741387 r1762549 4 4 Description: Plugin For Showing Centrora Security Badge 5 5 Author: Centrora Security 6 Version: 7.0. 36 Version: 7.0.4 7 7 */ 8 8 include(dirname(__FILE__).'/includes/oseBadgeWidget.php'); -
ose-firewall/trunk/ose_wordpress_firewall.php
r1741387 r1762549 5 5 Description: Centrora Security (previously OSE Firewall) - A WordPress Security Firewall plugin created by Centrora. Protect your WordPress site by identify any malicious codes, spam, virus, SQL injection, and security vulnerabilities. 6 6 Author: Centrora (Previously ProWeb) 7 Version: 7.0. 37 Version: 7.0.4 8 8 Author URI: http://www.centrora.com/ 9 9 */ -
ose-firewall/trunk/public/css/main.css
r1730340 r1762549 4106 4106 float: left; 4107 4107 font-size: 12px; 4108 margin-left: 20px;4108 margin-left: 0px; 4109 4109 margin-top: 66px; 4110 4110 opacity: 0.9; … … 4337 4337 color: white; 4338 4338 position: absolute; 4339 right: 0; 4340 padding-right: 33px; 4339 left: 0; 4340 margin-left: 415px; 4341 margin-top: 35px; 4341 4342 } 4342 4343 … … 6578 6579 margin-left: 0; 6579 6580 } 6581 6582 #filecontentModal .modal-body{ 6583 overflow-x: auto; 6584 display: flex; 6585 } 6586 6587 #coreFilesDownload { 6588 text-align: left; 6589 } 6590 6591 .ad-banner-container2 { 6592 display: flex; 6593 height: 100%; 6594 float: right; 6595 padding-right: 50px; 6596 cursor: pointer; 6597 opacity: 0.8; 6598 } 6599 6600 .ad-banner-rectangle2 { 6601 display: flex; 6602 align-items: center; 6603 justify-content: flex-start; 6604 positon: relative; 6605 width: 50px; 6606 height: 120px; 6607 background: url(https://cdn3.centrora.com/templates/purity_iii/images/header/bg_header.png) repeat center center; 6608 background-size: cover; 6609 transform: scale(0); 6610 border-radius: 50%; 6611 color: white; 6612 opacity: 0; 6613 overflow: hidden; 6614 -webkit-animation: scale-in .3s ease-out forwards, expand .35s .25s ease-out forwards; 6615 animation: scale-in .3s ease-out forwards, expand .35s .25s ease-out forwards; 6616 } 6617 6618 .ad-banner-notification-text2 { 6619 display: flex; 6620 align-items: center; 6621 padding: 0 16px; 6622 font-family: 'Roboto', sans-serif; 6623 font-size: 14px; 6624 -webkit-animation: fade-in .65s ease-in forwards; 6625 animation: fade-in .65s ease-in forwards; 6626 font-weight: 600; 6627 } 6628 6629 .ad-banner2 span{ 6630 margin-left: 20px; 6631 } 6632 6633 @-webkit-keyframes scale-in { 6634 100% { 6635 -webkit-transform: scale(1); 6636 transform: scale(1); 6637 opacity: 1; 6638 } 6639 } 6640 6641 @keyframes scale-in { 6642 100% { 6643 -webkit-transform: scale(1); 6644 transform: scale(1); 6645 opacity: 1; 6646 } 6647 } 6648 @-webkit-keyframes expand { 6649 50% { 6650 width: 550px; 6651 border-radius: 6px; 6652 } 6653 100% { 6654 width: 500px; 6655 border-radius: 4px; 6656 box-shadow: 0px 1px 3px 0px rgba(0, 0, 0, 0.2), 0px 1px 1px 0px rgba(0, 0, 0, 0.14), 0px 3px 3px -1px rgba(0, 0, 0, 0.12); 6657 } 6658 } 6659 @keyframes expand { 6660 50% { 6661 width: 550px; 6662 border-radius: 6px; 6663 } 6664 100% { 6665 width: 550px; 6666 border-radius: 4px; 6667 box-shadow: 0px 1px 3px 0px rgba(0, 0, 0, 0.2), 0px 1px 1px 0px rgba(0, 0, 0, 0.14), 0px 3px 3px -1px rgba(0, 0, 0, 0.12); 6668 } 6669 } 6670 @-webkit-keyframes fade-in { 6671 0% { 6672 opacity: 0; 6673 } 6674 100% { 6675 opacity: .8; 6676 } 6677 } 6678 @keyframes fade-in { 6679 0% { 6680 opacity: 0; 6681 } 6682 100% { 6683 opacity: .8; 6684 } 6685 } -
ose-firewall/trunk/public/css/oem/218/custom.css
r1387925 r1762549 60 60 /** navbar top **/ 61 61 .navbar-top { 62 background: #8a8a8c none repeat scroll 0 0;62 /*background: #8a8a8c none repeat scroll 0 0;*/ 63 63 margin-bottom: 20px; 64 64 } … … 417 417 margin-left: -5px !important; 418 418 margin-top: 25px !important; 419 color: #333333 !important;419 /*color: #333333 !important;*/ 420 420 } 421 421 -
ose-firewall/trunk/public/css/v4.css
r1387925 r1762549 594 594 595 595 .panel-controls-buttons { 596 height: 50px; 596 597 text-align: right; 597 598 margin-top: 20px; -
ose-firewall/trunk/public/js/app.js
r1730340 r1762549 1162 1162 }); 1163 1163 } 1164 1165 1166 jQuery(document).ready(function($){ 1167 $('.ad-banner-container2').click(function() { 1168 window.open('https://www.centrora.com/services/hosting-services-pricing'); 1169 }); 1170 }); 1171 -
ose-firewall/trunk/public/js/cfscan.js
r1730340 r1762549 4 4 5 5 jQuery(document).ready(function ($) { 6 checkUserType_cfscan(); 6 7 $('#board').html(''); 7 8 $('#tabs').hide(); … … 23 24 document.getElementById("save-button").disabled = true; 24 25 $('#board').html(''); 26 $('#coreFilesDownload').empty(); 25 27 var currentfolder; 26 28 var current = $(this); … … 42 44 if (data.cms == 'wp') { 43 45 $('#board').html(data.message); 44 document.getElementById("save-button").disabled = false;46 checkCoreFilesExists_suite("wordpress",data.version); 45 47 document.getElementById("cms").value = "wp"; 46 48 document.getElementById("version").value = data.version; 47 49 } else if (data.cms == 'jm') { 48 50 $('#board').html(data.message); 49 document.getElementById("save-button").disabled = false;51 checkCoreFilesExists_suite("joomla",data.version); 50 52 document.getElementById("cms").value = "jm"; 51 53 document.getElementById("version").value = data.version; … … 62 64 document.getElementById("save-button").disabled = true; 63 65 $('#board').html(''); 66 $('#coreFilesDownload').empty(); 64 67 if (!$(this).val()) { //if it is blank. 65 68 … … 80 83 if (data.cms == 'wp') { 81 84 $('#board').html(data.message); 82 document.getElementById("save-button").disabled = false;85 checkCoreFilesExists_suite("wordpress",data.version); 83 86 document.getElementById("cms").value = "wp"; 84 87 document.getElementById("version").value = data.version; 85 88 } else if (data.cms == 'jm') { 86 89 $('#board').html(data.message); 87 document.getElementById("save-button").disabled = false;90 checkCoreFilesExists_suite("joomla",data.version); 88 91 document.getElementById("cms").value = "jm"; 89 92 document.getElementById("version").value = data.version; … … 358 361 }); 359 362 } 363 364 function checkUserType_cfscan() 365 { 366 jQuery(document).ready(function ($) { 367 $.ajax({ 368 type: "GET", 369 url: url, 370 dataType: 'json', 371 data: { 372 option: option, 373 controller: "advancerulesets", 374 action: 'checkUserType', 375 task: 'checkUserType', 376 centnounce: $('#centnounce').val() 377 }, 378 success: function (data) { 379 if (data.status == 1) { 380 checkCoreFilesExists(); 381 } else { 382 $( "#icon-refresh" ).one( "click", function() { 383 checkCoreFilesExists(); 384 }); 385 $('#cf-sig').text('Click To Update Core Files'); 386 $('#cf-div-uptodate').hide(); 387 } 388 } 389 }); 390 }); 391 } 392 393 function checkCoreFilesExists() 394 { 395 jQuery(document).ready(function ($) { 396 $('#icon-refresh').addClass('spinAnimation'); 397 $('#cf-sig').text('Checking Core Files version ...'); 398 $('#icon-refresh').prop('onclick',null).off('click'); 399 $.ajax({ 400 type: "POST", 401 url: url, 402 dataType: 'json', 403 data: { 404 option: option, 405 controller: controller, 406 action: 'checkCoreFilesExists', 407 task: 'checkCoreFilesExists', 408 centnounce: $('#centnounce').val() 409 }, 410 success: function (data) { 411 if(data.status == 1) 412 { 413 //core files are upto date 414 $('#icon-refresh').removeClass('spinAnimation'); 415 $('#icon-refresh').removeAttr("onclick"); 416 $("#cf-div-update").hide(); 417 $("#cf-div-uptodate").show(); 418 }else if(data.status == 0){ 419 //file does not exists 420 //download the core dir files 421 downloadCoreFiles(data.cms, data.version); 422 }else if(data.status == 2){ 423 //suite version 424 //do nothing 425 } 426 } 427 }); 428 }); 429 } 430 431 function downloadCoreFiles(cms,version) 432 { 433 jQuery(document).ready(function ($) { 434 $('#icon-refresh').prop('onclick',null).off('click'); 435 $('#cf-sig').text('Downloading latest Core Files ...'); 436 $.ajax({ 437 type: "POST", 438 url: url, 439 dataType: 'json', 440 data: { 441 option: option, 442 controller: controller, 443 action: 'downloadCoreFiles', 444 task: 'downloadCoreFiles', 445 cms: cms, 446 version : version, 447 centnounce: $('#centnounce').val() 448 }, 449 success: function (data) { 450 hideLoading(2500); 451 if (data.status == 0) { 452 showDialogue(data.info,"ERROR","CLOSE"); 453 //show button and allows user to update manually 454 } else { 455 $('#icon-refresh').removeClass('spinAnimation'); 456 $('#icon-refresh').removeAttr("onclick"); 457 $("#cf-div-update").hide(); 458 $("#cf-div-uptodate").show(); 459 } 460 } 461 }); 462 }); 463 } 464 465 function checkCoreFilesExists_suite(cms,version) 466 { 467 jQuery(document).ready(function ($) { 468 $('#coreFilesDownload').empty(); 469 $('#coreFilesDownload').append('<span class="glyphicon glyphicon-refresh color-blue animate"></span> Checking Core Files version ...'); 470 $.ajax({ 471 type: "POST", 472 url: url, 473 dataType: 'json', 474 data: { 475 option: option, 476 controller: controller, 477 cms : cms, 478 version : version, 479 action: 'checkCoreFilesExistsSuite', 480 task: 'checkCoreFilesExistsSuite', 481 centnounce: $('#centnounce').val() 482 }, 483 success: function (data) { 484 if(data.status == 1) 485 { 486 //core files are upto date 487 $('#coreFilesDownload').empty(); 488 $('#coreFilesDownload').append('<span class="glyphicon glyphicon-ok color-green"></span> Core Files are upto date'); 489 document.getElementById("save-button").disabled = false; 490 }else if(data.status == 0){ 491 //file does not exists 492 //download the core dir files 493 downloadCoreFiles_suite(data.cms, data.version); 494 } 495 } 496 }); 497 }); 498 } 499 500 function downloadCoreFiles_suite(cms,version) 501 { 502 jQuery(document).ready(function ($) { 503 $('#coreFilesDownload').empty(); 504 $('#coreFilesDownload').append('<span class="glyphicon glyphicon-download color-green"></span> Downloading latest Core Files ...'); 505 $.ajax({ 506 type: "POST", 507 url: url, 508 dataType: 'json', 509 data: { 510 option: option, 511 controller: controller, 512 action: 'downloadCoreFiles', 513 task: 'downloadCoreFiles', 514 cms: cms, 515 version : version, 516 centnounce: $('#centnounce').val() 517 }, 518 success: function (data) { 519 hideLoading(2500); 520 if (data.status == 0) { 521 showDialogue(data.info,"ERROR","CLOSE"); 522 //show button and allows user to update manually 523 } else { 524 $('#coreFilesDownload').empty(); 525 $('#coreFilesDownload').append('<span class="glyphicon glyphicon-ok color-green"></span> Core Files are upto date'); 526 document.getElementById("save-button").disabled = false; 527 } 528 } 529 }); 530 }); 531 } -
ose-firewall/trunk/public/js/oem/218/custom.js
r1387925 r1762549 1 1 jQuery(document).ready(function ($) { 2 removejscssfile("template.css", "css"); 2 3 $('body').appStart({ 3 4 //main color scheme for template -
ose-firewall/trunk/public/js/rulesets.js
r1730340 r1762549 260 260 }else if(data.status==1) 261 261 { 262 $('#icon-refresh').hide(); 262 263 $('#updateAdvRules').hide(); 263 264 } -
ose-firewall/trunk/public/js/scanreport.js
r1730340 r1762549 29 29 {"data": "filename"}, 30 30 {"data": "checked"}, 31 {"data": " notes","sortable":false},31 {"data": "size","sortable":false}, 32 32 {"data": "view","sortable":false}, 33 33 { -
ose-firewall/trunk/public/js/whitelistmgmt.js
r1730897 r1762549 294 294 }); 295 295 } 296 297 //adds the default variables in the whitelist to avoid any false alerts from the firewall 298 function defaultWhiteListVariablesv7() 299 { 300 jQuery(document).ready(function ($) { 301 $.ajax({ 302 type: "POST", 303 url: url, 304 dataType: 'json', 305 data: { 306 option: option, 307 controller: controller, 308 action: 'defaultWhiteListVariablesV7', 309 task: 'defaultWhiteListVariablesV7', 310 centnounce: $('#centnounce').val() 311 }, 312 success: function (data) { 313 if(data.status == 1) 314 { 315 $('#addwhitelistvars').hide(); 316 $('#variablesTable').dataTable().api().ajax.reload(null, false); 317 } 318 else { 319 showDialogue("There was some problem in adding the default whitelist variables" , "ERROR", "close"); 320 } 321 } 322 }); 323 }); 324 } -
ose-firewall/trunk/public/messages/fr_FR.php
r1741247 r1762549 1150 1150 define("O_RECEIVE_EMAILS","Receive Emails"); 1151 1151 define("O_BACKUP_TYPE_HELP","Note : You need to setup the Gitlab Repo to use cloud backup"); 1152 define('TOP_UPTODATE', 'Up to date');1153 define('SEARCHFORMALWARE','Search for Malware');1154 define('FIREWALLSETINGS',"Firewall Settings");1155 define('SCHEDULETASKS',"Schedule Tasks");1156 1152 define('O_TYPE','Type'); 1157 1153 define('O_FILE_SIZE', 'File Size'); … … 1159 1155 define('BASE_FOLDER_PERMISSION','Base folder permission'); 1160 1156 define('ADD_BACKUP_SIZE','New added backup size (MB)'); 1161 define('Git_backup_tittle', 'Centrora Git Backup');1162 define('Git_backup_desc', 'Git Backup is a brand-new and great potential tool for website backup and restore in seconds.');1163 1157 define('O_ACCOUNTNAME','Account Name'); 1164 1158 define('O_LASTBACKUP_DATE','Last Backup Date'); … … 1185 1179 define('O_DOMAIN','Domain'); 1186 1180 define('O_DOWNLOAD_CERT','Download Certificate'); 1187 define('UPDATE',"Update");1188 define('LOGS',"Logs");1189 define('WEBATTACTS',"Web Attacks");1190 define('BRUTEFORCE',"BruteForce");1191 define('FILEUPLOADINGLOGS',"File Uploading Logs");1192 define('VIRUSSCAN',"Virus Scan");1193 1181 define('CREATE_REPOSITORY_GITLAB', 'Create a private repository in GitLab'); 1194 1182 define("FIREWALLV7", "Firewall Scanner V7 <sup><span>(New)</span></sup>"); -
ose-firewall/trunk/readme.txt
r1741387 r1762549 6 6 Requires at least: 3.7 7 7 Tested up to: 4.8.2 8 Stable tag: 7.0. 38 Stable tag: 7.0.4 9 9 License: GPLv2 or later 10 10 License URI: http://www.gnu.org/licenses/gpl-2.0.html … … 170 170 171 171 == Changelog == 172 173 = 7.0.4 = 174 * Minor bug fixes for Firewall v7, Virus scanner 175 * Improved code to update virus and firewall patterns 176 * Improved UX for virus scan reports 177 * Fixed Language file errors 172 178 173 179 = 7.0.3 =
Note: See TracChangeset
for help on using the changeset viewer.