WordPress.org
Get WordPress

Plugin Directory

Changeset 2125581


Ignore:
Timestamp:
07/19/2019 04:29:19 AM (7 years ago)
Author:
drew010
Message:

Test up to Wordpress 5.2.3
Add backup update URL
Fix issue with Ajax list update for when wp-cron is broken; may have used URL with WP_Http that resulted in a redirect and was not followed

Location:
vigilantor/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • vigilantor/trunk/readme.txt

    r1989355 r2125581  
    44Tags: tor, tor blocker, comments, spam, proxy, security, block, registration, captcha
    55Requires at least: 4.0
    6 Tested up to: 5.0.1
    7 Stable tag: 1.3.3
     6Tested up to: 5.2.3
     7Stable tag: 1.3.4
    88License: GPLv3
    99License URI: http://www.gnu.org/licenses/gpl.txt

  • vigilantor/trunk/vigilantor.php

    r1868792 r2125581  
    44Plugin URI: https://drew-phillips.com/
    55Description: Provides protections from Tor users visiting your site
    6 Version: 1.3.3
     6Version: 1.3.4
    77Author: Drew Phillips
    88Author URI: https://drew-phillips.com
     
    1010*/
    1111
    12 /*  Copyright (C) 2018 Drew Phillips
     12/*  Copyright (C) 2019 Drew Phillips
    1313
    1414This program is free software; you can redistribute it and/or modify
     
    2727*/
    2828
    29 defined('VIGILANTOR_VERSION') || define('VIGILANTOR_VERSION', '1.3.3');
     29defined('VIGILANTOR_VERSION') || define('VIGILANTOR_VERSION', '1.3.4');
    3030
    3131if (class_exists('VigilanTorWP')) {
     
    5555    private static $_instance = null;
    5656
    57     const EXIT_LIST_UPDATE_URL = '//openinternet.io/tor/tor-ip-list.txt';
     57    const EXIT_LIST_UPDATE_URLS = [
     58        //'//www2.openinternet.io/tor/tor-ip-list.txt',
     59        //'//openinternet.io/tor/tor-ip-list.txt',
     60    ];
    5861
    5962    private function __construct()
     
    229232            );
    230233        } else {
    231             header('HTTP/1.1 403 Forbidden');
     234            header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
    232235
    233236            // some themes reference $id in page templates
     
    391394                // this prevents the update from slowing down the page load for the visitor
    392395                // if wp-cron is working properly, the update will never need to be forced like this
    393                 add_action('wp_footer', array(&$this, 'enqueueUpdateScript'));
     396                if (mt_rand(0, 100000) % 10 == 0) {
     397                    // ~ 10% chance to enqueue the update script
     398                    add_action('wp_footer', array(&$this, 'enqueueUpdateScript'));
     399                }
    394400            }
    395401        }
     
    617623    public function enqueueUpdateScript()
    618624    {
    619         $url = addslashes(get_site_url() . '?_vitor_action=update');
     625        $url = addslashes(get_site_url(null, '?_vitor_action=update'));
    620626        echo "<script type='text/javascript'>jQuery.ajax({ url: '{$url}' });</script>\n";
    621627    }
     
    843849        }
    844850
    845         $url = ($use_ssl ? 'https:' : 'http:') . self::EXIT_LIST_UPDATE_URL;
    846 
    847851        add_filter('http_headers_useragent', array(&$this, 'filterUserAgent'), 99, 1);
    848852
    849         $try     = true;
    850853        $success = false;
     854        $i       = 0;
    851855
    852856        do {
    853             $req = new WP_Http();
     857            $req = new WP_Http(); // NB: default timeout is 5 seconds
     858            $url = ($use_ssl ? 'https:' : 'http:') . self::EXIT_LIST_UPDATE_URLS[$i];
    854859            $res = $req->request($url, array('httpversion' => '1.1'));
    855860
    856             if (is_wp_error($res)) {
    857                 if ($use_ssl) {
    858                     $use_ssl = false;
    859                     $url = 'http:' . self::EXIT_LIST_UPDATE_URL;
    860                     continue; // try again with http
    861                 }
    862                 $try = false;
    863             } else {
     861            if (!is_wp_error($res)) {
    864862                $res     = $res['body'];
    865                 $try     = false;
    866863                $success = true;
    867             }
    868         } while($try);
     864                break;
     865            }
     866        } while(++$i < sizeof(self::EXIT_LIST_UPDATE_URLS));
    869867
    870868        if (!$success && is_wp_error($res)) {
     
    880878    private function getClientIpAddress()
    881879    {
    882         // TODO: look for IP in other headers (e.g. X-Forwarded-For, X-Proxy-IP)
     880        // TODO: look for IP in other headers (e.g. X-Forwarded-For, X-Proxy-IP), but only if trusted
    883881        return $_SERVER['REMOTE_ADDR'];
    884882    }
     
    932930
    933931                // check that a captcha id was submitted with the form
    934                 if (!empty($_POST['siwp_captcha_id'])) {
    935                     $captchaId = trim(stripslashes($_POST['siwp_captcha_id']));
     932                if (!empty($_POST['scid'])) {
     933                    $captchaId = trim(stripslashes($_POST['scid']));
    936934                    $code      = trim(stripslashes($_POST['siwp_captcha_value']));
    937935
Note: See TracChangeset for help on using the changeset viewer.