Server IP : 172.67.157.199 / Your IP : 3.141.29.103 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/www/wp-content/plugins/defender-security/src/component/ |
Upload File : |
<?php /** * Handles security tweaks. * * @package WP_Defender\Component */ namespace WP_Defender\Component; use Exception; use SplFileObject; use Calotes\Base\Component; use Calotes\Helper\Array_Cache; use WP_Defender\Model\Setting\Security_Tweaks; /** * Handles security tweaks operations such as retrieving issues, ignored, and fixed tweaks. */ class Security_Tweak extends Component { /** * Model instance for caching. * * @var Security_Tweaks */ public $model; /** * Retrieves the model instance, creating it if it does not exist. * * @return Security_Tweaks The security tweaks model. */ protected function get_model() { if ( is_object( $this->model ) ) { return $this->model; } $this->model = new Security_Tweaks(); return $this->model; } /** * Retrieves a list of current issues from the cache. * * @return array List of issues with labels and URLs. */ public function get_issues() { $issues = array(); $tweaks = Array_Cache::get( 'tweaks', 'tweaks' ); $issue_tweaks = $this->get_model()->issues; foreach ( $issue_tweaks as $slug ) { if ( isset( $tweaks[ $slug ] ) ) { $tweak_arr = $tweaks[ $slug ]->to_array(); $issues[] = array( 'label' => $tweak_arr['title'], 'url' => network_admin_url( 'admin.php?page=wdf-hardener' ) . '#' . $slug, ); } } return $issues; } /** * Retrieves a list of ignored tweaks from the cache. * * @return array List of ignored tweaks with labels and URLs. */ public function get_ignored() { $ignored = array(); $tweaks = Array_Cache::get( 'tweaks', 'tweaks' ); $ignored_tweaks = $this->get_model()->ignore; foreach ( $ignored_tweaks as $slug ) { if ( isset( $tweaks[ $slug ] ) ) { $tweak_arr = $tweaks[ $slug ]->to_array(); $ignored[] = array( 'label' => $tweak_arr['title'], 'url' => network_admin_url( 'admin.php?page=wdf-hardener&view=ignored' ) . '#' . $slug, ); } } return $ignored; } /** * Retrieves a list of fixed tweaks from the cache. * * @return array List of fixed tweaks with labels and URLs. */ public function get_fixed() { $fixed = array(); $tweaks = Array_Cache::get( 'tweaks', 'tweaks' ); $fixed_tweaks = $this->get_model()->fixed; foreach ( $fixed_tweaks as $slug ) { if ( isset( $tweaks[ $slug ] ) ) { $tweak_arr = $tweaks[ $slug ]->to_array(); $fixed[] = array( 'label' => $tweak_arr['title'], 'url' => network_admin_url( 'admin.php?page=wdf-hardener&view=resolved' ) . '#' . $slug, ); } } return $fixed; } /** * Generates a regex pattern for matching the hook line in a configuration file. * * @return string The regex pattern. */ public function get_hook_line_pattern() { global $wpdb; return '/^\$table_prefix\s*=\s*[\'|\"]' . $wpdb->prefix . '[\'|\"]/'; } /** * Checks if the wp-config.php file exists and is writable. * * @return bool True if the file exists and is writable, false otherwise. */ public function advanced_check_file() { global $wp_filesystem; // Initialize the WP filesystem, no more using 'file-put-contents' function. if ( empty( $wp_filesystem ) ) { require_once ABSPATH . '/wp-admin/includes/file.php'; WP_Filesystem(); } $path_to_wp_config = defender_wp_config_path(); return file_exists( $path_to_wp_config ) && $wp_filesystem->is_writable( $path_to_wp_config ); } /** * Retrieves a file object for the wp-config.php file. * * @return false|SplFileObject The file object or false on failure. */ public function file() { static $file = false; if ( ! $file ) { try { $file = new SplFileObject( defender_wp_config_path(), 'r+' ); } catch ( Exception $e ) { $this->log( $e->getMessage(), 'internal.log' ); return false; } } return $file; } /** * Writes lines to the wp-config.php file. * * @param array $lines The lines to write to the file. * * @return bool True on success, false on failure. */ public function write( $lines ) { $file = $this->file(); $file->flock( LOCK_EX ); $file->fseek( 0 ); $bytes = $file->fwrite( implode( "\n", $lines ) ); if ( $bytes ) { $file->ftruncate( $file->ftell() ); } $file->flock( LOCK_UN ); return (bool) $bytes; } /** * Generates a notice message for hosting issues related to file permissions. * * @param string $option The option related to the notice. * * @return string The notice message. */ public function show_hosting_notice( $option ) { return sprintf( /* translators: %s: Option name. */ esc_html__( 'Some hostings do not allow you to make changes to the wp-config.php file. Please contact your hosting support team to switch %s ON or OFF on your site.', 'defender-security' ), $option ); } /** * Generates a notice message for hosting issues with a code snippet. * * @param string $option The option related to the notice. * @param string $code The code snippet to include in the notice. * * @return string The notice message with the code snippet. */ public function show_hosting_notice_with_code( $option, $code ) { return sprintf( /* translators: %s - option */ esc_html__( "Couldn't change the %s in your wp-config.php file. Please change it manually:", 'defender-security' ) . '<p><b>' . $code . '</b></p>', '<b>' . $option . '</b>' ); } }