bootstrap = AIOWPSecurity_Utility_Firewall::get_bootstrap_file(); $this->wpconfig = AIOWPSecurity_Utility_Firewall::get_wpconfig_file(); $this->muplugin = AIOWPSecurity_Utility_Firewall::get_muplugin_file(); AIOWPSecurity_Utility_Firewall::get_firewall_rules_path(true); // Creates the needed directories for the first time. } /** * Entry point for the dashboard notice * * @return void */ public function start_firewall_setup() { global $aio_wp_security; $firewall_files = array( 'server' => AIOWPSecurity_Utility_Firewall::get_server_file(), 'bootstrap' => $this->bootstrap, 'wpconfig' => $this->wpconfig, 'muplugin' => $this->muplugin, ); //Check each file and update the contents if necessary foreach ($firewall_files as $name => $file) { ${'is_firewall_in_'.$name} = false; if (AIOWPSecurity_Utility_Firewall::MANUAL_SETUP === $file) { continue; } ${'is_firewall_in_'.$name} = $file->contains_contents(); if (true === ${'is_firewall_in_'.$name}) { $file->update_contents(); } } if (!$aio_wp_security->is_aiowps_admin_page()) { return; } if (AIOWPSecurity_Utility_Firewall::is_firewall_setup()) { if (true !== $is_firewall_in_server) { $this->render_upgrade_protection_notice(); } } else { $this->render_automatic_setup_notice(); } $this->render_notices(); } /** * Will execute when the user presses 'Set up now' button * * @return void */ private function do_setup() { $is_inserted_firewall_file = false; $is_inserted_bootstrap_file = $this->bootstrap->contains_contents(); if (true !== $is_inserted_bootstrap_file) { $is_inserted_bootstrap_file = $this->bootstrap->insert_contents(); if (true !== $is_inserted_bootstrap_file) { $this->log_wp_error($is_inserted_bootstrap_file); $this->show_notice(self::NOTICE_BOOTSTRAP); return; } } $firewall_file = AIOWPSecurity_Utility_Firewall::get_server_file(); if ($firewall_file instanceof AIOWPSecurity_Block_Userini) { $directive = AIOWPSecurity_Utility_Firewall::get_already_set_directive($firewall_file); if (!empty($directive)) { if (AIOWPSecurity_Utility_Firewall::get_bootstrap_path() === $directive) { $is_inserted_firewall_file = true; } else { $this->show_notice(self::NOTICE_DIRECTIVE_SET, array('directive'=>$directive)); } } else { $is_inserted_firewall_file = $firewall_file->insert_contents(); } } else { if (AIOWPSecurity_Utility_Firewall::MANUAL_SETUP !== $firewall_file) { $is_inserted_firewall_file = $firewall_file->insert_contents(); // attempts to insert firewall into required file } } //Set up the firewall in the wp-config file $is_inserted_wpconfig = $this->wpconfig->contains_contents(); if (true !== $is_inserted_wpconfig) { $is_inserted_wpconfig = $this->wpconfig->insert_contents(); } $this->log_wp_error($is_inserted_wpconfig); //Set up the firewall in the mu-plugin $is_inserted_muplugin = $this->muplugin->contains_contents(); if (true !== $is_inserted_muplugin) { $is_inserted_muplugin = $this->muplugin->insert_contents(); } if (false === $is_inserted_muplugin) { $this->log_wp_error(new \WP_Error( 'file-mu-plugin-failed', 'Unable to create the mu-plugin', $this->muplugin )); } $this->log_wp_error($is_inserted_muplugin); if (true === $is_inserted_firewall_file) { $this->show_notice(self::NOTICE_INSTALLED); } else { $this->log_wp_error($is_inserted_firewall_file); $this->show_notice(self::NOTICE_MANUAL); } } /** * Dismisses the notice. * * @return void */ private function do_dismiss() { global $aio_wp_security; $aio_wp_security->configs->set_value('aios_firewall_dismiss', true, true); } /** * Checks whether the notice is dismissed * * @return boolean */ private function is_dismissed() { global $aio_wp_security; return (true === $aio_wp_security->configs->get_value('aios_firewall_dismiss')); } /** * Handles the form submission for the 'Set up now' notice * * @return void */ public function handle_setup_form() { $nonce = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : ''; $result = AIOWPSecurity_Utility_Permissions::check_nonce_and_user_cap($nonce, 'aiowpsec-firewall-setup'); if (!is_wp_error($result)) { $this->do_setup(); $this->do_redirect(); } } /** * Handles the dismiss form * * @return void */ public function handle_dismiss_form() { $nonce = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : ''; $result = AIOWPSecurity_Utility_Permissions::check_nonce_and_user_cap($nonce, 'aiowpsec-firewall-setup-dismiss'); if (!is_wp_error($result)) { $this->do_dismiss(); $this->do_redirect(); } } /** * Handles the form that downgrades the firewall's protection. * * @return void */ public function handle_downgrade_protection_form() { $nonce = isset($_POST['_wpnonce']) ? $_POST['_wpnonce'] : ''; $result = AIOWPSecurity_Utility_Permissions::check_nonce_and_user_cap($nonce, 'aiowpsec-firewall-downgrade'); if (!is_wp_error($result)) { AIOWPSecurity_Utility_Firewall::remove_firewall(); $this->do_redirect(); } } /** * Handles the redirect * * @return void */ private function do_redirect() { // Go back to the previous page and tab if set if (isset($_POST['_wp_http_referer'])) { $matches = array(); if (preg_match('/\?page='.AIOWPSEC_MENU_SLUG_PREFIX.'(?.*)(&tab=(?.*))?$/m', $_POST['_wp_http_referer'], $matches)) { $url = 'admin.php?page='.AIOWPSEC_MENU_SLUG_PREFIX; if (isset($matches['page'])) { $url .= sanitize_text_field($matches['page']); if (isset($matches['tab'])) { $url .= '&tab='.sanitize_text_field($matches['tab']); } } AIOWPSecurity_Utility::redirect_to_url(admin_url(sanitize_url($url))); } } AIOWPSecurity_Utility::redirect_to_url(admin_url('admin.php?page='.AIOWPSEC_MENU_SLUG_PREFIX)); } /** * Wrapper function to log WP_Errors to debug log * * @param WP_Error $wp_error - Our error which gets logged * @return void */ private function log_wp_error($wp_error) { if (is_wp_error($wp_error)) { global $aio_wp_security; $error_message = $wp_error->get_error_message(); $error_message .= ' - '; $error_message .= $wp_error->get_error_data(); $aio_wp_security->debug_logger->log_debug($error_message, 4); } } /** * Sets the flags to show notices * * @param string $type - the type of notice we want to set * @param array $values - any values that need to be passed * @return void */ private function show_notice($type, $values = array()) { global $aio_wp_security; $aio_wp_security->configs->set_value('firewall_notice_'.$type, true); if (!empty($values)) { $aio_wp_security->configs->set_value('firewall_notice_values', $values); } $aio_wp_security->configs->save_config(); } /** * Renders any necessary notices * * @return void */ private function render_notices() { global $aio_wp_security; $notices = array( self::NOTICE_BOOTSTRAP, self::NOTICE_MANUAL, self::NOTICE_INSTALLED, self::NOTICE_DIRECTIVE_SET, ); foreach($notices as $notice) { if ($aio_wp_security->configs->get_value('firewall_notice_'.$notice)) { switch($notice) { case self::NOTICE_BOOTSTRAP: $this->render_bootstrap_notice(); break; case self::NOTICE_MANUAL: if (!$this->any_pending_notices(self::NOTICE_MANUAL)) { $this->render_manual_setup_notice(); } break; case self::NOTICE_INSTALLED: $this->render_firewall_installed_notice(); break; case self::NOTICE_DIRECTIVE_SET: $values = $aio_wp_security->configs->get_value('firewall_notice_values'); $this->render_userini_directive_set_notice($values['directive']); $aio_wp_security->configs->delete_value('firewall_notice_values'); break; } $aio_wp_security->configs->delete_value('firewall_notice_'.$notice); } } $aio_wp_security->configs->save_config(); } /** * Detects if we have any notices pending to display * * @param string $exclude - do not check the status of these notices * @return boolean */ private function any_pending_notices(...$exclude) { global $aio_wp_security; $notices = array( self::NOTICE_BOOTSTRAP, self::NOTICE_MANUAL, self::NOTICE_INSTALLED, self::NOTICE_DIRECTIVE_SET, ); $notices = array_diff($notices, $exclude); foreach($notices as $notice) { if (true === $aio_wp_security->configs->get_value('firewall_notice_'.$notice)) { return true; } } return false; } /** * Notice is shown if we are unable to write to the bootstrap file * * @return void */ private function render_bootstrap_notice() { ?>

bootstrap, PATHINFO_BASENAME)); ?> 

bootstrap); ?>

bootstrap->get_contents()); ?>

render_try_again_button(); $this->render_manual_notice_footer(); } /** * Notice is shown if auto_prepend_file directive is already set in user.ini * * @param string $directive_value * @return void */ private function render_userini_directive_set_notice($directive_value) { $bootstrap_path = AIOWPSecurity_Utility_Firewall::get_bootstrap_path(); $firewall_file = AIOWPSecurity_Utility_Firewall::get_server_file(); $this->render_manual_notice_header(); ?> 

get_contents()); ?>

render_try_again_button(); $this->render_manual_notice_footer(); } /** * Shows when the firewall has successfully installed * * @return void */ private function render_firewall_installed_notice() { ?>

render_manual_notice_header(); ?>

render_manual_notice_footer(); } else { //Show users how to manually add the firewall via their own server file $this->render_manual_notice_header(); $firewall_file_name = pathinfo($firewall_file, PATHINFO_BASENAME); ?> 

get_contents()); ?>

render_try_again_button(); $this->render_manual_notice_footer(); } } /** * The header for notices that require manual intervention * * @return void */ private function render_manual_notice_header() { ?>

should_not_show_notice()) { return; } ?>

is_dismissed() && !AIOWPSecurity_Utility_Firewall::is_firewall_page()) { return true; } if ($this->any_pending_notices()) { return true; //only display if there are no other notices waiting to be displayed } return false; } /** * Renders the 'Set up now' dashboard notice * * @return void */ private function render_automatic_setup_notice() { if ($this->should_not_show_notice()) { return; } ?>