Edit File by line

<?php

[0] Fix | Delete

[1] Fix | Delete

abstract class wfBaseAlert {

[2] Fix | Delete

[3] Fix | Delete

public abstract function send();

[4] Fix | Delete

}

[5] Fix | Delete

[6] Fix | Delete

class wfBlockAlert extends wfBaseAlert {

[7] Fix | Delete

[8] Fix | Delete

private $IP;

[9] Fix | Delete

private $reason;

[10] Fix | Delete

private $secsToGo;

[11] Fix | Delete

[12] Fix | Delete

[13] Fix | Delete

/**

[14] Fix | Delete

* wfBlockAlert constructor.

[15] Fix | Delete

* @param $IP

[16] Fix | Delete

* @param $reason

[17] Fix | Delete

* @param $secsToGo

[18] Fix | Delete

[19] Fix | Delete

public function __construct($IP, $reason, $secsToGo) {

[20] Fix | Delete

$this->IP = $IP;

[21] Fix | Delete

$this->reason = $reason;

[22] Fix | Delete

$this->secsToGo = $secsToGo;

[23] Fix | Delete

}

[24] Fix | Delete

[25] Fix | Delete

public function send() {

[26] Fix | Delete

if (wfConfig::get('alertOn_block')) {

[27] Fix | Delete

$message = sprintf(/* translators: IP address. */ __('Wordfence has blocked IP address %s.', 'wordfence'), $this->IP) . "\n";

[28] Fix | Delete

$message .= sprintf(/* translators: Description of firewall action. */ __('The reason is: "%s".', 'wordfence'), $this->reason);

[29] Fix | Delete

if ($this->secsToGo > 0) {

[30] Fix | Delete

$message .= "\n" . sprintf(/* translators: Time until. */ __('The duration of the block is %s.', 'wordfence'), wfUtils::makeDuration($this->secsToGo, true));

[31] Fix | Delete

}

[32] Fix | Delete

wordfence::alert(sprintf(/* translators: IP address. */__('Blocking IP %s', 'wordfence'), $this->IP), $message, $this->IP);

[33] Fix | Delete

}

[34] Fix | Delete

}

[35] Fix | Delete

[36] Fix | Delete

}

[37] Fix | Delete

[38] Fix | Delete

class wfAutoUpdatedAlert extends wfBaseAlert {

[39] Fix | Delete

[40] Fix | Delete

private $version;

[41] Fix | Delete

[42] Fix | Delete

/**

[43] Fix | Delete

* @param $version

[44] Fix | Delete

[45] Fix | Delete

public function __construct($version) {

[46] Fix | Delete

$this->version = $version;

[47] Fix | Delete

}

[48] Fix | Delete

[49] Fix | Delete

public function send() {

[50] Fix | Delete

if (wfConfig::get('alertOn_update') == '1' && $this->version) {

[51] Fix | Delete

wordfence::alert(sprintf(/* translators: Software version. */ __("Wordfence Upgraded to version %s", 'wordfence'), $this->version), sprintf(/* translators: Software version. */ __("Your Wordfence installation has been upgraded to version %s", 'wordfence'), $this->version), false);

[52] Fix | Delete

}

[53] Fix | Delete

}

[54] Fix | Delete

[55] Fix | Delete

}

[56] Fix | Delete

[57] Fix | Delete

class wfWafDeactivatedAlert extends wfBaseAlert {

[58] Fix | Delete

[59] Fix | Delete

private $username;

[60] Fix | Delete

private $IP;

[61] Fix | Delete

[62] Fix | Delete

/**

[63] Fix | Delete

* @param $username

[64] Fix | Delete

* @param $IP

[65] Fix | Delete

[66] Fix | Delete

public function __construct($username, $IP) {

[67] Fix | Delete

$this->username = $username;

[68] Fix | Delete

$this->IP = $IP;

[69] Fix | Delete

}

[70] Fix | Delete

[71] Fix | Delete

public function send() {

[72] Fix | Delete

if (wfConfig::get('alertOn_wafDeactivated')) {

[73] Fix | Delete

wordfence::alert(__('Wordfence WAF Deactivated', 'wordfence'), sprintf(/* translators: WP username. */__('A user with username "%s" deactivated the Wordfence Web Application Firewall on your WordPress site.', 'wordfence'), $this->username), $this->IP);

[74] Fix | Delete

}

[75] Fix | Delete

}

[76] Fix | Delete

[77] Fix | Delete

}

[78] Fix | Delete

[79] Fix | Delete

class wfWordfenceDeactivatedAlert extends wfBaseAlert {

[80] Fix | Delete

private $username;

[81] Fix | Delete

private $IP;

[82] Fix | Delete

[83] Fix | Delete

/**

[84] Fix | Delete

* @param $username

[85] Fix | Delete

* @param $IP

[86] Fix | Delete

[87] Fix | Delete

public function __construct($username, $IP) {

[88] Fix | Delete

$this->username = $username;

[89] Fix | Delete

$this->IP = $IP;

[90] Fix | Delete

}

[91] Fix | Delete

[92] Fix | Delete

public function send() {

[93] Fix | Delete

if (wfConfig::get('alertOn_wordfenceDeactivated')) {

[94] Fix | Delete

wordfence::alert(__("Wordfence Deactivated", 'wordfence'), sprintf(/* translators: WP username. */ __("A user with username \"%s\" deactivated Wordfence on your WordPress site.", 'wordfence'), $this->username), $this->IP);

[95] Fix | Delete

}

[96] Fix | Delete

}

[97] Fix | Delete

[98] Fix | Delete

}

[99] Fix | Delete

[100] Fix | Delete

class wfLostPasswdFormAlert extends wfBaseAlert {

[101] Fix | Delete

[102] Fix | Delete

private $user;

[103] Fix | Delete

private $IP;

[104] Fix | Delete

[105] Fix | Delete

/**

[106] Fix | Delete

* @param $user

[107] Fix | Delete

* @param $IP

[108] Fix | Delete

[109] Fix | Delete

public function __construct($user, $IP) {

[110] Fix | Delete

$this->user = $user;

[111] Fix | Delete

$this->IP = $IP;

[112] Fix | Delete

}

[113] Fix | Delete

[114] Fix | Delete

public function send() {

[115] Fix | Delete

if (wfConfig::get('alertOn_lostPasswdForm')) {

[116] Fix | Delete

wordfence::alert(__("Password recovery attempted", 'wordfence'), sprintf(/* translators: Email address. */__("Someone tried to recover the password for user with email address: %s", 'wordfence'), wp_kses($this->user->user_email, array())), $this->IP);

[117] Fix | Delete

}

[118] Fix | Delete

}

[119] Fix | Delete

[120] Fix | Delete

}

[121] Fix | Delete

[122] Fix | Delete

class wfLoginLockoutAlert extends wfBaseAlert {

[123] Fix | Delete

[124] Fix | Delete

private $IP;

[125] Fix | Delete

private $reason;

[126] Fix | Delete

[127] Fix | Delete

/**

[128] Fix | Delete

* @param $IP

[129] Fix | Delete

* @param $reason

[130] Fix | Delete

[131] Fix | Delete

public function __construct($IP, $reason) {

[132] Fix | Delete

$this->IP = $IP;

[133] Fix | Delete

$this->reason = $reason;

[134] Fix | Delete

}

[135] Fix | Delete

[136] Fix | Delete

public function send() {

[137] Fix | Delete

if (wfConfig::get('alertOn_loginLockout')) {

[138] Fix | Delete

$message = sprintf(

[139] Fix | Delete

/* translators: 1. IP address. 2. Description of firewall action. */

[140] Fix | Delete

__('A user with IP address %1$s has been locked out from signing in or using the password recovery form for the following reason: %2$s.', 'wordfence'), $this->IP, $this->reason);

[141] Fix | Delete

if (wfBlock::lockoutDuration() > 0) {

[142] Fix | Delete

$message .= "\n" . sprintf(/* translators: Time until. */ __('The duration of the lockout is %s.', 'wordfence'), wfUtils::makeDuration(wfBlock::lockoutDuration(), true));

[143] Fix | Delete

}

[144] Fix | Delete

wordfence::alert(__('User locked out from signing in', 'wordfence'), $message, $this->IP);

[145] Fix | Delete

}

[146] Fix | Delete

}

[147] Fix | Delete

}

[148] Fix | Delete

[149] Fix | Delete

class wfAdminLoginAlert extends wfBaseAlert {

[150] Fix | Delete

[151] Fix | Delete

private $cookieName;

[152] Fix | Delete

private $username;

[153] Fix | Delete

private $IP;

[154] Fix | Delete

private $cookieValue;

[155] Fix | Delete

[156] Fix | Delete

/**

[157] Fix | Delete

* @param $cookieName

[158] Fix | Delete

* @param $cookieValue

[159] Fix | Delete

* @param $username

[160] Fix | Delete

* @param $IP

[161] Fix | Delete

[162] Fix | Delete

public function __construct($cookieName, $cookieValue, $username, $IP) {

[163] Fix | Delete

$this->cookieName = $cookieName;

[164] Fix | Delete

$this->cookieValue = $cookieValue;

[165] Fix | Delete

$this->username = $username;

[166] Fix | Delete

$this->IP = $IP;

[167] Fix | Delete

}

[168] Fix | Delete

[169] Fix | Delete

public function send() {

[170] Fix | Delete

if (wfConfig::get('alertOn_adminLogin')) {

[171] Fix | Delete

$shouldAlert = true;

[172] Fix | Delete

if (wfConfig::get('alertOn_firstAdminLoginOnly') && isset($_COOKIE[$this->cookieName])) {

[173] Fix | Delete

$shouldAlert = !hash_equals($this->cookieValue, $_COOKIE[$this->cookieName]);

[174] Fix | Delete

}

[175] Fix | Delete

[176] Fix | Delete

if ($shouldAlert) {

[177] Fix | Delete

wordfence::alert(__("Admin Login", 'wordfence'), sprintf(/* translators: WP username. */ __("A user with username \"%s\" who has administrator access signed in to your WordPress site.", 'wordfence'), $this->username), $this->IP);

[178] Fix | Delete

}

[179] Fix | Delete

}

[180] Fix | Delete

}

[181] Fix | Delete

}

[182] Fix | Delete

[183] Fix | Delete

class wfNonAdminLoginAlert extends wfBaseAlert {

[184] Fix | Delete

[185] Fix | Delete

private $cookieName;

[186] Fix | Delete

private $username;

[187] Fix | Delete

private $IP;

[188] Fix | Delete

private $cookieValue;

[189] Fix | Delete

[190] Fix | Delete

/**

[191] Fix | Delete

* @param $cookieName

[192] Fix | Delete

* @param $cookieValue

[193] Fix | Delete

* @param $username

[194] Fix | Delete

* @param $IP

[195] Fix | Delete

[196] Fix | Delete

public function __construct($cookieName, $cookieValue, $username, $IP) {

[197] Fix | Delete

$this->cookieName = $cookieName;

[198] Fix | Delete

$this->cookieValue = $cookieValue;

[199] Fix | Delete

$this->username = $username;

[200] Fix | Delete

$this->IP = $IP;

[201] Fix | Delete

}

[202] Fix | Delete

[203] Fix | Delete

public function send() {

[204] Fix | Delete

if (wfConfig::get('alertOn_nonAdminLogin')) {

[205] Fix | Delete

$shouldAlert = true;

[206] Fix | Delete

if (wfConfig::get('alertOn_firstNonAdminLoginOnly') && isset($_COOKIE[$this->cookieName])) {

[207] Fix | Delete

$shouldAlert = !hash_equals($this->cookieValue, $_COOKIE[$this->cookieName]);

[208] Fix | Delete

}

[209] Fix | Delete

[210] Fix | Delete

if ($shouldAlert) {

[211] Fix | Delete

wordfence::alert(__("User login", 'wordfence'), sprintf(/* translators: WP username. */ __("A non-admin user with username \"%s\" signed in to your WordPress site.", 'wordfence'), $this->username), $this->IP);

[212] Fix | Delete

}

[213] Fix | Delete

}

[214] Fix | Delete

}

[215] Fix | Delete

}

[216] Fix | Delete

[217] Fix | Delete

class wfBreachLoginAlert extends wfBaseAlert {

[218] Fix | Delete

[219] Fix | Delete

private $username;

[220] Fix | Delete

private $lostPasswordUrl;

[221] Fix | Delete

private $supportUrl;

[222] Fix | Delete

private $IP;

[223] Fix | Delete

[224] Fix | Delete

/**

[225] Fix | Delete

* @param $username

[226] Fix | Delete

* @param $lostPasswordUrl

[227] Fix | Delete

* @param $supportUrl

[228] Fix | Delete

* @param $IP

[229] Fix | Delete

[230] Fix | Delete

public function __construct($username, $lostPasswordUrl, $supportUrl, $IP) {

[231] Fix | Delete

$this->username = $username;

[232] Fix | Delete

$this->lostPasswordUrl = $lostPasswordUrl;

[233] Fix | Delete

$this->supportUrl = $supportUrl;

[234] Fix | Delete

$this->IP = $IP;

[235] Fix | Delete

}

[236] Fix | Delete

[237] Fix | Delete

public function send() {

[238] Fix | Delete

if (wfConfig::get('alertOn_breachLogin')) {

[239] Fix | Delete

wordfence::alert(__('User login blocked for insecure password', 'wordfence'), sprintf(

[240] Fix | Delete

/* translators: 1. WP username. 2. Reset password URL. 3. Support URL. */

[241] Fix | Delete

__('A user with username "%1$s" tried to sign in to your WordPress site. Access was denied because the password being used exists on lists of passwords leaked in data breaches. Attackers use such lists to break into sites and install malicious code. Please change or reset the password (%2$s) to reactivate this account. Learn More: %3$s', 'wordfence'), $this->username, $this->lostPasswordUrl, $this->supportUrl), $this->IP);

[242] Fix | Delete

}

[243] Fix | Delete

}

[244] Fix | Delete

}

[245] Fix | Delete

[246] Fix | Delete

class wfIncreasedAttackRateAlert extends wfBaseAlert {

[247] Fix | Delete

[248] Fix | Delete

private $message;

[249] Fix | Delete

[250] Fix | Delete

/**

[251] Fix | Delete

* @param $message

[252] Fix | Delete

[253] Fix | Delete

public function __construct($message) {

[254] Fix | Delete

$this->message = $message;

[255] Fix | Delete

}

[256] Fix | Delete

[257] Fix | Delete

public function send() {

[258] Fix | Delete

wordfence::alert(__('Increased Attack Rate', 'wordfence'), $this->message, false);

[259] Fix | Delete

}

[260] Fix | Delete

}

[261] Fix | Delete

[262] Fix | Delete