Edit File by line

static $cachedServerIPs = null;

[1000] Fix | Delete

if (isset($cachedServerIPs) && !$refreshCache) {

[1001] Fix | Delete

return $cachedServerIPs;

[1002] Fix | Delete

}

[1003] Fix | Delete

[1004] Fix | Delete

$serverIPs = array();

[1005] Fix | Delete

$storedIP = wfConfig::get('serverIP');

[1006] Fix | Delete

if (preg_match('/^(\d+);(.+)$/', $storedIP, $matches)) { //Format is 'timestamp;ip'

[1007] Fix | Delete

$serverIPs[] = $matches[2];

[1008] Fix | Delete

}

[1009] Fix | Delete

[1010] Fix | Delete

if (function_exists('dns_get_record')) {

[1011] Fix | Delete

$storedDNS = wfConfig::get('serverDNS');

[1012] Fix | Delete

$usingCache = false;

[1013] Fix | Delete

if (preg_match('/^(\d+);(\d+);(.+)$/', $storedDNS, $matches)) { //Format is 'timestamp;ttl;ip'

[1014] Fix | Delete

$timestamp = $matches[1];

[1015] Fix | Delete

$ttl = $matches[2];

[1016] Fix | Delete

if ($timestamp + max($ttl, 86400) > time()) {

[1017] Fix | Delete

$serverIPs[] = $matches[3];

[1018] Fix | Delete

$usingCache = true;

[1019] Fix | Delete

}

[1020] Fix | Delete

}

[1021] Fix | Delete

[1022] Fix | Delete

if (!$usingCache) {

[1023] Fix | Delete

$home = get_home_url();

[1024] Fix | Delete

if (preg_match('/^https?:\/\/([^\/]+)/i', $home, $matches)) {

[1025] Fix | Delete

$host = strtolower($matches[1]);

[1026] Fix | Delete

$cnameRaw = @dns_get_record($host, DNS_CNAME);

[1027] Fix | Delete

$cnames = array();

[1028] Fix | Delete

$cnamesTargets = array();

[1029] Fix | Delete

if ($cnameRaw) {

[1030] Fix | Delete

foreach ($cnameRaw as $elem) {

[1031] Fix | Delete

if ($elem['host'] == $host) {

[1032] Fix | Delete

$cnames[] = $elem;

[1033] Fix | Delete

$cnamesTargets[] = $elem['target'];

[1034] Fix | Delete

}

[1035] Fix | Delete

}

[1036] Fix | Delete

}

[1037] Fix | Delete

[1038] Fix | Delete

$aRaw = @dns_get_record($host, DNS_A);

[1039] Fix | Delete

$a = array();

[1040] Fix | Delete

if ($aRaw) {

[1041] Fix | Delete

foreach ($aRaw as $elem) {

[1042] Fix | Delete

if ($elem['host'] == $host || in_array($elem['host'], $cnamesTargets)) {

[1043] Fix | Delete

$a[] = $elem;

[1044] Fix | Delete

}

[1045] Fix | Delete

}

[1046] Fix | Delete

}

[1047] Fix | Delete

[1048] Fix | Delete

$firstA = wfUtils::array_first($a);

[1049] Fix | Delete

if ($firstA !== null) {

[1050] Fix | Delete

$serverIPs[] = $firstA['ip'];

[1051] Fix | Delete

wfConfig::set('serverDNS', time() . ';' . $firstA['ttl'] . ';' . $firstA['ip']);

[1052] Fix | Delete

}

[1053] Fix | Delete

}

[1054] Fix | Delete

}

[1055] Fix | Delete

}

[1056] Fix | Delete

[1057] Fix | Delete

if (isset($_SERVER['SERVER_ADDR']) && wfUtils::isValidIP($_SERVER['SERVER_ADDR'])) {

[1058] Fix | Delete

$serverIPs[] = $_SERVER['SERVER_ADDR'];

[1059] Fix | Delete

}

[1060] Fix | Delete

[1061] Fix | Delete

$serverIPs = array_unique($serverIPs);

[1062] Fix | Delete

$cachedServerIPs = $serverIPs;

[1063] Fix | Delete

return $serverIPs;

[1064] Fix | Delete

}

[1065] Fix | Delete

[1066] Fix | Delete

public static function getIP($refreshCache = false) {

[1067] Fix | Delete

static $theIP = null;

[1068] Fix | Delete

if (isset($theIP) && !$refreshCache) {

[1069] Fix | Delete

return $theIP;

[1070] Fix | Delete

}

[1071] Fix | Delete

//For debugging.

[1072] Fix | Delete

//return '54.232.205.132';

[1073] Fix | Delete

//return self::makeRandomIP();

[1074] Fix | Delete

[1075] Fix | Delete

// if no REMOTE_ADDR, it's probably running from the command line

[1076] Fix | Delete

$ip = self::getIPAndServerVariable();

[1077] Fix | Delete

if (is_array($ip)) {

[1078] Fix | Delete

list($IP, $variable) = $ip;

[1079] Fix | Delete

$theIP = $IP;

[1080] Fix | Delete

return $IP;

[1081] Fix | Delete

}

[1082] Fix | Delete

return false;

[1083] Fix | Delete

}

[1084] Fix | Delete

[1085] Fix | Delete

public static function getIPForField($field, $trustedProxies = null) {

[1086] Fix | Delete

$ip = self::getIPAndServerVariable($field, $trustedProxies);

[1087] Fix | Delete

if (is_array($ip)) {

[1088] Fix | Delete

list($IP, $variable) = $ip;

[1089] Fix | Delete

return $IP;

[1090] Fix | Delete

}

[1091] Fix | Delete

return false;

[1092] Fix | Delete

}

[1093] Fix | Delete

[1094] Fix | Delete

public static function getAllServerVariableIPs()

[1095] Fix | Delete

{

[1096] Fix | Delete

$variables = array('REMOTE_ADDR', 'HTTP_CF_CONNECTING_IP', 'HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR');

[1097] Fix | Delete

$ips = array();

[1098] Fix | Delete

[1099] Fix | Delete

foreach ($variables as $variable) {

[1100] Fix | Delete

$ip = isset($_SERVER[$variable]) ? $_SERVER[$variable] : false;

[1101] Fix | Delete

[1102] Fix | Delete

if ($ip && strpos($ip, ',') !== false) {

[1103] Fix | Delete

$ips[$variable] = preg_replace('/[\s,]/', '', explode(',', $ip));

[1104] Fix | Delete

} else {

[1105] Fix | Delete

$ips[$variable] = $ip;

[1106] Fix | Delete

}

[1107] Fix | Delete

}

[1108] Fix | Delete

[1109] Fix | Delete

return $ips;

[1110] Fix | Delete

}

[1111] Fix | Delete

[1112] Fix | Delete

public static function getIPAndServerVariable($howGet = null, $trustedProxies = null) {

[1113] Fix | Delete

$connectionIP = array_key_exists('REMOTE_ADDR', $_SERVER) ? array($_SERVER['REMOTE_ADDR'], 'REMOTE_ADDR') : array('127.0.0.1', 'REMOTE_ADDR');

[1114] Fix | Delete

[1115] Fix | Delete

if ($howGet === null) {

[1116] Fix | Delete

$howGet = wfConfig::get('howGetIPs', false);

[1117] Fix | Delete

}

[1118] Fix | Delete

[1119] Fix | Delete

if($howGet){

[1120] Fix | Delete

if($howGet == 'REMOTE_ADDR'){

[1121] Fix | Delete

return self::getCleanIPAndServerVar(array($connectionIP), $trustedProxies);

[1122] Fix | Delete

} else {

[1123] Fix | Delete

$ipsToCheck = array(

[1124] Fix | Delete

array((isset($_SERVER[$howGet]) ? $_SERVER[$howGet] : ''), $howGet),

[1125] Fix | Delete

$connectionIP,

[1126] Fix | Delete

);

[1127] Fix | Delete

return self::getCleanIPAndServerVar($ipsToCheck, $trustedProxies);

[1128] Fix | Delete

}

[1129] Fix | Delete

} else {

[1130] Fix | Delete

$ipsToCheck = array();

[1131] Fix | Delete

[1132] Fix | Delete

$recommendedField = wfConfig::get('detectProxyRecommendation', ''); //Prioritize the result from our proxy check if done

[1133] Fix | Delete

if (!empty($recommendedField) && $recommendedField != 'UNKNOWN' && $recommendedField != 'DEFERRED') {

[1134] Fix | Delete

if (isset($_SERVER[$recommendedField])) {

[1135] Fix | Delete

$ipsToCheck[] = array($_SERVER[$recommendedField], $recommendedField);

[1136] Fix | Delete

}

[1137] Fix | Delete

}

[1138] Fix | Delete

$ipsToCheck[] = $connectionIP;

[1139] Fix | Delete

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {

[1140] Fix | Delete

$ipsToCheck[] = array($_SERVER['HTTP_X_FORWARDED_FOR'], 'HTTP_X_FORWARDED_FOR');

[1141] Fix | Delete

}

[1142] Fix | Delete

if (isset($_SERVER['HTTP_X_REAL_IP'])) {

[1143] Fix | Delete

$ipsToCheck[] = array($_SERVER['HTTP_X_REAL_IP'], 'HTTP_X_REAL_IP');

[1144] Fix | Delete

}

[1145] Fix | Delete

return self::getCleanIPAndServerVar($ipsToCheck, $trustedProxies);

[1146] Fix | Delete

}

[1147] Fix | Delete

return false; //Returns an array with a valid IP and the server variable, or false.

[1148] Fix | Delete

}

[1149] Fix | Delete

public static function getIPPreview($howGet = null, $trustedProxies = null) {

[1150] Fix | Delete

$ip = self::getIPAndServerVariable($howGet, $trustedProxies);

[1151] Fix | Delete

if (is_array($ip)) {

[1152] Fix | Delete

list($IP, $variable) = $ip;

[1153] Fix | Delete

if (isset($_SERVER[$variable]) && strpos($_SERVER[$variable], ',') !== false) {

[1154] Fix | Delete

$items = preg_replace('/[\s,]/', '', explode(',', $_SERVER[$variable]));

[1155] Fix | Delete

$output = '';

[1156] Fix | Delete

foreach ($items as $i) {

[1157] Fix | Delete

if ($IP == $i) {

[1158] Fix | Delete

$output .= ', <strong>' . esc_html($i) . '</strong>';

[1159] Fix | Delete

}

[1160] Fix | Delete

else {

[1161] Fix | Delete

$output .= ', ' . esc_html($i);

[1162] Fix | Delete

}

[1163] Fix | Delete

}

[1164] Fix | Delete

[1165] Fix | Delete

return substr($output, 2);

[1166] Fix | Delete

}

[1167] Fix | Delete

return '<strong>' . esc_html($IP) . '</strong>';

[1168] Fix | Delete

}

[1169] Fix | Delete

return false;

[1170] Fix | Delete

}

[1171] Fix | Delete

public static function isValidIP($IP){

[1172] Fix | Delete

return filter_var($IP, FILTER_VALIDATE_IP) !== false;

[1173] Fix | Delete

}

[1174] Fix | Delete

public static function isValidCIDRRange($range) {

[1175] Fix | Delete

$components = explode('/', $range);

[1176] Fix | Delete

if (count($components) != 2) { return false; }

[1177] Fix | Delete

[1178] Fix | Delete

list($ip, $prefix) = $components;

[1179] Fix | Delete

if (!self::isValidIP($ip)) { return false; }

[1180] Fix | Delete

[1181] Fix | Delete

if (!preg_match('/^\d+$/', $prefix)) { return false; }

[1182] Fix | Delete

[1183] Fix | Delete

if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {

[1184] Fix | Delete

if ($prefix < 0 || $prefix > 32) { return false; }

[1185] Fix | Delete

}

[1186] Fix | Delete

else {

[1187] Fix | Delete

if ($prefix < 1 || $prefix > 128) { return false; }

[1188] Fix | Delete

}

[1189] Fix | Delete

[1190] Fix | Delete

return true;

[1191] Fix | Delete

}

[1192] Fix | Delete

public static function isValidEmail($email, $strict = false) {

[1193] Fix | Delete

//We don't default to strict, full validation because poorly-configured servers can crash due to the regex PHP uses in filter_var($email, FILTER_VALIDATE_EMAIL)

[1194] Fix | Delete

if ($strict) {

[1195] Fix | Delete

return (filter_var($email, FILTER_VALIDATE_EMAIL) !== false);

[1196] Fix | Delete

}

[1197] Fix | Delete

[1198] Fix | Delete

return preg_match('/^[^@\s]+@[^@\s]+\.[^@\s]+$/i', $email) === 1;

[1199] Fix | Delete

}

[1200] Fix | Delete

public static function getRequestedURL() {

[1201] Fix | Delete

if (isset($_SERVER['HTTP_HOST']) && $_SERVER['HTTP_HOST']) {

[1202] Fix | Delete

$host = $_SERVER['HTTP_HOST'];

[1203] Fix | Delete

} else if (isset($_SERVER['SERVER_NAME']) && $_SERVER['SERVER_NAME']) {

[1204] Fix | Delete

$host = $_SERVER['SERVER_NAME'];

[1205] Fix | Delete

}

[1206] Fix | Delete

else {

[1207] Fix | Delete

return null;

[1208] Fix | Delete

}

[1209] Fix | Delete

$prefix = 'http';

[1210] Fix | Delete

if (is_ssl()) {

[1211] Fix | Delete

$prefix = 'https';

[1212] Fix | Delete

}

[1213] Fix | Delete

return $prefix . '://' . $host . $_SERVER['REQUEST_URI'];

[1214] Fix | Delete

}

[1215] Fix | Delete

[1216] Fix | Delete

public static function editUserLink($userID){

[1217] Fix | Delete

return get_admin_url() . 'user-edit.php?user_id=' . $userID;

[1218] Fix | Delete

}

[1219] Fix | Delete

public static function tmpl($file, $data){

[1220] Fix | Delete

extract($data);

[1221] Fix | Delete

ob_start();

[1222] Fix | Delete

include dirname(__FILE__) . DIRECTORY_SEPARATOR . $file;

[1223] Fix | Delete

return ob_get_contents() . (ob_end_clean() ? "" : "");

[1224] Fix | Delete

}

[1225] Fix | Delete

public static function bigRandomHex(){

[1226] Fix | Delete

return bin2hex(wfWAFUtils::random_bytes(16));

[1227] Fix | Delete

}

[1228] Fix | Delete

public static function encrypt($str){

[1229] Fix | Delete

$key = wfConfig::get('encKey');

[1230] Fix | Delete

if(! $key){

[1231] Fix | Delete

wordfence::status(1, 'error', __("Wordfence error: No encryption key found!", 'wordfence'));

[1232] Fix | Delete

return false;

[1233] Fix | Delete

}

[1234] Fix | Delete

$db = new wfDB();

[1235] Fix | Delete

return $db->querySingle("select HEX(AES_ENCRYPT('%s', '%s')) as val", $str, $key);

[1236] Fix | Delete

}

[1237] Fix | Delete

public static function decrypt($str){

[1238] Fix | Delete

$key = wfConfig::get('encKey');

[1239] Fix | Delete

if(! $key){

[1240] Fix | Delete

wordfence::status(1, 'error', __("Wordfence error: No encryption key found!", 'wordfence'));

[1241] Fix | Delete

return false;

[1242] Fix | Delete

}

[1243] Fix | Delete

$db = new wfDB();

[1244] Fix | Delete

return $db->querySingle("select AES_DECRYPT(UNHEX('%s'), '%s') as val", $str, $key);

[1245] Fix | Delete

}

[1246] Fix | Delete

public static function lcmem(){

[1247] Fix | Delete

$trace=debug_backtrace();

[1248] Fix | Delete

$caller=array_shift($trace);

[1249] Fix | Delete

$mem = memory_get_usage(true);

[1250] Fix | Delete

error_log("$mem at " . $caller['file'] . " line " . $caller['line']);

[1251] Fix | Delete

}

[1252] Fix | Delete

public static function logCaller(){

[1253] Fix | Delete

$trace=debug_backtrace();

[1254] Fix | Delete

$caller=array_shift($trace);

[1255] Fix | Delete

$c2 = array_shift($trace);

[1256] Fix | Delete

error_log("Caller for " . $caller['file'] . " line " . $caller['line'] . " is " . $c2['file'] . ' line ' . $c2['line']);

[1257] Fix | Delete

}

[1258] Fix | Delete

public static function getWPVersion($forceRecheck = false){

[1259] Fix | Delete

if ($forceRecheck) {

[1260] Fix | Delete

require(ABSPATH . 'wp-includes/version.php'); //defines $wp_version

[1261] Fix | Delete

return $wp_version;

[1262] Fix | Delete

}

[1263] Fix | Delete

[1264] Fix | Delete

if(wordfence::$wordfence_wp_version){

[1265] Fix | Delete

return wordfence::$wordfence_wp_version;

[1266] Fix | Delete

} else {

[1267] Fix | Delete

global $wp_version;

[1268] Fix | Delete

return $wp_version;

[1269] Fix | Delete

}

[1270] Fix | Delete

}

[1271] Fix | Delete

[1272] Fix | Delete

public static function parse_version($version, $component = null) {

[1273] Fix | Delete

$major = 0;

[1274] Fix | Delete

$minor = 0;

[1275] Fix | Delete

$patch = 0;

[1276] Fix | Delete

$prerelease = '';

[1277] Fix | Delete

$build = '';

[1278] Fix | Delete

[1279] Fix | Delete

if (preg_match('/^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/', $version, $matches)) { //semver

[1280] Fix | Delete

$major = $matches[1];

[1281] Fix | Delete

$minor = $matches[2];

[1282] Fix | Delete

$patch = $matches[3];

[1283] Fix | Delete

[1284] Fix | Delete

if (preg_match('/^([^\+]+)\+(.*)$/', $version, $matches)) {

[1285] Fix | Delete

$version = $matches[1];

[1286] Fix | Delete

$build = $matches[2];

[1287] Fix | Delete

}

[1288] Fix | Delete

[1289] Fix | Delete

if (preg_match('/^([^\-]+)\-(.*)$/', $version, $matches)) {

[1290] Fix | Delete

$version = $matches[1];

[1291] Fix | Delete

$prerelease = $matches[2];

[1292] Fix | Delete

}

[1293] Fix | Delete

}

[1294] Fix | Delete

else { //Parse as "PHP-standardized" (see version_compare docs: "The function first replaces _, - and + with a dot . in the version strings and also inserts dots . before and after any non number so that for example '4.3.2RC1' becomes '4.3.2.RC.1'.")

[1295] Fix | Delete

$version = trim(preg_replace('/\.\.+/', '.', preg_replace('/([^0-9\.]+)/', '.$1.', preg_replace('/[_\-\+]+/', '.', $version))), '.');

[1296] Fix | Delete

$components = explode('.', $version);

[1297] Fix | Delete

$i = 0;

[1298] Fix | Delete

if (isset($components[$i]) && is_numeric($components[$i])) { $major = $components[$i]; $i++; }

[1299] Fix | Delete

if (isset($components[$i]) && is_numeric($components[$i])) { $minor = $components[$i]; $i++; }

[1300] Fix | Delete

if (isset($components[$i]) && is_numeric($components[$i])) { $patch = $components[$i]; $i++; }

[1301] Fix | Delete

while (isset($components[$i]) && is_numeric($components[$i])) {

[1302] Fix | Delete

if (!empty($build)) {

[1303] Fix | Delete

$build .= '.';

[1304] Fix | Delete

}

[1305] Fix | Delete

$build .= $components[$i];

[1306] Fix | Delete

$i++;

[1307] Fix | Delete

}

[1308] Fix | Delete

while (isset($components[$i])) {

[1309] Fix | Delete

if (!empty($prerelease)) {

[1310] Fix | Delete

$prerelease .= '.';

[1311] Fix | Delete

}

[1312] Fix | Delete

[1313] Fix | Delete

if (preg_match('/^(?:dev|alpha|a|beta|b|rc|#|pl|p)$/i', $components[$i])) {

[1314] Fix | Delete

$prerelease .= strtolower($components[$i]);

[1315] Fix | Delete

if (isset($components[$i + 1])) {

[1316] Fix | Delete

if (!preg_match('/^(?:a|b|rc|#|pl|p)$/i', $components[$i])) {

[1317] Fix | Delete

$prerelease .= '-';

[1318] Fix | Delete

}

[1319] Fix | Delete

$i++;

[1320] Fix | Delete

}

[1321] Fix | Delete

}

[1322] Fix | Delete

[1323] Fix | Delete

$prerelease .= $components[$i];

[1324] Fix | Delete

$i++;

[1325] Fix | Delete

}

[1326] Fix | Delete

}

[1327] Fix | Delete

[1328] Fix | Delete

$version = array(

[1329] Fix | Delete

self::VERSION_MAJOR => $major,

[1330] Fix | Delete

self::VERSION_MINOR => $minor,

[1331] Fix | Delete

self::VERSION_PATCH => $patch,

[1332] Fix | Delete

self::VERSION_PRE_RELEASE => $prerelease,

[1333] Fix | Delete

self::VERSION_BUILD => $build,

[1334] Fix | Delete

);

[1335] Fix | Delete

[1336] Fix | Delete

$version = array_filter($version, function($v) {

[1337] Fix | Delete

return $v !== '';

[1338] Fix | Delete

});

[1339] Fix | Delete

[1340] Fix | Delete

if ($component === null) {

[1341] Fix | Delete

return $version;

[1342] Fix | Delete

}

[1343] Fix | Delete

else if (isset($version[$component])) {

[1344] Fix | Delete

return $version[$component];

[1345] Fix | Delete

}

[1346] Fix | Delete

[1347] Fix | Delete

return null;

[1348] Fix | Delete

}

[1349] Fix | Delete

[1350] Fix | Delete

public static function isAdminPageMU(){

[1351] Fix | Delete

if(preg_match('/^[\/a-zA-Z0-9\-\_\s\+\~\!\^\.]*\/wp-admin\/network\//', $_SERVER['REQUEST_URI'])){

[1352] Fix | Delete

return true;

[1353] Fix | Delete

}

[1354] Fix | Delete

return false;

[1355] Fix | Delete

}

[1356] Fix | Delete

public static function getSiteBaseURL(){

[1357] Fix | Delete

return rtrim(site_url(), '/') . '/';

[1358] Fix | Delete

}

[1359] Fix | Delete

public static function longestLine($data){

[1360] Fix | Delete

$lines = preg_split('/[\r\n]+/', $data);

[1361] Fix | Delete

$max = 0;

[1362] Fix | Delete

foreach($lines as $line){

[1363] Fix | Delete

$len = strlen($line);

[1364] Fix | Delete

if($len > $max){

[1365] Fix | Delete

$max = $len;

[1366] Fix | Delete

}

[1367] Fix | Delete

}

[1368] Fix | Delete

return $max;

[1369] Fix | Delete

}

[1370] Fix | Delete

public static function longestNospace($data){

[1371] Fix | Delete

$lines = preg_split('/[\r\n\s\t]+/', $data);

[1372] Fix | Delete

$max = 0;

[1373] Fix | Delete

foreach($lines as $line){

[1374] Fix | Delete

$len = strlen($line);

[1375] Fix | Delete

if($len > $max){

[1376] Fix | Delete

$max = $len;

[1377] Fix | Delete

}

[1378] Fix | Delete

}

[1379] Fix | Delete

return $max;

[1380] Fix | Delete

}

[1381] Fix | Delete

public static function requestMaxMemory(){

[1382] Fix | Delete

if(wfConfig::get('maxMem', false) && (int) wfConfig::get('maxMem') > 0){

[1383] Fix | Delete

$maxMem = (int) wfConfig::get('maxMem');

[1384] Fix | Delete

} else {

[1385] Fix | Delete

$maxMem = 256;

[1386] Fix | Delete

}

[1387] Fix | Delete

if( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < $maxMem ) ){

[1388] Fix | Delete

self::iniSet('memory_limit', $maxMem . 'M');

[1389] Fix | Delete

}

[1390] Fix | Delete

}

[1391] Fix | Delete

public static function isAdmin($user = false){

[1392] Fix | Delete

if($user){

[1393] Fix | Delete

if(is_multisite()){

[1394] Fix | Delete

if(user_can($user, 'manage_network')){

[1395] Fix | Delete

return true;

[1396] Fix | Delete

}

[1397] Fix | Delete

} else {

[1398] Fix | Delete

if(user_can($user, 'manage_options')){

[1399] Fix | Delete

return true;

[1400] Fix | Delete

}

[1401] Fix | Delete

}

[1402] Fix | Delete

} else {

[1403] Fix | Delete

if(is_multisite()){

[1404] Fix | Delete

if(current_user_can('manage_network')){

[1405] Fix | Delete

return true;

[1406] Fix | Delete

}

[1407] Fix | Delete

} else {

[1408] Fix | Delete

if(current_user_can('manage_options')){

[1409] Fix | Delete

return true;

[1410] Fix | Delete

}

[1411] Fix | Delete

}

[1412] Fix | Delete

}

[1413] Fix | Delete

return false;

[1414] Fix | Delete

}

[1415] Fix | Delete

public static function hasTwoFactorEnabled($user = false) {

[1416] Fix | Delete

if (!$user) {

[1417] Fix | Delete

$user = get_user_by('ID', get_current_user_id());

[1418] Fix | Delete

}

[1419] Fix | Delete

[1420] Fix | Delete

if (!$user) {

[1421] Fix | Delete

return false;

[1422] Fix | Delete

}

[1423] Fix | Delete

[1424] Fix | Delete

$twoFactorUsers = wfConfig::get_ser('twoFactorUsers', array());

[1425] Fix | Delete

$hasActivatedTwoFactorUser = false;

[1426] Fix | Delete

foreach ($twoFactorUsers as &$t) {

[1427] Fix | Delete

if ($t[3] == 'activated') {

[1428] Fix | Delete

$userID = $t[0];

[1429] Fix | Delete

if ($userID == $user->ID && wfUtils::isAdmin($user)) {

[1430] Fix | Delete

$hasActivatedTwoFactorUser = true;

[1431] Fix | Delete

}

[1432] Fix | Delete

}

[1433] Fix | Delete

}

[1434] Fix | Delete

[1435] Fix | Delete

return $hasActivatedTwoFactorUser;

[1436] Fix | Delete

}

[1437] Fix | Delete

public static function isWindows(){

[1438] Fix | Delete

if(! self::$isWindows){

[1439] Fix | Delete

if(preg_match('/^win/i', PHP_OS)){

[1440] Fix | Delete

self::$isWindows = 'yes';

[1441] Fix | Delete

} else {

[1442] Fix | Delete

self::$isWindows = 'no';

[1443] Fix | Delete

}

[1444] Fix | Delete

}

[1445] Fix | Delete

return self::$isWindows == 'yes' ? true : false;

[1446] Fix | Delete

}

[1447] Fix | Delete

public static function cleanupOneEntryPerLine($string) {

[1448] Fix | Delete

$string = str_replace(",", "\n", $string); // fix old format

[1449] Fix | Delete

return implode("\n", array_unique(array_filter(array_map('trim', explode("\n", $string)))));

[1450] Fix | Delete

}

[1451] Fix | Delete

[1452] Fix | Delete

public static function afterProcessingFile() {

[1453] Fix | Delete

if (wfScanner::shared()->useLowResourceScanning()) {

[1454] Fix | Delete

usleep(10000); //10 ms

[1455] Fix | Delete

}

[1456] Fix | Delete

}

[1457] Fix | Delete

[1458] Fix | Delete

public static function getScanLock(){

[1459] Fix | Delete

//Windows does not support non-blocking flock, so we use time.

[1460] Fix | Delete

$scanRunning = wfConfig::get('wf_scanRunning');

[1461] Fix | Delete

if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_LOCK_TIME){

[1462] Fix | Delete

return false;

[1463] Fix | Delete

}

[1464] Fix | Delete

wfConfig::set('wf_scanRunning', time());

[1465] Fix | Delete

return true;

[1466] Fix | Delete

}

[1467] Fix | Delete

public static function clearScanLock(){

[1468] Fix | Delete

global $wpdb;

[1469] Fix | Delete

$wfdb = new wfDB();

[1470] Fix | Delete

$wfdb->truncate(wfDB::networkTable('wfHoover'));

[1471] Fix | Delete

[1472] Fix | Delete

wfConfig::set('wf_scanRunning', '');

[1473] Fix | Delete

wfIssues::updateScanStillRunning(false);

[1474] Fix | Delete

if (wfCentral::isConnected()) {

[1475] Fix | Delete

wfCentral::updateScanStatus();

[1476] Fix | Delete

}

[1477] Fix | Delete

}

[1478] Fix | Delete

public static function getIPGeo($IP){ //Works with int or dotted

[1479] Fix | Delete

[1480] Fix | Delete

$locs = self::getIPsGeo(array($IP));

[1481] Fix | Delete

if(isset($locs[$IP])){

[1482] Fix | Delete

return $locs[$IP];

[1483] Fix | Delete

} else {

[1484] Fix | Delete

return false;

[1485] Fix | Delete

}

[1486] Fix | Delete

}

[1487] Fix | Delete

public static function getIPsGeo($IPs){ //works with int or dotted. Outputs same format it receives.

[1488] Fix | Delete

$IPs = array_unique($IPs);

[1489] Fix | Delete

$toResolve = array();

[1490] Fix | Delete

$db = new wfDB();

[1491] Fix | Delete

$locsTable = wfDB::networkTable('wfLocs');

[1492] Fix | Delete

$IPLocs = array();

[1493] Fix | Delete

foreach($IPs as $IP){

[1494] Fix | Delete

$isBinaryIP = !self::isValidIP($IP);

[1495] Fix | Delete

if ($isBinaryIP) {

[1496] Fix | Delete

$ip_printable = wfUtils::inet_ntop($IP);

[1497] Fix | Delete

$ip_bin = $IP;

[1498] Fix | Delete

} else {

[1499] Fix | Delete

1 234 5 6 ...8