Merge pull request #28 from CleanTalk/dev

Dev
CleanTalk · May 6, 2024 · 89d30da · 89d30da
2 parents 3caae8d + b68be4e
commit 89d30da
Show file tree

Hide file tree

Showing 21 changed files with 601 additions and 237 deletions.
diff --git a/uniforce/css/settings-table.css b/uniforce/css/settings-table.css
@@ -50,12 +50,18 @@ tbody{
         vertical-align: top;
         padding: 8px 10px;
     }
-    tbody tr td{ position: relative;}
+    tbody tr td {
+        position: relative;
+    }
 
 tfoot{
     border: 1px solid #ccd0d4;
 }
 
+.column-path {
+    word-break: break-word !important;
+}
+
 [disabled]:hover{cursor: not-allowed;}
 
 .tbl-width--50px{width: 50px;}
@@ -131,4 +137,4 @@ tr:hover .row-actions span.tbl-row_action--approve{color: #0a0;}
     border: 1px solid rgb(51, 51, 51);
     border-radius: 5px;
     z-index: 20;
-}
+}
diff --git a/uniforce/data/cron.php b/uniforce/data/cron.php
@@ -1,2 +1,2 @@
 <?php
-$uniforce_tasks = array ();
+$uniforce_tasks = array ();
diff --git a/uniforce/inc/admin.php b/uniforce/inc/admin.php
@@ -306,14 +306,66 @@ function usp_send_pass_to_email($to, $login, $pass)
  * Modify cron
  */
 function usp_install_cron(){
-
-	Cron::addTask( 'sfw_update', 'uniforce_fw_update', 86400, time() + 20 );
-	Cron::addTask( 'security_send_logs', 'uniforce_security_send_logs', 3600 );
-    Cron::addTask( 'fw_send_logs', 'uniforce_fw_send_logs', 3600 );
-    Cron::addTask( 'clean_black_lists', 'uniforce_clean_black_lists', 86400 );
-    Cron::addTask( 'update_signatures', 'usp_scanner__get_signatures', 86400, time() + 10 );
-    Cron::addTask( 'check_for_updates', 'usp_get_latest_version', 86400, time() );
-
+    $tasks = [
+        'sfw_update' => [
+            'handler' => 'uniforce_fw_update',
+            'period' => 86400,
+            'next_call' => time() + 20,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'security_send_logs' => [
+            'handler' => 'uniforce_security_send_logs',
+            'period' => 3600,
+            'next_call' => null,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'fw_send_logs' => [
+            'handler' => 'uniforce_fw_send_logs',
+            'period' => 3600,
+            'next_call' => null,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'clean_black_lists' => [
+            'handler' => 'uniforce_clean_black_lists',
+            'period' => 86400,
+            'next_call' => null,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'update_signatures' => [
+            'handler' => 'usp_scanner__get_signatures',
+            'period' => 86400,
+            'next_call' => time() + 10,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'check_for_updates' => [
+            'handler' => 'usp_get_latest_version',
+            'period' => 86400,
+            'next_call' => time(),
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ],
+        'scanner_launch' => [
+            'handler' => 'usp_scanner__launch',
+            'period' => 86400,
+            'next_call' => time() + 86400,
+            'executed' => 0,
+            'last_executed' => 0,
+            'params' => [],
+        ]
+    ];
+
+    Cron::saveTasks($tasks);
 }
 
 /**
@@ -451,19 +503,24 @@ function usp_do_login($apikey, $password, $email ) {
     // Simple brute force protection
     sleep(2);
 
+
     // If password is set in config
     if( $password ){
-
-        if( ( Post::get( 'login' ) == $apikey || Post::get( 'login' ) === $email ) && hash( 'sha256', trim( Post::get( 'password' ) ) ) == $password )
-            setcookie('authentificated', State::getInstance()->data->security_key, 0, '/', '', false, true);
-        else
+        if (
+            ( Post::get( 'login' ) == $apikey || Post::get( 'login' ) === $email ) &&
+            hash( 'sha256', trim( Post::get( 'password' ) ) ) == $password ) {
+            //if session cookies is cached will try to set cookie via js
+            $sec_key = State::getInstance()->data->security_key;
+            setcookie('authentificated', $sec_key, strtotime( '+30 days' ), '/', '', false, false);
+        }
+        else {
             Err::add('Incorrect login or password');
-
+        }
     // No match
-    }else
+    } else {
         Err::add('Incorrect login');
-
-    Err::check() or die(json_encode(array('passed' => true)));
+    }
+    Err::check() or die(json_encode(array('passed' => true, 'hash' => isset($sec_key) ? $sec_key : '')));
     die(Err::check_and_output( 'as_json' ));
 
 }
@@ -499,13 +556,22 @@ function usp_do_save_settings() {
 	// Recognizing new key
 	$new_key_is_set = $usp->settings->key !== $settings['key'];
 
+
+    if( $settings['scanner_auto_start'] != $usp->settings->scanner_auto_start ) {
+        if ($settings['scanner_auto_start'] == 1) {
+            Cron::updateTask( 'scanner_launch', 'usp_scanner__launch', 86400, time() + 86400 );
+        } else {
+            Cron::removeTask( 'scanner_launch');
+        }
+    }
+
 	// Set values
 	foreach ( $settings as $setting => $value) {
 		$usp->settings->$setting = $value;
 	} unset($setting, $value);
 
     // validate the new key
-	$usp->data->key_is_ok = usp_check_account_status();
+	usp_check_account_status();
 
     // BFP actions
     if( $usp->settings->key ){
@@ -536,7 +602,7 @@ function usp_do_save_settings() {
 	$usp->settings->save();
 
 	// FireWall actions
-	// Last in the list because it can overwrite the data in the the remote call it makes
+	// Last in the list because it can overwrite the data in the remote call it makes
 	if( ( $usp->settings->fw || $usp->settings->waf ) && $usp->settings->key ){
 
 		// Update SFW
@@ -589,37 +655,18 @@ function usp_check_account_status( $key = null ){
 		preg_replace( '/http[s]?:\/\//', '', Server::get( 'SERVER_NAME' ), 1 ),
 		'security'
 	);
-	if( ! empty( $result['error'] ) ){
-		Err::add('Checking key failed', $result['error']);
-		$usp->data->notice_show     = 0;
-		$usp->data->notice_renew    = 0;
-		$usp->data->notice_trial    = 0;
-		$usp->data->notice_review   = 0;
-		$usp->data->user_token      = '';
-		$usp->data->spam_count      = 0;
-		$usp->data->moderate_ip     = 0;
-		$usp->data->moderate        = 0;
-		$usp->data->service_id      = 0;
-		$usp->data->license_trial   = 0;
-		$usp->data->account_name = '';
-		$usp->data->account_name_ob = '';
-		$usp->data->ip_license      = 0;
-		$usp->data->valid           = 0;
+    $error = false;
+    if (! empty( $result['error']) ) {
+        $error = $result['error'];
+    } elseif ( isset($result['valid']) && $result['valid'] == 0 ){
+        $error = 'key is invalid';
+    }
+	if( false !== $error ){
+		Err::add('Checking key failed', $error);
+        processInvalidKeyState($usp);
 		// $usp->data->notice_were_updated = $result[''];
 	} else {
-		$usp->data->notice_show     = isset( $result['show_notice'] ) ? $result['show_notice'] : 0;
-		$usp->data->notice_renew    = isset( $result['renew'] ) ? $result['renew'] : 0;
-		$usp->data->notice_trial    = isset( $result['trial'] ) ? $result['trial'] : 0;
-		$usp->data->notice_review   = isset( $result['show_review'] ) ? $result['show_review'] : 0;
-		$usp->data->user_token      = isset( $result['user_token'] ) ? $result['user_token'] : '';
-		$usp->data->spam_count      = isset( $result['spam_count'] ) ? $result['spam_count'] : 0;
-		$usp->data->moderate_ip     = isset( $result['moderate_ip'] ) ? $result['moderate_ip'] : 0;
-		$usp->data->moderate        = isset( $result['moderate'] ) ? $result['moderate'] : 0;
-		$usp->data->service_id      = isset( $result['service_id'] ) ? $result['service_id'] : 0;
-		$usp->data->license_trial   = isset( $result['license_trial'] ) ? $result['license_trial'] : 0;
-		$usp->data->account_name_ob = isset( $result['account_name_ob'] ) ? $result['account_name_ob'] : '';
-		$usp->data->ip_license      = isset( $result['ip_license'] ) ? $result['ip_license'] : 0;
-		$usp->data->valid           = isset( $result['valid'] ) ? $result['valid'] : 0;
+        processValidKeyState($usp, $result);
 		// $usp->data->notice_were_updated = $result[''];
 	}
 
@@ -687,3 +734,69 @@ function usp_do_change_admin_password()
     Err::check() or die(json_encode(array('success' => true)));
     die(Err::check_and_output( 'as_json' ));
 }
+
+/**
+ * @param State $usp
+ * @return void
+ */
+function processInvalidKeyState(State $usp)
+{
+    $usp->data->notice_show     = 0;
+    $usp->data->notice_renew    = 0;
+    $usp->data->notice_trial    = 0;
+    $usp->data->notice_review   = 0;
+    $usp->data->user_token      = '';
+    $usp->data->spam_count      = 0;
+    $usp->data->moderate_ip     = 0;
+    $usp->data->moderate        = 0;
+    $usp->data->service_id      = 0;
+    $usp->data->license_trial   = 0;
+    $usp->data->account_name = '';
+    $usp->data->account_name_ob = '';
+    $usp->data->ip_license      = 0;
+    $usp->data->valid           = 0;
+    $usp->data->scanner->background_scan_stop = true;
+    $usp->data->key_is_ok = 0;
+
+    // Deleting options and their files
+    $usp->delete( 'scan_result' );
+    $usp->delete( 'fw_stats' );
+
+    $usp->data->stat->scanner_background_log = $usp->default_data['stat']['scanner_background_log'];
+    @file_put_contents(
+        Cron::CRON_FILE,
+        "<?php\n\n\$uniforce_tasks = array ();"
+    );
+    // Deleting FW data
+    $db = new \Cleantalk\USP\File\FileDB( 'fw_nets' );
+    $db->delete();
+    $db->deleteTemp();
+    require 'cron_functions.php';
+    uniforce_clean_black_lists();
+
+    // Deleting any logs
+    usp_uninstall_logs();
+}
+
+/**
+ * @param $usp
+ * @return void
+ */
+function processValidKeyState($usp, $result)
+{
+    $usp->data->notice_show     = isset( $result['show_notice'] ) ? $result['show_notice'] : 0;
+    $usp->data->notice_renew    = isset( $result['renew'] ) ? $result['renew'] : 0;
+    $usp->data->notice_trial    = isset( $result['trial'] ) ? $result['trial'] : 0;
+    $usp->data->notice_review   = isset( $result['show_review'] ) ? $result['show_review'] : 0;
+    $usp->data->user_token      = isset( $result['user_token'] ) ? $result['user_token'] : '';
+    $usp->data->spam_count      = isset( $result['spam_count'] ) ? $result['spam_count'] : 0;
+    $usp->data->moderate_ip     = isset( $result['moderate_ip'] ) ? $result['moderate_ip'] : 0;
+    $usp->data->moderate        = isset( $result['moderate'] ) ? $result['moderate'] : 0;
+    $usp->data->service_id      = isset( $result['service_id'] ) ? $result['service_id'] : 0;
+    $usp->data->license_trial   = isset( $result['license_trial'] ) ? $result['license_trial'] : 0;
+    $usp->data->account_name_ob = isset( $result['account_name_ob'] ) ? $result['account_name_ob'] : '';
+    $usp->data->ip_license      = isset( $result['ip_license'] ) ? $result['ip_license'] : 0;
+    $usp->data->valid           = isset( $result['valid'] ) ? $result['valid'] : 0;
+    $usp->data->key_is_ok       = $usp->data->moderate && $usp->data->valid ? 1 : 0;
+    usp_install_cron();
+}
diff --git a/uniforce/inc/common.php b/uniforce/inc/common.php
@@ -5,7 +5,7 @@
  *
  * Sets all main constants
  *
- * Version: 3.9.0
+ * Version: 3.10.0
  */
 
 use Cleantalk\USP\Common\Err;
@@ -14,7 +14,7 @@
 use Cleantalk\USP\Common\RemoteCalls;
 
 if( ! defined( 'SPBCT_PLUGIN' ) )     define( 'SPBCT_PLUGIN', 'uniforce' );
-if( ! defined( 'SPBCT_VERSION' ) )    define( 'SPBCT_VERSION', '3.9.0' );
+if( ! defined( 'SPBCT_VERSION' ) )    define( 'SPBCT_VERSION', '3.10.0' );
 if( ! defined( 'SPBCT_AGENT' ) )      define( 'SPBCT_AGENT', SPBCT_PLUGIN . '-' . str_replace( '.', '', SPBCT_VERSION ) );
 if( ! defined( 'SPBCT_USER_AGENT' ) ) define( 'SPBCT_USER_AGENT', 'Cleantalk-Security-Universal-Plugin/' . SPBCT_VERSION );
 

diff --git a/uniforce/inc/cron_functions.php b/uniforce/inc/cron_functions.php
@@ -7,9 +7,9 @@
 use Cleantalk\USP\Variables\Server;
 
 function uniforce_fw_update( $immediate = false ){
-	
+
 	$usp = State::getInstance();
-	
+
 	// SFW actions
 	if( $usp->key && $usp->settings->fw ){
 
@@ -35,24 +35,24 @@ function uniforce_fw_update( $immediate = false ){
 function uniforce_fw_send_logs(){
 
 	$usp = State::getInstance();
-	
+
 	// SFW actions
 	if( $usp->key && $usp->settings->fw ){
 
 		// Send SFW logs
 		$result = \Cleantalk\USP\Uniforce\Firewall\FW::send_log( $usp->key );
-		
+
 		if( ! empty( $result['error'] ) )
 			Err::add( $result['error'] );
-		
+
 		if( ! Err::check() ) {
 			$usp->fw_stats->logs_sent_time = time();
 			$usp->fw_stats->count = 0;
 			$usp->fw_stats->save();
         }
 
 	}
-	
+
 	return ! Err::check() ? true : false;
 }
 
@@ -135,25 +135,31 @@ function usp_scanner__launch(){
 
 	$usp = State::getInstance();
 
-	if ( $usp->scanner_status === false || ! $usp->settings->scanner_auto_start )
-		return true;
+	if ( $usp->scanner_status === false || ! $usp->settings->scanner_auto_start ){
+        return true;
+    }
+
+    \Cleantalk\USP\ScannerController::clearBackgroundScanLog($usp);
+    $usp->data->scanner->background_scan_stop = false;
+    $usp->data->save();
+
 
-	return Helper::http__request(
-		CT_USP_AJAX_URI,
+    return Helper::http__request(
+        CT_USP_URI,
 		array(
 			'plugin_name' => 'security',
 			'spbc_remote_call_token' => md5($usp->settings->key),
 			'spbc_remote_call_action' => 'scanner__controller',
-			'state'                   => 'get_hashes'
+			'state'                   => 'create_db'
 		),
 		'get async'
 	);
 }
 
 function usp_scanner__get_signatures() {
-	
+
 	$usp = State::getInstance();
-	
+
 	$scanner_controller = new \Cleantalk\USP\ScannerController( CT_USP_SITE_ROOT );
 	$out = $scanner_controller->action__scanner__get_signatures();
 
@@ -164,4 +170,4 @@ function usp_get_latest_version(){
 	$updater = new \Cleantalk\USP\Updater\Updater( CT_USP_ROOT );
 	State::getInstance()->plugin_meta->latest_version = $updater->getLatestVersion();
 	State::getInstance()->plugin_meta->save();
-}
+}