stklcode/statify-blacklist
stklcode/statify-blacklist
1
0
Fork 0
Code Issues Actions Releases 21 Activity

Compare commits

base: stklcode:stable
Branches Tags
stklcode:stable
stklcode:develop
stklcode:v1.7.2
stklcode:v1.7.1
stklcode:v1.7.0
stklcode:v1.6.3
stklcode:v1.6.2
stklcode:v1.6.1
stklcode:v1.6.0
stklcode:v1.5.2
stklcode:v1.5.1
stklcode:v1.5.0
stklcode:v1.4.4
stklcode:v1.4.3
stklcode:v1.4.2
stklcode:v1.4.1
stklcode:v1.4.0
stklcode:v1.3.1
stklcode:v1.3.0
stklcode:v1.2.1
stklcode:v1.2.0
stklcode:v1.1.2
stklcode:v1.1.1
..
compare: stklcode:v1.4.2
Branches Tags
stklcode:develop
stklcode:stable
stklcode:v1.7.2
stklcode:v1.7.1
stklcode:v1.7.0
stklcode:v1.6.3
stklcode:v1.6.2
stklcode:v1.6.1
stklcode:v1.6.0
stklcode:v1.5.2
stklcode:v1.5.1
stklcode:v1.5.0
stklcode:v1.4.4
stklcode:v1.4.3
stklcode:v1.4.2
stklcode:v1.4.1
stklcode:v1.4.0
stklcode:v1.3.1
stklcode:v1.3.0
stklcode:v1.2.1
stklcode:v1.2.0
stklcode:v1.1.2
stklcode:v1.1.1

No commits in common. "stable" and "v1.4.2" have entirely different histories.
stable ... v1.4.2

30 changed files with 1287 additions and 2835 deletions
Show Stats Expand all files Collapse all files

18
.distignore
View File

@ -1,18 +0,0 @@
/.git
/.github
/assets
/dist
/test
/vendor
/.distignore
/.editorconfig
/.gitattributes
/.gitignore
/.travis.yml
/composer.json
/composer.lock
/CONTRIBUTING.md
/package.json
/package-lock.json
/phpcs.xml
/phpunit.xml

21
.editorconfig
View File

@ -1,21 +0,0 @@
# This file is for unifying the coding style for different editors and IDEs
# editorconfig.org
# WordPress Coding Standards
# https://make.wordpress.org/core/handbook/coding-standards/
root = true
[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
indent_style = tab
[{.jshintrc,*.json,*.yml,*.feature}]
indent_style = space
indent_size = 2
[{*.txt,wp-config-sample.php}]
end_of_line = crlf

14
.gitattributes vendored
View File

@ -1,14 +0,0 @@
/.github export-ignore
/assets export-ignore
/dist export-ignore
/test export-ignore
.distignore export-ignore
.gitattributes export-ignore
.gitignore export-ignore
.travis.yml export-ignore
composer.json export-ignore
composer.lock export-ignore
CONTRIBUTING.md export-ignore
package.json export-ignore
phpcs.xml export-ignore
phpunit.xml export-ignore

55
.github/workflows/test.yml vendored
View File

@ -1,55 +0,0 @@
name: CI
on: [ push, pull_request ]
jobs:
unit-test:
runs-on: ubuntu-latest
strategy:
matrix:
php: [ '5.6', '7.4', '8.0', '8.2', '8.4' ]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
coverage: xdebug
tools: composer
- name: Install
run: composer install --no-interaction
- name: Unit tests
run: |
composer test
sed -i "s#<file name=\"${GITHUB_WORKSPACE}#<file name=\"/github/workspace#g" tests-clover.xml
- name: Analyze with SonarCloud
if: matrix.php == '8.2' && env.SONAR_TOKEN != ''
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.organization=stklcode-github
-Dsonar.projectKey=stklcode:statify-blacklist
-Dsonar.sources=inc,statify-blacklist.php
-Dsonar.tests=test
-Dsonar.php.tests.reportPath=tests-junit.xml
-Dsonar.php.coverage.reportPaths=tests-clover.xml
-Dsonar.coverage.exclusions=test/**/*.php
quality:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.2'
tools: composer
- name: Install
run: composer install --no-interaction
- name: Code style checks for PHP
run: composer test-cs

20
.github/workflows/wordpress-plugin-asset-update.yml vendored
View File

@ -1,20 +0,0 @@
name: Plugin asset/readme update
on:
push:
branches:
- stable
jobs:
master:
name: Push to stable
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Clean README.md
run: tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
- name: WordPress.org plugin asset/readme update
uses: 10up/action-wordpress-plugin-asset-update@stable
env:
ASSETS_DIR: assets
README_NAME: README.md
SVN_PASSWORD: ${{ secrets.WP_SVN_PASSWORD }}
SVN_USERNAME: ${{ secrets.WP_SVN_USERNAME }}

23
.github/workflows/wordpress-plugin-check.yml vendored
View File

@ -1,23 +0,0 @@
name: Plugin check
on:
push:
branches: [ 'stable', 'release/*' ]
pull_request:
branches: [ 'stable' ]
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Package plugin
run: |
mkdir -p ./dist
tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
rsync -rc --exclude-from=.distignore ./ ./dist/statify-blacklist --delete --delete-excluded
- name: Check WP plugin
uses: wordpress/plugin-check-action@v1
with:
build-dir: ./dist/statify-blacklist

20
.github/workflows/wordpress-plugin-deploy.yml vendored
View File

@ -1,20 +0,0 @@
name: Deploy to WordPress.org
on:
push:
tags:
- "v*"
- "!v*-*"
jobs:
tag:
name: New tag
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Clean README.md
run: tail -n +6 README.md > README.md.tmp && mv README.md.tmp README.md
- name: WordPress Plugin Deploy
uses: 10up/action-wordpress-plugin-deploy@stable
env:
ASSETS_DIR: assets
SVN_PASSWORD: ${{ secrets.WP_SVN_PASSWORD }}
SVN_USERNAME: ${{ secrets.WP_SVN_USERNAME }}

3
.gitignore vendored
View File

@ -4,5 +4,4 @@ composer.lock
/dist/
.idea
tests-clover.xml
tests-junit.xml
.phpunit.result.cache
tests-junit.xml

15
.travis.yml Normal file
View File

@ -0,0 +1,15 @@
language: php
dist: trusty
php:
- '5.5'
- '5.6'
- '7.0'
- '7.1'
- '7.2'
before_script:
- composer install --no-interaction
- vendor/bin/phpcs --config-set installed_paths vendor/wp-coding-standards/wpcs
script:
- vendor/bin/phpunit ./test/statifyblacklist-test.php
- vendor/bin/phpcs statify-blacklist.php --standard=phpcs.xml
- vendor/bin/phpcs ./inc/ --standard=phpcs.xml --extensions=php

35
CONTRIBUTING.md
View File

@ -2,7 +2,7 @@
As for all great Open Source projects, contributions in form of bug reports and code are welcome and important to keep the project alive.
In general, this project follows the [GitHub Flow](https://guides.github.com/introduction/flow/).
In general, this project follows the [Git Flow](https://guides.github.com/introduction/flow/).
Fork the project, commit your changes to your branch, open a pull request and it will probably be merged.
However, to ensure maintainability and quality of the code, there are some guidelines you might be more or less familiar with.
For that purpose, this document describes the important points.
@ -14,7 +14,7 @@ If you experience any issues with the plugin or the code, don't hesitate to file
### Bug Reports
Think you found a bug?
Please clearly state what happens and describe your environment to help tracking down the issue.
Please clearly state what happens and describe your environment.
* Which version of the plugin are you running?
* Which version of WordPress?
@ -31,21 +31,19 @@ No problem, please open an issue and describe what and why you think this change
If you want to contribute your code to solve an issue or implement a desired feature yourself, you might open a pull request.
If the changes introduce new functionality or affect major parts of existing code, please consider opening an issue for discussion first.
For adding new functionality a new test case the corresponding PHPUnit test would be nice (no hard criterion though).
The `master` branch should also be target for most pull requests.
However it it features new functionality you might want to target the `develop` branch instead (see next section for details on branches).
For adding new functionality a new test case the corresponding PHPUnit test would be nice (no hard criterion).
### Branches
The `master` branch represents the current state of development.
Please ensure your initial code is up to date with it at the time you start development.
The `master` should also be target for most pull requests.
In addition, this project features a `develop` branch, which holds bleeding edge developments, not necessarily considered stable or even compatible.
In addition, this project features a `develop` branch, which hold cutting edge developments, not necessarily considered stable or even compatible.
Do not expect this code to run smoothly, but you might have a look into the history to see if some work on an issue has already been started there.
For fixes and features, there might be additional branches, likely prefixed by `hotfix/` or `feature/` followed by an issue number (if applicable) and/or a title.
Feel free to adapt this naming scheme to your forks.
For fixes and features, there might be additional branches, likely prefixed by `ft-` (feature) or `hf-` (hotfix) followed by an issue number (if applicable) and/or a title.
Feel free to adapt these naming scheme to your forks.
### Merge Requirements
@ -64,7 +62,7 @@ If your patch fixes an issue, reference the ID in the first line.
If you feel like you have to _briefly_ explain your changes, do it (for long explanations and discussion, consider opening an issue or describe in the PR).
**Example commit:**
```text
```
Fix nasty bug from #1337
This example commit fixes the issue that some people write non-speaking commit messages like 'done magic'.
@ -77,7 +75,7 @@ You might sign your work, although that's no must.
Short answer: When it makes sense.
Bugfixes should be merged in time - assuming they pass the above criteria.
Bugfixes should be merges in time - assuming they pass the above criteria.
New features might be assigned to a certain milestone and as a result of this be scheduled according to the planned release cycle.
## Compatibility
@ -90,17 +88,9 @@ If you are unsure if your code matches these versions, the test will probably te
In case you think, your change is more important than maintaining backwards compatibility, please start a discussion to see,
if we might increase the minimum version or find a workaround for legacy systems.
## Build Environment
All you need to start off - besides your favorite IDE of course - is [Composer](https://getcomposer.org).
Running `composer install` will fetch all dependencies and build tools required.
You might have noticed that this project contains a [Robo](http://robo.li) build script.
Running the _build_-task (`./vendor/bin/robo build`) executes the full chain from cleanup over test to bundling the final product in the `dist` directory.
A complete list of the available tasks and options can be shown by running `robo list`.
## Unit Tests
The PHP code is tested by a PHPUnit tests.
The PHP code is tested by a PHPUnit test.
All test files are located in the `test` directory.
Files ending with `-test.php` will be automatically included into the test suite.
The coverage is not yet perfect, but be invited to write tests for methods not yet covered or newly introduced by your patch.
@ -112,7 +102,7 @@ Please make sure that you are at least roughly familiar with those guidelines.
The code style is automatically checked for commits (including pull requests) using [PHP CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer).
You can check your code against the configured ruleset yourself by running
`./vendor/bin/phpcs --standard=phpcs.xml your-edited-file.php` (assuming `composer install` has been executed) or the Robo task `robo test:cs` for a complete scan.
`./vendor/bin/phpcs --standard=phpcs.xml your-edited-file.php` (assuming `composer install` has been executed).
Please see these standards as guidelines.
If code style this is the only test that fails and your code's semantics are fine, don't hesitate to submit your pull request anyway.
@ -123,9 +113,6 @@ We probably find a solution for that.
Automated tests are run using [Travis CI](https://travis-ci.org/stklcode/statify-blacklist) for every commit including pull requests.
They ensure compatibility with the supported PHP versions and the WP Coding Standards.
There is also a semi-automated code quality analysis pushing results to [SonarCloud](https://sonarcloud.io/dashboard?id=de.stklcode.web.wordpress.plugins%3Astatify-blacklist).
Keep in mind that the ruleset is not yet perfect, so not every minor issue has to be fixed immediately.
## Still Open Questions?
If anything is still left unanswered and you're unsure if you got it right, don't hesitate to contact a team member.

61
Gulpfile.js Normal file
View File

@ -0,0 +1,61 @@
var gulp = require('gulp');
var clean = require('gulp-clean');
var copy = require('gulp-copy');
var zip = require('gulp-zip');
var composer = require('gulp-composer');
var phpunit = require('gulp-phpunit');
var exec = require('child_process').exec;
var phpcs = require('gulp-phpcs');
var config = require('./package.json');
// Clean the target directory.
gulp.task('clean', function () {
console.log('Cleaning up target directory ...');
return gulp.src('dist', {read: false})
.pipe(clean());
});
// Prepare composer.
gulp.task('compose', function () {
console.log('Preparing Composer ...');
return composer('install');
});
// Execute unit tests.
gulp.task('test', ['compose'], function () {
console.log('Running PHPUnit tests ...');
return gulp.src('phpunit.xml')
.pipe(phpunit('./vendor/bin/phpunit', {debug: false}));
});
// Execute PHP Code Sniffer.
gulp.task('test-cs', function (cb) {
return exec('./vendor/bin/phpcs --config-set installed_paths vendor/wp-coding-standards/wpcs', function (err, stdout, stderr) {
console.log(stdout);
console.log(stderr);
if (null === err) {
console.log('Running PHP Code Sniffer tests ...');
gulp.src(['statify-blacklist.php', 'inc/**/*.php'])
.pipe(phpcs({bin: './vendor/bin/phpcs', standard: 'phpcs.xml'}))
.pipe(phpcs.reporter('log'));
}
cb(err);
});
});
// Bundle files as required for plugin distribution..
gulp.task('bundle', ['clean'], function () {
console.log('Collecting files for package dist/' + config.name + config.version + ' ...');
return gulp.src(['**/*.php', '!test/**', '!vendor/**', 'README.md', 'LICENSE.md'], {base: './'})
.pipe(copy('./dist/' + config.name + '.' + config.version + '/' + config.name));
});
// Create a ZIP package of the relevant files for plugin distribution.
gulp.task('package', ['bundle'], function () {
console.log('Building package dist/' + config.name + config.version + '.zip ...');
return gulp.src('./dist/' + config.name + '.' + config.version + '/**')
.pipe(zip(config.name + '.' + config.version + '.zip'))
.pipe(gulp.dest('./dist'));
});
gulp.task('default', ['clean', 'compose', 'test', 'test-cs', 'bundle', 'package']);

4
LICENSE.md
View File

@ -357,5 +357,5 @@ into proprietary programs. If your program is a subroutine library,
you may consider it more useful to permit linking proprietary
applications with the library. If this is what you want to do, use the
[GNU Lesser General Public
License](https://www.gnu.org/licenses/lgpl.html) instead of this
License.
License](http://www.gnu.org/licenses/lgpl.html) instead of this
License.

147
README.md
View File

@ -1,43 +1,33 @@
[![CI](https://github.com/stklcode/statify-blacklist/actions/workflows/test.yml/badge.svg?branch=stable)](https://github.com/stklcode/statify-blacklist/actions/workflows/test.yml)
[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=stklcode%3Astatify-blacklist&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=stklcode%3Astatify-blacklist)
[![Packagist Version](https://img.shields.io/packagist/v/stklcode/statify-blacklist)](https://packagist.org/packages/stklcode/statify-blacklist)
[![License](https://img.shields.io/badge/license-GPL%20v2-blue.svg)](https://github.com/stklcode/statify-blacklist/blob/stable/LICENSE.md)
# Statify Filter #
* Contributors: stklcode
* Requires at least: 4.7
* Tested up to: 6.8
# Statify Blacklist #
* Contributors: Stefan Kalscheuer
* Requires at least: 4.4
* Tested up to: 4.9
* Requires PHP: 5.5
* Stable tag: 1.7.2
* Stable tag: 1.4.2
* License: GPLv2 or later
* License URI: https://www.gnu.org/licenses/gpl-2.0.html
Filter extension for the famous Statify WordPress plugin.
* License URI: http://www.gnu.org/licenses/gpl-2.0.html
## Description ##
A filter extension for the famous [Statify](https://wordpress.org/plugins/statify/) WordPress plugin.
A blacklist extension for the famous [Statify](https://wordpress.org/plugins/statify/) Wordpress plugin.
This plugin adds customizable filters to Statify to allow blocking of referer spam or internal interactions.
This plugin adds customizable blacklist to Statify to allow blocking of referer spam or internal interactions.
### Features ###
### Features ##
#### Referer Filter ####
#### Referer Blacklist ####
Add a list of domains (for simplicity only second-level, e.g. _example.com_ which blocks _everything.example.com_).
#### Target Filter ####
#### Target Blacklist ####
Add a list of target pages (e.g. _/test/page/_, _/?page_id=123_) that will be excluded from tracking.
#### IP Filter ####
#### IP Blacklist ####
Add a list of IP addresses or subnets (e.g. _192.0.2.123_, _198.51.100.0/24_, _2001:db8:a0b:12f0::/64_).
#### User Agent Filter ####
Add a list of (partial) user agent strings to exclude (e.g. _curl_, _my/bot_, _Firefox_).
#### CleanUp Database ####
Filters can be applied to data stored in database after modifying filter rules or for one-time clean-up.
#### Compatibility ####
This plugin requires Statify to be installed. The extension has been tested with Statify up to version 1.8
This plugin requires Statify to be installed. The extension has been tested with Statify up to version 1.5.1
The plugin is capable of handling multisite installations.
### Support & Contributions ###
@ -47,121 +37,50 @@ The plugin is capable of handling multisite installations.
### Credits ###
* Author: Stefan Kalscheuer
* Special Thanks to [pluginkollektiv](https://pluginkollektiv.org/) for maintaining _Statify_
* Special Thanks to [pluginkollektiv](https://github.com/pluginkollektiv) for maintaining _Statify_
## Installation ##
* If you dont know how to install a plugin for WordPress, [heres how](https://wordpress.org/support/article/managing-plugins/#installing-plugins).
* Make sure _Statify_ plugin is installed and active
* Goto _Settings_ -> _Statify Filter_ to configure the plugin
* If you dont know how to install a plugin for WordPress, [heres how](http://codex.wordpress.org/Managing_Plugins#Installing_Plugins).
* Make sure _Statify_ plugin is installed and active
* Goto _Settings_ -> _Statify Blacklist_ to configure the plugin
### Requirements ###
* PHP 5.5 or above
* WordPress 4.7 or above
* _Statify_ plugin installed and activated (1.5 or above)
* WordPress 4.4 or above
* Statify plugin installed and activated (tested up to 1.5.1)
## Frequently Asked Questions ##
### What is blocked by default? ###
Nothing. By default, all filters are empty and disabled. They can and have to be filled by the blog administrator.
Nothing. By default all blacklists are empty and disabled. They can and have to be filled by the blog administrator.
A default filter is not provided, as the plugin itself is totally neutral. If you want to filter out referer spam,
visitors from search engines, just "false" referrers from 301 redirects or you own IP address used for testing only depends on you.
A default blacklist is not provided, as the plugin itself is totally neutral. If you want to filter out referer spam,
visitors from search engines, just "false" referers from 301 redirects or you own IP address used for testing only depends on you.
### Does the filter effect user experience? ###
No. It only prevents _Statify_ from tracking, nothing more or less.
No. It only prevent's _Statify_ from tracking, nothing more or less.
### Does live filtering impact performance? ###
Yes, but probably not noticeable. Checking a single referer string against a (usually small) list should be negligible compared to the total loading procedure.
Yes, but probalby not noticeable. Checking a single referer string against a (usually small) list should be negligible compared to the total loading procedure.
If this still is an issue for you, consider deactivating the filter and only run the one-time-cleanup or activate the cron job.
### Is any personal data collected? ###
No. The privacy policy of _Statify_ is untouched. Data is only processed, not stored or exposed to anyone.
### Are regular expression filters possible? ###
Yes, it is. Just select regular expressions (case-sensitive or insensitive) as matching method instead of exact or keyword match.
Yes, it is. Just select if you want to filter using regular expressions case sensitive or insensitive.
### Why is IP and User Agent filtering only available as live filter? ###
As you might know, _Statify_ does not store any personal information, including IP addresses in the database.
Because of this, these filters can only be applied while processing the request and not afterwards.
Note, that regular expression matching is significantly slower than the plain domain filter. Hence it is only recommended for asynchronous cron or manual execution and not for live filtering.
### Can whole IP subnet be blocked? ###
Yes. The plugin features subnet filters using CIDR notation.
For example _198.51.100.0/24_ filters all sources from _198.51.100.1_ to _198.51.100.254_.
Same for IPv6 prefixes like _2001:db8:a0b:12f0::/64_.
### Why is IP filtering only available as live filter? ###
As you might know, Statify does not store any personal information, including IP addresses in the database.
Because of this, an IP blacklist can only be applied while processing the request and not afterwards.
## Screenshots ##
1. Statify Filter settings page
1. Statify Blacklist settings page
## Upgrade Notice ##
### 1.7.2 ###
This is a bugfix release to restore the manual cleanup function that was broken since 1.7.0.
### 1.7.1 ###
This is a service release with minor corrections. Recommended for all users. Tested up to 6.5.
### 1.7.0 ###
This is a service release with primarily internal rework. Tested up to 6.4 and PHP 8.3.
## Changelog
### 1.7.2 / 06.06.2024 ###
* Restore manual database cleanup functionality
### 1.7.1 / 24.03.2024 ###
* Fix HTML syntax for checkboxes on settings page
* Simplify some internal control structures
* Add plugin dependency to Statify
* Declared compatibility with WordPress 6.5
### 1.7.0 / 11.03.2024 ###
* Internal rework of plugin settings
* Make the IP filter list unique
* Fix options upgrade routine
* Declared compatibility with WordPress 6.4
### 1.6.3 / 14.08.2023 ###
* Minor internal code cleanup
* Declared compatibility with WordPress 6.3
### 1.6.2 / 25.02.2023 ###
* Always process IPv6 addresses lowercase
* Optimize internally used regular expression
* Minor adjustments to prevent warnings during user agent filtering with PHP 8.2
### 1.6.1 / 28.05.2021 ###
* Fix storage of user agent filter list (#28, props @BananaSquishee)
### 1.6.0 / 09.12.2020 ###
Plugin renamed to _Statify Filter_.
* Minor accessibility fixes on settings page
* Introduced new user agent filter (#20)
* Declared compatibility with WordPress 5.6
### 1.5.2 / 03.09.2020 ###
* Minor translation updates
* Declared compatibility with WordPress 5.5
### 1.5.1 / 20.05.2020 ###
* Fix initialization on AJAX calls for _Statify_ 1.7 compatibility (#22)
### 1.5.0 / 13.05.2020 ###
* Minimum required WordPress version is 4.7
* Removed `load_plugin_textdomain()` and `Domain Path` header
* Added automatic compatibility check for WP and PHP version (#17)
* Added keyword filter mode for referer blacklist (#15)
* Layout adjustments on settings page
* Regular expression filters are validated before saving (#13)
### 1.4.4 / 19.05.2018 ###
* Fix live filter chain when regular expressions are active (#12)
### 1.4.3 / 09.01.2018 ###
* Fix issues with multisite installation (#11)
## Changelog ##
### 1.4.2 / 12.11.2017 ###
* Minor code fixes
@ -190,7 +109,7 @@ Plugin renamed to _Statify Filter_.
### 1.2.0 / 29.08.2016 ###
* Switched from `in_array()` to faster `isset()` for referer checking
* Optional cron execution implemented
* Optional cron execiton implemented
### 1.1.2 / 17.08.2016 ###
* Prepared for localization

36
assets/blueprints/blueprint.json
View File

@ -1,36 +0,0 @@
{
"$schema": "https://playground.wordpress.net/blueprint-schema.json",
"landingPage": "/wp-admin/options-general.php?page=statify-blacklist",
"features": {
"networking": true
},
"steps": [
{
"step": "login",
"username": "admin",
"password": "password"
},
{
"step": "installPlugin",
"pluginData": {
"resource": "wordpress.org/plugins",
"slug": "statify"
}
},
{
"step": "activatePlugin",
"pluginPath": "statify/statify.php"
},
{
"step": "installPlugin",
"pluginData": {
"resource": "wordpress.org/plugins",
"slug": "statify-blacklist"
}
},
{
"step": "activatePlugin",
"pluginPath": "statify-blacklist/statify-blacklist.php"
}
]
}

BIN
assets/screenshot-1.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 93 KiB

After

Width:  |  Height:  |  Size: 66 KiB

40
composer.json
View File

@ -1,14 +1,14 @@
{
"name": "stklcode/statify-blacklist",
"version": "1.7.2",
"description": "A filter extension for the famous Statify WordPress plugin",
"version": "1.4.2",
"description": "A blacklist extension for the famous Statify WordPress plugin",
"keywords": [
"wordpress",
"plugin",
"statistics",
"filter"
"blacklist"
],
"license": "GPL-2.0-or-later",
"license": "GPL-2.0+",
"authors": [
{
"name": "Stefan Kalscheuer",
@ -19,36 +19,12 @@
"type": "wordpress-plugin",
"require": {
"php": ">=5.5",
"composer/installers": "~v1.12|~v2.3"
"composer/installers": "~1.0"
},
"require-dev": {
"dealerdirect/phpcodesniffer-composer-installer": "^v1.0",
"phpunit/phpunit": "^5|^6|^7|^8|^9",
"php": ">=5.5",
"phpunit/phpunit": "*",
"phpunit/php-code-coverage": "*",
"slowprog/composer-copy-file": "~0.3",
"squizlabs/php_codesniffer": "^3.12",
"phpcompatibility/phpcompatibility-wp": "^2.1",
"wp-coding-standards/wpcs": "^3.1"
},
"scripts": {
"test-all": [
"@test",
"@test-cs"
],
"test": [
"phpunit"
],
"test-cs": [
"phpcs --standard=phpcs.xml -s"
],
"fix-cs": [
"phpcbf --standard=phpcs.xml"
]
},
"config": {
"allow-plugins": {
"composer/installers": true,
"dealerdirect/phpcodesniffer-composer-installer": true
}
"wp-coding-standards/wpcs": "~0.14.0"
}
}

179
inc/class-statifyblacklist-admin.php
View File

@ -1,6 +1,6 @@
<?php
/**
* Statify Filter: StatifyBlacklist_Admin class
* Statify Blacklist: StatifyBlacklist_Admin class
*
* This file contains the derived class for the plugin's administration features.
*
@ -9,45 +9,60 @@
* @since 1.0.0
*/
// Quit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
// Quit.
defined( 'ABSPATH' ) || exit;
/**
* Statify Filter admin configuration.
* Statify Blacklist admin configuration.
*
* @since 1.0.0
*/
class StatifyBlacklist_Admin extends StatifyBlacklist {
/**
* Initialize admin-only components of the plugin.
* Update options.
*
* @return void
* @param array $options Optional. New options to save.
*
* @since 1.5.0
* @return array|bool array of sanitized array on errors, FALSE if there were none.
* @since 1.1.1
*/
public static function init() {
// Add actions.
add_action( 'wpmu_new_blog', array( 'StatifyBlacklist_System', 'install_site' ) );
add_action( 'delete_blog', array( 'StatifyBlacklist_System', 'uninstall_site' ) );
add_filter( 'plugin_row_meta', array( 'StatifyBlacklist_Admin', 'plugin_meta_link' ), 10, 2 );
public static function update_options( $options = null ) {
if ( isset( $options ) && current_user_can( 'manage_options' ) ) {
// Sanitize URLs and remove empty inputs.
$given_referer = $options['referer']['blacklist'];
if ( 0 === $options['referer']['regexp'] ) {
$sanitized_referer = self::sanitizeURLs( $given_referer );
} else {
$sanitized_referer = $given_referer;
}
if ( self::$multisite ) {
add_action( 'network_admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter(
'network_admin_plugin_action_links',
array(
'StatifyBlacklist_Admin',
'plugin_actions_links',
),
10,
2
);
} else {
add_action( 'admin_init', array( 'StatifyBlacklist_Settings', 'register_settings' ) );
add_action( 'admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter( 'plugin_action_links', array( 'StatifyBlacklist_Admin', 'plugin_actions_links' ), 10, 2 );
// Sanitize IPs and Subnets and remove empty inputs.
$given_ip = $options['ip']['blacklist'];
$sanitized_ip = self::sanitizeIPs( $given_ip );
// Abort on errors.
if ( ! empty( array_diff( array_keys( $given_referer ), array_keys( $sanitized_referer ) ) ) ) {
return array(
'referer' => $sanitized_referer,
);
} elseif ( ! empty( array_diff( $given_ip, $sanitized_ip ) ) ) {
return array(
'ip' => array_diff( $given_ip, $sanitized_ip ),
);
}
// Update database on success.
if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );
}
}
// Refresh options.
parent::update_options( $options );
return false;
}
/**
@ -56,35 +71,43 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
* @since 1.0.0
*/
public static function add_menu_page() {
$title = __( 'Statify Filter', 'statify-blacklist' );
$title = __( 'Statify Blacklist', 'statify-blacklist' );
if ( self::$multisite ) {
add_options_page(
$title,
$title,
'manage_network_plugins',
'statify-blacklist',
array( 'StatifyBlacklist_Settings', 'create_settings_page' )
add_submenu_page(
'settings.php', $title, $title, 'manage_network_plugins', 'statify-blacklist-settings', array(
'StatifyBlacklist_Admin',
'settings_page',
)
);
} else {
add_options_page(
$title,
$title,
'manage_options',
'statify-blacklist',
array( 'StatifyBlacklist_Settings', 'create_settings_page' )
add_submenu_page(
'options-general.php', $title, $title, 'manage_options', 'statify-blacklist', array(
'StatifyBlacklist_Admin',
'settings_page',
)
);
}
}
/**
* Include the Statify-Blacklist settings page.
*
* @since 1.0.0
*/
public static function settings_page() {
include STATIFYBLACKLIST_DIR . '/views/settings-page.php';
}
/**
* Add plugin meta links
*
* @since 1.0.0
*
* @param array $links Registered links.
* @param string $file The filename.
*
* @return array Merged links.
*
* @since 1.0.0
*/
public static function plugin_meta_link( $links, $file ) {
if ( STATIFYBLACKLIST_BASE === $file ) {
@ -97,12 +120,12 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
/**
* Add plugin action links.
*
* @since 1.0.0
*
* @param array $links Registered links.
* @param string $file The filename.
*
* @return array Merged links.
*
* @since 1.0.0
*/
public static function plugin_actions_links( $links, $file ) {
$base = self::$multisite ? network_admin_url( 'settings.php' ) : admin_url( 'options-general.php' );
@ -110,7 +133,7 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
if ( STATIFYBLACKLIST_BASE === $file && current_user_can( 'manage_options' ) ) {
array_unshift(
$links,
sprintf( '<a href="%s">%s</a>', esc_attr( add_query_arg( 'page', 'statify-blacklist', $base ) ), __( 'Settings', 'statify-blacklist' ) )
sprintf( '<a href="%s">%s</a>', esc_attr( add_query_arg( 'page', 'statify-blacklist', $base ) ), __( 'Settings' ) )
);
}
@ -127,24 +150,24 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
public static function cleanup_database() {
// Check user permissions.
if ( ! current_user_can( 'manage_options' ) && ! ( defined( 'DOING_CRON' ) && DOING_CRON ) ) {
die( esc_html__( 'Are you sure you want to do this?', 'statify-blacklist' ) );
die( esc_html__( 'Are you sure you want to do this?' ) );
}
if ( defined( 'DOING_CRON' ) && DOING_CRON ) {
$clean_ref = ( 1 === self::$options['referer']['cron'] );
$clean_trg = ( 1 === self::$options['target']['cron'] );
$clean_ref = ( 1 === self::$_options['referer']['cron'] );
$clean_trg = ( 1 === self::$_options['target']['cron'] );
} else {
$clean_ref = true;
$clean_trg = true;
}
if ( $clean_ref ) {
if ( isset( self::$options['referer']['regexp'] ) && self::$options['referer']['regexp'] > 0 ) {
if ( isset( self::$_options['referer']['regexp'] ) && self::$_options['referer']['regexp'] > 0 ) {
// Merge given regular expressions into one.
$referer_regexp = implode( '|', array_keys( self::$options['referer']['blacklist'] ) );
$referer_regexp = implode( '|', array_keys( self::$_options['referer']['blacklist'] ) );
} else {
// Sanitize URLs.
$referer = self::sanitize_urls( self::$options['referer']['blacklist'] );
$referer = self::sanitizeURLs( self::$_options['referer']['blacklist'] );
// Build filter regexp.
$referer_regexp = str_replace( '.', '\.', implode( '|', array_flip( $referer ) ) );
@ -152,12 +175,12 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
}
if ( $clean_trg ) {
if ( isset( self::$options['target']['regexp'] ) && self::$options['target']['regexp'] > 0 ) {
if ( isset( self::$_options['target']['regexp'] ) && self::$_options['target']['regexp'] > 0 ) {
// Merge given regular expressions into one.
$target_regexp = implode( '|', array_keys( self::$options['target']['blacklist'] ) );
$target_regexp = implode( '|', array_keys( self::$_options['target']['blacklist'] ) );
} else {
// Build filter regexp.
$target_regexp = str_replace( '.', '\.', implode( '|', array_flip( self::$options['target']['blacklist'] ) ) );
$target_regexp = str_replace( '.', '\.', implode( '|', array_flip( self::$_options['target']['blacklist'] ) ) );
}
}
@ -165,14 +188,13 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
global $wpdb;
// Execute filter on database.
// phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- These statements produce warnings, rework in future release (TODO).
// @codingStandardsIgnoreStart These statements prouce warnings, rework in future release (TODO).
if ( ! empty( $referer_regexp ) ) {
$wpdb->query(
$wpdb->prepare(
"DELETE FROM `$wpdb->statify` WHERE "
. ( ( 1 === self::$options['referer']['regexp'] ) ? ' BINARY ' : '' )
. 'referrer REGEXP %s',
$referer_regexp
. ( ( 1 === self::$_options['referer']['regexp'] ) ? ' BINARY ' : '' )
. 'referrer REGEXP %s', $referer_regexp
)
);
}
@ -180,13 +202,12 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
$wpdb->query(
$wpdb->prepare(
"DELETE FROM `$wpdb->statify` WHERE "
. ( ( 1 === self::$options['target']['regexp'] ) ? ' BINARY ' : '' )
. 'target REGEXP %s',
$target_regexp
. ( ( 1 === self::$_options['target']['regexp'] ) ? ' BINARY ' : '' )
. 'target REGEXP %s', $target_regexp
)
);
}
// phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
// @codingStandardsIgnoreEnd
// Optimize DB.
$wpdb->query( "OPTIMIZE TABLE `$wpdb->statify`" );
@ -200,13 +221,13 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
/**
* Sanitize URLs and remove empty results.
*
* @since 1.1.1
*
* @param array $urls given array of URLs.
*
* @return array sanitized array.
*
* @since 1.1.1
*/
private static function sanitize_urls( $urls ) {
private static function sanitizeURLs( $urls ) {
return array_flip(
array_filter(
array_map(
@ -218,4 +239,26 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
)
);
}
/**
* Sanitize IP addresses with optional CIDR notation and remove empty results.
*
* @since 1.4.0
*
* @param array $ips given array of URLs.
*
* @return array sanitized array.
*/
private static function sanitizeIPs( $ips ) {
return array_filter(
$ips, function ( $ip ) {
return preg_match(
'/^((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/', $ip
) ||
preg_match(
'/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/', $ip
);
}
);
}
}

752
inc/class-statifyblacklist-settings.php
View File

@ -1,752 +0,0 @@
<?php
/**
* Statify Filter: StatifyBlacklist_Settings class
*
* This file contains the plugin's settings capabilities.
*
* @package Statify_Blacklist
* @since 1.7.0
*/
// Quit if accessed directly.
defined( 'ABSPATH' ) || exit;
/**
* Statify Filter settings handling.
*/
class StatifyBlacklist_Settings extends StatifyBlacklist {
/**
* Registers all options using the WP Settings API.
*
* @return void
*/
public static function register_settings() {
register_setting(
'statify-blacklist',
'statify-blacklist',
array(
'sanitize_callback' =>
array( __CLASS__, 'sanitize_options' ),
)
);
// Referer filter.
add_settings_section(
'statifyblacklist-referer',
__( 'Referer filter', 'statify-blacklist' ),
null,
'statify-blacklist'
);
add_settings_field(
'statifyblacklist-referer-active',
__( 'Activate live filter', 'statify-blacklist' ),
array( __CLASS__, 'option_referer_active' ),
'statify-blacklist',
'statifyblacklist-referer'
);
add_settings_field(
'statifyblacklist-referer-cron',
__( 'CronJob execution', 'statify-blacklist' ),
array( __CLASS__, 'option_referer_cron' ),
'statify-blacklist',
'statifyblacklist-referer'
);
add_settings_field(
'statifyblacklist-referer-regexp',
__( 'Matching method', 'statify-blacklist' ),
array( __CLASS__, 'option_referer_regexp' ),
'statify-blacklist',
'statifyblacklist-referer',
array( 'label_for' => 'statifyblacklist-referer-regexp' )
);
add_settings_field(
'statifyblacklist-referer-blacklist',
__( 'Referer filter', 'statify-blacklist' ),
array( __CLASS__, 'option_referer_blacklist' ),
'statify-blacklist',
'statifyblacklist-referer',
array( 'label_for' => 'statifyblacklist-referer-blacklist' )
);
// Target filter.
add_settings_section(
'statifyblacklist-target',
__( 'Target filter', 'statify-blacklist' ),
null,
'statify-blacklist'
);
add_settings_field(
'statifyblacklist-target-active',
__( 'Activate live filter', 'statify-blacklist' ),
array( __CLASS__, 'option_target_active' ),
'statify-blacklist',
'statifyblacklist-target'
);
add_settings_field(
'statifyblacklist-target-cron',
__( 'CronJob execution', 'statify-blacklist' ),
array( __CLASS__, 'option_target_cron' ),
'statify-blacklist',
'statifyblacklist-target'
);
add_settings_field(
'statifyblacklist-target-regexp',
__( 'Matching method', 'statify-blacklist' ),
array( __CLASS__, 'option_target_regexp' ),
'statify-blacklist',
'statifyblacklist-target',
array( 'label_for' => 'statifyblacklist-target-regexp' )
);
add_settings_field(
'statifyblacklist-target-blacklist',
__( 'Target filter', 'statify-blacklist' ),
array( __CLASS__, 'option_target_blacklist' ),
'statify-blacklist',
'statifyblacklist-target',
array( 'label_for' => 'statifyblacklist-target-blacklist' )
);
// IP filter.
add_settings_section(
'statifyblacklist-ip',
__( 'IP filter', 'statify-blacklist' ),
null,
'statify-blacklist'
);
add_settings_field(
'statifyblacklist-ip-active',
__( 'Activate live filter', 'statify-blacklist' ),
array( __CLASS__, 'option_ip_active' ),
'statify-blacklist',
'statifyblacklist-ip'
);
add_settings_field(
'statifyblacklist-ip-blacklist',
__( 'IP filter', 'statify-blacklist' ),
array( __CLASS__, 'option_ip_blacklist' ),
'statify-blacklist',
'statifyblacklist-ip',
array( 'label_for' => 'statifyblacklist-ip-blacklist' )
);
// User agent filter.
add_settings_section(
'statifyblacklist-ua',
__( 'User agent filter', 'statify-blacklist' ),
null,
'statify-blacklist'
);
add_settings_field(
'statifyblacklist-ua-active',
__( 'Activate live filter', 'statify-blacklist' ),
array( __CLASS__, 'option_ua_active' ),
'statify-blacklist',
'statifyblacklist-ua'
);
add_settings_field(
'statifyblacklist-ua-regexp',
__( 'Matching method', 'statify-blacklist' ),
array( __CLASS__, 'option_ua_regexp' ),
'statify-blacklist',
'statifyblacklist-ua',
array( 'label_for' => 'statifyblacklist-ua-regexp' )
);
add_settings_field(
'statifyblacklist-ua-blacklist',
__( 'User agent filter', 'statify-blacklist' ),
array( __CLASS__, 'option_ua_blacklist' ),
'statify-blacklist',
'statifyblacklist-ua',
array( 'label_for' => 'statifyblacklist-ua-blacklist' )
);
}
/**
* Creates the settings pages.
*
* @return void
*/
public static function create_settings_page() {
?>
<div class="wrap">
<h1><?php esc_html_e( 'Statify Filter', 'statify-blacklist' ); ?></h1>
<?php
if ( isset( $_SERVER['REQUEST_METHOD'] ) && 'POST' === $_SERVER['REQUEST_METHOD'] && ! empty( $_POST['cleanup'] ) ) {
// Database cleanup requested.
if ( isset( $_REQUEST['_wpnonce'] ) && wp_verify_nonce( sanitize_key( $_REQUEST['_wpnonce'] ), 'statify-blacklist-options' ) ) {
// Nonce verification successful, proceed with cleanup.
StatifyBlacklist_Admin::cleanup_database();
?>
<div class="notice notice-success is-dismissible">
<p><?php esc_html_e( 'Database cleanup successful', 'statify-blacklist' ); ?></p>
</div>
<?php
} else {
// Nonce verification failed.
?>
<div class="notice notice-error is-dismissible">
<p><?php esc_html_e( 'Database cleanup request failed', 'statify-blacklist' ); ?></p>
</div>
<?php
}
}
?>
<form id="statify-settings" method="post" action="options.php">
<?php
settings_fields( 'statify-blacklist' );
do_settings_sections( 'statify-blacklist' );
submit_button();
?>
<hr>
<input class="button-secondary" type="submit" name="cleanup"
formaction=""
value="<?php esc_html_e( 'CleanUp Database', 'statify-blacklist' ); ?>"
onclick="return confirm('<?php echo esc_js( __( 'Do you really want to apply filters to database? This cannot be undone.', 'statify-blacklist' ) ); ?>');">
<p class="description">
<?php esc_html_e( 'Applies referer and target filter (even if disabled) to data stored in database.', 'statify-blacklist' ); ?>
<em><?php esc_html_e( 'This cannot be undone!', 'statify-blacklist' ); ?></em>
</p>
</form>
</div>
<?php
}
/*
* Disable some code style rules that are impractical for textarea content:
*
* phpcs:disable Squiz.PHP.EmbeddedPhp.ContentBeforeOpen
* phpcs:disable Squiz.PHP.EmbeddedPhp.ContentAfterEnd
*/
/**
* Option for activating the live referer filter.
*
* @return void
*/
public static function option_referer_active() {
?>
<fieldset>
<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
<label for="statifyblacklist-referer-active">
<input id="statifyblacklist-referer-active" name="statify-blacklist[referer][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['referer']['active'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
</p>
</fieldset>
<?php
}
/**
* Option for activating cron the referer filter.
*
* @return void
*/
public static function option_referer_cron() {
?>
<fieldset>
<legend class="screen-reader-text"><?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?></legend>
<label for="statifyblacklist-referer-cron">
<input id="statifyblacklist-referer-cron" name="statify-blacklist[referer][cron]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['referer']['cron'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Periodically clean up database in background', 'statify-blacklist' ); ?>
</p>
</fieldset>
<?php
}
/**
* Option for referer matching method.
*
* @return void
*/
public static function option_referer_regexp() {
?>
<select id="statifyblacklist-referer-regexp" name="statify-blacklist[referer][regexp]">
<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
<?php esc_html_e( 'Domain', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_KEYWORD ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_KEYWORD ); ?>>
<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['referer']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
</option>
</select>
<p class="description">
<?php esc_html_e( 'Domain', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match given domain including subdomains', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match every referer that contains one of the keywords', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match referer by regular expression', 'statify-blacklist' ); ?>
</p>
<?php
}
/**
* Option for the referer filter list.
*
* @return void
*/
public static function option_referer_blacklist() {
?>
<textarea id="statifyblacklist-referer-blacklist" name="statify-blacklist[referer][blacklist]" cols="40" rows="5"><?php
print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$options['referer']['blacklist'] ) ) );
?></textarea>
<p class="description">
<?php esc_html_e( 'Add one domain (without subdomains) each line, e.g. example.com', 'statify-blacklist' ); ?>
</p>
<?php
}
/**
* Option for activating the live target filter.
*
* @return void
*/
public static function option_target_active() {
?>
<fieldset>
<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
<label for="statifyblacklist-target-active">
<input id="statifyblacklist-target-active" name="statify-blacklist[target][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['target']['active'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
</p>
</fieldset>
<?php
}
/**
* Option for activating cron the target filter.
*
* @return void
*/
public static function option_target_cron() {
?>
<fieldset>
<legend class="screen-reader-text"><?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?></legend>
<label for="statifyblacklist-target-cron">
<input id="statifyblacklist-target-cron" name="statify-blacklist[target][cron]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['target']['cron'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
</p>
</fieldset>
<?php
}
/**
* Option for target matching method.
*
* @return void
*/
public static function option_target_regexp() {
?>
<select id="statifyblacklist-target-regexp" name="statify-blacklist[target][regexp]">
<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['target']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
</option>
</select>
<p class="description">
<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match only given targets', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match target by regular expression', 'statify-blacklist' ); ?>
</p>
<?php
}
/**
* Option for the target filter list.
*
* @return void
*/
public static function option_target_blacklist() {
?>
<textarea id="statifyblacklist-target-blacklist" name="statify-blacklist[target][blacklist]" cols="40" rows="5"><?php
print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$options['target']['blacklist'] ) ) );
?></textarea>
<p class="description">
<?php esc_html_e( 'Add one target URL each line, e.g.', 'statify-blacklist' ); ?> /, /test/page/, /?page_id=123
</p>
<?php
}
/**
* Option for activating the live IP filter.
*
* @return void
*/
public static function option_ip_active() {
?>
<fieldset>
<legend class="screen-reader-text"><?php esc_html_e( 'Activate live filter', 'statify-blacklist' ); ?></legend>
<label for="statifyblacklist-ip-active">
<input id="statifyblacklist-ip-active" name="statify-blacklist[ip][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['ip']['active'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'Cron execution is not possible for IP filter, because IP addresses are not stored.', 'statify-blacklist' ); ?>
</p>
</fieldset>
<?php
}
/**
* Option for the IP filter list.
*
* @return void
*/
public static function option_ip_blacklist() {
?>
<textarea id="statifyblacklist-ip-blacklist" name="statify-blacklist[ip][blacklist]" cols="40" rows="5"><?php
print esc_html( implode( "\r\n", StatifyBlacklist::$options['ip']['blacklist'] ) );
?></textarea>
<p class="description">
<?php esc_html_e( 'Add one IP address or range per line, e.g.', 'statify-blacklist' ); ?>
127.0.0.1, 192.168.123.0/24, 2001:db8:a0b:12f0::1/64
</p>
<?php
}
/**
* Option for activating the live user agent filter.
*
* @return void
*/
public static function option_ua_active() {
?>
<label for="statifyblacklist-ua-active">
<input id="statifyblacklist-ua-active" name="statify-blacklist[ua][active]" type="checkbox" value="1" <?php checked( StatifyBlacklist::$options['ua']['active'], 1 ); ?>>
<?php esc_html_e( 'Activate', 'statify-blacklist' ); ?>
</label>
<p class="description">
<?php esc_html_e( 'Filter at time of tracking, before anything is stored', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'Cron execution is not possible for user agent filter, because the user agent is stored.', 'statify-blacklist' ); ?>
</p>
<?php
}
/**
* Option for user agent matching method.
*
* @return void
*/
public static function option_ua_regexp() {
?>
<select id="statifyblacklist-ua-regexp" name="statify-blacklist[ua][regexp]">
<option value="<?php print esc_attr( StatifyBlacklist::MODE_NORMAL ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_NORMAL ); ?>>
<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_KEYWORD ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_KEYWORD ); ?>>
<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_REGEX ); ?>>
<?php esc_html_e( 'RegEx case-sensitive', 'statify-blacklist' ); ?>
</option>
<option value="<?php print esc_attr( StatifyBlacklist::MODE_REGEX_CI ); ?>" <?php selected( StatifyBlacklist::$options['ua']['regexp'], StatifyBlacklist::MODE_REGEX_CI ); ?>>
<?php esc_html_e( 'RegEx case-insensitive', 'statify-blacklist' ); ?>
</option>
</select>
<p class="description">
<?php esc_html_e( 'Exact', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match only given user agents', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'Keyword', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match every referer that contains one of the keywords', 'statify-blacklist' ); ?>
<br>
<?php esc_html_e( 'RegEx', 'statify-blacklist' ); ?> - <?php esc_html_e( 'Match user agent by regular expression', 'statify-blacklist' ); ?>
</p>
<?php
}
/**
* Option for the user agent filter list.
*
* @return void
*/
public static function option_ua_blacklist() {
?>
<textarea name="statify-blacklist[ua][blacklist]" id="statifyblacklist-ua-blacklist" cols="40" rows="5"><?php
print esc_html( implode( "\r\n", StatifyBlacklist::$options['ua']['blacklist'] ) );
?></textarea>
<p class="description">
<?php esc_html_e( 'Add one user agent string per line, e.g.', 'statify-blacklist' ); ?>
MyBot/1.23
</p>
<?php
}
/**
* Validate and sanitize submitted options.
*
* @param array $options Original options.
*
* @return array Validated and sanitized options.
*/
public static function sanitize_options( $options ) {
// Extract filter lists from multi-line inputs.
$referer = self::parse_multiline_option( $options['referer']['blacklist'] );
$target = self::parse_multiline_option( $options['target']['blacklist'] );
$ip = self::parse_multiline_option( $options['ip']['blacklist'] );
$ua = self::parse_multiline_option( $options['ua']['blacklist'] );
// Generate options.
$res = array(
'referer' => array(
'active' => isset( $options['referer']['active'] ) ? (int) $options['referer']['active'] : 0,
'cron' => isset( $options['referer']['cron'] ) ? (int) $options['referer']['cron'] : 0,
'regexp' => isset( $options['referer']['regexp'] ) ? (int) $options['referer']['regexp'] : 0,
'blacklist' => array_flip( $referer ),
),
'target' => array(
'active' => isset( $options['target']['active'] ) ? (int) $options['target']['active'] : 0,
'cron' => isset( $options['target']['cron'] ) ? (int) $options['target']['cron'] : 0,
'regexp' => isset( $options['target']['regexp'] ) ? (int) $options['target']['regexp'] : 0,
'blacklist' => array_flip( $target ),
),
'ip' => array(
'active' => isset( $options['ip']['active'] ) ? (int) $options['ip']['active'] : 0,
'blacklist' => $ip,
),
'ua' => array(
'active' => isset( $options['ua']['active'] ) ? (int) $options['ua']['active'] : 0,
'regexp' => isset( $options['ua']['regexp'] ) ? (int) $options['ua']['regexp'] : 0,
'blacklist' => array_flip( $ua ),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// Apply sanitizations.
self::sanitize_referer_options( $res['referer'] );
self::sanitize_target_options( $res['target'] );
self::sanitize_ip_options( $res['ip'] );
return $res;
}
/**
* Sanitize referer options.
*
* @param array $options Original referer options.
*
* @return void
*
* @since 1.7.0
*/
private static function sanitize_referer_options( &$options ) {
$referer_given = $options['blacklist'];
$referer_invalid = array();
if ( StatifyBlacklist::MODE_NORMAL === $options['regexp'] ) {
// Sanitize URLs and remove empty inputs.
$referer_sanitized = self::sanitize_urls( $referer_given );
} elseif ( StatifyBlacklist::MODE_REGEX === $options['regexp'] || StatifyBlacklist::MODE_REGEX_CI === $options['regexp'] ) {
$referer_sanitized = $referer_given;
// Check regular expressions.
$referer_invalid = self::sanitize_regex( $referer_given );
} else {
$referer_sanitized = $referer_given;
}
$referer_diff = array_diff_key( $referer_given, $referer_sanitized );
$options['blacklist'] = $referer_sanitized;
// Generate messages.
if ( ! empty( $referer_diff ) ) {
add_settings_error(
'statify-blacklist',
'referer-diff',
__( 'Some URLs are invalid and have been sanitized.', 'statify-blacklist' ),
'warning'
);
}
if ( ! empty( $referer_invalid ) ) {
add_settings_error(
'statify-blacklist',
'referer-invalid',
__( 'Some regular expressions for referrers are invalid:', 'statify-blacklist' ) . '<br>' . implode( '<br>', $referer_invalid )
);
}
}
/**
* Sanitize target options.
*
* @param array $options Original target options.
*
* @return void
*
* @since 1.7.0
*/
private static function sanitize_target_options( &$options ) {
$target_given = $options['blacklist'];
$target_sanitized = $target_given;
if ( StatifyBlacklist::MODE_REGEX === $options['regexp'] || StatifyBlacklist::MODE_REGEX_CI === $options['regexp'] ) {
// Check regular expressions.
$target_invalid = self::sanitize_regex( $target_given );
} else {
$target_invalid = array();
}
$options['blacklist'] = $target_sanitized;
// Generate messages.
if ( ! empty( $target_invalid ) ) {
add_settings_error(
'statify-blacklist',
'target-invalid',
__( 'Some regular expressions for targets are invalid:', 'statify-blacklist' ) . '<br>' . implode( '<br>', $target_invalid )
);
}
}
/**
* Sanitize IPs and subnets and remove empty inputs.
*
* @param array $options Original IP options.
*
* @return void
*
* @since 1.7.0
*/
private static function sanitize_ip_options( &$options ) {
$given_ip = $options['blacklist'];
$sanitized_ip = self::sanitize_ips( $given_ip );
$ip_diff = array_diff( $given_ip, $sanitized_ip );
$options['blacklist'] = $sanitized_ip;
// Generate messages.
if ( ! empty( $ip_diff ) ) {
add_settings_error(
'statify-blacklist',
'ip-diff',
// translators: List of invalid IP addresses (comma separated).
sprintf( __( 'Some IPs are invalid: %s', 'statify-blacklist' ), implode( ', ', $ip_diff ) ),
'warning'
);
}
}
/**
* Sanitize URLs and remove empty results.
*
* @param array $urls given array of URLs.
*
* @return array sanitized array.
*
* @since 1.1.1
* @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
*/
private static function sanitize_urls( $urls ) {
return array_flip(
array_filter(
array_map(
function ( $r ) {
return preg_replace( '/[^\da-z\.-]/i', '', filter_var( $r, FILTER_SANITIZE_URL ) );
},
array_flip( $urls )
)
)
);
}
/**
* Sanitize IP addresses with optional CIDR notation and remove empty results.
*
* @param array $ips given array of URLs.
*
* @return array sanitized array.
*
* @since 1.4.0
* @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
*/
private static function sanitize_ips( $ips ) {
return array_values(
array_unique(
array_filter(
array_map( 'strtolower', $ips ),
function ( $ip ) {
return preg_match(
'/^((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/',
$ip
) ||
preg_match(
'/^(([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}' .
'|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}' .
'|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}' .
'|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)' .
'|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]' .
'|1?[0-9])?[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9]))' .
'(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/',
$ip
);
}
)
)
);
}
/**
* Validate regular expressions, i.e. remove duplicates and empty values and validate others.
*
* @param array $expressions Given pre-sanitized array of regular expressions.
*
* @return array Array of invalid expressions.
*
* @since 1.5.0 #13
* @since 1.7.0 moved from StatifyBlacklist_Admin to StatifyBlacklist_Settings.
*/
private static function sanitize_regex( $expressions ) {
return array_filter(
array_flip( $expressions ),
function ( $re ) {
// Check of preg_match() fails (warnings suppressed).
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
return false === @preg_match( StatifyBlacklist::regex( $re, false ), null );
}
);
}
/**
* Parse multi-line option string.
*
* @param string $raw Input string.
*
* @return array Parsed options.
*/
private static function parse_multiline_option( $raw ) {
if ( empty( trim( $raw ) ) ) {
return array();
} else {
return array_filter(
array_map(
function ( $a ) {
return trim( $a );
},
explode( "\r\n", str_replace( '\\\\', '\\', $raw ) )
),
function ( $a ) {
return ! empty( $a );
}
);
}
}
}

126
inc/class-statifyblacklist-system.php
View File

@ -1,6 +1,6 @@
<?php
/**
* Statify Filter: StatifyBlacklist_System class
* Statify Blacklist: StatifyBlacklist_Syste, class
*
* This file contains the derived class for the plugin's system operations.
*
@ -9,13 +9,11 @@
* @since 1.0.0
*/
// Quit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
// Quit.
defined( 'ABSPATH' ) || exit;
/**
* Statify Filter system configuration.
* Statify Blacklist system configuration.
*
* @since 1.0.0
*/
@ -27,25 +25,25 @@ class StatifyBlacklist_System extends StatifyBlacklist {
* @since 1.0.0
*
* @param bool $network_wide Whether the plugin was activated network-wide or not.
*
* @return void
*/
public static function install( $network_wide = false ) {
// Create tables for each site in a network.
if ( $network_wide && is_multisite() ) {
if ( is_multisite() && $network_wide ) {
if ( function_exists( 'get_sites' ) ) {
$sites = get_sites();
} elseif ( function_exists( 'wp_get_sites' ) ) {
// @codingStandardsIgnoreLine Legacy support for WP < 4.6.
$sites = wp_get_sites();
} else {
return;
}
foreach ( $sites as $site ) {
if ( is_array( $site ) ) {
$site_id = $site['blog_id'];
} else {
$site_id = $site->blog_id;
}
self::install_site( $site_id );
switch_to_blog( $site['blog_id'] );
add_option(
'statify-blacklist',
self::default_options()
);
}
restore_current_blog();
@ -57,31 +55,11 @@ class StatifyBlacklist_System extends StatifyBlacklist {
}
}
/**
* Set up the plugin for a single site on Multisite.
*
* @since 1.4.3
*
* @param integer $site_id Site ID.
*
* @return void
*/
public static function install_site( $site_id ) {
switch_to_blog( (int) $site_id );
add_option(
'statify-blacklist',
self::default_options()
);
restore_current_blog();
}
/**
* Plugin uninstall handler.
*
* @since 1.0.0
*
* @return void
*/
public static function uninstall() {
if ( is_multisite() ) {
@ -89,17 +67,16 @@ class StatifyBlacklist_System extends StatifyBlacklist {
if ( function_exists( 'get_sites' ) ) {
$sites = get_sites();
} elseif ( function_exists( 'wp_get_sites' ) ) {
// @codingStandardsIgnoreLine Legacy support for WP < 4.6.
$sites = wp_get_sites();
} else {
return;
}
foreach ( $sites as $site ) {
if ( is_array( $site ) ) {
$site_id = $site['blog_id'];
} else {
$site_id = $site->blog_id;
}
self::uninstall_site( $site_id );
switch_to_blog( $site['blog_id'] );
delete_option( 'statify-blacklist' );
}
switch_to_blog( $old );
@ -108,37 +85,20 @@ class StatifyBlacklist_System extends StatifyBlacklist {
delete_option( 'statify-blacklist' );
}
/**
* Remove the plugin for a single site on Multisite.
*
* @since 1.4.3
*
* @param integer $site_id Site ID.
*
* @return void
*/
public static function uninstall_site( $site_id ) {
$old = get_current_blog_id();
switch_to_blog( (int) $site_id );
delete_option( 'statify-blacklist' );
switch_to_blog( $old );
}
/**
* Upgrade plugin options.
*
* @since 1.2.0
*
* @return void
*/
public static function upgrade() {
self::update_options();
// Check if config array is not associative (pre 1.2.0).
if ( array_keys( self::$options['referer'] ) === range( 0, count( self::$options['referer'] ) - 1 ) ) {
if ( array_keys( self::$_options['referer'] ) === range( 0, count( self::$_options['referer'] ) - 1 ) ) {
// Flip referer array to make domains keys.
$options = self::$options;
$options['referer'] = array_flip( self::$options['referer'] );
if ( self::$multisite ) {
$options = self::$_options;
$options['referer'] = array_flip( self::$_options['referer'] );
if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );
@ -146,14 +106,14 @@ class StatifyBlacklist_System extends StatifyBlacklist {
}
// Version not set (pre 1.3.0) or older than 1.4.
if ( ! isset( self::$options['version'] ) || self::$options['version'] < 1.4 ) {
if ( ! isset( self::$_options['version'] ) || self::$_options['version'] < 1.4 ) {
// Upgrade options to new schema.
$options = array(
'referer' => array(
'active' => self::$options['active_referer'],
'cron' => self::$options['cron_referer'],
'regexp' => self::$options['referer_regexp'],
'blacklist' => self::$options['referer'],
'active' => self::$_options['active_referer'],
'cron' => self::$_options['cron_referer'],
'regexp' => self::$_options['referer_regexp'],
'blacklist' => self::$_options['referer'],
),
'target' => array(
'active' => 0,
@ -167,31 +127,7 @@ class StatifyBlacklist_System extends StatifyBlacklist {
),
'version' => 1.4,
);
if ( self::$multisite ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );
}
self::update_options();
}
// Version older than 1.6.
if ( self::$options['version'] < 1.6 ) {
$options = self::$options;
if ( ! isset( $options['ua'] ) ) {
$options['ua'] = array(
'active' => 0,
'regexp' => 0,
'blacklist' => array(),
);
} elseif ( ! isset( $options['ua']['blacklist'] ) ) {
$options['ua']['blacklist'] = array();
} else {
// User agent strings got stored incorrectly in 1.6.0 - luckily the version was not updated, either.
$options['ua']['blacklist'] = array_flip( $options['ua']['blacklist'] );
}
$options['version'] = 1.6;
if ( self::$multisite ) {
if ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );
@ -200,11 +136,11 @@ class StatifyBlacklist_System extends StatifyBlacklist {
}
// Version older than current major release.
if ( self::VERSION_MAIN > self::$options['version'] ) {
if ( self::VERSION_MAIN > self::$_options['version'] ) {
// Merge default options with current config, assuming only additive changes.
$options = array_replace_recursive( self::default_options(), self::$options );
$options = array_merge_recursive( self::default_options(), self::$_options );
$options['version'] = self::VERSION_MAIN;
if ( self::$multisite ) {
if ( ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) ) ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );

382
inc/class-statifyblacklist.php
View File

@ -1,6 +1,6 @@
<?php
/**
* Statify Filter: StatifyBlacklist class
* Statify Blacklist: StatifyBlacklist class
*
* This file contains the plugin's base class.
*
@ -8,13 +8,13 @@
* @since 1.0.0
*/
// Quit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
// Quit.
defined( 'ABSPATH' ) || exit;
/**
* Statify Filter.
* Statify Blacklist.
*
* @since 1.0.0
*/
class StatifyBlacklist {
@ -22,46 +22,17 @@ class StatifyBlacklist {
* Plugin major version.
*
* @since 1.4.0
* @var float VERSION_MAIN
* @var int VERSION_MAIN
*/
const VERSION_MAIN = 1.7;
/**
* Operation mode "normal".
*
* @var integer MODE_NORMAL
*/
const MODE_NORMAL = 0;
/**
* Operation mode "regular expression".
*
* @var integer MODE_REGEX
*/
const MODE_REGEX = 1;
/**
* Operation mode "regular expression case insensitive".
*
* @var integer MODE_REGEX_CI
*/
const MODE_REGEX_CI = 2;
/**
* Operation mode "keyword".
*
* @since 1.5.0
* @var integer MODE_KEYWORD
*/
const MODE_KEYWORD = 3;
const VERSION_MAIN = 1.4;
/**
* Plugin options.
*
* @since 1.0.0
* @var array $options
* @var array $_options
*/
public static $options;
public static $_options;
/**
* Multisite Status.
@ -71,47 +42,79 @@ class StatifyBlacklist {
*/
public static $multisite;
/**
* Class self initialize.
*
* @since 1.0.0
* @deprecated 1.4.2 Replaced by init().
*/
public static function instance() {
self::init();
}
/**
* Class constructor.
*
* @since 1.0.0
* @deprecated 1.4.2 Replaced by init().
*/
public function __construct() {
self::init();
}
/**
* Plugin initialization.
*
* @since 1.4.2
*
* @return void
*/
public static function init() {
// Skip on autosave.
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
// Skip on autosave or AJAX.
if ( ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) || ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
return;
}
// Get multisite status.
self::$multisite = ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) );
// Plugin options.
self::update_options();
// Add Filter to statify hook if enabled.
if ( 0 !== self::$options['referer']['active'] ||
0 !== self::$options['target']['active'] ||
0 !== self::$options['ip']['active'] ||
0 !== self::$options['ua']['active'] ) {
add_filter( 'statify__skip_tracking', array( 'StatifyBlacklist', 'apply_blacklist_filter' ) );
}
// Get multisite status.
self::$multisite = ( is_multisite() && array_key_exists( STATIFYBLACKLIST_BASE, (array) get_site_option( 'active_sitewide_plugins' ) ) );
// Statify uses WP AJAX as of 1.7, so we need to reach this point. But there are no further admin/cron actions.
if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
return;
// Add Filter to statify hook if enabled.
if ( 0 !== self::$_options['referer']['active'] || 0 !== self::$_options['target']['active'] || 0 !== self::$_options['ip']['active'] ) {
add_filter( 'statify__skip_tracking', array( 'StatifyBlacklist', 'apply_blacklist_filter' ) );
}
// Admin only filters.
if ( is_admin() ) {
StatifyBlacklist_Admin::init();
// Load Textdomain (only needed for backend.
load_plugin_textdomain( 'statifyblacklist', false, STATIFYBLACKLIST_DIR . '/lang/' );
// Add actions.
add_action( 'wpmu_new_blog', array( 'StatifyBlacklist_Install', 'init_site' ) );
add_action( 'delete_blog', array( 'StatifyBlacklist_System', 'init_site' ) );
add_filter( 'plugin_row_meta', array( 'StatifyBlacklist_Admin', 'plugin_meta_link' ), 10, 2 );
if ( is_multisite() ) {
add_action( 'network_admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter(
'network_admin_plugin_action_links', array(
'StatifyBlacklist_Admin',
'plugin_actions_links',
),
10,
2
);
} else {
add_action( 'admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter( 'plugin_action_links', array( 'StatifyBlacklist_Admin', 'plugin_actions_links' ), 10, 2 );
}
}
// CronJob to clean up database.
if ( defined( 'DOING_CRON' ) && DOING_CRON &&
( 1 === self::$options['referer']['cron'] || 1 === self::$options['target']['cron'] ) ) {
add_action( 'statify_cleanup', array( 'StatifyBlacklist_Admin', 'cleanup_database' ) );
if ( defined( 'DOING_CRON' ) && DOING_CRON ) {
if ( 1 === self::$_options['referer']['cron'] || 1 === self::$_options['target']['cron'] ) {
add_action( 'statify_cleanup', array( 'StatifyBlacklist_Admin', 'cleanup_database' ) );
}
}
}
@ -122,16 +125,12 @@ class StatifyBlacklist {
* @since 1.2.1 update_options($options = null) Parameter with default value introduced.
*
* @param array $options Optional. New options to save.
*
* @return void
*/
public static function update_options( $options = null ) {
if ( self::$multisite ) {
$o = get_site_option( 'statify-blacklist' );
} else {
$o = get_option( 'statify-blacklist' );
}
self::$options = wp_parse_args( $o, self::default_options() );
self::$_options = wp_parse_args(
get_option( 'statify-blacklist' ),
self::default_options()
);
}
/**
@ -159,46 +158,85 @@ class StatifyBlacklist {
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'version' => self::VERSION_MAIN,
);
}
/**
* Apply the filter if active
* Apply the blacklist filter if active
*
* @since 1.0.0
*
* @return bool TRUE if referer matches filter.
* @return bool TRUE if referer matches blacklist.
*/
public static function apply_blacklist_filter() {
// Referer filter.
if (
self::apply_single_filter(
self::$options['referer'],
array(
__CLASS__,
( ! isset( self::$options['referer']['regexp'] ) || self::MODE_NORMAL === self::$options['referer']['regexp'] ) ? 'get_referer_domain' : 'get_referer',
)
)
) {
return true;
// Referer blacklist.
if ( isset( self::$_options['referer']['active'] ) && 0 !== self::$_options['referer']['active'] ) {
// Regular Expression filtering since 1.3.0.
if ( isset( self::$_options['referer']['regexp'] ) && self::$_options['referer']['regexp'] > 0 ) {
// Get full referer string.
$referer = wp_get_raw_referer();
if ( ! $referer ) {
$referer = '';
}
// Merge given regular expressions into one.
$regexp = '/' . implode( '|', array_keys( self::$_options['referer']['blacklist'] ) ) . '/';
if ( 2 === self::$_options['referer']['regexp'] ) {
$regexp .= 'i';
}
// Check blacklist (return NULL to continue filtering).
return ( 1 === preg_match( $regexp, $referer ) ) ? true : null;
} else {
// Extract relevant domain parts.
$referer = wp_parse_url( wp_get_raw_referer() );
$referer = strtolower( ( isset( $referer['host'] ) ? $referer['host'] : '' ) );
// Get blacklist.
$blacklist = self::$_options['referer']['blacklist'];
// Check blacklist.
if ( isset( $blacklist[ $referer ] ) ) {
return true;
}
}
}
// Target filter (since 1.4.0).
if ( self::apply_single_filter( self::$options['target'], array( __CLASS__, 'get_target' ) ) ) {
return true;
// Target blacklist (since 1.4.0).
if ( isset( self::$_options['target']['active'] ) && 0 !== self::$_options['target']['active'] ) {
// Regular Expression filtering since 1.3.0.
if ( isset( self::$_options['target']['regexp'] ) && 0 < self::$_options['target']['regexp'] ) {
// Get full referer string.
// @codingStandardsIgnoreStart The globals are checked.
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
// @codingStandardsIgnoreEnd
// Merge given regular expressions into one.
$regexp = '/' . implode( '|', array_keys( self::$_options['target']['blacklist'] ) ) . '/';
if ( 2 === self::$_options['target']['regexp'] ) {
$regexp .= 'i';
}
// Check blacklist (return NULL to continue filtering).
return ( 1 === preg_match( $regexp, $target ) ) ? true : null;
} else {
// Extract target page.
// @codingStandardsIgnoreStart The globals are checked.
$target = ( isset( $_SERVER['REQUEST_URI'] ) ? $_SERVER['REQUEST_URI'] : '/' );
// @codingStandardsIgnoreEnd
// Get blacklist.
$blacklist = self::$_options['target']['blacklist'];
// Check blacklist.
if ( isset( $blacklist[ $target ] ) ) {
return true;
}
}
}
// IP filter (since 1.4.0).
if ( isset( self::$options['ip']['active'] ) && 0 !== self::$options['ip']['active'] ) {
// IP blacklist (since 1.4.0).
if ( isset( self::$_options['ip']['active'] ) && 0 !== self::$_options['ip']['active'] ) {
$ip = self::get_ip();
if ( false !== ( $ip ) ) {
foreach ( self::$options['ip']['blacklist'] as $net ) {
foreach ( self::$_options['ip']['blacklist'] as $net ) {
if ( self::cidr_match( $ip, $net ) ) {
return true;
}
@ -206,145 +244,10 @@ class StatifyBlacklist {
}
}
// User agent filter (since 1.6).
if ( self::apply_single_filter( self::$options['ua'], array( __CLASS__, 'get_user_agent' ) ) ) {
return true;
}
// Skip and continue (return NULL), if all filters are inactive.
// Skip and continue (return NULL), if all blacklists are inactive.
return null;
}
/**
* Apply a single filter, if active.
*
* @param array $config Configuration array from plugin options.
* @param callable $value_fn Extractor function for filterable value.
*
* @return bool TRUE if referer matches filter.
*
* @since 1.6 Extracted from "apply_blacklist_filter" to reduce redundancies.
*/
private static function apply_single_filter( $config, $value_fn ) {
// Is the filter active?
if ( ! isset( $config['active'] ) || 0 === $config['active'] ) {
return false;
}
// Extract the filterable value.
$value = call_user_func( $value_fn );
$mode = isset( $config['regexp'] ) ? intval( $config['regexp'] ) : self::MODE_NORMAL;
switch ( $mode ) {
case self::MODE_REGEX:
case self::MODE_REGEX_CI:
// Regular Expression filtering since 1.3.0.
// Merge given regular expressions into one.
$regexp = self::regex(
array_keys( $config['blacklist'] ),
self::MODE_REGEX_CI === $config['regexp']
);
// Check filter (no return to continue filtering #12).
if ( 1 === preg_match( $regexp, $value ) ) {
return true;
}
break;
case self::MODE_KEYWORD:
// Keyword filter since 1.5.0 (#15).
foreach ( array_keys( $config['blacklist'] ) as $keyword ) {
if ( false !== strpos( strtolower( $value ), strtolower( $keyword ) ) ) {
return true;
}
}
break;
default:
// Standard exact filter.
if ( isset( $config['blacklist'][ $value ] ) ) {
return true;
}
}
return false;
}
/**
* Preprocess regular expression provided by the user, i.e. add delimiters and optional ci flag.
*
* @param string|array $expression Original expression string or array of expressions.
* @param string|array $case_insensitive Make expression match case-insensitive.
*
* @return string Preprocessed expression ready for preg_match().
*/
protected static function regex( $expression, $case_insensitive ) {
$res = '/';
if ( is_string( $expression ) ) {
$res .= str_replace( '/', '\/', $expression );
} elseif ( is_array( $expression ) ) {
$res .= implode(
'|',
array_map(
function ( $e ) {
return str_replace( '/', '\/', $e );
},
$expression
)
);
}
$res .= '/';
if ( $case_insensitive ) {
$res .= 'i';
}
return $res;
}
/**
* Helper method to determine the client's referer.
*
* @return string The referer.
*/
private static function get_referer() {
$referer = wp_get_raw_referer();
if ( ! $referer ) {
$referer = '';
}
return $referer;
}
/**
* Helper method to determine the host part of the client's referer.
*
* @return string Referer domain.
*/
private static function get_referer_domain() {
$referer = wp_parse_url( self::get_referer() );
return strtolower( ( isset( $referer['host'] ) ? $referer['host'] : '' ) );
}
/**
* Helper method to determine the client's referer.
*
* @return string The referer.
*/
private static function get_target() {
if ( isset( $_SERVER['REQUEST_URI'] ) ) {
$target = filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_URL );
if ( $target ) {
return $target;
}
}
return '';
}
/**
* Helper method to determine the client's IP address.
*
@ -368,35 +271,20 @@ class StatifyBlacklist {
'REMOTE_ADDR',
) as $k
) {
// @codingStandardsIgnoreStart The globals are checked.
if ( isset( $_SERVER[ $k ] ) ) {
// phpcs:ignore
foreach ( explode( ',', $_SERVER[ $k ] ) as $ip ) {
if ( false !== filter_var( $ip, FILTER_VALIDATE_IP ) ) {
return $ip;
}
}
}
// @codingStandardsIgnoreEnd
}
return false;
}
/**
* Helper method to determine the user agent.
*
* @return string The user agent string.
*/
private static function get_user_agent() {
if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
$user_agent = filter_var( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) );
if ( $user_agent ) {
return $user_agent;
}
}
return '';
}
/**
* Helper function to check if an IP address matches a given subnet.
*
@ -436,7 +324,7 @@ class StatifyBlacklist {
}
$ceil = ceil( $mask / 16 );
for ( $i = 1; $i <= $ceil; ++$i ) {
for ( $i = 1; $i <= $ceil; ++ $i ) {
$left = $mask - 16 * ( $i - 1 );
$left = ( $left <= 16 ) ? $left : 16;
$mask_b = ~( 0xffff >> $left ) & 0xffff;
@ -467,6 +355,6 @@ class StatifyBlacklist {
}
return ( 0 === substr_compare( sprintf( '%032b', ip2long( $ip ) ), sprintf( '%032b', ip2long( $base ) ), 0, $mask ) );
}
} // End if().
}
}

16
package.json
View File

@ -1,7 +1,17 @@
{
"name": "statify-blacklist",
"version": "1.7.2",
"description": "A filter extension for the famous Statify WordPress plugin",
"version": "1.4.2",
"description": "A blacklist extension for the famous Statify WordPress plugin",
"author": "Stefan Kalscheuer",
"license": "GPL-2.0+"
"license": "GPL-2.0+",
"devDependencies": {
"gulp": "^3.9.1",
"gulp-clean": "^0.3.2",
"gulp-copy": "^1.0.1",
"gulp-zip": "^4.0.0",
"gulp-composer": "^0.4.4",
"gulp-phpunit": "^0.24.1",
"gulp-phpcs": "^2.1.0",
"child_process": "^1.0.2"
}
}

30
phpcs.xml
View File

@ -2,28 +2,16 @@
<ruleset name="StatifyBlacklist">
<description>Derived from WordPress Coding Standard</description>
<arg value="psv"/>
<arg name="colors"/>
<!-- Files to sniff -->
<file>statify-blacklist.php</file>
<file>inc</file>
<!-- Compliance with WordPress Coding Standard -->
<config name="minimum_supported_wp_version" value="4.7"/>
<rule ref="WordPress">
<!-- Type hint checks mess up PHP 7 checks, while this plugin has compatibility level 5.5 and above. -->
<exclude name="Squiz.Commenting.FunctionComment.ScalarTypeHintMissing"/>
<!-- The plugin uses switch_to_blog for multisite handling. -->
<exclude name="WordPress.VIP.RestrictedFunctions.switch_to_blog"/>
<exclude name="WordPress.VIP.RestrictedFunctions.switch_to_blog_switch_to_blog"/>
<!-- Direct queries used to clean up statify table. -->
<exclude name="WordPress.DB.DirectDatabaseQuery.DirectQuery"/>
<exclude name="WordPress.DB.DirectDatabaseQuery.NoCaching"/>
<exclude name="WordPress.VIP.DirectDatabaseQuery.DirectQuery"/>
<exclude name="WordPress.VIP.DirectDatabaseQuery.NoCaching"/>
</rule>
<rule ref="WordPress.WP.I18n">
<properties>
<property name="text_domain" type="array" value="statify-blacklist"/>
</properties>
</rule>
<!-- PHP compatibility level -->
<config name="testVersion" value="5.5-"/>
<rule ref="PHPCompatibilityWP"/>
</ruleset>

6
phpunit.xml
View File

@ -1,8 +1,8 @@
<?xml version="1.0" encoding="utf-8" ?>
<phpunit bootstrap="test/bootstrap.php">
<phpunit bootstrap="./vendor/autoload.php">
<testsuites>
<testsuite name="Statify Blacklist TestSuite">
<directory suffix="_Test.php">./test/</directory>
<directory suffix="-test.php">./test/</directory>
</testsuite>
</testsuites>
<filter>
@ -12,6 +12,6 @@
</filter>
<logging>
<log type="coverage-clover" target="tests-clover.xml"/>
<log type="junit" target="tests-junit.xml"/>
<log type="junit" target="tests-junit.xml" logIncompleteSkipped="false"/>
</logging>
</phpunit>

123
statify-blacklist.php
View File

@ -1,143 +1,76 @@
<?php
/**
* Statify Filter
* Statify Blacklist
*
* @package PluginPackage
* @author Stefan Kalscheuer <stefan@stklcode.de>
* @license GPL-2.0+
*
* @wordpress-plugin
* Plugin Name: Statify Filter
* Plugin URI: https://wordpress.org/plugins/statify-blacklist/
* Description: Extension for the Statify plugin to add customizable filters. (formerly "Statify Blacklist")
* Version: 1.7.2
* Requires at least: 4.7
* Requires PHP: 5.5
* Requires Plugins: statify
* Author: Stefan Kalscheuer (@stklcode)
* Author URI: https://www.stklcode.de
* Text Domain: statify-blacklist
* License: GPLv2 or later
* Plugin Name: Statify Blacklist
* Plugin URI: https://wordpress.org/plugins/statify-blacklist/
* Description: Extension for the Statify plugin to add a customizable blacklists.
* Version: 1.4.2
* Author: Stefan Kalscheuer (@stklcode)
* Author URI: https://www.stklcode.de
* Text Domain: statify-blacklist
* Domain Path: /lang
* License: GPLv2 or later
*
* Statify Filter is free software: you can redistribute it and/or modify
* Statify Blacklist is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 of the License, or
* any later version.
*
* Statify Filter is distributed in the hope that it will be useful,
* Statify Blacklist is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Statify Filter. If not, see https://www.gnu.org/licenses/gpl-2.0.html.
* along with Statify Blacklist. If not, see http://www.gnu.org/licenses/gpl-2.0.html.
*/
// Quit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
// Quit.
defined( 'ABSPATH' ) || exit;
// Constants.
define( 'STATIFYBLACKLIST_FILE', __FILE__ );
define( 'STATIFYBLACKLIST_DIR', __DIR__ );
define( 'STATIFYBLACKLIST_DIR', dirname( __FILE__ ) );
define( 'STATIFYBLACKLIST_BASE', plugin_basename( __FILE__ ) );
// Check for compatibility.
if ( statify_blacklist_compatibility_check() ) {
// System Hooks.
add_action( 'plugins_loaded', array( 'StatifyBlacklist', 'init' ) );
// System Hooks.
add_action( 'plugins_loaded', array( 'StatifyBlacklist', 'init' ) );
register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'install' ) );
register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'install' ) );
register_uninstall_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'uninstall' ) );
register_uninstall_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'uninstall' ) );
// Upgrade hook.
register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'upgrade' ) );
// Upgrade hook.
register_activation_hook( STATIFYBLACKLIST_FILE, array( 'StatifyBlacklist_System', 'upgrade' ) );
// Autoload.
spl_autoload_register( 'statify_blacklist_autoload' );
} else {
// Disable plugin, if active.
add_action( 'admin_init', 'statify_blacklist_disable' );
}
// Autoload.
spl_autoload_register( 'statify_blacklist_autoload' );
/**
* Autoloader for StatifyBlacklist classes.
*
* @param string $class_name Name of the class to load.
* @param string $class Name of the class to load.
*
* @since 1.0.0
*/
function statify_blacklist_autoload( $class_name ) {
function statify_blacklist_autoload( $class ) {
$plugin_classes = array(
'StatifyBlacklist',
'StatifyBlacklist_Admin',
'StatifyBlacklist_Settings',
'StatifyBlacklist_System',
);
if ( in_array( $class_name, $plugin_classes, true ) ) {
if ( in_array( $class, $plugin_classes, true ) ) {
require_once sprintf(
'%s/inc/class-%s.php',
STATIFYBLACKLIST_DIR,
strtolower( str_replace( '_', '-', $class_name ) )
strtolower( str_replace( '_', '-', $class ) )
);
}
}
/**
* Check for compatibility with PHP and WP version.
*
* @since 1.5.0
*
* @return boolean Whether minimum WP and PHP versions are met.
*/
function statify_blacklist_compatibility_check() {
return version_compare( $GLOBALS['wp_version'], '4.7', '>=' ) &&
version_compare( phpversion(), '5.5', '>=' );
}
/**
* Disable plugin if active and incompatible.
*
* @since 1.5.0
*
* @return void
*/
function statify_blacklist_disable() {
if ( is_plugin_active( STATIFYBLACKLIST_BASE ) ) {
deactivate_plugins( STATIFYBLACKLIST_BASE );
add_action( 'admin_notices', 'statify_blacklist_disabled_notice' );
// phpcs:disable WordPress.Security.NonceVerification.Recommended
if ( isset( $_GET['activate'] ) ) {
unset( $_GET['activate'] );
}
// phpcs:enable
}
}
/**
* Admin notification for unmet requirements.
*
* @since 1.5.0
*
* @return void
*/
function statify_blacklist_disabled_notice() {
echo '<div class="notice notice-error is-dismissible"><p><strong>';
printf(
/* translators: minimum version numbers for WordPress and PHP inserted at placeholders */
esc_html__( 'Statify Filter requires at least WordPress %1$s and PHP %2$s.', 'statify-blacklist' ),
'4.7',
'5.5'
);
echo '<br>';
printf(
/* translators: current version numbers for WordPress and PHP inserted at placeholders */
esc_html__( 'Your site is running WordPress %1$s on PHP %2$s, thus the plugin has been disabled.', 'statify-blacklist' ),
esc_html( $GLOBALS['wp_version'] ),
esc_html( phpversion() )
);
echo '</strong></p></div>';
}

330
test/StatifyBlacklist_Settings_Test.php
View File

@ -1,330 +0,0 @@
<?php
/**
* Statify Filter: Unit Test
*
* This is a PHPunit test class for the plugin's functionality
*
* @package Statify_Blacklist
*/
/**
* Class StatifyBlacklist_Settings_Test.
*
* PHPUnit test class for StatifyBlacklist_Settings.
*/
class StatifyBlacklist_Settings_Test extends PHPUnit\Framework\TestCase {
/**
* Test options sanitization.
*
* @return void
*/
public function test_sanitize_options() {
global $settings_error;
// Emulate default submission: nothing checked, all textareas empty.
$raw = array(
'referer' => array(
'blacklist' => '',
'regexp' => '0',
),
'target' => array(
'blacklist' => '',
'regexp' => '0',
),
'ip' => array( 'blacklist' => '' ),
'ua' => array(
'blacklist' => '',
'regexp' => '0',
),
);
$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
self::assertEmpty( $settings_error );
self::assertEquals(
array(
'referer' => array(
'active' => 0,
'cron' => 0,
'blacklist' => array(),
'regexp' => StatifyBlacklist::MODE_NORMAL,
),
'target' => array(
'active' => 0,
'cron' => 0,
'blacklist' => array(),
'regexp' => StatifyBlacklist::MODE_NORMAL,
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
),
$sanitized
);
// Some checked options and some valid entries.
$raw = array(
'referer' => array(
'cron' => '1',
'blacklist' => "example.com\r\nexample.net\r\nexample.org",
'regexp' => '0',
),
'target' => array(
'active' => '1',
'blacklist' => "foo\r\nbar\r\ntest",
'regexp' => '3',
),
'ip' => array(
'active' => '1',
'blacklist' => "127.0.0.1/8\r\n::1",
),
'ua' => array(
'blacklist' => 'MyBot/1.23',
'regexp' => '1',
),
);
$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
self::assertEmpty( $settings_error );
self::assertEquals(
array(
'referer' => array(
'active' => 0,
'cron' => 1,
'blacklist' => array(
'example.com' => 0,
'example.net' => 1,
'example.org' => 2,
),
'regexp' => StatifyBlacklist::MODE_NORMAL,
),
'target' => array(
'active' => 1,
'cron' => 0,
'blacklist' => array(
'foo' => 0,
'bar' => 1,
'test' => 2,
),
'regexp' => StatifyBlacklist::MODE_KEYWORD,
),
'ip' => array(
'active' => 1,
'blacklist' => array(
'127.0.0.1/8',
'::1',
),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_REGEX,
'blacklist' => array(
'MyBot/1.23' => 0,
),
),
'version' => StatifyBlacklist::VERSION_MAIN,
),
$sanitized
);
// Now we have some additional nonsense fields and invalid entries.
$raw = array(
'testme ' => 'whatever',
'referer' => array(
'cron' => '1',
'blacklist' => " example\\.com \r\nexample(\\.net\r\nexample\\.com",
'regexp' => '1',
),
'target' => array(
'active' => '1',
'blacklist' => "fo.\r\n[bar\r\n*test",
'regexp' => '2',
),
'ip' => array(
'active' => '1',
'blacklist' => "127.0.0.1/8\r\nthisisnotanip\r\n127.0.0.1/8",
),
'ua' => array(
'blacklist' => 'MyBot/1.23',
'regexp' => '1',
),
);
$sanitized = StatifyBlacklist_Settings::sanitize_options( $raw );
self::assertEquals(
array(
'referer' => array(
'active' => 0,
'cron' => 1,
'blacklist' => array(
'example\.com' => 2,
'example(\.net' => 1,
),
'regexp' => StatifyBlacklist::MODE_REGEX,
),
'target' => array(
'active' => 1,
'cron' => 0,
'blacklist' => array(
'fo.' => 0,
'[bar' => 1,
'*test' => 2,
),
'regexp' => StatifyBlacklist::MODE_REGEX_CI,
),
'ip' => array(
'active' => 1,
'blacklist' => array(
'127.0.0.1/8',
),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_REGEX,
'blacklist' => array(
'MyBot/1.23' => 0,
),
),
'version' => StatifyBlacklist::VERSION_MAIN,
),
$sanitized
);
self::assertEquals(
array(
array( 'statify-blacklist', 'referer-invalid', 'Some regular expressions for referrers are invalid:<br>example(\.net', 'error' ),
array( 'statify-blacklist', 'target-invalid', 'Some regular expressions for targets are invalid:<br>[bar<br>*test', 'error' ),
array( 'statify-blacklist', 'ip-diff', 'Some IPs are invalid: thisisnotanip', 'warning' ),
),
$settings_error
);
}
/**
* Test sanitization of IP addresses.
*
* @return void
*/
public function test_sanitize_ips() {
// IPv4 tests.
$valid = array( '192.0.2.123', '192.0.2.123/32', '192.0.2.0/24', '192.0.2.128/25' );
$invalid = array( '12.34.56.789', '192.0.2.123/33', '192.0.2.123/-1' );
$result = invoke_static( StatifyBlacklist_Settings::class, 'sanitize_ips', array( array_merge( $valid, $invalid ) ) );
$this->assertNotFalse( $result );
/*
* Unfortunately this is necessary as long as we run PHP 5 tests, because "assertInternalType" is deprecated
* as of PHPUnit 8, but "assertIsArray" has been introduces in PHPUnit 7.5 which requires PHP >= 7.1.
*/
if ( method_exists( $this, 'assertIsArray' ) ) {
$this->assertIsArray( $result );
} else {
$this->assertInternalType( 'array', $result );
}
$this->assertEquals( $valid, $result );
// IPv6 tests.
$valid = array(
'2001:db8:a0b:12f0::',
'2001:db8:a0b:12f0::1',
'2001:db8:a0b:12f0::1/128',
'2001:DB8:A0B:12F0::/64',
'fe80::7645:6de2:ff:1',
'2001:db8:a0b:12f0::',
'::ffff:192.0.2.123',
);
$invalid = array(
'2001:db8:a0b:12f0::x',
'2001:db8:a0b:12f0:::',
'2001:fffff:a0b:12f0::1',
'2001:DB8:A0B:12F0::/129',
'1:2:3:4:5:6:7:8:9',
'::ffff:12.34.56.789',
);
$result = invoke_static( StatifyBlacklist_Settings::class, 'sanitize_ips', array( array_merge( $valid, $invalid ) ) );
$this->assertNotFalse( $result );
if ( method_exists( $this, 'assertIsArray' ) ) {
$this->assertIsArray( $result );
} else {
$this->assertInternalType( 'array', $result );
}
$this->assertEquals(
array(
'2001:db8:a0b:12f0::',
'2001:db8:a0b:12f0::1',
'2001:db8:a0b:12f0::1/128',
'2001:db8:a0b:12f0::/64',
'fe80::7645:6de2:ff:1',
'::ffff:192.0.2.123',
),
$result
);
}
/**
* Test settings registration.
*
* @return void
*/
public function test_register_settings() {
global $settings;
$settings = array();
StatifyBlacklist_Settings::register_settings();
$this->assertEquals( array( 'statify-blacklist' ), array_keys( $settings ), 'unexpected settings pages' );
$this->assertEquals(
array(
'statifyblacklist-referer',
'statifyblacklist-target',
'statifyblacklist-ip',
'statifyblacklist-ua',
),
array_keys( $settings['statify-blacklist']['sections'] ),
'unexpected settings sections'
);
$this->assertEquals(
array(
'statifyblacklist-referer-active',
'statifyblacklist-referer-cron',
'statifyblacklist-referer-regexp',
'statifyblacklist-referer-blacklist',
),
array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-referer']['fields'] ),
'unexpected fields in referrer section'
);
$this->assertEquals(
array(
'statifyblacklist-target-active',
'statifyblacklist-target-cron',
'statifyblacklist-target-regexp',
'statifyblacklist-target-blacklist',
),
array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-target']['fields'] ),
'unexpected fields in target section'
);
$this->assertEquals(
array( 'statifyblacklist-ip-active', 'statifyblacklist-ip-blacklist' ),
array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-ip']['fields'] ),
'unexpected fields in ip section'
);
$this->assertEquals(
array(
'statifyblacklist-ua-active',
'statifyblacklist-ua-regexp',
'statifyblacklist-ua-blacklist',
),
array_keys( $settings['statify-blacklist']['sections']['statifyblacklist-ua']['fields'] ),
'unexpected fields in user agent section'
);
}
}

91
test/StatifyBlacklist_System_Test.php
View File

@ -1,91 +0,0 @@
<?php
/**
* Statify Filter: Unit Test
*
* This is a PHPunit test class for the plugin's functionality
*
* @package Statify_Blacklist
*/
/**
* Class StatifyBlacklist_System_Test.
*
* PHPUnit test class for StatifyBlacklist_System.
*/
class StatifyBlacklist_System_Test extends PHPUnit\Framework\TestCase {
/**
* Test the upgrade methodology for configuration options.
*
* @return void
*/
public function test_upgrade() {
// Create configuration of version 1.3.
$options13 = array(
'active_referer' => 1,
'cron_referer' => 0,
'referer' => array(
'example.net' => 0,
'example.com' => 1,
),
'referer_regexp' => 0,
'version' => 1.3,
);
// Set options in mock.
update_option( 'statify-blacklist', $options13 );
// Execute upgrade.
StatifyBlacklist_System::upgrade();
// Retrieve updated options.
$options_updated = get_option( 'statify-blacklist' );
// Verify size against default options (no junk left).
$this->assertEquals( 5, count( $options_updated ) );
$this->assertEquals( 4, count( $options_updated['referer'] ) );
$this->assertEquals( 4, count( $options_updated['target'] ) );
$this->assertEquals( 2, count( $options_updated['ip'] ) );
$this->assertEquals( 3, count( $options_updated['ua'] ) );
$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
// Verify that original attributes are unchanged.
$this->assertEquals( $options13['active_referer'], $options_updated['referer']['active'] );
$this->assertEquals( $options13['cron_referer'], $options_updated['referer']['cron'] );
$this->assertEquals( $options13['referer'], $options_updated['referer']['blacklist'] );
$this->assertEquals( $options13['referer_regexp'], $options_updated['referer']['regexp'] );
// Verify that new attributes are present in config and filled with default values (disabled, empty).
$this->assertEquals( 0, $options_updated['target']['active'] );
$this->assertEquals( 0, $options_updated['target']['cron'] );
$this->assertEquals( 0, $options_updated['target']['regexp'] );
$this->assertEquals( array(), $options_updated['target']['blacklist'] );
$this->assertEquals( 0, $options_updated['ip']['active'] );
$this->assertEquals( array(), $options_updated['ip']['blacklist'] );
$this->assertEquals( 0, $options_updated['ua']['active'] );
$this->assertEquals( 0, $options_updated['ua']['regexp'] );
$this->assertEquals( array(), $options_updated['ua']['blacklist'] );
// Verify that version number has changed to current release.
$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
// Test upgrade of incorrectly stored user agent list in 1.6.
$options_updated['version'] = 1.4;
$options_updated['ua']['blacklist'] = array( 'user agent 1', 'user agent 2' );
update_option( 'statify-blacklist', $options_updated );
// Execute upgrade.
StatifyBlacklist_System::upgrade();
// Retrieve updated options.
$options_updated = get_option( 'statify-blacklist' );
$this->assertEquals(
array(
'user agent 1' => 0,
'user agent 2' => 1,
),
$options_updated['ua']['blacklist']
);
$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $options_updated['version'] );
}
}

615
test/StatifyBlacklist_Test.php
View File

@ -1,615 +0,0 @@
<?php
/**
* Statify Filter: Unit Test
*
* This is a PHPunit test class for the plugin's functionality
*
* @package Statify_Blacklist
* @since 1.3.0
*/
/**
* Class StatifyBlacklistTest.
*
* PHPUnit test class for StatifyBlacklist.
*
* @since 1.3.0
*/
class StatifyBlacklist_Test extends PHPUnit\Framework\TestCase {
/**
* Test simple referer filter.
*
* @return void
*/
public function test_referer_filter() {
// Prepare Options: 2 filtered domains, disabled.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(
'example.com' => 0,
'example.net' => 1,
),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No referer.
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://example.org';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer with path.
$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter and run tests again.
StatifyBlacklist::$options['referer']['active'] = 1;
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.org';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test referer filter using regular expressions.
*
* @return void
*/
public function test_referer_regex_filter() {
// Prepare Options: 2 regular expressions.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 1,
'cron' => 0,
'regexp' => 1,
'blacklist' => array(
'example.[a-z]+' => 0,
'test' => 1,
),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No referer.
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://not.evil';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer with path.
$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching both.
$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching with wrong case.
$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Set RegExp filter to case insensitive.
StatifyBlacklist::$options['referer']['regexp'] = 2;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test referer filter using keywords.
*
* @return void
*/
public function test_referer_keyword_filter() {
// Prepare Options: 2 regular expressions.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 1,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_KEYWORD,
'blacklist' => array(
'example' => 0,
'test' => 1,
),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No referer.
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://not.evil';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer.
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer with path.
$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching both.
$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching with wrong case.
$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test CIDR address matching for IP filter (#7).
*
* @return void
*/
public function test_cidr_match() {
// IPv4 tests.
$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1' ) ) );
$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1/32' ) ) );
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '127.0.0.1', '127.0.0.1/33' )
)
);
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '127.0.0.1', '127.0.0.1/-1' )
)
);
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '192.0.2.123', '192.0.2.0/24' )
)
);
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '192.0.3.123', '192.0.2.0/24' )
)
);
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '192.0.2.123', '192.0.2.120/29' )
)
);
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '192.0.2.128', '192.0.2.120/29' )
)
);
$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '10.11.12.13', '10.0.0.0/8' ) ) );
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '10.11.12.345', '10.0.0.0/8' )
)
);
// IPv6 tests.
$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1' ) ) );
$this->assertTrue( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/128' ) ) );
$this->assertFalse( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/129' ) ) );
$this->assertFalse( invoke_static( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/-1' ) ) );
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '2001:db8:a0b:12f0:1:2:3:4', '2001:db8:a0b:12f0::1/64 ' )
)
);
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '2001:db8:a0b:12f0::123:456', '2001:db8:a0b:12f0::1/96 ' )
)
);
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '2001:DB8:A0B:12F0::123:456', '2001:db8:a0b:12f0::1/96 ' )
)
);
$this->assertTrue(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '2001:db8:a0b:12f0::123:456', '2001:DB8:A0B:12F0::1/96 ' )
)
);
$this->assertFalse(
invoke_static(
StatifyBlacklist::class,
'cidr_match',
array( '2001:db8:a0b:12f0::1:132:465', '2001:db8:a0b:12f0::1/96 ' )
)
);
}
/**
* Test IP filter (#7).
*
* @return void
*/
public function test_ip_filter() {
// Prepare Options: 2 filtered IPs, disabled.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(
'192.0.2.123',
'2001:db8:a0b:12f0::1',
),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// Set matching IP.
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter.
StatifyBlacklist::$options['ip']['active'] = 1;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Try matching v6 address.
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::1';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Non-matching addresses.
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::2';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Subnet matching.
StatifyBlacklist::$options['ip']['blacklist'] = array(
'192.0.2.0/25',
'2001:db8:a0b:12f0::/96',
);
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::5';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0:0:1111::1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filter using proxy header.
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_FORWARDED_FOR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0:1111::1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0::1';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test simple target filter.
*
* @return void
*/
public function test_target_filter() {
// Prepare Options: 2 filtered domains, disabled.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(
'/excluded/page/' => 0,
'/?page_id=3' => 1,
),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// Empty target.
unset( $_SERVER['REQUEST_URI'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-filtered targets.
$_SERVER['REQUEST_URI'] = '';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filtered referer.
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter and run tests again.
StatifyBlacklist::$options['target']['active'] = 1;
unset( $_SERVER['REQUEST_URI'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
// TODO: Test target regex filter.
/**
* Test user agent filter (#20).
*
* @return void
*/
public function test_ua_filter() {
// Prepare Options: 2 filtered IPs, disabled.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(
'TestBot/1.23' => 0,
),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// Set matching user agent.
$_SERVER['HTTP_USER_AGENT'] = 'TestBot/1.23';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter.
StatifyBlacklist::$options['ua']['active'] = 1;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Non-matching addresses.
$_SERVER['HTTP_USER_AGENT'] = 'Another Browser 4.5.6 (Linux)';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_USER_AGENT'] = 'TestBot/2.34';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Keyword matching.
StatifyBlacklist::$options['ua']['blacklist'] = array( 'TestBot' => 0 );
StatifyBlacklist::$options['ua']['regexp'] = StatifyBlacklist::MODE_KEYWORD;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// RegEx.
StatifyBlacklist::$options['ua']['blacklist'] = array( 'T[a-z]+B[a-z]+' => 0 );
StatifyBlacklist::$options['ua']['regexp'] = StatifyBlacklist::MODE_REGEX;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
StatifyBlacklist::$options['ua']['blacklist'] = array( 't[a-z]+' => 0 );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
StatifyBlacklist::$options['ua']['regexp'] = StatifyBlacklist::MODE_REGEX_CI;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test combined filters.
*
* @since 1.4.4
*
* @return void
*/
public function test_combined_filters() {
// Prepare Options: simple referer + simple target + ip.
StatifyBlacklist::$options = array(
'referer' => array(
'active' => 1,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(
'example.com' => 0,
),
),
'target' => array(
'active' => 1,
'cron' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(
'/excluded/page/' => 0,
),
),
'ip' => array(
'active' => 1,
'blacklist' => array(
'192.0.2.123',
),
),
'ua' => array(
'active' => 0,
'regexp' => StatifyBlacklist::MODE_NORMAL,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No match.
$_SERVER['HTTP_REFERER'] = 'https://example.net';
$_SERVER['REQUEST_URI'] = '/normal/page/';
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
unset( $_SERVER['HTTP_X_FORWARDED_FOR'] );
unset( $_SERVER['HTTP_X_REAL_IP'] );
// Matching Referer.
$_SERVER['HTTP_REFERER'] = 'https://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching target.
$_SERVER['HTTP_REFERER'] = 'https://example.net';
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching IP.
$_SERVER['REQUEST_URI'] = '/normal/page/';
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
// Same for RegExp filters.
StatifyBlacklist::$options['referer']['regexp'] = StatifyBlacklist::MODE_REGEX;
StatifyBlacklist::$options['referer']['blacklist'] = array( 'example\.com' => 0 );
StatifyBlacklist::$options['target']['regexp'] = StatifyBlacklist::MODE_REGEX;
StatifyBlacklist::$options['target']['blacklist'] = array( '/excluded/.*' => 0 );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'https://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Check case-insensitive match.
$_SERVER['HTTP_REFERER'] = 'https://eXaMpLe.com';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
StatifyBlacklist::$options['referer']['regexp'] = StatifyBlacklist::MODE_REGEX_CI;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'https://example.net';
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/normal/page/';
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
}
}

134
test/bootstrap.php
View File

@ -1,134 +0,0 @@
<?php
/**
* PHPUnit bootstrap file
*
* @package Statify_Blacklist
*/
/**
* Simulating the ABSPATH constant.
*
* @var boolean ABSPATH
*/
const ABSPATH = false;
/*
* Include class files.
*/
require_once __DIR__ . '/../inc/class-statifyblacklist.php';
require_once __DIR__ . '/../inc/class-statifyblacklist-admin.php';
require_once __DIR__ . '/../inc/class-statifyblacklist-settings.php';
require_once __DIR__ . '/../inc/class-statifyblacklist-system.php';
// Include Composer autoloader.
require_once __DIR__ . '/../vendor/autoload.php';
/** @ignore */
function invoke_static( $class, $method_name, $parameters = array() ) {
$reflection = new \ReflectionClass( $class );
$method = $reflection->getMethod( $method_name );
$method->setAccessible( true );
return $method->invokeArgs( null, $parameters );
}
// Some mocked WP functions.
$mock_options = array();
$mock_multisite = false;
$settings_error = array();
$settings = array();
/** @ignore */
function is_multisite() {
global $mock_multisite;
return $mock_multisite;
}
/** @ignore */
function wp_parse_args( $args, $defaults = '' ) {
if ( is_object( $args ) ) {
$r = get_object_vars( $args );
} elseif ( is_array( $args ) ) {
$r =& $args;
} else {
parse_str( $args, $r );
}
if ( is_array( $defaults ) ) {
return array_merge( $defaults, $r );
}
return $r;
}
/** @ignore */
function get_option( $option, $default = false ) {
global $mock_options;
return isset( $mock_options[ $option ] ) ? $mock_options[ $option ] : $default;
}
/** @ignore */
function update_option( $option, $value, $autoload = null ) {
global $mock_options;
$mock_options[ $option ] = $value;
}
/** @ignore */
function wp_get_raw_referer() {
return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : '';
}
function wp_parse_url( $value ) {
return parse_url( $value );
}
/** @ignore */
function wp_unslash( $value ) {
return is_string( $value ) ? stripslashes( $value ) : $value;
}
/** @ignore */
function __( $text, $domain = 'default' ) {
return $text;
}
/** @ignore */
function add_settings_error( $setting, $code, $message, $type = 'error' ) {
global $settings_error;
$settings_error[] = array( $setting, $code, $message, $type );
}
/** @ignore */
function register_setting( $option_group, $option_name, $args = array() ) {
global $settings;
$settings[ $option_name ] = array(
'group' => $option_group,
'args' => $args,
'sections' => array(),
);
}
/** @ignore */
function add_settings_section( $id, $title, $callback, $page, $args = array() ) {
global $settings;
$settings[ $page ]['sections'][ $id ] = array(
'title' => $title,
'callback' => $callback,
'args' => $args,
'fields' => array(),
);
}
/** @ignore */
function add_settings_field( $id, $title, $callback, $page, $section = 'default', $args = array() ) {
global $settings;
$settings[ $page ]['sections'][ $section ]['fields'][ $id ] = array(
'title' => $title,
'callback' => $callback,
'args' => $args,
);
}

541
test/statifyblacklist-test.php Normal file
View File

@ -0,0 +1,541 @@
<?php
/**
* Statify Blacklist: Unit Test
*
* This is a PHPunit test class for the plugin's functionality
*
* @package Statify_Blacklist
* @subpackage Admin
* @since 1.3.0
*/
/**
* Simulating the ABSPATH constant.
*
* @since 1.3.0
* @var bool ABSPATH
*/
const ABSPATH = false;
/**
* The StatifyBlacklist base class.
*/
require_once( 'inc/class-statifyblacklist.php' );
/**
* The StatifyBlacklist system class.
*/
require_once( 'inc/class-statifyblacklist-system.php' );
/**
* The StatifyBlacklist admin class.
*/
require_once( 'inc/class-statifyblacklist-admin.php' );
/**
* Class StatifyBlacklistTest.
*
* PHPUnit test class for StatifyBlacklist.
*
* @since 1.3.0
*/
class StatifyBlacklist_Test extends PHPUnit\Framework\TestCase {
/**
* Test simple referer filter.
*/
public function test_referer_filter() {
// Prepare Options: 2 blacklisted domains, disabled.
StatifyBlacklist::$_options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(
'example.com' => 0,
'example.net' => 1,
),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No referer.
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-blacklisted referer.
$_SERVER['HTTP_REFERER'] = 'http://example.org';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Blacklisted referer.
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Blacklisted referer with path.
$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter and run tests again.
StatifyBlacklist::$_options['referer']['active'] = 1;
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.org';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_REFERER'] = 'http://example.net/foo/bar.html';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test referer filter using regular expressions.
*/
public function testRefererRegexFilter() {
// Prepare Options: 2 regular expressions.
StatifyBlacklist::$_options = array(
'referer' => array(
'active' => 1,
'cron' => 0,
'regexp' => 1,
'blacklist' => array(
'example.[a-z]+' => 0,
'test' => 1,
),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// No referer.
unset( $_SERVER['HTTP_REFERER'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-blacklisted referer.
$_SERVER['HTTP_REFERER'] = 'http://not.evil';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Blacklisted referer.
$_SERVER['HTTP_REFERER'] = 'http://example.com';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Blacklisted referer with path.
$_SERVER['HTTP_REFERER'] = 'http://foobar.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Matching both.
$_SERVER['HTTP_REFERER'] = 'http://example.net/test/me';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Mathinc with wrong case.
$_SERVER['HTTP_REFERER'] = 'http://eXaMpLe.NeT/tEsT/mE';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Set RegExp filter to case insensitive.
StatifyBlacklist::$_options['referer']['regexp'] = 2;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test the upgrade methodology for configuration options.
*/
public function testUpgrade() {
// Create configuration of version 1.3.
$options13 = array(
'active_referer' => 1,
'cron_referer' => 0,
'referer' => array(
'example.net' => 0,
'example.com' => 1,
),
'referer_regexp' => 0,
'version' => 1.3,
);
// Set options in mock.
update_option( 'statify-blacklist', $options13 );
// Execute upgrade.
StatifyBlacklist_System::upgrade();
// Retrieve updated options.
$optionsUpdated = get_option( 'statify-blacklist' );
// Verify size against default options (no junk left).
$this->assertEquals( 4, count( $optionsUpdated ) );
$this->assertEquals( 4, count( $optionsUpdated['referer'] ) );
$this->assertEquals( 4, count( $optionsUpdated['target'] ) );
$this->assertEquals( 2, count( $optionsUpdated['ip'] ) );
// Verify that original attributes are unchanged.
$this->assertEquals( $options13['active_referer'], $optionsUpdated['referer']['active'] );
$this->assertEquals( $options13['cron_referer'], $optionsUpdated['referer']['cron'] );
$this->assertEquals( $options13['referer'], $optionsUpdated['referer']['blacklist'] );
$this->assertEquals( $options13['referer_regexp'], $optionsUpdated['referer']['regexp'] );
// Verify that new attributes are present in config and filled with default values (disabled, empty).
$this->assertEquals( 0, $optionsUpdated['target']['active'] );
$this->assertEquals( 0, $optionsUpdated['target']['cron'] );
$this->assertEquals( 0, $optionsUpdated['target']['regexp'] );
$this->assertEquals( array(), $optionsUpdated['target']['blacklist'] );
$this->assertEquals( 0, $optionsUpdated['ip']['active'] );
$this->assertEquals( array(), $optionsUpdated['ip']['blacklist'] );
// Verify that version number has changed to current release.
$this->assertEquals( StatifyBlacklist::VERSION_MAIN, $optionsUpdated['version'] );
}
/**
* Test CIDR address matching for IP filter (#7)
*/
public function testCidrMatch() {
// IPv4 tests.
$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1' ) ) );
$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '127.0.0.1', '127.0.0.1/32' ) ) );
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'127.0.0.1',
'127.0.0.1/33',
)
)
);
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'127.0.0.1',
'127.0.0.1/-1',
)
)
);
$this->assertTrue(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'192.0.2.123',
'192.0.2.0/24',
)
)
);
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'192.0.3.123',
'192.0.2.0/24',
)
)
);
$this->assertTrue(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'192.0.2.123',
'192.0.2.120/29',
)
)
);
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'192.0.2.128',
'192.0.2.120/29',
)
)
);
$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '10.11.12.13', '10.0.0.0/8' ) ) );
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'10.11.12.345',
'10.0.0.0/8',
)
)
);
// IPv6 tests.
$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1' ) ) );
$this->assertTrue( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/128' ) ) );
$this->assertFalse( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/129' ) ) );
$this->assertFalse( invokeStatic( StatifyBlacklist::class, 'cidr_match', array( '::1', '::1/-1' ) ) );
$this->assertTrue(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'2001:db8:a0b:12f0:1:2:3:4',
'2001:db8:a0b:12f0::1/64 ',
)
)
);
$this->assertTrue(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'2001:db8:a0b:12f0::123:456',
'2001:db8:a0b:12f0::1/96 ',
)
)
);
$this->assertFalse(
invokeStatic(
StatifyBlacklist::class, 'cidr_match', array(
'2001:db8:a0b:12f0::1:132:465',
'2001:db8:a0b:12f0::1/96 ',
)
)
);
}
/**
* Test sanitization of IP addresses
*/
public function testSanitizeIPs() {
// IPv4 tests.
$valid = array( '192.0.2.123', '192.0.2.123/32', '192.0.2.0/24', '192.0.2.128/25' );
$invalid = array( '12.34.56.789', '192.0.2.123/33', '192.0.2.123/-1' );
$result = invokeStatic( StatifyBlacklist_Admin::class, 'sanitizeIPs', array( array_merge( $valid, $invalid ) ) );
$this->assertNotFalse( $result );
$this->assertInternalType( 'array', $result );
$this->assertEquals( $valid, $result );
// IPv6 tests.
$valid = array(
'2001:db8:a0b:12f0::',
'2001:db8:a0b:12f0::1',
'2001:db8:a0b:12f0::1/128',
'2001:db8:a0b:12f0::/64',
);
$invalid = array(
'2001:db8:a0b:12f0::x',
'2001:db8:a0b:12f0:::',
'2001:fffff:a0b:12f0::1',
'2001:db8:a0b:12f0::/129',
'1:2:3:4:5:6:7:8:9',
);
$result = invokeStatic( StatifyBlacklist_Admin::class, 'sanitizeIPs', array( array_merge( $valid, $invalid ) ) );
$this->assertNotFalse( $result );
$this->assertInternalType( 'array', $result );
$this->assertEquals( $valid, $result );
}
/**
* Test IP filter (#7).
*/
public function testIPFilter() {
// Prepare Options: 2 blacklisted IPs, disabled.
StatifyBlacklist::$_options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'ip' => array(
'active' => 0,
'blacklist' => array(
'192.0.2.123',
'2001:db8:a0b:12f0::1',
),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// Set matching IP.
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter.
StatifyBlacklist::$_options['ip']['active'] = 1;
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Try matching v6 address.
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::1';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
// Non-matching addresses.
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::2';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Subnet matching.
StatifyBlacklist::$_options['ip']['blacklist'] = array(
'192.0.2.0/25',
'2001:db8:a0b:12f0::/96',
);
$_SERVER['REMOTE_ADDR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '192.0.2.234';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0::5';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REMOTE_ADDR'] = '2001:db8:a0b:12f0:0:1111::1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Filter using proxy header.
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_FORWARDED_FOR'] = '192.0.2.123';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0:1111::1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['HTTP_X_REAL_IP'] = '2001:db8:a0b:12f0:0::1';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
/**
* Test simple target filter.
*/
public function testTargetFilter() {
// Prepare Options: 2 blacklisted domains, disabled.
StatifyBlacklist::$_options = array(
'referer' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(),
),
'target' => array(
'active' => 0,
'cron' => 0,
'regexp' => 0,
'blacklist' => array(
'/excluded/page/' => 0,
'/?page_id=3' => 1,
),
),
'ip' => array(
'active' => 0,
'blacklist' => array(),
),
'version' => StatifyBlacklist::VERSION_MAIN,
);
// No multisite.
StatifyBlacklist::$multisite = false;
// Empty target.
unset( $_SERVER['REQUEST_URI'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Non-blacklisted targets.
$_SERVER['REQUEST_URI'] = '';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Blacklisted referer.
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
// Activate filter and run tests again.
StatifyBlacklist::$_options['target']['active'] = 1;
unset( $_SERVER['REQUEST_URI'] );
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=1';
$this->assertNull( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/excluded/page/';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
$_SERVER['REQUEST_URI'] = '/?page_id=3';
$this->assertTrue( StatifyBlacklist::apply_blacklist_filter() );
}
// TODO: Test target regex filter.
}
/** @ignore */
function invokeStatic( $class, $methodName, $parameters = array() ) {
$reflection = new \ReflectionClass( $class );
$method = $reflection->getMethod( $methodName );
$method->setAccessible( true );
return $method->invokeArgs( null, $parameters );
}
// Some mocked WP functions.
$mock_options = array();
$mock_multisite = false;
/** @ignore */
function is_multisite() {
global $mock_multisite;
return $mock_multisite;
}
/** @ignore */
function wp_parse_args( $args, $defaults = '' ) {
if ( is_object( $args ) ) {
$r = get_object_vars( $args );
} elseif ( is_array( $args ) ) {
$r =& $args;
} else {
parse_str( $args, $r );
}
if ( is_array( $defaults ) ) {
return array_merge( $defaults, $r );
}
return $r;
}
/** @ignore */
function get_option( $option, $default = false ) {
global $mock_options;
return isset( $mock_options[ $option ] ) ? $mock_options[ $option ] : $default;
}
/** @ignore */
function update_option( $option, $value, $autoload = null ) {
global $mock_options;
$mock_options[ $option ] = $value;
}
/** @ignore */
function wp_get_raw_referer() {
return isset( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : '';
}
function wp_parse_url( $value ) {
return parse_url( $value );
}
/** @ignore */
function wp_unslash( $value ) {
return is_string( $value ) ? stripslashes( $value ) : $value;
}

285
views/settings-page.php Executable file
View File

@ -0,0 +1,285 @@
<?php
/**
* Statify Blacklist: Settings View
*
* This file contains the dynamic HTML skeleton for the plugin's settings page.
*
* @package Statify_Blacklist
* @subpackage Admin
* @since 1.0.0
*/
// Quit.
defined( 'ABSPATH' ) || exit;
// Update plugin options.
if ( ! empty( $_POST['statifyblacklist'] ) ) {
// Verify nonce.
check_admin_referer( 'statify-blacklist-settings' );
// Check user capabilities.
if ( ! current_user_can( 'manage_options' ) ) {
die( __( 'Are you sure you want to do this?' ) );
}
if ( ! empty( $_POST['cleanUp'] ) ) {
// CleanUp DB.
StatifyBlacklist_Admin::cleanup_database();
} else {
// Extract referer array.
if ( empty( trim( $_POST['statifyblacklist']['referer']['blacklist'] ) ) ) {
$referer = array();
} else {
$referer = explode( "\r\n", $_POST['statifyblacklist']['referer']['blacklist'] );
}
// Extract target array.
if ( empty( trim( $_POST['statifyblacklist']['target']['blacklist'] ) ) ) {
$target = array();
} else {
$target = explode( "\r\n", str_replace( '\\\\', '\\', $_POST['statifyblacklist']['target']['blacklist'] ) );
}
// Extract IP array.
if ( empty( trim( $_POST['statifyblacklist']['ip']['blacklist'] ) ) ) {
$ip = array();
} else {
$ip = explode( "\r\n", $_POST['statifyblacklist']['ip']['blacklist'] );
}
// Update options (data will be sanitized).
$statifyblacklist_update_result = StatifyBlacklist_Admin::update_options(
array(
'referer' => array(
'active' => (int) $_POST['statifyblacklist']['referer']['active'],
'cron' => (int) $_POST['statifyblacklist']['referer']['cron'],
'regexp' => (int) $_POST['statifyblacklist']['referer']['regexp'],
'blacklist' => array_flip( $referer ),
),
'target' => array(
'active' => (int) $_POST['statifyblacklist']['target']['active'],
'cron' => (int) $_POST['statifyblacklist']['target']['cron'],
'regexp' => (int) $_POST['statifyblacklist']['target']['regexp'],
'blacklist' => array_flip( $target ),
),
'ip' => array(
'active' => (int) $_POST['statifyblacklist']['ip']['active'],
'blacklist' => $ip,
),
'version' => StatifyBlacklist::VERSION_MAIN,
)
);
// Generate messages.
if ( false !== $statifyblacklist_update_result ) {
if ( array_key_exists( 'referer', $statifyblacklist_update_result ) ) {
$statifyblacklist_post_warning = __( 'Some URLs are invalid and have been sanitized.', 'statify-blacklist' );
} elseif ( array_key_exists( 'ip', $statifyblacklist_update_result ) ) {
// translators: List of invalid IP addresses (comma separated).
$statifyblacklist_post_warning = sprintf( __( 'Some IPs are invalid : %s', 'statify-blacklist' ), implode( ', ', $statifyblacklist_update_result['ip'] ) );
}
} else {
$statifyblacklist_post_success = __( 'Settings updated successfully.', 'statify-blacklist' );
}
} // End if().
} // End if().
?>
<div class="wrap">
<h1><?php esc_html_e( 'Statify Blacklist', 'statify-blacklist' ) ?></h1>
<?php
if ( is_plugin_inactive( 'statify/statify.php' ) ) {
print '<div class="notice notice-warning"><p>';
esc_html( 'Statify plugin is not active.' );
print '</p></div>';
}
if ( isset( $statifyblacklist_post_warning ) ) {
print '<div class="notice notice-warning"><p>' .
esc_html( $statifyblacklist_post_warning );
print '<br/>';
esc_html_e( 'Settings have not been saved yet.', 'statify-blacklist' );
print '</p></div>';
}
if ( isset( $statifyblacklist_post_success ) ) {
print '<div class="notice notice-success"><p>' .
esc_html( $statifyblacklist_post_success ) .
'</p></div>';
}
?>
<form action="" method="post" id="statify-blacklist-settings">
<fieldset>
<h2><?php esc_html_e( 'Referer blacklist', 'statify-blacklist' ); ?></h2>
<ul style="list-style: none;">
<li>
<label for="statify-blacklist_active_referer">
<input type="checkbox" name="statifyblacklist[referer][active]"
id="statifyblacklist_active_referer"
value="1" <?php checked( StatifyBlacklist::$_options['referer']['active'], 1 ); ?> />
<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
</label>
</li>
<li>
<label for="statify-blacklist_cron_referer">
<input type="checkbox" name="statifyblacklist[referer][cron]" id="statifyblacklist_cron_referer"
value="1" <?php checked( StatifyBlacklist::$_options['referer']['cron'], 1 ); ?> />
<?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?>
<small>(<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
)
</small>
</label>
</li>
<li>
<label for="statify-blacklist_referer_regexp">
<?php esc_html_e( 'Use regular expressions', 'statify-blacklist' ); ?>:
<br />
<select name="statifyblacklist[referer][regexp]" id="statifyblacklist_referer_regexp">
<option value="0" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 0 ); ?>>
<?php esc_html_e( 'Disabled', 'statify-blacklist' ); ?>
</option>
<option value="1" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 1 ); ?>>
<?php esc_html_e( 'Case-sensitive', 'statify-blacklist' ); ?>
</option>
<option value="2" <?php selected( StatifyBlacklist::$_options['referer']['regexp'], 2 ); ?>>
<?php esc_html_e( 'Case-insensitive', 'statify-blacklist' ); ?>
</option>
</select>
<small>
(<?php esc_html_e( 'Performance slower than standard filter. Recommended for cron or manual execition only.', 'statify-blacklist' ); ?>
)
</small>
</label>
</li>
<li>
<label for="statify-blacklist_referer">
<?php esc_html_e( 'Referer blacklist', 'statify-blacklist' ); ?>:<br />
<textarea cols="40" rows="5" name="statifyblacklist[referer][blacklist]" id="statify-blacklist_referer"><?php
if ( isset( $statifyblacklist_update_result['referer'] ) ) {
print esc_html( implode( "\r\n", array_keys( $statifyblacklist_update_result['referer'] ) ) );
} else {
print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$_options['referer']['blacklist'] ) ) );
}
?></textarea>
<br />
<small>
(<?php esc_html_e( 'Add one domain (without subdomains) each line, e.g. example.com', 'statify-blacklist' ); ?>
)
</small>
</label>
</li>
</ul>
</fieldset>
<fieldset>
<h2><?php esc_html_e( 'Target blacklist', 'statify-blacklist' ); ?></h2>
<ul style="list-style: none;">
<li>
<label for="statify-blacklist_active_target">
<input type="checkbox" name="statifyblacklist[target][active]"
id="statifyblacklist_active_target"
value="1" <?php checked( StatifyBlacklist::$_options['target']['active'], 1 ); ?> />
<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
</label>
</li>
<li>
<label for="statify-blacklist_cron_target">
<input type="checkbox" name="statifyblacklist[target][cron]" id="statifyblacklist_cron_target"
value="1" <?php checked( StatifyBlacklist::$_options['target']['cron'], 1 ); ?> />
<?php esc_html_e( 'CronJob execution', 'statify-blacklist' ); ?>
<small>(<?php esc_html_e( 'Clean database periodically in background', 'statify-blacklist' ); ?>
)
</small>
</label>
</li>
<li>
<label for="statify-blacklist_target_regexp">
<?php esc_html_e( 'Use regular expressions', 'statify-blacklist' ); ?>:
<br />
<select name="statifyblacklist[target][regexp]" id="statifyblacklist_target_regexp">
<option value="0" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 0 ); ?>>
<?php esc_html_e( 'Disabled', 'statify-blacklist' ); ?>
</option>
<option value="1" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 1 ); ?>>
<?php esc_html_e( 'Case-sensitive', 'statify-blacklist' ); ?>
</option>
<option value="2" <?php selected( StatifyBlacklist::$_options['target']['regexp'], 2 ); ?>>
<?php esc_html_e( 'Case-insensitive', 'statify-blacklist' ); ?>
</option>
</select>
<small>
(<?php esc_html_e( 'Performance slower than standard filter. Recommended for cron or manual execition only.', 'statify-blacklist' ); ?>
)
</small>
</label>
</li>
<li>
<label for="statify-blacklist_target">
<?php esc_html_e( 'Target blacklist', 'statify-blacklist' ); ?>:<br />
<textarea cols="40" rows="5" name="statifyblacklist[target][blacklist]" id="statify-blacklist_target"><?php
if ( isset( $statifyblacklist_update_result['target'] ) ) {
print esc_html( implode( "\r\n", array_keys( $statifyblacklist_update_result['target'] ) ) );
} else {
print esc_html( implode( "\r\n", array_keys( StatifyBlacklist::$_options['target']['blacklist'] ) ) );
}
?></textarea>
<br />
<small>
(<?php esc_html_e( 'Add one target URL each line, e.g.', 'statify-blacklist' );
print ' /, /test/page/, /?page_id=123' ?>
)
</small>
</label>
</li>
</ul>
</fieldset>
<fieldset>
<h2><?php esc_html_e( 'IP blacklist', 'statify-blacklist' ); ?></h2>
<ul style="list-style: none;">
<li>
<label for="statify-blacklist_active_ip">
<input type="checkbox" name="statifyblacklist[ip][active]" id="statifyblacklist_active_ip"
value="1" <?php checked( StatifyBlacklist::$_options['ip']['active'], 1 ); ?> />
<?php esc_html_e( 'Activate live fiter', 'statify-blacklist' ); ?>
</label>
</li>
<li>
<small>
(<?php esc_html_e( 'Cron execution is not possible for IP filter, because IP addresses are not stored.', 'statify-blacklist' ); ?>
)
</small>
</li>
<li>
<label for="statify-blacklist_ip">
<?php esc_html_e( 'IP blacklist', 'statify-blacklist' ); ?>:<br />
<textarea cols="40" rows="5" name="statifyblacklist[ip][blacklist]" id="statify-blacklist_ip"><?php
if ( isset( $statifyblacklist_update_result['ip'] ) ) {
print esc_html( $_POST['statifyblacklist']['ip']['blacklist'] );
} else {
print esc_html( implode( "\r\n", StatifyBlacklist::$_options['ip']['blacklist'] ) );
}
?></textarea>
<br />
<small>
(<?php esc_html_e( 'Add one IP address or range per line, e.g.', 'statify-blacklist' ) ?>
127.0.0.1, 192.168.123.0/24, 2001:db8:a0b:12f0::1/64
)
</small>
</label>
</li>
</ul>
</fieldset>
<?php wp_nonce_field( 'statify-blacklist-settings' ); ?>
<p class="submit">
<input class="button-primary" type="submit" name="submit" value="<?php esc_html_e( 'Save Changes' ) ?>">
<hr />
<input class="button-secondary" type="submit" name="cleanUp"
value="<?php esc_html_e( 'CleanUp Database', 'statify-blacklist' ) ?>"
onclick="return confirm('Do you really want to apply filters to database? This cannot be undone.');">
<br />
<small><?php esc_html_e( 'Applies referer and target filter (even if disabled) to data stored in database.', 'statify-blacklist' ); ?>
<em><?php esc_html_e( 'This cannot be undone!', 'statify-blacklist' ); ?></em></small>
</p>
</form>
</div>