<?php
/**
* Statify Filter: StatifyBlacklist_Admin class
*
* This file contains the derived class for the plugin's administration features.
*
* @package Statify_Blacklist
* @subpackge Admin
* @since 1.0.0
*/
// Quit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Statify Filter admin configuration.
*
* @since 1.0.0
*/
class StatifyBlacklist_Admin extends StatifyBlacklist {
/**
* Initialize admin-only components of the plugin.
*
* @since 1.5.0
*
* @return void
*/
public static function init() {
// Add actions.
add_action( 'wpmu_new_blog', array( 'StatifyBlacklist_System', 'install_site' ) );
add_action( 'delete_blog', array( 'StatifyBlacklist_System', 'uninstall_site' ) );
add_filter( 'plugin_row_meta', array( 'StatifyBlacklist_Admin', 'plugin_meta_link' ), 10, 2 );
if ( self::$multisite ) {
add_action( 'network_admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter(
'network_admin_plugin_action_links',
array(
'StatifyBlacklist_Admin',
'plugin_actions_links',
),
10,
2
);
} else {
add_action( 'admin_menu', array( 'StatifyBlacklist_Admin', 'add_menu_page' ) );
add_filter( 'plugin_action_links', array( 'StatifyBlacklist_Admin', 'plugin_actions_links' ), 10, 2 );
}
}
/**
* Update options.
*
* @since 1.1.1
*
* @param array $options Optional. New options to save.
*
* @return array|bool array of sanitized array on errors, FALSE if there were none.
*/
public static function update_options( $options = null ) {
if ( isset( $options ) && current_user_can( 'manage_options' ) ) {
// Sanitize referer list.
$given_referer = $options['referer']['blacklist'];
$invalid_referer = array();
if ( self::MODE_NORMAL === $options['referer']['regexp'] ) {
// Sanitize URLs and remove empty inputs.
$sanitized_referer = self::sanitize_urls( $given_referer );
} elseif ( self::MODE_REGEX === $options['referer']['regexp'] || self::MODE_REGEX_CI === $options['referer']['regexp'] ) {
$sanitized_referer = $given_referer;
// Check regular expressions.
$invalid_referer = self::sanitize_regex( $given_referer );
} else {
$sanitized_referer = $given_referer;
}
// Sanitize target list.
$given_target = $options['target']['blacklist'];
$invalid_target = array();
if ( self::MODE_REGEX === $options['target']['regexp'] || self::MODE_REGEX_CI === $options['target']['regexp'] ) {
$sanitized_target = $given_target;
// Check regular expressions.
$invalid_target = self::sanitize_regex( $given_target );
} else {
$sanitized_target = $given_target;
}
// Sanitize IPs and subnets and remove empty inputs.
$given_ip = $options['ip']['blacklist'];
$sanitized_ip = self::sanitize_ips( $given_ip );
// Abort on errors.
$errors = array(
'referer' => array(
'sanitized' => $sanitized_referer,
'diff' => array_diff( $given_referer, $sanitized_referer ),
'invalid' => $invalid_referer,
),
'target' => array(
'sanitized' => $sanitized_target,
'diff' => array_diff( $given_target, $sanitized_target ),
'invalid' => $invalid_target,
),
'ip' => array(
'sanitized' => $sanitized_ip,
'diff' => array_diff( $given_ip, $sanitized_ip ),
),
);
if ( ! empty( $errors['referer']['diff'] )
|| ! empty( $errors['referer']['invalid'] )
|| ! empty( $errors['target']['diff'] )
|| ! empty( $errors['target']['invalid'] )
|| ! empty( $errors['ip']['diff'] ) ) {
return $errors;
}
// Update database on success.
if ( self::$multisite ) {
update_site_option( 'statify-blacklist', $options );
} else {
update_option( 'statify-blacklist', $options );
}
}
// Refresh options.
parent::update_options( $options );
return false;
}
/**
* Add configuration page to admin menu.
*
* @since 1.0.0
*/
public static function add_menu_page() {
$title = __( 'Statify Filter', 'statify-blacklist' );
if ( self::$multisite ) {
add_submenu_page(
'settings.php',
$title,
$title,
'manage_network_plugins',
'statify-blacklist-settings',
array(
'StatifyBlacklist_Admin',
'settings_page',
)
);
} else {
add_submenu_page(
'options-general.php',
$title,
$title,
'manage_options',
'statify-blacklist',
array(
'StatifyBlacklist_Admin',
'settings_page',
)
);
}
}
/**
* Include the Statify-Blacklist settings page.
*
* @since 1.0.0
*/
public static function settings_page() {
include STATIFYBLACKLIST_DIR . '/views/settings-page.php';
}
/**
* Add plugin meta links
*
* @since 1.0.0
*
* @param array $links Registered links.
* @param string $file The filename.
*
* @return array Merged links.
*/
public static function plugin_meta_link( $links, $file ) {
if ( STATIFYBLACKLIST_BASE === $file ) {
$links[] = '<a href="https://github.com/stklcode/statify-blacklist">GitHub</a>';
}
return $links;
}
/**
* Add plugin action links.
*
* @since 1.0.0
*
* @param array $links Registered links.
* @param string $file The filename.
*
* @return array Merged links.
*/
public static function plugin_actions_links( $links, $file ) {
$base = self::$multisite ? network_admin_url( 'settings.php' ) : admin_url( 'options-general.php' );
if ( STATIFYBLACKLIST_BASE === $file && current_user_can( 'manage_options' ) ) {
array_unshift(
$links,
sprintf( '<a href="%s">%s</a>', esc_attr( add_query_arg( 'page', 'statify-blacklist', $base ) ), __( 'Settings', 'statify-blacklist' ) )
);
}
return $links;
}
/**
* Filter database for cleanup.
*
* @since 1.1.0
*
* @global wpdb $wpdb WordPress database.
*/
public static function cleanup_database() {
// Check user permissions.
if ( ! current_user_can( 'manage_options' ) && ! ( defined( 'DOING_CRON' ) && DOING_CRON ) ) {
die( esc_html__( 'Are you sure you want to do this?', 'statify-blacklist' ) );
}
if ( defined( 'DOING_CRON' ) && DOING_CRON ) {
$clean_ref = ( 1 === self::$options['referer']['cron'] );
$clean_trg = ( 1 === self::$options['target']['cron'] );
} else {
$clean_ref = true;
$clean_trg = true;
}
if ( $clean_ref ) {
if ( isset( self::$options['referer']['regexp'] ) && self::$options['referer']['regexp'] > 0 ) {
// Merge given regular expressions into one.
$referer_regexp = implode( '|', array_keys( self::$options['referer']['blacklist'] ) );
} else {
// Sanitize URLs.
$referer = self::sanitize_urls( self::$options['referer']['blacklist'] );
// Build filter regexp.
$referer_regexp = str_replace( '.', '\.', implode( '|', array_flip( $referer ) ) );
}
}
if ( $clean_trg ) {
if ( isset( self::$options['target']['regexp'] ) && self::$options['target']['regexp'] > 0 ) {
// Merge given regular expressions into one.
$target_regexp = implode( '|', array_keys( self::$options['target']['blacklist'] ) );
} else {
// Build filter regexp.
$target_regexp = str_replace( '.', '\.', implode( '|', array_flip( self::$options['target']['blacklist'] ) ) );
}
}
if ( ! empty( $referer_regexp ) || ! empty( $target_regexp ) ) {
global $wpdb;
// Execute filter on database.
// phpcs:disable WordPress.DB.PreparedSQL.NotPrepared -- These statements produce warnings, rework in future release (TODO).
if ( ! empty( $referer_regexp ) ) {
$wpdb->query(
$wpdb->prepare(
"DELETE FROM `$wpdb->statify` WHERE "
. ( ( 1 === self::$options['referer']['regexp'] ) ? ' BINARY ' : '' )
. 'referrer REGEXP %s',
$referer_regexp
)
);
}
if ( ! empty( $target_regexp ) ) {
$wpdb->query(
$wpdb->prepare(
"DELETE FROM `$wpdb->statify` WHERE "
. ( ( 1 === self::$options['target']['regexp'] ) ? ' BINARY ' : '' )
. 'target REGEXP %s',
$target_regexp
)
);
}
// phpcs:enable WordPress.DB.PreparedSQL.NotPrepared
// Optimize DB.
$wpdb->query( "OPTIMIZE TABLE `$wpdb->statify`" );
// Delete transient statify data.
delete_transient( 'statify_data' );
}
}
/**
* Sanitize URLs and remove empty results.
*
* @since 1.1.1
*
* @param array $urls given array of URLs.
*
* @return array sanitized array.
*/
private static function sanitize_urls( $urls ) {
return array_flip(
array_filter(
array_map(
function ( $r ) {
return preg_replace( '/[^\da-z\.-]/i', '', filter_var( $r, FILTER_SANITIZE_URL ) );
},
array_flip( $urls )
)
)
);
}
/**
* Sanitize IP addresses with optional CIDR notation and remove empty results.
*
* @since 1.4.0
*
* @param array $ips given array of URLs.
*
* @return array sanitized array.
*/
private static function sanitize_ips( $ips ) {
return array_filter(
array_map( 'strtolower', $ips ),
function ( $ip ) {
return preg_match(
'/^((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/',
$ip
) ||
preg_match(
'/^(([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}' .
'|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}' .
'|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}' .
'|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)' .
'|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]' .
'|1?[0-9])?[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9]))' .
'(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/i',
$ip
);
}
);
}
/**
* Validate regular expressions, i.e. remove duplicates and empty values and validate others.
*
* @since 1.5.0 #13
*
* @param array $expressions Given pre-sanitized array of regular expressions.
*
* @return array Array of invalid expressions.
*/
private static function sanitize_regex( $expressions ) {
return array_filter(
array_flip( $expressions ),
function ( $re ) {
// Check of preg_match() fails (warnings suppressed).
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
return false === @preg_match( StatifyBlacklist::regex( $re, false ), null );
}
);
}
}