Changeset 546266
- Timestamp:
- 05/19/2012 07:10:58 PM (12 years ago)
- Location:
- upload-scanner/trunk
- Files:
-
- 2 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
upload-scanner/trunk/class-upload-scanner-plugin.php
r514725 r546266 38 38 */ 39 39 public function settings_page() { 40 add_options_page( 'Upload Scanner Options', 'Upload Scanner', 'manage_options', 'upload-scanner-plugin', array( $this, 'plugin_options' ) ); 40 add_options_page( 41 __( 'Upload Scanner Options', 'upload-scanner' ), 42 __( 'Upload Scanner', 'upload-scanner' ), 43 'manage_options', 'upload-scanner-plugin', array( $this, 'plugin_options' ) 44 ); 41 45 } 42 46 … … 57 61 } else { 58 62 if ( !extension_loaded( 'clamav' ) ) { 59 echo '<div class="error"><p> The <a href="http://sourceforge.net/projects/php-clamav/" target="_blank">php-clamav extension</a> was not found.</p></div>';63 echo '<div class="error"><p></p></div>'; 60 64 } 61 65 if ( !$this->is_exec_enabled() ) { 62 echo '<div class="error"><p> The <a href="http://www.php.net/manual/en/function.exec.php" target="_blank">exec</a> function is disabled.</p></div>';66 echo '<div class="error"><p> 63 67 } 64 68 … … 82 86 } 83 87 if ( get_option( 'upload-scanner_onfail_log_message' ) && !$this->does_log_file_exist() ) { 84 echo '<div class="error"><p> The log file does not exist, or is not writable:' . get_option( 'upload-scanner_onfail_log_file' ) . '</p></div>';88 echo '<div class="error"><p> ' . get_option( 'upload-scanner_onfail_log_file' ) . '</p></div>'; 85 89 } 86 90 include_once( UPLOAD_SCANNER_PLUGIN_DIR . '/settings.php' ); … … 239 243 $dest = $folder . DIRECTORY_SEPARATOR . $file->name . '.quarantined-' . substr( md5( uniqid() ), -8 ); 240 244 move_uploaded_file( $file->tmp_name, $dest ); 241 $file->addMessage( "Quarantined to $dest");245 $file->addMessage(); 242 246 } 243 247 } … … 247 251 // Send 406 248 252 if ( get_option( 'upload-scanner_onfail_send_406' ) ) { 249 $report->addMessage( 'Sending 406 and stopping execution');253 $report->addMessage( ); 250 254 } 251 255 … … 256 260 // Email admin 257 261 if ( get_option( 'upload-scanner_onfail_email_admin' ) ) { 258 $report->addMessage( 'Emailing ' . get_option( 'upload-scanner_onfail_email') );259 $ret = wp_mail( get_option( 'upload-scanner_onfail_email' ), '[' . get_bloginfo( 'name' ) . '] Upload Scan Report', $report->getReport( $email_adapter ) );262 $report->addMessage( ) ); 263 $ret = wp_mail( get_option( 'upload-scanner_onfail_email' ), , $report->getReport( $email_adapter ) ); 260 264 } 261 265 -
upload-scanner/trunk/class-upload-scanner-report-printer-email.php
r514725 r546266 19 19 public function __toString() { 20 20 $report = ''; 21 $report .= 'Date: ' . date('D M jS, Y'). PHP_EOL;22 $report .= 'Time: ' . date('g:ia'). PHP_EOL;23 $report .= 'IP: ' . $_SERVER['REMOTE_ADDR']. PHP_EOL;24 $report .= 'URL: ' . $this->getCurrentURL(). PHP_EOL;21 $report .= . PHP_EOL; 22 $report .= . PHP_EOL; 23 $report .= . PHP_EOL; 24 $report .= . PHP_EOL; 25 25 $report .= PHP_EOL; 26 26 if ( count( $this->_report->getMessages() ) ) : 27 $report .= 'Messages:'. PHP_EOL;28 $report .= 27 $report .= . PHP_EOL; 28 $report .= PHP_EOL; 29 29 foreach ( $this->_report->getMessages() as $message ) : 30 $report .= " * $message". PHP_EOL;30 $report .= . PHP_EOL; 31 31 endforeach; 32 $report .= 32 $report .= PHP_EOL; 33 33 endif; 34 $report .= 'Scanned files:'. PHP_EOL;35 $report .= 34 $report .= . PHP_EOL; 35 $report .= PHP_EOL; 36 36 foreach ( $this->_report->getFiles() as $file ) : 37 $report .= ' + Original name: ' . $file->name. PHP_EOL;38 $report .= ' + Type: ' . $file->type. PHP_EOL;39 $report .= ' + Size: ' . $file->size. PHP_EOL;37 $report .= . PHP_EOL; 38 $report .= . PHP_EOL; 39 $report .= . PHP_EOL; 40 40 if ( count( $file->getMessages() ) > 0 ) : 41 $report .= ' + Messages: '. PHP_EOL;41 $report .= . PHP_EOL; 42 42 foreach ( $file->getMessages() as $message ) : 43 $report .= " * $message". PHP_EOL;43 $report .= . PHP_EOL; 44 44 endforeach; 45 45 endif; 46 $report .= 46 $report .= PHP_EOL; 47 47 endforeach; 48 $report .= 48 $report .= PHP_EOL; 49 49 return $report; 50 50 } -
upload-scanner/trunk/class-upload-scanner-report-printer-log.php
r514725 r546266 19 19 public function __toString() { 20 20 $report = ''; 21 $report .= '[' . date('Y-m-d H:i:s') . '] Upload scan:'. PHP_EOL;22 $report .= '-------------------------------------------------------' . PHP_EOL;23 $report .= 'REQUEST_URI: ' . $this->getCurrentURL() . PHP_EOL;24 $report .= 'REMOTE_ADDR: ' . $_SERVER['REMOTE_ADDR'] . PHP_EOL;25 $report .= 'SCRIPT_FILENAME: ' . $_SERVER['SCRIPT_FILENAME'] . PHP_EOL;26 $report .= '-------------------------------------------------------' . PHP_EOL;21 $report .= '[' . date('Y-m-d H:i:s') . '] . PHP_EOL; 22 $report .= '-------------------------------------------------------' . PHP_EOL; 23 $report .= 'REQUEST_URI: ' . $this->getCurrentURL() . PHP_EOL; 24 $report .= 'REMOTE_ADDR: ' . $_SERVER['REMOTE_ADDR'] . PHP_EOL; 25 $report .= 'SCRIPT_FILENAME: ' . $_SERVER['SCRIPT_FILENAME'] . PHP_EOL; 26 $report .= '-------------------------------------------------------' . PHP_EOL; 27 27 if ( count( $this->_report->getMessages() ) ) : 28 $report .= 'Messages:'. PHP_EOL;28 $report .= . PHP_EOL; 29 29 foreach ( $this->_report->getMessages() as $message ) : 30 $report .= $message . PHP_EOL;30 $report .= $message . PHP_EOL; 31 31 endforeach; 32 $report .= '-------------------------------------------------------' . PHP_EOL;32 $report .= '-------------------------------------------------------' . PHP_EOL; 33 33 endif; 34 $report .= 'Scanned files:'. PHP_EOL;35 $report .= '-------------------------------------------------------' . PHP_EOL;34 $report .= . PHP_EOL; 35 $report .= '-------------------------------------------------------' . PHP_EOL; 36 36 foreach ( $this->_report->getFiles() as $file ) : 37 $report .= 'Original name: ' . $file->name. PHP_EOL;38 $report .= 'Type: ' . $file->type. PHP_EOL;39 $report .= 'Size: ' . $file->size. PHP_EOL;37 $report .= . PHP_EOL; 38 $report .= . PHP_EOL; 39 $report .= . PHP_EOL; 40 40 foreach ( $file->getMessages() as $message ) : 41 $report .= $message . PHP_EOL;41 $report .= $message . PHP_EOL; 42 42 endforeach; 43 $report .= '-------------------------------------------------------' . PHP_EOL;43 $report .= '-------------------------------------------------------' . PHP_EOL; 44 44 endforeach; 45 45 $report .= PHP_EOL . PHP_EOL; -
upload-scanner/trunk/settings.php
r514725 r546266 8 8 <div class="wrap"> 9 9 <div id="icon-tools" class="icon32"><br/></div> 10 <h2> Upload Scanner Options</h2>10 <h2></h2> 11 11 12 12 <form id="upload-scanner-settings-form" name="upload-scanner-settings-form" method="post" action="<?php echo add_query_arg( '__action', 'save' ); ?>"> … … 14 14 <?php wp_nonce_field( 'upload-scanner-save-settings' ); ?> 15 15 16 <h3>How to scan files</h3> 17 <p>Uploaded files can be scanned using ClamAV (if installed) and a system command can be invoked. You 18 can use both of these actions together, too</p> 16 <h3><?php _e( 'How to scan files', 'upload-scanner' ); ?></h3> 17 <p><?php _e( 'Uploaded files can be scanned using ClamAV (if installed) and a system command can be invoked. You can use both of these actions together, too', 'upload-scanner' ); ?></p> 19 18 20 <h3> ClamAV Integration</h3>19 <h3></h3> 21 20 22 21 <p> 23 22 <label> 24 23 <input type="checkbox" id="upload-scanner_use_clamav" name="upload_scanner_use_clamav" <?php disabled( !extension_loaded( 'clamav' ) ); ?> <?php checked( extension_loaded( 'clamav' ) && get_option( 'upload-scanner_use_clamav' ) ); ?> /> 25 Scan uploaded files with ClamAV24 26 25 </label> 27 26 </p> 28 27 <p> 29 < strong>Tip:</strong> Test this with the <a href="http://www.eicar.org/86-0-Intended-use.html" target="_blank">EICAR test file</a>28 <> 30 29 </p> 31 30 32 <h3>System Command</h3> 33 <p>If you've chosen to invoke a system command, enter it here. You can use this section to do things 34 like log file names to syslog or send files to another malware scanner</p> 31 <h3><?php _e( 'System Command', 'upload-scanner' ); ?></h3> 32 <p><?php _e( "If you've chosen to invoke a system command, enter it here. You can use this section to do things like log file names to syslog or send files to another malware scanner", 'upload-scanner' ); ?></p> 35 33 36 34 <p> 37 35 <label> 38 36 <input type="checkbox" id="upload-scanner_use_command" name="upload_scanner_use_command" <?php disabled( !$this->is_exec_enabled() ); ?> <?php checked( $this->is_exec_enabled() && get_option( 'upload-scanner_use_command' ) ); ?> /> 39 Issue a system command for every uploaded file37 40 38 </label> 41 39 </p> 42 40 43 41 <p> 44 Use this command:<br />42 <br /> 45 43 <textarea id="upload-scanner_command" style="width: 80%; height: 75px; font-family: monospace;" name="upload_scanner_command"><?php echo htmlentities( get_option( 'upload-scanner_command' ) ); ?></textarea> 46 44 </p> 47 45 48 46 <p> 49 <strong> Command variables</strong>47 <strong></strong> 50 48 <br /> 51 The following shell variables will be available:49 52 50 <ul> 53 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILENAME</code></strong> - The original filename</li>54 <li><strong><code>$UPLOAD_SCANNER_ORIG_TEMPNAME</code></strong> - The temporary upload location</li>55 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILESIZE</code></strong> - The file size</li>56 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILETYPE</code></strong> - The mimetype of the file</li>51 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILENAME</code></strong> - </li> 52 <li><strong><code>$UPLOAD_SCANNER_ORIG_TEMPNAME</code></strong> - /li> 53 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILESIZE</code></strong> - </li> 54 <li><strong><code>$UPLOAD_SCANNER_ORIG_FILETYPE</code></strong> - </li> 57 55 </ul> 58 56 </p> 59 57 60 <h3> Remediation Actions</h3>61 <p> Tell the system what to do if ClamAV has detected a virus or if the shell command has returned exit status <code>0</code>.</p>58 <h3></h3> 59 <p></p> 62 60 63 61 <p> 64 62 <label> 65 63 <input type="checkbox" id="upload-scanner_onfail_email_admin" name="upload_scanner_onfail_email_admin" <?php checked( get_option( 'upload-scanner_onfail_email_admin' ) ); ?> /> 66 Send an e-mail64 67 65 </label> 68 66 </p> 69 67 70 68 <p> 71 <strong> Email address</strong><br />72 <input type="text" id="upload-scanner_onfail_email" name="upload_scanner_onfail_email" value="<?php echo htmlentities( get_option( 'upload-scanner_onfail_email' ) ); ?>" />69 <strong></strong><br /> 70 <input type="text" id="upload-scanner_onfail_email" name="upload_scanner_onfail_email" value="<?php echo ( get_option( 'upload-scanner_onfail_email' ) ); ?>" /> 73 71 </p> 74 72 … … 76 74 <label> 77 75 <input type="checkbox" id="upload-scanner_onfail_quarantine_file" name="upload_scanner_onfail_quarantine_file" <?php checked( get_option( 'upload-scanner_onfail_quarantine_file' ) ); ?> /> 78 Move the file to a quarantine folder76 79 77 </label> 80 78 </p> 81 79 82 80 <p> 83 <strong> Quarantine location</strong><br />84 <input type="text" id="upload-scanner_quarantine_folder" name="upload_scanner_quarantine_folder" value="<?php echo htmlentities( get_option( 'upload-scanner_quarantine_folder' ) ); ?>" />81 <strong></strong><br /> 82 <input type="text" id="upload-scanner_quarantine_folder" name="upload_scanner_quarantine_folder" value="<?php echo ( get_option( 'upload-scanner_quarantine_folder' ) ); ?>" /> 85 83 <br /> 86 <em> User "<?php echo get_current_user(); ?>" must have access to write to this folder</em>84 <em></em> 87 85 </p> 88 86 … … 90 88 <label> 91 89 <input type="checkbox" id="upload-scanner_onfail_log_message" name="upload_scanner_onfail_log_message" <?php checked( get_option( 'upload-scanner_onfail_log_message' ) ); ?> /> 92 Log a message90 93 91 </label> 94 92 </p> 95 93 96 94 <p> 97 <strong> Log file location</strong><br />98 <input type="text" id="upload-scanner_log_file" name="upload_scanner_onfail_log_file" value="<?php echo htmlentities( get_option( 'upload-scanner_onfail_log_file' ) ); ?>" />99 <a href="<?php echo add_query_arg( '__action', 'view-log' ); ?>" class="button-secondary"> View log</a>95 <strong></strong><br /> 96 <input type="text" id="upload-scanner_log_file" name="upload_scanner_onfail_log_file" value="<?php echo ( get_option( 'upload-scanner_onfail_log_file' ) ); ?>" /> 97 <a href="<?php echo add_query_arg( '__action', 'view-log' ); ?>" class="button-secondary"></a> 100 98 <br /> 101 <em> User "<?php echo get_current_user(); ?>" must have access to write to this file</em>99 <em></em> 102 100 </p> 103 101 … … 105 103 <label> 106 104 <input type="checkbox" id="upload-scanner_onfail_send_406" name="upload_scanner_onfail_send_406" <?php checked( get_option( 'upload-scanner_onfail_send_406' ) ); ?> /> 107 Send a "406 - Not Acceptable" status and stop processing the request105 108 106 </label> 109 107 </p> 110 108 111 109 <br /> 112 <input type="submit" class="button-primary" value="<?php _e( 'Save'); ?>" name="upload_scanner_submit1" id="upload-scanner-submit1" />110 <input type="submit" class="button-primary" value="<?php _e(); ?>" name="upload_scanner_submit1" id="upload-scanner-submit1" /> 113 111 </form> 114 112 </div> -
upload-scanner/trunk/upload-scanner.php
r514725 r546266 4 4 Plugin URI: https://github.com/kurtpayne/wordpress-upload-scanner-plugin 5 5 Description: Scan all uploaded files with Clam AV or any arbitrary command. 6 Version: 1. 16 Version: 1. 7 7 Author: Kurt Payne 8 8 Author URI: http://kpayne.me/ … … 11 11 12 12 define( 'UPLOAD_SCANNER_PLUGIN_DIR', dirname( realpath( __FILE__ ) ) ); 13 13 14 require_once( UPLOAD_SCANNER_PLUGIN_DIR . '/class-upload-scanner-plugin.php' ); 14 15 $upload_scanner_plugin = new Upload_Scanner_Plugin(); -
upload-scanner/trunk/view-log.php
r514725 r546266 8 8 <div class="wrap"> 9 9 <div id="icon-tools" class="icon32"><br/></div> 10 <h2> Upload Scan Log</h2>10 <h2></h2> 11 11 <textarea id="upload-scanner-view-log" name="upload_scanner_view_log" style="font-family: monospace; width: 90%; height: 500px; margin: 25px auto auto 25px;"><?php 12 12 if ( $this->does_log_file_exist() ) { … … 17 17 fclose( $fp ); 18 18 } else { 19 echo "Log file does not exist or is not readable";19 ; 20 20 } 21 21 ?></textarea> 22 22 <p> 23 <a href="<?php echo remove_query_arg( '__action' ); ?>" class="button-secondary"> Back</a>23 <a href="<?php echo remove_query_arg( '__action' ); ?>" class="button-secondary"></a> 24 24 </p> 25 25 </div>
Note: See TracChangeset
for help on using the changeset viewer.