488 lines
15 KiB
PHP
488 lines
15 KiB
PHP
<?php
|
|
/**
|
|
* Manager: Alert Formatter Class
|
|
*
|
|
* Class file for alert formatter.
|
|
*
|
|
* @since 4.2.1
|
|
* @package wsal
|
|
*/
|
|
|
|
// Exit if accessed directly.
|
|
if ( ! defined( 'ABSPATH' ) ) {
|
|
exit;
|
|
}
|
|
|
|
use WSAL\Helpers\WP_Helper;
|
|
use WSAL\MainWP\MainWP_Helper;
|
|
use WSAL\Entities\Metadata_Entity;
|
|
use WSAL\Entities\Occurrences_Entity;
|
|
|
|
/**
|
|
* WSAL_AlertFormatter class.
|
|
*
|
|
* Class for handling the formatting of alert message/UI widget in different contexts.
|
|
*
|
|
* Formatting rules are given by given formatter configuration.
|
|
*
|
|
* @package wsal
|
|
* @since 4.2.1
|
|
*/
|
|
final class WSAL_AlertFormatter {
|
|
|
|
/**
|
|
* Plugin instance.
|
|
*
|
|
* @var WpSecurityAuditLog
|
|
*/
|
|
protected $plugin;
|
|
|
|
/**
|
|
* Alert formatter configuration.
|
|
*
|
|
* @var WSAL_AlertFormatterConfiguration
|
|
*/
|
|
private $configuration;
|
|
|
|
/**
|
|
* Constructor.
|
|
*
|
|
* @param WpSecurityAuditLog $plugin Plugin instance.
|
|
* @param WSAL_AlertFormatterConfiguration $configuration Alert formatter configuration.
|
|
*/
|
|
public function __construct( $plugin, $configuration ) {
|
|
$this->plugin = $plugin;
|
|
$this->configuration = $configuration;
|
|
|
|
add_filter( 'wsal_truncate_alert_value', array( __CLASS__, 'data_truncate' ), 10, 4 );
|
|
}
|
|
|
|
/**
|
|
* Gets the end of line character sequence.
|
|
*
|
|
* @return string End of line character sequence.
|
|
*/
|
|
public function get_end_of_line() {
|
|
return $this->configuration->get_end_of_line();
|
|
}
|
|
|
|
/**
|
|
* Updates the end of line character sequence.
|
|
*
|
|
* @param string $value End of line character sequence.
|
|
*
|
|
* @return WSAL_AlertFormatterConfiguration
|
|
*/
|
|
public function set_end_of_line( $value ) {
|
|
return $this->configuration->set_end_of_line( $value );
|
|
}
|
|
|
|
/**
|
|
* Formats given meta expression.
|
|
*
|
|
* @param string $expression Meta expression including the surrounding percentage chars.
|
|
* @param string $value Meta value.
|
|
* @param int|null $occurrence_id Occurrence ID. Only present if the event was already written to the database.
|
|
* @param array $metadata Meta data.
|
|
* @param bool $wrap Should metadata be wrapped in highlighted markup.
|
|
*
|
|
* @return false|mixed|string|void|WP_Error
|
|
*
|
|
* @since 4.2.1
|
|
*/
|
|
public function format_meta_expression( $expression, $value, $occurrence_id = null, $metadata = array(), $wrap = true ) {
|
|
|
|
$value = apply_filters( 'wsal_truncate_alert_value', $value, $expression, $this->configuration->get_max_meta_value_length(), $this->configuration->get_ellipses_sequence() );
|
|
|
|
switch ( true ) {
|
|
case '%Message%' === $expression:
|
|
return esc_html( $value );
|
|
|
|
case '%MetaLink%' === $expression:
|
|
// NULL value check is here because events related to user meta fields didn't have the MetaLink meta prior to version 4.3.2.
|
|
if ( $this->configuration->is_js_in_links_allowed() && 'NULL' !== $value ) {
|
|
$label = __( 'Exclude custom field from the monitoring', 'wp-security-audit-log' );
|
|
$result = "<a href=\"#\" data-object-type='{$metadata['Object']}' data-disable-custom-nonce='" . wp_create_nonce( 'disable-custom-nonce' . $value ) . "' onclick=\"return WsalDisableCustom(this, '" . $value . "');\"> {$label}</a>";
|
|
|
|
return $this->wrap_in_hightlight_markup( $result, true );
|
|
}
|
|
|
|
return '';
|
|
|
|
case in_array( $expression, array( '%path%', '%old_path%', '%FilePath%' ), true ):
|
|
// Concatenate directory and file paths.
|
|
if ( $this->configuration->is_js_in_links_allowed() ) {
|
|
$result = '<strong><span>' . $value . '</span>'; // phpcs:ignore
|
|
$result .= "<a href=\"#\" data-shortened-text='{$value}'>" . $this->configuration->get_ellipses_sequence() . "</a></strong>"; // phpcs:ignore
|
|
|
|
return $result;
|
|
}
|
|
|
|
return $value;
|
|
|
|
case in_array( $expression, array( '%MetaValue%', '%MetaValueOld%', '%MetaValueNew%' ), true ):
|
|
// Trim the meta value to the maximum length and append configured ellipses sequence.
|
|
$result = $value;
|
|
|
|
return $this->wrap_in_hightlight_markup( $result );
|
|
|
|
case '%ClientIP%' === $expression:
|
|
case '%IPAddress%' === $expression:
|
|
if ( is_string( $value ) ) {
|
|
$sanitized_ips = str_replace(
|
|
array(
|
|
'"',
|
|
'[',
|
|
']',
|
|
),
|
|
'',
|
|
$value
|
|
);
|
|
|
|
return $this->wrap_in_hightlight_markup( $sanitized_ips );
|
|
} else {
|
|
return $this->wrap_in_emphasis_markup( __( 'unknown', 'wp-security-audit-log' ) );
|
|
}
|
|
|
|
case '%PostUrlIfPlublished%' === $expression:
|
|
$post_id = null;
|
|
if ( is_array( $metadata ) && array_key_exists( 'PostID', $metadata ) ) {
|
|
$post_id = $metadata['PostID'];
|
|
} else {
|
|
$post_id = $this->get_occurrence_meta_item( $occurrence_id, 'PostID' );
|
|
}
|
|
|
|
$occurrence_data = Occurrences_Entity::load( 'id = %d', array( $occurrence_id ) );
|
|
|
|
if ( isset( $occurrence_data ) && isset( $occurrence_data['site_id'] ) ) {
|
|
if ( MainWP_Helper::SET_SITE_ID_NUMBER < $occurrence_data['site_id'] ) {
|
|
if ( isset( $metadata['PostUrl'] ) ) {
|
|
return $metadata['PostUrl'];
|
|
} else {
|
|
return '';
|
|
}
|
|
}
|
|
}
|
|
|
|
$occ_post = ! is_null( $post_id ) ? get_post( $post_id ) : null;
|
|
if ( null !== $occ_post && 'publish' === $occ_post->post_status ) {
|
|
return get_permalink( $occ_post->ID );
|
|
}
|
|
|
|
return '';
|
|
|
|
case '%MenuUrl%' === $expression:
|
|
$menu_id = null;
|
|
if ( 0 === $occurrence_id && is_array( $metadata ) && array_key_exists( 'MenuID', $metadata ) ) {
|
|
$menu_id = $metadata['MenuID'];
|
|
} else {
|
|
$menu_id = $this->get_occurrence_meta_item( $occurrence_id, 'MenuID' );
|
|
}
|
|
if ( null !== $menu_id ) {
|
|
return add_query_arg(
|
|
array(
|
|
'action' => 'edit',
|
|
'menu' => $menu_id,
|
|
),
|
|
admin_url( 'nav-menus.php' )
|
|
);
|
|
}
|
|
|
|
return '';
|
|
|
|
case '%Attempts%' === $expression: // Failed login attempts.
|
|
$check_value = (int) $value;
|
|
if ( 0 === $check_value ) {
|
|
return '';
|
|
} else {
|
|
return $value;
|
|
}
|
|
|
|
case '%Users%' === $expression: // Failed login attempts.
|
|
if ( isset( $metadata['Users'] ) && is_array( $metadata['Users'] ) ) {
|
|
if ( empty( $metadata['Users'] ) ) {
|
|
return 'Unknown username';
|
|
}
|
|
return $metadata['Users'][0];
|
|
} elseif ( isset( $metadata['Users'] ) ) {
|
|
return $metadata['Users'];
|
|
} else {
|
|
return 'Unknown username';
|
|
}
|
|
$check_value = (int) $value;
|
|
if ( 0 === $check_value ) {
|
|
return '';
|
|
} else {
|
|
return $metadata['Users'][0];
|
|
}
|
|
|
|
case '%LogFileText%' === $expression: // Failed login file text.
|
|
if ( $this->configuration->is_js_in_links_allowed() ) {
|
|
$result = '<a href="javascript:;" onclick="download_failed_login_log( this )" data-download-nonce="' . esc_attr( wp_create_nonce( 'wsal-download-failed-logins' ) ) . '" title="' . esc_html__( 'Download the log file.', 'wp-security-audit-log' ) . '">' . esc_html__( 'Download the log file.', 'wp-security-audit-log' ) . '</a>';
|
|
|
|
return $this->wrap_in_hightlight_markup( $result, true );
|
|
}
|
|
|
|
return '';
|
|
|
|
case in_array( $expression, array( '%PostStatus%', '%ProductStatus%' ), true ):
|
|
$result = ( ! empty( $value ) && 'publish' === $value ) ? __( 'published', 'wp-security-audit-log' ) : $value;
|
|
|
|
return $this->wrap_in_hightlight_markup( $result );
|
|
|
|
case '%multisite_text%' === $expression:
|
|
if ( WP_Helper::is_multisite() && $value ) {
|
|
$site_info = get_blog_details( $value, true );
|
|
if ( $site_info ) {
|
|
$site_url = $site_info->siteurl;
|
|
|
|
return ' on site ' . $this->format_link( $expression, $site_info->blogname, $site_url );
|
|
}
|
|
}
|
|
|
|
return '';
|
|
|
|
case '%ReportText%' === $expression:
|
|
case '%ChangeText%' === $expression:
|
|
return '';
|
|
|
|
case '%TableNames%' === $expression:
|
|
$value = str_replace( ',', ', ', $value );
|
|
|
|
return $this->wrap_in_hightlight_markup( esc_html( $value ) );
|
|
|
|
case '%LineBreak%' === $expression:
|
|
return $this->configuration->get_end_of_line();
|
|
|
|
case '%PluginFile%' === $expression:
|
|
return $this->wrap_in_hightlight_markup( dirname( $value ) );
|
|
|
|
case '%OldVersion%' === $expression:
|
|
$return = ( $value !== 'NULL' ) ? $value : esc_html__( 'Upgrade event prior to WP Activity Log 5.0.0.', 'wp-security-audit-log' );
|
|
return $this->wrap_in_hightlight_markup( $return );
|
|
|
|
default:
|
|
/**
|
|
* Allows meta formatting via filter if no match was found.
|
|
*
|
|
* @param string $expression Meta expression including the surrounding percentage chars.
|
|
* @param string $value Meta value.
|
|
*
|
|
* @deprecated 4.3.0 Use 'wsal_format_custom_meta' instead.
|
|
*/
|
|
$result = apply_filters_deprecated(
|
|
'wsal_meta_formatter_custom_formatter',
|
|
array(
|
|
$value,
|
|
$expression,
|
|
),
|
|
'WSAL 4.3.0',
|
|
'wsal_format_custom_meta'
|
|
);
|
|
|
|
/**
|
|
* Allows meta formatting via filter if no match was found. Runs after the legacy filter 'wsal_meta_formatter_custom_formatter' that is kept for backwards compatibility.
|
|
*
|
|
* @param string $value Meta value.
|
|
* @param string $expression Meta expression including the surrounding percentage chars.
|
|
* @param WSAL_AlertFormatter $this Alert formatter class.
|
|
* @param int|null $occurrence_id Occurrence ID. Only present if the event was already written to the database. Default null.
|
|
*
|
|
* @since 4.3.0
|
|
*/
|
|
// Ensure result is wrapped as expected.
|
|
if ( $wrap ) {
|
|
$result = $this->wrap_in_hightlight_markup( $result );
|
|
}
|
|
|
|
return apply_filters( 'wsal_format_custom_meta', $result, $expression, $this, $occurrence_id );
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Truncates the data to a specific number of characters.
|
|
*
|
|
* @param mixed $value - The value to be truncated.
|
|
* @param string $expression - The expression for that value.
|
|
* @param integer $length - Number of characters to truncate to.
|
|
* @param string $ellipses_sequence - The sequence of ellipses suffix.
|
|
*
|
|
* @return string|mixed
|
|
*
|
|
* @since 4.4.2.1
|
|
*/
|
|
public static function data_truncate( $value, $expression, $length = 50, $ellipses_sequence = '...' ) {
|
|
|
|
switch ( $expression ) {
|
|
case '%path%':
|
|
case '%old_path%':
|
|
case '%FilePath%':
|
|
if ( mb_strlen( $value ) > $length ) {
|
|
$value = mb_substr( $value, 0, $length ); // phpcs:ignore
|
|
}
|
|
break;
|
|
case '%MetaValue%':
|
|
case '%MetaValueOld%':
|
|
case '%MetaValueNew%':
|
|
$value = mb_strlen( $value ) > $length ? ( mb_substr( $value, 0, $length ) . $ellipses_sequence ) : $value;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
|
|
return $value;
|
|
}
|
|
|
|
/**
|
|
* Wraps given value in highlight markup.
|
|
*
|
|
* For example meta values displayed as <strong>{meta value}</strong> in the WP admin UI.
|
|
*
|
|
* @param string $value Value.
|
|
* @param bool $no_esc - Do we need to escape the html in the message.
|
|
*
|
|
* @return string
|
|
*/
|
|
public function wrap_in_hightlight_markup( $value, $no_esc = false ) {
|
|
if ( ! $no_esc ) {
|
|
$value = esc_html( $value );
|
|
}
|
|
|
|
return $this->configuration->get_highlight_start_tag() . $value . $this->configuration->get_highlight_end_tag();
|
|
}
|
|
|
|
/**
|
|
* Wraps given value in emphasis markup.
|
|
*
|
|
* For example an unknown IP address is displayed as <i>unknown</i> in the WP admin UI.
|
|
*
|
|
* @param string $value Value.
|
|
*
|
|
* @return string
|
|
*/
|
|
public function wrap_in_emphasis_markup( $value ) {
|
|
return $this->configuration->get_emphasis_start_tag() . $value . $this->configuration->get_emphasis_end_tag();
|
|
}
|
|
|
|
/**
|
|
* Helper function to get meta value from an occurrence.
|
|
*
|
|
* @param int $occurrence_id Occurrence ID.
|
|
* @param string $meta_key Meta key.
|
|
*
|
|
* @return mixed|null Meta value if exists. Otherwise null
|
|
* @since 4.2.1
|
|
*/
|
|
private function get_occurrence_meta_item( $occurrence_id, $meta_key ) {
|
|
// get values needed.
|
|
$meta_result = Metadata_Entity::load_by_name_and_occurrence_id( $meta_key, $occurrence_id );
|
|
|
|
return isset( $meta_result['value'] ) ? maybe_unserialize( $meta_result['value'] ) : null;
|
|
}
|
|
|
|
/**
|
|
* Handles formatting of hyperlinks in the event messages.
|
|
*
|
|
* Contains:
|
|
* - check for empty values
|
|
* - check if the link is disabled
|
|
* - optional URL processing
|
|
*
|
|
* @param string $url URL.
|
|
* @param string $label Label.
|
|
* @param string $title Title.
|
|
* @param string $target Target attribute.
|
|
*
|
|
* @return string
|
|
* @see process_url())
|
|
*/
|
|
public function format_link( $url, $label, $title = '', $target = '_blank' ) {
|
|
// Check for empty values.
|
|
if ( null === $url || empty( $url ) ) {
|
|
return '';
|
|
}
|
|
|
|
$processed_url = $this->process_url( $url );
|
|
$result = $this->build_link_markup( $processed_url, $label, $title, $target );
|
|
|
|
return $this->wrap_in_hightlight_markup( $result, true );
|
|
}
|
|
|
|
/**
|
|
* Override this method to process the raw URL value in a subclass.
|
|
*
|
|
* An example would be URL shortening or adding tracking params to all or selected URL.
|
|
*
|
|
* Default implementation returns URL as is.
|
|
*
|
|
* @param string $url URL.
|
|
*
|
|
* @return string
|
|
*/
|
|
protected function process_url( $url ) {
|
|
return $url;
|
|
}
|
|
|
|
/**
|
|
* Override this method in subclass to format hyperlinks differently.
|
|
*
|
|
* Default implementation returns HTML A tag. Only implementation at the moment. We used to have Slack as well, but
|
|
* we moved to a different implementation. Introducing another link markup would require adding link format with
|
|
* placeholders to the formatter configuration.
|
|
*
|
|
* @param string $url URL.
|
|
* @param string $label Label.
|
|
* @param string $title Title.
|
|
* @param string $target Target attribute.
|
|
*
|
|
* @return string
|
|
*/
|
|
protected function build_link_markup( $url, $label, $title = '', $target = '_blank' ) {
|
|
$title = empty( $title ) ? $label : $title;
|
|
if ( $this->configuration->can_use_html_markup_for_links() ) {
|
|
return '<a href="' . esc_url( $url ) . '" title="' . $title . '" target="' . $target . '">' . $label . '</a>';
|
|
}
|
|
|
|
return $label . ': ' . esc_url( $url );
|
|
}
|
|
|
|
/**
|
|
* Checks if formatter supports hyperlinks.
|
|
*
|
|
* @return bool True if formatter supports hyperlinks.
|
|
*/
|
|
public function supports_hyperlinks() {
|
|
return $this->configuration->is_supports_hyperlinks();
|
|
}
|
|
|
|
/**
|
|
* Checks if the formatter supports metadata.
|
|
*
|
|
* @return bool True if formatter supports metadata.
|
|
*/
|
|
public function supports_metadata() {
|
|
return $this->configuration->is_supports_metadata();
|
|
}
|
|
|
|
/**
|
|
* Message for some events contains HTML tags for highlighting certain parts of the message.
|
|
*
|
|
* This function replaces the original HTML tags with the correct highlight tags.
|
|
*
|
|
* It also strips any additional HTML tags apart from hyperlink and an end of line to support legacy messages.
|
|
*
|
|
* @param string $message Message text.
|
|
*
|
|
* @return string
|
|
*/
|
|
public function process_html_tags_in_message( $message ) {
|
|
$result = preg_replace(
|
|
array( '/<strong>/', '/<\/strong>/' ),
|
|
array( $this->configuration->get_highlight_start_tag(), $this->configuration->get_highlight_end_tag() ),
|
|
$message
|
|
);
|
|
|
|
return strip_tags( $result, $this->configuration->get_tags_allowed_in_message() );
|
|
}
|
|
}
|