1 | <?php
|
---|
2 |
|
---|
3 | list ($iImpactLog, $iImpactBlock) = bx_sys_security_get_impact_threshold ();
|
---|
4 |
|
---|
5 | if (-1 != $iImpactLog || -1 != $iImpactBlock) {
|
---|
6 |
|
---|
7 | if (version_compare(phpversion(), '5.1.6', '>=')) {
|
---|
8 |
|
---|
9 | set_include_path (
|
---|
10 | get_include_path()
|
---|
11 | . PATH_SEPARATOR
|
---|
12 | . BX_DIRECTORY_PATH_PLUGINS . 'phpids/'
|
---|
13 | );
|
---|
14 |
|
---|
15 | require_once 'IDS/Init.php';
|
---|
16 | $request = array(
|
---|
17 | 'REQUEST' => $_REQUEST,
|
---|
18 | 'GET' => $_GET,
|
---|
19 | 'POST' => $_POST,
|
---|
20 | 'COOKIE' => $_COOKIE,
|
---|
21 | 'PHP_SELF' => $_SERVER['PHP_SELF'],
|
---|
22 | );
|
---|
23 | $init = IDS_Init::init(BX_DIRECTORY_PATH_PLUGINS . 'phpids/IDS/Config/Config.ini');
|
---|
24 | $init->config['General']['base_path'] = BX_DIRECTORY_PATH_PLUGINS . 'phpids/IDS/';
|
---|
25 | $init->config['General']['use_base_path'] = true;
|
---|
26 | $init->config['General']['tmp_path'] = '../../../tmp/';
|
---|
27 | $init->config['Caching']['path'] = '../../../tmp/default_filter.cache';
|
---|
28 |
|
---|
29 |
|
---|
30 | if (defined('BX_SECURITY_JSON') && is_array($aBxSecurityJSON)) {
|
---|
31 | $init->config['General']['json'] = array_merge ($init->config['General']['json'], $aBxSecurityJSON);
|
---|
32 | }
|
---|
33 | $init->config['General']['json'] = array_merge($init->config['General']['json'], bx_sys_security_get_fields ('json'));
|
---|
34 |
|
---|
35 |
|
---|
36 | if (defined('BX_SECURITY_HTML') && is_array($aBxSecurityHTML)) {
|
---|
37 | $init->config['General']['html'] = array_merge ($init->config['General']['html'], $aBxSecurityHTML);
|
---|
38 | }
|
---|
39 | $init->config['General']['html'] = array_merge($init->config['General']['html'], bx_sys_security_get_fields ('html'));
|
---|
40 |
|
---|
41 |
|
---|
42 | if (defined('BX_SECURITY_EXCEPTIONS') && is_array($aBxSecurityExceptions)) {
|
---|
43 | $init->config['General']['exceptions'] = array_merge ($init->config['General']['exceptions'], $aBxSecurityExceptions);
|
---|
44 | }
|
---|
45 | $init->config['General']['exceptions'] = array_merge($init->config['General']['exceptions'], bx_sys_security_get_fields ('exceptions'));
|
---|
46 |
|
---|
47 |
|
---|
48 | $init->config['General']['HTML_Purifier_Path'] = BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php';
|
---|
49 | $init->config['General']['HTML_Purifier_Cache'] = '../../htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/';
|
---|
50 |
|
---|
51 | $ids = new IDS_Monitor($request, $init);
|
---|
52 | $result = $ids->run();
|
---|
53 |
|
---|
54 |
|
---|
55 | if (!$result->isEmpty() && $result->getImpact() >= $iImpactLog) {
|
---|
56 |
|
---|
57 | require_once( BX_DIRECTORY_PATH_CLASSES . "BxDolService.php" );
|
---|
58 | require_once( BX_DIRECTORY_PATH_INC . 'design.inc.php' );
|
---|
59 | require_once( BX_DIRECTORY_PATH_INC . 'db.inc.php' );
|
---|
60 | require_once( BX_DIRECTORY_PATH_INC . 'utils.inc.php' );
|
---|
61 | $s = (string)$result;
|
---|
62 | $s .= "\nREMOTE_ADDR: " . $_SERVER['REMOTE_ADDR'];
|
---|
63 | $s .= "\nHTTP_X_FORWARDED_FOR: " . $_SERVER['HTTP_X_FORWARDED_FOR'];
|
---|
64 | $s .= "\nHTTP_CLIENT_IP: " . $_SERVER['HTTP_CLIENT_IP'];
|
---|
65 | $s .= "\nSCRIPT_FILENAME: " . $_SERVER['SCRIPT_FILENAME'];
|
---|
66 | $s .= "\nQUERY_STRING: " . $_SERVER['QUERY_STRING'];
|
---|
67 | $s .= "\nREQUEST_URI: " . $_SERVER['REQUEST_URI'];
|
---|
68 | $s .= "\nQUERY_STRING: " . $_SERVER['QUERY_STRING'];
|
---|
69 | $s .= "\nSCRIPT_NAME: " . $_SERVER['SCRIPT_NAME'];
|
---|
70 | $s .= "\nPHP_SELF: " . $_SERVER['PHP_SELF'];
|
---|
71 | if ($result->getImpact() >= $iImpactBlock) {
|
---|
72 | sendMail($GLOBALS['site']['bugReportMail'], $GLOBALS['site']['url'] . ' - security attack was stopped!', $s, 0, array(), 'text');
|
---|
73 | echo 'Possible security attack!!! All data has been collected and sent to the site owner for analysis.';
|
---|
74 | exit;
|
---|
75 | } else {
|
---|
76 | sendMail($GLOBALS['site']['bugReportMail'], $GLOBALS['site']['url'] . ' - possible security attack!', $s, 0, array(), 'text');
|
---|
77 | }
|
---|
78 | }
|
---|
79 | } else {
|
---|
80 | echo 'Site security module is disabled, please upgrade to php 5.1.6 or higher to make your site secure.';
|
---|
81 | }
|
---|
82 | }
|
---|
83 |
|
---|
84 | function bx_sys_security_get_fields ($sType) {
|
---|
85 | switch ($sType) {
|
---|
86 | case 'html':
|
---|
87 | case 'json':
|
---|
88 | case 'exceptions':
|
---|
89 | break;
|
---|
90 | default:
|
---|
91 | return array();
|
---|
92 | }
|
---|
93 |
|
---|
94 | $sCacheFile = BX_DIRECTORY_PATH_CACHE . "db_sys_{$sType}_fields.php";
|
---|
95 | if (!file_exists($sCacheFile)) {
|
---|
96 | require_once( BX_DIRECTORY_PATH_INC . 'db.inc.php' );
|
---|
97 | $mixedVar = $GLOBALS['MySQL']->fromCache ("sys_{$sType}_fields", 'getOne', "SELECT `VALUE` FROM `sys_options` WHERE `Name` = 'sys_{$sType}_fields' LIMIT 1");
|
---|
98 | } else {
|
---|
99 | include $sCacheFile;
|
---|
100 | }
|
---|
101 | $mixedVar = unserialize ($mixedVar);
|
---|
102 | if (!$mixedVar || !is_array($mixedVar))
|
---|
103 | return array ();
|
---|
104 | $a = array ();
|
---|
105 | foreach ($mixedVar as $r)
|
---|
106 | $a = array_merge ($a, $r);
|
---|
107 | return $a;
|
---|
108 | }
|
---|
109 |
|
---|
110 | function bx_sys_security_get_impact_threshold () {
|
---|
111 | $sCacheFile = BX_DIRECTORY_PATH_CACHE . "sys_options.php";
|
---|
112 | if (!file_exists($sCacheFile)) {
|
---|
113 | require_once( BX_DIRECTORY_PATH_INC . 'db.inc.php' );
|
---|
114 | return array (getParam('sys_security_impact_threshold_log'), getParam('sys_security_impact_threshold_block'));
|
---|
115 | } else {
|
---|
116 | include $sCacheFile;
|
---|
117 | }
|
---|
118 | return array ($mixedData['sys_security_impact_threshold_log'], $mixedData['sys_security_impact_threshold_block']);
|
---|
119 | }
|
---|
120 |
|
---|
121 | ?>
|
---|