File Manager

Current Directory: /home/astoriaah/www/old15/administrator/components/com_admintools/models
Viewing File: /home/astoriaah/www/old15/administrator/components/com_admintools/models/wafconfig.php
<?php /** * @package AdminTools * @copyright Copyright (c)2010-2015 Nicholas K. Dionysopoulos * @license GNU General Public License version 3, or later */ // Protect from unauthorized access defined('_JEXEC') or die; JLoader::import('joomla.application.component.model'); class AdmintoolsModelWafconfig extends F0FModel { /** * Default configuration variables * * @var array */ private $defaultConfig = array( 'ipwl' => 0, 'ipbl' => 0, 'adminpw' => '', 'nonewadmins' => 1, 'sqlishield' => 1, 'antispam' => 0, 'custgenerator' => 0, 'generator' => '', 'tpone' => 1, 'tmpl' => 1, 'template' => 1, 'logbreaches' => 1, 'emailonadminlogin' => '', 'emailonfailedadminlogin' => '', 'emailbreaches' => '', 'muashield' => 1, 'csrfshield' => 0, 'rfishield' => 1, 'dfishield' => 1, 'badbehaviour' => 0, 'bbstrict' => 0, 'bbhttpblkey' => '', 'bbwhitelistip' => '', 'tsrenable' => 0, 'tsrstrikes' => 3, 'tsrnumfreq' => 1, 'tsrfrequency' => 'hour', 'tsrbannum' => 1, 'tsrbanfrequency' => 'day', 'spammermessage' => 'You are a spammer, hacker or an otherwise bad person.', 'uploadshield' => 1, 'xssshield' => 0, 'xssshield_safe_keys' => 'password, passwd, token, _token, password1, password2, text', 'xssshield_allowphp' => 0, 'nofesalogin' => 0, 'tmplwhitelist' => 'component,system,raw,koowa', 'neverblockips' => '', 'emailafteripautoban' => '', 'custom403msg' => '', 'httpblenable' => 0, 'httpblthreshold' => 25, 'httpblmaxage' => 30, 'httpblblocksuspicious' => 0, 'allowsitetemplate' => 0, 'trackfailedlogins' => 1, 'use403view' => 0, 'showpwonloginfailure' => 1, 'iplookup' => 'ip-lookup.net/index.php?ip={ip}', 'iplookupscheme' => 'http', 'saveusersignupip' => 0, 'twofactorauth' => 0, 'twofactorauth_secret' => '', 'twofactorauth_panic' => '', 'whitelist_domains' => '.googlebot.com,.search.msn.com', 'reasons_nolog' => 'geoblocking', 'reasons_noemail' => 'geoblocking', 'resetjoomlatfa' => 0, 'email_throttle' => 1, 'permaban' => 0, 'permabannum' => 0, 'deactivateusers_num' => 0, 'deactivateusers_numfreq' => 1, 'deactivateusers_frequency' => 'day', 'awayschedule_from' => '', 'awayschedule_to' => '', 'adminlogindir' => '', 'blockedemaildomains' => '' ); /** * Load the WAF configuration * * @return type */ public function getConfig() { if (interface_exists('JModel')) { $params = JModelLegacy::getInstance('Storage', 'AdmintoolsModel'); } else { $params = JModel::getInstance('Storage', 'AdmintoolsModel'); } $config = array(); foreach ($this->defaultConfig as $k => $v) { $config[$k] = $params->getValue($k, $v); } $this->_migrateIplookup($config); return $config; } public function saveConfig($newParams) { $this->_migrateIplookup($newParams); if (interface_exists('JModel')) { $params = JModelLegacy::getInstance('Storage', 'AdmintoolsModel'); } else { $params = JModel::getInstance('Storage', 'AdmintoolsModel'); } foreach ($newParams as $key => $value) { // Do not save unnecessary parameters if (!array_key_exists($key, $this->defaultConfig)) { continue; } if(($key == 'awayschedule_from') || ($key == 'awayschedule_to')) { // Sanity check for Away Schedule time format if(!preg_match('#^([0-1]?[0-9]|[2][0-3]):([0-5][0-9])$#', $value)) { $value = ''; } } $params->setValue($key, $value); } // Dealing with special fields if(is_array($newParams['reasons_nolog'])) { $params->setValue('reasons_nolog', implode(',', $newParams['reasons_nolog'])); } if(is_array($newParams['reasons_noemail'])) { $params->setValue('reasons_noemail', implode(',', $newParams['reasons_noemail'])); } $params->save(); } private function _migrateIplookup(&$data) { $iplookup = $data['iplookup']; $iplookupscheme = $data['iplookupscheme']; if (empty($iplookup)) { $iplookup = 'ip-lookup.net/index.php?ip={ip}'; $iplookupscheme = 'http'; } $test = strtolower($iplookup); if (substr($test, 0, 7) == 'http://') { $iplookup = substr($iplookup, 7); $iplookupscheme = 'http'; } elseif (substr($test, 0, 8) == 'https://') { $iplookup = substr($iplookup, 8); $iplookupscheme = 'https'; } $data['iplookup'] = $iplookup; $data['iplookupscheme'] = $iplookupscheme; } }