116 lines
2.9 KiB
PHP
116 lines
2.9 KiB
PHP
<?php
|
|
|
|
namespace security\wordpress\vulnerabilities;
|
|
defined('ABSPATH') or die();
|
|
class FileStorage
|
|
{
|
|
private $hash;
|
|
|
|
/**
|
|
* FileStorage constructor.
|
|
*/
|
|
public function __construct()
|
|
{
|
|
//Fetching the key from the database
|
|
$this->generateHashKey();
|
|
}
|
|
|
|
public Static function StoreFile($file, $data)
|
|
{
|
|
$storage = new FileStorage();
|
|
$storage->set($data, $file);
|
|
}
|
|
|
|
public Static function GetFile($file)
|
|
{
|
|
$storage = new FileStorage();
|
|
return $storage->get($file);
|
|
}
|
|
|
|
/** Get the data from the file
|
|
* @param $file
|
|
* @return bool|mixed
|
|
*/
|
|
public function get($file)
|
|
{
|
|
if (file_exists($file)) {
|
|
$data = file_get_contents($file);
|
|
$data = $this->Decode64WithHash($data);
|
|
return json_decode($data);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/** Save the data to the file
|
|
* @param $data
|
|
* @param $file
|
|
*/
|
|
public function set($data, $file)
|
|
{
|
|
$data = $this->Encode64WithHash(json_encode($data));
|
|
file_put_contents($file, $data);
|
|
}
|
|
|
|
/** encode the data with a hash
|
|
* @param $data
|
|
* @return string
|
|
*/
|
|
private function Encode64WithHash($data): string
|
|
{
|
|
//we create a simple encoding, using the hashkey as a salt
|
|
$data = base64_encode($data);
|
|
return base64_encode($data . $this->hash);
|
|
}
|
|
|
|
/** decode the data with a hash
|
|
* @param $data
|
|
* @return string
|
|
*/
|
|
private function Decode64WithHash($data): string
|
|
{
|
|
//we create a simple decoding, using the hashkey as a salt
|
|
$data = base64_decode($data);
|
|
$data = substr($data, 0, -strlen($this->hash));
|
|
return base64_decode($data);
|
|
}
|
|
|
|
/** Generate a hashkey and store it in the database
|
|
* @return void
|
|
*/
|
|
private function generateHashKey(): void
|
|
{
|
|
if (get_option('rsssl_hashkey') && get_option('rsssl_hashkey') !== "") {
|
|
$this->hash = get_option('rsssl_hashkey');
|
|
} else {
|
|
$this->hash = md5(uniqid(rand(), true));
|
|
update_option('rsssl_hashkey', $this->hash, false);
|
|
}
|
|
}
|
|
|
|
public static function GetDate(string $file)
|
|
{
|
|
if (file_exists($file)) {
|
|
return filemtime($file);
|
|
}
|
|
return false;
|
|
}
|
|
|
|
public static function DeleteAll()
|
|
{
|
|
//we get the upload folder
|
|
$upload_dir = wp_upload_dir();
|
|
|
|
//we get the really-simple-ssl folder
|
|
$rsssl_dir = $upload_dir['basedir'] . '/really-simple-ssl';
|
|
|
|
//then we delete the following files from that folder: manifest.json, components.json and core.json
|
|
$files = array('manifest.json', 'components.json', 'core.json');
|
|
foreach ($files as $file) {
|
|
//we delete the file
|
|
$file = $rsssl_dir . '/' . $file;
|
|
if (file_exists($file)) {
|
|
unlink($file);
|
|
}
|
|
}
|
|
}
|
|
} |