Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 12 additions & 5 deletions README.txt
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
=== Plugin Name ===
=== Inspect HTTP Requests ===
Contributors: expresstechsoftware, webbdeveloper, sunnysoni, vanbom, eilandert
Donate link: https://paypal.me/supportets
Tags: log, wp_http, requests, update checks, api, http_api_debug, pre_http_request, http_request_args
Tags: log, wp_http, requests, update checks, api
Requires at least: 3.0.1
Tested up to: 6.5
Stable tag: 1.0.7
Stable tag: 1.0.8
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html

Expand Down Expand Up @@ -66,8 +66,11 @@ define( 'inspect_http_requests_ignored_urls', [
== Screenshots ==
1. The plugin menu is Available inside tools

= 1.0.6 =
* Support Wordpress 6.4.2
== Changelog ==

= 1.0.8 =

* Updated functionality to retrieve the base URL and compare it with database entries. Manually added base URLs with runtime 0 are now ignored. Note: This functionality currently applies only to base URLs.
* Sort the admin page on blocked url's and sort URL's on alphabet
* Stop logging to database if administrator has manually added a matching base-url in the database.
* Added option to block by default, define( 'inspect-http-requests-default-block', true ) in wp-config.php
Expand All @@ -80,6 +83,10 @@ define( 'inspect_http_requests_ignored_urls', [
'api',
]);
</PRE>

= 1.0.7 =
* Support WordPress 6.5

= 1.0.4 =
* Support WordPress 6.3

Expand Down
122 changes: 66 additions & 56 deletions admin/class-inspect-http-requests-admin.php
Original file line number Diff line number Diff line change
Expand Up @@ -148,12 +148,16 @@ public function ets_inspect_http_requests_capture_request( $response, $context,
}
$table_name = $this->table_name;

/* Try to get $default_block from wp_config.php */
if (defined('inspect_http_requests_default_block')) {
if ( ( inspect_http_requests_default_block == true )||( inspect_http_requests_default_block == "1" ) ) {
$default_block = 1;
} else { $default_block = 0; }
} else { $default_block = 0; }
/* Try to get $default_block from wp_config.php */
if ( defined( 'inspect_http_requests_default_block' ) ) {
if ( ( constant( 'inspect_http_requests_default_block' ) == true ) || ( constant( 'inspect_http_requests_default_block' ) == '1' ) ) {
$default_block = 1;
} else {
$default_block = 0;
}
} else {
$default_block = 0;
}

$request_args = json_encode( $args );
$http_api_call_data = apply_filters(
Expand Down Expand Up @@ -201,13 +205,13 @@ public function ets_inspect_http_requests_update_status_url() {
$ets_checked = 0;
}

$update_sql = $wpdb->prepare( " UPDATE `{$table_name}` SET `is_blocked` = %s WHERE `ID` =%d;" ,$ets_checked, $_POST['ets_url_id'] );
$update_sql = $wpdb->prepare( " UPDATE `{$table_name}` SET `is_blocked` = %s WHERE `ID` =%d;", $ets_checked, $_POST['ets_url_id'] );
if ( $wpdb->query( $update_sql ) ) {
if ( $ets_checked === 1 && ets_inspect_http_request_get_blocked_url ( $_POST['ets_url_id'] ) ) {
$url_to_log = ets_inspect_http_request_get_blocked_url ( $_POST['ets_url_id'] );
if ( $ets_checked === 1 && ets_inspect_http_request_get_blocked_url( $_POST['ets_url_id'] ) ) {
$url_to_log = ets_inspect_http_request_get_blocked_url( $_POST['ets_url_id'] );
ets_inspect_http_request_log_blocked_url( $url_to_log );
}
echo json_encode( ['re' => 'yes'] );
echo json_encode( array( 're' => 'yes' ) );
} else {
$wpdb->print_error();
}
Expand All @@ -220,23 +224,24 @@ public function ets_inspect_http_requests_update_status_url() {
* @since 1.0.0
*/
public function ets_inspect_http_requests_ignore_specific_hostname( $data ) {
/* Try to get array $ignored_urls from wp.config.php */
if ( defined( 'inspect_http_requests_ignored_urls' ) ) {
$ignored_urls = inspect_http_requests_ignored_urls;
} else {
/* Get the BASE-URL of our wordpress site and remove the scheme */
$site_url = home_url();
$url_parts = parse_url($site_url);
$url_base = $url_parts['host'];
/* Create $ignored_urls */
$ignored_urls = [ $url_base, 'wordpress.org'];
}
/* Try to get array $ignored_urls from wp.config.php */
if ( defined( 'inspect_http_requests_ignored_urls' ) ) {
$ignored_urls = constant( 'inspect_http_requests_ignored_urls' );

} else {
/* Get the BASE-URL of our WordPress site and remove the scheme */
$site_url = home_url();
$url_parts = parse_url( $site_url );
$url_base = $url_parts['host'];
/* Create $ignored_urls */
$ignored_urls = array( $url_base, 'wordpress.org' );
}

/* Loop through the ignorelist */
foreach ($ignored_urls as $iu) {
if ( false !== strpos( $data['URL'], $iu ) ) {
return false;
}
foreach ( $ignored_urls as $iu ) {
if ( false !== strpos( $data['URL'], $iu ) ) {
return false;
}
}

if ( ets_inspect_http_request_check_duplicate_url( $data['URL'] ) ) {
Expand All @@ -258,11 +263,11 @@ public function ets_inspect_http_requests_approved_requests( $preempt, $parsed_a
if ( is_array( $list_urls ) && count( $list_urls ) > 0 ) {
return new WP_Error( 'http_request_block', __( 'This request is not allowed', 'inspect-http-requests' ) );
} else {
return $preempt;
}
}
return $preempt;
}
}

public function ets_inspect_http_requests_get_runtime ( $args ) {
public function ets_inspect_http_requests_get_runtime( $args ) {
$this->start_time = microtime( true );
return $args;
}
Expand Down Expand Up @@ -297,28 +302,33 @@ public function ets_inspect_http_requests_add_valid_url() {
exit();
}

// Validate url
if ( filter_var( trim( $_POST['valid_url'] ) , FILTER_VALIDATE_URL ) === false ){
// Validate url
if ( filter_var( trim( $_POST['valid_url'] ), FILTER_VALIDATE_URL ) === false ) {
echo 'false';
exit();
}

/* Try to get $default_block from wp_config.php */
if (defined('inspect_http_requests_default_block')) {
if ( ( inspect_http_requests_default_block == true )||( inspect_http_requests_default_block == "1" ) ) {
$default_block = 1;
} else { $default_block = 0; }
} else { $default_block = 0; }

$http_api_call_data = apply_filters( 'ets_inspect_http_requests_ignore_hostname', array(
'URL' => sanitize_url ( $_POST['valid_url'] ),
'request_args' => '',
'response' => '',
'transport' => '',
'runtime' => '',
'date_added' => date('Y-m-d H:i:s'),
'is_blocked' => $default_block,
) ) ;
/* Try to get $default_block from wp_config.php */
if ( defined( 'inspect_http_requests_default_block' ) ) {
if ( ( inspect_http_requests_default_block == true ) || ( inspect_http_requests_default_block == '1' ) ) {
$default_block = 1;
} else {
$default_block = 0; }
} else {
$default_block = 0; }

$http_api_call_data = apply_filters(
'ets_inspect_http_requests_ignore_hostname',
array(
'URL' => sanitize_url( $_POST['valid_url'] ),
'request_args' => '',
'response' => '',
'transport' => '',
'runtime' => '',
'date_added' => date( 'Y-m-d H:i:s' ),
'is_blocked' => $default_block,
)
);
if ( false !== $http_api_call_data ) {
if ( ! $wpdb->insert( $table_name, $http_api_call_data ) ) {
$wpdb->print_error();
Expand All @@ -328,10 +338,10 @@ public function ets_inspect_http_requests_add_valid_url() {
exit();
}

public function ets_inspect_http_requests_delete_url (){
public function ets_inspect_http_requests_delete_url() {
global $wpdb;
$table_name = $this->table_name;

if ( ! current_user_can( 'administrator' ) ) {
wp_send_json_error( 'You do not have sufficient rights', 403 );
exit();
Expand All @@ -341,16 +351,16 @@ public function ets_inspect_http_requests_delete_url (){
wp_send_json_error( 'You do not have sufficient rights', 403 );
exit();
}
$url_id = $_POST['url_id'];
$delete_sql = $wpdb->prepare( "DELETE FROM `{$table_name}` WHERE `ID` ='%d'; " , $url_id );
if( $wpdb->query( $delete_sql ) ){
echo ets_inspect_http_request_get_data();
$url_id = $_POST['url_id'];
$delete_sql = $wpdb->prepare( "DELETE FROM `{$table_name}` WHERE `ID` ='%d'; ", $url_id );
if ( $wpdb->query( $delete_sql ) ) {
echo ets_inspect_http_request_get_data();

} else {
echo 'false';
}

exit();

}
}
2 changes: 1 addition & 1 deletion includes/class-inspect-http-requests.php
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ public function __construct() {
if ( defined( 'INSPECT_HTTP_REQUESTS_VERSION' ) ) {
$this->version = INSPECT_HTTP_REQUESTS_VERSION;
} else {
$this->version = '1.0.7';
$this->version = '1.0.8';
}
$this->plugin_name = 'inspect-http-requests';

Expand Down
Loading