/home/jackson/public_html/wp-content/themes/philipjackson/vendor/nesbot/carbon/src/Carbon/CarbonInterval.php
*
* @return string
*/
public function forHumans($short = false)
{
$periods = array(
'year' => array('y', $this->years),
'month' => array('m', $this->months),
'week' => array('w', $this->weeks),
'day' => array('d', $this->daysExcludeWeeks),
'hour' => array('h', $this->hours),
'minute' => array('min', $this->minutes),
'second' => array('s', $this->seconds),
);
$parts = array();
foreach ($periods as $unit => $options) {
list($shortUnit, $count) = $options;
if ($count > 0) {
$parts[] = static::translator()->transChoice($short ? $shortUnit : $unit, $count, array(':count' => $count));
}
}
return implode(' ', $parts);
}
/**
* Format the instance as a string using the forHumans() function.
*
* @return string
*/
public function __toString()
{
return $this->forHumans();
}
/**
* Convert the interval to a CarbonPeriod.
*
* @return CarbonPeriod
Arguments
"Call to undefined method Carbon\Translator::transChoice()"
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/vendor/nesbot/carbon/src/Carbon/Traits/Difference.php
if (\is_array($other)) {
$other['syntax'] = \array_key_exists('syntax', $other) ? $other['syntax'] : $syntax;
$syntax = $other;
$other = $syntax['other'] ?? null;
}
$intSyntax = &$syntax;
if (\is_array($syntax)) {
$syntax['syntax'] = $syntax['syntax'] ?? null;
$intSyntax = &$syntax['syntax'];
}
$intSyntax = (int) ($intSyntax ?? static::DIFF_RELATIVE_AUTO);
$intSyntax = $intSyntax === static::DIFF_RELATIVE_AUTO && $other === null ? static::DIFF_RELATIVE_TO_NOW : $intSyntax;
$parts = min(7, max(1, (int) $parts));
$skip = \is_array($syntax) ? ($syntax['skip'] ?? []) : [];
return $this->diffAsCarbonInterval($other, false, (array) $skip)
->setLocalTranslator($this->getLocalTranslator())
->forHumans($syntax, (bool) $short, $parts, $options ?? $this->localHumanDiffOptions ?? static::getHumanDiffOptions());
}
/**
* @alias diffForHumans
*
* Get the difference in a human readable format in the current locale from current instance to an other
* instance given (or now if null given).
*
* @param Carbon|\DateTimeInterface|string|array|null $other if array passed, will be used as parameters array, see $syntax below;
* if null passed, now will be used as comparison reference;
* if any other type, it will be converted to date and used as reference.
* @param int|array $syntax if array passed, parameters will be extracted from it, the array may contains:
* - 'syntax' entry (see below)
* - 'short' entry (see below)
* - 'parts' entry (see below)
* - 'options' entry (see below)
* - 'join' entry determines how to join multiple parts of the string
* ` - if $join is a string, it's used as a joiner glue
* ` - if $join is a callable/closure, it get the list of string and should return a string
* ` - if $join is an array, the first item will be the default glue, and the second item
Arguments
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/FullPage/Block/BlockIpAddressShield.php
],
] );
}
protected function getRestrictionDetailsBlurb() :array {
$blurb = \array_merge( [
__( "Too many requests from your IP address have triggered the site's automated defenses.", 'wp-simple-firewall' ),
], parent::getRestrictionDetailsBlurb() );
unset( $blurb[ 'activity_recorded' ] );
return $blurb;
}
protected function getRestrictionDetailsPoints() :array {
return \array_merge(
[
__( 'Restrictions Lifted', 'wp-simple-firewall' ) =>
Services::Request()
->carbon()
->addSeconds( self::con()->comps->opts_lookup->getIpAutoBlockTTL() )
->diffForHumans(),
],
parent::getRestrictionDetailsPoints()
);
}
protected function renderEmailMagicLinkContent( array $recovery ) :string {
return self::con()->action_router->render( Components\MagicLink::class, [
'vars' => [
'recovery' => $recovery,
],
] );
}
}
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/FullPage/Block/BaseBlock.php
use FernleafSystems\Wordpress\Services\Services;
abstract class BaseBlock extends BaseFullPageRender {
use AuthNotRequired;
public const TEMPLATE = '/pages/block/block_page_standard.twig';
protected function getCommonFullPageRenderData() :array {
return Services::DataManipulation()->mergeArraysRecursive(
parent::getCommonFullPageRenderData(),
[
'strings' => [
'restriction_details' => __( 'Restriction Details', 'wp-simple-firewall' ),
'restriction_details_blurb' => $this->getRestrictionDetailsBlurb(),
'about_title' => sprintf( __( 'About %s for WordPress', 'wp-simple-firewall' ), self::con()->labels->Name ),
'about_description' => sprintf( __( '%s is a powerful WordPress Security service deployed on over 40,000+ WordPress websites.', 'wp-simple-firewall' ), self::con()->labels->Name ),
],
'vars' => [
'restriction_details_points' => $this->getRestrictionDetailsPoints(),
],
]
);
}
protected function getRestrictionDetailsBlurb() :array {
return [
'this_website' => __( "This website uses a security service to monitor requests to check for activity that is malicious, abnormal or unexpected.", 'wp-simple-firewall' ),
'activity_recorded' => __( "This activity will have been recorded against your IP address and you may be completely blocked from further site access if similar activity is repeated.", 'wp-simple-firewall' ),
];
}
protected function getRestrictionDetailsPoints() :array {
$WP = Services::WpGeneral();
return [
__( 'Your IP Address', 'wp-simple-firewall' ) => self::con()->this_req->ip,
__( 'Time Now', 'wp-simple-firewall' ) => $WP->getTimeStringForDisplay(),
__( 'Homepage', 'wp-simple-firewall' ) => $WP->getHomeUrl(),
];
}
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/FullPage/BaseFullPageRender.php
<?php declare( strict_types=1 );
namespace FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\FullPage;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\BaseRender;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException;
use FernleafSystems\Wordpress\Services\Services;
abstract class BaseFullPageRender extends BaseRender {
/**
* @throws ActionException
*/
protected function getAllRenderDataArrays() :array {
$data = parent::getAllRenderDataArrays();
$data[ 25 ] = $this->getCommonFullPageRenderData();
return $data;
}
protected function getCommonFullPageRenderData() :array {
$con = self::con();
$WP = Services::WpGeneral();
return [
'flags' => [
'is_whitelabelled' => $con->comps->whitelabel->isEnabled()
],
'head' => [
'scripts' => $this->getScripts(),
'styles' => $this->getStyles(),
],
'hrefs' => [
'shield_logo' => 'https://ps.w.org/wp-simple-firewall/assets/banner-772x250.png',
'how_to_unblock' => 'https://clk.shldscrty.com/shieldhowtounblock',
'helpdesk' => 'https://clk.shldscrty.com/shieldhelpdesk'
],
'imgs' => [
'about_shield' => $con->urls->forImage( 'pluginlogo_128x128.png' ),
'logo_banner' => $con->labels->url_img_pagebanner,
'logo_small' => $con->labels->url_img_logo_small,
'favicon' => $con->urls->forImage( 'pluginlogo_24x24.png' ),
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/BaseRender.php
$output = self::con()
->comps
->render
->setTemplate( $template )
->setData( $renderData )
->setEnvironmentVars( $this->getTwigEnvironmentVars() )
->render();
}
catch ( \Exception $e ) {
$this->renderErrorCode = self::RENDER_ERROR_EXCEPTION;
$output = sprintf( 'Exception during render for %s: "%s"', static::SLUG, $e->getMessage() );
}
return $output;
}
/**
* @throws ActionException
*/
protected function buildRenderData() :array {
$data = $this->getAllRenderDataArrays();
\ksort( $data );
return \call_user_func_array(
[ Services::DataManipulation(), 'mergeArraysRecursive' ],
$data
);
}
/**
* @throws ActionException
*/
protected function getAllRenderDataArrays() :array {
return [
0 => $this->getCommonDisplayData(),
10 => $this->action_data,
50 => $this->getRenderData(),
];
}
/**
* @throws ActionException
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/BaseRender.php
use NonceVerifyNotRequired;
public const TEMPLATE = '';
public const GO_PRO_URL = 'https://clk.shldscrty.com/shieldgoprofeature';
public const RENDER_ERROR_EXCEPTION = 'render_exception';
private string $renderErrorCode = '';
protected function exec() {
$this->render()->response();
}
/**
* @throws ActionException
*/
private function render() :self {
$response = $this->response();
$respData = $response->payload();
$respData[ 'render_template' ] = $this->getRenderTemplate();
$respData[ 'render_data' ] = $this->buildRenderData();
$respData[ 'render_output' ] = $this->buildRenderOutput( $respData[ 'render_data' ] );
$respData[ 'render_error' ] = $this->renderErrorCode !== '';
$respData[ 'render_error_code' ] = $this->renderErrorCode;
// Existing AJAX render consumers still read html; render_output is the canonical render payload.
$respData[ 'html' ] = $respData[ 'render_output' ];
$payloadSuccess = (bool)( $respData[ 'success' ] ?? true );
unset( $respData[ 'success' ] );
$response
->setPayload( $respData )
->setPayloadSuccess( $payloadSuccess );
return $this;
}
/**
* @throws ActionException
*/
protected function buildRenderOutput( array $renderData = [] ) :string {
$template = $this->getRenderTemplate();
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render/BaseRender.php
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\BaseAction;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\NonceVerifyNotRequired;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Constants;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException;
use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Lib\IpRules\IpRuleStatus;
use FernleafSystems\Wordpress\Services\Services;
use FernleafSystems\Wordpress\Services\Utilities\PasswordGenerator;
abstract class BaseRender extends BaseAction {
use NonceVerifyNotRequired;
public const TEMPLATE = '';
public const GO_PRO_URL = 'https://clk.shldscrty.com/shieldgoprofeature';
public const RENDER_ERROR_EXCEPTION = 'render_exception';
private string $renderErrorCode = '';
protected function exec() {
$this->render()->response();
}
/**
* @throws ActionException
*/
private function render() :self {
$response = $this->response();
$respData = $response->payload();
$respData[ 'render_template' ] = $this->getRenderTemplate();
$respData[ 'render_data' ] = $this->buildRenderData();
$respData[ 'render_output' ] = $this->buildRenderOutput( $respData[ 'render_data' ] );
$respData[ 'render_error' ] = $this->renderErrorCode !== '';
$respData[ 'render_error_code' ] = $this->renderErrorCode;
// Existing AJAX render consumers still read html; render_output is the canonical render payload.
$respData[ 'html' ] = $respData[ 'render_output' ];
$payloadSuccess = (bool)( $respData[ 'success' ] ?? true );
unset( $respData[ 'success' ] );
$response
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/BaseAction.php
break;
default:
break;
}
return $value;
}
/**
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function process() {
$this->checkAccess();
$this->checkAvailableData();
$this->preExec();
$this->exec();
$this->postExec();
}
/**
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
protected function checkAccess() {
$con = self::con();
$thisReq = $con->this_req;
if ( !$thisReq->request_bypasses_all_restrictions && $thisReq->is_ip_blocked && !$this->canBypassIpAddressBlock() ) {
throw new IpBlockedException( sprintf( __( 'IP Address blocked so cannot process action: %s', 'wp-simple-firewall' ), static::SLUG ) );
}
$WPU = Services::WpUsers();
if ( $this->isUserAuthRequired()
&& ( !$WPU->isUserLoggedIn() || !user_can( $WPU->getCurrentWpUser(), $this->getMinimumUserAuthCapability() ) ) ) {
throw new UserAuthRequiredException( sprintf( __( 'Must be logged-in to execute this action: %s', 'wp-simple-firewall' ), static::SLUG ) );
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionProcessor.php
InvalidActionNonceException,
IpBlockedException,
SecurityAdminRequiredException,
UserAuthRequiredException,
};
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Utility\ActionsMap;
class ActionProcessor {
/**
* @throws ActionDoesNotExistException
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function processAction( string $classOrSlug, array $data = [] ) :ActionResponse {
$action = $this->getAction( $classOrSlug, $data );
$action->process();
return $action->response();
}
/**
* SECURITY FIX: Strip action_overrides from user input
* Security controls should never be controllable by user input, even from "authenticated" sources.
* This prevents CSRF bypass attacks where attackers send action_overrides[is_nonce_verify_required]=false
* Integrations that legitimately need overrides (like MainWP) should set them programmatically
* AFTER action creation using setActionOverride() method.
* @throws ActionDoesNotExistException
*/
public function getAction( string $classOrSlug, array $data ) :Actions\BaseAction {
$action = ActionsMap::ActionFromSlug( $classOrSlug );
if ( empty( $action ) ) {
throw new ActionDoesNotExistException( 'There was no action handler available for '.esc_html( $classOrSlug ) );
}
unset( $data[ 'action_overrides' ] );
return new $action( $data );
}
}
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionExecutor.php
private ResponseAdapterFactory $factory;
public function __construct( ?ResponseAdapterFactory $factory = null ) {
$this->factory = $factory instanceof ResponseAdapterFactory ? $factory : new ResponseAdapterFactory();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws SecurityAdminRequiredException
* @throws InvalidActionNonceException
*/
public function execute( string $classOrSlug, array $data = [], int $type = ActionRoutingController::ACTION_SHIELD ) :RoutedResponse {
$actionResponse = null;
$routedResponse = null;
try {
$actionResponse = ( new ActionProcessor() )->processAction( $classOrSlug, $data );
}
catch ( SecurityAdminRequiredException $sare ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $sare;
}
$routedResponse = $this->execute( PageSecurityAdminRestricted::class, $data );
}
catch ( InvalidActionNonceException $iane ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $iane;
}
wp_die(
__( 'Unexpected data. Please try again.', 'wp-simple-firewall' ),
'',
[
'code' => self::WP_DIE_INVALID_NONCE_CODE,
'response' => self::WP_DIE_INVALID_NONCE_STATUS,
]
);
}
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\FullPage\Block\BlockIpAddressCrowdsec"
[]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionRoutingController.php
public const ACTION_REST = 3;
private ?ActionExecutor $executor = null;
protected function run() {
( new CaptureRedirects() )->run();
( new CapturePluginAction() )->execute();
( new CaptureAjaxAction() )->execute();
( new CaptureRestApiAction() )->execute();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws Exceptions\SecurityAdminRequiredException
* @throws Exceptions\InvalidActionNonceException
*/
public function action( string $classOrSlug, array $data = [], int $type = self::ACTION_SHIELD ) :RoutedResponse {
return $this->getExecutor()->execute( $classOrSlug, $data, $type );
}
/**
* @internal Transition helper so capture classes can avoid routing recursion.
*/
public function executor() :ActionExecutor {
return $this->getExecutor();
}
/**
* This is an alias for calling the Render action directly
*/
public function render( string $classOrSlug, array $data = [] ) :string {
try {
$payload = $this->action(
Actions\Render::class,
[
'render_action_slug' => $classOrSlug,
'render_action_data' => $data,
]
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\FullPage\Block\BlockIpAddressCrowdsec"
[]
2
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/Render.php
/**
* This is the entry point for ALL rendering. This is the action that should be called, which will then delegate
* the rendering further onward. This will allow us to customize the rendering data and environment for all
* renders before they're ever processed.
*/
class Render extends BaseAction {
use Traits\AuthNotRequired;
use Traits\ByPassIpBlock;
use Traits\NonceVerifyNotRequired;
public const SLUG = 'render';
protected function exec() {
$renderAction = RenderActionTarget::require( (string)$this->action_data[ 'render_action_slug' ] );
$this->setResponse(
self::con()->action_router->action(
$renderAction,
\array_filter( $this->action_data[ 'render_action_data' ] ?? [], fn( $item ) => !\is_null( $item ) )
)
);
}
protected function getRequiredDataKeys() :array {
return [
'render_action_slug',
'render_action_data'
];
}
}
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\FullPage\Block\BlockIpAddressCrowdsec"
[]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/BaseAction.php
break;
default:
break;
}
return $value;
}
/**
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function process() {
$this->checkAccess();
$this->checkAvailableData();
$this->preExec();
$this->exec();
$this->postExec();
}
/**
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
protected function checkAccess() {
$con = self::con();
$thisReq = $con->this_req;
if ( !$thisReq->request_bypasses_all_restrictions && $thisReq->is_ip_blocked && !$this->canBypassIpAddressBlock() ) {
throw new IpBlockedException( sprintf( __( 'IP Address blocked so cannot process action: %s', 'wp-simple-firewall' ), static::SLUG ) );
}
$WPU = Services::WpUsers();
if ( $this->isUserAuthRequired()
&& ( !$WPU->isUserLoggedIn() || !user_can( $WPU->getCurrentWpUser(), $this->getMinimumUserAuthCapability() ) ) ) {
throw new UserAuthRequiredException( sprintf( __( 'Must be logged-in to execute this action: %s', 'wp-simple-firewall' ), static::SLUG ) );
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionProcessor.php
InvalidActionNonceException,
IpBlockedException,
SecurityAdminRequiredException,
UserAuthRequiredException,
};
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Utility\ActionsMap;
class ActionProcessor {
/**
* @throws ActionDoesNotExistException
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function processAction( string $classOrSlug, array $data = [] ) :ActionResponse {
$action = $this->getAction( $classOrSlug, $data );
$action->process();
return $action->response();
}
/**
* SECURITY FIX: Strip action_overrides from user input
* Security controls should never be controllable by user input, even from "authenticated" sources.
* This prevents CSRF bypass attacks where attackers send action_overrides[is_nonce_verify_required]=false
* Integrations that legitimately need overrides (like MainWP) should set them programmatically
* AFTER action creation using setActionOverride() method.
* @throws ActionDoesNotExistException
*/
public function getAction( string $classOrSlug, array $data ) :Actions\BaseAction {
$action = ActionsMap::ActionFromSlug( $classOrSlug );
if ( empty( $action ) ) {
throw new ActionDoesNotExistException( 'There was no action handler available for '.esc_html( $classOrSlug ) );
}
unset( $data[ 'action_overrides' ] );
return new $action( $data );
}
}
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionExecutor.php
private ResponseAdapterFactory $factory;
public function __construct( ?ResponseAdapterFactory $factory = null ) {
$this->factory = $factory instanceof ResponseAdapterFactory ? $factory : new ResponseAdapterFactory();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws SecurityAdminRequiredException
* @throws InvalidActionNonceException
*/
public function execute( string $classOrSlug, array $data = [], int $type = ActionRoutingController::ACTION_SHIELD ) :RoutedResponse {
$actionResponse = null;
$routedResponse = null;
try {
$actionResponse = ( new ActionProcessor() )->processAction( $classOrSlug, $data );
}
catch ( SecurityAdminRequiredException $sare ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $sare;
}
$routedResponse = $this->execute( PageSecurityAdminRestricted::class, $data );
}
catch ( InvalidActionNonceException $iane ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $iane;
}
wp_die(
__( 'Unexpected data. Please try again.', 'wp-simple-firewall' ),
'',
[
'code' => self::WP_DIE_INVALID_NONCE_CODE,
'response' => self::WP_DIE_INVALID_NONCE_STATUS,
]
);
}
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render"
array:2 [
"render_action_slug" => "render_block_ip_address_crowdsec"
"render_action_data" => []
]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionRoutingController.php
public const ACTION_REST = 3;
private ?ActionExecutor $executor = null;
protected function run() {
( new CaptureRedirects() )->run();
( new CapturePluginAction() )->execute();
( new CaptureAjaxAction() )->execute();
( new CaptureRestApiAction() )->execute();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws Exceptions\SecurityAdminRequiredException
* @throws Exceptions\InvalidActionNonceException
*/
public function action( string $classOrSlug, array $data = [], int $type = self::ACTION_SHIELD ) :RoutedResponse {
return $this->getExecutor()->execute( $classOrSlug, $data, $type );
}
/**
* @internal Transition helper so capture classes can avoid routing recursion.
*/
public function executor() :ActionExecutor {
return $this->getExecutor();
}
/**
* This is an alias for calling the Render action directly
*/
public function render( string $classOrSlug, array $data = [] ) :string {
try {
$payload = $this->action(
Actions\Render::class,
[
'render_action_slug' => $classOrSlug,
'render_action_data' => $data,
]
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render"
array:2 [
"render_action_slug" => "render_block_ip_address_crowdsec"
"render_action_data" => []
]
2
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/FullPageDisplay/BaseFullPageDisplay.php
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\BaseAction;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\AuthNotRequired;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Traits\NonceVerifyNotRequired;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Exceptions\ActionException;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Utility\RenderActionTarget;
use FernleafSystems\Wordpress\Services\Services;
abstract class BaseFullPageDisplay extends BaseAction {
use AuthNotRequired;
use NonceVerifyNotRequired;
protected function exec() {
$this->setResponse(
self::con()->action_router->action(
Render::class,
[
'render_action_slug' => $this->action_data[ 'render_slug' ],
'render_action_data' => $this->action_data[ 'render_data' ] ?? [],
]
)
);
}
/**
* display page and die().
*/
protected function postExec() {
$this->issueHeaders();
$this->pushContent();
$this->complete();
}
protected function pushContent() {
$payload = $this->response()->payload();
echo (string)( $payload[ 'render_output' ] ?? '' );
}
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render"
array:2 [
"render_action_slug" => "render_block_ip_address_crowdsec"
"render_action_data" => []
]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/Actions/BaseAction.php
break;
default:
break;
}
return $value;
}
/**
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function process() {
$this->checkAccess();
$this->checkAvailableData();
$this->preExec();
$this->exec();
$this->postExec();
}
/**
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
protected function checkAccess() {
$con = self::con();
$thisReq = $con->this_req;
if ( !$thisReq->request_bypasses_all_restrictions && $thisReq->is_ip_blocked && !$this->canBypassIpAddressBlock() ) {
throw new IpBlockedException( sprintf( __( 'IP Address blocked so cannot process action: %s', 'wp-simple-firewall' ), static::SLUG ) );
}
$WPU = Services::WpUsers();
if ( $this->isUserAuthRequired()
&& ( !$WPU->isUserLoggedIn() || !user_can( $WPU->getCurrentWpUser(), $this->getMinimumUserAuthCapability() ) ) ) {
throw new UserAuthRequiredException( sprintf( __( 'Must be logged-in to execute this action: %s', 'wp-simple-firewall' ), static::SLUG ) );
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionProcessor.php
InvalidActionNonceException,
IpBlockedException,
SecurityAdminRequiredException,
UserAuthRequiredException,
};
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Utility\ActionsMap;
class ActionProcessor {
/**
* @throws ActionDoesNotExistException
* @throws ActionException
* @throws InvalidActionNonceException
* @throws IpBlockedException
* @throws SecurityAdminRequiredException
* @throws UserAuthRequiredException
*/
public function processAction( string $classOrSlug, array $data = [] ) :ActionResponse {
$action = $this->getAction( $classOrSlug, $data );
$action->process();
return $action->response();
}
/**
* SECURITY FIX: Strip action_overrides from user input
* Security controls should never be controllable by user input, even from "authenticated" sources.
* This prevents CSRF bypass attacks where attackers send action_overrides[is_nonce_verify_required]=false
* Integrations that legitimately need overrides (like MainWP) should set them programmatically
* AFTER action creation using setActionOverride() method.
* @throws ActionDoesNotExistException
*/
public function getAction( string $classOrSlug, array $data ) :Actions\BaseAction {
$action = ActionsMap::ActionFromSlug( $classOrSlug );
if ( empty( $action ) ) {
throw new ActionDoesNotExistException( 'There was no action handler available for '.esc_html( $classOrSlug ) );
}
unset( $data[ 'action_overrides' ] );
return new $action( $data );
}
}
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionExecutor.php
private ResponseAdapterFactory $factory;
public function __construct( ?ResponseAdapterFactory $factory = null ) {
$this->factory = $factory instanceof ResponseAdapterFactory ? $factory : new ResponseAdapterFactory();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws SecurityAdminRequiredException
* @throws InvalidActionNonceException
*/
public function execute( string $classOrSlug, array $data = [], int $type = ActionRoutingController::ACTION_SHIELD ) :RoutedResponse {
$actionResponse = null;
$routedResponse = null;
try {
$actionResponse = ( new ActionProcessor() )->processAction( $classOrSlug, $data );
}
catch ( SecurityAdminRequiredException $sare ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $sare;
}
$routedResponse = $this->execute( PageSecurityAdminRestricted::class, $data );
}
catch ( InvalidActionNonceException $iane ) {
if ( Services::WpGeneral()->isAjax() ) {
throw $iane;
}
wp_die(
__( 'Unexpected data. Please try again.', 'wp-simple-firewall' ),
'',
[
'code' => self::WP_DIE_INVALID_NONCE_CODE,
'response' => self::WP_DIE_INVALID_NONCE_STATUS,
]
);
}
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\FullPageDisplay\DisplayBlockPage"
array:1 [
"render_slug" => "render_block_ip_address_crowdsec"
]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/ActionRouter/ActionRoutingController.php
public const ACTION_REST = 3;
private ?ActionExecutor $executor = null;
protected function run() {
( new CaptureRedirects() )->run();
( new CapturePluginAction() )->execute();
( new CaptureAjaxAction() )->execute();
( new CaptureRestApiAction() )->execute();
}
/**
* @throws Exceptions\ActionDoesNotExistException
* @throws Exceptions\ActionException
* @throws Exceptions\ActionTypeDoesNotExistException
* @throws Exceptions\SecurityAdminRequiredException
* @throws Exceptions\InvalidActionNonceException
*/
public function action( string $classOrSlug, array $data = [], int $type = self::ACTION_SHIELD ) :RoutedResponse {
return $this->getExecutor()->execute( $classOrSlug, $data, $type );
}
/**
* @internal Transition helper so capture classes can avoid routing recursion.
*/
public function executor() :ActionExecutor {
return $this->getExecutor();
}
/**
* This is an alias for calling the Render action directly
*/
public function render( string $classOrSlug, array $data = [] ) :string {
try {
$payload = $this->action(
Actions\Render::class,
[
'render_action_slug' => $classOrSlug,
'render_action_data' => $data,
]
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\FullPageDisplay\DisplayBlockPage"
array:1 [
"render_slug" => "render_block_ip_address_crowdsec"
]
2
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/Rules/Responses/DisplayBlockPage.php
use Traits\IsTerminating;
public const SLUG = 'display_block_page';
public function execResponse() :void {
$hook = $this->p->hook;
if ( empty( $hook ) ) {
$this->displayPage();
}
else {
add_action( $hook, function () {
$this->displayPage();
}, $this->p->priority, 0 );
}
}
private function displayPage() {
self::con()->action_router->action( DisplayBlockPageAction::class, [
'render_slug' => $this->p->block_page_slug,
] );
}
public function getParamsDef() :array {
$blockPageSlugs = DisplayBlockPageAction::allowedRenderSlugs();
$blockPages = [
Block\BlockIpAddressShield::SLUG => 'IP Block Page (Shield)',
Block\BlockIpAddressCrowdsec::SLUG => 'IP Block Page (CrowdSec)',
Block\BlockFirewall::SLUG => 'Firewall Block Page',
Block\BlockAuthorFishing::SLUG => 'Author Fishing Block Page',
Block\BlockPageSiteBlockdown::SLUG => 'Site Locked Down Block Page',
Block\BlockTrafficRateLimitExceeded::SLUG => 'Traffic Rate Limit Exceeded Block Page',
];
return [
'block_page_slug' => [
'type' => EnumParameters::TYPE_ENUM,
'type_enum' => $blockPageSlugs,
'enum_labels' => \array_intersect_key( $blockPages, \array_flip( $blockPageSlugs ) ),
'label' => __( 'Block Page', 'wp-simple-firewall' ),
],
Arguments
"FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\FullPageDisplay\DisplayBlockPage"
array:1 [
"render_slug" => "render_block_ip_address_crowdsec"
]
/home/jackson/public_html/wp-content/plugins/wp-simple-firewall/src/Rules/Responses/DisplayBlockPage.php
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\FullPageDisplay\DisplayBlockPage as DisplayBlockPageAction;
use FernleafSystems\Wordpress\Plugin\Shield\ActionRouter\Actions\Render\FullPage\{
Block,
};
use FernleafSystems\Wordpress\Plugin\Shield\Rules\Enum\EnumParameters;
class DisplayBlockPage extends Base {
use Traits\IsTerminating;
public const SLUG = 'display_block_page';
public function execResponse() :void {
$hook = $this->p->hook;
if ( empty( $hook ) ) {
$this->displayPage();
}
else {
add_action( $hook, function () {
$this->displayPage();
}, $this->p->priority, 0 );
}
}
private function displayPage() {
self::con()->action_router->action( DisplayBlockPageAction::class, [
'render_slug' => $this->p->block_page_slug,
] );
}
public function getParamsDef() :array {
$blockPageSlugs = DisplayBlockPageAction::allowedRenderSlugs();
$blockPages = [
Block\BlockIpAddressShield::SLUG => 'IP Block Page (Shield)',
Block\BlockIpAddressCrowdsec::SLUG => 'IP Block Page (CrowdSec)',
Block\BlockFirewall::SLUG => 'Firewall Block Page',
Block\BlockAuthorFishing::SLUG => 'Author Fishing Block Page',
Block\BlockPageSiteBlockdown::SLUG => 'Site Locked Down Block Page',
Block\BlockTrafficRateLimitExceeded::SLUG => 'Traffic Rate Limit Exceeded Block Page',
];
/home/jackson/public_html/wp-includes/class-wp-hook.php
$nesting_level = $this->nesting_level++;
$this->iterations[ $nesting_level ] = $this->priorities;
$num_args = count( $args );
do {
$this->current_priority[ $nesting_level ] = current( $this->iterations[ $nesting_level ] );
$priority = $this->current_priority[ $nesting_level ];
foreach ( $this->callbacks[ $priority ] as $the_ ) {
if ( ! $this->doing_action ) {
$args[0] = $value;
}
// Avoid the array_slice() if possible.
if ( 0 === $the_['accepted_args'] ) {
$value = call_user_func( $the_['function'] );
} elseif ( $the_['accepted_args'] >= $num_args ) {
$value = call_user_func_array( $the_['function'], $args );
} else {
$value = call_user_func_array( $the_['function'], array_slice( $args, 0, $the_['accepted_args'] ) );
}
}
} while ( false !== next( $this->iterations[ $nesting_level ] ) );
unset( $this->iterations[ $nesting_level ] );
unset( $this->current_priority[ $nesting_level ] );
--$this->nesting_level;
return $value;
}
/**
* Calls the callback functions that have been added to an action hook.
*
* @since 4.7.0
/home/jackson/public_html/wp-includes/class-wp-hook.php
} while ( false !== next( $this->iterations[ $nesting_level ] ) );
unset( $this->iterations[ $nesting_level ] );
unset( $this->current_priority[ $nesting_level ] );
--$this->nesting_level;
return $value;
}
/**
* Calls the callback functions that have been added to an action hook.
*
* @since 4.7.0
*
* @param array $args Parameters to pass to the callback functions.
*/
public function do_action( $args ) {
$this->doing_action = true;
$this->apply_filters( '', $args );
// If there are recursive calls to the current action, we haven't finished it until we get to the last one.
if ( ! $this->nesting_level ) {
$this->doing_action = false;
}
}
/**
* Processes the functions hooked into the 'all' hook.
*
* @since 4.7.0
*
* @param array $args Arguments to pass to the hook callbacks. Passed by reference.
*/
public function do_all_hook( &$args ) {
$nesting_level = $this->nesting_level++;
$this->iterations[ $nesting_level ] = $this->priorities;
do {
$priority = current( $this->iterations[ $nesting_level ] );
Arguments
/home/jackson/public_html/wp-includes/plugin.php
if ( ! isset( $wp_filter[ $hook_name ] ) ) {
if ( isset( $wp_filter['all'] ) ) {
array_pop( $wp_current_filter );
}
return;
}
if ( ! isset( $wp_filter['all'] ) ) {
$wp_current_filter[] = $hook_name;
}
if ( empty( $arg ) ) {
$arg[] = '';
} elseif ( is_array( $arg[0] ) && 1 === count( $arg[0] ) && isset( $arg[0][0] ) && is_object( $arg[0][0] ) ) {
// Backward compatibility for PHP4-style passing of `array( &$this )` as action `$arg`.
$arg[0] = $arg[0][0];
}
$wp_filter[ $hook_name ]->do_action( $arg );
array_pop( $wp_current_filter );
}
/**
* Calls the callback functions that have been added to an action hook, specifying arguments in an array.
*
* @since 2.1.0
*
* @see do_action() This function is identical, but the arguments passed to the
* functions hooked to `$hook_name` are supplied using an array.
*
* @global WP_Hook[] $wp_filter Stores all of the filters and actions.
* @global int[] $wp_actions Stores the number of times each action was triggered.
* @global string[] $wp_current_filter Stores the list of current filters with the current one last.
*
* @param string $hook_name The name of the action to be executed.
* @param array $args The arguments supplied to the functions hooked to `$hook_name`.
*/
function do_action_ref_array( $hook_name, $args ) {
Arguments
/home/jackson/public_html/wp-settings.php
if ( ! class_exists( 'WP_Site_Health' ) ) {
require_once ABSPATH . 'wp-admin/includes/class-wp-site-health.php';
}
WP_Site_Health::get_instance();
// Set up current user.
$GLOBALS['wp']->init();
/**
* Fires after WordPress has finished loading but before any headers are sent.
*
* Most of WP is loaded at this stage, and the user is authenticated. WP continues
* to load on the {@see 'init'} hook that follows (e.g. widgets), and many plugins instantiate
* themselves on it for all sorts of reasons (e.g. they need a user, a taxonomy, etc.).
*
* If you wish to plug an action once WP is loaded, use the {@see 'wp_loaded'} hook below.
*
* @since 1.5.0
*/
do_action( 'init' );
// Check site status.
if ( is_multisite() ) {
$file = ms_site_check();
if ( true !== $file ) {
require $file;
die();
}
unset( $file );
}
/**
* This hook is fired once WP, all plugins, and the theme are fully loaded and instantiated.
*
* Ajax requests should use wp-admin/admin-ajax.php. admin-ajax.php can handle requests for
* users not logged in.
*
* @link https://developer.wordpress.org/plugins/javascript/ajax
*
* @since 3.0.0
Arguments
/home/jackson/public_html/wp-config.php
// Turn off the display of error messages on your site
define('WP_DEBUG_DISPLAY', true);
define('FS_METHOD', 'direct');
define('WP_MEMORY_LIMIT', '128M');
/*
@ini_set( 'upload_max_size' , '128M' );
@ini_set( 'post_max_size', '128M');
@ini_set( 'memory_limit', '128M' );
@ini_set( 'max_execution_time', '600' ); */
/* That's all, stop editing! Happy publishing. */
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', dirname( __FILE__ ) . '/' );
}
/** Sets up WordPress vars and included files. */
require_once( ABSPATH . 'wp-settings.php' );
Arguments
"/home/jackson/public_html/wp-settings.php"
/home/jackson/public_html/wp-load.php
* Initialize error reporting to a known set of levels.
*
* This will be adapted in wp_debug_mode() located in wp-includes/load.php based on WP_DEBUG.
* @see https://www.php.net/manual/en/errorfunc.constants.php List of known error levels.
*/
error_reporting( E_CORE_ERROR | E_CORE_WARNING | E_COMPILE_ERROR | E_ERROR | E_WARNING | E_PARSE | E_USER_ERROR | E_USER_WARNING | E_RECOVERABLE_ERROR );
}
/*
* If wp-config.php exists in the WordPress root, or if it exists in the root and wp-settings.php
* doesn't, load wp-config.php. The secondary check for wp-settings.php has the added benefit
* of avoiding cases where the current directory is a nested installation, e.g. / is WordPress(a)
* and /blog/ is WordPress(b).
*
* If neither set of conditions is true, initiate loading the setup process.
*/
if ( file_exists( ABSPATH . 'wp-config.php' ) ) {
/** The config file resides in ABSPATH */
require_once ABSPATH . 'wp-config.php';
} elseif ( @file_exists( dirname( ABSPATH ) . '/wp-config.php' ) && ! @file_exists( dirname( ABSPATH ) . '/wp-settings.php' ) ) {
/** The config file resides one level above ABSPATH but is not part of another installation */
require_once dirname( ABSPATH ) . '/wp-config.php';
} else {
// A config file doesn't exist.
define( 'WPINC', 'wp-includes' );
require_once ABSPATH . WPINC . '/version.php';
require_once ABSPATH . WPINC . '/compat.php';
require_once ABSPATH . WPINC . '/load.php';
// Check for the required PHP version and for the MySQL extension or a database drop-in.
wp_check_php_mysql_versions();
// Standardize $_SERVER variables across setups.
wp_fix_server_vars();
Arguments
"/home/jackson/public_html/wp-config.php"
/home/jackson/public_html/wp-blog-header.php
<?php
/**
* Loads the WordPress environment and template.
*
* @package WordPress
*/
if ( ! isset( $wp_did_header ) ) {
$wp_did_header = true;
// Load the WordPress library.
require_once __DIR__ . '/wp-load.php';
// Set up the WordPress query.
wp();
// Load the theme template.
require_once ABSPATH . WPINC . '/template-loader.php';
}
Arguments
"/home/jackson/public_html/wp-load.php"
/home/jackson/public_html/index.php
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';
Arguments
"/home/jackson/public_html/wp-blog-header.php"