Nathanwoodburn.github.io/libraries/API_connect.php

292 lines
7.9 KiB
PHP
Raw Normal View History

2021-08-30 15:06:36 +10:00
<?php
require_once('Crypto.php');
require_once('browser.php');
class API_connect
{
protected $site = "";
protected $get_api;
protected $api_url;
private $rootApiUri;
public function __construct($url = "")
{
if ($url == "") {
$this->api_url = CZ_API_URL;
} else {
$this->api_url = $url;
}
}
public function ping()
{
$dataArray = array();
return $this->send_request("ping", $dataArray);
}
public function report_update()
{
return true;
$ak = $this->get_end_point_url(FALSE);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $ak . 'ak.php');
curl_setopt($ch, CURLOPT_POST, FALSE);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Cz-Setup: true'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
echo_debug('cURL Executed');
echo_debug('cURL Error >> ' . curl_error($ch));
echo_debug("<pre style='border: 2px solid #000; padding: 20px;'>$output</pre>");
curl_close($ch);
echo_debug('cURLd');
$resp = $output;
$resp = json_decode($resp);
if (isset($resp->code) && $resp->code == 1) {
return TRUE;
} else {
return FALSE;
}
}
protected function get_end_point_url($api = TRUE)
{
$current_url = $this->getHttpsPrefix();
$current_url .= str_replace(realpath($_SERVER["DOCUMENT_ROOT"]), $_SERVER['HTTP_HOST'], realpath(dirname(dirname(__FILE__))));
if ($api) {
$current_url .= '/api.php';
} else {
$current_url .= '/';
}
$current_url = rtrim($current_url, '/');
return $current_url;
}
public function setRootApiUri($rootApiUri)
{
if ($rootApiUri == false) {
return false;
}
$subFolderIfAny = str_replace($_SERVER['DOCUMENT_ROOT'], '', $rootApiUri);
$current_url = $this->getHttpsPrefix();
$current_url .= rtrim($_SERVER['HTTP_HOST'], '/') . '/' . ltrim($subFolderIfAny, '/');
$this->rootApiUri = $current_url;
return;
}
protected function getHttpsPrefix(){
if (@$_SERVER['HTTPS'] == 'on' || @$_SERVER['SERVER_PORT'] == '443' || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) {
return "https://";
} else {
return "http://";
}
}
protected function is_request_from_astra()
{
$user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : "empty";
if (strpos($user_agent, "astra") !== false) {
return true;
}
return false;
}
public function setup()
{
$res = explode(".", CZ_ASTRA_CLIENT_VERSION);
$version['major'] = $res[0];
$version['minor'] = $res[1];
$version['patch'] = $res[2];
$client_api_url = !empty($this->rootApiUri) ? $this->rootApiUri : $this->get_end_point_url();
$dataArray = array(
"version" => $version,
"client_api_url" => $client_api_url,
"platform" => CZ_PLATFORM,
);
/* print_r($dataArray); */
echo_debug('SETUP API Send Request');
echo_debug(serialize($dataArray));
return $this->send_request("setup", $dataArray);
}
public function custom_rule($action, $type, $ip_address = "")
{
$dataArray['rule_action'] = $action;
$dataArray['rule_type'] = $type;
$dataArray['ip_address'] = $ip_address;
return $this->send_request("custom_rule", $dataArray);
}
/*
public function custom_rule($action, $type, $ip_address = "") {
}
*
*/
public function hook_has_loggedin($dataArray = array())
{
if ($dataArray[0]['success'] === 1) {
return false;
}
require_once(__DIR__ . '/../Astra.php');
$astra = new Astra();
ASTRA::$_db->log_hit(ASTRA::$_ip);
$dataArray[0]['blocking'] = (ASTRA::$_db->is_blocked_or_trusted(ASTRA::$_ip, false, ASTRA::$_config) == "blocked") ? 1 : 0;
return true;
}
public function send_request($api = "", $dataArray = array(), $platform = "php")
{
if ($this->is_request_from_astra()) {
return false;
}
$callback = array($this, 'hook_' . $api);
if (is_callable($callback)) {
$hookResponse = call_user_func($callback, array($dataArray));
if (is_array($hookResponse)) {
$dataArray = $hookResponse;
}
}
$dataArray['client_key'] = CZ_CLIENT_KEY;
$dataArray['api'] = $api;
//$dataArray['site'] = $_SERVER['SERVER_NAME'];
$dataArray['site'] = $_SERVER['SERVER_NAME'];
if (!isset($dataArray['version'])) {
$dataArray['version'] = CZ_ASTRA_CLIENT_VERSION;
}
$browser = new Browser_Astra();
$browser_info['useragent'] = $browser->getUserAgent();
$browser_info['browser_name'] = $browser->getBrowser();
$browser_info['version'] = $browser->getVersion();
$browser_info['platform'] = $browser->getPlatform();
$browser_info['isMobile'] = $browser->isMobile();
$browser_info['isTablet'] = $browser->isTablet();
$dataArray['ip'] = ASTRA::$_ip;
if ($dataArray['ip'] == "") {
$dataArray['ip'] = "::1";
return false;
}
$dataArray['browser'] = $browser_info;
$dataArray['attack_url'] = htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES, 'UTF-8');
echo_debug($this->api_url);
echo_debug($dataArray);
$str = serialize($dataArray);
$crypto = new Astra_crypto();
$encrypted_data = $crypto->encrypt($str, CZ_SECRET_KEY);
if ($platform == "wordpress") {
$post_param = array(
"encRequest" => $encrypted_data,
"access_code" => CZ_ACCESS_KEY,
);
$response = wp_remote_post($this->api_url, array(
'method' => 'POST',
'timeout' => 5,
'redirection' => 5,
'httpversion' => '1.0',
'blocking' => true,
'headers' => array(),
'body' => $post_param,
'cookies' => array()
)
);
if (is_wp_error($response) || (isset($response['body']) && is_wp_error($response['body']))) {
return true;
}
$resp = $response['body'];
} else {
echo_debug('cURLing');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->api_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "encRequest=" . $encrypted_data . "&access_code=" . CZ_ACCESS_KEY);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 5); //timeout in seconds
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$output = curl_exec($ch);
echo_debug('cURL Executed');
echo_debug('cURL Error >> ' . curl_error($ch));
echo_debug("<pre style='border: 2px solid #000; padding: 20px;'>$output</pre>");
if (curl_error($ch)) {
$error_msg = curl_error($ch);
}
curl_close($ch);
echo_debug('cURLd');
$resp = $output;
}
$resp = json_decode($resp);
if (isset($error_msg)) {
//echo $error_msg;
}
//var_dump($output);
if (isset($resp->code) && $resp->code == 1) {
return TRUE;
} else {
return FALSE;
}
}
}
/* End of file api_connect.php */
?>