Created setup environment

2024-02-27 11:33:24 +01:00
parent 18820c7191
commit 40a3b93d4b
6 changed files with 25 additions and 122 deletions
--- a/bdp-kompass.php
+++ b/bdp-kompass.php
@@ -19,10 +19,7 @@ use Bdp\Modules\Seo\Seo;
 require_once dirname(__FILE__) . '/includes/setup.php';
 function bdp_plugin_install() {
-    Seo::setup();
+
    Calendar::setup();
    Security::setup();
    update_option('kompass_installation', true);
 }
@@ -30,11 +27,14 @@ function bdp_plugin_init() {
 	Security::ProhibitBots();
 	Security::SetPageFilters();
-	remove_menu_page( 'admin.php?page=limit-login-attempts&tab=dashboard' );
+	if (null == get_option('kompass_already_installed', null)) {
-	if ( get_option( 'kompass_installation' ) == true ) {
+		Seo::setup();
-		delete_option( 'kompass_installation' );
+		Calendar::setup();
 		Security::setup();
 		update_option('kompass_already_installed', true);
 		wp_redirect( 'site-health.php?tab=bdp_enhanced_security');
 	}
 }
 add_action('admin_menu', function () {
--- a/modules/firstusage/classes/Security.class.php
+++ b/modules/firstusage/classes/Security.class.php
@@ -1,84 +0,0 @@
 <?php
 namespace Bdp\Modules\Security;
 use ZipArchive;
 class Security
 {
    public const required_security_plugins = [];
    public const delete_plugins = [
        'akismet/akismet.php',
        'hello.php',
 	    'limit-login-attempts-reloaded',
 	    'wps-hide-login/wps-hide-login.php'
    ];
    public static function setup()
    {
 	    self::deletePlugins();
 	    foreach (self::required_security_plugins as $pluginSlug => $pluginData) {
 		    if (!is_dir(WP_PLUGIN_DIR . '/' . $pluginSlug)) {
 			    self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
 		    }
 	    }
 	    $loginUrl = get_option('whl_page', null) ?? 'bdp-login';
 	    enable_option_rewrite_url($loginUrl);
 	    enable_option_disable_xmlrpc();
 	    enable_option_block_authorscan();
 	    enable_option_block_execution_in_uploads();
 	    enable_option_prohibit_special_files();
 	    enable_option_file_editor();
 	    enable_option_disable_conatenation();
 	    enable_option_secure_include_dir();
 	    enable_option_prohibit_bot_access();
 	    enable_option_block_directory_listing();
    }
    public static function deletePlugins() {
        deactivate_plugins(self::delete_plugins);
        delete_plugins(self::delete_plugins);
    }
    public static function installSecurityPlugin(string $pluginSlug, string $downloadUrl) : bool
    {
        $ch = curl_init();
        $source = $downloadUrl;
        curl_setopt($ch, CURLOPT_URL, $source);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        $data = curl_exec ($ch);
        curl_close ($ch);
        $destination = WP_PLUGIN_DIR . '/' . $pluginSlug . '.zip';
        $file = fopen($destination, "w+");
        fputs($file, $data);
        fclose($file);
        $zip = new ZipArchive();
        $zip->open($destination);
        $zip->extractTo(WP_PLUGIN_DIR);
        $zip->close();
        unlink($destination);
        $pluginInfos = get_plugins( '/'.$pluginSlug );
        $installfile = $pluginSlug . '/';
        if( ! empty( $pluginInfos ) ) {
            foreach ($pluginInfos as $file => $info) :
                $installfile .= $file;
            endforeach;
        }
        $result = activate_plugin($installfile);
        return $result === null;
    }
 }
--- a/modules/firstusage/internal/index.php
+++ b/modules/firstusage/internal/index.php
@@ -1,22 +0,0 @@
 <?php
 echo '<div id="wpbody-content">';
 echo '<h1>Installation erfolgreich!</h1>';
 ?>
 <form method="post" action="admin.php?page=bdp-kompass%2Fmodules%2Findex.php&loadmodule=security">
    <div class="bdp_security_outer">
        <fieldset class="bdp_security_inner">
            <span style="font-weight: bold;">Herzlichen Glückwunsch!</span><br /><br />
            Das Plugin Kompass wurde soeben erfolgreich installiert.<br />Im Hintergrund wurden bereits erste Optimierungen an der Webseite vorgenommen, so wurde die Navcigation vereinfacht, und falls dies noch nicht der Fall war, wurde die Webseite mit einer suchmaschinenfreundlichen Struktur ausgestattet.<br />
            Es wurden bereits erste sicherheitsrelevante Plugins installiert. Du findest die Übersicht, welchePlugins aktiv sind, jederzeit <a href="plugins.php">hier</a><br /><br />
            Über die Kalender-Einstellungen kannst du den Kalender deines Stammes aus dem Wiki auf deiner Webseite einbinden, dieser erscheint dann automatisch unt er der Adresse <a href="<?php echo get_site_url() . '/kalender'; ?>"><?php echo get_site_url() . '/kalender'; ?></a><br /><br />
            Aus Sicherheitsgründen empfiehlt es sich, die Adresse zum Dashboard deiner Webseite ztu verschleiern. Ein hierfür notwendiges Plugin wurde automatisch installiert. Um dich zukünftig auf deiner Webseite einzuloggen, nutze folgende URL:<br />
            <label><?php echo get_site_url(); ?>/</label><input style="width: 250px;" class="long_text" type="text" name="login_url" id="login_url" required
                                                                value = "<?php echo get_option('whl_page', 'bdp_login'); ?>">
            <br /><input class="bdp_submit" type="submit" name="submit" value="Verändere diese URL noch einmal"><br /><br />
            Falls du zu diesem Plugin Anmerkungen oder Fragen hast, wende dich bitte an den LB IT.
        </fieldset>
    </div>
 </form>
--- a/modules/firstusage/security.php
+++ b/modules/firstusage/security.php
@@ -1,3 +0,0 @@
 <?php
 require_once dirname(__FILE__) . '/classes/Security.class.php';
--- a/modules/security/classes/Security.class.php
+++ b/modules/security/classes/Security.class.php
@@ -23,8 +23,11 @@ class Security
                self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
            }
        }
-
+		$loginUrl = get_option('kompass_sec_rewrite_login', null);
 		if (null == $loginUrl) {
 			$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
 		}
        enable_option_rewrite_url($loginUrl);
 	    enable_option_disable_xmlrpc();
 	    enable_option_block_authorscan();
@@ -35,11 +38,20 @@ class Security
 	    enable_option_secure_include_dir();
 	    enable_option_prohibit_bot_access();
 	    enable_option_block_directory_listing();
 		delete_option('whl_page');
    }
    public static function deletePlugins() {
-        deactivate_plugins(self::delete_plugins);
+		$existingPlugins = [];
-        delete_plugins(self::delete_plugins);
+		foreach (self::delete_plugins as $curPlugin) {
 			if (file_exists(WP_PLUGIN_DIR . '/' . $curPlugin)) {
 				$existingPlugins[] = $curPlugin;
 			}
 		}
 		deactivate_plugins($existingPlugins);
        delete_plugins($existingPlugins);
    }
 	public static function ProhibitBots() {
--- a/modules/security/includes/settings_writer.php
+++ b/modules/security/includes/settings_writer.php
@@ -57,13 +57,13 @@ function enable_option_secure_include_dir() : bool {
 function enable_option_prohibit_bot_access() {
    update_option('protect_wp_prohibit_bot_access', true);
 	if (count(get_prohibitedbot_list()) == 0) {
 		set_prohibitedbot_list(_protect_wp_initial_bot_list_array());
 	}
 }
 function disable_option_prohibit_bot_access() {
    update_option('protect_wp_prohibit_bot_access', false);
    if (count(get_prohibitedbot_list()) == 0) {
        set_prohibitedbot_list(_protect_wp_initial_bot_list_array());
    }
 }
 function set_prohibitedbot_list($botList) {
		`@@ -1,3 +0,0 @@`
			`<?php`

			`require_once dirname(__FILE__) . '/classes/Security.class.php';`