CleanTalk · alexandergull · Oct 15, 2024 · Nov 15, 2024 · Nov 16, 2024 · Nov 16, 2024
diff --git a/css/spbc-settings.min.css b/css/spbc-settings.min.css
diff --git a/css/src/spbc-settings.css b/css/src/spbc-settings.css
@@ -55,6 +55,7 @@
 
 .spbc---gray{color: gray;}
 .spbc---red{color: red;}
+.spbc---green{color: green;}
 
 .spbc_bold{font-weight: 800;}
 

diff --git a/inc/spbc-admin.php b/inc/spbc-admin.php
@@ -1,19 +1,18 @@
 <?php
 
 use CleantalkSP\SpbctWP\AdjustToEnvironmentModule\AdjustToEnvironmentHandler;
+use CleantalkSP\SpbctWP\CleantalkSettingsTemplates;
 use CleantalkSP\SpbctWP\Cron;
-use CleantalkSP\SpbctWP\LinkConstructor;
-use CleantalkSP\SpbctWP\Scanner\Cure;
 use CleantalkSP\SpbctWP\Escape;
-use CleantalkSP\Variables\Post;
-use CleantalkSP\Variables\Server;
-use CleantalkSP\SpbctWP\Firewall\WAF;
+use CleantalkSP\SpbctWP\LinkConstructor;
 use CleantalkSP\SpbctWP\ListTable;
+use CleantalkSP\SpbctWP\Scanner\Cure;
+use CleantalkSP\SpbctWP\Scanner\OSCron\Storages\OsCronTasksStorage;
 use CleantalkSP\SpbctWP\Scanner\ScannerQueue;
-use CleantalkSP\SpbctWP\CleantalkSettingsTemplates;
-use CleantalkSP\SpbctWP\G2FA\GoogleAuthenticator;
 use CleantalkSP\SpbctWP\Variables\Cookie;
 use CleantalkSP\SpbctWP\VulnerabilityAlarm\VulnerabilityAlarm;
+use CleantalkSP\Variables\Post;
+use CleantalkSP\Variables\Server;
 
 // Settings page
 require_once('spbc-settings.php');
@@ -1059,13 +1058,16 @@ function spbc_set_malware_scan_warns()
         AND (pscan_processing_status <> "DONE")';
     $analysis_has_uncheked = (int)$wpdb->get_var($query) <> 0;
 
+    $oscron_has_dangerous = OsCronTasksStorage::getCountOfDangerousTasks();
+
     $spbc->data['display_scanner_warnings'] = array(
         'critical' => $critical_count,
         'signatures' => $signatures_count,
         'frontend' => $frontend_count,
         'analysis' => $analysis_has_dangerous,
-        'analysis_all_safe' => !$analysis_has_uncheked && !$analysis_has_dangerous,
-        'warn_on_admin_bar' => $critical_count || $frontend_count || $analysis_has_dangerous
+        'oscron' => $oscron_has_dangerous,
+        'analysis_all_safe' => !$analysis_has_uncheked && !$analysis_has_dangerous && !$oscron_has_dangerous,
+        'warn_on_admin_bar' => $critical_count || $frontend_count || $analysis_has_dangerous || $oscron_has_dangerous,
     );
     $spbc->notice_critical_files_warning = !empty($critical_count);
     $spbc->save('data');

diff --git a/inc/spbc-settings.php b/inc/spbc-settings.php
@@ -1,22 +1,23 @@
 <?php
 
 use CleantalkSP\SpbctWP\AdjustToEnvironmentModule\AdjustToEnvironmentSettings;
+use CleantalkSP\SpbctWP\API;
 use CleantalkSP\SpbctWP\Cron as SpbcCron;
+use CleantalkSP\SpbctWP\Escape;
+use CleantalkSP\SpbctWP\Helpers\Arr;
+use CleantalkSP\SpbctWP\Helpers\IP;
 use CleantalkSP\SpbctWP\HTTP\CDNHeadersChecker;
-use CleantalkSP\SpbctWP\Scanner\ScanningLog\ScanningLogFacade;
-use CleantalkSP\Variables\Post;
-use CleantalkSP\Variables\Server;
-use CleantalkSP\SpbctWP\API;
+use CleantalkSP\SpbctWP\LinkConstructor;
 use CleantalkSP\SpbctWP\ListTable;
 use CleantalkSP\SpbctWP\Scanner;
-use CleantalkSP\SpbctWP\Helpers\IP;
-use CleantalkSP\SpbctWP\Helpers\Arr;
-use CleantalkSP\SpbctWP\Helpers\CSV;
-use CleantalkSP\SpbctWP\Escape;
+use CleantalkSP\SpbctWP\Scanner\OSCron\Storages\OsCronTasksStorage;
+use CleantalkSP\SpbctWP\Scanner\OSCron\View\OSCronView;
+use CleantalkSP\SpbctWP\Scanner\ScanningLog\ScanningLogFacade;
+use CleantalkSP\SpbctWP\Variables\Cookie;
 use CleantalkSP\SpbctWP\Views\Settings;
 use CleantalkSP\SpbctWP\VulnerabilityAlarm\VulnerabilityAlarmView;
-use CleantalkSP\SpbctWP\Variables\Cookie;
-use CleantalkSP\SpbctWP\LinkConstructor;
+use CleantalkSP\Variables\Post;
+use CleantalkSP\Variables\Server;
 
 // Scanner AJAX actions
 require_once(SPBC_PLUGIN_DIR . 'inc/spbc-scanner.php');
@@ -677,6 +678,12 @@ function spbc_settings__register()
                                 'description'      => __('Will search for known malicious signatures in files. Unknown files will be shown in the results only if both options heuristic analysis and signature analysis are enabled.', 'security-malware-firewall'),
                                 'long_description' => true,
                             ),
+                            'scanner__os_cron_analysis'                    => array(
+                                'type'             => 'field',
+                                'title'            => Scanner\OSCron\View\OSCronLocale::getInstance()->settings__option_title,
+                                'description'      => Scanner\OSCron\View\OSCronLocale::getInstance()->settings__option_description,
+                                'long_description' => false,
+                            ),
                             'scanner__dir_exclusions_view'                        => array(
                                 'type'        => 'field',
                                 'input_type'  => 'textarea',
@@ -2922,6 +2929,33 @@ function spbc_field_scanner__prepare_data__analysis_log(&$table)
     }
 }
 
+/**
+ * Count found in os cron.
+ * @return int
+ */
+function spbc_scanner_oscron_count_found()
+{
+    return OSCronView::getCountOfTasksScanned();
+}
+
+/**
+ * Get data for oscron.
+ * @return array
+ */
+function spbc_scanner_oscron_get_scanned()
+{
+    return OsCronTasksStorage::getAsArray();
+}
+
+/**
+ * Prepare data for oscron.
+ * @param $table
+ */
+function spbc_scanner_oscron_prepare_data(&$table)
+{
+    $table = OSCronView::prepareTableData($table);
+}
+
 function spbc_field_scanner__prepare_data__files_quarantine(&$table)
 {
     global $spbc;
@@ -3290,6 +3324,10 @@ function spbc_field_scanner()
         echo '<span class="spbc_overall_scan_status_auto_cure">' . __('Curing', 'security-malware-firewall') . '</span> -> ';
     }
 
+    if ($spbc->settings['scanner__os_cron_analysis']) {
+        echo '<span class="spbc_overall_scan_status_os_cron_analysis">' . __('OS Cron Analysis', 'security-malware-firewall') . '</span> -> ';
+    }
+
     if ($spbc->settings['scanner__outbound_links']) {
         echo '<span class="spbc_overall_scan_status_outbound_links">' . __('Scanning links', 'security-malware-firewall') . '</span> -> ';
     }
@@ -3515,6 +3553,10 @@ function spbc_field_scanner__show_accordion($direct_call = false)
         $tables_files['unknown'] = $unknown_files_description;
     }
 
+    if ($spbc->settings['scanner__os_cron_analysis']) {
+        $tables_files['oscron'] = Scanner\OSCron\View\OSCronLocale::getInstance()->settings__accordion_tab_description;
+    }
+
     if ($spbc->settings['scanner__list_approved_by_cleantalk']) {
         $tables_files['approved_by_cloud'] = __('Approved by CleanTalk Team or Clout files list. To disable this list view, please disable the `Show approved by CleanTalk Cloud` option.', 'security-malware-firewall');
     }
@@ -3557,6 +3599,15 @@ function spbc_field_scanner__show_accordion($direct_call = false)
                 'files_listing',
             ),
         ),
+        'os_cron_analysis' => array(
+            'category_description' => __('OS Cron Analysis', 'security-malware-firewall'),
+            'types' => array(
+                'oscron',
+                'oscron_quarantined',
+                'oscron_approved',
+            ),
+            'display' => (bool) $spbc->settings['scanner__os_cron_analysis']
+        ),
         'pages' => array(
             'category_description' => __('Pages scan results', 'security-malware-firewall'),
             'types' => array(
@@ -3599,6 +3650,7 @@ function spbc_field_scanner__show_accordion($direct_call = false)
                 ($type_name === 'critical' && $spbc->data['display_scanner_warnings']['critical'])
                 || ($type_name === 'frontend_malware' && $spbc->data['display_scanner_warnings']['frontend'])
                 || ($type_name === 'analysis_log' && $spbc->data['display_scanner_warnings']['analysis'])
+                || ($type_name === 'oscron' && $spbc->data['display_scanner_warnings']['oscron'])
             ) {
                 $danger_dot = '<span class="red_dot"></span>';
             }
@@ -4034,6 +4086,29 @@ function spbc_list_table__get_args_by_type($table_type)
             $args['actions']['send'] = array('name' => 'Send for Analysis',);
             break;
 
+        case 'oscron':
+            $args = array_replace_recursive(
+                array(
+                    'func_data_total'   => 'spbc_scanner_oscron_count_found',
+                    'func_data_get'     => 'spbc_scanner_oscron_get_scanned',
+                    'func_data_prepare' => 'spbc_scanner_oscron_prepare_data',
+                    'if_empty_items'    => '<div class="notice notice-info spbc-icon-info" style="padding: 10px; margin: 10px 0px;">' . __('Crontab not found in the server environment or is unavailable to read/write.', 'security-malware-firewall') . '</div>',
+                    'columns'           => array(
+                        'id'         => array('heading' => 'id', 'width_percent' => 10),
+                        'status'    => array('heading' => 'Status', 'primary' => true, 'width_percent' => 15),
+                        'analysis_status'    => array('heading' => 'Analysis Status', 'width_percent' => 15),
+                        'command'    => array('heading' => 'Command', 'width_percent' => 35),
+                        'repeats'     => array('heading' => 'Repeats on', 'width_percent' => 15),
+                        'line_number'    => array('heading' => 'Line number', 'width_percent' => 10),
+                    ),
+                    'actions'           => array(
+                        'disable_oscron_task' => array('name' => Scanner\OSCron\View\OSCronLocale::getInstance()->action__disable_task,),
+                        'approve_oscron_task' => array('name' => Scanner\OSCron\View\OSCronLocale::getInstance()->action__approve_task,),
+                    ),
+                )
+            );
+            break;
+
         case 'approved':
             $args = array_replace_recursive(
                 $accordion_default_args,

diff --git a/js/spbc-react-bundle.js b/js/spbc-react-bundle.js
diff --git a/js/spbc-scanner-plugin.min.js b/js/spbc-scanner-plugin.min.js
diff --git a/js/spbc-scanner-plugin.min.js.map b/js/spbc-scanner-plugin.min.js.map
diff --git a/js/src/spbc-scanner-plugin.js b/js/src/spbc-scanner-plugin.js
@@ -22,6 +22,7 @@ class SpbcMalwareScanner {/* eslint-disable-line no-unused-vars */
         'schedule_send_heuristic_suspicious_files',
         'auto_cure_backup',
         'auto_cure',
+        'os_cron_analysis',
         'outbound_links',
         'frontend_analysis',
         'important_files_listing',

diff --git a/lib/CleantalkSP/Common/Helpers/HTTP.php b/lib/CleantalkSP/Common/Helpers/HTTP.php
@@ -94,8 +94,8 @@ public static function getResponseCode($url, $ignore_redirects = false)
         }
 
         $code = $http->setUrl($url)
-            ->setPresets($presets)
-            ->request();
+                     ->setPresets($presets)
+                     ->request();
 
         if (!empty($code['error'])) {
             return false;
@@ -325,10 +325,6 @@ public static function sortHostsByResponseTime($hosts)
      */
     public static function ping($host)
     {
-        if ($host === 'localhost' || !function_exists('fsockopen')) {
-            return 0.001;
-        }
-
         $starttime = microtime(true);
         $file      = @fsockopen($host, 80, $errno, $errstr, 1500 / 1000);
         $stoptime  = microtime(true);

diff --git a/lib/CleantalkSP/SpbctWP/ListTable.php b/lib/CleantalkSP/SpbctWP/ListTable.php
@@ -3,6 +3,8 @@
 namespace CleantalkSP\SpbctWP;
 
 use CleantalkSP\SpbctWP\Scanner\Cure;
+use CleantalkSP\SpbctWP\Scanner\OSCron\OSCronController;
+use CleantalkSP\SpbctWP\Scanner\OSCron\View\OSCronLocale;
 use CleantalkSP\Variables\Post;
 
 class ListTable
@@ -639,7 +641,9 @@ public static function ajaxRowActionHandler()
     {
         spbc_check_ajax_referer('spbc_secret_nonce', 'security');
 
-        if ( Post::get('add_action', null, 'word') !== 'restore' ) {
+        $ajax_action = Post::get('add_action', null, 'word');
+
+        if ( $ajax_action !== 'restore' && strpos($ajax_action, 'oscron_task') === false ) {
             $check_file_exist_result = self::spbcCheckFileExist();
 
             if (isset($check_file_exist_result['error'])) {
@@ -657,7 +661,7 @@ public static function ajaxRowActionHandler()
         }
 
         try {
-            switch ( Post::get('add_action', null, 'word') ) {
+            switch ( $ajax_action ) {
                 case 'approve':
                     self::ajaxRowActionHandlerApprove();
                     break;
@@ -694,6 +698,12 @@ public static function ajaxRowActionHandler()
                 case 'copy_file_info':
                     self::ajaxRowActionHandlerCopyFileInfo();
                     break;
+                case 'disable_oscron_task':
+                    self::ajaxRowActionHandlerDisableOSCronTask();
+                    break;
+                case 'approve_oscron_task':
+                    self::ajaxRowActionHandlerApproveOSCronTask();
+                    break;
                 default:
                     wp_send_json(array('temp_html' => '<div class="spbc-popup-msg popup--red">UNKNOWN ACTION</div>'));
             }
@@ -702,6 +712,50 @@ public static function ajaxRowActionHandler()
         }
     }
 
+    public static function ajaxRowActionHandlerApproveOSCronTask()
+    {
+        global $spbc;
+        if ( $spbc->data['license_trial'] == 1 ) {
+            wp_send_json(['error' => spbc_get_trial_restriction_notice(), 'hide_support_link' => '1']);
+        }
+        $result = OSCronController::approveTask(Post::get('id', null, 'word'));
+        if (true === $result) {
+            $out = array(
+                'html'              => '<div class="spbc-popup-msg popup--green">'
+                    . OSCronLocale::getInstance()->controller__task_approved
+                    . '</div>',
+                'success'           => true,
+                'color'             => 'black',
+                'background'        => 'rgba(110, 240, 110, 0.7)',
+            );
+            wp_send_json($out);
+        } else {
+            wp_send_json_error(esc_html($result));
+        }
+    }
+
+    public static function ajaxRowActionHandlerDisableOSCronTask()
+    {
+        global $spbc;
+        if ( $spbc->data['license_trial'] == 1 ) {
+            wp_send_json(['error' => spbc_get_trial_restriction_notice(), 'hide_support_link' => '1']);
+        }
+        $result = OSCronController::disableTask(Post::get('id', null, 'word'));
+        if (true === $result) {
+            $out = array(
+                'html'              => '<div class="spbc-popup-msg popup--red">'
+                    . OSCronLocale::getInstance()->controller__task_disabled
+                    . '</div>',
+                'success'           => true,
+                'color'             => 'black',
+                'background'        => 'rgba(240, 110, 110, 0.7)',
+            );
+            wp_send_json($out);
+        } else {
+            wp_send_json_error(esc_html($result));
+        }
+    }
+
     public static function ajaxRowActionHandlerApprove()
     {
         $out = spbc_scanner_file_approve(true, Post::get('id', null, 'word'));

diff --git a/lib/CleantalkSP/SpbctWP/Scanner/OSCron/OSCronController.php b/lib/CleantalkSP/SpbctWP/Scanner/OSCron/OSCronController.php
@@ -0,0 +1,52 @@
+<?php
+
+namespace CleantalkSP\SpbctWP\Scanner\OSCron;
+
+use CleantalkSP\SpbctWP\Scanner\OSCron\Storages\OsCronTasksStorage;
+use CleantalkSP\SpbctWP\Scanner\OSCron\View\OSCronLocale;
+
+class OSCronController
+{
+    /**
+     * Updates the status of a task and rewrites the cron tab file.
+     *
+     * @param string $uid The unique identifier of the task.
+     * @param string $status The new status of the task.
+     * @return string|true True if the operation is successful, error string otherwise
+     * @throws \Exception If an error occurs during the update.
+     */
+    private static function updateTask($uid, $status)
+    {
+        $task_to_change = OSCronTasksStorage::getById($uid);
+        $task_to_change->setStatus($status);
+        $result = OSCronModel::updateTaskOfStorageById($uid, $task_to_change);
+        if (false === $result) {
+            return OSCronLocale::getInstance()->error__task_not_found;
+        }
+        return OSCronModel::rewriteEnvCron();
+    }
+
+    /**
+     * Approves a task by its unique identifier.
+     *
+     * @param string $uid The unique identifier of the task.
+     * @return string|true True if the operation is successful, error string otherwise
+     * @throws \Exception If an error occurs during the approval.
+     */
+    public static function approveTask($uid)
+    {
+        return static::updateTask($uid, 'approved');
+    }
+
+    /**
+     * Disables a task by its unique identifier.
+     *
+     * @param string $uid The unique identifier of the task.
+     * @return string|true True if the operation is successful, error string otherwise
+     * @throws \Exception If an error occurs during the disablement.
+     */
+    public static function disableTask($uid)
+    {
+        return static::updateTask($uid, 'disabled');
+    }
+}